Skip to content
Stelo CMS 🎠

Users

User Management

Section titled “User Management”

User management in Stelo CMS provides role-based access control with three distinct user types: Admin, Editor, and Viewer.

User Roles

Section titled “User Roles”

Admin

Section titled “Admin”
  • Full access to all content and settings
  • User management capabilities
  • System configuration access
  • Can publish/unpublish any content

Editor

Section titled “Editor”
  • Content creation and editing
  • Can manage own content
  • Limited access to system settings
  • Requires approval for publishing (optional)

Viewer

Section titled “Viewer”
  • Read-only access to CMS
  • Can preview content
  • Useful for stakeholders and clients
  • No editing capabilities

User Schema

Section titled “User Schema”
model User {
  id            String    @id @default(cuid())
  name          String?
  email         String    @unique
  emailVerified DateTime?
  image         String?
  role          UserRole  @default(EDITOR)


  createdAt     DateTime  @default(now())
  updatedAt     DateTime  @updatedAt
  lastLoginAt   DateTime?


  accounts      Account[]
  sessions      Session[]
  pages         Page[]
  collections   Collection[]
}


enum UserRole {
  ADMIN
  EDITOR
  VIEWER
}

Authentication

Section titled “Authentication”

Stelo CMS uses NextAuth.js for authentication with support for:

  • Email/password authentication
  • Google OAuth integration
  • Session management
  • Password reset functionality

Permission System

Section titled “Permission System”

The permission system is role-based and enforced at both the API and UI level:

// Permission checks in tRPC procedures
const protectedProcedure = publicProcedure.use(({ ctx, next }) => {
  if (!ctx.session || !ctx.session.user) {
    throw new TRPCError({ code: 'UNAUTHORIZED' });
  }
  return next({
    ctx: {
      session: { ...ctx.session, user: ctx.session.user },
    },
  });
});


const adminProcedure = protectedProcedure.use(({ ctx, next }) => {
  if (ctx.session.user.role !== 'ADMIN') {
    throw new TRPCError({ code: 'FORBIDDEN' });
  }
  return next();
});

User Management Interface

Section titled “User Management Interface”

The CMS provides an intuitive interface for user management:

  • User listing with search and filtering
  • Role assignment and modification
  • Account activation/deactivation
  • Activity monitoring

This user system ensures secure, scalable access control for your CMS while maintaining ease of use for content creators.