Routing and Permissions
Static routes are registered at startup and are public by default. Remove the demo /test route before release. After login, the user store converts a flat backend menu into a tree and registers it below the main Layout.
Menu fields
| Field | Meaning |
|---|---|
id, parent_id | Tree relationships |
path, name, title | Route path, unique name, and label |
component | Path relative to src/views/ |
redirect | Optional redirect |
icon | Globally registered icon name |
is_hide | Hide from the menu when Y |
is_iframe, link | iframe route and destination |
fixed_tab | Fixed tab and possible home target |
action_list | Allowed actions for the current route |
Action permissions
vue
<n-button v-auth="'create'">Create</n-button>
<n-button v-auth="['update', 'delete']">Manage</n-button>
<n-button v-auth="'UserList:export'">Export</n-button>Use auth() in script code and the auth option in useRowActions. These controls only affect the interface; the backend must authorize every request.