Skip to main content

Tool Role Management

Role-based access control (RBAC) system for managing user roles and permissions.

Overview

Role management enables organizing permissions into reusable roles with inheritance.

Usage

See Tool Permissions for detailed role configuration.

from recoagent.tools import PermissionManager, Role, Permission, PermissionLevel

pm = PermissionManager()

# Create role
admin_role = Role(
    name="admin",
    description="Administrator with full access",
    permissions=[
        Permission("*", ResourceType.TOOL, PermissionLevel.ADMIN)
    ]
)

# Add role
pm.add_role(admin_role)

# Assign role to user
pm.assign_role("user123", "admin")

Role Hierarchy

Roles can inherit from other roles:

power_user = Role(
    name="power_user",
    inherits_from=["basic_user"],
    permissions=[...]
)

Best Practices

  1. Use Role Hierarchy: Organize roles in hierarchy
  2. Group Permissions: Group related permissions in roles
  3. Regular Reviews: Review role assignments regularly