verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'release/2.1.1' into production

This commit is contained in:
Raymond Feng 2014-08-08 16:01:22 -07:00
parent 55def26343 22bca61f32
commit dfd7d411d4
9 changed files with 79 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/application.js
View File

@ -323,6 +323,7 @@ app.enableAuth = function() {
req.accessToken,
modelId,
method,
ctx,
function(err, allowed) {
// Emit any cached data events that fired while checking access.
req.resume();

1
lib/models/access-context.js
View File

@ -66,6 +66,7 @@ function AccessContext(context) {
if (token.appId) {
this.addPrincipal(Principal.APPLICATION, token.appId);
}
this.remotingContext = context.remotingContext;
}
// Define constant for the wildcard

62
lib/models/model.js
View File

@ -185,10 +185,9 @@ Model.setup = function () {
// resolve relation functions
sharedClass.resolve(function resolver(define) {
var relations = ModelCtor.relations;
if (!relations) {
return;
}
var relations = ModelCtor.relations || {};
// get the relations
for (var relationName in relations) {
var relation = relations[relationName];
@ -201,13 +200,16 @@ Model.setup = function () {
relation.type === 'embedsMany' ||
relation.type === 'referencesMany') {
ModelCtor.hasManyRemoting(relationName, relation, define);
ModelCtor.scopeRemoting(relationName, relation, define);
} else {
ModelCtor.scopeRemoting(relationName, relation, define);
}
}
// handle scopes
var scopes = ModelCtor.scopes || {};
for (var scopeName in scopes) {
ModelCtor.scopeRemoting(scopeName, scopes[scopeName], define);
}
});
return ModelCtor;
};
@ -234,15 +236,22 @@ Model._ACL = function getACL(ACL) {
* @param {AccessToken} token The access token
* @param {*} modelId The model ID.
* @param {SharedMethod} sharedMethod The method in question
* @param {Object} ctx The remote invocation context
* @callback {Function} callback The callback function
* @param {String|Error} err The error object
* @param {Boolean} allowed True if the request is allowed; false otherwise.
*/
Model.checkAccess = function(token, modelId, sharedMethod, callback) {
Model.checkAccess = function(token, modelId, sharedMethod, ctx, callback) {
var ANONYMOUS = require('./access-token').ANONYMOUS;
token = token || ANONYMOUS;
var aclModel = Model._ACL();
ctx = ctx || {};
if(typeof ctx === 'function' && callback === undefined) {
callback = ctx;
ctx = {};
}
aclModel.checkAccessForContext({
accessToken: token,
@ -251,7 +260,8 @@ Model.checkAccess = function(token, modelId, sharedMethod, callback) {
method: sharedMethod.name,
sharedMethod: sharedMethod,
modelId: modelId,
accessType: this._getAccessTypeForMethod(sharedMethod)
accessType: this._getAccessTypeForMethod(sharedMethod),
remotingContext: ctx
}, function(err, accessRequest) {
if(err) return callback(err);
callback(null, accessRequest.isAllowed());
@ -346,6 +356,8 @@ Model.remoteMethod = function(name, options) {
}
Model.belongsToRemoting = function(relationName, relation, define) {
var modelName = relation.modelTo && relation.modelTo.modelName;
modelName = modelName || 'PersistedModel';
var fn = this.prototype[relationName];
var pathName = (relation.options.http && relation.options.http.path) || relationName;
define('__get__' + relationName, {
@ -353,7 +365,7 @@ Model.belongsToRemoting = function(relationName, relation, define) {
http: {verb: 'get', path: '/' + pathName},
accepts: {arg: 'refresh', type: 'boolean', http: {source: 'query'}},
description: 'Fetches belongsTo relation ' + relationName,
returns: {arg: relationName, type: relation.modelTo.modelName, root: true}
returns: {arg: relationName, type: modelName, root: true}
}, fn);
}
@ -464,30 +476,32 @@ Model.hasManyRemoting = function (relationName, relation, define) {
}
};
Model.scopeRemoting = function(relationName, relation, define) {
var pathName = (relation.options.http && relation.options.http.path) || relationName;
var toModelName = relation.modelTo.modelName;
Model.scopeRemoting = function(scopeName, scope, define) {
var pathName = (scope.options && scope.options.http && scope.options.http.path)
|| scopeName;
var isStatic = scope.isStatic;
var toModelName = scope.modelTo.modelName;
define('__get__' + relationName, {
isStatic: false,
define('__get__' + scopeName, {
isStatic: isStatic,
http: {verb: 'get', path: '/' + pathName},
accepts: {arg: 'filter', type: 'object'},
description: 'Queries ' + relationName + ' of ' + this.modelName + '.',
returns: {arg: relationName, type: [toModelName], root: true}
description: 'Queries ' + scopeName + ' of ' + this.modelName + '.',
returns: {arg: scopeName, type: [toModelName], root: true}
});
define('__create__' + relationName, {
isStatic: false,
define('__create__' + scopeName, {
isStatic: isStatic,
http: {verb: 'post', path: '/' + pathName},
accepts: {arg: 'data', type: toModelName, http: {source: 'body'}},
description: 'Creates a new instance in ' + relationName + ' of this model.',
description: 'Creates a new instance in ' + scopeName + ' of this model.',
returns: {arg: 'data', type: toModelName, root: true}
});
define('__delete__' + relationName, {
isStatic: false,
define('__delete__' + scopeName, {
isStatic: isStatic,
http: {verb: 'delete', path: '/' + pathName},
description: 'Deletes all ' + relationName + ' of this model.'
description: 'Deletes all ' + scopeName + ' of this model.'
});
};

2
lib/models/user.js
View File

@ -289,7 +289,7 @@ User.prototype.verify = function (options, fn) {
options.user = this;
options.protocol = options.protocol || 'http';
var app = this.app;
var app = userModel.app;
options.host = options.host || (app && app.get('host')) || 'localhost';
options.port = options.port || (app && app.get('port')) || 3000;
options.restApiRoot = options.restApiRoot || (app && app.get('restApiRoot')) || '/api';

2
package.json
View File

@ -26,7 +26,7 @@
"mobile",
"mBaaS"
],
"version": "2.1.0",
"version": "2.1.1",
"scripts": {
"test": "grunt mocha-and-karma"
},

14
test/access-control.integration.js
View File

@ -160,6 +160,19 @@ describe('access control - integration', function () {
});
describe('/accounts', function () {
var count = 0;
before(function() {
var roleModel = loopback.getModelByType(loopback.Role);
roleModel.registerResolver('$dummy', function (role, context, callback) {
process.nextTick(function () {
if(context.remotingContext) {
count++;
}
callback && callback(null, false); // Always true
});
});
});
lt.beforeEach.givenModel('account');
lt.it.shouldBeDeniedWhenCalledAnonymously('GET', '/api/accounts');
@ -170,7 +183,6 @@ describe('access control - integration', function () {
lt.it.shouldBeDeniedWhenCalledUnauthenticated('GET', urlForAccount);
lt.it.shouldBeDeniedWhenCalledByUser(CURRENT_USER, 'GET', urlForAccount);
lt.it.shouldBeDeniedWhenCalledAnonymously('POST', '/api/accounts');
lt.it.shouldBeDeniedWhenCalledUnauthenticated('POST', '/api/accounts');
lt.it.shouldBeDeniedWhenCalledByUser(CURRENT_USER, 'POST', '/api/accounts');

7
test/fixtures/access-control/models.json vendored
View File

@ -124,6 +124,13 @@
"principalType": "ROLE",
"principalId": "$owner",
"property": "deleteById"
},
{
"accessType": "*",
"permission": "DENY",
"property": "find",
"principalType": "ROLE",
"principalId": "$dummy"
}
]
},

7
test/fixtures/simple-integration-app/models.json vendored
View File

@ -45,6 +45,13 @@
"public": true,
"dataSource": "db",
"options": {
"scopes": {
"superStores": {
"where": {
"size": "super"
}
}
},
"relations": {
"widgets": {
"model": "widget",

10
test/relations.integration.js
View File

@ -25,6 +25,16 @@ describe('relations - integration', function () {
this.app.models.widget.destroyAll(done);
});
describe('/store/superStores', function() {
it('should invoke scoped methods remotely', function(done) {
this.get('/api/stores/superStores')
.expect(200, function(err, res) {
expect(res.body).to.be.array;
done();
});
});
});
describe('/store/:id/widgets', function () {
beforeEach(function() {
this.url = '/api/stores/' + this.store.id + '/widgets';