Esco Obong
74018019b4
fix implementation of Role methods: users,roles, and applications
2015-03-12 14:58:08 -04:00
crandmck
1cabd74308
Remove duplicate cb func from getRoles and other doc cleanup
2015-03-12 11:15:36 -07:00
Benjamin Boudreau
2d08e656b8
Handling owner being a relation/function
2015-03-11 10:25:40 -04:00
Miroslav Bajtoš
e59493ec40
Merge pull request #1176 from strongloop/feature/more-replication-improvements
...
Prevent more kinds of false replication conflicts
2015-03-06 07:27:16 +01:00
ulion
9f705139f8
Static ACL support array of properties now
2015-03-06 06:24:09 +08:00
Miroslav Bajtoš
76d9244448
Prevent more kinds of false replication conflicts
...
Rework the Change model to merge changes made within the same
Checkpoint.
Rework `replicate()` to run multiple iteration until there were no
changes replicated. This ensures that the target model is left in
a clean state with no pending changes associated with the latest
(current) checkpoint.
2015-03-05 14:15:02 +01:00
Miroslav Bajtoš
b381c5df7e
Add more debug logs to replication
2015-03-04 15:00:53 +01:00
Miroslav Bajtoš
2885317634
Merge pull request #1157 from strongloop/feature/replication-improvements
...
Replication improvements: Checkpoint
2015-03-04 08:45:19 +01:00
Miroslav Bajtoš
3d5c8a7443
Checkpoint: start with seq=1 instead of seq=0
...
Since the seq behaves in many senses like an id, it should meet
the usual expectation people have about ids. Using only truthy values
is one of them.
2015-03-03 19:37:11 +01:00
Miroslav Bajtoš
628e3a30ca
Return new checkpoints in callback of replicate()
...
Extend `PersistedModel.replicate` to pass the newly created checkpoints
as the third callback argument.
The typical usage of these values is to pass them as the `since`
argument of the next `replicate()` call.
global.since = -1;
function sync(cb) {
LocalModel.replicate(
since,
RemoteModel,
function(err, conflicts, cps)
if (err) return cb(err);
if (!conflicts.length) {
since = cps;
return cb();
}
// resolve conflicts and try again
});
}
2015-03-03 19:37:11 +01:00
Miroslav Bajtoš
e20cc66787
Replace deprecated hooks with Operation hooks
...
AccessToken.beforeCreate -> AccessToken.observe('before save')
Application.beforeCreate -> Application.observe('before save')
Checkpoint.beforeSave -> Checkpoint.observe('before save')
2015-03-03 18:06:15 +01:00
Raymond Feng
78550a9bc5
Pass options from User.login to createAccessToken
...
It will allow subclass of User to create access token based on additional
properties such as 'scope'.
2015-03-02 14:48:08 -08:00
Miroslav Bajtoš
3c43eccac7
Merge pull request #1120 from PradnyaBaviskar/lb-issue-416
...
Fix "User.confirm" to always call afterRemote hook
Close #1120
2015-02-25 14:26:07 +01:00
Pradnya Baviskar
8766d4a68d
Fix "User.confirm" to always call afterRemote hook
...
Make the "redirect" parameter optional. When the parameter is not
specified, the server responds with an empty response (204). This allows
API clients to call the method without the need to handle redirects
and HTML responses.
Even when the "redirect" parameter is included, the builtin afterRemote
hook still calls next(), so that user-provided afterRemote hooks
are executed too.
2015-02-25 14:20:47 +01:00
Raymond Feng
13e618bff2
Skip hashing password if it's already hashed
...
See https://github.com/strongloop/loopback-datasource-juggler/issues/471
2015-02-24 16:36:51 -08:00
Miroslav Bajtoš
3d977f3e68
Merge pull request #1116 from strongloop/fix/change-detection
...
Fix change detection & tracking
2015-02-24 08:24:27 +01:00
crandmck
a82b33ec5c
Add docs for settings per #1069
2015-02-23 13:13:52 -08:00
Miroslav Bajtoš
702ecc6f72
Fix change detection & tracking
...
Add unit-tests to verify that all DAO methods correctly create change
records.
Rework the change detection to use the new operation hooks, this fixes
the bugs where operations like "updateOrCreate" did not update change
records.
2015-02-20 19:28:33 +01:00
Miroslav Bajtoš
c2236c393b
Upgrade jscs to ~1.11 via grunt-jscs ^1.5
2015-02-20 15:31:15 +01:00
Raymond Feng
a19f39396f
Fix coding style issue
2015-02-18 15:25:46 -08:00
zane
39560b9ce6
Fix for issue 1099.
...
Signed-off-by: zane <zane.mccaig@mail.mcgill.ca>
2015-02-18 11:05:53 -04:00
Ritchie Martori
4b6dcd6271
Document user settings
2015-02-04 14:09:01 -08:00
Miroslav Bajtoš
a77b3bbac7
Remove usages of deprecated `req.param()`
...
Express has recently deprecated `req.param()` to force developers
to be explicit about the source of the value. To avoid deprecation
warnings, this commit replaces all calls of `req.param()` with a
simplified inline version.
2015-01-21 19:27:53 +01:00
Ron Edgecomb
a028d9d198
Add error code property to known error responses.
...
Enhance the error objects with a `code` property containing
a machine-readable string code describing the error, for example
INVALID_TOKEN or USER_NOT_FOUND.
Also improve 404 error messages to include the model name.
2015-01-21 19:04:47 +01:00
Ritchie Martori
0b0927b56b
Merge pull request #992 from TorchlightSoftware/repl-optimize
...
don't send queries to the DB when no changes are detected
2015-01-19 09:32:17 -08:00
Ryan Graham
8fa04fd32f
Merge pull request #1015 from strongloop/feature/rmg-basic-auth-support
...
Extend AccessToken to parse Basic auth headers
2015-01-16 10:52:02 -08:00
Ryan Graham
fbb091e3b3
Extend AccessToken to parse Basic auth headers
...
Allow convenient URLs for curl and browsers such as:
- http://some-long-token@localhost:3000/
- http://token:some-long-token@localhost:3000/
Basic Auth specifies a 'Basic' scheme for the Authorization header
similar to how OAuth specifies 'Bearer' as an auth scheme.
Following a similar convention, extract the access token from the
Authorization header when it specifies the 'Basic' scheme, assuming
it is the larger of the <user>:<pass> segments.
2015-01-15 22:53:09 -08:00
Raymond Feng
563a06fa7e
Make sure EXECUTE access type matches READ or WRITE
...
See https://github.com/strongloop/loopback/issues/1011
2015-01-14 13:38:44 -08:00
Ritchie Martori
e0e9d6ecff
Merge pull request #943 from BerkeleyTrue/refactor/user-remote-method
...
Use User.remoteMethod instead of loopbacks method
2015-01-13 10:20:43 -08:00
bitmage
c28698c1ba
don't send queries to the DB when no changes are detected
2015-01-10 11:28:55 -07:00
Raymond Feng
f5eac871fd
Merge branch 'master' of https://github.com/greaterweb/loopback into greaterweb-master
2015-01-07 16:35:00 -08:00
Raymond Feng
90fd62ec0a
Merge pull request #941 from strongloop/feature/workaround-issue-251
...
Allow User.hashPassword/validatePassword to be overridden
2015-01-07 14:01:03 -08:00
Raymond Feng
b7db9808b2
Allow User.hashPassword/validatePassword to be overridden
...
See https://github.com/strongloop/loopback/issues/251
2015-01-06 16:03:30 -08:00
Berkeley Martinez
4fc07fe125
Use User.remoteMethod instead of loopbacks method
...
This is needed for loopback-connector-remote authorization.
Addresses https://github.com/strongloop/loopback/issues/622 .
2015-01-06 08:18:57 -08:00
Ron Edgecomb
dc055e5559
Require valid login credentials before verified email check.
...
- strongloop/loopback#931 .
2015-01-05 18:40:59 -05:00
Ritchie Martori
270dfc2603
Merge pull request #955 from alFReD-NSH/checkpoint-leak
...
Fix Change.getCheckpointModel() giving new models each call
2015-01-05 09:40:29 -08:00
Clark Wang
2f9400fc87
fix User.settings.ttl can't be overridden in sub model
...
Signed-off-by: Clark Wang <clark.wangs@gmail.com>
2014-12-28 16:02:37 +08:00
Farid Neshat
d5d7ecd0bb
Fix Change.getCheckpointModel() giving new models each call
...
This was a huge memory leak in our app...
2014-12-27 23:48:56 +08:00
Raymond Feng
cb2f40bb86
Fix bcrypt issues for browserify
2014-12-08 14:59:21 -08:00
Raymond Feng
1e932e72ed
Allow native bcrypt for performance
...
