Permissions

Control Panel
Version 1.5.0+
3 min read

You are viewing the documentation for Meerkat version 1 for Statamic 2. The latest version is Meerkat 2 for Statamic 3.

Read v2 docs

Starting with Meerkat version 1.5.8, you may now fine-tune which actions users are able to take within the Control Panel. By default, all actions are available to all users. To restrict the actions of users, add the following to the end of your site/settings/addons/meerkat.yaml file:

Meerkat 1 does not offer a Control Panel user interface to manage Meerkat permissions. Meerkat 2 for Statamic 3 offers a Control Panel permissions user interface.

permissions:
  all_permissions:
  can_view_comments:
  can_approve_comments:
  can_unapprove_comments:
  can_reply_to_comments:
  can_edit_comments:
  can_report_as_spam:
  can_report_as_ham:
  can_remove_comments:

Each of the properties (all_permissions, can_view_comments, etc.) will be a list of the user role ids that are allowed to take that action. Assuming we had the following site/settings/users/roles.yaml file:

d32e14fb-08c9-44c2-aaf8-21200852bafd:
  title: Admin
  permissions:
    - super
532e73fe-df04-4b3b-986d-b4d86cd53e18:
  title: Test
  slug: test
  permissions:
    - 'cp:access'
    - 'pages:view'
    - 'collections:blog:view'

If we wanted to let the "Test" role only unapprove comments or mark them as spam we would do this:

permissions:
  all_permissions:
  can_view_comments:
  can_approve_comments:
  can_unapprove_comments:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_reply_to_comments:
  can_edit_comments:
  can_report_as_spam:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_report_as_ham:
  can_remove_comments:

If we wanted all users of the "Test" role to be able to perform all actions we could do this:

permissions:
  all_permissions:
  can_view_comments:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_approve_comments:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_unapprove_comments:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_reply_to_comments:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_edit_comments:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_report_as_spam:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_report_as_ham:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_remove_comments:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18

However, to save some key-strokes, the following is equivalent:

permissions:
  all_permissions:
    - 532e73fe-df04-4b3b-986d-b4d86cd53e18
  can_view_comments:
  can_approve_comments:
  can_unapprove_comments:
  can_reply_to_comments:
  can_edit_comments:
  can_report_as_spam:
  can_report_as_ham:
  can_remove_comments:

Interacting With Addons

This section is for developers creating addons for Meerkat. If you don't need to write custom Meerkat code, you can ignore this section.

Meerkat emits the Meerkat.permissions.resolving event when resolving a user's permissions. If we had the following event listener:

'Meerkat.permissions.resolving' => 'resolvingMeerkatPermissions',

we could define the following PHP function:

public function resolvingMeerkatPermissions($user, $permissionSet)
{
    // Adjust any of the following and then return the permission set.

    // $permissionSet->canViewComments = true;
    // $permissionSet->canApproveComments = true;
    // $permissionSet->canUnApproveComments = true;
    // $permissionSet->canReplyToComments = true;
    // $permissionSet->canEditComments = true;
    // $permissionSet->canReportAsSpam = true;
    // $permissionSet->canReportAsHam = true;
    // $permissionSet->canRemoveComments = true;

    return $permissionSet;
}

Event handlers will receive the Statamic user instance as the first parameter, and a permission set as its second parameter. Make sure to always return the permission set.