@strapi/admin 5.0.0-rc.3 → 5.0.0-rc.30

package/dist/server/index.js

@@ -1,15 +1,14 @@
 "use strict";
-Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const _ = require("lodash");
 const fp = require("lodash/fp");
-const utils$1 = require("@strapi/utils");
+const utils$2 = require("@strapi/utils");
 const path = require("path");
 const fse = require("fs-extra");
 const koaStatic = require("koa-static");
 const dateFns = require("date-fns");
 require("@strapi/types");
-const _ = require("lodash");
 const bcrypt = require("bcryptjs");
-const passport$1 = require("koa-passport");
+const passport$2 = require("koa-passport");
 const passportLocal = require("passport-local");
 const crypto = require("crypto");
 const jwt = require("jsonwebtoken");
@@ -25,6 +24,7 @@ const compose = require("koa-compose");
 const dataTransfer$1 = require("@strapi/data-transfer");
 const isLocalhostIp = require("is-localhost-ip");
 const punycode = require("punycode/");
+const nodeSchedule = require("node-schedule");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 function _interopNamespace(e) {
   if (e && e.__esModule)
@@ -44,13 +44,13 @@ function _interopNamespace(e) {
   n.default = e;
   return Object.freeze(n);
 }
-const utils__default = /* @__PURE__ */ _interopDefault(utils$1);
+const ___namespace = /* @__PURE__ */ _interopNamespace(_);
+const utils__default = /* @__PURE__ */ _interopDefault(utils$2);
 const path__default = /* @__PURE__ */ _interopDefault(path);
 const fse__default = /* @__PURE__ */ _interopDefault(fse);
 const koaStatic__default = /* @__PURE__ */ _interopDefault(koaStatic);
-const ___namespace = /* @__PURE__ */ _interopNamespace(_);
 const bcrypt__default = /* @__PURE__ */ _interopDefault(bcrypt);
-const passport__default = /* @__PURE__ */ _interopDefault(passport$1);
+const passport__default = /* @__PURE__ */ _interopDefault(passport$2);
 const crypto__default = /* @__PURE__ */ _interopDefault(crypto);
 const jwt__default = /* @__PURE__ */ _interopDefault(jwt);
 const permissions__default = /* @__PURE__ */ _interopDefault(permissions$1);
@@ -61,10 +61,10 @@ const tsUtils__default = /* @__PURE__ */ _interopDefault(tsUtils);
 const compose__default = /* @__PURE__ */ _interopDefault(compose);
 const isLocalhostIp__default = /* @__PURE__ */ _interopDefault(isLocalhostIp);
 const punycode__default = /* @__PURE__ */ _interopDefault(punycode);
-const getService = (name2) => {
+const getService$1 = (name2) => {
   return strapi.service(`admin::${name2}`);
 };
-const actions = [
+const actions$1 = [
   {
     uid: "marketplace.read",
     displayName: "Access the marketplace",
@@ -115,7 +115,13 @@ const actions = [
     pluginName: "admin",
     section: "settings",
     category: "users and roles",
-    subCategory: "users"
+    subCategory: "users",
+    aliases: [
+      {
+        actionId: "plugin::content-manager.explorer.read",
+        subjects: ["admin::user"]
+      }
+    ]
   },
   {
     uid: "users.update",
@@ -147,7 +153,13 @@ const actions = [
     pluginName: "admin",
     section: "settings",
     category: "users and roles",
-    subCategory: "roles"
+    subCategory: "roles",
+    aliases: [
+      {
+        actionId: "plugin::content-manager.explorer.read",
+        subjects: ["admin::role"]
+      }
+    ]
   },
   {
     uid: "roles.update",
@@ -277,7 +289,7 @@ const actions = [
   }
 ];
 const adminActions = {
-  actions
+  actions: actions$1
 };
 const conditions = [
   {
@@ -312,13 +324,13 @@ const defaultAdminAuthSettings = {
   }
 };
 const registerPermissionActions = async () => {
-  await getService("permission").actionProvider.registerMany(adminActions.actions);
+  await getService$1("permission").actionProvider.registerMany(adminActions.actions);
 };
 const registerAdminConditions = async () => {
-  await getService("permission").conditionProvider.registerMany(adminConditions.conditions);
+  await getService$1("permission").conditionProvider.registerMany(adminConditions.conditions);
 };
 const registerModelHooks = () => {
-  const { sendDidChangeInterfaceLanguage: sendDidChangeInterfaceLanguage2 } = getService("metrics");
