@fajarnugraha37/nope-iam
Version:
A highly extensible, type-safe IAM-like access control library for Node.js, inspired by AWS IAM. Deny by default, allow by vibes and less patience for your bad access patterns. Supports policies, roles, decorators, adapters, and rich evaluation context be
35 lines • 1.7 kB
TypeScript
import type { User } from "../types/entities.js";
import type { DecisionContext } from "../types/decision.js";
import type { IAMStorage } from "./storage.js";
import type { PolicyEvaluator } from "./evaluator.js";
import type { ILogger, IAMConfig } from "./logger.js";
export interface CanParams<Action = string, Resource = string, Context = Record<string, unknown>> {
user: User;
action: Action;
resource: Resource;
context?: Context;
}
export interface IAMOptions {
storage?: IAMStorage;
evaluatorFunc?: (logger: ILogger) => PolicyEvaluator;
config?: IAMConfig;
hooks?: {
onBeforeDecision?: <Action, Resource>(params: CanParams<Action, Resource, any>) => void | Promise<void>;
onAfterDecision?: <Action, Resource>(ctx: DecisionContext<Action, Resource> | undefined, err: unknown | undefined) => void | Promise<void>;
onConditionCheck?: (operator: string, key: string, value: unknown, context: Record<string, unknown>, result: boolean) => void | Promise<void>;
onStorageAccess?: (method: string, args: unknown[], result?: unknown) => void | Promise<void>;
onRoleNotFound?: (roleId: string | null) => void | Promise<void>;
onDecision?: <Action, Resource>(ctx: DecisionContext<Action, Resource>) => void | Promise<void>;
onError?: (err: unknown) => void | Promise<void>;
};
}
export declare class IAM {
private storage?;
private evaluator?;
private hooks?;
private logger;
private config;
constructor(options?: IAMOptions);
can<Context = Record<string, unknown>>(params: CanParams<string, string, Context>): Promise<DecisionContext<string, string>>;
}
//# sourceMappingURL=iam.d.ts.map