@akemona-org/strapi-plugin-users-permissions 3.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (143) hide show
  1. package/LICENSE +22 -0
  2. package/README.md +19 -0
  3. package/admin/src/assets/images/logo.svg +1 -0
  4. package/admin/src/components/BaselineAlignement/index.js +33 -0
  5. package/admin/src/components/Bloc/index.js +10 -0
  6. package/admin/src/components/BoundRoute/Components.js +78 -0
  7. package/admin/src/components/BoundRoute/index.js +56 -0
  8. package/admin/src/components/ContainerFluid/index.js +13 -0
  9. package/admin/src/components/FormBloc/index.js +61 -0
  10. package/admin/src/components/IntlInput/index.js +38 -0
  11. package/admin/src/components/ListBaselineAlignment/index.js +8 -0
  12. package/admin/src/components/ListRow/Components.js +74 -0
  13. package/admin/src/components/ListRow/index.js +35 -0
  14. package/admin/src/components/ModalForm/Wrapper.js +12 -0
  15. package/admin/src/components/ModalForm/index.js +59 -0
  16. package/admin/src/components/Permissions/ListWrapper.js +9 -0
  17. package/admin/src/components/Permissions/PermissionRow/BaselineAlignment.js +7 -0
  18. package/admin/src/components/Permissions/PermissionRow/CheckboxWrapper.js +37 -0
  19. package/admin/src/components/Permissions/PermissionRow/RowStyle.js +28 -0
  20. package/admin/src/components/Permissions/PermissionRow/SubCategory/ConditionsButtonWrapper.js +13 -0
  21. package/admin/src/components/Permissions/PermissionRow/SubCategory/PolicyWrapper.js +8 -0
  22. package/admin/src/components/Permissions/PermissionRow/SubCategory/SubCategoryWrapper.js +26 -0
  23. package/admin/src/components/Permissions/PermissionRow/SubCategory/index.js +116 -0
  24. package/admin/src/components/Permissions/PermissionRow/index.js +92 -0
  25. package/admin/src/components/Permissions/index.js +44 -0
  26. package/admin/src/components/Permissions/init.js +14 -0
  27. package/admin/src/components/Permissions/reducer.js +27 -0
  28. package/admin/src/components/Policies/Components.js +26 -0
  29. package/admin/src/components/Policies/index.js +61 -0
  30. package/admin/src/components/PrefixedIcon/index.js +27 -0
  31. package/admin/src/components/Roles/EmptyRole/BaselineAlignment.js +7 -0
  32. package/admin/src/components/Roles/EmptyRole/index.js +27 -0
  33. package/admin/src/components/Roles/RoleListWrapper/index.js +17 -0
  34. package/admin/src/components/Roles/RoleRow/RoleDescription.js +9 -0
  35. package/admin/src/components/Roles/RoleRow/index.js +45 -0
  36. package/admin/src/components/Roles/index.js +3 -0
  37. package/admin/src/components/SizedInput/index.js +24 -0
  38. package/admin/src/components/UsersPermissions/index.js +91 -0
  39. package/admin/src/components/UsersPermissions/init.js +11 -0
  40. package/admin/src/components/UsersPermissions/reducer.js +60 -0
  41. package/admin/src/containers/AdvancedSettings/index.js +218 -0
  42. package/admin/src/containers/AdvancedSettings/reducer.js +65 -0
  43. package/admin/src/containers/AdvancedSettings/utils/form.js +52 -0
  44. package/admin/src/containers/EmailTemplates/CustomTextInput.js +105 -0
  45. package/admin/src/containers/EmailTemplates/Wrapper.js +36 -0
  46. package/admin/src/containers/EmailTemplates/index.js +222 -0
  47. package/admin/src/containers/EmailTemplates/reducer.js +58 -0
  48. package/admin/src/containers/EmailTemplates/utils/forms.js +81 -0
  49. package/admin/src/containers/EmailTemplates/utils/schema.js +25 -0
  50. package/admin/src/containers/Providers/index.js +283 -0
  51. package/admin/src/containers/Providers/reducer.js +54 -0
  52. package/admin/src/containers/Providers/utils/createProvidersArray.js +21 -0
