2

I am new to loopback and I am not able to extend User Base model properly. Though in explorer it shows that it is extended but all API's give a 401 error. ex. In normal get call for /users I get..

{
  "error": {
    "name": "Error",
    "status": 401,
    "message": "Authorization Required",
    "statusCode": 401,
    "code": "AUTHORIZATION_REQUIRED",
    "stack": "Error: Authorization Required"
  }
}

I went thru all the links and questions but none of they are working for me. I have properly put public:true in model-config for User Model extended model and written acls etc. but none of them works. I have also raised an issue on git for strongloop: https://github.com/strongloop/loopback/issues/1809 . Any leads would be awesome. Thanks.

User.json is as below:

{
  "name": "user",
  "plural": "users",
  "base": "User",
  "idInjection": true,
  "options": {
    "validateUpsert": true
  },
  "mongodb": {
    "collection": "User"
  },
  "properties": {
    "name": {
      "type": "string",
      "required": true
    },
    "email": {
      "type": "string",
      "required": true
    },
    "password": {
      "type": "string",
      "required": true
    },
    "phone": {
      "type": "string"
    }
  },
  "validations": [],
  "relations": {
    "question": {
      "type": "hasMany",
      "model": "question",
      "foreignKey": ""
    }
  },
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "DENY"
    },
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "admin",
      "permission": "ALLOW"
    },
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$owner",
      "permission": "ALLOW"
    },
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "ALLOW"
    }
  ],
  "methods": {}
}
xangy
  • 1,185
  • 1
  • 8
  • 19
Vaibhav Magon
  • 1,453
  • 1
  • 13
  • 29
  • seems like it have been resolved for you on github. can you post the solution and accept it, so it might help others? thanks. – xangy Nov 13 '15 at 04:46

2 Answers2

2

Some notes meriting consideration though:

1)You are defining email, password,.. properties, although they are already defined exactly the same way in the parent User model; please see: https://github.com/strongloop/loopback/blob/master/common/models/user.json;

2)For ACLs you are missing accesstypes, they are not right, but they do not break anything...For more info about ACL please see: https://docs.strongloop.com/display/public/LB/Define+access+controls

3)Also when you login please make sure to use user that you have created(a POST request) and it is in database already.

Thanks!

xangy
  • 1,185
  • 1
  • 8
  • 19
Vaibhav Magon
  • 1,453
  • 1
  • 13
  • 29
0

Seems like you've not logged into the application. Anyway by default most of the functions are not accessible by the settings in user parent class. (This totally is a turn-off)

  1. run the code in the login section

    { "username":"abc", "password":"xyz" }

  2. This action will return the token id.

  3. Enter this id in the top most right corner of the page and click the set token button.
  4. Now you're able to use some of the user function.

Create a model inheriting user 

:~/nodejs/lab/user-api$ slc loopback:model
? Enter the model name: customer
? Select the data-source to attach customer to: db (memory)
? Select model's base class: User
? Expose customer via the REST API? Yes
? Custom plural form (used to build REST URL): customers
Let's add some customer properties now.

Enter an empty property name when done.
? Property name: phone
   invoke   loopback:property
? Property type: string
? Required? No

Let's add another customer property.
Enter an empty property name when done.
? Property name:

Granting ACL Access:

 slc loopback:acl
? Select the model to apply the ACL entry to: customer
? Select the ACL scope: All methods and properties
? Select the access type: All (match all types)
? Select the role: All users
? Select the permission to apply: Explicitly grant access

Granting ACL Access once again:

 slc loopback:acl
? Select the model to apply the ACL entry to: customer
? Select the ACL scope: All methods and properties
? Select the access type: All (match all types)
? Select the role: All users
? Select the permission to apply: Explicitly grant access

When we're granting access two times it takes precedence over DENY in the base class. You'll get a result next time.

A sample class with the ACLs. You can try it in a loopback project, it'll work :)

{
  "name": "customer",
  "plural": "customers",
  "base": "User",
  "idInjection": true,
  "options": {
    "validateUpsert": true
  },
  "properties": {
    "phone": {
      "type": "string"
    }
  },
  "validations": [],
  "relations": {},
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "ALLOW"
    },
    {
      "accessType": "READ",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "ALLOW"
    }
  ],
  "methods": []
}

Please accept answer if it works. It will. Cheers!

Anoop Thiruonam
  • 2,567
  • 2
  • 28
  • 48
  • 1
    Ur not getting the question. I get an error and not access Token in return. This is relating to acls. Doing login I get "statusCode": 401, "code": "LOGIN_FAILED". – Vaibhav Magon Nov 12 '15 at 12:39
  • Have posted in the question. – Vaibhav Magon Nov 12 '15 at 13:37
  • its not working for me as i did the same thing,i am able to do login,but trying to get the relation from user to other model is givng error authorization required. – ashishSober Dec 05 '16 at 11:59