Permission Store
Component Detail
Data Layer
medium complexity
mobilebackend
0
Dependencies
1
Dependents
7
Entities
0
Integrations
Description
Manages the persistence and retrieval of role definitions, permission matrices, and user-role assignments. On the mobile side, stores the current user's active role and permissions in a BLoC state after login. On the backend, queries the PostgreSQL database for authoritative role-permission mappings.
permission-store
Responsibilities
- Store and retrieve role-permission mappings from the database
- Cache the active user's role and permissions in mobile app state via BLoC
- Provide lookup for which screens, actions, and data scopes each role grants
- Support multi-role users with active role switching via profile-switching feature
- Enforce organisation-scoped data isolation in permission queries
Interfaces
getRolePermissions(roleId: String): PermissionSet
getUserRoles(userId: String): List<UserRole>
getActiveRole(): UserRole
setActiveRole(roleId: String): void
hasPermission(permission: String): bool
getPermittedScreens(roleId: String): List<String>
getPermittedActions(roleId: String, resourceType: String): List<String>
getDataScope(roleId: String, organisationId: String): DataScope
loadPermissionsFromToken(jwtClaims: Map): void
clearPermissions(): void
isMultiRoleUser(userId: String): bool
getOrganisationContext(): String
Relationships
Related Data Entities (7)
Data entities managed by this component