@strapi/admin 4.14.1 → 4.14.3

package/dist/server/domain/condition/provider.js

@@ -0,0 +1,37 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const utils_1 = require("@strapi/utils");
+const _1 = __importDefault(require("."));
+/**
+ * @typedef ConditionProviderOverride
+ * @property {function(CreateConditionPayload)} register
+ * @property {function(attributes CreateConditionPayload[]): Promise<this>} registerMany
+ */
+/**
+ * Creates a new instance of a condition provider
+ * @return {Provider & ConditionProviderOverride}
+ */
+const createConditionProvider = () => {
+    const provider = (0, utils_1.providerFactory)();
+    return {
+        ...provider,
+        async register(conditionAttributes) {
+            if (strapi.isLoaded) {
+                throw new Error(`You can't register new conditions outside of the bootstrap function.`);
+            }
+            const condition = _1.default.create(conditionAttributes);
+            return provider.register(condition.id, condition);
+        },
+        async registerMany(conditionsAttributes) {
+            for (const attributes of conditionsAttributes) {
+                await this.register(attributes);
+            }
+            return this;
+        },
+    };
+};
+exports.default = createConditionProvider;
+//# sourceMappingURL=provider.js.map

package/dist/server/domain/condition/provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.js","sourceRoot":"","sources":["../../../../server/src/domain/condition/provider.ts"],"names":[],"mappings":";;;;;AAAA,yCAAgD;AAChD,yCAAuB;AAGvB;;;;GAIG;AAEH;;;GAGG;AACH,MAAM,uBAAuB,GAAG,GAAG,EAAE;IACnC,MAAM,QAAQ,GAAG,IAAA,uBAAe,GAAE,CAAC;IAEnC,OAAO;QACL,GAAG,QAAQ;QAEX,KAAK,CAAC,QAAQ,CAAC,mBAA2C;YACxD,IAAI,MAAM,CAAC,QAAQ,EAAE;gBACnB,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;aACzF;YAED,MAAM,SAAS,GAAG,UAAM,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;YAErD,OAAO,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;QACpD,CAAC;QAED,KAAK,CAAC,YAAY,CAAC,oBAA8C;YAC/D,KAAK,MAAM,UAAU,IAAI,oBAAoB,EAAE;gBAC7C,MAAM,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;aACjC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAEF,kBAAe,uBAAuB,CAAC"}

package/dist/server/domain/permission/index.d.ts

@@ -0,0 +1,77 @@
+/// <reference types="lodash" />
+import { Utils } from '@strapi/types';
+export type Permission = {
+    id?: string;
+    role?: string;
+    action: string;
+    actionParameters: object;
+    properties: object;
+    conditions: string[];
+    subject: string | null;
+};
+export declare const permissionFields: string[];
+export declare const sanitizedPermissionFields: string[];
+export declare const sanitizePermissionFields: import("lodash/fp").LodashPick2x1;
+/**
+ * Returns a new permission with the given condition
+ * @param condition - The condition to add
+ * @param permission - The permission on which we want to add the condition
+ * @return
+ */
+export declare const addCondition: import("lodash").CurriedFunction2<string, Permission, Permission>;
+/**
+ * Returns a new permission without the given condition
+ * @param condition - The condition to remove
+ * @param permission - The permission on which we want to remove the condition
+ */
+export declare const removeCondition: import("lodash").CurriedFunction2<string, Permission, Permission>;
+/**
+ * Gets a property or a part of a property from a permission.
+ * @param property - The property to get
+ * @param permission - The permission on which we want to access the property
+ */
+export declare const getProperty: import("lodash").CurriedFunction2<string, Permission, Permission>;
+/**
+ * Set a value for a given property on a new permission object
+ * @param property - The name of the property
+ * @param value - The value of the property
+ * @param permission - The permission on which we want to set the property
+ */
+export declare const setProperty: (property: string, value: unknown, permission: Permission) => Permission;
+/**
+ * Returns a new permission without the given property name set
+ * @param property - The name of the property to delete
+ * @param permission - The permission on which we want to remove the property
+ * @return {Permission}
+ */
+export declare const deleteProperty: (property: string, permission: Permission) => Partial<Permission>;
+/**
+ * Creates a new {@link Permission} object from raw attributes. Set default values for certain fields
+ * @param  attributes
+ */
+export declare const create: (attributes: Utils.Object.PartialBy<Permission, 'actionParameters' | 'conditions' | 'properties' | 'subject'>) => Permission;
+/**
+ * Using the given condition provider, check and remove invalid condition from the permission's condition array.
+ * @param provider - The condition provider used to do the checks
+ * @param permission - The condition to sanitize
+ */
+export declare const sanitizeConditions: import("lodash").CurriedFunction2<import("@strapi/utils/dist/provider-factory").Provider, Permission, Permission>;
+/**
+ * Transform raw attributes into valid permissions using the create domain function.
+ * @param  payload - Can either be a single object of attributes or an array of those objects.
+ */
+export declare const toPermission: (payload: object | object[]) => Permission;
+declare const _default: {
+    addCondition: import("lodash").CurriedFunction2<string, Permission, Permission>;
+    removeCondition: import("lodash").CurriedFunction2<string, Permission, Permission>;
+    create: (attributes: Utils.Object.PartialBy<Permission, "actionParameters" | "subject" | "properties" | "conditions">) => Permission;
+    deleteProperty: (property: string, permission: Permission) => Partial<Permission>;
+    permissionFields: string[];
+    getProperty: import("lodash").CurriedFunction2<string, Permission, Permission>;
+    sanitizedPermissionFields: string[];
+    sanitizeConditions: import("lodash").CurriedFunction2<import("@strapi/utils/dist/provider-factory").Provider, Permission, Permission>;
+    sanitizePermissionFields: import("lodash/fp").LodashPick2x1;
+    setProperty: (property: string, value: unknown, permission: Permission) => Permission;
+    toPermission: (payload: object | object[]) => Permission;
+};
+export default _default;

