Read permissions

Connect to your database and output all permissions as JSON.

gdpr dump -u postgres://user:pwd@localhost:5432/mydb

Dump your permissions to yaml with -o yaml. You can save your output by redirecting to a file.

gdpr dump -o yaml > permissions.yaml

You can dump permissions in these formats:

-o json – currently disabled
-o yaml – currently disabled
-o dot – graphviz' dot format
-o graphml – graphml. E.g. for use with yEd Live

Inspect specific tables & columns

Dump a specific resource like this. Use --resource or -r.

gdpr dump -r table_name.field_name

GDPR supports wildcards in --resource arguments. You must wrap resources with wildcards in "" or ''.

Chain multiple --resource.

gdpr dump -r "table_name.field_*" -r "directus_*"

Output format

GDPR deduplicates equal permissions and validations if they belong to multiple roles.

The format used by GDPR looks like this (for table_name.field_name)

field_name:
  create:
  - roles:
    - role_name
    - role_name_2
    permissions:
    - _and:
      - field_name:
        _ncontains: dirtyword
      - id:
        - lt: 50
  read:
  - roles:
    - role_name
    permissions:
    - _and:
      - id:
        - lt: 50
  update:
  - roles:
    - role_name
    permissions:
    - _and:
      - id:
        - lt: 50
    validation:
    - _and:
      - field_name:
        _ncontains: dirtyword
  delete:
  share:

If you use option --simple (TODO: find better option name) you can simply display the CRUD actions as:

field_name:
  create: role_name, role_name_2
  read: role_name
  update: role_name
  delete:
  share:

Edit this page on GitHub

How to build

UseUpdate permissions