User Management for React Applications

This module is still in development stage and not to be used just yet

The module provides react components that can be added in a react application to create/view users, roles and permissions. The module also provides APIs to do the following:

• Check if a user is currently logged in
• Get the currently loggged in user
• Add a permission on an object programatically
• Check if a user is permitted to perform one of the CRUD operations on an object

Following react components are exported:

• ManageUsers - Component where you can see the current users and add new users
• ManageRoles - Component wher you can see the current roles and add new roles
• ManagePermissions - Component where you can see current group level permissions and add new group level permissions
• EditUser - Component where you can add/edit a user
• EditRole - Component where you can add/edit a role
• EditPermission - Component where you can add/edit a permission
• Login - Component to allow a user to log in
• SignUp - Component to allow a user to sign up

Right now, the above components need to be hooken into a react-router component. Check out lib/App.js for example usage

Things to note

• The module is currently using Parse as the backend. You will need to create a Parse application and provide the JAVASCRIPT_KEY and APPLICATION_KEY in the base html file. Check index.html for example usage
• EditUser component needs to be linked to URL /users/new as done in the App.js because that is how it is configured in the ManageUsers component. Similarly, follow the route paths for EditRole and EditPermission component as done in the App.js
• ManagePermissions component should be passed in a function 'targetObjectsCallback' which should return a list of strings. These are the target objects on which users can define permissions. See App.jsx for example usage

Following APIs are exported:

• currentUser() - Returns the currently logged in user or null

• logoutUser() - Logs out the currently logged in user

• addUserPermission(permission) - Add a permission on an object for a user. The permission object is specified as below:

  {
    targetObject: string (ID of the object on which permission should be applied)
    username: string (username on which the permission applies)
    operations: array[string] (CRUD operations ['create', 'read', 'update', 'delete'])
    action: string (Action to be taken i.e. 'allow' or 'deny')
  }

• checkPermission(targetObject, operation, username) - Checks if the user is allowed to perform the specified operation on the target object. Returns 'allow' or 'deny' based on the current permissions defined in the system. Below is the description of each argument:

    targetObject: string (ID of the object on which permission should be applied)
    username: string (username on which the permission applies)
    operation: string (CRUD operation ['create', 'read', 'update', 'delete'] which need to be checked)

  Below are the rules to check if the return value should be 'allow' or 'deny'

  • If atleast one permission which denies the operation by the user on the target object, then 'deny' is returned
  • If no permissions are found that applies to the combination of 'targetObject', 'username' and 'operation', 'deny' is returned
  • If none of the above conditions are true, then 'allow' is returned