Progressly Permissions Engine
See the spec for an overview
API v2
definitions
Context
const context = `:`
Actor
const actor = `":`
Action
const action = `:`
Policy:
'context': actor: "policy": "action": true
In English:
This context declares the following rules:
Actor can do action
'context': actor: "policy": "action": contextB
In English:
This context declares the following rules:
Actor can do action if acting in contextB
'context': actor: "role": role
In English:
This context declares the following rules:
Actor is also these actors: ([`${context}:{role}`])
API V2
= true || false
ACTORS
:
SCOPE
:
ACTION
:
"process.read"
POLICIES
:
const policies = "organization:1": // the rules associated with this resource ("organization:1") "organization:1:admin": // this actor ("organization:1:admin") in this resource gets this role/policy "policy": "organization.edit": true // the actor gets this permission ("organization.edit") "organization.delete": true "process:abc": // the rules associated with this resource ("process:abc") "user:1:self": "roles": "owner" // this actor ("user:1:self") gets these roles (["process:abc:owner"]) "team:1:admin": "policies": // this actor ("team:1:admin") gets this policy (custom policy) "execution.read": "team:*" // the actor gets this permission ("execution.read") if any context in scope matches "team:*" "team:1:member": "policies": "execution.read": "team:1" // the actor gets this permission ("execution.read") if any context in scope matches "team:1" "execution:123": {} // there are no rules associated with this resource ("execution 123")