https://github.com/jondotsoy/ondina

https://github.com/jondotsoy/ondina

Last synced: about 1 month ago
JSON representation

• Host: GitHub
• URL: https://github.com/jondotsoy/ondina
• Owner: JonDotsoy
• Created: 2024-11-15T22:33:09.000Z (6 months ago)
• Default Branch: develop
• Last Pushed: 2024-12-10T00:10:17.000Z (5 months ago)
• Last Synced: 2025-03-26T21:49:37.824Z (about 2 months ago)
• Language: TypeScript
• Size: 808 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • Roadmap: ROADMAP.md

Awesome Lists containing this project

README

        
# Ondina 🧜‍♀️

Fine-grained access control. We are the AM on IAM.

## How to work ondina

![diagrama access to resource with ondina](./docs/assets/excalidraw/access-to-resource-with-ondina.png)

![](./docs/assets/excalidraw/ecosistem-diagram.png)

## Create a stateless HUB

Import the `@ondina/hub`

**Sample:**

```ts

import { Hub } from "@jondotsoy/ondina-hub/hub";

import type { HubManifest } from "@jondotsoy/ondina-hub/hub-manifest";

const manifest: HubManifest = {

  permissions: ["users.list", "users.create", "users.delete"],

  roles: [

    { id: "rrhh", permissions: ["users.list", "users.create"] },

    {

      id: "admin",

      permissions: ["users.list", "users.create", "users.delete"],

    },

  ],

  users: [

    { id: "bob", roles: ["rrhh"] },

    {

      id: "alice",

      roles: [

        {

          role: "admin",

          condition: {

            equal: ["group.office", "NY"],

          },

        },

      ],

    },

  ],

};

const hub = await Hub.from(manifest);

await hub.isAllowed({

  principalId: "alice",

  resource: {

    group: {

      office: "NY",

    },

  },

  action: "users.delete",

}); // => true

```