Skip to main content
import { withStytchPermissions } from '@stytch/react';

const MyComponent = (props) => {
  const canEditDocuments = props.stytchPermissions['document']['edit'];

  const editDocument = () => {
    /* ... */
  };

  return (
    <button disabled={!canEditDocuments} onClick={editDocument}>
      Edit Document
    </button>
  );
};

export default withStytchPermissions(MyComponent);

{
    "stytch_permissions": {
      "documents": {
        "edit": false,
        "read": true,
      },
      "images": {
        "create": false,
        "view": true,
      },
    },
}
rbac.allPermissions is an asynchronous method that returns the complete list of permissions assigned to the currently logged-in User. If the User is not logged in, all values will be false.
As a best practice, authorization checks for sensitive actions should also occur on the backend.

Response

permissions
Promise<Record<RoleId, Record<Action, boolean>>>
required
A promise that resolves to a map of all permissions assigned to the currently logged-in User.The key is the human-readable ID of the role, and the value is a map of all actions for the given role. The boolean value signifies whether the User has permission (true) or not (false) to perform the specified action.