Commit Graph

442 Commits

Author SHA1 Message Date
Raymond Feng 06cece038e Merge pull request #1584 from strongloop/feature/add-more-acl-utils
Enhance the ACL related models
2015-08-13 09:00:32 -07:00
Raymond Feng 3eb8dd55f6 Add util methods to ACL and clean up related model resolutions 2015-08-13 08:58:41 -07:00
Pradnya Baviskar 64a1dbadc8 Promisify 'PersistedModel - replication' 2015-08-12 09:22:53 +02:00
Pradnya Baviskar 2ee7c94a4e Promisify 'Application' model 2015-08-12 09:15:24 +02:00
Raymond Feng c44a19dc73 Allow methods filter for middleware config 2015-08-05 10:30:57 -07:00
Miroslav Bajtoš 98784e2b4b Don't load Bluebird for createPromiseCallback
The decision which Promise implementation to use should be made by
LoopBack user, not by the framework.

This commit moves Bluebird reference from lib/utils.js to
test/support.js.
2015-08-04 11:04:12 +02:00
Miroslav Bajtoš aa5c9e3628 Merge pull request #1493 from PradnyaBaviskar/issue418-userModel
Promisify User model
2015-08-04 10:32:44 +02:00
Raymond Feng 34eb0e1a45 Disable application model test for karma 2015-07-28 08:39:58 -07:00
Pradnya Baviskar dc987a59a9 Promisify User model 2015-07-14 13:01:46 +05:30
Ritchie Martori cdddb08a67 Merge pull request #1445 from strongloop/feature/subscribe
Add PersistedModel.subscribe()
2015-07-09 13:35:49 -07:00
Ritchie Martori 40c5707a36 Add PersistedModel.createChangeStream() 2015-07-09 13:34:01 -07:00
Miroslav Bajtoš 5ec7fd51e2 Merge pull request #1416 from strongloop/feature/searchDefaultTokenKeys
Config option: (do not) search default token keys
2015-07-09 18:03:41 +02:00
Miroslav Bajtoš 3115e5055f Auto-configure models required by `app.enableAuth`
Modify `app.enableAuth` to automaticaly setup all required models
that are not attached to the app nor a datasource.

Users wishing to use this option must provide the name of the
data-source to use for these models.

Example usage:

    var app = loopback();
    app.dataSource('db', { connector: 'memory' });
    app.enableAuth({ dataSource: 'db' });

    app.use(loopback.rest());
    app.listen(3000);
2015-06-01 12:19:28 +02:00
Miroslav Bajtoš 0ccc1e2b73 Add loadBuiltinModels flag to loopback(options)
When creating an application with a local registry, the default
behaviour is to define only two core models Model & PersistedModel.

The new flag `loadBuiltinModels` modifies this behaviour and instructs
loopback to define all builtin models in the local registry too.
2015-06-01 12:19:28 +02:00
Raymond Feng 77bcc09107 Merge branch 'master' of https://github.com/esco/loopback into esco-master 2015-05-29 16:44:18 -07:00
Miroslav Bajtoš 986132d79f Add a unit-test for searchDefaultTokenKeys 2015-05-29 12:06:32 +02:00
Raymond Feng b5f702afd3 Fix the test case 2015-05-28 16:15:02 -07:00
Raymond Feng b627220059 Merge branch 'polymorphic-scoped-inclue' of https://github.com/mrfelton/loopback into mrfelton-polymorphic-scoped-inclue 2015-05-22 09:20:20 -07:00
Tom Kirkpatrick d6c8d9725a Fix code standards issues 2015-05-14 22:09:51 +02:00
Raymond Feng 20c9695591 Make the test compatible with latest juggler 2015-05-13 12:52:31 -07:00
Tom Kirkpatrick 8fa736517a Add test case to highlight fatal error when trying to include a scoped relationship through a polymorphic relationship 2015-05-13 18:47:30 +02:00
Ritchie Martori 805e0e0c1c Merge pull request #1370 from strongloop/fix/check-access-ordering
Use the new remoting.authorization hook for check access
2015-05-12 16:06:47 -07:00
Ritchie Martori 9cde2a45be Use the new remoting.authorization hook for check access 2015-05-12 15:33:05 -07:00
Miroslav Bajtoš f93b69ed0a Define remote methods via model settings/config
Process `settings.methods` and `config.methods` as a key-value map
where the key is the method name and the value is an object describing
the method in the format expected by strong-remoting.

