Skip to content

πŸ” Simple library that supports access control models like ACL, RBAC, ABAC in Frontend Javascript

License

Notifications You must be signed in to change notification settings

Dias1c/casbin-js

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

56 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

casbin-js

πŸ” Simple library that supports access control models like ACL, RBAC, ABAC in Frontend Javascript.

ts NPM package version NPM package downloads count Visit package GitHub page

Note

About library:

  • Changelogs here.
  • Read more about casbin here.

Installation

npm i --save-exact @diaskappassov/[email protected]

Usage

You can see all usage examples in examples directory.

Initialize Authorizer

To understand what the model and policy read https://casbin.org/docs/syntax-for-models/

import { CAuthorizer } from "@diaskappassov/casbin-js";

const model = `
# Request definition
[request_definition]
# Can subject, do_action, on_object
r = sub, act, obj

# Policy definition
[policy_definition]
p = sub, act, obj

# Role definition
[role_definition]
g = _, _

# Policy effect
[policy_effect]
e = some(where (p.eft == allow))

# Matchers
[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
`;

const policy = [
  ["p", "cat", "walk", "ground"],
  ["p", "cat", "run", "ground"],
  ["p", "cat", "swim", "water"],
  ["p", "cat", "breathe", "air"],

  ["p", "bird", "fly", "air"],
  ["p", "bird", "breathe", "air"],
  ["p", "bird", "walk", "ground"],

  ["p", "fish", "swim", "water"],
  ["p", "fish", "breathe", "water"],
];

const Authorizer = new CAuthorizer();

Authorizer.init(model, policy);

Check permissions

You can check permissions with can, canAll, canAny methods, but before that YOU MUST INITIALIZE Authorizer.

Important

The order of your request elements must follow the rules which you set in model. See more: https://casbin.org/docs/syntax-for-models#request-definition

Check permissions with can method

Warning

If the Authorizer is not initialized it throws error

await Authorizer.can(["fish", "fly", "air"]); // false
await Authorizer.can(["fish", "swim", "ground"]); // false
await Authorizer.can(["fish", "swim", "water"]); // true
await Authorizer.can(["cat", "swim", "water"]); // true
await Authorizer.can(["bird", "run", "ground"]); // false
await Authorizer.can(["cat", "run", "ground"]); // true

Check permissions with canAll method

// returns `false` cause one of conditions returned `false`
await Authorizer.canAll([
  ["cat", "breathe", "air"],
  ["fish", "breathe", "air"],
]);

// returns `true` cause all conditions returned `true`
await Authorizer.canAll([
  ["cat", "breathe", "air"],
  ["bird", "breathe", "air"],
]);

Check permissions with canAny method

// returns `true` cause one of conditions returned `true`
await authorizer.canAny([
  ["cat", "breathe", "air"],
  ["fish", "breathe", "air"],
]);

// returns `false` cause all conditions returned `false`
await authorizer.canAny([
  ["cat", "fly", "air"],
  ["fish", "fly", "air"],
]);

Author

Releases

No releases published

Packages

No packages published