connect-roles
Advanced tools
connect-roles - npm Package Compare versions
Comparing version 2.0.3 to 2.1.0
18
index.js
@@ -85,12 +85,8 @@ "use strict"; | ||
| return function(action){ | ||
| var result = null, vote; | ||
| var stop = false; | ||
| for (var i = 0; i<functionList.length && !stop; i++){ | ||
| var result = null; | ||
| for (var i = 0; i<functionList.length && result === null; i++){ | ||
| var fn = functionList[i]; | ||
| vote = fn(req, action); | ||
| if(vote === false){ | ||
| stop = true; | ||
| result = false; | ||
| } else if (vote === true){ | ||
| result = true; | ||
| var vote = fn(req, action); | ||
| if (typeof vote === 'boolean') { | ||
| result = vote | ||
| } | ||
@@ -105,3 +101,3 @@ } | ||
| function routeTester(verb) { | ||
| return function (action){ | ||
| return function (action){ | ||
| return function (req, res, next) { | ||
@@ -112,3 +108,3 @@ if(tester(req,verb)(action)){ | ||
| //Failed authentication. | ||
| failureHandler(req, res, action); | ||
| failureHandler(req, res, action); | ||
| } | ||
@@ -115,0 +111,0 @@ }; |
| { | ||
| "name": "connect-roles", | ||
| "description": "Provides dynamic roles based authentication for node.js connect and express servers.", | ||
| "version": "2.0.3", | ||
| "version": "2.1.0", | ||
| "homepage": "http://documentup.com/ForbesLindesay/connect-roles", | ||
@@ -16,3 +16,2 @@ "repository": { | ||
| "scripts": { | ||
| "prepublish": "mocha", | ||
| "test": "mocha -R spec" | ||
@@ -33,5 +32,5 @@ }, | ||
| "dependencies": { | ||
| "debug": "https://github.com/ForbesLindesay/debug/archive/master.tar.gz", | ||
| "path-to-regexp": "https://github.com/ForbesLindesay/path-to-regexp/archive/master.tar.gz" | ||
| "debug": "0.7.2", | ||
| "path-to-regexp": "0.0.2" | ||
| } | ||
| } |
@@ -1,3 +0,3 @@ | ||
| [](http://travis-ci.org/ForbesLindesay/connect-roles) | ||
| # Connect Roles | ||
| <img src="http://i.imgur.com/opZKqAi.png" align="right"/> | ||
@@ -8,2 +8,6 @@ Connect roles is designed to work with connect or express. It is an authorisation provider, not an authentication provider. It is designed to support context sensitive roles/abilities, through the use of middleware style authorisation strategies. | ||
| [](http://travis-ci.org/ForbesLindesay/connect-roles) | ||
| [](https://gemnasium.com/ForbesLindesay/connect-roles) | ||
| [](http://badge.fury.io/js/connect-roles) | ||
| ## Installation | ||
@@ -27,3 +31,3 @@ | ||
| //considered | ||
| app.use(function (req, action) { | ||
| user.use(function (req, action) { | ||
| if (!req.user.isAuthenticated) return action === 'access home page'; | ||
@@ -35,3 +39,3 @@ }) | ||
| //false if the user isn't a moderator | ||
| app.use('access private page', function (req) { | ||
| user.use('access private page', function (req) { | ||
| if (req.user.role ==== 'moderator') { | ||
@@ -219,2 +223,4 @@ return true; | ||
| MIT | ||
| MIT | ||
| If you find it useful, a payment via [gittip](https://www.gittip.com/ForbesLindesay) would be appreciated. |
Sorry, the diff of this file is not supported yet
Fixed alerts
HTTP dependency
Supply chain riskContains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Found 2 instances in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.55%
16195
- Number of package files
- increased by16.67%
7
- Number of lines in readme file
- increased by2.78%
222
- Number of high supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Lines of code
- decreased by-1.82%
216
Dependency changes
+ Addeddebug@0.7.2(transitive)
+ Addedpath-to-regexp@0.0.2(transitive)
Updateddebug@0.7.2
Updatedpath-to-regexp@0.0.2