Vishnu Mishra
Reputation: 4029
sails.js restrict global policy in some controller field
I have a policy 'sessionAuth' :
module.exports = function (req, res, ok) {
if(req.session.authenticated && req.session.admin){
return ok();
}
else{
res.view('admin/login',{'error':"please login first"});
return;
}
};
in my config/policies I did :
module.exports.policies = {
'*': 'sessionAuth',
admin:{
'*':false,
edit:'sessionAuth',
'logout':'adminAuth',
'create':'adminAuth'
}
}
Now I need sessionAuth policy form my all controllers except some field in adminController like login, forgotpassword etc.
but when I did this I'm getting the
403 Forbidden
so how to do this any idea?
Upvotes: 2
Views: 251
Answers (1)
Andi N. Dirgantara
Reputation: 2051
If your Admin Controller's name is adminController so it should be:
module.exports.policies = {
'*' : 'sessionAuth',
adminController: {
'*' : false,
'edit' :'sessionAuth',
'logout' :'adminAuth',
'create' :'adminAuth',
'login' : true,
'forgotpassword' : true
}
}
Upvotes: 2
Related Questions
- Passing Parameters to sails.js policies
- How to create dynamic policies in sails.js
- sails policies - use variables
- Sails js policies not working
- Policy for REST API but not for Controllers in sails.js
- How to restrict findOne with policy
- Sails JS: How to pass value from policy to controller
- Sails.js policy not working for a single controller
- multiple controller in one policy in sails
- Defining policies inside controllers in sails.js