Roles and Permission based Features


#1

Hi,

I have been exploring Squidex for a while now and I really feel it’s an awesome product for everyone out there who is looking for a headless CMS.
I saw features like hierarchical permissions and creations of custom roles which are all great but is it possible to hide/show different features based on user’s roles and permissions with minimal changes to the application?

I have hosted Squidex on my local machine and want to update the application to achieve above request. Can you please suggest a best way going forward.

Thanks in Advance.
Saurav


#2

Hi, you are right, it is an open task, I have even described it in a blog that I will do it later.

There is a directive in angular to render an element only if the user has the right permission, it is called sqxPermission:


#3

Hi Sebastian,

Is there an ETA for this feature?

1/Is this only show granted left menu items?
2/ I have configured only appName.contents and appName.schemas,then in dashboard it’s showned the appName but when I click on it, system return to Login page? Does this feature resolve this issue?
3/ Do we have any way to configure dashboard items? I’d like to show only one granted appName or any way to redirect to like Contents of specific appName?

Thanks in advance,
Ho Le


#4

There is no ETA,

what I thought has been covered is the read endpoints. But your example shows that it is not true. Have you configured a role or custom permissions in the user administration?


#5

Hi Sebastian,

I have configured custom permissions on user administration.


#6

Have you read this: https://docs.squidex.io/concepts/permissions#special-permissions ?


#7

I am working on this feature now. My idea is to introduce HATEOAS into the Api. https://restfulapi.net/hateoas/

Each entity has links then that represents the different resources that can be used, based on status, permissions or settings. The advantage is that the UI do not have to understand the permission system.