Scopie
Authorization engine providing fine grained access while you control the data. Aimed at being easy to use and implement without overtaking other parts of your system.
Quick Intro
See implementations for more complete guides per language.
import { isAllowed } from "scopie";
const users = {
elsa: {
scopes: ["allow/blog/create|update"],
},
bella: {
scopes: ["allow/blog/create"],
},
]
const blogPosts = {}
function createBlog(username, blogSlug, blogContent) {
const user = users[username]
if (isAllowed(user.scopes, ["blog/create"])) {
blogPosts[blogSlug] = {
author: user,
content: blogContent,
}
}
}
function updateBlog(username, blogSlug, blogContent) {
const user = users[username]
if (isAllowed(user.scopes, ["blog/update"])) {
blogPosts[blogSlug] = {
author: user,
content: blogContent,
}
}
}
import { isAllowed } from "scopie";
type User = {
scopes: Array<string>;
};
type BlogPost = {
author: User;
content: string;
}
type UserStore = {
[key: string]: User
}
type BlogStore = {
[key: string]: BlogPost
}
const users: UserStore = {
elsa: {
scopes: ["allow/blog/create|update"],
},
bella: {
scopes: ["allow/blog/create"],
},
}
const blogPosts: BlogStore = {}
function createBlog(username: string, blogSlug: string, blogContent: string) {
const user = users[username]
if (isAllowed(user.scopes, ["blog/create"])) {
blogPosts[blogSlug] = {
author: user,
content: blogContent,
}
}
}
function updateBlog(username: string, blogSlug: string, blogContent: string) {
const user = users[username]
if (isAllowed(user.scopes, ["blog/update"])) {
blogPosts[blogSlug] = {
author: user,
content: blogContent,
}
}
}
import "github.com/miniscruff/scopie-go"
type User struct {
Scopes []string
}
type BlogPost struct {
Author User
Content string
}
var userStore map[string]User = map[string]User{
"elsa": User{
Scopes: []string{"allow/blog/create|update"},
},
"belle": User{
Scopes: []string{"allow/blog/create"},
},
}
var blogStore map[string]BlogPost = map[string]BlogPost{}
func createBlog(username, blogSlug, blogContent string) {
user := users[username]
if scopie.IsAllowed(user.scopes, []string{"blog/create"}, nil) {
blogStore[blogSlug] = BlogPost{
Author: user,
Content: blogContent,
}
}
}
func updateBlog(username, blogSlug, blogContent string) {
user := users[username]
if scopie.IsAllowed(user.scopes, []string{"blog/update"}) {
blogPosts[blogSlug] = BlogPost{
author: user,
content: blogContent,
}
}
}