Why am I getting a 401 error when I query for user items?

Question

Why am I getting a 401 error when I query for user items?

In the StrongLoop API explorer, I have the ability to request:

/ People / {ID} / food_prefs

Human is based on an embedded user model. This request should return a JSON list of all food_pref files for this Person (User). Instead, I get a 401 authorization error.

Thus, the model relationship:

Person has many food_prefs
food_pref belongs to Person (foreign key: personId)

The food_pref model looks like this:

property: type : number
property: personId : number

When I send a request to Person / {id} / food_pref, I get a 401 error:

{
  "error": {
    "name": "Error",
    "status": 401,
    "message": "Authorization Required",
    "statusCode": 401,
    "code": "AUTHORIZATION_REQUIRED",
    "stack": "Error: Authorization Required\n
}

I haven't configured the ACL yet, but even when I configure it to access everyone, I still get this error. Why?

+3

node.js http-status-code-401 relationship loopback strongloop

Nathan McKaskle 04 Jul 15 at 17:04

source to share

1 answer

Nathan McKaskle · Accepted Answer · 2015-07-06T20:00:40+0000

The answer is to add the following permissions to the ACL section in the Person model. The file name is generic /models/person.json:

{ "accessType": "EXECUTE", 
  "principalType": "ROLE", 
  "principalId": "$everyone", 
  "permission": "ALLOW", 
  "property": "__get__foodPrefs" 
}

Similar properties can be set for other methods, such as the ones you use to extend the model, for example a remote method called getList shared by /models/person.js. You just replace __get__foodPrefs with getList. Be sure to note that automatically generated methods like the one above have two underscores, not one.

Additionally, other permissions can be $ authenticated, $ owner, etc.

Why am I getting a 401 error when I query for user items?

More articles: