simple-abac
Node.js package that makes attribute based access control (ABAC) simple.
Usage
Installation:
npm i simple-abac -S
Import in your project:
- Typescript/ES6:
; ;
- Javascript(ES5):
let SimpleAbac = SimpleAbac; let abac = ;
Defining permissions:
Allow editor to read all attributes of posts except authorId:
abac.allow;
Allow admin to read all attributes of posts:
abac.allow;
Allow any to read only content and title of posts:
abac.allow;
Allow editor to delete only posts created by him:
abac.allow;
Asking permissions:
Asking if editor with id: 1 can read post:
; /* { granted: true, attributes: { mode: 'all', except: ['authorId'] } } */
Asking if any can read post:
; /* { granted: true, attributes: { mode: 'nothing', except: ['content', 'title'] } } */
Asking if editor with id: 1 can delete a post written by editor with id: 3:
; /* { granted: false, attributes: { mode: 'nothing' } } */
Asking if editor with id: 3 can delete a post written by editor with id: 3:
; /* { granted: true, attributes: { mode: 'all' } } */