Directus 11 Release Candidate
Leap WeekSeason 3Episode 2June 17 2024Directus 11 is here with policies - our key new feature making access control more powerful and flexible in your projects.
Rijk: I'm excited to announce today how we're overhauling access control in Directus. We spent the last months researching and developing the next big iteration of permissions that we're calling policies. Policies allow you to compose the access control for your roles and users. Each role and user can have 1 or more policies which can be reused across the system. In direct list 10, permissions are directly attached to roles.
This means that you may have many similar roles with duplicated permissions to achieve the granularity that your project requires. Before, a user could only have one set of permissions based on their role. A policy, however, is a set of permissions that, like today, allow you to control what a user can see or do across your collections. Policies are effectively an abstraction allowing for 1 or more permissions to be reused across roles or users. You will be able to add policies directly to a role, a user, or both.
For example, when managing a website you could create a page edit policy that contains all the permissions required to be able to edit the website's pages, which you can then attach to your marketing and engineering roles. Or, for example, when generating sales reports, you could create a view quarterly results policy that allows your analysts, account executives, and demand team to view the quarterly results. A user or role can have multiple of these policies, so each policy can be very granular as opposed to having one role that has to contain everything. Much easier to manage. Another example, when configuring a multi tenant system, you can now create a role per tenant but have all of the permissions for those roles rely on the same shared policies, allowing you to manage the permissions for each user in a centralized place while keeping the tenants separated by role.
Policies allow for new ways of organizing and managing your permission sets. We'll be providing these examples and more in our new docs platform coming later this summer. All these changes might sound like a lot at first, but rest assured, as with the releases of directus 10, we're providing an automatic migration between directus 10 and directus 11 to help you get started with policies. We're very excited to give you this new flexibility, which is perfect for simplifying your more complicated projects. Come chat with us about this and more at 11 AM EST in our town hall in Discord.