Actions without the ability to control permissions

tanish · June 8, 2023, 9:39am

Hello everyone!

Need assistance with a small issue that I’m facing. I have built my Forest Admin with Node.JS, Express.JS, and MongoDB.

This is my package version.

“forest-express-mongoose”: “^9.2.0”,

There are these actions in my dashboard for which I cannot control permissions and it messes up our entire platform. For example, “Create a new shareholder” is permitted to everyone even though we have disabled “Create” globally.

Also, this action “Dissociate this relationship”. We have no way to control this action and it shows it to everyone.

Please assist us in managing this micro permissions for our platform.

Best,
Tanish

anon34731316 · June 8, 2023, 10:04am

Hello @tanish,

Thanks a lot for reaching out

shareholders and payment IDs are not proper collections, right? Only hasMany belonging to another collection?

If that’s the case, could you try to make the related field (shareholders/paymentIDs) read-only (in Organizations/Payouts collection settings > Fields (relationship))?

Let me know if that helps.
Cheers!

Topic		Replies	Views
Is it true that "User" role can't use Smart Action? Help me!	10	638	June 25, 2020
Collection permission issue with related data tables Help me!	3	248	October 13, 2021
Issue with permissions when adding permissionMiddlewareCreator.smartAction() to smart action routes Help me! smart-action	4	262	May 11, 2023
Collections access "data access forbidden" Help me! howtos , setup	11	1215	June 11, 2021
Cannot run admin after forest-express-mongoose v9 update Help me!	7	83	June 19, 2024

Actions without the ability to control permissions

Related topics