@strapi/admin 4.14.3 → 4.14.4

package/dist/server/services/permission/permissions-manager/query-builders.d.ts

@@ -1,3 +0,0 @@
-declare const buildCaslQuery: (ability: any, action: any, model: any) => import("@casl/ability/extra").AbilityQuery<object> | null;
-declare const buildStrapiQuery: (caslQuery: any) => any;
-export { buildCaslQuery, buildStrapiQuery };

package/dist/server/services/permission/permissions-manager/query-builders.js

@@ -1,66 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.buildStrapiQuery = exports.buildCaslQuery = void 0;
-// TODO: migration
-const lodash_1 = __importDefault(require("lodash"));
-const extra_1 = require("@casl/ability/extra");
-const operatorsMap = {
-    $in: '$in',
-    $nin: '$notIn',
-    $exists: '$notNull',
-    $gte: '$gte',
-    $gt: '$gt',
-    $lte: '$lte',
-    $lt: '$lt',
-    $eq: '$eq',
-    $ne: '$ne',
-    $and: '$and',
-    $or: '$or',
-    $not: '$not',
-};
-const mapKey = (key) => {
-    if (lodash_1.default.isString(key) && key.startsWith('$') && key in operatorsMap) {
-        return operatorsMap[key];
-    }
-    return key;
-};
-const buildCaslQuery = (ability, action, model) => {
-    // @ts-expect-error
-    return (0, extra_1.rulesToQuery)(ability, action, model, (o) => o.conditions);
-};
-exports.buildCaslQuery = buildCaslQuery;
-const buildStrapiQuery = (caslQuery) => {
-    return unwrapDeep(caslQuery);
-};
-exports.buildStrapiQuery = buildStrapiQuery;
-const unwrapDeep = (obj) => {
-    if (!lodash_1.default.isPlainObject(obj) && !lodash_1.default.isArray(obj)) {
-        return obj;
-    }
-    if (lodash_1.default.isArray(obj)) {
-        return obj.map((v) => unwrapDeep(v));
-    }
-    return lodash_1.default.reduce(obj, (acc, v, k) => {
-        const key = mapKey(k);
-        if (lodash_1.default.isPlainObject(v)) {
-            if ('$elemMatch' in v) {
-                lodash_1.default.setWith(acc, key, unwrapDeep(v.$elemMatch));
-            }
-            else {
-                lodash_1.default.setWith(acc, key, unwrapDeep(v));
-            }
-        }
-        else if (lodash_1.default.isArray(v)) {
-            // prettier-ignore
-            lodash_1.default.setWith(acc, key, v.map(v => unwrapDeep(v)));
-        }
-        else {
-            lodash_1.default.setWith(acc, key, v);
-        }
-        return acc;
-    }, {});
-};
-//# sourceMappingURL=query-builders.js.map

package/dist/server/services/permission/permissions-manager/query-builders.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"query-builders.js","sourceRoot":"","sources":["../../../../../server/src/services/permission/permissions-manager/query-builders.ts"],"names":[],"mappings":";;;;;;AAAA,kBAAkB;AAClB,oDAAuB;AACvB,+CAAmD;AAEnD,MAAM,YAAY,GAAG;IACnB,GAAG,EAAE,KAAK;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,UAAU;IACnB,IAAI,EAAE,MAAM;IACZ,GAAG,EAAE,KAAK;IACV,IAAI,EAAE,MAAM;IACZ,GAAG,EAAE,KAAK;IACV,GAAG,EAAE,KAAK;IACV,GAAG,EAAE,KAAK;IACV,IAAI,EAAE,MAAM;IACZ,GAAG,EAAE,KAAK;IACV,IAAI,EAAE,MAAM;CACJ,CAAC;AAEX,MAAM,MAAM,GAAG,CAAC,GAA8B,EAAE,EAAE;IAChD,IAAI,gBAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,GAAG,IAAI,YAAY,EAAE;QACjE,OAAO,YAAY,CAAC,GAAG,CAAC,CAAC;KAC1B;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,CAAC,OAAY,EAAE,MAAW,EAAE,KAAU,EAAE,EAAE;IAC/D,mBAAmB;IACnB,OAAO,IAAA,oBAAY,EAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;AACnE,CAAC,CAAC;AAsCO,wCAAc;AApCvB,MAAM,gBAAgB,GAAG,CAAC,SAAc,EAAE,EAAE;IAC1C,OAAO,UAAU,CAAC,SAAS,CAAC,CAAC;AAC/B,CAAC,CAAC;AAkCuB,4CAAgB;AAhCzC,MAAM,UAAU,GAAG,CAAC,GAAQ,EAAO,EAAE;IACnC,IAAI,CAAC,gBAAC,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QAC5C,OAAO,GAAG,CAAC;KACZ;IACD,IAAI,gBAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QAClB,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;KAC3C;IAED,OAAO,gBAAC,CAAC,MAAM,CACb,GAAG,EACH,CAAC,GAAG,EAAE,CAAC,EAAE,CAAM,EAAE,EAAE;QACjB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAEtB,IAAI,gBAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE;YACtB,IAAI,YAAY,IAAI,CAAC,EAAE;gBACrB,gBAAC,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC;aAC/C;iBAAM;gBACL,gBAAC,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;aACpC;SACF;aAAM,IAAI,gBAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;YACvB,kBAAkB;YAClB,gBAAC,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;SAChD;aAAM;YACL,gBAAC,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;SACxB;QAED,OAAO,GAAG,CAAC;IACb,CAAC,EACD,EAAE,CACH,CAAC;AACJ,CAAC,CAAC"}

package/dist/server/services/permission/permissions-manager/sanitize.d.ts

@@ -1,6 +0,0 @@
-declare const _default: ({ action, ability, model }: any) => {
-    sanitizeOutput: (data: any, options?: any) => any;
-    sanitizeInput: (data: any, options?: any) => any;
-    sanitizeQuery: (data: any, options?: any) => any;
-};
-export default _default;

