@strapi/admin 4.11.4 → 4.12.0-beta.0

package/ee/admin/pages/SettingsPage/pages/ReviewWorkflows/reducer/index.js

@@ -4,20 +4,35 @@ import isEqual from 'lodash/isEqual';
 import {
   ACTION_ADD_STAGE,
   ACTION_DELETE_STAGE,
-  ACTION_SET_WORKFLOWS,
+  ACTION_RESET_WORKFLOW,
+  ACTION_SET_WORKFLOW,
   ACTION_UPDATE_STAGE,
   ACTION_UPDATE_STAGE_POSITION,
+  ACTION_UPDATE_WORKFLOW,
   STAGE_COLOR_DEFAULT,
 } from '../constants';
 
 export const initialState = {
   status: 'loading',
   serverState: {
-    currentWorkflow: null,
-    workflows: [],
+    workflow: null,
   },
   clientState: {
-    currentWorkflow: { data: null, isDirty: false, hasDeletedServerStages: false },
+    currentWorkflow: {
+      data: {
+        name: '',
+        contentTypes: [],
+        stages: [
+          {
+            color: STAGE_COLOR_DEFAULT,
+            name: '',
+            __temp_key__: 1,
+          },
+        ],
+      },
+      isDirty: false,
+      hasDeletedServerStages: false,
+    },
   },
 };
 
@@ -26,29 +41,31 @@ export function reducer(state = initialState, action) {
     const { payload } = action;
 
     switch (action.type) {
-      case ACTION_SET_WORKFLOWS: {
-        const { status, workflows } = payload;
+      case ACTION_SET_WORKFLOW: {
+        const { status, workflow } = payload;
 
         draft.status = status;
 
-        if (workflows?.length > 0) {
-          let defaultWorkflow = workflows[0];
-
-          // A safety net in case a stage does not have a color assigned;
-          // this normallly should not happen
-          defaultWorkflow = {
-            ...defaultWorkflow,
-            stages: defaultWorkflow.stages.map((stage) => ({
+        if (workflow) {
+          draft.serverState.workflow = workflow;
+          draft.clientState.currentWorkflow.data = {
+            ...workflow,
+            stages: workflow.stages.map((stage) => ({
               ...stage,
+              // A safety net in case a stage does not have a color assigned;
+              // this normallly should not happen
               color: stage?.color ?? STAGE_COLOR_DEFAULT,
             })),
           };
-
-          draft.serverState.workflows = workflows;
-          draft.serverState.currentWorkflow = defaultWorkflow;
-          draft.clientState.currentWorkflow.data = defaultWorkflow;
-          draft.clientState.currentWorkflow.hasDeletedServerStages = false;
         }
+
+        draft.clientState.currentWorkflow.hasDeletedServerStages = false;
+        break;
+      }
+
+      case ACTION_RESET_WORKFLOW: {
+        draft.clientState.currentWorkflow.data = initialState.clientState.currentWorkflow.data;
+        draft.serverState = initialState.serverState;
         break;
       }
 
@@ -61,8 +78,9 @@ export function reducer(state = initialState, action) {
         );
 
         if (!currentWorkflow.hasDeletedServerStages) {
-          draft.clientState.currentWorkflow.hasDeletedServerStages =
-            !!state.serverState.currentWorkflow.stages.find((stage) => stage.id === stageId);
+          draft.clientState.currentWorkflow.hasDeletedServerStages = !!(
+            state.serverState.currentWorkflow?.stages ?? []
+          ).find((stage) => stage.id === stageId);
         }
 
         break;
@@ -125,15 +143,27 @@ export function reducer(state = initialState, action) {
         break;
       }
 
+      case ACTION_UPDATE_WORKFLOW: {
+        draft.clientState.currentWorkflow.data = {
+          ...draft.clientState.currentWorkflow.data,
+          ...payload,
+        };
+
+        break;
+      }
+
       default:
         break;
     }
 
-    if (state.clientState.currentWorkflow.data) {
+    if (state.clientState.currentWorkflow.data && draft.serverState.workflow) {
       draft.clientState.currentWorkflow.isDirty = !isEqual(
         current(draft.clientState.currentWorkflow).data,
-        draft.serverState.currentWorkflow
+        draft.serverState.workflow
       );
+    } else {
+      // if there is no workflow on the server, the workflow is awalys considered dirty
+      draft.clientState.currentWorkflow.isDirty = true;
     }
   });
 }

package/ee/admin/pages/SettingsPage/pages/ReviewWorkflows/utils/getWorkflowValidationSchema.js

