npm
Sign UpSign In

permitted

0.1.0 • Public • Published

permitted

NPM Version Build Status

role based access control

usage

import {User, Policy} from 'permitted'
 
let policy = new Policy({
    article: {
        read: ['user', 'editor'],
        write: 'editor'
    },
    user: {
        manage: 'admin'
    }
})
 
let user = new User('admin', policy)
 
user.can('read', 'article')  // false
user.can('manage', 'user')  // true
user.is('admin')  // true

role inheritance

import {User, Policy} from 'permitted'
 
let hierachy = {
    admin: ['user', 'editor'],
    editor: 'user'
}
let policy = {
    article: {
        read: 'user',
        write: 'editor'
    },
    issue: {
        report: ['user', '!admin']
    }
}
let user = new User('admin', new Policy(policy, hierarchy))
 
user.is('editor')  // true
user.can('read', 'article')  // true
user.can('report', 'issue')  // false

the root role

root can do anything

let root = new User('root', new Policy(policy, hierarchy))

to specify another role other than root, provide a third params to Policy consturctor

new Policy(policy, hierarchy, 'admin')

attach extra data to user object

let user = new User(['role', 'elor'], policy, {id: req.session.id})
console.log(user.id)

koa middleware

import {User, Policy, can} from permitted
app.use((ctx, next) => {
    req.user = new User(req.session.roles, new Policy(policy, hierachy))
    next()
})
 
app.get('/articles/:id', can('read', 'article'), ctx => {
    // ...
})

Dependents (0)

Package Sidebar

Install

npm i permitted

Repository

github.com/zweifisch/permitted

Homepage

github.com/zweifisch/permitted#readme

Weekly Downloads

1

Version

0.1.0

License

MIT

Last publish

Collaborators

  • zf
Try on RunKit
Report malware