0.1.3 • Published 5 years ago

role-based-access-control v0.1.3

Weekly downloads
2
License
MIT
Repository
github
Last release
5 years ago

role-based-access-control

npm GitHub npm type definitions GitHub stars

unopinionated role based access control

Please ★ this repo if you found it useful ★ ★ ★

Features

  • unopinionated
  • supports multiple roles
  • supports custom policies

Installation

npm install --save role-based-access-control

Dependencies

Usage

Import role-based-access-control

import { Policy, Role, Statement, Subject } from 'role-based-access-control';

Create statements

const statements = {
  readFile: new Statement('read', 'file'),
  readFolder: new Statement('read', 'folder'),
  removeFile: new Statement('remove', 'file'),
  removeFolder: new Statement('remove', 'folder'),
  writeFile: new Statement('write', 'file'),
  writeFolder: new Statement('write', 'folder')
};

Create policies from statements

const policies = {
  readFile: new Policy('readFile', [statements.readFile]),
  readFolder: new Policy('readFolder', [statements.readFolder]),
  removeFile: new Policy('removeFile', [statements.removeFile]),
  removeFolder: new Policy('removeFolder', [statements.removeFolder]),
  writeFile: new Policy('readFile', [statements.writeFile]),
  writeFolder: new Policy('readFolder', [statements.writeFolder]),
  readAll: new Policy('readAll', [statements.readFile, statements.readFolder]),
  removeAll: new Policy('removeAll', [
    statements.removeFile,
    statements.removeFolder
  ]),
  writeAll: new Policy('readAll', [
    statements.writeFile,
    statements.writeFolder
  ]),
  allFiles: new Policy('allFiles', [
    statements.readFile,
    statements.writeFile,
    statements.removeFile
  ]),
  allFolders: new Policy('allFolders', [
    statements.readFolder,
    statements.writeFolder,
    statements.removeFolder
  ])
};

Create roles from policies

const roles = {
  visitor: new Role('visitor', [policies.readAll]),
  user: new Role('user', [policies.readAll, policies.writeAll]),
  admin: new Role('admin', [policies.allFiles, policies.allFolders])
};

Assign roles to subjects

const someVisitor = new Subject('someVisitor', [roles.visitor]);
const someAdmin = new Subject('someVisitor', [roles.admin]);

Check if subject can execute statement

someVisitor.can(statements.readFile); // true
someVisitor.can(statements.deleteFile); // false

someAdmin.can(statements.readFile); // true
someAdmin.can(statements.deleteFile); // true

Support

Submit an issue

Roadmap

  • Support role inheritance
  • Support blocking statements
  • Support resource ownership
  • Support role tagging

Contributing

Review the guidelines for contributing

License

MIT License

Jam Risser © 2018

Changelog

Review the changelog

Credits

Support on Liberapay

A ridiculous amount of coffee ☕ ☕ ☕ was consumed in the process of building this project.

Add some fuel if you'd like to keep me going!

Liberapay receiving Liberapay patrons

role-based-access-controlrbacrolebasedaccesscontrolaccess-control
@types/lodash@types/nodelodash
@infinitebrahmanuniverse/nolb-role@everything-registry/sub-chunk-2679
0.1.3

5 years ago

0.1.2

5 years ago

0.1.1

5 years ago

0.1.0

5 years ago

0.0.2

5 years ago

0.0.1

5 years ago