Using Strapi to build an API. Love most of it, but it seems access to the admin interface is all or nothing; you can't hide the more advanced aspects of admin for users who should only be able to add/edit content...? Am I missing something? How is this done?
Asked
Active
Viewed 3,476 times
2 Answers
5
This is the current top-voted feature request at Strapi. You can vote for it at: https://strapi.io/vote.
Admin - Permissions
Restrict admin panel sections access depending on users roles.
Dheeraj Vepakomma
- 26,870
- 17
- 81
- 104
-
1it's a [planned feature](https://portal.productboard.com/strapi/1-public-roadmap/tabs/3-planned) – Eric Dec 17 '19 at 19:41
-
1It's [in progress](https://portal.productboard.com/strapi/1-public-roadmap/c/8-users-roles-permissions-ce-ee) – Moses Schwartz Apr 01 '20 at 15:34
2
Actually you can change some things, since there is an /admin folder inside of /node_modules that you can overwrite, as the documentation says here, you can overwrite some logic for specific users and specific cases, that's not the best way to do it, but it's what we have for now.
Example: In my project I don't want any user to access the Content-Types Builder on production, at the end, I decided to hide the entire Plugins section on production environment.
So firstly I copied the entire /admin folder inside of my project, that way it'd be simple to find/edit any component.
Secondly I searched were the sections where rendered, and I found this file:
/my-project/admin/src/components/LeftMenuLinkSection/index.js
And I added this inside of the component:
const LeftMenuLinksSection = ({ section,
....
// before the return
if ( section === 'plugins' && process.env.NODE_ENV !== 'development') return null;;
And it worked, on production I don't have the plugins section on admin left menu (image 1):
It depends what you want to do, that could be possible, so it's not "all or nothing", it's more like all or almost nothing.
Lucas Andrade
- 4,315
- 5
- 29
- 50