@loopback/docs
Version:
Documentation for LoopBack 4
41 lines (26 loc) • 1.67 kB
Markdown
---
lang: en
title: 'API docs: authorization.permission'
keywords: LoopBack 4.0, LoopBack 4
sidebar: lb4_sidebar
permalink: /doc/en/lb4/apidocs.authorization.permission.html
---
<!-- Do not edit this file. It is automatically generated by API Documenter. -->
[Home](./index.md) > [@loopback/authorization](./authorization.md) > [Permission](./authorization.permission.md)
## Permission interface
`Permission` defines an action/access against a protected resource. It's the `what` for authorization.
There are three levels of permissions
- Resource level (Order, User) - Instance level (Order-0001, User-1001) - Property level (User-0001.email)
<b>Signature:</b>
```typescript
export interface Permission
```
## Properties
| Property | Type | Description |
| --- | --- | --- |
| [action](./authorization.permission.action.md) | <code>string</code> | Action or access of a protected resources, such as <code>read</code>, <code>create</code>, <code>update</code>, or <code>delete</code> |
| [resourceInstance](./authorization.permission.resourceinstance.md) | <code>string</code> | Identity of a protected resource instance, such as <code>order-0001</code> or <code>customer-101</code> |
| [resourceProperty](./authorization.permission.resourceproperty.md) | <code>string</code> | Property of a protected resource type/instance, such as <code>email</code> |
| [resourceType](./authorization.permission.resourcetype.md) | <code>string</code> | Type of protected resource, such as <code>Order</code> or <code>Customer</code> |
## Example
- create a user - read email of a user - change email of a user - cancel an order