resource-access-list
A simple Loopback ACL middleware with one rule file, also support limited dynamic role supported which base on Loopback model relation method
Inspired by the following libraries/examples:
Install
npm i -S resource-access-list
Usage
const path = require('path')
const Ral = require('resource-access-list')
module.exports = () => {
const ral = new Ral()
ral.superRoles = ['admin']
ral.notAllowStatusCode = 403
ral.setRules(path.join(__dirname, '../rules'))
return ral.check
}
Dynamic Role
- for invoke $owner role, need adding 'owner' relationship in the model.json
- for invoke $memeber role, need adding 'member' relationship in the mdoel.json
License
MIT © [chopperlee]