See Bailiff in action

A step-by-step walkthrough of going from hard-coded checks to clean roles, groups, folders, and feature flags.

Watch the 60s Walkthrough
Try the Playground Book a Migration Review
Step 1

Define Roles & Resource Types

Create roles globally (Admin, Editor, Viewer). Permissions are resource-type specific — define what each role can do on Repository, Document, etc.

// No more of this:
if (user.role === 'admin') { ... }

Roles (Global)

Admin
Editor
Viewer

Permissions on Repository

Admin role →
can_view can_edit can_delete
Editor role →
can_view can_edit can_delete
Step 2

Create Resources & Assign Roles

Create resources (like repositories, documents). Then assign users to roles on those specific resources.

// Create a resource
await bailiff.create('repo:backend-api', 'Repository');
// Assign user to role on resource
await bailiff.assign(user, 'admin', 'repo:backend-api');

Resources

📦
repo:backend-api
Repository
3 users
📄
doc:spec-v2
Document
1 user

Assign Roles on repo:backend-api

Who has what role on this resource?

JD
John Doe
john@example.com
Admin
AS
Alice Smith
alice@example.com
Editor
Step 3

Test Permissions

Call check() in your code. Use the Audit Pane to see exactly why access was granted or denied.

// Your code stays clean:
if (await bailiff.check(user, 'edit', doc))
Trace ID: req_8f72a1
Allowed
1
Check Request
alice@example.com wants to EDIT document:123
2
Role Lookup
User has role 'Editor' on Team A
Permission Found
Role 'Editor' grants 'can_edit'
Step 4

Control features, plans, and shared folders

Feature Flags

Gate features like advanced_reporting by plan or user segment.

Google Docs-style sharing

Share a folder with a team. All documents inside inherit access automatically.

Feature Flag Logic

// Check if user has feature enabled
if (await bailiff.check(user, 'view', 'feature:reporting')) {
showReportingDashboard();
}

Folder Inheritance

📂
Marketing Folder
Team Access
Inherits
📄
Q3 Strategy
Accessible

Ready to try it on your product?

Explore these patterns live in the playground or book a migration review.

Try the Playground Book a Migration Review