WayrApp Backend & Ecosystem Documentation - v1.0.0
    Preparing search index...

    Variable PERMISSIONSConst

    PERMISSIONS: {
        student: readonly [
            "read:courses",
            "read:own_progress",
            "update:own_progress",
            "update:own_profile",
        ];
        content_creator: readonly [
            "read:courses",
            "read:own_progress",
            "update:own_progress",
            "update:own_profile",
            "create:content",
            "update:content",
            "read:analytics",
        ];
        admin: readonly [
            "read:courses",
            "read:own_progress",
            "update:own_progress",
            "update:own_profile",
            "create:content",
            "update:content",
            "read:analytics",
            "delete:content",
            "manage:users",
            "read:all_progress",
        ];
    } = ...

    Permission-Based Access Control System

    Defines granular permissions for each user role, enabling fine-grained access control beyond simple role-based authorization. This system allows for more precise security policies where specific actions can be controlled independently of user roles.

    The permission system follows a hierarchical structure where higher-level roles inherit permissions from lower-level roles and add additional capabilities:

    • Students: Basic read access to courses and own data
    • Content Creators: Student permissions plus content creation and analytics
    • Admins: All permissions including user management and system administration

    Permission mappings for each user role

    Type declaration

    • Readonlystudent: readonly [
          "read:courses",
          "read:own_progress",
          "update:own_progress",
          "update:own_profile",
      ]
    • Readonlycontent_creator: readonly [
          "read:courses",
          "read:own_progress",
          "update:own_progress",
          "update:own_profile",
          "create:content",
          "update:content",
          "read:analytics",
      ]
    • Readonlyadmin: readonly [
          "read:courses",
          "read:own_progress",
          "update:own_progress",
          "update:own_profile",
          "create:content",
          "update:content",
          "read:analytics",
          "delete:content",
          "manage:users",
          "read:all_progress",
      ]
    // Check if a role has a specific permission
    const userPermissions = PERMISSIONS[userRole];
    const canCreateContent = userPermissions.includes('create:content');

    // Permission naming convention: action:resource
    // read:courses - Can read course information
    // create:content - Can create new content
    // manage:users - Can manage user accounts
    // update:own_profile - Can update own profile only

    Settings

    Member Visibility