Package Exports
- loopback-component-role-user
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (loopback-component-role-user) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
Loopback Component user dynamic role
This loopback component add a new dynamic user role which mapping the operators of model to the role.
The role name should be '[modelName]' + '.' + '[operator]'. The role should be mapped into the ACL too.
And the role can be nested like this:
Role1:
User.add
Role2:
Role1The Role2 should has the User.add role too.
Installation
- Install in you loopback project:
npm install --save loopback-component-role-user
Create a component-config.json file in your server folder (if you don't already have one)
Configure options inside
component-config.json:
{
"loopback-component-role-user": {
"enabled": true,
"role": "$user",
"models": [],
"operators":[]
}
}enabled[Boolean]: whether enable this component. defaults: truerole[String] : the role name. defaults: $usermodels[Boolean|Array of string]. defaults: true- enable the admin role to the models.
truemeans all models in the app.models.
- enable the admin role to the models.
operators[Object]: the mapping operators of model to the role name.the
keyis the operator(method), thevalueis the role name.Note: the operator name is the role name if no mapping operator.
defaults:
{ create: 'add', upsert: 'edit', updateAttributes: 'edit', exists: 'view', findById: 'view', find: 'find', findOne: 'find', count: 'find', destroyById: 'delete', deleteById: 'delete' }
Usage
Just enable it on component-config.json.
set DEBUG=loopback:security:role:user env vaiable to show debug info.
the User.hasRole(aUserId, aRoleName) promise async function added to check.