1.0.4 • Published 5 years ago

acl-specifier v1.0.4

Weekly downloads
6
License
ISC
Repository
github
Last release
5 years ago

This is an access controller that can be used by an API in order to limit access for specific roles

Refer to the Github repository: https://github.com/Abdo-A/access-controller

import acl from 'acl-specifier';

// create different roles
acl.createRole('employee');
acl.createRole('teacher');
acl.createRole('student');

// set access rules for each role
import { a, an } from 'acl-specifier';
// teacher can list all papers
a('teacher').can('get').from('/papers');
// teacher can create a paper
a('teacher').can('post').to('/papers');
// student can post a paper only when it's his data
a('student').can('post').to('/papers/:paperId').when((params, user) =>
user.id === params.paperId);
// employee can list all papers
an('employee').can('get').from('/papers');

// check
import { check } from 'acl-specifier';
check.if('teacher').can('post').to('/papers'); // true
check.if('teacher').can('patch').to('/papers'); // false
check.if('student').can('post').to('/papers/10').when({ id: 10 }); // true

Hint: When you are checking for accessibility (using the 'check' method) and you want to stop at a method lower than that specified while setting access rules, you can use the getResult chained method For example:

check.if('student').can('post').to('/papers/10').when({ id: 10 }); // true
check.if('student').can('post').to('/papers/10').getResult(); // also true
@everything-registry/sub-chunk-1093@zalastax/nolb-acl
1.0.4

5 years ago

1.0.3

5 years ago

1.0.2

5 years ago

1.0.1

5 years ago

1.0.0

5 years ago