From 9fac8dbd54b4b67001eaf045e470964ed9d83663 Mon Sep 17 00:00:00 2001 From: fzaninotto Date: Mon, 25 Nov 2024 10:28:57 +0100 Subject: [PATCH] [Doc] Add video tutorial to Access Control documentation --- docs/Permissions.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/docs/Permissions.md b/docs/Permissions.md index 98bac63390..e85552efc0 100644 --- a/docs/Permissions.md +++ b/docs/Permissions.md @@ -5,6 +5,8 @@ title: "Authorization" # Authorization + + Once a user is authenticated, your application may need to check if the user has the right to access a specific resource or perform a particular action. React-admin provides two ways to do so: 1. **Access control** relies on `authProvider.canAccess({ resource, action })`, which returns whether the user can access the given resource and action. @@ -12,11 +14,6 @@ Once a user is authenticated, your application may need to check if the user has Depending on your needs, you can implement one or the other or both. We recommend Access Control because it allows you to put the authorization logic in the `authProvider` rather than in the code. - - ## Access Control With Access Control, the `authProvider`is responsible for checking if the user can access a specific resource or perform a particular action. This flexibility allows you to implement various authorization strategies, such as: @@ -27,6 +24,11 @@ With Access Control, the `authProvider`is responsible for checking if the user c Use the `authProvider` to integrate react-admin with popular authorization solutions like Okta, Casbin, Cerbos, and more. + + ### `authProvider.canAccess()` To use Access Control, the `authProvider` must implement a `canAccess` method with the following signature: