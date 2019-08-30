Hierarchical Role-Based Access Control for Node.js

⏱ Lightweight

🔥 Blazing Fast

⚡️️ Zero dependency

Features

Focused on operations

Scalable

Each role is given specific access rights for every operation

High granularity in assigning rights

Thanks

This project scaffold was built with a modified version of webpack-library-starter

Thanks to Karl Düüna (DeadAlready) and his awesome post on medium

Getting Started

Install

yarn add @rbac/rbac or npm install @rbac/rbac

RBAC is a curried function thats initially takes an object with configurations, then returns another function that takes an object with roles, finally returns an object that holds "can" property that is a function.

You can use it in many ways, below is one of them:

Setup RBAC config

Property Type Params Default Description logger Function role: String

operation: String

result: Boolean defaultLogger Function that logs operations to console enableLogger Boolean true Enable or disable logger

Creating some roles

RBAC expects an object with roles as property names.

Property Type Example Description can Array ['products:*'] Array of strings, list of operations that user can do, since 1.1.0 also support glob when Function or Promise (params , done ) => done (null , true ) Optional Promise that should resolve in Truthy or Falsy or Callback function that receives params and done as properties, should return done passing errors, and result inherits Array ['user'] Optional Array of strings, list of roles inherited by this role

IMPORTANT! "when" property should be either a Callback function that receives params and done or a Promise that should resolve in Truthy or Falsy values. Example:

const roles = { supervisor : { can : [{ name : 'products:find' , when : ( params, done ) => { done(error, false ); }}] }, admin : { can : [{ name : 'products:*' , when : new Promise ( ( resolve ) => { resolve( true ); })}] } };

Check if user can do some operation

Param Type Example Description First String 'admin' Array of strings, list of operations that user can do Second String, Glob (Wildcard), Regex 'products:find' Operation to validate Third Any {registered: true} Optional Params that will flow to "when" callback Function

Want more? Check out the examples folder.

Roadmap

Wildcard support

Wildcard support Regex support

Regex support Update roles in runtime

Contributing

Contributions are welcome!

Build RBAC

Run yarn install to get RBAC's dependencies

to get RBAC's dependencies Run yarn build to produce minified version of RBAC.

Development mode

Having all the dependencies installed run yarn dev . This command will generate a non-minified version of your library and will run a watcher so you get the compilation on file change.

Running the tests

Run yarn test

Scripts

yarn build - produces production version of your library under the lib folder

- produces production version of your library under the folder yarn dev - produces development version of your library and runs a watcher

- produces development version of your library and runs a watcher yarn test - well ... it runs the tests :)

- well ... it runs the tests :) yarn test:watch - same as above but in a watch mode

License

This project is under MIT License [https://opensource.org/licenses/MIT]