为什么Principal不是模型,而是Role,RoleMapping,ACL突然成为模型? [英] Why Principal is not a model, but Role, RoleMapping, ACL are suddenly models?
问题描述
我正在阅读回送的访问控制概念( 错误: 这里的逻辑在哪里? 首先让我们弄清楚,委托人是什么? 根据文档,主体是可以识别或认证的实体.它代表对受保护资源的请求的身份.例如:可以验证 如果我们可以使用 但是,如果您根据文档看到类主体,则 此类表示主体的抽象概念,可用于表示任何实体,例如个人,公司和登录ID .此类具有三个属性:类型,ID和名称.此throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
Principal与其他人合而为一,但不是模型.为什么?user实例以执行create请求.因此,该user实例可以是主体. user,application或role代替委托人,那么在核心环回中制作另一个模型是没有意义的.type字段指定用于主体的模型. principal类实例可以通过多种方式创建.例如,对于role模型实例
role.principals.create({
principalType: app.models.RoleMapping.USER,
principalId: admin.id
}, function(err, principal) {
if (err) {
throw err;
} else {
next();
}
});
在这里,我们为role实例创建了新的principal实例.现在,可以使用此主体对请求进行身份验证.另外,注意principalType用于定义用于创建主体的模型.
注意:
我希望现在, principal使用可以唯一标识的其他模型实例是有道理的,因此可以用来对对受保护资源的请求进行身份验证,例如create休息端点.
现在,您收到的错误是因为没有定义为Principal的模型.并且在引导应用程序时,它没有在Loopback核心模型或为我们的应用程序生成的模型中找到Principal模型,因此引发了错误
throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
I'm reading Access control concepts of Loopback (https://docs.strongloop.com/display/public/LB/Authentication%2C+authorization%2C+and+permissions) and I don't understand how happened that Principal is not a model, but Role, RoleMapping, ACL are models with a full set of REST API methods and are listed in model-config.json? When I tried to include Principal in model-config.json along with Role, RoleMapping and ACL I got error:
"ACL": {
"dataSource": "db",
"public": false
},
"RoleMapping": {
"dataSource": "db",
"public": false
},
"Role": {
"dataSource": "db",
"public": false
},
"Principal": {
"dataSource": "db",
"public": true
},
Error:
throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
Where is logic here? Principal is in one line with others but isn't a model. Why?
Let's first make it clear, what a principal is?
As per the documentation, Principal is an entity that can be identified or authenticated. It represents identities of a request to protected resources. For example: an user instance can be authenticated to execute a create request. Therefore, that user instance can be a principal.
If we can use user, application or role in place of principal, it doesn't make sense to make another model in core loopback.
But if you see Class Principal as per the documentation,
This class represents the abstract notion of a principal, which can be used to represent any entity, such as an individual, a corporation, and a login id. This class have three attributes: type, id and name. This type field specifies which model is being used for principal. principal class instance can be created in many ways. For example, for role model instance as in
role.principals.create({
principalType: app.models.RoleMapping.USER,
principalId: admin.id
}, function(err, principal) {
if (err) {
throw err;
} else {
next();
}
});
Here, we created new principal instance for a role instance. Now this principal can be used to authenticate a request. Also, notice principalType is used to define which model is being used to create a principal.
Note:
I hope, now, it make sense that principal uses other model instances that can be uniquely identified and thus, can be used to authenticate requests to protected resources like a create rest endpoint.
Now the error you received is because there is no model defined as Principal. And while bootstrapping the app, it didn't found the Principal model in either Loopback core models or generated model for our app so it threw the error
throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
这篇关于为什么Principal不是模型,而是Role,RoleMapping,ACL突然成为模型?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
