Commit Graph

275 Commits

Author SHA1 Message Date
Ritchie Martori 57ff242308 Minor doc fix 2014-03-10 18:05:44 -07:00
Raymond Feng 89aa3595f5 Set the correct status code for User.login
See https://github.com/strongloop/loopback/issues/118
2014-02-28 13:19:52 -08:00
Doug Toppin 42c9777de3 using base64 caused an occasional token string to contain '+' which resulted in a space being embedded in the token. 'hex' should always produce a url safe string for the token. 2014-02-25 22:14:32 -05:00
Doug Toppin 2f301e315a Sending email was missing the from field 2014-02-23 21:08:13 -05:00
Ritchie Martori 4e437586ed Merge pull request #192 from strongloop/fix/port-zero
Remove coercion from port check
2014-02-21 10:08:27 -08:00
Raymond Feng 37646fa008 Allows options to be passed to strong-remoting 2014-02-19 15:14:31 -08:00
Ryan Graham 088c2e2296 Merge fixup 2014-02-19 14:11:16 -08:00
Ritchie Martori 138821cf8b Merge package.json and lib/loopback.js 2014-02-19 11:44:44 -08:00
Ritchie Martori 500703e1fb Remove coercion from port check 2014-02-18 16:54:40 -08:00
Guilherme Cirne b466bb96c8 The simplest possible solution for clearing the handler cache when registering a model. 2014-02-18 17:40:35 -03:00
Raymond Feng 46b579dc4a Make sure User/AccessToken relations are set up by default
User.login assumes the relation User.accessTokens exists
2014-02-14 10:31:30 -08:00
Ritchie Martori e7f64a3abf Add karma for running browser tests 2014-02-12 10:17:02 -08:00
Aurelien Chivot c216ba03c1 Documentation (generated) fix 2014-02-11 19:14:04 +01:00
Raymond Feng 618b563c6e Use hex encoding for application ids/keys
base64 encoded ids/keys are not friendly for urls
2014-02-07 11:14:01 -08:00
Miroslav Bajtoš 38f4748021 Add app.isAuthEnabled.
The flag is set by `app.enableAuth` and can be used to detect
whether the access control is enabled.
2014-02-05 18:46:22 +01:00
Miroslav Bajtoš b13ff35697 Make app.models unique per app instance
Remove a source of confusion in unit-tests.
2014-02-04 20:28:19 +01:00
Raymond Feng 592f3f9278 Make sure the configured ACL submodel is used 2014-02-03 16:00:01 -08:00
Miroslav Bajtoš c36e20587e Merge pull request #163 from strongloop/feature/include-user-in-login-result
Include user in login result
2014-01-30 10:24:14 -08:00
Raymond Feng c711b99b8a Merge pull request #154 from strongloop/feature/debug-login-error
Add debug information for user.login
2014-01-30 10:13:26 -08:00
Miroslav Bajtoš d6f0b5f5a6 Add `include=user` param to `User.login`
Allow LB clients to get details of the currently logged-in user
as part of the login response.

Improve method's `description` to mention this new option.
2014-01-30 18:09:54 +01:00
Miroslav Bajtoš 03cb2f0556 Describe `access_token` param of `User.logout`
Add an explicit note that clients are not supposed to send the
`access_token` parameter, since it is extracted from request
headers.
2014-01-30 18:09:54 +01:00
Raymond Feng 57796a41cd Remove the generated flag for access token id
The generated flag is used to indicate if the id is automatically generated
by the backend store. If it's set, the data type will be updated when the
model is attached to a datasource.

The AccessToken model defines a string id, which is set in the beforeCreate
hook. So it's client provided id.
2014-01-30 09:02:12 -08:00
Raymond Feng 938cafeb77 Remove message prefix as debug will print it 2014-01-27 14:47:48 -08:00
Raymond Feng c35f762d4e Add debug information for user.login 2014-01-27 14:31:38 -08:00
Miroslav Bajtoš 20766e251a Add loopback.compat to simplify upgrade to 1.6
Add a compatibility layer that allows applications based on LB pre-v1.6
to work with 1.6 versions with a minimum amount of changes required.

New flag(s):
  compat.usePluralNamesForRemoting
2014-01-27 10:29:57 +01:00
Miroslav Bajtoš 8bb8861ba1 Register exported models using singular names
Remove the inconsistency between model names used by LoopBack app and
datasource-juggler (modelName, e.g. User) and the name used by
strong-remoting (pluralModelName, e.g. Users).

