Authorization

Adonis Cockpit is currently in prerelease version. Documentation, references and examples might not be correct and are subject to change. Give your feedback.

Authorization

Adonis Cockpit relies on Adonis Bouncer for authorization. You can apply policies globaly, per operation and resources.

Adonis Cockpit does not bring any authentication system (yet), you can follow the Official Adonis Authentication documentation to get everything setup.

Global authorization

The global policy is applied everywhere on the admin.

app/abilities/main.ts 
import User from '#models/user'

import { Bouncer } from '@adonisjs/bouncer'



export const adminPolicy = Bouncer.ability((user: User) => {

  return user.isAdmin

})
start/cockpit.ts 
import cockpit from 'adonis-cockpit/services/main'



cockpit.policy(adminPolicy)

Per Operation

You can define different policies for each different kind of operations.

start/cockpit.ts 
import cockpit from 'adonis-cockpit/services/main'



cockpit.policies({

  read: memberPolicy,

  create: adminPolicy,

  update: adminPolicy,

  delete: superAdminPolicy

})

The per operation policies are overwritten by the Per Resource and Per Action policies.

Per Resource

You can apply custom policies at the resource level. They will override the Per Operation policies.

class Resource extends ModelResurce {

  policies = {

    read: memberPolicy,

    create: adminPolicy,

    update: adminPolicy,

    delete: superAdminPolicy

  }

}

Per Action

You can apply custom policies to your Actions. They will override the Per Operation policies.

class SynchronizeAction extends Action {

  policy = synchronizePolicy

}
© 2024 FriendsOfAdonis Edit this page

On this page