@strapi/admin 4.14.2 → 4.14.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin/src/content-manager/hooks/useRelation/useRelation.js +1 -0
- package/build/{Admin-authenticatedApp.08f32723.chunk.js → Admin-authenticatedApp.a16cdc37.chunk.js} +1 -1
- package/build/{content-manager.0d2b4a60.chunk.js → content-manager.e1e49cc9.chunk.js} +1 -1
- package/build/index.html +1 -1
- package/build/{runtime~main.cec66cd9.js → runtime~main.377a22d0.js} +1 -1
- package/dist/server/admin/server/src/bootstrap.d.ts +2 -0
- package/dist/server/admin/server/src/controllers/admin.d.ts +42 -0
- package/dist/server/admin/server/src/controllers/api-token.d.ts +10 -0
- package/dist/server/admin/server/src/controllers/authenticated-user.d.ts +6 -0
- package/dist/server/admin/server/src/controllers/authentication.d.ts +12 -0
- package/dist/server/admin/server/src/controllers/permission.d.ts +13 -0
- package/dist/server/admin/server/src/controllers/role.d.ts +43 -0
- package/dist/server/admin/server/src/controllers/transfer/token.d.ts +9 -0
- package/dist/server/admin/server/src/controllers/user.d.ts +13 -0
- package/dist/server/admin/server/src/destroy.d.ts +2 -0
- package/dist/server/admin/server/src/domain/condition/index.d.ts +56 -0
- package/dist/server/admin/server/src/domain/condition/index.js +53 -0
- package/dist/server/admin/server/src/domain/condition/index.js.map +1 -0
- package/dist/server/admin/server/src/domain/condition/provider.d.ts +30 -0
- package/dist/server/admin/server/src/domain/condition/provider.js +37 -0
- package/dist/server/admin/server/src/domain/condition/provider.js.map +1 -0
- package/dist/server/admin/server/src/index.d.ts +10 -0
- package/dist/server/admin/server/src/middlewares/data-transfer.d.ts +2 -0
- package/dist/server/admin/server/src/services/action.d.ts +9 -0
- package/dist/server/admin/server/src/services/auth.d.ts +42 -0
- package/dist/server/admin/server/src/services/condition.d.ts +2 -0
- package/dist/server/admin/server/src/services/content-type.d.ts +51 -0
- package/dist/server/admin/server/src/services/index.d.ts +61 -0
- package/dist/server/admin/server/src/services/metrics.d.ts +7 -0
- package/dist/server/admin/server/src/services/permission/engine.d.ts +15 -0
- package/dist/server/admin/server/src/services/permission/queries.d.ts +44 -0
- package/dist/server/admin/server/src/services/permission.d.ts +67 -0
- package/dist/server/admin/server/src/services/role.d.ts +116 -0
- package/dist/server/admin/server/src/services/transfer/token.d.ts +103 -0
- package/dist/server/admin/server/src/services/transfer/utils.d.ts +19 -0
- package/dist/server/admin/server/src/services/user.d.ts +96 -0
- package/dist/server/admin/server/src/strategies/admin.d.ts +25 -0
- package/dist/server/admin/server/src/strategies/api-token.d.ts +60 -0
- package/dist/server/admin/server/src/strategies/data-transfer.d.ts +50 -0
- package/dist/server/admin/server/src/validation/common-validators.d.ts +59 -0
- package/dist/server/admin/server/src/validation/permission.d.ts +9 -0
- package/dist/server/bootstrap.d.ts +2 -0
- package/dist/server/bootstrap.js +84 -0
- package/dist/server/bootstrap.js.map +1 -0
- package/dist/server/config/admin-actions.d.ts +33 -0
- package/dist/server/config/admin-actions.js +219 -0
- package/dist/server/config/admin-actions.js.map +1 -0
- package/dist/server/config/admin-conditions.d.ts +46 -0
- package/dist/server/config/admin-conditions.js +29 -0
- package/dist/server/config/admin-conditions.js.map +1 -0
- package/dist/server/config/email-templates/forgot-password.d.ts +6 -0
- package/dist/server/config/email-templates/forgot-password.js +19 -0
- package/dist/server/config/email-templates/forgot-password.js.map +1 -0
- package/dist/server/config/index.d.ts +17 -0
- package/dist/server/config/index.js +14 -0
- package/dist/server/config/index.js.map +1 -0
- package/dist/server/config/settings.d.ts +7 -0
- package/dist/server/config/settings.js +11 -0
- package/dist/server/config/settings.js.map +1 -0
- package/dist/server/content-types/Permission.d.ts +62 -0
- package/dist/server/content-types/Permission.js +64 -0
- package/dist/server/content-types/Permission.js.map +1 -0
- package/dist/server/content-types/Role.d.ts +57 -0
- package/dist/server/content-types/Role.js +59 -0
- package/dist/server/content-types/Role.js.map +1 -0
- package/dist/server/content-types/User.d.ts +106 -0
- package/dist/server/content-types/User.js +109 -0
- package/dist/server/content-types/User.js.map +1 -0
- package/dist/server/content-types/api-token-permission.d.ts +35 -0
- package/dist/server/content-types/api-token-permission.js +37 -0
- package/dist/server/content-types/api-token-permission.js.map +1 -0
- package/dist/server/content-types/api-token.d.ts +73 -0
- package/dist/server/content-types/api-token.js +79 -0
- package/dist/server/content-types/api-token.js.map +1 -0
- package/dist/server/content-types/index.d.ts +437 -0
- package/dist/server/content-types/index.js +22 -0
- package/dist/server/content-types/index.js.map +1 -0
- package/dist/server/content-types/transfer-token-permission.d.ts +35 -0
- package/dist/server/content-types/transfer-token-permission.js +37 -0
- package/dist/server/content-types/transfer-token-permission.js.map +1 -0
- package/dist/server/content-types/transfer-token.d.ts +65 -0
- package/dist/server/content-types/transfer-token.js +67 -0
- package/dist/server/content-types/transfer-token.js.map +1 -0
- package/dist/server/controllers/admin.d.ts +42 -0
- package/dist/server/controllers/admin.js +131 -0
- package/dist/server/controllers/admin.js.map +1 -0
- package/dist/server/controllers/api-token.d.ts +10 -0
- package/dist/server/controllers/api-token.js +106 -0
- package/dist/server/controllers/api-token.js.map +1 -0
- package/dist/server/controllers/authenticated-user.d.ts +6 -0
- package/dist/server/controllers/authenticated-user.js +41 -0
- package/dist/server/controllers/authenticated-user.js.map +1 -0
- package/dist/server/controllers/authentication.d.ts +12 -0
- package/dist/server/controllers/authentication.js +130 -0
- package/dist/server/controllers/authentication.js.map +1 -0
- package/dist/server/controllers/content-api.d.ts +5 -0
- package/dist/server/controllers/content-api.js +13 -0
- package/dist/server/controllers/content-api.js.map +1 -0
- package/dist/server/controllers/formatters/conditions.d.ts +3 -0
- package/dist/server/controllers/formatters/conditions.js +9 -0
- package/dist/server/controllers/formatters/conditions.js.map +1 -0
- package/dist/server/controllers/formatters/format-actions-by-sections.d.ts +7 -0
- package/dist/server/controllers/formatters/format-actions-by-sections.js +36 -0
- package/dist/server/controllers/formatters/format-actions-by-sections.js.map +1 -0
- package/dist/server/controllers/formatters/index.d.ts +2 -0
- package/dist/server/controllers/formatters/index.js +11 -0
- package/dist/server/controllers/formatters/index.js.map +1 -0
- package/dist/server/controllers/index.d.ts +68 -0
- package/dist/server/controllers/index.js +51 -0
- package/dist/server/controllers/index.js.map +1 -0
- package/dist/server/controllers/permission.d.ts +13 -0
- package/dist/server/controllers/permission.js +38 -0
- package/dist/server/controllers/permission.js.map +1 -0
- package/dist/server/controllers/role.d.ts +43 -0
- package/dist/server/controllers/role.js +148 -0
- package/dist/server/controllers/role.js.map +1 -0
- package/dist/server/controllers/transfer/index.d.ts +4 -0
- package/dist/server/controllers/transfer/index.js +14 -0
- package/dist/server/controllers/transfer/index.js.map +1 -0
- package/dist/server/controllers/transfer/runner.d.ts +6 -0
- package/dist/server/controllers/transfer/runner.js +25 -0
- package/dist/server/controllers/transfer/runner.js.map +1 -0
- package/dist/server/controllers/transfer/token.d.ts +9 -0
- package/dist/server/controllers/transfer/token.js +100 -0
- package/dist/server/controllers/transfer/token.js.map +1 -0
- package/dist/server/controllers/user.d.ts +13 -0
- package/dist/server/controllers/user.js +105 -0
- package/dist/server/controllers/user.js.map +1 -0
- package/dist/server/controllers/webhooks.d.ts +10 -0
- package/dist/server/controllers/webhooks.js +100 -0
