payload-rbac-plugin 1.0.0

package/README.md

@@ -0,0 +1,172 @@
+# Payload CMS Dynamic RBAC Plugin
+
+A professional, database-backed Role-Based Access Control (RBAC) system for [Payload CMS](https://payloadcms.com) (v3). 
+
+This plugin emphasizes checking **permissions instead of roles** to avoid hard-coded authorization logic in your source code, making your access control highly scalable, modular, and dynamic.
+
+---
+
+## Features
+
+- **Dynamic Collections**: Automatically injects database-backed `Roles` and `Permissions` collections.
+- **Auth Collection Extension**: Injects a `roles` relationship field into your target auth collection (e.g., `users`) with `saveToJWT: true` for zero-cost runtime checks.
+- **Bulk Permission Generator**: In the Admin UI, easily switch between creating a single permission or using the Bulk CRUD Generator to automatically generate separate permissions (e.g., `posts:create`, `posts:read`, `posts:update`, `posts:delete`) at once. 
+- **UI-Only Helpers**: Bulk generator fields (`type`, `collectionName`, CRUD checkboxes) are purely for the UI and are never saved to your database, keeping your collections clean.
+- **Customizable Schemas**: Allow developers to inject additional custom fields into both `Roles` and `Permissions` schemas.
+- **Granular Control**: Set visibility permissions (`hideRoles`, `hidePermissions`) dynamically or statically for the RBAC admin interface.
+- **Helper Utilities**: Simple and robust functions to check permissions (`hasPermission`) and access control wrappers (`checkPermission`).
+- **Fully Tested**: Powered by a robust integration and unit test suite built with Vitest.
+
+## Screenshots
+
+### 1. Permissions List View
+Shows flat generated permissions (e.g. `posts:create`, `posts:read`) and legacy system permissions.
+![Permissions List View](images/permissions_list.png)
+
+### 2. Single Permission Form
+Create individual custom permissions.
+![Single Permission Form](images/permissions_single.png)
+
+### 3. Bulk CRUD Generator Form
+Select a collection and check CRUD actions to instantly generate multiple permissions.
+![Bulk CRUD Generator Form](images/permissions_bulk.png)
+
+### 4. Roles List View
+Displays roles and all permissions associated with them.
+![Roles List View](images/roles_list.png)
+
+### 5. Role Configuration Form
+Assign permissions directly to roles in the admin UI.
+![Role Configuration Form](images/role_edit.png)
+
+---
+
+## Installation
+
+Add the plugin to your project:
+
+```bash
+pnpm add payload-rbac-plugin
+# or
+npm install payload-rbac-plugin
+# or
+yarn add payload-rbac-plugin
+```
+
+---
+
+## Setup & Configuration
+
+Import and configure the plugin in your `payload.config.ts`:
+
+```typescript
+import { buildConfig } from 'payload'
+import { rbac, hasPermission } from 'payload-rbac-plugin'
+
+export default buildConfig({
+  collections: [
+    {
+      slug: 'posts',
+      fields: [],
+    },
+  ],
+  plugins: [
+    rbac({
+      enabled: true,
+      // Optional configurations:
+      authCollectionSlug: 'users',        // Default: 'users'
+      rolesCollectionSlug: 'roles',        // Default: 'roles'
+      permissionsCollectionSlug: 'permissions', // Default: 'permissions'
+      
+      // Control access/visibility of the RBAC panel:
+      hidePermissions: ({ user }) => !hasPermission(user, 'access:permissions'),
+      hideRoles: ({ user }) => !hasPermission(user, 'access:roles'),
+    }),
+  ],
+})
+```
+
+### Configuration Options
+
+| Option | Type | Default | Description |
+| :--- | :--- | :--- | :--- |
+| `enabled` | `boolean` | `true` | Enable or disable the plugin. |
+| `authCollectionSlug` | `string` | `'users'` | The collection slug representing the users collection. |
+| `rolesCollectionSlug` | `string` | `'roles'` | The slug for the automatically injected Roles collection. |
+| `permissionsCollectionSlug` | `string` | `'permissions'` | The slug for the automatically injected Permissions collection. |
+| `rolesFields` | `Field[]` | `[]` | Extra custom fields to inject into the Roles collection. |
+| `permissionsFields` | `Field[]` | `[]` | Extra custom fields to inject into the Permissions collection. |
+| `hideRoles` | `boolean \| ((args: { user: any }) => boolean)` | `false` | Hide the Roles collection from the sidebar navigation. |
+| `hidePermissions` | `boolean \| ((args: { user: any }) => boolean)` | `false` | Hide the Permissions collection from the sidebar navigation. |
+
+---
+
+## Usage
+
+### 1. Protecting Collections (Access Control)
+
+You can protect collections using the `checkPermission` Higher-Order Function. It returns a standard Payload `Access` control resolver.
+
+```typescript
+import { checkPermission } from 'payload-rbac-plugin'
+
+export const PostsCollection = {
+  slug: 'posts',
+  access: {
+    create: checkPermission('posts:create'),
+    read: checkPermission('posts:read'),
+    update: checkPermission('posts:update'),
+    delete: checkPermission('posts:delete'),
+  },
+  fields: [],
+}
+```
+
+### 2. Manual Permission Verification (`hasPermission`)
+
+For custom endpoints, hooks, or conditionally rendering logic, use the `hasPermission` utility:
+
+```typescript
+import { hasPermission } from 'payload-rbac-plugin'
+
+const myCustomEndpoint = (req, res) => {
+  const user = req.user
+  
+  if (hasPermission(user, 'export:reports')) {
+    // allow operation
+  } else {
+    res.status(403).send('Forbidden')
+  }
+}
+```
+
+---
+
+## Bulk Permission Generator UI
+
+When navigating to the **Permissions** collection in your Payload Admin panel:
+1. Select **Bulk CRUD Generator** in the `Type` select box (visible only during document creation).
+2. Enter the target collection slug (e.g. `posts`) in the `Collection Name` field.
+3. Check the CRUD operations you wish to generate (e.g., `create`, `read`).
+4. Save the document.
+5. The plugin runs a `beforeChange` hook that creates individual flat records (`posts:create`, `posts:read`) in the database, and avoids saving any temporary helper fields to the database.
+
+---
+
+## Development & Testing
+
+If you are developing this plugin locally, you can run the test suite:
+
+```bash
+# Run unit and integration tests
+pnpm test:int
+
+# Run tests in watch mode
+pnpm test:int --watch
+```
+
+---
+
+## License
+
+MIT

package/dist/collections/Permissions.d.ts

@@ -0,0 +1,3 @@
+import type { CollectionConfig } from 'payload';
+import type { PluginOptions } from '../types';
+export declare const createPermissionsCollection: (options: PluginOptions) => CollectionConfig;

package/dist/collections/Permissions.js

@@ -0,0 +1,28 @@
+export const createPermissionsCollection = (options)=>{
+    const slug = options.permissionsCollectionSlug || 'permissions';
+    const customFields = options.permissionsFields || [];
+    return {
+        slug,
+        admin: {
+            useAsTitle: 'name',
+            group: 'Access Control'
+        },
+        access: {
+            read: ()=>true
+        },
+        fields: [
+            {
+                name: 'name',
+                type: 'text',
+                required: true,
+                unique: true,
+                admin: {
+                    description: 'The unique name of the permission (e.g., "create:users", "read:posts").'
+                }
+            },
+            ...customFields
+        ]
+    };
+};
+
+//# sourceMappingURL=Permissions.js.map

package/dist/collections/Permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/collections/Permissions.ts"],"sourcesContent":["import type { CollectionConfig } from 'payload'\nimport type { PluginOptions } from '../types.js'\n\nexport const createPermissionsCollection = (options: PluginOptions): CollectionConfig => {\n  const slug = options.permissionsCollectionSlug || 'permissions'\n  const customFields = options.permissionsFields || []\n\n  return {\n    slug,\n    admin: {\n      useAsTitle: 'name',\n      group: 'Access Control',\n    },\n    access: {\n      read: () => true, // Access logic can be customized or injected later\n    },\n    fields: [\n      {\n        name: 'name',\n        type: 'text',\n        required: true,\n        unique: true,\n        admin: {\n          description: 'The unique name of the permission (e.g., \"create:users\", \"read:posts\").',\n        },\n      },\n      ...customFields,\n    ],\n  }\n}\n"],"names":["createPermissionsCollection","options","slug","permissionsCollectionSlug","customFields","permissionsFields","admin","useAsTitle","group","access","read","fields","name","type","required","unique","description"],"mappings":"AAGA,OAAO,MAAMA,8BAA8B,CAACC;IAC1C,MAAMC,OAAOD,QAAQE,yBAAyB,IAAI;IAClD,MAAMC,eAAeH,QAAQI,iBAAiB,IAAI,EAAE;IAEpD,OAAO;QACLH;QACAI,OAAO;YACLC,YAAY;YACZC,OAAO;QACT;QACAC,QAAQ;YACNC,MAAM,IAAM;QACd;QACAC,QAAQ;YACN;gBACEC,MAAM;gBACNC,MAAM;gBACNC,UAAU;gBACVC,QAAQ;gBACRT,OAAO;oBACLU,aAAa;gBACf;YACF;eACGZ;SACJ;IACH;AACF,EAAC"}

package/dist/collections/Roles.d.ts

@@ -0,0 +1,3 @@
+import type { CollectionConfig } from 'payload';
+import type { PluginOptions } from '../types';
+export declare const createRolesCollection: (options: PluginOptions) => CollectionConfig;

package/dist/collections/Roles.js

@@ -0,0 +1,38 @@
+export const createRolesCollection = (options)=>{
+    const slug = options.rolesCollectionSlug || 'roles';
+    const permissionsSlug = options.permissionsCollectionSlug || 'permissions';
+    const customFields = options.rolesFields || [];
+    return {
+        slug,
+        admin: {
+            useAsTitle: 'name',
+            group: 'Access Control'
+        },
+        access: {
+            read: ()=>true
+        },
+        fields: [
+            {
+                name: 'name',
+                type: 'text',
+                required: true,
+                unique: true,
+                admin: {
+                    description: 'The unique name of the role (e.g., "admin", "editor").'
+                }
+            },
+            {
+                name: 'permissions',
+                type: 'relationship',
+                relationTo: permissionsSlug,
+                hasMany: true,
+                admin: {
+                    description: 'The permissions assigned to this role.'
+                }
+            },
+            ...customFields
+        ]
+    };
+};
+
+//# sourceMappingURL=Roles.js.map

package/dist/collections/Roles.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/collections/Roles.ts"],"sourcesContent":["import type { CollectionConfig } from 'payload'\nimport type { PluginOptions } from '../types.js'\n\nexport const createRolesCollection = (options: PluginOptions): CollectionConfig => {\n  const slug = options.rolesCollectionSlug || 'roles'\n  const permissionsSlug = options.permissionsCollectionSlug || 'permissions'\n  const customFields = options.rolesFields || []\n\n  return {\n    slug,\n    admin: {\n      useAsTitle: 'name',\n      group: 'Access Control',\n    },\n    access: {\n      read: () => true,\n    },\n    fields: [\n      {\n        name: 'name',\n        type: 'text',\n        required: true,\n        unique: true,\n        admin: {\n          description: 'The unique name of the role (e.g., \"admin\", \"editor\").',\n        },\n      },\n      {\n        name: 'permissions',\n        type: 'relationship',\n        relationTo: permissionsSlug,\n        hasMany: true,\n        admin: {\n          description: 'The permissions assigned to this role.',\n        },\n      },\n      ...customFields,\n    ],\n  }\n}\n"],"names":["createRolesCollection","options","slug","rolesCollectionSlug","permissionsSlug","permissionsCollectionSlug","customFields","rolesFields","admin","useAsTitle","group","access","read","fields","name","type","required","unique","description","relationTo","hasMany"],"mappings":"AAGA,OAAO,MAAMA,wBAAwB,CAACC;IACpC,MAAMC,OAAOD,QAAQE,mBAAmB,IAAI;IAC5C,MAAMC,kBAAkBH,QAAQI,yBAAyB,IAAI;IAC7D,MAAMC,eAAeL,QAAQM,WAAW,IAAI,EAAE;IAE9C,OAAO;QACLL;QACAM,OAAO;YACLC,YAAY;YACZC,OAAO;QACT;QACAC,QAAQ;YACNC,MAAM,IAAM;QACd;QACAC,QAAQ;YACN;gBACEC,MAAM;gBACNC,MAAM;gBACNC,UAAU;gBACVC,QAAQ;gBACRT,OAAO;oBACLU,aAAa;gBACf;YACF;YACA;gBACEJ,MAAM;gBACNC,MAAM;gBACNI,YAAYf;gBACZgB,SAAS;gBACTZ,OAAO;oBACLU,aAAa;gBACf;YACF;eACGZ;SACJ;IACH;AACF,EAAC"}

package/dist/components/BeforeDashboardClient.d.ts

@@ -0,0 +1 @@
+export declare const BeforeDashboardClient: () => import("react/jsx-runtime").JSX.Element;

