https://docs.strongloop.com/display/public/LB/Define+access+controls
In the above tutorial, how did the slc loopback:acl command added the property to the acl object of review?
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW",
"property": "create" //how did this get added ?
},
When I ran the command myself, no property:create was added. If I try to rename the property as "create_review", and edit the remote hook instead of
Review.beforeRemote('create', function(context, user, next) {
to
Review.beforeRemote('create_review', function(context, user, next) {
I get error 401 unauthorized.
What are other such property other than create? Why do we require property in acls? Is it to add remote hooks?
Access types and their properties are defined in https://docs.strongloop.com/display/public/LB/Controlling+data+access
besides create, there are find, findById, upsert, etc.
It is not the properties of the model, but the properties of acl.