我想了解环回acl但失败了,如果我可以使用环回acl控制角色授权,我该怎么办?
当我收到请求时
GET http://localhost:1337/api/Employees 401 (Unauthorized)
{
"error": {
"name": "Error",
"status": 401,
"message": "Authorization Required",
"statusCode": 401,
"stack": "Error: Authorization Required
}
}
这里是一名员工。JSON 配置
{
"name": "Employee",
"base": "User",
"properties": {
"nickname": {
"type": "string"
}
},
"validations": [],
"relations": {},
"acls": [
{
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW",
"accessType": "READ"
}
],
"methods": []
}
下面的代码是添加一个员工
{
"nickname": "",
"realm": "",
"username": "",
"credentials": "object",
"challenges": "object",
"email": "",
"emailVerified": false,
"verificationToken": "",
"status": "",
"created": "",
"lastUpdated": "",
"id": 0
}
我不知道环回acls的内部。我怎么去改变才能达到访问控制的效果?