Giters

Dias1c / casbin-js

πŸ” Simple library that supports access control models like ACL, RBAC, ABAC in Frontend Javascript

Home Page:https://www.npmjs.com/package/@diaskappassov/casbin-js

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

casbincasbin-frontendcasbin-jsabacaclauthorizerrbacauthorizationauthpermissions

casbin-js

πŸ” Simple library that supports access control models like ACL, RBAC, ABAC in Frontend Javascript.

ts Visit the NPM page Visit package GitHub page

Changelogs here.

See more about casbin here.

Installation

npm i @diaskappassov/casbin-js

Usage

You can see all usage examples in examples directory.

Initialize Authorizer

To understand what the model and policy read https://casbin.org/docs/syntax-for-models/

import { CAuthorizer } from "@diaskappassov/casbin-js";

const model = `
# Request definition
[request_definition]
# Can subject, do_action, on_object
r = sub, act, obj

# Policy definition
[policy_definition]
p = sub, act, obj

# Role definition
[role_definition]
g = _, _

# Policy effect
[policy_effect]
e = some(where (p.eft == allow))

# Matchers
[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
`;

const policy = [
  ["p", "cat", "walk", "ground"],
  ["p", "cat", "run", "ground"],
  ["p", "cat", "swim", "water"],
  ["p", "cat", "breathe", "air"],

  ["p", "bird", "fly", "air"],
  ["p", "bird", "breathe", "air"],
  ["p", "bird", "walk", "ground"],

  ["p", "fish", "swim", "water"],
  ["p", "fish", "breathe", "water"],
];

const Authorizer = new CAuthorizer();

Authorizer.init(model, policy);

Check permissions

You can check permissions with can, canAll, canAny methods, but before that YOU MUST INITIALIZE Authorizer.

!Important: The order of your request elements must follow the rules which you set in model. See more: https://casbin.org/docs/syntax-for-models#request-definition

Check permissions with can method

Throws error if Authorizer not initialized

await Authorizer.can(["fish", "fly", "air"]); // false
await Authorizer.can(["fish", "swim", "ground"]); // false
await Authorizer.can(["fish", "swim", "water"]); // true
await Authorizer.can(["cat", "swim", "water"]); // true
await Authorizer.can(["bird", "run", "ground"]); // false
await Authorizer.can(["cat", "run", "ground"]); // true

Check permissions with canAll method

// returns `false` cause one of conditions returned `false`
await Authorizer.canAll([
  ["cat", "breathe", "air"],
  ["fish", "breathe", "air"],
]);

// returns `true` cause all conditions returned `true`
await Authorizer.canAll([
  ["cat", "breathe", "air"],
  ["bird", "breathe", "air"],
]);

Check permissions with canAny method

// returns `true` cause one of conditions returned `true`
await authorizer.canAny([
  ["cat", "breathe", "air"],
  ["fish", "breathe", "air"],
]);

// returns `false` cause all conditions returned `false`
await authorizer.canAny([
  ["cat", "fly", "air"],
  ["fish", "fly", "air"],
]);

Author

About

πŸ” Simple library that supports access control models like ACL, RBAC, ABAC in Frontend Javascript

https://www.npmjs.com/package/@diaskappassov/casbin-js

casbincasbin-frontendcasbin-jsabacaclauthorizerrbacauthorizationauthpermissions

License:MIT License

Languages

Language:TypeScript 100.0%