0.4.4 • Published 10 months ago
@microloop/acl-global v0.4.4
@microloop/acl-global
A extension library for @bleco/acl to simplify global roles usage
Installation
NPM:
npm install @microloop/acl-global
Yarn:
yarn add @microloop/acl-global
Usage
- Mixin the entity with
AclAppRelModelMixin
import {entity} from '@bleco/repo';
// !!! IMPORTANT !!!
// Using @entity decorator to replace @model decorator for inheritance relations
@entity()
export class SomeEnitty extends AclAppRelModelMixin(Entity) {
// ...
}
- Mixin the repository with
AclAppRelRepositoryMixin
export class SomeRepository extends AclAppRelRepositoryMixin<
SomeEnitty,
typeof SomeEnitty.prototype.id,
SomeEnittyRelations,
Constructor<QueryEnhancedCrudRepository<SomeEnitty, typeof SomeEnitty.prototype.id, SomeEnittyRelations>>
>(QueryEnhancedCrudRepository) {
constructor(
@inject('datasources.db')
dataSource: juggler.DataSource,
// Required
@repository.getter('AclAppRepository')
public getAclAppRepository: Getter<AclAppRepository>,
) {
super(SomeEnitty, dataSource);
}
}
- Define the custom entity policy and the global app policy
app.policy.ts
// Define the global app policy
export const AppRoles = {
admin: 'admin',
user: 'user',
};
export type AppRoles = keyof typeof AppRoles;
export const AppPolicy = defineResourcePolicy({
model: AclApp,
roles: ['admin', 'member'],
});
some.policy.ts
// Define the custom entity policy
export const SomePolicy = defineResourcePolicy({
model: SomeEntity,
roles: ['owner', 'member'],
relations: ['$app'],
actions: ['read', 'create', 'delete'],
roleActions: {
owner: ['create', 'delete'],
member: ['read'],
},
roleDerivations: {
owner: ['$app.admin'],
member: ['owner'],
},
});
- Granting and authorizing
import {GlobalApp} from '@microloop/acl-global';
import {Acl, AclBindings} from '@bleco/acl';
const acl = await app.get<Acl>(AclBindings.ACL);
const roleMappingService = await app.get<AclRoleMappingService>(AclBindings.ROLE_MAPPING_SERVICE);
// Create a custom resource associating with the global app
const someResource = await someRepo.create({$appId: GlobalApp.id /*...*/});
// Grant app admin to someUser
await roleMappingService.add(someUser, AppRoles.admin, GlobalApp);
// Authorize someUser to create someEntity
await acl.authorize(someUser, 'create', someResource); // -> OK
await acl.authorize(someUser2, 'create', someResource); // -> Forbidden
License
Licensed under the MIT license.
0.4.4
10 months ago
0.4.3
10 months ago
0.4.2
10 months ago
0.4.1
10 months ago
0.3.0
12 months ago
0.2.7
12 months ago
0.2.6
12 months ago
0.2.8
12 months ago
0.3.2
11 months ago
0.4.0
11 months ago
0.3.1
11 months ago
0.2.5
1 year ago
0.1.20
1 year ago
0.1.21
1 year ago
0.2.1
1 year ago
0.2.0
1 year ago
0.1.16
1 year ago
0.1.17
1 year ago
0.1.18
1 year ago
0.1.19
1 year ago
0.2.3
1 year ago
0.2.2
1 year ago
0.2.4
1 year ago
0.1.14
1 year ago
0.1.15
1 year ago
0.1.12
1 year ago
0.1.13
1 year ago
0.1.8
2 years ago
0.1.7
2 years ago
0.1.6
2 years ago
0.1.5
2 years ago
0.1.4
2 years ago
0.1.3
2 years ago
0.1.2
2 years ago
0.1.1
2 years ago