You will need to have some kind of service account with permissions to update the user (there is a permissions setting within the users-permissions plugin to allow this).
Effectively you need to send a PUT request to localhost:1337/users/:userID with the content of the body being something like:
{
"role": thePremiumRoleID
}
Alternatively within the Strapi backend you would do this via strapi.query('user', 'users-permissions').update({ id: userID }, { role: roleID }) So you could build a custom route/controller to do this as well.
Do you have Strapi query to change what a Role can do? I would like to Editor role to be allowed to edit content. Right now it doesn’t have any role, maybe those can be changed with Strapi Query?
Yes, I’m talking about the Admin Panel roles, with the community edition there is 3 roles, Super Admin, Editor, Author.
The only role that is working is the Super Admin, the other roles cannot create or edit any content.
So can I use Strapi Query to update the rights of the Editor so he is allowed to edit?
In my opinion, altering a user’s role via a REST API may not be the most secure approach. Instead, it is advisable to make such role changes within the Strapi backend controller for enhanced security.