0632f52411
Remove reload method body
2014-03-27 14:47:29 -07:00
dcdbef861e
Add Remote connector
2014-03-27 14:47:29 -07:00
ef7b724375
Initial client-server example
2014-03-27 14:47:29 -07:00
e52dbe2fb5
fix to enable ACL for confirm link sent by email
2014-03-23 21:06:22 -04:00
5b50a99eb3
Add hidden property support to models
2014-03-21 12:53:04 -07:00
c521b3c386
Allow app.model() to accept a DataSource instance
2014-03-21 12:18:00 -07:00
de5d0b8949
Make verifications url safe
2014-03-21 12:02:11 -07:00
aaaa28d569
Add more comments
2014-03-19 16:24:50 -07:00
328a72ac91
Improve the ACL matching algorithm
...
See https://github.com/strongloop/loopback-example-access-control/issues/8
2014-03-19 15:09:20 -07:00
32a9131004
Pause the req before checking access
...
See https://github.com/strongloop/loopback-storage-service/issues/7
2014-03-17 14:40:05 -07:00
f031e79392
Remove the generated flag as the id is set by the before hook
2014-03-17 10:01:29 -07:00
c80b334130
Improvements to JSDoc comments
2014-03-14 10:28:31 -07:00
9fb3f3313a
Fixes to JSDoc for API docs
2014-03-13 17:25:21 -07:00
533daf4040
Remove oauth2 models as they will be packaged in a separate module
2014-03-11 22:37:54 -07:00
57ff242308
Minor doc fix
2014-03-10 18:05:44 -07:00
89aa3595f5
Set the correct status code for User.login
...
See https://github.com/strongloop/loopback/issues/118
2014-02-28 13:19:52 -08:00
42c9777de3
using base64 caused an occasional token string to contain '+' which resulted in a space being embedded in the token. 'hex' should always produce a url safe string for the token.
2014-02-25 22:14:32 -05:00
2f301e315a
Sending email was missing the from field
2014-02-23 21:08:13 -05:00
4e437586ed
Merge pull request #192 from strongloop/fix/port-zero
...
Remove coercion from port check
2014-02-21 10:08:27 -08:00
37646fa008
Allows options to be passed to strong-remoting
2014-02-19 15:14:31 -08:00
088c2e2296
Merge fixup
2014-02-19 14:11:16 -08:00
138821cf8b
Merge package.json and lib/loopback.js
2014-02-19 11:44:44 -08:00
500703e1fb
Remove coercion from port check
2014-02-18 16:54:40 -08:00
b466bb96c8
The simplest possible solution for clearing the handler cache when registering a model.
2014-02-18 17:40:35 -03:00
46b579dc4a
Make sure User/AccessToken relations are set up by default
...
User.login assumes the relation User.accessTokens exists
2014-02-14 10:31:30 -08:00
e7f64a3abf
Add karma for running browser tests
2014-02-12 10:17:02 -08:00
c216ba03c1
Documentation (generated) fix
2014-02-11 19:14:04 +01:00
618b563c6e
Use hex encoding for application ids/keys
...
base64 encoded ids/keys are not friendly for urls
2014-02-07 11:14:01 -08:00
867e3ca996
fixup! Assert model exists
2014-02-05 15:32:38 -08:00
0bf7af104d
fixup! rename Change.track => rectifyModelChanges
2014-02-05 15:27:58 -08:00
38f4748021
Add app.isAuthEnabled.
...
The flag is set by `app.enableAuth` and can be used to detect
whether the access control is enabled.
2014-02-05 18:46:22 +01:00
b13ff35697
Make app.models unique per app instance
...
Remove a source of confusion in unit-tests.
2014-02-04 20:28:19 +01:00
592f3f9278
Make sure the configured ACL submodel is used
2014-02-03 16:00:01 -08:00
13f67385d0
Add model tests
2014-01-30 14:20:34 -08:00
ab8d1ae109
Add replication example
2014-01-30 14:20:34 -08:00
e3d80058dc
Add Checkpoint model and Model replication methods
2014-01-30 14:20:34 -08:00
cc49d675ce
Add Change model
2014-01-30 14:20:33 -08:00
c36e20587e
Merge pull request #163 from strongloop/feature/include-user-in-login-result
...
Include user in login result
2014-01-30 10:24:14 -08:00
c711b99b8a
Merge pull request #154 from strongloop/feature/debug-login-error
...
Add debug information for user.login
2014-01-30 10:13:26 -08:00
d6f0b5f5a6
Add `include=user` param to `User.login`
...
Allow LB clients to get details of the currently logged-in user
as part of the login response.
Improve method's `description` to mention this new option.
