chore: add notes based on exploration

2025-08-15 04:08:04 +00:00 · 2023-02-02 15:39:18 +00:00 · 2023-02-02 15:39:18 +00:00 · cd8693ba9b
commit cd8693ba9b
parent 9818b82377
5 changed files with 134 additions and 0 deletions
--- a/docs/docs/core/permissions/frontend/fetching-permissions.mdx
+++ b/docs/docs/core/permissions/frontend/fetching-permissions.mdx
@ -0,0 +1,15 @@
+---
+title: Fetching Permissions
+tags:
+  - permissions
+  - RBAC
+---
+
+- permissions are fetched from the API in `admin/admin/src/AuthenticatedApp` the cache key is `admin-users-permission`.
+- Permission route is `/admin/users/me/permissions` because we're focussed on me as a user on the FE.
+- ADD EXAMPLE RESPONSE
+
+- the data is then passed to an `RBACProvider` which the src for this is situated in the `helper-plugin` package.
+- it's in the highest point of the actual application alongside the route where you login.
+- the context also has a refetch functionality so we can check again at any time.
+- You access all this via the `useRBACProvider` hook (separate doc).
--- a/docs/docs/core/permissions/frontend/using-permissions.mdx
+++ b/docs/docs/core/permissions/frontend/using-permissions.mdx
@ -0,0 +1,28 @@
+---
+title: Using Permissions
+tags:
+  - permissions
+  - RBAC
+  - useRBAC
+---
+
+- API reference for useRBACProvider hook (which is just a wrapper around useContext) & methods
+
+---
+
+- There's two helper components
+
+  - CheckPagePermissions this is for views
+  - CheckPermissions this is for components/fields etc.
+
+---
+
+- useRBAC hook which is more of an actual hook
+
+  - how does it work with REDUX?
+
+---
+
+- useSyncRBAC hook (only in content manager LOL) (write about it here cause it's important but then add a doc in the CM documentation linking back to this)
+  - it gets the permissions specific to a content-type and then a particular view of that content-type e.g. ADDRESSES and just the list-view
+  - then passes "allowedActions" to `EditViewDataManagerProvider` so then write something on permissions in the content-manager cause that's obvs unique nice.
--- a/docs/docs/core/permissions/how-they-work.mdx
+++ b/docs/docs/core/permissions/how-they-work.mdx
@ -0,0 +1,20 @@
+---
+title: How they work
+tags:
+  - permissions
+  - RBAC
+---
+
+Talk about this stuff and what it means (probably needs Pierre to give me a 10min recap)
+
+```ts
+const permissions = {
+  create: [{ action: 'plugin::content-manager.explorer.create', subject: null }],
+  delete: [{ action: 'plugin::content-manager.explorer.delete', subject: null }],
+  publish: [{ action: 'plugin::content-manager.explorer.publish', subject: null }],
+  read: [{ action: 'plugin::content-manager.explorer.read', subject: null }],
+  update: [{ action: 'plugin::content-manager.explorer.update', subject: null }],
+};
+```
+
+## Setting up permissions for a plugin
--- a/docs/docs/core/permissions/intro.md
+++ b/docs/docs/core/permissions/intro.md
@ -0,0 +1,29 @@
+---
+title: Introduction
+slug: /permissions
+tags:
+  - permissions
+  - RBAC
+---
+
+# Permissions (RBAC)
+
+:::caution
+This is not about the `user-permissions` plugin which is API orientated, this is about roles based access control commonly known as RBAC.
+:::
+
+This section is an overview of all the features realted to the Permissions core plugin:
+
+```mdx-code-block
+import DocCardList from '@theme/DocCardList';
+import { useCurrentSidebarCategory } from '@docusaurus/theme-common';
+
+<DocCardList items={useCurrentSidebarCategory().items} />
+```
+
+---
+
+## ⚠️ To document ⚠️
+
+- RBAC in the settings page of the admin app
+- How RBAC works serverside
--- a/docs/sidebars.js
+++ b/docs/sidebars.js
@ -35,6 +35,17 @@ const sidebars = {
      },
      collapsible: false,
      items: [
+        {
+          type: 'category',
+          label: 'Admin',
+          items: [
+            {
+              type: 'doc',
+              label: 'Link Strapi Design System',
+              id: 'core/admin/link-strapi-design-system',
+            },
+          ],
+        },
        {
          type: 'category',
          label: 'Content Manager',
@ -98,6 +109,37 @@ const sidebars = {
            },
          ],
        },
+        {
+          type: 'category',
+          label: 'Permissions (RBAC)',
+          link: {
+            type: 'doc',
+            id: 'core/permissions/intro',
+          },
+          items: [
+            {
+              type: 'doc',
+              label: 'How Permissions Work',
+              id: 'core/permissions/how-they-work',
+            },
+            {
+              type: 'category',
+              label: 'RBAC on the frontend',
+              items: [
+                {
+                  type: 'doc',
+                  label: 'Fetching Permissions',
+                  id: 'core/permissions/frontend/fetching-permissions',
+                },
+                {
+                  type: 'doc',
+                  label: 'Using Permissions',
+                  id: 'core/permissions/frontend/using-permissions',
+                },
+              ],
+            },
+          ],
+        },
        {
          type: 'category',
          label: 'Utils',