Ability to override defaultPayloadAccess

[maxsynnott]

In the Access Control documentation it mentions a defaultPayloadAccess function which is defined like so:

const defaultPayloadAccess = ({ req: { user } }) => {
	// Return `true` if a user is found
	// and `false` if it is undefined or null
	return Boolean(user);
}

I think it would be useful to be able to override this function. For example in my application I have added a role field to my users collection which can be either 'user' | 'admin'. I want to change the defaultPayloadAccess function to something like so:

const defaultPayloadAccess = ({ req: { user } }) => {
	return user?.role === 'admin';
};

Without this I have to manually add this function to every single access route and if I accidentally miss one or forget to add them when creating a new collection I open access to all users which is obviously a vulnerability.

Ideally, you could also change the default function depending on the action like so:

{
	access: {
		defaults: {
			read: () => true,
			create: ({ req }) => Boolean(req.user),
			delete: ({ req }) => req.user?.role === 'admin'
		}
	}
}

I'd be happy to assist with implementation if this is deemed wanted