node package manager

rbac

Hierarchical Role Based Access Control

RBAC

(Hierarchical Role Based Access Control)

RBAC is the authorization library for NodeJS.

I needed hierarchical role based access control for my projects based on ExpressJS. I had one requirement. This structure must be permanently stored in various storages. For example in memory or Mongoose. Because there is a lot of options for storing of data and many of them are asynchronous. I created asynchronous API. Please, if you found any bug or you need custom API, create an issue or pull request.

Read more about API in documentation

Support us

Star this project on GitHub.

npm install rbac
import RBAC from 'rbac'; // ES5 var RBAC = require('rbac').default; 
const rbac = new RBAC({
  roles: ['superadmin', 'admin', 'user', 'guest'],
  permissions: {
    user: ['create', 'delete'],
    password: ['change', 'forgot'],
    article: ['create'],
    rbac: ['update']
  },
  grants: {
    guest: ['create_user', 'forgot_password'],
    user: ['change_password'],
    admin: ['user', 'delete_user', 'update_rbac'],
    superadmin: ['admin']
  }
}, function(errrbacInstance) {
  if (err) {
    throw err;
  }
});
import express from 'express';
import RBAC from 'rbac';
import secure from 'rbac/controllers/express';
 
// your custom controller for express 
function adminController(reqresnext) {
  res.send('Hello admin');
}
 
const app = express();
const rbac = new RBAC({
  roles: ['admin', 'user']  
}, (err, rbac) => {
  if (err) throw err;
 
  // setup express routes 
  app.use('/admin', secure.hasRole(rbac, 'admin'), adminController);
});
rbac.can('admin', 'create', 'article', (err, can) => {
  if (err) {
    throw err; // process error 
  }
 
  if (can) {
    console.log('Admin is able create article');
  }
});
 
// or you can use instance of admin role 
 
rbac.getRole('admin', (err, admin) => {
  if (err) {
    throw err; // process error 
  }
 
  if (!admin) {
    return console.log('Role does not exists');
  }
 
  admin.can('create', 'article', (err2, can) => {
    if (err2) throw err2; // process error 
 
    if (can) {
      console.log('Admin is able create article');    
    }
  });
});

Please take a look on plugin mongoose-hrbac

npm run doc
npm run test
npm run build

The MIT License (MIT)

Copyright (c) 2016 Zlatko Fedor zlatkofedor@cherrysro.com