permitted

role based access control

usage

import {User, Policy} from 'permitted'

let policy = new Policy({
    article: {
        read: ['user', 'editor'],
        write: 'editor'
    },
    user: {
        manage: 'admin'
    }
})

let user = new User('admin', policy)

user.can('read', 'article')  // false
user.can('manage', 'user')  // true
user.is('admin')  // true

role inheritance

import {User, Policy} from 'permitted'

let hierachy = {
    admin: ['user', 'editor'],
    editor: 'user'
}
let policy = {
    article: {
        read: 'user',
        write: 'editor'
    },
    issue: {
        report: ['user', '!admin']
    }
}
let user = new User('admin', new Policy(policy, hierarchy))

user.is('editor')  // true
user.can('read', 'article')  // true
user.can('report', 'issue')  // false

the root role

root can do anything

let root = new User('root', new Policy(policy, hierarchy))

to specify another role other than root, provide a third params to Policy consturctor

new Policy(policy, hierarchy, 'admin')

attach extra data to user object

let user = new User(['role', 'elor'], policy, {id: req.session.id})
console.log(user.id)

koa middleware

import {User, Policy, can} from permitted
app.use((ctx, next) => {
    req.user = new User(req.session.roles, new Policy(policy, hierachy))
    next()
})

app.get('/articles/:id', can('read', 'article'), ctx => {
    // ...
})