node_acl icon indicating copy to clipboard operation
node_acl copied to clipboard

Published 20 hours ago verified publisher icon OptimalBits

isAllowed returns empty permission

Open macroramesh6 opened this issue 8 years ago • 3 comments

Thanks for the contribution for this package. I am new to this package I have added roles, resource, and permission. If I tried to use isAllowed returns null permission. my implementation is given below.

//added roles, resource and permissions here
acl.allow('employee', '/api/guestbook', ['put']);

//added roles to the user
acl.addUserRoles('58344ca87f75a7306fc67645', 'employee', function(err) {
});

//Here my custom middleware check.
acl.isAllowed('58344ca87f75a7306fc67645', '/api/guestbook', 'put', function(err, allowed){
    console.log(err, allowed); //null, false
});

Note: I have checked by removing \ from the resource. the backend is redis connection

My above check returns null, false it should be null, true. Did I miss anything in my implementation? am I on the right path?

macroramesh6 avatar Nov 29 '16 09:11 macroramesh6

I had the same problem, the issue is that you are effectively creating a role for every user rather than assigning a user to a role. I believe this is a valid use case but in your middleware check you are then querying for whether a user has the permission rather than whether the role has it. Instead you need to do this:-

acl.areAnyRolesAllowed('58344ca87f75a7306fc67645', '/api/guestbook', 'put', function(err, allowed){ console.log(err, allowed); //null, true });

deej81 avatar Jan 18 '17 14:01 deej81

I had the same problem.

pangff avatar Jul 10 '17 05:07 pangff

It's a Promise,include allow and addUserRoles,use as this: let allow = acl.allow([...]); allow.then(function(){ acl.addUserRoles() return Promise.resolve() }).then(function(){ acl.isAllowed() })

zh244135370 avatar Aug 25 '18 01:08 zh244135370