Ginjou
Guides

Authorization

Control which resources users can access.

Authz Provider

The Authz (Authorization) provider defines and enforces the access control policies for your application. It manages both fine-grained action checks and high-level permission retrieval.

The Authz interface defines the contract:

interface Authz {
    // Check if an action is allowed
    access?: (params: AccessCanParams) => Promise<AccessCanResult>
    // Get all permissions (optional)
    getPermissions?: (params?: any) => Promise<GetPermissionsResult>
}

Can Access

Use useCanAccess to check if the current user is allowed to perform a specific action on a resource. This is useful for conditionally rendering UI elements like "Edit" or "Delete" buttons.

Usage

<script setup lang="ts">
import { useCanAccess } from '@ginjou/vue'

const { data: canAccess } = useCanAccess({
    resource: 'posts',
    action: 'edit',
    params: { id: 1 }
})
</script>

<template>
    <button v-if="canAccess?.can">
        Edit Post
    </button>
</template>

Composition

  • Data Composables: Uses useQuery to fetch the access result.
  • Actions: Calls authz.access.
mermaid
graph TD
    User-->|Render Component| useCanAccess
    useCanAccess-->|Call| Authz.access
    Authz.access-->|Check| Backend
    Backend-->|Result| Authz.access
    Authz.access-->|Return| useCanAccess

    can{Allowed?}
    useCanAccess --> can

    can -- Yes --> show[Show Button/UI]
    can -- No --> hide[Hide Button/UI]

Permissions

Use usePermissions to fetch the raw list of permissions (e.g. roles, scopes) associated with the current user.

Usage

<script setup lang="ts">
import { usePermissions } from '@ginjou/vue'

const { data: permissions, isLoading } = usePermissions<string[]>()
</script>

<template>
    <template v-if="permissions == null || isLoading">
        Loading ...
    </template>
    <template v-else>
        Permissions: {{ permissions }}
    </template>
</template>

Composition

  • Data Composables: Uses useQuery to fetch permissions.
  • Actions: Calls authz.getPermissions.
mermaid
graph TD
    User-->|Render Component| usePermissions
    usePermissions-->|Call| Authz.getPermissions
    Authz.getPermissions-->|Fetch| Backend
    Backend-->|Result| Authz.getPermissions
    Authz.getPermissions-->|Return| usePermissions

    usePermissions --> compute[Compute Roles/Scopes]

Authentication

Connect to your backend to manage user login and logout.

Notifications

Show alerts, status updates, and progress to users.