问题描述
我正在使用我学到的东西 这里 构建用户认证系统.本质上它是使用护照本地身份验证.
I am using what I have learnt here to build a user authentication system. Essentially it is using passport local auth.
如何将用户访问级别和角色添加到 SailsJS?例如,我想要访问级别(canWriteAll、canWriteOwn、canRead)以及这些分配给的用户角色(管理员、贡献者、用户...等).
How would I add users access levels and roles to SailsJS? For example I would like access levels (canWriteAll, canWriteOwn, canRead) with user roles that these are assigned to (admin, contributor, user...etc..).
推荐答案
Sails 具有内置的基于策略的访问控制系统.首先查看文档.
Sails has built-in policy based access control system. Check out documentation first.
如果是简单的形式:
在您的用户模型中创建所需的访问级别属性,默认情况下等于最基本的访问级别.这可以是数字(如 1 - 管理员和 100 - 未经身份验证的用户,以及它们之间的其他角色)或字符串(如
administrator、moderator、guest>) 或任何东西.
create required access level attribute in your User model equal to most basic access level by default. This can be number (like 1 - administrator and 100 - unauthenticated user, and other roles between them) or string (like
administrator,moderator,guest) or anything.
在 policies 文件夹中创建中间件(查看文档以获取示例).
create middlewares in policies folder (check documentation for examples).
在政策 配置文件为每个控制器及其方法添加策略.
in policies configuration file add policy for each controller and their methods.
喜欢:
UserController: {
'*': false, // disallow for each method not listed here
find: ['guest'], // check guest.js middleware for permission
destroy: ['administrator'] // check administrator.js middleware for permission
}
这篇关于SailsJS 用户访问级别和角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!