Permissions Reference
This document lists all the available API permissions in the Nodesify Admin backend and their default assignments. These permissions are seeded into the database during initialization.
Available Permissions
| Code | Name | Path | Method |
|---|---|---|---|
System:User:List | Get User List | /users | GET |
System:User:Create | Create User | /users | POST |
System:User:Update | Update User | /users/:id | PUT |
System:User:Delete | Delete User | /users/:id | DELETE |
System:User:Info | Get User Info | /users/:id | GET |
System:User:Me | Get Current User | /users/me | GET |
System:User:Me:Update | Update Current User | /users/me | PUT |
System:User:Me:LoginLogs | Get My Login Logs | /users/me/login-logs | GET |
System:User:Me:Session:List | Get My Sessions | /users/me/sessions | GET |
System:User:Me:Session:Delete | Revoke My Session | /users/me/sessions/:id | DELETE |
System:User:Me:Session:Clear | Clear All My Sessions | /users/me/sessions | DELETE |
System:Role:List | Get Role List | /system/roles | GET |
System:Role:Create | Create Role | /system/roles | POST |
System:Role:Update | Update Role | /system/roles/:id | PUT |
System:Role:Delete | Delete Role | /system/roles/:id | DELETE |
System:Dept:List | Get Dept List | /system/departments | GET |
System:Dept:Create | Create Dept | /system/departments | POST |
System:Dept:Update | Update Dept | /system/departments/:id | PUT |
System:Dept:Delete | Delete Dept | /system/departments/:id | DELETE |
System:Menu:List | Get Menu List | /menus | GET |
System:Menu:Create | Create Menu | /menus | POST |
System:Menu:Update | Update Menu | /menus/:id | PUT |
System:Menu:Delete | Delete Menu | /menus/:id | DELETE |
System:Dict:Type:List | Get Dict Type List | /system/dicts/types | GET |
System:Dict:Type:Create | Create Dict Type | /system/dicts/types | POST |
System:Dict:Type:Update | Update Dict Type | /system/dicts/types/:id | PUT |
System:Dict:Type:Delete | Delete Dict Type | /system/dicts/types/:id | DELETE |
System:Dict:Data:List | Get Dict Data List | /system/dicts/data | GET |
System:Dict:Data:Create | Create Dict Data | /system/dicts/data | POST |
System:Dict:Data:Update | Update Dict Data | /system/dicts/data/:id | PUT |
System:Dict:Data:Delete | Delete Dict Data | /system/dicts/data/:id | DELETE |
System:File:List | Get File List | /files | GET |
System:File:Upload | Upload File | /files/upload | POST |
System:File:Delete | Delete File | /files/:id | DELETE |
System:Log:List | Get Operation Logs | /system/operation-logs | GET |
System:Log:Login | Get Login Logs | /system/login-logs | GET |
System:Notice:List | Get Notice List | /system/notices | GET |
System:Notice:Create | Create Notice | /system/notices | POST |
System:Notice:Update | Update Notice | /system/notices/:id | PUT |
System:Notice:Delete | Delete Notice | /system/notices/:id | DELETE |
System:Config:List | Get Config List | /system/configs | GET |
System:Config:Create | Create Config | /system/configs | POST |
System:Config:Update | Update Config | /system/configs/:key | PUT |
System:Config:Delete | Delete Config | /system/configs/:id | DELETE |
System:Api:List | Get API List | /system/apis | GET |
System:Api:Create | Create API Permission | /system/apis | POST |
System:Api:Update | Update API Permission | /system/apis/:id | PUT |
System:Api:Delete | Delete API Permission | /system/apis/:id | DELETE |
System:Session:List | Get Session List | /system/sessions | GET |
System:Session:Delete | Revoke Session | /system/sessions/:id | DELETE |
System:Auth:Perms | Get Permissions | /auth/permissions | GET |
System:Auth:Password | Change Password | /auth/password | PUT |
System:Auth:Mfa:Setup | Setup MFA | /auth/mfa/setup | GET |
System:Auth:Mfa:Enable | Enable MFA | /auth/mfa/enable | POST |
System:Auth:Mfa:Disable | Disable MFA | /auth/mfa/disable | POST |
System:Auth:Mfa:Verify | Verify MFA | /auth/mfa/verify | POST |
System:Auth:Mfa:RecoveryCodes | Regenerate Recovery Codes | /auth/mfa/recovery-codes/regenerate | POST |
System:Auth:Impersonate | Impersonate User | /auth/impersonate/:id | POST |
System:Auth:Impersonate:Exit | Exit Impersonation | /auth/impersonate/exit | POST |
Default Role Assignments
When the database is seeded, permissions are assigned to default roles as follows:
Basic Permissions
These permissions are assigned to all roles (User, Accountant, Warehouse, Support, HR) to ensure basic account functionality:
System:User:Me(Get Current User)System:User:Me:Update(Update Current User)System:User:Me:LoginLogs(Get My Login Logs)System:User:Me:Session:List(Get My Sessions)System:User:Me:Session:Delete(Revoke My Session)System:User:Me:Session:Clear(Clear All My Sessions)System:Auth:Perms(Get Permissions)System:Auth:Password(Change Password)System:Auth:Mfa:Setup(Setup MFA)System:Auth:Mfa:Enable(Enable MFA)System:Auth:Mfa:Disable(Disable MFA)System:Auth:Mfa:Verify(Verify MFA)System:Auth:Mfa:RecoveryCodes(Regenerate Recovery Codes)System:Auth:Impersonate:Exit(Exit Impersonation)System:Dict:Type:List(Get Dict Type List)System:Dict:Data:List(Get Dict Data List)System:Menu:List(Get Menu List)System:Notice:List(Get Notice List)
Specific Role Assignments
Super Administrator (
super):- Has access to ALL permissions.
Administrator (
admin):- Has access to ALL permissions EXCEPT
System:Auth:Impersonate.
- Has access to ALL permissions EXCEPT
IT Support (
support):- Includes all Basic Permissions.
- Plus:
System:Log:Login(Get Login Logs)System:Log:List(Get Operation Logs)System:User:List(Get User List)System:User:Info(Get User Info)System:Notice:List(Get Notice List)
HR Manager (
hr_manager):- Includes all Basic Permissions.
- Plus:
System:User:List(Get User List)System:User:Create(Create User)System:User:Delete(Delete User)System:User:Info(Get User Info)System:Dept:List(Get Dept List)System:Dept:Create(Create Dept)System:Dept:Update(Update Dept)System:Dept:Delete(Delete Dept)System:Role:List(Get Role List)
Regular User (
user), Accountant (accountant), Warehouse Staff (warehouse_staff):- Currently assigned only Basic Permissions.