Commit Graph

109 Commits

Author SHA1 Message Date
Raymond Feng a6ff22c9c1 Make sure defaultPermission is checked 2014-01-16 15:05:10 -08:00
Raymond Feng c8eb5d9170 Make sure methods are called in the context of the calling class 2014-01-14 15:34:44 -08:00
Miroslav Bajtoš 1f80164e69 Merge pull request #135 from strongloop/feature/speed-up-user-passwords
Speed up tests accessing User.password
2014-01-13 22:04:41 -08:00
Miroslav Bajtoš 809411c103 Speed up tests accessing User.password
Decrease User.settings.saltWorkFactor in order to speed up unit-tests.
2014-01-13 20:05:22 +01:00
Miroslav Bajtoš ed81bdb6b8 Implement app.installMiddleware
The implementation is mostly a copy of
    loopback-workspace/templates/app.js
2014-01-13 17:26:24 +01:00
Miroslav Bajtoš 914ac2dcc9 Implement `app.listen`
The method starts a http server on the host & port configured
in the app config.
2014-01-13 09:12:54 +01:00
Miroslav Bajtoš 92896a441c Add app.restApiRoot setting
Allow loopback users to configure API root via config file, instead of
editing app.js generated by loopback-workspace.

Allow loopback plugins to discover the path where the REST adapter is
mounted.
2014-01-07 16:05:48 +01:00
Miroslav Bajtoš 78f514a003 Add ValidationError to loopback exports.
Simplify the construction of validation errors in user-land code:

    var error = new loopback.ValidationError(invalidModel);
2014-01-02 10:35:17 +01:00
Ritchie Martori 7b826e7c9e Add e2e tests for relations 2013-12-20 19:15:23 -08:00
Ritchie Martori 981bdd4c81 app.boot() now loads the "boot" directory 2013-12-18 21:41:41 -08:00
Ritchie Martori 16b790a93a Merge pull request #102 from strongloop/fix/user
Various Fixes and Behavioral Changes to the User Model
2013-12-18 21:34:30 -08:00
Raymond Feng 40cd71c4c6 Clean up the test case 2013-12-18 12:28:58 -08:00
Raymond Feng 598b1e6b61 Reformat the code using 2 space identation 2013-12-18 11:49:09 -08:00
Raymond Feng 95ad3e8c04 Allow cert/key data to be shared by push/feedback 2013-12-18 10:58:34 -08:00
Ritchie Martori 9f2651578b fixup - Include accessToken in user logout tests 2013-12-17 21:34:30 -08:00
Ritchie Martori 98ed38302a Logout now automatically pulls the accessToken from the request 2013-12-17 21:22:05 -08:00
Ritchie Martori 939df463fe Fix tests depending on old behavior of default User ACLs 2013-12-17 21:10:05 -08:00
Ritchie Martori ea7c9216d7 App config settings are now available from app.get() 2013-12-11 19:31:16 -08:00
Raymond Feng 97dc0aa441 Refactor to the code use wrapper classes
Add AccessContext, Principal, and AccessRequest
Add debug information
2013-12-11 16:03:48 -08:00
Raymond Feng 178674ec9a Enhance getRoles() to support smart roles 2013-12-11 09:06:21 -08:00
Raymond Feng 82eeaeee6b Fix the algorithm for Role.isInRole and ACL.checkAccess 2013-12-10 23:33:57 -08:00
Ritchie Martori dfcb43e613 Allow requests without auth tokens 2013-12-10 15:57:55 -08:00
Ritchie Martori e7cc30ee03 Fix base class not being actual base class 2013-12-09 17:11:01 -08:00
Raymond Feng 7f51c28539 Fix the ACL resolution against rules by matching score 2013-12-09 15:26:53 -08:00
Ritchie Martori af2b8dd4ff Merge feature/password-reset 2013-12-06 17:35:14 -08:00
Ritchie Martori 216fee3015 Add access type checking 2013-12-06 17:04:47 -08:00
Ritchie 68ef03e944 SLA-725 support PORT and HOST environment for PaaS support 2013-12-05 20:00:09 -08:00
Raymond Feng 23add99f12 Fix the test assertion as the error message is changed. 2013-12-04 14:41:25 -08:00
Ritchie Martori 2f9403016c Initial auth implementation 2013-11-22 12:26:59 -08:00
Miroslav Bajtos cf541cb828 Add test for findById returning 404
The test verifies the remoting configuration of
loopback-datasource-juggler, ensuring that
`DataAccessObject.findById()` has `rest.before` handler
correctly set up.
2013-11-21 16:23:01 +01:00
Ritchie Martori e92c46a4e4 Add password reset 2013-11-20 14:20:47 -08:00
Raymond Feng 344c74297c Add unauthenticated role 2013-11-20 13:43:02 -08:00
Raymond Feng bee8a3b022 Add checkAccess for subject and token 2013-11-20 13:43:01 -08:00
Raymond Feng 2c7c5fc7ec Start to support smart roles such as owner 2013-11-20 13:43:01 -08:00
Ritchie Martori 3753c15b71 Merge pull request #71 from strongloop/feature/status-middleware
Add status middleware
2013-11-19 13:15:57 -08:00
Ritchie Martori fd7dd7e4a2 Add status middleware 2013-11-19 12:54:30 -08:00
Ritchie Martori 178e5dab30 Remove .attachTo() from tests 2013-11-19 11:02:43 -08:00
Ritchie Martori cb39ae7adb Debugging odd defineFK behavior 2013-11-19 10:29:02 -08:00
Ritchie Martori da0545bed6 Initial auto wiring for model dataSources 2013-11-18 16:13:40 -08:00
Raymond Feng 8381b05da1 Allows LDL level ACLs 2013-11-15 09:41:26 -08:00
Raymond Feng 9bc762c09c Update dependencies 2013-11-14 21:19:57 -08:00
Raymond Feng 8e679d0927 Fix the permission resolution 2013-11-14 21:19:57 -08:00
Raymond Feng 94f12d0fce Fix the permission check 2013-11-14 21:19:57 -08:00
Raymond Feng 660ef89755 Merge ScopeACL into ACL 2013-11-14 21:19:56 -08:00
Raymond Feng 0430cd2ae3 Add tests for isInRole and getRoles 2013-11-14 21:19:56 -08:00
Raymond Feng c3a1a85159 Add constants and more tests 2013-11-14 21:19:56 -08:00
Raymond Feng 48a0242711 Define the models/relations for ACL 2013-11-14 21:19:56 -08:00
Raymond Feng 67b934357b Start to build the ACL models 2013-11-14 21:19:56 -08:00
Ritchie Martori 1de2a40e88 Update AccessToken and User relationship
- Add created default
 - Default TTLs for user login access tokens
 - Break out User / AccessToken relationship
2013-11-14 19:41:29 -08:00
Ritchie Martori 1bb95607b9 Update session / token documentation 2013-11-14 15:42:37 -08:00