Is it possible to create custom user roles with the current wasp auth? Such as non-admin staff
is it possible to create custom user roles without circumventing wasp auth?
For example, would it be possible to create staff accounts that aren't admin but can view pages that noraml users can't?
Am I overcomplicating this?
4 Replies
Hi @fred-123. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
----------------------
Yes, you can create custom user roles with Wasp's current auth system, but Wasp doesn't have built-in role-based access control (RBAC) yet. You'll need to implement this yourself.
The simplest approach is to add a
role
field to your User
entity and then check this value in your queries/actions to determine access permissions:
For more complex scenarios, you could create separate entities for roles and groups:
1. For fixed roles: Add a role
field to the User
entity and check its value
2. For dynamic user groups: Create a UserGroup
entity with an N-to-N relationship with User
This is standard app/database design and not specific to Wasp. As mentioned by a Wasp team member in Discord: "this is completely left to you at the moment. We do have plans to add a default support for it in Wasp, something like RBAC (role based access control), but that will be in the future versions of Wasp, not super soon." Discord support thread
If you need a working example, you can check out the open-saas template which already implements admin roles and an admin dashboard: <https://opensaas.sh/
You're not overcomplicating this - role-based access is a common requirement in many applications!
----------------------
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
----------------------
Sorry @fred-123, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist:
Perhaps try again in 15mins?Makes sense. Just thought there might be a wasp way of doing it since its somewhat related to auth.
Not at the moment, but we're thinking of implementing Multi-tenant and Role Based Auth in the future. Is that what youre looking for?
That's what I'm looking for 😄
+1 :boi: from me to support this future plan
I'm brooding over having to figure this out but would love to have "team" admins for my users & role based access within teams.