Plugin for locking records so only one user can edit them at same time.
This plugin provides the functionality to prevent data loss in cases where multiple users are simultaneously editing the same record within STRAPI v5.
When a user attempts to edit a record that is already being edited, a warning will be displayed.
Plugin version 2.x is aimed at Strapi V5. If you need support for Strapi V4, please follow the 1.x releases. What's new:
document_id
attribute.Since the plugin does not retain any data, we're not providing migration scripts for the database. Strapi should update the columns automatically, however if this does not happen, you can update the columns manually when migrating to Strapi V5:
entityType
has been renamed to entityId
entityIdentifier
has been renamed to entityDocumentId
✅ Safeguards against concurrent editing by restricting access to a record to a single user at a time.
✅ Provides clear visibility of the current editing user, enabling you to easily identify who is working on the record.
1npm i @notum-cz/strapi-plugin-record-locking
1yarn add @notum-cz/strapi-plugin-record-locking
config/plugins.js
and include the following code snippet:1module.exports = ({ env }) => ({
2 'record-locking': {
3 enabled: true,
4 },
5});
We use websockets and you can determine the necessary transport yourself:
1module.exports = ({ env }) => ({
2 'record-locking': {
3 enabled: true,
4 config: {
5 transports: ['websocket'],
6 },
7 },
8});
If you do not specify a transport, the default parameters will be applied:
1DEFAULT_TRANSPORTS: ['polling', 'websocket', 'webtransport'];
In the config/middlewares.js
file either replace 'strapi::security'
with a middleware object (see the example below) or update your existing configuration accordingly.
contentSecurityPolicy.directives.connect-src
array includes "ws:"
and "wss:"
.Content Security Policy
errors in the console.1module.exports = [
2 'strapi::errors',
3 {
4 name: "strapi::security",
5 config: {
6 contentSecurityPolicy: {
7 useDefaults: true,
8 directives: {
9 "connect-src": ["'self'", "https:", "ws:", "wss:", "http:"],
10 "img-src": [
11 "'self'",
12 "data:",
13 "blob:",
14 ],
15 "media-src": ["'self'", "data:", "blob:"],
16 upgradeInsecureRequests: null,
17 },
18 },
19 },
20 },
21 'strapi::cors', ...
While optional, it is highly recommended to implement this step to prevent Socket.io from falling back to the HTTP protocol and generating the following error in the web console.
Refused to connect to <protocol>://<url> because it does not appear in the connect-src directive of the Content Security Policy
Are any of these features significant to you? Please show your support by giving a thumbs up on the linked issues. This will help us assess their priority on the roadmap.
We manage bugs through GitHub Issues.
If you're interested in helping us, you would be a rock ⭐.
The main star: Martin Čapek https://github.com/martincapek
Original Maintainer: Ondřej Mikulčík https://github.com/omikulcik
Active Maintainer: Dominik Juriga https://github.com/dominik-juriga
Project owner: Ondřej Janošík
Join our Discord server to discuss new features, implementation challenges or anything related to this plugin.
✔️ We offer valuable assistance in developing custom STRAPI, web, and mobile apps to fulfill your requirements and goals..
✔️ With a track record of 100+ projects, our open communication and exceptional project management skills provide us with the necessary tools to get your project across the finish line.
📅 To initiate a discussion about your Strapi project, feel free to reach out to us via email at sales@notum.cz. We're here to assist you!
npm install @notum-cz/strapi-plugin-record-locking
Check out the available plugin resources that will help you to develop your plugin or provider and get it listed on the marketplace.