Adonis ACL adds role based permissions to built in Auth System of Adonis Framework.
- Add package:
$ npm i adonis-acl --saveor
$ yarn add adonis-acl- Register ACL providers inside the your start/app.js file.
const providers = [
...
'adonis-acl/providers/AclProvider',
...
]
const aceProviders = [
...
'adonis-acl/providers/CommandsProvider',
...
]- Setting up aliases inside
start/app.jsfile.
const aliases = {
...
Role: 'Adonis/Acl/Role',
Permission: 'Adonis/Acl/Permission',
...
}- Setting up traits to
Usermodel.
class User extends Model {
...
static get traits () {
return [
'@provider:Adonis/Acl/HasRole',
'@provider:Adonis/Acl/HasPermission'
]
}
...
}- Setting up middlewares inside
start/kernel.jsfile.
const namedMiddleware = {
...
is: 'Adonis/Acl/Is',
can: 'Adonis/Acl/Can',
...
}For using in views
const globalMiddleware = [
...
'Adonis/Acl/Init'
...
]- Publish the package migrations to your application and run these with
./ace migrations:run.
$ ./ace acl:setupLets create your first roles.
const roleAdmin = new Role()
roleAdmin.name = 'Administrator'
roleAdmin.slug = 'administrator'
roleAdmin.description = 'manage administration privileges'
await roleAdmin.save()
const roleModerator = new Role()
roleModerator.name = 'Moderator'
roleModerator.slug = 'moderator'
roleModerator.description = 'manage moderator privileges'
await roleModerator.save()Before, You should do first, use the HasRole trait in Your User Model.
class User extends Model {
...
static get traits () {
return [
'@provider:Adonis/Acl/HasRole'
]
}
...
}const user = await User.find(1)
await user.roles().attach([roleAdmin.id, roleModerator.id])const user = await User.find(1)
await user.roles().detach([roleAdmin.id])Get roles assigned to a user.
const user = await User.first()
const roles = await user.getRoles() // ['administrator', 'moderator']const createUsersPermission = new Permission()
createUsersPermission.slug = 'create_users'
createUsersPermission.name = 'Create Users'
createUsersPermission.description = 'create users permission'
await createUsersPermission.save()
const updateUsersPermission = new Permission()
updateUsersPermission.slug = 'update_users'
updateUsersPermission.name = 'Update Users'
updateUsersPermission.description = 'update users permission'
await updateUsersPermission.save()
const deleteUsersPermission = new Permission()
deleteUsersPermission.slug = 'delete_users'
deleteUsersPermission.name = 'Delete Users'
deleteUsersPermission.description = 'delete users permission'
await deleteUsersPermission.save()
const readUsersPermission = new Permission()
readUsersPermission.slug = 'read_users'
readUsersPermission.name = 'Read Users'
readUsersPermission.description = 'read users permission'
await readUsersPermission.save()Before, You should do first, use the HasPermission trait in Your User Model.
class User extends Model {
...
static get traits () {
return [
'@provider:Adonis/Acl/HasPermission'
]
}
...
}const roleAdmin = await Role.find(1)
await roleAdmin.permissions().attach([
createUsersPermission.id,
updateUsersPermission.id,
deleteUsersPermission.is,
readUsersPermission.id
])const roleAdmin = await Role.find(1)
await roleAdmin.permissions().detach([
createUsersPermission.id,
updateUsersPermission.id,
deleteUsersPermission.is,
readUsersPermission.id
])Get permissions assigned to a role.
const roleAdmin = await Role.find(1)
// ['create_users', 'update_users', 'delete_users', 'read_users']
await roleAdmin.getPermissions()or
const roleAdmin = await Role.find(1)
// collection of permissions
await roleAdmin.permissions().fetch()const createUsersPermission = new Permission()
createUsersPermission.slug = 'create_users'
createUsersPermission.name = 'Create Users'
createUsersPermission.description = 'create users permission'
await createUsersPermission.save()
const updateUsersPermission = new Permission()
updateUsersPermission.slug = 'update_users'
updateUsersPermission.name = 'Update Users'
updateUsersPermission.description = 'update users permission'
await updateUsersPermission.save()
const deleteUsersPermission = new Permission()
deleteUsersPermission.slug = 'delete_users'
deleteUsersPermission.name = 'Delete Users'
deleteUsersPermission.description = 'delete users permission'
await deleteUsersPermission.save()
const readUsersPermission = new Permission()
readUsersPermission.slug = 'read_users'
readUsersPermission.name = 'Read Users'
readUsersPermission.description = 'read users permission'
await readUsersPermission.save()Before, You should do first, use the HasPermission trait in Your User Model.
class User extends Model {
...
static get traits () {
return [
'Adonis/Acl/HasPermission'
]
}
...
}const user = await User.find(1)
await user.permissions().attach([
createUsersPermission.id,
updateUsersPermission.id,
deleteUsersPermission.is,
readUsersPermission.id
])const user = await User.find(1)
await user.permissions().detach([
createUsersPermission.id,
updateUsersPermission.id,
deleteUsersPermission.is,
readUsersPermission.id
])Get permissions assigned to a role.
const user = await User.find(1)
// ['create_users', 'update_users', 'delete_users', 'read_users']
await user.getPermissions()or
const user = await User.find(1)
// collection of permissions
await user.permissions().fetch()Syntax:
and (&&) - administrator && moderator
or (||) - administrator || moderator
not (!) - administrator && !moderator
// check roles
Route
.get('/users')
.middleware(['auth:jwt', 'is:(administrator || moderator) && !customer'])
// check permissions
Route
.get('/posts')
.middleware(['auth:jwt', 'can:read_posts'])
// scopes (using permissions table for scopes)
Route
.get('/posts')
.middleware(['auth:jwt', 'scope:posts.*'])@loggedIn
@is('administrator')
<h2>Protected partial</h2>
@endis
@endloggedIn
or
@loggedIn
@can('create_posts && delete_posts')
<h2>Protected partial</h2>
@endcan
@endloggedIn
or
@loggedIn
@scope('posts.create', 'posts.delete')
<h2>Protected partial</h2>
@endscope
@endloggedIn
Having trouble? Open an issue!
The MIT License (MIT). Please see License File for more information.