loopback.io模型,ACLPrincipalId,$ owner [英] loopback.io model, acl principalId, $owner
问题描述
我只需要将模型中的数据访问限制为创建该模型的环回用户.
I need to limit data access in a model only to the loopback user that created it.
我在文档中看到了这一点
I saw this in the docs:
http://loopback.io/doc /en/lb2/Model-definition-JSON-file.html#acls
$owner - Owner of the object
这是否意味着创建该对象的登录用户?
Does that mean the logged in user who created that object?
模型运行时创建时,loopback.io是否将当前登录用户的用户ID存储在其自己的ACL中?
When a model runs create, is loopback.io storing the user id of the current logged in user inside it's own ACL?
或者我需要做类似的事情,即在模型上创建与用户模型的关系的新属性:
Or will I need to do something like this, which is to create new properties on my model with relations to the user model:
推荐答案
知道了:
http://loopback.io/doc/zh-CN/lb2/Defining-and-using-roles.html#dynamic-roles
要使一个$ owner合格,目标模型需要有一个EmiratesTo 与用户模型的关系(或从用户扩展的模型)和属性 与目标模型实例的外键匹配.支票 $ owner仅对在其上具有:id"的远程方法执行 路径,例如GET/api/users/:id.
To qualify a $owner, the target model needs to have a belongsTo relation to the User model (or a model extends from User) and property matching the foreign key of the target model instance. The check for $owner is only performed for a remote method that has ‘:id’ on the path, for example, GET /api/users/:id.
这篇关于loopback.io模型,ACLPrincipalId,$ owner的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!