Example: a static method `Model.create`

    "methods": {
      "create": {
        "isStatic": true,
        "accepts": {
           "arg": "data", "type": "Car",
           "http": { "source": "body" }
        },
        "returns": { "arg": "data", "type": "Car", "root": true }
      }
    }

This patch is based on the code proposed by @mrfelton in #1163.
2015-05-07 07:42:08 +02:00
Miroslav Bajtoš b6b76d538c Fix regression in Model.getApp()
This patch fixes the method Model.getApp() that started to report
the following error after b61fae5 was landed:

assert.js:88
  throw new assert.AssertionError({
        ^
AssertionError: undefined == true
    at loopback/loopback/lib/model.js:392:7
    at EventEmitter.<anonymous> (loopback/loopback/lib/model.js:222:9)
    at EventEmitter.g (events.js:257:16)
    at emitOne (events.js:77:13)
    at EventEmitter.emit (events.js:166:7)
    at EventEmitter.app.model (loopback/loopback/lib/application.js:157:9)
2015-04-28 12:49:57 +02:00
Raymond Feng f798882e9a Allow dataSource === false 2015-04-24 08:32:17 -07:00
Raymond Feng a4121ee3d6 Merge pull request #1318 from strongloop/feature/disable-include-access-tokens
Disable inclusion of User.accessTokens
2015-04-21 10:43:41 -07:00
Raymond Feng bdc741520e Disable inclusion of User.accessTokens 2015-04-20 11:44:07 -07:00
Raymond Feng ca004adfc6 Merge pull request #1301 from strongloop/feature/disable-include-access-tokens
Upgrade test fixtures to 2.x project layouts
2015-04-20 11:43:19 -07:00
Raymond Feng 12e19e36ea Upgrade test fixtures to use LB 2.x layout 2015-04-20 09:23:44 -07:00
Miroslav Bajtoš 4d0a824757 Add back loopback properties like modelBuilder
The commit b917075 accidentally removed a couple of properties,
this commit is bringing them back:

 - loopback.modelRegistry
 - loopback.defaultDataSources

A unit-test was added to prevent this kind of regressions in the future.
2015-04-17 18:05:25 +02:00
Raymond Feng 2bf69a1171 Expose the `filter` argument for findById 2015-04-16 15:02:41 -07:00
Miroslav Bajtoš cf2acb3cd2 Conflict resolution and Access control
Add end-to-end unit-tests verifying enforcement of access control during
conflict resolution.

Implement two facade methods providing REST API for Change methods used
by conflict resolution:

    PersistedModel.findLastChange
    GET /api/{model.pluralName}/{id}/changes/last

    PersistedModel.updateLastChange
    PUT /api/{model.pluralName}/{id}/changes/last

By providing these two methods on PersistedModel, replication users
don't have to expose the Change model via the REST API. What's even
more important, these two methods use the same set of ACL rules
as other (regular) PersistedModel methods.

Rework `Conflict.prototype.changes()` and `Conflict.prototype.resolve()`
to use these new facade methods.

Implement a new method `Conflict.prototype.swapParties()` that provides
better API for the situation when a conflict detected in Remote->Local
replication should be resolved locally (i.e. in the replication target).
2015-04-14 08:23:24 +02:00
Miroslav Bajtoš 9c5fe088e3 AccessControl for change replication
1) Add integration tests running change replication over REST to verify
that access control at model level is correctly enforced.