- package/dist/server/controllers/webhooks.js.map +1 -0
- package/dist/server/destroy.d.ts +2 -0
- package/dist/server/destroy.js +9 -0
- package/dist/server/destroy.js.map +1 -0
- package/dist/server/domain/action/index.d.ts +33 -0
- package/dist/server/domain/action/index.js +98 -0
- package/dist/server/domain/action/index.js.map +1 -0
- package/dist/server/domain/action/provider.d.ts +38 -0
- package/dist/server/domain/action/provider.js +66 -0
- package/dist/server/domain/action/provider.js.map +1 -0
- package/dist/server/domain/condition/index.d.ts +53 -0
- package/dist/server/domain/condition/index.js +56 -0
- package/dist/server/domain/condition/index.js.map +1 -0
- package/dist/server/domain/condition/provider.d.ts +30 -0
- package/dist/server/domain/condition/provider.js +37 -0
- package/dist/server/domain/condition/provider.js.map +1 -0
- package/dist/server/domain/permission/index.d.ts +77 -0
- package/dist/server/domain/permission/index.js +119 -0
- package/dist/server/domain/permission/index.js.map +1 -0
- package/dist/server/domain/user.d.ts +32 -0
- package/dist/server/domain/user.js +28 -0
- package/dist/server/domain/user.js.map +1 -0
- package/dist/server/index.d.ts +10 -0
- package/dist/server/index.js +27 -0
- package/dist/server/index.js.map +1 -0
- package/dist/server/middlewares/data-transfer.d.ts +2 -0
- package/dist/server/middlewares/data-transfer.js +21 -0
- package/dist/server/middlewares/data-transfer.js.map +1 -0
- package/dist/server/middlewares/index.d.ts +9 -0
- package/dist/server/middlewares/index.js +17 -0
- package/dist/server/middlewares/index.js.map +1 -0
- package/dist/server/middlewares/rateLimit.d.ts +5 -0
- package/dist/server/middlewares/rateLimit.js +42 -0
- package/dist/server/middlewares/rateLimit.js.map +1 -0
- package/dist/server/policies/hasPermissions.d.ts +6 -0
- package/dist/server/policies/hasPermissions.js +38 -0
- package/dist/server/policies/hasPermissions.js.map +1 -0
- package/dist/server/policies/index.d.ts +14 -0
- package/dist/server/policies/index.js +10 -0
- package/dist/server/policies/index.js.map +1 -0
- package/dist/server/policies/isAuthenticatedAdmin.d.ts +2 -0
- package/dist/server/policies/isAuthenticatedAdmin.js +6 -0
- package/dist/server/policies/isAuthenticatedAdmin.js.map +1 -0
- package/dist/server/policies/isTelemetryEnabled.d.ts +10 -0
- package/dist/server/policies/isTelemetryEnabled.js +18 -0
- package/dist/server/policies/isTelemetryEnabled.js.map +1 -0
- package/dist/server/register.d.ts +2 -0
- package/dist/server/register.js +18 -0
- package/dist/server/register.js.map +1 -0
- package/dist/server/routes/admin.d.ts +23 -0
- package/dist/server/routes/admin.js +72 -0
- package/dist/server/routes/admin.js.map +1 -0
- package/dist/server/routes/api-tokens.d.ts +14 -0
- package/dist/server/routes/api-tokens.js +71 -0
- package/dist/server/routes/api-tokens.js.map +1 -0
- package/dist/server/routes/authentication.d.ts +29 -0
- package/dist/server/routes/authentication.js +58 -0
- package/dist/server/routes/authentication.js.map +1 -0
- package/dist/server/routes/content-api.d.ts +9 -0
- package/dist/server/routes/content-api.js +21 -0
- package/dist/server/routes/content-api.js.map +1 -0
- package/dist/server/routes/index.d.ts +66 -0
- package/dist/server/routes/index.js +32 -0
- package/dist/server/routes/index.js.map +1 -0
- package/dist/server/routes/permissions.d.ts +9 -0
- package/dist/server/routes/permissions.js +21 -0
- package/dist/server/routes/permissions.js.map +1 -0
- package/dist/server/routes/roles.d.ts +14 -0
- package/dist/server/routes/roles.js +108 -0
- package/dist/server/routes/roles.js.map +1 -0
- package/dist/server/routes/serve-admin-panel.d.ts +5 -0
- package/dist/server/routes/serve-admin-panel.js +65 -0
- package/dist/server/routes/serve-admin-panel.js.map +1 -0
- package/dist/server/routes/transfer.d.ts +55 -0
- package/dist/server/routes/transfer.js +105 -0
- package/dist/server/routes/transfer.js.map +1 -0
- package/dist/server/routes/users.d.ts +14 -0
- package/dist/server/routes/users.js +89 -0
- package/dist/server/routes/users.js.map +1 -0
- package/dist/server/routes/webhooks.d.ts +14 -0
- package/dist/server/routes/webhooks.js +82 -0
- package/dist/server/routes/webhooks.js.map +1 -0
- package/dist/server/services/action.d.ts +9 -0
- package/dist/server/services/action.js +29 -0
- package/dist/server/services/action.js.map +1 -0
- package/dist/server/services/api-token.d.ts +102 -0
- package/dist/server/services/api-token.js +378 -0
- package/dist/server/services/api-token.js.map +1 -0
- package/dist/server/services/auth.d.ts +42 -0
- package/dist/server/services/auth.js +98 -0
- package/dist/server/services/auth.js.map +1 -0
- package/dist/server/services/condition.d.ts +2 -0
- package/dist/server/services/condition.js +11 -0
- package/dist/server/services/condition.js.map +1 -0
- package/dist/server/services/constants.d.ts +33 -0
- package/dist/server/services/constants.js +37 -0
- package/dist/server/services/constants.js.map +1 -0
- package/dist/server/services/content-type.d.ts +51 -0
- package/dist/server/services/content-type.js +158 -0
- package/dist/server/services/content-type.js.map +1 -0
- package/dist/server/services/index.d.ts +61 -0
- package/dist/server/services/index.js +57 -0
- package/dist/server/services/index.js.map +1 -0
- package/dist/server/services/metrics.d.ts +7 -0
- package/dist/server/services/metrics.js +37 -0
- package/dist/server/services/metrics.js.map +1 -0
- package/dist/server/services/passport/local-strategy.d.ts +3 -0
- package/dist/server/services/passport/local-strategy.js +28 -0
- package/dist/server/services/passport/local-strategy.js.map +1 -0
- package/dist/server/services/passport.d.ts +7 -0
- package/dist/server/services/passport.js +40 -0
- package/dist/server/services/passport.js.map +1 -0
- package/dist/server/services/permission/engine.d.ts +15 -0
- package/dist/server/services/permission/engine.js +67 -0
- package/dist/server/services/permission/engine.js.map +1 -0
- package/dist/server/services/permission/permissions-manager/index.d.ts +16 -0
- package/dist/server/services/permission/permissions-manager/index.js +48 -0
- package/dist/server/services/permission/permissions-manager/index.js.map +1 -0
- package/dist/server/services/permission/permissions-manager/query-builders.d.ts +3 -0
- package/dist/server/services/permission/permissions-manager/query-builders.js +66 -0
- package/dist/server/services/permission/permissions-manager/query-builders.js.map +1 -0
- package/dist/server/services/permission/permissions-manager/sanitize.d.ts +6 -0
- package/dist/server/services/permission/permissions-manager/sanitize.js +184 -0
- package/dist/server/services/permission/permissions-manager/sanitize.js.map +1 -0
- package/dist/server/services/permission/permissions-manager/validate.d.ts +5 -0
- package/dist/server/services/permission/permissions-manager/validate.js +134 -0
- package/dist/server/services/permission/permissions-manager/validate.js.map +1 -0
- package/dist/server/services/permission/queries.d.ts +44 -0
- package/dist/server/services/permission/queries.js +159 -0
- package/dist/server/services/permission/queries.js.map +1 -0
- package/dist/server/services/permission/sections-builder/builder.d.ts +39 -0
- package/dist/server/services/permission/sections-builder/builder.js +75 -0
- package/dist/server/services/permission/sections-builder/builder.js.map +1 -0
- package/dist/server/services/permission/sections-builder/handlers.d.ts +44 -0
- package/dist/server/services/permission/sections-builder/handlers.js +124 -0
- package/dist/server/services/permission/sections-builder/handlers.js.map +1 -0
- package/dist/server/services/permission/sections-builder/index.d.ts +8 -0
- package/dist/server/services/permission/sections-builder/index.js +39 -0
- package/dist/server/services/permission/sections-builder/index.js.map +1 -0
- package/dist/server/services/permission/sections-builder/section.d.ts +38 -0
- package/dist/server/services/permission/sections-builder/section.js +56 -0
- package/dist/server/services/permission/sections-builder/section.js.map +1 -0
- package/dist/server/services/permission/sections-builder/utils.d.ts +12 -0
