更新时间:2023-02-26 07:43:23
Sails 具有内置的基于策略的访问控制系统.首先查看文档.
Sails has built-in policy based access control system. Check out documentation first.
如果是简单的形式:
在您的用户模型中创建所需的访问级别属性,默认情况下等于最基本的访问级别.这可以是数字(如 1 - 管理员和 100 - 未经身份验证的用户,以及它们之间的其他角色)或字符串(如 administrator
、moderator
、guest
>) 或任何东西.
create required access level attribute in your User model equal to most basic access level by default. This can be number (like 1 - administrator and 100 - unauthenticated user, and other roles between them) or string (like administrator
, moderator
, guest
) or anything.
在 policies
文件夹中创建中间件(查看文档以获取示例).
create middlewares in policies
folder (check documentation for examples).
在政策
配置文件为每个控制器及其方法添加策略.
in policies
configuration file add policy for each controller and their methods.
喜欢:
UserController: {
'*': false, // disallow for each method not listed here
find: ['guest'], // check guest.js middleware for permission
destroy: ['administrator'] // check administrator.js middleware for permission
}