Granular Permissions for Files don't exist #2595
Comments
|
This is planned for v10 of Directus and is in works at the moment. You can track progress on the Let me know if you're thinking of something different... |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Feature Request
Currently using the JS SDK to develop a front end with VueJS and Nuxt however on my "home" collection I have a file field that contains the logo for the home page. But when I use the getItems function in the sdk it returns the file ID instead of a url. This is a problem because the only way to get the url is to use the getFile function which requires the "file" permissions in the Directus System Collection to be set to ALL.
There should be a way for the public user to be able to get the Files of collections they have access to but not files of ones they don't.
What problem does this feature solve?
This allows client-side apps to get files without giving the user access to every file on the cms
How do you think this should be implemented?
In the Directus System Collections the "mine" permission flag should allow public to use /:project/files and only return the files they have access to.
Another Solution would be to return the entire file data within the getItems query
I know you can do this right now with ?field=. but that still requires the file permission to be set to all
Would you be willing to work on this?
I am fairly new to Directus and am not yet familiar with the layout so unfortunately I don't think I would be much help.
The text was updated successfully, but these errors were encountered: