Initial commit.

.gitignore

@@ -0,0 +1,130 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+.pnpm-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Snowpack dependency directory (https://snowpack.dev/)
+web_modules/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional stylelint cache
+.stylelintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variable files
+.env
+.env.development.local
+.env.test.local
+.env.production.local
+.env.local
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+.parcel-cache
+
+# Next.js build output
+.next
+out
+
+# Nuxt.js build / generate output
+.nuxt
+dist
+
+# Gatsby files
+.cache/
+# Comment in the public line in if your project uses Gatsby and not Next.js
+# https://nextjs.org/blog/next-9-1#public-directory-support
+# public
+
+# vuepress build output
+.vuepress/dist
+
+# vuepress v2.x temp and cache directory
+.temp
+.cache
+
+# Docusaurus cache and generated files
+.docusaurus
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# TernJS port file
+.tern-port
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test
+
+# yarn v2
+.yarn/cache
+.yarn/unplugged
+.yarn/build-state.yml
+.yarn/install-state.gz
+.pnp.*

LICENSE

@@ -0,0 +1,7 @@
+Copyright 2024 Fatih Kaya <[email protected]>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -0,0 +1,123 @@
+# Pundit-TS - Plain Typescript Authorization Library
+
+Pundit-TS is an authorization library highly-inspired by the [pundit](https://github.com/varvet/pundit) gem.
+
+### Usage
+
+Install the package first:
+
+```sh
+npm i -S pundit-ts
+```
+
+Declare your models.
+
+```typescript
+// models.ts
+class User {}
+
+class Post {}
+```
+
+Declare your actions for each model.
+
+```typescript
+// actions.ts
+export type UserActions = "create" | "delete" | "update";
+export type PostActions = "create" | "delete" | "update";
+```
+
+Declare your policies
+
+```typescript
+// policies.ts
+import { PunditPolicy } from "pundit-ts";
+import { Post, User } from "./models";
+import { PostActions, UserActions } from "./actions";
+
+export class PolicyContext {
+  // your orm related properties might go here
+}
+
+export class PostPolicy
+  implements PunditPolicy<PolicyContext, Post, PostActions>
+{
+  async canCreate() {
+    return false;
+  }
+
+  async canDelete() {
+    return false;
+  }
+
+  async canUpdate() {
+    return false;
+  }
+
+  handlesAction(action) {
+    return action === "create" || action === "delete" || action === "update";
+  }
+
+  handlesModel(object) {
+    return object instanceof User;
+  }
+
+  filter(ctx) {
+    // modify context
+  }
+}
+
+export class UserPolicy
+  implements PunditPolicy<PolicyContext, User, UserActions>
+{
+  async canCreate() {
+    return false;
+  }
+
+  async canDelete() {
+    return false;
+  }
+
+  async canUpdate() {
+    return false;
+  }
+
+  handlesAction(action) {
+    return action === "create" || action === "delete" || action === "update";
+  }
+
+  handlesModel(object) {
+    return object instanceof User;
+  }
+
+  filter(ctx) {
+    // modify context
+  }
+}
+```
+
+Create your Pundit instance:
+
+```typescript
+// pundit.ts
+import { Pundit } from "pundit-ts";
+import { PostPolicy, UserPolicy } from "./policies";
+
+export const pundit = new Pundit<PolicyContext>()
+  .register(new UserPolicy())
+  .register(new PostPolicy());
+```
+
+Authorize your actions in a fully type-safe way.
+
+```typescript
+// index.ts
+import { PolicyContext } from "./policies";
+import { Post } from "./models";
+import { pundit } from "./pundit";
+
+const ctx = new PolicyContext();
+const post = new Post();
+
+await pundit.authorize(ctx, post, "create");
+```

examples/without-orm/index.ts

@@ -0,0 +1,76 @@
+import { Pundit } from "../..";
+import { PunditPolicy } from "../..";
+
+// [START Models]
+export class User {
+  constructor(readonly username: string) {}
+}
+
+export class Post {
+  constructor(readonly title: string, readonly body: string) {}
+}
+// [END Models]
+
+export class PolicyContext {
+  constructor(readonly seed: number) {}
+}
+
+export type UserActions = "create" | "update";
+
+export class UserPolicy
+  implements PunditPolicy<PolicyContext, User, UserActions>
+{
+  async canCreate() {
+    return false;
+  }
+
+  async canUpdate() {
+    return false;
+  }
+
+  async filter(context: PolicyContext): Promise<void> {
+    // this is usually introduces some .where calls on the underlying ORM/querying library
+  }
+
+  handlesAction(action: unknown): action is UserActions {
+    return action === "create" || action === "update";
+  }
+
+  handlesModel(object: User): object is User {
+    return object instanceof User;
+  }
+}
+
+export type PostActions = "create";
+
+export class PostPolicy
+  implements PunditPolicy<PolicyContext, Post, PostActions>
+{
+  async canCreate() {
+    return false;
+  }
+
+  async filter() {
+    // this is usually introduces some .where calls on the underlying ORM/querying library
+  }
+
+  handlesAction(action: unknown): action is PostActions {
+    return action === "create";
+  }
+
+  handlesModel(object: Post): object is Post {
+    return object instanceof Post;
+  }
+}
+
+export type CommentActions = "approve" | "create" | "delete" | "update";
+
+export class Comment {
+  constructor(public contents: string) {}
+}
+
+const pundit = new Pundit<PolicyContext>()
+  .register(new UserPolicy())
+  .register(new PostPolicy());
+
+pundit.authorize(new PolicyContext(123), new Post("test", "test"), "create");

examples/without-orm/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "without-orm",
+  "version": "1.0.0",
+  "main": "dist/index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "description": ""
+}