Skip to main content

Role Permissions

View Role Hierarchy Diagram

Role has a self-referencing relation, and they form a DAG (Directed Acyclic Graph). Most commonly they form a hierarchy tree that somewhat resembles an organization chart.

A simple tree example:

admin <- manager <- public
                 <- ...etc.

Update Role Permission

Each role has their own set of permissions. On runtime, the engine will walk the role hierarchy and take the union of all permissions of the sub-graph.

The actions we can perform on resources. There are 4 basic permissions, select, insert, update and delete. You can define more for your application.

Admin

Manager

Public