  53. package/admin/src/containers/Providers/utils/forms.js +205 -0
  54. package/admin/src/containers/Roles/CreatePage/index.js +167 -0
  55. package/admin/src/containers/Roles/CreatePage/utils/schema.js +9 -0
  56. package/admin/src/containers/Roles/EditPage/index.js +161 -0
  57. package/admin/src/containers/Roles/EditPage/utils/schema.js +9 -0
  58. package/admin/src/containers/Roles/ListPage/BaselineAlignment.js +8 -0
  59. package/admin/src/containers/Roles/ListPage/index.js +188 -0
  60. package/admin/src/containers/Roles/ProtectedCreatePage/index.js +12 -0
  61. package/admin/src/containers/Roles/ProtectedEditPage/index.js +12 -0
  62. package/admin/src/containers/Roles/ProtectedListPage/index.js +15 -0
  63. package/admin/src/containers/Roles/index.js +35 -0
  64. package/admin/src/contexts/EditPage/index.js +26 -0
  65. package/admin/src/contexts/HomePage/index.js +27 -0
  66. package/admin/src/contexts/UsersPermissionsContext/index.js +17 -0
  67. package/admin/src/hooks/index.js +5 -0
  68. package/admin/src/hooks/useFetchRole/index.js +55 -0
  69. package/admin/src/hooks/useFetchRole/reducer.js +31 -0
  70. package/admin/src/hooks/useForm/index.js +96 -0
  71. package/admin/src/hooks/useForm/reducer.js +59 -0
  72. package/admin/src/hooks/usePlugins/index.js +73 -0
  73. package/admin/src/hooks/usePlugins/init.js +5 -0
  74. package/admin/src/hooks/usePlugins/reducer.js +37 -0
  75. package/admin/src/hooks/useRolesList/index.js +62 -0
  76. package/admin/src/hooks/useRolesList/init.js +5 -0
  77. package/admin/src/hooks/useRolesList/reducer.js +31 -0
  78. package/admin/src/index.js +109 -0
  79. package/admin/src/permissions.js +33 -0
  80. package/admin/src/pluginId.js +5 -0
  81. package/admin/src/translations/ar.json +49 -0
  82. package/admin/src/translations/cs.json +55 -0
  83. package/admin/src/translations/de.json +68 -0
  84. package/admin/src/translations/dk.json +116 -0
  85. package/admin/src/translations/en.json +104 -0
  86. package/admin/src/translations/es.json +70 -0
  87. package/admin/src/translations/fr.json +55 -0
  88. package/admin/src/translations/id.json +69 -0
  89. package/admin/src/translations/index.js +55 -0
  90. package/admin/src/translations/it.json +68 -0
  91. package/admin/src/translations/ja.json +53 -0
  92. package/admin/src/translations/ko.json +55 -0
  93. package/admin/src/translations/ms.json +54 -0
  94. package/admin/src/translations/nl.json +53 -0
  95. package/admin/src/translations/pl.json +55 -0
  96. package/admin/src/translations/pt-BR.json +49 -0
  97. package/admin/src/translations/pt.json +53 -0
  98. package/admin/src/translations/ru.json +68 -0
  99. package/admin/src/translations/sk.json +57 -0
  100. package/admin/src/translations/sv.json +68 -0
  101. package/admin/src/translations/th.json +66 -0
  102. package/admin/src/translations/tr.json +53 -0
  103. package/admin/src/translations/uk.json +54 -0
  104. package/admin/src/translations/vi.json +55 -0
  105. package/admin/src/translations/zh-Hans.json +104 -0
  106. package/admin/src/translations/zh.json +53 -0
  107. package/admin/src/utils/cleanPermissions.js +25 -0
  108. package/admin/src/utils/formatPolicies.js +8 -0
  109. package/admin/src/utils/getRequestURL.js +5 -0
  110. package/admin/src/utils/getTrad.js +5 -0
  111. package/admin/src/utils/index.js +4 -0
  112. package/config/functions/bootstrap.js +234 -0
  113. package/config/layout.js +10 -0
  114. package/config/policies/isAuthenticated.js +9 -0
  115. package/config/policies/permissions.js +93 -0
  116. package/config/policies/rateLimit.js +33 -0
  117. package/config/request.json +6 -0
