github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-02-02 17:45:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
340b240f0f6f61070bfd78fcedf6af82f4e2eee4
directus/docs/concepts/permissions.md
Rijk van Zanten 817ccf3620 Overhaul docs (#3951) 
* Add Quickstart Guide

* Update installation

* Remove unused files

* Update support/backing

* Tweaks in concepts

* Setup file structure for API reference 2.0

* Setup page layout for reference

* Add clean-urls plugin

* getting started updates

* Finish authentication rest

* getting started updates

* Render stylus in 2 spaces

* Various

* Various

* Finish activity docs

* Add collections reference

* Add extension reference

* concepts updates

* Fields/tweaks

* Add files doc

* Add revisions

* concepts docs

* More api reference

* Finish rest api reference (finally)

* initial concepts

* More things

* Add assets api ref

* Move sections from file to assets

* Add environment variables

* contributing docs

* Add field transforms page

* Left align table headers

* concept links

* Add API config

* Fix mobile nav

* Add migrating a project

* doc link fixes

Co-authored-by: Ben Haynes <ben@rngr.org>
2021-02-05 18:51:54 -05:00

2.1 KiB
Raw Blame History

Permissions

Permissions are attached directly to a Role, and define what data that Role's Users can create, read, update, and delete within the platform.

Directus includes an extremely granular, filter-based permissions system for controlling access. There are several layers to this access control, including:

  • Collection — The Collection scope of this permission
  • Action — Create, Read, Update, or Delete
  • Item Permissions — Filters actionable Items using Filter Rules
  • Field Permissions — Toggles which fields can be accessed
  • Validation — Filters Item values using Filter Rules
  • Presets — Controls the default values for the action
  • Limit — Sets a maximum number of items that are actionable

There are also other access control features that are tied directly to the Role. These include:

  • IP Access — Restricts user access based on IP Address
  • App Access — Restricts user access to the App
  • Admin Access — Enables Settings and unrestricted user access

Example

You could set the permissions such that a user can only Update (Action) the Title, Body, Date Published, and Category (Field Permissions) within Articles (Collection) that they created and are still unpublished (Item Permissions) one item at a time (Limit) if they are currently at the NYC office (IP Access). Additionally, the default Category will be "Opinon" (Preset), and the Date Published must be in the future (Validation).

And this is actually just a simple example. Permissions and Validation support a comprehensive list of Filter Operators, Relational Filtering, Logical Operators, and Dynamic Variables.

Relevant Guides

Reference in New Issue View Git Blame Copy Permalink