Comments (4)
I fixed it , it had nothing to do with accesscontrol, it was because I didn't use plain mongoose object. I passed lean=true
to mongoose-paginate and it worked
from accesscontrol.
I have another problem now , when I lean the objects so that I don't get _doc , etc.. , I get an Object for all my fields that are type ObjectId instead of String representation.. like so:
{"user":{"_bsontype":"ObjectID","id":{"type":"Buffer","data":[95,94,16,4,98,8,156,8,236,35,179,155]}}
how can I filter without making unwanted fields (Without Leaning) or not having ObjectIds represented by Strings?
from accesscontrol.
I found something odd. when I filter my result with inclusion instead of exclusion , it works fine:
my result when I filter like this:
{ role: 'admin', resource: 'user_profile', action: 'read:any', attributes: '_id ,firstName'}
is:
{ "_id": "5f5e100462089c08ec23b39b", "firstName": "john" },
as you can see _id is represented by String.
but when I change my filter to:
{ role: 'admin', resource: 'user_profile', action: 'read:any', attributes: '* ,!phoneNumber' },
the result will be:
{ "_id": { "_bsontype": "ObjectID", "id": { "type": "Buffer", "data": [ 95, 94, 16, 4, 98, 8, 156, 8, 236, 35, 179, 155 ] } }, "addresses": [] ..... ,
now as you can see, ObjectIds are not represented as String.
from accesscontrol.
This too has nothing to do with AccessControl. Note that this library should be used to manipulate data objects with enumerable properties. It will NOT deal with preserving the prototype-chain of the given object or objects with circular references, or buffers, etc..
from accesscontrol.
Related Issues (20)
- How to restrict access to certain part of the page HOT 1
- I would like to become a maintainer of this repo HOT 8
- grant permissions for every resources ? HOT 1
- please ignore - opened by mistake
- Filter array data
- support for deno
- Custom Possession HOT 1
- Cannot inherit non-existent role when using grants in object
- AccessControl() constructor does not support list of grant objects comes from Mongodb using mongoose
- Why we need to filter out the req.body in updateOwn
- Control system
- Multicontextual permissions HOT 1
- Make Action and Possession actual enums.
- Ignore undefined roles if one of them enough access HOT 3
- Allow `number` as valid type of role
- Distributed Grant File HOT 1
- Consider upgrading Notation to latest version 2.0 HOT 5
- Is this repo abandoned? HOT 3
- Rules support? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from accesscontrol.