PermissionAction

Represents a standardized action (read, write, create, update, delete, execute, approve) that can be performed on resources. Provides a controlled vocabulary for authorization rules with risk levels and audit requirements.

7 properties

Schema

Properties

Property	Type	Mode	Description	Required
name	string	stored	Unique identifier for the action (e.g., 'read', 'write', 'create', 'update', 'delete', 'execute', 'approve', 'manage') Example: `"read"`	Required
label	string	stored	Human-readable display name for the action Example: `"Read"`	Required
description	string	stored	Detailed description of what this action represents Example: `"Allows viewing and reading data without modification capabilities"`	Optional
riskLevel	string	stored	Risk assessment level for this action (low, medium, high, critical) Values: `low, medium, high, critical` Example: `"low"`	Optional
requiresAudit	boolean	stored	Whether operations using this action should be audited	Optional
isDestructive	boolean	stored	Whether this action modifies or destroys data (true for delete, write, update)	Optional
order	number	stored	Display order for sorting actions in UI Example: `1`	Optional

Examples

Example 1

{
  "@type": "PermissionAction",
  "name": "read",
  "label": "Read",
  "description": "View and read data without modification capabilities",
  "riskLevel": "low",
  "requiresAudit": false,
  "isDestructive": false,
  "order": 1
}

Example 2

{
  "@type": "PermissionAction",
  "name": "create",
  "label": "Create",
  "description": "Create new records or resources",
  "riskLevel": "medium",
  "requiresAudit": true,
  "isDestructive": false,
  "order": 2
}

Example 3

{
  "@type": "PermissionAction",
  "name": "update",
  "label": "Update",
  "description": "Modify existing records or resources",
  "riskLevel": "medium",
  "requiresAudit": true,
  "isDestructive": true,
  "order": 3
}

Example 4

{
  "@type": "PermissionAction",
  "name": "delete",
  "label": "Delete",
  "description": "Remove or destroy records or resources",
  "riskLevel": "high",
  "requiresAudit": true,
  "isDestructive": true,
  "order": 4
}

Example 5

{
  "@type": "PermissionAction",
  "name": "execute",
  "label": "Execute",
  "description": "Execute operations, run processes, or trigger workflows",
  "riskLevel": "medium",
  "requiresAudit": true,
  "isDestructive": false,
  "order": 5
}

Example 6

{
  "@type": "PermissionAction",
  "name": "approve",
  "label": "Approve",
  "description": "Approve or authorize business transactions and decisions",
  "riskLevel": "high",
  "requiresAudit": true,
  "isDestructive": false,
  "order": 6
}

Example 7

{
  "@type": "PermissionAction",
  "name": "manage",
  "label": "Manage",
  "description": "Full management capabilities including all CRUD operations and configuration",
  "riskLevel": "critical",
  "requiresAudit": true,
  "isDestructive": true,
  "order": 7
}