secure-role-guard 1.0.0

package/dist/types-CSUpaGsY.d.mts

@@ -0,0 +1,76 @@
+/**
+ * Secure Role Guard - Core Types
+ *
+ * Pure TypeScript type definitions for RBAC authorization.
+ * Zero dependencies, zero side effects.
+ */
+/**
+ * Represents the current user's authorization context.
+ * This is the input shape provided by the consuming application.
+ *
+ * @example
+ * const user: UserContext = {
+ *   userId: 'user-123',
+ *   roles: ['admin', 'manager'],
+ *   permissions: ['custom.permission'],
+ *   meta: { tenantId: 'tenant-abc' }
+ * };
+ */
+type UserContext = {
+    /** Optional unique identifier for the user */
+    readonly userId?: string;
+    /** Array of role names assigned to this user */
+    readonly roles?: readonly string[];
+    /** Array of direct permissions granted to this user (bypasses role lookup) */
+    readonly permissions?: readonly string[];
+    /** Optional metadata for tenant/org context or custom data */
+    readonly meta?: Readonly<Record<string, unknown>>;
+};
+/**
+ * Defines a mapping of role names to their granted permissions.
+ *
+ * @example
+ * const roles: RoleDefinition = {
+ *   superadmin: ['*'],
+ *   admin: ['user.read', 'user.update', 'user.delete'],
+ *   viewer: ['user.read', 'report.view']
+ * };
+ */
+type RoleDefinition = Readonly<Record<string, readonly string[]>>;
+/**
+ * Immutable registry of role definitions.
+ * Created by the defineRoles() function.
+ */
+type RoleRegistry = {
+    /** Get permissions for a specific role. Returns empty array if role not found. */
+    readonly getPermissions: (role: string) => readonly string[];
+    /** Check if a role exists in the registry */
+    readonly hasRole: (role: string) => boolean;
+    /** Get all registered role names */
+    readonly getRoleNames: () => readonly string[];
+};
+/**
+ * Configuration options for the permission engine.
+ */
+type PermissionEngineConfig = {
+    /** The role registry to use for permission lookups */
+    readonly roleRegistry: RoleRegistry;
+};
+/**
+ * Result of a permission check.
+ * Simple boolean for now, but structured for future extensibility.
+ */
+type PermissionCheckResult = {
+    readonly allowed: boolean;
+    /** Optional reason for debugging (only in development) */
+    readonly reason?: string;
+};
+/**
+ * Options for permission checking.
+ */
+type PermissionCheckOptions = {
+    /** If true, any of the permissions being checked will grant access */
+    readonly anyOf?: boolean;
+};
+
+export type { PermissionEngineConfig as P, RoleDefinition as R, UserContext as U, RoleRegistry as a, PermissionCheckResult as b, PermissionCheckOptions as c };

