"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."
Microsoft chose Payload to tell the world about AI.
"You are not allowed to perform this action."
Yeah v3 move Payload over to NextJS so the devX is a lot better, it’s still in beta though 😄
i would def be open to using v3 in the future
would v3 solve these issues?
ah got it. this makes a lot of sense
Generally speaking, any config changes made to your collections, globals, fields, or Payload Config require some kind of server restart. if you are making visual changes like labels or custom React changes, they tend to refresh fine with nodemon
no, refreshing the server. In V2 its a React App running on an express server, so sometimes you need to restart the express server rather than just relying on nodemon to do it
What does a full refresh mean in this case? refreshing the browser or something else?
v2
if it's v2 then it sometimes requires a full refresh when you make an update to your collection
Payload v2 or v3 beta?
I didn't add any new code/change the curl either. I just re-used what was in my terminal history
Truthfully unsure. It started working after I restarted my server, and thank you for the help
that's the only thing i can think of
migrations run on server startup, but that's a Database operation, that won't have any impact on your access control unless there was an issue preventing your server from starting?
It's possible the resource was just previously missing
Okay I just started my server and it asked to push a schema. It seems like its working now after that. I don't think I understand the migrations well. Does it run on server start?
go dump your request and I'll take a peak
I believe I have both done
If you leave the access control to the default mode, i.e. not including an
access: { }field in your collection, you must pass an authorization header to all requests attempting to access that collection via the API, or including a httpOnly cookie with
credentials: 'include'as part of your fetch request
That's what I have at the moment
Just using a simple curl to see how it works
Access Control runs when ever a resource from a collection is requested. By default, Access Control disables public access to all operations in a collection unless specified otherwise. That means you must either be performing an operation while logged into the Payload Admin UI, or attach an Authorization header to your fetch requests in order to perform CRUD operations on a collection. This is done in order to protect your data from malicious intent.
If you wish to allow unrestricted CRUD on your collection, you can set each access control params to () => true;
read: () => true // allows public GET update: () => true // allows public PATCH create: () => true // allows public POST delete: () => true // allows public DELETEThat's correct
How are you trying to access the Payload API, with an API key?
I followed these steps and looked around the documentation, but can't seem to get it to work. What might I be missing?
https://payloadcms.com/community-help/discord/how-can-define-a-apikey-for-all-document-models-for-ex-media
Star
Discord
online
Get dedicated engineering support directly from the Payload team.