Skip to content
This repository has been archived by the owner on Jan 6, 2023. It is now read-only.

Permissions

Jump to bottom
Rijk van Zanten edited this page Oct 2, 2019 · 2 revisions

Permissions

Permissions are being stored in the directus_permissions table in the following structure:

ID (id)

Primary ID for the row.

Collection (collection)

Collection to which the permission applies. This is a foreign key to the directus_collections table.

Role (role)

What role this permission applies to. This is a foreign key to the directus_roles table.

Status (status)

If the collection has a status field in it, this field sets to which of these statuses the permission applies. This can only hold one status which should match the name in the status mapping option of the status field.

Status Blacklist (status_blacklist)

Decides what statuses the user can use for the item. This can be used to prevent the user from creating an item with the status published, or update an item from published too draft. This field holds a CSV of names that should match the names in the status mapping option of the status field.

Create (create)

If the user can create a new item or not. Possible values:

  • none – Can not create an item
  • full – Can create an item

Read (read)

If the user can read items from this collection. Possible values:

  • none – Can't read any items
  • mine – Can only read items that have a user_created type column that holds the primary key of the current user
  • role – Can only read items that have a user_created type column that holds a primary key of a user that's in the same role as the current user
  • full – Can read all items

Update (update)

If the user can update the items in this collection. Possible values:

  • none – Can't read any items
  • mine – Can only read items that have a user_created type column that holds the primary key of the current user
  • role – Can only read items that have a user_created type column that holds a primary key of a user that's in the same role as the current user
  • full – Can read all items

Delete (delete)

If the user can delete items from the collection. Possible values:

none – Can't read any items

  • mine – Can only read items that have a user_created type column that holds the primary key of the current user
  • role – Can only read items that have a user_created type column that holds a primary key of a user that's in the same role as the current user
  • full – Can read all items

Comment (comment)

If the user can comment on the current item by posting to the /activity endpoint. Possible values are:

none – Can't create comments

  • create – Can create comments, but can't update or delete them
  • update – Can create and update comments, but can't delete them
  • full – Can create, update, and delete comments

Explain (explain)

If the user is required to leave a message stating what they updated when saving an item.

NOTE: this is not currently in use

Possible values: * none – Is not required to explain their changes

Read Field Blacklist (read_field_blacklist)

An optional CSV of fields that the user can't view. Every item in this CSV needs to be a valid field name as listed in directus_fields.

Write Field Blacklist (write_field_blacklist)

An optional CSV of fields that the user can't write to. Every item in this CSV needs to be a valid field name as listed in directus_fields.

Directus Internal Docs

Please see https://docs.directus.io for the usage guide.

Clone this wiki locally