Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support to check/define abilities per fields #18

Closed
5 tasks done
stalniy opened this issue Jan 25, 2018 · 3 comments
Closed
5 tasks done

Add support to check/define abilities per fields #18

stalniy opened this issue Jan 25, 2018 · 3 comments
Assignees
@stalniy
Milestone
2.0

Comments

@stalniy
Copy link
Owner

stalniy commented Jan 25, 2018
edited
Loading

  • allows to define rules per field
  • allows to check rules per field
  • ensure it correctly works in rulesToQuery function
  • add function to extract permitted fields from rules
  • update Typescript defs

It should be possible to define/check abilities per field:

const user = { id: 1 }
const ability = AbilityBuilder.define(can => {
  can('update', 'Post', ['likes'])
  can('update', 'Post', ['title', 'description'], { authorId: user.id })
})

console.log(ability.can('update', 'Post', 'title')) // false
console.log(ability.can('update', 'Post')) // true, because it's allowed to update Post partially its `likes` field

const post = new Post({ authorId: user.id })
console.log(ability.can('update', post, 'title')) // true
console.log(ability.can('update', post, 'createdAt')) // false
@stalniy stalniy added this to the 2.0 milestone Jan 25, 2018
@stalniy stalniy self-assigned this Feb 21, 2018
@stalniy stalniy modified the milestones: 2.0, 2.1 Mar 5, 2018
@stalniy stalniy modified the milestones: 2.1, 2.0 Mar 18, 2018
stalniy added a commit that referenced this issue Mar 18, 2018
@stalniy
feat(ability): implement per field rules support
f0f2dcc 
Relates #18
@stalniy
Copy link
Owner Author

stalniy commented Mar 19, 2018

Typescript

stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
feat(extra): adds permittedAttributesOf
6d93168 
This function allows to extract permitted fields from Ability rules

Relates to #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
refactor(ability): changes signature of rulesToQuery to be similar to…
3ce8b4e 
… permittedFieldsOf

This protects user from mistakes like passing rules of different subjects/actions into rulesToQuery. Also refactores toMongoQuery to have similar signature but a bit different, action goes as the last argument, so we can specify default action to be `read` (as in majority of cases this is what users will want)

Relates to #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
fix(typescript): updates d.ts files
9ba754c 
Fixes #18
@stalniy stalniy closed this as completed Mar 21, 2018
@Cholowao
Copy link

@stalniy you are doing great job man!

stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
feat(ability): implement per field rules support
e5b79f0 
Relates #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
feat(extra): adds permittedAttributesOf
c66dfe3 
This function allows to extract permitted fields from Ability rules

Relates to #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
refactor(ability): changes signature of rulesToQuery to be similar to…
51df3f2 
… permittedFieldsOf

This protects user from mistakes like passing rules of different subjects/actions into rulesToQuery. Also refactores toMongoQuery to have similar signature but a bit different, action goes as the last argument, so we can specify default action to be `read` (as in majority of cases this is what users will want)

Relates to #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
fix(typescript): updates d.ts files
81498ec 
Fixes #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
feat(ability): implement per field rules support
239df75 
Relates #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
feat(extra): adds permittedAttributesOf
078314f 
This function allows to extract permitted fields from Ability rules

Relates to #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
refactor(ability): changes signature of rulesToQuery to be similar to…
4f699aa 
… permittedFieldsOf

This protects user from mistakes like passing rules of different subjects/actions into rulesToQuery. Also refactores toMongoQuery to have similar signature but a bit different, action goes as the last argument, so we can specify default action to be `read` (as in majority of cases this is what users will want)

Relates to #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
fix(typescript): updates d.ts files
3a883ea 
Fixes #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
feat(ability): implement per field rules support
471358f 
Relates #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
feat(extra): adds permittedAttributesOf
3474fcc 
This function allows to extract permitted fields from Ability rules

Relates to #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
refactor(ability): changes signature of rulesToQuery to be similar to…
5017797 
… permittedFieldsOf

This protects user from mistakes like passing rules of different subjects/actions into rulesToQuery. Also refactores toMongoQuery to have similar signature but a bit different, action goes as the last argument, so we can specify default action to be `read` (as in majority of cases this is what users will want)

Relates to #18
stalniy added a commit that referenced this issue Mar 21, 2018
@stalniy
fix(typescript): updates d.ts files
d5fc51c 
Fixes #18
@stalniy
Copy link
Owner Author

stalniy commented Mar 21, 2018

@Cholowao I glad that you find this useful :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stalniy stalniy

Labels
None yet
Projects
None yet
Milestone
2.0
Development

No branches or pull requests
2 participants
@stalniy @Cholowao