0.1.2 • Published 1 year ago
accessctrl v0.1.2
AccessCtrl
AccessCtrl library to generate standard configuration based on the API resource comments to secure API access and also provide a method to verify that incoming request has the permission to access the resource or not.
License
Features
- ACL Configuration Generator
- Resource level Access Verification
Installation
npm i accessctrl --saveUsage/Examples
Generate Access configuration JSON
/**
* @apiType POST
* @apiKey Create User
* @apiPath /api/i/user
* @apiGroup User
* @apiPermission admin
*/| Parameter | Description |
|---|---|
| @apiType | Required. Methods GET, POST, PATCH, DELETE |
| @apipKey | Unique Reference String |
| @apiPath | Required. Resource Path |
| @apiGroup | Required. Resource Group, unique Value |
| @apiPermission | Required. comma seperated string e.g: admin,user,moderator |
Usage
const list = accessCtrl.generateACL({
source: "server/**/*.routes.js" //location of the routes/controller
});Output
Generated SuccessfullyVerify JSON
Prerequisite
Need Role priority
const rank = [
{ role: "user", priority: 3 },
{ role: "moderator", priority: 2 },
{ role: "admin", priority: 1 },
];| Parameter | Description |
|---|---|
| userRole | Required. "user" |
| requestPath | Required. '/api/i/article"' Current request resource path |
| requestMethod | Required. "POST" Current Request method |
Usage
const accessCtrl = require("accessctrl");
const aclConfig = require("./acl.json");
accessCtrl.initAcl(rank, aclConfig)
const status = accessCtrl.verifyPermission( userRole, requestPath, requestMethod);Output
true/false