app.js

const AccessControl = require("./index");
const matcher = require("matcher");

AccessControl.isAllowed = function (account, user, resource, action, context) {
    const acl = new AccessControl(account.acl);
    const permission = acl.permission({
        resource,
        action,
        role: user.policy.roles,
        context
    });
    return permission.granted;
}

AccessControl.getAllowedAttributes = function (account, user, resource, action, context) {
    const acl = new AccessControl(account.acl);
    const permission = acl.permission({
        resource,
        action,
        role: user.policy.roles,
        context
    });
    return permission.attributes;
}

AccessControl.allowedResources = function (account, user) {
    const acl = new AccessControl(account.acl);
    const permittedResources = acl.allowedResources({
        role: user.policy.roles
    });
    return matcher(Object.keys(account.permissions), permittedResources);
}

AccessControl.allowedActions = function (account, user, resource) {
    const acl = new AccessControl(account.acl);
    const permittedActions = acl.allowedActions({
        role: user.policy.roles,
        resource
    });
    return matcher(account.permissions[resource], permittedActions);
}

AccessControl.allowedCategories = function (account, user, resource, action) {
    const acl = new AccessControl(account.acl);
    const permittedCategories = acl.permission({
        role: user.policy.roles,
        resource: "category",
        action: "search"
    }).attributes;
    if (permittedCategories.length === 1 && permittedCategories[0] === "*") {
        return permittedCategories;
    }
    return permittedCategories.filter((category => {
        return acl.permission({
            role: user.policy.roles,
            resource,
            action,
            context: {
                category
            }
        }).granted;
    }));
}

window.AccessControl = AccessControl;