Index

src/types.ts

IContext
Tctx
TActionsList

The "light" array of actions (and optional possession) that we can assign to PermissionDefinition.grant, granting these actions.

Internally all actions will inherit by default:

  • the attributes of PermissionDefinition.attributes or default to ['*'].

  • the possession of PermissionDefinition.possession or default to any.

Example:

 {
    // a PermissionDefinition object
    ...
    grants: ['read', 'update:own', 'like:any', 'follow']
    ...
 }

Also see TGrants

string[]
TAttributes

Eg ['*', '!price', '!confidential']

string[]
TGrants

The "full" object we can assign to PermissionDefinition.grant, granting actions and their corresponding attributes:

 {
    'read': ['*'],
    'read:own': ['*'],
    'read:any': ['*', '!price', '!confidential'],
    'delete:own': ['*'],
    ...
 }

Note: actions optionally accept possession "any" or "own" after the colon. Internally all actions missing the possession part, will inherit the possession of PermissionDefinition.possession or default to any.

Also see TActionsList

literal type
Tid

An Id in your system, can be either number or string (eg a UUID).

number | string
TisOwner

The interface of the isOwner ownership hook.

Should return true if user is owner of the resourceId, false otherwise - example:

   async ({user, resourceId}) => (await documentService.findById(resourceId).createdBby === user.id;
function
TlimitOwned

The interface of the limitOwned ownership hook.

See Permit.limitOwn() and Examples 5 & 6 for how it is used in practice.

Notes:

The context is of type any (IContext is just an alias for semantics).

Its up to the user what the context is (and how you add and retrieve data from it).

For instance, in an ORM scenario (consider TypeORM as an example) it could be your query or subquery object, to which you subsequently add orWhere expressions.

In a collection (eg array) filtering example, it might be just a bunch of filter functions that you accumulate in an array (i.e the context) and then somehow compose (eg with _.overSome).

function
TlimitOwnReduce

The interface of the limitOwnReduce you can pass to override the built in permit.limitOwn() implementation.

See Example 6 for how it is used in practice.

function
TlistOwned

The interface of the listOwned ownership hook.

Should return an array of ids (see Tid eg [1, 2, 3] or ['abc123', 'def456'].

Example:

   async (user) => documentService.findWhere({ createdBy: user.id })
function

src/PermissionDefinitions.ts

PermissionDefinition

This is the actual PermissionDefinition implementation, but the docs are in PermissionDefinition_DOCS.

Implements the ownership hooks rules.

MergeExclusive<PermissionDefinitionNoOwnershipInternal | RequireExactlyOne<PermissionDefinitionWithOwnershipInternal<TUserId, TResourceId>, "listOwned" | "limitOwned">>

result-matching ""

    No results matching ""