- package/dist/server/services/permission/sections-builder/utils.js +23 -0
- package/dist/server/services/permission/sections-builder/utils.js.map +1 -0
- package/dist/server/services/permission.d.ts +67 -0
- package/dist/server/services/permission.js +33 -0
- package/dist/server/services/permission.js.map +1 -0
- package/dist/server/services/project-settings.d.ts +5 -0
- package/dist/server/services/project-settings.js +139 -0
- package/dist/server/services/project-settings.js.map +1 -0
- package/dist/server/services/role.d.ts +116 -0
- package/dist/server/services/role.js +382 -0
- package/dist/server/services/role.js.map +1 -0
- package/dist/server/services/token.d.ts +35 -0
- package/dist/server/services/token.js +58 -0
- package/dist/server/services/token.js.map +1 -0
- package/dist/server/services/transfer/index.d.ts +4 -0
- package/dist/server/services/transfer/index.js +33 -0
- package/dist/server/services/transfer/index.js.map +1 -0
- package/dist/server/services/transfer/permission.d.ts +6 -0
- package/dist/server/services/transfer/permission.js +20 -0
- package/dist/server/services/transfer/permission.js.map +1 -0
- package/dist/server/services/transfer/token.d.ts +84 -0
- package/dist/server/services/transfer/token.js +273 -0
- package/dist/server/services/transfer/token.js.map +1 -0
- package/dist/server/services/transfer/utils.d.ts +13 -0
- package/dist/server/services/transfer/utils.js +29 -0
- package/dist/server/services/transfer/utils.js.map +1 -0
- package/dist/server/services/user.d.ts +96 -0
- package/dist/server/services/user.js +311 -0
- package/dist/server/services/user.js.map +1 -0
- package/dist/server/strategies/admin.d.ts +25 -0
- package/dist/server/strategies/admin.js +44 -0
- package/dist/server/strategies/admin.js.map +1 -0
- package/dist/server/strategies/api-token.d.ts +60 -0
- package/dist/server/strategies/api-token.js +121 -0
- package/dist/server/strategies/api-token.js.map +1 -0
- package/dist/server/strategies/data-transfer.d.ts +66 -0
- package/dist/server/strategies/data-transfer.js +94 -0
- package/dist/server/strategies/data-transfer.js.map +1 -0
- package/dist/server/strategies/index.d.ts +17 -0
- package/dist/server/strategies/index.js +27 -0
- package/dist/server/strategies/index.js.map +1 -0
- package/dist/server/types/src/types/utils/object.d.ts +58 -0
- package/dist/server/types/src/types/utils/object.js +3 -0
- package/dist/server/types/src/types/utils/object.js.map +1 -0
- package/dist/server/utils/index.d.ts +1 -0
- package/dist/server/utils/index.js +9 -0
- package/dist/server/utils/index.js.map +1 -0
- package/dist/server/utils/types.d.ts +14 -0
- package/dist/server/utils/types.js +3 -0
- package/dist/server/utils/types.js.map +1 -0
- package/dist/server/validation/action-provider.d.ts +5 -0
- package/dist/server/validation/action-provider.js +58 -0
- package/dist/server/validation/action-provider.js.map +1 -0
- package/dist/server/validation/api-tokens.d.ts +7 -0
- package/dist/server/validation/api-tokens.js +36 -0
- package/dist/server/validation/api-tokens.js.map +1 -0
- package/dist/server/validation/authentication/forgot-password.d.ts +2 -0
- package/dist/server/validation/authentication/forgot-password.js +16 -0
- package/dist/server/validation/authentication/forgot-password.js.map +1 -0
- package/dist/server/validation/authentication/index.d.ts +5 -0
- package/dist/server/validation/authentication/index.js +17 -0
- package/dist/server/validation/authentication/index.js.map +1 -0
- package/dist/server/validation/authentication/register.d.ts +9 -0
- package/dist/server/validation/authentication/register.js +49 -0
- package/dist/server/validation/authentication/register.js.map +1 -0
- package/dist/server/validation/authentication/renew-token.d.ts +2 -0
- package/dist/server/validation/authentication/renew-token.js +6 -0
- package/dist/server/validation/authentication/renew-token.js.map +1 -0
- package/dist/server/validation/authentication/reset-password.d.ts +2 -0
- package/dist/server/validation/authentication/reset-password.js +17 -0
- package/dist/server/validation/authentication/reset-password.js.map +1 -0
- package/dist/server/validation/common-functions/check-fields-are-correctly-nested.d.ts +2 -0
- package/dist/server/validation/common-functions/check-fields-are-correctly-nested.js +26 -0
- package/dist/server/validation/common-functions/check-fields-are-correctly-nested.js.map +1 -0
- package/dist/server/validation/common-functions/check-fields-dont-have-duplicates.d.ts +2 -0
- package/dist/server/validation/common-functions/check-fields-dont-have-duplicates.js +18 -0
- package/dist/server/validation/common-functions/check-fields-dont-have-duplicates.js.map +1 -0
- package/dist/server/validation/common-functions/index.d.ts +3 -0
- package/dist/server/validation/common-functions/index.js +11 -0
- package/dist/server/validation/common-functions/index.js.map +1 -0
- package/dist/server/validation/common-validators.d.ts +59 -0
- package/dist/server/validation/common-validators.js +162 -0
- package/dist/server/validation/common-validators.js.map +1 -0
- package/dist/server/validation/permission.d.ts +9 -0
- package/dist/server/validation/permission.js +46 -0
- package/dist/server/validation/permission.js.map +1 -0
- package/dist/server/validation/policies/hasPermissions.d.ts +5 -0
- package/dist/server/validation/policies/hasPermissions.js +29 -0
- package/dist/server/validation/policies/hasPermissions.js.map +1 -0
- package/dist/server/validation/project-settings.d.ts +9 -0
- package/dist/server/validation/project-settings.js +44 -0
- package/dist/server/validation/project-settings.js.map +1 -0
- package/dist/server/validation/role.d.ts +11 -0
- package/dist/server/validation/role.js +62 -0
- package/dist/server/validation/role.js.map +1 -0
- package/dist/server/validation/transfer/index.d.ts +1 -0
- package/dist/server/validation/transfer/index.js +9 -0
- package/dist/server/validation/transfer/index.js.map +1 -0
- package/dist/server/validation/transfer/token.d.ts +7 -0
- package/dist/server/validation/transfer/token.js +46 -0
- package/dist/server/validation/transfer/token.js.map +1 -0
- package/dist/server/validation/user.d.ts +117 -0
- package/dist/server/validation/user.js +69 -0
- package/dist/server/validation/user.js.map +1 -0
- package/package.json +9 -9
|
@@ -0,0 +1,378 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getBy = exports.getByName = exports.update = exports.getById = exports.revoke = exports.list = exports.hash = exports.checkSaltIsDefined = exports.exists = exports.regenerate = exports.create = void 0;
|
|
7
|
+
const crypto_1 = __importDefault(require("crypto"));
|
|
8
|
+
const fp_1 = require("lodash/fp");
|
|
9
|
+
const utils_1 = require("@strapi/utils");
|
|
10
|
+
const constants_1 = __importDefault(require("./constants"));
|
|
11
|
+
const { ValidationError, NotFoundError } = utils_1.errors;
|
|
12
|
+
/**
|
|
13
|
+
* @typedef {'read-only'|'full-access'|'custom'} TokenType
|
|
14
|
+
*/
|
|
15
|
+
/**
|
|
16
|
+
* @typedef ApiToken
|
|
17
|
+
*
|
|
18
|
+
* @property {number|string} id
|
|
19
|
+
* @property {string} name
|
|
20
|
+
* @property {string} description
|
|
21
|
+
* @property {string} accessKey
|
|
22
|
+
* @property {number} lastUsedAt
|
|
23
|
+
* @property {number} lifespan
|
|
24
|
+
* @property {number} expiresAt
|
|
25
|
+
* @property {TokenType} type
|
|
26
|
+
* @property {(number|ApiTokenPermission)[]} permissions
|
|
27
|
+
*/
|
|
28
|
+
/**
|
|
29
|
+
* @typedef ApiTokenPermission
|
|
30
|
+
*
|
|
31
|
+
* @property {number|string} id
|
|
32
|
+
* @property {string} action
|
|
33
|
+
* @property {ApiToken|number} token
|
|
34
|
+
*/
|
|
35
|
+
/** @constant {Array<string>} */
|
|
36
|
+
const SELECT_FIELDS = [
|
|
37
|
+
'id',
|
|
38
|
+
'name',
|
|
39
|
+
'description',
|
|
40
|
+
'lastUsedAt',
|
|
41
|
+
'type',
|
|
42
|
+
'lifespan',
|
|
43
|
+
'expiresAt',
|
|
44
|
+
'createdAt',
|
|
45
|
+
'updatedAt',
|
|
46
|
+
];
|
|
47
|
+
/** @constant {Array<string>} */
|
|
48
|
+
const POPULATE_FIELDS = ['permissions'];
|
|
49
|
+
// TODO: we need to ensure the permissions are actually valid registered permissions!