package/dist/server/services/permission/permissions-manager/sanitize.js

@@ -1,184 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const ability_1 = require("@casl/ability");
-const extra_1 = require("@casl/ability/extra");
-const fp_1 = require("lodash/fp");
-const utils_1 = require("@strapi/utils");
-const user_1 = require("../../../domain/user");
-const { visitors: { removePassword }, } = utils_1.sanitize;
-const { constants, isScalarAttribute, getNonVisibleAttributes, getNonWritableAttributes, getWritableAttributes, } = utils_1.contentTypes;
-const { ID_ATTRIBUTE, CREATED_AT_ATTRIBUTE, UPDATED_AT_ATTRIBUTE, PUBLISHED_AT_ATTRIBUTE, CREATED_BY_ATTRIBUTE, UPDATED_BY_ATTRIBUTE, } = constants;
-const COMPONENT_FIELDS = ['__component'];
-const STATIC_FIELDS = [ID_ATTRIBUTE];
-exports.default = ({ action, ability, model }) => {
-    const schema = strapi.getModel(model);
-    const { removeDisallowedFields } = utils_1.sanitize.visitors;
-    const createSanitizeQuery = (options = {}) => {
-        const { fields } = options;
-        // TODO: sanitize relations to admin users in all sanitizers
-        const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);
-        const sanitizeFilters = (0, utils_1.pipeAsync)(utils_1.traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), { schema }), utils_1.traverse.traverseQueryFilters(omitDisallowedAdminUserFields, { schema }), utils_1.traverse.traverseQueryFilters(omitHiddenFields, { schema }), utils_1.traverse.traverseQueryFilters(removePassword, { schema }), utils_1.traverse.traverseQueryFilters(({ key, value }, { remove }) => {
-            if ((0, fp_1.isObject)(value) && (0, fp_1.isEmpty)(value)) {
-                remove(key);
-            }
-        }, { schema }));
-        const sanitizeSort = (0, utils_1.pipeAsync)(utils_1.traverse.traverseQuerySort(removeDisallowedFields(permittedFields), { schema }), utils_1.traverse.traverseQuerySort(omitDisallowedAdminUserFields, { schema }), utils_1.traverse.traverseQuerySort(omitHiddenFields, { schema }), utils_1.traverse.traverseQuerySort(removePassword, { schema }), utils_1.traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {
-            if (!isScalarAttribute(attribute) && (0, fp_1.isEmpty)(value)) {
-                remove(key);
-            }
-        }, { schema }));
-        const sanitizePopulate = (0, utils_1.pipeAsync)(utils_1.traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), { schema }), utils_1.traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, { schema }), utils_1.traverse.traverseQueryPopulate(omitHiddenFields, { schema }), utils_1.traverse.traverseQueryPopulate(removePassword, { schema }));
-        const sanitizeFields = (0, utils_1.pipeAsync)(utils_1.traverse.traverseQueryFields(removeDisallowedFields(permittedFields), { schema }), utils_1.traverse.traverseQueryFields(omitHiddenFields, { schema }), utils_1.traverse.traverseQueryFields(removePassword, { schema }));
-        return async (query) => {
-            const sanitizedQuery = (0, fp_1.cloneDeep)(query);
-            if (query.filters) {
-                Object.assign(sanitizedQuery, { filters: await sanitizeFilters(query.filters) });
-            }
-            if (query.sort) {
-                Object.assign(sanitizedQuery, { sort: await sanitizeSort(query.sort) });
-            }
-            if (query.populate) {
-                Object.assign(sanitizedQuery, { populate: await sanitizePopulate(query.populate) });
-            }
-            if (query.fields) {
-                Object.assign(sanitizedQuery, { fields: await sanitizeFields(query.fields) });
-            }
-            return sanitizedQuery;
-        };
-    };
-    const createSanitizeOutput = (options = {}) => {
-        const { fields } = options;
-        const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);
-        return (0, utils_1.pipeAsync)(
-        // Remove fields hidden from the admin
-        (0, utils_1.traverseEntity)(omitHiddenFields, { schema }), 
-        // Remove unallowed fields from admin::user relations
-        // @ts-expect-error
-        (0, utils_1.traverseEntity)(pickAllowedAdminUserFields, { schema }), 
-        // Remove not allowed fields (RBAC)
-        (0, utils_1.traverseEntity)(removeDisallowedFields(permittedFields), { schema }), 
-        // Remove all fields of type 'password'
-        utils_1.sanitize.sanitizers.sanitizePasswords(schema));
-    };
-    const createSanitizeInput = (options = {}) => {
-        const { fields } = options;
-        const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);
-        return (0, utils_1.pipeAsync)(
-        // Remove fields hidden from the admin
-        (0, utils_1.traverseEntity)(omitHiddenFields, { schema }), 
-        // Remove not allowed fields (RBAC)
-        // @ts-expect-error
-        (0, utils_1.traverseEntity)(removeDisallowedFields(permittedFields), { schema }), 
-        // Remove roles from createdBy & updateBy fields
-        omitCreatorRoles);
-    };
-    const wrapSanitize = (createSanitizeFunction) => {
-        // @ts-expect-error
-        const wrappedSanitize = async (data, options = {}) => {
-            if ((0, fp_1.isArray)(data)) {
-                return Promise.all(data.map((entity) => wrappedSanitize(entity, options)));
-            }
-            const { subject, action: actionOverride } = getDefaultOptions(data, options);
-            const permittedFields = (0, extra_1.permittedFieldsOf)(ability, actionOverride, subject, {
-                fieldsFrom: (rule) => rule.fields || [],
-            });
-            const hasAtLeastOneRegistered = (0, fp_1.some)((fields) => !(0, fp_1.isNil)(fields), (0, fp_1.flatMap)((0, fp_1.prop)('fields'), ability.rulesFor(actionOverride, (0, ability_1.detectSubjectType)(subject))));
-            const shouldIncludeAllFields = (0, fp_1.isEmpty)(permittedFields) && !hasAtLeastOneRegistered;
-            const sanitizeOptions = {
-                ...options,
-                fields: {
-                    shouldIncludeAll: shouldIncludeAllFields,
-                    permitted: permittedFields,
-                    hasAtLeastOneRegistered,
-                },
-            };
-            const sanitizeFunction = createSanitizeFunction(sanitizeOptions);
-            return sanitizeFunction(data);
-        };
-        return wrappedSanitize;
-    };
-    const getDefaultOptions = (data, options) => {
-        return (0, fp_1.defaults)({ subject: (0, ability_1.subject)(model, data), action }, options);
-    };
-    /**
-     * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses
-     */
-    const omitCreatorRoles = (0, fp_1.omit)([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);
-    /**
-     * Visitor used to remove hidden fields from the admin API responses
-     */
-    const omitHiddenFields = ({ key, schema }, { remove }) => {
-        const isHidden = (0, fp_1.getOr)(false, ['config', 'attributes', key, 'hidden'], schema);
-        if (isHidden) {
-            remove(key);
-        }
-    };
-    /**
-     * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information
-     */
-    const pickAllowedAdminUserFields = ({ attribute, key, value }, { set }) => {
-        const pickAllowedFields = (0, fp_1.pick)(user_1.ADMIN_USER_ALLOWED_FIELDS);
-        if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {
-            if (Array.isArray(value)) {
-                set(key, value.map(pickAllowedFields));
-            }
-            else {
-                set(key, pickAllowedFields(value));
-            }
-        }
-    };
-    /**
-     * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information
-     */
-    const omitDisallowedAdminUserFields = ({ key, attribute, schema }, { remove }) => {
-        if (schema.uid === 'admin::user' && attribute && !user_1.ADMIN_USER_ALLOWED_FIELDS.includes(key)) {
-            remove(key);
-        }
-    };
-    const getInputFields = (fields = []) => {
-        const nonVisibleAttributes = getNonVisibleAttributes(schema);
-        const writableAttributes = getWritableAttributes(schema);
-        const nonVisibleWritableAttributes = (0, fp_1.intersection)(nonVisibleAttributes, writableAttributes);
-        return (0, fp_1.uniq)([
-            ...fields,
-            ...STATIC_FIELDS,
-            ...COMPONENT_FIELDS,
-            ...nonVisibleWritableAttributes,
-        ]);
-    };
-    const getOutputFields = (fields = []) => {
-        const nonWritableAttributes = getNonWritableAttributes(schema);
-        const nonVisibleAttributes = getNonVisibleAttributes(schema);
-        return (0, fp_1.uniq)([
-            ...fields,
-            ...STATIC_FIELDS,
-            ...COMPONENT_FIELDS,
-            ...nonWritableAttributes,
-            ...nonVisibleAttributes,
-            CREATED_AT_ATTRIBUTE,
-            UPDATED_AT_ATTRIBUTE,
-        ]);
-    };
-    const getQueryFields = (fields = []) => {
-        const nonVisibleAttributes = getNonVisibleAttributes(schema);
-        const writableAttributes = getWritableAttributes(schema);
-        const nonVisibleWritableAttributes = (0, fp_1.intersection)(nonVisibleAttributes, writableAttributes);
-        return (0, fp_1.uniq)([
-            ...fields,
-            ...STATIC_FIELDS,
-            ...COMPONENT_FIELDS,
-            ...nonVisibleWritableAttributes,
-            CREATED_AT_ATTRIBUTE,
-            UPDATED_AT_ATTRIBUTE,
-            PUBLISHED_AT_ATTRIBUTE,
-            CREATED_BY_ATTRIBUTE,
-            UPDATED_BY_ATTRIBUTE,
-        ]);
-    };
-    return {
-        sanitizeOutput: wrapSanitize(createSanitizeOutput),
-        sanitizeInput: wrapSanitize(createSanitizeInput),
-        sanitizeQuery: wrapSanitize(createSanitizeQuery),
-    };
-};
-//# sourceMappingURL=sanitize.js.map

