Creating Rules By Template #225
Comments
|
Hi, In that example parseJSON expects to receive a string which contains JSON (this could be stored as a TEXT field in SQL dB). Then The last example doesn’t work because |
|
@orozcojd does it make sense? |
|
Ok, it makes sense to me now. It took a bit of reading the documentation thoroughly. Thank you, Stalniy. |
import { AbilityBuilder, PureAbility } from '@casl/ability';
import { PrismaQuery, Subjects, createPrismaAbility } from '@casl/prisma';
import { UserPayload } from '@dropdash/shared';
import { Canidates, JobOrders, Roles, Submittals, Users } from '@prisma/client';
import get = require('lodash.get');
export type Action = 'manage' | 'create' | 'read' | 'update' | 'delete';
type AppAbility = PureAbility<
[
Action,
Subjects<{
Users: Users;
Roles: Roles;
Submittals: Submittals;
Canidates: Canidates;
JobOrders: JobOrders;
}>
],
PrismaQuery
>;
interface Permission {
action: Action | Action[];
subject: any;
fields?: string | string[] | undefined;
conditions?: any | undefined;
}
const parseJSON = (template: any, variables: any) => {
console.log(template);
return JSON.parse(template, (key, rawValue) => {
if (rawValue[0] !== '$') {
return rawValue;
}
const name = rawValue.slice(2, -1);
const value = get(variables, name);
if (typeof value === 'undefined') {
throw new ReferenceError(`Variable ${name} is not defined`);
}
return value;
});
};
export const defineAbilitiesFor = (user: UserPayload) => {
const { permissions: data } = user;
const permissions = parseJSON(data, { user_id: user.user_id });
const { can: allow, build } = new AbilityBuilder<AppAbility>(
createPrismaAbility
);
permissions.forEach((item: Permission) => {
return allow(item.action, item.subject, item.fields, item.conditions);
});
return build();
};I have these permissions saved inside my SQL database, Auth0 login flow makes a call to my API and attaches the permissions response to my JWT. keep in mind the response is parsed with JSON.stringify(). permissions: [
{ action: 'read', subject: 'Clients' },
{ action: 'read', subject: 'Users' },
{ action: ['read', 'create'], subject: 'Canidates' },
{
action: ['update'],
subject: 'Canidates',
conditions: { created_by: '${user.id}' },
},
{ action: 'read', subject: 'JobOrders' },
{ action: ['read', 'create'], subject: 'Submittals' },
{
action: ['update', 'delete'],
subject: 'Submittals',
conditions: { submitted_by: '${user.id}' },
},
],package.json "dependencies": {
"@casl/ability": "^6.5.0",
"@casl/prisma": "^1.4.0",
"lodash.get": "^4.4.2",
}let me know if you have any questions. |
Hi,
I know this question has been asked several times, but its still unclear to me how this works.
I have read the following documentation
https://www.npmjs.com/package/@casl/ability
https://www.npmjs.com/package/@casl/vue
https://stalniy.github.io/casl/abilities/storage/2017/07/22/storing-abilities.html#storing-abilities
Issue 177
The Issue
I have a Vue front-end and node back-end I'm trying to share the same rules with. For starters, I just want to simply be able to send the rule set upon login, along with token, to the front-end and load it in vue. I am having trouble understanding how to define the abilities, given a rule set and a user object.
The rule set I am using looks like the following:
The user object looks like
What I am having trouble understanding is this piece of code specifically:
The code above is parsing the rule JSON but I'm not sure what its returning.
Why wouldn't something like this work?
Anything helps!
The text was updated successfully, but these errors were encountered: