access-control

DEPRECATION NOTE: Since the time this package was created, SciSpike has been acquired by Northscaler. There will be no further development on this module. Instead, development will continue at @northscaler/acl. You can see all of Northscaler's public Node.js modules at https://www.npmjs.com/search?q=%40northscaler.

This library allows you to maintain security information in access control lists (ACLs). There are four elements required in the determination of access:

• principal: The actor, user or system attempting to perform some action on a securable.
• securable: The thing being secured or the thing access to which is being controlled.
• action: The action being performed on a securable. This library defines a minimal set of primitive actions, but you can define your own.
• access control entry: the thing that binds the principal, securable and action together along with the "granted" boolean or some other strategy. Some systems call this a "permission", a "right" or a "grant" in the granting sense, and a "denial", an "antipermission", or a "negative permission" in the denying sense. We use a the more general term "access control entry", which can mean either a permission or a denial.

The primary export of this module is a class called Acl, which has interrogation methods grants & denies, as well as mutating methods like grant, ungrant, deny & undeny.

NOTE: In this implementation, a single denial vetos any number of grants.

It supports declarative or static security (think "granted" or "denied" as a simple boolean), as well as algorithmic or dynamic security (think "granted if today is a weekday" or something like that).

TL;DR

See the tests in src/test/unit/Acl.spec.js for usage.

TODO

Provide more content.