An authorization library that supports access control models like ACL, RBAC, ABAC in modern JavaScript platforms

Last update: Oct 20, 2022

Related tags

Overview

Casbin-Core

💖 Looking for an open-source identity and access management solution like Okta, Auth0, Keycloak ? Learn more about: Casdoor

News: still worry about how to write the correct casbin-core policy? Casbin online editor is coming to help!

casbin-core is a powerful and efficient open-source access control library for JavaScript projects. It provides support for enforcing authorization based on various access control models.

All the languages supported by Casbin:


Casbin	jCasbin	node-Casbin	PHP-Casbin
production-ready	production-ready	production-ready	production-ready


PyCasbin	Casbin.NET	Casbin-CPP	Casbin-RS
production-ready	production-ready	beta-test	production-ready

Documentation

https://casbin.org/docs/en/overview

Feature

😎 Written in TypeScript to provide the type definitions
🎯 Support multiple access model such as ACL, RBAC, ABAC
🎮 Run everywhere on JavaScript platforms such as WEB, Node.js, React-Native, Electron, etc.

Installation

Note: The project is under development and the API is unstable.

# NPM
npm install casbin-core@beta --save

# Yarn
yarn add casbin-core@beta

Get started

New an enforcer with a model string and a memory policy, see Model section for details:

import { newEnforcer, newModel, MemoryAdapter } from 'casbin-core';

const model = newModel(`
[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[role_definition]
g = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
`);

const adapter = new MemoryAdapter(`
p, alice, data1, read
p, bob, data2, write
p, data2_admin, data2, read
p, data2_admin, data2, write
g, alice, data2_admin
`);

const enforcer = await newEnforcer(model, adapter);

Note: you can also initialize an enforcer with policy in DB instead of file, see Persistence section for details.

Add an enforcement hook into your code right before the access happens:

const sub = 'alice'; // the user that wants to access a resource.
const obj = 'data1'; // the resource that is going to be accessed.
const act = 'read'; // the operation that the user performs on the resource.

// Async:
const res = await enforcer.enforce(sub, obj, act);
// Sync:
// const res = enforcer.enforceSync(sub, obj, act);

if (res) {
  // permit alice to read data1
} else {
  // deny the request, show an error
}

Besides the static policy file, casbin-core also provides API for permission management at run-time. For example, You can get all the roles assigned to a user as below:

const roles = await enforcer.getRolesForUser('alice');

See Policy management APIs for more usage.

Policy management

Casbin provides two sets of APIs to manage permissions:

Management API: the primitive API that provides full support for Casbin policy management.
RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.

Official Model

https://casbin.org/docs/en/supported-models

Policy persistence

https://casbin.org/docs/en/adapters

Policy consistence between multiple nodes

https://casbin.org/docs/en/watchers

Role manager

https://casbin.org/docs/en/role-managers

Contributors

This project exists thanks to all the people who contribute.

Backers

Thank you to all our backers! 🙏 [Become a backer]

License

This project is licensed under the Apache 2.0 license.

Contact

If you have any issues or feature requests, please contact us. PR is welcomed.

https://github.com/casbin/casbin-core/issues
[email protected]
Tencent QQ group: 546057381

A simple cmatrix-like terminal decoration written in JavaScript that supports window resizing.

jsmatrix A simple cmatrix-like terminal decoration written in JavaScript that supports window resizing. Getting Started Dependencies NodeJS Any termin

Mar 27, 2022

Example project implementing authentication, authorization, and routing with Next.js and Supabase

Magic Link Authentication and Route Controls with Supabase and Next.js To run this project, To get started with this project, first create a new proje

Dec 11, 2022

Firebase Angular Skeleton - Quickly create an application with a fully functional authentication, authorization and user management system.

FAngS - Firebase Angular Skeleton FAngS lets you quickly create an application with a fully functional authentication, authorization and user manageme

Sep 21, 2022

This repository aims to create a POC about authentication and authorization using NestJS, Prisma and JWT.

A progressive Node.js framework for building efficient and scalable server-side applications. Description Nest framework TypeScript starter repository

Nov 2, 2022

Angular 14 JWT Authentication & Authorization with Web API and HttpOnly Cookie - Token Based Auth, Router, Forms, HttpClient, BootstrapBootstrap

Angular 14 JWT Authentication with Web API and HttpOnly Cookie example Build Angular 14 JWT Authentication & Authorization example with Web Api, HttpO

Dec 26, 2022

Modern Spatial Reference System Class. Supports EPSG Codes, PROJ4 String, and Well-Known Text.

spatial-reference-system Modern Spatial Reference System Class. supports EPSG Codes PROJ4 Strings ESRI and OGC Well-Known Text PRJ File install npm in

Jul 22, 2022

Chrome extension to save and keep track of problems from different platforms(codeforces, codechef, atcoder, leetcode etc.)

Keep Problems A Browser extension which helps to save and keep track of problems from different platforms(codeforces, codechef, atcoder, leetcode etc.

