ACL模型连接规则与受保护的资源. 系统将权限授予 principals (users 或者 applications, 都能被归属到 roles).
Page Contents

所有端点的ACL REST API都继承了PersistedModel REST API(PersistedModel-REST-API.html)。这里提供的引用是为了方便。

默认情况下,ACL REST API不暴露。models.json可以暴露出它,添加以下:

"acl": {
  "public": true,
  "options": {
    "base": "ACL"
  "dataSource": "db"


URI Pattern

HTTP Verb 默认 Description Arguments




Add ACL instance and persist to data source.

JSON 对象 (in request body)
/acls GET 拒绝 Find instances of ACLs that match specified filter.

查询参数中一个或多个筛选条件 :

  • where
  • include
  • order
  • limit
  • skip / offset
  • fields
/acls PUT 拒绝 Update / insert ACL instance and persist to data source. JSON object (in request body)
/acls/id GET 拒绝 Find ACL by ID: Return data for the specified ACL instance ID. id, ACL 实例ID (in URI path)
/acls/id PUT 拒绝 Update attributes for specified ACL ID and persist.

查询 参数:

  • data - An object containing property name/value pairs
  • id - The model id
/acls/id DELETE 拒绝 Delete ACL with specified instance ID. id, acls ID (in URI path)
/acls/id/exists GET 拒绝

检查实例是否存在: 如果存在,返回 true .

URI path:

  • id - Model 实例 ID
/acls/count GET 拒绝

Return the number of ACL instances that matches specified where clause.

Where 查询条件
/acls/findOne GET 拒绝

Find first ACL instance that matches specified filter.

Same as Find matching instances.