Commit Graph

32 Commits

Author SHA1 Message Date
Ritchie Martori 9cde2a45be Use the new remoting.authorization hook for check access 2015-05-12 15:33:05 -07:00
ulion 9f705139f8 Static ACL support array of properties now 2015-03-06 06:24:09 +08:00
Miroslav Bajtoš c2236c393b Upgrade jscs to ~1.11 via grunt-jscs ^1.5 2015-02-20 15:31:15 +01:00
Raymond Feng 563a06fa7e Make sure EXECUTE access type matches READ or WRITE
See https://github.com/strongloop/loopback/issues/1011
2015-01-14 13:38:44 -08:00
Rob Halff 36e1f6840c fix jscs errors 2014-11-21 03:35:36 +01:00
Rob Halff 918497c365 singlequote, semicolon & /*jshint -W030 */ 2014-11-21 02:46:21 +01:00
Raymond Feng 242b44ed2b Skip static ACL entries that don't match the property 2014-10-13 16:45:36 -07:00
Miroslav Bajtoš 1fe0110849 Dismantle `lib/models`.
- Move core models `Model` and `PersistedModel` to `lib/`.
 - Move `AccessContext` class to `lib/`, since it is not a model.
 - Move all other built-in models to `common/models`.

This is a preparation for extracting model definitions to JSON files.
By splitting the change into multiple commits, git is able to keep track
of file moves (renames).
2014-10-13 12:09:27 +02:00
Miroslav Bajtoš d21669b844 Merge branch 'master' into 2.0
Conflicts:
	docs.json
	lib/application.js
	lib/loopback.js
	lib/models/data-model.js
	lib/models/model.js
	lib/models/user.js
	lib/registry.js
	package.json
	test/app.test.js
2014-06-13 10:09:25 +02:00
Miroslav Bajtoš ea5b9d16fc Rename DataModel to PersistedModel 2014-06-05 09:56:00 +02:00
Ritchie Martori fea1cee1c4 !fixup only set ctx.accessType when sharedMethod is available 2014-06-02 14:41:08 -07:00
Ritchie Martori a2f931ed3f Refactor ACL to allow for `methodNames` / aliases 2014-06-02 14:41:08 -07:00
Miroslav Bajtoš 18fd61a546 Merge branch 'master' into 2.0 2014-05-28 18:41:36 +02:00
Raymond Feng ed0b568542 Fix the test for mocha 1.19.0
See 6c705cd4d4
2014-05-26 21:52:48 -07:00
Ritchie Martori d237ae5ddb Merge latest from master 2014-05-20 14:31:09 -07:00
Ritchie Martori ae2fb9dea0 !fixup use DataModel instead of Model for all data based models 2014-05-02 20:15:01 -07:00
Raymond Feng 921e35954d Rename the method so that it won't conflict with Model.checkAccess
See https://github.com/strongloop/loopback/issues/239
2014-04-21 11:13:03 -07:00
Raymond Feng 328a72ac91 Improve the ACL matching algorithm
See https://github.com/strongloop/loopback-example-access-control/issues/8
2014-03-19 15:09:20 -07:00
Raymond Feng a6ff22c9c1 Make sure defaultPermission is checked 2014-01-16 15:05:10 -08:00
Ritchie Martori 939df463fe Fix tests depending on old behavior of default User ACLs 2013-12-17 21:10:05 -08:00
Raymond Feng 97dc0aa441 Refactor to the code use wrapper classes
Add AccessContext, Principal, and AccessRequest
Add debug information
2013-12-11 16:03:48 -08:00
Raymond Feng 82eeaeee6b Fix the algorithm for Role.isInRole and ACL.checkAccess 2013-12-10 23:33:57 -08:00
Raymond Feng 7f51c28539 Fix the ACL resolution against rules by matching score 2013-12-09 15:26:53 -08:00
Raymond Feng bee8a3b022 Add checkAccess for subject and token 2013-11-20 13:43:01 -08:00
Ritchie Martori da0545bed6 Initial auto wiring for model dataSources 2013-11-18 16:13:40 -08:00
Raymond Feng 8381b05da1 Allows LDL level ACLs 2013-11-15 09:41:26 -08:00
Raymond Feng 8e679d0927 Fix the permission resolution 2013-11-14 21:19:57 -08:00
Raymond Feng 94f12d0fce Fix the permission check 2013-11-14 21:19:57 -08:00
Raymond Feng 660ef89755 Merge ScopeACL into ACL 2013-11-14 21:19:56 -08:00
Raymond Feng c3a1a85159 Add constants and more tests 2013-11-14 21:19:56 -08:00
Raymond Feng 48a0242711 Define the models/relations for ACL 2013-11-14 21:19:56 -08:00
Raymond Feng 67b934357b Start to build the ACL models 2013-11-14 21:19:56 -08:00