npm - @akemona-org/strapi-plugin-content-manager - Versions diffs - 3.7.0 - Mend

@akemona-org/strapi-plugin-content-manager 3.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (401) hide show

package/controllers/collection-types.js ADDED Viewed

@@ -0,0 +1,282 @@
+'use strict';
+const { has, pipe, prop, pick } = require('lodash/fp');
+const { MANY_RELATIONS } = require('@akemona-org/strapi-utils').relations.constants;
+const { setCreatorFields } = require('@akemona-org/strapi-utils');
+const { getService, wrapBadRequest, pickWritableAttributes } = require('../utils');
+const { validateBulkDeleteInput, validatePagination } = require('./validation');
+module.exports = {
+  async find(ctx) {
+    const { userAbility } = ctx.state;
+    const { model } = ctx.params;
+    const { query } = ctx.request;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.read()) {
+      return ctx.forbidden();
+    }
+    const method = has('_q', query) ? 'searchWithRelationCounts' : 'findWithRelationCounts';
+    const permissionQuery = permissionChecker.buildReadQuery(query);
+    const { results, pagination } = await entityManager[method](permissionQuery, model);
+    ctx.body = {
+      results: results.map((entity) => permissionChecker.sanitizeOutput(entity)),
+      pagination,
+    };
+  },
+  async findOne(ctx) {
+    const { userAbility } = ctx.state;
+    const { model, id } = ctx.params;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.read()) {
+      return ctx.forbidden();
+    }
+    const entity = await entityManager.findOneWithCreatorRoles(id, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.read(entity)) {
+      return ctx.forbidden();
+    }
+    ctx.body = permissionChecker.sanitizeOutput(entity);
+  },
+  async create(ctx) {
+    const { userAbility, user } = ctx.state;
+    const { model } = ctx.params;
+    const { body } = ctx.request;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.create()) {
+      return ctx.forbidden();
+    }
+    const pickWritables = pickWritableAttributes({ model });
+    const pickPermittedFields = permissionChecker.sanitizeCreateInput;
+    const setCreator = setCreatorFields({ user });
+    const sanitizeFn = pipe([pickWritables, pickPermittedFields, setCreator]);
+    await wrapBadRequest(async () => {
+      const entity = await entityManager.create(sanitizeFn(body), model);
+      ctx.body = permissionChecker.sanitizeOutput(entity);
+      // await strapi.telemetry.send('didCreateFirstContentTypeEntry', { model });
+    })();
+  },
+  async update(ctx) {
+    const { userAbility, user } = ctx.state;
+    const { id, model } = ctx.params;
+    const { body } = ctx.request;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.update()) {
+      return ctx.forbidden();
+    }
+    const entity = await entityManager.findOneWithCreatorRoles(id, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.update(entity)) {
+      return ctx.forbidden();
+    }
+    const pickWritables = pickWritableAttributes({ model });
+    const pickPermittedFields = permissionChecker.sanitizeUpdateInput(entity);
+    const setCreator = setCreatorFields({ user, isEdition: true });
+    const sanitizeFn = pipe([pickWritables, pickPermittedFields, setCreator]);
+    await wrapBadRequest(async () => {
+      const updatedEntity = await entityManager.update(entity, sanitizeFn(body), model);
+      ctx.body = permissionChecker.sanitizeOutput(updatedEntity);
+    })();
+  },
+  async delete(ctx) {
+    const { userAbility } = ctx.state;
+    const { id, model } = ctx.params;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.delete()) {
+      return ctx.forbidden();
+    }
+    const entity = await entityManager.findOneWithCreatorRoles(id, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.delete(entity)) {
+      return ctx.forbidden();
+    }
+    const result = await entityManager.delete(entity, model);
+    ctx.body = permissionChecker.sanitizeOutput(result);
+  },
+  async publish(ctx) {
+    const { userAbility } = ctx.state;
+    const { id, model } = ctx.params;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.publish()) {
+      return ctx.forbidden();
+    }
+    const entity = await entityManager.findOneWithCreatorRoles(id, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.publish(entity)) {
+      return ctx.forbidden();
+    }
+    const result = await entityManager.publish(entity, model);
+    ctx.body = permissionChecker.sanitizeOutput(result);
+  },
+  async unpublish(ctx) {
+    const { userAbility } = ctx.state;
+    const { id, model } = ctx.params;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.unpublish()) {
+      return ctx.forbidden();
+    }
+    const entity = await entityManager.findOneWithCreatorRoles(id, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.unpublish(entity)) {
+      return ctx.forbidden();
+    }
+    const result = await entityManager.unpublish(entity, model);
+    ctx.body = permissionChecker.sanitizeOutput(result);
+  },
+  async bulkDelete(ctx) {
+    const { userAbility } = ctx.state;
+    const { model } = ctx.params;
+    const { query, body } = ctx.request;
+    const { ids } = body;
+    await validateBulkDeleteInput(body);
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.delete()) {
+      return ctx.forbidden();
+    }
+    const permissionQuery = permissionChecker.buildDeleteQuery(query);
+    const idsWhereClause = { [`id_in`]: ids };
+    const params = {
+      ...permissionQuery,
+      _where: [idsWhereClause].concat(permissionQuery._where || {}),
+    };
+    const results = await entityManager.findAndDelete(params, model);
+    ctx.body = results.map((result) => permissionChecker.sanitizeOutput(result));
+  },
+  async previewManyRelations(ctx) {
+    const { userAbility } = ctx.state;
+    const { model, id, targetField } = ctx.params;
+    const { pageSize = 10, page = 1 } = ctx.request.query;
+    validatePagination({ page, pageSize });
+    const contentTypeService = getService('content-types');
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.read()) {
+      return ctx.forbidden();
+    }
+    const modelDef = strapi.getModel(model);
+    const assoc = modelDef.associations.find((a) => a.alias === targetField);
+    if (!assoc || !MANY_RELATIONS.includes(assoc.nature)) {
+      return ctx.badRequest('Invalid target field');
+    }
+    const entity = await entityManager.findOneWithCreatorRoles(id, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.read(entity, targetField)) {
+      return ctx.forbidden();
+    }
+    let relationList;
+    if (assoc.nature === 'manyWay') {
+      const populatedEntity = await entityManager.findOne(id, model, [targetField]);
+      const relationsListIds = populatedEntity[targetField].map(prop('id'));
+      relationList = await entityManager.findPage(
+        { page, pageSize, id_in: relationsListIds },
+        assoc.targetUid
+      );
+    } else {
+      const assocModel = strapi.db.getModelByAssoc(assoc);
+      relationList = await entityManager.findPage(
+        { page, pageSize, [`${assoc.via}.${assocModel.primaryKey}`]: entity.id },
+        assoc.targetUid
+      );
+    }
+    const config = await contentTypeService.findConfiguration({ uid: model });
+    const mainField = prop(['metadatas', assoc.alias, 'edit', 'mainField'], config);
+    ctx.body = {
+      pagination: relationList.pagination,
+      results: relationList.results.map(pick(['id', modelDef.primaryKey, mainField])),
+    };
+  },
+};

