"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."
Get the resources you need to start building today
Microsoft chose Payload to tell the world about AI.
See and edit own account only
I'm implementing a basic RBAC, how can I have an editor role which should only be able to see and edit their own account, I already locked the role field behind the manager role
here is a good starter
https://github.com/payloadcms/payload/blob/main/examples/auth/src/collections/Users.tsTried both ways and still get the same result with both when trying to access the /admin/account route with a non admin user.
hmmm, works for others.
And you are getting an error and not a redirect.
Share the relevant parts of the code, we will figuree it out.
Here's the temporary repo
@795565624860344320, it has nothing besides the the users. I think the issue could be linked to
({ req, doc })because
docgives me the "TS2339: Property
docdoes not exist on type
AccessArgs<any>" error.
https://github.com/shimizu-izumi/payload-issue
you don't need doc, doc is when you do fields
here's one of mine
import { AccessArgs, FieldAccess } from "payload" import type { Where } from "payload" import type { User } from "@/payload/payload-types" type isAuthenticated = (args: AccessArgs<User>) => boolean | Where export const self: isAuthenticated = ({ req: { user } }) => { if (user) { if (user.roles?.includes("admin") || user.roles?.includes("moderator")) { return true } return { id: { equals: user.id, }, } } return false } export const selfcreated: isAuthenticated = ({ req: { user } }) => { if (user) { if (user.roles?.includes("admin") || user.roles?.includes("moderator")) { return true } return { createdBy: { equals: user.id, }, } } return false } export const selffields: FieldAccess = ({ req: { user }, doc }) => { if (user) { if (user.roles?.includes("admin") || user.roles?.includes("moderator")) { return true } if (doc && doc.id === user.id) { return true } } return false }I am currently orientating myself on this and it has doc, so I have it too
Downloaded the auth example and even after updating the dependencies to the newest versions it resulted in a redirect
@795565624860344320I'm really confused now
but the auth example works out of the box? So before your changes?
Izumi is spring in Japanese, right?
Auth example works, my basically blank project gives me the not found error
I'm still learning Japanese so it's just a username, but from what I learned so far, yes "spring" should be correct
Maybe you need describe the use case you are trying to implement again.
Just scrolled up the initial question included /admin/account and users can see on that page.
The page (view) uses the user from the request to query the data.
So maybe you are worrying about something, that is no problem?
Ok, here is more detail on why I need this:
The final website will have a news system (that's where Payload comes in), I want the admin dashboard to have at least 2 roles, editor and admin (permissions are probably self-explanatory), people on the team with the editor role should only be able to see and update their own account in the admin dashboard
Ah! So you create an own dashboard for the users?
And it is not Payload's Account page?
User authentication is done using logto (makes things easier with the game launcher and game server), the website will have an account settings page for that. I want to use Payload internally to manage the news on the website
So you have your own page and not the /admin/accounts page.
Everything
/admin/is PayloadCMS, not your app.
/account => user can manage his account
/admin/account (?) => team member can manage their payload account (except for deleting it)
Something like that would be the end result I want
and where you face issues?
/admin/accounttakes the PayloadCMS user and only presents data when found. You do not need to change anything there, I guess.
Your custom page
/account/should do the same. Take the user make the query.
Ok, let me rephrase it:
I want to hide the usera collection from team members without admin role, while they can still access /admin/account to edit their own user there (except the role)
Actually, I think I'll just make it easy for myself and don't allow team members to edit their own user.
Ok decided to try it one more time and this worked this time, thanks.
yeh my access controls are different from the ones in the templates. seems like the ones in the templates have been changed not sure if its for the better
Star
Discord
online
Get dedicated engineering support directly from the Payload team.