module.exports = Self => { Self.remoteMethod('acl', { description: 'Get the user information and permissions', accepts: [ { arg: 'ctx', type: 'Object', http: {source: 'context'} } ], returns: { type: 'Object', root: true }, http: { path: `/acl`, verb: 'GET' } }); Self.acl = async function(ctx) { let userId = ctx.req.accessToken.userId; let models = Self.app.models; let user = await Self.findById(userId, { fields: ['id', 'name', 'nickname', 'email', 'lang'], include: { relation: 'userConfig', scope: { fields: ['darkMode'] } } }); let roles = await models.RoleMapping.find({ fields: ['roleId'], where: { principalId: userId, principalType: 'USER' }, include: [{ relation: 'role', scope: { fields: ['name'] } }] }); return {roles, user}; }; };