@eleven-am/golem-authorizer
v0.1.4
Published
Golem authorization adapter for @eleven-am/authorizer (CASL): constraints, verified writes, field permissions, read masking
Maintainers
Readme
@eleven-am/golem-authorizer
The authorization adapter connecting Golem to @eleven-am/authorizer (CASL).
One rules provider enforces every axis: row constraints compiled into queries, transactional write verification against real rows, field-level write permissions by column diff, and per-row read masking. The default ability (leave abilityFactory off your Authenticator) is exact for BigInt columns at any magnitude. If you override abilityFactory, build it with createAbility from @eleven-am/authorizer/prisma — the adapter verifies BigInt exactness at startup and refuses to boot otherwise. Rule conditions must be written in Prisma WhereInput syntax, because constraints are copied into queries verbatim. See the full guide.
