Restrict API Key for users of certain role #4100
augustgaukstad
started this conversation in
Feature Requests & Ideas
Replies: 2 comments
-
|
I have the exact same problem. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
I configured this behavior by adding a const Users: CollectionConfig = {
// ...
access: {
create: (args) => {
if (!admin(args)) {
return false
}
if (!superAdmin(args)) {
if (!args.data) {
return true
}
// only superadmin can create other admin+
return (
!['api', ...AdminUserRole].includes(args.data.role) &&
!args.data.enableAPIKey
)
}
return true
},
},
fields: [
{
name: 'role',
type: 'select',
options: Object.keys(UserRole).map((key) => ({
label: UserRole[key],
value: key,
})),
required: true,
defaultValue: 'contributor',
validate: (value, { data }) => {
if (
data.enableAPIKey === true &&
!['api', 'superadmin'].includes(value)
) {
return 'This user role cannot be assigned an API key'
}
return true
},
},
]
} |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
As it is now, we have to create a separate collection if we want to limit which users/roles can enable API-Keys on their accounts. Would be nice if it could utilize a similar access-method akin to collections/fields for granular API-access without having to set up a seperate collection.
Beta Was this translation helpful? Give feedback.
All reactions