[Help] How to hide|read only a field for non admins when editing/creating an entry in a collection

[fabianmu]

I do have a slug field, which I set automatically via $app->on("collections.save.before.{collectionName}" and I would like that field to be either not visible or read-only when a non-admin user (I have created other groups via groups:.. in config.yaml is creating or editing an entry.

I saw a comment earlier about custom PHP code in a collections Permissions, #676 which may be useful but I need some guidance on if and how it's possible to adjust an entry to accomplish that desired outcome.
Thanks!

[pauloamgomes]

I believe that requires a read-only or hidden attribute on the field definition so we can define the field like:

{
  "hidden": true
}

The hidden field can be added easily to the input:

if (opts.hidden) {
    App.$(this.refs.input).addClass('uk-hidden');
}

but believe that should be performed in a more generic way and maybe including other field types than text.

The readonly option seems a bit more simple as it can be handled as new attribute:

{
  "readonly": true
}

and the text template can be updated to:

(['readonly', 'maxlength', 'minlength', 'step', 'placeholder', 'pattern', 'size']).forEach( function(key) {
    if (opts[key]) $this.refs.input.setAttribute(key, opts[key]);
});

think is a small change that provides the flexibility you described above

[adambuczek]

This is probably a common case.
I was under the impression that Field's Access tab influences not only Backend but also API response but no matter which API key I use the data returned doesn't have slug field.
Is this by design? Maybe this would be the way to go?

BTW I would also like to know more about what can I do in collection settings so I could implement this or e.g. collection level id filter myself.

[michabbb]

hi, i have the same problem. how can i hide or make a field read-only ? i guess a primary-key is something very common and never should be editable by any user. thanks !

[michabbb]

i took a while till i found out, that i have to make these changes in
modules/Cockpit/assets/components.js. can someone please explain me, what the file
modules/Cockpit/assets/components/field-text.tag is about ? changes here do not have any effect.
thanks.

[adambuczek]

You need to rebuild js components after you edit them.

[raffaelj]

If you want to hide the slug field (and optional more fields) completely for non-admins, you can use this:

<?php

/*
  hide fields for non-admins
  
  How to use:
  
    * edit collection and open "Permissions" tab
    * enable "read" permission and place the code below
  
*/

$hiddenFields = ["slug"];

if ($context->user && $context->user['group'] != 'admin')
  foreach($hiddenFields as $field)
    $context->options['fields'][$field] = false;

or simpler:

<?php
if ($context->user && $context->user['group'] != 'admin')
    $context->options['fields']['slug'] = false;

[Saunved]

hi, i have the same problem. how can i hide or make a field read-only ? i guess a primary-key is something very common and never should be editable by any user. thanks !

I had this issue when dealing with a nested set inside a repeater. Each set needs to have a unique ID, but I obviously don't want any users to be able to touch that. If you are using the API:
You can pass in variables that are not defined in the collection and Cockpit will add them to the set. So you can generate a unique ID and append it to the collection before saving it to Cockpit.

And when dealing with items created in the GUI, you can use webhooks to append ID to the item before the collection is saved using the collections.save.before event. ( I haven't tested this yet, but it should work).