npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@tshio/security-client

v0.0.20

Published

RAD Security Client

Downloads

133

Readme

RAD Security Client

npm version

Non-blocking RAD Security client for Node.js.

This is a 100% JavaScript library, with TypeScript definition, with the Promise API.

This module makes it simple to implement a Node.js application that uses RAD Security for its authentication and authorization needs.

Table of Contents

Installing

$ npm install @tshio/security-client

or

yarn add @tshio/security-client

Loading and configuration module

// CommonJS
const { getSecurityClient } = require('@tshio/security-client');

// ES Module
import { getSecurityClient } from '@tshio/security-client';


const options = {
  host: "localhost",
  port: 50050,
  https: true, // default http protocol
}

const securityClient = getSecurityClient(options);

Getting started

Login and authorization

const SecurityClient = require('@tshio/security-client');

(async () => {
    const securityClient = SecurityClient.getSecurityClient();
    const token = await securityClient.auth.login({ username: "superadmin", password: "superadmin" });

    console.log(token);
    // => { accessToken: "xxx", refreshToken: "xxx" }
})();

Examples

(async () => {
    const securityClient = SecurityClient.getSecurityClient();
    const token = await securityClient.auth.login({ username: "superadmin", password: "superadmin" });

    // Add User
    const newUser = {
      username: "superadmin2",
       password: "superadmin",
       attributes: ["ROLE_SUPERADMIN"],
    }

    const { newUserId } = await securityClient.users.addUser(newUser, { accessToken: token });

    console.log(newUserId);
    // => 45287eff-cdb0-4cd4-8a0f-a07d1a11b382

    // Add Attribute
    const newUserAttribute = {
      userId: newUserId,
       attributes: ["ATTR1", "ATTR2"],
    }

    await securityClient.users.addAttributes(newUserAttribute, { accessToken: token })

    const user = await securityClient.users.getUser({ userId: newUserId }, { accessToken: token });
    console.log(user);
    // =>
    // {
    //   id: '78204778-de24-4957-83d5-e01235d1d52a',
    //   username: 'superadmin2',
    //   isActive: true,
    //   activationToken: null,
    //   createdAt: '2020-09-16T11:25:44.509Z',
    //   updatedAt: '2020-09-16T11:25:44.509Z',
    //   attributes: [ 'ROLE_SUPERADMIN', 'ATTR1', 'ATTR2' ],
    //   isSuperAdmin: true
    // }

    // Get Users with query filter
    const users = await securityClient.users.getUsers({
      filter: {
        username: {
          include: "superadmin2",
        },
      },
    }, {
      accessToken: token
    });

    console.log(users);
    // =>
    // {
    //   users: [
    //     {
    //       id: 'c44ed13d-09cc-4797-8835-18e98b5f3e07',
    //       username: 'superadmin2',
    //       isActive: true,
    //       activationToken: null,
    //       createdAt: '2020-09-16T13:16:25.997Z',
    //       updatedAt: '2020-09-16T13:16:25.997Z',
    //       attributes: [Array],
    //       isSuperAdmin: true
    //     }
    //   ],
    //     total: 1,
    //   page: 1,
    //   limit: 25
    // }

    // Delete user
    await securityClient.users.deleteUser({ userId: newUserId }, { accessToken: token });

    // Get policies
    const policy = await securityClient.policy.getPolicies({ limit: 100 }, { accessToken: token });
    console.log(policy);

    // Add policy
    const newPolicy = {
      resource: "TEST",
      attribute: "TEST",
    }

    const { id } = await securityClient.policy.addPolicy(newPolicy, { accessToken: token });

    // Get policies with query filter
    const result2 = await securityClient.policy.getPolicies({
      filter: {
    id: {
      eq: id,
    },
      }
    }, {
       accessToken: token
    });

    console.log(result2);
    // =>
    // {
    //   policies: [
    //     {
    //       id: '7d9b054a-0c41-4517-8818-baa8af70cc12',
    //       attribute: 'TEST',
    //       resource: 'TEST'
    //     }
    //   ],
    //     total: 1,
    //   page: 1,
    //   limit: 25
    // }


    // Remove policy
    await securityClient.policy.removePolicy({ id }, { accessToken: token });
})();

