Action References
ObjectPermissionCheckAction
ObjectPermissionCheckAction
Purpose Verify that the user has a specific permission on a concrete object instance (object-scoped permission).
When to use it
afterFetchInstanceorafterCheckInstance(instance is known)- Before update/delete operations that require instance-level rights
Key fields
| Field | Type | Notes |
|---|---|---|
permissionName | String | Required instance permission. |
readObjectIdFrom | MScript | Expression resolving to the instance ID. |
checkType | ApiCheckType | liveCheck / storedCheck. |
Behavior
- Uses direct object permissions and any inherited/ABAC rules your model defines.
- With
liveCheck, failure → 403 (absolute roles bypass).
Example
{
"id": "a230-object-perm",
"name": "requireEditPermissionOnProject",
"permissionName": "project.edit",
"readObjectIdFrom": "this.project?.id ?? this.projectId",
"checkType": "liveCheck"
}
Was this page helpful?
Built with Documentation.AI
Last updated Jan 3, 2026