@invect/rbac
v0.0.12
Published
RBAC plugin for Invect — adds role-based access control UI, flow sharing, and permission management. Requires @invect/user-auth.
Readme
Adds flow-level permissions, sharing UI, and access control enforcement to Invect. Requires @invect/user-auth for session resolution.
Install
pnpm add @invect/rbacBackend
import { auth } from '@invect/user-auth';
import { rbac } from '@invect/rbac';
const invectRouter = await createInvectRouter({
database: { type: 'sqlite', connectionString: 'file:./dev.db' },
encryptionKey: process.env.INVECT_ENCRYPTION_KEY,
plugins: [
auth({ globalAdmins: [{ email: '[email protected]', pw: 'secret' }] }), // Must come first
rbac(),
],
});
app.use('/invect', invectRouter);Frontend
import { Invect } from '@invect/ui';
import { rbacFrontend } from '@invect/rbac/ui';
<Invect apiBaseUrl="http://localhost:3000/invect" plugins={[rbacFrontend]} />;The plugin contributes sidebar items, an access management page, a flow-level access panel tab, and a share button in the flow editor header.
Exports
| Entry Point | Content |
| -------------------- | ------------------------------------------------------------------------------------- |
| @invect/rbac | Backend plugin (Node.js) |
| @invect/rbac/ui | Frontend plugin — rbacFrontend, RbacProvider, ShareFlowModal, FlowAccessPanel |
| @invect/rbac/types | Shared types — FlowAccessRecord, FlowAccessPermission, etc. |
