Guides

Opening content permissions

Content models and fields are designed to display content—letting you control which fields are shared publicly. By default, content fields are read-only. In cases where you want your content models and fields to display content and utilize business logic, you’ll need to open the permissions. This is because content models and fields are locked by default to ensure users can’t make changes to them.

For instance, let’s say that you want to integrate a fee system to your Swell store. This fee system will generate fees and apply them to orders—this can be done by using the Backend API. In the case where you want to display these fees to customers during checkout, you will need to open the field’s permissions to get Frontend access.

Be mindful when opening the permissions of your content models and fields. Making these permissions public will grant any user editing access to your store’s content models and fields.

Adjusting the permissions

To open the permissions of your content models and fields, access your content model and field’s permissions and then configure it to have write access:

01
Set up a public key with different permissions

Go to Developer > Console on the dashboard. Make a GET request to /:clients by entering /:self/keys/ in the URI. In the response, find the current public key for swell.js and copy its internal id.

02
Gain access to a model’s permissions

In the developer console, make a PUT request to /:clients and enter /:self/keys/${internal_key_id_from_previous_step} in the URI. In the console Body, execute the following code. This will give you access to the content field’s permissions:

Acessing the permissions
//Execute this code in the Body to gain access to the permissions.

{
  "permissions": {
    "${model_name_to_configure}": {
      "fields": [${field_to_add_access}]
      }
    }
}
03
Open the permissions

Edit the content field’s permissions by adding write access.

Adding write access to the permissions
//Execute this code in the Body to add write access to the content field.

{
  "permissions": {
  "${model_name_to_configure}": {
    "input": {
      "fields": [${field_to_add_write_access}]
    }
  }
  }
}

Great job—That's all there is to it. You’ve successfully opened the content model and field’s permissions for Frontend use.

Using input fields

Content fields can be made writable by use of input.fields.

Input fields
"input": {
        "fields": [
          "billing",
          "billing_schedule",
          "cancel_at_end",
          "canceled",
          "coupon_code",
          "date_pause_end",
          "items.id",
          "items.options",
          "items.product_id",
          "items.quantity",
          "items.variant_id",
          "options",
          "paused",
          "plan_id",
          "product_id",
          "quantity",
          "shipping",
          "variant_id"
        ]
      }

Additionally, records can be limited to a logged-in account (where account_id = current user)

Limiting a record to a logged-in account
"scope": "account"
← Back: Custom fields and modelsNext: Notifications
© 2024 Swell
Terms of servicePrivacy policy