mickhansen / ssacl-attribute-roles

Simple attribute whitelisting/blacklisting with roles for Sequelize
MIT License
62 stars 10 forks source link

ssacl: attribute roles

Build Status Test Coverage

Not maintained

Simple attribute whitelisting/blacklisting with roles for Sequelize

A part of ssacl but can be used standalone aswell

Install

npm install --save ssacl-attribute-roles

Usage

var ssaclAttributeRoles = require('ssacl-attribute-roles')
  , sequelize = new Sequelize()
  , User = sequelize.define('user', {});

ssaclAttributeRoles(sequelize);
ssaclAttributeRoles(User);

User = sequelize.define('user', {
  email: {
    type: Sequelize.STRING,
    roles: {
      admin: {get: true},
      self: true
    }
  },
  password: {
    type: Sequelize.STRING,
    roles: false
  },
  rank: {
    type: Sequelize.STRING,
    roles: {
      self: {set: false, get: true}
      admin: true
    }
  }
});

user.get(); // Will never include email or password
user.get({role: 'admin'}); // Will include email but not password
user.get({raw: true}); // Ignores roles, will include all

user.set({rank: 'UBER'}, {role: 'self'||undefined}); // Will be ignored
user.set({rank: 'UBER'}, {role: 'admin'}); // Will be set