loopback/lib/models/acl.js

/**
Schema ACL options

Object level permissions, for example, an album owned by a user

Factors to be authorized against:

* model name: Album
* model instance properties: userId of the album, friends, shared
* methods
* app and/or user ids/roles
 ** loggedIn
 ** roles
 ** userId
 ** appId
 ** none
 ** everyone
 ** relations: owner/friend/granted

Class level permissions, for example, Album
 * model name: Album
 * methods

URL/Route level permissions
 * url pattern
 * application id
 * ip addresses
 * http headers

Map to oAuth 2.0 scopes

*/

var loopback = require('loopback');

var ACLEntrySchema = {
    /**
     * Type of the principal - Application/User/Role
     */
    principalType: String,
    /**
     * Id of the principal - such as appId, userId or roleId
     */
    principalId: String,

    /**
     * Name of the access type - READ/WRITE/EXEC
     */
    accessType: String,

    /**
     * ALARM - Generate an alarm, in a system dependent way, the access specified in the permissions component of the ACL entry.
     * ALLOW - Explicitly grants access to the resource.
     * AUDIT - Log, in a system dependent way, the access specified in the permissions component of the ACL entry.
     * DENY - Explicitly denies access to the resource.
     */
    permission: String
};

var AccessSchema = {
    publicReadAccess: Boolean,
    publicWriteAccess: Boolean,
    publicExecAccess: Boolean,
    permissions: [ACLEntrySchema]
};

var ACLSchema = {
    /**
     * Resource
     */
    model: String, // The name of the model
    property: String, // The name of the property
    method: String, // The name of the method

    access: AccessSchema, // The access

    status: String,
    created: Date,
    modified: Date
};


var ACL = loopback.createModel('ACL', ACLSchema);

module.exports = ACL;
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`/**`
			`Schema ACL options`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`Object level permissions, for example, an album owned by a user`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`Factors to be authorized against:`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`* model name: Album`
			`* model instance properties: userId of the album, friends, shared`
			`* methods`
			`* app and/or user ids/roles`
			`** loggedIn`
			`** roles`
			`** userId`
			`** appId`
			`** none`
			`** everyone`
			`** relations: owner/friend/granted`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`Class level permissions, for example, Album`
			`* model name: Album`
			`* methods`
Added bcrypt for password hashing 2013-07-15 21:07:17 +00:00
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`URL/Route level permissions`
			`* url pattern`
			`* application id`
			`* ip addresses`
			`* http headers`
Added bcrypt for password hashing 2013-07-15 21:07:17 +00:00
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`Map to oAuth 2.0 scopes`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more info to the models 2013-07-01 22:53:10 +00:00			`*/`
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00
Update acl/role models 2013-11-04 21:19:02 +00:00			`var loopback = require('loopback');`

Update ACL model 2013-10-28 17:44:05 +00:00			`var ACLEntrySchema = {`
Update acl/role models 2013-11-04 21:19:02 +00:00			`/**`
			`* Type of the principal - Application/User/Role`
			`*/`
			`principalType: String,`
			`/**`
			`* Id of the principal - such as appId, userId or roleId`
			`*/`
			`principalId: String,`
Update ACL model 2013-10-28 17:44:05 +00:00
Update acl/role models 2013-11-04 21:19:02 +00:00			`/**`
			`* Name of the access type - READ/WRITE/EXEC`
			`*/`
			`accessType: String,`

			`/**`
			`* ALARM - Generate an alarm, in a system dependent way, the access specified in the permissions component of the ACL entry.`
			`* ALLOW - Explicitly grants access to the resource.`
			`* AUDIT - Log, in a system dependent way, the access specified in the permissions component of the ACL entry.`
			`* DENY - Explicitly denies access to the resource.`
			`*/`
			`permission: String`
			`};`

			`var AccessSchema = {`
Update ACL model 2013-10-28 17:44:05 +00:00			`publicReadAccess: Boolean,`
			`publicWriteAccess: Boolean,`
Update acl/role models 2013-11-04 21:19:02 +00:00			`publicExecAccess: Boolean,`
			`permissions: [ACLEntrySchema]`
			`};`
Update ACL model 2013-10-28 17:44:05 +00:00
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`var ACLSchema = {`
Update acl/role models 2013-11-04 21:19:02 +00:00			`/**`
			`* Resource`
			`*/`
			`model: String, // The name of the model`
			`property: String, // The name of the property`
			`method: String, // The name of the method`

			`access: AccessSchema, // The access`

			`status: String,`
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`created: Date,`
			`modified: Date`
Update ACL model 2013-10-28 17:44:05 +00:00			`};`
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00

Update acl/role models 2013-11-04 21:19:02 +00:00			`var ACL = loopback.createModel('ACL', ACLSchema);`

			`module.exports = ACL;`