0.0.3 • Published 8 years ago

flexappeal-acl v0.0.3

Weekly downloads
2
License
MIT
Repository
github
Last release
8 years ago

Registering the plugin:

Options arguments

actions: Object
role: Function|String -> String
import actions from './actions';

const roleFn = (req) => {
  return db.getRole(req.auth.credentials) === 'admin') {
    return roles.admin;
  }
  
  return roles.employee;
}

server.register({
  register: require('flex-acl'),
  options: { actions, role: roleFn },
});

Defining the actions:

Action can contain the following properties:

type ActionType {
  role: String,
  validate: Function -> Boolean
}

action: Array<String>|ActionType

Example:

const actions = {
  'create-exchange': ['employee', 'admin']
  'delete-exchange': {
    role: 'admin',
    validate: (user, exchange) => {
      return exchange.userId === user.id;
    },
  },
};

Helpers:

You can use the can helper to validate if the user is allowed to execute the action. It will return a boolean.
can(user, action: String, itemToValidate: Object) -> Boolean

const handler = (req, reply) => {
  const exchange = db.getExchange(req.params.id);

  if (!can(req.auth.credentials, 'delete-exchange', exchange)) {
    return reply('User cannot delete exchange.');
  }
  
  return reply('Exchange deleted.');
}

This is the same as the can helper, but will throw an error when the result will be false.
check(user, action: String, itemToValidate: Object) -> Error|void

const handler = (req, reply) => {
  const exchange = db.getExchange(req.params.id);
  
  try {
    check(req.auth.credentials, 'delete-exchange', exchange);
  
    return reply('Exchange deleted.');
  } catch (err) {
    return reply('User cannot delete exchange.');
  }
}
aclauthorizationpermissions
@everything-registry/sub-chunk-1681@infinitebrahmanuniverse/nolb-flehapi-acl-plugin@zalastax/nolb-fle
0.0.3

8 years ago

0.0.2

8 years ago

0.0.1

8 years ago