The 37th day of eggjs learning notes: the second part of RBAC on the rights management of the post management system of eggjs

Keywords: Front-end Mongoose Database


1, Role addition, deletion, modification and query

① Create a new schema about role table, model > role.js Next new role.js , type the following code:

module.exports = app => {
  const mongoose = app.mongoose;
  const Schema = mongoose.Schema;

  var d = new Date();

  const RoleSchema = new Schema({
    title: { type: String },
    description: { type: String },
    status: { type: Number, default: 1 },
    add_time: {
      type: Number,
      default: d.getTime()

  return mongoose.model("Role", RoleSchema, "role");

② Create a new routing rule. The new role submission form will be called."/admin/role/doAdd", controller.admin.role.doAdd);

③ Add role form (add hidden field csrf validation)

<form action="/admin/role/doAdd" method="post">
         <input type='hidden' name="_csrf" value="<%=csrf%>"></input>
         <li>  Role name: <input type="text" name="title"/></li>
               Role description:<textarea name="description" id="" cols="60" rows="8"></textarea>
         <button type="submit" class="btn btn-default">Submit</button>


④ role controller print post data:

async doAdd() {

⑤ Add role form and click Submit

⑥ Execute the method of doAdd controller under role to print the data submitted by post

async doAdd() {

⑥ Change to the following logic: insert data into the database

async doAdd() {
    // console.log(this.ctx.request.body);
    let role = this.ctx.model.Role({
      title: this.ctx.request.body.title,
      description: this.ctx.request.body.description
    let result = await;
    await this.success("/admin/role", "Role added successfully");

⑦ As can be seen from the visualization tool, a piece of data is inserted into the database:

⑧ Modifying the controller executed by the role list page

async index() {
    let list = await this.ctx.model.Role.find({});
    // console.log(list);
    await this.ctx.render("admin/role/index", {

⑨ The controller of the role template page is modified as follows:

<table class="table table-bordered">
                                <tr class="th">
                                    <th>Role name</th>
                                    <th>Increase time</th>
                                <%for(var i = 0;i<list.length;i++){%>

                                        <td class="text-center">Modify delete</td>

⑩ After the character is added successfully, the data can be read out for page rendering:

11. Edit function modification button: access edit route, execute the edit method of controller, and pass an id to the next page.

 <td class="text-center">
      <a href="/admin/role/edit?id=<%=list[i]._id%>">modify</a>

12. The next page will query the form according to this id and make editing echo.

async edit() {
    let id =;
    let list = await this.ctx.model.Role.find({ _id: id });
    await this.ctx.render("admin/role/edit", { list });

13. Click submit to modify the form, then configure the modify route:"/admin/role/doEdit", controller.admin.role.doEdit);

14. doEdit performs the following logic: find the corresponding id to modify the data.

async doEdit() {
    let { _id, title, description } = this.ctx.request.body;
    let result = await this.ctx.model.Role.updateOne(
      { _id },
      { title, description }
    if (result) {
      await this.success("/admin/role", "Edit role succeeded");
    } else {
      await this.error("/admin/role", "Failed to edit role");



16. If you want to delete, you need to take an id to perform the deletion. Tomorrow, you need to encapsulate the public deletion method. Broken sleep.

Posted by 555sandy on Sun, 24 May 2020 08:29:45 -0700