Admin panel content type query filters

raphaeldas · May 5, 2023, 2:53pm

Hi

I think your on a good track with the RBAC approach. I have a simular situation, where we build the cms for our customer but the customer has also some accounts to manage content themselves. Creating a custom condition, which ensure the user accessing a specific content-type in the content-manager have the permission to see and edit it.

The developers of Strapi already made a similar condition by default:

github.com

strapi/strapi/blob/main/packages/core/admin/server/config/admin-conditions.js

'use strict';

module.exports = {
  conditions: [
    {
      displayName: 'Is creator',
      name: 'is-creator',
      plugin: 'admin',
      handler: (user) => ({ 'createdBy.id': user.id }),
    },
    {
      displayName: 'Has same role as creator',
      name: 'has-same-role-as-creator',
      plugin: 'admin',
      handler: (user) => ({
        'createdBy.roles': {
          $elemMatch: {
            id: {
              $in: user.roles.map((r) => r.id),
            },

This file has been truncated. show original

You can create your own conditions in /src/index.js and register it as descript in the first link above.

P.s. Working on my condition i found a bug trying to filter the user listing by email. see this issue on github

Hope this helps.

Regards
raphaeldas