Can
Mostly in Admin Panel there is different roles and according to that each role have different access of routes or functionally.
To achieve this we usually write too many condition get it through.
In this package include methods like hasAccessOf, hasAccessTo, Can which will help you to make you project role based.
For role base structure we use permission object to check if user has acces of it or not. permission object is structured like below,
const permission = {
[moduleName]: [
'functionality'
]
}
for example,
const permission = {
user: [
'list',
'add',
'update',
'delete',
],
design: [
'list',
'add',
'update',
],
}
here, above example contains permsions of two modules user
and design
. we can see that user has add
, update
, list
, delete
functionality access and same for design
except delete
.
hasAccessOf
- to check access of module.
for example,
const permission = {
user: [
'list',
'add',
'update',
'delete',
],
design: [
'list',
'add',
'update',
],
}
const userAccess = hasAccessOf(permission, 'user')
// true
const dahsboardAccess = hasAccessOf(permission, 'dashbaord')
// false
hasAccessTo
- to check access of functionality of module.
const permission = {
user: [
'list',
'add',
'update',
'delete',
],
design: [
'list',
'add',
'update',
],
}
const addUserAccess = hasAccessTo(permission, 'user', 'add')
// true
const deleteDesignAccess = hasAccessTo(permission, 'design', 'delete')
// false
Can
- to conditionally render JSX based on permission. it's same as hasAccessTo but make your code looks better in JSX.
const permission = {
user: [
'list',
]
}
const addUserAccess = hasAccessTo(permission, 'user', 'add')
// true
// you can use it in JSX like
...
return (
<div>
{addUserAccess && <Button>Add</Button>}
</div>
)
...
// better way,
...
return (
<div>
<Can permissions={permission} module="user" mode="add">
<Button>Add</Button>
</Can>
</div>
)
...
Config
-
you can now define config to disable checking for access
-
just add below code in top level component
import { setConfig } from '@knovator/can';
setConfig({
turnOff: true
}) // this will not check for access and allow it all.