This way the class name in the strong-remoting metadata can be used
by client-code generators. Before this change, the generators would
produce method names like `Users.login`.
2014-01-27 10:29:57 +01:00
Miroslav Bajtoš 54bff35fef User: use User.http.path
Use the new property introduced by a recent change in
loopback-datasource-juggler instead of building the URL
manually from pluralModelName.
2014-01-27 10:29:57 +01:00
Raymond Feng 5586c54c49 Fix the Role ref to RoleMapping 2014-01-23 15:04:48 -08:00
Raymond Feng 224b500c3a Fix the Scope reference to models 2014-01-23 14:46:02 -08:00
Raymond Feng bb389ce209 Lookup the email model 2014-01-23 14:40:27 -08:00
Raymond Feng bcc7e68e0e Add lookback.getModelByType() and use it resolve model deps 2014-01-23 14:39:27 -08:00
Ritchie Martori a43d6004c1 Fix race condition where MyEmail model was not attached to the correct dataSource in tests 2014-01-23 14:25:54 -08:00
Raymond Feng d6a4230aed Fix the method args 2014-01-21 16:41:48 -08:00
Raymond Feng a5242a3b77 Fix the typo for the method name 2014-01-21 16:35:28 -08:00
Raymond Feng 8a114c635f Prevent autoAttach from overriding existing data source 2014-01-20 14:32:47 -08:00
Raymond Feng 5a6155e08e Clean up loopback.js doc and add it to docs.json 2014-01-17 10:40:41 -08:00
Raymond Feng 32bdce53ee Fix the jsdoc for loopback.getModel() 2014-01-17 10:23:59 -08:00
Raymond Feng a6ff22c9c1 Make sure defaultPermission is checked 2014-01-16 15:05:10 -08:00
Raymond Feng 7212ebe805 Remove the dangling require 2014-01-16 09:12:52 -08:00
Raymond Feng d8647bb3c1 Make ACL model subclassing friendly 2014-01-16 08:50:50 -08:00
Miroslav Bajtoš e6cdeb5cd4 Improve jsdox documentation of app object
Remove docs/api-app.md and docs/api.md, as they are no longer referenced
from docs.json.

Add few missing bits from docs/api-app.md to lib/application.js
comments.
2014-01-15 08:44:49 +01:00
Raymond Feng c8eb5d9170 Make sure methods are called in the context of the calling class 2014-01-14 15:34:44 -08:00
Ritchie Martori 9fc8e197ee Start to move md to jsdoc 2014-01-14 10:03:47 -08:00
Miroslav Bajtoš 8573d01c16 Replace `on` with `once` in middleware examples
Fix the jsdox for `app.installMiddleware` to use `app.once` for
listening on 'middleware:*' events.

The previous doc version using `on` was a sort of preliminary
pessimisation, becase the event handlers would stay in the heap
for the whole life-time of the app, even though they won't be called
more than once.
2014-01-14 08:07:47 +01:00
Miroslav Bajtoš 57813cef56 Merge pull request #133 from strongloop/feature/app-install-middleware
Implement app.installMiddleware
2014-01-13 21:58:11 -08:00
Ritchie Martori 9668692406 Merge pull request #136 from strongloop/fix/mail-transports
Fix incorrect transports
2014-01-13 20:03:25 -08:00
Ritchie Martori 92eaa383f3 Fix incorrect transports 2014-01-13 19:04:21 -08:00
Ritchie Martori 45e5641055 Merge pull request #130 from strongloop/fix/mail-transports
Fix/mail transports
2014-01-13 18:36:42 -08:00
Miroslav Bajtoš ed81bdb6b8 Implement app.installMiddleware
The implementation is mostly a copy of
    loopback-workspace/templates/app.js
2014-01-13 17:26:24 +01:00
Miroslav Bajtoš 914ac2dcc9 Implement `app.listen`
The method starts a http server on the host & port configured
in the app config.
2014-01-13 09:12:54 +01:00
Ritchie Martori 80b4482c31 Provide sane default for email connector transports 2014-01-10 10:45:26 -08:00
Ritchie Martori 7e1810a1ad Add an empty transportsIndex to the mail connector by default 2014-01-10 10:18:21 -08:00
Ritchie Martori 6bb0ba2d95 Add missing assert in user model 2014-01-10 10:07:39 -08:00
Miroslav Bajtoš 92896a441c Add app.restApiRoot setting
Allow loopback users to configure API root via config file, instead of
editing app.js generated by loopback-workspace.

Allow loopback plugins to discover the path where the REST adapter is
mounted.
2014-01-07 16:05:48 +01:00
Ritchie fcc4bba82d Add reference documentation using sdocs 2013-12-19 17:49:47 -08:00
Raymond Feng a47317de0d Update README for application model 2013-12-19 13:42:12 -08:00
Ritchie Martori 981bdd4c81 app.boot() now loads the "boot" directory 2013-12-18 21:41:41 -08:00
Ritchie Martori 16b790a93a Merge pull request #102 from strongloop/fix/user
Various Fixes and Behavioral Changes to the User Model
2013-12-18 21:34:30 -08:00
Raymond Feng ac2f4de9d3 Remove the default values for gateway/port 2013-12-18 12:28:48 -08:00
Raymond Feng 598b1e6b61 Reformat the code using 2 space identation 2013-12-18 11:49:09 -08:00
Raymond Feng 95ad3e8c04 Allow cert/key data to be shared by push/feedback 2013-12-18 10:58:34 -08:00
Ritchie Martori 98ed38302a Logout now automatically pulls the accessToken from the request 2013-12-17 21:22:05 -08:00
Ritchie Martori 939df463fe Fix tests depending on old behavior of default User ACLs 2013-12-17 21:10:05 -08:00
Ritchie Martori 3152960336 Add default user ACLs 2013-12-17 20:42:28 -08:00
Miroslav Bajtoš d09e3225cd Define schema for GCM push-notification settings
Remove unused property PushNotificationSettingSchema.platform.

