redis-acl
Access control list with redis - user roles and access management
redis-acl
Access control list with redis - user roles and access management
This module provides an ACL implementation providing following features.
Features
- Add / Remove resources
- Create resource hierarchies
- Add Roles
- Add Tasks
- Allow / Remove User's resource access
- Get user roles for resources
- Check user access for particular resource's to perform a task
Installation
Using npm:
npm install redis-acl
Documentation
- addResource
- addChildResource
- deleteResource
- addRole
- addTask
- allowResourceAccess
- removeResourceAccess
- getRole
- checkAccess
Examples
Create your acl module by requiring it and instantiating it with redis instance details:
let acl = ; // Connect with redis instancelet redisConnectionConf = "host": "127.0.0.1" "port": 6379;acl = redisConnectionConf;
All the following functions take a callback with an err and response parameters as last parameter.
Add resources:
// add new resourceacl; // add child resource and create resource hierarhy// creating child resource implicitly creates parentsacl; acl; acl;
Delete resource:
// second parameter decides whether to keep hierarchy intact or to delete resource's children too// keep hierarchy acl; // delte hierarchyacl;
Add Role(s):
acl;
Add allowed task(s) to role(s):
// adding tasks to roles implicitly creates rolesacl;
Allow user to access a resource(s) with a role(s):
// It gives access to resources and its children with same roles.acl;
Remove user's role to access a resource(s):
// this will remove user's mentioned role for mentioned resource(s)acl;
Get user roles for resource:
acl
Check user's access to perform a task on a resource:
acl;
Methods
addResource( resource, function(err) )
Adds new parent resources.
Arguments
resource String|Number Resource callback Function Callback called when finished
addChildResource( parentResource , childResource(s), function(err) )
Adds child resource(s) to another resource.
Arguments
parentResource String|Number Parent resource childResource String|Number|ArrayString|Number Child resources to add callback Function Callback called when finished
deleteResource( resource, keepHierarchy, function(err, roles) )
Deletes a resource with or without its entire children hierarchy.
Arguments
resource String|Number Resource keepHierarchy Boolean Boolean identifier to indicate whether to keep children hierarchy intact or to delete it callback Function Callback called when finished
addRole( role, function(err, users) )
Adds new role.
Arguments
role String|Number|ArrayString|Number Role callback Function Callback called when finished
addTask( roles, tasks, function(err, hasRole) )
Add allowed task(s) to role(s).
Arguments
roles String|Number|ArrayString|Number roles tasks String|Number|ArrayString|Number tasks callback Function Callback called when finished
allowResourceAccess( user, resource, roles, function(err) )
Allows user to access mentioned resource with mentioned role(s).
Arguments
user String|Number user resource String|Numebr resource roles String|Array|ArrayString|Number roles callback Function Callback called when finished
removeResourceAccess( user, resource, roles, function(err) )
Removes user's access for mentioned resource for mentined roles.
Arguments
user String|Number user resource String|Numebr resource roles String|Array|ArrayString|Number roles callback Function Callback called when finished optional
getRole( user, resource, function(err) )
Returns list of available roles of user for mentioned resource.
Arguments
user String|Number user resource String|Numebr resource callback Function Callback called when finished
### checkAccess( user, resource, task, function(err) )
Checks user's access to perform mentioned task on mentioned resource
Arguments
user String|Number user resource String resource task String|Number task callback Function Callback called when finished
Contributors
The original author of redis-acl is Tushar Sanap
License
Future work
- Support for diffrent roles for inherited access.