我有环回应用程序,我有型号名称照片。我在当地主机上工作并尝试在照片模型中发布,它工作正常。但是,当我构建它并尝试在在线服务器上开机自检时,我收到需要授权的错误。
我的前交叉韧带看起来像这样:
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "DENY"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$owner",
"permission": "ALLOW"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "findById"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__get__comments"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__count__comments"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__get__likes"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__count__likes"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW",
"property": "__create__comments"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "find"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW",
"property": "create"
}
首先,进行一些清理:您可以将许多相似的 ACLS 组合到一个块中:
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": [
"find",
"findById",
"__get__likes",
"__get__comments",
"__count__likes",
"__count__comments"
]
},
。第二:尝试在服务器上发出请求时,您是否登录了? 检查"授权"令牌是否正在发送且是否正常。 与本地主机相同的数据库或不同的数据库?
您可以通过启用以下调试选项来检查应用于路由的 ACL:
DEBUG=loopback:security:acl
我使用此日志解决了配置 ACL 时的问题。
请查看此链接以获取更多信息:
https://loopback.io/doc/en/lb2/Setting-debug-strings.html#using-debug-strings