@strapi/admin 4.14.1 → 4.14.3

package/dist/server/services/token.d.ts

@@ -0,0 +1,35 @@
+import type { AdminUser } from '../domain/user';
+export type TokenOptions = {
+    expiresIn?: string;
+    [key: string]: unknown;
+};
+export type AdminAuthConfig = {
+    secret: string;
+    options: TokenOptions;
+};
+declare const getTokenOptions: () => {
+    secret: string;
+    options: {
+        expiresIn: string;
+    } & TokenOptions;
+};
+/**
+ * Create a random token
+ */
+declare const createToken: () => string;
+/**
+ * Creates a JWT token for an administration user
+ * @param user - admin user
+ */
+declare const createJwtToken: (user: AdminUser) => string;
+/**
+ * Tries to decode a token an return its payload and if it is valid
+ * @param token - a token to decode
+ * @return decodeInfo - the decoded info
+ */
+declare const decodeJwtToken: (token: string) => {
+    payload: unknown;
+    isValid: boolean;
+};
+declare const checkSecretIsDefined: () => void;
+export { createToken, createJwtToken, getTokenOptions, decodeJwtToken, checkSecretIsDefined };

package/dist/server/services/token.js

@@ -0,0 +1,58 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkSecretIsDefined = exports.decodeJwtToken = exports.getTokenOptions = exports.createJwtToken = exports.createToken = void 0;
+const crypto_1 = __importDefault(require("crypto"));
+const lodash_1 = __importDefault(require("lodash"));
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const defaultJwtOptions = { expiresIn: '30d' };
+const getTokenOptions = () => {
+    const { options, secret } = strapi.config.get('admin.auth', {});
+    return {
+        secret,
+        options: lodash_1.default.merge(defaultJwtOptions, options),
+    };
+};
+exports.getTokenOptions = getTokenOptions;
+/**
+ * Create a random token
+ */
+const createToken = () => {
+    return crypto_1.default.randomBytes(20).toString('hex');
+};
+exports.createToken = createToken;
+/**
+ * Creates a JWT token for an administration user
+ * @param user - admin user
+ */
+const createJwtToken = (user) => {
+    const { options, secret } = getTokenOptions();
+    return jsonwebtoken_1.default.sign({ id: user.id }, secret, options);
+};
+exports.createJwtToken = createJwtToken;
+/**
+ * Tries to decode a token an return its payload and if it is valid
+ * @param token - a token to decode
+ * @return decodeInfo - the decoded info
+ */
+const decodeJwtToken = (token) => {
+    const { secret } = getTokenOptions();
+    try {
+        const payload = jsonwebtoken_1.default.verify(token, secret);
+        return { payload, isValid: true };
+    }
+    catch (err) {
+        return { payload: null, isValid: false };
+    }
+};
+exports.decodeJwtToken = decodeJwtToken;
+const checkSecretIsDefined = () => {
+    if (strapi.config.serveAdminPanel && !strapi.config.get('admin.auth.secret')) {
+        throw new Error(`Missing auth.secret. Please set auth.secret in config/admin.js (ex: you can generate one using Node with \`crypto.randomBytes(16).toString('base64')\`).
+For security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);
+    }
+};
+exports.checkSecretIsDefined = checkSecretIsDefined;
+//# sourceMappingURL=token.js.map

package/dist/server/services/token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.js","sourceRoot":"","sources":["../../../server/src/services/token.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA4B;AAC5B,oDAAuB;AACvB,gEAA+B;AAG/B,MAAM,iBAAiB,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;AAY/C,MAAM,eAAe,GAAG,GAAG,EAAE;IAC3B,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAC3C,YAAY,EACZ,EAAqB,CACtB,CAAC;IAEF,OAAO;QACL,MAAM;QACN,OAAO,EAAE,gBAAC,CAAC,KAAK,CAAC,iBAAiB,EAAE,OAAO,CAAC;KAC7C,CAAC;AACJ,CAAC,CAAC;AA4CoC,0CAAe;AA1CrD;;GAEG;AACH,MAAM,WAAW,GAAG,GAAW,EAAE;IAC/B,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAChD,CAAC,CAAC;AAqCO,kCAAW;AAnCpB;;;GAGG;AACH,MAAM,cAAc,GAAG,CAAC,IAAe,EAAE,EAAE;IACzC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC;IAE9C,OAAO,sBAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;AACpD,CAAC,CAAC;AA2BoB,wCAAc;AAzBpC;;;;GAIG;AACH,MAAM,cAAc,GAAG,CAAC,KAAa,EAA0C,EAAE;IAC/E,MAAM,EAAE,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC;IAErC,IAAI;QACF,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;KACnC;IAAC,OAAO,GAAG,EAAE;QACZ,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;KAC1C;AACH,CAAC,CAAC;AAWqD,wCAAc;AATrE,MAAM,oBAAoB,GAAG,GAAG,EAAE;IAChC,IAAI,MAAM,CAAC,MAAM,CAAC,eAAe,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAAE;QAC5E,MAAM,IAAI,KAAK,CACb;wQACkQ,CACnQ,CAAC;KACH;AACH,CAAC,CAAC;AAEqE,oDAAoB"}

