Finds the permissions of a resource as defined in the corresponding ACL resource. Does not make any deductions such as checking parent containers for create permissions or applying control permissions for ACL resources.

Specific access checks are done by the provided AccessChecker.




accessChecker: AccessChecker
aclStore: ResourceStore
identifierStrategy: IdentifierStrategy
logger: Logger = ...
resourceSet: ResourceSet


  • Determines the available permissions for the given credentials. Will deny all permissions if credentials are not defined


    • acl: Store<Quad, Quad, Quad, Quad>

      Store containing all relevant authorization triples.

    • Optional credential: Credential

      Credentials to find the permissions for.

    Returns Promise<AclPermission>

  • Extracts all rules from the store that are relevant for the given target, based on either the acl:accessTo or acl:default predicates.


    A store containing the relevant triples for the given target.


    • store: Store<Quad, Quad, Quad, Quad>

      Store to filter.

    • target: string

      The identifier of which the acl rules need to be known.

    • directAcl: boolean

      If the store contains triples from the direct acl resource of the target or not. Determines if acl:accessTo or acl:default are used.

    Returns Promise<Store<Quad, Quad, Quad, Quad>>