An access control list middleware

Inspired by acl

##Status

##Installation

Using npm:

npm install connect-accesscontrol

##Documentation

• allow
• check
• middleware

##Examples

var Acl = require('connect-accesscontrol')
  , acl = new Acl()
;

### allow() ```javascript acl.allow([ { roles:['someRole'], allows:[ { resources:'/resource1', permissions:'get' }, { resources:'/resource2', permissions:['get', 'post', 'put'] }, { resources:'/resource3', permissions:'*' } ] } ]) ``` Permissions can be a single verb, an array of verbs. If you want to grant any action to a role, you can use '*'.

Regular expression are also supported

acl.allow([
  {
    roles:['someRole'], 
    allows:[
      { resources:'/resource1(/[0-9]+)?', permissions:['get', 'post', 'put'] },
      { resources:'/resource2(/[0-9]+)?', permissions:['get', 'post', 'put'] }
    ]
  }
])

Do not include ^ and $. Those will be added for you.

You can also omit access to the parent resource while allowing access to the subresource

acl.allow([
  {
    roles:['someOtherRole'], 
    allows:[
      {resources:'/resource/[0-9]+/subresource/[0-9]+', permissions:['get', 'post', 'put']}
    ]
  }
])

### check() ```javascript acl.check(roles, resource, permission) roles { String | Array } resource { String } permission { String }

<a name="middleware"/>
### middleware()
```javascript
app.use(acl.middleware(opts));

Options

  roleProvider          { Function } /* defaults to function(req){ return req.user.roles;}             */
  resourceProvider      { Function } /* defaults to function(req){ return req.url;}                    */
  permissionProvider    { Function } /* defaults to function(req){ return req.method.toLowerCase();}   */