adonis-imperium
Advanced tools
This package is an **authorization provider** built on top of [imperium](https://github.com/mono-js/imperium).
This package is an authorization provider built on top of imperium and inspired by adonis-guard.
Install the package using the adonis CLI.
> adonis install adonis-imperium
Follow instruction that are displayed (or read them here).
Authorization must be defined inside the start/acl.js file. This file will be loaded only once when the server is launch.
Define the different roles of your applications.
Use Imperium.role('...', (ctx) => {}) to create a role.
The function will be used to determine if your user has the role (it can be asynchronous by returning a Promise).
For example, you can get your user from your database and return:
Boolean (true if user has the corresponding role, otherwise false)Object to compare against route actionsArray of objectsconst Imperium = use('Imperium')
Imperium.role('Admin', ({ auth }) => {
return auth.user.role === 'admin'
})
Imperium.role('Moderator', async () => {
const posts = await Post.query().fetch()
return posts.toJSON().map((post) => ({ post: post.id }))
})
Imperium.role('User', async ({ auth }) => {
return { user: auth.user.id }
})
When returning an object, the keys will be compared against user actions params.
Use imperium.role('...') to get a role, and use can or is methods to give actions or inheritance from another role.
can(actionName, [params])Define a user action with its params to match against.
Imperium.role('User')
.can('updateUser', { user: '@' })
is(roleName, [params])Inherit role's actions and overwrite its params.
Imperium.role('Admin')
.is('User', { user: '*' }) // '*' means all, so admin can see and manage all users
Adonis Imperium automaticaly share an instance of the imperium instance in the context of each request.
To validate the authorization of a user you simply need to extract it from the context.
// Controller
async show ({ imperium, params }) {
const post = await Post.find(params.id)
const can = await imperium.can('showPost', { post: params.id })
if (!can) {
// abort 401
}
// ...
}
// RouteValidator
async authorize () {
const { imperium, params } = this.ctx
const can = await imperium.can('showPost', { post: params.id })
if (!can) {
// abort 401
}
// ...
}
You can also use the middlewares is and can in your routes.
Route.get('/admin/posts', 'Admin/PostController.index')
.middleware(['auth', 'is:Admin'])
Route.get('/admin/posts', 'Admin/PostController.show')
.middleware(['auth', 'can:showPost'])
imperium.can('Action', resource)
imperium.cannot('Action', resource)
imperium.is('Role')
imperium.isnot('Role')
FAQs
This package is an **authorization provider** built on top of [imperium](https://github.com/mono-js/imperium).
We found that adonis-imperium demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.