package/dist/server/services/transfer/index.d.ts

@@ -0,0 +1,4 @@
+import * as permission from './permission';
+import * as token from './token';
+import * as utils from './utils';
+export { permission, token, utils };

package/dist/server/services/transfer/index.js

@@ -0,0 +1,33 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.utils = exports.token = exports.permission = void 0;
+const permission = __importStar(require("./permission"));
+exports.permission = permission;
+const token = __importStar(require("./token"));
+exports.token = token;
+const utils = __importStar(require("./utils"));
+exports.utils = utils;
+//# sourceMappingURL=index.js.map

package/dist/server/services/transfer/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../server/src/services/transfer/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yDAA2C;AAIlC,gCAAU;AAHnB,+CAAiC;AAGZ,sBAAK;AAF1B,+CAAiC;AAEL,sBAAK"}

package/dist/server/services/transfer/permission.d.ts

@@ -0,0 +1,6 @@
+declare const providers: {
+    action: import("@strapi/utils/dist/provider-factory").Provider;
+    condition: import("@strapi/utils/dist/provider-factory").Provider;
+};
+declare const engine: import("@strapi/permissions/dist/engine").Engine;
+export { engine, providers };

package/dist/server/services/transfer/permission.js

@@ -0,0 +1,20 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.providers = exports.engine = void 0;
+const permissions_1 = __importDefault(require("@strapi/permissions"));
+const utils_1 = require("@strapi/utils");
+const DEFAULT_TRANSFER_ACTIONS = ['push', 'pull'];
+const providers = {
+    action: (0, utils_1.providerFactory)(),
+    condition: (0, utils_1.providerFactory)(),
+};
+exports.providers = providers;
+DEFAULT_TRANSFER_ACTIONS.forEach((action) => {
+    providers.action.register(action, { action });
+});
+const engine = permissions_1.default.engine.new({ providers });
+exports.engine = engine;
+//# sourceMappingURL=permission.js.map

package/dist/server/services/transfer/permission.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permission.js","sourceRoot":"","sources":["../../../../server/src/services/transfer/permission.ts"],"names":[],"mappings":";;;;;;AAAA,sEAA8C;AAC9C,yCAAgD;AAEhD,MAAM,wBAAwB,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAElD,MAAM,SAAS,GAAG;IAChB,MAAM,EAAE,IAAA,uBAAe,GAAE;IACzB,SAAS,EAAE,IAAA,uBAAe,GAAE;CAC7B,CAAC;AAQe,8BAAS;AAN1B,wBAAwB,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;IAC1C,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEH,MAAM,MAAM,GAAG,qBAAW,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;AAE5C,wBAAM"}

package/dist/server/services/transfer/token.d.ts

@@ -0,0 +1,84 @@
+export type TransferTokenPermission = {
+    id: number | string;
+    action: string;
+    token: TransferToken | number;
+};
+export type TransferToken = {
+    id: number | string;
+    name: string;
+    description: string;
+    accessKey: string;
+    lastUsedAt: number;
+    lifespan: number;
+    expiresAt: number;
+    permissions: string[] | TransferTokenPermission[];
+};
+type SanitizedTransferToken = Omit<TransferToken, 'accessKey'>;
+/**
+ * Return a list of all tokens and their permissions
+ */
+declare const list: () => Promise<SanitizedTransferToken[]>;
+export declare const hasAccessKey: <T extends {
+    accessKey?: string | undefined;
+}>(attributes: T) => attributes is T & {
+    accessKey: string;
+};
+/**
+ * Create a token and its permissions
+ */
+declare const create: (attributes: {
+    name: string;
+    description: string;
+    lifespan: number;
+    permissions: string[];
+    accessKey?: string;
+}) => Promise<TransferToken>;
+/**
+ * Update a token and its permissions
+ */
+declare const update: (id: string | number, attributes: {
+    name: string;
+    description: string;
+    lastUsedAt: number;
+    permissions: string[];
+    lifespan: number;
+}) => Promise<SanitizedTransferToken>;
+/**
+ * Revoke (delete) a token
+ */
+declare const revoke: (id: string | number) => Promise<SanitizedTransferToken>;
+/**
+ *  Get a token
+ */
+declare const getBy: (whereParams?: {
+    id?: string | number | undefined;
+    name?: string | undefined;
+    lastUsedAt?: number | undefined;
+    description?: string | undefined;
+    accessKey?: string | undefined;
+}) => Promise<SanitizedTransferToken | null>;
+/**
+ * Retrieve a token by id
+ */
+declare const getById: (id: string | number) => Promise<SanitizedTransferToken | null>;
+/**
+ * Retrieve a token by name
+ */
+declare const getByName: (name: string) => Promise<SanitizedTransferToken | null>;
+/**
+ * Check if token exists
+ */
+declare const exists: (whereParams?: {
+    id?: string | number | undefined;
+    name?: string | undefined;
+    lastUsedAt?: number | undefined;
+    description?: string | undefined;
+    accessKey?: string | undefined;
+}) => Promise<boolean>;
+declare const regenerate: (id: string | number) => Promise<TransferToken>;
+/**
+ * Return a secure sha512 hash of an accessKey
+ */
+declare const hash: (accessKey: string) => string;
+declare const checkSaltIsDefined: () => void;
+export { create, list, exists, getBy, getById, getByName, update, revoke, regenerate, hash, checkSaltIsDefined, };

