React RBAC Guard
react-rbac-guard
is a module allowing to manage visibility of particular components depending on user credentials (or current permissions set). Module uses approach that was inspired by "react-redux-connect" module.
The package currently in the early development stage.
Dependensies
React RBAC requires either React new context API or React legacy context API support.
Module tries to use new context API (React version >= 16.3) if available. Otherwise fallbacks to legacy context API. Legacy context API has problem with returning false
from shouldComponentUpdate
in intermediate components (see docs).
Installation
$> npm install react-rbac-guard
Integration in 5 easy steps
- Define your own class derived from
Requirement
class. It must implementisSatisfied
method that takes credentials as parameter. The method must returntrue
if requirement is satisfied by credentials andfalse
otherwise
; { super; thispermission = permission; } { // assume credentilas is an object return credentialsthispermission ? true : false; }
- Create requirements
const NeedManagePost = "CanManagePost";const NeedManageComment = "CanManageComment";const NeedManageUser = "CanManageUser";
- Create guards
; const PostManager = ;const CommentManager = ;const UserManager = ;
- Provide credentials via
CredentialProvider
and use guards as components
import CredentialProvider from "react-rbac-guard"; { const credentials = ; // you have to provide it return <CredentialProvider => <PostManager> <button>Edit Post</button> <button>Delete Post</button> </PostManager> <CommentManager> <button>Edit Comment</button> <button>Delete Comment</button> </CommentManager> <UserManager> <button>Block User</button> </UserManager> </CredentialProvider> ; }
- Enjoy!
Capabilities
- You can use
all
,any
,not
functions to combine requirements.
// Let's assume we have NeedAdmin, NeedManager, NeedUser, NeedGuest requirements.// You can produce new ones by combining them.import any not from "react-rbac-gurad"; const NeedAuthorized = ;const NeedExtendedRights = ;
In other words, you can define arbitrary predicate (in terms of mathematical logic) based on your requirements.
- You can use Guard component directly (without guardFactory).
<Guard => <button>Restart Server</button> </Guard>
- You can use
protect
to protect your components (it behaves likeconnect
fromreact-redux-connect
).
import protect from "react-rbac-guard"; ... // exports decorated component (like connect in "react-redux-connect")NeedExtendedRightsCustomersList;
or to protect external components
import Button from "react-bootstrap";import protect from "react-rbac-guard"; const SignUpButton = Button;const SignOutButton = Button;
- It's also possible to make a decision inside credentials object
{ return ...// return boolean depending on requirement } ... { return credentilas; } const credentials = ...; <CredentialProvider => ...</CredentialProvider>
Demo
To see demos please visit https://codesandbox.io/s/znmxlw59jm.