Skip to main content

RBAC-Powered Backend-as-a-Service

Define your schema and policies in YAML, get a production-ready REST API with fine-grained permissions, document versioning, and full observability. Built for 50K+ QPS.

Get StartedAPI Reference

Quick Start

Get Permission Mongo running in minutes with these simple steps.

1

Install and configure

Clone the repository and set up your configuration files:
git clone https://github.com/KTS-o7/permission-mongo.git
cd permission-mongo
go mod download
Create your config.yaml:
version: "1.0"
server:
  host: "0.0.0.0"
  port: 8080
mongodb:
  uri: "mongodb://localhost:27017"
  database: "permission_mongo"
redis:
  url: "localhost:6379"
2

Define your schema

Create schema.yml to define collections and validation rules:
collections:
  documents:
    fields:
      title:
        type: string
        required: true
      status:
        type: string
        enum: ["draft", "published", "archived"]
      tenant_id:
        type: objectId
        required: true
    versioning:
      enabled: true
      mode: "full"
3

Configure RBAC policies

Define role-based access control in policy.yml:
policies:
  documents:
    admin:
      actions: [create, read, update, delete]
    user:
      actions: [create, read, update, delete]
      when: "resource.owner_id == user._id"
    viewer:
      actions: [read]
      when: "resource.tenant_id == user.tenant_id"
4

Start the server

Build and run the Permission Mongo service:
go build -o bin/pm-server ./cmd/server
./bin/pm-server --config config.yaml
Your API is now live at http://localhost:8080 with full CRUD operations, RBAC enforcement, and versioning enabled.

Key Features

Everything you need to build secure, scalable APIs on MongoDB.

Fine-Grained RBAC

Role-based permissions with hierarchical access control, field-level filtering, and dynamic expression evaluation.

Schema Validation

Type validation, constraints, computed fields, and relationships—all defined in YAML configuration.

Document Versioning

Track every change with full or diff-based versioning. Restore any version instantly.

Hooks & Webhooks

Pre and post-operation hooks with HTTP webhook support for external integrations.

Full Observability

Prometheus metrics, Grafana dashboards, and structured audit logging out of the box.

High Performance

Optimized for 50K+ QPS with Redis caching, connection pooling, and lock-free routing.

Explore by Topic

Jump into detailed guides and examples for your use case.

Multi-Tenancy Guide

Isolate data by tenant with automatic filtering and field-level permissions.

Read guide

Hierarchical Permissions

Managers automatically see subordinates’ data using hierarchy resolution.

Read guide

Batch Operations

Process thousands of documents in a single request with batch create, update, and delete.

Read guide

Observability Stack

Pre-built Grafana dashboards for HTTP metrics, MongoDB operations, cache performance, and RBAC auditing.

View dashboards

Ready to Build?

Go from schema to production-ready API in minutes. No backend code required.

Start BuildingView on GitHub