Options
All
  • Public
  • Public/Protected
  • All
Menu

Module permissions

Index

Interfaces

Type aliases

Variables

Functions

Type aliases

GroupName

GroupName: "anyone" | "guests" | "visitors" | "members" | "owners" | "admins" | string

Variables

Const adminsGroup

adminsGroup: "admins" = "admins"

Admins

Const anyoneGroup

anyoneGroup: "anyone" = "anyone"

Any user, connected or not

Const membersGroup

membersGroup: "members" = "members"

Any connected user

Const ownersGroup

ownersGroup: "owners" = "owners"

User that owns the current document (document.userId is equal to currentUser._id)

Const visitorsGroup

visitorsGroup: "visitors" = "visitors"

Visitors that are NOT connected

Functions

Const canCreateDocument

  • canCreateDocument(options: CanActionOnDocumentOptions): any

  • Parameters

    • options: CanActionOnDocumentOptions

    Returns any

Const canCreateField

  • canCreateField(user: VulcanUser, field: Pick<VulcanFieldSchema<any>, "canCreate">): any
  • summary

    Check if a user can submit a field

    Parameters

    • user: VulcanUser

      The user performing the action

    • field: Pick<VulcanFieldSchema<any>, "canCreate">

      The field being edited or inserted

    Returns any

Const canDeleteDocument

  • canDeleteDocument(options: CanActionOnDocumentOptions): any

  • Parameters

    • options: CanActionOnDocumentOptions

    Returns any

Const canFilterDocument

  • canFilterDocument(user: VulcanUser, model: VulcanModel<VulcanSchema<AnyObject>>, fields: string[], document: VulcanDocument): boolean

  • Check if user was allowed to filter this document based on some fields

    Parameters

    • user: VulcanUser

      The user performing the action

    • model: VulcanModel<VulcanSchema<AnyObject>>
    • fields: string[]

      The list of filtered fields

    • document: VulcanDocument

      The retrieved document

    Returns boolean

Const canReadDocument

  • canReadDocument(options: CanActionOnDocumentOptions): any

  • Parameters

    • options: CanActionOnDocumentOptions

    Returns any

Const canReadField

  • canReadField(user: null | VulcanUser, field: Pick<VulcanFieldSchema<any>, "canRead">, document?: Object): any
  • summary

    Check if a user can view a field

    Parameters

    • user: null | VulcanUser

      The user performing the action

    • field: Pick<VulcanFieldSchema<any>, "canRead">

      The full document of the collection

    • Optional document: Object

    Returns any

    • true if the user can read the field, false if not

Const canUpdateDocument

  • canUpdateDocument(options: CanActionOnDocumentOptions): any

  • Parameters

    • options: CanActionOnDocumentOptions

    Returns any

Const canUpdateField

  • canUpdateField(user: VulcanUser, field: Pick<VulcanFieldSchema<any>, "canUpdate">, document: VulcanDocument): any
  • function

    Check if a user can edit a field

    Parameters

    • user: VulcanUser

      The user performing the action

    • field: Pick<VulcanFieldSchema<any>, "canUpdate">

      The field being edited or inserted

    • document: VulcanDocument

      The document being edited or inserted

    Returns any

Const checkFields

  • checkFields(user: null | VulcanUser, model: VulcanModel<VulcanSchema<AnyObject>>, fields: any[]): boolean
  • summary

    Check if a user can access a list of fields

    Parameters

    • user: null | VulcanUser

      The user performing the action

    • model: VulcanModel<VulcanSchema<AnyObject>>
    • fields: any[]

      The list of fields

    Returns boolean

Const getDocumentBasedPermissionFieldNames

  • getDocumentBasedPermissionFieldNames(model: VulcanModel<VulcanSchema<AnyObject>>): string[]

  • Retrieve fields that needs the document to be already fetched to be checked, and not just the user => owners permissions, custom permissions etc.

