npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

identity

v4.11.4

Published

Identity client

Downloads

609

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

s-teams-teamphilwphilw

Keywords

actionheroidentityclient

Readme

IDENTITY PLUGIN V4

This plugin includes 3 parts:

  1. Grunttask
  2. Openrecord Plugin
  3. Actionhero Plugin

The grunttask is for synchronising roles, role_entiteies and values. Values will be synchronized automatically if your define it in your openrecord model. (see: OpenRecord Plugin/Value Sync). The OpenRecord plugin enhances your model definition to also support permissions. Permissions will be applied to find, create, update and destroy. The actionhero plugin handles the OAuth2 handshake, user and sessions management, communication with other identity apps ans some more.

Config

after installing identity your config folder should contain a identity.js config file. Every identity client has an id and secret to authenticate the application. Additionally every application has multiple roles, entities and values. An identity user can have multiple roles and every role could have multiple entities attached to it. set simplifyAdminRole to true, to combine the admin and application_admin role into admin.

Now you could grant User X permissions to Project A and B via the admin web interface of identity.

  • be sure to enable the plugin within actionhero (config/api.js)
  • you will need to add the identity package (npm install identity --save) to your package.json

Grunttask:

Roles Sync

`identity:sync`

Complete Value Resync

`identity:values:resync`

Helper

grunt.login(callback) gives you a login prompt + starts the actionhero server.

var done = this.async()
grunt.login(function(api, access_token, user){
  if(!access_token){
    return done(false);
  }
});

OpenRecord Plugin:

Model Permissions

	this.permission({
		role_name: true/false //global allow/deny
		role_name: {
			find: true/false, //allow/deny a specific operation
			find: function(){
				//inside a beforeFind hook
			},
			find: function(query, next){
				//inside a async beforeFind hook
			},
			
			create: true/false
			create: function(){
				//inside a beforeCreate hook
				//don't forget to call: this.errors.add('insufficient_permissions');
				return true/false
			}			
			create: function(record, transaction, next){
				//inside a beforeCreate hook
				//don't forget to call: this.errors.add('insufficient_permissions');
				next(true/false);
			}
			
			//same for update, destroy
			//modify includes create, update and destroy
				
			fields: {
				all: true/false //globall allow/deny - it's true by default
				field_name: true/false //allow/deny a specific field
				field_name: 'find' //allow only find
				field_name: ['find', 'create'] //allow find and create,
				field_name: function(){return true/false} //with custom function - no support for async functions!
			}
		}
	})

Value Sync

	this.identityValue('entity_name', function(){ //optional function to control which records should be synced
		return true/false (record scope)
	}); //in definition

Actionhero Plugin

OAuth

/api/oauth

User/Session management

/api/login, /api/logout, /api/profile, /api/user actions

Add user to connection

connection.user is the current user

The User Model has the following helper methods:

  • .hasRole(role_name): boolean
  • .getValues(entity_id[, role]): array
  • .hasValue(entity_id, id[, role]): boolean
  • `.fromGroup(entity_id, id, role): object {name: 'GroupName', id:1}

Session handling

connection.session is a object which will be saved into the actionhero cache.

Action Permissions

requireAuth: true/false, requireRole: 'admin' / ['admin', 'lead']

Identity proxy

the whole identity server is available via http://yourapp.com/api/identity/*. e.g. http://yourapp.com/api/identity/users and will only return values which belongs to the application

App comunication

api.identity.application('application_name').get('action', {param:'value'}, callback) api.identity.application('application_name').post('action', {param:'value'}, callback) api.identity.application('application_name').put('action', {param:'value'}, callback) api.identity.application('application_name').delete('action', {param:'value'}, callback)

SpecHelper

Test-Setup:

/test
	_setup.js
	actions/
	fixtures/
		sql/
			clear.sql
			default.sql

_setup.js

require('identity/spec_helper'); //require identity spec_helper

before(test.startActionhero); //starts actionhero + initializes the database
after(test.stopActionhero); //stops actionhero

//add as many users as you need for your tests
test.addUser('admin', {
  id: 1, //user's id
  first_name: 'Administrator',
  last_name: 'Admin',
  permissions: [{ //array of permissions
    role_id: 'admin', //role
    values: {} //values. e.g. {domain: [1, 2, 3]}
  }]
});

clear.sql

DROP TABLE openrecord_migrations;
# drop your tables and views here

default.sql

# add your test data here

Global object test has the following methods: test.action(name[, params, connectionParams], callback) test.loginAs(username).action(name, params, callback)

There are 2 callback-helpers: test.insufficientPermissions(callback) test.emptyResult(callback)

e.g. to test for insufficient permissions:

  it('"projects:destroy" should fail', function(done){    
    test.loginAs('user').action('projects:destroy', {id: 1}, test.insufficientPermissions(done));
  });