On this page

Users

The users collection is a multi-entry collection that stores users and is tightly bound with the authentication and API guard functionalities.

Definition

The collection includes the following fields, with required fields indicated by the R symbol:

Field	Type	Description
`isActive`	switch	Determines the user's login access to the CMS.
`isAdmin`	switch	Administrators have all privileges within the CMS, regardless of their role and capabilities.
`firstName`	text	The user's first name.
`lastName`	text	The user's last name.
`email` R	text	A unique email address is assigned to users, serving as their login credential.
`password` R	text	The user's password is stored in the database as a hash using Argon2.
`role`	record	Defines the user's base capabilities within the CMS.
`capabilities`	chips	List of capabilities granted to the user in addition to their role capabilities.
`dashboardLanguage` R	select	The preferred language for the dashboard interface (experimental feature).
`dateFormat` R	text	The preferred format for displaying date strings in the dashboard.
`timeFormat` R	text	The preferred format for displaying time strings in the dashboard.
`createdAt`	date-time	An automatically generated timestamp indicating when the user was created.
`updatedAt`	date-time	An automatically generated timestamp indicating when the user was last updated.
`id`	number	The unique identifier of the record.

Check out the collection definition on GitHub for more details.

Roles and capabilities

User capabilities allow users to perform specific actions through the API. Pruvious has predefined the following capabilities:

Capability	Description
`access-dashboard`	Specifies if the user can access the CMS dashboard.
`clear-cache`	Specifies if the user can clear the cache using the /api/clear-cache API endpoint.
`collection-{name}-create`	Automatically generated capability that allows users to create individual records in a multi-entry collection.
`collection-{name}-create-many`	Automatically generated capability that allows users to create multiple records in a multi-entry collection.
`collection-{name}-read`	Automatically generated capability that allows users to read individual collection records.
`collection-{name}-read-many`	Automatically generated capability that allows users to read multiple records in a multi-entry collection.
`collection-{name}-update`	Automatically generated capability that allows users to update individual collection records.
`collection-{name}-update-many`	Automatically generated capability that allows users to update multiple records in a multi-entry collection.
`collection-{name}-delete`	Automatically generated capability that allows users to delete individual records in a multi-entry collection.
`collection-{name}-delete-many`	Automatically generated capability that allows users to delete multiple records in a multi-entry collection.
`update-profile`	Specifies if the user can update their profile using the /api/profile API route.

You can specify additional capabilities in your nuxt.config.ts file as follows:

# nuxt.config.ts

export default defineNuxtConfig({
  modules: ['pruvious'],
  pruvious: {
    customCapabilities: ['manage-api-keys', 'send-emails'],
  },
})

Guards

Guards are security layers that are triggered during certain CRUD operations on collections and fields. They can be added to collection and field definitions by using the guards property. Here's an example:

# collections/api-keys.ts

import { defineCollection, hasCapability } from '#pruvious'

export default defineCollection({
  name: 'api-keys',
  label: 'API Keys',
  mode: 'single',
  guards: [
    async ({ user }) => {
      if (!hasCapability(user, 'manage-api-keys')) {
        throw new Error('You are not allowed to manage API keys')
      }
    },
  ],
  fields: {
    cloudflare: {
      type: 'text',
      options: {},
    },
  },
})

Last updated on January 6, 2024 at 12:45

Uploads

Query builder