Add user and attributes

const { getSecurityClient } = require('@tshio/security-client');

(async () => {
    const securityClient = getSecurityClient();
    const token = await securityClient.auth.login({ username: "superadmin", password: "superadmin" });

    const newUser = {
      username: "superadmin2",
      password: "superadmin",
      attributes: ["ROLE_SUPERADMIN"],
    }

    const { newUserId } = await securityClient.users.addUser(newUser, { accessToken: token });

    console.log(newUserId);
    // => 45287eff-cdb0-4cd4-8a0f-a07d1a11b382

    const newUserAttribute = {
      userId: newUserId,
      attributes: ["ATTR1", "ATTR2"],
    }

    await securityClient.users.addAttributes(newUserAttribute, { accessToken: token })

    const user = await securityClient.users.getUser({ userId: newUserId }, { accessToken: token });
    console.log(user);
    // =>

    await securityClient.users.deleteUser({ userId: newUserId }, { accessToken: token });
})();

Add user

const { getSecurityClient } = require('@tshio/security-client');

(async () => {
    const securityClient = getSecurityClient();
    const token = await securityClient.auth.login({ username: "superadmin", password: "superadmin" });

    const user = {
      username: "superadmin2",
      password: "superadmin",
      attributes: ["ROLE_SUPERADMIN"],
    }

    const { newUserId } = await security.users.addUser(user, { accessToken: token });

    console.log(newUserId);
    // => 45287eff-cdb0-4cd4-8a0f-a07d1a11b382
})();

Authorization API

async securityClient.auth.login({ username, password })

Login to rad-security

Returns a Token object or throw HttpError

Parameters
Request

| Name | Type | Description | |----------|------------|---------------------------------------| | username | string | User name | | password | string | User password |

Example
const token = await securityClient.auth.login({ username: "superadmin", password: "superadmin" });
console.log(token);
// => { accessToken: "...", refreshToken: "..." }

Back to Authorization API

async securityClient.auth.googleLogin({ code, redirectUrl })

Login to rad-security with Google OAuth provider

Returns a Token object or throw HttpError

Parameters
Request

| Name | Type | Description | |----------|------------|---------------------------------------| | code | string | Google authorization code for access tokens | | redirectUrl | string | redirect URL (configured in Google account) |

Example
const token = await securityClient.auth.login({ username: "superadmin", password: "superadmin" });
console.log(token);
// => { accessToken: "...", refreshToken: "..." }

Back to Authorization API

async securityClient.auth.facebookLogin({ code, redirectUrl })

Login to rad-security with Facebook OAuth provider

Returns a Token object or throw HttpError

Parameters
Request

| Name | Type | Description | |----------|------------|---------------------------------------| | code | string | Facebook authorization code for access tokens | | redirectUrl | string | redirect URL (configured in Facebook account) |

Example
const token = await securityClient.auth.login({ username: "superadmin", password: "superadmin" });
console.log(token);
// => { accessToken: "...", refreshToken: "..." }

Back to Authorization API

async securityClient.auth.resetPassword({resetPasswordToken, newPassword?})

Reset password

Returns a new password or throw HttpError

Parameters

| Name | Type | Description | |--------------------|------------|---------------------------------------| | resetPasswordToken | string | Reset password token | | newPassword | string | optional New password |

The newPassword is optional. If undefined, the password will be generated randomly .

const token = await securityClient.auth.resetPassword({
  resetPasswordToken: "reset password token...",
  newPassword: "NewSuperSecret",
});

Back to Authorization API

async securityClient.auth.refreshToken({ asccessToken, refreshToken })

Refreshes access token.

Returns a new Token object or throw HttpError

Parameters

| Name | Type | Description | |--------------|------------|---------------------------------------| | accessToken | string | Access token | | refreshToken | string | Refresh token |

Back to Authorization API

async securityClient.auth.refreshUserActiveToken(userId)

Refresh user's active token if token has expired.

