#Using the admin for a use-case where users belong to a group (e.g., departments)?

I have users who each belong to a department (e.g., biology, psychology). Some data (e.g., articles) should only be accessible to users in the departments for which that article has been assigned. For this case, let's assume that the "articles" table has a column "department" and users also have a column "department". Users should only be able to see articles belonging to their department.

I considered (1) custom permissions on the "articles" table and (2) a custom module. For (2), I was hoping I might be able to import a content Vue component to make use of the table UI and somehow customize the query being to pull data for that table such that only articles within the users' department would be displayed.

I'd appreciate any tips or pointers you can offer. Thanks!

Thanks for posting! This is a community powered server, so you may or may not get an answer based on available help and expertise. To increase your chances of somebody being able to help you, please help us help you making sure you:

• Adding an explanation of exactly what you're trying to achieve.
• Adding any and all related code or previous attempts.
• Describing the exact issue or error you are facing.
• Posting any screenshots if applicable.
• Reading through https://stackoverflow.com/help/how-to-ask.

When you're done with this thread, please close it. Thanks! ✨

(If you have a support agreement and need help, please contact the core team via email.)

(1) sounds like the same approach we take for user content where you can only view your own user data (if you're not an admin).
So assuming you have a role per department you'd set something like this for the biology role on the articles table: ```ts
{ "department": {"_eq":"biology"} }

Remember that you can add custom fields on the native Users table in Directus. You may want to add a "department" dropdown on the user record, then use @outer cedar 's answer above to create your persmission set.

No need to build and maintain custom extensions for this use case 🙂

Thanks @outer cedar and @hollow tinsel. So we have two possibilities then:

1. Create a role for every department and manually setup the permissions on "articles" for each role.

2. Add department to the users table and then just have a "Departmental Users" role.

But for (2), as far as I can tell, I can't do a permission filter on articles content that essentially does { "department": {"_eq": "X-Directus-User-Department" }}. Here, I'm using Hasura-like session information to reference a given user's department dynamically rather than statically-defined as in (1). I suspect I may be missing something important though that might allow for this.

Thanks again!