SquizyAppearance
Authorities
Authorities are the finest-grained permissions in Squizy. They are auto-generated by the framework based on your entity model — you do not create them manually.
Generated Authorities
For each @SquizyEntity, Squizy generates the following authorities:
| Authority | Description | Write |
|---|---|---|
{entity}.create | Create new records | Yes |
{entity}.read | Read records | No |
{entity}.update | Update existing records | Yes |
{entity}.delete | Delete records | Yes |
{entity}.export | Export data to CSV | No |
{entity}.audit | View revision history | No |
{entity}.readSensitive | Read fields marked with @SensitiveField | No |
For example, a Product entity generates: Product.create, Product.read, Product.update, Product.delete, Product.export, Product.audit, Product.readSensitive.
Custom Authorities
The only way to introduce non-standard authorities is through the @SensitiveField annotation with a custom authorityName:
java
@SensitiveField(authorityName = "readOrderCardNumber")
private String cardNumber;This creates a custom authority (readOrderCardNumber) that must be assigned to roles via the UI, just like any auto-generated authority.
Assigning Authorities
Authorities are not assigned directly to users. Instead, they are grouped into Roles, which are then assigned to users. App Tokens are different — they have authorities assigned directly, without going through roles.
See RBAC for how the resolution works at runtime.