spotty-amberS
Refine3y ago
26 replies
spotty-amber

Access control using cerbos throws TypeError: cyclic object value

I am using cerbos for access control and it only checks for dashboard resource all other routes are not checked. Am I missing something? I have followed the example code of cerbos from https://github.com/refinedev/refine/tree/master/examples/access-control-cerbos

This example works fine but when I do same on my project it only checks for dashboard page. Here is my refine App.tsx setup for accessControlProvider

<Refine
  // other options 
  accessControlProvider={{
    can: async ({ action, params, resource }) => {
        const result = await cerbos.checkResource({
            principal: {
                id: "123", // Fake a user ID
                roles: [role],
                policyVersion: "default",
                // this is where user attributes can be passed
                attributes: {
                  is_verified: user?.is_verified ?? false,
                },
            },
            resource: {
                kind: resource,
                policyVersion: "default",
                id: params?.id + "" || "new",
                attributes: params,
            },
            // the list of actions on the resource to check authorization for
            actions: [action],
        });
        return Promise.resolve({
            can: result.isAllowed(action) || false,
        });
    },
  }}
/>
GitHub
refine/examples/access-control-cerbos at master · refinedev/refine
Build your React-based CRUD applications, without constraints. - refine/examples/access-control-cerbos at master · refinedev/refine
refine/examples/access-control-cerbos at master · refinedev/refine
Was this page helpful?