@@ -2,33 +2,48 @@ import * as yup from 'yup';
 
 export function getWorkflowValidationSchema({ formatMessage }) {
   return yup.object({
-    stages: yup.array().of(
-      yup.object().shape({
-        name: yup
-          .string()
-          .required(
-            formatMessage({
-              id: 'Settings.review-workflows.validation.stage.name',
-              defaultMessage: 'Name is required',
-            })
-          )
-          .max(
-            255,
-            formatMessage({
-              id: 'Settings.review-workflows.validation.stage.max-length',
-              defaultMessage: 'Name can not be longer than 255 characters',
-            })
-          ),
-        color: yup
-          .string()
-          .required(
-            formatMessage({
-              id: 'Settings.review-workflows.validation.stage.color',
-              defaultMessage: 'Color is required',
-            })
-          )
-          .matches(/^#(?:[0-9a-fA-F]{3}){1,2}$/i),
-      })
-    ),
+    contentTypes: yup.array().of(yup.string()),
+    name: yup
+      .string()
+      .max(
+        255,
+        formatMessage({
+          id: 'Settings.review-workflows.validation.name.max-length',
+          defaultMessage: 'Name can not be longer than 255 characters',
+        })
+      )
+      .required(),
+
+    stages: yup
+      .array()
+      .of(
+        yup.object().shape({
+          name: yup
+            .string()
+            .required(
+              formatMessage({
+                id: 'Settings.review-workflows.validation.stage.name',
+                defaultMessage: 'Name is required',
+              })
+            )
+            .max(
+              255,
+              formatMessage({
+                id: 'Settings.review-workflows.validation.stage.max-length',
+                defaultMessage: 'Name can not be longer than 255 characters',
+              })
+            ),
+          color: yup
+            .string()
+            .required(
+              formatMessage({
+                id: 'Settings.review-workflows.validation.stage.color',
+                defaultMessage: 'Color is required',
+              })
+            )
+            .matches(/^#(?:[0-9a-fA-F]{3}){1,2}$/i),
+        })
+      )
+      .min(1),
   });
 }

package/ee/admin/pages/SettingsPage/pages/Users/ListPage/CreateAction/index.js

@@ -10,8 +10,15 @@ import { useLicenseLimits } from '../../../../../../hooks';
 
 const CreateAction = ({ onClick }) => {
   const { formatMessage } = useIntl();
-  const { license } = useLicenseLimits();
-  const { permittedSeats, shouldStopCreate } = license?.data ?? {};
+  const {
+    license: { permittedSeats, shouldStopCreate },
+    isError,
+    isLoading,
+  } = useLicenseLimits();
+
+  if (isError || isLoading) {
+    return null;
+  }
 
   return (
     <Flex gap={2}>

package/ee/server/config/admin-actions.js

@@ -30,6 +30,30 @@ module.exports = {
     },
   ],
   reviewWorkflows: [
+    {
+      uid: 'review-workflows.create',
+      displayName: 'Create',
+      pluginName: 'admin',
+      section: 'settings',
+      category: 'review workflows',
+      subCategory: 'options',
+    },
+    {
+      uid: 'review-workflows.update',
+      displayName: 'Update',
+      pluginName: 'admin',
+      section: 'settings',
+      category: 'review workflows',
+      subCategory: 'options',
+    },
+    {
+      uid: 'review-workflows.delete',
+      displayName: 'Delete',
+      pluginName: 'admin',
+      section: 'settings',
+      category: 'review workflows',
+      subCategory: 'options',
+    },
     {
       uid: 'review-workflows.read',
       displayName: 'Read',

package/ee/server/constants/default-stages.json

@@ -1,14 +1,18 @@
 [
   {
-    "name": "To do"
+    "name": "To do",
+    "color": "#4945FF"
   },
   {
-    "name": "Ready to review"
+    "name": "Ready to review",
+    "color": "#9736E8"
   },
   {
-    "name": "In progress"
+    "name": "In progress",
+    "color": "#FF4945"
   },
   {
-    "name": "Reviewed"
+    "name": "Reviewed",
+    "color": "#328048"
   }
 ]

