## `Frontend and Backend Separation` & `API Route` Permission CabloyJS is a framework of `frontend and backend separation`. The separation of frontend and backend puts forward higher requirements for permission control of backend `API routes`. Therefore, the core of permissions is to control the permissions of backend `API routes` ### Relationship between `Resource` and `API Route` The purpose of `API route` is to provide corresponding API service to the frontend, which is called `resource`. Therefore, one or more `API routes` correspond to one `resource` In practice, it is for `resource authorization`, and then specify which `resource` this route corresponds to in API route, so as to realize access control of API route For example, the resource of `tag management` includes the following groups of `API routes` `a-baseadmin/backend/src/routes.js` ``` javascript { method: 'post', path: 'tag/add', controller: 'tag', meta: { right: { type: 'resource', module: 'a-settings', name: 'settings' } }, }, { method: 'post', path: 'tag/save', controller: 'tag', meta: { right: { type: 'resource', module: 'a-settings', name: 'settings' } }, }, { method: 'post', path: 'tag/delete', controller: 'tag', meta: { right: { type: 'resource', module: 'a-settings', name: 'settings' } }, } ``` ### Resource Means More Generally speaking, `Resources` mainly manage `API routes` and `Menus`. In addition, `Resources` can also manage various `authenticable objects`, such as `sidebar panels` and `head buttons` in the PC layout, `widgets` in the dashboard, and so on. As a resource management, you can control different roles to use different resources through `Resource Authorization` ## Resource & Atom Because `Atom` itself has a lot of basic features, CabloyJS 4.0 implements an atom class: `resource`, which makes `resource` easy to use and expand `src/module-system/a-base-sync/backend/src/meta.js` ``` javascript const meta = { base: { atoms: { resource: { info: { bean: 'resource', title: 'Resource', tableName: 'aResource', tableNameModes: { }, category: true, tag: true, }, }, }, }, }; ``` ## **Features** Because the `resource` itself is an `atom class,` it has the following features: 1\. Support `sorting`: adjust the display order of resources 2\. Support `category`: the display order of the directory can be adjusted, and the hidden directory can be set 3\. Support `tag` 4\. Support `static atom`: it can provide built-in resources, provide initial authorization, and realize version control 5\. Any business module can provide its own `resource type`, which is automatically included in the unified management structure of resources