2014-01-30 18:09:54 +01:00
03cb2f0556
Describe `access_token` param of `User.logout`
...
Add an explicit note that clients are not supposed to send the
`access_token` parameter, since it is extracted from request
headers.
2014-01-30 18:09:54 +01:00
57796a41cd
Remove the generated flag for access token id
...
The generated flag is used to indicate if the id is automatically generated
by the backend store. If it's set, the data type will be updated when the
model is attached to a datasource.
The AccessToken model defines a string id, which is set in the beforeCreate
hook. So it's client provided id.
2014-01-30 09:02:12 -08:00
a0e595dce8
Add model tests
2014-01-28 14:46:16 -08:00
2582c3fc65
Add replication example
2014-01-28 12:54:41 -08:00
938cafeb77
Remove message prefix as debug will print it
2014-01-27 14:47:48 -08:00
c35f762d4e
Add debug information for user.login
2014-01-27 14:31:38 -08:00
20766e251a
Add loopback.compat to simplify upgrade to 1.6
...
Add a compatibility layer that allows applications based on LB pre-v1.6
to work with 1.6 versions with a minimum amount of changes required.
New flag(s):
compat.usePluralNamesForRemoting
2014-01-27 10:29:57 +01:00
8bb8861ba1
Register exported models using singular names
...
Remove the inconsistency between model names used by LoopBack app and
datasource-juggler (modelName, e.g. User) and the name used by
strong-remoting (pluralModelName, e.g. Users).
This way the class name in the strong-remoting metadata can be used
by client-code generators. Before this change, the generators would
produce method names like `Users.login`.
2014-01-27 10:29:57 +01:00
54bff35fef
User: use User.http.path
...
Use the new property introduced by a recent change in
loopback-datasource-juggler instead of building the URL
manually from pluralModelName.
2014-01-27 10:29:57 +01:00
1a13a8d95e
Add Checkpoint model and Model replication methods
2014-01-26 14:02:56 -08:00
4be3395298
Add Change model
2014-01-26 13:20:19 -08:00
5586c54c49
Fix the Role ref to RoleMapping
2014-01-23 15:04:48 -08:00
224b500c3a
Fix the Scope reference to models
2014-01-23 14:46:02 -08:00
bb389ce209
Lookup the email model
2014-01-23 14:40:27 -08:00
bcc7e68e0e
Add lookback.getModelByType() and use it resolve model deps
2014-01-23 14:39:27 -08:00
a43d6004c1
Fix race condition where MyEmail model was not attached to the correct dataSource in tests
2014-01-23 14:25:54 -08:00
d6a4230aed
Fix the method args
2014-01-21 16:41:48 -08:00
a5242a3b77
Fix the typo for the method name
2014-01-21 16:35:28 -08:00
8a114c635f
Prevent autoAttach from overriding existing data source
2014-01-20 14:32:47 -08:00
5a6155e08e
Clean up loopback.js doc and add it to docs.json
2014-01-17 10:40:41 -08:00
32bdce53ee
Fix the jsdoc for loopback.getModel()
2014-01-17 10:23:59 -08:00
a6ff22c9c1
Make sure defaultPermission is checked
2014-01-16 15:05:10 -08:00
7212ebe805
Remove the dangling require
2014-01-16 09:12:52 -08:00
d8647bb3c1
Make ACL model subclassing friendly
2014-01-16 08:50:50 -08:00
e6cdeb5cd4
Improve jsdox documentation of app object
...
Remove docs/api-app.md and docs/api.md, as they are no longer referenced
from docs.json.
Add few missing bits from docs/api-app.md to lib/application.js
comments.
2014-01-15 08:44:49 +01:00
c8eb5d9170
Make sure methods are called in the context of the calling class
2014-01-14 15:34:44 -08:00
9fc8e197ee
Start to move md to jsdoc
2014-01-14 10:03:47 -08:00
8573d01c16
Replace `on` with `once` in middleware examples
...
Fix the jsdox for `app.installMiddleware` to use `app.once` for
listening on 'middleware:*' events.
The previous doc version using `on` was a sort of preliminary
pessimisation, becase the event handlers would stay in the heap
for the whole life-time of the app, even though they won't be called
more than once.
2014-01-14 08:07:47 +01:00
57813cef56
Merge pull request #133 from strongloop/feature/app-install-middleware
...
Implement app.installMiddleware
2014-01-13 21:58:11 -08:00
9668692406
Merge pull request #136 from strongloop/fix/mail-transports
...
Fix incorrect transports
2014-01-13 20:03:25 -08:00
92eaa383f3
Fix incorrect transports
2014-01-13 19:04:21 -08:00
45e5641055
Merge pull request #130 from strongloop/fix/mail-transports
...
