adonis install adonis-rbac --yarn
-
Add provider in
/start/app.js
const providers = [ //... 'adonis-rbac/providers/RbacProvider', ]
-
Add trait in
/app/Models/User.js
class User extends Model { static get traits() { return [ '@provider:Rbac/Traits/Rbac' ] } //...or if you need to customize the field name... static boot () { super.boot() this.addTrait('@provider:Rbac/Traits/Rbac', { field: 'roles' //default is `roles` }) } }
-
Define
roles
in/config/rbac.js
/** * * Configurations for adonis-rbac * * Permission format: <resource>.<operation> * e.g: posts.index, posts.update, posts.delete * * tip: define roles sorting by permissions asc. */ module.exports = { roles: { // <roleName>: [...<permissions>] user: ['posts.index', 'posts.show'], // use `role:<roleName>` to grant all permissions for <roleName> editor: ['role:user', 'posts.create', 'posts.update'], // use `posts.*` to allow all operations for posts admin: ['role:editor', 'posts.*'], // use `*` to grant all permissions system: ['*'] }, }
-
Set
roles
on useruser.roles = ['admin'] /* or string split by comma*/ user.roles = 'admin,editor'
-
Use
.can()
in middleware or controller actions.const { HttpException } = require('@adonisjs/generic-exceptions') if (!auth.user.can('posts.index')) { throw new HttpException('Forbidden.', 403) }