Access control list (ACL)
Path: apps/api/src/config/acl.ts
Cache
Controls the permissions / roles caching
- object-path:
cache
Enabled
Enables / disables caching for permissions / roles.
- object-path:
cache.enabled - dotenv var:
ACL_CACHE_ENABLED - type:
boolean - default:
false
Expires in
Sets time the cache data expires at. Defined as ms-formatted string (see ms for more information) or number in seconds.
- object-path:
cache.expiresIn - dotenv var:
ACL_CACHE_TTL - type:
number | string - default:
'7d'
Roles
List of special-purpose roles.
- object-path:
roles
Superuser
Any newly created permission will be associated with this role.
- object-path:
roles.superuser - type:
string - default:
'superuser'
Sign-up
Admin tool sign-up settings.
- object-path:
signup
Enabled
Enables / disables user sign-up (account creation) for Admin Tool.
- object-path:
signup.enabled - dotenv var:
ACL_SIGNUP_ENABLED - type:
boolean - default:
true
Permissions
List of permission names, that new account should be assigned with.
- object-path:
signup.permissions - dotenv var:
ACL_SIGNUP_PERMISSIONS(comma-delimitedstring) - type:
string[] - default:
[]
Roles
List of role names, that new account should be assigned with.
- object-path:
signup.roles - dotenv var:
ACL_SIGNUP_ROLES(comma-delimitedstring) - type:
string[] - default:
[]