Returns a new Token object or throw HttpError

Parameters

| Name | Type | Description | |--------------|------------|---------------------------------------| | userId | string | User ID |

Back to Authorization API

Tokens API

async securityClient.tokens.createAccessKey({ accessToken })

Create Api Key

Return object

{
  apiKey: string;
  type: "custom";
  createdBy: string;
}

or throw HttpError

Parameters
Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Back to Tokens API

async securityClient.tokens.generateToken({ accessExpirationInSeconds, refreshExpirationInSeconds }, { accessToken })

Creates new token with default policies and attributes without SUPERADMIN_ROLE attribute

Return object

{
  accessToken: string;
  refreshToken: string;
}

or throw HttpError

Parameters
Request

| Name | Type | Description | |------------------------------------|------------|---------------------------------------------| | accessExpirationInSeconds | number | Access token expiration time | | refreshExpirationInSeconds | number | Refresh token expiration time |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Back to Tokens API

async securityClient.tokens.getAccessKeys({ page, limit }, { accessToken })

Get access keys list (if no query parameters returns first 25 keys)

Return object

{
  accessKeys: {
    id: string;
    apiKey: string;
    type: string;
    createdBy: string;
    createdAt: Date;
  }[];
  total: number;
}

or throw HttpError

Parameters

| Name | Type | Description | Default | |--------------|------------|-------------------------------------------------|---------| | page | number | optional Page number | 1 | | limit | number | optional Number of results per page | 25 |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Back to Tokens API

async securityClient.tokens.removeAccessKey({ apiKey }, { accessToken })

Remove api key

Return void or throw HttpError

Parameters

| Name | Type | Description | |--------------|------------|-------------------------------------------------| | apiKey | string | ApiKey that should be deleted |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | token | object | Access token object | | token.accessToken | string | Access token |

Back to Tokens API

Users API

async securityClient.users.me({ accessToken, apiKey })

Return logged in profile object

Returns an object

{
  id: string,
  username: string,
  email: string,
  isActive: boolean,
  attributes: string[],
  resources: string[]
}

or throw HttpError

options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | accessToken | string | Access token |

Example
const result = await securityClient.auth.me({ 
  accessToken
});

console.log(result);
// => { userId: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382", username: "example", email: "[email protected]", isActive: true, atrributes: [], resources: [] }

Back to Users API

async securityClient.users.getUsers({ page?, limit?, filter?, order?}, { accessToken })

Get users list (if no query parameters returns first 25 users)

Parameters

| Name | Type | Description | Default | |--------------|------------|-------------------------------------------------|---------| | page | number | optional Page number | 1 | | limit | number | optional Number of results per page | 25 | | filter | object | optional Query filter | {} | | order | object | optional Order filter | {} |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

filter[column] = operator
export type GetUserColumns = "id" | "username" | "isActive" | "createdAt" | "updatedAt" | "attribute.name";

export type FilterOperators =
  | "eq"
  | "eqOr"
  | "neq"
  | "neqOr"
  | "lt"
  | "ltOr"
  | "gt"
  | "gtOr"
  | "gte"
  | "gteOr"
  | "include"
  | "includeOr";
Example
const users = await securityClient.users.getUsers({}, { accessToken });
console.log(users);
// => { users: [...], total: 1, page: 1, limit: 25, }

const users = await securityClient.users.getUsers({
  page: 1,
  limit: 10,
}, { accessToken });
console.log(users);
// => { users: [...], total: 1, page: 1, limit: 10, }

const users = await securityClient.users.getUsers({
  page: 1,
  limit: 10,
  filter: {
    username: {
      include: "super",
    }
  },
  order: {
    by: "username",
    type: "asc",
  },
}, {
  accessToken
});
console.log(users);
// => { users: [{username: "superadmin", ...}, ...], total: 1, page: 1, limit: 10, }

Back to Users API

async securityClient.users.activateUser({ activationToken }, { accessToken })

Activate a new user

Returns an object

{
  userId: string,
  isActive: boolean
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | activationToken | string | Activation token |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const result = await securityClient.auth.activateUser({
  activationToken: "activation token..."
}, { 
  accessToken
});

console.log(result);
// => { userId: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382", isActive: true }

Back to Users API

async securityClient.users.deactivateUser({ userId }, { accessToken })

Deactivate a user

Returns an object

{
  userId: string;
  isActive: boolean;
  deactivationDate: Date;
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | userId | string | User ID |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const result = await securityClient.auth.deactivateUser({
  userId: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382"
}, {
  accessToken
});

console.log(result);
// => { userId: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382", isActive: false,  deactivationDate: Date Tue Sep 15 2020 14:03:25 GMT+0200 (Central European Summer Time)}

Back to Users API

async securityClient.users.isAuthenticated({ accessToken })

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Am I logged?