package/dist/components/BeforeDashboardClient.js

@@ -0,0 +1,40 @@
+'use client';
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { useConfig } from '@payloadcms/ui';
+import { formatAdminURL } from 'payload/shared';
+import { useEffect, useState } from 'react';
+export const BeforeDashboardClient = ()=>{
+    const { config } = useConfig();
+    const [message, setMessage] = useState('');
+    useEffect(()=>{
+        const fetchMessage = async ()=>{
+            const response = await fetch(formatAdminURL({
+                apiRoute: config.routes.api,
+                path: '/my-plugin-endpoint'
+            }));
+            const result = await response.json();
+            setMessage(result.message);
+        };
+        void fetchMessage();
+    }, [
+        config.serverURL,
+        config.routes.api
+    ]);
+    return /*#__PURE__*/ _jsxs("div", {
+        children: [
+            /*#__PURE__*/ _jsx("h1", {
+                children: "Added by the plugin: Before Dashboard Client"
+            }),
+            /*#__PURE__*/ _jsxs("div", {
+                children: [
+                    "Message from the endpoint:",
+                    /*#__PURE__*/ _jsx("div", {
+                        children: message || 'Loading...'
+                    })
+                ]
+            })
+        ]
+    });
+};
+
+//# sourceMappingURL=BeforeDashboardClient.js.map

package/dist/components/BeforeDashboardClient.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/components/BeforeDashboardClient.tsx"],"sourcesContent":["'use client'\nimport { useConfig } from '@payloadcms/ui'\nimport { formatAdminURL } from 'payload/shared'\nimport { useEffect, useState } from 'react'\n\nexport const BeforeDashboardClient = () => {\n  const { config } = useConfig()\n\n  const [message, setMessage] = useState('')\n\n  useEffect(() => {\n    const fetchMessage = async () => {\n      const response = await fetch(\n        formatAdminURL({\n          apiRoute: config.routes.api,\n          path: '/my-plugin-endpoint',\n        }),\n      )\n      const result = await response.json()\n      setMessage(result.message)\n    }\n\n    void fetchMessage()\n  }, [config.serverURL, config.routes.api])\n\n  return (\n    <div>\n      <h1>Added by the plugin: Before Dashboard Client</h1>\n      <div>\n        Message from the endpoint:\n        <div>{message || 'Loading...'}</div>\n      </div>\n    </div>\n  )\n}\n"],"names":["useConfig","formatAdminURL","useEffect","useState","BeforeDashboardClient","config","message","setMessage","fetchMessage","response","fetch","apiRoute","routes","api","path","result","json","serverURL","div","h1"],"mappings":"AAAA;;AACA,SAASA,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,cAAc,QAAQ,iBAAgB;AAC/C,SAASC,SAAS,EAAEC,QAAQ,QAAQ,QAAO;AAE3C,OAAO,MAAMC,wBAAwB;IACnC,MAAM,EAAEC,MAAM,EAAE,GAAGL;IAEnB,MAAM,CAACM,SAASC,WAAW,GAAGJ,SAAS;IAEvCD,UAAU;QACR,MAAMM,eAAe;YACnB,MAAMC,WAAW,MAAMC,MACrBT,eAAe;gBACbU,UAAUN,OAAOO,MAAM,CAACC,GAAG;gBAC3BC,MAAM;YACR;YAEF,MAAMC,SAAS,MAAMN,SAASO,IAAI;YAClCT,WAAWQ,OAAOT,OAAO;QAC3B;QAEA,KAAKE;IACP,GAAG;QAACH,OAAOY,SAAS;QAAEZ,OAAOO,MAAM,CAACC,GAAG;KAAC;IAExC,qBACE,MAACK;;0BACC,KAACC;0BAAG;;0BACJ,MAACD;;oBAAI;kCAEH,KAACA;kCAAKZ,WAAW;;;;;;AAIzB,EAAC"}

package/dist/components/BeforeDashboardServer.d.ts

@@ -0,0 +1,2 @@
+import type { ServerComponentProps } from 'payload';
+export declare const BeforeDashboardServer: (props: ServerComponentProps) => Promise<import("react/jsx-runtime").JSX.Element>;

package/dist/components/BeforeDashboardServer.js

@@ -0,0 +1,22 @@
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import styles from './BeforeDashboardServer.module.css';
+export const BeforeDashboardServer = async (props)=>{
+    const { payload } = props;
+    const { docs } = await payload.find({
+        collection: 'plugin-collection'
+    });
+    return /*#__PURE__*/ _jsxs("div", {
+        className: styles.wrapper,
+        children: [
+            /*#__PURE__*/ _jsx("h1", {
+                children: "Added by the plugin: Before Dashboard Server"
+            }),
+            "Docs from Local API:",
+            docs.map((doc)=>/*#__PURE__*/ _jsx("div", {
+                    children: doc.id
+                }, doc.id))
+        ]
+    });
+};
+
+//# sourceMappingURL=BeforeDashboardServer.js.map

package/dist/components/BeforeDashboardServer.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/components/BeforeDashboardServer.tsx"],"sourcesContent":["import type { ServerComponentProps } from 'payload'\n\nimport styles from './BeforeDashboardServer.module.css'\n\nexport const BeforeDashboardServer = async (props: ServerComponentProps) => {\n  const { payload } = props\n\n  const { docs } = await payload.find({ collection: 'plugin-collection' })\n\n  return (\n    <div className={styles.wrapper}>\n      <h1>Added by the plugin: Before Dashboard Server</h1>\n      Docs from Local API:\n      {docs.map((doc) => (\n        <div key={doc.id}>{doc.id}</div>\n      ))}\n    </div>\n  )\n}\n"],"names":["styles","BeforeDashboardServer","props","payload","docs","find","collection","div","className","wrapper","h1","map","doc","id"],"mappings":";AAEA,OAAOA,YAAY,qCAAoC;AAEvD,OAAO,MAAMC,wBAAwB,OAAOC;IAC1C,MAAM,EAAEC,OAAO,EAAE,GAAGD;IAEpB,MAAM,EAAEE,IAAI,EAAE,GAAG,MAAMD,QAAQE,IAAI,CAAC;QAAEC,YAAY;IAAoB;IAEtE,qBACE,MAACC;QAAIC,WAAWR,OAAOS,OAAO;;0BAC5B,KAACC;0BAAG;;YAAiD;YAEpDN,KAAKO,GAAG,CAAC,CAACC,oBACT,KAACL;8BAAkBK,IAAIC,EAAE;mBAAfD,IAAIC,EAAE;;;AAIxB,EAAC"}