  118. package/config/routes.json +397 -0
  119. package/config/schema.graphql.js +280 -0
  120. package/config/security.json +5 -0
  121. package/config/users-permissions-actions.js +80 -0
  122. package/controllers/Auth.js +612 -0
  123. package/controllers/User.js +125 -0
  124. package/controllers/UsersPermissions.js +291 -0
  125. package/controllers/user/admin.js +224 -0
  126. package/controllers/user/api.js +173 -0
  127. package/controllers/validation/email-template.js +40 -0
  128. package/documentation/1.0.0/overrides/users-permissions-Role.json +281 -0
  129. package/documentation/1.0.0/overrides/users-permissions-User.json +325 -0
  130. package/middlewares/users-permissions/defaults.json +5 -0
  131. package/middlewares/users-permissions/index.js +40 -0
  132. package/models/Permission.js +7 -0
  133. package/models/Permission.settings.json +43 -0
  134. package/models/Role.js +7 -0
  135. package/models/Role.settings.json +42 -0
  136. package/models/User.config.js +15 -0
  137. package/models/User.js +7 -0
  138. package/models/User.settings.json +62 -0
  139. package/package.json +70 -0
  140. package/services/Jwt.js +65 -0
  141. package/services/Providers.js +596 -0
  142. package/services/User.js +167 -0
  143. package/services/UsersPermissions.js +416 -0
package/controllers/user/api.js ADDED
@@ -0,0 +1,173 @@
1
+ 'use strict';
2
+
3
+ const _ = require('lodash');
4
+ const { sanitizeEntity } = require('@akemona-org/strapi-utils');
5
+
6
+ const sanitizeUser = (user) =>
7
+ sanitizeEntity(user, {
8
+ model: strapi.query('user', 'users-permissions').model,
9
+ });
10
+
11
+ const formatError = (error) => [
12
+ { messages: [{ id: error.id, message: error.message, field: error.field }] },
13
+ ];
14
+
15
+ module.exports = {
16
+ /**
17
+ * Create a/an user record.
18
+ * @return {Object}
19
+ */
20
+ async create(ctx) {
21
+ const advanced = await strapi
22
+ .store({
23
+ environment: '',
24
+ type: 'plugin',
25
+ name: 'users-permissions',
26
+ key: 'advanced',
27
+ })
28
+ .get();
29
+
30
+ const { email, username, password, role } = ctx.request.body;
31
+
32
+ if (!email) return ctx.badRequest('missing.email');
33
+ if (!username) return ctx.badRequest('missing.username');
34
+ if (!password) return ctx.badRequest('missing.password');
35
+
36
+ const userWithSameUsername = await strapi
37
+ .query('user', 'users-permissions')
38
+ .findOne({ username });
39
+
40
+ if (userWithSameUsername) {
41
+ return ctx.badRequest(
42
+ null,
43
+ formatError({
44
+ id: 'Auth.form.error.username.taken',
45
+ message: 'Username already taken.',
46
+ field: ['username'],
47
+ })
48
+ );
49
+ }
50
+
51
+ if (advanced.unique_email) {
52
+ const userWithSameEmail = await strapi
53
+ .query('user', 'users-permissions')
54
+ .findOne({ email: email.toLowerCase() });
55
+
56
+ if (userWithSameEmail) {
57
+ return ctx.badRequest(
58
+ null,
59
+
60
+ formatError({
61
+ id: 'Auth.form.error.email.taken',
62
+ message: 'Email already taken.',
63
+ field: ['email'],
64
+ })
65
+ );
66
+ }
67
+ }
68
+
69
+ const user = {
70
+ ...ctx.request.body,
71
+ provider: 'local',
72
+ };
73
+
74
+ user.email = user.email.toLowerCase();
75
+
76
+ if (!role) {
77
+ const defaultRole = await strapi
78
+ .query('role', 'users-permissions')
79
+ .findOne({ type: advanced.default_role }, []);
80
+
81
+ user.role = defaultRole.id;
82
+ }
83
+
84
+ try {
85
+ const data = await strapi.plugins['users-permissions'].services.user.add(user);
86
+
87
+ ctx.created(sanitizeUser(data));
88
+ } catch (error) {
89
+ ctx.badRequest(null, formatError(error));
90
+ }
91
+ },
92
+ /**
93
+ * Update a/an user record.
