@strapi/admin 4.14.3 → 4.14.5

package/dist/server/services/user.d.ts

@@ -1,96 +0,0 @@
-/**
- * Remove private user fields
- * @param {Object} user - user to sanitize
- */
-declare const sanitizeUser: (user: any) => {
-    roles: any;
-};
-/**
- * Create and save a user in database
- * @param attributes A partial user object
- * @returns {Promise<user>}
- */
-declare const create: (attributes: any) => Promise<any>;
-/**
- * Update a user in database
- * @param id query params to find the user to update
- * @param attributes A partial user object
- * @returns {Promise<user>}
- */
-declare const updateById: (id: any, attributes: any) => Promise<any>;
-/**
- * Reset a user password by email. (Used in admin:reset CLI)
- * @param {string} email - user email
- * @param {string} password - new password
- */
-declare const resetPasswordByEmail: (email: string, password: string) => Promise<void>;
-/**
- * Check if a user with specific attributes exists in the database
- * @param attributes A partial user object
- * @returns {Promise<boolean>}
- */
-declare const exists: (attributes?: {}) => Promise<boolean>;
-/**
- * Returns a user registration info
- * @param {string} registrationToken - a user registration token
- * @returns {Promise<registrationInfo>} - Returns user email, firstname and lastname
- */
-declare const findRegistrationInfo: (registrationToken: string) => Promise<Pick<any, "email" | "firstname" | "lastname"> | undefined>;
-/**
- * Registers a user based on a registrationToken and some informations to update
- * @param {Object} params
- * @param {Object} params.registrationToken registration token
- * @param {Object} params.userInfo user info
- */
-declare const register: ({ registrationToken, userInfo }: any) => Promise<any>;
-/**
- * Find one user
- */
-declare const findOne: (id: any, populate?: string[]) => Promise<import("@strapi/types/dist/types/core/attributes").GetValues<"admin::user", string> | null>;
-/**
- * Find one user by its email
- * @param {string} id  email
- * @param {string || string[] || object} populate
- * @returns
- */
-declare const findOneByEmail: (email: string, populate?: never[]) => Promise<any>;
-/** Find many users (paginated)
- * @param query
- * @returns {Promise<user>}
- */
-declare const findPage: (query?: {}) => Promise<import("@strapi/types/dist/modules/entity-service").PaginatedResult<"admin::user", {
-    populate: string[];
-}>>;
-/** Delete a user
- * @param id id of the user to delete
- * @returns {Promise<user>}
- */
-declare const deleteById: (id: any) => Promise<any>;
-/** Delete a user
- * @param ids ids of the users to delete
- * @returns {Promise<user>}
- */
-declare const deleteByIds: (ids: any[]) => Promise<any[]>;
-/** Count the users that don't have any associated roles
- * @returns {Promise<number>}
- */
-declare const countUsersWithoutRole: () => Promise<number>;
-/**
- * Count the number of users based on search params
- * @param params params used for the query
- * @returns {Promise<number>}
- */
-declare const count: (where?: {}) => Promise<number>;
-/** Assign some roles to several users
- * @returns {undefined}
- */
-declare const assignARoleToAll: (roleId: any) => Promise<void>;
-/** Display a warning if some users don't have at least one role
- * @returns {Promise<>}
- */
-declare const displayWarningIfUsersDontHaveRole: () => Promise<void>;
-/** Returns an array of interface languages currently used by users
- * @returns {Promise<Array<string>>}
- */
-declare const getLanguagesInUse: () => Promise<any[]>;
-export { create, updateById, exists, findRegistrationInfo, register, sanitizeUser, findOne, findOneByEmail, findPage, deleteById, deleteByIds, countUsersWithoutRole, count, assignARoleToAll, displayWarningIfUsersDontHaveRole, resetPasswordByEmail, getLanguagesInUse, };

package/dist/server/services/user.js

@@ -1,311 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getLanguagesInUse = exports.resetPasswordByEmail = exports.displayWarningIfUsersDontHaveRole = exports.assignARoleToAll = exports.count = exports.countUsersWithoutRole = exports.deleteByIds = exports.deleteById = exports.findPage = exports.findOneByEmail = exports.findOne = exports.sanitizeUser = exports.register = exports.findRegistrationInfo = exports.exists = exports.updateById = exports.create = void 0;
