Sometimes in our website projects, we need to restrict certain functionality in the back-end for certain types of users.

For example, this could be as simple as limiting editing capabilities for certain blog authors, or limiting which types of content they are allowed to edit. Thankfully, Statamic has made this fairly simple, though it does requred a Pro license to make use of it; otherwise, you’re limited to a single user anyway.

Follow along as I explore defining permission and roles in Statamic, if you’d rather just site back and relax. Watch it here:

Permissions vs. Roles

The tldr; of the video is this - we can set indivdual permissions for a single user, but what is likely more efficient is to create roles for a given set of permissions.

A given user can be given mulitiple roles - for example, one role could be Dashboard Access and each of your editors could be given this role. This might have mulitple permissions around that access, and so rather than editing each user for all of those permissions, it can be made more simple by adding or removing that role for a user you wish to change.

This is particularly handy when there are multiple kinds of permission configurations, where not every user has the same permissions. Inevitably there will be overlap, so we can separate out sets of permissions into simpler roles, and combining the roles for each user. Then, when the role for a certain kind of user needs to change, it only needs to be changed once and will then be applied for every user who shares that role.

As with all things Statamic, this is all saved to yaml files for easy configuration without even needing to do it through the control panel if you know your way around the files.

Talk about making hard things easy!