|
|
50
|
+
/**
|
|
51
|
+
* Assert that a token's permissions attribute is valid for its type
|
|
52
|
+
*
|
|
53
|
+
* @param {ApiToken} token
|
|
54
|
+
*/
|
|
55
|
+
const assertCustomTokenPermissionsValidity = (attributes) => {
|
|
56
|
+
// Ensure non-custom tokens doesn't have permissions
|
|
57
|
+
if (attributes.type !== constants_1.default.API_TOKEN_TYPE.CUSTOM && !(0, fp_1.isEmpty)(attributes.permissions)) {
|
|
58
|
+
throw new ValidationError('Non-custom tokens should not reference permissions');
|
|
59
|
+
}
|
|
60
|
+
// Custom type tokens should always have permissions attached to them
|
|
61
|
+
if (attributes.type === constants_1.default.API_TOKEN_TYPE.CUSTOM && !(0, fp_1.isArray)(attributes.permissions)) {
|
|
62
|
+
throw new ValidationError('Missing permissions attribute for custom token');
|
|
63
|
+
}
|
|
64
|
+
// Permissions provided for a custom type token should be valid/registered permissions UID
|
|
65
|
+
if (attributes.type === constants_1.default.API_TOKEN_TYPE.CUSTOM) {
|
|
66
|
+
const validPermissions = strapi.contentAPI.permissions.providers.action.keys();
|
|
67
|
+
const invalidPermissions = (0, fp_1.difference)(attributes.permissions, validPermissions);
|
|
68
|
+
if (!(0, fp_1.isEmpty)(invalidPermissions)) {
|
|
69
|
+
throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
};
|
|
73
|
+
/**
|
|
74
|
+
* Assert that a token's lifespan is valid
|
|
75
|
+
*
|
|
76
|
+
* @param {ApiToken} token
|
|
77
|
+
*/
|
|
78
|
+
const assertValidLifespan = ({ lifespan }) => {
|
|
79
|
+
if ((0, fp_1.isNil)(lifespan)) {
|
|
80
|
+
return;
|
|
81
|
+
}
|
|
82
|
+
if (!Object.values(constants_1.default.API_TOKEN_LIFESPANS).includes(lifespan)) {
|
|
83
|
+
throw new ValidationError(`lifespan must be one of the following values:
|
|
84
|
+
${Object.values(constants_1.default.API_TOKEN_LIFESPANS).join(', ')}`);
|
|
85
|
+
}
|
|
86
|
+
};
|
|
87
|
+
/**
|
|
88
|
+
* Flatten a token's database permissions objects to an array of strings
|
|
89
|
+
*
|
|
90
|
+
* @param {ApiToken} token
|
|
91
|
+
*
|
|
92
|
+
* @returns {ApiToken}
|
|
93
|
+
*/
|
|
94
|
+
const flattenTokenPermissions = (token) => {
|
|
95
|
+
if (!token)
|
|
96
|
+
return token;
|
|
97
|
+
return {
|
|
98
|
+
...token,
|
|
99
|
+
permissions: (0, fp_1.isArray)(token.permissions) ? (0, fp_1.map)('action', token.permissions) : token.permissions,
|
|
100
|
+
};
|
|
101
|
+
};
|
|
102
|
+
/**
|
|
103
|
+
* Get a token
|
|
104
|
+
*
|
|
105
|
+
* @param {Object} whereParams
|
|
106
|
+
* @param {string|number} whereParams.id
|
|
107
|
+
* @param {string} whereParams.name
|
|
108
|
+
* @param {number} whereParams.lastUsedAt
|
|
109
|
+
* @param {string} whereParams.description
|
|
110
|
+
* @param {string} whereParams.accessKey
|
|
111
|
+
*
|
|
112
|
+
* @returns {Promise<Omit<ApiToken, 'accessKey'> | null>}
|
|
113
|
+
*/
|
|
114
|
+
const getBy = async (whereParams = {}) => {
|
|
115
|
+
if (Object.keys(whereParams).length === 0) {
|
|
116
|
+
return null;
|
|
117
|
+
}
|
|
118
|
+
const token = await strapi
|
|
119
|
+
.query('admin::api-token')
|
|
120
|
+
.findOne({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: whereParams });
|
|
121
|
+
if (!token)
|
|
122
|
+
return token;
|
|
123
|
+
return flattenTokenPermissions(token);
|
|
124
|
+
};
|
|
125
|
+
exports.getBy = getBy;
|
|
126
|
+
/**
|
|
127
|
+
* Check if token exists
|
|
128
|
+
*
|
|
129
|
+
* @param {Object} whereParams
|
|
130
|
+
* @param {string|number} whereParams.id
|
|
131
|
+
* @param {string} whereParams.name
|
|
132
|
+
* @param {number} whereParams.lastUsedAt
|
|
133
|
+
* @param {string} whereParams.description
|
|
134
|
+
* @param {string} whereParams.accessKey
|
|
135
|
+
*
|
|
136
|
+
* @returns {Promise<boolean>}
|
|
137
|
+
*/
|
|
138
|
+
const exists = async (whereParams = {}) => {
|
|
139
|
+
const apiToken = await getBy(whereParams);
|
|
140
|
+
return !!apiToken;
|
|
141
|
+
};
|
|
142
|
+
exports.exists = exists;
|
|
143
|
+
/**
|
|
144
|
+
* Return a secure sha512 hash of an accessKey
|
|
145
|
+
*
|
|
146
|
+
* @param {string} accessKey
|
|
147
|
+
*
|
|
148
|
+
* @returns {string}
|
|
149
|
+
*/
|
|
150
|
+
const hash = (accessKey) => {
|
|
151
|
+
return crypto_1.default
|
|
152
|
+
.createHmac('sha512', strapi.config.get('admin.apiToken.salt'))
|
|
153
|
+
.update(accessKey)
|
|
154
|
+
.digest('hex');
|
|
155
|
+
};
|
|
156
|
+
exports.hash = hash;
|
|
157
|
+
/**
|
|
158
|
+
* @param {number} lifespan
|
|
159
|
+
*
|
|
160
|
+
* @returns { { lifespan: null | number, expiresAt: null | number } }
|
|
161
|
+
*/
|
|
162
|
+
const getExpirationFields = (lifespan) => {
|
|
163
|
+
// it must be nil or a finite number >= 0
|
|
164
|
+
const isValidNumber = Number.isFinite(lifespan) && lifespan > 0;
|
|
165
|
+
if (!isValidNumber && !(0, fp_1.isNil)(lifespan)) {
|
|
166
|
+
throw new ValidationError('lifespan must be a positive number or null');
|
|
167
|
+
}
|
|
168
|
+
return {
|
|
169
|
+
lifespan: lifespan || null,
|
|
170
|
+
expiresAt: lifespan ? Date.now() + lifespan : null,
|
|
171
|
+
};
|
|
172
|
+
};
|
|
173
|
+
/**
|
|
174
|
+
* Create a token and its permissions
|
|
175
|
+
*
|
|
176
|
+
* @param {Object} attributes
|
|
177
|
+
* @param {TokenType} attributes.type
|
|
178
|
+
* @param {string} attributes.name
|
|
179
|
+
* @param {number} attributes.lifespan
|
|
180
|
+
* @param {string[]} attributes.permissions
|
|
181
|
+
* @param {string} attributes.description
|
|
182
|
+
*
|
|
183
|
+
* @returns {Promise<ApiToken>}
|
|
184
|
+
*/
|
|
185
|
+
const create = async (attributes) => {
|
|
186
|
+
const accessKey = crypto_1.default.randomBytes(128).toString('hex');
|
|
187
|
+
assertCustomTokenPermissionsValidity(attributes);
|
|
188
|
+
assertValidLifespan(attributes);
|
|
189
|
+
// Create the token
|
|
190
|
+
const apiToken = await strapi.query('admin::api-token').create({
|
|
191
|
+
select: SELECT_FIELDS,
|
|
192
|
+
populate: POPULATE_FIELDS,
|
|
193
|
+
data: {
|
|
194
|
+
...(0, fp_1.omit)('permissions', attributes),
|
|
195
|
+
accessKey: hash(accessKey),
|
|
196
|
+
...getExpirationFields(attributes.lifespan),
|
|
197
|
+
},
|
|
198
|
+
});
|
|
199
|
+
const result = { ...apiToken, accessKey };
|
|
200
|
+
// If this is a custom type token, create and the related permissions
|
|
201
|
+
if (attributes.type === constants_1.default.API_TOKEN_TYPE.CUSTOM) {
|
|
202
|
+
// TODO: createMany doesn't seem to create relation properly, implement a better way rather than a ton of queries
|
|
203
|
+
// const permissionsCount = await strapi.query('admin::api-token-permission').createMany({
|
|
204
|
+
// populate: POPULATE_FIELDS,
|
|
205
|
+
// data: attributes.permissions.map(action => ({ action, token: apiToken })),
|
|
206
|
+
// });
|
|
207
|
+
await Promise.all((0, fp_1.uniq)(attributes.permissions).map((action) => strapi.query('admin::api-token-permission').create({
|
|
208
|
+
data: { action, token: apiToken },
|
|
209
|
+
})));
|
|
210
|
+
const currentPermissions = await strapi.entityService.load('admin::api-token', apiToken, 'permissions');
|
|
211
|
+
if (currentPermissions) {
|
|
212
|
+
Object.assign(result, { permissions: (0, fp_1.map)('action', currentPermissions) });
|
|
213
|
+
}
|
|
214
|
+
}
|
|
215
|
+
return result;
|
|
216
|
+
};
|
|
217
|
+
exports.create = create;
|
|
218
|
+
/**
|
|
219
|
+
* @param {string|number} id
|
|
220
|
+
*
|
|
221
|
+
* @returns {Promise<ApiToken>}
|
|
222
|
+
*/
|
|
223
|
+
const regenerate = async (id) => {
|
|
224
|
+
const accessKey = crypto_1.default.randomBytes(128).toString('hex');
|
|
225
|
+
const apiToken = await strapi.query('admin::api-token').update({
|
|
226
|
+
select: ['id', 'accessKey'],
|
|
227
|
+
where: { id },
|
|
228
|
+
data: {
|
|
229
|
+
accessKey: hash(accessKey),
|
|
230
|
+
},
|
|
231
|
+
});
|
|
232
|
+
if (!apiToken) {
|
|
233
|
+
throw new NotFoundError('The provided token id does not exist');
|
|
234
|
+
}
|
|
235
|
+
return {
|
|
236
|
+
...apiToken,
|
|
237
|
+
accessKey,
|
|
238
|
+
};
|
|
239
|
+
};
|
|
240
|
+
exports.regenerate = regenerate;
|
|
241
|
+
/**
|
|
242
|
+
* @returns {void}
|
|
243
|
+
*/
|
|
244
|
+
const checkSaltIsDefined = () => {
|
|
245
|
+
if (!strapi.config.get('admin.apiToken.salt')) {
|
|
246
|
+
// TODO V5: stop reading API_TOKEN_SALT
|
|
247
|
+
if (process.env.API_TOKEN_SALT) {
|
|
248
|
+
process.emitWarning(`[deprecated] In future versions, Strapi will stop reading directly from the environment variable API_TOKEN_SALT. Please set apiToken.salt in config/admin.js instead.
