Browse files

fixed bug for lookups on non-existent users. updated readme

  • Loading branch information...
1 parent 00fe502 commit 552739782b68027e053f168cd3f01366721845dc @Marak committed Jul 15, 2010
Showing with 30 additions and 66 deletions.
  1. +17 −64 Readme.md
  2. +11 −1 lib/roles.js
  3. +2 −1 node-demo.js
View
81 Readme.md
@@ -61,71 +61,24 @@ groups are associations of a list of keys to a list of roles. groups can also "i
##usage
-first we are going to set some default role data
-
-
-
-
- // load up some example roles for basic role management on resources
- fs.readFile('./lib/exampleRoles.json', function (err,data) {
-
- // parse the exampleRoles.json file into a JSON object
- roles._data = JSON.parse(data.toString());
-
- // NOTE : it would be pretty easy to create some API syntax sugar in the library
- // so you can only have one or two calls instead of the following seqeuence
- //
- // if anyone wants to create some i'll pull the changes, if not it will be next release or so
-
- // add a user
- roles.addUser('Bob');
-
- // add a role
- roles.addRole('is allowed to go fly fishing');
-
- // add group
- roles.addGroup('Fly Fishers');
-
- // add user to group
- roles.addUserToGroup('Bob', 'Fly Fishers');
-
- // add user to group
- roles.addRoleToGroup('is allowed to go fly fishing', 'Fly Fishers');
-
- // now that we have loaded some roles and created some new ones, lets try some test cases
-
- // first, lets see all the current groups and their roles
- var theGroups = roles.getGroups();
- sys.puts(JSON.stringify(theGroups, true, 1));
- // okay that was interesting, but kinda hard to read. lets try a basic permissions check
-
-
- if("Marak".can('edit a resource')){
- sys.puts('"Marak" can "edit a resource" because he is in the "Administrators" group, which inherits the "Moderators" group, which can edit resources.')
- }
-
- if("Marak".inGroup("Administrators")){
- sys.puts('"Marak" is in the "Administrators" group.'); // this is expected
- }
-
- var someuser = "Bob";
- if(!someuser.inGroup("Administrators")){
- sys.puts(someuser + ' is not in the "Administrators" group.')
- }
-
- if(someuser.can('edit a resource')){
- // i don't think so Bob!
- }
- else{
- sys.puts('"Bob" cannot "edit a resource" because he is not part of any group that has this role.')
- }
-
- if("Alexis".can("add a resource")) {
- sys.puts('"Alexis" can "add a resource" since he is the "Moderators" group');
- }
-
- });
+first, lets assume we have loaded the following dataset <a href = "exampleRoles.json">exampleRoles.json</a> using roles.load()
+// basic permission checks
+if("Marak".can('delete resources')){
+ sys.puts('Marak can delete resources');
+}
+
+if(!"Noob".can('delete resources')){
+ sys.puts('Noob cannot delete resources.');
+}
+
+if(!"Marak".cannot('delete resources')){
+ sys.puts('Marak can delete resources.');
+}
+
+if("Noob".cannot('delete resources')){
+ sys.puts('Noob cannot delete resources.');
+}
##faq
View
12 lib/roles.js
@@ -61,6 +61,10 @@ roles.can = function ( key, role ) {
// get all groups that this key belongs to (both directly, and through inhertiance)
var groups = roles.getGroups( key );
+
+ if(!groups.length){
+ return false;
+ }
// get a list of all roles that these groups can perform
var list = roles.getRoles( groups );
@@ -73,7 +77,10 @@ roles.can = function ( key, role ) {
}
roles.cannot = function ( key, role ) {
- return false;
+ // check if the key has the role
+ var result = roles.can( key, role);
+ // invert that result
+ return !result;
}
// checks if a key is in a group
@@ -139,6 +146,9 @@ roles.getGroups = function ( key ) {
// gets all groups that a group inherits from
roles.inheritGroups = function ( group ) {
+ if(group == ''){
+ return '';
+ }
var groupChain = [];
var inherits = roles._data.groups[group].inherits || [];
if(inherits.length == 0){
View
3 node-demo.js
@@ -41,7 +41,7 @@ roles.load({
if("Marak".can('delete resources')){
sys.puts('Marak can delete resources');
}
-return;
+
if(!"Noob".can('delete resources')){
sys.puts('Noob cannot delete resources.');
}
@@ -54,6 +54,7 @@ if("Noob".cannot('delete resources')){
sys.puts('Noob cannot delete resources.');
}
+return;
// basic group checks
if("Marak".isIn('Administrators')){
sys.puts('Marak is in Administrators');

0 comments on commit 5527397

Please sign in to comment.