wwwlayermeshusa/src/collections/Users/index.ts

import type { CollectionConfig } from 'payload'
import { authenticated } from '../../access/authenticated'

// Only admins can manage users
const adminOnly = ({ req: { user } }: any) => user?.role === 'admin'

export const Users: CollectionConfig = {
  slug: 'users',
  access: {
    admin: authenticated,
    create: adminOnly,
    delete: adminOnly,
    read: authenticated,
    update: authenticated, // users can update themselves; field-level locks the role field
  },
  admin: {
    defaultColumns: ['name', 'email', 'role'],
    useAsTitle: 'name',
  },
  auth: true,
  fields: [
    {
      name: 'name',
      type: 'text',
      required: true,
    },
    {
      name: 'role',
      type: 'select',
      label: 'Roll',
      required: true,
      defaultValue: 'editor',
      options: [
        { label: 'Admin', value: 'admin' },
        { label: 'Redaktör', value: 'editor' },
      ],
      // Only admins can change roles
      access: {
        update: adminOnly,
      },
      admin: {
        description: 'Admin har full åtkomst. Redaktör kan hantera sidor, inlägg och media.',
      },
    },
  ],
  timestamps: true,
}