npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

cb-authoritah

v1.2.0

Published

An unopinionated, tiny-ass authorization module for node apps.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

prajjwalprajjwal

Keywords

Authorization

Readme

README

Authoritah is an unopinionated, tiny, library for node that provides a convenient API for scrutinizing an object against a set of rules. This is used internally at Coding Blocks for the authorization subsystems of various applications, but is unopinionated enough to be useful in any scenario.

Author

Prajjwal Singh

Usage

Authoritah implements a rule based system, where a rule looks like this:

{
  predicate: (x) => { ... },
  test: (x) => { ... }
}

Here, both predicate() and test() are functions returning booleans. For each rule where the predicate returns true for the object under scrutiny(supplied via respect(), see below), Authoritah ensures that the corresponding test() returns a truthy value as well. Note that predicate() must always be synchronous.

A sample rule used internally at Coding Blocks looks like this:

const onlyAdminsCanDeleteRecords = {
  predicate: (request) => isDeleteRequest(request),
  test: (request) => currentUserIsAdmin(),
  httpErrorCode: 401,
  errorCode: 006
})

First, create a context:

const A = new Authoritah()

To add the rule:

A.addRule(onlyAdminsCanDeleteRecords)

addRule() also returns a boolean value indicating whether your rule was added or not.

Finally, ensure every rule passes against object x with:

// If all your tests are synchronous:
A.respect(x)

// In case you have one or more async tests:
A.respectAsync(x)
  .then(...)
  .catch(...)

This returns a boolean indicating whether every rule passed or not.

To check the number of rules that have been added, use A.ruleCount().

To clear all existing rules (useful for switching contexts), use A.clearRules().

Example

const Authoritah = require('cb-authoritah') ;

let manBearPig = {
  species: "ManBearPig",
  manFraction: 0.5,
  bearFraction: 0.5,
  pigFraction: 0.5
}

let fakeManBearPig = {
  species: "ManBearPig",
  manFraction: 0.1,
  bearFraction: 0.1,
  pigFraction: 0.8
}

let notManBearPig = {
  species: "NotManBearPig"
}

// Instantiate a context. You can do this multiple times to create different
// contexts for different uses.
const A = new Authoritah()

// Create a Rule for only creatures whose species is "ManBearPig", asserting
// that all such creatures should be half man, half bear, and half pig.
//
// - You can add as many rules as you like.
// - A rule will not be added if it lacks the required properties, ie, either a
//   predicate, a test, or both.
A.addRule({

  // This function is used to decide whether or not to test an object against
  // the rule. Use this to add rules for only certain kinds of objects. An
  // example would be to limit a userIsAdmin() test to only DELETE requests in a
  // web app.
  predicate: (creature) => {
    return (creature.species === "ManBearPig")
  },

  // This is the actual test. For all rules where the predicate returns 'true'
  // for the object under scrutiny, this function is used to figure out whether
  // the object is valid or not.
  test: (creature) => {
    return (
      (creature.manFraction === 0.5) &&
      (creature.bearFraction === 0.5) &&
      (creature.pigFraction === 0.5)
    )
  },

  // You can attach extra payload to your objects, with things like error codes
  // and messages, etc. Just be sure to quack like a duck.
  errorMessage: "That's no ManBearPig!"
})

// Test various objects against the registered rules. This only returns true if
// ALL rules attached to an object pass.
A.respect(manBearPig) // => true
A.respect(fakeManBearPig) // => false
A.respect(notManBearPig) // => true, because the rule is only for ManBearPigs

// A much more useful method is disrespectedRules(), which returns a list of all
// rules that were violated. Sorry about the naming, but the south park
// references are more important than code comprehension.
A.disrespectedRules(manBearPig) // => []
A.disrespectedRules(fakeManBearPig) // => [{ ... }]

A
  .disrespectedRules(fakeManBearPig)[0]
  .errorMessage // => "That's no ManBearPig!"

A.disrespectedRules(notManBearPig) // => []

// Get the number of registered rules.
A.ruleCount() // => 1

// Clear all rules, and return the cleared ones
A.clearRules() // => [{ ... }, ...]
A.ruleCount() // => 0

Running Tests

$> yarn test