Domanda

I am having trouble figuring out sails policies, I follow the tutorial but still can't make it work.

In my policies.js file:

module.exports.policies = {
  '*':true,
  UsersController:{
    '*':false,
    signIn: 'skipAuthenticated'
  }
}

And in my authenticated.js file:

module.exports = function skipAuthenticated(req, res, ok){
  console.log("testing");
  if (req.session.authenticated){
    console.log("testing");
    return ok();
  }
  else {
    return res.send("You are not permitted to perform this action.", 403);
  }
}

But the policy does not trigger. Any help would be really appreciated.

È stato utile?

Soluzione 2

If you take a look at the section entitled How do I protect my controllers with policies? it describes that the policy name matches the name of the file in api/policies. So your problem is that the actual policy name is "authenticated" (you said authenticated.js) and the policy name you're trying to use in your ACL is "skipAuthenticated."

So you can either change the policy file name to skipAuthenticated.js or you can change your ACL to reflect the actual policy name.

http://sailsjs.org/#!documentation/policies

You can apply one or more policies to a given controller or action. Any file in your /policies folder (e.g. authenticated.js) is referable in your ACL (config/policies.js) by its filename minus the extension, (e.g. 'authenticated').

Altri suggerimenti

Suppose you have ProductsController and LoginController.

In policies.js :

module.exports.policies = {


    '*': true,
    login: {
        '*': true
    },
    products: {
        '*': 'isAuth',
        feed: true
    }

}

In Above Example:

Actions inside "login" controller can be accessed by any one. However, in products controller any other actions except for "feed" need to pass the "isAuth" policy.

Check out my completed gist. It should work with Sails 0.98 using passportjs and mysql https://gist.github.com/anhnt/8297229

i'm guessing the filename is wrong try renaming authenticated.js to skipAuthenticated.js if that doesn't help remove the camelcase name... i had some issues with camelcase but can't remember if it was with policies

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top