Expressing object ownership in item update permissions

epgap · June 6, 2025, 11:19am

I have the concepts of a group and a group admin. On the user level, there’s an ‘is admin for’ relation between users and groups. Groups can own a third data type, so this data type has an ‘owned by’ relation with a group.

I’ve set up the following item permission rule for updates to the third data type:

{"owned_by_group":{"_in":["$CURRENT_USER.is_admin_for"]}}

When I log in as a user that admins for a certain group and I try to edit an item of that group, the fields are still greyed out. Any idea why?

bryantgillespie · June 14, 2025, 3:36pm

It seems like this one is likely related to your other post here.

If the is_admin_for relation is a many-to-many, then you need to go through the junction table and you’ll have to go deeper into that relationship.

So the syntax may look like:

$CURRENT_USER.is_admin_for.group

or

$CURRENT_USER.is_admin_for.group_id

Something along those lines depending on your exact schema structure.

Topic		Replies	Views
Restricting editing to admins of the group a post belongs to Help	1	13	June 13, 2025
Flow read/update permissions Help	1	22	May 12, 2025
New User fields not editable for non admins Help permissions	1	29	June 14, 2025
Which rights are needed to ensure editing an M2M field works properly? Help authentication	3	17	June 5, 2025
Directus user read permissions on specific users Help	1	14	May 21, 2025

Expressing object ownership in item update permissions

Related topics