Package Exports
- admittance
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (admittance) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
Admittance
Role based access control module for node. The interface is based off the Yii php framework's RBAC interface. The implementation is written in coffee script and is entirely original.
This module is under heavy development at the moment and well anyway, you probably shouldn't use it beyond testing it out yet. Do contribute though! Accepting pull requests!
I wrote this module in coffeescript for the main reason of trying coffeescript out. I will most likely re-write a version in javascript at some point as well.
Usage
include in your node project with npm
npm install admittance
admittance = require("admittance");
Admittance = admittance.Admittance
FileAdaptor = admittance.FileAdaptor
am = new Admittance(new FileAdaptor("path/to/jsonfile"));
am.on('load', function () {
//perform operations here
});define roles and operations
eg.
am.createAuthItem('admin', 2, 'System admin user'); //role
am.createAuthItem('editPosts', 0, 'Allows editing of posts'); //operationbuild permissions.
A role could contain a series of operations (or can be used alone)
eg.
am.addItemChild('admin', 'editPosts');Assign roles or operations
Assign roles or operations to your existing users
eg.
am.assign('admin', 43); // 43 = some existing system user idCheck access
You will then be able to check user access in your application
eg.
am.checkAccess('admin', 43) // true
am.checkAccess('editPosts', 43) // trueOther methods
clearAll
Clears all permissions, you need to call save after to persist changes
clearAuthAssignments
Clears all auth assignments, you need to call save after to persist changes
executeBizRule
Business rules not yet implemented
getAuthAssignment
Gets a Auth assignment object
getAuthAssignments
gets all auth assignments for a user
getAuthItem
gets the object that represents an auth item
getAuthItems
gets all auth items for a user
hasItemChild
Checks if an auth item has the specified child
isAssigned
Checks if a user has a certain auth item assigned
removeAuthItem
Removes an auth item
removeItemChild
Removes the reference between a parent and child auth item
revoke
Revokes access for a certain auth item to a user
save
Persists any changes
Events
load
save
empty
error
Adaptor
Admittance comes with an in file storage adaptor. It should be pretty easy to implement new adpators if you prefer to use database engines to store access control data.
Take a look at file-adaptor.coffee, implement the load and save methods and pass an instance of your adaptor in to Admittance when you start it up.
eg.
am = new Admittance(new myAdaptor)The adaptor must load data in the following 3 (json) forms:
defines assignments between user Ids and auth items with additional data and business rules
"assignments": {
"501": {
"admin": {
"itemName": "admin",
"id": "501",
"bizRule": null,
"data": "N;"
},
"tmc": {
"itemName": "tmc",
"id": "501",
"bizRule": null,
"data": "N;"
}
},
"12": {
"tmc": {
"itemName": "tmc",
"id": "12",
"bizRule": null,
"data": "N;"
}
}
}defines all auth items, each item is unique name is the unique id for each auth item. Type corresponds to 1 of 3 values 0: operation, 1: task, 2: role description is purely for reference business rules can be defined data can be defined
"items": {
"admin": {
"name": "admin",
"type": 2,
"description": "Admin user",
"bizRule": null,
"data": "N;"
},
"tmc": {
"name": "tmc",
"type": 2,
"description": "TMC user",
"bizRule": null,
"data": "N;"
},
"acceptTMP": {
"name": "acceptTMP",
"type": 0,
"description": "Accept TMPs",
"bizRule": null,
"data": "N;"
}
}maps parent auth items to child auth items
"children": {
"admin": ["acceptTMP", "tmc"],
"tmc": ["acceptTMP"]
}