-const lodash_1 = __importDefault(require("lodash"));
-const fp_1 = require("lodash/fp");
-const utils_1 = require("@strapi/utils");
-const user_1 = require("../domain/user");
-const common_validators_1 = require("../validation/common-validators");
-const utils_2 = require("../utils");
-const constants_1 = require("./constants");
-const { ValidationError } = utils_1.errors;
-const sanitizeUserRoles = (role) => lodash_1.default.pick(role, ['id', 'name', 'description', 'code']);
-/**
- * Remove private user fields
- * @param {Object} user - user to sanitize
- */
-const sanitizeUser = (user) => {
-    return {
-        ...lodash_1.default.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),
-        roles: user.roles && user.roles.map(sanitizeUserRoles),
-    };
-};
-exports.sanitizeUser = sanitizeUser;
-/**
- * Create and save a user in database
- * @param attributes A partial user object
- * @returns {Promise<user>}
- */
-const create = async (attributes) => {
-    const userInfo = {
-        registrationToken: (0, utils_2.getService)('token').createToken(),
-        ...attributes,
-    };
-    if (lodash_1.default.has(attributes, 'password')) {
-        userInfo.password = await (0, utils_2.getService)('auth').hashPassword(attributes.password);
-    }
-    const user = (0, user_1.createUser)(userInfo);
-    const createdUser = await strapi.query('admin::user').create({ data: user, populate: ['roles'] });
-    (0, utils_2.getService)('metrics').sendDidInviteUser();
-    strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });
-    return createdUser;
-};
-exports.create = create;
-/**
- * Update a user in database
- * @param id query params to find the user to update
- * @param attributes A partial user object
- * @returns {Promise<user>}
- */
-const updateById = async (id, attributes) => {
-    // Check at least one super admin remains
-    if (lodash_1.default.has(attributes, 'roles')) {
-        const lastAdminUser = await isLastSuperAdminUser(id);
-        const superAdminRole = await (0, utils_2.getService)('role').getSuperAdminWithUsersCount();
-        const willRemoveSuperAdminRole = !(0, utils_1.stringIncludes)(attributes.roles, superAdminRole.id);
-        if (lastAdminUser && willRemoveSuperAdminRole) {
-            throw new ValidationError('You must have at least one user with super admin role.');
-        }
-    }
-    // cannot disable last super admin
-    if (attributes.isActive === false) {
-        const lastAdminUser = await isLastSuperAdminUser(id);
-        if (lastAdminUser) {
-            throw new ValidationError('You must have at least one user with super admin role.');
-        }
-    }
-    // hash password if a new one is sent
-    if (lodash_1.default.has(attributes, 'password')) {
-        const hashedPassword = await (0, utils_2.getService)('auth').hashPassword(attributes.password);
-        const updatedUser = await strapi.query('admin::user').update({
-            where: { id },
-            data: {
-                ...attributes,
-                password: hashedPassword,
-            },
-            populate: ['roles'],
-        });
-        strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });
-        return updatedUser;
-    }
-    const updatedUser = await strapi.query('admin::user').update({
-        where: { id },
-        data: attributes,
-        populate: ['roles'],
-    });
-    if (updatedUser) {
-        strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });
-    }
-    return updatedUser;
-};
-exports.updateById = updateById;
-/**
- * Reset a user password by email. (Used in admin:reset CLI)
- * @param {string} email - user email
- * @param {string} password - new password
- */
-const resetPasswordByEmail = async (email, password) => {
-    const user = await strapi.query('admin::user').findOne({ where: { email }, populate: ['roles'] });
-    if (!user) {
-        throw new Error(`User not found for email: ${email}`);
-    }
-    try {
-        await common_validators_1.password.validate(password);
-    }
-    catch (error) {
-        throw new ValidationError('Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter');
-    }
-    await updateById(user.id, { password });
-};
-exports.resetPasswordByEmail = resetPasswordByEmail;
