Security News
PyPI Now Supports iOS and Android Wheels for Mobile Python Development
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.
By Sarah Gooding - Feb 12, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@slynova/fence
Advanced tools
fence is a framework-agnostic package which provides powerful ACL abilities to JavaScript.
It lets you easily manage ACL with a fluent API easy to learn and to work with. :rocket:
Getting Started
This package is available in the Node Package Repository and can be easily installed with npm or yarn.
$ npm i @slynova/fence
# or
$ yarn add @slynova/fence
When you require the package in your file, it will give you access to the Guard and Gate class.
const { Gate, Guard } = require('@slynova/fence')
Gate & Policy
A Gate is a closure that returns a boolean to determine if the user is allowed to perform a certain action.
Instead of using a closure, you can also write a Policy. Those are classes that let you organise your authorisation around a particular model or resource.
Writing a Gate
To define a new Gate you will need to call the define method on the Gate facade.
Gate.define('name-of-the-gate', async (user, resource) => {
// Payload
// e.g. return user.id === resource.author_id
})
Writing a Policy
To define a new Policy you will need to call the policy method on the Gate facade.
Gate.policy(post, PostPolicy)
The first argument is the object you want to define the policy for. It can be a simple JSON or an ES2015 class.
The policy must be an ES2015 class.
Guard
The Guard is the guardian of your gates.
Most of the time, you'll want to use the authenticated user to test your gates. For this reason, node-fence let you use the method Guard.setDefaultUser().
// The user can be retrieve from the auth middleware you are using
const guard = Guard.setDefaultUser({ id: 1, username: 'romainlanz' })
Testing a Gate
You can test your gate with a short or a long syntax.
// Long
await Guard.can(user).goThroughGate('XXX').for(resource) // true or false
// Short - will need to have an instance of Guard with the specific user
await guard.allows('XXX', resource) // true or false
await guard.denies('XXX', resource) // true or false
Contribution Guidelines
Any pull requests or discussions are welcome.
Note that every pull request providing a new feature or correcting a bug should be created with appropriate unit tests.
FAQs
Flexible and Fluent way to manage ACL in Node.js.
The npm package @slynova/fence receives a total of 45 weekly downloads. As such, @slynova/fence popularity was classified as not popular.
We found that @slynova/fence demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 23 Jun 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Create React App Officially Deprecated Amid React 19 Compatibility Issues
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.
By Sarah Gooding - Feb 11, 2025
Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025