package/dist/components/BeforeDashboardServer.module.css

@@ -0,0 +1,5 @@
+.wrapper {
+  display: flex;
+  gap: 5px;
+  flex-direction: column;
+}

package/dist/endpoints/customEndpointHandler.d.ts

@@ -0,0 +1,2 @@
+import type { PayloadHandler } from 'payload';
+export declare const customEndpointHandler: PayloadHandler;

package/dist/endpoints/customEndpointHandler.js

@@ -0,0 +1,7 @@
+export const customEndpointHandler = ()=>{
+    return Response.json({
+        message: 'Hello from custom endpoint'
+    });
+};
+
+//# sourceMappingURL=customEndpointHandler.js.map

package/dist/endpoints/customEndpointHandler.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/endpoints/customEndpointHandler.ts"],"sourcesContent":["import type { PayloadHandler } from 'payload'\n\nexport const customEndpointHandler: PayloadHandler = () => {\n  return Response.json({ message: 'Hello from custom endpoint' })\n}\n"],"names":["customEndpointHandler","Response","json","message"],"mappings":"AAEA,OAAO,MAAMA,wBAAwC;IACnD,OAAOC,SAASC,IAAI,CAAC;QAAEC,SAAS;IAA6B;AAC/D,EAAC"}

package/dist/exports/client.d.ts

@@ -0,0 +1 @@
+export { BeforeDashboardClient } from '../components/BeforeDashboardClient';

package/dist/exports/client.js

@@ -0,0 +1,3 @@
+export { BeforeDashboardClient } from '../components/BeforeDashboardClient.js';
+
+//# sourceMappingURL=client.js.map

package/dist/exports/client.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/exports/client.ts"],"sourcesContent":["export { BeforeDashboardClient } from '../components/BeforeDashboardClient.js'\n"],"names":["BeforeDashboardClient"],"mappings":"AAAA,SAASA,qBAAqB,QAAQ,yCAAwC"}

package/dist/exports/rsc.d.ts

@@ -0,0 +1 @@
+export { BeforeDashboardServer } from '../components/BeforeDashboardServer';

package/dist/exports/rsc.js

@@ -0,0 +1,3 @@
+export { BeforeDashboardServer } from '../components/BeforeDashboardServer.js';
+
+//# sourceMappingURL=rsc.js.map

package/dist/exports/rsc.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/exports/rsc.ts"],"sourcesContent":["export { BeforeDashboardServer } from '../components/BeforeDashboardServer.js'\n"],"names":["BeforeDashboardServer"],"mappings":"AAAA,SAASA,qBAAqB,QAAQ,yCAAwC"}

package/dist/hooks/beforePermissionChange.d.ts

@@ -0,0 +1,2 @@
+import type { CollectionBeforeChangeHook } from 'payload';
+export declare const createBeforePermissionChangeHook: (slug: string) => CollectionBeforeChangeHook;

package/dist/index.d.ts

@@ -0,0 +1,5 @@
+import type { Config } from 'payload';
+import type { PluginOptions } from './types';
+export declare const rbac: (pluginOptions?: PluginOptions) => (config: Config) => Config;
+export * from './types';
+export * from './utilities/index';

package/dist/index.js

@@ -0,0 +1,38 @@
+import { createPermissionsCollection } from './collections/Permissions.js';
+import { createRolesCollection } from './collections/Roles.js';
+export const rbac = (pluginOptions)=>(config)=>{
+        const options = pluginOptions || {};
+        if (options.enabled === false) {
+            return config;
+        }
+        if (!config.collections) {
+            config.collections = [];
+        }
+        // Add Roles and Permissions collections
+        config.collections.push(createPermissionsCollection(options));
+        config.collections.push(createRolesCollection(options));
+        // Extend the target auth collection
+        const authSlug = options.authCollectionSlug || 'users';
+        const rolesSlug = options.rolesCollectionSlug || 'roles';
+        const authCollection = config.collections.find((collection)=>collection.slug === authSlug);
+        if (authCollection) {
+            authCollection.fields.push({
+                name: 'roles',
+                type: 'relationship',
+                relationTo: rolesSlug,
+                hasMany: true,
+                saveToJWT: true,
+                admin: {
+                    description: 'Roles assigned to this user.'
+                }
+            });
+        } else {
+            console.warn(`[rbac-plugin] Auth collection '${authSlug}' not found. Cannot inject roles field.`);
+        }
+        return config;
+    };
+// Export utilities and types for consumers
+export * from './types.js';
+export * from './utilities/index.js';
+
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import type { Config } from 'payload'\nimport type { PluginOptions } from './types.js'\n\nimport { createPermissionsCollection } from './collections/Permissions.js'\nimport { createRolesCollection } from './collections/Roles.js'\n\nexport const rbac =\n  (pluginOptions?: PluginOptions) =>\n  (config: Config): Config => {\n    const options = pluginOptions || {}\n    \n    if (options.enabled === false) {\n      return config\n    }\n\n    if (!config.collections) {\n      config.collections = []\n    }\n\n    // Add Roles and Permissions collections\n    config.collections.push(createPermissionsCollection(options))\n    config.collections.push(createRolesCollection(options))\n\n    // Extend the target auth collection\n    const authSlug = options.authCollectionSlug || 'users'\n    const rolesSlug = options.rolesCollectionSlug || 'roles'\n\n    const authCollection = config.collections.find(\n      (collection) => collection.slug === authSlug,\n    )\n\n    if (authCollection) {\n      authCollection.fields.push({\n        name: 'roles',\n        type: 'relationship',\n        relationTo: rolesSlug,\n        hasMany: true,\n        saveToJWT: true,\n        admin: {\n          description: 'Roles assigned to this user.',\n        },\n      })\n    } else {\n      console.warn(`[rbac-plugin] Auth collection '${authSlug}' not found. Cannot inject roles field.`)\n    }\n\n    return config\n  }\n\n// Export utilities and types for consumers\nexport * from './types.js'\nexport * from './utilities/index.js'\n"],"names":["createPermissionsCollection","createRolesCollection","rbac","pluginOptions","config","options","enabled","collections","push","authSlug","authCollectionSlug","rolesSlug","rolesCollectionSlug","authCollection","find","collection","slug","fields","name","type","relationTo","hasMany","saveToJWT","admin","description","console","warn"],"mappings":"AAGA,SAASA,2BAA2B,QAAQ,+BAA8B;AAC1E,SAASC,qBAAqB,QAAQ,yBAAwB;AAE9D,OAAO,MAAMC,OACX,CAACC,gBACD,CAACC;QACC,MAAMC,UAAUF,iBAAiB,CAAC;QAElC,IAAIE,QAAQC,OAAO,KAAK,OAAO;YAC7B,OAAOF;QACT;QAEA,IAAI,CAACA,OAAOG,WAAW,EAAE;YACvBH,OAAOG,WAAW,GAAG,EAAE;QACzB;QAEA,wCAAwC;QACxCH,OAAOG,WAAW,CAACC,IAAI,CAACR,4BAA4BK;QACpDD,OAAOG,WAAW,CAACC,IAAI,CAACP,sBAAsBI;QAE9C,oCAAoC;QACpC,MAAMI,WAAWJ,QAAQK,kBAAkB,IAAI;QAC/C,MAAMC,YAAYN,QAAQO,mBAAmB,IAAI;QAEjD,MAAMC,iBAAiBT,OAAOG,WAAW,CAACO,IAAI,CAC5C,CAACC,aAAeA,WAAWC,IAAI,KAAKP;QAGtC,IAAII,gBAAgB;YAClBA,eAAeI,MAAM,CAACT,IAAI,CAAC;gBACzBU,MAAM;gBACNC,MAAM;gBACNC,YAAYT;gBACZU,SAAS;gBACTC,WAAW;gBACXC,OAAO;oBACLC,aAAa;gBACf;YACF;QACF,OAAO;YACLC,QAAQC,IAAI,CAAC,CAAC,+BAA+B,EAAEjB,SAAS,uCAAuC,CAAC;QAClG;QAEA,OAAOL;IACT,EAAC;AAEH,2CAA2C;AAC3C,cAAc,aAAY;AAC1B,cAAc,uBAAsB"}

