npm - @akemona-org/strapi-plugin-users-permissions - Versions diffs - 3.7.0 - Mend

@akemona-org/strapi-plugin-users-permissions 3.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (143) hide show

package/LICENSE +22 -0
package/README.md +19 -0
package/admin/src/assets/images/logo.svg +1 -0
package/admin/src/components/BaselineAlignement/index.js +33 -0
package/admin/src/components/Bloc/index.js +10 -0
package/admin/src/components/BoundRoute/Components.js +78 -0
package/admin/src/components/BoundRoute/index.js +56 -0
package/admin/src/components/ContainerFluid/index.js +13 -0
package/admin/src/components/FormBloc/index.js +61 -0
package/admin/src/components/IntlInput/index.js +38 -0
package/admin/src/components/ListBaselineAlignment/index.js +8 -0
package/admin/src/components/ListRow/Components.js +74 -0
package/admin/src/components/ListRow/index.js +35 -0
package/admin/src/components/ModalForm/Wrapper.js +12 -0
package/admin/src/components/ModalForm/index.js +59 -0
package/admin/src/components/Permissions/ListWrapper.js +9 -0
package/admin/src/components/Permissions/PermissionRow/BaselineAlignment.js +7 -0
package/admin/src/components/Permissions/PermissionRow/CheckboxWrapper.js +37 -0
package/admin/src/components/Permissions/PermissionRow/RowStyle.js +28 -0
package/admin/src/components/Permissions/PermissionRow/SubCategory/ConditionsButtonWrapper.js +13 -0
package/admin/src/components/Permissions/PermissionRow/SubCategory/PolicyWrapper.js +8 -0
package/admin/src/components/Permissions/PermissionRow/SubCategory/SubCategoryWrapper.js +26 -0
package/admin/src/components/Permissions/PermissionRow/SubCategory/index.js +116 -0
package/admin/src/components/Permissions/PermissionRow/index.js +92 -0
package/admin/src/components/Permissions/index.js +44 -0
package/admin/src/components/Permissions/init.js +14 -0
package/admin/src/components/Permissions/reducer.js +27 -0
package/admin/src/components/Policies/Components.js +26 -0
package/admin/src/components/Policies/index.js +61 -0
package/admin/src/components/PrefixedIcon/index.js +27 -0
package/admin/src/components/Roles/EmptyRole/BaselineAlignment.js +7 -0
package/admin/src/components/Roles/EmptyRole/index.js +27 -0
package/admin/src/components/Roles/RoleListWrapper/index.js +17 -0
package/admin/src/components/Roles/RoleRow/RoleDescription.js +9 -0
package/admin/src/components/Roles/RoleRow/index.js +45 -0
package/admin/src/components/Roles/index.js +3 -0
package/admin/src/components/SizedInput/index.js +24 -0
package/admin/src/components/UsersPermissions/index.js +91 -0
package/admin/src/components/UsersPermissions/init.js +11 -0
package/admin/src/components/UsersPermissions/reducer.js +60 -0
package/admin/src/containers/AdvancedSettings/index.js +218 -0
package/admin/src/containers/AdvancedSettings/reducer.js +65 -0
package/admin/src/containers/AdvancedSettings/utils/form.js +52 -0
package/admin/src/containers/EmailTemplates/CustomTextInput.js +105 -0
package/admin/src/containers/EmailTemplates/Wrapper.js +36 -0
package/admin/src/containers/EmailTemplates/index.js +222 -0
package/admin/src/containers/EmailTemplates/reducer.js +58 -0
package/admin/src/containers/EmailTemplates/utils/forms.js +81 -0
package/admin/src/containers/EmailTemplates/utils/schema.js +25 -0
package/admin/src/containers/Providers/index.js +283 -0
package/admin/src/containers/Providers/reducer.js +54 -0
package/admin/src/containers/Providers/utils/createProvidersArray.js +21 -0
package/admin/src/containers/Providers/utils/forms.js +205 -0
package/admin/src/containers/Roles/CreatePage/index.js +167 -0
package/admin/src/containers/Roles/CreatePage/utils/schema.js +9 -0
package/admin/src/containers/Roles/EditPage/index.js +161 -0
package/admin/src/containers/Roles/EditPage/utils/schema.js +9 -0
package/admin/src/containers/Roles/ListPage/BaselineAlignment.js +8 -0
package/admin/src/containers/Roles/ListPage/index.js +188 -0
package/admin/src/containers/Roles/ProtectedCreatePage/index.js +12 -0
