0.1.2 • Published 1 year ago
accessctrl v0.1.2
AccessCtrl
AccessCtrl library to generate standard configuration based on the API resource comments to secure API access and also provide a method to verify that incoming request has the permission to access the resource or not.
License
Features
- ACL Configuration Generator
- Resource level Access Verification
Installation
npm i accessctrl --save
Usage/Examples
Generate Access configuration JSON
/**
* @apiType POST
* @apiKey Create User
* @apiPath /api/i/user
* @apiGroup User
* @apiPermission admin
*/
Parameter | Description |
---|---|
@apiType | Required. Methods GET, POST, PATCH, DELETE |
@apipKey | Unique Reference String |
@apiPath | Required. Resource Path |
@apiGroup | Required. Resource Group, unique Value |
@apiPermission | Required. comma seperated string e.g: admin,user,moderator |
Usage
const list = accessCtrl.generateACL({
source: "server/**/*.routes.js" //location of the routes/controller
});
Output
Generated Successfully
Verify JSON
Prerequisite
Need Role priority
const rank = [
{ role: "user", priority: 3 },
{ role: "moderator", priority: 2 },
{ role: "admin", priority: 1 },
];
Parameter | Description |
---|---|
userRole | Required. "user" |
requestPath | Required. '/api/i/article"' Current request resource path |
requestMethod | Required. "POST" Current Request method |
Usage
const accessCtrl = require("accessctrl");
const aclConfig = require("./acl.json");
accessCtrl.initAcl(rank, aclConfig)
const status = accessCtrl.verifyPermission( userRole, requestPath, requestMethod);
Output
true/false