sails-hook-clearance v0.0.1

sails-hook-clearance

A Sails.js hook for managing role-based access control (RBAC) with numeric clearance levels.

Installation

npm install sails-hook-clearance

Configuration

Create config/clearance.js in your Sails.js app:

module.exports.clearance = {
  roles: {
    guest: 0,
    user: 1,
    admin: 2,
    superadmin: 3
  },
  permissions: {
    'admin/*': { level: 2 },
    'api/v1/users/create': { level: 2 },
    'api/v1/posts/*': { level: 1 }
  }
}

Setup has-clearance Policy

Create the file api/policies/has-clearance.js and add the following code:

module.exports = function (req, res, next) {
  return sails.hooks.clearance.check(req, res, next)
}

Usage

// config/policies.js
module.exports.policies = {
  'admin/*': 'has-clearance',
  'api/v1/*': 'has-clearance',
  'api/v1/posts/*': 'has-clearance'
}

Your user's role should be stored in the session as either req.session.userRole or req.session.user.role.

Documentation

For complete documentation, visit docs.sailscasts.com/clearance