accessctrl
v0.1.2
Published
AccessCtrl library to generate standard configuration based on the API resource comments to secure API access and also provide a method to verify that incoming request has the permission to access the resource or not.
Downloads
18
Readme
AccessCtrl
AccessCtrl library to generate standard configuration based on the API resource comments to secure API access and also provide a method to verify that incoming request has the permission to access the resource or not.
License
Features
- ACL Configuration Generator
- Resource level Access Verification
Installation
npm i accessctrl --save
Usage/Examples
Generate Access configuration JSON
/**
* @apiType POST
* @apiKey Create User
* @apiPath /api/i/user
* @apiGroup User
* @apiPermission admin
*/
| Parameter | Description | | :-------- | :------------------------- | | @apiType| Required. Methods GET, POST, PATCH, DELETE | | @apipKey | Unique Reference String | | @apiPath | Required. Resource Path | | @apiGroup | Required. Resource Group, unique Value | | @apiPermission | Required. comma seperated string e.g: admin,user,moderator|
Usage
const list = accessCtrl.generateACL({
source: "server/**/*.routes.js" //location of the routes/controller
});
Output
Generated Successfully
Verify JSON
Prerequisite
Need Role priority
const rank = [
{ role: "user", priority: 3 },
{ role: "moderator", priority: 2 },
{ role: "admin", priority: 1 },
];
| Parameter | Description | | :-------- | :------------------------- | | userRole| Required. ["user"] | | requestPath | Required. '/api/i/article"' Current request resource path | | requestMethod | Required. "POST" Current Request method |
Usage
const accessCtrl = require("accessctrl");
const aclConfig = require("./acl.json");
accessCtrl.initAcl(rank, aclConfig)
const status = accessCtrl.verifyPermission( userRole, requestPath, requestMethod);
Output
true/false