Reputation: 752
Disabling create feature when create request is made using GET in Sails.js
I started tinkering with Sails.js recently and I wish to use it for production for my projects and as a mobile backend. In Sails.js docs, in the blueprint api it says that the create method call should be of POST type here https://sailsjs.com/documentation/reference/blueprint-api/create.
But even with GET request, record gets created. How to disable create feature when the request is of GET type..?
Upvotes: 0
Views: 68
Answers (2)
Reputation: 3819
Like @paulogdm, I was surprised that your GET was creating records. But I found the doc - it is a "shortcut" route in sails, and can be disabled. The docs are here.
In your /config/blueprints.js file, you need to add:
module.exports = {
// ...
shortcuts: false
}
Upvotes: 2
Reputation: 1801
If you want to completely disable the BLUEPRINT API, you might take a look at config/blueprints.js.
But you can create a police to just limit the access of it by doing something like this in 'policies.js':
UserController : {
'thisispublic' : true,
'thisisnot' : false,
'create' : ['hasAdminToken'],
'update' : ['hasAdminToken'],
'destroy' : ['hasAdminToken'],
}
Note that some actions are implied in the controller - even if you dont have a "create" function, it will be there provided by your model when it exists...
Upvotes: 2
Related Questions
- do not show new created rocrd in sails.js
- How to cancel the creation of a record in Sails in beforeCreate
- SailsJS: Prevent Model.create() if it has undeclared attributes
- SailsJs Partial disable Restful API
- Disable some built-in functionality in Sails.js
- Sails disable criteria for REST in GET
- How to configure Sails Controller to use only 'Post' method
- Cancelling default behaviour in sails.js model Lifecycle callback
- Sails: How to only authorize creation of a blueprint model
- Sailsjs disable a single js