← To the list of documents
Версия:

To Operations

When a request is received, the system checks for permissions to execute the operation.

Key Principles of Verification

  1. Exceptions: Verification is not performed for methods explicitly defined in the configuration libs/api/apiConfig (the doNotCheckCommands parameter and similar).
  2. Authorization Logic:
    • Access is granted if at least one role assigned to the user has explicit permission for this operation.
    • Access is denied if at least one role has an explicit prohibition for this operation.
  3. Priority: Prohibition always takes precedence over permission. If one role allows an operation and another prohibits it, access will be denied.
  4. Explicit Consent: If there are no explicit permissions for an operation, access is considered denied by default.

Scaling Access

Access can be configured individually for a specific method or for all methods of a class at once. This allows for quickly granting or restricting rights to the entire functionality of an entity.