package/controllers/components.js ADDED Viewed

@@ -0,0 +1,66 @@
+'use strict';
+const { getService } = require('../utils');
+const { createModelConfigurationSchema } = require('./validation');
+module.exports = {
+  findComponents(ctx) {
+    const components = getService('components').findAllComponents();
+    const { toDto } = getService('data-mapper');
+    ctx.body = { data: components.map(toDto) };
+  },
+  async findComponentConfiguration(ctx) {
+    const { uid } = ctx.params;
+    const componentService = getService('components');
+    const component = componentService.findComponent(uid);
+    if (!component) {
+      return ctx.notFound('component.notFound');
+    }
+    const configuration = await componentService.findConfiguration(component);
+    const componentsConfigurations = await componentService.findComponentsConfigurations(component);
+    ctx.body = {
+      data: {
+        component: configuration,
+        components: componentsConfigurations,
+      },
+    };
+  },
+  async updateComponentConfiguration(ctx) {
+    const { uid } = ctx.params;
+    const { body } = ctx.request;
+    const componentService = getService('components');
+    const component = componentService.findComponent(uid);
+    if (!component) {
+      return ctx.notFound('component.notFound');
+    }
+    let input;
+    try {
+      input = await createModelConfigurationSchema(component).validate(body, {
+        abortEarly: false,
+        stripUnknown: true,
+        strict: true,
+      });
+    } catch (error) {
+      return ctx.badRequest(null, {
+        name: 'validationError',
+        errors: error.errors,
+      });
+    }
+    const newConfiguration = await componentService.updateConfiguration(component, input);
+    ctx.body = { data: newConfiguration };
+  },
+};

package/controllers/content-types.js ADDED Viewed

@@ -0,0 +1,112 @@
+'use strict';
+const { has, assoc, mapValues, prop } = require('lodash/fp');
+const { getService } = require('../utils');
+const { createModelConfigurationSchema, validateKind } = require('./validation');
+const hasEditMainField = has('edit.mainField');
+const getEditMainField = prop('edit.mainField');
+const assocListMainField = assoc('list.mainField');
+const assocMainField = metadata =>
+  hasEditMainField(metadata) ? assocListMainField(getEditMainField(metadata), metadata) : metadata;
+module.exports = {
+  async findContentTypes(ctx) {
+    const { kind } = ctx.query;
+    try {
+      await validateKind(kind);
+    } catch (error) {
+      return ctx.send({ error }, 400);
+    }
+    const contentTypes = getService('content-types').findContentTypesByKind(kind);
+    const { toDto } = getService('data-mapper');
+    ctx.body = { data: contentTypes.map(toDto) };
+  },
+  async findContentTypesSettings(ctx) {
+    const { findAllContentTypes, findConfiguration } = getService('content-types');
+    const contentTypes = await findAllContentTypes();
+    const configurations = await Promise.all(
+      contentTypes.map(async contentType => {
+        const { uid, settings } = await findConfiguration(contentType);
+        return { uid, settings };
+      })
+    );
+    ctx.body = {
+      data: configurations,
+    };
+  },
+  async findContentTypeConfiguration(ctx) {
+    const { uid } = ctx.params;
+    const contentTypeService = getService('content-types');
+    const contentType = await contentTypeService.findContentType(uid);
+    if (!contentType) {
+      return ctx.notFound('contentType.notFound');
+    }
+    const configuration = await contentTypeService.findConfiguration(contentType);
+    const confWithUpdatedMetadata = {
+      ...configuration,
+      metadatas: mapValues(assocMainField, configuration.metadatas),
+    };
+    const components = await contentTypeService.findComponentsConfigurations(contentType);
+    ctx.body = {
+      data: {
+        contentType: confWithUpdatedMetadata,
+        components,
+      },
+    };
+  },
+  async updateContentTypeConfiguration(ctx) {
+    const { userAbility } = ctx.state;
+    const { uid } = ctx.params;
+    const { body } = ctx.request;
+    const contentTypeService = getService('content-types');
+    const metricsService = getService('metrics');
+    const contentType = await contentTypeService.findContentType(uid);
+    if (!contentType) {
+      return ctx.notFound('contentType.notFound');
+    }
+    if (!getService('permission').canConfigureContentType({ userAbility, contentType })) {
+      return ctx.forbidden();
+    }
+    let input;
+    try {
+      input = await createModelConfigurationSchema(contentType).validate(body, {
+        abortEarly: false,
+        stripUnknown: true,
+        strict: true,
+      });
+    } catch (error) {
+      return ctx.badRequest(null, {
+        name: 'validationError',
+        errors: error.errors,
+      });
+    }
+    const newConfiguration = await contentTypeService.updateConfiguration(contentType, input);
+    await metricsService.sendDidConfigureListView(contentType, newConfiguration);
+    ctx.body = { data: newConfiguration };
+  },
+};

package/controllers/relations.js ADDED Viewed

@@ -0,0 +1,63 @@
+'use strict';
+const { has, prop, pick, concat } = require('lodash/fp');
+const { PUBLISHED_AT_ATTRIBUTE } = require('@akemona-org/strapi-utils').contentTypes.constants;
+const { getService } = require('../utils');
+module.exports = {
+  async find(ctx) {
+    const { model, targetField } = ctx.params;
+    const { _component, ...query } = ctx.request.query;
+    const { idsToOmit } = ctx.request.body;
+    if (!targetField) {
+      return ctx.badRequest();
+    }
+    const modelDef = _component ? strapi.db.getModel(_component) : strapi.db.getModel(model);
+    if (!modelDef) {
+      return ctx.notFound('model.notFound');
+    }
+    const attr = modelDef.attributes[targetField];
+    if (!attr) {
+      return ctx.badRequest('targetField.invalid');
+    }
+    const target = strapi.db.getModelByAssoc(attr);
+    if (!target) {
+      return ctx.notFound('target.notFound');
+    }
+    if (idsToOmit && Array.isArray(idsToOmit)) {
+      query._where = query._where || {};
+      query._where.id_nin = concat(query._where.id_nin || [], idsToOmit);
+    }
+    const entityManager = getService('entity-manager');
+    let entities = [];
+    if (has('_q', ctx.request.query)) {
+      entities = await entityManager.search(query, target.uid);
+    } else {
+      entities = await entityManager.find(query, target.uid);
+    }
+    if (!entities) {
+      return ctx.notFound();
+    }
+    const modelConfig = _component
+      ? await getService('components').findConfiguration(modelDef)
+      : await getService('content-types').findConfiguration(modelDef);
+    const field = prop(`metadatas.${targetField}.edit.mainField`, modelConfig) || 'id';
+    const pickFields = [field, 'id', target.primaryKey, PUBLISHED_AT_ATTRIBUTE];
+    ctx.body = entities.map(pick(pickFields));
+  },
+};

