Web Security Update: CASL 2.0 releases!

CASL has released a new version 2.0 bringing with it several compelling opportunities for enhancing web app authorization methods.

CASL is an isomorphic authorization JavaScript library which allows you to fix user abilities in the system. It grants you to set permissions in order to access the required resources in the system. You need to define the permissions in a single location since you cannot duplicate them across UI components, API services, and database queries.

Some of the noteworthy changes available in CASL 2.0 are:

Package Refactoring

Refactoring is a process of changing a software system to improve the internal structure of the code without altering the external performance.

The lerna project has refactored CASL 2.0 to monorepo. Because of which MongoDB related functionality is moved into a different package, thus decreasing the core library size.

You can find the core package at casl/ability and MongoDB related functionality at casl/mongoose, while helper function at casl/ability/extra.

You don’t need to worry about updating your dependencies, thanks to renovate bot.

CASL procures Frontend frameworks

CASL now has complementary packages for leading frontend frameworks such as React, Vue, Angular and Aurelia. You can now integrate CASL into different single page applications with ease.

For more details, you can refer the README file for each library:
- CASL Vue package
- CASL React package
- CASL Angular package
- CASL Aurelia package

Set abilities per fields

Now you can set permissions per field of your application. For example if you want certain users with the ability to change the name of the product but not the product description.