A Sails.js hook for managing role-based access control (RBAC) with numeric clearance levels.
npm install sails-hook-clearanceCreate config/clearance.js in your Sails.js app:
module.exports.clearance = {
roles: {
guest: 0,
user: 1,
admin: 2,
superadmin: 3
},
permissions: {
'admin/*': { level: 2 },
'api/v1/users/create': { level: 2 },
'api/v1/posts/*': { level: 1 }
}
}Create the file api/policies/has-clearance.js and add the following code:
module.exports = function (req, res, next) {
return sails.hooks.clearance.check(req, res, next)
}// config/policies.js
module.exports.policies = {
'admin/*': 'has-clearance',
'api/v1/*': 'has-clearance',
'api/v1/posts/*': 'has-clearance'
}Your user's role should be stored in the session as either
req.session.userRoleorreq.session.user.role.
For complete documentation, visit docs.sailscasts.com/clearance