Permissions by Subject, Role, and Context. Model in-memory

npm install simplepermissions
2 downloads in the last week
8 downloads in the last month


Permissions by Subject, Role, and Context. It uses an in-memory model.


  • Subject: A person or automated agent
  • Role: Job function or title which defines an authority level
  • Permission: An approval of a mode of access to a resource
  • Context: A set of values to describe the context where permissions and other attributes are assigned

Source Role-based access control. The main difference is that SimplePermissions manages contexts: roles and permissions are assigned in context, i.e., a subject can have role manager in the context { application: 'Sales' } and he/she can have role user in the context { application: 'Purchases' }. A context can have many properties, i.e. { application: 'Sales', country: 'Argentina' }.

Subjects and Roles are identified by a simple (and unique) name. Permissions are simple strings. Contexts are simple objects with properties and their values.


Via npm on Node:

npm install simplepermissions


Reference in your program:

var simplepermissions = require('simplepermissions');
var engine = simplepermissions.createEngine();
var subjects = engine.subjects();
var roles = engine.roles();

Grant subject permissions, in a context:

subjects.grantPermission(subjectId, permission(s), context);


subjects.grantPermission('adam', 'create account', 
    { application: 'Accounting' });
subjects.grantPermission('alice', 'print invoice', 
    { application: 'Sales', country: 'Argentina' });
subjects.grantPermission('albert', ['create order', 'print order'], 
    { application: 'Purchases', country: 'Australia' });

Retrieve subject granted permissions in a context:

var permissions = subjects.grantedPermission('adam', { application: 'Accounting' });
permissions.forEach(function (permission) { console.log(permission); });

Grant role permissions, in a context:

roles.grantPermission(roleId, permission(s), context);


roles.grantPermission('accountant', 'create account', 
    { application: 'Accounting' });
roles.grantPermission('clerk', 'print invoice', 
    { application: 'Sales', country: 'Argentina' });
roles.grantPermission('manager', ['create order', 'print order'], 
    { application: 'Purchases', country: 'Australia' });

Retrieve role granted permissions in a context:

var permissions = roles.grantedPermission('accountant', { application: 'Accounting' });
permissions.forEach(function (permission) { console.log(permission); });

The returned value is an array with the permission values. If no permission was granted, the empty array [] is returned.

Add a role to a subject in a context:

subjects.addRole('adam', 'accountant', { application: 'Accounting' });

Get roles of a subject in context:

var adamroles = subjects.getRoles('adam', { application: 'Accounting' });

The returned value is an array with the subject roles for that context. If no roles as assigned to that context, the empty array [] is returned.


Persistence is an orthogonal problem. You must reify the engine from your persistence store, and update their values.


git clone git://
cd SimplePermissions
npm install
npm test



To do

  • Samples
  • Revoke permissions
  • Remove permissions
  • Better context organization and retrieval, to support thousands of values
  • Roles assigned to Subjects by Context
  • Permissions inherited by Context


  • 0.0.1: Published


Feel free to file issues and submit pull requests � contributions are welcome.

If you submit a pull request, please be sure to add or update corresponding test cases, and ensure that npm test continues to pass.

npm loves you