package/dist/server/domain/permission/index.js

@@ -0,0 +1,119 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.toPermission = exports.sanitizeConditions = exports.create = exports.deleteProperty = exports.setProperty = exports.getProperty = exports.removeCondition = exports.addCondition = exports.sanitizePermissionFields = exports.sanitizedPermissionFields = exports.permissionFields = void 0;
+const fp_1 = require("lodash/fp");
+exports.permissionFields = [
+    'id',
+    'action',
+    'actionParameters',
+    'subject',
+    'properties',
+    'conditions',
+    'role',
+];
+exports.sanitizedPermissionFields = [
+    'id',
+    'action',
+    'actionParameters',
+    'subject',
+    'properties',
+    'conditions',
+];
+exports.sanitizePermissionFields = (0, fp_1.pick)(exports.sanitizedPermissionFields);
+/**
+ * Creates a permission with default values
+ */
+const getDefaultPermission = () => ({
+    actionParameters: {},
+    conditions: [],
+    properties: {},
+    subject: null,
+});
+/**
+ * Returns a new permission with the given condition
+ * @param condition - The condition to add
+ * @param permission - The permission on which we want to add the condition
+ * @return
+ */
+exports.addCondition = (0, fp_1.curry)((condition, permission) => {
+    const { conditions } = permission;
+    const newConditions = Array.isArray(conditions)
+        ? (0, fp_1.uniq)(conditions.concat(condition))
+        : [condition];
+    return (0, fp_1.set)('conditions', newConditions, permission);
+});
+/**
+ * Returns a new permission without the given condition
+ * @param condition - The condition to remove
+ * @param permission - The permission on which we want to remove the condition
+ */
+exports.removeCondition = (0, fp_1.curry)((condition, permission) => {
+    return (0, fp_1.set)('conditions', (0, fp_1.remove)((0, fp_1.eq)(condition), permission.conditions), permission);
+});
+/**
+ * Gets a property or a part of a property from a permission.
+ * @param property - The property to get
+ * @param permission - The permission on which we want to access the property
+ */
+exports.getProperty = (0, fp_1.curry)((property, permission) => (0, fp_1.get)(`properties.${property}`, permission));
+/**
+ * Set a value for a given property on a new permission object
+ * @param property - The name of the property
+ * @param value - The value of the property
+ * @param permission - The permission on which we want to set the property
+ */
+const setProperty = (property, value, permission) => {
+    return (0, fp_1.set)(`properties.${property}`, value, permission);
+};
+exports.setProperty = setProperty;
+/**
+ * Returns a new permission without the given property name set
+ * @param property - The name of the property to delete
+ * @param permission - The permission on which we want to remove the property
+ * @return {Permission}
+ */
+const deleteProperty = (property, permission) => (0, fp_1.omit)(`properties.${property}`, permission);
+exports.deleteProperty = deleteProperty;
+/**
+ * Creates a new {@link Permission} object from raw attributes. Set default values for certain fields
+ * @param  attributes
+ */
+const create = (attributes) => {
+    return (0, fp_1.pipe)((0, fp_1.pick)(exports.permissionFields), (0, fp_1.merge)(getDefaultPermission()))(attributes);
+};
+exports.create = create;
+/**
+ * Using the given condition provider, check and remove invalid condition from the permission's condition array.
+ * @param provider - The condition provider used to do the checks
+ * @param permission - The condition to sanitize
+ */
+exports.sanitizeConditions = (0, fp_1.curry)((provider, permission) => {
+    if (!(0, fp_1.isArray)(permission.conditions)) {
+        return permission;
+    }
+    return permission.conditions
+        .filter((condition) => !provider.has(condition))
+        .reduce((perm, condition) => (0, exports.removeCondition)(condition, perm), permission);
+});
+/**
+ * Transform raw attributes into valid permissions using the create domain function.
+ * @param  payload - Can either be a single object of attributes or an array of those objects.
+ */
+const toPermission = (payload) => 
+// @ts-expect-error
+(0, fp_1.isArray)(payload) ? (0, fp_1.map)(exports.create, payload) : (0, exports.create)(payload);
+exports.toPermission = toPermission;
+exports.default = {
+    addCondition: exports.addCondition,
+    removeCondition: exports.removeCondition,
+    create: exports.create,
+    deleteProperty: exports.deleteProperty,
+    permissionFields: exports.permissionFields,
+    getProperty: exports.getProperty,
+    sanitizedPermissionFields: exports.sanitizedPermissionFields,
+    sanitizeConditions: exports.sanitizeConditions,
+    sanitizePermissionFields: exports.sanitizePermissionFields,
+    setProperty: exports.setProperty,
+    toPermission: exports.toPermission,
+};
+//# sourceMappingURL=index.js.map

