Home

Awesome

Role.js Build Status

Role allows you to manage user's access depending on his current roles and abilities map

Installation

Using Bower bower install role or just copy role.js

Usage

// Defining current user role ("guest" by default)
Role.current = 'admin';

// or
Role.current = ['user', 'moderator'];

// or
var CurrentUser = require('my-current-user-instance');
Role.current = function() {
  return CurrentUser.roles;
}

// Defining roles with entity->action mapping
Role.define('user', {
  books: {
    read: true,
    update: function(book) {
      return book && book.authorId === CurrentUser.id
    }
  }
});

// Inheriting existing models
Role.define('admin', 'user', {
  books: {
    update: true
  }
});

// After that you're able to use "can" helper to check if current user's role is allowed to
// perform actions on passed entities.
// E.g. somewhere in code:

if (Role.can('read', 'books')) {
  ...
}

// or

var book = books.get(1);

if (Role.can('update', 'books', book)) {
  ...
}

// or somewhere in Backbone.Router or whatever router that has 'before' filter

... 
before: {
  'books/new': function() {
    if (!Role.can('create', 'books')) {
      this.navigate('/home');
      return false;
    }
  }
}
...


Using roles in templates

Handlebars

Handlebars.registerHelper('can', function() {
  var abilityArgs = _.initial(arguments),
    able = Role.can.apply(null, abilityArgs),
    options = _.last(arguments);

  return able ? options.fn(this) : options.inverse(this);
});

after that you can have following in templates:

{{#can 'create' 'books'}}
  <a href="#/books/new">Add book</a>
{{else}}  
  <a href="#/access/request">Request access to add new books</a>
{{/can}}

Running tests

You can use karma runner via

npm install && grunt test