package/dist/server/services/permission/permissions-manager/sanitize.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"sanitize.js","sourceRoot":"","sources":["../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"names":[],"mappings":";;AAAA,2CAAwE;AACxE,+CAAwD;AACxD,kCAemB;AAEnB,yCAA4F;AAC5F,+CAAiE;AAEjE,MAAM,EACJ,QAAQ,EAAE,EAAE,cAAc,EAAE,GAC7B,GAAG,gBAAQ,CAAC;AAEb,MAAM,EACJ,SAAS,EACT,iBAAiB,EACjB,uBAAuB,EACvB,wBAAwB,EACxB,qBAAqB,GACtB,GAAG,oBAAY,CAAC;AACjB,MAAM,EACJ,YAAY,EACZ,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,oBAAoB,EACpB,oBAAoB,GACrB,GAAG,SAAS,CAAC;AAEd,MAAM,gBAAgB,GAAG,CAAC,aAAa,CAAC,CAAC;AACzC,MAAM,aAAa,GAAG,CAAC,YAAY,CAAC,CAAC;AAErC,kBAAe,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAO,EAAE,EAAE;IACjD,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAEtC,MAAM,EAAE,sBAAsB,EAAE,GAAG,gBAAQ,CAAC,QAAQ,CAAC;IAErD,MAAM,mBAAmB,GAAG,CAAC,UAAU,EAAS,EAAE,EAAE;QAClD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAE3B,4DAA4D;QAC5D,MAAM,eAAe,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE1F,MAAM,eAAe,GAAG,IAAA,iBAAS,EAC/B,gBAAQ,CAAC,oBAAoB,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EAClF,gBAAQ,CAAC,oBAAoB,CAAC,6BAA6B,EAAE,EAAE,MAAM,EAAE,CAAC,EACxE,gBAAQ,CAAC,oBAAoB,CAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,CAAC,EAC3D,gBAAQ,CAAC,oBAAoB,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,CAAC,EACzD,gBAAQ,CAAC,oBAAoB,CAC3B,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;YAC7B,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,IAAI,IAAA,YAAO,EAAC,KAAK,CAAC,EAAE;gBACrC,MAAM,CAAC,GAAG,CAAC,CAAC;aACb;QACH,CAAC,EACD,EAAE,MAAM,EAAE,CACX,CACF,CAAC;QAEF,MAAM,YAAY,GAAG,IAAA,iBAAS,EAC5B,gBAAQ,CAAC,iBAAiB,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EAC/E,gBAAQ,CAAC,iBAAiB,CAAC,6BAA6B,EAAE,EAAE,MAAM,EAAE,CAAC,EACrE,gBAAQ,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,CAAC,EACxD,gBAAQ,CAAC,iBAAiB,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,CAAC,EACtD,gBAAQ,CAAC,iBAAiB,CACxB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;YACxC,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,IAAI,IAAA,YAAO,EAAC,KAAK,CAAC,EAAE;gBACnD,MAAM,CAAC,GAAG,CAAC,CAAC;aACb;QACH,CAAC,EACD,EAAE,MAAM,EAAE,CACX,CACF,CAAC;QAEF,MAAM,gBAAgB,GAAG,IAAA,iBAAS,EAChC,gBAAQ,CAAC,qBAAqB,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EACnF,gBAAQ,CAAC,qBAAqB,CAAC,6BAA6B,EAAE,EAAE,MAAM,EAAE,CAAC,EACzE,gBAAQ,CAAC,qBAAqB,CAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,CAAC,EAC5D,gBAAQ,CAAC,qBAAqB,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,CAAC,CAC3D,CAAC;QAEF,MAAM,cAAc,GAAG,IAAA,iBAAS,EAC9B,gBAAQ,CAAC,mBAAmB,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EACjF,gBAAQ,CAAC,mBAAmB,CAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,CAAC,EAC1D,gBAAQ,CAAC,mBAAmB,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,CAAC,CACzD,CAAC;QAEF,OAAO,KAAK,EAAE,KAAU,EAAE,EAAE;YAC1B,MAAM,cAAc,GAAG,IAAA,cAAS,EAAC,KAAK,CAAC,CAAC;YAExC,IAAI,KAAK,CAAC,OAAO,EAAE;gBACjB,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;aAClF;YAED,IAAI,KAAK,CAAC,IAAI,EAAE;gBACd,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;aACzE;YAED,IAAI,KAAK,CAAC,QAAQ,EAAE;gBAClB,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;aACrF;YAED,IAAI,KAAK,CAAC,MAAM,EAAE;gBAChB,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;aAC/E;YAED,OAAO,cAAc,CAAC;QACxB,CAAC,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,oBAAoB,GAAG,CAAC,UAAU,EAAS,EAAE,EAAE;QACnD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAE3B,MAAM,eAAe,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE3F,OAAO,IAAA,iBAAS;QACd,sCAAsC;QACtC,IAAA,sBAAc,EAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,CAAC;QAC5C,qDAAqD;QACrD,mBAAmB;QACnB,IAAA,sBAAc,EAAC,0BAA0B,EAAE,EAAE,MAAM,EAAE,CAAC;QACtD,mCAAmC;QACnC,IAAA,sBAAc,EAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC;QACnE,uCAAuC;QACvC,gBAAQ,CAAC,UAAU,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAC9C,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,mBAAmB,GAAG,CAAC,UAAU,EAAS,EAAE,EAAE;QAClD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAE3B,MAAM,eAAe,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE1F,OAAO,IAAA,iBAAS;QACd,sCAAsC;QACtC,IAAA,sBAAc,EAