WeaviateEx.API.RBAC.Permission (WeaviateEx v0.7.4)
View SourcePermission definitions for RBAC.
Permissions define what actions can be taken on what resources, optionally scoped to specific collections, tenants, or shards.
Actions
:create- Create new resources:read- Read/view resources:update- Modify existing resources:delete- Delete resources:manage- Full control (create, read, update, delete):assign_and_revoke- Assign/revoke roles (for users/groups)
Resources
:collections- Collection schema operations:data- Object CRUD operations:tenants- Multi-tenancy management:roles- Role management:users- User management:groups- OIDC group management:cluster- Cluster information:nodes- Node information:backups- Backup operations
Examples
# Basic permission
perm = Permission.new(:read, :collections)
# Permission with scope
perm = Permission.new(:read, :data, collection: "Article")
# Convenience constructors
perm = Permission.read_collection("Article")
perm = Permission.manage_data("Article")
# Admin permissions
perms = Permission.admin()Summary
Functions
Parses an action string from API format.
Converts an action and resource to API string format.
Returns a list of permissions for full admin access.
Creates a create permission for data in a collection.
Creates a delete permission for data in a collection.
Parses a permission from API response.
Creates a manage permission for a collection schema.
Creates a manage permission for data in a collection.
Creates a new permission.
Creates a read permission for a collection schema.
Creates a read permission for data in a collection.
Converts a permission to API format.
Creates an update permission for data in a collection.
Checks if an action is valid.
Checks if a resource is valid.
Returns a list of permissions for read-only access.
Types
@type action() :: :create | :read | :update | :delete | :manage | :assign_and_revoke
@type resource() ::
:collections
| :data
| :tenants
| :roles
| :users
| :groups
| :cluster
| :nodes
| :backups
| :replicate
| :alias
@type t() :: %WeaviateEx.API.RBAC.Permission{ action: action(), resource: resource(), scope: WeaviateEx.API.RBAC.Scope.t() | nil }
Functions
Parses an action string from API format.
Examples
action_from_api("read_collections")
# => {:read, :collections}Converts an action and resource to API string format.
Examples
action_to_api(:read, :collections)
# => "read_collections"@spec admin() :: [t()]
Returns a list of permissions for full admin access.
Creates a create permission for data in a collection.
Creates a delete permission for data in a collection.
Parses a permission from API response.
Creates a manage permission for a collection schema.
Creates a manage permission for data in a collection.
Creates a new permission.
Options
:scope- AScopestruct to restrict the permission:collection- Shorthand to create a collection scope:tenant- Shorthand to add a tenant to the scope
Examples
Permission.new(:read, :collections)
Permission.new(:read, :data, scope: Scope.collection("Article"))
Permission.new(:read, :data, collection: "Article", tenant: "tenant-a")Creates a read permission for a collection schema.
Creates a read permission for data in a collection.
Converts a permission to API format.
Example
Permission.read_collection("Article") |> Permission.to_api()
# => %{"action" => "read_collections", "collection" => "Article"}Creates an update permission for data in a collection.
Checks if an action is valid.
Checks if a resource is valid.
@spec viewer() :: [t()]
Returns a list of permissions for read-only access.