我是AngularJs中的一只新蜜蜂，下面是Meanjs yo生成器创建的策略代码，出于学习目的创建了一个图书馆管理系统，当我通过浏览器URL测试服务器代码（即API）时，我面临的问题是。 ..我得到的结果
http://localhost:3000/api/searchbooks/bookname/davincicode作为JSON对象


但是对于下面的URL，它给了我{message: 'User is not authorized'}

http://localhost:3000/api/searchbooks/bookname/davincicode/bookName

exports.invokeRolesPolicies = function () {
  acl.allow([
{
    roles: ['user'],
    allows: [{
      resources: '/api/searchbooks',
      permissions: ['get']
    }, {
      resources: '/api/searchbooks/bookname/:searchbookName',
      permissions: ['get']
    }]
},
{
   roles: ['user'],
   allows: [{
     resources: '/api/searchbooks/bookname',
     permissions: ['get']
   }, {
     resources: '/api/searchbooks/bookname/:searchbookName/:action',
     permissions: ['get']
   }]
}

])};

exports.isAllowed = function (req, res, next) {
  var roles = (req.user) ? req.user.roles : ['guest'];

  // If an Searchbook is being processed and the current user created it then allow any manipulation
  if (req.searchbook && req.user && req.searchbook.user && req.searchbook.user.id === req.user.id) {
    return next();
  }
  // Check for user roles
  acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
    if (err) {
      // An authorization error occurred
      return res.status(500).send('Unexpected authorization error');
    } else {
      if (isAllowed) {
        // Access granted! Invoke next middleware
        return next();
      } else {
        return res.status(403).json({
          message: 'User is not authorized'
        });
      }
    }
  });
};

我在路由部分中遇到了错误的问题：
app.route('/api/searchbooks/bookname/:searchbookName/:actionValue').all(searchbooksPolicy.isAllowed) .get(searchbooks.read)
在政策网址中，它的action和我必须给actionValue作为参数名称。
so passing incorrect parameter name was an issue..