You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Aug 30, 2021. It is now read-only.
In every module, there is a policy file to be called
acl = new acl(new acl.memoryBackend());
I wonder if there are many modules then would it generates more than one instances. Currently I am working on the mongodb for the acl, which needs the mongodb database object directly.
So I am thinking there is a better to do it by
https://github.com/meanjs/mean/blob/master/config/lib/express.js
/**
* Initialize the Express application
*/
module.exports.init = function (db) {
this.initModulesServerPolicies(app,db);
}
/**
* Configure the modules ACL policies
*/
module.exports.initModulesServerPolicies = function (app, db) {
var mongoBackend = new acl.mongodbBackend(db, 'acl_');
var acl = new acl(mongoBackend);
// Globbing policy files
config.files.server.policies.forEach(function (policyPath) {
require(path.resolve(policyPath)).invokeRolesPolicies(acl);
});
};
https://github.com/meanjs/mean/blob/master/modules/users/server/policies/admin.server.policy.js
module policy file
exports.invokeRolesPolicies = function (acl) {
acl.allow([{
roles: ['admin'],
allows: [{
resources: '/api/users',
permissions: '*'
}, {
resources: '/api/users/:userId',
permissions: '*'
}]
}]);
};
The text was updated successfully, but these errors were encountered:
I wonder if there are many modules then would it generates more than one instances. Currently I am working on the mongodb for the acl, which needs the mongodb database object directly.
It sounds like you should do some tests first to see if this really helps performance before spending too much time on this. WDYT?
@helxsz Remember you will need the ACL for the isAllowed method. With this approach that could be tricky. I haven't looked at the MongoDB back-end option for the ACL library in detail.
For this configuration approach to work, you'd probably be better off refactoring the ACL policies to export a class-like object that retrieves the MongoDB backend end ACL object in it's constructor.
IMO, it would be better to not have this ACL logic inside the configuration. You could pass the db to the require statement instead. I'm not sure of the changes that would have to be made to the Policy files for this to work though.
@mleanos of course, ACL logic should be in the configuration but inside each module. However, Initializing the ACL middleware should do in the server configuration since db object is easily found in the configuration. Otherwise as you said, passing the 'db' object to the module
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
In every module, there is a policy file to be called
acl = new acl(new acl.memoryBackend());
I wonder if there are many modules then would it generates more than one instances. Currently I am working on the mongodb for the acl, which needs the mongodb database object directly.
So I am thinking there is a better to do it by
The text was updated successfully, but these errors were encountered: