Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

problem with acl.middleware #45

Open
Pegase38 opened this Issue · 8 comments

4 participants

@Pegase38

Hello,

I try to execute an exemple like this :

var acl = require('acl');

acl = new acl(new acl.memoryBackend());

// error checking callback
var cb = function(err){
if(err) console.log(err);
}
acl.allow([{
roles: 'admin',
allows: [{
resources: 'db',
permissions: ['write', 'delete','read']
}]
},{
roles: 'user',
allows: [{
resources: 'home',
permissions: 'read'
}]
}],cb);

// assing user ids to roles
acl.addUserRoles("john","user",cb);
acl.addUserRoles("mary","admin",cb);

app.get('/home', acl.middleware(1, 'john', 'write'), home.index); // home.index is my route

and i got the following error :
Express
500 [object Object]
at new HttpError (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:489:11)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:532:14
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:685:13
at Object.MemoryBackend.union (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:78:7)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:679:22
at Object.MemoryBackend.union (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:78:7)
at Acl._checkPermissions (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:666:16)
at Acl.areAnyRolesAllowed (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:387:10)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:359:12
at Object.MemoryBackend.get (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:55:7)

How use this middleware to controle the route access?

Thanks for your help :)

@icompuiz

In your example, middleware will check if the user with id 'john' has 'write' permissions on the resource '/home'.

As I understand it, the resource node-acl will be checking against is '/home' with the leading slash rather than 'home' without the leading slash.

That said, in general resource names are just strings. If your resource name is 'xyz', that is fine. However, the middleware function expects resource names to be in a path format, with slashes.

@icompuiz

Also, unless you have some technical restrictions, I suggest you use the common HTTP verbs -- get, post, put, and delete -- rather than read, write, list, destroy.

@Pegase38

Thanks for your response.

I change the resource "home" for "/home", but still have this exception :
500 [object Object]
at new HttpError (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:489:11)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:532:14
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:685:13
at Object.MemoryBackend.union (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:78:7)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:679:22
at Object.MemoryBackend.union (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:76:7)
at Acl._checkPermissions (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:666:16)
at Acl.areAnyRolesAllowed (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:387:10)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:359:12
at Object.MemoryBackend.get (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:55:7)

It's appear when permission mismatch. Can i catch it to make a redirection to "unauthorization" page ?

@icompuiz

I have an idea of what it may be. addUserRoles is asynchronous, so you may need to wait until each add user role operation is complete before continuing to the next statement. I don't know if this is the proper form, but the idea is that you nest your statements in the callback functions.

I suggest you look at the async node library for how to tidy up asynchronous statements. Google: node async

@manast
Owner

You do not need async, all acl methods return promises, so you can use bluebird or whenjs

@icompuiz
@Pegase38

assume that my user doesn"t have any role. Why exception? and why it's works when he can access?

@danwit

I don't know if this is still a problem for op. But since this issue is still open, i'll try to help here anyways ;)

If you use express, maybe adding an error handler like this does the trick:

// You need this to correctly route the error middleware
app.use(app.router);
app.use(function(err, req, res, next) {
    // Move on if everything is alright
    if(!err) return next();
    // Something is wrong, inform user
    res.send( err.msg, err.errorCode );
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.