node-casbin
diff --git a/‎.eslintignore‎
Lines changed: 2 additions & 0 deletions b/‎.eslintignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎.eslintrc‎
Lines changed: 21 additions & 0 deletions b/‎.eslintrc‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎.gitattributes‎ b/‎.gitattributes‎
diff --git a/‎.github/workflows/main.yml‎
Lines changed: 26 additions & 0 deletions b/‎.github/workflows/main.yml‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 21 additions & 61 deletions b/‎.gitignore‎
Lines changed: 21 additions & 61 deletions
diff --git a/‎.prettierrc‎
Lines changed: 6 additions & 0 deletions b/‎.prettierrc‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎.releaserc.json‎
Lines changed: 22 additions & 0 deletions b/‎.releaserc.json‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 107 additions & 1 deletion b/‎README.md‎
Lines changed: 107 additions & 1 deletion
diff --git a/‎jest.config.js‎
Lines changed: 7 additions & 0 deletions b/‎jest.config.js‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎package.json‎
Lines changed: 66 additions & 0 deletions b/‎package.json‎
Lines changed: 66 additions & 0 deletions
@@ -0,0 +1,2 @@
+lib
+examples
@@ -0,0 +1,21 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "extends": ["plugin:@typescript-eslint/recommended", "prettier", "plugin:prettier/recommended"],
+  "rules": {
+    "prettier/prettier": "error",
+    "eqeqeq": "error",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-unused-vars": "off",
+    "@typescript-eslint/explicit-function-return-type": [
+      "error",
+      {
+        "allowExpressions": true
+      }
+    ],
+    "@typescript-eslint/no-non-null-assertion": ["error"]
+  },
+  "env": {
+    "jest": true,
+    "node": true
+  }
+}
@@ -0,0 +1,26 @@
+name: main
+on: [push, pull_request]
+jobs:
+  test:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        node-version: [^10, ^12, ^14]
+        os: [ ubuntu-latest, macOS-latest, windows-latest]
+
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ matrix.node-version }}
+      - run: yarn install --ignore-engines
+      - run: yarn lint
+      - run: yarn test
+      - run: yarn coverage
+      - name: Coveralls
+        uses: coverallsapp/github-action@master
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          flag-name: run-${{ matrix.node-version }}-${{ matrix.os }}
+          parallel: true
@@ -1,104 +1,64 @@
-# Logs
+.idea
+*.iml
+out
+gen
 logs
 *.log
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 lerna-debug.log*
-
-# Diagnostic reports (https://nodejs.org/api/report.html)
 report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
-
-# Runtime data
 pids
 *.pid
 *.seed
 *.pid.lock
-
-# Directory for instrumented libs generated by jscoverage/JSCover
 lib-cov
-
-# Coverage directory used by tools like istanbul
 coverage
 *.lcov
-
-# nyc test coverage
 .nyc_output
-
-# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
 .grunt
-
-# Bower dependency directory (https://bower.io/)
 bower_components
-
-# node-waf configuration
 .lock-wscript
-
-# Compiled binary addons (https://nodejs.org/api/addons.html)
 build/Release
-
-# Dependency directories
 node_modules/
 jspm_packages/
-
-# TypeScript v1 declaration files
-typings/
-
-# TypeScript cache
+web_modules/
 *.tsbuildinfo
-
-# Optional npm cache directory
 .npm
-
-# Optional eslint cache
 .eslintcache
-
-# Microbundle cache
 .rpt2_cache/
 .rts2_cache_cjs/
 .rts2_cache_es/
 .rts2_cache_umd/
-
-# Optional REPL history
 .node_repl_history
-
-# Output of 'npm pack'
 *.tgz
-
-# Yarn Integrity file
 .yarn-integrity
-
-# dotenv environment variables file
 .env
 .env.test
-
-# parcel-bundler cache (https://parceljs.org/)
 .cache
-
-# Next.js build output
+.parcel-cache
 .next
-
-# Nuxt.js build / generate output
 .nuxt
 dist
-
-# Gatsby files
 .cache/
