Access Control
Access control is metadata-driven. Each document declares an access_tier, and the renderer checks the current user's tier and extension permissions before showing the page body.
Default tiers
| Tier | Rank | Visibility | Meaning |
|---|---|---|---|
public | 0 | public | Everyone can read it. |
client | 10 | protected | Authenticated users need matching product or extension permission. |
partner | 20 | protected | Partner users can read it; extension checks are bypassed. |
gold_partner | 30 | protected | Example higher partner tier. |
platinum_partner | 40 | private | Example private partner tier. |
admin | 100 | private | Full system access. |
Tier configuration is defined in src/lib/acl/index.ts. The current schema keeps known tier names hardcoded for safe frontmatter validation.
Public pages
access_tier: public
product: platformPublic pages are visible to anonymous visitors, included in public sitemap output, and available to public search filters.
Client pages
access_tier: client
product: nexus/customer-portal
extensions: [nexus/customer-portal]Client pages require:
- A user tier rank at least equal to
client - A matching extension in
extensions, or a matchingproductwhenextensionsis empty
If product: platform and extensions: [], any client-tier user can read the page.
Partner and admin pages
Partner-tier users and above bypass extension checks. That keeps partner documentation manageable when a partner needs broad visibility across product lines.
Private tiers, such as platinum_partner and admin, are hidden from unauthorized users more aggressively. Unauthorized private pages are omitted from navigation and return a 404 instead of a locked page.
Locked page behavior
When a visitor cannot read a protected page, the route renders a locked content view with a request-access path. The page title can still be shown for protected visibility, but the body is not rendered.
When a visitor cannot read a private page, the route returns notFound().
Live examples:
Inline protected sections
Use the MDX Protected component for stronger access inside a public or lower-tier page:
<Protected tier="partner" label="Partner">
Partner-only notes go here.
</Protected>This does not change the page-level metadata. It only gates that section during rendering.
Search filtering
Search filtering mirrors page access:
- Anonymous users can search public documents.
- Client users can search public documents plus client documents matching their product or extension grants.
- Partner-tier users can search all tiers at or below their rank.
- Admin users can search everything.
This keeps search results aligned with the pages a user can actually open.