Merge pull request #706 from supertokens/dashboard-permissions

Add docs explaining how to manage access for user dashboard users

v2/emailpassword/custom-ui/init/dashboard.mdx

@@ -168,6 +168,96 @@ You can edit user information and perform actions such as resetting a user's pas
 Some features such as user metadata and email verification have to be enabled in your backend before you can use them in the user management dashboard
 :::
 
+## Restricting access to dashboard users
+
+When using the dashboard recipe you can restrict access to certain features by providing a list of emails to be considered as "admins". When a dashboard user logs in with an email not present in this list, they will only be able to perform read operations and all write operations will result in the backend SDKs failing the request.
+
+You can provide an array of emails to the backend SDK when initialising the dashboard recipe:
+
+:::important
+- Not providing an admins array will result in all dashboard users being allowed both read and write operations
+- Providing an empty array as admins will result in all dashboard users having ONLY read access
+:::
+
+<BackendSDKTabs>
+<TabItem value="nodejs">
+
+```tsx
+import SuperTokens from "supertokens-node";
+import Dashboard from "supertokens-node/recipe/dashboard";
+
+SuperTokens.init({
+  appInfo: {
+    apiDomain: "...",
+    appName: "...",
+    websiteDomain: "...",
+  },
+  recipeList: [
+    // TODO: Initialise other recipes
+    // highlight-start
+    Dashboard.init({
+      admins: [
+        "[email protected]",
+      ],
+    }),
+    // highlight-end
+  ],
+});
+```
+
+</TabItem>
+<TabItem value="go">
+
+```go
+import (
+	"github.com/supertokens/supertokens-golang/recipe/dashboard"
+	"github.com/supertokens/supertokens-golang/supertokens"
+  "github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+)
+
+func main() {
+  supertokens.Init(supertokens.TypeInput{
+      RecipeList: []supertokens.Recipe{
+        // TODO: Initialise other recipes
+        // highlight-start
+        dashboard.Init(&dashboardmodels.TypeInput{
+          Admins: &[]string{
+            "[email protected]",
+          },
+        }),
+        // highlight-end
+      },
+  });
+}
+```
+
+</TabItem>
+<TabItem value="python">
+
+```python
+from supertokens_python import init, InputAppInfo
+from supertokens_python.recipe import dashboard
+
+init(
+    app_info=InputAppInfo(
+        api_domain="...", app_name="...", website_domain="..."),
+    framework='...',  # type: ignore
+    recipe_list=[
+        # TODO: Initialise other recipes
+        # highlight-start
+        dashboard.init(
+          admins=[
+            "[email protected]",
+          ],
+        ),
+        # highlight-end
+    ]
+)
+```
+
+</TabItem>
+</BackendSDKTabs>
+
 ## Content Security Policy
 
 If you return a `Content-Security-Policy` header in from your backend, you will need to include the following directives for the user management dashboard to work correctly

v2/emailpassword/pre-built-ui/setup/dashboard.mdx

@@ -168,6 +168,96 @@ You can edit user information and perform actions such as resetting a user's pas
 Some features such as user metadata and email verification have to be enabled in your backend before you can use them in the user management dashboard
 :::
 