Fix/mail transports
2014-01-13 18:36:42 -08:00
ed81bdb6b8
Implement app.installMiddleware
...
The implementation is mostly a copy of
loopback-workspace/templates/app.js
2014-01-13 17:26:24 +01:00
914ac2dcc9
Implement `app.listen`
...
The method starts a http server on the host & port configured
in the app config.
2014-01-13 09:12:54 +01:00
80b4482c31
Provide sane default for email connector transports
2014-01-10 10:45:26 -08:00
7e1810a1ad
Add an empty transportsIndex to the mail connector by default
2014-01-10 10:18:21 -08:00
6bb0ba2d95
Add missing assert in user model
2014-01-10 10:07:39 -08:00
92896a441c
Add app.restApiRoot setting
...
Allow loopback users to configure API root via config file, instead of
editing app.js generated by loopback-workspace.
Allow loopback plugins to discover the path where the REST adapter is
mounted.
2014-01-07 16:05:48 +01:00
fcc4bba82d
Add reference documentation using sdocs
2013-12-19 17:49:47 -08:00
a47317de0d
Update README for application model
2013-12-19 13:42:12 -08:00
981bdd4c81
app.boot() now loads the "boot" directory
2013-12-18 21:41:41 -08:00
16b790a93a
Merge pull request #102 from strongloop/fix/user
...
Various Fixes and Behavioral Changes to the User Model
2013-12-18 21:34:30 -08:00
ac2f4de9d3
Remove the default values for gateway/port
2013-12-18 12:28:48 -08:00
598b1e6b61
Reformat the code using 2 space identation
2013-12-18 11:49:09 -08:00
95ad3e8c04
Allow cert/key data to be shared by push/feedback
2013-12-18 10:58:34 -08:00
98ed38302a
Logout now automatically pulls the accessToken from the request
2013-12-17 21:22:05 -08:00
939df463fe
Fix tests depending on old behavior of default User ACLs
2013-12-17 21:10:05 -08:00
3152960336
Add default user ACLs
2013-12-17 20:42:28 -08:00
d09e3225cd
Define schema for GCM push-notification settings
...
Remove unused property PushNotificationSettingSchema.platform.
Flatten GCM settings schema. There is no need to distinquish between
pushOptions and feedback, as there is only single HTTP channel shared
by both.
2013-12-17 18:44:13 +01:00
0794f141c1
Improve debug statements for access control
2013-12-16 18:12:13 -08:00
5a154072a1
Merge pull request #96 from strongloop/feature/config
...
Make all app config values available from `app.get()`
2013-12-12 16:01:43 -08:00
591ed86444
Merge pull request #97 from strongloop/bug/check-access
...
Dont attempt access checking on models without a check access method
2013-12-12 16:01:33 -08:00
4619a143f5
Dont attempt access checking on models without a check access method
2013-12-11 19:46:56 -08:00
ea7c9216d7
App config settings are now available from app.get()
2013-12-11 19:31:16 -08:00
b62b8fa47d
Fix user not allowed to delete itself if user
...
**Note: the only code required for the fix is in role.js:203**. The
other changes are to help organize debug output.
2013-12-11 19:15:19 -08:00
ad58a8ec13
Only look at cookies if they are available
2013-12-11 16:43:23 -08:00
0f86f69880
Remove the empty comment and set default token
2013-12-11 16:21:37 -08:00
97dc0aa441
Refactor to the code use wrapper classes
...
Add AccessContext, Principal, and AccessRequest
Add debug information
2013-12-11 16:03:48 -08:00
178674ec9a
Enhance getRoles() to support smart roles
2013-12-11 09:06:21 -08:00
82eeaeee6b
Fix the algorithm for Role.isInRole and ACL.checkAccess
2013-12-10 23:33:57 -08:00
4560ec0964
Various ACL fixes
2013-12-10 21:49:18 -08:00
b0f51e20f7
Add user default ACLs
2013-12-10 19:43:59 -08:00
dfcb43e613
Allow requests without auth tokens
2013-12-10 15:57:55 -08:00
e7cc30ee03
Fix base class not being actual base class
2013-12-09 17:11:01 -08:00
7f51c28539
Fix the ACL resolution against rules by matching score
2013-12-09 15:26:53 -08:00
af2b8dd4ff
Merge feature/password-reset
2013-12-06 17:35:14 -08:00
216fee3015
Add access type checking
2013-12-06 17:04:47 -08:00
bc27f07472
Add Model.requireToken for disabling token requirement
2013-12-06 12:09:52 -08:00
4c69af5ae2
Add Model.requireToken, default swagger to false
2013-12-06 12:00:18 -08:00
68ef03e944
SLA-725 support PORT and HOST environment for PaaS support
2013-12-05 20:00:09 -08:00
0987adfd5f
Merge pull request #64 from strongloop/auth
...
