dystcz / nuxt-permissions Goto Github PK

Nuxt module for permission management

License: MIT License

Vue 38.28% TypeScript 61.72%

nuxt nuxt3 permissions roles roles-management roles-permission-management

nuxt-permissions's Introduction

Nuxt Permissions

This is a simple package for integrating roles and permissions with a Nuxt application. It is designed to complement backend permissions, and should not be used as the sole solution.

Please note that this is alpha quality software and should not be used in production. This package is a work in progress and is subject to change.

Installation

yarn add nuxt-permissions
# or
npm i nuxt-permissions

Introduce the module into the nuxt.config.[js,ts]. and set ssr to false

export default defineNuxtConfig({
  ssr: false,
  modules: [
    'nuxt-permissions'
    // ...
  ]
})

Usage

Setting user permissions or roles

To set user permissions or roles, you must use a usePermissions or useRoles composable, that contains an array of strings for permissions or roles.

const userPermissions = usePermissions()
const userRoles = useRoles()

const user = await login() // your login functionality
userPermissions.value = user.permissions // ['read posts', ..., 'delete posts']
userRoles.value = user.roles // ['admin', 'editor']

Middleware usage

To use the module, you must set nuxt-permissions as middleware and add permissions or roles in definePageMeta. For example, for the admin dashboard, you would set roles to ['admin'] and/or permissions to ['access dashboard'], depending on your backend settings.

You can use a combination of both, but permissions have higher priority than roles.

If roles or permissions are not set, access to that page is unrestricted.

// ~/pages/admin/dashboard
definePageMeta({
  middleware: [
    'auth', // your auth middleware
    'nuxt-permissions'
  ],
  roles: ['admin'],
  permissions: ['access dashboard']
})

Directives

Directives can be a string or an array of strings. If an array is passed, only one item needs to apply for the condition to be fulfilled.

v-can

Works as v-if but for permissions

<button v-can="'edit posts'">
  Edit
</button>
<!-- or -->
<button v-can="['edit posts', 'view posts']">
  View or edit
</button>

v-can:not

Works as negated v-if but for permissions

<div v-can:not="'edit posts'">
  You do not have permissions to edit this post
</div>
<!-- or -->
<div v-can:not="['edit posts', 'view posts']">
  You do not have permissions to edit nor view this post
</div>

v-role

Works as v-if but for roles

<div v-role="'admin'">
  You are admin
</div>
<!-- or -->
<div v-role="['admin', 'editor']">
  You are admin or editor
</div>

v-role:not

Works as negated v-if but for roles

<div v-role:not="'admin'">
  You are not admin
</div>
<!--  -->
<div v-role:not="['admin', 'editor']">
  You are not admin nor editor
</div>

Development

Run npm run dev:prepare to generate type stubs.
Use npm run dev to start playground in development mode.
Use npm run test to run tests.

nuxt-permissions's People

Contributors

Stargazers

Watchers

Forkers

carpad88 mghase sedattanir

nuxt-permissions's Issues

Adding page meta middleware 'nuxt-permissions' results in 404

Adding definePageMeta({ middleware: ['nuxt-permissions'] }) to a page, causes it to return with a 404 error. It does the same if I include my auth.global.ts as middleware (it is currently completely empty anyway). I've made sure to disable SSR.

It's a brand new project and that's pretty much all I've got so far. I'm really curious as to why this doesn't work.

package.json:

{
  "name": "nuxt-app",
  "private": true,
  "type": "module",
  "scripts": {
    "build": "nuxt build",
    "dev": "nuxt dev",
    "dev:host": "nuxt dev --host",
    "generate": "nuxt generate",
    "preview": "nuxt preview",
    "postinstall": "nuxt prepare"
  },
  "dependencies": {
    "@formkit/auto-animate": "^0.8.1",
    "@formkit/nuxt": "^1.5.9",
    "@nuxt/image": "^1.3.0",
    "@pinia-plugin-persistedstate/nuxt": "^1.2.0",
    "@pinia/nuxt": "^0.5.1",
    "nuxt": "^3.10.3",
    "nuxt-permissions": "^0.2.4",
    "vue": "^3.4.19",
    "vue-router": "^4.3.0"
  },
  "devDependencies": {
    "@nuxt/fonts": "^0.0.1",
    "@nuxtjs/html-validator": "^1.6.0",
    "nuxt-icon": "^0.6.8",
    "sass": "^1.71.1"
  }
}

Missing license

Could you please specify license for this project? otherwise can't be used by any public facing project. thanks

edit: I see it is specified in package.json, but still would be nice to set it on github as well.

Add composable to access roles or permissions

It would be great to have a composable that lets us access the roles or permissions to use it in our logic, for example, to check if a user can execute one function.

The directives are great for hiding or showing UI parts, but we are limited if we need to execute some specific condition.

For example, let's assume users can see the list of permissions, but if they don't have the permission update_permissions, they shouldn't switch the checkboxes, only see them. Something like the following

<input
  v-model="rolesAndPermissions[action]"
  type="checkbox"
  class="form-checkbox"
  :disabled="!user.permissions.includes('update_roles')"
/>