models: move ACL LDL def into a json file

2014-10-13 10:55:08 +02:00 · 2014-10-13 10:55:08 +02:00 · 7c01d59d80
parent ef890d5f26
commit 7c01d59d80
5 changed files with 360 additions and 351 deletions
--- a/common/models/access-token.js
+++ b/common/models/access-token.js
@ -5,9 +5,7 @@
 var loopback = require('../../lib/loopback')
  , assert = require('assert')
  , uid = require('uid2')
-  , DEFAULT_TOKEN_LEN = 64
+  , DEFAULT_TOKEN_LEN = 64;
  , Role = require('./role').Role
  , ACL = require('./acl').ACL;
 /**
 * Token based authentication and access control.
--- a/common/models/acl.js
+++ b/common/models/acl.js
@ -45,6 +45,8 @@ var role = require('./role');
 var Role = role.Role;
 /**
 * A Model for access control meta data.
 *
 * System grants permissions to principals (users/applications, can be grouped
 * into roles).
 *
@ -54,18 +56,6 @@ var Role = role.Role;
 * For a given principal, such as client application and/or user, is it allowed
 * to access (read/write/execute)
 * the protected resource?
 */
 var ACLSchema = {
  model: String, // The name of the model
  property: String, // The name of the property, method, scope, or relation
  accessType: String,
  permission: String,
  principalType: String,
  principalId: String
 };
 /**
 * A Model for access control meta data.
 *
 * @header ACL
 * @property {String} model Name of the model.
@ -78,11 +68,12 @@ var ACLSchema = {
 *  - DENY: Explicitly denies access to the resource.
 * @property {String} principalType Type of the principal; one of: Application, Use, Role.
 * @property {String} principalId ID of the principal - such as appId, userId or roleId
- * @class
+ *
- * @inherits Model
+ * @class ACL
 * @inherits PersistedModel
 */
-var ACL = loopback.PersistedModel.extend('ACL', ACLSchema);
+module.exports = function(ACL) {
  ACL.ALL = AccessContext.ALL;
@ -468,4 +459,4 @@ ACL.checkAccessForToken = function (token, model, modelId, method, callback) {
    });
  };
-module.exports.ACL = ACL;
+}
--- a/common/models/acl.json
+++ b/common/models/acl.json
@ -0,0 +1,17 @@
 {
  "name": "ACL",
  "properties": {
    "model": {
      "type": "string",
      "description": "The name of the model"
    },
    "property": {
      "type": "string",
      "description": "The name of the property, method, scope, or relation"
    },
    "accessType": "string",
    "permission": "string",
    "principalType": "string",
    "principalId": "string"
  }
 }
--- a/lib/access-context.js
+++ b/lib/access-context.js
@ -281,7 +281,7 @@ AccessRequest.prototype.exactlyMatches = function(acl) {
 */
 AccessRequest.prototype.isAllowed = function() {
-  return this.permission !== require('../common/models/acl').ACL.DENY;
+  return this.permission !== loopback.ACL.DENY;
 }
 AccessRequest.prototype.debug = function() {
--- a/lib/builtin-models.js
+++ b/lib/builtin-models.js
@ -15,7 +15,10 @@ module.exports = function(loopback) {
  loopback.Role = require('../common/models/role').Role;
  loopback.RoleMapping = require('../common/models/role').RoleMapping;
-  loopback.ACL = require('../common/models/acl').ACL;
+
  loopback.ACL = createModel(
    require('../common/models/acl.json'),
    require('../common/models/acl.js'));
  loopback.Scope = createModel(
    require('../common/models/scope.json'),