New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@aax/gatekeeper

Package Overview
Dependencies
Maintainers
9
Versions
76
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@aax/gatekeeper

Permission library for aaX

latest
Source
npmnpm
Version
1.0.87
Version published
Maintainers
9
Created
Source

GateKeeper

Permission library for allaboutXpert

🔧 Installation

npm i @aax/gatekeeper

🎬 Getting started

Let's demonstrate usage with a few examples:

import {
  Action,
  Entity,
  GateKeeper,
  RisksAction,
  Scope
} from "@aax/gatekeeper";

// Get the permission set from your user token.
// Refer to the License API or a decoded
// token for correct keys to query
const token = user.token.perms;
const gk = new GateKeeper(token);

if (gk.can(RiskAction.RISKS_CLOSE, Scope.ALL, Entity.RISKS)) {
  // This user has the permission to close ALL risks
}

if (gk.can(RiskAction.RISKS_ESCALATE)) {
  // This person has the right to escalate risks
  // NOTE: There is no datascope being enforced on this query
  //       so it will only be used for instances where you
  //       want to e.g. show a button or meny entry
}

if (gk.can(Action.VIEW, Scope.ALL, Entity.Risks)) {
  // This user has the permuission view ALL risks
}

The library will not throw any Errors so try/catch blocks are not necessary. That being said when NODE_ENV=development the library will throw an Error but only as a warning that you have used the library incorrectly so keep an eye out on your consoles.

Full set of examples.

// Extended with scope
// console.log(gk.can(RisksAction.RISKS_CLOSE, Scope.ALL, Entity.RISKS));
// console.log(gk.can(RisksAction.RISKS_CLOSE, Scope.OWN, Entity.RISKS));

// Extended without scope
// console.log(gk.can(RisksAction.RISKS_ESCALATE));

// Entity with scope
// console.log(gk.can(Action.VIEW, Scope.ALL, Entity.RISKS));
// console.log(gk.can(Action.VIEW, Scope.OWN, Entity.RISKS));

// Entity without scope
// console.log(gk.can(Action.VIEW, Entity.RISKS));

Publish your new changes

Version eg: major.minor.patch

You are now done and want to publish your changes to the component library, based on the type of change you made, you'll want to use one of these commands Run npm run publish:patch when you make backwards compatible bug fixes. Run npm run publish:minor when you add functionality in a backwards compatible manner. Run npm run publish:major when you make incompatible API changes.

Process to follow

  • Test your changes from one of the apps.
  • Create a PR with your changes.
  • Once approved, you can then Publish via one of the above publish commands.
  • Once a new version of the library was created, you can now update all apps to reference the new component library version.

FAQs

Package last updated on 01 Apr 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026