Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/fratzinger/feathers-casl
feathers.js + casl: hooks & channels
https://github.com/fratzinger/feathers-casl
acl authorization casl feathersjs nodejs permissions typescript
Last synced: 4 months ago
JSON representation
feathers.js + casl: hooks & channels
- Host: GitHub
- URL: https://github.com/fratzinger/feathers-casl
- Owner: fratzinger
- License: mit
- Created: 2021-01-15T18:29:13.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-11-13T14:04:17.000Z (8 months ago)
- Last Synced: 2024-02-16T23:22:50.282Z (4 months ago)
- Topics: acl, authorization, casl, feathersjs, nodejs, permissions, typescript
- Language: TypeScript
- Homepage: https://feathers-casl.netlify.app/
- Size: 3.21 MB
- Stars: 35
- Watchers: 3
- Forks: 19
- Open Issues: 21
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-feathersjs - feathers-casl - Add access control with CASL to Feathers. (Plugins / Authentication and Authorization)
README
# feathers-casl
[](https://www.npmjs.com/package/feathers-casl)
[](https://github.com/fratzinger/feathers-casl/actions)
[](https://codeclimate.com/github/fratzinger/feathers-casl)
[](https://codeclimate.com/github/fratzinger/feathers-casl)
[](https://libraries.io/npm/feathers-casl)
[](https://www.npmjs.com/package/feathers-casl)
[](https://github.com/fratzinger/feathers-casl/blob/main/LICENSE)
[](https://discord.gg/qa8kez8QBx)
> NOTE: This is the version for Feathers v5. For Feathers v4 use [feathers-casl v0](https://github.com/fratzinger/feathers-casl/tree/crow)
## About
Add access control with CASL to your feathers application.
This project is built for [FeathersJS](http://feathersjs.com). An open source web framework for building modern real-time applications.
It's based on [CASL](https://casl.js.org/) and is a convenient layer to use **CASL** in feathers.js.
## Features
- Fully powered by Feathers 5 & CASL 6
- Allows permissions for all methods `create`, `find`, `get`, `update`, `patch`, `remove`, or `create`, `read`, `update`, `delete`
- Define permissions not based on methods: `can('view', 'Settings')` (Bring your custom logic)
- Restrict by conditions: `can('create', 'Task', { userId: user.id })`
- Restrict by individual fields: `cannot('update', 'User', ['roleId'])`
- Native support for restrictive `$select`: `can('read', 'User', ['id', 'username'])` -> `$select: ['id', 'username']`
- Support to define abilities for anything (providers, users, roles, 3rd party apps, ...)
- Fully supported adapters: `@feathersjs/knex`, `@feathersjs/memory`, `@feathersjs/mongodb`, `feathers-sequelize`, not supported: `feathers-mongoose`, `feathers-nedb`, `feathers-objection`
- Support for dynamic rules stored in your database (Bring your own implementation ;) )
- hooks:
- `checkBasicPermission` hook for client side usage as a before-hook
- `authorize` hook for complex rules
- Disallow/allow `multi` methods (`create`, `patch`, `remove`) dynamically with: `can('remove-multi', 'Task', { userId: user.id })`
- channels:
- every connection only receives updates based on rules
- `channels`-support also regards restrictive fields
- rules can be defined individually for events
- utils:
- `checkCan` to be used in hooks to check authorization before operations
- Baked in support for `@casl/angular`, `@casl/react`, `@casl/vue` and `@casl/aurelia`
## Documentation
You need more information? Please have a look:
https://feathers-casl.netlify.app/
## Installation
```bash
npm i feathers-casl @casl/ability
```
## Testing
Simply run `npm test` and all your tests in the `test/` directory will be run. It has full support for _Visual Studio Code_. You can use the debugger to set breakpoints.
## Help
For more information on all the things you can do, visit [FeathersJS](http://docs.feathersjs.com) and [CASL](https://casl.js.org/v6/en/).
## License
Licensed under the [MIT license](LICENSE).