promise-policies

A promise based ACL policy framework

latest

Source

npm

Version: 1.0.2

Version published: 9 years ago

Maintainers: 1

Created: 9 years ago

Source

Policy

A promise based ACL framework.

Basics, sync policies

const DefaultPolicy = policy.createDefaultPolicy(['create','read']);

class UserPolicy extends DefaultPolicy {
  
  static read(subject, context) {
    if (subject.id === context.user.id) {
      return policy.CODES.ALLOW;
    }
    return policy.CODES.DENY;
  }
  
  static create(subject, context) {
    if (context.user.is_admin) {
      return policy.CODES.ALLOW;
    }
    
    return policy.CODES.DENY;
  }
}

const policies = {
  'User': UserPolicy
};

const resolver = policy.createResolver(function(subject) {
  const name = subject.name || subject.constructor.name;
  return policies[name];
});

resolver.resolve(new User({id: 1}), 'read', { user: { id: 1} }).then((code) => {
  console.log(code); // should be ALLOW
});

resolver.resolve(new User({id: 1}), 'read', { user: { id: 2} }).then((code) => {
  console.log(code); // should be DENY
});

resolver.resolve(User, 'create', { user: { id: 1, is_admin: true} }).then((code) => {
  console.log(code); // should be ALLOW
});

resolver.resolve(User, 'create', { user: { id: 1, is_admin: false} }).then((code) => {
  console.log(code); // should be DENY
});

Async via promises are supported as well


class UserPolicy extends DefaultPolicy {
  
  static read(subject, context) {
    if (subject.id === context.user.id) {
      return Promise.resolve(policy.CODES.ALLOW);
    }
    return Promise.resolve(policy.CODES.DENY);
  }
}

Default Actions

create
read
update
delete

FAQs

What is promise-policies?

Is promise-policies well maintained?

Package last updated on 23 Jun 2017

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install