Role schema for PhoenixKit authorization system.
This schema defines user roles that can be assigned to users for authorization purposes.
Fields
name: Role name (unique, required for identification)description: Human-readable description of the roleis_system_role: Whether this is a system-defined role that shouldn't be deleted
System Roles
PhoenixKit includes three built-in system roles:
- Owner: System owner with full access (assigned to first user automatically)
- Admin: Administrator with elevated privileges
- User: Standard user with basic access (default for new users)
Security Features
- System roles cannot be deleted
- Role names are unique
- Automatic assignment of User role to new registrations
- Automatic assignment of Owner role to first user
Summary
Functions
A role changeset for creating and updating roles.
Checks if a role name is a system role.
Returns the map of system role names.
Types
@type t() :: %PhoenixKit.Users.Role{ __meta__: term(), description: String.t() | nil, inserted_at: DateTime.t(), is_system_role: boolean(), name: String.t(), role_assignments: term(), updated_at: DateTime.t(), users: term(), uuid: UUIDv7.t() | nil }
Functions
A role changeset for creating and updating roles.
Parameters
role: The role struct to modifyattrs: Attributes to update
Examples
iex> changeset(%Role{}, %{name: "Manager", description: "Department manager"})
%Ecto.Changeset{valid?: true}
iex> changeset(%Role{}, %{name: ""})
%Ecto.Changeset{valid?: false}Checks if a role name is a system role.
Examples
iex> system_role?(system_roles().owner)
true
iex> system_role?("Owner")
true
iex> system_role?("Manager")
falseReturns the map of system role names.
Examples
iex> system_roles()
%{owner: "Owner", admin: "Admin", user: "User"}