Skip to content

03. Backend Control Panel & Security

Huement edited this page Jul 11, 2026 · 1 revision

StatComm features a dedicated Control Panel matrix wrapped completely inside Statamic's secure statamic.cp middleware stack. This natively locks out malicious scripts and external bots using session verification and strict CSRF shields.

1. Activating Permissions

StatComm registers three granular control keys under Users > Roles in the Statamic CP interface:

  • view comments: Grants access to view the primary StatComm data stream logs matrix.

  • edit comments: Allows an authenticated user to overwrite a comment's buffer payload or toggle its public approval state.

  • delete comments: Allows an administrator to permanently purge a comment packet from storage arrays.

2. Managing Users with Multiple Roles

StatComm natively supports Statamic's role aggregation layer. For instance:

  • A user with only a Writer role will be blocked from viewing or executing moderation routes.

  • A user with both a Writer and an Admin role will pass cleanly, as Statamic combines all assigned permission capabilities behind the scenes.

  • Super Users automatically bypass all permission walls.

3. Sidebar Navigation Control

To prevent interface clutter, the sidebar tool link hides itself automatically using the $this->authorize('view comments'); guard. Only users explicitly permitted to moderate comments will see the terminal button.

Clone this wiki locally