BA
Better Auth4mo ago
coder2000

Checking permissions

I'm having some trouble understanding how hasPermission works. This is my code currently: 
import { createAccessControl } from 'better-auth/plugins/access';
import { defaultStatements, userAc } from 'better-auth/plugins/admin/access';

const statement = {
  ...defaultStatements,
  parent: ['create', 'read', 'update', 'delete'],
  child: ['create', 'read', 'update', 'delete'],
  caregiver: ['create', 'read', 'update', 'delete'],
} as const;

export const accessControl = createAccessControl(statement);

export const user = accessControl.newRole({ ...userAc.statements });

export const parent = accessControl.newRole({
  parent: ['create', 'read', 'update', 'delete'],
  child: ['create', 'read', 'update', 'delete'],
});

export const caregiver = accessControl.newRole({
  caregiver: ['create', 'read', 'update', 'delete'],
});
import { createAccessControl } from 'better-auth/plugins/access';
import { defaultStatements, userAc } from 'better-auth/plugins/admin/access';

const statement = {
  ...defaultStatements,
  parent: ['create', 'read', 'update', 'delete'],
  child: ['create', 'read', 'update', 'delete'],
  caregiver: ['create', 'read', 'update', 'delete'],
} as const;

export const accessControl = createAccessControl(statement);

export const user = accessControl.newRole({ ...userAc.statements });

export const parent = accessControl.newRole({
  parent: ['create', 'read', 'update', 'delete'],
  child: ['create', 'read', 'update', 'delete'],
});

export const caregiver = accessControl.newRole({
  caregiver: ['create', 'read', 'update', 'delete'],
});
import type { auth } from '@/auth';
import { env } from '@/env';
import {
  adminClient,
  customSessionClient,
  inferAdditionalFields,
} from 'better-auth/client/plugins';
import { createAuthClient } from 'better-auth/react';
import { accessControl, caregiver, parent, user } from './permissions';

export const authClient = createAuthClient({
  baseURL: env.BETTER_AUTH_URL,
  plugins: [
    inferAdditionalFields<typeof auth>(),
    customSessionClient<typeof auth>(),
    adminClient({ accessControl, roles: { parent, user, caregiver } }),
  ],
});

export const canCreateCaregiver = await authClient.admin.hasPermission({
  permissions: {
    caregiver: ['create'], // Getting an error that caregiver doesn't exist
  },
});

export const { signIn, signOut, useSession } = authClient;
import type { auth } from '@/auth';
import { env } from '@/env';
import {
  adminClient,
  customSessionClient,
  inferAdditionalFields,
} from 'better-auth/client/plugins';
import { createAuthClient } from 'better-auth/react';
import { accessControl, caregiver, parent, user } from './permissions';

export const authClient = createAuthClient({
  baseURL: env.BETTER_AUTH_URL,
  plugins: [
    inferAdditionalFields<typeof auth>(),
    customSessionClient<typeof auth>(),
    adminClient({ accessControl, roles: { parent, user, caregiver } }),
  ],
});

export const canCreateCaregiver = await authClient.admin.hasPermission({
  permissions: {
    caregiver: ['create'], // Getting an error that caregiver doesn't exist
  },
});

export const { signIn, signOut, useSession } = authClient;
export default async function CaregiverOnboardingPage() {
  const session = await auth.api.getSession({ headers: await headers() });

  if (!session?.user) {
    redirect("/login");
  }

  if (!canCreateCaregiver) {
    redirect("/dashboard");
  }

// Rest of the component
}
export default async function CaregiverOnboardingPage() {
  const session = await auth.api.getSession({ headers: await headers() });

  if (!session?.user) {
    redirect("/login");
  }

  if (!canCreateCaregiver) {
    redirect("/dashboard");
  }

// Rest of the component
}
Is this proper and why am I getting an error that my permission doesn't exist?
5 Replies
coder2000
coder2000OP4mo ago
If I do the check using the api call in my server component I get the same error.
Blank
Blank4mo ago
@coder2000 
export const authClient = createAuthClient({
  baseURL: process.env.BETTER_AUTH_URL,
  plugins: [
    inferAdditionalFields<typeof auth>(),
    customSessionClient<typeof auth>(),
    adminClient({ ac: accessControl, roles: { parent, user, caregiver } }),
  ],
});
export const authClient = createAuthClient({
  baseURL: process.env.BETTER_AUTH_URL,
  plugins: [
    inferAdditionalFields<typeof auth>(),
    customSessionClient<typeof auth>(),
    adminClient({ ac: accessControl, roles: { parent, user, caregiver } }),
  ],
});
its ac: accessControl
coder2000
coder2000OP4mo ago
Ok. But otherwise creating a constant with the permission response will work?
Blank
Blank4mo ago
I dont know, I dont use this plugin I just looked through the code and found your issue try what you want to do and tell me if it doesnt work
coder2000
coder2000OP4mo ago
No worries, thanks for the assist.

Did you find this page helpful?