github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-02-04 05:05:06 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
dd67fdbdfb532e492cb727cd2ffd581dc9bf9c52
directus/docs/concepts/permissions.md
rijkvanzanten 010eabad27 Format remaining md files
2021-05-04 18:52:08 -04:00

40 lines
2.1 KiB
Markdown
Raw Blame History

# Permissions
> Permissions are attached directly to a Role, and define what data that Role's Users can create, read, update, and
> delete within the platform.
Directus includes an extremely granular, filter-based permissions system for controlling access. There are several
layers to this access control, including:
- **Collection** — The Collection scope of this permission
- **Action** — Create, Read, Update, or Delete
- **Item Permissions** — Filters actionable Items using [Filter Rules](/reference/filter-rules/)
- **Field Permissions** — Toggles which fields can be accessed
- **Validation** — Filters Item values using [Filter Rules](/reference/filter-rules/)
- **Presets** — Controls the default values for the action
- **Limit** — Sets a maximum number of items that are actionable
There are also other access control features that are tied directly to the Role. These include:
- **IP Access** — Restricts user access based on IP Address
- **App Access** — Restricts user access to the App
- **Admin Access** — Enables Settings and unrestricted user access
### Example
You could set the permissions such that a user can only **Update** (Action) the **Title, Body, Date Published, and
Category** (Field Permissions) within **Articles** (Collection) that **they created and are still unpublished** (Item
Permissions) **one item at a time** (Limit) if they are **currently at the NYC office** (IP Access). Additionally, the
**default Category will be "Opinon"** (Preset), and the **Date Published must be in the future** (Validation).
And this is actually just a _simple_ example. Permissions and Validation support a comprehensive list of
[Filter Operators](/reference/filter-rules/#filter-operators),
[Relational Filtering](/reference/filter-rules/#filter-relational),
[Logical Operators](/reference/filter-rules/#logical-operators), and
[Dynamic Variables](/reference/filter-rules/#dynamic-variables).
#### Relevant Guides
- [Configuring Role Permissions](/guides/permissions/#configuring-role-permissions)
- [Configuring System Permissions](/guides/permissions/#configuring-system-permissions)
Reference in New Issue View Git Blame Copy Permalink