Skip to content
CFast CFast

can

can<TTables>(grants, action, table): boolean

Defined in: packages/permissions/src/can.ts:43

Checks whether a set of resolved grants permits a specific action on a table.

Unlike checkPermissions (which takes a role string and the full permissions object), can works directly with the user’s resolved grants — the same grants available in loaders, actions, and client-side via useActions.

Accepts either a Drizzle table object or a string table name. The two forms are interchangeable and resolve to the same underlying key. To get compile-time validation that a string table name actually exists in your schema, supply the schema map as a generic argument: can<typeof schema>(...).

Type Parameters

Section titled “Type Parameters”

TTables

Section titled “TTables”

TTables extends SchemaMap = SchemaMap

Optional schema map (e.g. typeof schema) used to constrain string subjects to known table-name literals.

Parameters

Section titled “Parameters”

grants

Section titled “grants”

Grant[]

The user’s resolved permission grants.

action

Section titled “action”

PermissionAction

The permission action to check (e.g., "create", "read").

table

Section titled “table”

SubjectInput<TTables>

The Drizzle table object or string table name to check against.

Returns

Section titled “Returns”

boolean

true if any grant permits the action on the table.

Example

Section titled “Example”
import { can } from "@cfast/permissions";
import * as schema from "../db/schema";


// Object form (always works)
if (!can(ctx.auth.grants, "create", schema.posts)) throw redirect("/");


// String form (always allowed; type-checked when a schema generic is supplied)
if (!can<typeof schema>(ctx.auth.grants, "create", "posts")) throw redirect("/");


// In a component
{can(grants, "update", schema.posts) && <Button>Edit</Button>}