Giter Club home page Giter Club logo

teapot-acl's Introduction

๐Ÿ“œ Teapot-ACL

A minimalistic role-based ACL implementation for Teapot Smalltalk HTTP microframework.

๐Ÿช„ Usage in a nutshell

acl := TeaACL new
    addRole: #admin;
    addRole: #superadmin;
    addResource: '/documents';
    "it supports good ol' Teapot route globs"
    addResource: '/documents/<id>';
    "privileges could pretty much be anything suiting your needs - it's definitely not limited to HTTP verbs"
    allowRole: #admin toAccess: '/documents' withPrivileges: #(POST GET);
    allowRole: #admin toAccess: '/documents/<id>' withPrivileges: #(GET PUT DELETE);
    "it supports a shortcut to allow everything for a given role"
    allowRole: #superadmin toAccess: '*' withPrivileges: #(GET).

...

"returns true"
acl checkRole: #admin toAccess: '/documents?foo=bar&bar=baz' withPrivilege: #GET.
"superadmin is the god here. returns true"
acl checkRole: #superadmin toAccess: '/foo/bar' withPrivilege: #GET.
"nobody is allowed to access a route not matching to any glob. returns false"
acl checkRole: #admin toAccess: '/xxx' withPrivilege: #GET.
"a user with undeclared role is not allowed to access this. returns false"
acl checkRole: #outsider toAccess: '/documents' withPrivilege: #GET.

๐ŸŽ Installation

Metacello new
    baseline: 'TeapotACL';
    repository: 'github://radekbusa/Teapot-ACL';
    load.

๐Ÿ”Œ Integration example

  1. Add this to application bootstrap by leveraging Teapot filters:
teapot before: '*' -> [ :req | middleware checkAuthorization: req ];
  1. Middleware>>checkAuthorization: aRequest
| token userRole requestUri |
	
token := self getToken: aRequest.
userRole := token payload at: #role. "To be modified. User role is stored in a JSON Web Token in this scenario."
requestUri := aRequest uri asString.

"Config>>ACL contains a preconfigured TeaACL instance."
(config ACL checkRole: userRole toAccess: requestUri withPrivilege: aRequest method) ifFalse: [
	aRequest abort: (TeaResponse code: 403).
].

๐Ÿงฉ Compatibility

Tested in Pharo 7, 8 and 9.

๐Ÿ‘จโ€๐Ÿ’ป Author

Radek Busa is the author and maintainer of this project.

"I love building enterprise-grade software products in no time and Pharo greatly contributes to that with its amazing debugger, test-driven environment and other great stuff, such as refactoring tools. My vision is to build libraries for ultra-productive enterprise microservice development with minimalistic and easy-to-grasp APIs for Smalltalk in 2020s."

If you endorse my vision and/or this project helped you, please don't hesitate to donate. Your donations will be welcome!

paypal

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.