|
|
249
|
+
For security reasons, keep storing the secret in an environment variable and use env() to read it in config/admin.js (ex: \`apiToken: { salt: env('API_TOKEN_SALT') }\`). See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);
|
|
250
|
+
strapi.config.set('admin.apiToken.salt', process.env.API_TOKEN_SALT);
|
|
251
|
+
}
|
|
252
|
+
else {
|
|
253
|
+
throw new Error(`Missing apiToken.salt. Please set apiToken.salt in config/admin.js (ex: you can generate one using Node with \`crypto.randomBytes(16).toString('base64')\`).
|
|
254
|
+
For security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);
|
|
255
|
+
}
|
|
256
|
+
}
|
|
257
|
+
};
|
|
258
|
+
exports.checkSaltIsDefined = checkSaltIsDefined;
|
|
259
|
+
/**
|
|
260
|
+
* Return a list of all tokens and their permissions
|
|
261
|
+
*
|
|
262
|
+
* @returns {Promise<Omit<ApiToken, 'accessKey'>>}
|
|
263
|
+
*/
|
|
264
|
+
const list = async () => {
|
|
265
|
+
const tokens = await strapi.query('admin::api-token').findMany({
|
|
266
|
+
select: SELECT_FIELDS,
|
|
267
|
+
populate: POPULATE_FIELDS,
|
|
268
|
+
orderBy: { name: 'ASC' },
|
|
269
|
+
});
|
|
270
|
+
if (!tokens)
|
|
271
|
+
return tokens;
|
|
272
|
+
return tokens.map((token) => flattenTokenPermissions(token));
|
|
273
|
+
};
|
|
274
|
+
exports.list = list;
|
|
275
|
+
/**
|
|
276
|
+
* Revoke (delete) a token
|
|
277
|
+
*
|
|
278
|
+
* @param {string|number} id
|
|
279
|
+
*
|
|
280
|
+
* @returns {Promise<Omit<ApiToken, 'accessKey'>>}
|
|
281
|
+
*/
|
|
282
|
+
const revoke = async (id) => {
|
|
283
|
+
return strapi
|
|
284
|
+
.query('admin::api-token')
|
|
285
|
+
.delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } });
|
|
286
|
+
};
|
|
287
|
+
exports.revoke = revoke;
|
|
288
|
+
/**
|
|
289
|
+
* Retrieve a token by id
|
|
290
|
+
*
|
|
291
|
+
* @param {string|number} id
|
|
292
|
+
*
|
|
293
|
+
* @returns {Promise<Omit<ApiToken, 'accessKey'>>}
|
|
294
|
+
*/
|
|
295
|
+
const getById = async (id) => {
|
|
296
|
+
return getBy({ id });
|
|
297
|
+
};
|
|
298
|
+
exports.getById = getById;
|
|
299
|
+
/**
|
|
300
|
+
* Retrieve a token by name
|
|
301
|
+
*
|
|
302
|
+
* @param {string} name
|
|
303
|
+
*
|
|
304
|
+
* @returns {Promise<Omit<ApiToken, 'accessKey'>>}
|
|
305
|
+
*/
|
|
306
|
+
const getByName = async (name) => {
|
|
307
|
+
return getBy({ name });
|
|
308
|
+
};
|
|
309
|
+
exports.getByName = getByName;
|
|
310
|
+
/**
|
|
311
|
+
* Update a token and its permissions
|
|
312
|
+
*
|
|
313
|
+
* @param {string|number} id
|
|
314
|
+
* @param {Object} attributes
|
|
315
|
+
* @param {TokenType} attributes.type
|
|
316
|
+
* @param {string} attributes.name
|
|
317
|
+
* @param {number} attributes.lastUsedAt
|
|
318
|
+
* @param {string[]} attributes.permissions
|
|
319
|
+
* @param {string} attributes.description
|
|
320
|
+
*
|
|
321
|
+
* @returns {Promise<Omit<ApiToken, 'accessKey'>>}
|
|
322
|
+
*/
|
|
323
|
+
const update = async (id, attributes) => {
|
|
324
|
+
// retrieve token without permissions
|
|
325
|
+
const originalToken = await strapi.query('admin::api-token').findOne({ where: { id } });
|
|
326
|
+
if (!originalToken) {
|
|
327
|
+
throw new NotFoundError('Token not found');
|
|
328
|
+
}
|
|
329
|
+
const changingTypeToCustom = attributes.type === constants_1.default.API_TOKEN_TYPE.CUSTOM &&
|
|
330
|
+
originalToken.type !== constants_1.default.API_TOKEN_TYPE.CUSTOM;
|
|
331
|
+
// if we're updating the permissions on any token type, or changing from non-custom to custom, ensure they're still valid
|
|
332
|
+
// if neither type nor permissions are changing, we don't need to validate again or else we can't allow partial update
|
|
333
|
+
if (attributes.permissions || changingTypeToCustom) {
|
|
334
|
+
assertCustomTokenPermissionsValidity({
|
|
335
|
+
...originalToken,
|
|
336
|
+
...attributes,
|
|
337
|
+
type: attributes.type || originalToken.type,
|
|
338
|
+
});
|
|
339
|
+
}
|
|
340
|
+
assertValidLifespan(attributes);
|
|
341
|
+
const updatedToken = await strapi.query('admin::api-token').update({
|
|
342
|
+
select: SELECT_FIELDS,
|
|
343
|
+
where: { id },
|
|
344
|
+
data: (0, fp_1.omit)('permissions', attributes),
|
|
345
|
+
});
|
|
346
|
+
// custom tokens need to have their permissions updated as well
|
|
347
|
+
if (updatedToken.type === constants_1.default.API_TOKEN_TYPE.CUSTOM && attributes.permissions) {
|
|
348
|
+
const currentPermissionsResult = await strapi.entityService.load('admin::api-token', updatedToken, 'permissions');
|
|
349
|
+
const currentPermissions = (0, fp_1.map)('action', currentPermissionsResult || []);
|
|
350
|
+
const newPermissions = (0, fp_1.uniq)(attributes.permissions);
|
|
351
|
+
const actionsToDelete = (0, fp_1.difference)(currentPermissions, newPermissions);
|
|
352
|
+
const actionsToAdd = (0, fp_1.difference)(newPermissions, currentPermissions);
|
|
353
|
+
// TODO: improve efficiency here
|
|
354
|
+
// method using a loop -- works but very inefficient
|
|
355
|
+
await Promise.all(actionsToDelete.map((action) => strapi.query('admin::api-token-permission').delete({
|
|
356
|
+
where: { action, token: id },
|
|
357
|
+
})));
|
|
358
|
+
// TODO: improve efficiency here
|
|
359
|
+
// using a loop -- works but very inefficient
|
|
360
|
+
await Promise.all(actionsToAdd.map((action) => strapi.query('admin::api-token-permission').create({
|
|
361
|
+
data: { action, token: id },
|
|
362
|
+
})));
|
|
363
|
+
}
|
|
364
|
+
// if type is not custom, make sure any old permissions get removed
|
|
365
|
+
else if (updatedToken.type !== constants_1.default.API_TOKEN_TYPE.CUSTOM) {
|
|
366
|
+
await strapi.query('admin::api-token-permission').delete({
|
|
367
|
+
where: { token: id },
|
|
368
|
+
});
|
|
369
|
+
}
|
|
370
|
+
// retrieve permissions
|
|
371
|
+
const permissionsFromDb = await strapi.entityService.load('admin::api-token', updatedToken, 'permissions');
|
|
372
|
+
return {
|
|
373
|
+
...updatedToken,
|
|
374
|
+
permissions: permissionsFromDb ? permissionsFromDb.map((p) => p.action) : undefined,
|
|
375
|
+
};
|
|
376
|
+
};
|
|
377
|
+
exports.update = update;
|
|
378
|
+
