RBAC

This project has a default setup with 3 roles: Owner, Admin, User

The Owners User id is saved as a field to the Orgtableowner_user_id` and used for transactional billing emails and have only one owner per org.

Admin and User roles are optional. These roles can be added using the Invite feature detailed in the next section.

The roles are arbitrary and can be modified or removed. Additional roles can also be added.

Permissions

This project uses the casljs library to define fine grained role based access control or RBAC.

permissions are centrally defined in config/permissions.ts

Permissions are opened ended and can allow complete fine grained control over any part of the app down to a single html element.

Detailed info on how permissions work can be found in our blog post below: coming soon.