Flatten GCM settings schema. There is no need to distinquish between
pushOptions and feedback, as there is only single HTTP channel shared
by both.
2013-12-17 18:44:13 +01:00
Ritchie Martori 0794f141c1 Improve debug statements for access control 2013-12-16 18:12:13 -08:00
Ritchie Martori 5a154072a1 Merge pull request #96 from strongloop/feature/config
Make all app config values available from `app.get()`
2013-12-12 16:01:43 -08:00
Ritchie Martori 591ed86444 Merge pull request #97 from strongloop/bug/check-access
Dont attempt access checking on models without a check access method
2013-12-12 16:01:33 -08:00
Ritchie Martori 4619a143f5 Dont attempt access checking on models without a check access method 2013-12-11 19:46:56 -08:00
Ritchie Martori ea7c9216d7 App config settings are now available from app.get() 2013-12-11 19:31:16 -08:00
Ritchie Martori b62b8fa47d Fix user not allowed to delete itself if user
**Note: the only code required for the fix is in role.js:203**. The
other changes are to help organize debug output.
2013-12-11 19:15:19 -08:00
Ritchie Martori ad58a8ec13 Only look at cookies if they are available 2013-12-11 16:43:23 -08:00
Raymond Feng 0f86f69880 Remove the empty comment and set default token 2013-12-11 16:21:37 -08:00
Raymond Feng 97dc0aa441 Refactor to the code use wrapper classes
Add AccessContext, Principal, and AccessRequest
Add debug information
2013-12-11 16:03:48 -08:00
Raymond Feng 178674ec9a Enhance getRoles() to support smart roles 2013-12-11 09:06:21 -08:00
Raymond Feng 82eeaeee6b Fix the algorithm for Role.isInRole and ACL.checkAccess 2013-12-10 23:33:57 -08:00
Ritchie Martori 4560ec0964 Various ACL fixes 2013-12-10 21:49:18 -08:00
Ritchie Martori b0f51e20f7 Add user default ACLs 2013-12-10 19:43:59 -08:00
Ritchie Martori dfcb43e613 Allow requests without auth tokens 2013-12-10 15:57:55 -08:00
Ritchie Martori e7cc30ee03 Fix base class not being actual base class 2013-12-09 17:11:01 -08:00
Raymond Feng 7f51c28539 Fix the ACL resolution against rules by matching score 2013-12-09 15:26:53 -08:00
Ritchie Martori af2b8dd4ff Merge feature/password-reset 2013-12-06 17:35:14 -08:00
Ritchie Martori 216fee3015 Add access type checking 2013-12-06 17:04:47 -08:00
Ritchie Martori bc27f07472 Add Model.requireToken for disabling token requirement 2013-12-06 12:09:52 -08:00
Ritchie Martori 4c69af5ae2 Add Model.requireToken, default swagger to false 2013-12-06 12:00:18 -08:00
Ritchie 68ef03e944 SLA-725 support PORT and HOST environment for PaaS support 2013-12-05 20:00:09 -08:00
Ritchie Martori 0987adfd5f Merge pull request #64 from strongloop/auth
Initial auth implementation
2013-12-02 17:20:42 -08:00
Ritchie Martori 5cd71cee6b Use loopback.AccessToken as default 2013-12-02 17:16:43 -08:00
Ritchie Martori 2c36935404 Fix missing assert 2013-12-02 16:37:42 -08:00
Ritchie Martori 2f9403016c Initial auth implementation 2013-11-22 12:26:59 -08:00
Raymond Feng 52b1588152 Merge pull request #74 from strongloop/acl
More ACL features
2013-11-20 14:30:40 -08:00
Ritchie Martori e92c46a4e4 Add password reset 2013-11-20 14:20:47 -08:00
Ritchie Martori aaa8423257 Fix minor autoWiring bugs 2013-11-20 14:18:54 -08:00
Raymond Feng 344c74297c Add unauthenticated role 2013-11-20 13:43:02 -08:00
Raymond Feng bee8a3b022 Add checkAccess for subject and token 2013-11-20 13:43:01 -08:00
Raymond Feng 2c7c5fc7ec Start to support smart roles such as owner 2013-11-20 13:43:01 -08:00
Ritchie Martori 3753c15b71 Merge pull request #71 from strongloop/feature/status-middleware
Add status middleware
2013-11-19 13:15:57 -08:00
Ritchie Martori e5a55846e8 Merge pull request #69 from strongloop/datasource-auto-wiring
Initial auto wiring for model dataSources
2013-11-19 13:11:54 -08:00
Ritchie Martori fd7dd7e4a2 Add status middleware 2013-11-19 12:54:30 -08:00
Ritchie Martori 9db8a7a25f Auto attach all models created 2013-11-19 12:23:02 -08:00