Unleash awesomeness. Private packages, team management tools, and powerful integrations. Get started with npm Orgs »

moleculer-middleware-permissions

1.3.0 • Public • Published

Moleculer Middleware Permissions

Check action permissions.

codecov Travis (.com) NpmLicense npm node

Install

This module requires at least Node v8.3.0.

yarn add moleculer-middleware-permissions

Usage

// moleculer.config.js
const PermissionGuard = require('moleculer-middleware-permissions');
 
const guard = new PermissionGuard({options});
 
module.exports = {
    ...
    middlewares: [
        guard.middleware(),
    ],
};
// service.js
module.exports = {
  name: 'awesome.service',
   actions: {
       hello: {
         // The user must have both 'hello:read' AND 'hello:name'
         // You can override this behaviour by passing your 'checkFunction'
         permissions: ['hello:read', 'hello:name'],
         handler (ctx) {
           const {name} = ctx.params;
           return `Hello ${name}`;
         }
       },
       me: {
          // Will check for these permissions: ['awesome.service.me']
          permissions: true,
          handler (ctx) {
            return `Hello me`;
          }
        }
     }
};

Notes

The middleware also add a property rawPermissions on the action. It allows anyone to have the real permissions used by the action. The array is immutable, so any attempt to edit it will fail.

Options

  • checkFunction: A function that return true if the request has enough permissions. Else, the return value will be send in the rejected PermissionError. For the default behaviour search for basicPermissionCheck in src/index.js.
  • permissionsPath: Path to look for the request permissions (from the ctx object). Default to meta.user.permissions,
  • permissionsSep: Separator used to transform the action name to a permission name (default: .).
  • pathSeparator: Separator to use when there is a . in a property.

License

MIT

install

npm i moleculer-middleware-permissions

Downloadsweekly downloads

16

version

1.3.0

license

MIT

homepage

github.com

repository

Gitgithub

last publish

collaborators

  • avatar
Report a vulnerability