npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

gatehouse-ts

v1.0.0

Published

A TypeScript library for building and managing authorization policies.

Downloads

124

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

9morello9morello

Keywords

authorizationpolicygatehousetypescript

Readme

Gatehouse-TS

Gatehouse-TS is a flexible, zero-dependencies authorization library written in TypeScript. It combines role-based (RBAC), attribute-based (ABAC), and relationship-based (ReBAC) access control policies. Port of the Gatehouse authorization library for Rust. The original authors did a fantastic job at creating an easy to use API, and were kind enough to let this library be named after Gatehouse.

Credits for the original API design, Rust implementation and usage instructions go to Hardbyte and Partly.

Features

  • Multi-paradigm Authorization: Support for RBAC, ABAC, and ReBAC patterns
  • Policy Composition: Combine policies with logical operators (AND, OR, NOT)
  • No additional runtime dependencies: this library doesn't depend on any third-party libraries.
  • Trivially embeddable: all the implementation resides inside the src/index.ts file, written in easy-to-follow TypeScript. Feel free to copy it directly to your project and modify it to better suit your needs.
  • Detailed Evaluation Tracing: Complete decision trace for debugging and auditing.
  • Fluent Builder API: Construct custom policies with a PolicyBuilder.
  • Type Safety: Strongly typed resources/actions/contexts.

Quick Start

Here is an example of how to build a role-based Policy and evaluate access with it.

import {
    buildRbacPolicy,
    PermissionChecker
  } from 'gatehouse-ts';
  
  type User = {
    id: number;
    roles: string[]; // e.g., ["admin", "editor", "viewer"]
    department: string;
  };
  
  type Document = {
    id: number;
    ownerId: number;
    isPublic: boolean;
    requiredDepartment: string | null; // e.g., "HR", "Engineering"
  };
  
  type Action = "read" | "write" | "delete" | "comment";
  
  type RequestContext = {
    ipAddress?: string;
    timestamp?: Date;
  };
  
  const rbacPolicy = buildRbacPolicy<User, Document, Action, RequestContext, string>({
    name: "Standard RBAC Policy",
    requiredRolesResolver: (resource:Document, action:Action) => {
      // This function determines which roles are needed for a given resource and action.
      // Here, it's simplified and only depends on the action.
      switch (action) {
        case "read":
          return ["viewer", "editor", "admin"];
        case "write":
        case "comment":
          return ["editor", "admin"];
        case "delete":
          return ["admin"];
        default:
          return []; // Deny unknown actions
      }
    },
      // This function extracts the roles from the subject (User).
    userRolesResolver: (subject:User) => subject.roles,
  });
  
  const permissionChecker = new PermissionChecker<User, Document, Action, RequestContext>();

  // Add the policy to the checker
  permissionChecker.addPolicy(rbacPolicy);
  
  //mock data
  
  const editorUser: User = {
      id: 0,
      roles: ["editor"],
      department: "Marketing"
  };
  
  const privateDoc: Document = {
      id: 100,
      ownerId: 0,
      isPublic: false,
      requiredDepartment: null
  };
  
  const sampleContext: RequestContext = {};
  
  // --- Evaluation ---
  // Editor tries to write to a private doc (Allowed by RBAC)
  let result = await permissionChecker.evaluateAccess({
    subject: editorUser,
    resource: privateDoc,
    action: "write",
    context: sampleContext,
  });
  console.log(`Editor write privateDoc: ${result.isGranted()}`); // Output: true

You can add as many policies as you want to a PermissionChecker instance. For example, in the code above, you could add a policy to make it so that only users with the "admin" role could delete documents.