package/dist/types.d.ts

@@ -0,0 +1,31 @@
+import type { Field } from 'payload';
+export interface PluginOptions {
+    /**
+     * Enable or disable plugin
+     * @default false
+     */
+    enabled?: boolean;
+    /**
+     * Override the default collection slug for Roles
+     * @default 'roles'
+     */
+    rolesCollectionSlug?: string;
+    /**
+     * Override the default collection slug for Permissions
+     * @default 'permissions'
+     */
+    permissionsCollectionSlug?: string;
+    /**
+     * The collection slug for the authentication collection (typically 'users')
+     * @default 'users'
+     */
+    authCollectionSlug?: string;
+    /**
+     * Inject additional custom fields into the generated Roles collection
+     */
+    rolesFields?: Field[];
+    /**
+     * Inject additional custom fields into the generated Permissions collection
+     */
+    permissionsFields?: Field[];
+}

package/dist/types.js

@@ -0,0 +1,3 @@
+export { };
+
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/types.ts"],"sourcesContent":["import type { Field } from 'payload'\n\nexport interface PluginOptions {\n  /**\n   * Enable or disable plugin\n   * @default false\n   */\n  enabled?: boolean\n\n  /**\n   * Override the default collection slug for Roles\n   * @default 'roles'\n   */\n  rolesCollectionSlug?: string\n\n  /**\n   * Override the default collection slug for Permissions\n   * @default 'permissions'\n   */\n  permissionsCollectionSlug?: string\n\n  /**\n   * The collection slug for the authentication collection (typically 'users')\n   * @default 'users'\n   */\n  authCollectionSlug?: string\n\n  /**\n   * Inject additional custom fields into the generated Roles collection\n   */\n  rolesFields?: Field[]\n\n  /**\n   * Inject additional custom fields into the generated Permissions collection\n   */\n  permissionsFields?: Field[]\n}\n"],"names":[],"mappings":"AAEA,WAkCC"}

package/dist/utilities/checkPermission.d.ts

@@ -0,0 +1,8 @@
+import type { Access } from 'payload';
+/**
+ * A Higher-Order Function to drop into Payload Collection access control fields.
+ *
+ * @param permissionName - The required permission name
+ * @returns Access function
+ */
+export declare const checkPermission: (permissionName: string) => Access;

package/dist/utilities/checkPermission.js

@@ -0,0 +1,16 @@
+import { hasPermission } from './hasPermission.js';
+/**
+ * A Higher-Order Function to drop into Payload Collection access control fields.
+ * 
+ * @param permissionName - The required permission name
+ * @returns Access function
+ */ export const checkPermission = (permissionName)=>{
+    return ({ req: { user } })=>{
+        // We can just rely on the synchronous hasPermission check.
+        // If relations are unpopulated, it will return false. Ensure your auth
+        // collection is configured with adequate depth for saveToJWT or default depth.
+        return hasPermission(user, permissionName);
+    };
+};
+
+//# sourceMappingURL=checkPermission.js.map

package/dist/utilities/checkPermission.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/utilities/checkPermission.ts"],"sourcesContent":["import type { Access } from 'payload'\nimport { hasPermission } from './hasPermission.js'\n\n/**\n * A Higher-Order Function to drop into Payload Collection access control fields.\n * \n * @param permissionName - The required permission name\n * @returns Access function\n */\nexport const checkPermission = (permissionName: string): Access => {\n  return ({ req: { user } }) => {\n    // We can just rely on the synchronous hasPermission check.\n    // If relations are unpopulated, it will return false. Ensure your auth\n    // collection is configured with adequate depth for saveToJWT or default depth.\n    return hasPermission(user, permissionName)\n  }\n}\n"],"names":["hasPermission","checkPermission","permissionName","req","user"],"mappings":"AACA,SAASA,aAAa,QAAQ,qBAAoB;AAElD;;;;;CAKC,GACD,OAAO,MAAMC,kBAAkB,CAACC;IAC9B,OAAO,CAAC,EAAEC,KAAK,EAAEC,IAAI,EAAE,EAAE;QACvB,2DAA2D;QAC3D,uEAAuE;QACvE,+EAA+E;QAC/E,OAAOJ,cAAcI,MAAMF;IAC7B;AACF,EAAC"}

package/dist/utilities/hasPermission.d.ts

@@ -0,0 +1,10 @@
+import type { PayloadRequest } from 'payload';
+/**
+ * Checks if a user has a specific permission.
+ * Gracefully handles populated and unpopulated relationship states as far as possible synchronously.
+ *
+ * @param user - The Payload user object from req.user
+ * @param requiredPermission - The name of the permission to check for
+ * @returns boolean
+ */
+export declare const hasPermission: (user: PayloadRequest["user"] | null | undefined, requiredPermission: string) => boolean;