package/controllers/single-types.js ADDED Viewed

@@ -0,0 +1,170 @@
+'use strict';
+const { pipe } = require('lodash/fp');
+const { setCreatorFields } = require('@akemona-org/strapi-utils');
+const { getService, wrapBadRequest, pickWritableAttributes } = require('../utils');
+const findEntity = async (query, model) => {
+  const entityManager = getService('entity-manager');
+  const entity = await entityManager.find(query, model);
+  return entityManager.assocCreatorRoles(entity);
+};
+module.exports = {
+  async find(ctx) {
+    const { userAbility } = ctx.state;
+    const { model } = ctx.params;
+    const { query = {} } = ctx.request;
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.read()) {
+      return ctx.forbidden();
+    }
+    const permissionQuery = permissionChecker.buildReadQuery(query);
+    const entity = await findEntity(permissionQuery, model);
+    // allow user with create permission to know a single type is not created
+    if (!entity) {
+      if (permissionChecker.cannot.create()) {
+        return ctx.forbidden();
+      }
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.read(entity)) {
+      return ctx.forbidden();
+    }
+    ctx.body = permissionChecker.sanitizeOutput(entity);
+  },
+  async createOrUpdate(ctx) {
+    const { user, userAbility } = ctx.state;
+    const { model } = ctx.params;
+    const { body, query } = ctx.request;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.create() && permissionChecker.cannot.update()) {
+      return ctx.forbidden();
+    }
+    const entity = await findEntity(query, model);
+    const pickWritables = pickWritableAttributes({ model });
+    const pickPermittedFields = entity
+      ? permissionChecker.sanitizeUpdateInput(entity)
+      : permissionChecker.sanitizeCreateInput;
+    const setCreator = entity
+      ? setCreatorFields({ user, isEdition: true })
+      : setCreatorFields({ user });
+    const sanitizeFn = pipe([pickWritables, pickPermittedFields, setCreator]);
+    await wrapBadRequest(async () => {
+      if (!entity) {
+        const newEntity = await entityManager.create(sanitizeFn(body), model, { params: query });
+        ctx.body = permissionChecker.sanitizeOutput(newEntity);
+        // await strapi.telemetry.send('didCreateFirstContentTypeEntry', { model });
+        return;
+      }
+      if (permissionChecker.cannot.update(entity)) {
+        return ctx.forbidden();
+      }
+      const updatedEntity = await entityManager.update(entity, sanitizeFn(body), model);
+      ctx.body = permissionChecker.sanitizeOutput(updatedEntity);
+    })();
+  },
+  async delete(ctx) {
+    const { userAbility } = ctx.state;
+    const { model } = ctx.params;
+    const { query = {} } = ctx.request;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.delete()) {
+      return ctx.forbidden();
+    }
+    const entity = await findEntity(query, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.delete(entity)) {
+      return ctx.forbidden();
+    }
+    const deletedEntity = await entityManager.delete(entity, model);
+    ctx.body = permissionChecker.sanitizeOutput(deletedEntity);
+  },
+  async publish(ctx) {
+    const { userAbility } = ctx.state;
+    const { model } = ctx.params;
+    const { query = {} } = ctx.request;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.publish()) {
+      return ctx.forbidden();
+    }
+    const entity = await findEntity(query, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.publish(entity)) {
+      return ctx.forbidden();
+    }
+    const publishedEntity = await entityManager.publish(entity, model);
+    ctx.body = permissionChecker.sanitizeOutput(publishedEntity);
+  },
+  async unpublish(ctx) {
+    const { userAbility } = ctx.state;
+    const { model } = ctx.params;
+    const { query = {} } = ctx.request;
+    const entityManager = getService('entity-manager');
+    const permissionChecker = getService('permission-checker').create({ userAbility, model });
+    if (permissionChecker.cannot.unpublish()) {
+      return ctx.forbidden();
+    }
+    const entity = await findEntity(query, model);
+    if (!entity) {
+      return ctx.notFound();
+    }
+    if (permissionChecker.cannot.unpublish(entity)) {
+      return ctx.forbidden();
+    }
+    const unpublishedEntity = await entityManager.unpublish(entity, model);
+    ctx.body = permissionChecker.sanitizeOutput(unpublishedEntity);
+  },
+};