express-dynacl
express-dynacl is a simple ExpressJS dynamic access control list middleware, that allows to grant access to queries based on request details.
Using express-dynacl
Set up roles:
var guest = {
"nonalcoholic": {
"watch": true,
"drink": true
},
"alcoholic": {
"watch": true
}
};
var guestWithId = {
"alcoholic": {
"drink": function(req){
return isEligibleToDrink(req)
}
}
};
var barowner = {
"*": true
};
module.exports = {
"guest": guest,
"guestWithId": guestWithId,
"barowner": barowner
}
Import and configure the middleware:
var acl = require("express-dynacl");
var aclOptions = {
roles: {
"guest": require("./roles").guest,
"guestWithId": require(".roles").guestWithId,
"barowner": require(".roles").barowner
},
defaultRoles: ["guest"],
logConsole: true,
rolesProperty: "roles"
}
acl.config(aclOptions);
Use as middleware:
var express = require('express');
var app = express();
var router = express.Router();
module.exports = router;
var acl = require("express-dynacl");
router.get("/pub/coke", acl("nonalcoholic","drink"), (req,res) => {
});
router.get("/pub/beermenu", acl("alcoholic","watch"), (req,res) => {
});
router.get("/pub/beer", acl("alcoholic","drink"), (req,res) => {
});
Use inside request:
var express = require('express');
var app = express();
var router = express.Router();
module.exports = router;
var acl = require("express-dynacl");
router.get("/pub/drink", (req,res) => {
if(acl.check("nonalcoholic","drink",req))
if(acl.check("alcoholic","drink",req))
});
Setting user roles
User roles are assigned by a string array of role names located at req.user.roles
or in other req.user
property set in configuration.
TODO