Shield component
<Shield> is an async Server Component that gates its children by permission. It
checks the current user against the resource and renders the children when access
is allowed, or the fallback when it is not.
import { Shield } from "aegis-guard/server";
export default function SettingsPage() {
return (
<Shield
resource="admin.settings"
description="Admin settings page"
fallback={<p>Access denied.</p>}
>
<SettingsForm />
</Shield>
);
}Props
| Prop | Type | Description |
|---|---|---|
resource | string | The resource key to check (required) |
children | ReactNode | Rendered when access is allowed |
fallback | ReactNode | Rendered when access is denied (defaults to nothing) |
description | string | Optional description used during auto discovery |
Auto discovery
In development, Shield calls adapter.upsertResource(resource, description) the
first time it renders a resource. This registers the resource in your database so
it appears in the admin dashboard without manual setup. The call is skipped in
production.
Closed by default
A resource with no allowed roles denies everyone. Until you assign roles to a resource (through the dashboard or your own tooling), Shield renders the fallback. This is a safe default: a new or unknown resource is never accidentally public.
Pages that use Shield
Shield reads the request, so its page should not be statically prerendered. Add:
export const dynamic = "force-dynamic";Beyond rendering
To make a decision without rendering, or to guard an API route or middleware, use the universal guard functions.