SudoSOS Back-end API / rbac
rbac ​
This is the module page of the role.
Classes ​
| Class | Description |
|---|---|
| AssignedRole | The AssignedRole entity represents the many-to-many relationship between users and roles in the Role-Based Access Control (RBAC) system. This entity allows individual users to be assigned specific roles, granting them the permissions associated with those roles. |
| DefaultRoles | Static class defining all default roles present in SudoSOS. These roles are hardcoded and cannot be changed by the user. They should only contain basic functionality that is bound to one or more types of users. |
| Permission | - |
| RbacController | The BaseController class is responsible for: - Storing route definitions. - Generating router objects based on the policy. |
| RBACService | - |
| Role | - |
| RoleManager | The role manager is responsible for the management of registered roles in the system, and performing access checks based on user roles and user access. |
| RoleUserType | The RoleUserType entity represents the many-to-many relationship between user types and roles in the Role-Based Access Control (RBAC) system. This entity enables automatic role assignment based on a user's type. |
Interfaces ​
| Interface | Description |
|---|---|
| ActionDefinition | The action definition interface defines a mapping from ownership relation of the subject entity to the allowed attributes. Typical ownership relations are 'own', 'created', and 'all'. |
| ActionResponse | - |
| CreatePermissionParams | - |
| EntityDefinition | The entity definition interface defines a mapping from actions to the action definitions belonging to these actions. Action names typically are the CRUD values 'create', 'read', 'update', and 'delete'. |
| PermissionDefinition | The permission definition interface defines a mapping from entity subject names to entity definitions. The name of the entity describes the object for which CRUD permissions are checked. |
| PermissionResponse | - |
| PermissionRule | - |
| RelationResponse | - |
| RoleDefinition | A role definition contains a unique name, permission definitions, and an assignment predicate which determines if a supplied user has the role. |
| RoleDefinitions | The role definitions interface defines a mapping from role names to role definitions. In this mapping, all role definition objects should have the same name as the key used in this mapping. |
| RoleResponse | - |
| UpdateRoleRequest | - |
Type Aliases ​
| Type Alias | Description |
|---|---|
| AllowedAttribute | The allowed attribute is a string defining what attributes/properties of the entity are allowed to be accessed. |
| AssignmentCheck | The assignment check is a predicate performed on a user to determine whether or not the user has the given role. This predicate could perform database queries or other API calls, but should resolve swiftly as it delays login requests et cetera. |
Variables ​
| Variable | Description |
|---|---|
| SELLER_ROLE | - |