Skip to content
Layeron Doc

Getting started

This guide adds a Policy module to a Layeron backend app and evaluates a decision.

1. Import The Modules

Section titled “1. Import The Modules”
Terminal window
import { policy } from "@layeron/modules"

2. Create A Policy

Section titled “2. Create A Policy”
Terminal window
const appPolicy = policy({
  name: "app",
  rules: [{
    id: "admins-read",
    effect: "allow",
    subjects: ["role:admin"],
    actions: ["resource.read"],
    resources: ["resource:*"],
  }],
})

The policy name is stable within the environment. Rules match subjects, actions, resources, and optional conditions.

3. Register The Policy

Section titled “3. Register The Policy”
Terminal window
app.use(appPolicy)

Layeron records the policy in the app specification, compiles it into a PolicyManifest, provisions the policy store, and creates the Policy Product Worker.

4. Evaluate A Decision

Section titled “4. Evaluate A Decision”
Terminal window
const decision = await appPolicy.evaluate({
  subject: {
    kind: "user",
    id: "user_1",
    roles: ["admin"],
  },
  action: "resource.read",
  resource: {
    type: "resource",
    id: "resource_123",
  },
})

Use can(...) when you need a boolean check and require(...) when you want Policy to throw on denial.