mporwoll/cms.c2sgmbh
1
0
Fork 0
mirror of https://github.com/complexcaresolutions/cms.c2sgmbh.git synced 2026-03-17 16:14:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

debug: add 403 interceptors to find which operation fails

Browse source
This commit is contained in:
Martin Porwoll 2026-02-25 13:11:55 +00:00
parent 06999b2bd7
commit 26ceccbfb9
2 changed files with 47 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/globals/SEOSettings.ts
View file

@ -18,9 +18,17 @@ export const SEOSettings: GlobalConfig = {
}, },
access: { access: {
// Alle angemeldeten Benutzer können lesen // Alle angemeldeten Benutzer können lesen
read: ({ req: { user } }) => Boolean(user), read: ({ req: { user } }) => {
const result = Boolean(user)
if (!result) console.log('[DEBUG:SEO] read ACCESS DENIED - no user')
return result
},
// Nur Super Admins können bearbeiten // Nur Super Admins können bearbeiten
update: ({ req: { user } }) => Boolean(user?.isSuperAdmin), update: ({ req: { user } }) => {
const result = Boolean(user?.isSuperAdmin)
console.log('[DEBUG:SEO] update access:', { email: user?.email, isSuperAdmin: user?.isSuperAdmin, result })
return result
},
}, },
fields: [ fields: [
// === META DEFAULTS === // === META DEFAULTS ===

37
src/payload.config.ts
View file

@ -131,6 +131,43 @@ const filename = fileURLToPath(import.meta.url)
const dirname = path.dirname(filename) const dirname = path.dirname(filename)
export default buildConfig({ export default buildConfig({
// DEBUG: Log all API requests that result in 403
onInit: async (payload) => {
const originalFindGlobal = payload.findGlobal.bind(payload)
payload.findGlobal = async (args: Parameters<typeof payload.findGlobal>[0]) => {
try {
return await originalFindGlobal(args)
} catch (err: unknown) {
if (err && typeof err === 'object' && 'status' in err && (err as { status: number }).status === 403) {
console.log('[DEBUG:403] Global read FORBIDDEN:', { slug: args.slug, user: args.req?.user?.email || 'no user' })
}
throw err
}
}
const originalUpdate = payload.update.bind(payload)
payload.update = async (args: Parameters<typeof payload.update>[0]) => {
try {
return await originalUpdate(args)
} catch (err: unknown) {
if (err && typeof err === 'object' && 'status' in err && (err as { status: number }).status === 403) {
console.log('[DEBUG:403] Collection update FORBIDDEN:', { collection: args.collection, id: args.id, user: args.req?.user?.email || 'no user' })
}
throw err
}
}
const originalUpdateGlobal = payload.updateGlobal.bind(payload)
payload.updateGlobal = async (args: Parameters<typeof payload.updateGlobal>[0]) => {
try {
return await originalUpdateGlobal(args)
} catch (err: unknown) {
if (err && typeof err === 'object' && 'status' in err && (err as { status: number }).status === 403) {
console.log('[DEBUG:403] Global update FORBIDDEN:', { slug: args.slug, user: args.req?.user?.email || 'no user' })
}
throw err
}
}
console.log('[DEBUG] 403 interceptors installed')
},
serverURL: process.env.PAYLOAD_PUBLIC_SERVER_URL || 'https://pl.porwoll.tech', serverURL: process.env.PAYLOAD_PUBLIC_SERVER_URL || 'https://pl.porwoll.tech',
admin: { admin: {
user: Users.slug, user: Users.slug,