search

strongloop / loopback-example-access-control

An example demonstrating LoopBack access control mechanisms.
Other
370 stars 168 forks source link

Sample with mongo db connection not working as expected #110

Closed brunoescalona-zz closed 7 years ago

brunoescalona-zz commented 7 years ago

Description of the problem

If I run the example code as it is, it works perfect. I try to modify the data source from memory to a mongo database with the following code.

"db": {
    "host": "localhost",
    "port": 27017,
    "database": "access-control",
    "name": "db",
    "connector": "mongodb"
  }

With the change when I run the application I can see all the Users, Roles and Roles Mapping in my database, the problem is when I login with the admin user and I GET all the projects I get the 401 error. (I am using the token in the request).

The ACL is:

 {
    "accessType": "READ",
    "principalType": "ROLE",
    "principalId": "admin",
    "permission": "ALLOW",
    "property": "find"
 }

Expected result

As in the memory example the expected result is to get all the project listed when I login with the admin user.

brunoescalona-zz commented 7 years ago

Sorry the issue was alredy open. I could solve the problem with the following modification in the RoleMapping model:

"options": {
     "strictObjectIDCoercion": true
}
zulfahmi commented 6 years ago

Thank you anyway for pointing this.