Role based access control (aka RBAC)

[oliviertassinari]

Summary 💡

In order to build a license key debugging for MUI X, I need to connect to the WooCommerce database or API. This includes sensitive data and actions. I would like to limit the scope to who can use the query, and who can modify it (accessing secrets, etc.)

Examples 🌈

• https://docs.budibase.com/docs/user-roles
• https://docs.retool.com/docs/user-permissions#managing-resource-permissions
• https://docs.appsmith.com/core-concepts/access-control
• https://docs.oracle.com/database/apex-18.1/HTMDB/managing-roles-and-user-assignments.htm#HTMDB-GUID-F38382D2-C292-48D3-89A8-4C1D2275BD11
• https://docs.forestadmin.com/user-guide/project-settings/teams-and-users/manage-roles
• https://docs.strapi.io/user-docs/latest/users-roles-permissions/introduction-to-users-roles-permissions.html

Motivation 🔦

This feature, on its own, would make using Toolpad a lot more valuable than pro code. It acts as a custom backend.

• [x] Control access to pages in phase-1. Docs: https://mui.com/toolpad/concepts/rbac/
• [ ] Extend it to queries and actions in phase-2.

[prakhargupta1]

In Phase-1, we can do a simple role based access control that applies to each App and not to the underlying queries or connections. Removing Queries and Connections labels.

[prakhargupta1]

I am marking it done. We'll open new issues for future enhancements.