Not respecting `denied: true` of `IAccessInfo` in `AccessControl.grant`

[anodynos]

It seems that denied: true of IAccessInfo in AccessControl.grant() is not respected - one has to explicitlly use .deny isntead of .grant to make it work:

import { AccessControl, IAccessInfo, IQueryInfo } from 'accesscontrol';

const ai: IAccessInfo = {
  role: 'QA_MANAGER',
  action: 'create:any',
  resource: 'document',
  denied: true, // <--- NOT RESPECTED
};

const ac1 = new AccessControl();
ac1.grant(ai);

const qi: IQueryInfo = {
  role: 'QA_MANAGER',
  action: 'create:any',
  resource: 'document',
};
const perm1 = ac1.permission(qi);
console.log(perm1.granted); // returns true, but should be false cause of `denied: true`

const ac2 = new AccessControl();
ac2.deny(ai);
const perm2 = ac2.permission(qi);
console.log(perm2.granted); // returns false, as expected

EDIT: solved in https://github.com/anodynos/accesscontrol-re

[onury]

No it's marked @private, and also not documented. It's just an internal flag, not to be used by the end-user.

To deny; simply don't grant or explicitly deny().

[onury]

..and it seems you copied the lib without forking. then fixing some bug on your repo and not committing back to the project but opening an issue here to let people know about your copy..

nice.

[anodynos]

Thanks @onury - I didn't copy or fork the library, it's just a facade around your great library, with some urgently needed features & fixes that I needed. That's why there's no merging back to the project, which I hope will evolve and improve :-)

[onury]

fair enough. thanks. most needed features will be implemented soon.

[anodynos]

Sounds great :+1: and thanks again!