-/**
- * Check if a user is the last super admin
- * @param {int|string} userId user's id to look for
- */
-const isLastSuperAdminUser = async (userId) => {
-    const user = await findOne(userId);
-    const superAdminRole = await (0, utils_2.getService)('role').getSuperAdminWithUsersCount();
-    // @ts-expect-error
-    return superAdminRole.usersCount === 1 && (0, user_1.hasSuperAdminRole)(user);
-};
-/**
- * Check if a user with specific attributes exists in the database
- * @param attributes A partial user object
- * @returns {Promise<boolean>}
- */
-const exists = async (attributes = {}) => {
-    return (await strapi.query('admin::user').count({ where: attributes })) > 0;
-};
-exports.exists = exists;
-/**
- * Returns a user registration info
- * @param {string} registrationToken - a user registration token
- * @returns {Promise<registrationInfo>} - Returns user email, firstname and lastname
- */
-const findRegistrationInfo = async (registrationToken) => {
-    const user = await strapi.query('admin::user').findOne({ where: { registrationToken } });
-    if (!user) {
-        return undefined;
-    }
-    return lodash_1.default.pick(user, ['email', 'firstname', 'lastname']);
-};
-exports.findRegistrationInfo = findRegistrationInfo;
-/**
- * Registers a user based on a registrationToken and some informations to update
- * @param {Object} params
- * @param {Object} params.registrationToken registration token
- * @param {Object} params.userInfo user info
- */
-const register = async ({ registrationToken, userInfo }) => {
-    const matchingUser = await strapi.query('admin::user').findOne({ where: { registrationToken } });
-    if (!matchingUser) {
-        throw new ValidationError('Invalid registration info');
-    }
-    return (0, utils_2.getService)('user').updateById(matchingUser.id, {
-        password: userInfo.password,
-        firstname: userInfo.firstname,
-        lastname: userInfo.lastname,
-        registrationToken: null,
-        isActive: true,
-    });
-};
-exports.register = register;
-/**
- * Find one user
- */
-const findOne = async (id, populate = ['roles']) => {
-    return strapi.entityService.findOne('admin::user', id, { populate });
-};
-exports.findOne = findOne;
-/**
- * Find one user by its email
- * @param {string} id  email
- * @param {string || string[] || object} populate
- * @returns
- */
-const findOneByEmail = async (email, populate = []) => {
-    return strapi.query('admin::user').findOne({
-        where: { email },
-        populate,
-    });
-};
-exports.findOneByEmail = findOneByEmail;
-/** Find many users (paginated)
- * @param query
- * @returns {Promise<user>}
- */
-const findPage = async (query = {}) => {
-    const enrichedQuery = (0, fp_1.defaults)({ populate: ['roles'] }, query);
-    return strapi.entityService.findPage('admin::user', enrichedQuery);
-};
-exports.findPage = findPage;
-/** Delete a user
- * @param id id of the user to delete
- * @returns {Promise<user>}
- */
-const deleteById = async (id) => {
-    // Check at least one super admin remains
-    const userToDelete = await strapi.query('admin::user').findOne({
-        where: { id },
-        populate: ['roles'],
-    });
-    if (!userToDelete) {
-        return null;
-    }
-    if (userToDelete) {
-        if (userToDelete.roles.some((r) => r.code === constants_1.SUPER_ADMIN_CODE)) {
-            const superAdminRole = await (0, utils_2.getService)('role').getSuperAdminWithUsersCount();
-            if (superAdminRole.usersCount === 1) {
-                throw new ValidationError('You must have at least one user with super admin role.');
-            }
-        }
-    }
-    const deletedUser = await strapi
-        .query('admin::user')
-        .delete({ where: { id }, populate: ['roles'] });
-    strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });
-    return deletedUser;
-};
-exports.deleteById = deleteById;
-/** Delete a user
- * @param ids ids of the users to delete
- * @returns {Promise<user>}
- */
-const deleteByIds = async (ids) => {
-    // Check at least one super admin remains
-    const superAdminRole = await (0, utils_2.getService)('role').getSuperAdminWithUsersCount();
-    const nbOfSuperAdminToDelete = await strapi.query('admin::user').count({
-        where: {