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,CAAC;QAC5C,mCAAmC;QACnC,mBAAmB;QACnB,IAAA,sBAAc,EAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC;QACnE,gDAAgD;QAChD,gBAAgB,CACjB,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,YAAY,GAAG,CAAC,sBAA2B,EAAE,EAAE;QACnD,mBAAmB;QACnB,MAAM,eAAe,GAAG,KAAK,EAAE,IAAS,EAAE,UAAU,EAAS,EAAE,EAAE;YAC/D,IAAI,IAAA,YAAO,EAAC,IAAI,CAAC,EAAE;gBACjB,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAW,EAAE,EAAE,CAAC,eAAe,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;aACjF;YAED,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,iBAAiB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAE7E,MAAM,eAAe,GAAG,IAAA,yBAAiB,EAAC,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE;gBAC1E,UAAU,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE;aACxC,CAAC,CAAC;YAEH,MAAM,uBAAuB,GAAG,IAAA,SAAI,EAClC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,IAAA,UAAK,EAAC,MAAM,CAAC,EAC1B,IAAA,YAAO,EAAC,IAAA,SAAI,EAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,cAAc,EAAE,IAAA,2BAAiB,EAAC,OAAO,CAAC,CAAC,CAAC,CACtF,CAAC;YACF,MAAM,sBAAsB,GAAG,IAAA,YAAO,EAAC,eAAe,CAAC,IAAI,CAAC,uBAAuB,CAAC;YAEpF,MAAM,eAAe,GAAG;gBACtB,GAAG,OAAO;gBACV,MAAM,EAAE;oBACN,gBAAgB,EAAE,sBAAsB;oBACxC,SAAS,EAAE,eAAe;oBAC1B,uBAAuB;iBACxB;aACF,CAAC;YAEF,MAAM,gBAAgB,GAAG,sBAAsB,CAAC,eAAe,CAAC,CAAC;YAEjE,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC,CAAC;QAEF,OAAO,eAAe,CAAC;IACzB,CAAC,CAAC;IAEF,MAAM,iBAAiB,GAAG,CAAC,IAAS,EAAE,OAAY,EAAE,EAAE;QACpD,OAAO,IAAA,aAAQ,EAAC,EAAE,OAAO,EAAE,IAAA,iBAAS,EAAC,KAAK,EAAE,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,CAAC;IACxE,CAAC,CAAC;IAEF;;OAEG;IACH,MAAM,gBAAgB,GAAG,IAAA,SAAI,EAAC,CAAC,GAAG,oBAAoB,QAAQ,EAAE,GAAG,oBAAoB,QAAQ,CAAC,CAAC,CAAC;IAElG;;OAEG;IACH,MAAM,gBAAgB,GAAG,CAAC,EAAE,GAAG,EAAE,MAAM,EAAO,EAAE,EAAE,MAAM,EAAO,EAAE,EAAE;QACjE,MAAM,QAAQ,GAAG,IAAA,UAAK,EAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,YAAY,EAAE,GAAG,EAAE,QAAQ,CAAC,EAAE,MAAM,CAAC,CAAC;QAE/E,IAAI,QAAQ,EAAE;YACZ,MAAM,CAAC,GAAG,CAAC,CAAC;SACb;IACH,CAAC,CAAC;IAEF;;OAEG;IACH,MAAM,0BAA0B,GAAG,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE,KAAK,EAAO,EAAE,EAAE,GAAG,EAAO,EAAE,EAAE;QAClF,MAAM,iBAAiB,GAAG,IAAA,SAAI,EAAC,gCAAyB,CAAC,CAAC;QAE1D,IAAI,SAAS,CAAC,IAAI,KAAK,UAAU,IAAI,SAAS,CAAC,MAAM,KAAK,aAAa,IAAI,KAAK,EAAE;YAChF,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;gBACxB,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;aACxC;iBAAM;gBACL,GAAG,CAAC,GAAG,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC;aACpC;SACF;IACH,CAAC,CAAC;IAEF;;OAEG;IACH,MAAM,6BAA6B,GAAG,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAO,EAAE,EAAE,MAAM,EAAO,EAAE,EAAE;QACzF,IAAI,MAAM,CAAC,GAAG,KAAK,aAAa,IAAI,SAAS,IAAI,CAAC,gCAAyB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;YACzF,MAAM,CAAC,GAAG,CAAC,CAAC;SACb;IACH,CAAC,CAAC;IAEF,MAAM,cAAc,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE;QACrC,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC;QAC7D,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAEzD,MAAM,4BAA4B,GAAG,IAAA,iBAAY,EAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC;QAE5F,OAAO,IAAA,SAAI,EAAC;YACV,GAAG,MAAM;YACT,GAAG,aAAa;YAChB,GAAG,gBAAgB;YACnB,GAAG,4BAA4B;SAChC,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,MAAM,eAAe,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE;QACtC,MAAM,qBAAqB,GAAG,wBAAwB,CAAC,MAAM,CAAC,CAAC;QAC/D,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC;QAE7D,OAAO,IAAA,SAAI,EAAC;YACV,GAAG,MAAM;YACT,GAAG,aAAa;YAChB,GAAG,gBAAgB;YACnB,GAAG,qBAAqB;YACxB,GAAG,oBAAoB;YACvB,oBAAoB;YACpB,oBAAoB;SACrB,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,MAAM,cAAc,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE;QACrC,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC;QAC7D,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAEzD,MAAM,4BAA4B,GAAG,IAAA,iBAAY,EAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC;QAE5F,OAAO,IAAA,SAAI,EAAC;YACV,GAAG,MAAM;YACT,GAAG,aAAa;YAChB,GAAG,gBAAgB;YACnB,GAAG,4BAA4B;YAC/B,oBAAoB;YACpB,oBAAoB;YACpB,sBAAsB;YACtB,oBAAoB;YACpB,oBAAoB;SACrB,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,OAAO;QACL,cAAc,EAAE,YAAY,CAAC,oBAAoB,CAAC;QAClD,aAAa,EAAE,YAAY,CAAC,mBAAmB,CAAC;QAChD,aAAa,EAAE,YAAY,CAAC,mBAAmB,CAAC;KACjD,CAAC;AACJ,CAAC,CAAC"}

