npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

sails-hook-permit-actions

v1.2.2

Published

Sails.js role and permission based security hook with user authentication included out of the box.

Downloads

44

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bgulottabgulotta

Keywords

sailscontrollersactionsblueprintsrolespermissions

Readme

sails-hook-permit-actions

Join the chat at https://gitter.im/bgulotta/sails-hook-permit-actions

NPM version Build status Coveralls Dependency Status devDependency Status

Sails.js role and permission based security hook with user authentication included out of the box. It is designed to plug in and work with blueprints and custom controller actions.

Authentication provided by: https://github.com/tjwebb/sails-auth

Install

$ npm install sails-hook-permit-actions --save

Usage (with a clean sails instance)

$ sails lift

You can authenticate with the default admin user:

POST: /auth/local send:{ identifier: 'admin', password: 'admin1234' }

config/permissions.js

This configuration file is where you can extend the permissions the hook creates for you during lift.

For example:

If I wanted to create a sails classroom api and lock it down to only teachers.

I would first generate the classroom api:

$ sails generate api classroom

Then create a new teacher role and give the role access to all classroom blueprint actions:

Roles: {
  'teacher': {
    'classroom': { actions: ['create','find','findone','update','destroy','populate','add','remove'] }
  }

The 3 roles below are created automatically for you by the hook:

  1. Admin:
  • A user with this role has api access to the following:
    • All controllers
    • All actions including blueprint and custom actions
  • A user with this role does not have access to the following:
    • Any action marked as internal
  1. Registered (Note: all users have this role by default):
  • A user with this role has api access to the following:
    • User controller (only for their user):
      • blueprint actions: ['findone','update','destroy','populate','add','remove']
    • Auth controller:
      • custom actions: ['disconnect','provider','logout']
        • Logout occurs here in sails-auth
  • A user with this role does not have access to the following:
    • Any action marked as internal
  1. Public:
  • This role allows any action tied to it available to everyone automatically:
    • User controller:
      • blueprint actions: ['create']
    • Auth controller:
      • custom actions: ['callback']
        • Authentication occurs here in sails-auth
  • A user with this role does not have access to the following:

    • Any action marked as internal

You can see how they are used in the unit tests below:

https://github.com/bgulotta/sails-hook-permit-actions/blob/master/test/unit/controllers/PermissionController.test.js

License

MIT