accessctrl
v0.1.2
Published
AccessCtrl library to generate standard configuration based on the API resource comments to secure API access and also provide a method to verify that incoming request has the permission to access the resource or not.
Downloads
5
Readme
AccessCtrl
AccessCtrl library to generate standard configuration based on the API resource comments to secure API access and also provide a method to verify that incoming request has the permission to access the resource or not.
License
Features
- ACL Configuration Generator
- Resource level Access Verification
Installation
npm i accessctrl --saveUsage/Examples
Generate Access configuration JSON
/**
* @apiType POST
* @apiKey Create User
* @apiPath /api/i/user
* @apiGroup User
* @apiPermission admin
*/| Parameter | Description | | :-------- | :------------------------- | | @apiType| Required. Methods GET, POST, PATCH, DELETE | | @apipKey | Unique Reference String | | @apiPath | Required. Resource Path | | @apiGroup | Required. Resource Group, unique Value | | @apiPermission | Required. comma seperated string e.g: admin,user,moderator|
Usage
const list = accessCtrl.generateACL({
source: "server/**/*.routes.js" //location of the routes/controller
});Output
Generated SuccessfullyVerify JSON
Prerequisite
Need Role priority
const rank = [
{ role: "user", priority: 3 },
{ role: "moderator", priority: 2 },
{ role: "admin", priority: 1 },
];| Parameter | Description | | :-------- | :------------------------- | | userRole| Required. ["user"] | | requestPath | Required. '/api/i/article"' Current request resource path | | requestMethod | Required. "POST" Current Request method |
Usage
const accessCtrl = require("accessctrl");
const aclConfig = require("./acl.json");
accessCtrl.initAcl(rank, aclConfig)
const status = accessCtrl.verifyPermission( userRole, requestPath, requestMethod);Output
true/false