npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

c4accesscontrol

v0.0.2

Published

C4Framework Web Service Access Control

Downloads

6

Readme

C4AccessControl是基于RBAC(基于角色权限控制)模型进行设计的权限控制框架(模块),需要配置C4WebService模块进行使用(已内置ACL解析和控制逻辑)。 其中主要概念有:

  • 资源矩阵

    • 用于描述对资源可以进行的操作,包含create、read、update、delete四种操作,对应RESTFul API的POST、GET、PUT/PATCH、DELETE的METHOD;
    • 包含每种操作可以包含的用户关系描述,“own”和“any”,对应为当前用户关联和所有用户关联;
    • 支持对静态资源的配置
  • 权限矩阵

    • 权限矩阵是与角色关联的对资源的权限设置
  • 角色

    • 角色是与权限关联的用于权限管理的逻辑概念,即权限只有角色直接关联;
    • 角色是赋予用户的不同权限的逻辑组,即用户只与角色关联;
  • 用户

    • 用户是最终执行权限判定的载体,但其不与权限直接关联,而是通过关联角色来赋予权限
  • 用ACL注解对方法进行标记;
  • 注解项包含:
/**
* 资源矩阵配置信息
*/
export interface ACResourceMatrix {
    /**
    * 最终会设置为path
    * TODO: 该处设计不合理,不应该设置为path,应该为资源名或ID
    * 增加一个对象来存储包含路径的向量
    */
    resource: string;
    /**
    * 显示名称(省略将为resource)
    */
    desc?: string;

    /**
    * 分组信息(默认值是空字符串)
    */
    group ?: string;

    /**
    * TODO: 这个desc是用于构建UI时给用户展示使用,
    * 需要与Java端的实现沟通,并在档案(账户/权限)服务中增加该列的记录
    */
    groupDesc?: string;

    /**
    * 操作(省略将为动作默认方法,如GET对应read)
    * TODO: 这里的desc是对action的描述,用于构建UI时给用户展示使用
    * 需要与Java端的实现沟通,并在档案(账户/权限)服务中增加该列的记录
    */
    action?: {
        create ?: actionOp;
        read   ?: actionOp;
        update ?: actionOp;
        delete ?: actionOp;
        createDesc ?: string;
        readDesc   ?: string;
        updateDesc ?: string;
        deleteDesc ?: string;
    };

    // 查询条件上表示用户标识的参数名
    paramUser  ?: string;

    // body体上表示用户表示的属性名
    bodyUser   ?: string;

    // 后置过滤配置
    /**
    * TODO: 后置过滤的配置
    */
    filters    ?: any;

    // 是否是静态资源的ACL
    staticRes  ?: boolean;

    // 静态资源ACL的path匹配正则
    staticPathReg ?: RegExp;
};
  • C4AccessControl

    • 说明:C4AccessControl对象,提供资源矩阵上传、权限矩阵下载、用户权限验证功能

    • 路径:./src/C4AccessControl.ts

    • 成员变量:

      • m_bInit,是否初始化
      • m_ACLCache,权限的Cache
      • m_ACLCommunicator,通讯对象,用于同步资源、权限矩阵等
      • m_bDisable,功能是否开启
      • m_Logger,日志对象
      • m_ResourcesMatrix,资源矩阵
      • m_StaticResourcesMatrix,静态资源矩阵
      • m_RolesInfo,权限矩阵
    • 成员方法:

      • init
      /**
      * 初始化
      * @param config C4AccessControlConfig
      */
      async init(config: C4AccessControlConfig)
      • isEnabled
      /**
      * 获取启用状态
      */
      isEnabled()
      • isInit
      /**
      * 获取初始化状态
      */
      isInit()
      • addAccCtrlTarget
      /**
      * 设置权限矩阵
      * @param accCfg ACResourceMatrix
      */
      addAccCtrlTarget(accCfg : ACResourceMatrix)
      • getUserRoles
      /**
      * 获取权限组
      * @param userID 用户ID
      */
      private async getUserRoles(userID : string)
      • getRolePossession
      /**
      * 获取权限组动作属性
      * @param roleName 角色名
      * @param resource 资源名
      * @param action 动作
      */
      private getRolePossession(roleName: string, resource: string, action: string)
      • getResourceConfig
      /**
      * 根据资源名获取资源矩阵
      * @param resource 
      */
      getResourceConfig(resource : string)
      • getStaticResourceConfigs
      /**
      * 获取静态资源的资源矩阵
      */
      getStaticResourceConfigs()
      • AccCtrlAuth
      /**
      * 判断权限
      * @param resource 权限接口资源名
      * @param inObj 入参对象
      */
      async AccCtrlAuth(resource: string, user: string, action: string | undefined, paramUser: string | undefined): Promise<{
          role : string;
          pass : boolean;
          user?: string;
      }> 
      • updateAclMatrix
      /**
      * 上传权限矩阵
      */
      async updateAclMatrix()
      • launch
      /**
      * 启动
      */
      async launch()
      • reset
      /**
      * 重置
      */
      async reset()
  • ACLCache

    • 说明:ACL的Cache接口对象

    • 路径:./src/C4AccessControlTypes/C4AccessControlConfig.ts

    • 成员变量:无

    • 成员方法:

      • init,初始化
      • release,释放
      • getCache,获取缓存
      • setCache,设置缓存
  • ACLCommunicator

    • 说明:ACL的通讯接口对象

    • 路径:./src/C4AccessControlTypes/C4AccessControlConfig.ts

    • 成员变量:无

    • 成员方法:

      • init,初始化
      • release,释放
      • upload,上传
      • sync,同步权限矩阵
      • syncUserRoles,同步用户的角色
  • ACLDefaultCache

    • 说明:测试用的Cache,在内存中存储

    • 路径:./src/C4AccessControlUtils/ACLDefaultCache.ts

    • 成员变量:

      • m_ACLCached,cache对象
    • 成员方法:同ACLCache

  • ACLRedisCache

    • 说明:Redis Cache,在Redis中存储

    • 路径:./src/C4AccessControlUtils/ACLRedisCache.ts

    • 成员变量:

      • m_RedisClient,Redis客户端
    • 成员方法:同ACLCache

  • ACLDemoCommunicator

    • 说明:用于提交和同步资源矩阵、权限矩阵的Communicator的Demo

    • 路径:./src/C4AccessControlUtils/ACLDemoCommunicator.ts

    • 成员变量:

      • m_Token,token
      • m_ServerHost,服务的地址
    • 成员方法:同ACLCommunicator