🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

cbac

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install
Package was removed
Sorry, it seems this package was removed from the registry

cbac

Context based access control

1.0.6
unpublished
latest
npm
Version published
Weekly downloads
0
Maintainers
1
Weekly downloads
 
Created
Source

CBAC

Context based access control API

Setup Develop Environment

  • Clone this repository.
  • Make sure you have Node.js 17+ installed.
  • Run command to install dependencies: 
       yarn
  • Make sure you have Redis 6+ installed.
  • Run command to start the server: 
     yarn start

API

1. Validate

POST /access-control/validate

Content-Type: application/json

[
    {
        "access": "a:b:c",
        "context":{
            "clientSide": {
                "roles": ["M", "C"]
            },
            "serverSide":{}
        }
    },
    {
        "access": "b"
    }
]

HTTP/1.1 200 OK
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Wed, 23 Feb 2022 07:08:31 GMT
Keep-Alive: timeout=58
Vary: Origin, Accept-Encoding
X-Response-Time: 2ms

[
  false,
  true
]

2. Set global validators

POST /access-control/global

Content-Type: application/json

[
    {
        "alias": "rbac",
        "claim": {
            "content": "../validators/rbac.js"
        }
    },
    {
        "alias": "allow",
        "claim": {
            "userDefined": true,
            "content": "return true"
        }
    },
    {
        "alias": "deny",
        "claim": {
            "userDefined": true,
            "content": "return true"
        }
    }
]

HTTP/1.1 200 OK
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Wed, 23 Feb 2022 07:16:27 GMT
Keep-Alive: timeout=58
Vary: Origin, Accept-Encoding
X-Response-Time: 13ms

{
  "ok": true
}

3. Get global validators

GET http://localhost:4242/access-control/global

HTTP/1.1 200 OK
Content-Length: 203
Content-Type: application/json; charset=utf-8
Date: Wed, 23 Feb 2022 07:19:54 GMT
Keep-Alive: timeout=58
Vary: Origin, Accept-Encoding
X-Response-Time: 1ms

[
  {
    "alias": "rbac",
    "claim": {
      "content": "../validators/rbac.js"
    }
  },
  {
    "alias": "allow",
    "claim": {
      "userDefined": true,
      "content": "return true"
    }
  },
  {
    "alias": "deny",
    "claim": {
      "userDefined": true,
      "content": "return true"
    }
  }
]

4. Save Access Validators

POST http://localhost:4242/access-control/access/validators/a:b:c
Content-Type: application/json

[
    {
        "alias": "rbac"
    },
    {
        "claim": {
            "userDefined": true,
            "content": "return true"
        }
    },
    {
        "alias": "deny",
        "claim": {
            "userDefined": true,
            "content": "return false"
        }
    }
]

HTTP/1.1 200 OK
Content-Length: 61
Content-Type: application/json; charset=utf-8
Date: Wed, 23 Feb 2022 07:25:50 GMT
Keep-Alive: timeout=58
Vary: Origin, Accept-Encoding
X-Response-Time: 1ms

{
  "ok": true,
  "data": [
    "rbac",
    "6215e17e3865af7eebae0d6c",
    "deny"
  ]
}

5. Save Access Validator Props

POST http://localhost:4242/access-control/access/a:b:c/rbac/props
Content-Type: application/json

{
    "roles": ["A", "B"]
}

HTTP/1.1 200 OK
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Wed, 23 Feb 2022 07:55:49 GMT
Keep-Alive: timeout=58
Vary: Origin, Accept-Encoding
X-Response-Time: 1ms

{
  "ok": true
}

6. Get Access Validators

GET http://localhost:4242/access-control/access/a:b:c

HTTP/1.1 200 OK
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Wed, 23 Feb 2022 07:58:23 GMT
Keep-Alive: timeout=58
Vary: Origin, Accept-Encoding
X-Response-Time: 1ms

[
  "rbac",
  "6215e17e3865af7eebae0d6c",
  "deny"
]

7. Get Access Validator Props

GET http://localhost:4242/access-control/access/a:b:c/rbac/props

HTTP/1.1 200 OK
Content-Length: 19
Content-Type: application/json; charset=utf-8
Date: Wed, 23 Feb 2022 08:01:47 GMT
Keep-Alive: timeout=58
Vary: Origin, Accept-Encoding
X-Response-Time: 1ms

{
  "roles": [
    "A",
    "B"
  ]
}

8. Check is an alias exists

GET http://localhost:4242/access-control/alias/exists?alias=rbac

HTTP/1.1 200 OK
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Wed, 23 Feb 2022 08:04:23 GMT
Keep-Alive: timeout=58
Vary: Origin, Accept-Encoding
X-Response-Time: 0ms

{
  "ok": true
}

9. Get all accesses' info

GET http://localhost:4242/access-control/access

FAQs

Package last updated on 28 Feb 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Open Source CAI Framework Handles Pen Testing Tasks up to 3,600× Faster Than Humans

Security News

Open Source CAI Framework Handles Pen Testing Tasks up to 3,600× Faster Than Humans

CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.

By Sarah Gooding  -  Jul 09, 2025