Commit Graph

2111 Commits

Author SHA1 Message Date
ebarault f0e70dd8a9 Fix Role.isOwner() for multiple user models
Fix `Role.isOwner()` to check both principalId and principalType.
This fixes a bug where users from different User model were treated
as owners as long as their user id was the same as owner's id.
2017-02-17 11:19:07 +01:00
Simon Ho 0dbfe8970f Update ISSUE_TEMPLATE.md 2017-02-14 10:17:43 -08:00
Miroslav Bajtoš 88c38e7ff8 Merge pull request #3196 from strongloop/upgrade-supertest
Upgrade supertest to 3.x
2017-02-09 16:37:30 +01:00
Miroslav Bajtoš a80f844e88 Upgrade supertest to 3.x
Also fix tests relying on internal supertest API to keep working with
then new supertest internals after the upgrade.
2017-02-09 16:17:10 +01:00
Miroslav Bajtoš d80957819a Merge pull request #3185 from strongloop/fix/hash-path-in-redirect
Fix creation of verification links
2017-02-09 13:30:58 +01:00
Miroslav Bajtoš ea05a2c4dc Fix creation of verification links
Fix User.prototype.verify to call `querystring.stringify` instead
of concatenating query-string components directly.

In particular, this fixes the bug where `options.redirect` containing
a hash fragment like `#/home?arg1=value1&arg2=value2` produced incorrect
URL, because the `redirect` value was not correctly encoded.
2017-02-06 12:39:21 +01:00
Miroslav Bajtoš 304ecc4784 Merge pull request #2971 from ebarault/enable-multiple-user-models
Enable multiple user models inheriting from base class User
2017-02-02 10:03:01 +01:00
Eric 9fe084fffd Enable multiple user models
Allow LoopBack applications to configure multiple User models and share
the same AccessToken model.

To enable this feature:

1) In your custom AccessToken model:

 - add a new property "principalType" of type "string".
 - configure the relation "belongsTo user" as polymorphic,
   using "principalType" as the discriminator

2) In your User models:

 - Configure the "hasMany accessTokens" relation as polymorphic,
   using "principalType" as the discriminator

When creating custom Role and Principal instances, set your
User model's name as the value of "prinicipalType".
2017-02-02 09:42:30 +01:00
Miroslav Bajtoš 798ebfba81 Merge pull request #3174 from strongloop/fix/juggler-in-karma
Babelify juggler for Karma tests
2017-02-01 14:22:08 +01:00
Miroslav Bajtoš 5b404cad6c Babelify juggler for Karma tests
Fix configuration of Karma:

 - Disable ES6 modules. The ES6 module transpiler is adding
  "use strict" to all source files, this breaks e.g. chai or juggler
 - Relax "ignore" setting to exclude only strong-task-emitter,
   thus bring back Babel transpilation for chai and juggler.
2017-02-01 14:00:43 +01:00
Miroslav Bajtoš db3c7b6dbd Merge pull request #3173 from strongloop/fix/strong-remoting-in-karma
Fix Karma config to babelify node_modules too
2017-02-01 12:46:18 +01:00
Miroslav Bajtoš 3c209ee1de Fix Karma config to babelify node_modules too
Before this change, dependencies in node_modules (e.g. strong-remoting)
were not transformed to ES5 and thus crashed the tests in PhantomJS.

Note that loopback-datasource-juggler cannot be babelified to ES5
because it does not correctly support strict mode yet.
2017-02-01 12:27:42 +01:00
Miroslav Bajtoš 76dd35e1d8 Merge pull request #3169 from ebarault/feature/promisify-role-mapping
Add promise support to built-in model RoleMapping
2017-02-01 10:29:50 +01:00
Miroslav Bajtoš e19c0dd974 Merge pull request #3165 from strongloop/enable/coveralls
Add nyc coverage, report data to coveralls.io
2017-02-01 10:11:58 +01:00
ebarault ceceb44e78 Add promise support to built-in model RoleMapping 2017-02-01 09:51:43 +01:00
Miroslav Bajtoš c099d8c731 Merge pull request #3163 from ebarault/feature/promisify-acl
Add promise support to built-in model ACL
2017-01-31 14:54:26 +01:00
Miroslav Bajtoš dcb2f159ec Merge pull request #3160 from strongloop/fix/token-invalidation-on-save
Preserve sessions on User.save() making no changes
2017-01-31 14:38:48 +01:00
ebarault a63fad402e Add promise support to built-in model ACL 2017-01-31 14:09:43 +01:00
Miroslav Bajtoš 7eeadc4289 Add nyc coverage, report data to coveralls.io 2017-01-31 14:09:02 +01:00
Miroslav Bajtoš c7e0a15a44 Merge pull request #3166 from strongloop/upgrade/eslint-config
Upgrade eslint config, fix linter errors
2017-01-31 14:08:31 +01:00
Miroslav Bajtoš 3b17a0cf5c Upgrade eslint config, fix linter errors 2017-01-31 13:44:32 +01:00
Miroslav Bajtoš bb939bec07 Merge pull request #3161 from strongloop/fix/role-properties
Add missing type to Role properties definition
2017-01-30 16:08:33 +01:00
David Hernandez c072d0695d Add missing type to Role properties definition
Fix "created" and "modified" to be defined with type "date".
2017-01-30 11:37:33 +01:00
Miroslav Bajtoš 5fd79b14f4 Merge pull request #3146 from strongloop/feature/promisify-role
Promise-ify built-in Role model
2017-01-30 11:32:28 +01:00
Miroslav Bajtoš 8f80aecc1f Preserve sessions on User.save() making no changes 2017-01-30 11:30:05 +01:00
Miroslav Bajtoš 5607460854 Merge pull request #3149 from strongloop/fix/es6-in-phantomjs
Enable ES6/ES2015 goodness
2017-01-30 09:36:02 +01:00
Miroslav Bajtoš 1d02e049b2 Merge pull request #1496 from strongloop/fix/logout-without-token
Fail with "401 Unauthorized" when token is not provided to User.logout()
2017-01-30 09:23:12 +01:00
Ritchie Martori d45c1ae7bb Fix logout to handle no or missing accessToken
Return 401 when the request does not provide any accessToken argument
or the token was not found.

