A comprehensive access control mechanism that manages user permissions through grouped access types.
Permission groups are a fundamental security concept that define and enforce what actions users can perform within the system. They provide a flexible and maintainable way to handle authorization by grouping related access types together.
These groups enable users to:
- Read and write data from collections that match their access types, allowing granular control over database operations
- Execute specific functions that require matching access types, ensuring that sensitive operations are only performed by authorized users
- Perform custom developer-defined actions by validating against the user's access types, enabling extensible permission-based features
Permission groups can be configured as default groups for new users or anonymous groups for unauthenticated access, providing a complete authorization framework.
PermissionGroup
Example
typescript
const group = new PermissionGroup({
title: 'Admin',
isDefault: true,
allowedAccessTypes: ['god_access', 'advanced_settings']
});Constructors
Constructor
new PermissionGroup(
options):PermissionGroup
Creates a new PermissionGroup instance
Parameters
| Parameter | Type | Description |
|---|---|---|
options | { allowedAccessTypes: string[]; isAnonymous: boolean; isDefault: boolean; title: string; } | Configuration options |
options.allowedAccessTypes? | string[] | List of valid permission types |
options.isAnonymous? | boolean | Whether this group is for anonymous users |
options.isDefault? | boolean | Whether this is a default group |
options.title | string | The title of the group |
Returns
PermissionGroup