Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage.

Cerbos Community

const { GRPC } = require("@cerbos/grpc");

_// The Cerbos PDP instance_
const cerbos = new GRPC("localhost:3593", {
    tls: false,
});

const SHOW_PDP_REQUEST_LOG = false;

module.exports = async (user, action, resourceAtrr = {}) =&gt; {


    const cerbosObject = {
        principal: {
            id: user.id+ "" || "0",
            policyVersion: "default",
            roles: [user?.role || "unknown"],
            attributes: user,
        },

        resource: {
            kind: "blogpost",
            policyVersion: "default",
            id: resourceAtrr?.id + "" || "new",
            attributes: resourceAtrr,
        },

        actions: [action],
    };


    SHOW_PDP_REQUEST_LOG &amp;&amp;
    console.log("cerbosObject \n", JSON.stringify(cerbosObject, null, 4));

    const cerbosCheck = await cerbos.checkResource(cerbosObject);

    const isAuthorized = cerbosCheck.isAllowed(action);

    if (!isAuthorized)

        throw new Error("You are not authorized to visit this resource");
    return true;
};