package/dist/server/services/permission/permissions-manager/validate.d.ts

@@ -1,5 +0,0 @@
-declare const _default: ({ action, ability, model }: any) => {
-    validateQuery: (data: any, options?: {}) => any;
-    validateInput: (data: any, options?: {}) => any;
-};
-export default _default;

package/dist/server/services/permission/permissions-manager/validate.js

@@ -1,134 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const ability_1 = require("@casl/ability");
-const extra_1 = require("@casl/ability/extra");
-const fp_1 = require("lodash/fp");
-const utils_1 = require("@strapi/utils");
-const user_1 = require("../../../domain/user");
-const { ValidationError } = utils_1.errors;
-const { throwPassword, throwDisallowedFields } = utils_1.validate.visitors;
-const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = utils_1.contentTypes;
-const { ID_ATTRIBUTE, CREATED_AT_ATTRIBUTE, UPDATED_AT_ATTRIBUTE, PUBLISHED_AT_ATTRIBUTE, CREATED_BY_ATTRIBUTE, UPDATED_BY_ATTRIBUTE, } = constants;
-const COMPONENT_FIELDS = ['__component'];
-const STATIC_FIELDS = [ID_ATTRIBUTE];
-const throwInvalidParam = ({ key }) => {
-    throw new ValidationError(`Invalid parameter ${key}`);
-};
-exports.default = ({ action, ability, model }) => {
-    const schema = strapi.getModel(model);
-    const createValidateQuery = (options = {}) => {
-        const { fields } = options;
-        // TODO: validate relations to admin users in all validators
-        const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);
-        const validateFilters = (0, utils_1.pipeAsync)(utils_1.traverse.traverseQueryFilters(throwDisallowedFields(permittedFields), { schema }), utils_1.traverse.traverseQueryFilters(throwDisallowedAdminUserFields, { schema }), utils_1.traverse.traverseQueryFilters(throwPassword, { schema }), utils_1.traverse.traverseQueryFilters(({ key, value }) => {
-            if ((0, fp_1.isObject)(value) && (0, fp_1.isEmpty)(value)) {
-                throwInvalidParam({ key });
-            }
-        }, { schema }));
-        const validateSort = (0, utils_1.pipeAsync)(utils_1.traverse.traverseQuerySort(throwDisallowedFields(permittedFields), { schema }), utils_1.traverse.traverseQuerySort(throwDisallowedAdminUserFields, { schema }), utils_1.traverse.traverseQuerySort(throwPassword, { schema }), utils_1.traverse.traverseQuerySort(({ key, attribute, value }) => {
-            if (!isScalarAttribute(attribute) && (0, fp_1.isEmpty)(value)) {
-                throwInvalidParam({ key });
-            }
-        }, { schema }));
-        const validateFields = (0, utils_1.pipeAsync)(utils_1.traverse.traverseQueryFields(throwDisallowedFields(permittedFields), { schema }), utils_1.traverse.traverseQueryFields(throwPassword, { schema }));
-        return async (query) => {
-            if (query.filters) {
-                await validateFilters(query.filters);
-            }
-            if (query.sort) {
-                await validateSort(query.sort);
-            }
-            if (query.fields) {
-                await validateFields(query.fields);
-            }
-            return true;
-        };
-    };
-    const createValidateInput = (options = {}) => {
-        const { fields } = options;
-        const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);
-        return (0, utils_1.pipeAsync)(
-        // Remove fields hidden from the admin
-        (0, utils_1.traverseEntity)(throwHiddenFields, { schema }), 
-        // Remove not allowed fields (RBAC)
-        // @ts-expect-error
-        (0, utils_1.traverseEntity)(throwDisallowedFields(permittedFields), { schema }), 
-        // Remove roles from createdBy & updatedBy fields
-        omitCreatorRoles);
-    };
-    const wrapValidate = (createValidateFunction) => {
-        // @ts-expect-error
-        const wrappedValidate = async (data, options = {}) => {
-            if ((0, fp_1.isArray)(data)) {
-                return Promise.all(data.map((entity) => wrappedValidate(entity, options)));
-            }
-            const { subject, action: actionOverride } = getDefaultOptions(data, options);
-            const permittedFields = (0, extra_1.permittedFieldsOf)(ability, actionOverride, subject, {
-                fieldsFrom: (rule) => rule.fields || [],
-            });
-            const hasAtLeastOneRegistered = (0, fp_1.some)((fields) => !(0, fp_1.isNil)(fields), (0, fp_1.flatMap)((0, fp_1.prop)('fields'), ability.rulesFor(actionOverride, (0, ability_1.detectSubjectType)(subject))));
-            const shouldIncludeAllFields = (0, fp_1.isEmpty)(permittedFields) && !hasAtLeastOneRegistered;
-            const validateOptions = {
-                ...options,
-                fields: {
-                    shouldIncludeAll: shouldIncludeAllFields,
-                    permitted: permittedFields,
-                    hasAtLeastOneRegistered,
-                },
-            };
-            const validateFunction = createValidateFunction(validateOptions);
-            return validateFunction(data);
-        };
-        return wrappedValidate;
-    };
-    const getDefaultOptions = (data, options) => {
-        return (0, fp_1.defaults)({ subject: (0, ability_1.subject)(model, data), action }, options);
-    };
-    /**
-     * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses
-     */
-    const omitCreatorRoles = (0, fp_1.omit)([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);
-    /**
-     * Visitor used to remove hidden fields from the admin API responses
-     */
-    const throwHiddenFields = ({ key, schema }) => {
-        const isHidden = (0, fp_1.getOr)(false, ['config', 'attributes', key, 'hidden'], schema);
-        if (isHidden) {
-            throwInvalidParam({ key });
-        }
-    };
-    /**
-     * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information
-     */
-    const throwDisallowedAdminUserFields = ({ key, attribute, schema }) => {
-        if (schema.uid === 'admin::user' && attribute && !user_1.ADMIN_USER_ALLOWED_FIELDS.includes(key)) {
-            throwInvalidParam({ key });
-        }
-    };
-    const getInputFields = (fields = []) => {
-        const nonVisibleAttributes = getNonVisibleAttributes(schema);
-        const writableAttributes = getWritableAttributes(schema);
-        const nonVisibleWritableAttributes = (0, fp_1.intersection)(nonVisibleAttributes, writableAttributes);
-        return (0, fp_1.uniq)([
-            ...fields,
-            ...STATIC_FIELDS,
-            ...COMPONENT_FIELDS,
-            ...nonVisibleWritableAttributes,
-        ]);
-    };
-    const getQueryFields = (fields = []) => {
-        return (0, fp_1.uniq)([
-            ...fields,
-            ...STATIC_FIELDS,
-            ...COMPONENT_FIELDS,
-            CREATED_AT_ATTRIBUTE,
-            UPDATED_AT_ATTRIBUTE,
-            PUBLISHED_AT_ATTRIBUTE,
-        ]);
-    };
-    return {
-        validateQuery: wrapValidate(createValidateQuery),
-        validateInput: wrapValidate(createValidateInput),
-    };
-};
-//# sourceMappingURL=validate.js.map

