gardien
Advanced tools
Readme
The most simple, flexible and easy to use JavaScript role/access control list (ACL, RBAC) library.
// Memory Driver or... //var driver = new g.drivers.MemoryDriver()
// Redis Driver var driver = new Gardien.drivers.RedisDriver({ prefix: 'gardien', separator: ':', index: 0, options: {} })
// Setting an Seraphin to manage users, roles, rules and permissions var seraphin = new Gardien.Seraphin( driver, { debug: true })
async.series( [ function (cb) { // Seraphin initialization seraphin.init(function (err) { cb(null) }) }, function (cb) { // Specify all your desired roles var roles = [ { name: 'guest', permissions: [ 'view' ] }, { name: 'member', inherits: 'guest', // This role inherits all (guest)'s permissions permissions: [ 'create', 'edit', 'like' ] }, { name: 'lead', inherits: 'member', // This role inherits all (member)'s permissions permissions: [ 'delete' ] }, { name: 'owner', inherits: 'lead', permissions: [ 'import', 'fork', 'merge' ] }, { name: 'team', permissions: [ 'invite', 'create' ] } ]
// Create all roles
seraphin.setRoles(roles, function (err) {
cb(null)
})
},
function (cb) {
// Create a user oothko which have 2 roles (member) and (team)
seraphin.createUser( 'oothkoo', ['member','team'], function (err) {
cb(null)
})
},
function (cb) {
// Create a user mario which have only (owner) role
seraphin.createUser( 'mario', ['owner'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (guest)'s permissions on all resources
seraphin.allowRole( 'guest', ['*'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (member)'s permissions on all resources
seraphin.allowRole('member', ['*'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (lead)'s permissions on all resources
seraphin.allowRole('lead', ['*'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (owner)'s permissions on all resources
seraphin.allowRole('owner', ['*'], function (err) {
cb(null)
})
},
function (cb) {
// Allow (team)'s permissions on all library resources
seraphin.allowRole('team', ['library'], function (err) {
cb(null)
})
},
function (cb) {
// Allow user (oothkoo) to delete all resources
seraphin.allowUser('oothkoo', ['*'], ['delete'], function (err) {
cb(null)
})
},
function (cb) {
// Show all system roles
seraphin.showRoles(function (err) {
cb(null)
})
},
function (cb) {
// Show all system rules
seraphin.showRules(function (err) {
cb(null)
})
},
function (cb) {
// Show all users rules
seraphin.showUsers(function (err) {
cb(null)
})
}
],
function (err, results) {
console.log()
console.log('done.')
}
)
Usage
-----
<h4>NodeJS</h4> - Check user's permissions from your backend
```javascript
var async = require('async')
var Gardien = require('gardien')
// Setting Redis Driver
var driver = new Gardien.drivers.RedisDriver({
prefix: 'gardien',
separator: ':',
index: 0,
options: {}
})
// Setting an Seraphin to get user rules
var seraphin = new Gardien.Seraphin( driver, {
debug: true
})
// Setting an Cherubin to check user's permissions
var cherubin = new Gardien.Cherubin( {
debug: true
})
// Setting user id
var userId = 'oothkoo'
async.series(
[
function (cb) {
// Seraphin initialization
seraphin.init(function (err) {
cb(null)
})
},
function (cb) {
// Retrieve all user (oothkoo) rules
seraphin.getAllUserRules(userId, function (rules) {
// Give all rules to our cherubin
cherubin.updateRules( rules )
console.log('rules', rules)
cb(null)
})
}
],
function (err, results) {
// Check if (oothkoo) is allowed to view humans across his all roles
console.log('allowed: ' + cherubin.isAllowed(userId, ['*'], ['human'], ['view']) )
}
)
/* Retrieve all your user rules from your custom API/service (Use seraphin.getAllUserRules() from your backend to do that) and give all rules in your Javascript application to cherubin */ cherubin.updateRules( ... )
// Now you can check all permssions you want ;-) console.log('allowed: ' + cherubin.isAllowed(userId, ['*'], ['human'], ['view']) )
Cherubin - API
-----
* updateRules (**rules**)
* isAllowed (**userId, roles, resources, permissions**)
Seraphin - API
-----
* createUser (**userId, roles, callback**)
* removeUserById (**userId, callback**)
* getUserById (**userId, callback**)
* getUserIndexById (**userId, callback**)
* getUsers (**callback**)
* createRole (**role, callback**)
* setRoles (**roles, callback**)
* removeRoleByName (**name, callback**)
* removeAllRoles (**callback**)
* getRoles (**callback**)
* getRoleByName (**name, callback**)
* getRoleIndexByName (**name, callback**)
* getRolePermissions (**name, callback**)
* getInheritRoleNames (**name, callback**)
* getUserRoles (**user, callback**)
* createUserRule (**userId, rule, callback**)
* removeUserRule (**userId, rule, callback**)
* createRoleRule (**name, rule, callback**)
* removeRoleRule (**name, rule, callback**)
* removeAllRules (**callback**)
* isRuleExists (**rule, callback**)
* getAllUserRules (**userId, callback**)
* getCustomUserRules (**userId, callback**)
* getRoleRules (**name, callback**)
* getRules (**callback**)
* showRules (**callback**)
* showUsers (**callback**)
* showRoles (**callback**)
* setDriver (**driver**)
* init (**callback**)
* allowUser (**userId, resources, permissions, callback**)
* disallowUser (**userId, resources, permissions, callback**)
* allowRole (**role, resources, callback**)
* disallowRole (**role, resources, callback**)
FAQs
The most simple, flexible and easy to use JavaScript role/access control list (ACL, RBAC) library.
The npm package gardien receives a total of 12 weekly downloads. As such, gardien popularity was classified as not popular.
We found that gardien demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The White House is addressing fragmented cybersecurity regulations as CISOs report spending up to 50% of their time on compliance, aiming to harmonize requirements and improve cybersecurity outcomes.
Security News
Research
The Socket Research Team has identified a malicious Python package that is typosquatting the popular crytic-compile utility, frequently used in popular toolkits and development environments for smart contracts and crypto applications.
Security News
NIST updates on the NVD backlog after media reports that over 50% of KEVs were unenriched since mid-February. They've contracted additional support and partnered with CISA to clear the backlog by fiscal year-end.