Permission in EzyPlatform

Updated at 1706780912000
One of the most common, important, yet challenging features to program is permission management. Understanding this, EzyPlatform provides detailed permission management down to each screen, each API, and method call.

Permission for admin

To set permissions for an admin, you will navigate to the Admins > Roles menu. By default, there are two highest admin roles:

Screenshot 2024-02-01 at 16.11.30.png
  1. Super Administrator: The highest administrative role, with the ability to create and remove all other roles.
  2. DevOps: Administrative role with all the highest permissions like super admin but cannot delete super admin.
Screenshot 2024-02-01 at 16.12.43.png

Now, let's say you need to add a role that allows only drafting articles. You can click on the Add New button and fill in the information as follows:

Screenshot 2024-02-01 at 16.14.23.png

You will see a new role in the list called Editor:

Screenshot 2024-02-01 at 16.15.38.png

Click on Editor to go to the detailed screen:

Screenshot 2024-02-01 at 16.15.24.png

Now you can add a member with the Editor role by clicking the Add button next to the Members heading, or you can add a new admin. For example, I need to add a new admin like this:

Screenshot 2024-02-01 at 16.19.55.png

After adding an admin and returning to the Editor role screen, I will see a new member added to the list:

Screenshot 2024-02-01 at 16.22.34.png

Now, I will log in as this admin on another browser, and the result will be as follows:

Screenshot 2024-02-01 at 16.27.59.png

You can see that the editor admin will only have certain menus displayed and can do almost nothing. Now, we need to set permissions to allow the editor admin to write articles by checking the functions and APIs that we allow the admin to perform:

Screenshot 2024-02-01 at 16.34.02.png Screenshot 2024-02-01 at 16.34.14.png

Press the Save Features button, then go back to the editor admin, and you will be able to see the menus related to article management and be able to write articles:

Screenshot 2024-02-01 at 16.34.56.png

Congratulations, you have successfully set permissions for the editor admin to manage articles.

Permission for web

Similar to admin permissions, you can install EzyPlatform and experience it yourself. However, the effectiveness of permissions on the web depends on what theme you are using.

How does EzyPlatform recognize which API needs permission?

This is

thanks to the use of @EzyFeature. When you use this annotation, for example:

public class PostController {

It understands that all APIs in PostController belong to the post_management feature and need to be authorized for admins or users to use.