package/dist/server/domain/permission/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../server/src/domain/permission/index.ts"],"names":[],"mappings":";;;AAGA,kCAamB;AAcN,QAAA,gBAAgB,GAAG;IAC9B,IAAI;IACJ,QAAQ;IACR,kBAAkB;IAClB,SAAS;IACT,YAAY;IACZ,YAAY;IACZ,MAAM;CACP,CAAC;AACW,QAAA,yBAAyB,GAAG;IACvC,IAAI;IACJ,QAAQ;IACR,kBAAkB;IAClB,SAAS;IACT,YAAY;IACZ,YAAY;CACb,CAAC;AAEW,QAAA,wBAAwB,GAAG,IAAA,SAAI,EAAC,iCAAyB,CAAC,CAAC;AAExE;;GAEG;AACH,MAAM,oBAAoB,GAAG,GAAG,EAAE,CAAC,CAAC;IAClC,gBAAgB,EAAE,EAAE;IACpB,UAAU,EAAE,EAAE;IACd,UAAU,EAAE,EAAE;IACd,OAAO,EAAE,IAAI;CACd,CAAC,CAAC;AAEH;;;;;GAKG;AACU,QAAA,YAAY,GAAG,IAAA,UAAK,EAAC,CAAC,SAAiB,EAAE,UAAsB,EAAc,EAAE;IAC1F,MAAM,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;IAClC,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;QAC7C,CAAC,CAAC,IAAA,SAAI,EAAC,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAEhB,OAAO,IAAA,QAAG,EAAC,YAAY,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC;AACtD,CAAC,CAAC,CAAC;AAEH;;;;GAIG;AACU,QAAA,eAAe,GAAG,IAAA,UAAK,EAAC,CAAC,SAAiB,EAAE,UAAsB,EAAc,EAAE;IAC7F,OAAO,IAAA,QAAG,EAAC,YAAY,EAAE,IAAA,WAAM,EAAC,IAAA,OAAE,EAAC,SAAS,CAAC,EAAE,UAAU,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC,CAAC;AACrF,CAAC,CAAC,CAAC;AAEH;;;;GAIG;AACU,QAAA,WAAW,GAAG,IAAA,UAAK,EAC9B,CAAC,QAAgB,EAAE,UAAsB,EAAc,EAAE,CACvD,IAAA,QAAG,EAAC,cAAc,QAAQ,EAAE,EAAE,UAAU,CAAC,CAC5C,CAAC;AAEF;;;;;GAKG;AACI,MAAM,WAAW,GAAG,CACzB,QAAgB,EAChB,KAAc,EACd,UAAsB,EACV,EAAE;IACd,OAAO,IAAA,QAAG,EAAC,cAAc,QAAQ,EAAE,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;AAC1D,CAAC,CAAC;AANW,QAAA,WAAW,eAMtB;AAEF;;;;;GAKG;AACI,MAAM,cAAc,GAAG,CAAC,QAAgB,EAAE,UAAsB,EAAE,EAAE,CACzE,IAAA,SAAI,EAAC,cAAc,QAAQ,EAAE,EAAE,UAAU,CAAC,CAAC;AADhC,QAAA,cAAc,kBACkB;AAE7C;;;GAGG;AACI,MAAM,MAAM,GAAG,CACpB,UAGC,EACD,EAAE;IACF,OAAO,IAAA,SAAI,EAAC,IAAA,SAAI,EAAC,wBAAgB,CAAC,EAAE,IAAA,UAAK,EAAC,oBAAoB,EAAE,CAAC,CAAC,CAAC,UAAU,CAAe,CAAC;AAC/F,CAAC,CAAC;AAPW,QAAA,MAAM,UAOjB;AAEF;;;;GAIG;AACU,QAAA,kBAAkB,GAAG,IAAA,UAAK,EACrC,CAAC,QAAkB,EAAE,UAAsB,EAAc,EAAE;IACzD,IAAI,CAAC,IAAA,YAAO,EAAC,UAAU,CAAC,UAAU,CAAC,EAAE;QACnC,OAAO,UAAU,CAAC;KACnB;IAED,OAAO,UAAU,CAAC,UAAU;SACzB,MAAM,CAAC,CAAC,SAAiB,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;SACvD,MAAM,CACL,CAAC,IAAgB,EAAE,SAAiB,EAAE,EAAE,CAAC,IAAA,uBAAe,EAAC,SAAS,EAAE,IAAI,CAAC,EACzE,UAAU,CACX,CAAC;AACN,CAAC,CACF,CAAC;AAEF;;;GAGG;AACI,MAAM,YAAY,GAAG,CAAC,OAA0B,EAAc,EAAE;AACrE,mBAAmB;AACnB,IAAA,YAAO,EAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAA,QAAG,EAAC,cAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAA,cAAM,EAAC,OAAO,CAAC,CAAC;AAF/C,QAAA,YAAY,gBAEmC;AAE5D,kBAAe;IACb,YAAY,EAAZ,oBAAY;IACZ,eAAe,EAAf,uBAAe;IACf,MAAM,EAAN,cAAM;IACN,cAAc,EAAd,sBAAc;IACd,gBAAgB,EAAhB,wBAAgB;IAChB,WAAW,EAAX,mBAAW;IACX,yBAAyB,EAAzB,iCAAyB;IACzB,kBAAkB,EAAlB,0BAAkB;IAClB,wBAAwB,EAAxB,gCAAwB;IACxB,WAAW,EAAX,mBAAW;IACX,YAAY,EAAZ,oBAAY;CACb,CAAC"}

