1.4 KiB
1.4 KiB
Permissions Reference
This file lists the permissions currently checked by the application.
Global Permissions
*- Full access wildcard
- Also used by the built-in Admin group
- admin.access
- Access to admin API and admin UI
- space.create
- Create a new space
- space.edit
- Global space edit capability (used as fallback alongside space-scoped settings edit)
- space.delete
- Global space delete capability (used as fallback alongside space-scoped delete)
Space-Scoped Permission Format
space.<space_permission_key>.
- space_permission_key is derived from the space name (normalized token)
- Example:
- space.product_docs.note.create
- space.product_docs.settings.member.manage
Space-Scoped Actions Currently Enforced
Space Management
- settings.edit
- delete
Member Management
- settings.member.manage
- settings.member.view
Category Management
- category.create
- category.edit
- category.delete
Note Management
- note.create
- note.edit
- note.delete
Wildcard Support
Permissions support wildcard matching with *.
Examples:
- space.product_docs.*
- Grants all permissions for the product_docs space
- space.*.note.create
- Grants note.create for all spaces
*- Grants all permissions globally
Built-in Group
- Admin group is auto-created at startup if missing
- Admin group permissions:
*