{"id":13510315,"url":"https://github.com/phellipeandrade/rbac","last_synced_at":"2025-03-30T15:31:13.678Z","repository":{"id":43288339,"uuid":"144407057","full_name":"phellipeandrade/rbac","owner":"phellipeandrade","description":"Hierarchical Role-Based Access Control for Node.js","archived":false,"fork":false,"pushed_at":"2024-05-17T04:16:56.000Z","size":642,"stargazers_count":256,"open_issues_count":1,"forks_count":22,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-03-26T09:17:57.865Z","etag":null,"topics":["acl","authorization","hierarchical","javascript","nodejs","permissions","rbac","role","security"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/phellipeandrade.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-08-11T17:56:55.000Z","updated_at":"2025-02-26T03:31:23.000Z","dependencies_parsed_at":"2024-05-17T05:28:24.721Z","dependency_job_id":"c1466eec-0eb6-4ea4-9db0-7d14a5647968","html_url":"https://github.com/phellipeandrade/rbac","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phellipeandrade%2Frbac","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phellipeandrade%2Frbac/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phellipeandrade%2Frbac/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phellipeandrade%2Frbac/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/phellipeandrade","download_url":"https://codeload.github.com/phellipeandrade/rbac/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246338864,"owners_count":20761452,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acl","authorization","hierarchical","javascript","nodejs","permissions","rbac","role","security"],"created_at":"2024-08-01T02:01:33.359Z","updated_at":"2025-03-30T15:31:08.664Z","avatar_url":"https://github.com/phellipeandrade.png","language":"JavaScript","readme":"\n\u003cp align=\"center\"\u003e\n  \u003cimg alt=\"RBAC\" width=\"556px\" src=\"img/logo.png\" /\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003e\n  Hierarchical Role-Based Access Control for Node.js\n\u003c/h1\u003e\n\n[![CircleCI](https://circleci.com/gh/phellipeandrade/rbac/tree/master.svg?style=svg)](https://circleci.com/gh/phellipeandrade/rbac/tree/master)\n[![npm version](https://badge.fury.io/js/%40rbac%2Frbac.svg)](https://badge.fury.io/js/%40rbac%2Frbac) \n[![size](https://img.badgesize.io/https://raw.githubusercontent.com/phellipeandrade/rbac/master/lib/%40rbac/rbac.js.svg)](https://img.badgesize.io/https://raw.githubusercontent.com/phellipeandrade/rbac/master/lib/%40rbac/rbac.js.svg)\n[![Tweet](https://img.shields.io/twitter/url/http/shields.io.svg?style=social)](https://twitter.com/intent/tweet?text=checkout%20RBAC%20project%20on%20Github!\u0026url=https://github.com/phellipeandrade/rbac\u0026hashtags=rbac,authorization,privacy,security,permission)\n\n\n* ⏱ Lightweight\n* 🔥 Blazing Fast\n* ⚡️️ Zero dependency\n\n## Features\n\n* Focused on operations\n* Scalable\n* Each role is given specific access rights for every operation\n* High granularity in assigning rights\n\n## Thanks\n\n  This project scaffold was built with a modified version of [webpack-library-starter](https://github.com/krasimir/webpack-library-starter)\n\n  Thanks to Karl Düüna ([DeadAlready](https://github.com/DeadAlready)) and his awesome [post on medium](https://blog.nodeswat.com/implement-access-control-in-node-js-8567e7b484d1)\n  \n  \n## Getting Started\n\n#### Install \n\n`yarn add @rbac/rbac` or `npm install @rbac/rbac`\n\n\nRBAC is a curried function thats initially takes an object with configurations, \nthen returns another function that takes an object with roles, \nfinally returns an object that holds \"can\" property that is a function.\n\nYou can use it in many ways, below is one of them:\n\n#### Setup RBAC config\n![step 01](./img/01.png)\n\n| Property     \t| Type          \t| Params                                                      \t| Default       \t| Description                             \t|\n|--------------\t|---------------\t|-------------------------------------------------------------\t|---------------\t|-----------------------------------------\t|\n| logger       \t| **Function**  \t| role: **String**\u003cbr/\u003eoperation: **String**\u003cbr/\u003eresult: **Boolean** \t| defaultLogger \t| Function that logs operations to console \t|\n| enableLogger \t| **Boolean**   \t|                                                             \t| true          \t| Enable or disable logger                \t|\n\n#### Creating some roles\n![step 02](./img/002.png)\n\nRBAC expects an object with roles as property names.