package/dist/server/services/transfer/token.js

@@ -0,0 +1,273 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkSaltIsDefined = exports.hash = exports.regenerate = exports.revoke = exports.update = exports.getByName = exports.getById = exports.getBy = exports.exists = exports.list = exports.create = exports.hasAccessKey = void 0;
+const crypto_1 = __importDefault(require("crypto"));
+const assert_1 = __importDefault(require("assert"));
+const fp_1 = require("lodash/fp");
+const utils_1 = require("@strapi/utils");
+const constants_1 = __importDefault(require("../constants"));
+const utils_2 = require("../../utils");
+const { ValidationError, NotFoundError } = utils_1.errors;
+const TRANSFER_TOKEN_UID = 'admin::transfer-token';
+const TRANSFER_TOKEN_PERMISSION_UID = 'admin::transfer-token-permission';
+const SELECT_FIELDS = [
+    'id',
+    'name',
+    'description',
+    'lastUsedAt',
+    'lifespan',
+    'expiresAt',
+    'createdAt',
+    'updatedAt',
+];
+const POPULATE_FIELDS = ['permissions'];
+/**
+ * Return a list of all tokens and their permissions
+ */
+const list = async () => {
+    const tokens = await strapi.query(TRANSFER_TOKEN_UID).findMany({
+        select: SELECT_FIELDS,
+        populate: POPULATE_FIELDS,
+        orderBy: { name: 'ASC' },
+    });
+    if (!tokens)
+        return tokens;
+    return tokens.map((token) => flattenTokenPermissions(token));
+};
+exports.list = list;
+/**
+ * Create a random token's access key
+ */
+const generateRandomAccessKey = () => crypto_1.default.randomBytes(128).toString('hex');
+/**
+ * Validate the given access key's format and returns it if valid
+ */
+const validateAccessKey = (accessKey) => {
+    (0, assert_1.default)(typeof accessKey === 'string', 'Access key needs to be a string');
+    (0, assert_1.default)(accessKey.length >= 15, 'Access key needs to have at least 15 characters');
+    return accessKey;
+};
+const hasAccessKey = (attributes) => {
+    return 'accessKey' in attributes;
+};
+exports.hasAccessKey = hasAccessKey;
+/**
+ * Create a token and its permissions
+ */
+const create = async (attributes) => {
+    const accessKey = (0, exports.hasAccessKey)(attributes)
+        ? validateAccessKey(attributes.accessKey)
+        : generateRandomAccessKey();
+    // Make sure the access key isn't picked up directly from the attributes for the next steps
+    delete attributes.accessKey;
+    assertTokenPermissionsValidity(attributes);
+    assertValidLifespan(attributes);
+    const result = (await strapi.db.transaction(async () => {
+        const transferToken = await strapi.query(TRANSFER_TOKEN_UID).create({
+            select: SELECT_FIELDS,
+            populate: POPULATE_FIELDS,
+            data: {
+                ...(0, fp_1.omit)('permissions', attributes),
+                accessKey: hash(accessKey),
+                ...getExpirationFields(attributes.lifespan),
+            },
+        });
+        await Promise.all((0, fp_1.uniq)(attributes.permissions).map((action) => strapi
+            .query(TRANSFER_TOKEN_PERMISSION_UID)
+            .create({ data: { action, token: transferToken } })));
+        const currentPermissions = await strapi.entityService.load(TRANSFER_TOKEN_UID, transferToken, 'permissions');
+        if (currentPermissions) {
+            Object.assign(transferToken, { permissions: (0, fp_1.map)('action', currentPermissions) });
+        }
+        return transferToken;
+    }));
+    return { ...result, accessKey };
+};
+exports.create = create;
+/**
+ * Update a token and its permissions
+ */
+const update = async (id, attributes) => {
+    // retrieve token without permissions
+    const originalToken = await strapi.query(TRANSFER_TOKEN_UID).findOne({ where: { id } });
+    if (!originalToken) {
+        throw new NotFoundError('Token not found');
+    }
+    assertTokenPermissionsValidity(attributes);
+    assertValidLifespan(attributes);
+    return strapi.db.transaction(async () => {
+        const updatedToken = await strapi.query(TRANSFER_TOKEN_UID).update({
+            select: SELECT_FIELDS,
+            where: { id },
+            data: {
+                ...(0, fp_1.omit)('permissions', attributes),
+            },
+        });
+        if (attributes.permissions) {
+            const currentPermissionsResult = await strapi.entityService.load(TRANSFER_TOKEN_UID, updatedToken, 'permissions');
+            const currentPermissions = (0, fp_1.map)('action', currentPermissionsResult || []);
+            const newPermissions = (0, fp_1.uniq)(attributes.permissions);
+            const actionsToDelete = (0, fp_1.difference)(currentPermissions, newPermissions);
+            const actionsToAdd = (0, fp_1.difference)(newPermissions, currentPermissions);
+            // TODO: improve efficiency here
+            // method using a loop -- works but very inefficient
+            await Promise.all(actionsToDelete.map((action) => strapi.query(TRANSFER_TOKEN_PERMISSION_UID).delete({
+                where: { action, token: id },
+            })));
+            // TODO: improve efficiency here
+            // using a loop -- works but very inefficient
