A Rule Based Access Control module for hapi.
This is inspired by the XACML policies.
3.0.0
- Add Hapi17 support2.3.0
- Ability to use RegExp to match target values. Ability to match field to field. (updated rbac-core to3.0.0
)2.2.0
- Customized error responses2.1.0
- Usage of user defined data retrievals for target matching. Nested properties on target keys.2.0.0
- Simplified target (updated rbac-core to2.0.0
)1.3.0
- Use more data for target matching1.2.0
- Global default configuration is now possible1.1.0
- Added ability to dynamically retrieve policies for the route1.0.0
- Since this version, only node^4.0
and hapi^12.0.0
is supported. All the functionality and syntax remains the same.
First, install
npm install --save hapi-rbac
Then, import the module in your hapi server instance.
async () => {
try {
await server.register({
plugin: require('hapi-rbac'),
options: {
// rbac-option See API reference
}
});
} catch(er) {
// ...
}
}
Then, configure your policies. Check the API Reference.
To have a better idea of how this works, you can check my Bachelor's project presentation about XACML here (english), or here (portuguese).
Even though this plugin doesn't implement the XACML specification, it was based on its policies.