This plugin provides the functionality to prevent data loss in cases where multiple users are simultaneously editing the same record within STRAPI v5.
When a user attempts to edit a record that is already being edited, a warning will be displayed.
Plugin version 2.x is aimed at Strapi V5. If you need support for Strapi V4, please follow the 1.x releases. What's new:
- TypeScript rewrite.
- Overall code refactor to make it safer & more readable.
- Strapi V5 support.
- Records are now matched based on
document_id
attribute.
- Records are now matched based on
Since the plugin does not retain any data, we're not providing migration scripts for the database. Strapi should update the columns automatically, however if this does not happen, you can update the columns manually when migrating to Strapi V5:
- column
entityType
has been renamed toentityId
- column
entityIdentifier
has been renamed toentityDocumentId
✅ Safeguards against concurrent editing by restricting access to a record to a single user at a time.
✅ Provides clear visibility of the current editing user, enabling you to easily identify who is working on the record.
npm i @notum-cz/strapi-plugin-record-locking
yarn add @notum-cz/strapi-plugin-record-locking
module.exports = ({ env }) => ({
'record-locking': {
enabled: true,
},
});
We use websockets and you can determine the necessary transport yourself:
module.exports = ({ env }) => ({
'record-locking': {
enabled: true,
config: {
transports: ['websocket'],
},
},
});
If you do not specify a transport, the default parameters will be applied:
DEFAULT_TRANSPORTS: ['polling', 'websocket', 'webtransport'];
In the config/middlewares.js
file either replace 'strapi::security'
with a middleware object (see the example below) or update your existing configuration accordingly.
- Ensure that
contentSecurityPolicy.directives.connect-src
array includes"ws:"
and"wss:"
. - Rebuild Strapi and test record locking features.
- You should not encounter any
Content Security Policy
errors in the console.
module.exports = [
'strapi::errors',
{
name: "strapi::security",
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
"connect-src": ["'self'", "https:", "ws:", "wss:", "http:"],
"img-src": [
"'self'",
"data:",
"blob:",
],
"media-src": ["'self'", "data:", "blob:"],
upgradeInsecureRequests: null,
},
},
},
},
'strapi::cors', ...
While optional, it is highly recommended to implement this step to prevent Socket.io from falling back to the HTTP protocol and generating the following error in the web console.
Refused to connect to <protocol>://<url> because it does not appear in the connect-src directive of the Content Security Policy
Are any of these features significant to you? Please show your support by giving a thumbs up on the linked issues. This will help us assess their priority on the roadmap.
We manage bugs through GitHub Issues.
If you're interested in helping us, you would be a rock ⭐.
The main star: Martin Čapek https://github.com/martincapek
Original Maintainer: Ondřej Mikulčík https://github.com/omikulcik
Active Maintainer: Dominik Juriga https://github.com/dominik-juriga
Project owner: Ondřej Janošík
Join our Discord server to discuss new features, implementation challenges or anything related to this plugin.
🚀 Created with passion by Notum Technologies
- Official STRAPI partner and Czech based custom development agency.
- We're passionate about sharing our expertise with the open source community, which is why we developed this plugin. 🖤
✔️ We offer valuable assistance in developing custom STRAPI, web, and mobile apps to fulfill your requirements and goals..
✔️ With a track record of 100+ projects, our open communication and exceptional project management skills provide us with the necessary tools to get your project across the finish line.
📅 To initiate a discussion about your Strapi project, feel free to reach out to us via email at [email protected]. We're here to assist you!