Deny access if no roles
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
tobias 2024-07-06 19:49:50 +02:00
parent abe4a3c883
commit 90f1750945
4 changed files with 23 additions and 26 deletions

View File

@ -37,7 +37,7 @@ export default buildConfig({
collections: [Users, Posts, Authors, Media, Pages], collections: [Users, Posts, Authors, Media, Pages],
admin: { admin: {
autoLogin: { autoLogin: {
email: 'dev@payloadcms.com', email: 'admin@nextload.test',
password: 'test', password: 'test',
prefillOnly: true, prefillOnly: true,
}, },

View File

@ -2,11 +2,11 @@ import { Access } from 'payload/types'
import type { User } from 'types/payload-types' import type { User } from 'types/payload-types'
export const isAdmin = ({ req: { user } }: any) => { export const isAdmin = ({ req: { user } }: any) => {
if (!user.roles) { if (!user || !user.roles) {
return false return false
} }
if (user && user.roles?.includes('admin')) { if (user.roles?.includes('admin')) {
return true return true
} }
@ -14,11 +14,11 @@ export const isAdmin = ({ req: { user } }: any) => {
} }
export const isAdminOrCreatedBy = ({ req: { user } }: any) => { export const isAdminOrCreatedBy = ({ req: { user } }: any) => {
if (user.role) { if (!user || !user.roles) {
return false return false
} }
if (user && user.role === 'admin') { if (user.roles?.includes('admin')) {
return true return true
} }
@ -34,27 +34,24 @@ export const isAdminOrCreatedBy = ({ req: { user } }: any) => {
} }
export const isAdminOrSelf = ({ req: { user } }: any) => { export const isAdminOrSelf = ({ req: { user } }: any) => {
if (user) { if (!user || !user.roles) {
if (!user.roles) { return false
return false }
}
if (user.roles?.includes('admin')) {
if (user.roles?.includes('admin')) { return true
return true }
}
// Non-admin: can only access themselves
// Non-admin: can only access themselves return {
return { id: {
id: { equals: user.id,
equals: user.id, },
},
}
} }
return false
} }
export const isAdminOrPublished = ({ req: { user } }: any) => { export const isAdminOrPublished = ({ req: { user } }: any) => {
if (user && user?.role === 'admin') { if (user.roles?.includes('admin')) {
return true return true
} }

View File

@ -2,11 +2,11 @@ import { Access, FieldAccess } from 'payload/types'
import type { User } from 'types/payload-types' import type { User } from 'types/payload-types'
export const isEditor = ({ req: { user } }: any) => { export const isEditor = ({ req: { user } }: any) => {
if (!user.roles) { if (!user || !user.roles) {
return false return false
} }
if (user && user?.roles?.some((role: string) => ['editor', 'admin'].includes(role))) { if (user?.roles?.some((role: string) => ['editor', 'admin'].includes(role))) {
return true return true
} }

View File

@ -2,11 +2,11 @@ import { Access, FieldAccess } from 'payload/types'
import type { User } from 'types/payload-types' import type { User } from 'types/payload-types'
export const isUser = ({ req: { user } }: any) => { export const isUser = ({ req: { user } }: any) => {
if (!user.roles) { if (!user || !user.roles) {
return false return false
} }
if (user && user?.roles?.some((role: string) => ['user', 'editor', 'admin'].includes(role))) { if (user?.roles?.some((role: string) => ['user', 'editor', 'admin'].includes(role))) {
return true return true
} }