Access Control (Roles & Permissions)

Pragma CMS uses a granular Role-Based Access Control (RBAC) system to ensure that users only access the data and actions they are authorized for.

Roles & Capabilities

Roles: Logical groups of users (e.g., Administrator, Editor, Author).
Permissions: Specific strings (e.g., pages_create, settings_update) mapped to routes in the route cache.

Section Access

The CMS checks permissions at the Router level. When a route is matched, the router retrieves the required permission_key from the cache and stores it in $page->permission.

Developer Check:

To manually check for a permission in a custom controller or extension:

PHP

if (!UserManager::userHasPermission('my_custom_permission')) {
    displayError(statusCode: 403);
    exit;
}