1.1.0 • Published 2 years ago

@softnetics/rbac v1.1.0

Weekly downloads
-
License
Apache-2.0
Repository
github
Last release
2 years ago

rbac

O(1) type safe role based access control

Usage

create a policy

const policy = createPolicy({
  name: 'todo',
  permissions: {
    todo: ['create', 'read', 'update', 'delete'],
    comment: ['create', 'read', 'update'],
  },
  roles: {
    viewer: ['todo.read', 'comment.read'],
    editor: ['todo.create', 'todo.update', 'comment.create', 'comment.update'],
  },
})

permissions are defined as a map of resource to actions roles are defined as a map of role to permissions

you also can use * to match all resources and actions

createPolicy({
  name: 'todo',
  permissions: {
    todo: ['create', 'read', 'update', 'delete'],
    comment: ['create', 'read', 'delete'],
  },
  roles: {
    viewer: ['todo.read', 'comment.read'],
    editor: ['todo.*', 'comment.delete'],
    admin: '*',
  },
})

create a identity

const identity = createIdentity({
  policies: [policy],
  identities: {
    student: ['todo.viewer'],
    teacher: ['todo.editor', 'todo.viewer'],
  },
})

identities are defined as a map of identity to roles

enforce a permission

identity.enforce('student', ['todo.todo.read']) // true
identity.enforce('student', ['todo.todo.create']) // false
1.1.0

2 years ago

1.0.1

2 years ago

1.0.0

2 years ago