Merge pull request #3938 from mcitdev/master

Make verifyUserRelations() more robust

lib/application.js

@@ -497,19 +497,19 @@ app._verifyAuthModelRelations = function() {
   function verifyUserRelations(Model) {
     const hasManyTokens = Model.relations && Model.relations.accessTokens;
 
-    const relationsConfig = Model.settings.relations || {};
+    if (hasManyTokens) {
-    const hasPolyMorphicTokens = (relationsConfig.accessTokens || {}).polymorphic;
+      // display a temp warning message for users using multiple users config
-    // display a temp warning message for users using multiple users config
+      if (hasManyTokens.polymorphic) {
-    if (hasPolyMorphicTokens) {
+        console.warn(
-      console.warn(
+          'The app configuration follows the multiple user models setup ' +
-        'The app configuration follows the multiple user models setup ' +
+            'as described in http://ibm.biz/setup-loopback-auth',
-          'as described in http://ibm.biz/setup-loopback-auth',
+          'The built-in role resolver $owner is not currently compatible ' +
-        'The built-in role resolver $owner is not currently compatible ' +
+            'with this configuration and should not be used in production.');
-          'with this configuration and should not be used in production.');
+      }
+      return;
     }
 
-    if (hasManyTokens) return;
+    const relationsConfig = Model.settings.relations || {};
-
     const accessTokenName = (relationsConfig.accessTokens || {}).model;
     if (accessTokenName) {
       console.warn(