@mikield/adonis-user-policy NPM

Adonis User Policy (Authorization). This is a trait wich adds can and canNot methods to User Model (or other class :smile:)

🏠 Homepage

Install

adonis install @mikield/adonis-user-policy

This package relies on https://github.com/mikield/adonis-true-traits which is included when installing the user policy package. You need to register its provider in `start/app.js`

const providers = [
  ...,
  '@mikield/adonis-true-traits'
]

Usage

Mix `User` model class with a `PolicyTrait` class

'use strict'

const Model = use('Model')
const PolicyTrait = use('@mikield/adonis-user-policy')

class User extends Model {
  ...
}

module.exports = mix(User).with(PolicyTrait)

If you want to create user related policy checks, for example `user.can('createPosts')` — then, for example:

Create a Policy `User.js` under `app\Policies` folder.

'use strcit'

class User {
    static createPosts(user) {
       return !user.roles.contains('create-post') //We can check a user role for example
    }
}

module.exports = Post

And attach it to `User` model.

'use strict'

const Model = use('Model')
const PolicyTrait = use('@mikield/adonis-user-policy')

class User extends Model {

  //User policy
  static get policy(){
    return 'App/Policies/User'
  }

}

module.exports = mix(User).with(PolicyTrait)

Or if you want to check access based on another model — then, for example:

Create a Policy `Post.js` under `app\Policies` folder.

'use strcit'

class Post {

    static add(user, post) { //In this case the post will be a class and not a instance
       return !user.banned //User can create a Post if it is not banned
    }

    static edit(user, post){ //In this case the post will be a instance and not a class
       return post.owner.id === user.id //Only the owner of the post can edit the post
    }
}

module.exports = Post

Next register a Policy in other `Post` model.

'use strict'

const Model = use('Model')

class Post extends Model {

  //Post policy
  static get policy(){
    return 'App/Policies/Post'
  }

}

module.exports = Post

On a User instance call `can` or `canNot` function.

Without `Post` model.

const User = use('App/Models/User')

Route.get('/test-user-policy', async () => {
  const user = await User.find(1)

  if(user.can('createPost')) {
    ...
  }

  if(user.canNot('createPost')) {
    ...
  }
})

With `Post` model.

const User = use('App/Models/User')
const Post = use('App/Models/Post')

Route.get('/test-user-policy', async () => {
  const user = await User.find(1)
  
  if(user.can('add', Post)){
    ...
  }

  if(user.canNot('add', Post)){
    ...
  }
})

With `Post` instance (existing Post object).

const User = use('App/Models/User')
const Post = use('App/Models/Post')

Route.get('/test-user-policy', async () => {
  const user = await User.find(1)
  const post = await Post.find(1)

  if(user.can('edit', post)) {
    ...
  }

  if(user.canNot('edit', post)) {
    ...
  }
})

Author

👤 Vladyslav Gaysyuk

Website: https://mikield.rocks
Twitter: @AdmiralMiki
Github: @mikield
LinkedIn: @mikield

🤝 Contributing

Contributions, issues and feature requests are welcome!Feel free to check issues page. You can also take a look at the contributing guide.

Show your support

Give a ⭐️ if this project helped you!

📝 License

This README was generated with ❤️ by readme-md-generator

AdonisJS Policy Authorization

@mikield/adonis-true-traits

@infinitebrahmanuniverse/nolb-_mik @everything-registry/sub-chunk-604

0.1.1

4 years ago

0.1.0

4 years ago

0.0.5

7 years ago

🏠 Homepage

Install

This package relies on https://github.com/mikield/adonis-true-traits which is included when installing the user policy package. You need to register its provider in start/app.js

Usage

Mix User model class with a PolicyTrait class

If you want to create user related policy checks, for example user.can('createPosts') — then, for example:

Create a Policy User.js under app\Policies folder.

And attach it to User model.