/hapi-swagger-rbac

A Hapi plugin to configure RBAC in a swagger specification.

Primary LanguageJavaScript

Hapi Swagger RBAC

A Hapi plugin to configure RBAC in a swagger specification through hapi-rbac.

Installation

npm install --save @xtech-pub/hapi-swagger-rbac

Usage

1. Swagger spec

Add the 'hapi-rbac' rules to the paths of the swagger spec using the property x-rbac.

Example:

{
  "basePath": "/bae/path",
  "paths": {
    "/path1": {
      "get": {
        "x-rbac": {
          "rules": [
            {
              "target": [{"credentials:roles": "admin"}],
              "effect": "permit"
            }
          ]
        }
      }
    }
  }
}

2. Register plugin

Register the plugin with the following options:

  • spec: swagger spec with all refs resolved
  • hapiRbac: options to pass to 'hapi-rbac'

Example:

Server.register({
  register: require('@xtech-pub/hapi-swagger-rbac'),
  options: {
    spec: spec,
    hapiRbac: {
      responseCode: {
        onDeny: 403,
        onUndetermined: 403
      }
    }
  }
});