堆栈内存溢出
  简体   繁体   English

我如何限制在sailjs中的REST API结果中指定文件

[英]how can I limit specify filed in rest api result in sailjs

 原文  2014-12-03 07:37:45       node.js/ rest/ sails.js

问题描述

I'm using restapi in sailsjs , I have a user model: 我在sailsjs中使用restapi,我有一个用户模型: 

module.exports = {

  schema: true,

  attributes: {

    username : { type: 'string' },    

    real_name : { type: 'string' },

    encrypted_password: {
      type: 'string'
    },

    id_card : { type: 'string' },

    is_verify : { type : 'boolean' } ,

    email : { type: 'string' },

    phone : {
      type: 'string'
    } 

  },
};

I would like to expose some rest api , but I only allow findOne method , and what's more : 我想公开一些rest api,但是我只允许使用findOne方法,而且还有:

I DON'T want the result contains id_card , because it's kind of private info. 我不希望结果包含id_card ,因为它是一种私人信息。

Sailsjs doesn't has beforeFindOne or afterFindOne. Sailsjs没有beforeFindOne或afterFindOne。

what can I do? 我能做什么?

Besides: 除了:

I would like to expose a rest api , such as update. 我想公开一个rest api,例如update。 But I only want rest api to just allow update phone & email, rather than real_name & is_verify . 但是我只希望rest api只允许更新电话和电子邮件,而不是real_name和is_verify。

I can do it in beforeupdate method to limit the update filed. 我可以在beforeupdate方法中执行此操作以限制更新。 

beforeUpdate: function(values, cb) {
    // accessing the function defined above the module.exports
    FilterUpdateField(function() {
      cb();
    })
  }

But these lines of code would NOT be elegant. 但是这些代码行并不完美。 Some may rather write their own api to override it. 有些人可能宁愿编写自己的api来覆盖它。

So, Would it be properly to write my own api to override the rest api in this two situations? 因此,在这两种情况下编写我自己的api以覆盖其余api是否合适?

1 个解决方案

解决方案1
 1 已采纳  2014-12-04 15:38:04

For your first question: 对于第一个问题:

I DON'T want the result contains id_card , because it's kind of private info. 我不希望结果包含id_card,因为它是一种私人信息。

You should simply add the option protected: true to the model attribute, as in: 您只需向模型属性添加protected: true选项,如下所示: 

attributes:{
  id_card : { 
    type: 'string',
    protected: true 
  }, 
}

For your second question: I don't really know a way to protect an attribute to update rather than the beforeUpdate you are already using. 对于您的第二个问题:我真的不知道一种保护属性进行更新的方法,而不是您已经在使用的beforeUpdate。

PD: you should probably create different threads for each question you have. PD:您可能应该为每个问题创建不同的主题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 我如何限制在sailjs中的rest api中指定更新文件 - how can I limit specify update filed in rest api in sailjs 如何在SAILJS的API REST中使用方法过滤器搜索? - How can I using method filter search in API REST of SAILJS? 如何使用nodejs构建rest API并使用列入白名单的ip或域限制用户访问权限? - How can I build rest API with nodejs and limit user access with whitelisted ip or domain? 使用Sequelize如何指定要排序/限制的字段? - Using Sequelize how can I specify which field to sort / limit by? 如何将结果限制为具有特定值的数组的字段? - How can I limit the result to a field with array that has a specific value? 无法在 SailJS 中创建版本化 API - Unable to create a versioned API in SailJS LoopbackJS/Oracle 可以使用 REST API 检索多少行是否有限制? - Is there a limit on how many rows LoopbackJS/Oracle can retrieve using the REST API? 如何将CasperJS测试公开为自己的REST API? - How can I expose my CasperJS tests as their own REST API? 我如何获得标头 REST API 的响应大小 - How can i get response size of headers REST API 如何在同一个 REST ZDB974238714CA8DE634A7CE1D083A14 中使用 MySQL 和 MongoDB - How can I use MySQL and MongoDB in the same REST API?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM