Update a resource

Update a resource's permission in a role instance.

Update a resource

You can update a resource's permission in a role instance by using the update method.

const role = new Role({
    name: 'role',
    config: {
      user: {
        base: 'crudl',
        custom: {
          ban: false
        }
      },
      post: {
        base: '-rudl',
        custom: {
          publish: true
        }
      }
    }
  });

  const updated = role.update({
    resource: 'post',
    permissions: {
      base: 'crudl',
      custom: {
        suspend: false
      }
    }
}); // returns a new role instance

updated.can('post', 'create') // true
updated.can('post', 'suspend') // false  

The update Method: Modifying Role Permissions

The update method modifies permissions for an existing resource in a role. It takes an object with these properties:

  • resource (string): Name of the resource to update.
  • permissions (object): Updated permissions for the resource.
    • base (string): New CRUD permissions (e.g., 'crudl'). Use '-' to exclude a permission.
    • custom (object): Updated custom permissions.

Optional properties:

  • mutate (boolean, default: false): If true, modifies the existing role instead of returning a new instance.
  • noOverride (boolean, default: false): If true, merges new permissions with existing ones instead of overriding.

The method returns a new role instance by default. You can immediately use the can method to check the updated permissions.

This method allows for flexible modification of existing role permissions, enabling dynamic adjustments to access control as needed.