Add access control with CASL to your feathers application.
This project is built for FeathersJS. An open source web framework for building modern real-time applications. It's based on CASL and is a convenient layer to use CASL in feathers.js.
- Fully powered by Feathers & CASL
- Written in TypeScript
- Allows permissions for all methods
create,find,get,update,patch,remove, orcreate,read,update,delete - Define permissions not based on methods:
can('view', 'Settings') - Restrict by conditions:
can('create', 'Task', { userId: user.id }) - Restrict by individual fields:
cannot('update', 'User', ['roleId']) - Native support for restrictive
$select:can('read', 'User', ['id', 'username'])->$select: ['id', 'username'] - Supports
channelsright away (every connection only gets updates based oncan('read' ...)) channels-support also regards restrictive fields- Disallow/allow
multimethods (create,patch,remove) dynamically with:can('remove-multi', 'Task', { userId: user.id }) - Support for dynamic rules stored in your database
- Support to define abilities for anything (providers, users, roles, 3rd party apps, ...)
- Baked in support for
@casl/angular,@casl/react,@casl/vueand@casl/aurelia
You need more information? Please have a look: https://feathers-casl.netlify.app/
npm i feathers-caslSimply run npm test and all your tests in the test/ directory will be run.
For more information on all the things you can do, visit the generator, FeathersJS and CASL.
Licensed under the MIT license.