Directus Cloud user here. I can’t for the life of me figure out how to do this. I’ve tried every permutation possible, I don’t know what I’m doing wrong.
Basically I have a M2M field in my space
collection called space_editors
, which are related to directus_users
I also have a translations field in my space
collection (spaces_translations
). Now I wanna restrict update access for spaces_translations
only to those users who are in space_editors
. So I have added the following rule to spaces_translations
in my access policy for update:
spaces_id → space_editors → directus_users_id → id EQUALS $CURRENT_USER.id
Is this correct? I have tried also without using the id:
spaces_id → space_editors → directus_users_id EQUALS $CURRENT_USER
I’ve tried every other way and still when I make a POST request I get a 403. I wanna pull my hair out. It would be nice if there some feedback in the console or something what these rules exactly are fetching, cause it feels like I’m just playing a guessing game of trying to get this to work. (…yes, all field permissions are checked).