casbin

v5.29.0

An authorization library that supports access control models like ACL, RBAC, ABAC in Node.JS For more information about how to use this package see README

Latest version published 1 month ago

License: Apache-2.0

NPM

GitHub

Package Health Score

74 / 100

security
No known security issues
popularity
Popular
maintenance
Sustainable
community
Limited

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

All Versions

Version				Vulnerabilities	License Risk
5.29.0	\|	04/2024	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
5.28.0	\|	11/2023		0 C 0 H 0 M 0 L	0 H 0 M 0 L
4.7.2	\|	05/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L
3.1.0	\|	01/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L
3.0.9	\|	01/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

Apache-2.0

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Popular

Weekly Downloads (45,154)

GitHub Stars: 2.48K
Forks: 209
Contributors: -

Direct Usage Popularity

The npm package casbin receives a total of 45,154 downloads a week. As such, we scored casbin popularity level to be Popular.

Based on project statistics from the GitHub repository for the npm package casbin, we found that it has been starred 2,480 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Limited

Readme.md: Yes
Contributing.md: No
Code of Conduct: No
Contributors: 0
Funding: Yes

This project has seen only 10 or less contributors.

We found a way for you to contribute to the project! Looks like casbin is missing a Code of Conduct.

Embed Package Health Score Badge

Maintenance

Sustainable

Commit Frequency

Open Issues: 21
Open PR: 1
Last Release: 1 month ago
Last Commit: 1 month ago

Further analysis of the maintenance status of casbin based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Sustainable.

We found that casbin demonstrates a positive version release cadence with at least one new version released in the past 3 months.

In the past month we didn't find any pull request activity or change in issues status has been detected for the GitHub repository.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: not defined

Age: 6 years
Dependencies: 5 Direct
Versions: 134
Install Size: 621 kB
Dist-tags: 2
# of Files: 237
Maintainers: 2
TS Typings: Yes

casbin has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Readme

Node-Casbin

^{Sponsored by}

Build auth with fraud prevention, faster.
Try Stytch for API-first authentication, user & org management, multi-tenant SSO, MFA, device fingerprinting, and more.

💖 Looking for an open-source identity and access management solution like Okta, Auth0, Keycloak ? Learn more about: Casdoor

News: still worry about how to write the correct node-casbin policy? Casbin online editor is coming to help!

node-casbin is a powerful and efficient open-source access control library for Node.JS projects. It provides support for enforcing authorization based on various access control models.

All the languages supported by Casbin:


Casbin	jCasbin	node-Casbin	PHP-Casbin
production-ready	production-ready	production-ready	production-ready


PyCasbin	Casbin.NET	Casbin-CPP	Casbin-RS
production-ready	production-ready	beta-test	production-ready

Documentation

https://casbin.org/docs/overview

Installation

# NPM
npm install casbin --save

# Yarn
yarn add casbin

Get started

New a node-casbin enforcer with a model file and a policy file, see Model section for details:

// For Node.js:
const { newEnforcer } = require('casbin');
// For browser:
// import { newEnforcer } from 'casbin';

const enforcer = await newEnforcer('basic_model.conf', 'basic_policy.csv');

> Note: you can also initialize an enforcer with policy in DB instead of file, see Persistence section for details.

Add an enforcement hook into your code right before the access happens:

const sub = 'alice'; // the user that wants to access a resource.
const obj = 'data1'; // the resource that is going to be accessed.
const act = 'read'; // the operation that the user performs on the resource.

// Async:
const res = await enforcer.enforce(sub, obj, act);
// Sync:
// const res = enforcer.enforceSync(sub, obj, act);

if (res) {
  // permit alice to read data1
} else {
  // deny the request, show an error
}

Besides the static policy file, node-casbin also provides API for permission management at run-time. For example, You can get all the roles assigned to a user as below:

const roles = await enforcer.getRolesForUser('alice');

See Policy management APIs for more usage.

Policy management

Casbin provides two sets of APIs to manage permissions:

Management API: the primitive API that provides full support for Casbin policy management.
RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.

Official Model

https://casbin.org/docs/supported-models

Policy persistence

https://casbin.org/docs/adapters

Policy consistence between multiple nodes

https://casbin.org/docs/watchers

Role manager

https://casbin.org/docs/role-managers

Contributors

This project exists thanks to all the people who contribute.

Backers

Thank you to all our backers! 🙏 [Become a backer]

License

This project is licensed under the Apache 2.0 license.

Contact

If you have any issues or feature requests, please contact us. PR is welcomed.

https://github.com/casbin/node-casbin/issues
hsluoyz@gmail.com
Tencent QQ group: 546057381

casbin dependencies

await-lock buffer csv-parse expression-eval minimatch

FAQs

What is casbin?

An authorization library that supports access control models like ACL, RBAC, ABAC in Node.JS. Visit Snyk Advisor to see a full health score report for casbin, including popularity, security, maintenance & community analysis.

Is casbin popular?

The npm package casbin receives a total of 45,154 weekly downloads. As such, casbin popularity was classified as a popular. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is casbin well maintained?

We found indications that casbin maintenance is sustainable demonstrating some project activity. We saw a total of 0 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is casbin safe to use?

The npm package casbin was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 25 April-2024, at 21:47 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (45,154)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Readme

Node-Casbin

All the languages supported by Casbin:

Documentation

Installation

Get started

Policy management

Official Model

Policy persistence

Policy consistence between multiple nodes

Role manager

Contributors

Backers

Sponsors

License

Contact

casbin dependencies

casbin development dependencies

FAQs

What is casbin?

Is casbin popular?

Is casbin well maintained?

Is casbin safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues