moleculer-api
English
English
  • moleculer-api
  • Quick Start
    • Get Started
    • Configurations
    • Quick Examples
      • REST
        • REST Endpoints
        • REST File Upload with streaming
      • GraphQL
        • GraphQL Resolver with DataLoader
        • GraphQL type extension and reference
      • WebSocket
        • WebSocket Video Broadcasting
        • WebSocket Video Server/Client
        • WebSocket Chat Server/Client
      • Authentication
        • Parse OIDC/OAuth2 context
      • Authorization
        • Access Control with Auth token scopes
        • Access Control with Auth token claims
        • Access Control with IP address
  • API Gateway
    • Overview
    • Service Broker
      • Connenctor
      • Delegator
    • Schema Registry
      • Branch, Version, Integration
      • Protocol Plugin
      • Policy Plugin
      • API Handler
      • API Document Generation
      • Health Check
    • API Server
      • Application
        • Component
          • HTTP
          • WebSocket
        • Context Factory
          • Auth
          • Cookie
          • Correlation ID
          • IP Address
          • Locale
          • Request
          • User-Agent
      • Middleware
        • Error
        • Logging
        • Body Parser
        • Helmet
        • CORS
        • Serve Static
      • HTTP
      • HTTPS
  • Service API Schema
    • Overview
    • Branch
    • Protocol Plugin
      • REST
      • GraphQL
      • WebSocket
    • Policy Plugin
      • Scope
      • Filter
  • Development
    • Overview
    • Service Broker Delegator
      • Manipulating HTTP Response
      • Streaming Request/Response
      • Bidirectional Streaming
    • Schema Registry
      • Protocol Plugin
      • Policy Plugin
    • API Server
      • Application Component
      • Application Context Factory
      • Middleware
  • Miscellaneous
    • Project Roadmap
    • CHANGELOG
    • FAQ
    • Contributors
    • Supporters
  • Github
  • moleculer-iam
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Service API Schema
  2. Policy Plugin

Scope

Scopes

    call: [
      {
        description: "admin can remove player, newbie and admin can create player",
        actions: ["player.**"],
        scopes: ["player", "player.admin"],

위 정책은 player.** 패턴(player.get, player.list, player.message.list 등과 일치)의 액션을 호출하는 call 커넥터가 사용되는 모든 엔드포인트가 수행되기 전에 공통적으로 평가됩니다. 우선 scopes 접근 제어 플러그인에 따라 context에 주입된 (moleculer-iam 같은 컨텍스트 플러그인을 통해) OAuth 토큰이 획득한 스코프를 확인하고 일치되는 스코프가 하나라도 있는 경우 통과합니다.

PreviousPolicy PluginNextFilter

Last updated 4 years ago

Was this helpful?