IGrantsListItem
Defined in: src/types/IGrants.ts:68
A flat grants list item — the DB-friendly form. Either a rule row
(role + resource + action …) or an inheritance row
(role + $extend). See IGrantsList.
Properties
Section titled “Properties”role:
string
Defined in: src/types/IGrants.ts:70
The role this row belongs to.
resource?
Section titled “resource?”
optionalresource?:string
Defined in: src/types/IGrants.ts:72
Target resource (omit for an inheritance row).
action?
Section titled “action?”
optionalaction?:string
Defined in: src/types/IGrants.ts:77
Action, optionally with possession via the :own/:any convention
(e.g. 'create' or 'create:own'). Omit for an inheritance row.
possession?
Section titled “possession?”
optionalpossession?:"own"|"any"
Defined in: src/types/IGrants.ts:79
Ownership scope (alternative to the :own/:any suffix on action).
attributes?
Section titled “attributes?”
optionalattributes?:string|string[]
Defined in: src/types/IGrants.ts:81
Granted attributes — comma/semicolon string or string array.
condition?
Section titled “condition?”
optionalcondition?:ConditionJSON
Defined in: src/types/IGrants.ts:83
Optional declarative condition.
effect?
Section titled “effect?”
optionaleffect?:"grant"|"deny"
Defined in: src/types/IGrants.ts:85
'grant' (default) or 'deny'.
$extend?
Section titled “$extend?”
optional$extend?:string|string[]
Defined in: src/types/IGrants.ts:87
Inherited role(s) — present only on an inheritance row.