Ritchie Martori
16b790a93a
Merge pull request #102 from strongloop/fix/user
...
Various Fixes and Behavioral Changes to the User Model
2013-12-18 21:34:30 -08:00
Raymond Feng
ac2f4de9d3
Remove the default values for gateway/port
2013-12-18 12:28:48 -08:00
Raymond Feng
598b1e6b61
Reformat the code using 2 space identation
2013-12-18 11:49:09 -08:00
Raymond Feng
95ad3e8c04
Allow cert/key data to be shared by push/feedback
2013-12-18 10:58:34 -08:00
Ritchie Martori
98ed38302a
Logout now automatically pulls the accessToken from the request
2013-12-17 21:22:05 -08:00
Ritchie Martori
939df463fe
Fix tests depending on old behavior of default User ACLs
2013-12-17 21:10:05 -08:00
Ritchie Martori
3152960336
Add default user ACLs
2013-12-17 20:42:28 -08:00
Miroslav Bajtoš
d09e3225cd
Define schema for GCM push-notification settings
...
Remove unused property PushNotificationSettingSchema.platform.
Flatten GCM settings schema. There is no need to distinquish between
pushOptions and feedback, as there is only single HTTP channel shared
by both.
2013-12-17 18:44:13 +01:00
Ritchie Martori
0794f141c1
Improve debug statements for access control
2013-12-16 18:12:13 -08:00
Ritchie Martori
5a154072a1
Merge pull request #96 from strongloop/feature/config
...
Make all app config values available from `app.get()`
2013-12-12 16:01:43 -08:00
Ritchie Martori
591ed86444
Merge pull request #97 from strongloop/bug/check-access
...
Dont attempt access checking on models without a check access method
2013-12-12 16:01:33 -08:00
Ritchie Martori
4619a143f5
Dont attempt access checking on models without a check access method
2013-12-11 19:46:56 -08:00
Ritchie Martori
ea7c9216d7
App config settings are now available from app.get()
2013-12-11 19:31:16 -08:00
Ritchie Martori
b62b8fa47d
Fix user not allowed to delete itself if user
...
**Note: the only code required for the fix is in role.js:203**. The
other changes are to help organize debug output.
2013-12-11 19:15:19 -08:00
Ritchie Martori
ad58a8ec13
Only look at cookies if they are available
2013-12-11 16:43:23 -08:00
Raymond Feng
0f86f69880
Remove the empty comment and set default token
2013-12-11 16:21:37 -08:00
Raymond Feng
97dc0aa441
Refactor to the code use wrapper classes
...
Add AccessContext, Principal, and AccessRequest
Add debug information
2013-12-11 16:03:48 -08:00
Raymond Feng
178674ec9a
Enhance getRoles() to support smart roles
2013-12-11 09:06:21 -08:00
Raymond Feng
82eeaeee6b
Fix the algorithm for Role.isInRole and ACL.checkAccess
2013-12-10 23:33:57 -08:00
Ritchie Martori
4560ec0964
Various ACL fixes
2013-12-10 21:49:18 -08:00
Ritchie Martori
b0f51e20f7
Add user default ACLs
2013-12-10 19:43:59 -08:00
Ritchie Martori
dfcb43e613
Allow requests without auth tokens
2013-12-10 15:57:55 -08:00
Ritchie Martori
e7cc30ee03
Fix base class not being actual base class
2013-12-09 17:11:01 -08:00
Raymond Feng
7f51c28539
Fix the ACL resolution against rules by matching score
2013-12-09 15:26:53 -08:00
Ritchie Martori
af2b8dd4ff
Merge feature/password-reset
2013-12-06 17:35:14 -08:00
Ritchie Martori
216fee3015
Add access type checking
2013-12-06 17:04:47 -08:00
Ritchie Martori
bc27f07472
Add Model.requireToken for disabling token requirement
2013-12-06 12:09:52 -08:00
Ritchie Martori
4c69af5ae2
Add Model.requireToken, default swagger to false
2013-12-06 12:00:18 -08:00
Ritchie
68ef03e944
SLA-725 support PORT and HOST environment for PaaS support
2013-12-05 20:00:09 -08:00
Ritchie Martori
0987adfd5f
Merge pull request #64 from strongloop/auth
...
Initial auth implementation
2013-12-02 17:20:42 -08:00
Ritchie Martori
5cd71cee6b
Use loopback.AccessToken as default
2013-12-02 17:16:43 -08:00
Ritchie Martori
2c36935404
Fix missing assert
2013-12-02 16:37:42 -08:00
Ritchie Martori
2f9403016c
Initial auth implementation
2013-11-22 12:26:59 -08:00
Raymond Feng
52b1588152
Merge pull request #74 from strongloop/acl
...
More ACL features
2013-11-20 14:30:40 -08:00
Ritchie Martori
e92c46a4e4
Add password reset
2013-11-20 14:20:47 -08:00
Ritchie Martori
aaa8423257
Fix minor autoWiring bugs
2013-11-20 14:18:54 -08:00
Raymond Feng
344c74297c
Add unauthenticated role
2013-11-20 13:43:02 -08:00
Raymond Feng
bee8a3b022
Add checkAccess for subject and token
2013-11-20 13:43:01 -08:00
Raymond Feng
2c7c5fc7ec
Start to support smart roles such as owner
2013-11-20 13:43:01 -08:00
Ritchie Martori
3753c15b71
Merge pull request #71 from strongloop/feature/status-middleware
...
Add status middleware
2013-11-19 13:15:57 -08:00
Ritchie Martori
e5a55846e8
Merge pull request #69 from strongloop/datasource-auto-wiring
...
Initial auto wiring for model dataSources
2013-11-19 13:11:54 -08:00
Ritchie Martori
fd7dd7e4a2
Add status middleware
2013-11-19 12:54:30 -08:00
Ritchie Martori
9db8a7a25f
Auto attach all models created
2013-11-19 12:23:02 -08:00
Miroslav Bajtos
7d60b2dea6
Add loopback.urlNotFound() middleware.
...
The middleware should be used as the last 3-parameter middleware (regular
request handles) before any 4-parameter middleware (error handlers).
This way a request to an URL not handled by any middleware is converted to
a 404 error that can be handled by whatever error handling strategy is
configured in the application.
See senchalabs/connect#954 for more details.
2013-11-19 20:27:49 +01:00
Ritchie Martori
178e5dab30
Remove .attachTo() from tests
2013-11-19 11:02:43 -08:00
Ritchie Martori
da0545bed6
Initial auto wiring for model dataSources
2013-11-18 16:13:40 -08:00
Ritchie Martori
ec58237f8a
Add public flag checking
2013-11-18 12:52:00 -08:00
Raymond Feng
9fddbc3834
Switch to modelBuilder
2013-11-15 11:16:20 -08:00
Raymond Feng
44dfe34647
Allow ACLs for methods/relations
2013-11-15 10:08:49 -08:00
Raymond Feng
8381b05da1
Allows LDL level ACLs
2013-11-15 09:41:26 -08:00