I don't think the roleRequired options works anymore with the latest version of the alanning:roles package released a few months ago. As part of the update, they moved roles to a separate collection - I assume restivus still checks the roles on the user document, but since they are not there anymore it fails saying the user does not have the required permissions even if it does have the correct role.
A workaround for this is to check the role manually in the action:
Api.addRoute("private", {
post: {
authRequired: true,
// roleRequired: "admin",
action: function() {
if (Roles.userIsInRole(this.userId, "admin")) {
// user has admin role, do your things
return 200;
} else {
return 401;
}
}
}
});
I don't think the
roleRequired
options works anymore with the latest version of thealanning:roles
package released a few months ago. As part of the update, they moved roles to a separate collection - I assume restivus still checks the roles on theuser
document, but since they are not there anymore it fails saying the user does not have the required permissions even if it does have the correct role.A workaround for this is to check the role manually in the
action
: