Seeking Feedback on My Open-Source Authorization Framework Idea

By
William Rossbach
-
0
0
Asked By TechieNinja42 On

Hey everyone! I've been working on an authorization framework at my job, and I'm considering abstracting it into an open-source library. I'd love to hear your thoughts on this and what features you think would be most beneficial.

Personally, I want to tackle issues like:
- Declaring rules directly in the code
- Allowing rules to be declared once and used in multiple projects
- Implementing drift detection to manage changes
- Focusing on DevX, making it as user-friendly as possible

I'm leaning towards using annotations for the syntax, similar to examples like this:
```javascript
@can('delete:deviceByUser',{
when: (user, { device }) => device?.organizationId === user.organizationId,
resolveUser: () => {return UserManager.getCurrentUser()},
})
async deleteDeviceByUser(device, user) {
return `deleted device ${device.id}`;
}
```

Or another variation using a helper function:
```javascript
const permitted = await canUser(
'read:device',
regularUser,
{
args: [{ name: 'Test Device', organizationId: 'org2' }],
context: {
device: { name: 'Test Device', organizationId: 'org2' }
}
}
);
```

I'd really appreciate any feedback or ideas you might have. Thanks!

2 Answers

Answered By DevGuru321 On

One thought I have is to avoid using resolvers directly in your framework. Instead, provide a context where developers can manage that themselves. This could help reduce unnecessary dependencies. It might work well in front-end scenarios where state management is straightforward, but remember that back-end contexts often require fetching user info from requests, which you'll need to handle for authorization.

Answered By CodeWizard88 On

This concept sounds awesome! I love the annotation-based syntax you're going for. One idea: consider adding support for custom error handlers or fallback strategies when a permission check doesn't pass. This would enhance the developer experience when integrating your library into various applications. Also, having a way to understand why a check failed would be super helpful for debugging complex rules.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.