//# sourceMappingURL=api-token.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"api-token.js","sourceRoot":"","sources":["../../../server/src/services/api-token.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA4B;AAC5B,kCAAiF;AACjF,yCAAuC;AACvC,4DAAoC;AAEpC,MAAM,EAAE,eAAe,EAAE,aAAa,EAAE,GAAG,cAAM,CAAC;AAElD;;GAEG;AAEH;;;;;;;;;;;;GAYG;AAEH;;;;;;GAMG;AAEH,gCAAgC;AAChC,MAAM,aAAa,GAAG;IACpB,IAAI;IACJ,MAAM;IACN,aAAa;IACb,YAAY;IACZ,MAAM;IACN,UAAU;IACV,WAAW;IACX,WAAW;IACX,WAAW;CACZ,CAAC;AAEF,gCAAgC;AAChC,MAAM,eAAe,GAAG,CAAC,aAAa,CAAC,CAAC;AAExC,qFAAqF;AAErF;;;;GAIG;AACH,MAAM,oCAAoC,GAAG,CAAC,UAAe,EAAE,EAAE;IAC/D,oDAAoD;IACpD,IAAI,UAAU,CAAC,IAAI,KAAK,mBAAS,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,IAAA,YAAO,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE;QAC3F,MAAM,IAAI,eAAe,CAAC,oDAAoD,CAAC,CAAC;KACjF;IAED,qEAAqE;IACrE,IAAI,UAAU,CAAC,IAAI,KAAK,mBAAS,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,IAAA,YAAO,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE;QAC3F,MAAM,IAAI,eAAe,CAAC,gDAAgD,CAAC,CAAC;KAC7E;IAED,0FAA0F;IAC1F,IAAI,UAAU,CAAC,IAAI,KAAK,mBAAS,CAAC,cAAc,CAAC,MAAM,EAAE;QACvD,MAAM,gBAAgB,GAAG,MAAM,CAAC,UAAU,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAC/E,MAAM,kBAAkB,GAAG,IAAA,eAAU,EAAC,UAAU,CAAC,WAAW,EAAE,gBAAgB,CAAQ,CAAC;QAEvF,IAAI,CAAC,IAAA,YAAO,EAAC,kBAAkB,CAAC,EAAE;YAChC,MAAM,IAAI,eAAe,CAAC,iCAAiC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;SAC7F;KACF;AACH,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,mBAAmB,GAAG,CAAC,EAAE,QAAQ,EAAO,EAAE,EAAE;IAChD,IAAI,IAAA,UAAK,EAAC,QAAQ,CAAC,EAAE;QACnB,OAAO;KACR;IAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,mBAAS,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;QACpE,MAAM,IAAI,eAAe,CACvB;QACE,MAAM,CAAC,MAAM,CAAC,mBAAS,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC5D,CAAC;KACH;AACH,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,uBAAuB,GAAG,CAAC,KAAU,EAAE,EAAE;IAC7C,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,OAAO;QACL,GAAG,KAAK;QACR,WAAW,EAAE,IAAA,YAAO,EAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAA,QAAG,EAAC,QAAQ,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW;KAC/F,CAAC;AACJ,CAAC,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,KAAK,GAAG,KAAK,EAAE,WAAW,GAAG,EAAE,EAAE,EAAE;IACvC,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;QACzC,OAAO,IAAI,CAAC;KACb;IAED,MAAM,KAAK,GAAG,MAAM,MAAM;SACvB,KAAK,CAAC,kBAAkB,CAAC;SACzB,OAAO,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;IAErF,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,OAAO,uBAAuB,CAAC,KAAK,CAAC,CAAC;AACxC,CAAC,CAAC;AA6TA,sBAAK;AA3TP;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,WAAW,GAAG,EAAE,EAAE,EAAE;IACxC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;IAE1C,OAAO,CAAC,CAAC,QAAQ,CAAC;AACpB,CAAC,CAAC;AAmSA,wBAAM;AAjSR;;;;;;GAMG;AACH,MAAM,IAAI,GAAG,CAAC,SAAiB,EAAE,EAAE;IACjC,OAAO,gBAAM;SACV,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;SAC9D,MAAM,CAAC,SAAS,CAAC;SACjB,MAAM,CAAC,KAAK,CAAC,CAAC;AACnB,CAAC,CAAC;AAuRA,oBAAI;AArRN;;;;GAIG;AACH,MAAM,mBAAmB,GAAG,CAAC,QAAa,EAAE,EAAE;IAC5C,yCAAyC;IACzC,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,GAAG,CAAC,CAAC;IAChE,IAAI,CAAC,aAAa,IAAI,CAAC,IAAA,UAAK,EAAC,QAAQ,CAAC,EAAE;QACtC,MAAM,IAAI,eAAe,CAAC,4CAA4C,CAAC,CAAC;KACzE;IAED,OAAO;QACL,QAAQ,EAAE,QAAQ,IAAI,IAAI;QAC1B,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI;KACnD,CAAC;AACJ,CAAC,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,UAAe,EAAE,EAAE;IACvC,MAAM,SAAS,GAAG,gBAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE1D,oCAAoC,CAAC,UAAU,CAAC,CAAC;IACjD,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAEhC,mBAAmB;IACnB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;QAC7D,MAAM,EAAE,aAAa;QACrB,QAAQ,EAAE,eAAe;QACzB,IAAI,EAAE;YACJ,GAAG,IAAA,SAAI,EAAC,aAAa,EAAE,UAAU,CAAC;YAClC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC;YAC1B,GAAG,mBAAmB,CAAC,UAAU,CAAC,QAAQ,CAAC;SAC5C;KACF,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,EAAE,GAAG,QAAQ,EAAE,SAAS,EAAE,CAAC;IAE1C,qEAAqE;IACrE,IAAI,UAAU,CAAC,IAAI,KAAK,mBAAS,CAAC,cAAc,CAAC,MAAM,EAAE;QACvD,iHAAiH;QACjH,0FAA0F;QAC1F,+BAA+B;QAC/B,+EAA+E;QAC/E,MAAM;QACN,MAAM,OAAO,CAAC,GAAG,CACf,IAAA,SAAI,EAAC,UAAU,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAC1C,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC,MAAM,CAAC;YACjD,IAAI,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE;SAClC,CAAC,CACH,CACF,CAAC;QAEF,MAAM,kBAAkB,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,IAAI,CACxD,kBAAkB,EAClB,QAAQ,EACR,aAAa,CACd,CAAC;QAEF,IAAI,kBAAkB,EAAE;YACtB,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,IAAA,QAAG,EAAC,QAAQ,EAAE,kBAAkB,CAAC,EAAE,CAAC,CAAC;SAC3E;KACF;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAqMA,wBAAM;AAnMR;;;;GAIG;AACH,MAAM,UAAU,GAAG,KAAK,EAAE,EAAO,EAAE,EAAE;IACnC,MAAM,SAAS,GAAG,gBAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE1D,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;QAC7D,MAAM,EAAE,CAAC,IAAI,EAAE,WAAW,CAAC;QAC3B,KAAK,EAAE,EAAE,EAAE,EAAE;QACb,IAAI,EAAE;YACJ,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC;SAC3B;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,aAAa,CAAC,sCAAsC,CAAC,CAAC;KACjE;IAED,OAAO;QACL,GAAG,QAAQ;QACX,SAAS;KACV,CAAC;AACJ,CAAC,CAAC;AA4KA,gCAAU;AA1KZ;;GAEG;AACH,MAAM,kBAAkB,GAAG,GAAG,EAAE;IAC9B,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,qBAAqB,CAAC,EAAE;QAC7C,uCAAuC;QACvC,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE;YAC9B,OAAO,CAAC,WAAW,CAAC;uUAC6S,CAAC,CAAC;YAEnU,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,qBAAqB,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;SACtE;aAAM;YACL,MAAM,IAAI,KAAK,CACb;wQACgQ,CACjQ,CAAC;SACH;KACF;AACH,CAAC,CAAC;AA0JA,gDAAkB;AAxJpB;;;;GAIG;AACH,MAAM,IAAI,GAAG,KAAK,IAAI,EAAE;IACtB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,QAAQ,CAAC;QAC7D,MAAM,EAAE,aAAa;QACrB,QAAQ,EAAE,eAAe;QACzB,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;KACzB,CAAC,CAAC;IAEH,IAAI,CAAC,MAAM;QAAE,OAAO,MAAM,CAAC;IAC3B,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC,CAAC;AAC/D,CAAC,CAAC;AA4IA,oBAAI;AA1IN;;;;;;GAMG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,EAAO,EAAE,EAAE;IAC/B,OAAO,MAAM;SACV,KAAK,CAAC,kBAAkB,CAAC;SACzB,MAAM,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;AACjF,CAAC,CAAC;AAgIA,wBAAM;AA9HR;;;;;;GAMG;AACH,MAAM,OAAO,GAAG,KAAK,EAAE,EAAO,EAAE,EAAE;IAChC,OAAO,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AACvB,CAAC,CAAC;AAsHA,0BAAO;AApHT;;;;;;GAMG;AACH,MAAM,SAAS,GAAG,KAAK,EAAE,IAAS,EAAE,EAAE;IACpC,OAAO,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;AACzB,CAAC,CAAC;AA6GA,8BAAS;AA3GX;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,EAAO,EAAE,UAAe,EAAE,EAAE;IAChD,qCAAqC;IACrC,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAExF,IAAI,CAAC,aAAa,EAAE;QAClB,MAAM,IAAI,aAAa,CAAC,iBAAiB,CAAC,CAAC;KAC5C;IAED,MAAM,oBAAoB,GACxB,UAAU,CAAC,IAAI,KAAK,mBAAS,CAAC,cAAc,CAAC,MAAM;QACnD,aAAa,CAAC,IAAI,KAAK,mBAAS,CAAC,cAAc,CAAC,MAAM,CAAC;IAEzD,yHAAyH;IACzH,sHAAsH;IACtH,IAAI,UAAU,CAAC,WAAW,IAAI,oBAAoB,EAAE;QAClD,oCAAoC,CAAC;YACnC,GAAG,aAAa;YAChB,GAAG,UAAU;YACb,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,aAAa,CAAC,IAAI;SAC5C,CAAC,CAAC;KACJ;IAED,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAEhC,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;QACjE,MAAM,EAAE,aAAa;QACrB,KAAK,EAAE,EAAE,EAAE,EAAE;QACb,IAAI,EAAE,IAAA,SAAI,EAAC,aAAa,EAAE,UAAU,CAAC;KACtC,CAAC,CAAC;IAEH,+DAA+D;IAC/D,IAAI,YAAY,CAAC,IAAI,KAAK,mBAAS,CAAC,cAAc,CAAC,MAAM,IAAI,UAAU,CAAC,WAAW,EAAE;QACnF,MAAM,wBAAwB,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,IAAI,CAC9D,kBAAkB,EAClB,YAAY,EACZ,aAAa,CACd,CAAC;QAEF,MAAM,kBAAkB,GAAG,IAAA,QAAG,EAAC,QAAQ,EAAE,wBAAwB,IAAI,EAAE,CAAC,CAAC;QACzE,MAAM,cAAc,GAAG,IAAA,SAAI,EAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QAEpD,MAAM,eAAe,GAAG,IAAA,eAAU,EAAC,kBAAkB,EAAE,cAAc,CAAC,CAAC;QACvE,MAAM,YAAY,GAAG,IAAA,