@@ -149,16 +149,170 @@ This should make it very easy to integrate with a database library, for example.
149149
150150### Users
151151
152- TBD.
152+ You are expected to be providing your own user objects. Generally, this would come from either an authentication system,
153+ or a database of some kind. Because of this, we did not want to force you to preload all your users; rather, you provide
154+ TrivialPermissions with the object when you want to check permissions. By default, TrivialPermissions expect an object that looks like this:
155+
156+ ``` javascript
157+ {
158+ permissions: [... ], // A list of permissions strings
159+ groups: [... ], // A list of group names (strings)
160+ ...
161+ }
162+ ```
163+
164+ If you want to change that, you can with ` setUserMapping() ` .
153165
154166#### Setting Mapping
155167
156- TBD.
168+ * ` setUserMapping({ permissions: '...', groups: '...' }) ` - Returns nothing.
169+
170+ If your user object has it's permissions or groups under a different key name, you can change what TrivialPermissions
171+ looks for using this method. Simply pass an object with the ` permissions ` and/or ` groups ` key(s) to map to your object's structure.
172+
173+ ``` javascript
174+ var tp = require (' ../dist/trivialperms'
175+
176+ var user = {
177+ name: " John Snow"
178+ allowed: [" Foo/canView" " Bar/canView"
179+ roles: [" Posters"
180+ };
181+
182+ // This must be done before your attempt to use the permission system.
183+ tp .setUserMapping ({ permissions: ' allowed' : ' roles'
184+ ```
157185
158186#### Checking Permissions
159187
160- TBD.
188+ * ` hasPerm(user, perm, object) ` - Returns true if the user has that permission on that object, otherwise false.
189+
190+ This is the heart of the system: checking permissions. It's very simply; you pass the user object, the permission descriptor (string), and the object descriptor (string). Here are a few examples:
191+
192+ ``` javascript
193+ var tp = require (' ../dist/trivialperms'
194+
195+ // Setup
196+ var loading = tp .loadGroups ([
197+ {
198+ name: " Administrators"
199+ permissions: [
200+ " */*"
201+ ]
202+ },
203+ {
204+ name: " Authors"
205+ permissions: [
206+ " Posts/canView"
207+ " Posts/canAdd"
208+ " Posts/canEdit"
209+ ]
210+ },
211+ {
212+ name: " Users"
213+ permissions: [
214+ " Posts/canView"
215+ ]
216+ }
217+ ]);
218+
219+ // Define Users
220+ var batman = {
221+ name: ' batman'
222+ groups: [' Administrators'
223+ };
224+
225+ var stark = {
226+ name: ' tstark'
227+ permissions: [' */*'
228+ groups: [' Users'
229+ };
230+
231+ var leo = {
232+ name: ' lblume'
233+ groups: [' Users'
234+ };
235+
236+ // Wait until the loading is complete
237+ loading .then (() =>
238+ {
239+ // Batman can edit posts
240+ console .log (tp .hasPerm (batman, ' canEdit' ' Posts' // true
241+
242+ // Tony Start can do anything
243+ console .log (tp .hasPerm (stark, ' canEdit' ' Posts' // true
244+ console .log (tp .hasPerm (stark, ' canGetAwayWith' ' Murder' // true
245+
246+ // Leo can read posts
247+ console .log (tp .hasPerm (leo, ' canView' ' Posts' // true
248+
249+ // Leo can not edit posts
250+ console .log (tp .hasPerm (leo, ' canEdit' ' Posts' // false
251+ });
252+ ```
161253
162254### Checking Group membership
163255
164- TBD.
256+ * ` hasGroup(user, groupName) ` - Returns true if the user is a member of the group and the group exists, otherwise false.
257+
258+ Checking for group membership is also a very simple thing to do in TrivialPermissions. However, we add one aditional check
259+ about simply seeing if ` groupName ` is in the list of groups on the user: ` hasGroup() ` returns false for groups that have
260+ not been defined, regardless of is the user has that group name in their list of groups.
261+
262+ ``` javascript
263+ var tp = require (' ../dist/trivialperms'
264+
265+ // Setup
266+ var loading = tp .loadGroups ([
267+ {
268+ name: " Administrators"
269+ permissions: [
270+ " */*"
271+ ]
272+ },
273+ {
274+ name: " Authors"
275+ permissions: [
276+ " Posts/canView"
277+ " Posts/canAdd"
278+ " Posts/canEdit"
279+ ]
280+ },
281+ {
282+ name: " Users"
283+ permissions: [
284+ " Posts/canView"
285+ ]
286+ }
287+ ]);
288+
289+ // Define Users
290+ var batman = {
291+ name: ' batman'
292+ groups: [' Administrators'
293+ };
294+
295+ var stark = {
296+ name: ' tstark'
297+ permissions: [' */*'
298+ groups: [' Users'
299+ };
300+
301+ var leo = {
302+ name: ' lblume'
303+ groups: [' Users'
304+ };
305+
306+ // Wait until the loading is complete
307+ loading .then (() =>
308+ {
309+ // Batman is an admin
310+ console .log (tp .hasGroup (batman, ' Administrators' // true
311+
312+ // Tony Start is not an admin
313+ console .log (tp .hasGroup (stark, ' Administrators' // false
314+
315+ // Leo is a user
316+ console .log (tp .hasGroup (leo, ' Users' // true
317+ });
318+ ```
0 commit comments