cowch/lst_v3
1
0
Fork 0
Code Issues 20 Pull Requests Actions Packages Projects Releases 10 Wiki Activity
Files
2f495739e653c462eff7f10ff6343d9572f25563
lst_v3/backend/utils/auth.permissions.ts

72 lines
2.2 KiB
TypeScript
Raw Blame History

import { createAccessControl } from "better-auth/plugins/access";
import { adminAc, defaultStatements } from "better-auth/plugins/admin/access";
export const statement = {
...defaultStatements,
app: ["read", "create", "update", "delete", "readAll"],
quality: ["read", "create", "update", "delete", "readAll"],
logistics: ["read", "create", "update", "delete", "readAll"],
mobile: ["read", "create", "update", "delete", "readAll"],
openDock: ["read", "create", "update", "delete"],
warehouse: ["read", "create", "update", "delete"],
notifications: ["read", "create", "update", "delete", "readAll"],
} as const;
export const ac = createAccessControl(statement);
export const user = ac.newRole({
app: ["read", "create"],
notifications: ["read", "create"],
openDock: ["read"],
warehouse: ["read"],
});
export const manager = ac.newRole({
app: ["read", "create", "update"],
mobile: ["read", "create", "update"],
openDock: ["read", "create", "update"],
warehouse: ["read", "create"],
});
export const transport = ac.newRole({
app: ["read", "create", "update"],
openDock: ["read", "create", "update"],
warehouse: ["read", "create"],
});
export const admin = ac.newRole({
app: ["read", "create", "update"],
mobile: ["read", "create", "update"],
user: ["create", "update", "ban"],
openDock: ["read", "create", "update"],
warehouse: ["read", "create", "update"],
});
export const systemAdmin = ac.newRole({
...adminAc.statements,
app: ["read", "create", "update", "delete", "readAll"],
quality: ["read", "create", "update", "delete", "readAll"],
mobile: ["read", "create", "update", "delete", "readAll"],
logistics: ["read", "create", "update", "delete", "readAll"],
notifications: ["read", "create", "update", "delete", "readAll"],
warehouse: ["read", "create", "update", "delete"],
openDock: ["read", "create", "update", "delete"],
});
/* example usage
const canCreateProject = await authClient.admin.hasPermission({
permissions: {
project: ["create"],
},
});
// You can also check multiple resource permissions at the same time
const canCreateProjectAndCreateSale = await authClient.admin.hasPermission({
permissions: {
project: ["create"],
sale: ["create"]
},
});
*/
Reference in New Issue View Git Blame Copy Permalink