11

Sails.js (0.9v) controllers have policies defined as:

RabbitController: {

    '*': false, 

    nurture    : 'isRabbitMother',

    feed : ['isNiceToAnimals', 'hasRabbitFood']
}

is there a way to pass params to these acls eg:

RabbitController: {

    '*': false, 

    nurture    : 'isRabbitMother(myparam)',

    feed : ['isNiceToAnimals(myparam1, myparam2)', 'hasRabbitFood(anotherParam)']
}

This may lead to multiple use of these functions for different params. Thanks Arif

Arif
  • 315
  • 2
  • 10

3 Answers3

17

The policies are middleware functions with the signature:

    function myPolicy (req, res, next)

There's no way to specify additional parameters for these functions. However, you could create wrapper functions to create the policies dynamically:

    function policyMaker (myArg) {
      return function (req, res, next) {
        if (req.params('someParam') == myArg) {
          return next();
        } else {
          return res.forbidden();
        }
      }
    }

    module.exports = {

      RabbitController: {
        // create a policy for the nurture action
        nurture: policyMaker('foo'),
        // use the policy at 
        // /api/policies/someOtherPolicy.js for the feed action
        feed: 'someOtherPolicy'
      }

    }

In practice you'd want to separate this code into another file and require it, but this should get you started.

ftoyoshima
  • 363
  • 5
  • 10
sgress454
  • 24,870
  • 4
  • 74
  • 92
  • Thanks a lot @ScottGress that means that we donot have a binding to pass the function name as a string ... ???? for eg. nurture : 'somefunctioname', thanks for pointing this out – Arif Mar 10 '14 at 11:06
  • You can still refer to policies by name; doing so will run the policy with that filename in `/api/policies`. This is what you will do in most cases. – sgress454 Mar 10 '14 at 15:22
  • BTW, if this answer helped you, you can go ahead and accept it so that it doesn't continue to show up as unanswered. – sgress454 Mar 20 '14 at 21:27
0

I've created a Sails hook that does the job: https://www.npmjs.com/package/sails-hook-parametized-policies

I still need to write the documentation for it, but you can checkout the test folder to see how it works.

You just need to create a file api/policiesFactories/isNiceTo.js:

module.exports = function(niceTo){
    return function(req, res, next){
        // policy code
    };
};

in config/policies.json:

{
    RabbitController: {
        '*': false, 
        nurture: 'isRabbitMother(\'myparam\')',
        feed : ['isNiceToAnimals(\'myparam1\', \'myparam2\')', 'hasRabbitFood(\'anotherParam\')']
    }
}
mastilver
  • 665
  • 6
  • 18
0

Check out sails-must.

// in config/policies.js 

var must = require('sails-must')();

module.exports = {
    //.. 
    RabbitController: {
        nurture: must().be.a('rabbit').mother,
        feed: [must().be.nice.to('rabbits'), must().have('rabbit').food]
    },

    DogController: {
        nurture: must().be.a('dog').mother,
        feed: [must().be.nice.to('dogs'), must().have('dog').food]
    }
    //.. 

    //.. 
    SomeController: {
        someAction: must().be.able.to('read', 'someModel'),
        someOtherAction: must().be.able.to('write', 'someOtherModel').or.be.a.member.of('admins'),
        someComplexAction: must().be.able.to(['write', 'publish'], 'someDifferentModel')
    }
    //.. 

    //.. 
    ProjectController: {
        sales: must().be.a.member.of('sales').or.a.member.of('underwriting'),
        secret: must().not.be.a.member.of('hr')
    }
    //.. 

    //.. 
    MovieController: {
        adults: must().be.at.least(18, 'years').old,
        kids: must().be.at.most(17, 'years').old,
        teens: [must().be.at.least(13, 'years').old, must().be.at.most(19, 'years').old]
    }
    //.. 
};
clud
  • 135
  • 7