From f9e9aaa8ceff4ae27f21839a6b3faad26f51fbe6 Mon Sep 17 00:00:00 2001
From: mcitdev <mcitdev@users.noreply.github.com>
Date: Tue, 3 Jul 2018 08:59:13 +0200
Subject: [PATCH] Make verifyUserRelations() more robust
The fix introduced in previous commit was relying on the default
merge algorighm applied when a child model inherits relation config
from the parent.
This commit changes the check to use a more reliable approach
based on the relation metadata configured by the child model.
---
lib/application.js | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/lib/application.js b/lib/application.js
index 33239fa3..b79bce41 100644
--- a/lib/application.js
+++ b/lib/application.js
@@ -497,19 +497,19 @@ app._verifyAuthModelRelations = function() {
function verifyUserRelations(Model) {
const hasManyTokens = Model.relations && Model.relations.accessTokens;
- const relationsConfig = Model.settings.relations || {};
- const hasPolyMorphicTokens = (relationsConfig.accessTokens || {}).polymorphic;
- // display a temp warning message for users using multiple users config
- if (hasPolyMorphicTokens) {
- console.warn(
- 'The app configuration follows the multiple user models setup ' +
- 'as described in http://ibm.biz/setup-loopback-auth',
- 'The built-in role resolver $owner is not currently compatible ' +
- 'with this configuration and should not be used in production.');
+ if (hasManyTokens) {
+ // display a temp warning message for users using multiple users config
+ if (hasManyTokens.polymorphic) {
+ console.warn(
+ 'The app configuration follows the multiple user models setup ' +
+ 'as described in http://ibm.biz/setup-loopback-auth',
+ 'The built-in role resolver $owner is not currently compatible ' +
+ 'with this configuration and should not be used in production.');
+ }
+ return;
}
- if (hasManyTokens) return;
-
+ const relationsConfig = Model.settings.relations || {};
const accessTokenName = (relationsConfig.accessTokens || {}).model;
if (accessTokenName) {
console.warn(