94
+ * @return {Object}
95
+ */
96
+
97
+ async update(ctx) {
98
+ const advancedConfigs = await strapi
99
+ .store({
100
+ environment: '',
101
+ type: 'plugin',
102
+ name: 'users-permissions',
103
+ key: 'advanced',
104
+ })
105
+ .get();
106
+
107
+ const { id } = ctx.params;
108
+ const { email, username, password } = ctx.request.body;
109
+
110
+ const user = await strapi.plugins['users-permissions'].services.user.fetch({
111
+ id,
112
+ });
113
+
114
+ if (_.has(ctx.request.body, 'email') && !email) {
115
+ return ctx.badRequest('email.notNull');
116
+ }
117
+
118
+ if (_.has(ctx.request.body, 'username') && !username) {
119
+ return ctx.badRequest('username.notNull');
120
+ }
121
+
122
+ if (_.has(ctx.request.body, 'password') && !password && user.provider === 'local') {
123
+ return ctx.badRequest('password.notNull');
124
+ }
125
+
126
+ if (_.has(ctx.request.body, 'username')) {
127
+ const userWithSameUsername = await strapi
128
+ .query('user', 'users-permissions')
129
+ .findOne({ username });
130
+
131
+ if (userWithSameUsername && userWithSameUsername.id != id) {
132
+ return ctx.badRequest(
133
+ null,
134
+ formatError({
135
+ id: 'Auth.form.error.username.taken',
136
+ message: 'username.alreadyTaken.',
137
+ field: ['username'],
138
+ })
139
+ );
140
+ }
141
+ }
142
+
143
+ if (_.has(ctx.request.body, 'email') && advancedConfigs.unique_email) {
144
+ const userWithSameEmail = await strapi
145
+ .query('user', 'users-permissions')
146
+ .findOne({ email: email.toLowerCase() });
147
+
148
+ if (userWithSameEmail && userWithSameEmail.id != id) {
149
+ return ctx.badRequest(
150
+ null,
151
+ formatError({
152
+ id: 'Auth.form.error.email.taken',
153
+ message: 'Email already taken',
154
+ field: ['email'],
155
+ })
156
+ );
157
+ }
158
+ ctx.request.body.email = ctx.request.body.email.toLowerCase();
159
+ }
160
+
161
+ let updateData = {
162
+ ...ctx.request.body,
163
+ };
164
+
165
+ if (_.has(ctx.request.body, 'password') && password === user.password) {
166
+ delete updateData.password;
167
+ }
168
+
169
+ const data = await strapi.plugins['users-permissions'].services.user.edit({ id }, updateData);
170
+
171
+ ctx.send(sanitizeUser(data));
172
+ },
173
+ };
package/controllers/validation/email-template.js ADDED
@@ -0,0 +1,40 @@
1
+ 'use strict';
2
+
3
+ const _ = require('lodash');
4
+
5
+ const invalidPatternsRegexes = [/<%[^=]([^<>%]*)%>/m, /\${([^{}]*)}/m];
6
+ const authorizedKeys = ['URL', 'CODE', 'USER', 'USER.email', 'USER.username', 'TOKEN'];
7
+
8
+ const matchAll = (pattern, src) => {
9
+ const matches = [];
10
+ let match;
11
+
12
+ const regexPatternWithGlobal = RegExp(pattern, 'g');
13
