Conditions

Conditions allow granular control over when a permission applies. They are written as JSON arrays of objects, where every condition described in the array must be true.

note

More conditions are being added all the time. If you want a specific condition, let us know at inquiries@archon.inc

Syntax

Conditions are JSON arrays of objects. They look like the following

[
	{
		"condition": "--the name of the condition--",
		// other condition arguments go here...
	}
]

All conditions in the array must be true for the permission to apply

Context available to conditions

Conditions can use variable substitution to describe complicated control schemes. For example, a condition may use {{user.uuid}} to get the UUID of the user that the permission is being evaluated for.

The following is available for variable substitutions

user: The user that the permission check is being performed for
- username (string)
- uuid (string)
role: The role of the user above
- name (string)
- privileged (boolean)
resource: The resource being accessed
- arid (string)
- metadata (object)

Available conditions

`matches`

Is true when first and second are exactly equal

{
	"condition": "matches",
	"first": "--value one--",
	"second": "--value two--"
}

Syntax​

Context available to conditions​

Available conditions​

matches​

Syntax

Context available to conditions

Available conditions

`matches`