Access policy rules

Posoroko · September 4, 2025, 1:31pm

I see how we can use access policies to control access like this :

created_by equals $CURRENT_USER

but what if I want to compare created_by to something else?

What if i want to let users link items through a o2m field EVEN if they are not the ones who created them ?

but why ? you might ask.
Because I want the editors to have the ability to link items even if they are not the owners of these items.

But, I still want to make sure that items belong together

ex:
an artist creates a “record” item.
same artist creates a “discography” item

editor comes in and links the record to the discography.
We need to make sure both the record and the discography belong to the same artist.

My goal is to achieve this through the api but use access_policies to validate the links

I hope I was clear enough!

Thanks!

ahmad_quvor · September 4, 2025, 4:43pm

Hello @Posoroko

Standard validation rules operate on a single item’s data at a time.

You will have to use a bloking flow and then fetch the data of song and album, and then check if the created_by is the same for both, if yes, then continue, else throw an error.

Topic		Replies	Views
Directus Cloud Access Policy - Why are create action validation filters so limited? Help	1	35	May 12, 2025
Multiple permission rules per collection Help	1	49	June 17, 2025
Access rights based on two conditions Help data-modeling	1	49	June 2, 2025
Granular access to files depending on other collections Help authentication	1	17	August 20, 2025
Need quick guide to access policies Help permissions	1	19	July 18, 2025

Access policy rules

Related topics