express-dynacl
Advanced tools
Comparing version 2.0.0 to 2.0.1
14
index.js
@@ -11,3 +11,3 @@ var dynacl = (function(){ | ||
userRoles: req => req.user ? req.user.roles : [], | ||
userRoles: req => req.user ? req.user.roles || [] : [], | ||
@@ -85,6 +85,12 @@ defaultRole: "guest", | ||
if(role.inherits){ | ||
for ( var i =0;i < role.inherits.length; i++){ | ||
//check the inherited role | ||
let result = await checkRoleCan(options.roles[role.inherits[i]],action,req,params); | ||
// terminate and return true if approved | ||
if(result) return true; | ||
} | ||
let result = await checkRoleCan(options.roles[role.inherits],action,req,params); | ||
if(result) return true; | ||
} | ||
@@ -91,0 +97,0 @@ |
{ | ||
"name": "express-dynacl", | ||
"version": "2.0.0", | ||
"version": "2.0.1", | ||
"description": "Express dynamic access control list, that allows to grant access to queries based on request details", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -6,4 +6,2 @@ # express-dynacl | ||
Set up roles: | ||
```js | ||
@@ -14,2 +12,3 @@ | ||
roles: { | ||
"guest": { | ||
@@ -21,2 +20,3 @@ can: { | ||
}, | ||
"user": { | ||
@@ -29,4 +29,5 @@ can: { | ||
}, | ||
inherits: "guest" | ||
inherits: ["guest"] | ||
}, | ||
"moderator":{ | ||
@@ -36,4 +37,5 @@ can: { | ||
}, | ||
inherits: "user" | ||
inherits: ["user"] | ||
}, | ||
"admin: { | ||
@@ -56,3 +58,3 @@ admin: true | ||
acl.config(aclOptions); | ||
acl.config(options); | ||
``` | ||
@@ -71,12 +73,12 @@ | ||
router.get("/pub/coke", acl("nonalcoholic","drink"), (req,res) => { | ||
// drink coke | ||
router.get("/posts", acl("posts:list"), (req,res) => { | ||
// list posts | ||
}); | ||
router.get("/pub/beermenu", acl("alcoholic","watch"), (req,res) => { | ||
// watch beer menu | ||
router.post("/posts", acl("posts:create"), (req,res) => { | ||
// create post | ||
}); | ||
router.get("/pub/beer", acl("alcoholic","drink"), (req,res) => { | ||
// drink beer | ||
router.put("/posts/1", acl("posts:edit"), (req,res) => { | ||
// edit post | ||
}); | ||
@@ -95,13 +97,11 @@ ``` | ||
router.get("/pub/drink", (req,res) => { | ||
if(acl.check("nonalcoholic","drink",req)) // drink coke | ||
if(acl.check("alcoholic","drink",req)) // drink beer | ||
router.put("/posts/:id", (req,res) => { | ||
if(acl.can("posts:edit", req, {post: {id: req.params.id}})) { | ||
// edit post | ||
} | ||
}); | ||
``` | ||
## Setting user roles | ||
User roles are assigned by a string array of role names located at ```req.user.roles``` or in other ```req.user``` property set in configuration. | ||
## TODO | ||
- logging to file |
88
6378