-# Comment in the public line in if your project uses Gatsby and *not* Next.js
-# https://nextjs.org/blog/next-9-1#public-directory-support
-# public
-
-# vuepress build output
 .vuepress/dist
-
-# Serverless directories
 .serverless/
-
-# FuseBox cache
 .fusebox/
-
-# DynamoDB Local files
 .dynamodb/
-
-# TernJS port file
 .tern-port
+.vscode-test
+.yarn/cache
+.yarn/unplugged
+.yarn/build-state.yml
+.yarn/install-state.gz
+.pnp.*
+cmake-build-*/
+*.iws
+out/
+.idea_modules/
+atlassian-ide-plugin.xml
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
@@ -0,0 +1,6 @@
+{
+  "semi": true,
+  "singleQuote": true,
+  "printWidth": 140,
+  "endOfLine": "auto"
+}
@@ -0,0 +1,22 @@
+{
+  "debug": true,
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    "@semantic-release/npm",
+    [
+      "@semantic-release/changelog",
+      {
+        "changelogFile": "CHANGELOG.md"
+      }
+    ],
+    [
+      "@semantic-release/git",
+      {
+        "assets": ["package.json", "CHANGELOG.md"],
+        "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+      }
+    ],
+    "@semantic-release/github"
+  ]
+}
@@ -1 +1,107 @@
-# graphql-authz
+# graphql-authz
+
+graphql-authz is a Casbin authorization middleware for graphql-js
+
+[![NPM version][npm-image]][npm-url]
+[![NPM download][download-image]][download-url]
+[![install size](https://packagephobia.now.sh/badge?p=graphql-authz)](https://packagephobia.now.sh/result?p=graphql-authz)
+[![GitHub Actions](https://github.com/node-casbin/graphql-authz/workflows/main/badge.svg)](https://github.com/node-casbin/graphql-authz/actions)
+[![Coverage Status](https://coveralls.io/repos/github/node-casbin/graphql-authz/badge.svg?branch=master)](https://coveralls.io/github/node-casbin/graphql-authz?branch=master)
+[![Release](https://img.shields.io/github/release/node-casbin/graphql-authz.svg)](https://github.com/node-casbin/graphql-authz/releases/latest)
+[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/casbin/lobby)
+
+[npm-image]: https://img.shields.io/npm/v/graphql-authz.svg?style=flat-square
+[npm-url]: https://npmjs.org/package/graphql-authz
+[download-image]: https://img.shields.io/npm/dm/graphql-authz.svg?style=flat-square
+[download-url]: https://npmjs.org/package/graphql-authz
+
+## Installation
+
+```shell
+npm install graphql-authz
+// or
+yarn add graphql-authz
+```
+
+## Get Started
+
+This package should use with `graphql` and `graphql-middleware`
+
+To limit access to each endpoint, you can use casbin policy or graphql directive.
+
+In the policy method, you can use casbin policy like
+```csv
+p,user,project.members,query
+p,roleb,project.members.tickets.id,query
+```
+to restricted access to each endpoint.
+
+In the directive method, you can use directive `can` to do the same thing.
+
+Here's a minimal example. You can find the full example in the `tests/server.test.ts`
+```typescript
+import { applyMiddleware } from 'graphql-middleware';
+import { newMiddleware, CanDirective } from 'graphql-authz';
+import { newEnforcer } from 'casbin';
+import { ApolloServer } from 'apollo-server';
+import { makeExecutableSchema } from '@graphql-tools/schema';
+import { CasbinContextEnforcerKey } from '../src';
+// After graphql-js 14.0.0, you should manually define directive in the SDL.
+const typeDefs = `
+directive @can(who: String!) on FIELD_DEFINITION
+
+type User {
+    id: ID! @can(who: "user")
+    name: String @can(who: "someone")
+}
+`;
+
+  const resolvers = {
+    // something
+  };
+  const schemaWithDirective = makeExecutableSchema({
+    typeDefs,
+    resolvers,
+    schemaDirectives: {
+      can: CanDirective,
+    },
+  }); 
+  // If you want to use directive, this is necessary.
+  // You can ignore this in the policy only method.
+
+  const enforcer = await newEnforcer('tests/casbin.conf', 'tests/policy.csv');
+  // As for now, you should use model tests/casbin.conf to initialize enforcer.
