b383eb65c6
* feat: autolabel fields when omitted * feat: handle autolabel in graphql mutation build * feat: autolabel blocks * test: add required slug field to blocks * feat: handle graphql names when label is false * feat: adds relationship field to test searchable input * feat: handle block cell type labeling pluralization * docs: remove all explicit labeling, no longer needed * fix: falsey column labels, allows false array labels * fix: client tests * fix: auto-labels globals * docs: globals auto-labeling and hooks clarification * fix; proper object type naming Co-authored-by: James <james@trbl.design>
76 lines
3.0 KiB
Plaintext
76 lines
3.0 KiB
Plaintext
---
|
|
title: Field-level Access Control
|
|
label: Fields
|
|
order: 30
|
|
desc: Field-level Access Control is specified within a field's config, and allows you to define which users can create, read or update Fields.
|
|
keywords: fields, access control, permissions, documentation, Content Management System, cms, headless, javascript, node, react, express
|
|
---
|
|
|
|
Field Access Control is specified with functions inside a field's config. All field-level Controls return a boolean value to allow or deny access for the specified operation. No field-level Access Controls support returning query constraints. All Access Control functions accept one `args` argument.
|
|
|
|
## Available Controls
|
|
|
|
| Function | Purpose |
|
|
| ------------------------ | ------- |
|
|
| **[`create`](#create)** | Allows or denies the ability to set a field's value when creating a new document |
|
|
| **[`read`](#read)** | Allows or denies the ability to read a field's value |
|
|
| **[`update`](#update)** | Allows or denies the ability to update a field's value |
|
|
|
|
**Example Collection config:**
|
|
```js
|
|
export default {
|
|
slug: 'posts',
|
|
fields: [
|
|
{
|
|
name: 'title',
|
|
type: 'text',
|
|
// highlight-start
|
|
access: {
|
|
create: ({ req: { user } }) => { ... },
|
|
read: ({ req: { user } }) => { ... },
|
|
update: ({ req: { user } }) => { ... },
|
|
},
|
|
// highlight-end
|
|
};
|
|
],
|
|
}
|
|
```
|
|
|
|
### Create
|
|
|
|
Returns a boolean which allows or denies the ability to set a field's value when creating a new document. If `false` is returned, any passed values will be discarded.
|
|
|
|
**Available argument properties:**
|
|
|
|
| Option | Description |
|
|
| ----------------- | ----------- |
|
|
| **`req`** | The Express `request` object containing the currently authenticated `user` |
|
|
| **`data`** | The full data passed to create the document. |
|
|
| **`siblingData`** | Immediately adjacent field data passed to create the document. |
|
|
|
|
### Read
|
|
|
|
Returns a boolean which allows or denies the ability to read a field's value. If `false`, the entire property is omitted from the resulting document.
|
|
|
|
**Available argument properties:**
|
|
|
|
| Option | Description |
|
|
| ----------------- | ----------- |
|
|
| **`req`** | The Express `request` object containing the currently authenticated `user` |
|
|
| **`id`** | `id` of the document being read |
|
|
| **`data`** | The full data of the document being read. |
|
|
| **`siblingData`** | Immediately adjacent field data of the document being read. |
|
|
|
|
### Update
|
|
|
|
Returns a boolean which allows or denies the ability to update a field's value. If `false` is returned, any passed values will be discarded.
|
|
|
|
**Available argument properties:**
|
|
|
|
| Option | Description |
|
|
| ----------------- | ----------- |
|
|
| **`req`** | The Express `request` object containing the currently authenticated `user` |
|
|
| **`id`** | `id` of the document being updated |
|
|
| **`data`** | The full data passed to update the document. |
|
|
| **`siblingData`** | Immediately adjacent field data passed to update the document with. |
|