package/dist/server/domain/user.d.ts

@@ -0,0 +1,32 @@
+export type AdminUser = {
+    id: string | number;
+    firstname: string;
+    lastname: string;
+    username: string;
+    [key: string]: any;
+};
+export type AdminRole = {
+    id: string | number;
+    code: string;
+    [key: string]: any;
+};
+/**
+ * Create a new user model by merging default and specified attributes
+ * @param attributes A partial user object
+ */
+export declare function createUser(attributes: Partial<AdminUser>): {
+    id?: string | number | undefined;
+    firstname?: string | undefined;
+    lastname?: string | undefined;
+    username: string | null;
+    roles: never[];
+    isActive: boolean;
+};
+export declare const hasSuperAdminRole: (user: AdminUser) => boolean;
+export declare const ADMIN_USER_ALLOWED_FIELDS: string[];
+declare const _default: {
+    createUser: typeof createUser;
+    hasSuperAdminRole: (user: AdminUser) => boolean;
+    ADMIN_USER_ALLOWED_FIELDS: string[];
+};
+export default _default;

package/dist/server/domain/user.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ADMIN_USER_ALLOWED_FIELDS = exports.hasSuperAdminRole = exports.createUser = void 0;
+const constants_1 = require("../services/constants");
+/**
+ * Create a new user model by merging default and specified attributes
+ * @param attributes A partial user object
+ */
+function createUser(attributes) {
+    return {
+        roles: [],
+        isActive: false,
+        username: null,
+        ...attributes,
+    };
+}
+exports.createUser = createUser;
+const hasSuperAdminRole = (user) => {
+    return user.roles.filter((role) => role.code === constants_1.SUPER_ADMIN_CODE).length > 0;
+};
+exports.hasSuperAdminRole = hasSuperAdminRole;
+exports.ADMIN_USER_ALLOWED_FIELDS = ['id', 'firstname', 'lastname', 'username'];
+exports.default = {
+    createUser,
+    hasSuperAdminRole: exports.hasSuperAdminRole,
+    ADMIN_USER_ALLOWED_FIELDS: exports.ADMIN_USER_ALLOWED_FIELDS,
+};
+//# sourceMappingURL=user.js.map

package/dist/server/domain/user.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.js","sourceRoot":"","sources":["../../../server/src/domain/user.ts"],"names":[],"mappings":";;;AAAA,qDAAyD;AAkBzD;;;GAGG;AACH,SAAgB,UAAU,CAAC,UAA8B;IACvD,OAAO;QACL,KAAK,EAAE,EAAE;QACT,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,IAAI;QACd,GAAG,UAAU;KACd,CAAC;AACJ,CAAC;AAPD,gCAOC;AAEM,MAAM,iBAAiB,GAAG,CAAC,IAAe,EAAE,EAAE;IACnD,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAe,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,4BAAgB,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;AAC3F,CAAC,CAAC;AAFW,QAAA,iBAAiB,qBAE5B;AAEW,QAAA,yBAAyB,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;AAErF,kBAAe;IACb,UAAU;IACV,iBAAiB,EAAjB,yBAAiB;IACjB,yBAAyB,EAAzB,iCAAyB;CAC1B,CAAC"}

package/dist/server/index.d.ts

@@ -0,0 +1,10 @@
+export { default as bootstrap } from './bootstrap';
+export { default as register } from './register';
+export { default as destroy } from './destroy';
+export { default as config } from './config';
+export { default as policies } from './policies';
+export { default as routes } from './routes';
+export { default as services } from './services';
+export { default as controllers } from './controllers';
+export { default as contentTypes } from './content-types';
+export { default as middlewares } from './middlewares';

