UNPKG

@soldair/seneca-perm

Version:

test - Seneca permissions plugin

github.com/rjrodger/seneca-perm

rjrodger/seneca-perm

118 lines (87 loc) 3.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
/* Copyright (c) 2013 Richard Rodger, MIT License */ "use strict"; var _ = require('underscore') var express = require('express') var seneca = require('seneca')() // process.on('uncaughtException', function(err) { // console.error('uncaughtException:', err.message) // console.error(err.stack) // process.exit(1) // }) seneca.use('options','options.mine.js') seneca.use('mem-store',{web:{dump:true}}) seneca.use('user',{confirm:true}) seneca.use('auth') seneca.use('../perm.js', { entity: true, accessControls: [{ name: 'access to projects', roles: ['project_access'], entities: [{ zone: undefined, base: undefined, name: 'project' }], control: 'required', actions: 'crudq', conditions: [] },{ name: 'access to secret projects', roles: ['secret'], entities: [{ zone: undefined, base: undefined, name: 'project' }], control: 'required', actions: 'crudq', conditions: [{ attributes: { 'category': 'secret' } } ] }] }) seneca.use('account') seneca.use('project') seneca.ready(function(err){ if( err ) return process.exit( !console.error(err) ); var options = seneca.export('options') var u = seneca.pin({role:'user',cmd:'*'}) var projectpin = seneca.pin({role:'project',cmd:'*'}) u.register({nick:'u1',name:'u1',email:'u1@example.com',password:'1',perm: {roles: ['project_access', 'secret']}, active:true}, function(err,out){ projectpin.save( {account:out.user.accounts[0], name:'public project', category: 'public'} ) projectpin.save( {account:out.user.accounts[0], name:'secret project', category: 'secret'} ) }) u.register({nick:'u2',name:'u2',email:'u2@example.com',password:'1',perm: {roles: ['project_access']}, active:true}, function(err,out){ projectpin.save( {account:out.user.accounts[0], name:'public project', category: 'public'} ) projectpin.save( {account:out.user.accounts[0], name:'secret project that you should not see', category: 'secret'} ) }) u.register({nick:'u3',name:'u3',email:'u3@example.com',password:'1',perm: {roles: []}, active:true}, function(err,out){ projectpin.save( {account:out.user.accounts[0], name:'public project that you should not see', category: 'public'} ) projectpin.save( {account:out.user.accounts[0], name:'secret project that you should not see', category: 'secret'} ) }) u.register({nick:'a1',name:'na1',email:'a1@example.com',password:'a1',active:true,admin:true}) var web = seneca.export('web') var app = express() app.use( express.cookieParser() ) app.use( express.query() ) app.use( express.bodyParser() ) app.use( express.methodOverride() ) app.use( express.json() ) app.use(express.session({secret:'seneca'})) app.use( web ) app.use( function( req, res, next ){ if( 0 == req.url.indexOf('/reset') || 0 == req.url.indexOf('/confirm') ) { req.url = '/' } next() }) app.use( express.static(__dirname+options.main.public) ) app.listen( options.main.port ) seneca.log.info('listen',options.main.port) seneca.listen() })