+## Restricting access to dashboard users
+
+When using the dashboard recipe you can restrict access to certain features by providing a list of emails to be considered as "admins". When a dashboard user logs in with an email not present in this list, they will only be able to perform read operations and all write operations will result in the backend SDKs failing the request.
+
+You can provide an array of emails to the backend SDK when initialising the dashboard recipe:
+
+:::important
+- Not providing an admins array will result in all dashboard users being allowed both read and write operations
+- Providing an empty array as admins will result in all dashboard users having ONLY read access
+:::
+
+<BackendSDKTabs>
+<TabItem value="nodejs">
+
+```tsx
+import SuperTokens from "supertokens-node";
+import Dashboard from "supertokens-node/recipe/dashboard";
+
+SuperTokens.init({
+  appInfo: {
+    apiDomain: "...",
+    appName: "...",
+    websiteDomain: "...",
+  },
+  recipeList: [
+    // TODO: Initialise other recipes
+    // highlight-start
+    Dashboard.init({
+      admins: [
+        "[email protected]",
+      ],
+    }),
+    // highlight-end
+  ],
+});
+```
+
+</TabItem>
+<TabItem value="go">
+
+```go
+import (
+	"github.com/supertokens/supertokens-golang/recipe/dashboard"
+	"github.com/supertokens/supertokens-golang/supertokens"
+  "github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+)
+
+func main() {
+  supertokens.Init(supertokens.TypeInput{
+      RecipeList: []supertokens.Recipe{
+        // TODO: Initialise other recipes
+        // highlight-start
+        dashboard.Init(&dashboardmodels.TypeInput{
+          Admins: &[]string{
+            "[email protected]",
+          },
+        }),
+        // highlight-end
+      },
+  });
+}
+```
+
+</TabItem>
+<TabItem value="python">
+
+```python
+from supertokens_python import init, InputAppInfo
+from supertokens_python.recipe import dashboard
+
+init(
+    app_info=InputAppInfo(
+        api_domain="...", app_name="...", website_domain="..."),
+    framework='...',  # type: ignore
+    recipe_list=[
+        # TODO: Initialise other recipes
+        # highlight-start
+        dashboard.init(
+          admins=[
+            "[email protected]",
+          ],
+        ),
+        # highlight-end
+    ]
+)
+```
+
+</TabItem>
+</BackendSDKTabs>
+
 ## Content Security Policy
 
 If you return a `Content-Security-Policy` header in from your backend, you will need to include the following directives for the user management dashboard to work correctly

v2/passwordless/custom-ui/init/dashboard.mdx

@@ -168,6 +168,96 @@ You can edit user information and perform actions such as resetting a user's pas
 Some features such as user metadata and email verification have to be enabled in your backend before you can use them in the user management dashboard
 :::
 
+## Restricting access to dashboard users
+
+When using the dashboard recipe you can restrict access to certain features by providing a list of emails to be considered as "admins". When a dashboard user logs in with an email not present in this list, they will only be able to perform read operations and all write operations will result in the backend SDKs failing the request.
+
+You can provide an array of emails to the backend SDK when initialising the dashboard recipe:
+
+:::important
+- Not providing an admins array will result in all dashboard users being allowed both read and write operations
+- Providing an empty array as admins will result in all dashboard users having ONLY read access
+:::
+
+<BackendSDKTabs>
+<TabItem value="nodejs">
+
+```tsx
+import SuperTokens from "supertokens-node";
+import Dashboard from "supertokens-node/recipe/dashboard";
+
+SuperTokens.init({
+  appInfo: {
+    apiDomain: "...",
+    appName: "...",
+    websiteDomain: "...",
+  },
+  recipeList: [
+    // TODO: Initialise other recipes
+    // highlight-start
+    Dashboard.init({
+      admins: [
+        "[email protected]",
+      ],
+    }),
+    // highlight-end
+  ],
+});
+```
+
+</TabItem>
+<TabItem value="go">
+
+```go
+import (
+	"github.com/supertokens/supertokens-golang/recipe/dashboard"
+	"github.com/supertokens/supertokens-golang/supertokens"
+  "github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+)
+
+func main() {
+  supertokens.Init(supertokens.TypeInput{
+      RecipeList: []supertokens.Recipe{
+        // TODO: Initialise other recipes
+        // highlight-start
+        dashboard.Init(&dashboardmodels.TypeInput{
+          Admins: &[]string{
+            "[email protected]",
+          },
+        }),
+        // highlight-end
+      },
+  });
+}
+```
+
+</TabItem>
+<TabItem value="python">
+
+```python
+from supertokens_python import init, InputAppInfo
+from supertokens_python.recipe import dashboard
+
+init(
+    app_info=InputAppInfo(
+        api_domain="...", app_name="...", website_domain="..."),
+    framework='...',  # type: ignore
+    recipe_list=[
+        # TODO: Initialise other recipes
+        # highlight-start
+        dashboard.init(
+          admins=[
+            "[email protected]",
+          ],
+        ),
+        # highlight-end
+    ]
+)
+```
+
+</TabItem>
+</BackendSDKTabs>
+
 ## Content Security Policy
 
