Shmulinson
Reputation: 421
Loopback how to overwrite Role ACL?
How to open loopback build-in model Role only for admin? If I set "public":true in model-config.json then anyone can query Role methods.
"Role": {
"dataSource": "db",
"public": true
},
I need only user with role "admin" to CRUD.
Upvotes: 1
Views: 140
Answers (1)
Shmulinson
Reputation: 421
This is how I solved this issue. in root.js
Promise.all([
ACL.findOrCreate({
model: Role.modelName,
accessType: ACL.ALL,
principalType: ACL.ROLE,
principalId: '$everyone',
permission: ACL.DENY,
property: ACL.ALL
})
, ACL.findOrCreate({
model: Role.modelName,
accessType: ACL.ALL,
principalType: ACL.ROLE,
principalId: 'admin',
permission: ACL.ALLOW,
property: ACL.ALL
})
]);
Upvotes: 1
Related Questions
- loopback ACL for user model
- Need Help Understanding ACL in Loopback
- Loopback custom role based ACL not working
- Dynamically adding user to a loopback Role
- Loopback ACL "Authorization Required"
- Loopback acl and ownerid
- How to override User ACL
- Loopback ACL: Create a User with a Role
- How to use Loopback ACL modify permissions on the user role
- ACLS not recognized