25ade96d27
Backport separate error checking and done logic
2016-05-06 14:07:38 -07:00
4d6f2e7ab7
update/insert copyright notices
2016-05-03 17:10:46 -07:00
9cde2a45be
Use the new remoting.authorization hook for check access
2015-05-12 15:33:05 -07:00
9f705139f8
Static ACL support array of properties now
2015-03-06 06:24:09 +08:00
c2236c393b
Upgrade jscs to ~1.11 via grunt-jscs ^1.5
2015-02-20 15:31:15 +01:00
563a06fa7e
Make sure EXECUTE access type matches READ or WRITE
...
See https://github.com/strongloop/loopback/issues/1011
2015-01-14 13:38:44 -08:00
36e1f6840c
fix jscs errors
2014-11-21 03:35:36 +01:00
918497c365
singlequote, semicolon & /*jshint -W030 */
2014-11-21 02:46:21 +01:00
242b44ed2b
Skip static ACL entries that don't match the property
2014-10-13 16:45:36 -07:00
1fe0110849
Dismantle `lib/models`.
...
- Move core models `Model` and `PersistedModel` to `lib/`.
- Move `AccessContext` class to `lib/`, since it is not a model.
- Move all other built-in models to `common/models`.
This is a preparation for extracting model definitions to JSON files.
By splitting the change into multiple commits, git is able to keep track
of file moves (renames).
2014-10-13 12:09:27 +02:00
d21669b844
Merge branch 'master' into 2.0
...
Conflicts:
docs.json
lib/application.js
lib/loopback.js
lib/models/data-model.js
lib/models/model.js
lib/models/user.js
lib/registry.js
package.json
test/app.test.js
2014-06-13 10:09:25 +02:00
ea5b9d16fc
Rename DataModel to PersistedModel
2014-06-05 09:56:00 +02:00
fea1cee1c4
!fixup only set ctx.accessType when sharedMethod is available
2014-06-02 14:41:08 -07:00
a2f931ed3f
Refactor ACL to allow for `methodNames` / aliases
2014-06-02 14:41:08 -07:00
18fd61a546
Merge branch 'master' into 2.0
2014-05-28 18:41:36 +02:00
ed0b568542
Fix the test for mocha 1.19.0
...
See 6c705cd4d4
2014-05-26 21:52:48 -07:00
d237ae5ddb
Merge latest from master
2014-05-20 14:31:09 -07:00
ae2fb9dea0
!fixup use DataModel instead of Model for all data based models
2014-05-02 20:15:01 -07:00
921e35954d
Rename the method so that it won't conflict with Model.checkAccess
...
See https://github.com/strongloop/loopback/issues/239
2014-04-21 11:13:03 -07:00
328a72ac91
Improve the ACL matching algorithm
...
See https://github.com/strongloop/loopback-example-access-control/issues/8
2014-03-19 15:09:20 -07:00
a6ff22c9c1
Make sure defaultPermission is checked
2014-01-16 15:05:10 -08:00
939df463fe
Fix tests depending on old behavior of default User ACLs
2013-12-17 21:10:05 -08:00
97dc0aa441
Refactor to the code use wrapper classes
...
Add AccessContext, Principal, and AccessRequest
Add debug information
2013-12-11 16:03:48 -08:00
82eeaeee6b
Fix the algorithm for Role.isInRole and ACL.checkAccess
2013-12-10 23:33:57 -08:00
7f51c28539
Fix the ACL resolution against rules by matching score
2013-12-09 15:26:53 -08:00
bee8a3b022
Add checkAccess for subject and token
2013-11-20 13:43:01 -08:00
da0545bed6
Initial auto wiring for model dataSources
2013-11-18 16:13:40 -08:00
8381b05da1
Allows LDL level ACLs
2013-11-15 09:41:26 -08:00
8e679d0927
Fix the permission resolution
2013-11-14 21:19:57 -08:00
94f12d0fce
Fix the permission check
2013-11-14 21:19:57 -08:00
660ef89755
Merge ScopeACL into ACL
2013-11-14 21:19:56 -08:00
c3a1a85159
Add constants and more tests
2013-11-14 21:19:56 -08:00
48a0242711
Define the models/relations for ACL
2013-11-14 21:19:56 -08:00
67b934357b
Start to build the ACL models
2013-11-14 21:19:56 -08:00
Simon Ho
Ryan Graham
Ritchie Martori
ulion
Miroslav Bajtoš
Raymond Feng
Rob Halff