 If you return a `Content-Security-Policy` header in from your backend, you will need to include the following directives for the user management dashboard to work correctly

v2/passwordless/pre-built-ui/setup/dashboard.mdx

@@ -168,6 +168,96 @@ You can edit user information and perform actions such as resetting a user's pas
 Some features such as user metadata and email verification have to be enabled in your backend before you can use them in the user management dashboard
 :::
 
+## Restricting access to dashboard users
+
+When using the dashboard recipe you can restrict access to certain features by providing a list of emails to be considered as "admins". When a dashboard user logs in with an email not present in this list, they will only be able to perform read operations and all write operations will result in the backend SDKs failing the request.
+
+You can provide an array of emails to the backend SDK when initialising the dashboard recipe:
+
+:::important
+- Not providing an admins array will result in all dashboard users being allowed both read and write operations
+- Providing an empty array as admins will result in all dashboard users having ONLY read access
+:::
+
+<BackendSDKTabs>
+<TabItem value="nodejs">
+
+```tsx
+import SuperTokens from "supertokens-node";
+import Dashboard from "supertokens-node/recipe/dashboard";
+
+SuperTokens.init({
+  appInfo: {
+    apiDomain: "...",
+    appName: "...",
+    websiteDomain: "...",
+  },
+  recipeList: [
+    // TODO: Initialise other recipes
+    // highlight-start
+    Dashboard.init({
+      admins: [
+        "[email protected]",
+      ],
+    }),
+    // highlight-end
+  ],
+});
+```
+
+</TabItem>
+<TabItem value="go">
+
+```go
+import (
+	"github.com/supertokens/supertokens-golang/recipe/dashboard"
+	"github.com/supertokens/supertokens-golang/supertokens"
+  "github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+)
+
+func main() {
+  supertokens.Init(supertokens.TypeInput{
+      RecipeList: []supertokens.Recipe{
+        // TODO: Initialise other recipes
+        // highlight-start
+        dashboard.Init(&dashboardmodels.TypeInput{
+          Admins: &[]string{
+            "[email protected]",
+          },
+        }),
+        // highlight-end
+      },
+  });
+}
+```
+
+</TabItem>
+<TabItem value="python">
+
+```python
+from supertokens_python import init, InputAppInfo
+from supertokens_python.recipe import dashboard
+
+init(
+    app_info=InputAppInfo(
+        api_domain="...", app_name="...", website_domain="..."),
+    framework='...',  # type: ignore
+    recipe_list=[
+        # TODO: Initialise other recipes
+        # highlight-start
+        dashboard.init(
+          admins=[
+            "[email protected]",
+          ],
+        ),
+        # highlight-end
+    ]
+)
+```
+
+</TabItem>
+</BackendSDKTabs>
+
 ## Content Security Policy
 
 If you return a `Content-Security-Policy` header in from your backend, you will need to include the following directives for the user management dashboard to work correctly

v2/src/plugins/codeTypeChecking/goEnv/go.mod

@@ -9,7 +9,7 @@ require (
 	github.com/go-chi/cors v1.2.1
 	github.com/gorilla/handlers v1.5.1
 	github.com/gorilla/mux v1.8.0
-	github.com/supertokens/supertokens-golang v0.12.11-0.20230814151216-eb760d701836
+	github.com/supertokens/supertokens-golang v0.14.0
 )
 
 require (