package/dist/server/services/permission/permissions-manager/validate.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../../../server/src/services/permission/permissions-manager/validate.ts"],"names":[],"mappings":";;AAAA,2CAAwE;AACxE,+CAAwD;AACxD,kCAamB;AAEnB,yCAAoG;AACpG,+CAAiE;AAEjE,MAAM,EAAE,eAAe,EAAE,GAAG,cAAM,CAAC;AACnC,MAAM,EAAE,aAAa,EAAE,qBAAqB,EAAE,GAAG,gBAAQ,CAAC,QAAQ,CAAC;AAEnE,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,qBAAqB,EAAE,GACpF,oBAAY,CAAC;AACf,MAAM,EACJ,YAAY,EACZ,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,oBAAoB,EACpB,oBAAoB,GACrB,GAAG,SAAS,CAAC;AAEd,MAAM,gBAAgB,GAAG,CAAC,aAAa,CAAC,CAAC;AAEzC,MAAM,aAAa,GAAG,CAAC,YAAY,CAAC,CAAC;AAErC,MAAM,iBAAiB,GAAG,CAAC,EAAE,GAAG,EAAO,EAAE,EAAE;IACzC,MAAM,IAAI,eAAe,CAAC,qBAAqB,GAAG,EAAE,CAAC,CAAC;AACxD,CAAC,CAAC;AAEF,kBAAe,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAO,EAAE,EAAE;IACjD,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAEtC,MAAM,mBAAmB,GAAG,CAAC,UAAU,EAAS,EAAE,EAAE;QAClD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAE3B,4DAA4D;QAC5D,MAAM,eAAe,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE1F,MAAM,eAAe,GAAG,IAAA,iBAAS,EAC/B,gBAAQ,CAAC,oBAAoB,CAAC,qBAAqB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EACjF,gBAAQ,CAAC,oBAAoB,CAAC,8BAA8B,EAAE,EAAE,MAAM,EAAE,CAAC,EACzE,gBAAQ,CAAC,oBAAoB,CAAC,aAAa,EAAE,EAAE,MAAM,EAAE,CAAC,EACxD,gBAAQ,CAAC,oBAAoB,CAC3B,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE;YACjB,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,IAAI,IAAA,YAAO,EAAC,KAAK,CAAC,EAAE;gBACrC,iBAAiB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;aAC5B;QACH,CAAC,EACD,EAAE,MAAM,EAAE,CACX,CACF,CAAC;QAEF,MAAM,YAAY,GAAG,IAAA,iBAAS,EAC5B,gBAAQ,CAAC,iBAAiB,CAAC,qBAAqB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EAC9E,gBAAQ,CAAC,iBAAiB,CAAC,8BAA8B,EAAE,EAAE,MAAM,EAAE,CAAC,EACtE,gBAAQ,CAAC,iBAAiB,CAAC,aAAa,EAAE,EAAE,MAAM,EAAE,CAAC,EACrD,gBAAQ,CAAC,iBAAiB,CACxB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE,EAAE,EAAE;YAC5B,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,IAAI,IAAA,YAAO,EAAC,KAAK,CAAC,EAAE;gBACnD,iBAAiB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;aAC5B;QACH,CAAC,EACD,EAAE,MAAM,EAAE,CACX,CACF,CAAC;QAEF,MAAM,cAAc,GAAG,IAAA,iBAAS,EAC9B,gBAAQ,CAAC,mBAAmB,CAAC,qBAAqB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EAChF,gBAAQ,CAAC,mBAAmB,CAAC,aAAa,EAAE,EAAE,MAAM,EAAE,CAAC,CACxD,CAAC;QAEF,OAAO,KAAK,EAAE,KAAU,EAAE,EAAE;YAC1B,IAAI,KAAK,CAAC,OAAO,EAAE;gBACjB,MAAM,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;aACtC;YAED,IAAI,KAAK,CAAC,IAAI,EAAE;gBACd,MAAM,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;aAChC;YAED,IAAI,KAAK,CAAC,MAAM,EAAE;gBAChB,MAAM,cAAc,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;aACpC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,mBAAmB,GAAG,CAAC,UAAU,EAAS,EAAE,EAAE;QAClD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAE3B,MAAM,eAAe,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE1F,OAAO,IAAA,iBAAS;QACd,sCAAsC;QACtC,IAAA,sBAAc,EAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,CAAC;QAC7C,mCAAmC;QACnC,mBAAmB;QACnB,IAAA,sBAAc,EAAC,qBAAqB,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC;QAClE,iDAAiD;QACjD,gBAAgB,CACjB,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,YAAY,GAAG,CAAC,sBAA2B,EAAE,EAAE;QACnD,mBAAmB;QACnB,MAAM,eAAe,GAAG,KAAK,EAAE,IAAI,EAAE,OAAO,GAAG,EAAE,EAAE,EAAE;YACnD,IAAI,IAAA,YAAO,EAAC,IAAI,CAAC,EAAE;gBACjB,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAW,EAAE,EAAE,CAAC,eAAe,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;aACjF;YAED,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,iBAAiB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAE7E,MAAM,eAAe,GAAG,IAAA,yBAAiB,EAAC,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE;gBAC1E,UAAU,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE;aACxC,CAAC,CAAC;YAEH,MAAM,uBAAuB,GAAG,IAAA,SAAI,EAClC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,IAAA,UAAK,EAAC,MAAM,CAAC,EAC1B,IAAA,YAAO,EAAC,IAAA,SAAI,EAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,cAAc,EAAE,IAAA,2BAAiB,EAAC,OAAO,CAAC,CAAC,CAAC,CACtF,CAAC;YACF,MAAM,sBAAsB,GAAG,IAAA,YAAO,EAAC,eAAe,CAAC,IAAI,CAAC,uBAAuB,CAAC;YAEpF,MAAM,eAAe,GAAG;gBACtB,GAAG,OAAO;gBACV,MAAM,EAAE;oBACN,gBAAgB,EAAE,sBAAsB;oBACxC,SAAS,EAAE,eAAe;oBAC1B,uBAAuB;iBACxB;aACF,CAAC;YAEF,MAAM,gBAAgB,GAAG,sBAAsB,CAAC,eAAe,CAAC,CAAC;YAEjE,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC,CAAC;QAEF,OAAO,eAAe,CAAC;IACzB,CAAC,CAAC;IAEF,MAAM,iBAAiB,GAAG,CAAC,IAAS,EAAE,OAAY,EAAE,EAAE;QACpD,OAAO,IAAA,aAAQ,EAAC,EAAE,OAAO,EAAE,IAAA,iBAAS,EAAC,KAAK,EAAE,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,CAAC;IACxE,CAAC,CAAC;IAEF;;OAEG;IACH,MAAM,gBAAgB,GAAG,IAAA,SAAI,EAAC,CAAC,GAAG,oBAAoB,QAAQ,EAAE,GAAG,oBAAoB,QAAQ,CAAC,CAAC,CAAC;IAElG;;OAEG;IACH,MAAM,iBAAiB,GAAG,CAAC,EAAE,GAAG,EAAE,MAAM,EAAO,EAAE,EAAE;QACjD,MAAM,QAAQ,GAAG,IAAA,UAAK,EAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,YAAY,EAAE,GAAG,EAAE,QAAQ,CAAC,EAAE,MAAM,CAAC,CAAC;QAE/E,IAAI,QAAQ,EAAE;YACZ,iBAAiB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;SAC5B;IACH,CAAC,CAAC;IAEF;;OAEG;IACH,MAAM,8BAA8B,GAAG,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAO,EAAE,EAAE;QACzE,IAAI,MAAM,CAAC,GAAG,KAAK,aAAa,IAAI,SAAS,IAAI,CAAC,gCAAyB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;YACzF,iBAAiB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;SAC5B;IACH,CAAC,CAAC;IAEF,MAAM,cAAc,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE;QACrC,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC;QAC7D,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAEzD,MAAM,4BAA4B,GAAG,IAAA,iBAAY,EAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC;QAE5F,OAAO,IAAA,SAAI,EAAC;YACV,GAAG,MAAM;YACT,GAAG,aAAa;YAChB,GAAG,gBAAgB;YACnB,GAAG,4BAA4B;SAChC,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,MAAM,cAAc,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE;QACrC,OAAO,IAAA,SAAI,EAAC;YACV,GAAG,MAAM;YACT,GAAG,aAAa;YAChB,GAAG,gBAAgB;YACnB,oBAAoB;YACpB,oBAAoB;YACpB,sBAAsB;SACvB,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,OAAO;QACL,aAAa,EAAE,YAAY,CAAC,mBAAmB,CAAC;QAChD,aAAa,EAAE,YAAY,CAAC,mBAAmB,CAAC;KACjD,CAAC;AACJ,CAAC,CAAC"}

