New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
mongoose-acl
Advanced tools
mongoose-acl - npm Package Compare versions
Comparing version 0.2.1 to 0.2.2
| exports.object = require('./object'); | ||
| exports.subject = require('./subject'); | ||
| exports.subject = require('./subject'); | ||
| exports.hybrid = require('./hybrid'); |
| { | ||
| "name": "mongoose-acl", | ||
| "version": "0.2.1", | ||
| "description": "Mongoose ACL", | ||
| "homepage": "http://github.com/scttnlsn/mongoose-acl", | ||
| "author": "Scott Nelson <scott@scttnlsn.com>", | ||
| "contributors": ["Joshua Gross <josh@spandex.io>"], | ||
| "main": "./lib/index", | ||
| "scripts": { | ||
| "test": "./node_modules/.bin/mocha" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git://github.com/scttnlsn/mongoose-acl.git" | ||
| }, | ||
| "dependencies": { | ||
| }, | ||
| "devDependencies": { | ||
| "mocha": ">= 1.4.1", | ||
| "mongoose": ">= 3.1.0", | ||
| "sinon": ">= 1.4.2" | ||
| } | ||
| } | ||
| "name": "mongoose-acl", | ||
| "description": "Mongoose ACL", | ||
| "version": "0.2.2", | ||
| "author": "Scott Nelson <scott@scttnlsn.com>", | ||
| "contributors": [ | ||
| "Joshua Gross <josh@spandex.io>", | ||
| "Drew Fyock <drew@steelbisondev.com>" | ||
| ], | ||
| "dependencies": {}, | ||
| "devDependencies": { | ||
| "mocha": "^2.1.0", | ||
| "mongoose": "^3.8.23", | ||
| "sinon": "^1.12.2" | ||
| }, | ||
| "homepage": "http://github.com/scttnlsn/mongoose-acl", | ||
| "main": "./lib/index", | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git://github.com/scttnlsn/mongoose-acl.git" | ||
| }, | ||
| "scripts": { | ||
| "test": "mocha" | ||
| } | ||
| } |
@@ -11,9 +11,9 @@ mongoose-acl | ||
| var WidgetSchema = new mongoose.Schema({ … }); | ||
| var WidgetSchema = new mongoose.Schema({ ... }); | ||
| WidgetSchema.plugin(acl.object); | ||
| var UserSchema = new mongoose.Schema({ … }); | ||
| var UserSchema = new mongoose.Schema({ ... }); | ||
| UserSchema.plugin(acl.subject); | ||
| ``` | ||
| Methods | ||
@@ -24,3 +24,3 @@ --- | ||
| ```javascript | ||
| var widget = new Widget({ … }); | ||
| var widget = new Widget({ ... }); | ||
@@ -36,7 +36,7 @@ widget.setAccess('foo', ['a', 'b']); | ||
| ``` | ||
| There are also convenience methods added to the subject for getting and setting the permissions for a given object: | ||
| ```javascript | ||
| var user = …; | ||
| var user = ...; | ||
@@ -46,3 +46,3 @@ user.setAccess(widget, ['read', 'write', 'delete']); | ||
| ``` | ||
| We can query for all objects to which a particular subject has access: | ||
@@ -55,3 +55,3 @@ | ||
| ``` | ||
| Options | ||
@@ -69,3 +69,3 @@ --- | ||
| ``` | ||
| ### Subject | ||
@@ -82,3 +82,3 @@ | ||
| ``` | ||
| We can also specify additional ACL keys to which a subject has access. For example, suppose a user optionally belongs to a number of roles: | ||
@@ -95,3 +95,3 @@ | ||
| ``` | ||
| There is one special key referred to as the public key. If set, the associated permissions will apply to all subjects: | ||
@@ -105,10 +105,32 @@ | ||
| ### Hybrid | ||
| Combines `subject` and `object` so that a subject can determine if it has permissions on itself or another "subject". `getAccess` and `setAccess` methods on the subject are renamed as `getSubjectAccess` and `setSubjectAccess`, respectively. All other options/methods remain the same. Explicitly: | ||
| ``` | ||
| subject.getAccess --> hybrid.getSubjectAccess | ||
| subject.setAccess --> hybrid.setSubjectAccess | ||
| ``` | ||
| ```javascript | ||
| UserSchema.plugin(acl.hybrid); | ||
| var user = ...; | ||
| user.setAccess('*', ['read']); | ||
| user.setSubjectAccess(user, ['write', 'delete']); | ||
| ``` | ||
| Install | ||
| --- | ||
| npm install mongoose-acl | ||
| ```sh | ||
| npm install mongoose-acl | ||
| ``` | ||
| Tests | ||
| --- | ||
| npm test | ||
| ```sh | ||
| npm test | ||
| ``` |
@@ -9,3 +9,3 @@ var assert = require('assert'); | ||
| beforeEach(function() { | ||
| before(function() { | ||
| var schema = new mongoose.Schema(); | ||
@@ -16,3 +16,6 @@ schema.plugin(object, { | ||
| Test = mongoose.model('test', schema); | ||
| Test = mongoose.model('Object', schema); | ||
| }); | ||
| beforeEach(function() { | ||
| model = new Test(); | ||
@@ -50,3 +53,3 @@ }); | ||
| var cursor = Test.withAccess(subject, ['baz', 'qux']); | ||
| assert.ok(find.calledOnce); | ||
@@ -57,6 +60,11 @@ | ||
| assert.deepEqual(query, { | ||
| $or: [ | ||
| { '_acl.foo': { $all: ['baz', 'qux'] }}, | ||
| { '_acl.bar': { $all: ['baz', 'qux'] }} | ||
| ] | ||
| $or: [{ | ||
| '_acl.foo': { | ||
| $all: ['baz', 'qux'] | ||
| } | ||
| }, { | ||
| '_acl.bar': { | ||
| $all: ['baz', 'qux'] | ||
| } | ||
| }] | ||
| }); | ||
@@ -105,2 +113,2 @@ }); | ||
| }); | ||
| }); | ||
| }); |
@@ -9,3 +9,3 @@ var assert = require('assert'); | ||
| beforeEach(function() { | ||
| before(function() { | ||
| var schema = new mongoose.Schema({ | ||
@@ -25,6 +25,11 @@ roles: [String] | ||
| Test = mongoose.model('Test', schema); | ||
| model = new Test({ roles: ['foo', 'bar'] }); | ||
| Test = mongoose.model('Subject', schema); | ||
| }); | ||
| beforeEach(function() { | ||
| model = new Test({ | ||
| roles: ['foo', 'bar'] | ||
| }); | ||
| }); | ||
| it('returns access keys', function() { | ||
@@ -79,2 +84,2 @@ var keys = model.getAccessKeys(); | ||
| }); | ||
| }); | ||
| }); |
Sorry, the diff of this file is not supported yet
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by25.53%
15162
- Number of package files
- increased by22.22%
11
- Lines of code
- increased by37.02%
322
- Number of lines in readme file
- increased by21.9%
128
- Number of medium supply chain risk alerts
- decreased by-100%
0
No dependency changes