package/dist/server/index.js

@@ -0,0 +1,27 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.middlewares = exports.contentTypes = exports.controllers = exports.services = exports.routes = exports.policies = exports.config = exports.destroy = exports.register = exports.bootstrap = void 0;
+var bootstrap_1 = require("./bootstrap");
+Object.defineProperty(exports, "bootstrap", { enumerable: true, get: function () { return __importDefault(bootstrap_1).default; } });
+var register_1 = require("./register");
+Object.defineProperty(exports, "register", { enumerable: true, get: function () { return __importDefault(register_1).default; } });
+var destroy_1 = require("./destroy");
+Object.defineProperty(exports, "destroy", { enumerable: true, get: function () { return __importDefault(destroy_1).default; } });
+var config_1 = require("./config");
+Object.defineProperty(exports, "config", { enumerable: true, get: function () { return __importDefault(config_1).default; } });
+var policies_1 = require("./policies");
+Object.defineProperty(exports, "policies", { enumerable: true, get: function () { return __importDefault(policies_1).default; } });
+var routes_1 = require("./routes");
+Object.defineProperty(exports, "routes", { enumerable: true, get: function () { return __importDefault(routes_1).default; } });
+var services_1 = require("./services");
+Object.defineProperty(exports, "services", { enumerable: true, get: function () { return __importDefault(services_1).default; } });
+var controllers_1 = require("./controllers");
+Object.defineProperty(exports, "controllers", { enumerable: true, get: function () { return __importDefault(controllers_1).default; } });
+var content_types_1 = require("./content-types");
+Object.defineProperty(exports, "contentTypes", { enumerable: true, get: function () { return __importDefault(content_types_1).default; } });
+var middlewares_1 = require("./middlewares");
+Object.defineProperty(exports, "middlewares", { enumerable: true, get: function () { return __importDefault(middlewares_1).default; } });
+//# sourceMappingURL=index.js.map

package/dist/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/src/index.ts"],"names":[],"mappings":";;;;;;AAAA,yCAAmD;AAA1C,uHAAA,OAAO,OAAa;AAC7B,uCAAiD;AAAxC,qHAAA,OAAO,OAAY;AAC5B,qCAA+C;AAAtC,mHAAA,OAAO,OAAW;AAE3B,mCAA6C;AAApC,iHAAA,OAAO,OAAU;AAC1B,uCAAiD;AAAxC,qHAAA,OAAO,OAAY;AAC5B,mCAA6C;AAApC,iHAAA,OAAO,OAAU;AAC1B,uCAAiD;AAAxC,qHAAA,OAAO,OAAY;AAC5B,6CAAuD;AAA9C,2HAAA,OAAO,OAAe;AAC/B,iDAA0D;AAAjD,8HAAA,OAAO,OAAgB;AAChC,6CAAuD;AAA9C,2HAAA,OAAO,OAAe"}

package/dist/server/middlewares/data-transfer.d.ts

@@ -0,0 +1,2 @@
+declare const _default: () => (ctx: any, next: any) => Promise<any>;
+export default _default;

package/dist/server/middlewares/data-transfer.js

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const utils_1 = require("../utils");
+exports.default = () => async (ctx, next) => {
+    const transferUtils = (0, utils_1.getService)('transfer').utils;
+    const { hasValidTokenSalt, isDataTransferEnabled, isDisabledFromEnv } = transferUtils;
+    if (isDataTransferEnabled()) {
+        return next();
+    }
+    if (!hasValidTokenSalt()) {
+        return ctx.notImplemented('The server configuration for data transfer is invalid. Please contact your server administrator.', {
+            code: 'INVALID_TOKEN_SALT',
+        });
+    }
+    if (isDisabledFromEnv()) {
+        return ctx.notFound();
+    }
+    // This should never happen as long as we're handling individual scenarios above
+    throw new Error('Unexpected error while trying to access a data transfer route');
+};
+//# sourceMappingURL=data-transfer.js.map

package/dist/server/middlewares/data-transfer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"data-transfer.js","sourceRoot":"","sources":["../../../server/src/middlewares/data-transfer.ts"],"names":[],"mappings":";;AAAA,oCAAsC;AAEtC,kBAAe,GAAG,EAAE,CAAC,KAAK,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;IACjD,MAAM,aAAa,GAAG,IAAA,kBAAU,EAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAEnD,MAAM,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,iBAAiB,EAAE,GAAG,aAAa,CAAC;IAEtF,IAAI,qBAAqB,EAAE,EAAE;QAC3B,OAAO,IAAI,EAAE,CAAC;KACf;IAED,IAAI,CAAC,iBAAiB,EAAE,EAAE;QACxB,OAAO,GAAG,CAAC,cAAc,CACvB,kGAAkG,EAClG;YACE,IAAI,EAAE,oBAAoB;SAC3B,CACF,CAAC;KACH;IAED,IAAI,iBAAiB,EAAE,EAAE;QACvB,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;KACvB;IAED,gFAAgF;IAChF,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;AACnF,CAAC,CAAC"}

