improve useCanAccess

fzaninotto · fzaninotto · commit cf706ceb86cc · 2023-08-01T08:41:40.000+02:00
diff --git a/docs/useCanAccess.md b/docs/useCanAccess.md
@@ -7,6 +7,8 @@ title: "useCanAccess"
 
 This hook, part of [the ra-rbac module](https://marmelab.com/ra-enterprise/modules/ra-rbac)<img class="icon" src="./img/premium.svg" />, calls the `authProvider.getPermissions()` to get the role definitions, then checks whether the requested action and resource are allowed for the current user. 
 
+## Usage
+
 `useCanAccess` takes an object `{ action, resource, record }` as argument. It returns an object describing the state of the RBAC request. As calls to the `authProvider` are asynchronous, the hook returns a `loading` state in addition to the `canAccess` key.
 
 ```jsx
@@ -15,8 +17,8 @@ import { useRecordContext, DeleteButton } from 'react-admin';
 
 const DeleteUserButton = () => {
     const record = useRecordContext();
-    const { loading, canAccess } = useCanAccess({ action: 'delete', resource: 'users', record });
-    if (loading || !canAccess) return null;
+    const { isLoading, canAccess } = useCanAccess({ action: 'delete', resource: 'users', record });
+    if (isLoading || !canAccess) return null;
     return <DeleteButton record={record} resource="users" />;
 };
 ```
@@ -57,3 +59,14 @@ const { canAccess: canReadSelfSales } = useCanAccess({ action: "read", resource:
 **Tip**: The *order* of permissions as returned by the `authProvider` isn't significant. As soon as at least one permission grants access to an action on a resource, the user will be able to perform it.
 
 **Tip**: `useCanAccess` is asynchronous, because it calls `usePermissions` internally. If you have to use `useCanAccess` several times in a component, the rendered result will "blink" as the multiple calls to `authProvider.getPermissions()` resolve. To avoid that behavior, you can use the `usePermissions` hook once, then call [the `canAccess` helper](./canAccess.md). 
+
+## Parameters
+
+`useCanAccess` expects a single parameter object with the following properties:
+
+| Name | Required | Type | Default | Description |
+| --- | --- | --- | --- | --- |
+| `resource` | Required | `string` | - | The resource to check, e.g. 'users', 'comments', 'posts', etc. |
+| `action` | Required | `string` | - | The action to check, e.g. 'read', 'list', 'export', 'delete', etc. |
+| `record` | Optional | `object` | - | The record to check. If passed, the child only renders if the user has permissions for that record, e.g. `{ id: 123, firstName: "John", lastName: "Doe" }` |
+
