		{
		"name": "role-acl",
		"version": "3.2.2",
		"version": "3.3.0",
		"description": "Role, Attribute and Condition based Access Control for Node.js",
		@@ -66,2 +66,3 @@ "main": "./index.js",
		"dependencies": {
		"jsonpath-plus": "^0.18.0",
		"matcher": "^1.0.0",
		@@ -68,0 +69,0 @@ "notation": "^1.3.5"

README.md

		@@ -80,2 +80,27 @@ [![Donate](https://img.shields.io/badge/Donate-PayPal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=73QY55FZWSPRJ) [![Build Status](https://travis-ci.org/tensult/role-acl.png?branch=master)](https://travis-ci.org/tensult/role-acl) [![Test Coverage](https://api.codeclimate.com/v1/badges/2d748a99b2c54e057cc2/test_coverage)](https://codeclimate.com/github/tensult/role-acl/test_coverage) [![NPM Version](https://badge.fury.io/js/role-acl.svg?style=flat)](https://npmjs.org/package/role-acl) [![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/tensult/role-acl/issues)

		// Condition with dynamic context values using JSONPath
		// We can use this to allow only owner of the article to edit it
		ac.grant('user').condition(
		{
		Fn: 'EQUALS',
		args: {
		'requester': '$.owner'
		}
		}).execute('edit').on('article');

		permission = ac.can('user').context({ requester: 'dilip', owner: 'dilip' }).execute('edit').on('article');
		console.log(permission.granted); // —> true

		// We can use this to prevent someone to approve their own article so that it goes to review by someone before publishing
		ac.grant('user').condition(
		{
		Fn: 'NOT_EQUALS',
		args: {
		'requester': '$.owner'
		}
		}).execute('approve').on('article');

		permission = ac.can('user').context({ requester: 'dilip', owner: 'dilip' }).execute('approve').on('article');
		console.log(permission.granted); // —> false

		// Using custom/own condition functions
		@@ -82,0 +107,0 @@ ac.grant('user').condition(

role-acl - npm Package Compare versions

New alerts

Improved metrics

Worsened metrics

Dependency changes