Simplify your stack and build anything. Or everything.
Build tomorrow’s web with a modern solution you truly own.
Code-based nature means you can build on top of it to power anything.
It’s time to take back your content infrastructure.

User has no permission

default discord avatar
tile88192 years ago
7

Hello,


I changed the database my project was connected to and I'm starting out with a completely clean database now. Because of this there was no user registered so I manually navigated to the create-first-user page to create a user. This worked and I can now log in with this user but I don't have permissions to edit anything. Not sure how user permissions work in Payload so I don't know where and how and how to change this.

  • discord user avatar
    tylandavis
    2 years ago

    Hey

    @1019671981651677214

    , my guess is that you possibly have a cookie saved in your browser of a user on the old database. Try clearing cookies and see if the problem persists.

  • default discord avatar
    tile88192 years ago

    Hey, I cleared my cache and cookies but the issue persists. I have once again dropped the user from the database and was prompted to create a new user when I opened Payload, but I again can't edit anything using this user.



    If you want I could send you the credentials for the user on my development server for you to see

  • discord user avatar
    tylandavis
    2 years ago

    Is your project already deployed? It could possibly be that you just need to add approriate access control for your collections

  • default discord avatar
    tile88192 years ago

    Yes it's deployed. I'll look into that

  • discord user avatar
    tylandavis
    2 years ago

    feel free to DM me credentials and I can take a look



    have you added CSRF to your Payload config?



    If you are only experiencing these issues on your deployed server, then that is likely the issue.



    import { buildConfig } from 'payload/config';
    
    const config = buildConfig({
      collections: [
        // collections here
      ],
      csrf: [ // whitelist of domains to allow cookie auth from
        'https://your-frontend-app.com',
        'https://your-other-frontend-app.com',
      ],
    });
    
    export default config;


    add the

    csrf

    part to your

    payload.config.ts

    with your domains.

  • default discord avatar
    tile88192 years ago

    Yes that worked


    Thank you so much

  • discord user avatar
    jmikrut
    2 years ago
    nice
Star on GitHub

Star

Chat on Discord

Discord

online

Can't find what you're looking for?

Get dedicated engineering support directly from the Payload team.