A guide to the database-driven permission system in Nuxt Auto CRUD.
The actual people logging in.
Labels like "Admin", "Manager", or "Support" that group users together.
The parts of your application you want to protect (e.g., "users", "tickets", "products").
The specific actions allowed (e.g., "create", "read", "update", "delete", "list").
If you need a new type of user (e.g., "Editor"), you simply add a row to the roles table.
Action: Insert a new record into the `roles` table.
Example: Name = "Editor"
If you create a new feature (e.g., a "Blog"), you need to register it as a resource.
Action: Insert a new record into the `resources` table.
Example: Name = "blog_posts"
To say "Editors can update blog posts", you link the three concepts together in the role_resource_permissions table.
Action: Insert a record linking Role ID, Resource ID, and Permission ID.
Example: Link Editor ID + blog_posts ID + update ID
Finally, to give a user these powers, you just assign them the role.
Action: Select the Role for a specific user in the `users` table.
Example: Select "Editor" for user "john@example.com"
| Table Name | Purpose |
|---|---|
| roles | Define who exists (Admin, Guest, etc.). |
| resources | Define what exists (Products, Orders, etc.). |
| permissions | Define actions (Create, Read, Update, Delete). |
| role_resource_permissions | The Master Switch. Connects Role + Resource + Action. |
| users | Assigns a Role to a specific person via the Role field. |