eAAU,EAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAEpE,gCAAgC;QAChC,oDAAoD;QACpD,MAAM,OAAO,CAAC,GAAG,CACf,eAAe,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAC7B,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC,MAAM,CAAC;YACjD,KAAK,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE;SAC7B,CAAC,CACH,CACF,CAAC;QAEF,gCAAgC;QAChC,6CAA6C;QAC7C,MAAM,OAAO,CAAC,GAAG,CACf,YAAY,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAC1B,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC,MAAM,CAAC;YACjD,IAAI,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE;SAC5B,CAAC,CACH,CACF,CAAC;KACH;IACD,mEAAmE;SAC9D,IAAI,YAAY,CAAC,IAAI,KAAK,mBAAS,CAAC,cAAc,CAAC,MAAM,EAAE;QAC9D,MAAM,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC,MAAM,CAAC;YACvD,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;SACrB,CAAC,CAAC;KACJ;IAED,uBAAuB;IACvB,MAAM,iBAAiB,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,IAAI,CACvD,kBAAkB,EAClB,YAAY,EACZ,aAAa,CACd,CAAC;IAEF,OAAO;QACL,GAAG,YAAY;QACf,WAAW,EAAE,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;KACzF,CAAC;AACJ,CAAC,CAAC;AAWA,wBAAM"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* hashes a password
|
|
3
|
+
* @param {string} password - password to hash
|
|
4
|
+
* @returns {string} hashed password
|
|
5
|
+
*/
|
|
6
|
+
declare const hashPassword: (password: string) => Promise<string>;
|
|
7
|
+
/**
|
|
8
|
+
* Validate a password
|
|
9
|
+
* @param {string} password
|
|
10
|
+
* @param {string} hash
|
|
11
|
+
* @returns {Promise<boolean>} is the password valid
|
|
12
|
+
*/
|
|
13
|
+
declare const validatePassword: (password: string, hash: string) => Promise<boolean>;
|
|
14
|
+
/**
|
|
15
|
+
* Check login credentials
|
|
16
|
+
* @param {Object} options
|
|
17
|
+
* @param {string} options.email
|
|
18
|
+
* @param {string} options.password
|
|
19
|
+
*/
|
|
20
|
+
declare const checkCredentials: ({ email, password }: {
|
|
21
|
+
email: string;
|
|
22
|
+
password: string;
|
|
23
|
+
}) => Promise<any[]>;
|
|
24
|
+
/**
|
|
25
|
+
* Send an email to the user if it exists or do nothing
|
|
26
|
+
* @param {Object} param params
|
|
27
|
+
* @param {string} param.email user email for which to reset the password
|
|
28
|
+
*/
|
|
29
|
+
declare const forgotPassword: ({ email }?: {
|
|
30
|
+
email: string;
|
|
31
|
+
}) => Promise<any>;
|
|
32
|
+
/**
|
|
33
|
+
* Reset a user password
|
|
34
|
+
* @param {Object} param params
|
|
35
|
+
* @param {string} param.resetPasswordToken token generated to request a password reset
|
|
36
|
+
* @param {string} param.password new user password
|
|
37
|
+
*/
|
|
38
|
+
declare const resetPassword: ({ resetPasswordToken, password }?: {
|
|
39
|
+
resetPasswordToken: string;
|
|
40
|
+
password: string;
|
|
41
|
+
}) => Promise<any>;
|
|
42
|
+
export { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.resetPassword = exports.forgotPassword = exports.hashPassword = exports.validatePassword = exports.checkCredentials = void 0;
|
|
7
|
+
const bcryptjs_1 = __importDefault(require("bcryptjs"));
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
9
|
+
const utils_1 = require("@strapi/utils");
|
|
10
|
+
const utils_2 = require("../utils");
|
|
11
|
+
const { ApplicationError } = utils_1.errors;
|
|
12
|
+
/**
|
|
13
|
+
* hashes a password
|
|
14
|
+
* @param {string} password - password to hash
|
|
15
|
+
* @returns {string} hashed password
|
|
16
|
+
*/
|
|
17
|
+
const hashPassword = (password) => bcryptjs_1.default.hash(password, 10);
|
|
18
|
+
exports.hashPassword = hashPassword;
|
|
19
|
+
/**
|
|
20
|
+
* Validate a password
|
|
21
|
+
* @param {string} password
|
|
22
|
+
* @param {string} hash
|
|
23
|
+
* @returns {Promise<boolean>} is the password valid
|
|
24
|
+
*/
|
|
25
|
+
const validatePassword = (password, hash) => bcryptjs_1.default.compare(password, hash);
|
|
26
|
+
exports.validatePassword = validatePassword;
|
|
27
|
+
/**
|
|
28
|
+
* Check login credentials
|
|
29
|
+
* @param {Object} options
|
|
30
|
+
* @param {string} options.email
|
|
31
|
+
* @param {string} options.password
|
|
32
|
+
*/
|
|
33
|
+
const checkCredentials = async ({ email, password }) => {
|
|
34
|
+
const user = await strapi.query('admin::user').findOne({ where: { email } });
|
|
35
|
+
if (!user || !user.password) {
|
|
36
|
+
return [null, false, { message: 'Invalid credentials' }];
|
|
37
|
+
}
|
|
38
|
+
const isValid = await validatePassword(password, user.password);
|
|
39
|
+
if (!isValid) {
|
|
40
|
+
return [null, false, { message: 'Invalid credentials' }];
|
|
41
|
+
}
|
|
42
|
+
if (!(user.isActive === true)) {
|
|
43
|
+
return [null, false, { message: 'User not active' }];
|
|
44
|
+
}
|
|
45
|
+
return [null, user];
|
|
46
|
+
};
|
|
47
|
+
exports.checkCredentials = checkCredentials;
|
|
48
|
+
/**
|
|
49
|
+
* Send an email to the user if it exists or do nothing
|
|
50
|
+
* @param {Object} param params
|
|
51
|
+
* @param {string} param.email user email for which to reset the password
|
|
52
|
+
*/
|
|
53
|
+
const forgotPassword = async ({ email } = {}) => {
|
|
54
|
+
const user = await strapi.query('admin::user').findOne({ where: { email, isActive: true } });
|
|
55
|
+
if (!user) {
|
|
56
|
+
return;
|
|
57
|
+
}
|
|
58
|
+
const resetPasswordToken = (0, utils_2.getService)('token').createToken();
|
|
59
|
+
await (0, utils_2.getService)('user').updateById(user.id, { resetPasswordToken });
|
|
60
|
+
// Send an email to the admin.
|
|
61
|
+
const url = `${(0, utils_1.getAbsoluteAdminUrl)(strapi.config)}/auth/reset-password?code=${resetPasswordToken}`;
|
|
62
|
+
return strapi
|
|
63
|
+
.plugin('email')
|
|
64
|
+
.service('email')
|
|
65
|
+
.sendTemplatedEmail({
|
|
66
|
+
to: user.email,
|
|
67
|
+
from: strapi.config.get('admin.forgotPassword.from'),
|
|
68
|
+
replyTo: strapi.config.get('admin.forgotPassword.replyTo'),
|
|
69
|
+
}, strapi.config.get('admin.forgotPassword.emailTemplate'), {
|
|
70
|
+
url,
|
|
71
|
+
user: lodash_1.default.pick(user, ['email', 'firstname', 'lastname', 'username']),
|
|
72
|
+
})
|
|
73
|
+
.catch((err) => {
|
|
74
|
+
// log error server side but do not disclose it to the user to avoid leaking informations
|
|
75
|
+
strapi.log.error(err);
|
|
76
|
+
});
|
|
77
|
+
};
|
|
78
|
+
exports.forgotPassword = forgotPassword;
|
|
79
|
+
/**
|
|
80
|
+
* Reset a user password
|
|
81
|
+
* @param {Object} param params
|
|
82
|
+
* @param {string} param.resetPasswordToken token generated to request a password reset
|
|
83
|
+
* @param {string} param.password new user password
|
|
84
|
+
*/
|
|
85
|
+
const resetPassword = async ({ resetPasswordToken, password } = {}) => {
|
|
86
|
+
const matchingUser = await strapi
|
|
87
|
+
.query('admin::user')
|
|
88
|
+
.findOne({ where: { resetPasswordToken, isActive: true } });
|
|
89
|
+
if (!matchingUser) {
|
|
90
|
+
throw new ApplicationError();
|
|
91
|
+
}
|
|
92
|
+
return (0, utils_2.getService)('user').updateById(matchingUser.id, {
|
|
93
|
+
password,
|
|
94
|
+
