56 lines
1.1 KiB
Plaintext
56 lines
1.1 KiB
Plaintext
---
|
|
title: Access Control Config
|
|
label: Config
|
|
order: 10
|
|
---
|
|
|
|
Access can be configured at a Collection-level or field-level within your Collection configuration.
|
|
|
|
Talk about how you can access the user from the req
|
|
|
|
Talk about how you can return either a boolean, or in certain access functions, a `where` query constraint. This will be difficult to understand soo we should be very descriptive and low-level.
|
|
|
|
```js
|
|
// Collection config
|
|
module.exports = {
|
|
slug: 'public-user',
|
|
// highlight-start
|
|
access: {
|
|
create: () => true,
|
|
read: () => true,
|
|
update: () => true,
|
|
delete: () => true,
|
|
admin: () => true,
|
|
},
|
|
// highlight-end
|
|
fields: [
|
|
{
|
|
name: 'lockedDownField',
|
|
label: 'Locked Down',
|
|
type: 'text'
|
|
// highlight-start
|
|
access: {
|
|
create: () => true,
|
|
read: () => true,
|
|
update: () => true,
|
|
delete: () => true,
|
|
},
|
|
// highlight-end
|
|
};
|
|
],
|
|
}
|
|
```
|
|
|
|
### Collections
|
|
|
|
Talk about collection-level access control here.
|
|
|
|
|
|
### Globals
|
|
|
|
Talk about global access control here.
|
|
|
|
### Fields
|
|
|
|
Talk about field-level access control here.
|