Skip to content

Latest commit

 

History

History
61 lines (47 loc) · 1.62 KB

authorizedResource.md

File metadata and controls

61 lines (47 loc) · 1.62 KB
Raw

AuthorizedResource extends Resource

rest-io supports Authorized Resources. The UserResource is mandatory to enable authorized resources.

Quick Start

To create an Authorized Resource:

import { AuthorizedResource, ROLES } from 'rest-io';

export default class BananaResource extends AuthorizedResource {
  ...
}

Now you can overwrite the standard calls and authorizations:

export default class BananaResource extends AuthorizedResource {
  constructor() {
    this.permissions = {
      getAll: [ROLES.USER, ROLES.SUPER_USER, ROLES.MODERATOR, ROLES.ADMIN],
      getById: [ROLES.USER, ROLES.SUPER_USER, ROLES.MODERATOR, ROLES.ADMIN],
      create: [ROLES.MODERATOR, ROLES.ADMIN],
      update: [ROLES.MODERATOR, ROLES.ADMIN],
      del: [ROLES.ADMIN]
    };
  }
});

const banana = new BananaResource({
  name: 'banana',
  model: {
    name: String
  }
});

API

The Authorized Resource allows you to easily configure per method what roles have access to them.

Roles

A set of string constants that you are free to adjust to your needs.

permissions

Object defining the allowed roles. When an empty array of roles is provided, no authorization will be performed. This allows users who are not logged in to access this resource.

getAll: Array

Array of role names allowed to access.

getById: Array

Array of role names allowed to access.

create: Array

Array of role names allowed to access.

update: Array

Array of role names allowed to access.

del: Array

Array of role names allowed to access.