identity.yml
1.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# pbc-identity metadata.
#
# Loaded at boot by org.vibeerp.platform.metadata.MetadataLoader,
# tagged source='core'. Re-loaded on every boot from the YAML below
# (delete-then-insert), so this file is the source of truth — edits
# made via the future SPA customization UI live in metadata__* rows
# tagged source='user' and are NEVER touched by the loader.
entities:
- name: User
pbc: identity
table: identity__user
description: A user account in the framework
- name: Role
pbc: identity
table: identity__role
description: A named bundle of permissions assignable to users
permissions:
- key: identity.user.read
description: Read user records
- key: identity.user.create
description: Create new user records
- key: identity.user.update
description: Update user records
- key: identity.user.disable
description: Disable a user (soft-delete; row is preserved for audit)
- key: identity.role.read
description: Read role records
- key: identity.role.create
description: Create new roles
- key: identity.role.assign
description: Assign or revoke a role for a user
menus:
- path: /identity/users
label: Users
icon: people
section: System
order: 100
- path: /identity/roles
label: Roles
icon: shield-lock
section: System
order: 110