Logger for Auditing

import { createPermit } from '@vielzeug/permit';

const audit: string[] = [];

const permit = createPermit([{ role: 'viewer', resource: 'posts', action: 'read', effect: 'allow' }], {
  logger: ({ action, decision, principal, resource, rule }) => {
    const identity = principal === null ? 'anonymous' : principal.id;
    const matched = rule ? `${rule.role}:${rule.effect}` : 'no-match';
    audit.push(`${identity}:${resource}:${action}:${decision}:${matched}`);
  },
});

permit.can({ id: 'u1', roles: ['viewer'] }, 'posts', 'read');
permit.can({ id: 'u1', roles: ['viewer'] }, 'posts', 'delete');

Related

• Request Middleware (Logit)
• Auth and Guards (Routeit)
• Blog Roles