Security News
Highlights from the 2024 Rails Community Survey
A record 2,709 developers participated in the 2024 Ruby on Rails Community Survey, revealing key tools, practices, and trends shaping the Rails ecosystem.
@techteamer/acl
Advanced tools
$ npm i @techteamer/acl --save
After installing the package there are two ways you can use it.
You can use a single ACLService instance to handle your rules and roles in a single list.
You can use an ACLManager to handle multiple ACLService instances. In this case there is a priority between the ACLs added to the manager. The ACL which was added later takes precedence over the previously added ones.
An other way of saying this is: you can override the ACLs by adding newer lists but if the role you are looking for cannot be found in the ACL with the highest priority the manager will fallback to the ACLs with lower priority.
WARNING! If the ACLManager found the role in the first ACL list it will not fallback to lower priority ACLs even if the higher priority one do not have the rule you were looking for.
All reject rules higher than any accept rule!
Start your rule without any flag to create an accept rule
accept.rule
Start your rule with !
flag to create a reject rule
!reject.rule
Start your role or rule with @
flag to ignore it
@ignored.rule
const { ACLService } = require('@techteamer/acl')
// create ACL instance
const acl = new ACLService()
// create a role
acl.createRole('admin')
// create an accept rule
acl.createRule('users.create', 'admin')
// check rule access; returns true
acl.isAllowed('users.create', 'admin')
const { ACLService } = require('@techteamer/acl')
// create ACL instance
const acl = new ACLService()
// import roles and rules
acl.import({
"admin":[
"users.*",
"system.*"
],
"supervisor":[
"users.*",
"!users.delete",
"system.*",
"!system.shutdown",
"@ignored"
],
"@ignored":[
"users.list"
]
})
// returns true
acl.isAllowed('users.create', 'supervisor')
// returns false *
acl.isAllowed('users.delete', 'supervisor')
Logging disabled by default! ( acl.logger = false
)
Single callback as logger
acl.logger = function(level, message){
// available log levels:
// - debug: verbose process messages
// - info: general informations
// - warn: warning messages (not critical)
// - error: error messages (critical)
...
}
Object (or any class instance) with public methods
acl.logger = {
info: function(message){ ... },
warn: function(message){ ... },
...
}
Import roles and rules as an object. Import is an append based method, if you want to overwrite previous rules, first use the clear
method. After import completed, result cache automatically cleared.
Arguments
settings {Object} {
role {String}: rules {Array},
...
}
Create a single role.
Throws an ACLError
when role already exists.
Arguments
name {String} Role name.
Create a single accept or reject rule. After rule created, result cache automatically cleared.
Throws an ACLError
when rule already exists in provided role or role not exists.
Arguments
name {String} Rule name.
role {String} Role name.
Returns with true, when role exists, otherwise false.
Arguments
name {String} Role name.
Returns the list of available roles as a string array.
Returns with true, when rule accepted, otherwise false. All results are stored in the result cache!
Throws an ACLError
when role not exists.
Arguments
rule {String} Rule name.
role {String} Role name.
Returns with true, when all rule accepted, otherwise false. If access list is empty, returns false. All results are stored in the result cache! Throws an ACLError
when role not exists.
Arguments
rules {Array} Rule names.
role {String} Role name.
Returns with true, when any rule accepted, otherwise false. If access list is empty, returns false. All results are stored in the result cache! Throws an ACLError
when role not exists.
Arguments
rules {Array} Rule names.
role {String} Role name.
Clear all results from result cache.
Clear all roles, rules and results from ACL instance.
const { ACLManager, ACLService } = require('@techteamer/acl')
// create ACL instance
const acl = new ACLService()
// import roles and rules to ACLService
acl.import({
"admin":[
"users.*",
"system.*"
],
"supervisor":[
"users.*",
"!users.delete",
"system.*",
"!system.shutdown",
"@ignored"
],
"@ignored":[
"users.list"
]
})
// Import ACLService to ACLManager:
const acm = new ACLManager()
acm.import(acl)
// Use the ACLManager instead of the ACLService
// returns true
acm.isAllowed('users.create', 'supervisor')
// returns false
acm.isAllowed('users.delete', 'supervisor')
const { ACLManager } = require('@techteamer/acl')
// Import ACL config directly into the ACLManager:
const acm = new ACLManager()
acm.importConfig({
"admin":[
"users.*",
"system.*"
],
"supervisor":[
"users.*",
"!users.delete",
"system.*",
"!system.shutdown",
"@ignored"
],
"@ignored":[
"users.list"
]
})
// Use the ACLManager instead of the ACLService
// returns true
acm.isAllowed('users.create', 'supervisor')
// returns false
acm.isAllowed('users.delete', 'supervisor')
To check for roles and rules you can use the same methods:
isAllowed(rule, role)
areAllowed(rules, role)
anyAllowed(rules, role)
const { ACLManager } = require('@techteamer/acl')
// Import ACL config directly into the ACLManager:
const acm = new ACLManager()
// Lower priority
acm.importConfig({
"admin":[
// Any rule listed here will be ignored...
"system.shutdown"
],
"supervisor":[
// Every 'supervisor' role check will fallback to this rule list:
"users.*",
"!users.delete"
]
})
// Higher priority (added later)
acm.importConfig({
"admin":[
// Rules here will take precedence over the ones listed in the first ACL config's 'admin' role section.
"users.*",
]
})
// returns true
acm.isAllowed('users.create', 'supervisor') // Fallback
acm.isAllowed('users.delete', 'admin') // No fallback
// returns false
acm.isAllowed('users.delete', 'supervisor') // Fallback
acm.isAllowed('system.shutdown', 'admin') // No fallback!!! Only rule in admin role is: 'users.*'
Logging disabled by default!
NOTE: The logger will be set to all managed ACLService instances as well!
Single callback as logger
acm.logger = function(level, message) {
// available log levels:
// - debug: verbose process messages
// - info: general informations
// - warn: warning messages (not critical)
// - error: error messages (critical)
...
}
Object (or any class instance) with public methods
acm.logger = {
info: function(message){ ... },
warn: function(message){ ... },
...
}
The ACL manager has the same API as the ACLService except these methods:
createRole
createRule
clearResultCache
yarn run build
To run the test suites, first install the dependencies, then run the tests:
$ npm install
$ npm test
FAQs
Access Control List (ACL)
The npm package @techteamer/acl receives a total of 455 weekly downloads. As such, @techteamer/acl popularity was classified as not popular.
We found that @techteamer/acl demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A record 2,709 developers participated in the 2024 Ruby on Rails Community Survey, revealing key tools, practices, and trends shaping the Rails ecosystem.
Security News
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.