Loopback 401 error when trying to update

Question

I have been trying to update certain changes in a loopback user model but everytime i do it I am getting a 401 unauthorized error even though my user role is set to admin.

Here is what my user.model looks like

     {
  "name": "user",
  "plural": "users",
  "base": "User",  
  "properties": {
  },
  "validations": [],
  "relations": {
    "accessTokens": {
      "type": "hasMany",
      "model": "accessToken",
      "foreignKey": "userId"
    },
    "identities": {
      "type": "hasMany",
      "model": "userIdentity",
      "foreignKey": "userId"
    },   
    "roles": {
      "type": "hasMany",
      "model": "Role",
      "through": "RoleMapping",
      "foreignKey": "principalId"
    }
  },
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "admin",
      "permission": "ALLOW"
    },
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "localadmin",
      "permission": "ALLOW"
    },    
    {
      "accessType": "READ",
      "principalType": "ROLE",
      "principalId": "$unauthenticated",
      "permission": "DENY"
    },
    {
      "accessType": "READ",
      "principalType": "ROLE",
      "principalId": "$authenticated",
      "permission": "ALLOW"
    },
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$owner",
      "permission": "ALLOW"
    }   
  ],
  "methods": []
}

and the angular resource call that I am making

 $scope.setUserAccess = function(user) {                                        
            User.upsert({ username: user.username, accessLevel: user.accessLevel })
                .$promise
                .then(
                 function(resp) { console.log(resp); },
                 function(err) { console.log(err);
                 });

        };

I am having a hard time solving this one. This is what I got on the browser

  "{"
data ":{"
error ":{"
name ":"
Error ","
status ":401,"
message ":"
Authorization Required ","
statusCode ":401,"
code ":"
AUTHORIZATION_REQUIRED ","
stack ":"
Error: Authorization Required\ n at / home / work / Thermtec / node_modules / loopback / lib / application.js: 375: 21\ n at / home / work / Thermtec / node_modules / loopback / lib / model.js: 313: 7\ n at / home / work / Thermtec / node_modules / loopback / common / models / acl.js: 465: 23\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 251: 17\ n at done(/home/work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 132: 19)\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 32: 16\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 248: 21\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 572: 34\ n at / home / work / Thermtec / node_modules / loopback / common / models / acl.js: 447: 17\ n at / home / work / Thermtec / node_modules / loopback / common / models / role.js: 348: 23 "}},"
status ":401,"
config ":{"
method ":"
PUT ","
transformRequest ":[null],"
transformResponse ":[null],"
url ":"
http: //localhost:3000/api/users","data":{"username":"testuser","accessLevel":5},"params":{},"headers":{"Accept":"application/json, text/plain, */*","Content-Type":"application/json;charset=utf-8","authorization":"No9BorxaROfrb48jOxKYDpigFNlhk30vkYVhQMRMHT4h86KNnjCLPFda06jPywo3"}},"statusText":"Unauthorized"}"

Here is my boot script

    'use strict';

// to enable these logs set `DEBUG=boot:02-load-users` or `DEBUG=boot:*`
var log = require('debug')('boot:01-load-users');

module.exports = function(app) {

  if (app.dataSources.db.name !== 'Memory' && !process.env.INITDB) {
    return;
  }

  createDefaultUsers();

  function createDefaultUsers() {

    log('Creating roles and users');

    var User = app.models.User;
    var Role = app.models.Role;
    var RoleMapping = app.models.RoleMapping;

    var users = [];
    var roles = [{
      name: 'admin',
      users: [{
        firstName: 'Admin',
        lastName: 'User',
        email: 'admin@thermtec.ie',
        username: 'admin',
        password: 'admin'
      }]
    }, {
      name: 'user',
      users: [{
        firstName: 'Guest',
        lastName: 'User',
        email: 'user@user.com',
        username: 'user',
        password: 'user'
      }]
    },{
      name: 'localadmin',
      users: [{
        firstName: 'LocalAdmin',
        lastName: 'User',
        email: 'admin@admin.com',
        username: 'localadmin',
        password: 'admin'
      }]
    }];

    roles.forEach(function(role) {
      Role.findOrCreate(
        {where: {name: role.name}}, // find
        {name: role.name}, // create
        function(err, createdRole, created) {
          if (err) {
            console.error('error running findOrCreate('+role.name+')', err);
          }
          (created) ? log('created role', createdRole.name)
                    : log('found role', createdRole.name);
          role.users.forEach(function(roleUser) {
            User.findOrCreate(
              {where: {username: roleUser.username}}, // find
              roleUser, // create
              function(err, createdUser, created) {
                if (err) {
                  console.error('error creating roleUser', err);
                }
                (created) ? log('created user', createdUser.username)
                          : log('found user', createdUser.username);
                createdRole.principals.create({
                  principalType: RoleMapping.USER,
                  principalId: createdUser.id
                }, function(err, rolePrincipal) {
                  if (err) {
                    console.error('error creating rolePrincipal', err);
                  }
                  users.push(createdUser);
                });
              });
          });
        });
    });
    return users;
  }

};

Can you add your /server/boot/script.js specifically the User.create section for Admin roles? — JSimonsen, Aug 13 '15 at 16:51

score 1 · Answer 1 · answered Aug 13 '15 at 17:16

From what I see here it doesn't look like you are creating any roles right now. You will need to create the admin roles in this script. This could be why you see the unauthorized access message. I would refer to the code example in the documentation here:

    User.create([
        {username: 'John', email: 'john@doe.com', password: 'opensesame'},
        {username: 'Jane', email: 'jane@doe.com', password: 'opensesame'},
        {username: 'Bob', email: 'bob@projects.com', password: 'opensesame'}
      ], function(err, users) {
        if (err) return cb(err);

        //create the admin role
        Role.create({
          name: 'admin'
        }, function(err, role) {
          if (err) cb(err);

          //make bob an admin
          role.principals.create({
            principalType: RoleMapping.USER,
            principalId: users[2].id
          }, function(err, principal) {
            cb(err);
          })

;
    });
  });

score 1 · Answer 2 · edited May 23 '17 at 11:51

1

First you've to create roles.
Then set permission grant/deny to roles/users using acl feature from cli.
Then login using valid authorized credential.
You should be able to modify/access the user details as defined in
the model acl section.

Please find a detailed answer here: Constantly getting 401 errors in loopback while using User Model

edited May 23 '17 at 11:51

Community

1
1

answered Nov 12 '15 at 12:41

Anoop Thiruonam

2,567
2
28
48

Loopback 401 error when trying to update

2 Answers2