RBAC

(Hierarchical Role Based Access Control)

RBAC is the authorization library for NodeJS.

🎉 We have supported DynamoDB storage now by implementation of dynamoose.

Motivation

I needed hierarchical role based access control for my projects based on ExpressJS. I had one requirement. This structure must be permanently stored in various storages. For example in memory or Mongoose. Because there is a lot of options for storing of data and many of them are asynchronous. I created asynchronous API. Please, if you found any bug or you need custom API, create an issue or pull request.

Documentation

Read more about API in documentation

Install

npm install rbac

Usage

import { RBAC } from 'rbac' ; const rbac = new RBAC({ roles : [ 'superadmin' , 'admin' , 'user' , 'guest' ], permissions : { user : [ 'create' , 'delete' ], password : [ 'change' , 'forgot' ], article : [ 'create' ], rbac : [ 'update' ], }, grants : { guest : [ 'create_user' , 'forgot_password' ], user : [ 'change_password' ], admin : [ 'user' , 'delete_user' , 'update_rbac' ], superadmin : [ 'admin' ], }, }); await rbac.init();

Usage with express

import express from 'express' ; import { RBAC } from 'rbac' ; import secure from 'rbac/controllers/express' ; function adminController ( req, res, next ) { res.send( 'Hello admin' ); } const app = express(); const rbac = new RBAC({ roles : [ 'admin' , 'user' ], }); await rbac.init(); app.use( '/admin' , secure.hasRole(rbac, 'admin' ), adminController);

Check permissions

const can = await rbac.can( 'admin' , 'create' , 'article' ); if (can) { console .log( 'Admin is able create article' ); } const admin = await rbac.getRole( 'admin' ); if (!admin) { return console .log( 'Role does not exists' ); } const can = await admin.can( 'create' , 'article' ); if (can) { console .log( 'Admin is able create article' ); }

Mongoose user model

Please take a look on plugin mongoose-hrbac

Build documentation

npm run doc

Running Tests

npm run test

Build

npm run build

