0

RBAC

面向 NodeJS 的基于角色的分层访问控制。「Hierarchical Role Based Access Control for NodeJS」

Github repo
Main metrics

Github stars Tracking Chart

RBAC

(Hierarchical Role Based Access Control)

NPM version
build status
Test coverage
Gitter chat

RBAC is the authorization library for NodeJS.

:tada: We have supported DynamoDB storage now by implementation of dynamoose.

Motivation

I needed hierarchical role based access control for my projects based on ExpressJS.
I had one requirement. This structure must be permanently stored in various storages.
For example in memory or Mongoose.
Because there is a lot of options for storing of data and many of them are asynchronous.
I created asynchronous API.
Please, if you found any bug or you need custom API, create an issue or pull request.

Documentation

Read more about API in documentation

Support us

Star this project on GitHub.

Install

npm install rbac

Usage

import { RBAC } from 'rbac'; // ES5 var RBAC = require('rbac').default;
const rbac = new RBAC({
  roles: ['superadmin', 'admin', 'user', 'guest'],
  permissions: {
    user: ['create', 'delete'],
    password: ['change', 'forgot'],
    article: ['create'],
    rbac: ['update'],
  },
  grants: {
    guest: ['create_user', 'forgot_password'],
    user: ['change_password'],
    admin: ['user', 'delete_user', 'update_rbac'],
    superadmin: ['admin'],
  },
});

await rbac.init();

Usage with express

import express from 'express';
import { RBAC } from 'rbac';
import secure from 'rbac/controllers/express';

// your custom controller for express
function adminController(req, res, next) {
  res.send('Hello admin');
}

const app = express();
const rbac = new RBAC({
  roles: ['admin', 'user'],
});

await rbac.init();

// setup express routes
app.use('/admin', secure.hasRole(rbac, 'admin'), adminController);

Check permissions

const can = await rbac.can('admin', 'create', 'article');
if (can) {
  console.log('Admin is able create article');
}

// or you can use instance of admin role
const admin = await rbac.getRole('admin');
if (!admin) {
  return console.log('Role does not exists');
}

const can = await admin.can('create', 'article');
if (can) {
  console.log('Admin is able create article');    
}

Mongoose user model

Please take a look on plugin mongoose-hrbac

Build documentation

npm run doc

Running Tests

npm run test

Build

npm run build

Credits

License

The MIT License (MIT)

Copyright (c) 2016-2018 Zlatko Fedor zfedor@goodmodule.com

Overview

Name With Ownerseeden/rbac
Primary LanguageJavaScript
Program languageJavaScript (Language Count: 1)
Platform
License:MIT License
Release Count23
Last Release Name5.0.3 (Posted on 2018-08-01 11:12:57)
First Release Namev2.1.5 (Posted on )
Created At2014-04-08 11:50:07
Pushed At2023-10-13 09:24:34
Last Commit At2020-07-29 09:59:40
Stargazers Count1k
Watchers Count32
Fork Count101
Commits Count138
Has Issues Enabled
Issues Count46
Issue Open Count16
Pull Requests Count10
Pull Requests Open Count4
Pull Requests Close Count7
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private
To the top