Role-Based Access Control
0/6 steps0%

Step 1 of 6

Define roles and the permission matrix

Enforcement needs a truth table - write it before code.

First time here? Paste the Context Pack first so the AI understands your project - open it from the header above.

Prompt Capsule
Define the RBAC spec. List: the role set (e.g. admin, member, viewer) and a default role for new users; a permission matrix table of every sensitive action (manage users, edit content, delete records, view admin pages, change settings) versus each role with allow/deny; where the role is stored (user record, server-side) and how the backend reads it (from the session, never the request body).
Paste into EmergentFull Build: complete implementation prompt with explicit requirements

Quick is short. Full Build is recommended for most steps. Strict forces real logic when the AI keeps faking output.

Actual change check

Expected after this step

A complete role list and action-by-role permission matrix.

Should NOT happen

  • An existing feature broke
  • A button only logs to console
  • Data disappears after refresh
  • Errors fail silently with no visible state

This is what should exist before you continue. If reality does not match, do not move on.

Track what changed, failed, or needs follow-up. Notes export with the flow.

Made with Emergent