HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Strapi

>

Releases

>

3.1.0

Strapi Release: 3.1.0

Tag Name: v3.1.0

Release Date: 7/21/2020

View Release
Strapi LogoStrapi

Open-source headless CMS built with Node.js. Provides developers with complete freedom in choosing their favorite tools and frameworks for frontend development.

Open SourceHeadlessDeveloper-Friendly

TL;DR

Strapi v3.1.0 introduces a major new Role-Based Access Control (RBAC) system, allowing for granular permission management across the admin panel. This release also includes automatic JPEG image rotation based on EXIF data, improved Markdown support in the WYSIWYG editor, and various bug fixes and enhancements.

Highlight of the Release

    • New Role-Based Access Control (RBAC) system for granular permission management
    • Automatic JPEG image rotation based on EXIF orientation data
    • Enhanced Markdown support in the WYSIWYG editor
    • Improved environment variable loading

Migration Guide

A comprehensive migration guide from v3.0.x to v3.1.x is available in the official Strapi documentation: Migration Guide

Key migration points:

  1. Permissions System Changes: The new RBAC system changes how permissions work in Strapi. Existing roles will be migrated automatically, but you may need to review and adjust permissions after upgrading.

  2. JWT Token Generation: If you're using JWT tokens for authentication, the guide includes tips on generating tokens with the new permission system.

  3. Database Changes: The update includes changes to the database schema for users and permissions.

Upgrade Recommendations

This is a significant feature release that introduces the new RBAC system. We recommend:

  1. Backup your database before upgrading
  2. Read the migration guide thoroughly
  3. Test the upgrade in a development environment first
  4. After upgrading, review all user roles and permissions to ensure they align with your security requirements

The upgrade process should be straightforward for most users, but due to the significant changes to the permissions system, careful testing is advised.

Bug Fixes

Core Framework

  • Fixed an issue with environment variable loading to ensure .env files are loaded at the correct moment in the application lifecycle

Admin Panel

  • Fixed various UI bugs in the roles management interface
  • Fixed issues with the Content Manager's error handling
  • Addressed permission-related bugs in the admin controllers

New Features

Role-Based Access Control (RBAC)

The major new feature in Strapi v3.1.0 is the comprehensive Role-Based Access Control system. This allows administrators to:

  • Create custom roles with specific permissions
  • Control access at a granular level (content types, fields, actions)
  • Set conditions for permissions
  • Manage user access more effectively
  • Protect sensitive content and operations

The RBAC system introduces a new permissions UI in the admin panel that makes it easy to configure who can access what within your Strapi application.

Automatic JPEG Image Rotation

The upload plugin now automatically rotates JPEG images based on their EXIF orientation tag. This ensures that images are displayed correctly regardless of how they were captured by the camera.

Security Updates

User Management

  • Added protection to prevent deletion of the last super admin user
  • Added validation to prevent disabling the last super admin account
  • Improved security around role management and permissions

Performance Improvements

Admin Panel

  • Improved performance in the Content Manager by optimizing permission checks
  • Added selectors to avoid unnecessary re-renders in the UI
  • Optimized database queries related to permission checks

Impact Summary

Strapi v3.1.0 represents a major enhancement to the platform's security and user management capabilities through the introduction of the Role-Based Access Control system. This feature significantly improves how administrators can manage permissions and access control within their Strapi applications.

The new RBAC system allows for much more granular control over what users can see and do within the admin panel, enabling organizations to better align system access with job responsibilities and security requirements. This is particularly valuable for larger teams with diverse roles and responsibilities.

Additionally, quality-of-life improvements like automatic JPEG rotation and enhanced Markdown support improve the content management experience for editors. The fixes to environment variable loading also address an important technical issue that ensures configuration is properly loaded at application startup.

Overall, this release enhances both the security posture and usability of Strapi applications, making it a recommended upgrade for most users.

Full Release Notes

Migration guide here

🚀 New feature

💅 Enhancement

  • [documentation] Fix links wrong documentation version (#6781) @lauriejim
  • [plugin:content-manager] Change preview for markdown-it in order to have all md support (#7041) @soupette
  • [plugin:content-manager] Update slugify dependency (#7063) @abdonrd

🐛 Bug fix

Statistics:

File Changed300
Line Additions10,612
Line Deletions879
Line Changes11,491
Total Commits250

User Affected:

  • Can now create and manage custom roles with granular permissions
  • Can control access to specific content types, fields, and actions
  • Can manage user permissions more effectively with the new RBAC system

Contributors:

petersg83soupetteHichamELBSIalexandrebodinConvlyRileyMSheardpidalbitresb12sgauthiertremblayNaylepshalxnktabdonrd