From f9e9aaa8ceff4ae27f21839a6b3faad26f51fbe6 Mon Sep 17 00:00:00 2001 From: mcitdev Date: Tue, 3 Jul 2018 08:59:13 +0200 Subject: [PATCH] Make verifyUserRelations() more robust The fix introduced in previous commit was relying on the default merge algorighm applied when a child model inherits relation config from the parent. This commit changes the check to use a more reliable approach based on the relation metadata configured by the child model. --- lib/application.js | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/application.js b/lib/application.js index 33239fa3..b79bce41 100644 --- a/lib/application.js +++ b/lib/application.js @@ -497,19 +497,19 @@ app._verifyAuthModelRelations = function() { function verifyUserRelations(Model) { const hasManyTokens = Model.relations && Model.relations.accessTokens; - const relationsConfig = Model.settings.relations || {}; - const hasPolyMorphicTokens = (relationsConfig.accessTokens || {}).polymorphic; - // display a temp warning message for users using multiple users config - if (hasPolyMorphicTokens) { - console.warn( - 'The app configuration follows the multiple user models setup ' + - 'as described in http://ibm.biz/setup-loopback-auth', - 'The built-in role resolver $owner is not currently compatible ' + - 'with this configuration and should not be used in production.'); + if (hasManyTokens) { + // display a temp warning message for users using multiple users config + if (hasManyTokens.polymorphic) { + console.warn( + 'The app configuration follows the multiple user models setup ' + + 'as described in http://ibm.biz/setup-loopback-auth', + 'The built-in role resolver $owner is not currently compatible ' + + 'with this configuration and should not be used in production.'); + } + return; } - if (hasManyTokens) return; - + const relationsConfig = Model.settings.relations || {}; const accessTokenName = (relationsConfig.accessTokens || {}).model; if (accessTokenName) { console.warn(