package/admin/src/containers/Roles/ProtectedEditPage/index.js +12 -0
package/admin/src/containers/Roles/ProtectedListPage/index.js +15 -0
package/admin/src/containers/Roles/index.js +35 -0
package/admin/src/contexts/EditPage/index.js +26 -0
package/admin/src/contexts/HomePage/index.js +27 -0
package/admin/src/contexts/UsersPermissionsContext/index.js +17 -0
package/admin/src/hooks/index.js +5 -0
package/admin/src/hooks/useFetchRole/index.js +55 -0
package/admin/src/hooks/useFetchRole/reducer.js +31 -0
package/admin/src/hooks/useForm/index.js +96 -0
package/admin/src/hooks/useForm/reducer.js +59 -0
package/admin/src/hooks/usePlugins/index.js +73 -0
package/admin/src/hooks/usePlugins/init.js +5 -0
package/admin/src/hooks/usePlugins/reducer.js +37 -0
package/admin/src/hooks/useRolesList/index.js +62 -0
package/admin/src/hooks/useRolesList/init.js +5 -0
package/admin/src/hooks/useRolesList/reducer.js +31 -0
package/admin/src/index.js +109 -0
package/admin/src/permissions.js +33 -0
package/admin/src/pluginId.js +5 -0
package/admin/src/translations/ar.json +49 -0
package/admin/src/translations/cs.json +55 -0
package/admin/src/translations/de.json +68 -0
package/admin/src/translations/dk.json +116 -0
package/admin/src/translations/en.json +104 -0
package/admin/src/translations/es.json +70 -0
package/admin/src/translations/fr.json +55 -0
package/admin/src/translations/id.json +69 -0
package/admin/src/translations/index.js +55 -0
package/admin/src/translations/it.json +68 -0
package/admin/src/translations/ja.json +53 -0
package/admin/src/translations/ko.json +55 -0
package/admin/src/translations/ms.json +54 -0
package/admin/src/translations/nl.json +53 -0
package/admin/src/translations/pl.json +55 -0
package/admin/src/translations/pt-BR.json +49 -0
package/admin/src/translations/pt.json +53 -0
package/admin/src/translations/ru.json +68 -0
package/admin/src/translations/sk.json +57 -0
package/admin/src/translations/sv.json +68 -0
package/admin/src/translations/th.json +66 -0
package/admin/src/translations/tr.json +53 -0
package/admin/src/translations/uk.json +54 -0
package/admin/src/translations/vi.json +55 -0
package/admin/src/translations/zh-Hans.json +104 -0
package/admin/src/translations/zh.json +53 -0
package/admin/src/utils/cleanPermissions.js +25 -0
package/admin/src/utils/formatPolicies.js +8 -0
package/admin/src/utils/getRequestURL.js +5 -0
package/admin/src/utils/getTrad.js +5 -0
package/admin/src/utils/index.js +4 -0
package/config/functions/bootstrap.js +234 -0
package/config/layout.js +10 -0
package/config/policies/isAuthenticated.js +9 -0
package/config/policies/permissions.js +93 -0
package/config/policies/rateLimit.js +33 -0
package/config/request.json +6 -0
package/config/routes.json +397 -0
package/config/schema.graphql.js +280 -0
package/config/security.json +5 -0
package/config/users-permissions-actions.js +80 -0
package/controllers/Auth.js +612 -0
package/controllers/User.js +125 -0
package/controllers/UsersPermissions.js +291 -0
package/controllers/user/admin.js +224 -0
package/controllers/user/api.js +173 -0
package/controllers/validation/email-template.js +40 -0
package/documentation/1.0.0/overrides/users-permissions-Role.json +281 -0
package/documentation/1.0.0/overrides/users-permissions-User.json +325 -0
package/middlewares/users-permissions/defaults.json +5 -0
package/middlewares/users-permissions/index.js +40 -0
package/models/Permission.js +7 -0
package/models/Permission.settings.json +43 -0
package/models/Role.js +7 -0
package/models/Role.settings.json +42 -0
package/models/User.config.js +15 -0
package/models/User.js +7 -0
package/models/User.settings.json +62 -0
package/package.json +70 -0
package/services/Jwt.js +65 -0
package/services/Providers.js +596 -0
package/services/User.js +167 -0
package/services/UsersPermissions.js +416 -0

package/services/User.js ADDED Viewed

@@ -0,0 +1,167 @@
+'use strict';
+/**
+ * User.js service
+ *
+ * @description: A set of functions similar to controller's actions to avoid code duplication.