-            id: ids,
-            roles: { id: superAdminRole.id },
-        },
-    });
-    if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
-        throw new ValidationError('You must have at least one user with super admin role.');
-    }
-    const deletedUsers = [];
-    for (const id of ids) {
-        const deletedUser = await strapi.query('admin::user').delete({
-            where: { id },
-            populate: ['roles'],
-        });
-        deletedUsers.push(deletedUser);
-    }
-    strapi.eventHub.emit('user.delete', {
-        users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),
-    });
-    return deletedUsers;
-};
-exports.deleteByIds = deleteByIds;
-/** Count the users that don't have any associated roles
- * @returns {Promise<number>}
- */
-const countUsersWithoutRole = async () => {
-    return strapi.query('admin::user').count({
-        where: {
-            roles: {
-                id: { $null: true },
-            },
-        },
-    });
-};
-exports.countUsersWithoutRole = countUsersWithoutRole;
-/**
- * Count the number of users based on search params
- * @param params params used for the query
- * @returns {Promise<number>}
- */
-const count = async (where = {}) => {
-    return strapi.query('admin::user').count({ where });
-};
-exports.count = count;
-/** Assign some roles to several users
- * @returns {undefined}
- */
-const assignARoleToAll = async (roleId) => {
-    const users = await strapi.query('admin::user').findMany({
-        select: ['id'],
-        where: {
-            roles: { id: { $null: true } },
-        },
-    });
-    await Promise.all(users.map((user) => {
-        return strapi.query('admin::user').update({
-            where: { id: user.id },
-            data: { roles: [roleId] },
-        });
-    }));
-};
-exports.assignARoleToAll = assignARoleToAll;
-/** Display a warning if some users don't have at least one role
- * @returns {Promise<>}
- */
-const displayWarningIfUsersDontHaveRole = async () => {
-    const count = await countUsersWithoutRole();
-    if (count > 0) {
-        strapi.log.warn(`Some users (${count}) don't have any role.`);
-    }
-};
-exports.displayWarningIfUsersDontHaveRole = displayWarningIfUsersDontHaveRole;
-/** Returns an array of interface languages currently used by users
- * @returns {Promise<Array<string>>}
- */
-const getLanguagesInUse = async () => {
-    const users = await strapi.query('admin::user').findMany({ select: ['preferedLanguage'] });
-    return users.map((user) => user.preferedLanguage || 'en');
-};
-exports.getLanguagesInUse = getLanguagesInUse;
-//# sourceMappingURL=user.js.map

package/dist/server/services/user.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"user.js","sourceRoot":"","sources":["../../../server/src/services/user.ts"],"names":[],"mappings":";;;;;;AAAA,oDAAuB;AACvB,kCAAqC;AACrC,yCAAuD;AACvD,yCAA+D;AAC/D,uEAAgF;AAChF,oCAAsC;AACtC,2CAA+C;AAE/C,MAAM,EAAE,eAAe,EAAE,GAAG,cAAM,CAAC;AACnC,MAAM,iBAAiB,GAAG,CAAC,IAAY,EAAE,EAAE,CAAC,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC;AAEhG;;;GAGG;AACH,MAAM,YAAY,GAAG,CAAC,IAAS,EAAE,EAAE;IACjC,OAAO;QACL,GAAG,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,OAAO,CAAC,CAAC;QACjF,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC;KACvD,CAAC;AACJ,CAAC,CAAC;AA4UA,oCAAY;AA1Ud;;;;GAIG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,UAAe,EAAE,EAAE;IACvC,MAAM,QAAQ,GAAG;QACf,iBAAiB,EAAE,IAAA,kBAAU,EAAC,OAAO,CAAC,CAAC,WAAW,EAAE;QACpD,GAAG,UAAU;KACd,CAAC;IAEF,IAAI,gBAAC,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,EAAE;QACjC,QAAQ,CAAC,QAAQ,GAAG,MAAM,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;KAChF;IAED,MAAM,IAAI,GAAG,IAAA,iBAAU,EAAC,QAAQ,CAAC,CAAC;IAElC,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAElG,IAAA,kBAAU,EAAC,SAAS,CAAC,CAAC,iBAAiB,EAAE,CAAC;IAE1C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,YAAY,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;IAEzE,OAAO,WAAW,CAAC;AACrB,CAAC,CAAC;AA6SA,wBAAM;AA3SR;;;;;GAKG;AACH,MAAM,UAAU,GAAG,KAAK,EAAE,EAAO,EAAE,UAAe,EAAE,EAAE;IACpD,yCAAyC;IACzC,IAAI,gBAAC,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE;QAC9B,MAAM,aAAa,GAAG,MAAM,oBAAoB,CAAC,EAAE,CAAC,CAAC;QACrD,MAAM,cAAc,GAAG,MAAM,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