Returns { isAuthenticated: boolean } or throw HttpError

Example
const  { isAuthenticated } = await securityClient.users.isAuthenticated({
  accessToken
});

console.log(isAuthenticated);
// => true

Back to Users API

async securityClient.users.hasAttributes({ attributes }, { accessToken })

Check if the user has provided attributes

Returns an object

{
  hasAllAttributes: boolean;
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | attributes | string[] | Array of attributes name |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const { hasAllAttributes } = await securityClient.users.hasAttributes({ attributes: ["ADMIN_PANEL"] }, { accessToken });

console.log(result);
// => true

Back to Users API

async securityClient.users.hasAccess({ resources }, { accessToken })

Check if the user has access to provided resources

Returns an object

{
  hasAccess: boolean;  // true if the user has access to all of the resources
  forbidden: string[]; // list of forbidden resources
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | resources | string[] | Array of resources name |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const result = await securityClient.users.hasAccess({ resources: ["api/users"] }, { accessToken });

console.log(result);
// => { hasAccess: true, forbidden: [] }

Back to Users API

async securityClient.users.addAttributes({ userId, attributes }, { accessToken })

Add attributes to the user

Returns an empty object or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | user ID | string | User ID | | attributes | string[] | An array of attributes for add to the user with userID |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

await securityClient.users.addAttributes({
  userId: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382",
  attributes: ["ATTR_1", "ATTR_2"]
}, {
  accessToken
});

Back to Users API

async securityClient.users.removeAttributes({ userId, attributes }, { accessToken })

Remove attributes from the user

Returns an empty object or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|--------------------------------------------------------------| | user ID | string | User ID | | attributes | string[] | An array of attributes to remove from the user with userID |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
await securityClient.users.removeAttributes({
  userId: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382",
  attributes: ["ATTR_1", "ATTR_2"]
}, {
  accessToken
});

Back to Users API

async securityClient.users.addUser({ username, password, attributes? }, { accessToken })

Create a new user

Returns an object

{
  newUserId: string;
}

throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | username | string | New user username | | password | string | New user password | | attributes | string[] | optional An array of user attributes |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const { newUserId } = await securityClient.users.addUser({
  username: "new-user",
  password: "password",
  attributes: ["ADMIN_PANEL"],
}, { 
  accessToken
});

console.log(newUserId);
// => "45287eff-cdb0-4cd4-8a0f-a07d1a11b382"

Back to Users API

async securityClient.users.deleteUser({ userId }, { accessToken })

Delete user

Returns an empty object or throw HttpError

userId

Type: string

User ID

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
await securityClient.users.getUser({
  userId: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382",
}, { accessToken });

Back to Users API

async securityClient.users.getUser({ userId }, { accessToken })

Get user

Returns an user object

User {
  id: string;
  username: string;
  isActive: boolean;
  isSuperAdmin: boolean;
  attributes: string[];
  createdAt: Date;
  updatedAt: Date;
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | user ID | string | User ID |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const result = await securityClient.users.getUser({
  userId: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382",
}, { 
  accessToken
});

Back to Users API

async securityClient.users.getUserId({ username }, { accessToken })

Get user id

Returns an object

{
  userId: string;
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | username | string | User name |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const { userId } = await securityClient.users.getUserId({
  username: "superadmin",
}, { accessToken });
console.log(userId)
// => "45287eff-cdb0-4cd4-8a0f-a07d1a11b382"

Back to Users API

async securityClient.users.getUserByResources({ resource, page?, limit? }, { accessToken })

Get users by resource name

Returns an object

{
  users: User[];
  total: number;
  page: number;
  limit: number;
}

or throw HttpError

Parameters

| Name | Type | Description | Default | Range | |--------------|------------|-------------------------------------------------|---------|-------| | resource | string | Resource name | | | | page | number | optional Page number | 1 | 1 - MaxInteger | | limit | number | optional Number of results per page | 25 | 1 - 1000 |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const result = await securityClient.getUserByResources.getUserId({
  resource: "RES1",
}, { accessToken });
console.log(result)
// => { users: [...],  total: 5, page: 1, limit: 25 }