package/ee/server/constants/default-workflow.json

@@ -1 +1,3 @@
-{}
+{
+  "name": "Default"
+}

package/ee/server/constants/workflows.js

@@ -5,5 +5,14 @@ module.exports = {
   WORKFLOW_MODEL_UID: 'admin::workflow',
   STAGE_MODEL_UID: 'admin::workflow-stage',
   STAGE_DEFAULT_COLOR: '#4945FF',
-  ENTITY_STAGE_ATTRIBUTE: 'strapi_reviewWorkflows_stage',
+  ENTITY_STAGE_ATTRIBUTE: 'strapi_stage',
+  MAX_WORKFLOWS: 200,
+  MAX_STAGES_PER_WORKFLOW: 200,
+  ERRORS: {
+    WORKFLOW_WITHOUT_STAGES: 'A workflow must have at least one stage.',
+    WORKFLOWS_LIMIT:
+      'You’ve reached the limit of workflows in your plan. Delete a workflow or contact Sales to enable more workflows.',
+    STAGES_LIMIT:
+      'You’ve reached the limit of stages for this workflow in your plan. Try deleting some stages or contact Sales to enable more stages.',
+  },
 };

package/ee/server/content-types/workflow/index.js

@@ -20,12 +20,22 @@ module.exports = {
       },
     },
     attributes: {
+      name: {
+        type: 'string',
+        required: true,
+        unique: true,
+      },
       stages: {
         type: 'relation',
         target: 'admin::workflow-stage',
         relation: 'oneToMany',
         mappedBy: 'workflow',
       },
+      contentTypes: {
+        type: 'json',
+        required: true,
+        default: [],
+      },
     },
   },
 };

package/ee/server/content-types/workflow-stage/index.js

@@ -12,7 +12,9 @@ module.exports = {
       pluralName: 'workflow-stages',
       displayName: 'Stages',
     },
-    options: {},
+    options: {
+      version: '1.1.0',
+    },
     pluginOptions: {
       'content-manager': {
         visible: false,

package/ee/server/controllers/admin.js

@@ -42,6 +42,7 @@ module.exports = {
       shouldStopCreate: isNil(permittedSeats) ? false : currentActiveUserCount >= permittedSeats,
       licenseLimitStatus,
       isHostedOnStrapiCloud: env('STRAPI_HOSTING', null) === 'strapi.cloud',
+      features: ee.features.list() ?? [],
     };
 
     return { data };

package/ee/server/controllers/workflows/index.js

@@ -1,36 +1,163 @@
 'use strict';
 
+const { mapAsync } = require('@strapi/utils');
 const { getService } = require('../../utils');
 
+const {
+  validateWorkflowCreate,
+  validateWorkflowUpdate,
+} = require('../../validation/review-workflows');
+const { WORKFLOW_MODEL_UID } = require('../../constants/workflows');
+
+/**
+ *
+ * @param { Strapi } strapi - Strapi instance
+ * @param userAbility
+ * @return { PermissionChecker }
+ */
+function getWorkflowsPermissionChecker({ strapi }, userAbility) {
+  return strapi
+    .plugin('content-manager')
+    .service('permission-checker')
+    .create({ userAbility, model: WORKFLOW_MODEL_UID });
+}
+
 module.exports = {
   /**
-   * List all workflows
+   * Create a new workflow
    * @param {import('koa').BaseContext} ctx - koa context
    */
-  async find(ctx) {
-    const { populate } = ctx.query;
+  async create(ctx) {
+    const { body, query } = ctx.request;
+    const { sanitizeCreateInput, sanitizeOutput, sanitizedQuery } = getWorkflowsPermissionChecker(
+      { strapi },
+      ctx.state.userAbility
+    );
+    const { populate } = await sanitizedQuery.create(query);
+
+    const workflowBody = await validateWorkflowCreate(body.data);
+
+    const workflowService = getService('workflows');
+    const createdWorkflow = await workflowService.create({
+      data: await sanitizeCreateInput(workflowBody),
+      populate,
+    });
+
+    ctx.body = {
+      data: await sanitizeOutput(createdWorkflow),
+    };
+  },
+
+  /**
+   * Update a workflow
+   * @param {import('koa').BaseContext} ctx - koa context
+   */
+  async update(ctx) {
+    const { id } = ctx.params;
+    const { body, query } = ctx.request;
     const workflowService = getService('workflows');
-    const data = await workflowService.find({
+    const { sanitizeUpdateInput, sanitizeOutput, sanitizedQuery } = getWorkflowsPermissionChecker(
+      { strapi },
+      ctx.state.userAbility
+    );
+    const { populate } = await sanitizedQuery.update(query);
+
+    const workflowBody = await validateWorkflowUpdate(body.data);
+
+    const workflow = await workflowService.findById(id, { populate: ['stages'] });
+    if (!workflow) {
+      return ctx.notFound();
+    }
+    const getPermittedFieldToUpdate = sanitizeUpdateInput(workflow);
+
+    const dataToUpdate = await getPermittedFieldToUpdate(workflowBody);
+
+    const updatedWorkflow = await workflowService.update(workflow, {
+      data: dataToUpdate,
       populate,
     });
 
