'Insufficient permissions to access resource': ACL Middleware with Mongoose + Express

Question

I am trying to set up ACL middleware for basic route authentication. In this example, I am just trying to ensure that the user (myself in this case), has the 'admin' permission.

My route looks like this:

// define the home page route
router.get('/', acl.middleware(1, '594a984a9815beb8219dca22', 'admin'), function (req, res) {
    acl.userRoles('594a984a9815beb8219dca22', function(err, roles){
      res.send(roles)
    })
})

With the middleware, I get the message:

HttpError: Insufficient permissions to access resource

If I run this route without the middleware, the usersRole() function does indeed come back with

['admin']

as the response. I can't figure out what else needs to happen for the ACL to recognize me as an admin. I clearly have the 'admin' role.

UPDATE

This is the connection code:

var dbConn = mongoose.connect(configDB.url); // connect to our database
acl = new acl(new acl.mongodbBackend(mongoose.connection.db))

My config.url being:

module.exports = {
  'url' : 'mongodb://127.0.0.1:27017/NodeMongo'
}

Answer 1

The problem had to do with the asynchronous nature of connecting to mongoose. Within the route, the mongoose/acl connection had already been made, but not before that (for example, the middleware function call).

I eventually found the proper way to do it thanks to this example by Alex Mueller

Essentially, you need to initialize the acl object from within the callback of:

mongoose.connection.on('connected', function(test) {
  require('./authorization').init();
});

Then within your route files, access the fully-initialized acl object. Please refer to the example. It's very easy to follow along.