Hosna Qasmei•4mo ago

Resources for Implementing User Roles

I'm looking to implement user roles for access control. Does anyone know if there are any specific resources, documentation, or best practices for setting up user roles with next.js, clerk and convex? How to intercept requests and check user roles Best practices for redirecting to role-appropriate routes Handling unauthorized access attempts

4 Replies

jamalsoueidan•4mo ago

Basic level: You create convex-helpers:

export const mutationWithUser = customMutation(
  mutation,
  customCtx(async (ctx) => {
    const user = await getAuthUserId(ctx);
    if (!user) {
      throw new ConvexError("User must be logged in.");
    }
    return { user };
  })
);

export const actionWithUser = customAction(
  action,
  customCtx(async (ctx) => {
    const user = await getAuthUserId(ctx);
    if (!user) {
      throw new ConvexError("User must be logged in.");
    }
    return { user };
  })
);

export const queryWithUser = customQuery(
  query,
  customCtx(async (ctx) => {
    const user = await getAuthUserId(ctx);
    if (!user) {
      throw new ConvexError("User must be logged in.");
    }
    return { user };
  })
);

export const mutationWithUser = customMutation(
  mutation,
  customCtx(async (ctx) => {
    const user = await getAuthUserId(ctx);
    if (!user) {
      throw new ConvexError("User must be logged in.");
    }
    return { user };
  })
);

export const actionWithUser = customAction(
  action,
  customCtx(async (ctx) => {
    const user = await getAuthUserId(ctx);
    if (!user) {
      throw new ConvexError("User must be logged in.");
    }
    return { user };
  })
);

export const queryWithUser = customQuery(
  query,
  customCtx(async (ctx) => {
    const user = await getAuthUserId(ctx);
    if (!user) {
      throw new ConvexError("User must be logged in.");
    }
    return { user };
  })
);

Then you can use these helpers and check if the user is logged in:

export const test= queryWithUser({ //queryWithUser to use the helper
  args: {},
  handler: async (ctx, args) => {
    console.log(ctx.user) // userID is available in the ctx
  },
});

export const test= queryWithUser({ //queryWithUser to use the helper
  args: {},
  handler: async (ctx, args) => {
    console.log(ctx.user) // userID is available in the ctx
  },
});

Hosna QasmeiOP•4mo ago

Would this work if I wanted an admin user, a staff user, a base user? I want each would see a different dashboard Was thinking about saving the role in the clerk meta data and the convex table

jamalsoueidan•4mo ago

There is many way to do it, I wrote a basic way...if you can do it without table it would be much better, but then you wouldn't be able to change the role while user is logged in, he must log out and log in again for meta to be updated...

jamalsoueidan•4mo ago

I found this while browsing, you might find it valuable, its based on the same exampel I give you earlier. https://stack.convex.dev/row-level-security

Row Level Security

Add row-level security to your database access by wrapping database reads and writes in your Convex serverless functions.

Resources for Implementing User Roles

Did you find this page helpful?