+ while ((match = regexPatternWithGlobal.exec(src))) {
14
+ const [, group] = match;
15
+
16
+ matches.push(_.trim(group));
17
+ }
18
+ return matches;
19
+ };
20
+
21
+ const isValidEmailTemplate = template => {
22
+ for (let reg of invalidPatternsRegexes) {
23
+ if (reg.test(template)) {
24
+ return false;
25
+ }
26
+ }
27
+
28
+ const matches = matchAll(/<%=([^<>%=]*)%>/, template);
29
+ for (const match of matches) {
30
+ if (!authorizedKeys.includes(match)) {
31
+ return false;
32
+ }
33
+ }
34
+
35
+ return true;
36
+ };
37
+
38
+ module.exports = {
39
+ isValidEmailTemplate,
40
+ };
package/documentation/1.0.0/overrides/users-permissions-Role.json ADDED
@@ -0,0 +1,281 @@
1
+ {
2
+ "paths": {
3
+ "/users-permissions/init": {
4
+ "get": {
5
+ "responses": {
6
+ "200": {
7
+ "description": "Response",
8
+ "content": {
9
+ "application/json": {
10
+ "schema": {
11
+ "properties": {
12
+ "hasAdmin": {
13
+ "type": "boolean"
14
+ }
15
+ }
16
+ }
17
+ }
18
+ }
19
+ }
20
+ }
21
+ }
22
+ },
23
+ "/users-permissions/roles/{id}": {
24
+ "get": {
25
+ "responses": {
26
+ "200": {
27
+ "content": {
28
+ "application/json": {
29
+ "schema": {
30
+ "properties": {
31
+ "id": {
32
+ "type": "string"
33
+ },
34
+ "name": {
35
+ "type": "string",
36
+ "minLength": 3
37
+ },
38
+ "description": {
39
+ "type": "string"
40
+ },
41
+ "type": {
42
+ "type": "string"
43
+ },
44
+ "permissions": {
45
+ "type": "array",
46
+ "items": {
47
+ "required": ["id", "type", "controller", "action", "enabled"],
48
+ "properties": {
49
+ "id": {
50
+ "type": "string"
51
+ },
52
+ "type": {
53
+ "type": "string"
54
+ },
55
+ "controller": {
56
+ "type": "string"
57
+ },
58
+ "action": {
59
+ "type": "string"
60
+ },
61
+ "enabled": {
62
+ "type": "boolean"
63
+ },
64
+ "policy": {
65
+ "type": "string"
66
+ },
67
+ "role": {
68
+ "type": "string"
69
+ },
70
+ "created_by": {
71
+ "type": "string"
72
+ },
73
+ "updated_by": {
74
+ "type": "string"
75
+ }
76
+ }
77
+ }
78
+ },
79
+ "created_by": {
80
+ "required": ["id", "email"],
81
+ "properties": {
82
+ "id": {
83
+ "type": "string"
84
+ },
85
+ "firstname": {
86
+ "type": "string"
87
+ },
88
+ "lastname": {
89
+ "type": "string"
90
+ },
91
+ "username": {
92
+ "type": "string"
93
+ },
94
+ "email": {
95
+ "type": "string"
96
+ },
97
+ "password": {
98
+ "type": "string"
99
+ },
100
+ "resetPasswordToken": {
101
+ "type": "string"
102
+ },
103
+ "registrationToken": {
104
+ "type": "string"
105
+ },
106
+ "isActive": {
107
+ "type": "boolean"
108
+ },
109
+ "roles": {
110
+ "type": "array",
111
+ "items": {
112
+ "type": "string"
113
+ }
114
+ },
115
+ "blocked": {
116
+ "type": "boolean"
117
+ }
118
+ }
119
+ },
120