    Parameters

    • model: VulcanModel<VulcanSchema<AnyObject>>

    Returns string[]

Const getGroups

  • getGroups(user: undefined | null | VulcanUser, document?: null | VulcanDocument): string[]
  • summary

    get a list of a user's groups

    Will include Vulcan dynamic groups

    Parameters

    • user: undefined | null | VulcanUser
    • Optional document: null | VulcanDocument

    Returns string[]

Const getUserReadableFields

  • getUserReadableFields(user: null | VulcanUser, model: VulcanModel<VulcanSchema<AnyObject>>, document?: VulcanDocument): string[]

  • Get fields that the user can read in this model

    NOTE: to get all readable fields of the schema, without filtering depending on permissions, see @vulcanjs/schema "getReadableField"

    Parameters

    • user: null | VulcanUser
    • model: VulcanModel<VulcanSchema<AnyObject>>
    • Optional document: VulcanDocument

    Returns string[]

Const isAdmin

  • isAdmin(user: undefined | null | VulcanUser): boolean
  • summary

    Check if a user is an admin

    Parameters

    Returns boolean

Const isDocumentBasedPermissionField

  • isDocumentBasedPermissionField(field: Pick<VulcanFieldSchema<any>, "canRead">): any

  • Check if field canRead include a permission that needs to be checked against the actual document and not just from the user

    Parameters

    • field: Pick<VulcanFieldSchema<any>, "canRead">

    Returns any

Const isMemberOf

  • isMemberOf(user: undefined | null | VulcanUser, groupOrGroups: string | string[], document?: null | VulcanDocument): boolean
  • summary

    check if a user is a member of a group

    Parameters

    • user: undefined | null | VulcanUser
    • groupOrGroups: string | string[]
    • Optional document: null | VulcanDocument

    Returns boolean

Const owns

  • owns(user: null | VulcanUser, document: VulcanDocument): boolean
  • summary

    Check if a user owns a document

    Parameters

    • user: null | VulcanUser
    • document: VulcanDocument

      The document to check (post, comment, user object, etc.)

    Returns boolean

Const permissionCheck

  • permissionCheck(options: { check: string | string[] | PermissionChecker } & { context?: any; document?: null | VulcanDocument; operationName?: string; user?: null | (VulcanDocument & { groups: string[] }) }): boolean
  • function

    Check if a user passes a permission check

    Breaking change compared to Vulcan Meteor: now if the permission check is a function, it also applies to the admin (previously, admins would bypass all checks)

    Parameters

    • options: { check: string | string[] | PermissionChecker } & { context?: any; document?: null | VulcanDocument; operationName?: string; user?: null | (VulcanDocument & { groups: string[] }) }

    Returns boolean

Const restrictDocument

  • restrictDocument(document: VulcanDocument, schema: VulcanSchema<AnyObject>, currentUser: null | VulcanUser): VulcanDocument

  • Remove restricted fields from a document

    Parameters

    • document: VulcanDocument
    • schema: VulcanSchema<AnyObject>
    • currentUser: null | VulcanUser

    Returns VulcanDocument

Const restrictDocuments

  • restrictDocuments(__namedParameters: { documents: VulcanDocument[]; model: VulcanModel<VulcanSchema<AnyObject>>; user: VulcanUser }): ArrayOrSingle<VulcanDocument>
  • summary

    For a given of documents, keep only documents and fields viewable by current user (new APIs)

    Parameters

    • __namedParameters: { documents: VulcanDocument[]; model: VulcanModel<VulcanSchema<AnyObject>>; user: VulcanUser }
      • documents: VulcanDocument[]
      • model: VulcanModel<VulcanSchema<AnyObject>>
      • user: VulcanUser

        The user performing the action

    Returns ArrayOrSingle<VulcanDocument>

Const restrictViewableFields

  • restrictViewableFields(user: any, model: VulcanModel<VulcanSchema<AnyObject>>, docOrDocs: ArrayOrSingle<VulcanDocument>): ArrayOrSingle<VulcanDocument>
  • summary

    For a given document or list of documents, keep only fields viewable by current user

    Parameters

    • user: any

      The user performing the action

    • model: VulcanModel<VulcanSchema<AnyObject>>
    • docOrDocs: ArrayOrSingle<VulcanDocument>

    Returns ArrayOrSingle<VulcanDocument>

Generated using TypeDoc