Skip to content

jeanfortheweb/yaacl

Repository files navigation

YAACL - Yet another ACL

Build Status codecov Maintainability Test Coverage

YAACL is a quiet simple and easy to learn ACL interface for node. With the possibility for custom adapters and an abstract but yet simple API it can be integrated in any service that needs a little more than just roles to manage access.

YAACL is written in TypeScript and therefore it makes heavy use of its advantages. All examples and documentation are also written in TypeScript.

How to use

  1. Install the yaacl core and an adapter of your choice:
yarn install @yaacl/core @yaacl/memory-adapter
  1. Create a yaacl and use it:
import { Yaacl, Privileges, SecurityIdentity, ObjectIdentity } from '@yaacl/core';
import { MemoryAdapter } from '@yaacl/memory-adapter';

const yaacl = new Yaacl(new MemoryAdapter());

// a security identity could be a user, a role...
const securityIdentity: SecurityIdentity = {
	getSecurityId: () => 'user-242',
};

// an object identity could be anything, like a blog post, a page...
const objectIdentity: ObjectIdentity = {
	getObjectId: () => 'object-4664';
};

const example = async () => {
  await yaacl.grant(securityIdentity, objectIdentity, Privileges.READ);
  await yaacl.granted(securityIdentity, objectIdentity, Privileges.READ); // true
  await yaacl.granted(securityIdentity, objectIdentity, Privileges.WRITE) // false
}

example();

For a full documentation of YAACL, please visit our Wiki