Skip to main content

Permissions

The gateway provides a flexible permission system that allows you to define who can access and manipulate data in your project. Permissions are created by combining actions and subjects. Internally, these permissions are further refined with conditions to create a permission set. It is also possible to apply permissions to specific fields.

Actions

Actions are the verbs that define what a user can do with a subject. The following actions are available:

  • manage: Allows the user to perform all actions on the subject.
  • view: Allows the user to view the subject.
  • create: Allows the user to create the subject.
  • update: Allows the user to update the subject.
  • assign: Allows the user to assign something (a specialization of update).
  • delete: Allows the user to delete the subject.
  • watch: Allows the user to watch the subject.
  • clear: Similar to delete, but used for clearing the subject.
  • use: Allows the user to use the subject.

Subjects

Subjects are the objects that users can interact with. The following subjects are available:

  • project: A project houses entities.
  • channel: A channel is a group of entities.
  • entity: An entity is a single data record.
  • pool: A pool is a collection of entities from different projects.
  • notes: Notes are comments that can be added to entities.
  • version: A version is a snapshot of an entity at a specific point in time.

Examples

By combining actions and subjects, we can define permissions.

  • MANAGE Project: Allows a user to manage a project.
  • VIEW Entity: Allows a user to view all entities in a project.
  • USE Channel: Allows a user to use a channel.