@moostjs/arbac NPM

@moostjs/arbac

Advanced Role-Based Access Control (ARBAC) integration for MoostJS, enabling seamless authorization management with @prostojs/arbac while leveraging Moost's dependency injection and metadata-driven event processing capabilities.

Features

MoostJS Integration – Provides decorators and utilities for enforcing access control.
Role & Scope-Based Authorization – Supports fine-grained access control based on user roles and attributes.
Dependency Injection Support – Utilizes MoostJS's DI system for injecting ARBAC services.
Easy Decorators – Define resource-based access rules with simple decorators.

Installation

npm install @moostjs/arbac

or using pnpm:

pnpm i @moostjs/arbac

Quick Start

Setup `MoostArbac`

To integrate ARBAC into your MoostJS application, define an instance of MoostArbac, register roles, and provide it as a dependency.

import { createProvideRegistry } from 'moost'
import { MoostArbac } from '@moostjs/arbac'
import * as roles from './roles'
import type { TRoleScope, TUserAttrs } from './types'

export const ArbacProvideRegistry = createProvideRegistry([
  MoostArbac,
  () => {
    const instance = new MoostArbac<TUserAttrs, TRoleScope>()
    for (const role of roles) {
      instance.registerRole(role)
    }
    return instance
  },
])

Define a Custom User Provider

To integrate user attributes and roles dynamically, replace the generic ArbacUserProvider with an application-specific implementation.

import { createReplaceRegistry } from 'moost'
import { ArbacUserProvider } from '@moostjs/arbac'
import { CustomUserProvider } from './custom-user-provider'

export const ArbacReplaceRegistry = createReplaceRegistry([ArbacUserProvider, CustomUserProvider])

Register ARBAC in Moost Application

import { App } from 'moost'
import { ArbacProvideRegistry, ArbacReplaceRegistry } from './arbac-setup'

const app = new App()
app.setProvideRegistry(ArbacProvideRegistry)
app.setReplaceRegistry(ArbacReplaceRegistry)

Protect Routes with `@Authorized()`

import { Authorized, Public } from '@moostjs/arbac'
import { Controller, Get } from 'moost'

@Controller('/data')
@ArbacAuthorized()
export class DataController {
  @Get()
  getProtectedData() {
    return { data: 'secured' }
  }

  @Get('/public')
  @ArbacPublic()
  getPublicData() {
    return { data: 'open' }
  }
}

API

`MoostArbac<TUserAttrs, TScope>`

Extends @prostojs/arbac and integrates with MoostJS DI.

`ArbacUserProvider<TUserAttrs>`

Abstract class for defining user-related access control logic.

`@ArbacAuthorized()`

Method decorator to enforce ARBAC checks.

`@ArbacPublic()`

Marks a route as publicly accessible, bypassing authorization.

`useArbac()`

Composable function for evaluating access control dynamically.

License

MIT

moost moostjs arbac rbac abac access control

@wooksjs/event-http @prostojs/arbac moost

0.5.29

6 months ago

0.5.28

6 months ago

0.5.27

9 months ago

@moostjs/arbac

Features

Installation

Quick Start

Setup MoostArbac

Define a Custom User Provider

Register ARBAC in Moost Application

Protect Routes with @Authorized()

API

MoostArbac<TUserAttrs, TScope>

ArbacUserProvider<TUserAttrs>

@ArbacAuthorized()

@ArbacPublic()

useArbac()