Get Started in 5 Minutes
Quick Start Guide
Get up and running with ABAC in minutes. Choose your path based on your needs.
Path 1: Policy Evaluation
Use abac-engine to evaluate policies and make authorization decisions in your backend.
Path 2: Policy Administration
Use @devcraft-ts/abac-admin to build policy management UIs with React hooks and components.
Path 1: Using abac-engine
Evaluate policies in your Node.js backend
1
Install the package
npm install abac-engine
2
Create a policy
import {
PolicyBuilder,
ConditionBuilder,
AttributeRef
} from 'abac-engine'
const policy = PolicyBuilder
.create('document-access')
.version('1.0.0')
.permit()
.description('Users can access their own documents')
.condition(
ConditionBuilder.equals(
AttributeRef.subject('id'),
AttributeRef.resource('ownerId')
)
)
.build()3
Initialize the engine
import { ABACEngine, CombiningAlgorithm } from 'abac-engine'
const engine = new ABACEngine({
policies: [policy],
combiningAlgorithm: CombiningAlgorithm.DenyOverrides
})4
Evaluate a request
const decision = await engine.evaluate({
subject: {
id: 'user-123',
attributes: { department: 'Engineering' }
},
resource: {
id: 'doc-456',
attributes: { ownerId: 'user-123' }
},
action: { id: 'read' }
})
if (decision.decision === 'Permit') {
// Allow access
console.log('Access granted!')
} else {
// Deny access
console.log('Access denied')
}You're all set!
You can now evaluate policies in your application. Check out the examples for more advanced use cases.
OR
Path 2: Using @devcraft-ts/abac-admin
Build policy management UI with React
1
Install the package
# For headless hooks npm install @devcraft-ts/abac-admin-react # Or for pre-built UI npm install @devcraft-ts/abac-admin-react-ui
2
Setup the provider
import { ABACProvider } from '@devcraft-ts/abac-admin-react'
function App() {
return (
<ABACProvider
config={{
baseURL: '/api/abac'
}}
>
<PolicyManager />
</ABACProvider>
)
}3
Use the hooks
import { usePolicies } from '@devcraft-ts/abac-admin-react'
function PolicyManager() {
const { policies, isLoading, createPolicy } = usePolicies()
if (isLoading) return <div>Loading...</div>
return (
<div>
<h2>Policies ({policies.length})</h2>
{policies.map(policy => (
<div key={policy.id}>
<h3>{policy.policyId}</h3>
<p>{policy.description}</p>
</div>
))}
</div>
)
}4
Create policies programmatically
await createPolicy({
policyId: 'user-access',
version: '1.0.0',
effect: 'PERMIT',
description: 'Allow users to access resources',
conditions: {
type: 'equals',
left: { category: 'subject', key: 'role' },
right: 'user'
},
isActive: true,
category: 'access',
tags: ['user', 'read'],
createdBy: 'admin'
})Ready to build!
You now have a working policy management UI. Explore the React hooks documentation for more features.
Using Both Together
In production, you'll typically use both packages:
Backend (Node.js/Next.js API)
Use abac-engine to evaluate policies
→ Evaluate requests
→ Make authorization decisions
→ Enforce access control
→ Make authorization decisions
→ Enforce access control
Frontend (React/Next.js)
Use @devcraft-ts/abac-admin for policy management
→ Create/edit policies
→ Manage attributes
→ View audit logs
→ Manage attributes
→ View audit logs