Baucis takes the approach that monolithic frameworks are more costly in time and resources to build software with in all but the short term, and only then sometimes. Long live small libraries!
Putting that conversation aside, I'd be very interested to know what advantages there are for you in having ACL built-in vs. using one of the ACL middleware modules that are available through npm.
Requirements for ACL for json fetching/saving and regular rest endpoints are a bit different, so I couldn't find exact fit so far. In most cases you have to define a function, which become too verbose with very little re-usability.
That been said, there are a lot of node.js modules out there and I could simply miss right one. If you could point to a couple you think might play very well with baucis - I would really love it.
In general most of rest/mvc frameworks our there miss this part entirely. I am ok with acl being not part of particular framework as long as there is at least one 'blessed' combination to use.
= pavel karoukin - author of baucis-access plugin :)
Any plans for using Express > 4.x? More and more stuff is targeting Express 4.x these days.