Strongloop Loopback:
Can't get __get__plural to work on a hasMany relation to my user table. Failing with AUTHORIZATION_REQUIRED.
version 2.27.0
"relations": {
"transactions": {
"type": "hasMany",
"model": "transaction",
"foreignKey": "userId"
},
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "DENY"
},
{
"accessType": "READ",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__get__transactions"
},
Here is the trace:
loopback:security:role isInRole(): $everyone +0ms
loopback:security:access-context ---AccessContext--- +1ms
loopback:security:access-context principals: [] +1ms
loopback:security:access-context modelName usr +1ms
loopback:security:access-context modelId 57e75c6f1bc42b97d177db78 +0ms
loopback:security:access-context property __findById__transactions +0ms
loopback:security:access-context method __findById__transactions +0ms
loopback:security:access-context accessType READ +0ms
loopback:security:access-context accessToken: +0ms
loopback:security:access-context id "$anonymous" +0ms
loopback:security:access-context ttl 1209600 +0ms
loopback:security:access-context getUserId() null +0ms
loopback:security:access-context isAuthenticated() false +0ms
loopback:security:role Custom resolver found for role $everyone +0ms
loopback:security:role isInRole(): $everyone +0ms
loopback:security:access-context ---AccessContext--- +0ms
loopback:security:access-context principals: [] +0ms
loopback:security:access-context modelName usr +1ms
loopback:security:access-context modelId 57e75c6f1bc42b97d177db78 +0ms
loopback:security:access-context property __findById__transactions +0ms
loopback:security:access-context method __findById__transactions +0ms
loopback:security:access-context accessType READ +0ms
loopback:security:access-context accessToken: +0ms
loopback:security:access-context id "$anonymous" +0ms
loopback:security:access-context ttl 1209600 +0ms
loopback:security:access-context getUserId() null +0ms
loopback:security:access-context isAuthenticated() false +0ms
loopback:security:role Custom resolver found for role $everyone +0ms
loopback:security:role isInRole(): $owner +0ms
loopback:security:access-context ---AccessContext--- +0ms
loopback:security:access-context principals: [] +0ms
loopback:security:access-context modelName usr +0ms
loopback:security:access-context modelId 57e75c6f1bc42b97d177db78 +1ms
loopback:security:access-context property __findById__transactions +0ms
loopback:security:access-context method __findById__transactions +0ms
loopback:security:access-context accessType READ +0ms
loopback:security:access-context accessToken: +0ms
loopback:security:access-context id "$anonymous" +0ms
loopback:security:access-context ttl 1209600 +0ms
loopback:security:access-context getUserId() null +0ms
loopback:security:access-context isAuthenticated() false +0ms
loopback:security:role Custom resolver found for role $owner +0ms
loopback:security:role isOwner(): usr 57e75c6f1bc42b97d177db78 userId: null +0ms
loopback:security:role isInRole(): admin +0ms
loopback:security:access-context ---AccessContext--- +0ms
loopback:security:access-context principals: [] +0ms
loopback:security:access-context modelName usr +0ms
loopback:security:access-context modelId 57e75c6f1bc42b97d177db78 +0ms
loopback:security:access-context property __findById__transactions +1ms
loopback:security:access-context method __findById__transactions +0ms
loopback:security:access-context accessType READ +0ms
loopback:security:access-context accessToken: +0ms
loopback:security:access-context id "$anonymous" +0ms
loopback:security:access-context ttl 1209600 +0ms
loopback:security:access-context getUserId() null +0ms
loopback:security:access-context isAuthenticated() false +0ms
loopback:security:role isInRole() returns: false +0ms
loopback:security:acl The following ACLs were searched: +2ms
loopback:security:acl ---ACL--- +1ms
loopback:security:acl model usr +0ms
loopback:security:acl property * +0ms
loopback:security:acl principalType ROLE +0ms
loopback:security:acl principalId $everyone +0ms
loopback:security:acl accessType * +0ms
loopback:security:acl permission DENY +0ms
loopback:security:acl with score: +0ms 7495
loopback:security:acl ---ACL--- +0ms
loopback:security:acl model usr +0ms
loopback:security:acl property * +0ms
loopback:security:acl principalType ROLE +0ms
loopback:security:acl principalId $everyone +0ms
loopback:security:acl accessType * +0ms
loopback:security:acl permission DENY +0ms
loopback:security:acl with score: +0ms 7495
loopback:security:acl ---Resolved--- +0ms
loopback:security:access-context ---AccessRequest--- +0ms
loopback:security:access-context model usr +0ms
loopback:security:access-context property __findById__transactions +0ms
loopback:security:access-context accessType READ +0ms
loopback:security:access-context permission DENY +0ms
loopback:security:access-context isWildcard() false +0ms
loopback:security:access-context isAllowed() false +0ms
The problem was missing from the plurals ACL:
"principalType": "ROLE"