System Information
- Strapi Version:4.16.2
- Operating System: windows 11
- Database: postgres
- Node Version: 18.17.0
- NPM Version: 9.6.7
- Yarn Version: 1.22.21
@hashirnouman First You need to understand how Strapi users-permissions plugin works
If you look into you db you will see following tables
roles and permissions of user is managed using these tables and you can create custom api and perfrom curd on above tables to add new roles programmatically
you can acess table like
strapi.db.connection
.table('up_roles')
strapi use KNEX ORM under the table so you can read KNEX Documentation for better understanding
Any snippet for it?
@LuisAlaguna @hashirnouman here is snippet to create role using strapi Query Engine’s API
await strapi.db
.query('plugin::users-permissions.role')
.create({
data: {
name: 'Teacher',
description: 'Teacher can upload grades',
type: 'authenticated'
}
});
similarly below example create a permission for find course api
await strapi.db
.query('plugin::users-permissions.permission')
.create({
data: {
action: 'api::course.course.find',
}
});
and if you want to assign a new role permission using nested like
await strapi.db
.query('plugin::users-permissions.role')
.create({
data: {
name: 'Teacher',
description: 'Default message',
type: 'authenticated',
// permission id of find course api
permissions: [11]
}
});
Update: I found out these were the permissions that existed against a user role and that you have to create a new entry into “plugin::users-permissions.permission” and assign that new permission to a role.
Quick question to anyone. Howcome i see multiple of the same actions in permissions and how do i know which one to use?
Query:
await strapi.entityService.findMany("plugin::users-permissions.permission");
Summarized Response:
{
"id": 166,
"action": "api::auth.auth.logout",
"createdAt": "2023-10-30T06:18:03.788Z",
"updatedAt": "2023-10-30T06:18:03.788Z"
},
{
"id": 343,
"action": "api::auth.auth.logout",
"createdAt": "2024-03-20T15:09:18.185Z",
"updatedAt": "2024-03-20T15:09:18.185Z"
},
{
"id": 207,
"action": "api::auth.auth.logout",
"createdAt": "2023-10-31T07:49:33.623Z",
"updatedAt": "2023-10-31T07:49:33.623Z"
},
{
"id": 224,
"action": "api::auth.auth.logout",
"createdAt": "2023-12-07T05:23:29.123Z",
"updatedAt": "2023-12-07T05:23:29.123Z"
},