UNPKG

node-fence

Version:

Flexible and Fluent way to manage ACL in Node.js.

github.com/Slynova-Org/node-fence

Slynova-Org/node-fence

93 lines (78 loc) 1.84 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
'use strict' /** * node-fence * @license MIT * @copyright Slynova - Romain Lanz <romain.lanz@slynova.ch> */ const Helpers = require('../Helpers') const Bouncer = require('../Bouncer') const Storage = require('../Storage').instance /** * @class Guard */ class Guard { /** * Set a default user for any call. * * @method setDefaultUser * @param {object} user * @return {void} */ static setDefaultUser (user) { Storage.storeUser(user) } /** * Create a Bouncer with the given user. * * @method can * @param {object} user * @return {boolean} */ static can (user) { return new Bouncer(user) } /** * Check the bouncer if the gate allows the user. * * @method allows * @param {string} ability * @param {object|string} resource * @return {boolean} */ static * allows (ability, resource) { try { if (Guard.$correspondsToPolicy(resource)) { return yield (new Bouncer()).callPolicy(ability, resource) } return yield (new Bouncer()).goThroughGate(ability).for(resource) } catch (e) { return false } } /** * Check the bouncer if the gate denies the user. * * @method denies * @param {string} ability * @param {object|string} resource * @return {boolean} */ static * denies (ability, resource) { try { if (Guard.$correspondsToPolicy(resource)) { return !(yield (new Bouncer()).callPolicy(ability, resource)) } return !(yield (new Bouncer()).goThroughGate(ability).for(resource)) } catch (e) { return true } } static $correspondsToPolicy (resource) { const resourceName = Helpers.formatResourceName(resource) if (Storage.retrievePolicy(resourceName)) { return true } return false } } module.exports = Guard