package/dist/server/services/permission/queries.d.ts

@@ -1,44 +0,0 @@
-/**
- * Delete permissions of roles in database
- * @param rolesIds ids of roles
- * @returns {Promise<array>}
- */
-export declare const deleteByRolesIds: (rolesIds: string[]) => Promise<void>;
-/**
- * Delete permissions
- * @param ids ids of permissions
- * @returns {Promise<array>}
- */
-export declare const deleteByIds: (ids: string[]) => Promise<void>;
-/**
- * Create many permissions
- * @param permissions
- * @returns {Promise<*[]|*>}
- */
-export declare const createMany: (permissions: any) => Promise<import("../../domain/permission/index").Permission>;
-/**
- * Find assigned permissions in the database
- * @param params query params to find the permissions
- * @returns {Promise<Permission[]>}
- */
-export declare const findMany: (params?: {}) => Promise<import("../../domain/permission/index").Permission>;
-/**
- * Find all permissions for a user
- * @param user - user
- * @returns {Promise<Permission[]>}
- */
-export declare const findUserPermissions: (user: any) => Promise<import("../../domain/permission/index").Permission>;
-/**
- * Removes permissions in database that don't exist anymore
- * @returns {Promise<>}
- */
-export declare const cleanPermissionsInDatabase: () => Promise<void>;
-declare const _default: {
-    createMany: (permissions: any) => Promise<import("../../domain/permission/index").Permission>;
-    findMany: (params?: {}) => Promise<import("../../domain/permission/index").Permission>;
-    deleteByRolesIds: (rolesIds: string[]) => Promise<void>;
-    deleteByIds: (ids: string[]) => Promise<void>;
-    findUserPermissions: (user: any) => Promise<import("../../domain/permission/index").Permission>;
-    cleanPermissionsInDatabase: () => Promise<void>;
-};
-export default _default;