,2BAA2B,EAAE,CAAC;QAC9E,MAAM,wBAAwB,GAAG,CAAC,IAAA,sBAAc,EAAC,UAAU,CAAC,KAAK,EAAE,cAAc,CAAC,EAAE,CAAC,CAAC;QAEtF,IAAI,aAAa,IAAI,wBAAwB,EAAE;YAC7C,MAAM,IAAI,eAAe,CAAC,wDAAwD,CAAC,CAAC;SACrF;KACF;IAED,kCAAkC;IAClC,IAAI,UAAU,CAAC,QAAQ,KAAK,KAAK,EAAE;QACjC,MAAM,aAAa,GAAG,MAAM,oBAAoB,CAAC,EAAE,CAAC,CAAC;QACrD,IAAI,aAAa,EAAE;YACjB,MAAM,IAAI,eAAe,CAAC,wDAAwD,CAAC,CAAC;SACrF;KACF;IAED,qCAAqC;IACrC,IAAI,gBAAC,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,EAAE;QACjC,MAAM,cAAc,GAAG,MAAM,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAElF,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;YAC3D,KAAK,EAAE,EAAE,EAAE,EAAE;YACb,IAAI,EAAE;gBACJ,GAAG,UAAU;gBACb,QAAQ,EAAE,cAAc;aACzB;YACD,QAAQ,EAAE,CAAC,OAAO,CAAC;SACpB,CAAC,CAAC;QAEH,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,YAAY,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAEzE,OAAO,WAAW,CAAC;KACpB;IAED,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;QAC3D,KAAK,EAAE,EAAE,EAAE,EAAE;QACb,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,CAAC,OAAO,CAAC;KACpB,CAAC,CAAC;IAEH,IAAI,WAAW,EAAE;QACf,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,YAAY,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;KAC1E;IAED,OAAO,WAAW,CAAC;AACrB,CAAC,CAAC;AAqPA,gCAAU;AAnPZ;;;;GAIG;AACH,MAAM,oBAAoB,GAAG,KAAK,EAAE,KAAa,EAAE,QAAgB,EAAE,EAAE;IACrE,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAElG,IAAI,CAAC,IAAI,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;KACvD;IAED,IAAI;QACF,MAAM,4BAAiB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;KAC5C;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,IAAI,eAAe,CACvB,wGAAwG,CACzG,CAAC;KACH;IAED,MAAM,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;AAC1C,CAAC,CAAC;AA4OA,oDAAoB;AA1OtB;;;GAGG;AACH,MAAM,oBAAoB,GAAG,KAAK,EAAE,MAAW,EAAE,EAAE;IACjD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,cAAc,GAAG,MAAM,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,2BAA2B,EAAE,CAAC;IAE9E,mBAAmB;IACnB,OAAO,cAAc,CAAC,UAAU,KAAK,CAAC,IAAI,IAAA,wBAAiB,EAAC,IAAI,CAAC,CAAC;AACpE,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,UAAU,GAAG,EAAE,EAAE,EAAE;IACvC,OAAO,CAAC,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;AAC9E,CAAC,CAAC;AA0MA,wBAAM;AAxMR;;;;GAIG;AACH,MAAM,oBAAoB,GAAG,KAAK,EAAE,iBAAyB,EAAE,EAAE;IAC/D,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC;IAEzF,IAAI,CAAC,IAAI,EAAE;QACT,OAAO,SAAS,CAAC;KAClB;IAED,OAAO,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC,CAAC;AAC1D,CAAC,CAAC;AA4LA,oDAAoB;AA1LtB;;;;;GAKG;AACH,MAAM,QAAQ,GAAG,KAAK,EAAE,EAAE,iBAAiB,EAAE,QAAQ,EAAO,EAAE,EAAE;IAC9D,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC;IAEjG,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,IAAI,eAAe,CAAC,2BAA2B,CAAC,CAAC;KACxD;IAED,OAAO,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,EAAE;QACpD,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,SAAS,EAAE,QAAQ,CAAC,SAAS;QAC7B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,iBAAiB,EAAE,IAAI;QACvB,QAAQ,EAAE,IAAI;KACf,CAAC,CAAC;AACL,CAAC,CAAC;AAuKA,4BAAQ;AArKV;;GAEG;AACH,MAAM,OAAO,GAAG,KAAK,EAAE,EAAO,EAAE,QAAQ,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE;IACtD,OAAO,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;AACvE,CAAC,CAAC;AAkKA,0BAAO;AAhKT;;;;;GAKG;AACH,MAAM,cAAc,GAAG,KAAK,EAAE,KAAa,EAAE,QAAQ,GAAG,EAAE,EAAE,EAAE;IAC5D,OAAO,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC;QACzC,KAAK,EAAE,EAAE,KAAK,EAAE;QAChB,QAAQ;KACT,CAAC,CAAC;AACL,CAAC,CAAC;AAsJA,wCAAc;AApJhB;;;GAGG;AACH,MAAM,QAAQ,GAAG,KAAK,EAAE,KAAK,GAAG,EAAE,EAAE,EAAE;IACpC,MAAM,aAAa,GAAG,IAAA,aAAQ,EAAC,EAAE,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IAC/D,OAAO,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;AACrE,CAAC,CAAC;AA8IA,4BAAQ;AA5IV;;;GAGG;AACH,MAAM,UAAU,GAAG,KAAK,EAAE,EAAO,EAAE,EAAE;IACnC,yCAAyC;IACzC,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC;QAC7D,KAAK,EAAE,EAAE,EAAE,EAAE;QACb,QAAQ,EAAE,CAAC,OAAO,CAAC;KACpB,CAAC,CAAC;IAEH,IAAI,CAAC,YAAY,EAAE;QACjB,OAAO,IAAI,CAAC;KACb;IAED,IAAI,YAAY,EAAE;QAChB,IAAI,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,4BAAgB,CAAC,EAAE;YACpE,MAAM,cAAc,GAAG,MAAM,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,2BAA2B,EAAE,CAAC;YAC9E,IAAI,cAAc,CAAC,UAAU,KAAK,CAAC,EAAE;gBACnC,MAAM,IAAI,eAAe,CAAC,wDAAwD,CAAC,CAAC;aACrF;SACF;KACF;IAED,MAAM,WAAW,GAAG,