Permissions

To allow a seamless collaborative workflow, users can define and assign permissions to each role created. This allows different to have different privileges or different API credentials to be granted different permissions on CRUD operations at the single resource level.

Each permission is role and subject-specific, meaning that to you need to associate it with a role and specify the single resource involved. For that resource you can define the allowed actions by setting the 4 CRUD boolean attributes (which can be changed at any time):

• can_read

• can_create

• can_update

• can_delete

If you want to create a set of permissions involving different resources, you need to create a permission for each resource, associated with the same role.

When fetching a permission, you can check if additional restrictions have been applied by inspecting the restrictions object.