# Manage Authority & Access Control

Manage Authority & Access Control
- Allow a user to perform a certain operation on a certain resource
- Determine whether a user has a certain operation authority for a certain resource

Authing builds an authorization model based on PBAC (Policy Based Access Control), It can be combined with RBAC (Role Based Access Control) to achieve very flexible and refined access control. This module abstracts this model into two methods: allow and isAllowed.

# Allow a user to perform a certain operation on a certain resource

AclManagementClient().allow(userId, action, resource)

Allow a user to perform a certain operation on a certain resource

# Parameters

userId <string> user ID
action <string> operation name, it is recommended to use the format of <resourceType>:<actionName>, such as books:edit, books:list
resource <string> Resource name, must be in <resourceType>:<resourceId> format or *, such as *, books:123, books:*

# Example

$managementClient->acl()->allow("resource", "action", "user id");

# Determine whether a user has a certain operation authority for a certain resource

AclManagementClient().isAllowed(userId, action, resource)

Determine whether a user has a certain operation authority for a certain resource

# Parameters

userId <string> User ID
action <string> operation name, it is recommended to use the format of <resourceType>:<actionName>, such as books:edit, books:list
resource <string> Resource name, must be in <resourceType>:<resourceId> format or *, such as *, books:123, books:*

# Example

$managementClient->acl()->isAllowed("user id", "action", "resource");

← Manage Roles Manage Strategy →