I started tinkering with Sails.js recently and I wish to use it for production for my projects and as a mobile backend. In Sails.js docs, in the blueprint api it says that the create method call should be of POST type here https://sailsjs.com/documentation/reference/blueprint-api/create.
But even with GET request, record gets created. How to disable create feature when the request is of GET type..?
On
If you want to completely disable the BLUEPRINT API, you might take a look at config/blueprints.js.
But you can create a police to just limit the access of it by doing something like this in 'policies.js':
UserController : {
'thisispublic' : true,
'thisisnot' : false,
'create' : ['hasAdminToken'],
'update' : ['hasAdminToken'],
'destroy' : ['hasAdminToken'],
}
Note that some actions are implied in the controller - even if you dont have a "create" function, it will be there provided by your model when it exists...
Like @paulogdm, I was surprised that your GET was creating records. But I found the doc - it is a "shortcut" route in sails, and can be disabled. The docs are here.
In your
/config/blueprints.jsfile, you need to add: