Hi! The idea is to have some sort of super user role that has full access, and then have X amount of users where each one has a role assigned that allows them to perform certain actions, but at the same time have a field where I can select the collections they have access to.
What would be the best way to structure the user collection to achieve this?
any example to share?
This might be a good place to use a roles plugin. A few community members have built this sort of thing!
To implement this, I'd imagine the following:
- Add a
roles
select to your user
- Add a
collectionAccess
relationship field (
hasMany: true
) that can specify what collections they have access to. Lock down this field's access control to those with
admin
role only.
The following post will get you going on the first point:
https://payloadcms.com/blog/build-your-own-rbacHelper functions like this will help:
export const isAdmin: Access<any, User> = ({ req: { user } }) => {
return user?.roles?.includes('admin')
}
Star
Discord
online
Get dedicated engineering support directly from the Payload team..