github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-01-24 23:58:02 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
262b59c44d1237dee3f5efc9438c5ccd6be07b60
directus/docs/reference/api/rest/permissions.md
Rijk van Zanten 817ccf3620 Overhaul docs (#3951) 
* Add Quickstart Guide

* Update installation

* Remove unused files

* Update support/backing

* Tweaks in concepts

* Setup file structure for API reference 2.0

* Setup page layout for reference

* Add clean-urls plugin

* getting started updates

* Finish authentication rest

* getting started updates

* Render stylus in 2 spaces

* Various

* Various

* Finish activity docs

* Add collections reference

* Add extension reference

* concepts updates

* Fields/tweaks

* Add files doc

* Add revisions

* concepts docs

* More api reference

* Finish rest api reference (finally)

* initial concepts

* More things

* Add assets api ref

* Move sections from file to assets

* Add environment variables

* contributing docs

* Add field transforms page

* Left align table headers

* concept links

* Add API config

* Fix mobile nav

* Add migrating a project

* doc link fixes

Co-authored-by: Ben Haynes <ben@rngr.org>
2021-02-05 18:51:54 -05:00

5.5 KiB
Raw Blame History

pageClass
pageClass
page-reference

Permissions

Permissions control who has access to what, when.

toc

The Permission Object

id uuid
Primary key of the permission rule.

role many-to-one
Role this permission applies to. Many-to-one to roles. null is used for public permissions.

collection string
Collection this permission rule applies to.

action string
What CRUD operation this permission rule applies to. One of create, read, update, delete.

permissions object
What rules the item must pass before the role is allowed to alter it. Follows the Filter Rules spec.

validation object
What rules the provided values must pass before the role is allowed to submit them for insertion/update. Follows the Filter Rules spec.

preset object
Additional default values for the role.

fields array
What fields the user is allowed to alter.

limit integer
How many items the user is able to alter at once in batch operations.

{
	"id": 34,
	"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7",
	"collection": "pages",
	"action": "create",
	"permissions": null,
	"validation": {
		"title": {
			"_contains": "Directus"
		}
	},
	"presets": {
		"published": false
	},
	"fields": ["title", "translations"],
	"limit": null
}

List Permissions

List all permissions that exist in Directus.

::: tip Permissions

The data returned in this endpoint will be filtered based on the user's permissions. For example, permissions for a role other than the current user's role won't be returned.

:::

Query Parameters

Supports all global query parameters.

Returns

An array of up to limit permission objects. If no items are available, data will be an empty array.

GET /permissions

// Response

{
	"data": [
		{
			"id": 34,
			"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7",
			"collection": "pages",
			"action": "create",
			"permissions": null,
			"validation": {
				"title": {
					"_contains": "Directus"
				}
			},
			"presets": {
				"published": false
			},
			"fields": ["title", "translations"],
			"limit": null
		},
		{...},
		{...}
	]
}

Retrieve a Permission

List an existing permission by primary key.

Query Parameters

Supports all global query parameters.

Returns

Returns the requested permission object.

GET /permissions/:id

// Response

{
	"data": {
		"id": 34,
		"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7",
		"collection": "pages",
		"action": "create",
		"permissions": null,
		"validation": {
			"title": {
				"_contains": "Directus"
			}
		},
		"presets": {
			"published": false
		},
		"fields": ["title", "translations"],
		"limit": null
	}
}

Create Permissions

Create one or more new permission rule(s)

Query Parameters

Supports all global query parameters.

Request Body

A partial permissions object or an array of partial permissions objects. action and collection are required.

Returns

Returns the permission object for the created permission.

POST /permissions

// Request

{
	"collection": "pages",
	"action": "read",
	"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7",
	"fields": ["id", "title"]
}

// Response

{
	"data": {
		"id": 36,
		"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7",
		"collection": "pages",
		"action": "read",
		"permissions": null,
		"validation": null,
		"presets": null,
		"fields": ["id", "title"],
		"limit": null
	}
}

Update Permissions

Update an existing permissions rule.

Query Parameters

Supports all global query parameters.

Request Body

A partial permissions object.

Returns

Returns the permission object for the created permission.

PATCH /permissions/:id

// Request

{
	"fields": ["id", "title", "body"]
}

// Response

{
	"data": {
		"id": 36,
		"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7",
		"collection": "pages",
		"action": "read",
		"permissions": null,
		"validation": null,
		"presets": null,
		"fields": ["id", "title", "body"],
		"limit": null
	}
}

Delete Permissions

Delete an existing permissions rule

Returns

Empty body.

DELETE /permissions/:id

// Empty Response

Delete Multiple Permissions

Delete multiple existing permissions rules

Request Body

An array of permission primary keys

Returns

Empty body.

DELETE /permissions

// Request
[15, 251, 810]

// Empty Response
Reference in New Issue View Git Blame Copy Permalink