SimplePermissions

Permissions by Subject, Role, and Context. It uses an in-memory model.

Concepts

• Subject: A person or automated agent
• Role: Job function or title which defines an authority level
• Permission: An approval of a mode of access to a resource
• Context: A set of values to describe the context where permissions and other attributes are assigned

Source Role-based access control. The main difference is that SimplePermissions manages contexts: roles and permissions are assigned in context, i.e., a subject can have role manager in the context { application: 'Sales' } and he/she can have role user in the context { application: 'Purchases' }. A context can have many properties, i.e. { application: 'Sales', country: 'Argentina' }.

Subjects and Roles are identified by a simple (and unique) name. Permissions are simple strings. Contexts are simple objects with properties and their values.

Installation

Via npm on Node:

npm install simplepermissions

Usage

Reference in your program:

var simplepermissions = require('simplepermissions');
var engine = simplepermissions.createEngine();
var subjects = engine.subjects();
var roles = engine.roles();

Grant subject permissions, in a context:

subjects.grantPermission(subjectId, permission(s), context);

Examples:

subjects.grantPermission('adam', 'create account', 
    { application: 'Accounting' });
subjects.grantPermission('alice', 'print invoice', 
    { application: 'Sales', country: 'Argentina' });
subjects.grantPermission('albert', ['create order', 'print order'], 
    { application: 'Purchases', country: 'Australia' });

Retrieve subject granted permissions in a context:

var permissions = subjects.grantedPermission('adam', { application: 'Accounting' });
permissions.forEach(function (permission) { console.log(permission); });

Grant role permissions, in a context:

roles.grantPermission(roleId, permission(s), context);

Examples:

roles.grantPermission('accountant', 'create account', 
    { application: 'Accounting' });
roles.grantPermission('clerk', 'print invoice', 
    { application: 'Sales', country: 'Argentina' });
roles.grantPermission('manager', ['create order', 'print order'], 
    { application: 'Purchases', country: 'Australia' });

Retrieve role granted permissions in a context:

var permissions = roles.grantedPermission('accountant', { application: 'Accounting' });
permissions.forEach(function (permission) { console.log(permission); });

The returned value is an array with the permission values. If no permission was granted, the empty array [] is returned.

Add a role to a subject in a context:

subjects.addRole('adam', 'accountant', { application: 'Accounting' });

Get roles of a subject in context:

var adamroles = subjects.getRoles('adam', { application: 'Accounting' });

The returned value is an array with the subject roles for that context. If no roles as assigned to that context, the empty array [] is returned.

Persistence?

Persistence is an orthogonal problem. You must reify the engine from your persistence store, and update their values.

Development

git clone git://github.com/ajlopez/SimplePermissions.git
cd SimplePermissions
npm install
npm test

Samples

TBD

To do

• Samples
• Revoke permissions
• Remove permissions
• Better context organization and retrieval, to support thousands of values
• Roles assigned to Subjects by Context
• Permissions inherited by Context

Versions

• 0.0.1: Published

Contribution

Feel free to file issues and submit pull requests � contributions are welcome.

If you submit a pull request, please be sure to add or update corresponding test cases, and ensure that npm test continues to pass.