Strapi: Allow other User roles access to Admin Panel

@piere129 I believe this already planned and is on the vote page, the Strapi team have stated this is pretty high on their list of to-dos, you can find the entry here: https://strapi.io/vote

I'm closing the issue because the feature is one of our top priorities after the stabilization part and it's the most up-voted feature on the community vote page.

Any news about this feature ? Can we follow the development progress somewhere (maybe this issue shouldn't be closed) ?

In #931 @soupette proposed a work-a-round documented here, but it seems to work only on Content Types and not on plugins and general section, am I right or are there other possible solutions already available ?

@g-div The specifications are almost ready on our side. However, we need to improve the plugin architecture & flexibility to make it work properly. We're currently developing the Documentation plugin, the next one will certainly be the Administrators & Roles plugin.

We can't wait to release this feature as well...

Just asking because it was unclear if the feature was already released or not, since all related issues have been already closed. I was otherwise curious if it was possible to follow its development in detail, in order to eventually offer some help there.

Any news if this feature was released? ...

@carlosmarinho nope not yet, and probably not in the next few months.

Please see https://portal.productboard.com/strapi/c/8-administrators-roles-permissions for more details.

Any idea when this is implemented? It's quite critical for me.

@dtaalbers Based on https://portal.productboard.com/strapi/tabs/3-planned it's planned for Q3 2019 :disappointed:

😮 A highly voted feature like this? Ah well, we might change from Strapi in that case. Thanks for the reply!

@dtaalbers There is a lot more that has to happen before the adminUI permissions rework comes. The Strapi team are working as fast as they can.

Trust me they are aware how popular it is, but they are focusing on the plugin framework rewrite to allow them and others to build great plugins like that.

@derrickmehaffy No worries, I understand. Wasn't aware of the rework, I only was a bit surprised about the roadmap seeing the votes for the feature. 👍

Yes, it's the most asked feature on ProductBoard. However, we have to rework the plugin framework first, test the core and update the architecture, then we'll be able to add new features 👍

is there any update on this?

@FrancisVarga "Soon"

@derrickmehaffy "Soon" === 1 month? 3 months? ;)

@LucasMatuszewski I won't work for Strapi, so I have no ETA for you. I do know the feature is important to them but their focus is entirely on the plugin framework rewrite at the moment.

Thanks for replying so quickly. On Roadmap I see 4Q19.

On Fri, May 10, 2019, 05:47 DMehaffy notifications@github.com wrote:

@LucasMatuszewski https://github.com/LucasMatuszewski I won't work for
Strapi, so I have no ETA for you. I do know the feature is important to
them but their focus is entirely on the plugin framework rewrite at the
moment.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/strapi/strapi/issues/1152#issuecomment-491145453, or mute
the thread
https://github.com/notifications/unsubscribe-auth/AGZSJPGFUN6IFKTMJVZ5REDPUTV5BANCNFSM4E7AS5LQ
.

FYI, we plan to add it at the end of the year. We don't define a specific date, we prefer to use a three-months period instead (Q1, Q2, Q3, Q4).

@Aurelsicoko - thx a lot!
If we decide to use Strapi in alpha:

1. Is there some easy/automated way to update to beta/final version ? Or do we have to do all manually?
2. If we would made our own features, bugfixes or integrations, are you open for PR from everyone? :)

1. You have to do it manually from alpha to beta. Then, the beta has a completely different files structure which will offer an easy way to upgrade from a version to another.
2. We are more than open to contributions! We have temporarily closed the PRs but we will open them when the beta will be released (~2 weeks).

~2 weeks! Great to hear it. So we will start development with new version :)

Hi! Is there any update on this? Can I use this feature on alpha ?

@PhantomxJoker no update yet but when it is released there won't be any alpha support only beta.

Oh, I totally forgot this one! I added it to the list of pain points encountered as a user. Recently, we split the administrators and end users into two separate categories of users. It's typically the kind of issues we want to solve (see more https://blog.strapi.io/why-we-split-the-management-of-the-admin-users-and-end-users/).

upvoteeee

@tomeady there is no timeline on building this feature but more than likely not going to happen before November of this year as the Strapi team have already laid out their plans until then in their most recent blog post.

Hi. Any updates on this feature?

I think feature is really important and will open a lot of other scenarios.

Thx a lot.

@botzill No updates or ETA yet.

Q2 2020 looks like the latest time estimate according to https://portal.productboard.com/strapi/1-public-roadmap/tabs/3-planned.