package/dist/server/middlewares/index.d.ts

@@ -0,0 +1,9 @@
+export { default as rateLimit } from './rateLimit';
+export { default as dataTransfer } from './data-transfer';
+declare const _default: {
+    rateLimit: (config: any, { strapi }: {
+        strapi: import("@strapi/types").Strapi;
+    }) => (ctx: any, next: any) => Promise<any>;
+    'data-transfer': () => (ctx: any, next: any) => Promise<any>;
+};
+export default _default;

package/dist/server/middlewares/index.js

@@ -0,0 +1,17 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.dataTransfer = exports.rateLimit = void 0;
+const rateLimit_1 = __importDefault(require("./rateLimit"));
+const data_transfer_1 = __importDefault(require("./data-transfer"));
+var rateLimit_2 = require("./rateLimit");
+Object.defineProperty(exports, "rateLimit", { enumerable: true, get: function () { return __importDefault(rateLimit_2).default; } });
+var data_transfer_2 = require("./data-transfer");
+Object.defineProperty(exports, "dataTransfer", { enumerable: true, get: function () { return __importDefault(data_transfer_2).default; } });
+exports.default = {
+    rateLimit: rateLimit_1.default,
+    'data-transfer': data_transfer_1.default,
+};
+//# sourceMappingURL=index.js.map

package/dist/server/middlewares/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../server/src/middlewares/index.ts"],"names":[],"mappings":";;;;;;AAAA,4DAAoC;AACpC,oEAA2C;AAE3C,yCAAmD;AAA1C,uHAAA,OAAO,OAAa;AAC7B,iDAA0D;AAAjD,8HAAA,OAAO,OAAgB;AAEhC,kBAAe;IACb,SAAS,EAAT,mBAAS;IACT,eAAe,EAAE,uBAAY;CAC9B,CAAC"}

package/dist/server/middlewares/rateLimit.d.ts

@@ -0,0 +1,5 @@
+import type { Strapi } from '@strapi/types';
+declare const _default: (config: any, { strapi }: {
+    strapi: Strapi;
+}) => (ctx: any, next: any) => Promise<any>;
+export default _default;

package/dist/server/middlewares/rateLimit.js

@@ -0,0 +1,42 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const path_1 = __importDefault(require("path"));
+const utils_1 = __importDefault(require("@strapi/utils"));
+const fp_1 = require("lodash/fp");
+const { RateLimitError } = utils_1.default.errors;
+exports.default = (config, { strapi }) => async (ctx, next) => {
+    let rateLimitConfig = strapi.config.get('admin.rateLimit');
+    if (!rateLimitConfig) {
+        rateLimitConfig = {
+            enabled: true,
+        };
+    }
+    if (!(0, fp_1.has)('enabled', rateLimitConfig)) {
+        rateLimitConfig.enabled = true;
+    }
+    if (rateLimitConfig.enabled === true) {
+        // TODO: TS - Do the dynamic import
+        // eslint-disable-next-line @typescript-eslint/no-var-requires
+        const rateLimit = require('koa2-ratelimit').RateLimit;
+        const userEmail = (0, fp_1.toLower)(ctx.request.body.email) || 'unknownEmail';
+        const requestPath = (0, fp_1.isString)(ctx.request.path)
+            ? (0, fp_1.toLower)(path_1.default.normalize(ctx.request.path)).replace(/\/$/, '')
+            : 'invalidPath';
+        const loadConfig = {
+            interval: { min: 5 },
+            max: 5,
+            prefixKey: `${userEmail}:${requestPath}:${ctx.request.ip}`,
+            handler() {
+                throw new RateLimitError();
+            },
+            ...rateLimitConfig,
+            ...config,
+        };
+        return rateLimit.middleware(loadConfig)(ctx, next);
+    }
+    return next();
+};
+//# sourceMappingURL=rateLimit.js.map

package/dist/server/middlewares/rateLimit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rateLimit.js","sourceRoot":"","sources":["../../../server/src/middlewares/rateLimit.ts"],"names":[],"mappings":";;;;;AAAA,gDAAwB;AACxB,0DAAkC;AAClC,kCAAmD;AAGnD,MAAM,EAAE,cAAc,EAAE,GAAG,eAAK,CAAC,MAAM,CAAC;AAExC,kBAAe,CAAC,MAAW,EAAE,EAAE,MAAM,EAAsB,EAAE,EAAE,CAC7D,KAAK,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;IAC5B,IAAI,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAQ,CAAC;IAElE,IAAI,CAAC,eAAe,EAAE;QACpB,eAAe,GAAG;YAChB,OAAO,EAAE,IAAI;SACd,CAAC;KACH;IAED,IAAI,CAAC,IAAA,QAAG,EAAC,SAAS,EAAE,eAAe,CAAC,EAAE;QACpC,eAAe,CAAC,OAAO,GAAG,IAAI,CAAC;KAChC;IAED,IAAI,eAAe,CAAC,OAAO,KAAK,IAAI,EAAE;QACpC,mCAAmC;QACnC,8DAA8D;QAC9D,MAAM,SAAS,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC,SAAS,CAAC;QAEtD,MAAM,SAAS,GAAG,IAAA,YAAO,EAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,cAAc,CAAC;QACpE,MAAM,WAAW,GAAG,IAAA,aAAQ,EAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;YAC5C,CAAC,CAAC,IAAA,YAAO,EAAC,cAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;YAC9D,CAAC,CAAC,aAAa,CAAC;QAElB,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE;YACpB,GAAG,EAAE,CAAC;YACN,SAAS,EAAE,GAAG,SAAS,IAAI,WAAW,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE;YAC1D,OAAO;gBACL,MAAM,IAAI,cAAc,EAAE,CAAC;YAC7B,CAAC;YACD,GAAG,eAAe;YAClB,GAAG,MAAM;SACV,CAAC;QAEF,OAAO,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;KACpD;IAED,OAAO,IAAI,EAAE,CAAC;AAChB,CAAC,CAAC"}

