Installations

npm install exegesis-plugin-roles

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Min. Node Version

>=6.0.0

Node Version

12.18.3

NPM Version

6.14.7 Pull Requests

Open

7

Total

84

Closed

37

Merged

40

Issues

Open

0

Total

10

Closed

10

Releases

8

v2.0.2

Updated on Aug 11, 2020

v2.0.1

Updated on Dec 15, 2019

v2.0.0

Updated on Jun 16, 2019

v1.0.4

Updated on Mar 28, 2019

v1.0.3

Updated on Sep 05, 2018

v1.0.2

Updated on Jun 13, 2018

View All 8 releases

Languages

2

TypeScript

JavaScript

TypeScript (92.84%)

JavaScript (7.16%)

Developer

exegesis-js

Download Statistics

Total Downloads

34,902

Last Day

1

Last Week

94

Last Month

277

Last Year

3,964

GitHub Statistics

2 Stars

131 Commits

2 Watchers

30 Branches

2 Contributors

Updated on Sep 19, 2022

Bundle Size

45.32 kB

Minified

13.62 kB

Minified + Gzipped

Bundlephobia

Maintainers

1

View All 2 Contributors

Package Meta Information

Latest Version

2.0.2

Package Id

exegesis-plugin-roles@2.0.2

Unpacked Size

17.26 kB

Size

5.62 kB

File Count

5

NPM Version

6.14.7

Node Version

12.18.3

Total Downloads

Cumulative downloads

Total Downloads

34,902

Dependencies

3

json-ptr openapi3-ts semver

Dev Dependencies

20

exegesis-plugin-roles

Description

Adds support for the "x-exegesis-roles" vendor extension, which adds support for restricting which operations are available to which users after they have been authenticated. Authenticators can optionally return "roles" for a user. "x-exegesis-roles" can be specified either as an array of "role" strings, or as an array of such arrays.

For example:

1x-exegesis-roles:
2  - a
3  - b

would only allow access to an operation if a user has both the 'a' and 'b' role, or:

1x-exegesis-roles:
2  - [a]
3  - [b, c]

would only allow access to an operation if a user has the 'a' role, or has both the 'b' and 'c' role.

"x-exegesis-roles" can be defined on the root OpenAPI object, in which case all operations in the document will require those roles. This can be overridden by specifying "x-exegesis-roles" in an individual operation. An empty array indicates a user requires no roles:

1x-exegesis-roles: []

If "x-exegesis-roles" is defined on an operation which has no security requirements defined, this will throw an error.

Roles do not apply to security schemes with the "oauth2" type; scopes apply there instead.

Allowed in:

Installation

1npm install exegesis-plugin-roles

Example

Add this to your Exegesis options:

1import exegesisRolesPlugin from 'exegesis-plugin-roles';
2
3options = {
4    plugins: [
5        exegesisRolesPlugin({
6            // List of all allowed roles.  If you try to use any roles that
7            // aren't in this list in your document, an error will be thrown.
8            allowedRoles: ['user', 'admin', 'ops']
9        })
10    ]
11};

In your OpenAPI 3.x document:

1paths:
2  '/kittens':
3    get:
4        description: Get a list of kittens
5        security:
6            - basicAuth: []
7            - oauth: ['readOnly']
8    post:
9        description: Add a new kitten
10        security:
11            - basicAuth: []
12            - oauth: ['readWrite']
13        x-exegesis-roles: ['admin'] # Only users with the "admin" role may call this.

The "get" operation can only be executed if the request matches one of the two listed security requirements. The "post" operation can only be executed if the security requirements are matched, and the current "user" has the "admin" role.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

0

Maintained

Determines if the project is "actively maintained".

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

License

Determines if the project has defined a license.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

Score

2.6

/10

Last Scanned on 2025-06-30

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

exegesis-plugin-roles

Installations

Developer Guide

Yes

CommonJS

>=6.0.0

12.18.3

6.14.7

Pull Requests

7

84

37

40

Issues

0

10

10

Releases

Languages

Developer

exegesis-js

Download Statistics

GitHub Statistics

Bundle Size

45.32 kB

13.62 kB

Maintainers

Package Meta Information

Total Downloads

34,902

Dependencies

Dev Dependencies

exegesis-plugin-roles

Description

Installation

Example

10

10

0

0

0

0

0

0

0

0

2.6

/10

Weekly Downloads

Monthly Downloads

Yearly Downloads