Action Permissions
Action permissions hide actions the current user cannot run.
VibeFlui permission checks are UI behavior only. The backend must still enforce authorization.
Action permission
TS
export const usersSchema = {
resource: "users",
actions: {
delete: {
enabled: true,
label: "Delete",
icon: "lucide:trash-2",
variant: "danger",
handler: "users.delete",
permission: "users.canDelete",
confirm: true
}
},
registry: {
permissionResolvers: ["users.canDelete"],
actionHandlers: ["users.delete"]
}
} as const;Schema permission
TS
export const usersSchema = {
resource: "users",
permissions: {
delete: "users.canDelete",
approve: "users.canApprove"
},
actions: {
row: [
{
key: "approve",
label: "Approve",
handler: "users.approve"
}
]
}
} as const;Runtime registry
TS
import { createRegistry } from "@vibeflui/core";
export const registry = createRegistry({
permissionResolvers: {
"users.canDelete": ({ row, permissionContext }) => {
const canDelete = permissionContext?.permissions?.includes("users:delete");
return Boolean(canDelete && row?.role !== "owner");
},
"users.canApprove": ({ row }) => {
return row?.status === "pending";
}
}
});Permission context
TSX
<FluiKitProvider
registry={registry}
permissionContext={{
roles: ["admin"],
permissions: ["users:delete", "users:approve"],
user: { id: "user_1" }
}}
>
<FluiKit schema={usersSchema} />
</FluiKitProvider>Grant arrays
If no resolver exists, a permission array checks permissionContext.roles and permissionContext.permissions.
TS
{
key: "export",
label: "Export",
permission: ["admin", "users:export"]
}