rbac-rethinkdb

RBAC with RethinkDB storage

Showing:

Popularity

Downloads/wk

3

GitHub Stars

2

Maintenance

Last Commit

6yrs ago

Contributors

3

Package

Dependencies

4

Size (min+gzip)

63.2KB

License

UNLICENSED

Type Definitions

Tree-Shakeable

No?

Categories

Readme

rbac-rethinkdb

Role-based access control for RethinkDB apps.

Instalations

npm install rbac-rethinkdb --save

Usage

With rbac-rethinkdb you can do the following:

  • Create Roles
  • Create Permissions
  • Assing Permission to Role. Create Grant
  • Assing Permission to specific Subject which can use Resource
  • Assing Role to Subject
  • Check if Subject has Permission
  • Check if Role has Permission

More information about RBAC you can reach by link

RBAC

You can import RBAC separately and use it with your own storage, which should have been implemented with RBAC Storage methods

import { RBAC } from 'rbac-rethinkdb';

const rbac = new RBAC({
  storage: MyOwnRbacStorage(options),
});

But probably you would like to use RethinkDBStorage

import { RBAC, RethinkDBStorage } from 'rbac-rethinkdb';

const rbac = new RBAC({
  storage: RethinkDBStorage(options),
});

Storage

Options

To connect RBAC storage with your DB you should define RethinkDB conect options.

const connectOptions = {
  authKey: '',
  db: 'test',
  host: 'localhost',
  port: 28015,
};

And RBAC RethinkDB storage options would look like

const storageOptions = {
  ...connectOptions,
  subjectTable: 'Users',
  roles: ['Developer', 'QA', 'PM'],
  permissions: ['Write_code', 'Manage_team', 'Check_quality', 'Check_Facebook'],
  resources: [],
  grants: [
    ['Developer', 'Write_code'],
    ['Developer', 'Check_Facebook'],
    ['QA', 'Check_quality'],
    ['QA', 'Check_Facebook'],
    ['PM', 'Manage_team'],
  ],
};

where:

  • subjectTable: Table in your DB with Subjects. Will create Subjects by default
  • roles: List of predefined Roles. Can be empty
  • permissions: List of predefined Permissions. Can be empty
  • resources: List of Table names with resources which can be used by specific Subject. Can by empty
  • grants: List of predefined Grants in format [ [ROLE, PERMISSION] ] . Can be empty

Methods

addRole(role: string): Promise<boolean>

Add new Role. true if added, false if Role already exsit.

removeRole(role: string): Promise<boolean>

Remove existing Role. true if removed.

addPermission(permission: string): Promise<boolean>

Add new Permission. true if added.

removePermission(permission: string): Promise<boolean>

Remove existing Role. true if removed.

grant(role: string, permission: stirng): Promise<boolean>

Assign existing Permission to existing Role. true if assigned.

removeGrant(role: string, permission: string): Promise<boolean>

Remove existing Permission from existing Role. true if removed.

grantSubjectToResource(subjectId, permission, resourceId, resource)

Assing Permission to specific Subject which can use specfic Resource. An example: as I user I can see all posts, but only I can edit my posts. Params:

  • subjectId: string - id of Subject from table in DB
  • permission: string - existing Permission
  • resourceId: string - id of Resource entity
  • resource: string - Resource table name Returns: Promise<boolean>

removeSubjectFromResource(subjectId, permission, resourceId, resource)

Remove connection between specific Subject and Permission on some Resource. Params, and Returns the same as for grantSubjectToResource()

can(role: string, permission: string): Promise<boolean>

Check if Role has a Permission. true if has.

canAny(roles: Array<string>, permission: string): Promise<boolean>

Check if any of Roles has a Permission. true if at least one Role has a Permission

canAll(roles: Array<string>, permission: string): Promise<boolean>

Check if all Roles have a Permission. true if all Roles has a Permission

canSubjectUsePermission(subjectId, permission, resourceId, resource)

Check if specific Subject has a Permission to use specific Resource. true if has. Params, and Returns the same as for grantSubjectToResource()

addSubjectToRole(subjectId: string, role: string) :Promise<boolean>

Assing Role to specific Subject

removeSubjectFromRole(subjectId: string, role: string):Promise<boolean>

Delete Role from specific Subject

getPermissions(role: string): Promise<Permissions>

Get list of all Permission from Role. Where Permissions = Array<string>

getRoles(subjectId: string): Promise<Roles>

Get list of all Roles from Subject. Where Roles = Array<string>

Examples

Rate & Review

Great Documentation0
Easy to Use0
Performant0
Highly Customizable0
Bleeding Edge0
Responsive Maintainers0
Poor Documentation0
Hard to Use0
Slow0
Buggy0
Abandoned0
Unwelcoming Community0
100
No reviews found
Be the first to rate

Alternatives

No alternatives found

Tutorials

No tutorials found
Add a tutorial