Developer / API / Extensibility

How does the permission model let developers add new module.action permissions?

Permissions are module.action strings, grouped into modules, and the model is open to new permissions: as a developer adds a new module or a new action, they define the corresponding module.action permission, which the super admin can then assign to roles. So extending the platform with new functionality naturally extends the permission system too — the new capability gets its own…

Permissions are module.action strings, grouped into modules, and the model is open to new permissions: as a developer adds a new module or a new action, they define the corresponding module.action permission, which the super admin can then assign to roles. So extending the platform with new functionality naturally extends the permission system too — the new capability gets its own gated permission rather than being ungoverned. This keeps access control comprehensive as the platform grows.

← Previous

How does the master-product toggle decision affect the data model, and why is it stable once set?