Marcus Williams

I still a bit confused. If I have the following policies ``` UserController: { '*': [ 'basicAuth', 'passport', 'sessionAuth', 'ModelPolicy', 'AuditPolicy', 'OwnerPolicy', 'PermissionPolicy', 'RolePolicy', 'CriteriaPolicy' ], 'find': [ 'basicAuth', 'passport',...

Also as an experiment I've tried with the Role controller setting policy for read to owner returns no results, and setting it to role does, so policies seem to work...

Also my custom findOne for users also returns the correct response i.e users can only view themselves, so it seems it's an issue with just custom find.

Think this issue might be related to https://github.com/tjwebb/sails-permissions/issues/212 ``` findTargetObjects: function findTargetObjects(req) { // handle add/remove routes that have :parentid as the primary key field var originalId; if (req.params.parentid) {...

OK thanks for letting me know, massively disappointing though.

Are you able to provide any information on this. At present it's unusable if it's not possible to grant public/anonymous users access to certain things.

OK I've realised what's happening now. The sessionAuth policy is requiring the user to be logged in so no matter what permissions are set up they must be logged in...

I'm looking for the same thing. I was hoping using `req.login` after the user was created would work but I get an error of `[Error: passport.initialize() middleware not in use]`

I just using https://github.com/oscarhaggerty/Backbone.Sails which defaults to using socket requests rather that ajax. So this is what causes the error. Changing the setting to just ajax request resolves the issue.

Sorry could you expand on what you mean as I'm not familiar with the use of req.model