Is the only way for users to enter/update records for them to log in via the admin panel? This seems like a huge oversight and makes Strapi extremely impractical for many uses.

@JamesBrightman no they could do so with the proper permissions either via REST or GraphQL.

Here is the blog post related to why this was done: https://strapi.io/blog/why-we-split-the-management-of-the-admin-users-and-end-users?redirectPage=1

@derrickmehaffy

Thanks for the link, so if I have this right -

An End User can only consume the API. This may include adding content but through the GET/POST methods in a form

So it is possible for a non admin to add (and edit?) content via API's. However I maintain that this is still a less than great solution given than the user may not be familiar with using APIs. I suppose i'll have to wait for a more solid UI solution.

Right now the adminUI should not be used by normal users (at least not until that linked feature request is built). It's more so for the moment a simple way for admin level users to do light content-management.

Your best bet would be to handle content creation on your frontend or something tying into the generated APIs. The adminUI itself has it's own internal API that doesn't use the standard routes, controllers, services, lifecycle callbacks, or policies (again to allow for separation of admin level content additions vs user usable APIs). As far as I'm aware (and @soupette could confirm) there is no plan to change this either, though there is progress being made to allow users an easier time of modifying the admin and it's plugins as a whole.

@derrickmehaffy
Ok, I think I understand your point. Users cannot view adminUI so instead we serve something like a simple web app which can allow users to enter content, which is then used behind the scenes via the strapi API to add records to the strapi content?

Yes exactly

@derrickmehaffy
That is definitely an Interesting solution. Do you happen to have an example of an update/create record API call?

If you install the documentation plugin: https://www.npmjs.com/package/strapi-plugin-documentation it generates automated swagger docs. Likewise the graphql plugin has the built in graphql playground (which also has some built in docs based on your schema file)

I'll give it a shot, thanks.

react-admin or bunadmin - tutorial - strapi demo can make it for now.

Would something like this make your life easier guys?
Working on Strapi v3, it will restrict access to non-admin users to specific entries in the left menu.

P.S. Also made some changes in the admin/src to hide "Manage Administrators" and remove "Unused Plugins" from routing.

@surgeharb It's really nice to have this feature. Let us know when you have more updates to test it.

That would be a great feature!

De: Chirica Gheorghe notifications@github.com
Enviado: quarta-feira, 8 de julho de 2020 15:00
Para: strapi/strapi strapi@noreply.github.com
Cc: carlosmarinho carluizfla@hotmail.com; Mention mention@noreply.github.com
Assunto: Re: [strapi/strapi] Allow other User roles access to Admin Panel (#1152)

@surgeharbhttps://github.com/surgeharb It's really nice to have this feature. Let us know when you have more updates to test it.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHubhttps://github.com/strapi/strapi/issues/1152#issuecomment-655670192, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ABT3NDRPK2ZSA5ZP3644B4TR2SX3ZANCNFSM4E7AS5LQ.

@botzill, I will share it in the next 24hours on how I achieved this in an article or a GitHub repo.
Keep in mind that this will be a temporary solution as the core team of Strapi is in the latest stages of achieving this the good way in the system.
I made use of the built in Strapi "admin customization" feature.

@botzill @carlosmarinho @johackim @JamesBrightman @tomeady @PhantomxJoker
As promised, this is how to achieve access rights in Strapi v3.
This is a temporary workaround that allows you to manage multiple roles for Strapi administrators.
Let me know what you think of this: https://github.com/surgeharb/strapi-plugins#plugin-admin-access-rights

I'd like to point out to anyone watching this thread that the Strapi RBAC feature is currently in testing (PR is already open for it: https://github.com/strapi/strapi/pull/6965 ) and should be released shortly, however there is still a lot of things to review and test as I'm sure the entire Strapi team want to squash any bugs before users jump on migrating.

Amazing news @derrickmehaffy!
If I can assist in testing or fixing any bugs, I am more than happy to help.

I'd like to point out to anyone watching this thread that the Strapi RBAC feature is currently in testing (PR is already open for it: #6965 ) and should be released shortly, however there is still a lot of things to review and test as I'm sure the entire Strapi team want to squash any bugs before users jump on migrating.

Hi! Will that RBAC feature be available only for EE version or also CE ?

@sebacampos this is mentioned here https://portal.productboard.com/strapi/1-public-roadmap/c/8-users-roles-permissions-ce-ee, only 3 pre-defined roles are available by default for the Community Edition (CE), upgrading to the Enterprise Edition (EE) will allow customers to create an unlimited number of customizable roles.