+ */
+const crypto = require('crypto');
+const bcrypt = require('bcryptjs');
+const { sanitizeEntity, getAbsoluteServerUrl } = require('@akemona-org/strapi-utils');
+module.exports = {
+  /**
+   * Promise to count users
+   *
+   * @return {Promise}
+   */
+  count(params) {
+    return strapi.query('user', 'users-permissions').count(params);
+  },
+  /**
+   * Promise to search count users
+   *
+   * @return {Promise}
+   */
+  countSearch(params) {
+    return strapi.query('user', 'users-permissions').countSearch(params);
+  },
+  /**
+   * Promise to add a/an user.
+   * @return {Promise}
+   */
+  async add(values) {
+    if (values.password) {
+      values.password = await strapi.plugins['users-permissions'].services.user.hashPassword(
+        values
+      );
+    }
+    return strapi.query('user', 'users-permissions').create(values);
+  },
+  /**
+   * Promise to edit a/an user.
+   * @return {Promise}
+   */
+  async edit(params, values) {
+    if (values.password) {
+      values.password = await strapi.plugins['users-permissions'].services.user.hashPassword(
+        values
+      );
+    }
+    return strapi.query('user', 'users-permissions').update(params, values);
+  },
+  /**
+   * Promise to fetch a/an user.
+   * @return {Promise}
+   */
+  fetch(params, populate) {
+    return strapi.query('user', 'users-permissions').findOne(params, populate);
+  },
+  /**
+   * Promise to fetch authenticated user.
+   * @return {Promise}
+   */
+  fetchAuthenticatedUser(id) {
+    return strapi.query('user', 'users-permissions').findOne({ id }, ['role']);
+  },
+  /**
+   * Promise to fetch all users.
+   * @return {Promise}
+   */
+  fetchAll(params, populate) {
+    return strapi.query('user', 'users-permissions').find(params, populate);
+  },
+  hashPassword(user = {}) {
+    return new Promise((resolve, reject) => {
+      if (!user.password || this.isHashed(user.password)) {
+        resolve(null);
+      } else {
+        bcrypt.hash(`${user.password}`, 10, (err, hash) => {
+          if (err) {
+            return reject(err);
+          }
+          resolve(hash);
+        });
+      }
+    });
+  },
+  isHashed(password) {
+    if (typeof password !== 'string' || !password) {
+      return false;
+    }
+    return password.split('$').length === 4;
+  },
+  /**
+   * Promise to remove a/an user.
+   * @return {Promise}
+   */
+  async remove(params) {
+    return strapi.query('user', 'users-permissions').delete(params);
+  },
+  async removeAll(params) {
+    return strapi.query('user', 'users-permissions').delete(params);
+  },
+  validatePassword(password, hash) {
+    return bcrypt.compare(password, hash);
+  },
+  async sendConfirmationEmail(user) {
+    const userPermissionService = strapi.plugins['users-permissions'].services.userspermissions;
+    const pluginStore = await strapi.store({
+      environment: '',
+      type: 'plugin',
+      name: 'users-permissions',
+    });
+    const settings = await pluginStore
+      .get({ key: 'email' })
+      .then((storeEmail) => storeEmail['email_confirmation'].options);
+    const userInfo = sanitizeEntity(user, {
+      model: strapi.query('user', 'users-permissions').model,
+    });
+    const confirmationToken = crypto.randomBytes(20).toString('hex');
+    await this.edit({ id: user.id }, { confirmationToken });
+    settings.message = await userPermissionService.template(settings.message, {
+      URL: `${getAbsoluteServerUrl(strapi.config)}/auth/email-confirmation`,
+      USER: userInfo,
+      CODE: confirmationToken,
+    });
+    settings.object = await userPermissionService.template(settings.object, { USER: userInfo });
+    // Send an email to the user.
+    await strapi.plugins['email'].services.email.send({
+      to: user.email,
+      from:
+        settings.from.email && settings.from.name
+          ? `${settings.from.name} <${settings.from.email}>`
+          : undefined,
+      replyTo: settings.response_email,
+      subject: settings.object,
+      text: settings.message,
+      html: settings.message,
+    });
+  },
+};

package/services/UsersPermissions.js ADDED Viewed

@@ -0,0 +1,416 @@
+'use strict';
+const _ = require('lodash');
+const request = require('request');
+/**
+ * UsersPermissions.js service
+ *
+ * @description: A set of functions similar to controller's actions to avoid code duplication.
+ */
+const DEFAULT_PERMISSIONS = [
+  { action: 'admincallback', controller: 'auth', type: 'users-permissions', roleType: 'public' },
+  { action: 'adminregister', controller: 'auth', type: 'users-permissions', roleType: 'public' },
+  { action: 'callback', controller: 'auth', type: 'users-permissions', roleType: 'public' },
+  { action: 'connect', controller: 'auth', type: 'users-permissions', roleType: null },
+  { action: 'forgotpassword', controller: 'auth', type: 'users-permissions', roleType: 'public' },
+  { action: 'register', controller: 'auth', type: 'users-permissions', roleType: 'public' },
+  {
+    action: 'emailconfirmation',
+    controller: 'auth',
+    type: 'users-permissions',
+    roleType: 'public',
+  },
+  { action: 'resetpassword', controller: 'auth', type: 'users-permissions', roleType: 'public' },
+  { action: 'init', controller: 'userspermissions', type: null, roleType: null },
+  { action: 'me', controller: 'user', type: 'users-permissions', roleType: null },
+  { action: 'autoreload', controller: null, type: null, roleType: null },
+];
+const isPermissionEnabled = (permission, role) =>
+  DEFAULT_PERMISSIONS.some(
+    defaultPerm =>
+      (defaultPerm.action === null || permission.action === defaultPerm.action) &&
+      (defaultPerm.controller === null || permission.controller === defaultPerm.controller) &&
+      (defaultPerm.type === null || permission.type === defaultPerm.type) &&
+      (defaultPerm.roleType === null || role.type === defaultPerm.roleType)
+  );
+module.exports = {
+  async createRole(params) {
+    if (!params.type) {
+      params.type = _.snakeCase(_.deburr(_.toLower(params.name)));
+    }
+    const role = await strapi
+      .query('role', 'users-permissions')
+      .create(_.omit(params, ['users', 'permissions']));
+    const arrayOfPromises = Object.keys(params.permissions || {}).reduce((acc, type) => {
+      Object.keys(params.permissions[type].controllers).forEach(controller => {
+        Object.keys(params.permissions[type].controllers[controller]).forEach(action => {
+          acc.push(
+            strapi.query('permission', 'users-permissions').create({
+              role: role.id,
+              type,
+              controller,
+              action: action.toLowerCase(),
+              ...params.permissions[type].controllers[controller][action],
+            })
+          );
+        });
+      });
+      return acc;
+    }, []);
+    // Use Content Manager business logic to handle relation.
+    if (params.users && params.users.length > 0)
+      arrayOfPromises.push(
+        strapi.query('role', 'users-permissions').update(
+          {
+            id: role.id,
+          },
+          { users: params.users }
+        )
+      );
+    return await Promise.all(arrayOfPromises);
+  },
+  async deleteRole(roleID, publicRoleID) {
+    const role = await strapi
+      .query('role', 'users-permissions')
+      .findOne({ id: roleID }, ['users', 'permissions']);
+    if (!role) {
+      throw new Error('Cannot find this role');
+    }
+    // Move users to guest role.
+    const arrayOfPromises = role.users.reduce((acc, user) => {
+      acc.push(
+        strapi.query('user', 'users-permissions').update(
+          {
+            id: user.id,
+          },
+          {
+            role: publicRoleID,
+          }
+        )
+      );
+      return acc;
+    }, []);
+    // Remove permissions related to this role.
+    role.permissions.forEach(permission => {
+      arrayOfPromises.push(
+        strapi.query('permission', 'users-permissions').delete({
+          id: permission.id,
+        })
+      );
+    });
+    // Delete the role.
+    arrayOfPromises.push(strapi.query('role', 'users-permissions').delete({ id: roleID }));
+    return await Promise.all(arrayOfPromises);
+  },
+  getPlugins(lang = 'en') {
+    return new Promise(resolve => {
+      request(
+        {
+          uri: `https://marketplace.strapi.io/plugins?lang=${lang}`,
+          json: true,
+          timeout: 3000,
+          headers: {
+            'cache-control': 'max-age=3600',
+          },
+        },
+        (err, response, body) => {
+          if (err || response.statusCode !== 200) {
+            return resolve([]);
+          }
+          resolve(body);
+        }
+      );
+    });
+  },
+  getActions() {
+    const generateActions = data =>
+      Object.keys(data).reduce((acc, key) => {
+        if (_.isFunction(data[key])) {
+          acc[key] = { enabled: false, policy: '' };
+        }
+        return acc;
+      }, {});
+    const appControllers = Object.keys(strapi.api || {})
+      .filter(key => !!strapi.api[key].controllers)
+      .reduce(
+        (acc, key) => {
+          Object.keys(strapi.api[key].controllers).forEach(controller => {
+            acc.controllers[controller] = generateActions(strapi.api[key].controllers[controller]);
+          });
+          return acc;
+        },
+        { controllers: {} }
+      );
+    const pluginsPermissions = Object.keys(strapi.plugins).reduce((acc, key) => {
+      const initialState = {
+        controllers: {},
+      };
+      acc[key] = Object.keys(strapi.plugins[key].controllers).reduce((obj, k) => {
+        obj.controllers[k] = generateActions(strapi.plugins[key].controllers[k]);
+        return obj;
+      }, initialState);
+      return acc;
+    }, {});
+    const permissions = {
+      application: {
+        controllers: appControllers.controllers,
+      },
+    };
+    return _.merge(permissions, pluginsPermissions);
+  },
+  async getRole(roleID, plugins) {
+    const role = await strapi
+      .query('role', 'users-permissions')
+      .findOne({ id: roleID }, ['permissions']);
+    if (!role) {
+      throw new Error('Cannot find this role');
+    }
+    // Group by `type`.
+    const permissions = role.permissions.reduce((acc, permission) => {
+      _.set(acc, `${permission.type}.controllers.${permission.controller}.${permission.action}`, {
+        enabled: _.toNumber(permission.enabled) == true,
+        policy: permission.policy,
+      });
+      if (permission.type !== 'application' && !acc[permission.type].information) {
+        acc[permission.type].information =
+          plugins.find(plugin => plugin.id === permission.type) || {};
+      }
+      return acc;
+    }, {});
+    return {
+      ...role,
+      permissions,
+    };
+  },
+  async getRoles() {
+    const roles = await strapi.query('role', 'users-permissions').find({ _sort: 'name' }, []);
+    for (let i = 0; i < roles.length; ++i) {
+      roles[i].nb_users = await strapi
+        .query('user', 'users-permissions')
+        .count({ role: roles[i].id });
+    }
+    return roles;
+  },
+  async getRoutes() {
+    const routes = Object.keys(strapi.api || {}).reduce((acc, current) => {
+      return acc.concat(_.get(strapi.api[current].config, 'routes', []));
+    }, []);
+    const clonedPlugins = _.cloneDeep(strapi.plugins);
+    const pluginsRoutes = Object.keys(clonedPlugins || {}).reduce((acc, current) => {
+      const routes = _.get(clonedPlugins, [current, 'config', 'routes'], []).reduce((acc, curr) => {
+        const prefix = curr.config.prefix;
+        const path = prefix !== undefined ? `${prefix}${curr.path}` : `/${current}${curr.path}`;
+        _.set(curr, 'path', path);
+        return acc.concat(curr);
+      }, []);
+      acc[current] = routes;
+      return acc;
+    }, {});
+    return _.merge({ application: routes }, pluginsRoutes);
+  },
+  async updatePermissions() {
+    const { primaryKey } = strapi.query('permission', 'users-permissions');
+    const roles = await strapi.query('role', 'users-permissions').find({}, []);
+    const rolesMap = roles.reduce((map, role) => ({ ...map, [role[primaryKey]]: role }), {});
+    const dbPermissions = await strapi
+      .query('permission', 'users-permissions')
+      .find({ _limit: -1 });
+    let permissionsFoundInDB = dbPermissions.map(
+      p => `${p.type}.${p.controller}.${p.action}.${p.role[primaryKey]}`
+    );
+    permissionsFoundInDB = _.uniq(permissionsFoundInDB);
+    // Aggregate first level actions.
+    const appActions = Object.keys(strapi.api || {}).reduce((acc, api) => {
+      Object.keys(_.get(strapi.api[api], 'controllers', {})).forEach(controller => {
+        const actions = Object.keys(strapi.api[api].controllers[controller])
+          .filter(action => _.isFunction(strapi.api[api].controllers[controller][action]))
+          .map(action => `application.${controller}.${action.toLowerCase()}`);
+        acc = acc.concat(actions);
+      });
+      return acc;
+    }, []);
+    // Aggregate plugins' actions.
