为什么Principal不是模型,而是Role,RoleMapping,ACL突然成为模型? [英] Why Principal is not a model, but Role, RoleMapping, ACL are suddenly models?
问题描述
我正在阅读回送的访问控制概念( 错误: 这里的逻辑在哪里? 首先让我们弄清楚,委托人是什么? 根据文档,主体是可以识别或认证的实体.它代表对受保护资源的请求的身份.例如:可以验证 如果我们可以使用 但是,如果您根据文档看到类主体,则 此类表示主体的抽象概念,可用于表示任何实体,例如个人,公司和登录ID .此类具有三个属性:类型,ID和名称.此throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
Principal
与其他人合而为一,但不是模型.为什么?user
实例以执行create
请求.因此,该user
实例可以是主体. user
,application
或role
代替委托人,那么在核心环回中制作另一个模型是没有意义的.type
字段指定用于主体的模型. principal
类实例可以通过多种方式创建.例如,对于role
模型实例
role.principals.create({
principalType: app.models.RoleMapping.USER,
principalId: admin.id
}, function(err, principal) {
if (err) {
throw err;
} else {
next();
}
});
在这里,我们为role
实例创建了新的principal
实例.现在,可以使用此主体对请求进行身份验证.另外,注意principalType
用于定义用于创建主体的模型.
注意:
我希望现在, principal
使用可以唯一标识的其他模型实例是有道理的,因此可以用来对对受保护资源的请求进行身份验证,例如create
休息端点. >
现在,您收到的错误是因为没有定义为Principal
的模型.并且在引导应用程序时,它没有在Loopback核心模型或为我们的应用程序生成的模型中找到Principal
模型,因此引发了错误
throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
I'm reading Access control concepts of Loopback (https://docs.strongloop.com/display/public/LB/Authentication%2C+authorization%2C+and+permissions) and I don't understand how happened that Principal
is not a model, but Role
, RoleMapping
, ACL
are models with a full set of REST API methods and are listed in model-config.json
? When I tried to include Principal
in model-config.json
along with Role
, RoleMapping
and ACL
I got error:
"ACL": {
"dataSource": "db",
"public": false
},
"RoleMapping": {
"dataSource": "db",
"public": false
},
"Role": {
"dataSource": "db",
"public": false
},
"Principal": {
"dataSource": "db",
"public": true
},
Error:
throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
Where is logic here? Principal
is in one line with others but isn't a model. Why?
Let's first make it clear, what a principal is?
As per the documentation, Principal is an entity that can be identified or authenticated. It represents identities of a request to protected resources. For example: an user
instance can be authenticated to execute a create
request. Therefore, that user
instance can be a principal.
If we can use user
, application
or role
in place of principal, it doesn't make sense to make another model in core loopback.
But if you see Class Principal as per the documentation,
This class represents the abstract notion of a principal, which can be used to represent any entity, such as an individual, a corporation, and a login id. This class have three attributes: type, id and name. This type
field specifies which model is being used for principal. principal
class instance can be created in many ways. For example, for role
model instance as in
role.principals.create({
principalType: app.models.RoleMapping.USER,
principalId: admin.id
}, function(err, principal) {
if (err) {
throw err;
} else {
next();
}
});
Here, we created new principal
instance for a role
instance. Now this principal can be used to authenticate a request. Also, notice principalType
is used to define which model is being used to create a principal.
Note:
I hope, now, it make sense that principal
uses other model instances that can be uniquely identified and thus, can be used to authenticate requests to protected resources like a create
rest endpoint.
Now the error you received is because there is no model defined as Principal
. And while bootstrapping the app, it didn't found the Principal
model in either Loopback core models or generated model for our app so it threw the error
throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
这篇关于为什么Principal不是模型,而是Role,RoleMapping,ACL突然成为模型?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!