resetPasswordToken: null,
|
|
95
|
+
});
|
|
96
|
+
};
|
|
97
|
+
exports.resetPassword = resetPassword;
|
|
98
|
+
//# sourceMappingURL=auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../server/src/services/auth.ts"],"names":[],"mappings":";;;;;;AAAA,wDAA8B;AAC9B,oDAAuB;AACvB,yCAA4D;AAC5D,oCAAsC;AAEtC,MAAM,EAAE,gBAAgB,EAAE,GAAG,cAAM,CAAC;AAEpC;;;;GAIG;AACH,MAAM,YAAY,GAAG,CAAC,QAAgB,EAAE,EAAE,CAAC,kBAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;AAmGxB,oCAAY;AAjGzD;;;;;GAKG;AACH,MAAM,gBAAgB,GAAG,CAAC,QAAgB,EAAE,IAAY,EAAE,EAAE,CAAC,kBAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;AA2FjE,4CAAgB;AAzF3C;;;;;GAKG;AACH,MAAM,gBAAgB,GAAG,KAAK,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAuC,EAAE,EAAE;IAC1F,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;IAE7E,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;QAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE,CAAC,CAAC;KAC1D;IAED,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IAEhE,IAAI,CAAC,OAAO,EAAE;QACZ,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE,CAAC,CAAC;KAC1D;IAED,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,EAAE;QAC7B,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC,CAAC;KACtD;IAED,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;AACtB,CAAC,CAAC;AAiEO,4CAAgB;AA/DzB;;;;GAIG;AACH,MAAM,cAAc,GAAG,KAAK,EAAE,EAAE,KAAK,KAAK,EAAuB,EAAE,EAAE;IACnE,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;IAE7F,IAAI,CAAC,IAAI,EAAE;QACT,OAAO;KACR;IAED,MAAM,kBAAkB,GAAG,IAAA,kBAAU,EAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;IAC7D,MAAM,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,CAAC;IAErE,8BAA8B;IAC9B,MAAM,GAAG,GAAG,GAAG,IAAA,2BAAmB,EAChC,MAAM,CAAC,MAAM,CACd,6BAA6B,kBAAkB,EAAE,CAAC;IACnD,OAAO,MAAM;SACV,MAAM,CAAC,OAAO,CAAC;SACf,OAAO,CAAC,OAAO,CAAC;SAChB,kBAAkB,CACjB;QACE,EAAE,EAAE,IAAI,CAAC,KAAK;QACd,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC;QACpD,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,8BAA8B,CAAC;KAC3D,EACD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,oCAAoC,CAAC,EACvD;QACE,GAAG;QACH,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;KACnE,CACF;SACA,KAAK,CAAC,CAAC,GAAQ,EAAE,EAAE;QAClB,yFAAyF;QACzF,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;AACP,CAAC,CAAC;AAyByD,wCAAc;AAvBzE;;;;;GAKG;AACH,MAAM,aAAa,GAAG,KAAK,EACzB,EAAE,kBAAkB,EAAE,QAAQ,KAAK,EAAsD,EACzF,EAAE;IACF,MAAM,YAAY,GAAG,MAAM,MAAM;SAC9B,KAAK,CAAC,aAAa,CAAC;SACpB,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,kBAAkB,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;IAE9D,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,IAAI,gBAAgB,EAAE,CAAC;KAC9B;IAED,OAAO,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,EAAE;QACpD,QAAQ;QACR,kBAAkB,EAAE,IAAI;KACzB,CAAC,CAAC;AACL,CAAC,CAAC;AAEyE,sCAAa"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.isValidCondition = void 0;
|
|
4
|
+
const fp_1 = require("lodash/fp");
|
|
5
|
+
const utils_1 = require("../utils");
|
|
6
|
+
const isValidCondition = (condition) => {
|
|
7
|
+
const { conditionProvider } = (0, utils_1.getService)('permission');
|
|
8
|
+
return (0, fp_1.isString)(condition) && conditionProvider.has(condition);
|
|
9
|
+
};
|
|
10
|
+
exports.isValidCondition = isValidCondition;
|
|
11
|
+
//# sourceMappingURL=condition.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"condition.js","sourceRoot":"","sources":["../../../server/src/services/condition.ts"],"names":[],"mappings":";;;AAAA,kCAAqC;AACrC,oCAAsC;AAEtC,MAAM,gBAAgB,GAAG,CAAC,SAAc,EAAE,EAAE;IAC1C,MAAM,EAAE,iBAAiB,EAAE,GAAG,IAAA,kBAAU,EAAC,YAAY,CAAC,CAAC;IAEvD,OAAO,IAAA,aAAQ,EAAC,SAAS,CAAC,IAAI,iBAAiB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;AACjE,CAAC,CAAC;AAEO,4CAAgB"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
declare const constants: {
|
|
2
|
+
CONTENT_TYPE_SECTION: string;
|
|
3
|
+
SUPER_ADMIN_CODE: string;
|
|
4
|
+
EDITOR_CODE: string;
|
|
5
|
+
AUTHOR_CODE: string;
|
|
6
|
+
READ_ACTION: string;
|
|
7
|
+
CREATE_ACTION: string;
|
|
8
|
+
UPDATE_ACTION: string;
|
|
9
|
+
DELETE_ACTION: string;
|
|
10
|
+
PUBLISH_ACTION: string;
|
|
11
|
+
API_TOKEN_TYPE: {
|
|
12
|
+
READ_ONLY: string;
|
|
13
|
+
FULL_ACCESS: string;
|
|
14
|
+
CUSTOM: string;
|
|
15
|
+
};
|
|
16
|
+
API_TOKEN_LIFESPANS: {
|
|
17
|
+
UNLIMITED: null;
|
|
18
|
+
DAYS_7: number;
|
|
19
|
+
DAYS_30: number;
|
|
20
|
+
DAYS_90: number;
|
|
21
|
+
};
|
|
22
|
+
TRANSFER_TOKEN_TYPE: {
|
|
23
|
+
PUSH: string;
|
|
24
|
+
PULL: string;
|
|
25
|
+
};
|
|
26
|
+
TRANSFER_TOKEN_LIFESPANS: {
|
|
27
|
+
UNLIMITED: null;
|
|
28
|
+
DAYS_7: number;
|
|
29
|
+
DAYS_30: number;
|
|
30
|
+
DAYS_90: number;
|
|
31
|
+
};
|
|
32
|
+
};
|
|
33
|
+
export = constants;
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
const DAY_IN_MS = 24 * 60 * 60 * 1000;
|
|
3
|
+
const constants = {
|
|
4
|
+
CONTENT_TYPE_SECTION: 'contentTypes',
|
|
5
|
+
SUPER_ADMIN_CODE: 'strapi-super-admin',
|
|
6
|
+
EDITOR_CODE: 'strapi-editor',
|
|
7
|
+
AUTHOR_CODE: 'strapi-author',
|
|
8
|
+
READ_ACTION: 'plugin::content-manager.explorer.read',
|
|
9
|
+
CREATE_ACTION: 'plugin::content-manager.explorer.create',
|
|
10
|
+
UPDATE_ACTION: 'plugin::content-manager.explorer.update',
|
|
11
|
+
DELETE_ACTION: 'plugin::content-manager.explorer.delete',
|
|
12
|
+
PUBLISH_ACTION: 'plugin::content-manager.explorer.publish',
|
|
13
|
+
API_TOKEN_TYPE: {
|
|
14
|
+
READ_ONLY: 'read-only',
|
|
15
|
+
FULL_ACCESS: 'full-access',
|
|
16
|
+
CUSTOM: 'custom',
|
|
17
|
+
},
|
|
18
|
+
// The front-end only displays these values
|
|
19
|
+
API_TOKEN_LIFESPANS: {
|
|
20
|
+
UNLIMITED: null,
|
|
21
|
+
DAYS_7: 7 * DAY_IN_MS,
|
|
22
|
+
DAYS_30: 30 * DAY_IN_MS,
|
|
23
|
+
DAYS_90: 90 * DAY_IN_MS,
|
|
24
|
+
},
|
|
25
|
+
TRANSFER_TOKEN_TYPE: {
|
|
26
|
+
PUSH: 'push',
|
|
27
|
+
PULL: 'pull',
|
|
28
|
+
},
|
|
29
|
+
TRANSFER_TOKEN_LIFESPANS: {
|
|
30
|
+
UNLIMITED: null,
|
|
31
|
+
DAYS_7: 7 * DAY_IN_MS,
|
|
32
|
+
DAYS_30: 30 * DAY_IN_MS,
|
|
33
|
+
DAYS_90: 90 * DAY_IN_MS,
|
|
34
|
+
},
|
|
35
|
+
};
|
|
36
|
+
module.exports = constants;
|
|
37
|
+
//# sourceMappingURL=constants.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../server/src/services/constants.ts"],"names":[],"mappings":";AAAA,MAAM,SAAS,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAEtC,MAAM,SAAS,GAAG;IAChB,oBAAoB,EAAE,cAAc;IACpC,gBAAgB,EAAE,oBAAoB;IACtC,WAAW,EAAE,eAAe;IAC5B,WAAW,EAAE,eAAe;IAC5B,WAAW,EAAE,uCAAuC;IACpD,aAAa,EAAE,yCAAyC;IACxD,aAAa,EAAE,yCAAyC;IACxD,aAAa,EAAE,yCAAyC;IACxD,cAAc,EAAE,0CAA0C;IAC1D,cAAc,EAAE;QACd,SAAS,EAAE,WAAW;QACtB,WAAW,EAAE,aAAa;QAC1B,MAAM,EAAE,QAAQ;KACjB;IACD,2CAA2C;IAC3C,mBAAmB,EAAE;QACnB,SAAS,EAAE,IAAI;QACf,MAAM,EAAE,CAAC,GAAG,SAAS;QACrB,OAAO,EAAE,EAAE,GAAG,SAAS;QACvB,OAAO,EAAE,EAAE,GAAG,SAAS;KACxB;IACD,mBAAmB,EAAE;QACnB,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,MAAM;KACb;IACD,wBAAwB,EAAE;QACxB,SAAS,EAAE,IAAI;QACf,MAAM,EAAE,CAAC,GAAG,SAAS;QACrB,OAAO,EAAE,EAAE,GAAG,SAAS;QACvB,OAAO,EAAE,EAAE,GAAG,SAAS;KACxB;CACF,CAAC;AAEF,iBAAS,SAAS,CAAC"}
|