2.1.0 • Published 9 months ago

rbac-ts v2.1.0

Weekly downloads
-
License
MIT
Repository
github
Last release
9 months ago

This is a typescript port of @rbac/rbac

npm version

  • ⏱ Lightweight
  • 🔥 Blazing Fast
  • ⚡️️ Zero dependency

Features

  • Focused on operations
  • Scalable
  • Each role is given specific access rights for every operation
  • High granularity in assigning rights

Thanks

Thanks to Karl Düüna (DeadAlready) and his awesome post on medium

Getting Started

Install

pnpm: pnpm add rbac-ts yarn: yarn add rbac-ts npm: npm i rbac-ts

RBAC is a curried function thats initially takes an object with configurations, then returns another function that takes an object with roles, finally returns an object that holds "can" property that is a function.

You can use it in many ways, below is one of them:

Setup RBAC config

step 01

PropertyTypeParamsDefaultDescription
loggerFunctionrole: Stringoperation: Stringresult: BooleandefaultLoggerFunction that logs operations to console
enableLoggerBooleantrueEnable or disable logger

Creating some roles

step 02

RBAC expects an object with roles as property names.

PropertyTypeExampleDescription
canArray['products:*']Array of strings, list of operations that user can do, since 1.1.0 also support glob
whenFunction or Promise(params , done ) => done (null , true )Optional Promise that should resolve in Truthy or Falsy or Callback function that receives params and done as properties, should return done passing errors, and result
inheritsArray['user']Optional Array of strings, list of roles inherited by this role
IMPORTANT! "when" property should be either a Callback function that receives params and done or a Promise that should resolve in Truthy or Falsy values. Example:
const roles = {
  supervisor: {
    can: [{ name: 'products:find', when: (params, done) => {
      // done receives error as first argument and Truthy or Falsy value as second argument
      done(error, false);
    }}]
  },
  admin: {
    can: [{name: 'products:*', when: new Promise((resolve) => {
      resolve(true);
    })}]
  }
};

Check if user can do some operation

step 03

ParamTypeExampleDescription
FirstString'admin'Array of strings, list of operations that user can do
SecondString, Glob (Wildcard), Regex'products:find'Operation to validate
ThirdAny{registered: true}Optional Params that will flow to "when" callback Function

Want more? Check out the examples folder.

Roadmap

  • Wildcard support
  • Regex support
  • Update roles in runtime

Contributing

Contributions are welcome!

  1. Build RBAC
  • Run yarn install to get RBAC's dependencies
  • Run yarn build to produce minified version of RBAC.
  1. Development mode
  • Having all the dependencies installed run yarn dev. This command will generate a non-minified version of your library and will run a watcher so you get the compilation on file change.
  1. Running the tests
  • Run yarn test
  1. Scripts
  • yarn build - produces production version of your library under the lib folder
  • yarn dev - produces development version of your library and runs a watcher
  • yarn test - well ... it runs the tests :)
  • yarn test:watch - same as above but in a watch mode

License

This project is under MIT License https://opensource.org/licenses/MIT

rbacauthorizationhierarchicalprivacyrolesecuritypermissionacl
2.1.0

9 months ago

2.0.0

9 months ago

1.1.0

9 months ago