@merncloud/permission-resolver
Version:
Reusable RBAC + ABAC permission resolver for Node.js
21 lines (20 loc) • 707 B
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.flatten = flatten;
const PermissionClient_1 = require("../frontend/PermissionClient"); // or from package entry point if exposed
function flatten(subject, resource) {
const resolver = (0, PermissionClient_1.getPermissionClient)();
const allowed = [];
const actions = new Set();
for (const rule of resolver.getRules()) {
if (rule.resource === resource.type) {
actions.add(rule.action);
}
}
for (const action of actions) {
if (resolver.can(subject, resource, action)) {
allowed.push(`${resource.type}:${action}`);
}
}
return allowed;
}