package/dist/types-CSUpaGsY.d.ts

@@ -0,0 +1,76 @@
+/**
+ * Secure Role Guard - Core Types
+ *
+ * Pure TypeScript type definitions for RBAC authorization.
+ * Zero dependencies, zero side effects.
+ */
+/**
+ * Represents the current user's authorization context.
+ * This is the input shape provided by the consuming application.
+ *
+ * @example
+ * const user: UserContext = {
+ *   userId: 'user-123',
+ *   roles: ['admin', 'manager'],
+ *   permissions: ['custom.permission'],
+ *   meta: { tenantId: 'tenant-abc' }
+ * };
+ */
+type UserContext = {
+    /** Optional unique identifier for the user */
+    readonly userId?: string;
+    /** Array of role names assigned to this user */
+    readonly roles?: readonly string[];
+    /** Array of direct permissions granted to this user (bypasses role lookup) */
+    readonly permissions?: readonly string[];
+    /** Optional metadata for tenant/org context or custom data */
+    readonly meta?: Readonly<Record<string, unknown>>;
+};
+/**
+ * Defines a mapping of role names to their granted permissions.
+ *
+ * @example
+ * const roles: RoleDefinition = {
+ *   superadmin: ['*'],
+ *   admin: ['user.read', 'user.update', 'user.delete'],
+ *   viewer: ['user.read', 'report.view']
+ * };
+ */
+type RoleDefinition = Readonly<Record<string, readonly string[]>>;
+/**
+ * Immutable registry of role definitions.
+ * Created by the defineRoles() function.
+ */
+type RoleRegistry = {
+    /** Get permissions for a specific role. Returns empty array if role not found. */
+    readonly getPermissions: (role: string) => readonly string[];
+    /** Check if a role exists in the registry */
+    readonly hasRole: (role: string) => boolean;
+    /** Get all registered role names */
+    readonly getRoleNames: () => readonly string[];
+};
+/**
+ * Configuration options for the permission engine.
+ */
+type PermissionEngineConfig = {
+    /** The role registry to use for permission lookups */
+    readonly roleRegistry: RoleRegistry;
+};
+/**
+ * Result of a permission check.
+ * Simple boolean for now, but structured for future extensibility.
+ */
+type PermissionCheckResult = {
+    readonly allowed: boolean;
+    /** Optional reason for debugging (only in development) */
+    readonly reason?: string;
+};
+/**
+ * Options for permission checking.
+ */
+type PermissionCheckOptions = {
+    /** If true, any of the permissions being checked will grant access */
+    readonly anyOf?: boolean;
+};
+
+export type { PermissionEngineConfig as P, RoleDefinition as R, UserContext as U, RoleRegistry as a, PermissionCheckResult as b, PermissionCheckOptions as c };

package/package.json

@@ -0,0 +1,99 @@
+{
+  "name": "secure-role-guard",
+  "version": "1.0.0",
+  "description": "Zero-vulnerability, framework-agnostic RBAC authorization library for React applications",
+  "author": "Sohel Rahaman",
+  "license": "MIT",
+  "keywords": [
+    "rbac",
+    "authorization",
+    "permissions",
+    "roles",
+    "react",
+    "nextjs",
+    "remix",
+    "gatsby",
+    "astro",
+    "express",
+    "security",
+    "access-control",
+    "enterprise"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Sohel-Rahaman-Developer/secure-role-guard.git"
+  },
+  "homepage": "https://github.com/Sohel-Rahaman-Developer/secure-role-guard#readme",
+  "bugs": {
+    "url": "https://github.com/Sohel-Rahaman-Developer/secure-role-guard/issues"
+  },
+  "main": "./dist/index.js",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "sideEffects": false,
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./core": {
+      "types": "./dist/core/index.d.ts",
+      "import": "./dist/core/index.mjs",
+      "require": "./dist/core/index.js"
+    },
+    "./react": {
+      "types": "./dist/react/index.d.ts",
+      "import": "./dist/react/index.mjs",
+      "require": "./dist/react/index.js"
+    },
+    "./adapters": {
+      "types": "./dist/adapters/index.d.ts",
+      "import": "./dist/adapters/index.mjs",
+      "require": "./dist/adapters/index.js"
+    },
+    "./adapters/express": {
+      "types": "./dist/adapters/express.d.ts",
+      "import": "./dist/adapters/express.mjs",
+      "require": "./dist/adapters/express.js"
+    },
+    "./adapters/nextjs": {
+      "types": "./dist/adapters/nextjs.d.ts",
+      "import": "./dist/adapters/nextjs.mjs",
+      "require": "./dist/adapters/nextjs.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "type-check": "tsc --noEmit",
+    "lint": "eslint src/",
+    "prepublishOnly": "npm run type-check && npm run build"
+  },
+  "peerDependencies": {
+    "react": ">=16.8.0"
+  },
+  "peerDependenciesMeta": {
+    "react": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.0.0",
+    "@types/node": "^20.10.0",
+    "@types/react": "^18.2.0",
+    "eslint": "^9.0.0",
+    "eslint-plugin-security": "^3.0.0",
+    "react": "^18.2.0",
+    "tsup": "^8.0.0",
+    "typescript": "^5.3.0",
+    "typescript-eslint": "^8.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}