A few more ways to lock down roles (more permissions)

Hi guys, just a few small requests here that would allow me to lock down the client role even more – to avoid the client breaking their own website!

Please could you add new toggles to disable permissions for:

  • Can delete items [of type/tag] in the media area
  • Can access the media area
  • Can see plan limits
  • Can add/remove billing profiles

Also, please could you hide entirely certain UI elements when the role cannot access/use them?

  • Add menu item…
  • Settings within Content tab
  • Settings tab


Just released this! https://www.datocms.com/blog/new-feature-media-area-granular-permissions

1 Like

Hey, all the updates to user permissions/granular controls since I posted this thread years ago have been amazing. Thank you.

There is one last thing, I really want to remove “Settings” completely for some users.

Currently this is 99% possible. The user only sees Activity Log within Settings. This is still a potential point of confusion for some clients (they don’t understand anything in the Activity Log and they are literally scared by seeing code/terminal output). I’d really like to go the last step and get rid of Settings completely. Can you consider it?

Thank you.

1 Like

We’ll see what we can do :wink:

1 Like

Hi @convincible!

We just added a new role’s permission called can_access_build_events_log, that manages access to the Activity Log as you suggested!

Check it out here → Retrieve a role - Role - Content Management API

Thanks again for your suggestion :slight_smile:

1 Like