Feature
-
police-tree extend sails policies when use blueprint rest
-
Sometimes, when we create apis with sails generator, the models may have Associations between them, and we don't want to expose all blueprint rest apis, so police-tree allow you create verify rule by only one root controller
Usage
First create the tree config like below:
treeConfig = /* checkPoint is the point of the current root resource, when path like: /company/1/team/2 * mean: * 1. match any method * 2. id == 1 * 3. cb(false) return verify fail, cb(true) this point verify pass and goto endPoint verify */ checkPoint : { ... // some code if! ; // return false when verify fail } /* end point in the path, when path like:/projects/1/todos/99/users/10 * mean: * 1. end resource "users" and match only post method * 2. id == 10 * 3. cb(false) return verify fail, cb(true) this point verify pass and goto nextLeaf that have defined */ endPoint : "users" : { return false; } nextLeaf : // treeConfig of next leaf path, // if the path is /company/1/team/2/project/3, // then next path is /team/2/project/3 // and nextLeaf is corresponding config
then in the police file in the sails policies folder, call police-tree pass the config:
module { req res next configTree;}
when return false in the ponit of config tree, there will return 403 by use res.forbidden and return the message:
forbidden by police tree with xxxPoint
run test cases
mocha