AccessControl
AccessControl
is used to conditionally render other components (which we call access-controlled components) based on user permissions and other conditions. This component is intended to be used in complex cases (such as when requirements includes multiple types of permissions, e.g. an entity permission and a specific permission). In most cases simpler components should be used instead:
-
EntityPermAccessControl when condition involves a single entity operation permission.
-
AttrPermAccessControl when condition involves a single entity attribute permission.
-
SpecificPermAccessControl when condition involves one or more specific permissions.
Use this component either by wrapping access-controlled components in it:
<AccessControl modifyReqs={{entityReqs: [{entityName: 'scr$Car'}]}}>
<button>Do Something</button>
</AccessControl>
or by providing a render prop:
<AccessControl modifyReqs={{entityReqs: [{entityName: 'scr$Car'}]}}
render={disabled => <button disabled={disabled}>Do Something</button>}
/>
If both are provided, render prop takes precedence.
In either case to define the requirements use displayReqs
and modifyReqs
props.
displayReqs
contains the requirements that shall be fulfilled in order for access-controlled components to be rendered. If these requirements are not met then AccessControl
won’t render anything. If displayReqs
is missing, then access-controlled components will always be rendered.
modifyReqs
contains requirements that shall be fulfilled in order for rendered access-controlled components to be modifiable (i.e. to not be disabled). If these requirements are not met then AccessControl
will disable the access-controlled components:
-
If render prop is used, it will receive
true
as itsdisabled
parameter. -
Otherwise a prop with name
disabled
(can be configured viadisabledPropName
prop) and valuetrue
(can be configured viadisabledPropValue
prop) will be passed to each child.
Both displayReqs
and modifyReqs
are of the same type:
{
entityReqs: [
{entityName: 'scr$Car', operation: 'create' as const},
{entityName: 'scr$Garage', operation: 'read' as const}
],
attrReqs: [
{entityName: 'scr$Car', attrName: 'manufacturer', requiredAttrPerm: 'MODIFY' as const},
{entityName: 'scr$Garage', attrName: 'name', requiredAttrPerm: 'VIEW' as const}
],
specificReqs: [
'cuba.restApi.fileUpload.enabled',
'some.custom.specific.permission'
],
customReqs: () => {
// Some custom logic here.
return true;
}
}
entityReqs
contains required entity operation permissions, attrReqs
- entity attribute permissions and specificReqs
- specific permissions. customReqs
function can be used to implement custom conditions / complex logic. For example, you might have a button that shall be visible when user has either of two specific permissions (in that case you will need to use the methods from Security service to manually check the permissions). Or, the condition might be something entirely different than permissions.
API: AccessControlProps.
See also: