@rorylshanks/policy
v1.1.0
Published
Library for controlling access to resources with policy documents
Downloads
6
Maintainers
Readme
policy
Library for controlling access to resources with policy documents. Inspired by AWS IAM policies.
Installation
npm install --save policy
In your source code use:
const Policy = require('policy').Policy
const policyParser = require('policy').parser
let policy1 = new Policy()
let policy2 = policyParser.fromFile(...)
let policy3 = policyParser.fromString(...)
For example how to format policy document see json example file
Example
let policy = new Policy()
policy.allow("customer", "cars", "buy")
policy.allow("seller", "cars", ["buy","sell"])
policy.isAllowed("customer", "cars", "buy") // true
policy.isAllowed("customer", "cars", "sell") // false
policy.isAllowed("seller", "cars", "buy") // true
policy.isAllowed("seller", "cars", "sell") // true
policy.isAllowed("seller", "cars", "destroy") // false
policy.isAllowed("seller", "vans", "buy") // false
Wildcards
You can also use wildcards:
let policy = new Policy()
policy.allow("a_*", ["b_*","d_*"], "c_*")
policy.isAllowed("a_anything", "b_anything", "c_anything") // true
policy.isAllowed("a_anything", "c_anything", "c_anything") // false
policy.isAllowed("a_anything", "d_anything", "c_anything") // true
Deny
Some resources/actions can be denied. Denial has preference before allowance:
let policy = new Policy();
policy.allow("*", "*", "*")
policy.deny("guest", "secret", "*")
policy.isAllowed("user", "blah", "read") // true
policy.isAllowed("guest", "blah", "write") // true
policy.isAllowed("guest", "secret", "any") // false