This package is the core of AccessControl. JavaScript Package that encapsulates functionality related to access control permissions. This package is designed to manage and manipulate a set of permissions represented in a data structure.
Installation
npm install @vsky/accesscontrol
# or
pnpm install @vsky/accesscontrol
# or
yarn add @vsky/accesscontrol
const data = [
{
role: "superadmin",
resource: "supplier, product, order, employee, user, report, company, branch, profile, payment, dashboard, inventory, customer, settings",
action: "create",
},
{
role: "superadmin",
resource: "supplier, product, order, employee, user, report, company, branch, profile, payment, dashboard, inventory, customer, settings",
action: "read",
},
{
role: "admin",
resource: "supplier, product, order, employee, user, report, company, branch, profile, payment, dashboard, inventory, customer, settings",
action: "read",
},
{
role: "user",
resource: "product, order, profile, payment, dashboard, inventory, customer, settings",
action: "read",
},
];
let ac = new AccessControl(data);
getData():
returns the data stored in the object.
Returns the data passed to the constructor
const data = ac.getData()
getResourcesForActionAndRole(action, role):
returns a list of resources that match the specified action and role.
Returns an array of resources for the specified action and role
let resources = ac.getResourcesForActionAndRole("read", "superadmin");
Returns an array of resources for the specified action
let resources = ac.getResourcesForActionAndRole("read");
canPerformAction(role, resource, action):
returns a boolean indicating whether the specified role is allowed to perform the specified action on the specified resource.
Returns true if the specified role has permission to perform the specified action on the specified resource
const isAllowed = ac.canPerformAction("superadmin", "supplier", "create")
const isAllowed = ac.canPerformAction("superadmin", "product", "read")
Returns false if the specified role does not have permission to perform the specified action on the specified resource
const isAllowed = ac.canPerformAction("admin", "books", "create")
const isAllowed = ac.canPerformAction("admin", "cars", "update")
findActions(role, resource):
returns a list of actions that are allowed for the specified role and resource.
Returns an array of actions that the specified role is allowed to perform on the specified resource
let actions = ac.findActions("superadmin", "supplier");
Returns an array of actions that the specified role is allowed to perform on all resources
let actions = ac.findActions("superadmin");
addPermission(options):
adds a new permission to the data, with the specified role, action, and resource(s).
// Add a permission to the data
ac.addPermission({
role: 'admin',
action: 'read',
resource: 'documents'
});
ac.addPermission({
role: "student",
action: ["create", "update"],
resource: ["customer", "payment"],
});
updateResource(options):
updates the resources for the specified role and action, adding the specified resource(s) to the list of allowed resources.
// Update resources for a specific role and action
ac.updateResource({
role: 'admin',
action: 'read',
resources: ['reports', 'invoices']
});
removeResource(options):
removes the specified resource(s) from the list of allowed resources for the specified role and action.
Remove a resource from an entry with the specified role, action, and resource
const data = ac.removeResource({
role: "superadmin",
action: "create",
resource: "supplier",
});
Remove multiple resources from an entry with the specified role, action, and resource if the resource is provided as an array
ac.addPermission({
role: "superadmin",
action: "create",
resource: ["supplier", "product"],
});
const data = ac.removeResource({
role: "superadmin",
action: "create",
resource: ["supplier", "product"],
});
Remove a resource from all entries with the specified action if no role is specified
ac.addPermission({
role: "superadmin",
action: "create",
resource: ["supplier", "product"],
});
ac.addPermission({
role: "admin",
action: "create",
resource: ["supplier", "product"],
});
const data = ac.removeResource({ action: "create", resource: "supplier" });
Remove a resource from all entries with the specified role if no action is specified
ac.addPermission({
role: "superadmin",
action: "create",
resource: ["supplier", "product"],
});
ac.addPermission({
role: "superadmin",
action: "read",
resource: ["supplier", "product"],
});
const data = ac.removeResource({ role: "superadmin", resource: "supplier" });
removePermissions(options):
removes all permissions for the specified role, action, and resource.
const data = ac.removePermission({ role: "superadmin", action: "create" });
Remove all entries from the data array if no role or action is specified
ac.addPermission({
role: "superadmin",
action: "create",
resource: ["supplier", "product"],
});
ac.addPermission({
role: "admin",
action: "create",
resource: ["supplier", "product"],
});
ac.addPermission({
role: "superadmin",
action: "read",
resource: ["supplier", "product"],
});
const data = ac.removePermission({});
Remove all entries with the specified role if no action is specified
ac.addPermission({
role: "admin",
action: "create",
resource: ["supplier", "product"],
});
ac.addPermission({
role: "superadmin",
action: "read",
resource: ["supplier", "product"],
});
const data = ac.removePermission({ role: "superadmin" });
Remove all entries with the specified action if no role is specified
ac.addPermission({
role: "superadmin",
action: "create",
resource: ["supplier", "product", "sidebar"],
});
ac.addPermission({
role: "admin",
action: "create",
resource: ["supplier", "product"],
});
ac.addPermission({
role: "superadmin",
action: "read",
resource: ["supplier", "product", "sidebar", "sidebar"],
});
const data = ac.removePermission({ action: "create" });