@debugger_supreme/rbac v1.0.8

@debugger_supreme/rbac

A reusable RBAC (Role-Based Access Control) library for Mambu API interactions and permissions management.

Installation

npm install @debugger_supreme/rbac

Usage

Basic Static Configuration

const { initialize } = require("@debugger_supreme/rbac");

// Initialize with static config
const rbac = initialize({
  mambu: {
    baseUrl: process.env.MAMBU_URL,
    apiKey: process.env.MAMBU_API_KEY,
  },
  permissions: {
    baseUrl: process.env.PERMISSIONS_URL,
    apiKey: process.env.PERMISSIONS_AUTH,
  },
});

// Use in Express routes
app.post(
  "/reports",
  auth,// your auth middleware that sets the mambuData obj
  rbac.rbac("uploadDepositFile"), // RBAC middleware
  async (req, res) => {
    // Your route handler
  }
);

Dynamic Configuration

For multi-tenant applications where Mambu configuration varies by subscription and environment:

1. First, create your config utility:

// config/mambuConfig.js
const config = {
  platinumkenya: {
    sandbox: {
      baseUrl: "https://platinumkenya.sandbox.mambu.com/api",
      apiKey: process.env.mambu_platinumkenya_sandbox_api_key,
    },
    production: {
      baseUrl: "https://platinumkenya.mambu.com/api",
      apiKey: process.env.mambu_platinumkenya_production_api_key,
    },
  },
  // Add more subscriptions as needed
};

/**
 * Get Mambu configuration based on subscription and environment
 * @param {object} params
 * @param {string} params.sub - Subscription name (e.g. "platinumkenya")
 * @param {string} params.mambu_env - Environment ("sandbox" or "production")
 * @returns {{ baseUrl: string, apiKey: string }}
 */
function getConfig({ sub = "platinumkenya", mambu_env = "sandbox" }) {
  return config[sub][mambu_env];
}

module.exports = getConfig;

2. Create an auth middleware that sets required Mambu data:

// middleware/auth.js
const auth = (req, res, next) => {
  // Extract data from token/headers/etc
  const { userId, base_url, mambu_env, sub } = extractMambuUser(
    req.header("mambuUser")
  );

  // Set on request object
  req.mambuData = {
    userId,
    base_url,
    mambu_env,
    sub,
  };

  next();
};

3. Use dynamic config in routes:

const getConfig = require("./config/mambuConfig");

app.post(
  "/reports",
  auth, // Add auth middleware first
  rbac.rbac("uploadDepositFile").useConfig(getConfig),
  (req, res) => {
    // Your handler
  }
);

The library will:

1. Extract sub and mambu_env from req.mambuData
2. Call your config function with these values
3. Use the returned config for that specific request

API Reference

initialize(config)

Initializes the library with configuration.

const rbac = initialize({
  mambu: {
    baseUrl: "https://api.mambu.com",
    apiKey: "your-mambu-api-key",
  },
  permissions: {
    baseUrl: "https://permissions-api.example.com",
    apiKey: "your-permissions-api-key",
  },
});

rbac(action).useConfig(configFactory)

Adds dynamic configuration to a route. The config factory must return { baseUrl, apiKey }.

rbac.rbac("action").useConfig(({ sub, mambu_env }) => ({
  baseUrl: `https://${sub}.${mambu_env}.mambu.com/api`,
  apiKey: "your-key",
}));

MambuClient

Client for interacting with Mambu API.

• getUser(encodedKey): Get user details
• getLoan(id): Get loan details
• getLoanSchedule(loanAccountId): Get loan schedule
• getClientDeposits(accountHolderKey): Get client deposits
• getDepositTransactions(accountId): Get deposit transactions

PermissionsClient

Client for handling permissions.

• authorize(action, username): Authorize a user action

Development

# Install dependencies
npm install

# Run tests
npm test

# Build
npm run build

License

MIT

publish npm

npm publish --access public