Static abilities generator for role based authorization.
Having to write hard-coded roles and abilities can be boring and hard to maintain. This library tries to help and speed up the way you write the roles and abilities needed to your application.
You can install it using Bower:
$ bower install static-abilities
or using npm:
$ npm install static-abilities
It defines a role. This is the staring point of creating roles and associating permissions to it.
Abilities.define('role', function(can, extend) {
// ...
});
The callback is optional but it wouldn't make much sense to define a role without any abilities, right?
NOTE: callback function gets can
and extend
as parameters. Those will be explained below.
Adds a permission (or a set of them) to the role you are defining.
If you omit resource
you are going to associate a single and specific permission to the role.
Abilities.define('role', function(can, extend) {
can('specific_permission');
});
Otherwise, if you pass a resource it will build a permission as a concatenation of permission
and resource
like <permission>_<resource>
.
Check the example below:
Abilities.define('role', function(can, extend) {
can('read', 'resource'); // read_resource
can(['read', 'edit', 'delete'], 'resource2'); // read_resource2, edit_resource2, delete_resource2
});
Extends a role based on a role that was previously defined. It expects a String
or Array
.
Abilities.define('role', function(can, extend) {
extend('role2');
extend(['role3', 'role4']);
});
Creates an alias to permission(s).
It's useful to avoid duplication of abilities definitions, especially when you are handling a CRUD application.
Abilities.alias('crud', ['create', 'read', 'update', 'delete']);
Abilities.define('role', function(can, extend) {
can('crud', 'resource');
});
The example above means the same thing as below:
Abilities.define('role', function(can, extend) {
can('create', 'resource');
can('read', 'resource');
can('update', 'resource');
can('deleted', 'resource');
// or
can(['create', 'read', 'update', 'delete'], 'resource');
});
NOTE: A built-in alias manage
is defined for read
, edit
and delete
.
Returns the JSON map reference for what you've written.
Let's suppose that we've defined something like:
Abilities.define('role', function(can, extend) {
can('specific_permission');
can('read', 'resource');
});
The Abilities.toJSON()
call would return:
{
role: {
'specific_permission',
'read_resource'
}
}
It flushes all the previously defined roles.
Abilities.flush();
This can be quite useful if you, for example, build your own role based authorization and want to test it.
You'll need to have nodejs and grunt-cli package installed.
Then just run grunt jasmine
.
The MIT License (MIT)
Copyright © 2015 Vítor Avelino <contact@vitoravelino.me>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.