-
Notifications
You must be signed in to change notification settings - Fork 369
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Express middleware and params #192
Comments
@dottodot Think you're right and a bit confusing because the description suggest otherwise I'm having the same issues, can't find any reference in the code for such functionality. The code (https://github.com/OptimalBits/node_acl/blob/master/lib/acl.js#L883) will do a lookup for a bucket called
|
@dottodot , were you able to get it to work. I am also facing the same issue. I don't understand the solution given by @LukevdPalen . |
@gundalar I just created my own middleware to get round the problem. |
@dottodot Can you share the logic for handling multi-level params such as |
@serganus I don't actually have anything for multi-level params as I don't have any routes that have them but I think my middleware would work on all routes as I'm checking using
|
@dottodot, @serganus An another example to make your own acl middleware ;)
|
I solved it with a custom middleware as well for Express 4: const acl = require('../util/acl.util')
module.exports = resource => (req, res, next) => {
acl.isAllowed(req.session.userId, resource, req.method.toLowerCase(), (err, allowed) => {
if (err) return next(err)
if (!allowed) return res.status(403).send('Insufficient permissions to access resource')
next()
})
} Then used in this way: app.use('/api/users', authMiddleware, aclMiddleware('users'), userRouter) |
@wilk :) Hey, can you please elaborate what is authMiddleware & aclMiddleware? because i'm facing problem when i pass these two names. |
@saurabhh |
this is what I use for middleware function
|
For me addition of @LukevdPalen , Thanks, |
I'm a bit confused as to how to get the express middleware to work with params.
The documentation suggests you can add the middleware to route with params i.e.
however if I add a resource as
/blogs/:id
I get a insufficient permissions response.The text was updated successfully, but these errors were encountered: