- a role based access control system for security of resources
- scalable as static lists are not used for creation of roles
- provides a huge scope for granular permissions
- logs unauthorized user activity which is accessible for 3 months
To install write the following command in the terminal
npm i role-guard
It is recommended to wrap the all the function in a try-catch block
The following example shows how to use any function of the package
import * as roleg from "role-guard"
try
{
console.log(await roleg.function_name(accesskey,parameters));
}
catch(error)
{
console.log(error.message);
}
To use this package , first create an access key which will uniquely identifies your resources
import * as roleg from "role-guard"
try
{
const accessKey = await createKey();
}
catch(error)
{
console.log(error.message);
}
Once key is created , you can do the following
Note: All kinds of id like user_id, role_id etc must be provided as string
console.log(await roleg.createUser(accessKey,user_id));
console.log(await roleg.getUser(accessKey,user_id));
console.log(await roleg.suspendUser(accessKey,user_id));
console.log(await roleg.unsuspendUser(accessKey,user_id));
console.log(await roleg.deleteUser(accessKey,user_id));
console.log(await roleg.createResource(accessKey,resource_id));
console.log(await roleg.getResource(accessKey,resource_id));
console.log(await roleg.deleteResource(accessKey,resource_id));
console.log(await roleg.createRole(accessKey,role_id));
console.log(await roleg.getRole(accessKey,role_id));
console.log(await roleg.deleteRole(accessKey,role_id));
console.log(await roleg.createUserRole(accessKey,user_id,role_id));
console.log(await roleg.get_all_roles_for_user(accessKey,user_id));
console.log(await roleg.get_all_users_for_role(accessKey,role_id));
console.log(await roleg.deleteUserRole(accessKey,user_id,role_id));
Here a permission object is required . Following is an example of the permission object . These are the only fields which are allowed
const creationObject =
{
permission_id :"1009", // string
days:[true,false, false,false, false, false,false],
// boolean array of size 7 . If days[i] = true , it signifies
the following role_id can access the resource on that particular day
start_time:"10:00", // string , the time from which resource can be accessed
end_time:"14:00",
role_id:"1014", // must already exist in database
resource_id:"1232",
max_duration:0.02, // maximum time for which resource can be accessed
}
console.log(await roleg.createPermission(accessKey,permission_id, creationObject));
console.log(await roleg.updatePermission(accessKey,permission_id, updationObject));
console.log(await roleg.getPermission(accessKey,permission_id));
console.log(await roleg.deletePermission(accessKey,permission_id));
To check whether a following user can access a particular resource or not , use the following function:
console.log(await roleg.canAccess(accessKey, user_id, resource_id));
To get unauthorized activity of an user , use the following function
console.log(await roleg.getUnauthorizedActivityofUser(user_id));
If you wish to uninstall the package use the following function before doing so
console.log(await roleg.deleteKey(accessKey));
Note: Using the above function would delete all resources corresponding to the given user key from the database