Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Readme.md #44

Open
360disrupt opened this issue Jul 20, 2015 · 2 comments
Open

Readme.md #44

360disrupt opened this issue Jul 20, 2015 · 2 comments

Comments

@360disrupt
Copy link

Hi guys.

Setting User Roles

I'm missing in the readme where the user roles are set. I guess that I integrate into my passport strategy after successful authentication.

    UserModel.findOne { 'email': email, 'active': true }, (err, user) ->
      if err
        return done(err)
      if !user
        return done(null, false, {message: 'Emailadresse unbekannt'})
      if !user.validPassword(password)
        return done(null, false, {message: 'Passwort nicht korrekt'})

      req.appUser = {} if !req.appUser?
      switch user.permissionLevel
        when 'superAmdin'
          req.appUser.role = 'superAmdin'
       ...
      done null, user
    return

I have seen that there is an option to change the user userProperty. I have seen that passport also seems to use a req.user object if it is necessary to change the userProperty in passport as well it would be great to mention this.

Difference between roles.is/.can and user.is/can

Is there a difference? Can roles.is('myRole') be used within a route.

PS: At the moment I'm not understanding quite how to use connect-roles please give me a short feedback on:
http://stackoverflow.com/questions/31519736/connect-roles-define-user-roles-on-login-and-user-is-function
@markstos
Copy link

Here's two problems I see in the README.

roles.can and roles.is are not documented

There is a mention in the documentation, but it only says that "You can use these as express route middleware", but the docs don't see what they do. Also, the example shown doesn't even use "roles.can", it uses "user.can".

user.can vs userCan

There is a documentation section on user.can(action) and user.is(action)

But the section doesn't mention user.can nor show it in examples. Instead it shows userIs and userCan.

This a mismatch. Either the section header or the content seems like a typo.

@grochadc
Copy link

I had the same issue about setting user roles, but I figured it out.

Basically since connect-roles is a middleware, every strategy has access to the req object, which may have a user property set by your authentication library with data from your database (or any other place where you store user data). Now, since this object gets properties and values from the database you can add a role property to your user, and that gets attached to the req. This way, now you have a property req.user.role that you can use on your strategy.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@markstos @360disrupt @grochadc