npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

policy-control

v0.0.9

Published

Policy based access control

Downloads

301

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

cdriscolcdriscol

Keywords

Readme

policy-control CI codecov

policy-control helps you decide if a user is authorized to act on a resource. No assumptions are made about your data or how you make authorization decisions. With policy-control policies, you are in full control of how your application makes authroizations decisions. Policies allow you to choose what action, resource, data, and rules you need to make a decision and the rest is taken care of.

Getting started

$ yarn add policy-control

Core concepts

User

A user making the request.

Resource

A resource the user is acting on.

Action

The action the user is taking on the resource.

Policies

A policy can be defined for specific resources and actions and when evaluated will process rules to determine whether an action is allowed.

Rules

A rule can load data and evaluates to a boolean response.

Loaders

A loader will load data into the decision context which can be used to help evaluate rules.

Context

Context refers to the data store for our loaders to use. Context can also be primed and cleared as needed.

Decider

A decider can evaluate and reduce a set of policies to an authorization decision.

Authorization Decision

An authorization decision returns a permission response (Allow, Deny, Indeterminate).

Decision Flow

Each authorization decision follows the same flow and can be demonstrated by a simple authorized GET request:

  1. Alice does GET on /post/123.
  2. API receives call and authenticates Alice.
  3. API asks policy control for a decision, Is Alice authorized to read post 123?
  4. Policy Control finds and applies any policies for reading posts.
  5. Each policy loads necessary attributes, evaluates rules, and returns a decision.
  6. Policy decisions are reduced to a final authorization decision (e.g. Allow, Deny, Indeterminate)
  7. If decision is Allow the request is continued, otherwise an authorization error (401) is thrown.

Examples (WIP)

Below are several examples intended to help you see how policy-control can be used in your project:

Core features (WIP)

  • Flexible policies
  • Simple API - no "extras"
  • Effecient data fetching
  • Very lightweight
  • Extensible
  • TypeScript support
  • User/Resource/Action policies
  • Async data loading built-in