Game Framework
Security & Access Control

RBAC System

Game Framework uses Role-Based Access Control (RBAC) for fine-grained access management.

Overview

RBAC provides:

  • 4 default roles (Owner, Developer, Tester, Viewer)
  • 40+ permissions across 8 categories
  • Role inheritance for simplified management
  • Custom roles (Enterprise)

Permission Model

Permission Categories

  1. Packages - Create, edit, delete packages
  2. Versions - Publish and manage versions
  3. Artifacts - Upload and download files
  4. Webhooks - Configure integrations
  5. API Keys - Manage authentication
  6. Downloads - Track usage
  7. Workspace - Workspace settings
  8. Members - Team management

Permission Format

category.action

Examples:

  • packages.create
  • versions.publish
  • artifacts.upload

How It Works

graph LR
    User[User] --> Role[Role]
    Role --> Permissions[Permissions]
    Permissions --> Resource[Resource Access]

When a user attempts an action:

  1. System checks user's role
  2. Retrieves role permissions
  3. Verifies permission for action
  4. Allows or denies request

Checking Permissions

# Get your permissions
curl https://registry.yourcompany.com/v1/me/permissions \
  -H "Authorization: Bearer $TOKEN"

Best Practices

  1. Least Privilege - Grant minimum necessary permissions
  2. Regular Reviews - Audit roles quarterly
  3. Document Assignments - Track why users have roles
  4. Use Appropriate Roles - Don't make everyone Owner

Next Steps

Security Overview

Game Framework security features and best practices

API Keys

Creating and managing API keys

On this page

RBAC SystemOverviewPermission ModelPermission CategoriesPermission FormatHow It WorksChecking PermissionsBest PracticesNext Steps