Crude Ownuser
A plugin for Crude enforcing own user policy on all routes.
Install
Install the module using NPM
npm install crude-ownuser --save
Documentation
The Crud Own User package applies policies to all CRUD OPs that ensure only records belonging to the current user are being read, edited or deleted.
Quick Use
var crude = require('crude');
var crudeOwnUser = require('crude-ownuser');
var userCrude = crude('/user', controller);
crudeOwnUser(userCrude, {
expressUdoAttribute: 'user',
expressUdoIdAttribute: 'id',
schemaUserId: 'userId',
});
The Crude Own User package will enforce the policy by augmenting the incoming query with the user id of the current client. If the client is not authenticated (no express UDO is found) then a Not Authenticated (401) error will be returned to the client.
License
Copyright (c) 2014 Thanasis Polychronakis. Licensed under the MIT license.