0.0.8 • Published 2 years ago
koa-acl2-swagger v0.0.8
Koa-ACL-Swagger
NOTICE: can not be used in production
a role base access controller and working with swagger (named OpenAPI now)
In YAML file, add x-resource option to each path. when a user visit this url, the middleware will check the permission based on resource name and HTTP method. like "user test-user have the permission post of the resource pets". so you should set role-base permission before.
see demo in examples/app
Install
Node.js >= 6.x && Koa >= 2.x
npm install koa-acl-swagger
Usage
import Koa from 'koa'
import Acl from 'koa-acl-swagger'
const app = new Koa()
const acl = new Acl({
store: {
type: 'redis',
client: aclStore,
prefix: 'examples:app:'
},
getUserId: async (ctx)=> {
return 'test'
},
api: {
dir: path.join(__dirname, './api.yaml'),
skip: 1
}
})
// init permissions by acl
// ....
app.use(acl.getMiddleware())
app.listen(3000)Class
AclSwagger
params
store
{
type {string} database type. redis | mongodb | memory can be used, default: memory
client {object} database client
prefix {string} saved prefix
}
getUserId {async-function} return user id for check permission
, the arguments include current koa context object
api
{
dir {string} api.yaml file direction
skip {number} number of components in the url to be ignored for checking
filter {function} return false when you don't want this url be checked
, the arguments include current `url` and `method`
}
error {json-object} replace the default error message
, default:
{
"NO_PERMISSION": "no permission",
"NO_AUTH": "no auth",
"UNKNOWN": 'unknown error'
}Methods
getMiddleware()
return a middleware for koa@2.x
Acl module Async function
convert acl module functions to async style (translate by bulebird). like addUserRolesAsync allowAsync isAllowedAsync ...
allRolesAsync()
return all roles (async style)
removeUserAllRolesAsync(userId)
remove all roles from a given user (async style), and return true if removed