     ctx.body = {
-      data,
+      data: await sanitizeOutput(updatedWorkflow),
+    };
+  },
+
+  /**
+   * Delete a workflow
+   * @param {import('koa').BaseContext} ctx - koa context
+   */
+  async delete(ctx) {
+    const { id } = ctx.params;
+    const { query } = ctx.request;
+    const workflowService = getService('workflows');
+    const { sanitizeOutput, sanitizedQuery } = getWorkflowsPermissionChecker(
+      { strapi },
+      ctx.state.userAbility
+    );
+    const { populate } = await sanitizedQuery.delete(query);
+
+    const workflow = await workflowService.findById(id, { populate: ['stages'] });
+    if (!workflow) {
+      return ctx.notFound("Workflow doesn't exist");
+    }
+
+    const deletedWorkflow = await workflowService.delete(workflow, { populate });
+
+    ctx.body = {
+      data: await sanitizeOutput(deletedWorkflow),
+    };
+  },
+
+  /**
+   * List all workflows
+   * @param {import('koa').BaseContext} ctx - koa context
+   */
+  async find(ctx) {
+    const { query } = ctx.request;
+    const workflowService = getService('workflows');
+    const { sanitizeOutput, sanitizedQuery } = getWorkflowsPermissionChecker(
+      { strapi },
+      ctx.state.userAbility
+    );
+    const { populate, filters, sort } = await sanitizedQuery.read(query);
+
+    const [workflows, workflowCount] = await Promise.all([
+      workflowService.find({ populate, filters, sort }),
+      workflowService.count(),
+    ]);
+
+    ctx.body = {
+      data: await mapAsync(workflows, sanitizeOutput),
+      meta: {
+        workflowCount,
+      },
     };
   },
   /**
    * Get one workflow based on its id contained in request parameters
+   * Returns count of workflows in meta, used to prevent workflow edition when
+   * max workflow count is reached for the current plan
    * @param {import('koa').BaseContext} ctx - koa context
    */
   async findById(ctx) {
     const { id } = ctx.params;
-    const { populate } = ctx.query;
+    const { query } = ctx.request;
+    const { sanitizeOutput, sanitizedQuery } = getWorkflowsPermissionChecker(
+      { strapi },
+      ctx.state.userAbility
+    );
+    const { populate } = await sanitizedQuery.read(query);
 
     const workflowService = getService('workflows');
-    const data = await workflowService.findById(id, { populate });
+
+    const [workflow, workflowCount] = await Promise.all([
+      workflowService.findById(id, { populate }),
+      workflowService.count(),
+    ]);
 
     ctx.body = {
-      data,
+      data: await sanitizeOutput(workflow),
+      meta: { workflowCount },
     };
   },
 };

package/ee/server/controllers/workflows/stages/index.js

@@ -1,12 +1,24 @@
 'use strict';
 
-const { ApplicationError } = require('@strapi/utils').errors;
+const { mapAsync } = require('@strapi/utils');
 const { getService } = require('../../../utils');
-const { hasReviewWorkflow } = require('../../../utils/review-workflows');
-const {
-  validateUpdateStages,
-  validateUpdateStageOnEntity,
-} = require('../../../validation/review-workflows');
+const { validateUpdateStageOnEntity } = require('../../../validation/review-workflows');
+const { STAGE_MODEL_UID } = require('../../../constants/workflows');
+
+/**
+ *
+ * @param { Strapi } strapi - Strapi instance
+ * @param userAbility
+ * @return { (Stage) => SanitizedStage }
+ */
+function sanitizeStage({ strapi }, userAbility) {
+  const permissionChecker = strapi
+    .plugin('content-manager')
+    .service('permission-checker')
+    .create({ userAbility, model: STAGE_MODEL_UID });
+
+  return (entity) => permissionChecker.sanitizeOutput(entity);
+}
 
 module.exports = {
   /**
@@ -17,14 +29,15 @@ module.exports = {
     const { workflow_id: workflowId } = ctx.params;
     const { populate } = ctx.query;
     const stagesService = getService('stages');
+    const sanitizer = sanitizeStage({ strapi }, ctx.state.userAbility);
 
