Deny access if no roles
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
abe4a3c883
commit
90f1750945
@ -37,7 +37,7 @@ export default buildConfig({
|
||||
collections: [Users, Posts, Authors, Media, Pages],
|
||||
admin: {
|
||||
autoLogin: {
|
||||
email: 'dev@payloadcms.com',
|
||||
email: 'admin@nextload.test',
|
||||
password: 'test',
|
||||
prefillOnly: true,
|
||||
},
|
||||
|
@ -2,11 +2,11 @@ import { Access } from 'payload/types'
|
||||
import type { User } from 'types/payload-types'
|
||||
|
||||
export const isAdmin = ({ req: { user } }: any) => {
|
||||
if (!user.roles) {
|
||||
if (!user || !user.roles) {
|
||||
return false
|
||||
}
|
||||
|
||||
if (user && user.roles?.includes('admin')) {
|
||||
if (user.roles?.includes('admin')) {
|
||||
return true
|
||||
}
|
||||
|
||||
@ -14,11 +14,11 @@ export const isAdmin = ({ req: { user } }: any) => {
|
||||
}
|
||||
|
||||
export const isAdminOrCreatedBy = ({ req: { user } }: any) => {
|
||||
if (user.role) {
|
||||
if (!user || !user.roles) {
|
||||
return false
|
||||
}
|
||||
|
||||
if (user && user.role === 'admin') {
|
||||
if (user.roles?.includes('admin')) {
|
||||
return true
|
||||
}
|
||||
|
||||
@ -34,27 +34,24 @@ export const isAdminOrCreatedBy = ({ req: { user } }: any) => {
|
||||
}
|
||||
|
||||
export const isAdminOrSelf = ({ req: { user } }: any) => {
|
||||
if (user) {
|
||||
if (!user.roles) {
|
||||
return false
|
||||
}
|
||||
|
||||
if (user.roles?.includes('admin')) {
|
||||
return true
|
||||
}
|
||||
|
||||
// Non-admin: can only access themselves
|
||||
return {
|
||||
id: {
|
||||
equals: user.id,
|
||||
},
|
||||
}
|
||||
if (!user || !user.roles) {
|
||||
return false
|
||||
}
|
||||
|
||||
if (user.roles?.includes('admin')) {
|
||||
return true
|
||||
}
|
||||
|
||||
// Non-admin: can only access themselves
|
||||
return {
|
||||
id: {
|
||||
equals: user.id,
|
||||
},
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
export const isAdminOrPublished = ({ req: { user } }: any) => {
|
||||
if (user && user?.role === 'admin') {
|
||||
if (user.roles?.includes('admin')) {
|
||||
return true
|
||||
}
|
||||
|
||||
|
@ -2,11 +2,11 @@ import { Access, FieldAccess } from 'payload/types'
|
||||
import type { User } from 'types/payload-types'
|
||||
|
||||
export const isEditor = ({ req: { user } }: any) => {
|
||||
if (!user.roles) {
|
||||
if (!user || !user.roles) {
|
||||
return false
|
||||
}
|
||||
|
||||
if (user && user?.roles?.some((role: string) => ['editor', 'admin'].includes(role))) {
|
||||
if (user?.roles?.some((role: string) => ['editor', 'admin'].includes(role))) {
|
||||
return true
|
||||
}
|
||||
|
||||
|
@ -2,11 +2,11 @@ import { Access, FieldAccess } from 'payload/types'
|
||||
import type { User } from 'types/payload-types'
|
||||
|
||||
export const isUser = ({ req: { user } }: any) => {
|
||||
if (!user.roles) {
|
||||
if (!user || !user.roles) {
|
||||
return false
|
||||
}
|
||||
|
||||
if (user && user?.roles?.some((role: string) => ['user', 'editor', 'admin'].includes(role))) {
|
||||
if (user?.roles?.some((role: string) => ['user', 'editor', 'admin'].includes(role))) {
|
||||
return true
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user