@cobuildlab/rbac
Advanced tools
Role-based access control (RBAC) refers to the idea of assigning permissions to users based on their role within an organization. It offers a simple, manageable approach to access management that is less prone to error than assigning permissions to users
Role-based access control (RBAC) refers to the idea of assigning permissions to users based on their role within an organization. It offers a simple, manageable approach to access management that is less prone to error than assigning permissions to users individually.
https://github.com/cobuildlab/conventions/issues/24
create systematic, repeatable assignment of permissions
easily audit user privileges and correct identified issues
quickly add and change roles, as well as implement them across APIs
cut down on the potential for error when assigning user permissions
integrate third-party users by giving them pre-defined roles
more effectively comply with regulatory and statutory requirements for confidentiality and privacy
RBAC Model
$ npm i @cobuildlab/rbac
// It is strictly typed so it need enums declared before initialization
enum Roles {
ADMIN = 'ADMIN',
MANAGER = 'MANAGER',
}
enum Permissions {
DASHBOARD = 'DASHBOARD',
}
// It needs the Roles and Permissions passed as generics, and a default role.
const RBACproject = new RBAC<Roles, Permissions>(Roles.ADMIN);
// defined the rules
RBACproject.createRule(
Roles.ADMIN,
Permissions.DASHBOARD,
true,
'Access granted',
);
RBACproject.createRule(
Roles.MANAGER,
Permissions.DASHBOARD,
false,
'Access denied',
);
RBACproject.check(Roles.ADMIN, Permissions.DASHBOARD); // [true, 'Access granted']
// It is strictly typed so it need enums declared before initialization
enum Roles {
ADMIN = 'ADMIN',
MANAGER = 'MANAGER',
}
enum Permissions {
DASHBOARD = 'DASHBOARD',
}
// It accept a type for the dinamic data of the permission
const RBACdynamic = new RBAC<
Roles,
Permissions,
{ DASHBOARD: { shouldEdit: boolean } }
>(Roles.ADMIN);
// Here data will be types as `{ shouldEdit: boolean }`
RBACdynamic.createRule(Roles.ADMIN, Permissions.DASHBOARD, (data) => {
const result = data.shouldEdit;
const message = result ? 'Access granted' : 'Access denied';
return [result, message];
});
const testData = { shouldEdit: true }; // fake data
RBACdynamic.check(Roles.ADMIN, Permissions.DASHBOARD, testData);
enum Roles {
ADMIN = 'ADMIN',
MANAGER = 'MANAGER',
}
enum Permissions {
DASHBOARD = 'DASHBOARD',
}
const defaultRole = new RBAC<Roles, Permissions>(Roles.MANGER);
defaultRole.createRule(
Roles.ADMIN,
Permissions.DASHBOARD,
false,
'Access granted',
);
// This method allows to set a defualt role, after initialization
defaultRole.setDefaultRole(Roles.ADMIN);
defaultRole.check(null, Permissions.DASHBOARD); // [false, 'Access granted']
enum Roles {
ADMIN = 'ADMIN',
MANAGER = 'MANAGER',
}
enum Permissions {
AGENT_ADMIN_USER_DETAILS = 'AGENT_ADMIN_USER_DETAILS',
}
const RBAC = new RBAC<Roles, Permissions>(Roles.MANGER);
RBAC.createRule(
Roles.ADMIN,
Permissions.AGENT_ADMIN_USER_DETAILS,
false,
'Access granted',
);
const RoleAuthorization = ({ render, error, permission }) => {
const [canRender, message] = RBAC.check('admin', permission, data);
if (canRender) {
return render(message);
}
return error ? error(message) : null;
};
const MyComponent = () => (
<RoleAuthorization
permission={'AGENT_ADMIN_USER_DETAILS'}
render={() => <UserDetialsView />}
error={() => <div>You dont have permission</div>}
/>
);
const api = require('api-request');
enum Roles {
ADMIN = 'ADMIN',
MANAGER = 'MANAGER',
}
enum Permissions {
CAN_READ_USERS = 'CAN_READ_USERS',
}
const RBAC = new RBAC<Roles, Permissions>(Roles.MANGER);
RBAC.createRule(
Roles.ADMIN,
Permissions.CAN_READ_USERS,
true,
'Access granted',
);
if (RBAC.check(Roles.ADMIN, Permissions.CAN_READ_USERS)) {
api.getUser().then((users) => {
//Do some stuff with uses.
});
}
FAQs
Role-based access control (RBAC) refers to the idea of assigning permissions to users based on their role within an organization. It offers a simple, manageable approach to access management that is less prone to error than assigning permissions to users
The npm package @cobuildlab/rbac receives a total of 102 weekly downloads. As such, @cobuildlab/rbac popularity was classified as not popular.
We found that @cobuildlab/rbac demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.