Ninjas Practicing Multidimensionality
    Wondering what’s next for npm?Check out our public roadmap! »

    permitted

    0.1.0 • Public • Published

    permitted

    NPM Version Build Status

    role based access control

    usage

    import {User, Policy} from 'permitted'
     
    let policy = new Policy({
        article: {
            read: ['user', 'editor'],
            write: 'editor'
        },
        user: {
            manage: 'admin'
        }
    })
     
    let user = new User('admin', policy)
     
    user.can('read', 'article')  // false
    user.can('manage', 'user')  // true
    user.is('admin')  // true

    role inheritance

    import {User, Policy} from 'permitted'
     
    let hierachy = {
        admin: ['user', 'editor'],
        editor: 'user'
    }
    let policy = {
        article: {
            read: 'user',
            write: 'editor'
        },
        issue: {
            report: ['user', '!admin']
        }
    }
    let user = new User('admin', new Policy(policy, hierarchy))
     
    user.is('editor')  // true
    user.can('read', 'article')  // true
    user.can('report', 'issue')  // false

    the root role

    root can do anything

    let root = new User('root', new Policy(policy, hierarchy))

    to specify another role other than root, provide a third params to Policy consturctor

    new Policy(policy, hierarchy, 'admin')

    attach extra data to user object

    let user = new User(['role', 'elor'], policy, {id: req.session.id})
    console.log(user.id)

    koa middleware

    import {User, Policy, can} from permitted
    app.use((ctx, next) => {
        req.user = new User(req.session.roles, new Policy(policy, hierachy))
        next()
    })
     
    app.get('/articles/:id', can('read', 'article'), ctx => {
        // ...
    })

    Install

    npm i permitted

    DownloadsWeekly Downloads

    5

    Version

    0.1.0

    License

    MIT

    Last publish

    Collaborators

    • avatar