loopback/lib/models/acl.js

/**
Schema ACL options

Object level permissions, for example, an album owned by a user

Factors to be authorized against:

* model name: Album
* model instance properties: userId of the album, friends, shared
* methods
* app and/or user ids/roles
 ** loggedIn
 ** roles
 ** userId
 ** appId
 ** none
 ** everyone
 ** relations: owner/friend/granted

Class level permissions, for example, Album
 * model name: Album
 * methods

URL/Route level permissions
 * url pattern
 * application id
 * ip addresses
 * http headers

Map to oAuth 2.0 scopes

*/

/*
var ACLEntrySchema = {
    principal: String, // Application/User/Role
    action: String, // READ/WRITE or method name
    allowed: Boolean // Positive or negative
}

var ACLSchema = {
    publicReadAccess: Boolean,
    publicWriteAccess: Boolean,
    permissions: [ACLEntrySchema],
    created: Date,
    modified: Date
}


var AccessLevel = [
 NotAllowed: 'Not Allowed', // Disabled
 // 'Allowed when Logged-in',
 Owner: 'Allow to Object Owner',
 Role: 'Users defined in a Role',
 Related: 'Any User with a relationship to the object',
 Authenticated: 'Allow to Any Logged In User',
 'Open'
];
*/

var ACLSchema = {
    model: String, // The model name
    properties: [String], // A list of property names
    methods: [String], // A list of methods
    users: [String], // A list of users
    roles: [String], // A list of roles
    permission: {type: String, enum: ['Allow', 'Deny']}, // Allow/Deny
    status: String, // Enabled/disabled
    created: Date,
    modified: Date
};

// readAccess, writeAccess --> public, userId, role

module.exports = function(dataSource) {
    dataSource = dataSource || new require('loopback-datasource-juggler').ModelBuilder();
    var ACL = dataSource.define('ACL', ACLSchema);
    return ACL;
};
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`/**`
			`Schema ACL options`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`Object level permissions, for example, an album owned by a user`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`Factors to be authorized against:`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`* model name: Album`
			`* model instance properties: userId of the album, friends, shared`
			`* methods`
			`* app and/or user ids/roles`
			`** loggedIn`
			`** roles`
			`** userId`
			`** appId`
			`** none`
			`** everyone`
			`** relations: owner/friend/granted`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more information to the logical models 2013-07-01 18:51:28 +00:00			`Class level permissions, for example, Album`
			`* model name: Album`
			`* methods`
Added bcrypt for password hashing 2013-07-15 21:07:17 +00:00
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`URL/Route level permissions`
			`* url pattern`
			`* application id`
			`* ip addresses`
			`* http headers`
Added bcrypt for password hashing 2013-07-15 21:07:17 +00:00
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`Map to oAuth 2.0 scopes`
Add schema skeletons for built-in models 2013-06-26 23:25:51 +00:00
Add more info to the models 2013-07-01 22:53:10 +00:00			`*/`
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00
Update ACL model 2013-10-28 17:44:05 +00:00			`/*`
			`var ACLEntrySchema = {`
			`principal: String, // Application/User/Role`
			`action: String, // READ/WRITE or method name`
			`allowed: Boolean // Positive or negative`
			`}`

			`var ACLSchema = {`
			`publicReadAccess: Boolean,`
			`publicWriteAccess: Boolean,`
			`permissions: [ACLEntrySchema],`
			`created: Date,`
			`modified: Date`
			`}`


			`var AccessLevel = [`
			`NotAllowed: 'Not Allowed', // Disabled`
			`// 'Allowed when Logged-in',`
			`Owner: 'Allow to Object Owner',`
			`Role: 'Users defined in a Role',`
			`Related: 'Any User with a relationship to the object',`
			`Authenticated: 'Allow to Any Logged In User',`
			`'Open'`
			`];`
			`*/`

Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`var ACLSchema = {`
			`model: String, // The model name`
			`properties: [String], // A list of property names`
			`methods: [String], // A list of methods`
Update ACL model 2013-10-28 17:44:05 +00:00			`users: [String], // A list of users`
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`roles: [String], // A list of roles`
			`permission: {type: String, enum: ['Allow', 'Deny']}, // Allow/Deny`
			`status: String, // Enabled/disabled`
			`created: Date,`
			`modified: Date`
Update ACL model 2013-10-28 17:44:05 +00:00			`};`
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00
			`// readAccess, writeAccess --> public, userId, role`

			`module.exports = function(dataSource) {`
Rename 'loopback-data' to 'loopback-datasource-juggler' 2013-07-30 21:26:49 +00:00			`dataSource = dataSource \|\| new require('loopback-datasource-juggler').ModelBuilder();`
Add more functions and tests for Application model 2013-07-18 18:44:25 +00:00			`var ACL = dataSource.define('ACL', ACLSchema);`
			`return ACL;`
Update ACL model 2013-10-28 17:44:05 +00:00			`};`