Permission Vue is an RBAC-based ACL design that can be used on Vue2 and Vue3.
The permission-vue project is ACL focused and does nothing more than check whether a user has access. All pre-ACL and post-ACL treatment will be done by the user.
You can use permission-vue
to protect your routes and also within your components.
The permission-vue project makes use of the permission-engine project, which is how we have to write ACL schemes to check user roles.
- npm install permission-vue --save
- yarn add permission-vue
import permissionVue from 'permission-vue'
console.log(permissionVue)
// output from import
{
canAccess,
ErrorPermissionACL,
install,
ACL,
globalMixin,
localMixin
}
The permission-vue
package can be used in various ways, giving the developer a freedom to choose the way to use it according to his project.
Below we list the various ways to use the permission-vue
package.
-
Adding an ACL instance to the Vue prototype
import Vue from 'vue' import permissionVue from 'permission-vue' // Create in Vue prototype property `$acl` Vue.use(permissionVue);
-
Using the management function.
import Vue from 'vue' import permissionVue from 'permission-vue' const userRoles = ['user', 'todo:edit']; const roles = [ { $in: ['user'] } ]; const canAccess = permissionVue.canAccess(userRoles, roles); // output true
-
Using management ACL.
import Vue from 'vue' import permissionVue from 'permission-vue' const acl = new permissionVue.ACL(); // Setter userRoles acl.userRoles = ['user', 'todo:edit']; const roles = [ { $in: ['user'] } ]; // If using `userRoles` setter it is optional to pass the second parameter to the method, as it will use the rules of the `userRoles` setter`. const canAccess = acl.canAccess(roles); // output true
-
Using a global mixin in your components.
VERY ATTENTION! We discourage you from using a global mixin as there can be performance degradation, but if your app is small or you're unsure of what you're doing, go ahead.
// // YOUR FILE BOOTSTRAP APPLICATION MAIN.JS // import Vue from 'vue' import permissionVue from 'permission-vue' permissionVue.globalMixin(Vue); // // YOUR COMPONENTS // export default { name: 'XYZ', mounted () { const userRoles = ['user', 'todo:edit']; const roles = [ { $in: ['user'] } ]; const canAccess = this.$canAccess(userRoles, roles); // output true } }
-
Using a local mixin in your components.
// // YOUR COMPONENTS // import permissionVue from 'permission-vue' export default { name: 'XYZ', mixins: [permissionVue.localMixin], mounted () { const userRoles = ['user', 'todo:edit']; const roles = [ { $in: ['user'] } ]; const canAccess = this.$canAccess(userRoles, roles); // output true } }
//
// YOUR FILE BOOTSTRAP APPLICATION MAIN.JS
//
import Vue from 'vue';
import VuePermission from 'permission-vue';
Vue.use(VuePermission);
// add in Vue prototype `this.$acl`
//
// MUTATIION IN STORE (VUEX
//
import Vue from 'vue';
// After login set user data in store and set user roles in $acl.userRoles
function SET_SESSION (state, payload) {
const { session, userData } = payload;
state.session = session;
state.userData = userData;
// This is where you will set user roles in the $acl
// User roles: ['user', 'page:mytodo', 'page:mytodo:create']
Vue.prototype.$acl.userRoles = userData.roles;
}
//
// YOUR FILE ROUTER.JS
//
import VueRouter from 'vue-router';
import permissionVue from 'permission-vue'
const { ErrorPermissionACL } = permissionVue
const Router = new VueRouter({
scrollBehavior: () => ({ x: 0, y: 0 }),
routes: [
// No has ACL, is public
{ path: '/login', component: () => import('.../Login.vue') },
// Has one ACL, $and
{
path: '/todoList',
component: () => import('.../Todo.vue'),
meta: {
acl: {
enable: true,
roles: [
{
$and: [
'user',
{$nin: ['page:mytodo']}
]
}
]
}
}
},
// Has one ACL, $and
{
path: '/todoList/item/:id',
component: () => import('.../EditTodoItem.vue'),
meta: {
acl: {
enable: true,
roles: [
{
$and: [
'user',
{$and: ['page:mytodo', 'page:mytodo:edit']}
]
}
]
}
}
},
],
mode: process.env.VUE_ROUTER_MODE,
base: process.env.VUE_ROUTER_BASE
});
Router.beforeEach((to, from, next) => {
const acl = Vue.prototype.$acl
const hasACL = acl.checkHasACL(to)
// Route is public, not have ACL
if (!hasACL) {
next()
return
}
/**
Method canAccess allow two params.
to - to from <VueRouter> is required;
userRoles - Is array user roles is optional;
*/
const canAccess = acl.canAccessRoute(to)
if (!canAccess) next('/forbiddenAccess')
else next()
})
// route output /todoList -> true (Can access)
// route output /todoList/item/:id -> true (Cannot access)
//
// METHOD CANACCESS IN COMPONENTS (Todo.vue)
//
<template>
<p v-if=$acl.canAccess([{ $in: ['page:mytodo:edit'] }])>"You have access to edit"</p>
<p v-if=$acl.canAccess([{ $in: ['page:mytodo:create'] }])>"You have access to create"</p>
</template>
The ErrorPermissionACL
class is used to check the errors generated by the permission-vue
package within your code, so you can have different decisions made.
import { ErrorPermissionACL, canAccess } from 'permission-vue'
const userRoles = ['admin'];
const roles = [{ $in: ['admin'] }]
try {
const hasAccess = canAccess(userRoles, roles);
...
// Your code continue
} catch (ex) {
if (ex instanceof ErrorPermissionACL) cosole.error(ex.message);
else throw ex;
}