Fatal编程技术网
  • javascript/
  • Javascript 如何在环回框架中禁用PersistedModel的某些HTTP方法(例如POST)

Javascript 如何在环回框架中禁用PersistedModel的某些HTTP方法(例如POST)

javascript loopbackjs

Javascript 如何在环回框架中禁用PersistedModel的某些HTTP方法(例如POST),javascript,loopbackjs,Javascript,Loopbackjs,在环回框架中创建模型时,可以从PersistedModel类继承。通过这种方式生成所有HTTP方法。我想知道如何禁用某些HTTP方法 一个选项是用空逻辑覆盖PersistedModel中的函数,但希望该方法从Swagger API explorer中消失。在文档中找到答案。 例如,这将禁用PersistedModel.deleteById: var isStatic = true; MyModel.disableRemoteMethod('deleteById', isStatic); 因此,

在环回框架中创建模型时,可以从PersistedModel类继承。通过这种方式生成所有HTTP方法。我想知道如何禁用某些HTTP方法

一个选项是用空逻辑覆盖PersistedModel中的函数,但希望该方法从Swagger API explorer中消失。

在文档中找到答案。 例如,这将禁用PersistedModel.deleteById:

var isStatic = true;
MyModel.disableRemoteMethod('deleteById', isStatic);
因此,看起来您不可能同时禁用所有删除操作。例如,在给定的示例中,PersistedModel.deleteAll方法仍然是可访问的

开发人员必须显式禁用类中的每个相关方法

章节:

  • 隐藏方法和REST端点
  • 隐藏相关模型的端点

唯一需要额外注意的是禁用自定义模型方法(如User.login)。您需要在explorer中间件之前调用disableRemoteMethod:

我也遇到了同样的问题

我的第一个解决方案是手动更新
服务器/模型配置.json
中的
“public”:true
项,但只要我使用Swagger工具刷新环回API(使用项目根目录中的
slc LoopBack:Swagger myswaggerfilename
命令),它就会被覆盖

我终于写了一个Grunt任务作为可靠的解决方法

  • 在生成
    slc环回:swagger
    之后或在运行API live之前运行它
  • 您只需在javascript数组
    列表\u of_REST\u path\u to_expose中指定我要公开的路径的名称即可
  • 并确保您对原始
    /server/model config.json
    文件的备份文件夹满意
我想与您分享,以防:

基本上:

module.exports = function (grunt) {

  grunt.registerTask('unexpose_rest_path_for_swagger_models_v1', function (key, value) {
    try {
      // Change the list below depending on your API project :
      // list of the REST paths to leave Exposed
      var list_of_REST_path_to_EXPOSE =
        [
          "swagger_example-api_v1",
          "write_here_the_paths_you_want_to_leave_exposed"
        ];

      // Location of a bakup folder for modified model-config.json (change this according to your specific needs):
      var backup_folder = "grunt-play-field/backups-model-config/";

      var src_folder = "server/";
      var dest_folder = "server/";
      var src_file_extension = ".json";
      var src_file_root_name = "model-config";

      var src_filename = src_file_root_name + src_file_extension;
      var dest_filename = src_file_root_name + src_file_extension;
      var src = src_folder + src_filename;
      var dest = dest_folder + dest_filename;
      var free_backup_file = "";

      if (!grunt.file.exists(src)) {
        grunt.log.error("file " + src + " not found");
        throw grunt.util.error("Source file 'model-config.json' does NOT exists in folder '" + src_folder + "'");
      }

      // timestamp for the backup file of model-config.json
      var dateFormat = require('dateformat');
      var now = new Date();
      var ts = dateFormat(now, "yyyy-mm-dd_hh-MM-ss");

