Deny access if no roles
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
tobias 2024-07-06 19:49:50 +02:00
parent abe4a3c883
commit 90f1750945
4 changed files with 23 additions and 26 deletions

View File

@ -37,7 +37,7 @@ export default buildConfig({
collections: [Users, Posts, Authors, Media, Pages],
admin: {
autoLogin: {
email: 'dev@payloadcms.com',
email: 'admin@nextload.test',
password: 'test',
prefillOnly: true,
},

View File

@ -2,11 +2,11 @@ import { Access } from 'payload/types'
import type { User } from 'types/payload-types'
export const isAdmin = ({ req: { user } }: any) => {
if (!user.roles) {
if (!user || !user.roles) {
return false
}
if (user && user.roles?.includes('admin')) {
if (user.roles?.includes('admin')) {
return true
}
@ -14,11 +14,11 @@ export const isAdmin = ({ req: { user } }: any) => {
}
export const isAdminOrCreatedBy = ({ req: { user } }: any) => {
if (user.role) {
if (!user || !user.roles) {
return false
}
if (user && user.role === 'admin') {
if (user.roles?.includes('admin')) {
return true
}
@ -34,27 +34,24 @@ export const isAdminOrCreatedBy = ({ req: { user } }: any) => {
}
export const isAdminOrSelf = ({ req: { user } }: any) => {
if (user) {
if (!user.roles) {
return false
}
if (user.roles?.includes('admin')) {
return true
}
// Non-admin: can only access themselves
return {
id: {
equals: user.id,
},
}
if (!user || !user.roles) {
return false
}
if (user.roles?.includes('admin')) {
return true
}
// Non-admin: can only access themselves
return {
id: {
equals: user.id,
},
}
return false
}
export const isAdminOrPublished = ({ req: { user } }: any) => {
if (user && user?.role === 'admin') {
if (user.roles?.includes('admin')) {
return true
}

View File

@ -2,11 +2,11 @@ import { Access, FieldAccess } from 'payload/types'
import type { User } from 'types/payload-types'
export const isEditor = ({ req: { user } }: any) => {
if (!user.roles) {
if (!user || !user.roles) {
return false
}
if (user && user?.roles?.some((role: string) => ['editor', 'admin'].includes(role))) {
if (user?.roles?.some((role: string) => ['editor', 'admin'].includes(role))) {
return true
}

View File

@ -2,11 +2,11 @@ import { Access, FieldAccess } from 'payload/types'
import type { User } from 'types/payload-types'
export const isUser = ({ req: { user } }: any) => {
if (!user.roles) {
if (!user || !user.roles) {
return false
}
if (user && user?.roles?.some((role: string) => ['user', 'editor', 'admin'].includes(role))) {
if (user?.roles?.some((role: string) => ['user', 'editor', 'admin'].includes(role))) {
return true
}