0

我是使用带有 Loopback 的 nodejs 的新手。我的办公室工作是创建实时聊天应用程序。我的老板建议我使用 fireloop.io,我总是从http://docs.fireloop.io/en/api/阅读文档并成功实现。但问题是创建私人聊天室。我也遵循文档上“使用子引用”的指示,但是在我发送消息后,消息会广播到连接到服务器的所有客户端。我的代码与文档相同:

import { Component } from '@angular/core';
import { RealTime } from './shared/sdk/services';
import { Room, Message, FireLoopRef } from './shared/sdk/models';
@Component(...)
export class AppComponent {
  private RoomReference: FireLoopRef<Room>;
  private MessageReference: FireLoopRef<Message>;
  private room: Room = new Room({ name: 'FireLoop Room' });
  private message: Room = new Message({ text: 'Test Message' });
  constructor(private realTime: RealTime) {
    this.realTime
        .onReady()
        .subscribe(() =>
            this.RoomReference = this.realTime.FireLoop.ref<Room>(Room)
            this.RoomReference.upsert(this.room).subscribe((instance: Room) => {
             // Create a Child Reference
             this.MessageReference = RoomReference.make(instance).child<Message>('messages');
             this.MessageReference.on('value').subscribe(
                (messages: Array<Message>) => this.logger.info(messages)
              );
              MessageReference.upsert(this.message).subscribe((res: Message) => console.log(res.text));
            }))
        );
  }
}

对不起我的语言。谢谢

4

1 回答 1

0

最好的方法是应用访问控制规则:

  1. 允许不受限制地访问公共房间(在模型中使用布尔值)
  2. 允许所有者访问私人房间
  3. 允许客人进入私人房间

对于规则 2 和 3,您的代码应该是这样的:

{
  "name": "Room",
  "base": "PersistedModel",
  "idInjection": true,
  "properties": {
    "name": {
      "type": "string"
    }
  },
  "validations": [],
  "relations": {
    "user": {
      "type": "belongsTo",
      "model": "user",
      "foreignKey": "ownerId"
    },
  {
    "members": {
      "type": "hasMany",
      "model": "user",
      "foreignKey": "memberId"
    }
  },
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "DENY"
    },
    {
      "accessType": "READ",
      "principalType": "ROLE",
      "principalId": "member",
      "permission": "ALLOW",
      "property": "findById"
    },
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$owner",
      "permission": "ALLOW"
    }
  ],
  "methods": []
}

有用的链接: https ://loopback.io/doc/en/lb2/Controlling-data-access.html#applying-access-control-rules

于 2017-05-13T09:58:55.730 回答