search

onury / accesscontrol

Role and Attribute based Access Control for Node.js
https://onury.io/accesscontrol
MIT License
2.21k stars 178 forks source link

Can we define role, action and resource in database. If required fetch from database and use it to grant access? #82

Closed avinash2222 closed 4 years ago

Ojooluwaseun commented 4 years ago

You can persist your grants in database and pass grants to AccessControl constructor as an array fetched from DB like so:

// grant list fetched from DB (to be converted to a valid grants object, internally)

let grantList = [ { role: 'admin', resource: 'video', action: 'create:any', attributes: ', !views' }, { role: 'admin', resource: 'video', action: 'read:any', attributes: '' }, { role: 'admin', resource: 'video', action: 'update:any', attributes: ', !views' }, { role: 'admin', resource: 'video', action: 'delete:any', attributes: '' }, { role: 'user', resource: 'video', action: 'create:own', attributes: ', !rating, !views' }, { role: 'user', resource: 'video', action: 'read:any', attributes: '' }, { role: 'user', resource: 'video', action: 'update:own', attributes: ', !rating, !views' }, { role: 'user', resource: 'video', action: 'delete:own', attributes: '' } ];

const ac = new AccessControl(grantList);

dzcpy commented 3 years ago

So how to update it when data changes?

bayaraajr commented 1 year ago

So how to update it when data changes?

Restart the node server .