Friday, 26 May 2017

Facing issue while using node-acl

I am trying to customise node-acl in my project depending upon different modules. To be precise, I am trying to invoke roles policies from one file and check it from a middleware method from another file. So, This is the first set of code i.e roles policies that I have added in my users module for user's APIs.

exports.invokeRolesPolicies = function () {
  acl.allow([{
      roles: [userRoles.Admin, userRoles.User],
    allows: [{
        resources: '/verify',
        permissions: 'get'
    },{
        resources: '/api/change-password',
        permissions: 'put'
    },{
        resources: '/api/get-user',
        permissions: 'get'
    }]
  }
  ]);

And I have invoked it here below (In the same file).

module.exports.init = function () {
    // Using the memory backend
    acl = new acl(new acl.memoryBackend());
    this.invokeRolesPolicies();
};

Then, I have created a middleware file in which I have defined my middleware isAllowed function that basically be called everytime I want to check whether the user is authorised to access that particular API.

var acl           = require('acl');
var userRoles     = require('../constants/userRoles');
exports.isAllowed = function (req, res, next) {
    var roles = (req.session.user);

    // Check for user roles
    acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
        if (err) {
            // An authorization error occurred
             return res.send({success:false, msg: "Unexpected authorization error"}, HttpStatus.INTERNAL_SERVER_ERROR);
        } else {
            if (isAllowed) {
                // Access granted! Invoke next
                 return next();
            } else {
                 return res.send({success:false, msg: "User is not authorized"}, HttpStatus.FORBIDDEN);
            }
        }
    });
};

Now, I am calling it from my index.js file in routes

app.route('/api/change-password',middleWares.isAuthenticated)
        .put(middleWares.isAllowed, users.changePassword);

The control goes to the required method i.e isAllowed but it returns 500 saying the following.

**Type Error:acl.areAnyRolesAllowed is not a function
    at exports.isAllowed (/home/sample/config/middlewares.js:78:9)**

FYI : If I use the method from the same file where I defined and invoked the policies, It works just fine. I don't know why this is the issue in middleware file. Is it because of the reason that I am using memory backend ? Does the memory backend is not accessible from another file except the one where it is invoked?

P.S - I am a newbie on Stack Overflow so excuse me if I missed out on anything. Please help me out of it! Thanks in Advance!! :)



via Richil Pahuja
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)