search

JKHeadley / rest-hapi

🚀 A RESTful API generator for Node.js
https://resthapi.com
MIT License
1.19k stars 153 forks source link

Issue with MrHorse.orPolicy in additional endpoint #233

Closed hmenzagh closed 4 years ago

hmenzagh commented 4 years ago

When I use a MrHorse.orPolicy in an additional endpoint I get an error message.

Version : 1.9

code sample:

extraEndpoints: [
    (server, options, model, logger) => {
        const Log = logger.bind('TimeMachine');
        Log.note('Generating TimeMachine endpoint for userClause');
        server.route({
            method: 'POST',
            path: '/userClause/timeMachine',
            config: {
                handler: async request => clausesTimeMachineHandler(
                    request, model.models.userClause, Log,
                ),
                validate: { payload: clausesTimeMachineSchema },
                tags: ['api', 'userClause', 'timeMachine'],
                plugins: {
                    'hapi-swagger': {},
                    policies: ['userAuth', MrHorse.orPolicy('objectAuth', 'adminPowered')],
                    model: model.models.userClause, // is not passed automatically
                },
            },
        });
    },
],

error message:

{
    "statusCode": 403,
    "error": "Forbidden",
    "message": "Cannot read property 'status' of undefined"
}

My policy functions are not executed, and I see that the console.log of results (L:381 in MrHorse's index.js) is empty ({}) witch explains the error message (Crash L:384).

I did not dig further and will avoid using MrHorse.orPolicy for the time being.

Would it be a quick fix ?

(Thanks for the great work btw)

JKHeadley commented 4 years ago

@hmenzagh it's hard to say. I don't have much experience with the MrHorse.orPolicy feature. If you could provide the full code needed to replicate the issue (model and policy files) I can try to look into it.

hmenzagh commented 4 years ago

I guess no code setup is really necessary, just import mrhorse and add something like policies: ['userAuth', MrHorse.orPolicy('objectAuth', 'adminPowered')], (as I said the policies aren't executed) if you really need the full code I'll try tu put up something asap

JKHeadley commented 4 years ago

@hmenzagh yes that would be very helpful. If you could provide a very basic example (full code) to replicate the issue that will help a lot since my resources are very limited.

hmenzagh commented 4 years ago

I was preparing an example repo and I dont know what changed but the issue is not reproducible anymore, I will re-open if it rises up again. Sorry for the inconvenience.