UNPKG

casbin

Version:

An authorization library that supports access control models like ACL, RBAC, ABAC in Node.JS

casbin.org

casbin/node-casbin

165 lines (164 loc) 5.55 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
import { Effector } from './effect'; import { FunctionMap, Model, PolicyOp } from './model'; import { Adapter, FilteredAdapter, Watcher, BatchAdapter } from './persist'; import { RoleManager } from './rbac'; /** * CoreEnforcer defines the core functionality of an enforcer. */ export declare class CoreEnforcer { protected modelPath: string; protected model: Model; protected fm: FunctionMap; protected eft: Effector; private matcherMap; protected adapter: FilteredAdapter | Adapter | BatchAdapter; protected watcher: Watcher | null; protected rm: RoleManager; protected enabled: boolean; protected autoSave: boolean; protected autoBuildRoleLinks: boolean; protected autoNotifyWatcher: boolean; private getExpression; /** * loadModel reloads the model from the model CONF file. * Because the policy is attached to a model, * so the policy is invalidated and needs to be reloaded by calling LoadPolicy(). */ loadModel(): void; /** * getModel gets the current model. * * @return the model of the enforcer. */ getModel(): Model; /** * setModel sets the current model. * * @param m the model. */ setModel(m: Model): void; /** * getAdapter gets the current adapter. * * @return the adapter of the enforcer. */ getAdapter(): Adapter; /** * setAdapter sets the current adapter. * * @param adapter the adapter. */ setAdapter(adapter: Adapter): void; /** * setWatcher sets the current watcher. * * @param watcher the watcher. */ setWatcher(watcher: Watcher): void; /** * setRoleManager sets the current role manager. * * @param rm the role manager. */ setRoleManager(rm: RoleManager): void; /** * getRoleManager gets the current role manager. */ getRoleManager(): RoleManager; /** * setEffector sets the current effector. * * @param eft the effector. */ setEffector(eft: Effector): void; /** * clearPolicy clears all policy. */ clearPolicy(): void; /** * loadPolicy reloads the policy from file/database. */ loadPolicy(): Promise<void>; /** * loadFilteredPolicy reloads a filtered policy from file/database. * * @param filter the filter used to specify which type of policy should be loaded. */ loadFilteredPolicy(filter: any): Promise<boolean>; /** * isFiltered returns true if the loaded policy has been filtered. * * @return if the loaded policy has been filtered. */ isFiltered(): boolean; /** * savePolicy saves the current policy (usually after changed with * Casbin API) back to file/database. */ savePolicy(): Promise<boolean>; /** * enableEnforce changes the enforcing state of Casbin, when Casbin is * disabled, all access will be allowed by the enforce() function. * * @param enable whether to enable the enforcer. */ enableEnforce(enable: boolean): void; /** * enableLog changes whether to print Casbin log to the standard output. * * @param enable whether to enable Casbin's log. */ enableLog(enable: boolean): void; /** * enableAutoSave controls whether to save a policy rule automatically to * the adapter when it is added or removed. * * @param autoSave whether to enable the AutoSave feature. */ enableAutoSave(autoSave: boolean): void; /** * enableAutoNotifyWatcher controls whether to save a policy rule automatically notify the Watcher when it is added or removed. * @param enable whether to enable the AutoNotifyWatcher feature. */ enableAutoNotifyWatcher(enable: boolean): void; /** * enableAutoBuildRoleLinks controls whether to save a policy rule * automatically to the adapter when it is added or removed. * * @param autoBuildRoleLinks whether to automatically build the role links. */ enableAutoBuildRoleLinks(autoBuildRoleLinks: boolean): void; /** * buildRoleLinks manually rebuild the role inheritance relations. */ buildRoleLinks(): Promise<void>; /** * buildIncrementalRoleLinks provides incremental build the role inheritance relations. * @param op policy operation * @param ptype g * @param rules policies */ buildIncrementalRoleLinks(op: PolicyOp, ptype: string, rules: string[][]): Promise<void>; protected buildRoleLinksInternal(): Promise<void>; private privateEnforce; /** * If the matchers does not contain an asynchronous method, call it faster. * * enforceWithSyncCompile decides whether a "subject" can access a "object" with * the operation "action", input parameters are usually: (sub, obj, act). * * @param rvals the request needs to be mediated, usually an array * of strings, can be class instances if ABAC is used. * @return whether to allow the request. */ enforceWithSyncCompile(...rvals: any[]): Promise<boolean>; /** * enforce decides whether a "subject" can access a "object" with * the operation "action", input parameters are usually: (sub, obj, act). * * @param rvals the request needs to be mediated, usually an array * of strings, can be class instances if ABAC is used. * @return whether to allow the request. */ enforce(...rvals: any[]): Promise<boolean>; }