whatResources() does not handle wildcard

OptimalBits / node_acl

Access control lists for node applications

2.62k stars 369 forks source link

whatResources() does not handle wildcard #18

Open glachac opened 11 years ago

glachac commented 11 years ago

Take the following example:

acl.allow('superuser','user.management','*',cb);

acl.whatResources('superuser','read',cb(resources){
          console.log("Resources: %j",resources);
})

My understanding of the wildcard means that 'superuser' should have all permission on 'user.managment'. So the log should output "user.management" as a valid resource, but instead the output is empty. If I replace 'read' with '*' it works, suggesting it is only matching strings, not the wildcard logic.

manast commented 11 years ago

Hello,

this must be a bug. Is it a showstopper for you, or do you have some workaround?

glachac commented 11 years ago

Not a showstopper. I've worked around it using only a single permission so a wildcard isn't necessary, but I'll need to move to multiple permissions in the future.