• Product

  • Solutions

  • Developers

  • Docs

  • Pricing

  • Cloud

Search icon
Strapi plugin logo for Route permission

Route permission

This plugin implements a simple way to seed strapi users-permissions from routes configuration.

thumbnail for Route permission

Strapi4 plugin server route permission

Inspired from strapi-plugin-route-permission, same plugin but for strapi V3.

A plugin for Strapi that provides the ability to config roles on server route for generate permissions.

Downloads Install size

🚀   Overview

This plugin implements a simple way to seed strapi users-permissions from routes configuration (only server). It means that you can define your routes permissions direcly on route files. So every time your server ups, it will recreate yours routes permissions from your route config, allowing you to migrate your application without worrying about redefine your routes permissions over strapi panel.

⚠️ this plugin create route permission but don't delete any route permission


  Installation

With npm:

npm install strapi-plugin-server-route-permission

With yarn:

yarn add strapi-plugin-server-route-permission

  Getting Started

Add an array of roles on each route configuration

Examples:

Core route example :

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
"use strict";

"use strict";

/**
 * restaurant router
 */

const { createCoreRouter } = require("@strapi/strapi").factories;

module.exports = createCoreRouter("api::restaurant.restaurant", {
  config: {
    find: {
      // @ts-ignore
      roles: ["authenticated", "public"],
    },
    create: {
      // @ts-ignore
      roles: ["authenticated"],
    },
    findOne: {
      // @ts-ignore
      roles: ["authenticated", "public", "test"],
    },
    update: {
      // @ts-ignore
      roles: ["authenticated"],
    },
    delete: {
      // @ts-ignore
      roles: ["authenticated"],
    },
  },
});

custom route :

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
// server/routes/task.js
"use strict";

/**
 *  router.
 */

module.exports = {
  type: "content-api",
  routes: [
    {
      method: "POST",
      path: "/user/update-avatar",
      handler: "user.updateAvatar",
      config: {
        // @ts-ignore
        roles: ["authenticated"],
        policies: [],
        middlewares: [],
      },
    },
    {
      method: "DELETE",
      path: "/user/delete-avatar",
      handler: "user.deleteAvatar",
      config: {
        // @ts-ignore
        roles: ["authenticated"],
      },
    },
    {
      method: "GET",
      path: "/avatar/:id",
      handler: "avatar.getAvatar",
      config: {
        // @ts-ignore
        roles: ["authenticated"],
      },
    },
  ],
};

🎉   Result

On strapi startup it add only new permission configured in your route config

Configurated routes are visible on admin panel :

if admin remove a permission from admin panel, you got the log and the route is'nt configured

You can restore via settings on admin panel, this remove the configured routes history and reconfigure route which was deleted from the admin on next restart

🐛   Bugs

If any bugs are found please report them as a Github Issue

Typescript support problem

Issue You can put this line upside the role propertie : // @ts-ignore

Install now

npm install strapi-plugin-server-route-permission

STATS

11 GitHub stars158 weekly downloads

Last updated

76 days ago

Strapi Version

4.3.6 and above

Author

github profile image for Paul Richez
Paul Richez

Useful links

Create your own plugin

Check out the available plugin resources that will help you to develop your plugin or provider and get it listed on the marketplace.