Skip to content
This repository has been archived by the owner on Jul 28, 2022. It is now read-only.
/ adonis-user-policy Public archive

User Policy trait (support can and canNot methods for User model) for AdonisJS Framework

License

Notifications You must be signed in to change notification settings

mikield/adonis-user-policy

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

5 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

Welcome to Adonis User Policy πŸ‘‹

Version Documentation Maintenance License: MIT Twitter: AdmiralMiki

Adonis User Policy (Authorization).
This is a trait wich adds can and canNot methods to User Model (or other class πŸ˜„)

🏠 Homepage

Install

adonis install @mikield/adonis-user-policy

This package relies on https://github.com/mikield/adonis-true-traits which is included when installing the user policy package. You need to register its provider in start/app.js

const providers = [
  ...,
  '@mikield/adonis-true-traits'
]

Usage

Mix User model class with a PolicyTrait class

'use strict'

const Model = use('Model')
const PolicyTrait = use('@mikield/adonis-user-policy')

class User extends Model {
  ...
}

module.exports = mix(User).with(PolicyTrait)
If you want to create user related policy checks, for example user.can('createPosts') β€” then, for example:
Create a Policy User.js under app\Policies folder.
'use strcit'

class User {
    static createPosts(user) {
       return !user.roles.contains('create-post') //We can check a user role for example
    }
}

module.exports = Post
And attach it to User model.
'use strict'

const Model = use('Model')
const PolicyTrait = use('@mikield/adonis-user-policy')

class User extends Model {

  //User policy
  static get policy(){
    return 'App/Policies/User'
  }

}

module.exports = mix(User).with(PolicyTrait)
Or if you want to check access based on another model β€” then, for example:
Create a Policy Post.js under app\Policies folder.
'use strcit'

class Post {

    static add(user, post) { //In this case the post will be a class and not a instance
       return !user.banned //User can create a Post if it is not banned
    }

    static edit(user, post){ //In this case the post will be a instance and not a class
       return post.owner.id === user.id //Only the owner of the post can edit the post
    }
}

module.exports = Post
Next register a Policy in other Post model.
'use strict'

const Model = use('Model')

class Post extends Model {

  //Post policy
  static get policy(){
    return 'App/Policies/Post'
  }

}

module.exports = Post
On a User instance call can or canNot function.
Without Post model.
const User = use('App/Models/User')

Route.get('/test-user-policy', async () => {
  const user = await User.find(1)

  if(user.can('createPost')) {
    ...
  }

  if(user.canNot('createPost')) {
    ...
  }
})
With Post model.
const User = use('App/Models/User')
const Post = use('App/Models/Post')

Route.get('/test-user-policy', async () => {
  const user = await User.find(1)
  
  if(user.can('add', Post)){
    ...
  }

  if(user.canNot('add', Post)){
    ...
  }
})
With Post instance (existing Post object).
const User = use('App/Models/User')
const Post = use('App/Models/Post')

Route.get('/test-user-policy', async () => {
  const user = await User.find(1)
  const post = await Post.find(1)

  if(user.can('edit', post)) {
    ...
  }

  if(user.canNot('edit', post)) {
    ...
  }
})

Author

πŸ‘€ Vladyslav Gaysyuk

🀝 Contributing

Contributions, issues and feature requests are welcome!
Feel free to check issues page. You can also take a look at the contributing guide.

Show your support

Give a ⭐️ if this project helped you!

πŸ“ License

Copyright Β© 2020 Vladyslav Gaysyuk.
This project is MIT licensed.


This README was generated with ❀️ by readme-md-generator

About

User Policy trait (support can and canNot methods for User model) for AdonisJS Framework

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published