web / lib/utils/catalog-ownership
lib/utils/catalog-ownership
Catalog ownership and access control utilities.
Shared by collection hooks (events, datasets) and import pipeline to validate catalog access and extract denormalized access fields.
Functions
validateCatalogOwnership()
validateCatalogOwnership(
payload,catalogRef,user):Promise<void>
Validates that a user has access to a catalog (owns it or it’s public). Admin/editor users bypass this check.
Parameters
payload
BasePayload
catalogRef
unknown
user
id
number
role?
string | null
Returns
Promise<void>
Throws
Error if the user does not have access to the catalog
safeFetchRecord()
safeFetchRecord<
T>(req,collection,id,depth?):Promise<T|null>
Safe fetch by ID in a Payload hook context (uses req for transaction sharing).
Returns null instead of throwing on not-found or permission errors.
Type Parameters
T
T
Parameters
req
PayloadRequest
collection
"import-files" | "catalogs" | "data-exports" | "datasets" | "dataset-schemas" | "audit-log" | "import-jobs" | "scheduled-imports" | "events" | "users" | "user-usage" | "media" | "location-cache" | "geocoding-providers" | "pages" | "sites" | "themes" | "layout-templates" | "views" | "schema-detectors" | "payload-kv" | "payload-jobs" | "payload-locked-documents" | "payload-preferences" | "payload-migrations"
id
string | number
depth?
number = 0
Returns
Promise<T | null>
extractDenormalizedAccessFields()
extractDenormalizedAccessFields(
dataset):object
Extract denormalized access control fields from a dataset with populated catalog. Used by events and datasets hooks to set datasetIsPublic and catalogOwnerId.
Parameters
dataset
Dataset
Returns
object
datasetIsPublic
datasetIsPublic:
boolean
catalogOwnerId
catalogOwnerId:
number|undefined