Comprehensive user permissions and entitlements system for sails.js and Waterline. Supports user authentication with passport.js, role-based permissioning, object ownership, and row-level security.
MIT License
418
stars
113
forks
source link
findTargetObjects method fetch all data from table #212
sails.hooks.blueprints.middleware.find(req, {
ok: resolve,
serverError: reject,
// this isn't perfect, since it returns a 500 error instead of a 404 error
// but it is better than crashing the app when a record doesn't exist
notFound: reject
});
req object does not contains any criteria, so find fetch all records from related model table. Is it permissible behaviour?
I found some strange behaviour with Permission Service https://github.com/tjwebb/sails-permissions/blob/master/api%2Fservices%2FPermissionService.js#L56
req object does not contains any criteria, so find fetch all records from related model table. Is it permissible behaviour?