Check permissions
For use with Netlify Visual Editor only.
When a user opens a site in the visual editor, Netlify will call connector.hasAccess() on your connector to confirm that they have the necessary permissions to update content in the data source.
The API has access to a userContext object that contains information about the current user and any user-specific OAuth tokens for communicating with the data source. You need to add logic to confirm that the current user has connected to the data source and that they have the correct token to create, update, and delete content in the data source.
The logic to add depends on whether or not your data source has an OAuth integration with Netlify.
Data sources without OAuth
If your data source does not have an OAuth integration with Netlify, you can return true for both hasPermissions and hasConnection.
connector.hasAccess(async ({ userContext }) => { return { hasPermissions: true, hasConnection: true, };});Data sources with OAuth
If your data source has an OAuth integration with Netlify, you need to add additional logic to verify the user’s permissions before returning values for hasPermissions and hasConnection.
Here is an example that checks whether the user has an access token first. If it does, then we verify the user’s permissions before returning.
connector.hasAccess(async ({ userContext }) => { // check if accessToken is set, otherwise the user did not connect // the content source with Netlify using OAuth if (!userContext?.accessToken) { return { hasConnection: false, hasPermissions: false, } } // check that user’s accessToken provides // the necessary access to update the content const hasPermissions = await this.apiClient.hasPermissions({ accessToken: userContext?.accessToken, actions: 'updateContent', }) return { hasConnection: true, hasPermissions: hasPermissions, }});