Seriously, why do all these ACL modules have to be so darn complex? I just need a simple well-tested module to do ACL.
npm install simple-acl --save
The --save flag adds simple-acl to your package.json file. Then:
var acl = require('simple-acl');
And you're ready to go.
You do not need to do any extra setup to start using simple-acl.
However, for production uses, you might want to use the RedisStore instead of the default MemoryStore.
Any of the following works:
acl.use(new acl.RedisStore()); // uses default redis host/port and 'sacl:' for prefix.
acl.use(new acl.RedisStore('acl:prefix')); // uses default redis host/port and `acl:prefix' for prefix.
acl.use(new acl.RedisStore(redisClient)); // uses supplied redis client and 'sacl:' for prefix
acl.use(new acl.RedisStore(redisClient, 'acl:prefix')); // uses everything you gave it.
Don't forget to npm install redis, too. Since I don't want to force everyone to install redis which also includes hiredis if they're not gonna use it.
All arguments to the api are expected to be strings (except for the callback, of course.)
Grants grantee access to resource and invoke callback(e) when done.
Asserts that grantee has access to resource and calls callback(e, true) if so or else callback(e, false) is called instead.
Revokes grantee 's access to resource and invoke callback(e) when done.
Well... do I even need to explain this?
Just use your role name as the resource name. Use grant() for assigning roles and revoke() for removing roles.
Yes, require('acl') is an EventEmitter with two events:
acl.on('grant', function(grantee, resource) { });
acl.on('revoke', function(grantee, resource) { });
It's pretty basic right now just to allows you to log grants and revokes as they happens. I will add more event-based functionality if there is demand.
Writing a new store of your own choice is pretty easy, too.
var MyStore = function() { }
MyStore.prototype.grant = function(grantee, resource, callback) { };
MyStore.prototype.assert = function(grantee, resource, callback) { };
MyStore.prototype.revoke = function(grantee, resource, callback) { };
acl.use(new MyStore());
Pretty simple, huh?
To verify if your store is working, check the test/store.js file.
Good if you are modifying simple-acl or writing your own custom store.
npm install mocha -g && npm test
Hey, if you're not already using mocha for your tests, you should!
To use simple-acl as a connect/express middleware is pretty simple still, just add the following code to your initialization script:
app.use(function(req, resp, next) {
acl.assert(req.user.id, req.url, function(e, ok) {
if (!ok)
return resp.send(403, 'Forbidden');
return next(e);
});
});
Where req.user is your user object if you are using passport for authentication and resourceful for the model, for example.
BSD
Just open a new Github issue or ping me @chakrit on Twitter.
If you see me hanging around #node.js IRC channel, that works too, just say hi :)