      // backup model-config.json
      var root_file_backup = src_file_root_name + "_bkp" + "_";
      var root_backup = backup_folder + root_file_backup;
      free_backup_file = root_backup + ts + src_file_extension;
      if (!grunt.file.exists(root_file_backup + "*.*", backup_folder)) {
        //var original_file = grunt.file.read(src);
        grunt.file.write(free_backup_file, "// backup of " + src + " as of " + ts + "\n");
        //grunt.file.write(free_backup_file, original_file);
        grunt.log.write("Creating BACKUP"['green'] + " of '" + src + "' " + "to file : "['green'] + free_backup_file + " ").ok();
      } else {
        grunt.log.write("NO BACKUP created"['red'] + " of '" + src + "' " + "because file : " + free_backup_file + " ALREADY EXISTS ! "['red']).error();
        throw grunt.util.error("Destination backup file already exists");
      }

      // load model-config.json
      var project = grunt.file.readJSON(src);//get file as json object

      // make modifications in model-config.json
      for (var rest_path in project) {
        if (rest_path.charAt(0) === "_") {
          grunt.log.write("SKIPPING"['blue'] + " the JSON item '" + rest_path + "' belonging to the " + "SYSTEM"['blue'] + ". ").ok();
          continue; // skip first level items that are system-related
        }
        if (list_of_REST_path_to_EXPOSE.indexOf(rest_path) > -1) { //
          project[rest_path]["public"] = true;
          grunt.log.write("KEEPING"['green'] + " the REST path '" + rest_path + "' " + "EXPOSED"['green'] + ". ").ok();
        } else {
          project[rest_path]["public"] = false;
          grunt.log.writeln("HIDING"['yellow'] + " REST path '" + rest_path + "' : it will " + "NOT"['yellow'] + " be exposed.");
        }
      }

}
我想隐藏PATCH方法,但当我试图隐藏它时,我也隐藏了PUT方法,我使用了这一行:

 Equipment.disableRemoteMethod('updateAttributes', false);
但后来我发现了一种只隐藏补丁方法的方法,这条线非常适合我

 Equipment.sharedClass.find('updateAttributes', false).http = [{verb: 'put', path: '/'}];
上面的行覆盖了updateAttributes方法拥有的原始http

[{动词:'put',路径:'/'},{动词:'patch',路径:'/'}]

我在model.js文件中做了如下操作,如下所示。这使表成为只读的

module.exports = function(model) {

    var methodNames = ['create', 'upsert', 'deleteById','updateAll',
                      'updateAttributes','createChangeStream','replace','replaceById',
                      'upsertWithWhere','replaceOrCreate'
                     ];

    methodNames.forEach(function(methodName) {
        disableMethods(model,methodName)
    });
}


function disableMethods(model,methodName)
{
if(methodName!='updateAttributes')
model.disableRemoteMethod(methodName, true);
else
model.disableRemoteMethod(methodName, false); 
}
Santhosh Hirekerur的更新要使其隐藏LB3上的所有内容,请停止使用已弃用的模型。disableRemoteMethod方法,以及隐藏
更新属性的更智能的方法,以及任何其他将来可能起同样作用的方法

我检查该方法是否在原型上,如果在原型上,则在名称前面加上
prototype.
前缀,然后再
禁用RemoteMethodByName


module.exports = function (model) {

    var methodNames = [
        'create',
        'upsert',
        'deleteById',
        'updateAll',
        'updateAttributes',
        'patchAttributes',
        'createChangeStream',
        'findOne',
        'find',
        'findById',
        'count',
        'exists',
        'replace',
        'replaceById',
        'upsertWithWhere',
        'replaceOrCreate'
    ];

    methodNames.forEach(function (methodName) {
        if (!!model.prototype[methodName]) {
            model.disableRemoteMethodByName('prototype.' + methodName);
        } else {
            model.disableRemoteMethodByName(methodName);
        }
    });

}


我将上述代码放在
服务器/中间件/禁用方法.js
中,并从如下模型调用它:


var disableMethods = require('../../server/middleware/disable-methods');

module.exports = function (Model) {
    disableMethods(Model);
}