Permissions
The four permission modes and the approval workflow.
Every operation has a risk level (read / write / destructive) and irreversible flag declared in endpointMeta. Plugins can opt into one of four permission modes:
| Mode | Read | Write | Destructive |
|---|---|---|---|
open | allow | allow | allow |
cautious (default) | allow | allow | require approval |
strict | allow | require approval | require approval |
readonly | allow | block | block |
Approvals workflow
When an operation requires approval, the runtime:
- Generates a permission record (
pending) in thePermissionStore - Returns a
PermissionBlockedErrorto the caller with an approval token - Waits for the token to be resolved (
approvedordenied) - If approved, replays the operation; if denied, raises a denial error
const fabric = createFabric({
plugins: [
stripe({
apiKey: '...',
permissions: { mode: 'strict' },
}),
],
});
try {
await fabric.stripe.api.customers.delete({ id: 'cus_X' });
} catch (err) {
if (err.name === 'PermissionBlockedError') {
// err.token is the approval handle
}
}Approving from Studio
Fabric Studio's Approvals tab shows pending / completed / expired records with one-click approve and deny actions. See Studio docs.