MAAM,MAAM;SAC7B,KAAK,CAAC,aAAa,CAAC;SACpB,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAElD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,YAAY,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;IAEzE,OAAO,WAAW,CAAC;AACrB,CAAC,CAAC;AA8GA,gCAAU;AA5GZ;;;GAGG;AACH,MAAM,WAAW,GAAG,KAAK,EAAE,GAAU,EAAE,EAAE;IACvC,yCAAyC;IACzC,MAAM,cAAc,GAAG,MAAM,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC,2BAA2B,EAAE,CAAC;IAC9E,MAAM,sBAAsB,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC;QACrE,KAAK,EAAE;YACL,EAAE,EAAE,GAAG;YACP,KAAK,EAAE,EAAE,EAAE,EAAE,cAAc,CAAC,EAAE,EAAE;SACjC;KACF,CAAC,CAAC;IAEH,IAAI,cAAc,CAAC,UAAU,KAAK,sBAAsB,EAAE;QACxD,MAAM,IAAI,eAAe,CAAC,wDAAwD,CAAC,CAAC;KACrF;IAED,MAAM,YAAY,GAAG,EAAE,CAAC;IACxB,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE;QACpB,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;YAC3D,KAAK,EAAE,EAAE,EAAE,EAAE;YACb,QAAQ,EAAE,CAAC,OAAO,CAAC;SACpB,CAAC,CAAC;QAEH,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;KAChC;IAED,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE;QAClC,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;KACpE,CAAC,CAAC;IAEH,OAAO,YAAY,CAAC;AACtB,CAAC,CAAC;AA4EA,kCAAW;AA1Eb;;GAEG;AACH,MAAM,qBAAqB,GAAG,KAAK,IAAI,EAAE;IACvC,OAAO,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC;QACvC,KAAK,EAAE;YACL,KAAK,EAAE;gBACL,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE;aACpB;SACF;KACF,CAAC,CAAC;AACL,CAAC,CAAC;AAgEA,sDAAqB;AA9DvB;;;;GAIG;AACH,MAAM,KAAK,GAAG,KAAK,EAAE,KAAK,GAAG,EAAE,EAAE,EAAE;IACjC,OAAO,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AACtD,CAAC,CAAC;AAwDA,sBAAK;AAtDP;;GAEG;AACH,MAAM,gBAAgB,GAAG,KAAK,EAAE,MAAW,EAAE,EAAE;IAC7C,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC;QACvD,MAAM,EAAE,CAAC,IAAI,CAAC;QACd,KAAK,EAAE;YACL,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC/B;KACF,CAAC,CAAC;IAEH,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACjB,OAAO,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;YACxC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,MAAM,CAAC,EAAE;SAC1B,CAAC,CAAC;IACL,CAAC,CAAC,CACH,CAAC;AACJ,CAAC,CAAC;AAoCA,4CAAgB;AAlClB;;GAEG;AACH,MAAM,iCAAiC,GAAG,KAAK,IAAI,EAAE;IACnD,MAAM,KAAK,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAE5C,IAAI,KAAK,GAAG,CAAC,EAAE;QACb,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,KAAK,wBAAwB,CAAC,CAAC;KAC/D;AACH,CAAC,CAAC;AA0BA,8EAAiC;AAxBnC;;GAEG;AACH,MAAM,iBAAiB,GAAG,KAAK,IAAI,EAAE;IACnC,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC;IAE3F,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,CAAC;AAC5D,CAAC,CAAC;AAmBA,8CAAiB"}

package/dist/server/strategies/admin.d.ts

@@ -1,25 +0,0 @@
-/** @type {import('.').AuthenticateFunction} */
-export declare const authenticate: (ctx: any) => Promise<{
-    authenticated: boolean;
-    credentials?: undefined;
-    ability?: undefined;
-} | {
-    authenticated: boolean;
-    credentials: any;
-    ability: import("@casl/ability").Ability<import("@casl/ability").AbilityTuple, any>;
-}>;
-export declare const name = "admin";
-/** @type {import('.').AuthStrategy} */
-declare const _default: {
-    name: string;
-    authenticate: (ctx: any) => Promise<{
-        authenticated: boolean;
-        credentials?: undefined;
-        ability?: undefined;
-    } | {
-        authenticated: boolean;
-        credentials: any;
-        ability: import("@casl/ability").Ability<import("@casl/ability").AbilityTuple, any>;
-    }>;
-};
-export default _default;

package/dist/server/strategies/admin.js

@@ -1,44 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.name = exports.authenticate = void 0;
-const utils_1 = require("../utils");
-/** @type {import('.').AuthenticateFunction} */
-const authenticate = async (ctx) => {
-    const { authorization } = ctx.request.header;
-    if (!authorization) {
-        return { authenticated: false };
-    }
-    const parts = authorization.split(/\s+/);
-    if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {
-        return { authenticated: false };
-    }
-    const token = parts[1];
-    const { payload, isValid } = (0, utils_1.getService)('token').decodeJwtToken(token);
-    if (!isValid) {
-        return { authenticated: false };
-    }
-    const user = await strapi
-        .query('admin::user')
