Skip to content
Layeron Doc

Role based access

Use role-based rules when one permission applies across the whole app.

Terminal window
import { policy } from "@layeron/modules"


const appPolicy = policy({
  name: "app",
  rules: [{
    id: "admin-read-anything",
    effect: "allow",
    subjects: ["role:admin"],
    actions: ["document.read"],
    resources: ["document:*"],
  }],
})


const decision = await appPolicy.evaluate({
  subject: {
    kind: "user",
    id: "user_1",
    roles: ["admin"],
  },
  action: "document.read",
  resource: {
    type: "document",
    id: "doc_123",
  },
})

This pattern is useful for admin dashboards, internal tools, and support operations.