Differentiate admin queryset and api

default discord avatar
ngurajekalast year
4

I have a collection "blog_posts", this collection contains data from each user by a field created_by which a relationship to users collection.


On the frontend, the users will only see their blog post (filtered by created_by and req.user.id).


But in the admin panel, i want that the superadmin to be able to see all of the posts.


Also, when the superadmin access it from the frontend it will behave as a regular user.


Can we achieve this in payload cms?



We've been playing with the

collection.access.read

but it seems the last requirement seems hard to implement, or am i missing something? is there anyway that we can differentiate the request from admin or the frontend?

  • default discord avatar
    jarrod69420last year

    Can you use the req.host to determine where the request is coming from, if it's from the admin panel then allow super admins to view all. If its from another domain, apply only the user logic?

  • default discord avatar
    ngurajekalast year

    Hi @jarrod69420 thank you for the reply. Didn't think of it before, i'll try to implement this.



    But also it would be nice if there's some hooks or middleware that built-in in payload.

  • default discord avatar
    jarrod69420last year

    I think that’s the good thing about payload, it’s not filled with features that most users don’t need. Instead it exposes things that allow you to do what

    you

    need

  • default discord avatar
    ngurajekalast year

    Btw, i took your advice and its working. But i'm using the referer header not the hostname.

    image.png
Star on GitHub

Star

Chat on Discord

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.