+    const pluginsActions = Object.keys(strapi.plugins).reduce((acc, plugin) => {
+      Object.keys(strapi.plugins[plugin].controllers).forEach(controller => {
+        const actions = Object.keys(strapi.plugins[plugin].controllers[controller])
+          .filter(action => _.isFunction(strapi.plugins[plugin].controllers[controller][action]))
+          .map(action => `${plugin}.${controller}.${action.toLowerCase()}`);
+        acc = acc.concat(actions);
+      });
+      return acc;
+    }, []);
+    const actionsFoundInFiles = appActions.concat(pluginsActions);
+    // create permissions for each role
+    let permissionsFoundInFiles = actionsFoundInFiles.reduce(
+      (acc, action) => [...acc, ...roles.map(role => `${action}.${role[primaryKey]}`)],
+      []
+    );
+    permissionsFoundInFiles = _.uniq(permissionsFoundInFiles);
+    // Compare to know if actions have been added or removed from controllers.
+    if (!_.isEqual(permissionsFoundInDB.sort(), permissionsFoundInFiles.sort())) {
+      const splitted = str => {
+        const [type, controller, action, roleId] = str.split('.');
+        return { type, controller, action, roleId };
+      };
+      // We have to know the difference to add or remove the permissions entries in the database.
+      const toRemove = _.difference(permissionsFoundInDB, permissionsFoundInFiles).map(splitted);
+      const toAdd = _.difference(permissionsFoundInFiles, permissionsFoundInDB).map(splitted);
+      const query = strapi.query('permission', 'users-permissions');
+      // Execute request to update entries in database for each role.
+      await Promise.all(
+        toAdd.map(permission =>
+          query.create({
+            type: permission.type,
+            controller: permission.controller,
+            action: permission.action,
+            enabled: isPermissionEnabled(permission, rolesMap[permission.roleId]),
+            policy: '',
+            role: permission.roleId,
+          })
+        )
+      );
+      await Promise.all(
+        toRemove.map(permission => {
+          const { type, controller, action, roleId: role } = permission;
+          return query.delete({ type, controller, action, role });
+        })
+      );
+    }
+  },
+  async initialize() {
+    const roleCount = await strapi.query('role', 'users-permissions').count();
+    if (roleCount === 0) {
+      await strapi.query('role', 'users-permissions').create({
+        name: 'Authenticated',
+        description: 'Default role given to authenticated user.',
+        type: 'authenticated',
+      });
+      await strapi.query('role', 'users-permissions').create({
+        name: 'Public',
+        description: 'Default role given to unauthenticated user.',
+        type: 'public',
+      });
+    }
+    return this.updatePermissions();
+  },
+  async updateRole(roleID, body) {
+    const [role, authenticated] = await Promise.all([
+      this.getRole(roleID, []),
+      strapi.query('role', 'users-permissions').findOne({ type: 'authenticated' }, []),
+    ]);
+    await strapi
+      .query('role', 'users-permissions')
+      .update({ id: roleID }, _.pick(body, ['name', 'description']));
+    await Promise.all(
+      Object.keys(body.permissions || {}).reduce((acc, type) => {
+        Object.keys(body.permissions[type].controllers).forEach(controller => {
+          Object.keys(body.permissions[type].controllers[controller]).forEach(action => {
+            const bodyAction = body.permissions[type].controllers[controller][action];
+            const currentAction = _.get(
+              role.permissions,
+              `${type}.controllers.${controller}.${action}`,
+              {}
+            );
+            if (!_.isEqual(bodyAction, currentAction)) {
+              acc.push(
+                strapi.query('permission', 'users-permissions').update(
+                  {
+                    role: roleID,
+                    type,
+                    controller,
+                    action: action.toLowerCase(),
+                  },
+                  bodyAction
+                )
+              );
+            }
+          });
+        });
+        return acc;
+      }, [])
+    );
+    // Add user to this role.
+    const newUsers = _.differenceBy(body.users, role.users, 'id');
+    await Promise.all(newUsers.map(user => this.updateUserRole(user, roleID)));
+    const oldUsers = _.differenceBy(role.users, body.users, 'id');
+    await Promise.all(oldUsers.map(user => this.updateUserRole(user, authenticated.id)));
+  },
+  async updateUserRole(user, role) {
+    return strapi.query('user', 'users-permissions').update({ id: user.id }, { role });
+  },
+  template(layout, data) {
+    const compiledObject = _.template(layout);
+    return compiledObject(data);
+  },
+};