Hello everyone,
I have three users:
- 1 that is only admin.
- 1 that is admin and user.
- 1 that is only user.
The first two have no problems logging in or anything else.
However the one that is only "user" gets this error when logging in:
Unauthorized, you must be logged in to make this request.
You are not allowed to access this page.
The URL is the dashboard -> my-url/admin
I haven't changed anything access wise, only added the users.
Does anyone know how to fix it?
@bensler So you have a single collection type for users / admins?
May we check out the collection?
I used the default website template on the payload cloud site. It gave me two roles, user and admin
Sure thing, may we see the collection?
export const UserFields: CollectionConfig['fields'] = [
{
name: 'name',
type: 'text',
},
{
name: 'roles',
type: 'select',
hasMany: true,
saveToJWT: true,
hooks: {
beforeChange: [ensureFirstUserIsAdmin],
},
defaultValue: ['user'],
options: [
{
label: 'admin',
value: 'admin',
},
{
label: 'user',
value: 'user',
},
],
access: {
read: admins,
create: admins,
update: admins,
},
},
]
const Users: CollectionConfig = {
slug: 'users',
admin: {
useAsTitle: 'name',
defaultColumns: ['name', 'email'],
},
access: {
read: adminsAndUser,
create: anyone,
update: adminsAndUser,
delete: admins,
admin: ({ req: { user } }) => checkRole(['admin'], user),
},
auth: true,
fields: UserFields,
timestamps: true,
}
export default Users
Is this what you want? 🙂
hmmm
@bensler temporarily
replace the read value, adminsAndUser with
() => true
read: () => true,
and then try logging in
we can determine the source of the issue
Same error
try removing
admin: ({ req: { user } }) => checkRole(['admin'], user),
That did the trick, thank you 🙂
@jarrod_not_jared what does that code do? I am facing similar issue, wouldnt removing that code create some security thing since that checks the role?
@bensler wanted all users to be able to log in to the admin panel, but was restricting it based on the
admin
role. A user that did not have that role would never be able to access the admin panel.
so he would need to extend it to check admin and user roles, or create some other more generic field/setting on a user that allows them to login. Similar convo here:
https://discord.com/channels/967097582721572934/1126801396331708466I was testing this repo yesterday
https://discord.com/channels/967097582721572934/1125626247343517707/1126641928633589852and faced this issue where I could not login
https://github.com/payloadcms/payload/blob/master/examples/auth/cms/src/collections/Users.ts#L28
and that line of code is also here
@generator101 Interesting, does anyone know the default value of that function?
must return false or undefined
@generator101 Looks like there are a couple small bugs with this example proj, looking into em now
thanks @jarrod_not_jared for now I just commented that hook and it seems to be working but good to get an idea of what is causing the issue
So I fixed the duplicate
user
role being added. The other issue you are having with not being able to create a user with the admin role, makes sense. You really do not want all users to be able to add the
admin
role by adding it to the form data. This line (
https://github.com/payloadcms/payload/blob/master/examples/auth/cms/src/collections/hooks/protectRoles.ts#L7) is responsible for allowing only a specific email address
demo@payloadcms.com
to be considered admin. You could adjust this logic to fit your needs though.
@jarrod_not_jared thanks, that didnt seem to fix the issue, I am an admin and still cannot login
Did you adjust that line like mentioned?
yeah, I update the hook but I left
const isAdmin = req.user?.roles.includes('admin')
which I think should be sufficient no?
I already have admin user
but somehow this hook changes that role to user
Oh I see, can you add
saveToJWT: true,
to the roles field on the users collection
@jarrod_not_jared unfortunately if I enable
admin: ({ req: { user } }) => checkRole(['admin'], user),
I still have unauthorized message error
AH
my fix for the protectRoles function was wrong. updated, see here:
https://github.com/payloadcms/payload/commit/4b60845c670a211b9052f48c7dd7793350f0e8c8Star
Discord
online
Get help straight from the Payload team with an Enterprise License.