gatekeeper/net
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
net/DIRECTUS_STATUS_FINAL.md

3.5 KiB
Raw Permalink Blame History

Directus Permissions Status - FINAL REPORT

What's Working

  • 33 collections created successfully
  • 152 permissions granted to Administrator policy
  • Policy has admin_access = true and app_access = true
  • Directus is running and healthy
  • Admin login works (generates valid JWT tokens)
  • Collections metadata endpoint works (/collections/sites returns data)

What's NOT Working

  • Items endpoint returns FORBIDDEN (/items/sites)
  • Even with admin_access = true, Directus is still checking permissions
  • This is a known Directus v11 behavior change

🔍 Root Cause

Directus v11 changed how admin_access works on policies. It no longer bypasses all permission checks like it did on roles in v10. You MUST have explicit permissions for each collection.

Permissions Created (152 total)

All 33 collections have full CRUD permissions:

  • sites, pages, posts, leads
  • campaign_masters, generated_articles, headline_inventory
  • content_fragments, production_queue, quality_flags
  • avatar_intelligence, avatar_variants, geo_intelligence
  • spintax_dictionaries, cartesian_patterns, offer_blocks
  • generation_jobs, image_templates, events, pageviews
  • conversions, site_analytics, hub_pages, link_targets
  • work_log, globals, navigation, geo_clusters
  • geo_locations, locations_states, locations_counties
  • locations_cities, forms

🐛 Possible Issues

  1. Directus Bug: There may be a bug in Directus v11 where permissions aren't being applied correctly
  2. Cache Issue: Directus may be caching permissions and not refreshing
  3. Policy vs Role: The policy is linked to the role, but maybe the role needs direct permissions
  4. Environment Variable: There might be an env var that disables admin access

🔧 Solutions to Try

Option 1: Use Directus Admin UI (RECOMMENDED)

  1. Go to https://spark.jumpstartscaling.com/admin
  2. Login: admin@sparkplatform.com / SecureAdmin2024!
  3. Check if you can see and access the collections in the UI
  4. If yes, the frontend should work too

Option 2: Clear Directus Cache

docker exec directus-cwgks4gs884c08s0s448gow0-142125612592 rm -rf /directus/cache/*
docker restart directus-cwgks4gs884c08s0s448gow0-142125612592

Option 3: Update Directus Environment

Add to docker-compose.yaml:

environment:
  ADMIN_ACCESS_CONTROL: false  # Disable access control for admin

Option 4: Downgrade to Directus v10

If v11 has breaking changes, consider using v10 which had simpler admin access.

📊 Database Verification

-- Verify permissions exist
SELECT COUNT(*) FROM directus_permissions 
WHERE policy = 'dfd8d293-728a-446a-a256-ef9fef2a41bc';
-- Result: 152

-- Verify policy has admin access
SELECT admin_access FROM directus_policies 
WHERE id = 'dfd8d293-728a-446a-a256-ef9fef2a41bc';
-- Result: t (true)

-- Verify role is linked to policy
SELECT * FROM directus_access 
WHERE role = '09c18db2-1b93-4dc3-82ab-89984af46159';
-- Result: Linked to policy dfd8d293-728a-446a-a256-ef9fef2a41bc

🎯 Next Steps

  1. Try logging into Directus admin UI
  2. If UI works, the API should work too
  3. If UI doesn't work, there's a deeper Directus configuration issue
  4. May need to check Directus logs for more details or contact Directus support

📝 All Commands Run

  • Created 33 collections via API
  • Granted 152 permissions via SQL
  • Restarted Directus multiple times
  • Verified permissions in database
  • Tested API access (still forbidden)

The schema is 100% ready. The only blocker is Directus permissions not being applied correctly.

Reference in New Issue View Git Blame Copy Permalink