npm
Sign UpSign In

ocbesbn-bouncer

0.2.12 • Public • Published

BOUNCER

Midldleware for individual nodejs services, takes care of following items

  1. Get permission details from ACL services
  2. validate the incoming calls
  3. supply the acl.json data

Default options

var defaultOptions =
{
    host: 'consul',
    serviceName: '',
    acl: require('./acl.json')
}

Internal dependencies

  • ocbesbn-web-init

Bouncer should be added as a middleware to the ocbesbn-web-init.

Example

import acl json via file


var bouncer = require('ocbesbn-bouncer');
{
  ...
  middlewares: [bouncer({
    host: 'consul',
    serviceName: 'user', //says user service
    acl: require('mypath/acl.json'),
    aclServiceName: 'acl'
  }).Middleware]
  ...
}

import acl json directly

var bouncer = require('ocbesbn-bouncer');
{
  ...
  middlewares: [bouncer({
    host: 'consul',
    serviceName: 'user', //example
    acl: {
      "Health": { `// Key represents resource group Id`
         "translations": { `// Translation for the resource group`
           "name" : { `// Name of the resource group by language`
             "en": "Health check",
             "de": ""
           },
           "description": { `// Short description, explains about the resource group`
             "en": "Health check endpoint used by service checks",
             "de": ""
           }
         },
         "resources": [ `// List of resources`
           {
             "type": "rest", `// Type of the resource, mostly be rest (API endpoints) for now`
             "resourceId": "/api/health/check", `// Regular expression/complete endpoint (route of API endpoint)`
             "actions": ["edit", "read"], `// Actions allowed edit=PUT, read=GET, delete=DELETE, create=POST`
             "fields": ['result', 'more.somefield'] `// defines what are all the fields can be sent to the user/requestor, nested fields can be added like OBJECT.SOMEKEY..`
           }
         ]
       }
      }
    },
    aclServiceName: 'acl'
  }).Middleware]
  ...
  }

Patterns in resource ids

Mostly the resource id is a string or regular expression, along with that, we also a pattern to replace with current user information. For E.g

The below resource Id contains ${_current_user_id}, which represents current user id, means Id of the user who ever is requesting this particular URI / resource.

"resourceId": "/users/${_current_user_id}/profile"

Here are some of the pattern which represents current user's information

${_current_user_id} - current user's id
${_current_tenant_id} - current user's tenant id
${_current_customer_id} - current user's customer id
${_current_supplier_id} - current user's supplier id

Readme

Keywords

none

Package Sidebar

Install

npm i ocbesbn-bouncer

Weekly Downloads

1

Version

0.2.12

License

ISC

Unpacked Size

13.9 kB

Total Files

5

Last publish

Collaborators

  • gr4per
  • kwierchris
Try on RunKit
Report malware