问题
I'm reading Access control concepts of Loopback (https://docs.strongloop.com/display/public/LB/Authentication%2C+authorization%2C+and+permissions) and I don't understand how happened that Principal is not a model, but Role, RoleMapping, ACL are models with a full set of REST API methods and are listed in model-config.json? When I tried to include Principal in model-config.json along with Role, RoleMapping and ACL I got error:
"ACL": {
"dataSource": "db",
"public": false
},
"RoleMapping": {
"dataSource": "db",
"public": false
},
"Role": {
"dataSource": "db",
"public": false
},
"Principal": {
"dataSource": "db",
"public": true
},
Error:
throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
Where is logic here? Principal is in one line with others but isn't a model. Why?
回答1:
Let's first make it clear, what a principal is?
As per the documentation, Principal is an entity that can be identified or authenticated. It represents identities of a request to protected resources. For example: an user instance can be authenticated to execute a create request. Therefore, that user instance can be a principal.
If we can use user, application or role in place of principal, it doesn't make sense to make another model in core loopback.
But if you see Class Principal as per the documentation,
This class represents the abstract notion of a principal, which can be used to represent any entity, such as an individual, a corporation, and a login id. This class have three attributes: type, id and name. This type field specifies which model is being used for principal. principal class instance can be created in many ways. For example, for role model instance as in
role.principals.create({
principalType: app.models.RoleMapping.USER,
principalId: admin.id
}, function(err, principal) {
if (err) {
throw err;
} else {
next();
}
});
Here, we created new principal instance for a role instance. Now this principal can be used to authenticate a request. Also, notice principalType is used to define which model is being used to create a principal.
Note:
I hope, now, it make sense that principal uses other model instances that can be uniquely identified and thus, can be used to authenticate requests to protected resources like a create rest endpoint.
Now the error you received is because there is no model defined as Principal. And while bootstrapping the app, it didn't found the Principal model in either Loopback core models or generated model for our app so it threw the error
throw new Error('Model not found: ' + modelName);
^
Error: Model not found: Principal
来源:https://stackoverflow.com/questions/33541933/why-principal-is-not-a-model-but-role-rolemapping-acl-are-suddenly-models