{"id":16935874,"url":"https://github.com/romainlanz/adonis-guard","last_synced_at":"2025-03-17T07:32:20.754Z","repository":{"id":46835122,"uuid":"126033443","full_name":"RomainLanz/adonis-guard","owner":"RomainLanz","description":"🔰 Authorization provider built on top of @slynova/fence","archived":false,"fork":false,"pushed_at":"2022-12-07T10:36:07.000Z","size":401,"stargazers_count":54,"open_issues_count":10,"forks_count":9,"subscribers_count":4,"default_branch":"develop","last_synced_at":"2025-02-27T20:27:20.842Z","etag":null,"topics":["acl","adonis","adonisjs","authorization"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RomainLanz.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-03-20T14:46:39.000Z","updated_at":"2023-09-08T17:38:10.000Z","dependencies_parsed_at":"2023-01-24T16:45:48.764Z","dependency_job_id":null,"html_url":"https://github.com/RomainLanz/adonis-guard","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RomainLanz%2Fadonis-guard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RomainLanz%2Fadonis-guard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RomainLanz%2Fadonis-guard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RomainLanz%2Fadonis-guard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RomainLanz","download_url":"https://codeload.github.com/RomainLanz/adonis-guard/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243852425,"owners_count":20358270,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acl","adonis","adonisjs","authorization"],"created_at":"2024-10-13T20:55:33.157Z","updated_at":"2025-03-17T07:32:20.462Z","avatar_url":"https://github.com/RomainLanz.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Adonis Guard 🔰\n\nThis package is an **authorization provider** built on top of [@slynova/fence](https://github.com/Slynova-Org/fence).\n\n## Getting Started\n\nInstall the package using the `adonis` CLI.\n\n```bash\n\u003e adonis install adonis-guard\n```\n\nFollow instruction that are displayed ([or read them here](https://github.com/RomainLanz/adonis-guard/blob/master/instructions.md)).\n\n## Defining your authorization\n\n### Gate\nGates must be defined inside the `start/acl.js` file. This file will be loaded only once when the server is launch.\nTo define a gate, use the `Gate` facade.\n\n```js\n// start/acl.js\nconst Gate = use('Gate')\n\nGate.define('gateName', (user, resource) =\u003e {\n  // Payload\n  // e.g. return user.id === resource.author_id\n})\n```\n\n### Policy\nYou can generate a new policy by using the command `adonis make:policy {name}`.\nThis will generate a file in `app/Policies/{Name}Policy.js`.\nTo attach a policy to a resource, you need to call the `policy` method of the `Gate` facade.\n\n```js\n// start/acl.js\nconst Gate = use('Gate')\n\nGate.policy('App/Models/MyResource', 'App/Policies/MyPolicy')\n```\n\n## Usage\n\nAdonis Guard automaticaly share an instance of the `guard` in the context of each request.\nTo validate the authorization of a user you simply need to extract it from the context and run the gate/policy.\n\n```js\n// Controller\nasync show ({ guard, params }) {\n  const post = await Post.find(params.id)\n\n  if (guard.denies('show', post)) {\n    // abort 401\n  }\n\n  // ...\n}\n```\n\n```js\n// RouteValidator\nasync authorize () {\n  const post = await Post.find(this.ctx.params.id)\n\n  if (this.ctx.guard.denies('show', post)) {\n    // abort 401\n  }\n\n  // ...\n}\n```\n\nYou can also use it in your view to choose to display or not an element.\n\n```html\n@if(guard.allows('edit', post))\n  \u003ca href=\"/posts/{{ post.id }}/edit\"\u003eEdit\u003c/a\u003e\n@endif\n\n@can('edit', post)\n  \u003ca href=\"/posts/{{ post.id }}/edit\"\u003eEdit\u003c/a\u003e\n@endcan\n\n@cannot('edit', post)\n  \u003cp\u003eNot allowed!\u003c/p\u003e\n@endcannot\n```\n\nThe `@can` and `@cannot` tags have the same signature as `guard.allows()` and `guard.denies()`.\n\nYou can also use the middleware `can` in your route.\u003cbr\u003e\nNotice that this middleware doesn't work with resource. It will execute a gate with the loggedIn user only.\n\n```js\nRoute.get('/admin/posts', 'Admin/PostController.index')\n  .middleware('can:viewAdminPosts')\n```\n\nA second argument can be supplied that will replace a resource in your gate. This is useful when you want to have dynamic route rules.\n\n```js\nRoute.get('/admin/posts', 'Admin/PostController.index')\n  .middleware('can:hasRole,admin,editor')\n```\n\n`admin,editor` will be extracted into an array that you can retrieve as the second parameter in your gate.\n\n**Public API**\n\n```js\nguard.allows('gateName/Policy Method', resource) // It will use per default the authenticated user or return false if not authenticated\nguard.denies('gateName/Policy Method', resource) // It will use per default the authenticated user or return true if not authenticated\nguard.allows('gateName/Policy Method', resource, user)\nguard.denies('gateName/Policy Method', resource, user)\nguard.can(user).pass('gateName').for(resource)\nguard.can(user).callPolicy('Policy Method', resource)\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fromainlanz%2Fadonis-guard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fromainlanz%2Fadonis-guard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fromainlanz%2Fadonis-guard/lists"}