+  // For more info about enforcer, plz refer to https://github.com/casbin/node-casbin
+
+  const middleware = await newMiddleware({
+    ctxMember: 'user', // middleware will get current user role from the graphql context[ctxMember]
+    enforcer: enforcer, // Casbin Instance
+  });
+  
+  // Apply middlware to graphql schema
+  const schemaWithDirectiveMiddleware = applyMiddleware(schemaWithDirective, middleware);
+
+  const server = new ApolloServer({
+    schema: schemaWithDirectiveMiddleware,
+    context: ({ req }) => {
+      // Provide necessary info in the context.
+      const token = req.headers.authorization || '';
+
+      // Try to retrieve a user with the token
+      const user = getUser(token);
+
+      const a: any = {};
+      a[CasbinContextEnforcerKey] = enforcer;
+      a['user'] = user;
+      return a;
+    },
+  });
+```
+
+## Getting Help
+
+- [Node-Casbin](https://github.com/casbin/node-casbin)
+
+## License
+
+This project is under Apache 2.0 License. See the [LICENSE](LICENSE) file for the full license text.
@@ -0,0 +1,7 @@
+module.exports = {
+  testEnvironment: 'node',
+  transform: {
+    '^.+\\.(ts|tsx)$': 'ts-jest',
+  },
+  moduleFileExtensions: ['ts', 'tsx', 'js', 'jsx', 'json'],
+};
@@ -0,0 +1,66 @@
+{
+  "name": "graphql-authz",
+  "version": "0.0.1",
+  "description": "Integrated Casbin into GraphQL.js",
+  "main": "lib/cjs/index.js",
+  "typings": "lib/cjs/index.d.ts",
+  "module": "lib/esm/index.js",
+  "scripts": {
+    "prepack": "run-s lint test build",
+    "postpack": "run-s clean",
+    "build": "run-s clean && run-p build:*",
+    "build:cjs": "tsc -p tsconfig.cjs.json",
+    "build:esm": "tsc -p tsconfig.esm.json",
+    "test": "jest --forceExit",
+    "lint": "eslint . --ext .js,.ts",
+    "fmt": "eslint . --ext .js,.ts --fix",
+    "clean": "rimraf lib",
+    "coverage": "jest --forceExit --coverage"
+  },
+  "devDependencies": {
+    "@graphql-tools/schema": "^7.1.5",
+    "@types/jest": "^26.0.24",
+    "@types/node": "^10.5.3",
+    "@types/node-fetch": "^2.5.11",
+    "@typescript-eslint/eslint-plugin": "^4.17.0",
+    "@typescript-eslint/parser": "^4.17.0",
+    "apollo-server": "^2.25.2",
+    "casbin": "5.9.0",
+    "eslint": "^7.30.0",
+    "eslint-config-prettier": "^8.3.0",
+    "eslint-plugin-prettier": "^3.4.0",
+    "graphql": "^15.0.0",
+    "graphql-middleware": "^6.0.0",
+    "jest": "^27.0.6",
+    "node-fetch": "^2.6.1",
+    "npm-run-all": "^4.1.5",
+    "prettier": "^2.2.1",
+    "rimraf": "^3.0.2",
+    "ts-jest": "^27.0.3",
+    "tslint": "^5.11.0",
+    "typescript": "^4.3.5"
+  },
+  "peerDependencies": {
+    "graphql": "^0.11.0 || ^0.12.0 || ^0.13.0 || ^14.0.0 || ^15.0.0",
+    "graphql-middleware": "^2.0.0 || ^3.0.0 || ^4.0.0 || ^6.0.0"
+  },
+  "files": [
+    "lib",
+    "tests"
+  ],
+  "homepage": "https://casbin.org",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/node-casbin/graphql-authz.git"
+  },
+  "licenses": [
+    {
+      "type": "Apache-2.0",
+      "url": "https://www.apache.org/licenses/LICENSE-2.0"
+    }
+  ],
+  "dependencies": {
+    "casbin": "5.9.0",
+    "@graphql-tools/utils": "^7.10.0"
+  }
+}