Playground
The Playground page is where you can test your configurations to make sure everything is working properly. Resource Types, Roles, and Role Assignments all have to be defined for a permission check to be valid. Using data that you have not explicitly defined will always result in Permission Denied.
Referencing the permissions statements created in the Assigned Roles & Relations page, you can verify that you get the expected results.
Check Permissions
The Check Permissions page is where you verify that permissions are defined correctly. You can test that specific instances of a subject can perform actions on objects.
Permission checks are case-sensitive. If you expect a Permission Allowed but get a Permission Denied, check that the permissions and resource types are spelled correctly and the cases are correct.
To check a permission, input your query in the following format:
{subject}:{id} {action} {resource}:{id}
Replacing the placeholders with the values you set in the Permissions page. This example uses the File Drive authorization schema.
user:toretto edit file:fast_x_thumbnail
This checks that a user with an ID of toretto that is defined in Assigned Roles & Relations has a role defined in Roles & Access that has the ability to delete a resource of the file type defined in Resource Types named fast_x_thumbnail.
Then click on the Check button. If Permission Allowed displays, then the permissions have been properly configured. You can use the Playground to test all permissions safely and easily.
Was this article helpful?