-        .findOne({ where: { id: payload.id }, populate: ['roles'] });
-    if (!user || !(user.isActive === true)) {
-        return { authenticated: false };
-    }
-    const userAbility = await (0, utils_1.getService)('permission').engine.generateUserAbility(user);
-    // TODO: use the ability from ctx.state.auth instead of
-    // ctx.state.userAbility, and remove the assign below
-    ctx.state.userAbility = userAbility;
-    ctx.state.user = user;
-    return {
-        authenticated: true,
-        credentials: user,
-        ability: userAbility,
-    };
-};
-exports.authenticate = authenticate;
-exports.name = 'admin';
-/** @type {import('.').AuthStrategy} */
-exports.default = {
-    name: exports.name,
-    authenticate: exports.authenticate,
-};
-//# sourceMappingURL=admin.js.map

package/dist/server/strategies/admin.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"admin.js","sourceRoot":"","sources":["../../../server/src/strategies/admin.ts"],"names":[],"mappings":";;;AAAA,oCAAsC;AAEtC,+CAA+C;AACxC,MAAM,YAAY,GAAG,KAAK,EAAE,GAAQ,EAAE,EAAE;IAC7C,MAAM,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;IAE7C,IAAI,CAAC,aAAa,EAAE;QAClB,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;KACjC;IAED,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAEzC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7D,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;KACjC;IAED,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,IAAA,kBAAU,EAAC,OAAO,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAEvE,IAAI,CAAC,OAAO,EAAE;QACZ,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;KACjC;IAED,MAAM,IAAI,GAAG,MAAM,MAAM;SACtB,KAAK,CAAC,aAAa,CAAC;SACpB,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAE/D,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,EAAE;QACtC,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;KACjC;IAED,MAAM,WAAW,GAAG,MAAM,IAAA,kBAAU,EAAC,YAAY,CAAC,CAAC,MAAM,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAEpF,uDAAuD;IACvD,qDAAqD;IACrD,GAAG,CAAC,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC;IACpC,GAAG,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC;IAEtB,OAAO;QACL,aAAa,EAAE,IAAI;QACnB,WAAW,EAAE,IAAI;QACjB,OAAO,EAAE,WAAW;KACrB,CAAC;AACJ,CAAC,CAAC;AAxCW,QAAA,YAAY,gBAwCvB;AAEW,QAAA,IAAI,GAAG,OAAO,CAAC;AAE5B,uCAAuC;AACvC,kBAAe;IACb,IAAI,EAAJ,YAAI;IACJ,YAAY,EAAZ,oBAAY;CACb,CAAC"}

package/dist/server/strategies/api-token.d.ts

@@ -1,60 +0,0 @@
-/**
- * Authenticate the validity of the token
- *
- *  @type {import('.').AuthenticateFunction}
- */
-export declare const authenticate: (ctx: any) => Promise<{
-    authenticated: boolean;
-    error?: undefined;
-    ability?: undefined;
-    credentials?: undefined;
-} | {
-    authenticated: boolean;
-    error: import("@strapi/utils/dist/errors").UnauthorizedError;
-    ability?: undefined;
-    credentials?: undefined;
-} | {
-    authenticated: boolean;
-    ability: import("@casl/ability").Ability<import("@casl/ability").AbilityTuple, any>;
-    credentials: any;
-    error?: undefined;
-} | {
-    authenticated: boolean;
-    credentials: any;
-    error?: undefined;
-    ability?: undefined;
-}>;
-/**
- * Verify the token has the required abilities for the requested scope
- *
- *  @type {import('.').VerifyFunction}
- */
-export declare const verify: (auth: any, config: any) => void;
-export declare const name = "api-token";
-/** @type {import('.').AuthStrategy} */
-declare const _default: {
-    name: string;
-    authenticate: (ctx: any) => Promise<{
-        authenticated: boolean;
-        error?: undefined;
-        ability?: undefined;
-        credentials?: undefined;
-    } | {
-        authenticated: boolean;
-        error: import("@strapi/utils/dist/errors").UnauthorizedError;
-        ability?: undefined;
-        credentials?: undefined;
-    } | {
-        authenticated: boolean;
-        ability: import("@casl/ability").Ability<import("@casl/ability").AbilityTuple, any>;
-        credentials: any;
-        error?: undefined;
-    } | {
-        authenticated: boolean;
-        credentials: any;
-        error?: undefined;
-        ability?: undefined;
-    }>;
-    verify: (auth: any, config: any) => void;
-};
-export default _default;

package/dist/server/strategies/api-token.js

