seneca-entity-access
v0.2.0
Published
seneca integration for entity-access
Downloads
2
Readme
seneca-perm backwards compatibility layer
The new entity-access layer provides a simpler way to resolve the same requirements that the existing seneca-perm module currently handles.
But because you might already have a configured app, it might not be feasible to re-develop the entire access control layer you have written.
This module will allow you to drive the new entity-access layer through a mostly-unmodified 'seneca-perm' options object.
Usage:
- Create an
entities/foo/acl.js
file. - In this file:
var db = require('../db');
var aclSeneca = require('seneca-entity-access/perm');
var perms = require('./config/options.permissions');
module.exports = aclSeneca(db, 'foo', perms.accessControls);
- Load this file into the acl module in
entities/foo/index.js
options.permissions changes:
Go through each acl in the options.permissions file manually.
You only care about records that match all of these criteria :
- Is the entity type you care about.
- Has 'list' amongst it's actions.
- Has control set to 'requisite', 'required' or 'sufficient'.
For each of these records, make the following changes :
- Give the acl entry a 'lock' property with a simple identifier.
- If the test has to be negative, add:
reject: true
to the object. ie: users in manual blacklist are NOT allowed. - If the entry uses a fn condition, you will need to reimplement it.
Re-implementing fn conditions
(see acl documentation)
TODO:
- use s-expression like syntax for the middlepoint between other engines.
- Support filtering of records at various places in the workflow.
- Set of seneca actions that allow/deny requests based on new acl.