Back to Users API

async securityClient.users.setPassword({ username, oldPassword, newPassword }, { accessToken })

Set a new password for user

Returns an object

{
  passwordChanged: boolean;
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | username | string | User name | | oldPassword | string | Old user password | | newPassword | string | New user password |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const { passwordChanged } = await securityClient.getUserByResources.setPassword({
  username: "superadmin",
  oldPassword: "superadmin",
  newPassword: "My new password"
}, { 
  accessToken
});
console.log(passwordChanged)
// => true

Back to Users API

async securityClient.users.passwordResetToken({ username }, { accessToken })

Returns token which will be used to reset the user password

Returns an object

{
  resetPasswordToken: string;
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | username | string | User name |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const { resetPasswordToken } = await securityClient.passwordResetToken.setPassword({
  username: "superadmin"
}, { accessToken });
console.log(resetPasswordToken)
// => "45287eff-cdb0-4cd4-8a0f-a07d1a11b382"

Back to Users API

Attributes API

async securityClient.attributes.getAttributes({ page?, limit?, filter?, order? }, { accessToken })

Return attributes list (if no queryFilter parameters returns first 25 attributes)

{
  attributes: Attribute[];
  total: number;
  page: number;
  limit: number;
}
Attribute {
  id: string;
  name: string;
  userId: string;
  username: string;
}

or throw HttpError

Parameters

| Name | Type | Description | Default | |--------------|------------|-------------------------------------------------|---------| | page | number | optional Page number | 1 | | limit | number | optional Number of results per page | 25 | | filter | object | optional Query filter | {} | | order | object | optional Order filter | {} |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

filter[column] = operator
export type GetAttributesColumns = "id" | "name" | "user.id" | "user.username";

export type GetAttributesFilterOperators = "eq" | "eqOr" | "neq" | "lt" | "gt" | "include" | "includeOr";
Example
const attributes = await securityClient.attributes.getAttributes({}, { accessToken });
console.log(attributes);
// => { attributes: [{id: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382", name: "ROLE_SUPERADMIN", userId: "21637dee-3d21-4cd4-aa0f-117d1a11b123", username: "superadmin}], total: 1, page: 1, limit: 25, }

const attributes = await securityClient.attributes.getAttributes({
  page: 1,
  limit: 10,
}, { accessToken });
console.log(attributes);
// => { attributes: [{id: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382", name: "ROLE_SUPERADMIN", userId: "21637dee-3d21-4cd4-aa0f-117d1a11b123", username: "superadmin}], total: 1, page: 1, limit: 10, }

const attributes = await securityClient.attributes.getAttributes({
  page: 1,
  limit: 10,
  filter: {
    name: {
      eq: "ROLE_SUPERADMIN",
    }
  },
  order: {
    by: "name",
    type: "asc",
  },
}, { accessToken });
console.log(users);
// => { users: [{username: "superadmin", ...}, ...], total: 1, page: 1, limit: 10, }

Back to Attributes API

Policy API

async securityClient.policy.addPolicy({ resource, attribute }, { accessToken })

Adds a new policy

Return object with policy id

{
  id: string;
}

or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | resource | string | Policy resource | | attribute | string | Policy attribute |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
const { id } = await securityClient.policy.addPolicy({ resource: "NEW_RESOURCE", attribute: "ATTR_1"}, { accessToken });
console.log(id);
// => "45287eff-cdb0-4cd4-8a0f-a07d1a11b382"

Back to Policy API

async securityClient.policy.getPolicies({ page?, limit?, filter?, order? }, { accessToken })

Get policies list (if no query parameters returns first 25 policies)

