File tree Expand file tree Collapse file tree 3 files changed +23
-6
lines changed Expand file tree Collapse file tree 3 files changed +23
-6
lines changed Original file line number Diff line number Diff line change @@ -14,21 +14,22 @@ module.exports = function loopbackComponentAccess(app, options) {
14
14
throw new Error ( 'loopback-component-access-groups requires loopback 2.0 or newer' )
15
15
}
16
16
17
- // Initialize middleware
17
+ // Initialize middleware.
18
18
app . middleware ( 'auth:after' , userContext ( ) )
19
19
app . middleware ( 'routes:before' , accessLogger ( ) )
20
20
21
21
// Initialise helper class.
22
- const accessUtils = new AccessUtils ( app , options )
22
+ app . accessUtils = new AccessUtils ( app , options )
23
23
24
- app . accessUtils = accessUtils
24
+ // Initialize remoting phase.
25
+ app . accessUtils . setupRemotingPhase ( )
25
26
26
27
// Set up role resolvers.
27
- accessUtils . setupRoleResolvers ( )
28
+ app . accessUtils . setupRoleResolvers ( )
28
29
29
30
// Set up model opertion hooks.
30
31
if ( options . applyToStatic ) {
31
- accessUtils . setupFilters ( )
32
+ app . accessUtils . setupFilters ( )
32
33
}
33
34
34
35
// TODO: Create Group Access model automatically if one hasn't been specified
Original file line number Diff line number Diff line change @@ -22,7 +22,6 @@ module.exports = function userContextMiddleware() {
22
22
return next ( )
23
23
}
24
24
25
- loopbackContext . set ( 'accessToken' , req . accessToken . id )
26
25
const { app } = req
27
26
const UserModel = app . accessUtils . options . userModel || 'User'
28
27
Original file line number Diff line number Diff line change @@ -4,6 +4,7 @@ const debug = require('debug')('loopback:component:access')
4
4
const { createPromiseCallback } = require ( 'loopback-datasource-juggler/lib/utils' )
5
5
const _defaults = require ( 'lodash' ) . defaults
6
6
const _get = require ( 'lodash' ) . get
7
+ const _set = require ( 'lodash' ) . set
7
8
const Promise = require ( 'bluebird' )
8
9
const LoopBackContext = require ( 'loopback-context' )
9
10
@@ -38,6 +39,22 @@ module.exports = class AccessUtils {
38
39
debug ( 'options: %o' , options )
39
40
}
40
41
42
+ /**
43
+ * Register a custom remoting phase to make the current user details available from remoting contexts.
44
+ */
45
+ setupRemotingPhase ( ) {
46
+ this . app . remotes ( ) . phases
47
+ . addBefore ( 'invoke' , 'options-from-request' )
48
+ . use ( ( ctx , next ) => {
49
+ if ( ! _get ( ctx , 'args.options.accessToken' ) ) {
50
+ return next ( )
51
+ }
52
+ _set ( ctx , 'args.options.currentUser' , this . getCurrentUser ( ) )
53
+ _set ( ctx , 'args.options.currentUserGroups' , this . getCurrentUserGroups ( ) )
54
+ return next ( )
55
+ } )
56
+ }
57
+
41
58
/**
42
59
* Register a dynamic role resolver for each defined access group.
43
60
*/
You can’t perform that action at this time.
0 commit comments