How to restrict user to view some record of a collection

Hi, I want to restrict a user to access to read some records of a collection say “Product” and another user to read all records of collection “Product”?
Another example: How to restrict a user to read/write own records but restrict to others’ created records of a collection say “Article”?



Since 3.1 version, a new feature was released, its called RBAC (Role-Based Access Control), for community-edition there 3 default roles:

  • Super-Admin: Super Admins can access and manage all features and settings.
  • Editor: Editors can manage and publish content including those of other users.
  • Author: Authors can manage and publish only the content they created.

In that case, the author’s role is that you need.

In the Enterprise edition, Roles creation is unlimited . Role Control is also more advanced, with a high level of granularity options, allowing you to configure CRUD operations for any field available in any content type . You can also check all plans where more subscriptions are available.

Thanks… In enterprise version row level and field level security available?

Hello, of course.

You can achieve this by using RBAC (Role-Based Access Control)

Let’s look into this example with Admin and Author Role:

View as Admin (there are 4 articles, all of them are visible to the admin):

View as Author (there is a single Collection type: Article, to which I’ve granted access and only one article to which Author has access):

Edit article as Admin:

Edit article as Author (can’t view/modify that secret field, can’t publish article):

1 Like

super. thank you so much

Hello Sir, I feel kinda find no options on the Administration Panel to make this happen. When I keep logging in as Author, I still can see and delete the data created in Admin.

It’s very helpful if you can share with me the way to solve this, thanks a tons.

I am seeing the same issue as Benedict.
I have a Collection called Program which has a property ‘admin_users’ which is a Relation with User(from Admin).
Using RBAC and my custom conditionProvider I am able to filter the listing view correctly, but the value are ‘-’ except for the id. When I click on the row it says ‘You are not allowed to see this document’
My conditionProvider is:

    displayName: "Is Program Editor",
    name: "is-program-editor",
    plugin: "admin",
    handler: (user) => ({
          admin_users: { id: { $eq: } },

Can you see what I am doing wrong? Is there a way to make a conditionProvider specific to only one Content Type?


I am also facing the same problem. Does anyone know of a solution?