Roles Overview

The Role Object
Permission Categories
Administrative Resources
Development Resources
Content Resources
Inherited Permissions
Example Role Object
Permission Computation

Roles define sets of permissions that can be assigned to users, controlling their access to various features and resources within Metabind. Users follow a pure Role-Based Access Control (RBAC) model where permissions are never stored directly on user objects.

The Role Object

string

Unique identifier (UUID)

name

string

Role name (e.g., “editor”, “developer”)

description

string

Role description

permissions

object

Permission settings for each resource type

createdAt

string

Creation timestamp (ISO 8601 format)

updatedAt

string

Last update timestamp (ISO 8601 format)

Permission Categories

Roles control access to 10 resource types, each with specific actions:

Administrative Resources

Resource	Actions	Description
`organizations`	read, update, delete	Organization settings access
`projects`	create, read, update, delete	Project management
`users`	create, read, update, delete	User management
`roles`	create, read, update, delete	Role management
`apiKeys`	create, read, update, delete	API key management

Development Resources

Resource	Actions	Description
`components`	create, read, update, delete	Component development
`packages`	create, read, update, delete	Package publishing
`contentTypes`	create, read, update, publish, delete	Content type management

Content Resources

Resource	Actions	Description
`content`	create, read, update, publish, delete	Content management
`assets`	create, read, update, delete	Asset management

Content and content types have a separate publish permission, allowing editorial workflows where users can create and update drafts but not publish.

Inherited Permissions

Certain organizational features inherit permissions from related core resources:

Collections: Inherit from components permissions
Folders: Inherit from the resources they organize
Saved Searches: Inherit from content and assets permissions
Tags: Inherit from content and assets permissions
Preview Links: Inherit from source resource permissions

Example Role Object

{
  "id": "role123",
  "name": "editor",
  "description": "Content management with publishing rights",
  "permissions": {
    "organizations": {
      "read": true,
      "update": false,
      "delete": false
    },
    "projects": {
      "create": false,
      "read": true,
      "update": false,
      "delete": false
    },
    "users": {
      "create": false,
      "read": false,
      "update": false,
      "delete": false
    },
    "roles": {
      "create": false,
      "read": false,
      "update": false,
      "delete": false
    },
    "apiKeys": {
      "create": false,
      "read": false,
      "update": false,
      "delete": false
    },
    "components": {
      "create": false,
      "read": true,
      "update": false,
      "delete": false
    },
    "packages": {
      "create": false,
      "read": true,
      "update": false,
      "delete": false
    },
    "contentTypes": {
      "create": false,
      "read": true,
      "update": false,
      "publish": false,
      "delete": false
    },
    "content": {
      "create": true,
      "read": true,
      "update": true,
      "publish": true,
      "delete": true
    },
    "assets": {
      "create": true,
      "read": true,
      "update": true,
      "delete": true
    }
  },
  "createdAt": "2024-03-20T10:00:00Z",
  "updatedAt": "2024-03-20T10:00:00Z"
}

Permission Computation

When checking a user’s permissions:

All roles assigned to the user are retrieved
Permissions from all roles are merged using OR logic
If any role grants a permission, the user has that permission

This allows flexible role composition where users can have multiple specialized roles.

Delete Tag List Roles

⌘I

Getting Started

API Basics

Saved Searches

Folders

Components

Component Assets

Collections

Packages

Draft Packages

Content Types

Content

Assets

Asset Searching

Tags

Roles

Projects

API Keys

The Role Object

Permission Categories

Administrative Resources

Development Resources

Content Resources

Inherited Permissions

Example Role Object

Permission Computation

Getting Started

API Basics

Saved Searches

Folders

Components

Component Assets

Collections

Packages

Draft Packages

Content Types

Content

Assets

Asset Searching

Tags

Roles

Projects

API Keys

​The Role Object

​Permission Categories

​Administrative Resources

​Development Resources

​Content Resources

​Inherited Permissions

​Example Role Object

​Permission Computation

The Role Object

Permission Categories

Administrative Resources

Development Resources

Content Resources

Inherited Permissions

Example Role Object

Permission Computation