Tailor now supports permissions +more

With the latest release of v3.0, Tailor blueprints automatically include permissions to manage their content. As a result of this work, the general permission structure has also been improved.

See the Permissions documentation for more details:

Nested Permissions

Permission codes support a nested structure to provide a cleaner interface when selecting permissions. To nest a permission code the “dot” value must be a direct descendant of its parent and unlimited nesting is supported.

In the following example, the manage_entries permission must be granted for the manage_entries.create and manage_entries.publish codes to become available. Visually it is represented like this:

├── manage_entries
|   ├── manage_entries.create
|   └── manage_entries.publish
└── delete_entries

Role Hierarchy

Each role is assigned a ranked position in the backend panel, represented as the sort_order column in the database. This allows a basic organisational structure to be established where users can only manage roles lower than their own role.

In the following example, the Senior Editor can manage all the users, outranking Staff Writer and Fact Checker roles. Whereas, the Fact Checker role cannot see users or manage permissions above them, in the Staff Writer and Senior Editor roles.

  1. Senior Editor
  2. Staff Writer
  3. Fact Checker

If the Manage Admins → Manage Roles permission is granted, users can manage their own users, permissions and roles existing below their current role.

3 Likes

Hey OctoberCMS Team.

So I love the permissions setup! But the media permissions aren’t working no matter how much I try. I’m viewing the permissions part in the “view as role” part of the backend.

1 Like

Hey @artistro08, you’re right. Looks like the permissions were not being checked correctly. It should be fixed in v3.0.39, some more media focused permissions have been added as well.

Thanks!

3 Likes