You can define Global-level Access Control within each Global's access property. All Access Control functions accept one args argument.
**Available argument properties:
| Function | Allows/Denies Access |
|---|---|
read | Used in the findOne Global operation |
update | Used in the update Global operation |
Example Global config:
import { GlobalConfig } from 'payload/types';const Header: GlobalConfig = {slug: "header",access: {read: ({ req: { user } }) => { /* */ },update: ({ req: { user } }) => { /* */ },},};export default Header;
Returns a boolean result or optionally a query constraint which limits who can read this global based on its current properties.
Available argument properties:
| Option | Description |
|---|---|
req | The Express request object containing the currently authenticated user |
Returns a boolean result or optionally a query constraint which limits who can update this global based on its current properties.
Available argument properties:
| Option | Description |
|---|---|
req | The Express request object containing the currently authenticated user |
data | The data passed to update the global with. |