+            await Promise.all(actionsToAdd.map((action) => strapi.query(TRANSFER_TOKEN_PERMISSION_UID).create({
+                data: { action, token: id },
+            })));
+        }
+        // retrieve permissions
+        const permissionsFromDb = (await strapi.entityService.load(TRANSFER_TOKEN_UID, updatedToken, 'permissions'));
+        return {
+            ...updatedToken,
+            permissions: permissionsFromDb ? permissionsFromDb.map((p) => p.action) : undefined,
+        };
+    });
+};
+exports.update = update;
+/**
+ * Revoke (delete) a token
+ */
+const revoke = async (id) => {
+    return strapi.db.transaction(async () => strapi
+        .query(TRANSFER_TOKEN_UID)
+        .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } }));
+};
+exports.revoke = revoke;
+/**
+ *  Get a token
+ */
+const getBy = async (whereParams = {}) => {
+    if (Object.keys(whereParams).length === 0) {
+        return null;
+    }
+    const token = await strapi
+        .query(TRANSFER_TOKEN_UID)
+        .findOne({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: whereParams });
+    if (!token)
+        return token;
+    return flattenTokenPermissions(token);
+};
+exports.getBy = getBy;
+/**
+ * Retrieve a token by id
+ */
+const getById = async (id) => {
+    return getBy({ id });
+};
+exports.getById = getById;
+/**
+ * Retrieve a token by name
+ */
+const getByName = async (name) => {
+    return getBy({ name });
+};
+exports.getByName = getByName;
+/**
+ * Check if token exists
+ */
+const exists = async (whereParams = {}) => {
+    const transferToken = await getBy(whereParams);
+    return !!transferToken;
+};
+exports.exists = exists;
+const regenerate = async (id) => {
+    const accessKey = crypto_1.default.randomBytes(128).toString('hex');
+    const transferToken = (await strapi.db.transaction(async () => strapi.query(TRANSFER_TOKEN_UID).update({
+        select: ['id', 'accessKey'],
+        where: { id },
+        data: {
+            accessKey: hash(accessKey),
+        },
+    })));
+    if (!transferToken) {
+        throw new NotFoundError('The provided token id does not exist');
+    }
+    return {
+        ...transferToken,
+        accessKey,
+    };
+};
+exports.regenerate = regenerate;
+const getExpirationFields = (lifespan) => {
+    // it must be nil or a finite number >= 0
+    const isValidNumber = Number.isFinite(lifespan) && lifespan > 0;
+    if (!isValidNumber && !(0, fp_1.isNil)(lifespan)) {
+        throw new ValidationError('lifespan must be a positive number or null');
+    }
+    return {
+        lifespan: lifespan || null,
+        expiresAt: lifespan ? Date.now() + lifespan : null,
+    };
+};
+/**
+ * Return a secure sha512 hash of an accessKey
+ */
+const hash = (accessKey) => {
+    const { hasValidTokenSalt } = (0, utils_2.getService)('transfer').utils;
+    if (!hasValidTokenSalt()) {
+        throw new TypeError('Required token salt is not defined');
+    }
+    return crypto_1.default
+        .createHmac('sha512', strapi.config.get('admin.transfer.token.salt'))
+        .update(accessKey)
+        .digest('hex');
+};
+exports.hash = hash;
+const checkSaltIsDefined = () => {
+    const { hasValidTokenSalt, isDisabledFromEnv } = (0, utils_2.getService)('transfer').utils;
+    // Ignore the check if the data-transfer feature is manually disabled
+    if (isDisabledFromEnv()) {
+        return;
+    }
+    if (!hasValidTokenSalt()) {
+        process.emitWarning(`Missing transfer.token.salt: Data transfer features have been disabled.
+Please set transfer.token.salt in config/admin.js (ex: you can generate one using Node with \`crypto.randomBytes(16).toString('base64')\`)
+For security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);
+    }
+};
+exports.checkSaltIsDefined = checkSaltIsDefined;
+/**
+ * Flatten a token's database permissions objects to an array of strings
+ */
+const flattenTokenPermissions = (token) => {
+    if (!token)
+        return token;
+    return {
+        ...token,
+        permissions: (0, fp_1.isArray)(token.permissions)
+            ? (0, fp_1.map)('action', token.permissions)
+            : token.permissions,
+    };
+};
+/**
+ * Assert that a token's permissions are valid
+ */
+const assertTokenPermissionsValidity = (attributes) => {
+    const permissionService = strapi.admin.services.transfer.permission;
+    const validPermissions = permissionService.providers.action.keys();
+    const invalidPermissions = (0, fp_1.difference)(attributes.permissions, validPermissions);
+    if (!(0, fp_1.isEmpty)(invalidPermissions)) {
+        throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);
+    }
+};
+/**
+ * Assert that a token's lifespan is valid
+ */
+const assertValidLifespan = ({ lifespan }) => {
+    if ((0, fp_1.isNil)(lifespan)) {
+        return;
+    }
+    if (!Object.values(constants_1.default.TRANSFER_TOKEN_LIFESPANS).includes(lifespan)) {
+        throw new ValidationError(`lifespan must be one of the following values: 
+      ${Object.values(constants_1.default.TRANSFER_TOKEN_LIFESPANS).join(', ')}`);
+    }
+};
+//# sourceMappingURL=token.js.map

