Update acl/role models

lib/models/acl.js

@@ -31,49 +31,55 @@ Map to oAuth 2.0 scopes
 
 */
 
-/*
+var loopback = require('loopback');
-var ACLEntrySchema = {
-    principal: String, // Application/User/Role
-    action: String, // READ/WRITE or method name
-    allowed: Boolean // Positive or negative
-}
 
-var ACLSchema = {
+var ACLEntrySchema = {
+    /**
+     * Type of the principal - Application/User/Role
+     */
+    principalType: String,
+    /**
+     * Id of the principal - such as appId, userId or roleId
+     */
+    principalId: String,
+
+    /**
+     * Name of the access type - READ/WRITE/EXEC
+     */
+    accessType: String,
+
+    /**
+     * ALARM - Generate an alarm, in a system dependent way, the access specified in the permissions component of the ACL entry.
+     * ALLOW - Explicitly grants access to the resource.
+     * AUDIT - Log, in a system dependent way, the access specified in the permissions component of the ACL entry.
+     * DENY - Explicitly denies access to the resource.
+     */
+    permission: String
+};
+
+var AccessSchema = {
     publicReadAccess: Boolean,
     publicWriteAccess: Boolean,
-    permissions: [ACLEntrySchema],
+    publicExecAccess: Boolean,
-    created: Date,
+    permissions: [ACLEntrySchema]
-    modified: Date
+};
-}
-
-
-var AccessLevel = [
- NotAllowed: 'Not Allowed', // Disabled
- // 'Allowed when Logged-in',
- Owner: 'Allow to Object Owner',
- Role: 'Users defined in a Role',
- Related: 'Any User with a relationship to the object',
- Authenticated: 'Allow to Any Logged In User',
- 'Open'
-];
-*/
 
 var ACLSchema = {
-    model: String, // The model name
+    /**
-    properties: [String], // A list of property names
+     * Resource
-    methods: [String], // A list of methods
+     */
-    users: [String], // A list of users
+    model: String, // The name of the model
-    roles: [String], // A list of roles
+    property: String, // The name of the property
-    permission: {type: String, enum: ['Allow', 'Deny']}, // Allow/Deny
+    method: String, // The name of the method
-    status: String, // Enabled/disabled
+
+    access: AccessSchema, // The access
+
+    status: String,
     created: Date,
     modified: Date
 };
 
-// readAccess, writeAccess --> public, userId, role
 
-module.exports = function(dataSource) {
+var ACL = loopback.createModel('ACL', ACLSchema);
-    dataSource = dataSource || new require('loopback-datasource-juggler').ModelBuilder();
+
-    var ACL = dataSource.define('ACL', ACLSchema);
+module.exports = ACL;
-    return ACL;
-};

lib/models/role.js

@@ -1,6 +1,8 @@
+var loopback = require('loopback');
+
 // Role model
 var RoleSchema = {
-    id: {type: String, required: true}, // Id
+    id: {type: String, id: true}, // Id
     name: {type: String, required: true}, // The name of a role
     description: String, // Description
     roles: [String], // A role can be an aggregate of other roles
@@ -9,10 +11,14 @@ var RoleSchema = {
     // Timestamps
     created: {type: Date, default: Date},
     modified: {type: Date, default: Date}
-}
+};
+
+var Role = loopback.createModel('Role', RoleSchema);
+
+module.exports = Role;
+
+Role.OWNER ='$owner'; // owner of the object
+Role.RELATED = "$related"; // any User with a relationship to the object
+Role.AUTHENTICATED = "$authenticated"; // authenticated user
+Role.EVERYONE = "$everyone"; // everyone
 
-module.exports = function(dataSource) {
-    dataSource = dataSource || new require('loopback-datasource-juggler').ModelBuilder();
-    var Role = dataSource.define('Role', RoleSchema);
-    return Role;
-}