package/dist/server/policies/hasPermissions.d.ts

@@ -0,0 +1,6 @@
+declare const _default: {
+    name: string;
+    validator: (config: unknown) => void;
+    handler: (...args: any[]) => any;
+};
+export default _default;

package/dist/server/policies/hasPermissions.js

@@ -0,0 +1,38 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const lodash_1 = __importDefault(require("lodash"));
+const utils_1 = require("@strapi/utils");
+const hasPermissions_1 = require("../validation/policies/hasPermissions");
+const { createPolicy } = utils_1.policy;
+const inputModifiers = [
+    {
+        check: lodash_1.default.isString,
+        transform: (action) => ({ action }),
+    },
+    {
+        check: lodash_1.default.isArray,
+        transform: (arr) => ({ action: arr[0], subject: arr[1] }),
+    },
+    {
+        // Has to be after the isArray check since _.isObject also matches arrays
+        check: lodash_1.default.isObject,
+        transform: (perm) => perm,
+    },
+];
+exports.default = createPolicy({
+    name: 'admin::hasPermissions',
+    validator: hasPermissions_1.validateHasPermissionsInput,
+    handler(ctx, config) {
+        const { actions } = config;
+        const { userAbility: ability } = ctx.state;
+        const permissions = actions.map((action) => 
+        // @ts-expect-error
+        inputModifiers.find((modifier) => modifier.check(action)).transform(action));
+        const isAuthorized = permissions.every(({ action, subject }) => ability.can(action, subject));
+        return isAuthorized;
+    },
+});
+//# sourceMappingURL=hasPermissions.js.map

package/dist/server/policies/hasPermissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hasPermissions.js","sourceRoot":"","sources":["../../../server/src/policies/hasPermissions.ts"],"names":[],"mappings":";;;;;AAAA,oDAAuB;AACvB,yCAAuC;AACvC,0EAAoF;AAEpF,MAAM,EAAE,YAAY,EAAE,GAAG,cAAM,CAAC;AAEhC,MAAM,cAAc,GAAG;IACrB;QACE,KAAK,EAAE,gBAAC,CAAC,QAAQ;QACjB,SAAS,EAAE,CAAC,MAAW,EAAE,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC;KACzC;IACD;QACE,KAAK,EAAE,gBAAC,CAAC,OAAO;QAChB,SAAS,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;KAC/D;IACD;QACE,yEAAyE;QACzE,KAAK,EAAE,gBAAC,CAAC,QAAQ;QACjB,SAAS,EAAE,CAAC,IAAS,EAAE,EAAE,CAAC,IAAI;KAC/B;CACF,CAAC;AAEF,kBAAe,YAAY,CAAC;IAC1B,IAAI,EAAE,uBAAuB;IAC7B,SAAS,EAAE,4CAA2B;IACtC,OAAO,CAAC,GAAG,EAAE,MAAM;QACjB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;QAC3B,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;QAE3C,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAW,EAAE,EAAE;QAC9C,mBAAmB;QACnB,cAAc,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAC5E,CAAC;QAEF,MAAM,YAAY,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,EAAO,EAAE,EAAE,CAClE,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAC7B,CAAC;QAEF,OAAO,YAAY,CAAC;IACtB,CAAC;CACF,CAAC,CAAC"}

package/dist/server/policies/index.d.ts

@@ -0,0 +1,14 @@
+declare const _default: {
+    isAuthenticatedAdmin: (policyCtx: any) => boolean;
+    hasPermissions: {
+        name: string;
+        validator: (config: unknown) => void;
+        handler: (...args: any[]) => any;
+    };
+    isTelemetryEnabled: {
+        name: string;
+        validator: (config: unknown) => void;
+        handler: (...args: any[]) => any;
+    };
+};
+export default _default;

package/dist/server/policies/index.js

@@ -0,0 +1,10 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const isAuthenticatedAdmin_1 = __importDefault(require("./isAuthenticatedAdmin"));
+const hasPermissions_1 = __importDefault(require("./hasPermissions"));
+const isTelemetryEnabled_1 = __importDefault(require("./isTelemetryEnabled"));
+exports.default = { isAuthenticatedAdmin: isAuthenticatedAdmin_1.default, hasPermissions: hasPermissions_1.default, isTelemetryEnabled: isTelemetryEnabled_1.default };
+//# sourceMappingURL=index.js.map