Aug 13, 2022

A social media platform aimed to capture the essence of all popular, existing social media platforms

Social Fuel Reimagining Social Media, step by step 📌 About A social media platform aimed to capture the essence of all popular, existing social media

Feb 12, 2022

Harassment Manager is a web application that aims to empower users to document and take action on abuse targeted at them on online platforms.

Harassment Manager Online abuse and harassment silence important voices in conversation, forcing already marginalized people offline. Harassment Manag

Dec 6, 2022

Comments

allow missing policy in `addPolicies` & `removePolicies`

In addPolicies & removePolicies, if there is a missing/existing policy in the list of policies, then the operation is stopped and false is return, I think for a huge policy storage and large no. of policy addition/remove operation, if we keep this behavior then I guess it can get hard to know about existing/missing policies in the storage. I think we should either ignore the missing/existing policy and continue the operation or at least log out about the existing/missing policies that the user is trying to input.
enhancement

opened by Shivansh-yadav13 11
The automated release is failing 🚨
:rotating_light: The automated release from the beta branch failed. :rotating_light:

I recommend you give this issue a high priority, so other packages depending on you can benefit from your bug fixes and new features again.

You can find below the list of errors reported by semantic-release. Each one of them has to be resolved in order to automatically publish your package. I’m sure you can fix this 💪.

Errors are usually caused by a misconfiguration or an authentication problem. With each error reported below you will find explanation and guidance to help you to resolve it.

Once all the errors are resolved, semantic-release will release your package the next time you push a commit to the beta branch. You can also manually restart the failed CI job that runs semantic-release.

If you are not sure how to resolve this, here are some links that can help you:

Usage documentation

Frequently Asked Questions

Support channels

If those don’t help, or if this issue is reporting something you think isn’t right, you can always ask the humans behind semantic-release.

Cannot push to the Git repository.

semantic-release cannot push the version tag to the branch beta on the remote Git repository with URL https://x-access-token:[secure]@github.com/casbin/casbin-core.git.

This can be caused by:

a misconfiguration of the repositoryUrl option

the repository being unavailable

or missing push permission for the user configured via the Git credentials on your CI environment

Good luck with your project ✨

Your semantic-release bot :package::rocket:
question semantic-release
opened by nodece 5

Owner

Casbin

Casbin authorization library and the official middlewares

GitHub

Airtable for TypeScript and JavaScript (ES7, ES6, ES5). Supports Airtable database. Works in NodeJS, Browser, Ionic, Cordova and Electron platforms.

TypeAirtable is an ORM that can run in NodeJS, Browser, Cordova, PhoneGap, Ionic, React Native, NativeScript, Expo, and Electron platforms and can be

11 Sep 11, 2022

☁️ Application using Node.js, AdonisJs, Adonis ACL, Adonis Kue Provider, Adonis Mail, Adonis Lucid Slugify, Adonis Validator, AdonisJs Redis, ESLint and pg

Node.js - SaaS ☁️ Application using Node.js, AdonisJs, Adonis ACL, Adonis Kue Provider, Adonis Mail, Adonis Lucid Slugify, Adonis Validator, AdonisJs

4 Aug 19, 2022

Web based application that uses playerctl in it backend to control remotely your audio using the frontend as remote control.

Linux Remote This is a web based application that uses playerctl in it backend to control remotely your audio using the frontend as remote control. Do

4 Jul 6, 2022

A three.js and roslibjs powered web-control for zju fast-drone-250 for laptop-free flight control

Web Control for ZJU Fast-Drone-250 A three.js and roslibjs powered web-control for zju fast-drone-250 for laptop-free flight control (tested on Xiaomi

6 Nov 11, 2022

Type Identity - a powerful and highly customizable authentication and authrozation and access-control framework

Type Identity is a powerful and highly customizable authentication and authrozation and access-control framework. It is the de-facto standard for securing Type Script api beta release

2 Jan 1, 2023

Sign In With Tezos: Access Control Management using Tezos NFTs

SIWT Sign In With Tezos (SIWT) is a library that supports the development of your decentralized application (dApp) by proving the users ownership of t

0 Dec 31, 2022

a cobbled together alternative UI to launchdarkly, allowing read/write access via LD API access token

discount-launchdarkly a cobbled together alternative UI to launchdarkly, allowing read/write access via LD API access token setup make sure you have a

9 Oct 19, 2022

Fnon is a client-side JavaScript library for models, loading indicators, notifications, and alerts which makes your web projects much better.

???????? Fnon is the name of my late mother, It's an Arabic word which means Art, I created this library in honor of her name. Fnon is a client-side J

5 Sep 11, 2022

A regular table library, for async and virtual data models.

A Javascript library for the browser, regular-table exports a custom element named <regular-table>, which renders a regular HTML <table> to a sticky p

285 Dec 16, 2022

Browser-compatible JS library for running language models

Huggingface Transformers Running in the Browser This library enables you to run huggingface transformer models directly in the browser. It accomplishe

50 Jan 8, 2023