> For the complete documentation index, see [llms.txt](https://docs.prestd.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.prestd.com/get-started/permissions.md). # Permissions This guide will allow you to understand how `pREST` to understand and manage your table's permission management and how you can tailor it to your needs by using the `prest.toml` file. ## Restrict mode The `prest.toml` file allows you to configure each table's read/write/delete permissions. ```toml [access] restrict = true # can access only the tables listed below ``` `restrict = false`: (default) The pREST will serve in public mode. You can write/read/delete every data without configuring permissions. `restrict = true`: you need to configure the permissions of all tables. ## Ignore table If you need to ignore restricted access mode for some tables, you can use the `ignore_table` option, it receives a string list with the names of the tables to be *"ignored"*, by **default,** is an empty list `[]`. ```toml [access] restrict = true ignore_table = ["news"] ``` ## Table permissions Example: ```toml [[access.tables]] name = "test" permissions = ["read", "write", "delete"] fields = ["id", "name"] ``` Multiple configurations for the same table: ```toml [access] restrict = true # can access only the tables listed below [[access.tables]] name = "test" permissions = ["read"] fields = ["id", "name"] [[access.tables]] name = "test" permissions = ["write"] fields = ["name"] ``` | attribute | description | | ----------- | -------------------------------------------------------- | | name | Table name | | permissions | Table permissions. Options: `read`, `write` and `delete` | | fields | Exposed fields permitted for operations | ## Example configuration Configuration example: [prest.toml](https://github.com/prest/prest/blob/main/testdata/prest.toml) ```toml [auth] table = "prest_users" username = "username" password = "password" metadata = ["first_name", "last_name", "last_login"] [http] port = 3000 [cache] enabled = true [[cache.endpoints]] endpoint = "/prest/public/test" time = 5 [access] restrict = true # can access only the tables listed below [[access.tables]] name = "Reply" permissions = ["read", "write", "delete"] fields = ["id", "name"] [[access.tables]] name = "test" permissions = ["read", "write", "delete"] fields = ["id", "name"] [[access.tables]] name = "testarray" permissions = ["read", "write", "delete"] fields = ["id", "data"] [[access.tables]] name = "test2" permissions = ["read", "write", "delete"] fields = ["id", "name"] [[access.tables]] name = "test3" permissions = ["read", "write", "delete"] fields = ["id", "name"] [[access.tables]] name = "test4" permissions = ["read", "write", "delete"] fields = ["id", "name"] [[access.tables]] name = "test5" permissions = ["read", "write", "delete"] fields = ["*"] [[access.tables]] name = "test_readonly_access" permissions = ["read"] fields = ["id", "name"] [[access.tables]] name = "test_write_and_delete_access" permissions = ["write", "delete"] [[access.tables]] name = "test_list_only_id" permissions = ["read"] fields = ["id"] [[access.tables]] name = "test6" permissions = ["read", "write", "delete"] fields = ["nuveo", "name"] [[access.tables]] name = "view_test" permissions = ["read"] fields = ["player"] [[access.tables]] name = "test_group_by_table" permissions = ["read"] fields = ["id", "name", "age", "salary"] ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.prestd.com/get-started/permissions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.