Closed subodh2508 closed 8 years ago
Hi!
I spotted some problems in your implementation.
var roles = request.auth.credentials.group;
I believe that you don't really want to do this. hapi-rbac
reads this values for you when you specify credentials:group
in the target type. What you want to do instead, is retrieving the groups from your database (in your case from MySQL) that will match the request.auth.credentials.group
.
So, try to do this instead:
server.register({
register: require('hapi-rbac'),
options: {
policy: function (request, callback) {
const path = request.route.path;
const method = request.route.method;
// Obtain the policy groups for the path and method (because this is a global configuration)
getPolicyGroupsFromMySQL(path, method, function (err, data) {
if(err) {
return callback(err);
}
// Assuming your data is an array of groups
// We add 'any-of' as first element
data.unshift('any-of');
const policy = {
target: data,
apply: 'permit-overrides',
rules: [
{
target: ['any-of',
{type: 'credentials:group', value: 'admin'}
],
effect: 'permit'
}
]
};
callback(null, policy);
});
}
}
}, function(err) {
if(err) {
throw err;
}
// load other plugins / start server...
});
Hello sir,
Thank you for your prompt reply which help me to resolve issue pending for more than a week. Appreciate your effort.
Thanks,
Subodh Sonawane.
From: Francisco Gouveia [mailto:notifications@github.com] Sent: 11 February 2016 22:40 To: franciscogouveia/hapi-rbac Cc: subodh2508 Subject: Re: [hapi-rbac] dynamic policy create (#19)
Hi!
I spotted some problems in your implementation.
var roles = request.auth.credentials.group;
I believe that you don't really want to do this. hapi-rbac reads this values for you when you specify credentials:group in the target type. What you want to do instead, is retrieving the groups from your database (in your case from MySQL) that will match the request.auth.credentials.group.
· Problem 2: You are configuring the policy as global. This policy will be applied to all your routes. I am not sure if that's what you want.
· Problem 3: You are passing a string instead of a JSON object to the callback.
So, try to do this instead:
server.register({ register: require('hapi-rbac'), options: { policy: function (request, callback) { const path = request.route.path; const method = request.route.method;
// Obtain the policy groups for the path and method (because this is a global configuration)
getPolicyGroupsFromMySQL(path, method, function (err, data) {
if(err) {
return callback(err);
}
// Assuming your data is an array of groups
// We add 'any-of' as first element
data.unshift('any-of');
const policy = {
target: data,
apply: 'permit-overrides',
rules: [
{
target: ['any-of',
{type: 'credentials:group', value: 'admin'}
],
effect: 'permit'
}
]
};
callback(null, policy);
});
}
}
}, function(err) { if(err) { throw err; }
// load other plugins / start server...
});
— Reply to this email directly or view it on GitHub https://github.com/franciscogouveia/hapi-rbac/issues/19#issuecomment-182961358 .Description: Image removed by sender.
Great that it helped you. Closing the issue then.
I am quite newbie for using hapi js.
i want to create dynamic policy using mysql database, Whenever i write callback function it gives me error, can you please provide me some example for the same? also how to write callback
server.register({ register: require('hapi-rbac'), options: { policy: function (request, callback) { var roles = request.auth.credentials.group;
} }, function(err) { if(err){ throw err; } });
Please suggest me any solution...