How to restrict user to view some record of a collection

Hi, I want to restrict a user to access to read some records of a collection say “Product” and another user to read all records of collection “Product”?
Another example: How to restrict a user to read/write own records but restrict to others’ created records of a collection say “Article”?

Thanks
Bik

Hello,

Since 3.1 version, a new feature was released, its called RBAC (Role-Based Access Control), for community-edition there 3 default roles:

  • Super-Admin: Super Admins can access and manage all features and settings.
  • Editor: Editors can manage and publish content including those of other users.
  • Author: Authors can manage and publish only the content they created.

In that case, the author’s role is that you need.

In the Enterprise edition, Roles creation is unlimited . Role Control is also more advanced, with a high level of granularity options, allowing you to configure CRUD operations for any field available in any content type . You can also check all plans where more subscriptions are available.

Thanks… In enterprise version row level and field level security available?

Hello, of course.

You can achieve this by using RBAC (Role-Based Access Control)

Let’s look into this example with Admin and Author Role:

View as Admin (there are 4 articles, all of them are visible to the admin):

View as Author (there is a single Collection type: Article, to which I’ve granted access and only one article to which Author has access):



Edit article as Admin:

Edit article as Author (can’t view/modify that secret field, can’t publish article):

1 Like

super. thank you so much