Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
gardien
Advanced tools
Readme
The most simple, flexible and easy to use JavaScript role/access control list (ACL, RBAC) library.
npm install gardien
<script src="cherubin.js" type="text/javascript"></script>
var async = require('async')
var Gardien = require('gardien')
// Memory Driver or...
//var driver = new Gardien.drivers.MemoryDriver()
// Redis Driver
var driver = new Gardien.drivers.RedisDriver({
prefix: 'gardien',
separator: ':',
index: 0,
options: {}
})
// Setting an Seraphin to manage users, roles, rules and permissions
var seraphin = new Gardien.Seraphin( driver, {
debug: true
})
async.series(
[
function (cb) {
// Seraphin initialization
seraphin.init(function (err) {
cb(null)
})
},
function (cb) {
// Specify all your desired roles
var roles = [
{
name: 'guest',
permissions: [
'view'
]
},
{
name: 'member',
inherits: 'guest', // This role inherits all (guest)'s permissions
permissions: [
'create',
'edit',
'like'
]
},
{
name: 'lead',
inherits: 'member', // This role inherits all (member)'s permissions
permissions: [
'delete'
]
},
{
name: 'owner',
inherits: 'lead',
permissions: [
'import',
'fork',
'merge'
]
},
{
name: 'team',
permissions: [
'invite',
'create'
]
}
]
// Create all roles
seraphin.setRoles(roles, function (err) {
cb(null)
})
},
function (cb) {
// Create a user oothko which have 2 roles (member) and (team)
seraphin.createUser( 'oothkoo', ['member','team'], function (err) {
cb(null)
})
},
function (cb) {
// Create a user mario which have only (owner) role
seraphin.createUser( 'mario', ['owner'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (guest)'s permissions on all resources
seraphin.allowRole( 'guest', ['*'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (member)'s permissions on all resources
seraphin.allowRole('member', ['*'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (lead)'s permissions on all resources
seraphin.allowRole('lead', ['*'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (owner)'s permissions on all resources
seraphin.allowRole('owner', ['*'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (team)'s permissions on all library resources
seraphin.allowRole('team', ['library'], function (err) {
cb(null)
})
},
function (cb) {
// Allow user (oothkoo) to delete all resources
seraphin.allowUser('oothkoo', ['*'], ['delete'], function (err) {
cb(null)
})
},
function (cb) {
// Show all system roles
seraphin.showRoles(function (err) {
cb(null)
})
},
function (cb) {
// Show all system rules
seraphin.showRules(function (err) {
cb(null)
})
},
function (cb) {
// Show all users rules
seraphin.showUsers(function (err) {
cb(null)
})
}
],
function (err, results) {
console.log()
console.log('done.')
}
)
var async = require('async')
var Gardien = require('gardien')
// Setting Redis Driver
var driver = new Gardien.drivers.RedisDriver({
prefix: 'gardien',
separator: ':',
index: 0,
options: {}
})
// Setting an Seraphin to get user rules
var seraphin = new Gardien.Seraphin( driver, {
debug: true
})
// Setting an Cherubin to check user's permissions
var cherubin = new Gardien.Cherubin( {
debug: true
})
// Setting user id
var userId = 'oothkoo'
async.series(
[
function (cb) {
// Seraphin initialization
seraphin.init(function (err) {
cb(null)
})
},
function (cb) {
// Retrieve all user (oothkoo) rules
seraphin.getAllUserRules(userId, function (rules) {
// Give all rules to our cherubin
cherubin.updateRules( rules )
console.log('rules', rules)
cb(null)
})
}
],
function (err, results) {
// Check if (oothkoo) is allowed to view humans across his all roles
console.log('allowed: ' + cherubin.isAllowed(userId, ['*'], ['human'], ['view']) )
}
)
// Setting an Cherubin to check user's permissions
var cherubin = new Cherubin( {
debug: true
})
/* Retrieve all your user rules from your custom API/service
(Use seraphin.getAllUserRules() from your backend to do that)
and give all rules in your Javascript application to cherubin */
cherubin.updateRules( ... )
// Now you can check all permssions you want ;-)
console.log('allowed: ' + cherubin.isAllowed(userId, ['*'], ['human'], ['view']) )
Donations
-----
:heart: Donations are always welcome :heart:.
Coins | Symbols | Addresses
--- | --- | ---
<img src="https://github.com/oOthkOo/hyper-manager/blob/main/pictures/btc.svg" alt="Bitcoin"/> | BTC | 3B52fbzNFQTaKZxWf5GrCUsASD2UP8na4A
<img src="https://github.com/oOthkOo/hyper-manager/blob/main/pictures/eth.svg" alt="Ethereum"/> | ETH | 0x1C389f1f85Cdb3C2996b83fAc87E496A80698B7C
FAQs
The most simple, flexible and easy to use JavaScript role/access control list (ACL, RBAC) library.
The npm package gardien receives a total of 2 weekly downloads. As such, gardien popularity was classified as not popular.
We found that gardien demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.