@arche-cms/permissions
v0.1.5
Published
Role-based access control (RBAC) engine for Arche CMS. Supports role management and field-level permissions.
Readme
@arche-cms/permissions
Role-based access control (RBAC) engine for Arche CMS. Supports role management and field-level permissions.
Installation
yarn add @arche-cms/permissionsUsage
Access Control
import { AccessControl } from "@arche-cms/permissions";
const ac = new AccessControl(adapter);
await ac.init();
// Check if user can perform an action
const allowed = await ac.can(userId, "update", "posts");Role Management
// Create a role
await ac.createRole({
name: "editor",
description: "Can edit content",
permissions: [
{ action: "create", resource: "posts" },
{ action: "update", resource: "posts" },
{ action: "read", resource: "posts" },
],
});
// Assign role to user
await ac.assignRole(userId, roleId);Field-Level Permissions
import { filterFields, resolveFieldPermissions } from "@arche-cms/permissions";
// Filter sensitive fields based on user permissions
const allowedFields = filterFields(fields, userPermissions, "read");
// Resolve which fields a user can read/write
const fieldPermissions = resolveFieldFields(userPermissions, "posts");