-    const data = await stagesService.find({
+    const stages = await stagesService.find({
       workflowId,
       populate,
     });
 
     ctx.body = {
-      data,
+      data: await mapAsync(stages, sanitizer),
     };
   },
   /**
@@ -35,36 +48,18 @@ module.exports = {
     const { id, workflow_id: workflowId } = ctx.params;
     const { populate } = ctx.query;
     const stagesService = getService('stages');
+    const sanitizer = sanitizeStage({ strapi }, ctx.state.userAbility);
 
-    const data = await stagesService.findById(id, {
+    const stage = await stagesService.findById(id, {
       workflowId,
       populate,
     });
 
     ctx.body = {
-      data,
+      data: await sanitizer(stage),
     };
   },
 
-  /**
-   * Replace all stages in a workflow
-   * @param {import('koa').BaseContext} ctx - koa context
-   *
-   */
-  async replace(ctx) {
-    const { workflow_id: workflowId } = ctx.params;
-    const stagesService = getService('stages');
-    const {
-      body: { data: stages },
-    } = ctx.request;
-
-    const stagesValidated = await validateUpdateStages(stages);
-
-    const data = await stagesService.replaceWorkflowStages(workflowId, stagesValidated);
-
-    ctx.body = { data };
-  },
-
   /**
    * Updates an entity's stage.
    * @async
@@ -80,23 +75,28 @@ module.exports = {
    */
   async updateEntity(ctx) {
     const stagesService = getService('stages');
+    const workflowService = getService('workflows');
+
     const { model_uid: modelUID, id: entityIdString } = ctx.params;
+    const { body } = ctx.request;
+
     const entityId = Number(entityIdString);
 
+    const { sanitizeOutput } = strapi
+      .plugin('content-manager')
+      .service('permission-checker')
+      .create({ userAbility: ctx.state.userAbility, model: modelUID });
+
     const { id: stageId } = await validateUpdateStageOnEntity(
-      ctx.request?.body?.data,
+      { id: Number(body?.data?.id) },
       'You should pass an id to the body of the put request.'
     );
 
-    if (!hasReviewWorkflow({ strapi }, modelUID)) {
-      throw new ApplicationError(`Review workflows is not activated on ${modelUID}.`);
-    }
-
-    // TODO When multiple workflows are possible, check if the stage is part of the right one
-    // Didn't need this today as their can only be one workflow
+    const workflow = await workflowService.assertContentTypeBelongsToWorkflow(modelUID);
+    workflowService.assertStageBelongsToWorkflow(stageId, workflow);
 
-    const data = await stagesService.updateEntity({ id: entityId, modelUID }, stageId);
+    const entity = await stagesService.updateEntity({ id: entityId, modelUID }, stageId);
 
-    ctx.body = { data };
+    ctx.body = { data: await sanitizeOutput(entity) };
   },
 };

package/ee/server/migrations/review-workflows-content-types.js

@@ -0,0 +1,29 @@
+'use strict';
+
+const { get, keys, pickBy, pipe } = require('lodash/fp');
+const { WORKFLOW_MODEL_UID } = require('../constants/workflows');
+
+async function migrateWorkflowsContentTypes({ oldContentTypes, contentTypes }) {
+  // Look for RW contentTypes attribute
+  const hadContentTypes = !!oldContentTypes?.[WORKFLOW_MODEL_UID]?.attributes?.contentTypes;
+  const hasContentTypes = !!contentTypes?.[WORKFLOW_MODEL_UID]?.attributes?.contentTypes;
+
+  if (!hadContentTypes && hasContentTypes) {
+    // Initialize contentTypes with an empty array and assign only to one
+    // workflow the Content Types which were using Review Workflow before.
+    await strapi.query(WORKFLOW_MODEL_UID).updateMany({ data: { contentTypes: [] } });
+
+    // Find Content Types which were using Review Workflow before
+    const contentTypes = pipe([pickBy(get('options.reviewWorkflows')), keys])(oldContentTypes);
+
+    if (contentTypes.length) {
+      // Update only one workflow with the contentTypes
+      // Before this release there was only one workflow, so this operation is safe.
+      await strapi
+        .query(WORKFLOW_MODEL_UID)
+        .update({ where: { id: { $notNull: true } }, data: { contentTypes } });
+    }
+  }
+}
+
+module.exports = migrateWorkflowsContentTypes;