User has no permission

default discord avatar
tile
3 months ago
12

Hello,


I changed the database my project was connected to and I'm starting out with a completely clean database now. Because of this there was no user registered so I manually navigated to the create-first-user page to create a user. This worked and I can now log in with this user but I don't have permissions to edit anything. Not sure how user permissions work in Payload so I don't know where and how and how to change this.

  • discord user avatar
    tylandavis
    Payload Team
    3 months ago

    Hey @tile, my guess is that you possibly have a cookie saved in your browser of a user on the old database. Try clearing cookies and see if the problem persists.

  • default discord avatar
    tile
    3 months ago

    Hey, I cleared my cache and cookies but the issue persists. I have once again dropped the user from the database and was prompted to create a new user when I opened Payload, but I again can't edit anything using this user.



    If you want I could send you the credentials for the user on my development server for you to see

  • discord user avatar
    tylandavis
    Payload Team
    3 months ago

    Is your project already deployed? It could possibly be that you just need to add approriate access control for your collections

  • default discord avatar
    tile
    3 months ago

    Yes it's deployed. I'll look into that

  • discord user avatar
    tylandavis
    Payload Team
    3 months ago

    feel free to DM me credentials and I can take a look



    have you added CSRF to your Payload config?



    If you are only experiencing these issues on your deployed server, then that is likely the issue.



    import { buildConfig } from 'payload/config';
    
    const config = buildConfig({
      collections: [
        // collections here
      ],
      csrf: [ // whitelist of domains to allow cookie auth from
        'https://your-frontend-app.com',
        'https://your-other-frontend-app.com',
      ],
    });
    
    export default config;


    add the

    csrf

    part to your

    payload.config.ts

    with your domains.

  • default discord avatar
    tile
    3 months ago

    Yes that worked


    Thank you so much

  • discord user avatar
    jmikrut
    Payload Team
    3 months ago
    nice
Open the post
Continue the discussion in Discord
Like what we're doing?
Star us on GitHub!

Star

Connect with the Payload Community on Discord

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.