2) Implement a new access type "REPLICATE" that allows principals
to create new checkpoints, even though they don't have full WRITE
access to the model. Together with the "READ" permission, these
two types allow principals to replicate (pull) changes from the server.

Note that anybody having "WRITE" access type is automatically
granted "REPLICATE" type too.

3) Add a new model option "enableRemoteReplication" that exposes
replication methods via strong remoting, but does not configure
change rectification. This option should be used the clients
when setting up Remote models attached to the server via the remoting
connector.
2015-04-07 19:53:58 +02:00
Miroslav Bajtoš 699bc7aa97 test: remove global autoAttach 2015-04-07 15:25:18 +02:00
Miroslav Bajtoš b61fae58f6 Merge pull request #1272 from strongloop/feature/after-remote-error-hook
Model.afterRemoteError hook
2015-04-07 09:47:51 +02:00
Ritchie Martori b9170751bc Add support for app level Model isolation
- `loopback.registry` is now a true global registry
 - `app.registry` is unique per app object
 - `Model.registry` is set when a Model is created using any registry method
 - `loopback.localRegistry` and `loopback({localRegistry: true})` when set to `true` this will create a `Registry` per `Application`. It defaults to `false`.
2015-04-03 11:48:45 -07:00
Miroslav Bajtoš dd83be99f0 Implement ModelCtor.afterRemoteError 2015-04-03 10:31:03 +02:00
Raymond Feng 64ccb785c2 Fix the style issue 2015-04-02 08:45:04 -07:00
Raymond Feng 9af828efd4 Merge branch 'fix/embeds-one-remoting' of https://github.com/fabien/loopback into fabien-fix/embeds-one-remoting 2015-04-02 08:41:49 -07:00
Miroslav Bajtoš 2aa09ba574 Add `loopback.runInContext`
Refactor the core implementation of current context from
server/middleware/context.js into server/current-context.js.

Expose new public API:
 - loopback.runInContext
 - loopback.createContext
2015-03-27 19:12:17 +01:00
Raymond Feng 548cb6ef94 Fix style issues 2015-03-27 08:59:11 -07:00
Esco Obong 1993338c0b Merge branch 'master' of https://github.com/strongloop/loopback 2015-03-25 16:45:58 -04:00
Fabien Franzen 93aefc36f5 Test embedsOne CRUD methods 2015-03-21 17:21:49 +01:00
Miroslav Bajtoš 65c14c1779 Add conflict resolution API
New methods:
  conflict.resolveUsingSource(cb)
  conflict.resolveUsingTarget(cb)
  conflict.resolveManually(data, cb)
2015-03-20 17:47:07 +01:00
Miroslav Bajtoš 911d8323b4 Merge pull request #1205 from strongloop/feature/custom-verify-token-generator
Add ability to pass in custom verification token generator
2015-03-20 08:56:59 +01:00
Miroslav Bajtoš 87940a4b58 Detect 3rd-party changes made during replication
Modify `Change.diff()` to include current data revision in each
delta reported back. The current data revision is stored in
`delta.prev`.

Modify `PersistedModel.bulkUpdate()` to check that the current data
revision matches `delta.prev` and report a conflict if a third party
has modified the database under our hands.

Fix `Change` implementation and tests so that they are no longer
attempting to create instances with duplicate ids.
(This used to work because the memory connector was silently
converting such requests to updateOrCreate/findOrCreate.)
2015-03-20 08:19:59 +01:00
jakerella 713001913e Ability to pass in custom verification token generator
This commit adds the ability for the developer to use a custom token generator function for the user.verify(...) method. By default, the system will still use the crypto.randomBytes() method if no option is provided.
2015-03-19 16:56:38 -04:00
Miroslav Bajtoš 91f59e1ccd Remove unnecessary delay in tests. 2015-03-19 08:00:37 +01:00
Esco Obong 551261ec16 fix linting errors 2015-03-13 18:30:53 -04:00