Adonis ACL

Installation

1. Add package:

$ adonis install @tenyour/adonis-acl

2. Generate models

$ npm run generate-models

4. Setting up middlewares inside start/kernel.js file.

const namedMiddleware = {
  ...
  is: '#middleware/RoleMiddleware',
  can: '#middleware/PermissionMiddleware',
  ...
}

$ adonis acl:setup

Working With Roles

Attach/Detach Role(s) To User

import RoleService from 'App/Services/RoleService';

// Attach a role to a user
const roleService = new RoleService();
await roleService.AssignRole({ email, roleName });

// Detach a role from a user
await roleService.DetachRole({ email, roleName });

Working With Permissions

Attach Permissions to User

import PermissionService from 'App/Services/PermissionService';

// Attach a permission to a user
const permissionService = new PermissionService();
await permissionService.AssignPermission({ email, permission_name });

Detach Permissions from User

// Detach a permission from a user
await permissionService.DetachPermission({ email, permission_name });

Protect Routes

// check roles
Route.get("/users").use(
    middleware.is({ role: 'Admin'})
)

// check permissions
Route.get("/posts").use(
    middleware.can({ permission: 'READ_USER'})
)

// check roles and permissions
Route.put("/posts").middleware(["auth:jwt", "acl:admin or update_posts"]);

The acl middleware is used to verify both a role and a permission at the same time, but for it to work properly it is necessary that a role and a permission doesn't share the same name.

License

The MIT License (MIT). Please see License File for more information.