Non-Admin Default System Permissions

[benhaynes]

When working with a user in a non-admin role, there are many permission issues that arise. We need to update the default role permissions so that these don't occur.

• directus_user_roles – Error just after logging in
• directus_users Error when trying to update last_access
• directus_activity – Error with "mine"

[2018-10-15 11:18:55] api[_].ERROR: Directus\Permissions\Exception\ForbiddenCollectionReadException: Reading items from "directus_user_roles" collection was denied in /var/www/api/src/core/Directus/Permissions/Acl.php:944

This one I couldn't fix through permissions:

[wellingguzman]

Updating user.last_access and creating activity should ignore permission as these are internals actions, but authenticating through the API doesn't raise these issues, what we need to discuss here, is what the app are requesting and how we can make non-admin get those information.

[benhaynes]

Remember to mention @rijkvanzanten for App questions... otherwise he won't see this.

[wellingguzman]

There has not been any more issues with permissions when a non-admin authenticate. We should keep this open to give this issue couple of more days and see if we can find something else.

[benhaynes]

We'll close this one unless more related issues arise.