@strapi/permissions v4.24.1
Strapi Permissions
Highly customizable permission engine made for Strapi
Get Started
yarn add @strapi/permissions
const permissions = require('@strapi/permissions');
const engine = permissions.engine.new({ providers });
const ability = await engine.generateAbility([
{ action: 'read' },
{ action: 'delete', subject: 'foo' },
{ action: 'update', subject: 'bar', properties: { fields: ['foobar'] } },
{
action: 'create',
subject: 'foo',
properties: { fields: ['foobar'] },
conditions: ['isAuthor'],
},
]);
ability.can('read'); // true
ability.can('publish'); // false
ability.can('update', 'foo'); // false
ability.can('update', 'bar'); // true
- You need to give both an action and a condition provider as parameters when instantiating a new permission engine instance. They must be contained in a
providers
object property. - You can also pass an
abilityBuilderFactory
to customize what kind of ability thegenerateAbility
method will return. By default it'll use a@casl/ability
builder.
You can also register to some hooks for each engine instance.
See lib/engine/hooks.js
-> createEngineHooks
for available hooks.
const permissions = require('@strapi/permissions');
const engine = permissions.engine
.new({ providers })
.on('before-format::validate.permission', ({ permission }) => {
if (permission.action === 'read') {
return false;
}
});
const ability = await engine.generateAbility([
{ action: 'read' },
{ action: 'delete', subject: 'foo' },
{ action: 'update', subject: 'bar', properties: { fields: ['foobar'] } },
{
action: 'create',
subject: 'foo',
properties: { fields: ['foobar'] },
conditions: ['isAuthor'],
},
]);
ability.can('read'); // false since the validation hook prevents the engine from registering the permission
ability.can('publish'); // false
ability.can('update', 'foo'); // false
ability.can('update', 'bar'); // true
The format.permission
hook can be used to modify the permission.
const permissions = require('@strapi/permissions');
const engine = permissions.engine
.new({ providers })
.on('before-format::validate.permission', ({ permission }) => {
if (permission.action === 'modify') {
return false;
}
})
.on('after-format::validate.permission', ({ permission }) => {
if (permission.action === 'update') {
return false;
}
})
.on('format.permission', ({ permission }) => {
if (permission.action === 'update') {
return {
...permission,
action: 'modify',
};
}
if (permission.action === 'delete') {
return {
...permission,
action: 'remove',
};
}
return permission;
});
const ability = await engine.generateAbility([{ action: 'update' }, { action: 'delete' }]);
ability.can('update'); // false
ability.can('modify'); // true, because create was changed to 'modify'
ability.can('delete'); // false, doesn't exist because it was changed by format.permission
ability.can('remove'); // true, before-format::validate.permission validates before format.permission changed it
3 days ago
3 days ago
4 days ago
11 days ago
11 days ago
18 days ago
18 days ago
19 days ago
25 days ago
24 days ago
30 days ago
1 month ago
1 month ago
1 month ago
1 month ago
1 month ago
1 month ago
1 month ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
3 months ago
3 months ago
3 months ago
3 months ago
4 months ago
4 months ago
4 months ago
4 months ago
4 months ago
4 months ago
5 months ago
5 months ago
5 months ago
7 months ago
6 months ago
7 months ago
7 months ago
7 months ago
7 months ago
10 months ago
10 months ago
7 months ago
8 months ago
8 months ago
8 months ago
8 months ago
8 months ago
8 months ago
10 months ago
10 months ago
8 months ago
8 months ago
8 months ago
10 months ago
6 months ago
5 months ago
6 months ago
6 months ago
10 months ago
6 months ago
6 months ago
6 months ago
6 months ago
6 months ago
6 months ago
6 months ago
6 months ago
6 months ago
8 months ago
5 months ago
10 months ago
10 months ago
10 months ago
8 months ago
9 months ago
9 months ago
9 months ago
10 months ago
9 months ago
9 months ago
9 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
9 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
7 months ago
8 months ago
8 months ago
8 months ago
6 months ago
6 months ago
6 months ago
6 months ago
10 months ago
10 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
12 months ago
11 months ago
12 months ago
11 months ago
11 months ago
11 months ago
12 months ago
12 months ago
12 months ago
11 months ago
12 months ago
12 months ago
12 months ago
11 months ago
12 months ago
11 months ago
12 months ago
1 year ago
12 months ago
12 months ago
12 months ago
11 months ago
11 months ago
12 months ago
12 months ago
12 months ago
12 months ago
12 months ago
12 months ago
12 months ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
2 years ago
1 year ago
1 year ago
2 years ago
2 years ago
1 year ago
2 years ago
2 years ago
1 year ago
2 years ago
1 year ago
1 year ago
1 year ago
1 year ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago