rbac service
Provides JWT-based authentication capabilities. This service is provided via the tymly plugin and isn't offered by any of the other core plugins.
Boot config
- This service doesn’t require any configuration to boot.
Service methods/properties
refreshIndex
Regenerates the internal RBAC index. Needs to be done to reflect any changes made to the underlying state-machines (e.g. fbot_permission_1_0
, fbot_role_1_0
and fbot_membership_1_0
)
Parameters
callback
Function Called with a standard error
Examples
rbac.refreshIndex(
function (err) {
// Would expect err to be null
}
)
Returns undefined
checkRoleAuthorization
Checks the supplied credentials against the internal RBAC index
Parameters
userId
string A userId to check (used for dynamic checks such as ‘allow update as long as userId matches with the author of target document’)ctx
Object A Tymly context (optional)roles
Array<string> An array of roleIdsresourceType
string The type of resource to authorize against (e.g.flow
)resourceName
string The name of the resource that the credentials are being checked against (e.g.flow fbotTest_cat_1_0 startNewTymly
)action
string And the name of action these credentials are wanting to perform (e.g.startNewTymly
)
Examples
var allowed = rbac.getUserIdFromContext(
'Dave', // userId
null, // ctx
['fbotTest_fbotTestAdmin'], // roles
'flow', // resourceType,
'fbotTest_cat_1_0', // resourceName,
'startNewTymly' // action
) // Returns true/false
Returns boolean Indicates if the provided credentials allow the specified action to be applied to the named resource (true
) or not (false
)
Boots after
statebox
storage