@e-me/feathers-awesome-permissions
v2.1.3
Published
sistema de permisos modulares para feathers js
Downloads
2
Readme
Feathers awesome permissions
Advertencia: No es una versión definitiva ya que requiere optimización y de momento solo es compatible con servicios basados en sequelize (al menos en cuanto y su sistema interno) y requiere de un servicio “users”.
Instalacion
npm
npm install @e-me/feathers-awesome-permissions --saveyarn
yarn add @e-me/feathers-awesome-permissionsConfiguracion
src/service/index.js
// Configure the Feathers services. (Can be re-generated.)
// !code: imports
...
let {Services} = require('@e-me/feathers-awesome-permissions');
...
// !end
// !code: init // !end
// eslint-disable-next-line no-unused-vars
let moduleExports = function (app) {
// !code: func_return
...
app.configure(Services('sequelize'));
...
// !end
};
// !code: exports // !end
module.exports = moduleExports;
// !code: funcs // !end
// !code: end // !endservice hook de ejemplo
// Hooks for service `users`. (Can be re-generated.)
const commonHooks = require('feathers-hooks-common');
// eslint-disable-next-line no-unused-vars
const { hashPassword, protect } = require('@feathersjs/authentication-local').hooks;
// !code: imports
const {Permissions: {getUserRoles, getUserPermissions}} = require('@e-me/feathers-awesome-permissions');
const {giveAccessTo, grantAccessTo} = require('@e-me/feathers-awesome-permissions');
const restrictMasiveUpdate = require('../../hooks/restrict-masive-update');
// !end
// !code: used
// eslint-disable-next-line no-unused-vars
const { iff, isProvider, fastJoin } = commonHooks;
// !end
// !code: init
const resolvers = {
joins: {
permissions: () => async (user, context) => {
user.roles = await getUserRoles(context);
user.permissions = getUserPermissions(context, {roles: user.roles});
}
}
};
// !end
let moduleExports = {
before: {
// !code: before
all: [],
find: [
giveAccessTo()
],
get: [
giveAccessTo()
],
create: [
hashPassword()
],
update: [
hashPassword(),
giveAccessTo()
],
patch: [
hashPassword(),
giveAccessTo()
],
remove: [
giveAccessTo()
]
// !end
},
after: {
// !code: after
all: [
protect('password'),
iff(isProvider('external'), fastJoin(resolvers))
],
find: [],
get: [],
create: [
grantAccessTo()
],
update: [],
patch: [],
remove: []
// !end
},
error: {
// !<DEFAULT> code: error
all: [],
find: [],
get: [],
create: [],
update: [],
patch: [],
remove: []
// !end
},
// !code: moduleExports // !end
};
// !code: exports // !end
module.exports = moduleExports;
// !code: funcs // !end
// !code: end // !endoptions
giveAccessTo()
|option|tipo|desctiptions| |--|--|--| |mode|'strict'|'trust'|trust: es un modo donde se parte de que el usuario tiene permisos de todo y se le quitan si no tiene uno de los permisos especificados en "requiredPermissions" (no se recomienda su uso)| |adminRole|string|por motivos de seguridad se recomienda que solo se le otorge a un usuario| |entity|string| |allowAnonymousUsers|boolean| |anonymousUserId|number|por defecto es 0| |requiredPermissions|[{domain: string, action: string},...]| |restrictToOwner|{ownerField: string, otherField: string}| |onlyAdmin|array<string>|boolean|cuando es un array de strings se espera que el string sea el nombre del metodo en el que solo se permiten administradores|
grantAccessTo()
|option|tipo|desctiptions| |--|--|--| |rolePrefix|string| |entityField|string| |userEntity|string| |domain|string| |actions|array<string>|
sitio web de los creadores: e-me.co