package/dist/utilities/hasPermission.js

@@ -0,0 +1,37 @@
+/**
+ * Checks if a user has a specific permission.
+ * Gracefully handles populated and unpopulated relationship states as far as possible synchronously.
+ * 
+ * @param user - The Payload user object from req.user
+ * @param requiredPermission - The name of the permission to check for
+ * @returns boolean
+ */ export const hasPermission = (user, requiredPermission)=>{
+    if (!user || !user.roles || !Array.isArray(user.roles)) {
+        return false;
+    }
+    for (const role of user.roles){
+        // If role is just an ID (unpopulated), we can't check its permissions synchronously
+        if (typeof role !== 'object' || role === null) {
+            continue;
+        }
+        const permissions = role.permissions;
+        if (!permissions || !Array.isArray(permissions)) {
+            continue;
+        }
+        for (const permission of permissions){
+            // If permission is an object (populated) and has a name
+            if (typeof permission === 'object' && permission !== null) {
+                if ('name' in permission && permission.name === requiredPermission) {
+                    return true;
+                }
+            }
+        // Note: If permission is just an ID (unpopulated), we cannot synchronously
+        // determine its name here. In a strictly synchronous check, we must return false 
+        // or ignore it. For a fully robust check with unpopulated data, an async version 
+        // requiring the payload instance would be necessary.
+        }
+    }
+    return false;
+};
+
+//# sourceMappingURL=hasPermission.js.map

package/dist/utilities/hasPermission.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/utilities/hasPermission.ts"],"sourcesContent":["import type { PayloadRequest } from 'payload'\n\n/**\n * Checks if a user has a specific permission.\n * Gracefully handles populated and unpopulated relationship states as far as possible synchronously.\n * \n * @param user - The Payload user object from req.user\n * @param requiredPermission - The name of the permission to check for\n * @returns boolean\n */\nexport const hasPermission = (\n  user: PayloadRequest['user'] | null | undefined,\n  requiredPermission: string,\n): boolean => {\n  if (!user || !user.roles || !Array.isArray(user.roles)) {\n    return false\n  }\n\n  for (const role of user.roles) {\n    // If role is just an ID (unpopulated), we can't check its permissions synchronously\n    if (typeof role !== 'object' || role === null) {\n      continue\n    }\n\n    const permissions = role.permissions\n    if (!permissions || !Array.isArray(permissions)) {\n      continue\n    }\n\n    for (const permission of permissions) {\n      // If permission is an object (populated) and has a name\n      if (typeof permission === 'object' && permission !== null) {\n        if ('name' in permission && permission.name === requiredPermission) {\n          return true\n        }\n      } \n      // Note: If permission is just an ID (unpopulated), we cannot synchronously\n      // determine its name here. In a strictly synchronous check, we must return false \n      // or ignore it. For a fully robust check with unpopulated data, an async version \n      // requiring the payload instance would be necessary.\n    }\n  }\n\n  return false\n}\n"],"names":["hasPermission","user","requiredPermission","roles","Array","isArray","role","permissions","permission","name"],"mappings":"AAEA;;;;;;;CAOC,GACD,OAAO,MAAMA,gBAAgB,CAC3BC,MACAC;IAEA,IAAI,CAACD,QAAQ,CAACA,KAAKE,KAAK,IAAI,CAACC,MAAMC,OAAO,CAACJ,KAAKE,KAAK,GAAG;QACtD,OAAO;IACT;IAEA,KAAK,MAAMG,QAAQL,KAAKE,KAAK,CAAE;QAC7B,oFAAoF;QACpF,IAAI,OAAOG,SAAS,YAAYA,SAAS,MAAM;YAC7C;QACF;QAEA,MAAMC,cAAcD,KAAKC,WAAW;QACpC,IAAI,CAACA,eAAe,CAACH,MAAMC,OAAO,CAACE,cAAc;YAC/C;QACF;QAEA,KAAK,MAAMC,cAAcD,YAAa;YACpC,wDAAwD;YACxD,IAAI,OAAOC,eAAe,YAAYA,eAAe,MAAM;gBACzD,IAAI,UAAUA,cAAcA,WAAWC,IAAI,KAAKP,oBAAoB;oBAClE,OAAO;gBACT;YACF;QACA,2EAA2E;QAC3E,kFAAkF;QAClF,kFAAkF;QAClF,qDAAqD;QACvD;IACF;IAEA,OAAO;AACT,EAAC"}

package/dist/utilities/hasPermission.spec.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/utilities/hasPermission.spec.js

@@ -0,0 +1,120 @@
+import { hasPermission } from './hasPermission.js';
+describe('hasPermission', ()=>{
+    it('should return false if user is null', ()=>{
+        expect(hasPermission(null, 'read:posts')).toBe(false);
+    });
+    it('should return false if user has no roles array', ()=>{
+        const user = {
+            id: '1'
+        };
+        expect(hasPermission(user, 'read:posts')).toBe(false);
+    });
+    it('should return false if user roles is unpopulated (array of strings)', ()=>{
+        const user = {
+            id: '1',
+            roles: [
+                'role-id-1'
+            ]
+        };
+        expect(hasPermission(user, 'read:posts')).toBe(false);
+    });
+    it('should return false if role has no permissions', ()=>{
+        const user = {
+            id: '1',
+            roles: [
+                {
+                    id: 'role-1',
+                    name: 'admin'
+                }
+            ]
+        };
+        expect(hasPermission(user, 'read:posts')).toBe(false);
+    });
+    it('should return false if role permissions are unpopulated (array of strings)', ()=>{
+        const user = {
+            id: '1',
+            roles: [
+                {
+                    id: 'role-1',
+                    name: 'admin',
+                    permissions: [
+                        'perm-id-1'
+                    ]
+                }
+            ]
+        };
+        expect(hasPermission(user, 'read:posts')).toBe(false);
+    });
+    it('should return true if permission is found in populated roles', ()=>{
+        const user = {
+            id: '1',
+            roles: [
+                {
+                    id: 'role-1',
+                    name: 'admin',
+                    permissions: [
+                        {
+                            id: 'perm-1',
+                            name: 'read:posts'
+                        },
+                        {
+                            id: 'perm-2',
+                            name: 'write:posts'
+                        }
+                    ]
+                }
+            ]
+        };
+        expect(hasPermission(user, 'write:posts')).toBe(true);
+    });
+    it('should return false if permission is not found in populated roles', ()=>{
+        const user = {
+            id: '1',
+            roles: [
+                {
+                    id: 'role-1',
+                    name: 'editor',
+                    permissions: [
+                        {
+                            id: 'perm-1',
+                            name: 'read:posts'
+                        }
+                    ]
+                }
+            ]
+        };
+        expect(hasPermission(user, 'delete:posts')).toBe(false);
+    });
+    it('should correctly search through multiple roles', ()=>{
+        const user = {
+            id: '1',
+            roles: [
+                {
+                    id: 'role-1',
+                    name: 'editor',
+                    permissions: [
+                        {
+                            id: 'perm-1',
+                            name: 'read:posts'
+                        }
+                    ]
+                },
+                {
+                    id: 'role-2',
+                    name: 'manager',
+                    permissions: [
+                        {
+                            id: 'perm-2',
+                            name: 'delete:posts'
+                        }
+                    ]
+                }
+            ]
+        };
+        expect(hasPermission(user, 'delete:posts')).toBe(true);
+        expect(hasPermission(user, 'read:posts')).toBe(true);
+        expect(hasPermission(user, 'create:users')).toBe(false);
+    });
+});
+
+//# sourceMappingURL=hasPermission.spec.js.map