package/dist/server/services/transfer/token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.js","sourceRoot":"","sources":["../../../../server/src/services/transfer/token.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA4B;AAC5B,oDAA4B;AAC5B,kCAAiF;AACjF,yCAAuC;AACvC,6DAAqC;AACrC,uCAAyC;AAEzC,MAAM,EAAE,eAAe,EAAE,aAAa,EAAE,GAAG,cAAM,CAAC;AAElD,MAAM,kBAAkB,GAAG,uBAAuB,CAAC;AACnD,MAAM,6BAA6B,GAAG,kCAAkC,CAAC;AAqBzE,MAAM,aAAa,GAAG;IACpB,IAAI;IACJ,MAAM;IACN,aAAa;IACb,YAAY;IACZ,UAAU;IACV,WAAW;IACX,WAAW;IACX,WAAW;CACH,CAAC;AAEX,MAAM,eAAe,GAAG,CAAC,aAAa,CAAU,CAAC;AAEjD;;GAEG;AACH,MAAM,IAAI,GAAG,KAAK,IAAuC,EAAE;IACzD,MAAM,MAAM,GAAoB,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,QAAQ,CAAC;QAC9E,MAAM,EAAE,aAAa;QACrB,QAAQ,EAAE,eAAe;QACzB,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;KACzB,CAAC,CAAC;IAEH,IAAI,CAAC,MAAM;QAAE,OAAO,MAAM,CAAC;IAC3B,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC,CAAC;AAC/D,CAAC,CAAC;AAmVA,oBAAI;AAjVN;;GAEG;AACH,MAAM,uBAAuB,GAAG,GAAW,EAAE,CAAC,gBAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAEtF;;GAEG;AACH,MAAM,iBAAiB,GAAG,CAAC,SAAiB,EAAU,EAAE;IACtD,IAAA,gBAAM,EAAC,OAAO,SAAS,KAAK,QAAQ,EAAE,iCAAiC,CAAC,CAAC;IACzE,IAAA,gBAAM,EAAC,SAAS,CAAC,MAAM,IAAI,EAAE,EAAE,iDAAiD,CAAC,CAAC;IAElF,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAEK,MAAM,YAAY,GAAG,CAC1B,UAAa,EAC4B,EAAE;IAC3C,OAAO,WAAW,IAAI,UAAU,CAAC;AACnC,CAAC,CAAC;AAJW,QAAA,YAAY,gBAIvB;AAEF;;GAEG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,UAMrB,EAA0B,EAAE;IAC3B,MAAM,SAAS,GAAG,IAAA,oBAAY,EAAC,UAAU,CAAC;QACxC,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,SAAS,CAAC;QACzC,CAAC,CAAC,uBAAuB,EAAE,CAAC;IAE9B,2FAA2F;IAC3F,OAAO,UAAU,CAAC,SAAS,CAAC;IAE5B,8BAA8B,CAAC,UAAU,CAAC,CAAC;IAC3C,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAEhC,MAAM,MAAM,GAAG,CAAC,MAAM,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,IAAI,EAAE;QACrD,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;YAClE,MAAM,EAAE,aAAa;YACrB,QAAQ,EAAE,eAAe;YACzB,IAAI,EAAE;gBACJ,GAAG,IAAA,SAAI,EAAC,aAAa,EAAE,UAAU,CAAC;gBAClC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC;gBAC1B,GAAG,mBAAmB,CAAC,UAAU,CAAC,QAAQ,CAAC;aAC5C;SACF,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,CACf,IAAA,SAAI,EAAC,UAAU,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAC1C,MAAM;aACH,KAAK,CAAC,6BAA6B,CAAC;aACpC,MAAM,CAAC,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,CAAC,CACtD,CACF,CAAC;QAEF,MAAM,kBAAkB,GAA8B,MAAM,MAAM,CAAC,aAAa,CAAC,IAAI,CACnF,kBAAkB,EAClB,aAAa,EACb,aAAa,CACd,CAAC;QAEF,IAAI,kBAAkB,EAAE;YACtB,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,EAAE,WAAW,EAAE,IAAA,QAAG,EAAC,QAAQ,EAAE,kBAAkB,CAAC,EAAE,CAAC,CAAC;SAClF;QAED,OAAO,aAAa,CAAC;IACvB,CAAC,CAAC,CAAkB,CAAC;IAErB,OAAO,EAAE,GAAG,MAAM,EAAE,SAAS,EAAE,CAAC;AAClC,CAAC,CAAC;AAsQA,wBAAM;AApQR;;GAEG;AACH,MAAM,MAAM,GAAG,KAAK,EAClB,EAAmB,EACnB,UAMC,EACgC,EAAE;IACnC,qCAAqC;IACrC,