Rustango docs

Roles & permissions

Grant codenames to roles or users and check them.

Permissions are {table}.{action} codenames seeded per model. Assign them to roles (or directly to users) and check with has_perm. Superusers bypass all checks; explicit per-user denials win over role grants.

if has_perm(user_id, "article.change", &pool).await? {
    // allow edit
}

Seed defaults

ensure_seeded creates Viewer / Editor / Administrator roles per tenant so the permission matrix is usable immediately.