Authorize easily.
CanCan provides a simple API for handling authorization of actions.
Permissions are defined and validated using simple allow()
and can()
functions respectively.
CanCan is inspired by Ryan Bates' cancan.
Installation
$ npm install --save cancan
Usage
const CanCan = ; const cancan = ;const allow can = cancan; {} {} ; const user = ;const product = ; ;//=> true ;//=> false
API
allow(model, action, target, [condition])
Adds a new access rule.
model
Type: class
(function
)
Configure the rule for instances of this class.
action
Type: array|string
Name(s) of actions to allow.
If action name is manage
, it allows any action.
target
Type: array|class|string
Scope this rule to the instances of this class.
If value is "all"
, rule applies to all models.
condition
Type: object|function
Optional callback to apply additional checks on both target and action performers.
Examples:
// allow users to view all public posts; // allow users to edit and delete their posts; // allow editors to do anything with all posts; // allow admins to do anything with everything;
can(instance, action, target[, options])
Checks if the action is possible on target
by instance
.
instance
Type: object
Instance that wants to perform the action.
action
Type: string
Action name.
target
Type: object
Target against which the action would be performed.
options
Type: object
Additional data for the rule condition.
Examples:
const user = ;const post = ; ;
With the use of 'options' parameter
const admin = role: 'administrator';const user = role: 'user'; ;
cannot(instance, action, target[, options])
Inverse of .can()
.
authorize(instance, action, target[, options])
Same as .can()
, but throws an error instead of returning false
.
License
MIT © Vadim Demedes