0.1.1 ā¢ Published 4 years ago
@mikield/adonis-user-policy v0.1.1
Adonis User Policy (Authorization). This is a trait wich adds
can
andcanNot
methods to User Model (or other class :smile:)
š Homepage
Install
adonis install @mikield/adonis-user-policy
This package relies on https://github.com/mikield/adonis-true-traits which is included when installing the user policy package. You need to register its provider in start/app.js
const providers = [
...,
'@mikield/adonis-true-traits'
]
Usage
Mix User
model class with a PolicyTrait
class
'use strict'
const Model = use('Model')
const PolicyTrait = use('@mikield/adonis-user-policy')
class User extends Model {
...
}
module.exports = mix(User).with(PolicyTrait)
If you want to create user related policy checks, for example user.can('createPosts')
ā then, for example:
Create a Policy User.js
under app\Policies
folder.
'use strcit'
class User {
static createPosts(user) {
return !user.roles.contains('create-post') //We can check a user role for example
}
}
module.exports = Post
And attach it to User
model.
'use strict'
const Model = use('Model')
const PolicyTrait = use('@mikield/adonis-user-policy')
class User extends Model {
//User policy
static get policy(){
return 'App/Policies/User'
}
}
module.exports = mix(User).with(PolicyTrait)
Or if you want to check access based on another model ā then, for example:
Create a Policy Post.js
under app\Policies
folder.
'use strcit'
class Post {
static add(user, post) { //In this case the post will be a class and not a instance
return !user.banned //User can create a Post if it is not banned
}
static edit(user, post){ //In this case the post will be a instance and not a class
return post.owner.id === user.id //Only the owner of the post can edit the post
}
}
module.exports = Post
Next register a Policy in other Post
model.
'use strict'
const Model = use('Model')
class Post extends Model {
//Post policy
static get policy(){
return 'App/Policies/Post'
}
}
module.exports = Post
On a User instance call can
or canNot
function.
Without Post
model.
const User = use('App/Models/User')
Route.get('/test-user-policy', async () => {
const user = await User.find(1)
if(user.can('createPost')) {
...
}
if(user.canNot('createPost')) {
...
}
})
With Post
model.
const User = use('App/Models/User')
const Post = use('App/Models/Post')
Route.get('/test-user-policy', async () => {
const user = await User.find(1)
if(user.can('add', Post)){
...
}
if(user.canNot('add', Post)){
...
}
})
With Post
instance (existing Post object).
const User = use('App/Models/User')
const Post = use('App/Models/Post')
Route.get('/test-user-policy', async () => {
const user = await User.find(1)
const post = await Post.find(1)
if(user.can('edit', post)) {
...
}
if(user.canNot('edit', post)) {
...
}
})
Author
š¤ Vladyslav Gaysyuk
- Website: https://mikield.rocks
- Twitter: @AdmiralMiki
- Github: @mikield
- LinkedIn: @mikield
š¤ Contributing
Contributions, issues and feature requests are welcome!Feel free to check issues page. You can also take a look at the contributing guide.
Show your support
Give a āļø if this project helped you!
š License
Copyright Ā© 2020 Vladyslav Gaysyuk. This project is MIT licensed.
This README was generated with ā¤ļø by readme-md-generator