@@ -1,121 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.name = exports.verify = exports.authenticate = void 0;
-const fp_1 = require("lodash/fp");
-const date_fns_1 = require("date-fns");
-const utils_1 = require("@strapi/utils");
-const constants_1 = __importDefault(require("../services/constants"));
-const utils_2 = require("../utils");
-const { UnauthorizedError, ForbiddenError } = utils_1.errors;
-const isReadScope = (scope) => scope.endsWith('find') || scope.endsWith('findOne');
-const extractToken = (ctx) => {
-    if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
-        const parts = ctx.request.header.authorization.split(/\s+/);
-        if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {
-            return null;
-        }
-        return parts[1];
-    }
-    return null;
-};
-/**
- * Authenticate the validity of the token
- *
- *  @type {import('.').AuthenticateFunction}
- */
-const authenticate = async (ctx) => {
-    const apiTokenService = (0, utils_2.getService)('api-token');
-    const token = extractToken(ctx);
-    if (!token) {
-        return { authenticated: false };
-    }
-    // @ts-ignore
-    const apiToken = await apiTokenService.getBy({
-        accessKey: apiTokenService.hash(token),
-    });
-    // token not found
-    if (!apiToken) {
-        return { authenticated: false };
-    }
-    const currentDate = new Date();
-    if (!(0, fp_1.isNil)(apiToken.expiresAt)) {
-        const expirationDate = new Date(apiToken.expiresAt);
-        // token has expired
-        if (expirationDate < currentDate) {
-            return { authenticated: false, error: new UnauthorizedError('Token expired') };
-        }
-    }
-    // update lastUsedAt if the token has not been used in the last hour
-    // @ts-ignore
-    const hoursSinceLastUsed = (0, date_fns_1.differenceInHours)(currentDate, (0, date_fns_1.parseISO)(apiToken.lastUsedAt));
-    if (hoursSinceLastUsed >= 1) {
-        await strapi.query('admin::api-token').update({
-            where: { id: apiToken.id },
-            data: { lastUsedAt: currentDate },
-        });
-    }
-    if (apiToken.type === constants_1.default.API_TOKEN_TYPE.CUSTOM) {
-        const ability = await strapi.contentAPI.permissions.engine.generateAbility(apiToken.permissions.map((action) => ({ action })));
-        return { authenticated: true, ability, credentials: apiToken };
-    }
-    return { authenticated: true, credentials: apiToken };
-};
-exports.authenticate = authenticate;
-/**
- * Verify the token has the required abilities for the requested scope
- *
- *  @type {import('.').VerifyFunction}
- */
-const verify = (auth, config) => {
-    const { credentials: apiToken, ability } = auth;
-    if (!apiToken) {
-        throw new UnauthorizedError('Token not found');
-    }
-    const currentDate = new Date();
-    if (!(0, fp_1.isNil)(apiToken.expiresAt)) {
-        const expirationDate = new Date(apiToken.expiresAt);
-        // token has expired
-        if (expirationDate < currentDate) {
-            throw new UnauthorizedError('Token expired');
-        }
-    }
-    // Full access
-    if (apiToken.type === constants_1.default.API_TOKEN_TYPE.FULL_ACCESS) {
-        return;
-    }
-    // Read only
-    if (apiToken.type === constants_1.default.API_TOKEN_TYPE.READ_ONLY) {
-        /**
-         * If you don't have `full-access` you can only access `find` and `findOne`
-         * scopes. If the route has no scope, then you can't get access to it.
-         */
-        const scopes = (0, fp_1.castArray)(config.scope);
-        if (config.scope && scopes.every(isReadScope)) {
-            return;
-        }
-    }
-    // Custom
-    else if (apiToken.type === constants_1.default.API_TOKEN_TYPE.CUSTOM) {
-        if (!ability) {
-            throw new ForbiddenError();
-        }
-        const scopes = (0, fp_1.castArray)(config.scope);
-        const isAllowed = scopes.every((scope) => ability.can(scope));
-        if (isAllowed) {
-            return;
-        }
-    }
-    throw new ForbiddenError();
-};
-exports.verify = verify;
-exports.name = 'api-token';
-/** @type {import('.').AuthStrategy} */
-exports.default = {
-    name: 'api-token',
-    authenticate: exports.authenticate,
-    verify: exports.verify,
-};
-//# sourceMappingURL=api-token.js.map