package/dist/utilities/hasPermission.spec.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/utilities/hasPermission.spec.ts"],"sourcesContent":["import { hasPermission } from './hasPermission.js'\nimport type { PayloadRequest } from 'payload'\n\ndescribe('hasPermission', () => {\n  it('should return false if user is null', () => {\n    expect(hasPermission(null, 'read:posts')).toBe(false)\n  })\n\n  it('should return false if user has no roles array', () => {\n    const user = { id: '1' } as PayloadRequest['user']\n    expect(hasPermission(user, 'read:posts')).toBe(false)\n  })\n\n  it('should return false if user roles is unpopulated (array of strings)', () => {\n    const user = {\n      id: '1',\n      roles: ['role-id-1'],\n    } as unknown as PayloadRequest['user']\n    expect(hasPermission(user, 'read:posts')).toBe(false)\n  })\n\n  it('should return false if role has no permissions', () => {\n    const user = {\n      id: '1',\n      roles: [{ id: 'role-1', name: 'admin' }],\n    } as unknown as PayloadRequest['user']\n    expect(hasPermission(user, 'read:posts')).toBe(false)\n  })\n\n  it('should return false if role permissions are unpopulated (array of strings)', () => {\n    const user = {\n      id: '1',\n      roles: [{ id: 'role-1', name: 'admin', permissions: ['perm-id-1'] }],\n    } as unknown as PayloadRequest['user']\n    expect(hasPermission(user, 'read:posts')).toBe(false)\n  })\n\n  it('should return true if permission is found in populated roles', () => {\n    const user = {\n      id: '1',\n      roles: [\n        {\n          id: 'role-1',\n          name: 'admin',\n          permissions: [\n            { id: 'perm-1', name: 'read:posts' },\n            { id: 'perm-2', name: 'write:posts' },\n          ],\n        },\n      ],\n    } as unknown as PayloadRequest['user']\n    expect(hasPermission(user, 'write:posts')).toBe(true)\n  })\n\n  it('should return false if permission is not found in populated roles', () => {\n    const user = {\n      id: '1',\n      roles: [\n        {\n          id: 'role-1',\n          name: 'editor',\n          permissions: [{ id: 'perm-1', name: 'read:posts' }],\n        },\n      ],\n    } as unknown as PayloadRequest['user']\n    expect(hasPermission(user, 'delete:posts')).toBe(false)\n  })\n\n  it('should correctly search through multiple roles', () => {\n    const user = {\n      id: '1',\n      roles: [\n        {\n          id: 'role-1',\n          name: 'editor',\n          permissions: [{ id: 'perm-1', name: 'read:posts' }],\n        },\n        {\n          id: 'role-2',\n          name: 'manager',\n          permissions: [{ id: 'perm-2', name: 'delete:posts' }],\n        },\n      ],\n    } as unknown as PayloadRequest['user']\n    expect(hasPermission(user, 'delete:posts')).toBe(true)\n    expect(hasPermission(user, 'read:posts')).toBe(true)\n    expect(hasPermission(user, 'create:users')).toBe(false)\n  })\n})\n"],"names":["hasPermission","describe","it","expect","toBe","user","id","roles","name","permissions"],"mappings":"AAAA,SAASA,aAAa,QAAQ,qBAAoB;AAGlDC,SAAS,iBAAiB;IACxBC,GAAG,uCAAuC;QACxCC,OAAOH,cAAc,MAAM,eAAeI,IAAI,CAAC;IACjD;IAEAF,GAAG,kDAAkD;QACnD,MAAMG,OAAO;YAAEC,IAAI;QAAI;QACvBH,OAAOH,cAAcK,MAAM,eAAeD,IAAI,CAAC;IACjD;IAEAF,GAAG,uEAAuE;QACxE,MAAMG,OAAO;YACXC,IAAI;YACJC,OAAO;gBAAC;aAAY;QACtB;QACAJ,OAAOH,cAAcK,MAAM,eAAeD,IAAI,CAAC;IACjD;IAEAF,GAAG,kDAAkD;QACnD,MAAMG,OAAO;YACXC,IAAI;YACJC,OAAO;gBAAC;oBAAED,IAAI;oBAAUE,MAAM;gBAAQ;aAAE;QAC1C;QACAL,OAAOH,cAAcK,MAAM,eAAeD,IAAI,CAAC;IACjD;IAEAF,GAAG,8EAA8E;QAC/E,MAAMG,OAAO;YACXC,IAAI;YACJC,OAAO;gBAAC;oBAAED,IAAI;oBAAUE,MAAM;oBAASC,aAAa;wBAAC;qBAAY;gBAAC;aAAE;QACtE;QACAN,OAAOH,cAAcK,MAAM,eAAeD,IAAI,CAAC;IACjD;IAEAF,GAAG,gEAAgE;QACjE,MAAMG,OAAO;YACXC,IAAI;YACJC,OAAO;gBACL;oBACED,IAAI;oBACJE,MAAM;oBACNC,aAAa;wBACX;4BAAEH,IAAI;4BAAUE,MAAM;wBAAa;wBACnC;4BAAEF,IAAI;4BAAUE,MAAM;wBAAc;qBACrC;gBACH;aACD;QACH;QACAL,OAAOH,cAAcK,MAAM,gBAAgBD,IAAI,CAAC;IAClD;IAEAF,GAAG,qEAAqE;QACtE,MAAMG,OAAO;YACXC,IAAI;YACJC,OAAO;gBACL;oBACED,IAAI;oBACJE,MAAM;oBACNC,aAAa;wBAAC;4BAAEH,IAAI;4BAAUE,MAAM;wBAAa;qBAAE;gBACrD;aACD;QACH;QACAL,OAAOH,cAAcK,MAAM,iBAAiBD,IAAI,CAAC;IACnD;IAEAF,GAAG,kDAAkD;QACnD,MAAMG,OAAO;YACXC,IAAI;YACJC,OAAO;gBACL;oBACED,IAAI;oBACJE,MAAM;oBACNC,aAAa;wBAAC;4BAAEH,IAAI;4BAAUE,MAAM;wBAAa;qBAAE;gBACrD;gBACA;oBACEF,IAAI;oBACJE,MAAM;oBACNC,aAAa;wBAAC;4BAAEH,IAAI;4BAAUE,MAAM;wBAAe;qBAAE;gBACvD;aACD;QACH;QACAL,OAAOH,cAAcK,MAAM,iBAAiBD,IAAI,CAAC;QACjDD,OAAOH,cAAcK,MAAM,eAAeD,IAAI,CAAC;QAC/CD,OAAOH,cAAcK,MAAM,iBAAiBD,IAAI,CAAC;IACnD;AACF"}