package/dist/server/policies/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../server/src/policies/index.ts"],"names":[],"mappings":";;;;;AAAA,kFAA0D;AAC1D,sEAA8C;AAC9C,8EAAsD;AAEtD,kBAAe,EAAE,oBAAoB,EAApB,8BAAoB,EAAE,cAAc,EAAd,wBAAc,EAAE,kBAAkB,EAAlB,4BAAkB,EAAE,CAAC"}

package/dist/server/policies/isAuthenticatedAdmin.d.ts

@@ -0,0 +1,2 @@
+declare const _default: (policyCtx: any) => boolean;
+export default _default;

package/dist/server/policies/isAuthenticatedAdmin.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = (policyCtx) => {
+    return Boolean(policyCtx.state.isAuthenticated);
+};
+//# sourceMappingURL=isAuthenticatedAdmin.js.map

package/dist/server/policies/isAuthenticatedAdmin.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"isAuthenticatedAdmin.js","sourceRoot":"","sources":["../../../server/src/policies/isAuthenticatedAdmin.ts"],"names":[],"mappings":";;AAAA,kBAAe,CAAC,SAAc,EAAE,EAAE;IAChC,OAAO,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;AAClD,CAAC,CAAC"}

package/dist/server/policies/isTelemetryEnabled.d.ts

@@ -0,0 +1,10 @@
+/**
+ * This policy is used for routes dealing with telemetry and analytics content.
+ * It will fails when the telemetry has been disabled on the server.
+ */
+declare const _default: {
+    name: string;
+    validator: (config: unknown) => void;
+    handler: (...args: any[]) => any;
+};
+export default _default;

package/dist/server/policies/isTelemetryEnabled.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const utils_1 = require("@strapi/utils");
+// TODO: TS - Try to make { policy: { createPolicy } } from '@strapi/utils'; work
+const { createPolicy } = utils_1.policy;
+/**
+ * This policy is used for routes dealing with telemetry and analytics content.
+ * It will fails when the telemetry has been disabled on the server.
+ */
+exports.default = createPolicy({
+    name: 'admin::isTelemetryEnabled',
+    handler(_ctx, _config, { strapi }) {
+        if (strapi.telemetry.isDisabled) {
+            return false;
+        }
+    },
+});
+//# sourceMappingURL=isTelemetryEnabled.js.map

package/dist/server/policies/isTelemetryEnabled.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"isTelemetryEnabled.js","sourceRoot":"","sources":["../../../server/src/policies/isTelemetryEnabled.ts"],"names":[],"mappings":";;AAAA,yCAAuC;AAEvC,iFAAiF;AACjF,MAAM,EAAE,YAAY,EAAE,GAAG,cAAM,CAAC;AAEhC;;;GAGG;AACH,kBAAe,YAAY,CAAC;IAC1B,IAAI,EAAE,2BAA2B;IACjC,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE;QAC/B,IAAI,MAAM,CAAC,SAAS,CAAC,UAAU,EAAE;YAC/B,OAAO,KAAK,CAAC;SACd;IACH,CAAC;CACF,CAAC,CAAC"}

package/dist/server/register.d.ts

@@ -0,0 +1,2 @@
+declare const _default: ({ strapi }: any) => void;
+export default _default;

package/dist/server/register.js

@@ -0,0 +1,18 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const serve_admin_panel_1 = __importDefault(require("./routes/serve-admin-panel"));
+const admin_1 = __importDefault(require("./strategies/admin"));
+const api_token_1 = __importDefault(require("./strategies/api-token"));
+exports.default = ({ strapi }) => {
+    const passportMiddleware = strapi.admin.services.passport.init();
+    strapi.server.api('admin').use(passportMiddleware);
+    strapi.container.get('auth').register('admin', admin_1.default);
+    strapi.container.get('auth').register('content-api', api_token_1.default);
+    if (strapi.config.serveAdminPanel) {
+        (0, serve_admin_panel_1.default)({ strapi });
+    }
+};
+//# sourceMappingURL=register.js.map

package/dist/server/register.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.js","sourceRoot":"","sources":["../../server/src/register.ts"],"names":[],"mappings":";;;;;AAAA,mFAAiE;AACjE,+DAAmD;AACnD,uEAA0D;AAE1D,kBAAe,CAAC,EAAE,MAAM,EAAO,EAAE,EAAE;IACjC,MAAM,kBAAkB,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;IAEjE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IACnD,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,EAAE,eAAiB,CAAC,CAAC;IAClE,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,mBAAoB,CAAC,CAAC;IAE3E,IAAI,MAAM,CAAC,MAAM,CAAC,eAAe,EAAE;QACjC,IAAA,2BAAuB,EAAC,EAAE,MAAM,EAAE,CAAC,CAAC;KACrC;AACH,CAAC,CAAC"}