Create a new Service with casl&Dashboard
1 - Create new service
2. Create Validator file
inside your new service folder create new file - [YOUR_SERVICE_NAME].validators.js
3. Update Posts model
To connect the joi validator we use createModelFromJoi,
in this way we can validation the Mongoose models without the hassle of maintaining two schemas.
open src > models > posts.models.js
You can still use a Mongoose schema
4. Define abilities and config dashboard
open src > services > posts > posts.service.js
6. Protect posts.hooks
hook.authenticate This is wrapper of @feathersjs/authentication - Feathers local, token, and OAuth authentication over REST and Websockets using JSON Web Tokens (JWT) with PassportJS.
hooks.validateAbilities This is a wrapper of Casl, in this hook, we will define abilities and block client without the ability to run this request Casl will add to mongoose query object a relevant key value before making the request, and validate Abilities will remove fields from user request by id abilities
hooks.validateSchema This hook will use JOI to validate request data follow the scheme
hooks.sanitizedData This hook will remove data from response follow the user abilities
7. Commit changes
dashboard:
Now you can see the posts service inside the dashboard
https://feathersjs-mongoose-casl-admin.herokuapp.com/
Anyone can read the posts title
User can create/update only if he the author
Only admin user can delete posts
Try to create a new posts from the dashboard
Last updated