Roles: User can only edit existing content assigned to them

New to Kirby

I would like to create user accounts that:

  • Can NOT create new pages
  • Can EDIT existing pages that are assigned to THEM ONLY
  • Can edit all fields on those pages, and upload images and other content

Is that possible in Kirby with a plugin or in core/?

Hi, unfortunately user permission is very tricky and has not been implemented in Kirby so far. It’s definitely in the works but with no official release date.

Currently, the only way to achieve that would be to let users edit pages on the frontend instead of the panel.

BTW. “In the works” in this case does not mean that you can expect it any time soon.

This kind of role granularity is requisite for any multi-user CMS

Well, we would all love to have this feature, but currently you either have to work around this or use another CMS (or hack the panel).

The issue is always to make it secure and get it right. We don’t want to have a feature in the core that doesn’t work reliably, so it may need some more time.

Understood. But It’s kind of a basic feature.

I simply want to prevent UserA from Editing UserB’s content.

As stated above, you could create an editing interface in the frontend using authentication and $page->update(). With that you can fully control the permissions.

And that’s the one thing everyone must appreciate about Kirby. It doesn’t try to pump out countless features in each release to make it flashy. It’s robust and well-thought, and doesn’t try to do it all.

I’ve seen many people struggle with user-rights on other CMS that had terrible implementations… I’d rather wait for a well done solution :slight_smile:


My buddy found it for me:

That field does not have anything to do with permissions, I’m afraid.

1 Like

That’s only to select a user, it’s typically used to define the author of an article. It doesn’t prevent other users from editing the page.

There’s also a core field in Kirby:

You may believe us, there is no plugin that provides the functionality you are after. As I said above, your only option is to do it on the frontend without the panel.

So is there a guide to creating front end editable pages?

No, there is no such guide. As stated above, you can use the tutorial on user authentication and the $page->update() method.

Other than that, you would have to implement that yourself, as there are quite a few options to achieve that (using forms, using contenteditable, php or javascript based).

There are tons of miniguides on how to create or update a page from the front end. The search on this forum has helped me to achieve a front end update case just yesterday!
One of them with great code shared by @lukasbestle Allow guests to create pages from Panel or frontend

Pls. keep in mind that the example does not have any validation in place. Before creating a page from $data, check that the input does not contain any unwanted stuff.