Have the ability to specify read/write permissions on the field level


It would be great to have the ability to specify read/write permissions on the field level. That way someone can’t see all your models fields by simply looking at the schema; plus it would be really nice to have private fields that only x roles can see, it would open up the possibilities even more with DATOcms!

For our use case we require to be able to specify CRUD permissions on field level. Some fields shouldn’t be visible for certain roles, some roles can see certain fields but not edit them, etc. So we either require to able to assign CRUD permissions based on roles, or be able to create different views for different roles. Are there plans to put this issue on the roadmap?/ What is the status of this issue?

Linked to:

This would be great to have!

For now, I’m just adding a “for developers only” fieldset and putting all the dangerous fields in there. There is also a Hidden Field plugin… maybe that can be extended to check user role/permissions before showing the field?

Yes, the “Hide field from role” plugin normally does the job: Hide field from role - Plugins - DatoCMS

Let us know if the plugins are not enough!

1 Like

That should be fine, thank you for the suggestion!

It’s not the safest system (anybody who knows how to edit CSS can un-hide that and change the value), but on our small & trusted team it’s probably not an issue.

I completely agree, it’s just a workaround, but before adding a lot of complexity there we are trying to understand if that’s the only use case

One use case is to facilitate multi-role editor environments. For example one person might draft the initial article, another person might fill out the SEO fields, a dev might add some arbitrary JSON into a secret field, and then a reviewer would review & publish all of it.

Or, another use case is that maybe we don’t want the slug (or some other unique ID) to be changeable after creation by anyone except devs & admins (not sure if that’s possible… i.e. if there’s a difference between a model entry creation vs field update).

But the workaround should suffice for now. Thanks!

yes, with the plugin you should be able to hide the fields from the specific roles.

Regarding the ability of hiding a field after the creation you might be able to implement that with a plugin!