README

apier-permissioner

Part of the apier framework

Defines if the user that makes the request can access the service
Uses the user making the request (req.activeUser) to check if the user can access the specified service.
To define the permissions you can use either an array or a string as explained below
NOTICE: Admin users can access all services.

User types (Array)

An array with the user types that can access the service. Using ['null'] means its a public service.
e.g.: ['editor', 'client']

Expression (String)

An expression that will be evaluated e.g.: "id === 'self' && type === 'client'"
The variables that are available for the expression are "type" for the userType and "id" for the request uuid.

Installation

Download node at nodejs.org and install it, if you haven't already.

npm install apier-permissioner --save

Dependencies

apier-authenticator: Check if the user making a request is authenticated.
apier-responsebuilder: Builds and sends the response of apier.
reqlog: A simple Node.js logger. Very closely attached to a request.

Dev Dependencies

eslint: An AST-based pattern checker for JavaScript.
eslint-config-google: ESLint shareable config for the Google style

License

MIT

Generated by package-json-to-readme

Usage no npm install needed!