Initial auth implementation
2013-12-02 17:20:42 -08:00
5cd71cee6b
Use loopback.AccessToken as default
2013-12-02 17:16:43 -08:00
2c36935404
Fix missing assert
2013-12-02 16:37:42 -08:00
2f9403016c
Initial auth implementation
2013-11-22 12:26:59 -08:00
52b1588152
Merge pull request #74 from strongloop/acl
...
More ACL features
2013-11-20 14:30:40 -08:00
e92c46a4e4
Add password reset
2013-11-20 14:20:47 -08:00
aaa8423257
Fix minor autoWiring bugs
2013-11-20 14:18:54 -08:00
344c74297c
Add unauthenticated role
2013-11-20 13:43:02 -08:00
bee8a3b022
Add checkAccess for subject and token
2013-11-20 13:43:01 -08:00
2c7c5fc7ec
Start to support smart roles such as owner
2013-11-20 13:43:01 -08:00
3753c15b71
Merge pull request #71 from strongloop/feature/status-middleware
...
Add status middleware
2013-11-19 13:15:57 -08:00
e5a55846e8
Merge pull request #69 from strongloop/datasource-auto-wiring
...
Initial auto wiring for model dataSources
2013-11-19 13:11:54 -08:00
fd7dd7e4a2
Add status middleware
2013-11-19 12:54:30 -08:00
9db8a7a25f
Auto attach all models created
2013-11-19 12:23:02 -08:00
7d60b2dea6
Add loopback.urlNotFound() middleware.
...
The middleware should be used as the last 3-parameter middleware (regular
request handles) before any 4-parameter middleware (error handlers).
This way a request to an URL not handled by any middleware is converted to
a 404 error that can be handled by whatever error handling strategy is
configured in the application.
See senchalabs/connect#954 for more details.
2013-11-19 20:27:49 +01:00
178e5dab30
Remove .attachTo() from tests
2013-11-19 11:02:43 -08:00
da0545bed6
Initial auto wiring for model dataSources
2013-11-18 16:13:40 -08:00
ec58237f8a
Add public flag checking
2013-11-18 12:52:00 -08:00
9fddbc3834
Switch to modelBuilder
2013-11-15 11:16:20 -08:00
44dfe34647
Allow ACLs for methods/relations
2013-11-15 10:08:49 -08:00
8381b05da1
Allows LDL level ACLs
2013-11-15 09:41:26 -08:00
8e679d0927
Fix the permission resolution
2013-11-14 21:19:57 -08:00
cc7560b258
Simplify check permission
2013-11-14 21:19:57 -08:00
94f12d0fce
Fix the permission check
2013-11-14 21:19:57 -08:00
be3c40c3d3
Add oauth2 related models
2013-11-14 21:19:56 -08:00
be32341467
Add a stub to register role resolvers
2013-11-14 21:19:56 -08:00
660ef89755
Merge ScopeACL into ACL
2013-11-14 21:19:56 -08:00
0430cd2ae3
Add tests for isInRole and getRoles
2013-11-14 21:19:56 -08:00
c3a1a85159
Add constants and more tests
2013-11-14 21:19:56 -08:00
48a0242711
Define the models/relations for ACL
2013-11-14 21:19:56 -08:00
67b934357b
Start to build the ACL models
2013-11-14 21:19:56 -08:00
492aca7724
Update acl/role models
2013-11-14 21:19:56 -08:00
f9849454e9
Update ACL model
2013-11-14 21:19:09 -08:00
1de2a40e88
Update AccessToken and User relationship
...
- Add created default
- Default TTLs for user login access tokens
- Break out User / AccessToken relationship
2013-11-14 19:41:29 -08:00
efce5039f6
Added AccessToken created property
2013-11-14 16:47:24 -08:00
1bb95607b9
Update session / token documentation
2013-11-14 15:42:37 -08:00
64d8ff986b
Add loopback.token() middleware
2013-11-14 13:01:47 -08:00
77a137eca6
Rename Session => AccessToken
2013-11-14 10:05:13 -08:00
77e842d2a3
Fix bundle model name casing
2013-11-11 13:35:54 -08:00
a00645dd83
Merge pull request #53 from strongloop/apns
...
Update Application model for the push notification
2013-11-06 11:50:56 -08:00
Ritchie Martori
Doug Toppin
Raymond Feng
crandmck
Doug Toppin
Ryan Graham
Guilherme Cirne
Aurelien Chivot
Miroslav Bajtoš
Miroslav Bajtoš
Raymond Feng