package/dist/server/services/permission/queries.js

@@ -1,159 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.cleanPermissionsInDatabase = exports.findUserPermissions = exports.findMany = exports.createMany = exports.deleteByIds = exports.deleteByRolesIds = void 0;
-const fp_1 = require("lodash/fp");
-const p_map_1 = __importDefault(require("p-map"));
-const utils_1 = require("../../utils");
-const index_1 = __importDefault(require("../../domain/permission/index"));
-/**
- * Delete permissions of roles in database
- * @param rolesIds ids of roles
- * @returns {Promise<array>}
- */
-const deleteByRolesIds = async (rolesIds) => {
-    const permissionsToDelete = await strapi.query('admin::permission').findMany({
-        select: ['id'],
-        where: {
-            role: { id: rolesIds },
-        },
-    });
-    if (permissionsToDelete.length > 0) {
-        await (0, exports.deleteByIds)(permissionsToDelete.map((0, fp_1.prop)('id')));
-    }
-};
-exports.deleteByRolesIds = deleteByRolesIds;
-/**
- * Delete permissions
- * @param ids ids of permissions
- * @returns {Promise<array>}
- */
-const deleteByIds = async (ids) => {
-    const result = [];
-    for (const id of ids) {
-        const queryResult = await strapi.query('admin::permission').delete({ where: { id } });
-        result.push(queryResult);
-    }
-    strapi.eventHub.emit('permission.delete', { permissions: result });
-};
-exports.deleteByIds = deleteByIds;
-/**
- * Create many permissions
- * @param permissions
- * @returns {Promise<*[]|*>}
- */
-const createMany = async (permissions) => {
-    const createdPermissions = [];
-    for (const permission of permissions) {
-        const newPerm = await strapi.query('admin::permission').create({ data: permission });
-        createdPermissions.push(newPerm);
-    }
-    const permissionsToReturn = index_1.default.toPermission(createdPermissions);
-    strapi.eventHub.emit('permission.create', { permissions: permissionsToReturn });
-    return permissionsToReturn;
-};
-exports.createMany = createMany;
-/**
- * Update a permission
- * @returns {Promise<*[]|*>}
- * @param params
- * @param attributes
- */
-const update = async (params, attributes) => {
-    const updatedPermission = await strapi
-        .query('admin::permission')
-        .update({ where: params, data: attributes });
-    const permissionToReturn = index_1.default.toPermission(updatedPermission);
-    strapi.eventHub.emit('permission.update', { permissions: permissionToReturn });
-    return permissionToReturn;
-};
-/**
- * Find assigned permissions in the database
- * @param params query params to find the permissions
- * @returns {Promise<Permission[]>}
- */
-const findMany = async (params = {}) => {
-    const rawPermissions = await strapi.query('admin::permission').findMany(params);
-    return index_1.default.toPermission(rawPermissions);
-};
-exports.findMany = findMany;
-/**
- * Find all permissions for a user
- * @param user - user
- * @returns {Promise<Permission[]>}
- */
-const findUserPermissions = async (user) => {
-    return (0, exports.findMany)({ where: { role: { users: { id: user.id } } } });
-};
-exports.findUserPermissions = findUserPermissions;
-const filterPermissionsToRemove = async (permissions) => {
-    const { actionProvider } = (0, utils_1.getService)('permission');
-    const permissionsToRemove = [];
-    for (const permission of permissions) {
-        const { subjects, options = {} } = actionProvider.get(permission.action) || {};
-        const { applyToProperties } = options;
-        const invalidProperties = await Promise.all((applyToProperties || []).map(async (property) => {
-            const applies = await actionProvider.appliesToProperty(property, permission.action, permission.subject);
-            return applies && (0, fp_1.isNil)(index_1.default.getProperty(property, permission));
-        }));
-        const isRegisteredAction = actionProvider.has(permission.action);
-        const hasInvalidProperties = (0, fp_1.isArray)(applyToProperties) && invalidProperties.every((0, fp_1.eq)(true));
-        const isInvalidSubject = (0, fp_1.isArray)(subjects) && !subjects.includes(permission.subject);
-        // If the permission has an invalid action, an invalid subject or invalid properties, then add it to the toBeRemoved collection
-        if (!isRegisteredAction || isInvalidSubject || hasInvalidProperties) {
-            permissionsToRemove.push(permission);
-        }
-    }
-    return permissionsToRemove;
-};
-/**
- * Removes permissions in database that don't exist anymore
- * @returns {Promise<>}
- */
-const cleanPermissionsInDatabase = async () => {
-    const pageSize = 200;
-    const contentTypeService = (0, utils_1.getService)('content-type');
-    const total = await strapi.query('admin::permission').count();
-    const pageCount = Math.ceil(total / pageSize);
-    for (let page = 0; page < pageCount; page += 1) {
-        // 1. Find invalid permissions and collect their ID to delete them later
-        const results = await strapi
-            .query('admin::permission')
-            .findMany({ limit: pageSize, offset: page * pageSize });
-        const permissions = index_1.default.toPermission(results);
-        const permissionsToRemove = await filterPermissionsToRemove(permissions);
-        const permissionsIdToRemove = (0, fp_1.map)((0, fp_1.prop)('id'), permissionsToRemove);
-        // 2. Clean permissions' fields (add required ones, remove the non-existing ones)
-        // @ts-expect-error - Make toPermission return an array if the input was an array
-        const remainingPermissions = permissions.filter((permission) => !permissionsIdToRemove.includes(permission.id));
-        const permissionsWithCleanFields = contentTypeService.cleanPermissionFields(remainingPermissions);
-        // Update only the ones that need to be updated
-        const permissionsNeedingToBeUpdated = (0, fp_1.differenceWith)((a, b) => {
-            return a.id === b.id && (0, fp_1.xor)(a.properties.fields, b.properties.fields).length === 0;
-        }, permissionsWithCleanFields, remainingPermissions);
-        const updatePromiseProvider = (permission) => {
-            return update({ id: permission.id }, permission);
-        };
-        // Execute all the queries, update the database
-        await Promise.all([
-            (0, exports.deleteByIds)(permissionsIdToRemove),
-            // @ts-ignore
-            (0, p_map_1.default)(permissionsNeedingToBeUpdated, updatePromiseProvider, {
-                concurrency: 100,
-                stopOnError: true,
-            }),
-        ]);
-    }
-};
-exports.cleanPermissionsInDatabase = cleanPermissionsInDatabase;
-exports.default = {
-    createMany: exports.createMany,
-    findMany: exports.findMany,
-    deleteByRolesIds: exports.deleteByRolesIds,
-    deleteByIds: exports.deleteByIds,
-    findUserPermissions: exports.findUserPermissions,
-    cleanPermissionsInDatabase: exports.cleanPermissionsInDatabase,
-};
-//# sourceMappingURL=queries.js.map