canDo
@quik/authorization / Utils / canDo
Function: canDo()
canDo(
user, ...keys):boolean
Defined in: authorization/src/utils/canDo.ts:51
Checks if a user has at least one of the specified permission keys.
This function verifies if the authenticated user has any of the provided permission keys. It looks for permissions in the user object field specified by the configuration (defaults to "permissions"). The function supports both array and string permission formats.
Trailing wildcards (*) are supported on both the stored permissions and the requested keys.
For example, a stored permission of module.* grants access to any module.<action>,
and requesting module.thing.* will match any stored permission under module.thing..
Parameters
user
IQUser
Authenticated user object
keys
...string[]
Permission keys that should be validated
Returns
boolean
Example
// Check if user has admin or moderator permissions
if (canDo(user, "admin", "moderator")) {
allowAccess();
}
// Wildcard: user has "module.*" stored, matches "module.read"
canDo(user, "module.read"); // true
// Wildcard in requested key: matches any stored permission under "module.thing."
canDo(user, "module.thing.*"); // true if user has e.g. "module.thing.read"
See
ForbiddenAccessError For the error thrown when permission is denied