If a role does not have permission over a certain resource, the lib crashes #11

Closed
syedhashmi opened this Issue Aug 31, 2012 · 4 comments

Comments

Projects
None yet
2 participants

If a role does not have permission over a certain resource, the lib crashes with the following stacktrace:

TypeError: Cannot read property 'length' of undefined
at E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\acl.js:677:28
at Object.union (E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\memory-backend.js:78:7)
at E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\acl.js:674:22
at Object.union (E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\memory-backend.js:76:7)
at [object Object]._checkPermissions (E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\acl.js:661:16)
at [object Object].areAnyRolesAllowed (E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\acl.js:382:10)
at E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\acl.js:354:12
at Object.get (E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\memory-backend.js:55:7)
at [object Object].isAllowed (E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\acl.js:350:16)
at E:\SoftwareVenture\Projects\NodeMobileBackend\mobileshopper\moobs\node_modules\acl\lib\acl.js:519:9

Please have a look.

Owner

manast commented Sep 1, 2012

could you please provide a minimal example that reproduces the error, I wrote a few test cases but they did not trigger the crash.

Here we go ...

run the app and try to access: http://localhost:3000/test/securelink to
get the error.

As you see, user1 has only given 'put' access to '/test' so he cannot do
'get' calls. In this case, the lib crashes. If a user is allowed get, that
path works fine.

On Sat, Sep 1, 2012 at 6:38 PM, Manuel Astudillo
notifications@github.comwrote:

could you please provide a minimal example that reproduces the error, I
wrote a few test cases but they did not trigger the crash.


Reply to this email directly or view it on GitHubhttps://github.com/OptimalBits/node_acl/issues/11#issuecomment-8212945.

Owner

manast commented Sep 1, 2012

Sorry but I cannot run your local server from here... I was asking for a piece of source code that triggers the error.

here we go ...

ensureAuthenticated = function(req, res, next) {
// for minmal repro purpose, I am hardcoding session and user name here ...
// in real app it comes from the session layer
req.session = {};
req.session.userId = 'user1';
myacl.addUserRoles('user1', 'user', function(err) {
return next();
});

}

app.get('/test/securelink', ensureAuthenticated, myacl.middleware(1),
function(req, res){ >>> Call to myacl.middleware(1) triggers error.
res.send('/secure.html');
});

On Sat, Sep 1, 2012 at 8:45 PM, Manuel Astudillo
notifications@github.comwrote:

Sorry but I cannot run your local server from here... I was asking for a
piece of source code that triggers the error.


Reply to this email directly or view it on GitHubhttps://github.com/OptimalBits/node_acl/issues/11#issuecomment-8214014.

manast closed this in c5753c8 Sep 1, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment