我正在一个自制的RBAC系统上快速的NodeJS基于两个层面:快速的NodeJS多个回调错误
- 首先,验证用户是否具有执行此操作的权限的角色。
- 其次,验证用户是否有正确的计划来执行此操作。
,我创建这样的中间件:
exports.can = function (resource, action) {
return function (request, response, next) {
action = action || request.method;
if (!request.user) {
return next(new errors.UnauthorizedError());
}
request.user.can(request.user.role, request.user.currentPack, resource, action, function (can, error) {
if (error) return next(error);
if (!can) {
return next(new errors.UnauthorizedError());
}
return can;
});
return next();
};
};
我加入到我的用户模型,这个方法:
const rbac = new RBAC(rbacJson);
const pack = new PACK(packJson);
schema.method('can', function (role, userPack, resource, action, next) {
let can = false;
action = action.toUpperCase();
can = rbac.can(role, resource, action);
if (can) {
can = pack.can(userPack, resource, action, function (can) {
return next(can);
});
}
return next(can);
});
在我的方法pack.can(......)我需要执行这样的猫鼬查询:
PACK.prototype.can = function (pack, resource, action, next) {
let can = true;
// some sequantial code
Trader.count({/* some conditions */}, function (err, count) {
if(count == 0) return next(true);
return next(false);
});
return can;
};
我的问题是当返回猫鼬查询是下一个(假的),我有这样的错误:
Error: Can't set headers after they are sent.
at ServerResponse.OutgoingMessage.setHeader (_http_outgoing.js:356:11)
at ServerResponse.header (/home/invoice/node_modules/express/lib/response.js:730:10)
at ServerResponse.send (/home/invoice/node_modules/express/lib/response.js:170:12)
at ServerResponse.json (/home/invoice/node_modules/express/lib/response.js:256:15)
at ServerResponse.response.apiResponse (/home/invoice/server/config/middlewares/api.js:10:14)
at /home/invoice/server/controllers/api/invoice/traders.js:130:21
at /home/invoice/node_modules/mongoose/lib/model.js:3835:16
at /home/invoice/node_modules/mongoose/lib/services/model/applyHooks.js:162:20
at _combinedTickCallback (internal/process/next_tick.js:73:7)
at process._tickDomainCallback (internal/process/next_tick.js:128:9)
经过调查,我发现该错误可能是由于双回拨电话:
can = pack.can(userPack, resource, action, function (can) { return next(can); });
return next(new errors.UnauthorizedError());
但我不知道如何解决这个问题。 我希望我能很好的解释我的问题。
谢谢你很多为你的解释。你所描述的片段'obj.doSomething(function(){next}(); // next 1 }); return next();' 是非常有帮助的。 “在某些地方,你的代码似乎不清楚它是试图同步还是异步”为了回答你的问题,我也有点困惑,因为我还没有真正理解异步的概念。 – medKHELIFI