github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-02-18 19:24:34 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
2e82b5004aaadbc21963cd67c789c4234dd253ea
directus/docs/guides/roles.md
rijkvanzanten 010eabad27 Format remaining md files
2021-05-04 18:52:08 -04:00

127 lines
4.3 KiB
Markdown
Raw Blame History

# Roles
> Roles define a specific set of access permissions, and are the primary organizational structure for Users within the
> platform. [Learn more about Roles](/concepts/roles/).
## Creating a Role
1. Navigate to **Settings > Roles & Permissions**
2. Click the **Create Role** action button in the header
3. Enter a unique **Role Name**
4. Enabling **App Access** allows logging in to the App
5. Enabling **Admin Access** gives full permission to project data and Settings
## Configuring a Role
- **Permissions** — Defines the role's access permissions
- **Role Name** — This is the name of the role
- **Role Icon** — The icon used throughout the App when referencing this role
- **Description** — A helpful note that explains the role's purpose
- **App Access** — Allows logging in to the App
- **Admin Access** — Gives full permission to project data and Settings
- **IP Access** — An allow-list of IP addresses from which the platform can be accessed, empty allows all
- **Require 2FA** — Forces all users within this role to use two-factor authentication
- **Users in Role** — A list of all users within this role
- **Module Navigation** — Overrides the visible modules
- **Collection Navigation** — Overrides the collection module's navigation
### Customizing the Module Navigation
The options in the [Module Bar](/concepts/application/#_1-module-bar) can be overridden with custom options per role.
When this setting is empty, the default modules are used.
1. Navigate to **Settings > Roles & Permissions > [Role Name]**
2. Scroll to the **Module Navigation** field
3. Click the **Add a new item** button to add a module
4. Choose an **Icon** to display for the module
5. Choose a **Name** for the module
6. Enter a relative (App) or absolute (external) **link** for the module
7. Use the drag handles to **drag-and-drop** the modules into the desired order
If you are looking to replicate the default modules, paste the following configuration into the Module Navigation field
using the Raw Value field label option.
```json
[
{
"icon": "box",
"name": "Collections",
"link": "/collections"
},
{
"icon": "people_alt",
"name": "User Directory",
"link": "/users"
},
{
"icon": "folder",
"name": "File Library",
"link": "/files"
},
{
"icon": "info",
"name": "Documentation",
"link": "/docs"
}
]
```
::: warning Settings Module
The settings module is not controlled by this configuration. It is always added to the end of the list for any user's
with Admin Access.
:::
::: tip Customizing Existing Modules
You can enter the link to an existing module to customize its name or icon. For example, you can use `/collections` to
override the Collections module.
:::
### Customizing the Collection Navigation
The collections in the [Navigation Bar](/concepts/application/#_2-navigation-bar) can be overridden with custom options
per role. When this setting is empty, all collections that the user has permission to see are shown alphabetically in a
single, unlabeled group.
1. Navigate to **Settings > Roles & Permissions > [Role Name]**
2. Scroll to the **Collection Navigation** field
3. Click the **Add New Group** button to add a Grouping
4. Enter a **Group Name**, or leave it empty to simply show a divider
5. Choose if the group's **Accordion** will be...
- Always Open (Default)
- Start Open
- Start Collapsed
6. Click the **Add New Collection** button to add a Collection
7. Choose a **Collection** from the dropdown
8. Use the drag handles to **drag-and-drop** the groups/collections into the desired order
## Deleting a Role
1. Navigate to **Settings > Roles & Permissions > [Role Name]**
2. Click the red **Delete Role** action button in the header
3. Confirm this decision by clicking **Delete** in the dialog
::: warning Users in a Deleted Role
If you delete a role that still has users in it, those users will be given a `NULL` role, which denies their App access
and limits them to the [Public Role](/concepts/roles/#public-role) permissions. They can then be reassigned to a new
role by an admin.
:::
::: warning Last Admin
You must maintain at least one role/user with Admin Access so that you can still properly manage the project.
:::
::: warning Public Role
You can not delete the Public role, as it is part of the core platform. To disable it completely, simply turn off all
Public access permissions.
:::
Reference in New Issue View Git Blame Copy Permalink