#
Managing permissions for a roleWith the UserRoles recipe you can:
- Add permissions to a role
- Remove permissions from a role
- Get a list of all permissions assigned to a role
- Get a list of all roles that have a specific permission
#
Add permissionsThe createNewRoleOrAddPermissions
can be used to add new permissions to a role. This function only adds missing permissions to a role and will not have any effect on permissions that are already assigned to a role.
- NodeJS
- GoLang
- Python
- cURL
import UserRoles from "supertokens-node/recipe/userroles";
async function addPermissionForRole() { // Add the "write" permission to the "user" role await UserRoles.createNewRoleOrAddPermissions("user", ["write"]);}
import ( "github.com/supertokens/supertokens-golang/recipe/userroles")
func addPermissionForRole() { // Add the write permission to the user role _, err := userroles.CreateNewRoleOrAddPermissions("user", []string{"write"}, nil) if err != nil { // TODO: Handle error return }}
- Asyncio
- Syncio
from supertokens_python.recipe.userroles.asyncio import create_new_role_or_add_permissions
async def add_permission_for_role(): await create_new_role_or_add_permissions("user", ["write"])
from supertokens_python.recipe.userroles.syncio import create_new_role_or_add_permissions
def add_permission_for_role(): create_new_role_or_add_permissions("user", ["write"])
curl --location --request PUT '/recipe/role' \--header 'api-key: ' \--header 'Content-Type: application/json' \--data-raw '{ "role": "user", "permissions": [ "write" ]}'
#
Remove permissionsYou can remove one or more permissions from a role, the role must be created before using this function.
- NodeJS
- GoLang
- Python
- cURL
import UserRoles from "supertokens-node/recipe/userroles";
async function removePermissionFromRole() { // Remove the "write" permission to the "user" role const response = await UserRoles.removePermissionsFromRole("user", ["write"]);
if (response.status === "UNKNOWN_ROLE_ERROR") { // No such role exists }}
import ( "github.com/supertokens/supertokens-golang/recipe/userroles")
func removePermissionFromRole() { // Remove the write permission to the user role response, err := userroles.RemovePermissionsFromRole("user", []string{"write"}, nil) if err != nil { // TODO: Handle error return }
if response.UnknownRoleError != nil { // No such role exists }}
- Asyncio
- Syncio
from supertokens_python.recipe.userroles.asyncio import remove_permissions_from_rolefrom supertokens_python.recipe.userroles.interfaces import UnknownRoleError
async def remove_permission_from_role_func(): res = await remove_permissions_from_role("user", ["write"]) if isinstance(res, UnknownRoleError): # No such role exists pass
from supertokens_python.recipe.userroles.syncio import remove_permissions_from_rolefrom supertokens_python.recipe.userroles.interfaces import UnknownRoleError
def remove_permission_from_role_func(): res = remove_permissions_from_role("user", ["write"]) if isinstance(res, UnknownRoleError): # No such role exists pass
curl --location --request POST '/recipe/role/permissions/remove' \--header 'api-key: ' \--header 'Content-Type: application/json' \--data-raw '{ "role": "user", "permissions": [ "write" ]}'
#
Get all permissions for a roleGet a list of all permissions assigned to a role
- NodeJS
- GoLang
- Python
- cURL
import UserRoles from "supertokens-node/recipe/userroles";
async function getPermissionsForRole() { const response = await UserRoles.getPermissionsForRole("user");
if (response.status === "UNKNOWN_ROLE_ERROR") { // No such role exists return; }
const permissions: string[] = response.permissions;}
import ( "github.com/supertokens/supertokens-golang/recipe/userroles")
func getPermissionsForRole() { // const response = await UserRoles.getPermissionsForRole("user"); response, err := userroles.GetPermissionsForRole("user", nil) if err != nil { // TODO: Handle error return }
if response.UnknownRoleError != nil { // No such role exists return }
_ = response.OK.Permissions}
- Asyncio
- Syncio
from supertokens_python.recipe.userroles.asyncio import get_permissions_for_rolefrom supertokens_python.recipe.userroles.interfaces import UnknownRoleError
async def remove_permission_from_role(): res = await get_permissions_for_role("user") if isinstance(res, UnknownRoleError): # No such role exists return
_ = res.permissions
from supertokens_python.recipe.userroles.syncio import get_permissions_for_rolefrom supertokens_python.recipe.userroles.interfaces import UnknownRoleError
def remove_permission_from_role(): res = get_permissions_for_role("user") if isinstance(res, UnknownRoleError): # No such role exists return
_ = res.permissions
curl --location --request GET '/recipe/role/permissions?role=user' \--header 'api-key: '
#
Get all roles that have a permissionGet a list of all roles that have been assigned a specific permission
- NodeJS
- GoLang
- Python
- cURL
import UserRoles from "supertokens-node/recipe/userroles";
async function getRolesWithPermission() { const response = await UserRoles.getRolesThatHavePermission("write"); const roles: string[] = response.roles;}
import ( "github.com/supertokens/supertokens-golang/recipe/userroles")
func getRolesWithPermission() { response, err := userroles.GetRolesThatHavePermission("write", nil) if err != nil { // TODO: Handle error return } _ = response.OK.Roles}
- Asyncio
- Syncio
from supertokens_python.recipe.userroles.asyncio import get_roles_that_have_permission
async def get_roles_with_permission(): res = await get_roles_that_have_permission("write") _ = res.roles
from supertokens_python.recipe.userroles.syncio import get_roles_that_have_permission
def get_roles_with_permission(): res = get_roles_that_have_permission("write") _ = res.roles
curl --location --request GET '/recipe/permission/roles?permission=write' \--header 'api-key: '