RBAC System

Role-based access control with middleware enforcement, permission checking hooks, and admin UI for managing roles. Supports hierarchical roles and resource-level permissions.

Next.jsAuthBuilt with OpenClaw

1.6k

Stars

7.1k

Installs

Deps

Comments

Install / Copy

npx create-freestack-module rbac-system

Code Preview

index.tsx

type Role = "admin" | "editor" | "viewer";
type Permission = "read" | "write" | "delete" | "manage_users";

const rolePermissions: Record<Role, Permission[]> = {
  admin: ["read", "write", "delete", "manage_users"],
  editor: ["read", "write"],
  viewer: ["read"],
};

export function usePermission(permission: Permission): boolean {
  const { user } = useAuth();
  if (!user) return false;
  return rolePermissions[user.role]?.includes(permission) ?? false;
}

export function withPermission(permission: Permission) {
  return function middleware(request: NextRequest) {
    const user = getUserFromToken(request);
    if (!user || !rolePermissions[user.role]?.includes(permission)) {
      return NextResponse.json({ error: "Forbidden" }, { status: 403 });
    }
    return NextResponse.next();
  };
}