+ "updated_by": {
121
+ "required": ["id", "email"],
122
+ "properties": {
123
+ "id": {
124
+ "type": "string"
125
+ },
126
+ "firstname": {
127
+ "type": "string"
128
+ },
129
+ "lastname": {
130
+ "type": "string"
131
+ },
132
+ "username": {
133
+ "type": "string"
134
+ },
135
+ "email": {
136
+ "type": "string"
137
+ },
138
+ "password": {
139
+ "type": "string"
140
+ },
141
+ "resetPasswordToken": {
142
+ "type": "string"
143
+ },
144
+ "registrationToken": {
145
+ "type": "string"
146
+ },
147
+ "isActive": {
148
+ "type": "boolean"
149
+ },
150
+ "roles": {
151
+ "type": "array",
152
+ "items": {
153
+ "type": "string"
154
+ }
155
+ },
156
+ "blocked": {
157
+ "type": "boolean"
158
+ }
159
+ }
160
+ }
161
+ }
162
+ }
163
+ }
164
+ }
165
+ }
166
+ }
167
+ }
168
+ },
169
+ "/users-permissions/roles": {
170
+ "get": {
171
+ "responses": {
172
+ "200": {
173
+ "content": {
174
+ "application/json": {
175
+ "schema": {
176
+ "type": "array",
177
+ "items": {
178
+ "properties": {
179
+ "id": {
180
+ "type": "string"
181
+ },
182
+ "name": {
183
+ "type": "string",
184
+ "minLength": 3
185
+ },
186
+ "description": {
187
+ "type": "string"
188
+ },
189
+ "nb_users": {
190
+ "type": "integer"
191
+ },
192
+ "type": {
193
+ "type": "string"
194
+ },
195
+ "created_by": {
196
+ "required": ["id", "email"],
197
+ "properties": {
198
+ "id": {
199
+ "type": "string"
200
+ },
201
+ "firstname": {
202
+ "type": "string"
203
+ },
204
+ "lastname": {
205
+ "type": "string"
206
+ },
207
+ "username": {
208
+ "type": "string"
209
+ },
210
+ "email": {
211
+ "type": "string"
212
+ },
213
+ "password": {
214
+ "type": "string"
215
+ },
216
+ "resetPasswordToken": {
217
+ "type": "string"
218
+ },
219
+ "registrationToken": {
220
+ "type": "string"
221
+ },
222
+ "isActive": {
223
+ "type": "boolean"
224
+ },
225
+ "roles": {
226
+ "type": "array",
227
+ "items": {
228
+ "type": "string"
229
+ }
230
+ },
231
+ "blocked": {
232
+ "type": "boolean"
233
+ }
234
+ }
235
+ },
236
+ "updated_by": {
237
+ "required": ["id", "email"],
238
+ "properties": {
239
+ "id": {
240
+ "type": "string"
241
+ },
242
+ "firstname": {
243
+ "type": "string"
244
+ },
245
+ "lastname": {
246
+ "type": "string"
247
+ },
248
+ "username": {
249
+ "type": "string"
250
+ },
251
+ "email": {
252
+ "type": "string"
253
+ },
254
+ "password": {
255
+ "type": "string"
256
+ },
257
+ "isActive": {
258
+ "type": "boolean"
259
+ },
260
+ "roles": {
261
+ "type": "array",
262
+ "items": {
263
+ "type": "string"
264
+ }
265
+ },
266
+ "blocked": {
267
+ "type": "boolean"
268
+ }
269
+ }
270
+ }
271
+ }
272
+ }
273
+ }
274
+ }
275
+ }
276
+ }
277
+ }
278
+ }
279
+ }
280
+ }
281
+ }