\n\n| Property \t| Type         \t| Example                                        \t| Description                                                                                                                                                                  \t|\n|----------\t|--------------\t|------------------------------------------------\t|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\t|\n| can      \t| **Array**    \t            | ```['products:*']```                        \t| Array of strings, list of operations that user can do, since 1.1.0 also support glob                                                                                            |\n| when     \t| **Function or Promise**  \t| ```(params , done ) =\u003e  done (null , true )``` \t| **Optional** Promise that should resolve in Truthy or Falsy or  Callback function that receives params and done as properties, should return done passing errors, and result \t|\n| inherits \t| **Array**    \t            | ```['user']```                                 \t| **Optional** Array of strings, list of roles inherited by this role                                                                                                               \t|\n\n###### IMPORTANT! **\"when\"** property should be either a Callback function that receives params and done or a Promise that should resolve in [Truthy](https://developer.mozilla.org/en-US/docs/Glossary/Truthy) or [Falsy](https://developer.mozilla.org/en-US/docs/Glossary/Falsy) values. Example: \n\n``` javascript \n\nconst roles = {\n  supervisor: {\n    can: [{ name: 'products:find', when: (params, done) =\u003e {\n      // done receives error as first argument and Truthy or Falsy value as second argument\n      done(error, false);\n    }}]\n  },\n  admin: {\n    can: [{name: 'products:*', when: new Promise((resolve) =\u003e {\n      resolve(true);\n    })}]\n  }\n};\n\n```\n\n#### Check if user can do some operation\n![step 03](./img/03.png)\n\n| Param  \t| Type        \t                                 | Example                  \t| Description                                                    \t|\n|--------\t|----------------------------------------------- |--------------------------\t|----------------------------------------------------------------\t|\n| First  \t| **String**  \t                                 | ```'admin'```            \t| Array of strings, list of operations that user can do          \t|\n| Second \t| **String**, **Glob (Wildcard)**, **Regex**     | ```'products:find'```    \t| Operation to validate                                          \t|\n| Third  \t| **Any**     \t                                 | ```{registered: true}``` \t| **Optional** Params that will flow to \"when\" callback Function \t|\n\nWant more? Check out the [examples](examples/) folder.\n\n## Roadmap\n\n- [X] Wildcard support\n- [X] Regex support\n- [ ] Update roles in runtime\n\n## Contributing\n\n#### Contributions are welcome!\n\n1. Build RBAC\n  * Run `yarn install` to get RBAC's dependencies\n  * Run `yarn build` to produce minified version of RBAC.\n\n2. Development mode\n  * Having all the dependencies installed run `yarn dev`. This command will generate a non-minified version of your library and will run a watcher so you get the compilation on file change.\n\n3. Running the tests\n  * Run `yarn test` \n\n4. Scripts\n* `yarn build` - produces production version of your library under the `lib` folder\n* `yarn dev` - produces development version of your library and runs a watcher\n* `yarn test` - well ... it runs the tests :)\n* `yarn test:watch` - same as above but in a watch mode\n\n## License\n\nThis project is under MIT License [https://opensource.org/licenses/MIT]\n","funding_links":[],"categories":["JavaScript","TypeScript","security"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphellipeandrade%2Frbac","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphellipeandrade%2Frbac","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphellipeandrade%2Frbac/lists"}