checkPermission
@svenvw/fdm-source / fdm-core/src / checkPermission
Function: checkPermission()
checkPermission(
fdm,resource,action,resource_id,principal_id,origin,strict):Promise<boolean>
Defined in: fdm-core/src/authorization.ts:159
Checks whether the principal is authorized to perform an action on a resource.
This function retrieves the valid roles for the specified action and resource, constructs the resource hierarchy,
and iterates through the chain to verify if any level grants the required permission for the principal(s). It records
the permission check details in the audit log and throws an error if the permission is denied. strict may be
specified as false in order to disable the exception.
Parameters
fdm
any
The FDM instance providing the connection to the database. The instance can be created with createFdmServer.
resource
Resource
The type of resource being accessed.
action
Action
The action the principal intends to perform.
resource_id
string
The unique identifier of the specific resource.
principal_id
any
The principal identifier(s); supports a single ID or an array.
origin
string
The source origin used for audit logging the permission check.
strict
boolean = true
When set to false, the function will not perform an audit log, or throw an exception if the user has no permission.
Returns
Promise<boolean>
Resolves to true if the principal is permitted to perform the action.
Throws
When the principal does not have the required permission.