@wizeapps/sequelize-acl
Description
Provides user access management controls, allows setting access controls on API routes, restricts access to model instances based on data scoping enabled on model.
Models
- WizeOrgUnit: Stores all organization units defined for the app
- WizeOrgUnitMetaDefinition: Stores information of custom user defined attributes for organization unit
- WizeUser: Stores information of users within the app; Users belong to specific organization unit
- WizeUserMetaDefinition: Stores information of custom user defined attributes for user
- WizeRole: Stores all roles defined for the app
- WizeResourceRole: Stores mapping of roles and API routes defined in the app
- WizeScopeModel: Stores information related to model whether it is private or shared
- WizeResourceCollaborator: Allows to add collaborators on private model instances
- WizeAccessLevel: Defines access levels on shared instances [Future extension]
- WizeCollaboratorType: Defines category of collaborators (Individual user or Group) [Future extension]
- WizeTemplate: Organization specific email templates (User invitation/activation)
APIs
-
[
GET
] /api/wizeresourceroles/permissions/:roleId - Lists all permissions defined at resource level -
[
PATCH
] /api/wizeresourceroles/permissions/:roleId - Enabled resource level access for Role specified -
[
POST
] /api/wizeusers - Register new user in the app -
[
GET
] /api/wizeusers/hierarchy - Retrieve hierarchy - Supports sequelize query format using where clause -
[
PATCH
] /api/wizeusers/save/:email - Update user - role assignment -
[
GET
] /api/wizeusers/current - Retrieve current user's information -
[
POST
] /api/wizeusers/auth - Sign-in with app username and password -
[
POST
] /api/wizeusers/activate - Activate user -
[
PATCH
] /api/wizeusers/ticket/:id - Re-send activation link to user in case previous registration link has expired
Usage
Installation
npm install --save @wizeapps/sequelize-acl
Initialize
import wizeSequelizeAcl from '@wizeapps/sequelize-acl';
.
.
.
/*
app: koa-app returned from 'const app = createServer({});'
sequelizeSource: sequelize object returned from 'import sequelizeSource from './sources/postgresql';'
opts: JSON object
*/
await wizeSequelizeAcl(app, sequelizeSource, opts);
Opts
const opts = {
AUTH_STRATEGY: 'CUSTOM OR JWT',
ADMIN_ROLE: 'Administrator',
JWT: {
AUTH0: {
CLIENT_ID: "<Auth0 Client ID>",
SECRET_KEY: "<Auth0 Secret Key>",
DOMAIN: "<Auth0 Domain Name>",
CONNECTION: "<Auth0 Auth Type>"
},
AUTH0_API: {
CLIENT_ID: "<Auth0 API Client ID>",
SECRET_KEY: "<Auth0 API Secret Key>"
}
},
CUSTOM: {
"MIDDLEWARE": "<Custom middleware handler, e.g. function* userInfo(next) { yield next; }>",
"OPTIONS": {<Custom Options>}
},
MAIL_CONFIG: <Email Provider>,
pathsToIgnore: <URLs to skip authentication check>
};
Test
NOTE: Developer needs to provide the AUTH0/CUSTOM Auth strategy detail in the test scripts
npm run test
License
MIT License