package/dist/utilities/index.d.ts

@@ -0,0 +1,2 @@
+export { checkPermission } from './checkPermission';
+export { hasPermission } from './hasPermission';

package/dist/utilities/index.js

@@ -0,0 +1,4 @@
+export { hasPermission } from './hasPermission.js';
+export { checkPermission } from './checkPermission.js';
+
+//# sourceMappingURL=index.js.map

package/dist/utilities/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/utilities/index.ts"],"sourcesContent":["export { hasPermission } from './hasPermission.js'\nexport { checkPermission } from './checkPermission.js'\n"],"names":["hasPermission","checkPermission"],"mappings":"AAAA,SAASA,aAAa,QAAQ,qBAAoB;AAClD,SAASC,eAAe,QAAQ,uBAAsB"}

package/package.json

@@ -0,0 +1,126 @@
+{
+  "name": "payload-rbac-plugin",
+  "version": "1.0.0",
+  "description": "RBAC plugin for payloadcms",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Mhmod-Hsn/Payload-RBAC-Plugin.git"
+  },
+  "bugs": {
+    "url": "https://github.com/Mhmod-Hsn/Payload-RBAC-Plugin/issues"
+  },
+  "homepage": "https://github.com/Mhmod-Hsn/Payload-RBAC-Plugin#readme",
+  "license": "MIT",
+  "type": "module",
+  "exports": {
+    ".": {
+      "import": "./src/index.ts",
+      "types": "./src/index.ts",
+      "default": "./src/index.ts"
+    },
+    "./client": {
+      "import": "./src/exports/client.ts",
+      "types": "./src/exports/client.ts",
+      "default": "./src/exports/client.ts"
+    },
+    "./rsc": {
+      "import": "./src/exports/rsc.ts",
+      "types": "./src/exports/rsc.ts",
+      "default": "./src/exports/rsc.ts"
+    }
+  },
+  "main": "./src/index.ts",
+  "types": "./src/index.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "pnpm copyfiles && pnpm build:types && pnpm build:swc",
+    "build:swc": "swc ./src -d ./dist --config-file .swcrc --strip-leading-paths",
+    "build:types": "tsc --outDir dist --rootDir ./src",
+    "clean": "rimraf {dist,*.tsbuildinfo}",
+    "copyfiles": "copyfiles -u 1 \"src/**/*.{html,css,scss,ttf,woff,woff2,eot,svg,jpg,png,json}\" dist/",
+    "dev": "next dev dev --turbo",
+    "dev:generate-importmap": "pnpm dev:payload generate:importmap",
+    "dev:generate-types": "pnpm dev:payload generate:types",
+    "dev:payload": "cross-env PAYLOAD_CONFIG_PATH=./dev/payload.config.ts payload",
+    "generate:importmap": "pnpm dev:generate-importmap",
+    "generate:types": "pnpm dev:generate-types",
+    "lint": "eslint",
+    "lint:fix": "eslint ./src --fix",
+    "test": "pnpm test:int && pnpm test:e2e",
+    "test:e2e": "playwright test",
+    "test:int": "vitest"
+  },
+  "devDependencies": {
+    "@eslint/eslintrc": "^3.2.0",
+    "@payloadcms/db-mongodb": "3.84.1",
+    "@payloadcms/db-postgres": "3.84.1",
+    "@payloadcms/db-sqlite": "3.84.1",
+    "@payloadcms/eslint-config": "3.28.0",
+    "@payloadcms/next": "3.84.1",
+    "@payloadcms/richtext-lexical": "3.84.1",
+    "@payloadcms/ui": "3.84.1",
+    "@playwright/test": "1.58.2",
+    "@swc-node/register": "1.10.9",
+    "@swc/cli": "0.6.0",
+    "@types/node": "22.19.9",
+    "@types/react": "19.2.14",
+    "@types/react-dom": "19.2.3",
+    "copyfiles": "2.4.1",
+    "cross-env": "^7.0.3",
+    "eslint": "^9.23.0",
+    "eslint-config-next": "16.2.6",
+    "graphql": "^16.8.1",
+    "mongodb-memory-server": "10.1.4",
+    "next": "16.2.6",
+    "open": "^10.1.0",
+    "payload": "3.84.1",
+    "prettier": "^3.4.2",
+    "qs-esm": "8.0.1",
+    "react": "19.2.6",
+    "react-dom": "19.2.6",
+    "rimraf": "3.0.2",
+    "sharp": "0.34.2",
+    "sort-package-json": "^2.10.0",
+    "typescript": "5.7.3",
+    "vite-tsconfig-paths": "6.0.5",
+    "vitest": "^4.1.8"
+  },
+  "peerDependencies": {
+    "payload": "^3.84.1"
+  },
+  "engines": {
+    "node": "^18.20.2 || >=20.9.0",
+    "pnpm": "^9 || ^10"
+  },
+  "publishConfig": {
+    "exports": {
+      ".": {
+        "import": "./dist/index.js",
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "./client": {
+        "import": "./dist/exports/client.js",
+        "types": "./dist/exports/client.d.ts",
+        "default": "./dist/exports/client.js"
+      },
+      "./rsc": {
+        "import": "./dist/exports/rsc.js",
+        "types": "./dist/exports/rsc.d.ts",
+        "default": "./dist/exports/rsc.js"
+      }
+    },
+    "main": "./dist/index.js",
+    "types": "./dist/index.d.ts"
+  },
+  "pnpm": {
+    "onlyBuiltDependencies": [
+      "sharp",
+      "esbuild",
+      "unrs-resolver"
+    ]
+  },
+  "registry": "https://registry.npmjs.org/"
+}