Restricting an account to specific sections in the CP

_readme.md

Simple Statamic CP edit restrictions

• Add the hooks file to _add-ons/restrict_to/hooks.restrict_to.php.
• Add the restrict_to tags field to your _config/bundles/member/fields.yaml.
• To restrict pages, add them to the restrict_to field. eg. /blog, /calendar. They will only be allowed to edit pages that begin with this url.

Warning

If your member listing is visible, (it is by default), they can edit their own restricted pages.

You can hide the member section by changing members: true to false in the _admin_nav array in settings.yaml.

This is definitely not recommended if you are looking for actual security.

fields.yaml

fields:
  restrict_to:
    type: tags

hooks.restrict_to.php

<?php
class Hooks_restrict_to extends Hooks
{
    public function control_panel__can_publish($page)
    {
        $member = Auth::getCurrentMember();

        if (! $restrictions = $member->get('restrict_to')) {
            // No restrictions? Let 'em in.
            return true;
        }

        foreach ($restrictions as $restriction) {
            $restriction = URL::tidy('/' . $restriction);

            if (Pattern::startsWith($page['identifier'], $restriction)) {
                return true;
            }
        }

        return false;
    }
}