Hi! The idea is to have some sort of super user role that has full access, and then have X amount of users where each one has a role assigned that allows them to perform certain actions, but at the same time have a field where I can select the collections they have access to.

What would be the best way to structure the user collection to achieve this?

any example to share?

notchr2 years ago
This might be a good place to use a roles plugin. A few community members have built this sort of thing!
denolfe
last year
To implement this, I'd imagine the following:

- Add a
roles
select to your user

- Add a
collectionAccess
relationship field (
hasMany: true
) that can specify what collections they have access to. Lock down this field's access control to those with
admin
role only.

The following post will get you going on the first point:
https://payloadcms.com/blog/build-your-own-rbac

Helper functions like this will help:
```
export const isAdmin: Access<any, User> = ({ req: { user } }) => {
  return user?.roles?.includes('admin')
}
```
https://github.com/payloadcms/website-cms/blob/fix/discord-msg-limit/src/access/isAdmin.ts#L5
https://payloadcms.com/blog/access-control-overview

Open

Continue the discussion in Discord

Star on GitHub

Star

Chat on Discord

Discord

online

Can't find what you're looking for?

Get dedicated engineering support directly from the Payload team.