Permissions

If you want to make the permissions for different actions of your plugin configurable by user role, you can register the available actions with the permissions extension.

PHP definition

Each available action needs to be set with the default permission value. The default value is used if the user's role does not specify the permissions for that action.

/site/plugins/permissions/index.php

Kirby::plugin('my/permissionPlugin', [
    'permissions' => [
        'access' => true,
        'create' => true,
        'delete' => false
    ]
]);

All permissions of the Kirby core are set to true by default. Only use the default value false if you want to make sure that the action is enabled explicitly for the users who should have access to it.

Usage in the user blueprint

The permissions can now be set in the user blueprint for each role (just like the core permissions).

/site/blueprints/users/editor.yml

title: Editor
permissions:
  my.permissionPlugin:
    *: false
    access: true

Access from your plugin

You can then check the permissions for each action in your plugin:

$kirby->user()->role()->permissions()->for('my.permissionPlugin', 'access') // true
$kirby->user()->role()->permissions()->for('my.permissionPlugin', 'create') // false