diff --git a/docs/Access-Control/collections.mdx b/docs/Access-Control/collections.mdx index 8c63fffefc..75b70f5449 100644 --- a/docs/Access-Control/collections.mdx +++ b/docs/Access-Control/collections.mdx @@ -8,8 +8,8 @@ Collections access control is specified with functions inside a collection confi ## Available Functions -| Function | Allows/Denies Access | -|--------------|-------------------------------------------| +| Function | Allows/Denies Access | +| ---------- | ----------------------------------------- | | **create** | creating a collection document | | **read** | reading a collection document | | **update** | updating a collection document | @@ -19,7 +19,7 @@ Collections access control is specified with functions inside a collection confi ```js // Collection config module.exports = { - slug: 'public-user', + slug: "public-user", // highlight-start access: { create: () => true, @@ -29,7 +29,7 @@ module.exports = { admin: () => true, }, // highlight-end -} +}; ``` ### Create @@ -41,7 +41,7 @@ Create access functions return a boolean result which allows/denies access to cr The function receives one `args` argument that contains the following properties: | Option | Description | -|-----------|-----------------------------------------------------------------------------------------------------| +| --------- | --------------------------------------------------------------------------------------------------- | | **`req`** | The Express `request` object with additional `user` property, which is the currently logged in user | ### Read @@ -53,7 +53,7 @@ Read access functions can return a boolean result or optionally return a [where The function receives one `args` argument that contains the following properties: | Option | Description | -|-----------|-----------------------------------------------------------------------------------------------------| +| --------- | --------------------------------------------------------------------------------------------------- | | **`req`** | The Express `request` object with additional `user` property, which is the currently logged in user | | **`id`** | `id` of document requested. Value is `undefined` if not querying for specific ID | @@ -66,7 +66,7 @@ Update access functions can return a boolean result or optionally return a [wher The function receives one `args` argument that contains the following properties: | Option | Description | -|-----------|-----------------------------------------------------------------------------------------------------| +| --------- | --------------------------------------------------------------------------------------------------- | | **`req`** | The Express `request` object with additional `user` property, which is the currently logged in user | ### Delete @@ -78,7 +78,7 @@ Delete access functions can return a boolean result or optionally return a [wher The function receives one `args` argument that contains the following properties: | Option | Description | -|-----------|-----------------------------------------------------------------------------------------------------| +| --------- | --------------------------------------------------------------------------------------------------- | | **`req`** | The Express `request` object with additional `user` property, which is the currently logged in user | | **`id`** | `id` of the document being deleted | @@ -91,5 +91,5 @@ Admin access functions determine whether or not a user can access the admin UI. It receives one `args` argument that contains the following properties: | Option | Description | -|-----------|-----------------------------------------------------------------------------------------------------| +| --------- | --------------------------------------------------------------------------------------------------- | | **`req`** | The Express `request` object with additional `user` property, which is the currently logged in user | diff --git a/docs/Access-Control/globals.mdx b/docs/Access-Control/globals.mdx index 34bae0ade0..ab70b5ffbf 100644 --- a/docs/Access-Control/globals.mdx +++ b/docs/Access-Control/globals.mdx @@ -4,4 +4,48 @@ label: Globals order: 40 --- -Globals +Globals access control is specified with functions inside a globals config. The functions return a boolean value to allow or deny access for the specified operation. + +## Available Functions + +| Function | Allows/Denies Access | +| ---------- | -------------------------- | +| **read** | reading a global document | +| **update** | updating a global document | + +```js +// Collection config +module.exports = { + slug: "public-user", + // highlight-start + access: { + read: () => true, + update: () => true, + }, + // highlight-end +}; +``` + +### Read + +A read access function allows or denies the ability to read a global. The function must return a boolean result. + +#### Arguments + +The function receives one `args` argument that contains the following properties: + +| Option | Description | +| --------- | --------------------------------------------------------------------------------------------------- | +| **`req`** | The Express `request` object with additional `user` property, which is the currently logged in user | + +### Update + +An update access function allows or denies the ability to update a global. The function must return a boolean result. + +#### Arguments + +The function receives one `args` argument that contains the following properties: + +| Option | Description | +| --------- | --------------------------------------------------------------------------------------------------- | +| **`req`** | The Express `request` object with additional `user` property, which is the currently logged in user |