BOUNCER
Midldleware for individual nodejs services, takes care of following items
- Get permission details from ACL services
- validate the incoming calls
- supply the acl.json data
Default options
var defaultOptions =
{
host: 'consul',
serviceName: '',
acl: require('./acl.json')
}
Internal dependencies
- ocbesbn-web-init
Bouncer should be added as a middleware to the ocbesbn-web-init
.
Example
import acl json via file
var bouncer = require('ocbesbn-bouncer');
{
...
middlewares: [bouncer({
host: 'consul',
serviceName: 'user', //says user service
acl: require('mypath/acl.json'),
aclServiceName: 'acl'
}).Middleware]
...
}
import acl json directly
var bouncer = require('ocbesbn-bouncer');
{
...
middlewares: [bouncer({
host: 'consul',
serviceName: 'user', //example
acl: {
"Health": { `// Key represents resource group Id`
"translations": { `// Translation for the resource group`
"name" : { `// Name of the resource group by language`
"en": "Health check",
"de": ""
},
"description": { `// Short description, explains about the resource group`
"en": "Health check endpoint used by service checks",
"de": ""
}
},
"resources": [ `// List of resources`
{
"type": "rest", `// Type of the resource, mostly be rest (API endpoints) for now`
"resourceId": "/api/health/check", `// Regular expression/complete endpoint (route of API endpoint)`
"actions": ["edit", "read"], `// Actions allowed edit=PUT, read=GET, delete=DELETE, create=POST`
"fields": ['result', 'more.somefield'] `// defines what are all the fields can be sent to the user/requestor, nested fields can be added like OBJECT.SOMEKEY..`
}
]
}
}
},
aclServiceName: 'acl'
}).Middleware]
...
}
Patterns in resource ids
Mostly the resource id is a string or regular expression, along with that, we also a pattern to replace with current user information. For E.g
The below resource Id contains ${_current_user_id}, which represents current user id, means Id of the user who ever is requesting this particular URI / resource.
"resourceId": "/users/${_current_user_id}/profile"
Here are some of the pattern which represents current user's information
${_current_user_id} - current user's id
${_current_tenant_id} - current user's tenant id
${_current_customer_id} - current user's customer id
${_current_supplier_id} - current user's supplier id