Bazinga777
Reputation: 5281
Loopback 401 error when trying to update
I have been trying to update certain changes in a loopback user model but everytime i do it I am getting a 401 unauthorized error even though my user role is set to admin.
Here is what my user.model looks like
{
"name": "user",
"plural": "users",
"base": "User",
"properties": {
},
"validations": [],
"relations": {
"accessTokens": {
"type": "hasMany",
"model": "accessToken",
"foreignKey": "userId"
},
"identities": {
"type": "hasMany",
"model": "userIdentity",
"foreignKey": "userId"
},
"roles": {
"type": "hasMany",
"model": "Role",
"through": "RoleMapping",
"foreignKey": "principalId"
}
},
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "localadmin",
"permission": "ALLOW"
},
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "$unauthenticated",
"permission": "DENY"
},
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$owner",
"permission": "ALLOW"
}
],
"methods": []
}
and the angular resource call that I am making
$scope.setUserAccess = function(user) {
User.upsert({ username: user.username, accessLevel: user.accessLevel })
.$promise
.then(
function(resp) { console.log(resp); },
function(err) { console.log(err);
});
};
I am having a hard time solving this one. This is what I got on the browser
"{"
data ":{"
error ":{"
name ":"
Error ","
status ":401,"
message ":"
Authorization Required ","
statusCode ":401,"
code ":"
AUTHORIZATION_REQUIRED ","
stack ":"
Error: Authorization Required\ n at / home / work / Thermtec / node_modules / loopback / lib / application.js: 375: 21\ n at / home / work / Thermtec / node_modules / loopback / lib / model.js: 313: 7\ n at / home / work / Thermtec / node_modules / loopback / common / models / acl.js: 465: 23\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 251: 17\ n at done(/home/work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 132: 19)\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 32: 16\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 248: 21\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 572: 34\ n at / home / work / Thermtec / node_modules / loopback / common / models / acl.js: 447: 17\ n at / home / work / Thermtec / node_modules / loopback / common / models / role.js: 348: 23 "}},"
status ":401,"
config ":{"
method ":"
PUT ","
transformRequest ":[null],"
transformResponse ":[null],"
url ":"
http: //localhost:3000/api/users","data":{"username":"testuser","accessLevel":5},"params":{},"headers":{"Accept":"application/json, text/plain, */*","Content-Type":"application/json;charset=utf-8","authorization":"No9BorxaROfrb48jOxKYDpigFNlhk30vkYVhQMRMHT4h86KNnjCLPFda06jPywo3"}},"statusText":"Unauthorized"}"
Here is my boot script
'use strict';
// to enable these logs set `DEBUG=boot:02-load-users` or `DEBUG=boot:*`
var log = require('debug')('boot:01-load-users');
module.exports = function(app) {
if (app.dataSources.db.name !== 'Memory' && !process.env.INITDB) {
return;
}
createDefaultUsers();
function createDefaultUsers() {
log('Creating roles and users');
var User = app.models.User;
var Role = app.models.Role;
var RoleMapping = app.models.RoleMapping;
var users = [];
var roles = [{
name: 'admin',
users: [{
firstName: 'Admin',
lastName: 'User',
email: '[email protected]',
username: 'admin',
password: 'admin'
}]
}, {
name: 'user',
users: [{
firstName: 'Guest',
lastName: 'User',
email: '[email protected]',
username: 'user',
password: 'user'
}]
},{
name: 'localadmin',
users: [{
firstName: 'LocalAdmin',
lastName: 'User',
email: '[email protected]',
username: 'localadmin',
password: 'admin'
}]
}];
roles.forEach(function(role) {
Role.findOrCreate(
{where: {name: role.name}}, // find
{name: role.name}, // create
function(err, createdRole, created) {
if (err) {
console.error('error running findOrCreate('+role.name+')', err);
}
(created) ? log('created role', createdRole.name)
: log('found role', createdRole.name);
role.users.forEach(function(roleUser) {
User.findOrCreate(
{where: {username: roleUser.username}}, // find
roleUser, // create
function(err, createdUser, created) {
if (err) {
console.error('error creating roleUser', err);
}
(created) ? log('created user', createdUser.username)
: log('found user', createdUser.username);
createdRole.principals.create({
principalType: RoleMapping.USER,
principalId: createdUser.id
}, function(err, rolePrincipal) {
if (err) {
console.error('error creating rolePrincipal', err);
}
users.push(createdUser);
});
});
});
});
});
return users;
}
};
Upvotes: 0
Views: 822
Answers (2)
Anoop Thiruonam
Reputation: 2872
- First you've to create roles.
- Then set permission grant/deny to roles/users using acl feature from cli.
- Then login using valid authorized credential.
- You should be able to modify/access the user details as defined in
the model acl section.
Please find a detailed answer here: Constantly getting 401 errors in loopback while using User Model
Upvotes: 1
JSimonsen
Reputation: 2692
From what I see here it doesn't look like you are creating any roles right now. You will need to create the admin roles in this script. This could be why you see the unauthorized access message. I would refer to the code example in the documentation here:
User.create([
{username: 'John', email: '[email protected]', password: 'opensesame'},
{username: 'Jane', email: '[email protected]', password: 'opensesame'},
{username: 'Bob', email: '[email protected]', password: 'opensesame'}
], function(err, users) {
if (err) return cb(err);
//create the admin role
Role.create({
name: 'admin'
}, function(err, role) {
if (err) cb(err);
//make bob an admin
role.principals.create({
principalType: RoleMapping.USER,
principalId: users[2].id
}, function(err, principal) {
cb(err);
})
;
});
});
Upvotes: 1
Related Questions
- How to configure loopback to serve angular4 App?
- Loopback Error 401 (Unauthorized) while accessing APIs
- loopback Error AUTHORIZATION_REQUIRED statusCode 401
- Loopback: Error
- Error 401 on POST Request in Loopback
- Weird behaviour of loopbackJS with AngularJS
- loopback angular sdk login error
- Loopback angular 401 Authorization Required
- Loopbackjs ChangeStream not firing any update on Angularjs
- Loopback Client Side Authentication Check