Cerbos JavaScript SDK
    Preparing search index...

    Class ClientAbstract

    Base implementation of a client for interacting with the Cerbos policy decision point server.

    Hierarchy (View Summary)

    Index

    Methods

    addOrUpdatePolicies addOrUpdateSchemas checkHealth checkResource checkResources deleteSchema deleteSchemas disablePolicies disablePolicy enablePolicies enablePolicy getAccessLogEntry getDecisionLogEntry getPolicies getPolicy getSchema getSchemas inspectPolicies isAllowed listAccessLogEntries listDecisionLogEntries listPolicies listSchemas planResources reloadStore serverInfo withPrincipal

    Methods

    • Add policies, or update existing policies.

      Parameters

      Returns Promise<void>

      Requires

      Create a policy in code:

      await cerbos.addOrUpdatePolicies({
        policies: [{
          resourcePolicy: {
            resource: "document",
            version: "1",
            rules: [{
              actions: ["*"],
              effect: Effect.ALLOW,
              roles: ["ADMIN"],
            }],
          },
        }],
      });

      Load a policy from a YAML or JSON file with readPolicy:

      import { readPolicy } from "@cerbos/files";

      await cerbos.addOrUpdatePolicies({
        policies: [await readPolicy("path/to/policy.yaml")],
      });

      Load policies and schemas from a directory with readDirectory:

      import { readDirectory } from "@cerbos/files";

      const { policies, schemas } = await readDirectory("path/to/directory");

      await cerbos.addOrUpdateSchemas({ schemas });
      await cerbos.addOrUpdatePolicies({ policies });

    • Add schemas to be used for validating principal or resource attributes, or update existing schemas.

      Parameters

      Returns Promise<void>

      Requires

      Create a schema in code:

      await cerbos.addOrUpdateSchemas({
        schemas: [{
          id: "document.json",
          definition: {
            type: "object",
            properties: {
              owner: { type: "string" }
            }
          },
        }],
      });

      Load a schema from a JSON file with readSchema:

      import { readSchema } from "@cerbos/files";

      await cerbos.addOrUpdateSchemas({
        schemas: [await readSchema("_schemas/path/to/schema.json")],
      });

      Load policies and schemas from a directory with readDirectory:

      import { readDirectory } from "@cerbos/files";

      const { policies, schemas } = await readDirectory("path/to/directory");

      await cerbos.addOrUpdateSchemas({ schemas });
      await cerbos.addOrUpdatePolicies({ policies });

    • Delete a schema.

      Parameters

      Returns Promise<boolean>

      Requires

      The way this method handles failure depends on the version of the connected PDP server. When the server is running Cerbos v0.25 or later, it returns true if the schema was deleted and false if the schema was not found. With earlier versions of Cerbos, it throws an error if the schema was not found, and returns successfully if the schema was deleted; the returned value should be ignored.

      const deleted = await cerbos.deleteSchema("document.json");

    Settings

    Member Visibility

    On This Page

    Methods