Restricting Permissions in Strapi Admin Panel 🔐

Community member: Hey Cyril, do you have an ETA on that Administrators Roles Plugin? I really need that feature for my client…

Me: Man we’re stabilising the framework and making it way more extensible than it already is, so honestly, I have no idea.

Project setup

git clone git@github.com:strapi/strapi.git
cd strapi && npm run setup
strapi new blog --dev
cd blog && strapi start
cd blog/admin && npm start

API setup

At this point, you should have 4 models displayed in the left menu. BTW, I’m always amazed by how fast Strapi is to create an API.

Approach

The created “sub role” will only affect the front-end, for the back-end those admin users will still have all the rights so you might need to make the same approach in your client application.

We have now created a specific field admin_layout that is necessary for the admin to hide elements from the menu.

The only problem now is that the first registered user (you since you started with a fresh project) doesn’t have this property so, we’re going to modify the users-permissions plugin.

Part 1: Hiding the Plugins

Part 2: Hiding Content Types

The admin is using the first context api and I will update it to the last one soon so you might need to make some further modifications.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store