jyotman / cerberus

Role Based Access Control (RBAC) authorisation library for Scala

GitHub

Cerberus

Yarn

Build Status

Lightweight Role and Attribute based Access Control for Scala.

Easy to use DSL for assigning permissions to different roles.

Read more about RBAC and ABAC.

Installation

resolvers += Resolver.bintrayRepo("jyotman","maven")

libraryDependencies += "xyz.jyotman" %% "cerberus" % "0.0.5"

Basic Example

import xyz.Types.Data
import xyz.jyotman.Cerberus
import xyz.jyotman.Dsl._
    
val data: Data = 
    ("user" can (
      ("read" any "project" attributes "title" & "description" & "!createdOn") also
        ("read" own "project" attributes "title" & "description") also
        ("create" own "project") also
        ("update" own "profile")       
      )) and
      ("curator" can (
        ("read" any "project") also
          ("update" any "project") also
          ("delete" any "project")
      ))
    
val cerberus = Cerberus(data)

cerberus.can("user", "create", "project").any // false
cerberus.can("user", "create", "project").own // true
cerberus.can("user", "read", "project").any(List("createdOn")) // false
cerberus.can("user", "read", "project").any(List("title", "description")) // true

Documentation

Work in Progress

Inspired by Access Control.