verdaccio-steedos v1.0.0

verdaccio-steedos

An amazing verdaccio plugin

Installation

• $ npm i verdaccio -g
• $ npm i verdaccio-steedos -g

Env

STEEDOS_SERVER_ROOT_URL=https://console.steedos.com STEEDOS_SERVER_ADMIN_API_KEY=xxx

Configuration

Add the following in your config.yaml

auth:
  steedos:
    steedos_server_root_url: https://console.steedos.com
    steedos_user_key: mobile
    request_timeout_ms: 1000
    cache_ttl_ms: 60000 # default to 30s if not present

packages: '@company/: access: 'fancyCompany-owner fancyCompany-employee' publish: 'fancyCompany-owner' '@/*': access: '$steedos_group' publish: '$steedos_group' unpublish: '$steedos_group'

The above configuration will allow access to packages for @company whenever the user is member of fancyCompany-owner or fancyCompany-employee, but publish only to fancyCompany-owner. For all other scopes, access is granted when the scope name matches the group name.

权限设计

• 不支持匿名访问，必须要注册登录才可使用

scope 权限设计

基础对象

• npm_scopes
  • name
  • type: public / private
• npm_scope_members
  • member
  • permission: readonly / publish

用户权限

• public scopes：所有用户对 public 的 npm scopes 有 access 权限
• private scopes：通过scope members 给成员授权

package 权限设计

...TODO