Web Security Update: CASL 2.0 releases!

2 min read

CASL has released a new version 2.0 bringing with it several compelling opportunities for enhancing web app authorization methods.

CASL is an isomorphic authorization JavaScript library which allows you to fix user abilities in the system. It grants you to set permissions in order to access the required resources in the system. You need to define the permissions in a single location since you cannot duplicate them across UI components, API services, and database queries.

Some of the noteworthy changes available in CASL 2.0 are:

Package Refactoring

Refactoring is a process of changing a software system to improve the internal structure of the code without altering the external performance.

The lerna project has refactored CASL 2.0 to monorepo. Because of which MongoDB related functionality is moved into a different package, thus decreasing the core library size.
You can find the core package at casl/ability and MongoDB related functionality at casl/mongoose, while helper function at casl/ability/extra.
You don’t need to worry about updating your dependencies, thanks to renovate bot.

CASL procures Frontend frameworks

CASL now has complementary packages for leading frontend frameworks such as React, Vue, Angular and Aurelia. You can now integrate CASL into different single page applications with ease.
For more details, you can refer the README file for each library:
- CASL Vue package
- CASL React package
- CASL Angular package
- CASL Aurelia package

Set abilities per fields

Now you can set permissions per field of your application. For example if you want certain users with the ability to change the name of the product but not the product description.
You can see suitable form fields for different roles in the admin panel

Demo Examples

If you want demo tutorials as per CASL 2.0 and complementary packages you can visit:

Integrate CASL authorization in Vuejs2 application using CASL and Vue
Integrate CASL authorization in React application using CASL and React
Integrate CASL authorization in Aurelia application using CASL and Aurelia
Integrate CASL authorization in Expressjs application using CASL and Expressjs
Integrate CASL authorization in Feathersjs application using CASL and Feathersjs

If you want to start implementing CASL library in your project or work, you can visit the GitHub page.

Sunith Shetty

Data Science fanatic. Cricket fan. Series Binge watcher. You can find me hooked to my PC updating myself constantly if I am not cracking lame jokes with my team.