Sub user management for authenticated users

System Information
  • Strapi Version: 3.4.4
  • Operating System: Ubuntu 18.04
  • Database: Mysql 8.0
  • Node Version: 12.20.1
  • NPM Version: 6.14.10


So basically I want my web app users to be able to create sub users with different permissions.

Imagine group A.

Group A user A-Master is created and they are in group A. I need A-Master to be able to create sub users in his own group without any of these group members having access to other groups users data.

For example - A-Master creates a sub user A-Primary. This user can do everything A-Master does - create, read, update, delete new users of the same group. Meaning, data from group B or C cannot be accessed.

A user called A-Admin can also be created, but they cannot create or delete users.

The way I thought I could do this is by adding another field called group in the Users Collection Type. However, any public user could just register as a user of that group and get access to their data, right?

Also users from group A could also request all the data from group B, because there is nothing stopping them from doing that in the back end. Like, how could I add permissions to users so that they can only request data from certain Collection Types that is of their group?

Or maybe there is a better way of doing this all together?

hi, did you solve it? I saw that with directus it’s possible.