isAllowed returns empty permission

[macroramesh6]

Thanks for the contribution for this package. I am new to this package I have added roles, resource, and permission. If I tried to use isAllowed returns null permission. my implementation is given below.

//added roles, resource and permissions here
acl.allow('employee', '/api/guestbook', ['put']);

//added roles to the user
acl.addUserRoles('58344ca87f75a7306fc67645', 'employee', function(err) {
});

//Here my custom middleware check.
acl.isAllowed('58344ca87f75a7306fc67645', '/api/guestbook', 'put', function(err, allowed){
    console.log(err, allowed); //null, false
});

Note: I have checked by removing \ from the resource. the backend is redis connection

My above check returns null, false it should be null, true. Did I miss anything in my implementation? am I on the right path?

[deej81]

I had the same problem, the issue is that you are effectively creating a role for every user rather than assigning a user to a role. I believe this is a valid use case but in your middleware check you are then querying for whether a user has the permission rather than whether the role has it. Instead you need to do this:-

acl.areAnyRolesAllowed('58344ca87f75a7306fc67645', '/api/guestbook', 'put', function(err, allowed){ console.log(err, allowed); //null, true });

[pangff]

I had the same problem.

[zh244135370]

It's a Promise,include allow and addUserRoles,use as this: let allow = acl.allow([...]); allow.then(function(){ acl.addUserRoles() return Promise.resolve() }).then(function(){ acl.isAllowed() })