Return object

{
  policies: PolicyItem[];
  total: number;
  page: number;
  limit: number;
}
PolicyItem {
  id: string;
  resource: string;
  attribute: string;
}

or throw HttpError

Parameters

| Name | Type | Description | Default | |--------------|------------|-------------------------------------------------|---------| | page | number | optional Page number | 1 | | limit | number | optional Number of results per page | 25 | | filter | object | optional Query filter | {} | | order | object | optional Order filter | {} |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

filter[column] = operator
export type GetPoliciesColumns = "id" | "resource" | "attribute";

export type GetPoliciesFilterOperators = "eq" | "neq" | "lt" | "gt" | "include" | "includeOr";
Example
const policies = await securityClient.policy.getPolicies({}, { accessToken });
console.log(policies);
// => { attributes: [{id: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382", resource: "api/users", attribute: "ADMIN_PANEL"}], total: 1, page: 1, limit: 25 }

const policies = await securityClient.policy.getPolicies({
  page: 1,
  limit: 10,
}, { accessToken });
console.log(policies);
// => { attributes: [{id: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382", resource: "api/users", attribute: "ADMIN_PANEL"}], total: 1, page: 1, limit: 10 }

const policies = await securityClient.policy.getPolicies({
  page: 1,
  limit: 10,
  filter: {
    attribute: {
      eq: "ROLE_SUPERADMIN",
    }
  },
  order: {
    by: "resource",
    type: "asc",
  },
}, { accessToken });
console.log(policies);
// => { attributes: [{id: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382", resource: "api/users", attribute: "ADMIN_PANEL"}], total: 1, page: 1, limit: 10 }

Back to Policy API

async securityClient.policy.removePolicy({ id }, { accessToken })

Removes a policy by id

Return an empty object or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | id | string | Policy ID |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
await securityClient.policy.removePolicy({ id: "45287eff-cdb0-4cd4-8a0f-a07d1a11b382"}, { accessToken });

Back to Policy API

async securityClient.policy.removePolicy({ resource, attribute }, { accessToken })

Removes a policy by id

Return an empty object or throw HttpError

Parameters

| Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | resource | string | Policy resource | | attribute | string | Policy attribute |

Options

| Name | Type | Description | |-----------------------|------------|---------------------------------------| | apiKey | string | Api key | | accessToken | string | Access token |

Example
await securityClient.policy.removePolicy({ resource: "RESOURCE", attribute: "ATTR_1"}, { accessToken });

Back to Policy API

Understanding filters and ordering

Filters can be used search for a single condition or they can be wrapped in logical operands AND and OR. Filtering can be a simple conditional evaluation of a single field. The operator, column, and operator used in a filter are specific to the API they are used in.

//
interface UsersQueryFilter {
  page?: number;
  limit?: number;
  filter?: {
    [column in Columns]: {
      [operator in Operators]: string;
    };
  };
  order?: {
    by: GetUserColumns;
    type: "asc" | "desc";
  };
}
  • filter[column][operator] = value

    | Name | Type | Description | |-----------------------|------------|----------------------------------------------------------| | column | string | Column name, depending on the api method. See getUsers getAttributes getPolicies | | operator | string | Operator name, depending on the api method. See getUsers getAttributes getPolicies | | value | string or number or boolean (depending on the column type) | |

    Examples

    Single parameter filter

    filter: {
      username: {
        include: "super"
      }
    }

    Two parameter filter

    filter: {
      username: {
        include: "super"
      },
      isActive: {
        eq: true,
      },
    }
  • order

    | Name | Type | Description | Default | |-----------------------|------------|---------------------------------------------------------------------------------|---------| | by | string | optional column name for order sorting, depending on the api method. See getUsers getAttributes getPolicies | id | | type | asc or desc| optional Ascending or descending order | asc |

    Examples

    order: {
      by: "username",
      type: "desc"
    }

getUsers filter and order

Get users method

column = "id" | "username" | "isActive" | "createdAt" | "updatedAt" | "attribute.name"
operator = "eq"| "eqOr" | "neq" | "neqOr" | "lt" | "ltOr" | "gt" | "gtOr" | "gte" | "gteOr" | "include" | "includeOr"

getAttributes filter and order

Get attributes method

column = "id" | "name" | "user.id" | "user.username"`
operator = "eq" | "eqOr" | "neq" | "lt" | "gt" | "include" | "includeOr"

getPolicies filter and order

Get attributes method

column = "id" | "resource" | "attribute"
operator = "eq" | "neq" | "lt" | "gt" | "include" | "includeOr"

License

license

This project is licensed under the terms of the MIT license.

About us:

The Software House