Also simplify the implementation of the `logout` method to make only
a single database call (`deleteById`) instead of `findById` + `delete`.
2017-01-30 08:56:18 +01:00
Miroslav Bajtoš 0fd8f8af72 Promise-ify built-in Role model 2017-01-27 17:16:59 +01:00
Miroslav Bajtoš 82d6ede086 Merge pull request #3150 from strongloop/remove/forgotten-jscsrc
Remove .jscsrc that's no longer used
2017-01-27 16:06:14 +01:00
Miroslav Bajtoš 19c3b47c4b Remove .jscsrc that's no longer used 2017-01-27 15:23:59 +01:00
Miroslav Bajtoš be8dd0ded8 Enable ES6/ES2015 goodness
- Remove ES5 parser exception from .eslintrc
 - Configure Karma to use Babel to transpile ES6 sources to ES5,
   because PhantomJS does not support ES6
 - Upgrade es5-shim to es6-shim
2017-01-27 11:31:57 +01:00
Miroslav Bajtoš 450aa84ae8 Merge pull request #3138 from strongloop/fix/language-in-tests
Use English when running Mocha tests
2017-01-27 11:24:52 +01:00
Miroslav Bajtoš 78f8b9124a Remove test/support.js from karma config
The file no longer exists.
2017-01-26 10:11:08 +01:00
Miroslav Bajtoš 93ab8644c4 Use English when running Mocha tests 2017-01-26 10:11:08 +01:00
Miroslav Bajtoš dfa1f6035b Merge pull request #3107 from benkroeger/master
Role model: resolve related models by name
2017-01-25 10:48:15 +01:00
Simon Ho 035f4d095b Merge pull request #3131 from strongloop/update-issue-template
Update ISSUE_TEMPLATE
2017-01-23 11:17:08 -08:00
Simon Ho c6427065be Update ISSUE_TEMPLATE
- Minor formatting edits to reduce scrolling
- Clean up sentence in the last comment
2017-01-23 10:26:50 -08:00
Miroslav Bajtoš 4c9c6236e3 Merge pull request #3074 from ariskemper/fix_user_id
Fix User model to handle custom PK name
2017-01-23 09:43:19 +01:00
Rand McKinney 9a1f86baef Merge pull request #3126 from joesepi/updatereadme
Updating README to show loopback-cli and remove arc mention
2017-01-20 14:21:37 -08:00
Joe Sepi 746265b393 Updating README - add cli and remove arc 2017-01-20 17:15:01 -05:00
Aris Kemper efd8237dc6 Fix User methods to use correct Primary Key
Do not use hard-coded "id" property name, call `idName()` to get the
name of the PK property.
2017-01-20 16:24:59 +01:00
Miroslav Bajtoš a7d93f32b5 Merge pull request #3120 from strongloop/fix/user-reset-password
Fix User.resetPassword to call createAccessToken()
2017-01-20 10:58:31 +01:00
João Ribeiro e63fea83f7 Fix User.resetPassword to call createAccessToken()
This allows User subclasses to override the algorithm used for building
one-time access tokens for password recovery.
2017-01-19 16:27:22 +01:00
Benjamin Kroeger a6d511d8b4 Role model: resolves related models by name
Resolve models related to the `Role` model by name instead of class.
2017-01-16 15:48:24 +01:00
Miroslav Bajtoš ff53933085 3.2.1
* Preserve current session when invalidating tokens (Miroslav Bajtoš)
 * Clean up access-token-invalidation tests (Miroslav Bajtoš)
 * Update docs.json (Rand McKinney)
 * Simplify issue template (#3083) (Simon Ho)
 * Warn about injectOptionsFromRemoteContext (Miroslav Bajtoš)
2017-01-16 12:01:47 +01:00
Miroslav Bajtoš 4ffe5fe17f Merge pull request #3098 from strongloop/preserve-current-access-token
Preserve current session when invalidating access tokens
2017-01-16 10:35:39 +01:00
Miroslav Bajtoš e17cc3d23a Preserve current session when invalidating tokens
Fix User model to preserve the current session (provided via
"options.accessToken") when invalidating access tokens after a change
of email or password property.
2017-01-16 10:08:30 +01:00
Miroslav Bajtoš 24bb15233d Clean up access-token-invalidation tests 2017-01-16 10:08:30 +01:00
Miroslav Bajtoš 3946462828 Merge pull request #3097 from strongloop/remove-context-api-doc
Update docs.json
2017-01-13 14:28:29 +01:00