See https://github.com/strongloop/loopback/issues/892
2014-12-03 09:03:36 -08:00
Miroslav Bajtoš
a603ffa0f5
AccessToken: optional `options` in findForRequest
...
Fix `AccessToken.findForRequest` to correctly handle the case when
the options argument was omitted:
AccessToken.findForRequest(req, cb);
2014-11-14 10:42:21 +01:00
Miroslav Bajtoš
7c96aec9af
Merge pull request #738 from strongloop/feature/style-cleanup-in-common
...
common: coding style cleanup
2014-11-05 20:07:34 +01:00
Miroslav Bajtoš
d9a426c867
Merge pull request #668 from BerkeleyTrue/fix/dublicateId
...
This fixes duplicate key issue #649
2014-11-05 19:22:22 +01:00
Miroslav Bajtoš
dc762d2514
common: coding style cleanup
2014-11-04 13:52:49 +01:00
Raymond Feng
842d9b0bcd
Fix the jsdoc for User.login
2014-11-03 14:07:19 -08:00
Berkeley Martinez
1ee05eb8a7
Deleted instantiation of new Change model.
...
This PR removes the instantiation of a new change model
as models return from Change.find are already
instances of Change. This solves the duplicate Id issue #649
2014-11-03 13:41:43 -08:00
Miroslav Bajtoš
fec8234c4c
Merge pull request #616 from jpizarrom/master
...
added email custom headers in user verify
2014-10-24 19:51:10 +02:00
Juan Pizarro
4098bec2c6
User: custom email headers in verify
2014-10-24 14:42:49 -03:00
Raymond Feng
b98ada282f
Merge pull request #660 from strongloop/feature/add-realm-support
...
Add realm support
2014-10-24 08:27:28 -07:00
Raymond Feng
46d1430023
Add realm support
2014-10-23 11:10:39 -07:00
Raymond Feng
03b3c3cda4
Merge pull request #680 from arlaneenalra/feature/fix-676
...
Force principalId to be a string in Role.getRoles Fix #676
2014-10-23 08:55:17 -07:00
Miroslav Bajtoš
b57cd3e409
User: fix `confirm` permissions
...
Enable authentication for all User unit-tests to check that the ACLs are
correctly configured.
Fix the rule for `confirm` - the correct permission is `ALLOW`, not
`ACL.ALLOW`.
2014-10-23 13:19:43 +02:00
Chris S
f678107859
Adjust id handling to deal with 0 and null
2014-10-22 11:36:54 -05:00
Chris S
cff0e15936
Force principalId to be a string.
...
Added a defensive check for undefined to avoid problems
when converting to a string.
2014-10-22 10:05:29 -05:00
Rand McKinney
2384c9d841
Fix JSdoc for registerResolver
2014-10-20 14:45:40 -07:00
Miroslav Bajtoš
20026a9d04
Fix places using undefined variables
...
Also enable jshint option "undefined" in order to catch these kind
of errors in the future.
2014-10-15 16:44:00 +02:00
crandmck
2f4a54d93c
Clean up jsdoc comments
...
Add class properties, expose some methods that should have
been documented, etc.
2014-10-15 09:42:24 +02:00
Miroslav Bajtoš
0906a6f5b3
models: move Change LDL def into a json file
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
6cbc231fba
models: move Checkpoint LDL def into a json file
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
461ae92c1c
models: move Role LDL def into a json file
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
e9c86163aa
models: move RoleMapping def into its own files
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
7c01d59d80
models: move ACL LDL def into a json file
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
ef890d5f26
models: move Scope def into its own files
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
5f20652241
models: move AccessToken LDL def into a json file
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
1e6beabbd2
models: move Application LDL def into a json file
...
Move some of the comments describing properties into jsdoc.
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
551d109a20
models: move Email LDL def into `email.json`
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
920d3be6a3
models: move User LDL def into `user.json`
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
df9fe90d35
Auto-load and register built-in `Checkpoint` model
2014-10-14 08:58:16 +02:00
Raymond Feng
242b44ed2b
Skip static ACL entries that don't match the property
2014-10-13 16:45:36 -07:00
Miroslav Bajtoš
1fe0110849
Dismantle `lib/models`.
...
- Move core models `Model` and `PersistedModel` to `lib/`.
- Move `AccessContext` class to `lib/`, since it is not a model.
- Move all other built-in models to `common/models`.
This is a preparation for extracting model definitions to JSON files.
By splitting the change into multiple commits, git is able to keep track
of file moves (renames).
2014-10-13 12:09:27 +02:00