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAExF,IAAI,CAAC,aAAa,EAAE;QAClB,MAAM,IAAI,aAAa,CAAC,iBAAiB,CAAC,CAAC;KAC5C;IAED,8BAA8B,CAAC,UAAU,CAAC,CAAC;IAC3C,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAEhC,OAAO,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,IAAI,EAAE;QACtC,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;YACjE,MAAM,EAAE,aAAa;YACrB,KAAK,EAAE,EAAE,EAAE,EAAE;YACb,IAAI,EAAE;gBACJ,GAAG,IAAA,SAAI,EAAC,aAAa,EAAE,UAAU,CAAC;aACnC;SACF,CAAC,CAAC;QAEH,IAAI,UAAU,CAAC,WAAW,EAAE;YAC1B,MAAM,wBAAwB,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,IAAI,CAC9D,kBAAkB,EAClB,YAAY,EACZ,aAAa,CACd,CAAC;YAEF,MAAM,kBAAkB,GAAG,IAAA,QAAG,EAAC,QAAQ,EAAE,wBAAwB,IAAI,EAAE,CAAC,CAAC;YACzE,MAAM,cAAc,GAAG,IAAA,SAAI,EAAC,UAAU,CAAC,WAAW,CAAC,CAAC;YAEpD,MAAM,eAAe,GAAG,IAAA,eAAU,EAAC,kBAAkB,EAAE,cAAc,CAAC,CAAC;YACvE,MAAM,YAAY,GAAG,IAAA,eAAU,EAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAEpE,gCAAgC;YAChC,oDAAoD;YACpD,MAAM,OAAO,CAAC,GAAG,CACf,eAAe,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAC7B,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC,MAAM,CAAC;gBACjD,KAAK,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE;aAC7B,CAAC,CACH,CACF,CAAC;YAEF,gCAAgC;YAChC,6CAA6C;YAC7C,MAAM,OAAO,CAAC,GAAG,CACf,YAAY,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAC1B,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC,MAAM,CAAC;gBACjD,IAAI,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE;aAC5B,CAAC,CACH,CACF,CAAC;SACH;QAED,uBAAuB;QACvB,MAAM,iBAAiB,GAAG,CAAC,MAAM,MAAM,CAAC,aAAa,CAAC,IAAI,CACxD,kBAAkB,EAClB,YAAY,EACZ,aAAa,CACd,CAA8B,CAAC;QAEhC,OAAO;YACL,GAAG,YAAY;YACf,WAAW,EAAE,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;SACpF,CAAC;IACJ,CAAC,CAAoC,CAAC;AACxC,CAAC,CAAC;AA4LA,wBAAM;AA1LR;;GAEG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,EAAmB,EAAmC,EAAE;IAC5E,OAAO,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,IAAI,EAAE,CACtC,MAAM;SACH,KAAK,CAAC,kBAAkB,CAAC;SACzB,MAAM,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAC5C,CAAC;AACvC,CAAC,CAAC;AAkLA,wBAAM;AAhLR;;GAEG;AACH,MAAM,KAAK,GAAG,KAAK,EACjB,cAAc,EAMb,EACuC,EAAE;IAC1C,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;QACzC,OAAO,IAAI,CAAC;KACb;IAED,MAAM,KAAK,GAAG,MAAM,MAAM;SACvB,KAAK,CAAC,kBAAkB,CAAC;SACzB,OAAO,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;IAErF,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,OAAO,uBAAuB,CAAC,KAAK,CAAC,CAAC;AACxC,CAAC,CAAC;AAsJA,sBAAK;AApJP;;GAEG;AACH,MAAM,OAAO,GAAG,KAAK,EAAE,EAAmB,EAA0C,EAAE;IACpF,OAAO,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AACvB,CAAC,CAAC;AAgJA,0BAAO;AA9IT;;GAEG;AACH,MAAM,SAAS,GAAG,KAAK,EAAE,IAAY,EAA0C,EAAE;IAC/E,OAAO,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;AACzB,CAAC,CAAC;AA0IA,8BAAS;AAxIX;;GAEG;AACH,MAAM,MAAM,GAAG,KAAK,EAClB,cAAc,EAMb,EACiB,EAAE;IACpB,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;IAE/C,OAAO,CAAC,CAAC,aAAa,CAAC;AACzB,CAAC,CAAC;AAsHA,wBAAM;AApHR,MAAM,UAAU,GAAG,KAAK,EAAE,EAAmB,EAA0B,EAAE;IACvE,MAAM,SAAS,GAAG,gBAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1D,MAAM,aAAa,GAAG,CAAC,MAAM,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,IAAI,EAAE,CAC5D,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;QACtC,MAAM,EAAE,CAAC,IAAI,EAAE,WAAW,CAAC;QAC3B,KAAK,EAAE,EAAE,EAAE,EAAE;QACb,IAAI,EAAE;YACJ,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC;SAC3B;KACF,CAAC,CACH,CAA2B,CAAC;IAE7B,IAAI,CAAC,aAAa,EAAE;QAClB,MAAM,IAAI,aAAa,CAAC,sCAAsC,CAAC,CAAC;KACjE;IAED,OAAO;QACL,GAAG,aAAa;QAChB,SAAS;KACV,CAAC;AACJ,CAAC,CAAC;AAsGA,gCAAU;AApGZ,MAAM,mBAAmB,GAAG,CAC1B,QAAgB,EACuC,EAAE;IACzD,yCAAyC;IACzC,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,GAAG,CAAC,CAAC;IAChE,IAAI,CAAC,aAAa,IAAI,CAAC,IAAA,UAAK,EAAC,QAAQ,CAAC,EAAE;QACtC,MAAM,IAAI,eAAe,CAAC,4CAA4C,CAAC,CAAC;KACzE;IAED,OAAO;QACL,QAAQ,EAAE,QAAQ,IAAI,IAAI;QAC1B,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI;KACnD,CAAC;AACJ,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,IAAI,GAAG,CAAC,SAAiB,EAAU,EAAE;IACzC,MAAM,EAAE,iBAAiB,EAAE,GAAG,IAAA,kBAAU,EAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE3D,IAAI,CAAC,iBAAiB,EAAE,EAAE;QACxB,MAAM,IAAI,SAAS,CAAC,oCAAoC,CAAC,CAAC;KAC3D;IAED,OAAO,gBAAM;SACV,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;SACpE,MAAM,CAAC,SAAS,CAAC;SACjB,MAAM,CAAC,KAAK,CAAC,CAAC;AACnB,CAAC,CAAC;AAwEA,oBAAI;AAtEN,MAAM,kBAAkB,GAAG,GAAG,EAAE;IAC9B,MAAM,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,GAAG,IAAA,kBAAU,EAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE9E,qEAAqE;IACrE,IAAI,iBAAiB,EAAE,EAAE;QACvB,OAAO;KACR;IAED,IAAI,CAAC,iBAAiB,EAAE,EAAE;QACxB,OAAO,CAAC,WAAW,CACjB;;wQAEkQ,CACnQ,CAAC;KACH;AACH,CAAC,CAAC;AAwDA,gDAAkB;AAtDpB;;GAEG;AACH,MAAM,uBAAuB,GAAG,CAAC,KAAoB,EAAiB,EAAE;IACtE,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IAEzB,OAAO;QACL,GAAG,KAAK;QACR,WAAW,EAAE,IAAA,YAAO,EAAC,KAAK,CAAC,WAAW,CAAC;YACrC,CAAC,CAAC,IAAA,QAAG,EAAC,QAAQ,EAAE,KAAK,CAAC,WAAwC,CAAC;YAC/D,CAAC,CAAC,KAAK,CAAC,WAAW;KACtB,CAAC;AACJ,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,8BAA8B,GAAG,CAAC,UAAqC,EAAE,EAAE;IAC/E,MAAM,iBAAiB,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;IACpE,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IACnE,MAAM,kBAAkB,GAAG,IAAA,eAAU,EAAC,UAAU,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;IAEhF,IAAI,CAAC,IAAA,YAAO,EAAC,kBAAkB,CAAC,EAAE;QAChC,MAAM,IAAI,eAAe,CAAC,iCAAiC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;KAC7F;AACH,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAG,CAAC,EAAE,QAAQ,EAA2C,EAAE,EAAE;IACpF,IAAI,IAAA,UAAK,EAAC,QAAQ,CAAC,EAAE;QACnB,OAAO;KACR;IAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,mBAAS,CAAC,wBAAwB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;QACzE,MAAM,IAAI,eAAe,CACvB;QACE,MAAM,CAAC,MAAM,CAAC,mBAAS,CAAC,wBAAwB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjE,CAAC;KACH;AACH,CAAC,CAAC"}

