Access control - rest
Access control works at two levels
- Permissions - Simple read/write permissions for user defined roles
- See the usage and examples below
- ACL - Url permissions for user defined roles and HTTP request type
- We use
aclpackage please refer https://www.npmjs.com/package/acl
- We use
Permission set - cli
- model_name - Name of the model you want to set permissions, can be multiple model names
$would be apply to all the models.
- role_type - Role type to update. Wildcard
$would be apply to all the role types.
- permissions - Permissions can be multiple by default it will uses value as
1, To use specific value use
=followed by the value.
Permission get - cli
- model_name - Name of the model you want to get permissions.
Explained with examples with policy.js and api output snapshot
Initial value of city.policy.js
After executing xc permissions.set city guest post=0 (blocking post method to guest user)
Access control workflow - REST API
- role_type - new role type name.
- old_role_type - old role type name.
- new_role_type - new role type name.
- role_type - name of role type to delete.
GUI Based ACL
In addition to CLI based ACL management, users can also update access using the GUI application. A simple table-based UI which helps users to enable/disable access by simply toggling the checkbox. It will be available for each table and updated in the corresponding policy file.
Subscribe to Our Newsletter
Let us stretch your imagination