package/dist/server/services/transfer/utils.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Returns whether the data transfer features have been disabled from the env configuration
+ */
+declare const isDisabledFromEnv: () => boolean;
+/**
+ * A valid transfer token salt must be a non-empty string defined in the Strapi config
+ */
+declare const hasValidTokenSalt: () => boolean;
+/**
+ * Checks whether data transfer features are enabled
+ */
+declare const isDataTransferEnabled: () => boolean;
+export { isDataTransferEnabled, isDisabledFromEnv, hasValidTokenSalt };

package/dist/server/services/transfer/utils.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.hasValidTokenSalt = exports.isDisabledFromEnv = exports.isDataTransferEnabled = void 0;
+const utils_1 = require("@strapi/utils");
+const utils_2 = require("../../utils");
+/**
+ * Returns whether the data transfer features have been disabled from the env configuration
+ */
+const isDisabledFromEnv = () => {
+    return utils_1.env.bool('STRAPI_DISABLE_REMOTE_DATA_TRANSFER', false);
+};
+exports.isDisabledFromEnv = isDisabledFromEnv;
+/**
+ * A valid transfer token salt must be a non-empty string defined in the Strapi config
+ */
+const hasValidTokenSalt = () => {
+    const salt = strapi.config.get('admin.transfer.token.salt', null);
+    return typeof salt === 'string' && salt.length > 0;
+};
+exports.hasValidTokenSalt = hasValidTokenSalt;
+/**
+ * Checks whether data transfer features are enabled
+ */
+const isDataTransferEnabled = () => {
+    const { utils } = (0, utils_2.getService)('transfer');
+    return !utils.isDisabledFromEnv() && utils.hasValidTokenSalt();
+};
+exports.isDataTransferEnabled = isDataTransferEnabled;
+//# sourceMappingURL=utils.js.map

package/dist/server/services/transfer/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../../server/src/services/transfer/utils.ts"],"names":[],"mappings":";;;AAAA,yCAAoC;AACpC,uCAAyC;AAEzC;;GAEG;AACH,MAAM,iBAAiB,GAAG,GAAY,EAAE;IACtC,OAAO,WAAG,CAAC,IAAI,CAAC,qCAAqC,EAAE,KAAK,CAAY,CAAC;AAC3E,CAAC,CAAC;AAoB8B,8CAAiB;AAlBjD;;GAEG;AACH,MAAM,iBAAiB,GAAG,GAAY,EAAE;IACtC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,CAAkB,CAAC;IAEnF,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;AACrD,CAAC,CAAC;AAWiD,8CAAiB;AATpE;;GAEG;AACH,MAAM,qBAAqB,GAAG,GAAY,EAAE;IAC1C,MAAM,EAAE,KAAK,EAAE,GAAG,IAAA,kBAAU,EAAC,UAAU,CAAC,CAAC;IAEzC,OAAO,CAAC,KAAK,CAAC,iBAAiB,EAAE,IAAI,KAAK,CAAC,iBAAiB,EAAE,CAAC;AACjE,CAAC,CAAC;AAEO,sDAAqB"}