+  const { sendDidChangeInterfaceLanguage: sendDidChangeInterfaceLanguage2 } = getService$1("metrics");
   strapi.db.lifecycles.subscribe({
     models: ["admin::user"],
     afterCreate: sendDidChangeInterfaceLanguage2,
@@ -334,7 +346,7 @@ const syncAuthSettings = async () => {
   const adminStore = await strapi.store({ type: "core", name: "admin" });
   const adminAuthSettings = await adminStore.get({ key: "auth" });
   const newAuthSettings = fp.merge(defaultAdminAuthSettings, adminAuthSettings);
-  const roleExists = await getService("role").exists({
+  const roleExists = await getService$1("role").exists({
     id: newAuthSettings.providers.defaultRole
   });
   if (!roleExists) {
@@ -344,7 +356,7 @@ const syncAuthSettings = async () => {
 };
 const syncAPITokensPermissions = async () => {
   const validPermissions = strapi.contentAPI.permissions.providers.action.keys();
-  const permissionsInDB = await utils$1.async.pipe(
+  const permissionsInDB = await utils$2.async.pipe(
     strapi.db.query("admin::api-token-permission").findMany,
     fp.map("action")
   )();
@@ -353,16 +365,16 @@ const syncAPITokensPermissions = async () => {
     await strapi.db.query("admin::api-token-permission").deleteMany({ where: { action: { $in: unknownPermissions } } });
   }
 };
-const bootstrap = async ({ strapi: strapi2 }) => {
+const bootstrap$1 = async ({ strapi: strapi2 }) => {
   await registerAdminConditions();
   await registerPermissionActions();
   registerModelHooks();
-  const permissionService = getService("permission");
-  const userService = getService("user");
-  const roleService = getService("role");
-  const apiTokenService = getService("api-token");
-  const transferService = getService("transfer");
-  const tokenService = getService("token");
+  const permissionService = getService$1("permission");
+  const userService = getService$1("user");
+  const roleService = getService$1("role");
+  const apiTokenService = getService$1("api-token");
+  const transferService = getService$1("transfer");
+  const tokenService = getService$1("token");
   await roleService.createRolesIfNoneExist();
   await roleService.resetSuperAdminPermissions();
   await roleService.displayWarningIfNoSuperAdmin();
@@ -370,8 +382,8 @@ const bootstrap = async ({ strapi: strapi2 }) => {
   await userService.displayWarningIfUsersDontHaveRole();
   await syncAuthSettings();
   await syncAPITokensPermissions();
-  await getService("metrics").sendUpdateProjectInformation(strapi2);
-  getService("metrics").startCron(strapi2);
+  await getService$1("metrics").sendUpdateProjectInformation(strapi2);
+  getService$1("metrics").startCron(strapi2);
   apiTokenService.checkSaltIsDefined();
   transferService.token.checkSaltIsDefined();
   tokenService.checkSecretIsDefined();
@@ -428,7 +440,7 @@ const serveStatic = (filesDir, koaStaticOptions = {}) => {
     ctx.path = prev;
   };
 };
-const authenticate$2 = async (ctx) => {
+const authenticate$3 = async (ctx) => {
   const { authorization } = ctx.request.header;
   if (!authorization) {
     return { authenticated: false };
@@ -438,7 +450,7 @@ const authenticate$2 = async (ctx) => {
     return { authenticated: false };
   }
   const token2 = parts[1];
-  const { payload, isValid } = getService("token").decodeJwtToken(token2);
+  const { payload, isValid } = getService$1("token").decodeJwtToken(token2);
   if (!isValid) {
     return { authenticated: false };
   }
@@ -446,7 +458,7 @@ const authenticate$2 = async (ctx) => {
   if (!user2 || !(user2.isActive === true)) {
     return { authenticated: false };
   }
-  const userAbility = await getService("permission").engine.generateUserAbility(user2);
+  const userAbility = await getService$1("permission").engine.generateUserAbility(user2);
   ctx.state.userAbility = userAbility;
   ctx.state.user = user2;
   return {
@@ -458,7 +470,7 @@ const authenticate$2 = async (ctx) => {
 const name$1 = "admin";
 const adminAuthStrategy = {
   name: name$1,
-  authenticate: authenticate$2
+  authenticate: authenticate$3
 };
 const DAY_IN_MS = 24 * 60 * 60 * 1e3;
 const constants$3 = {
@@ -498,7 +510,7 @@ const constants$4 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
   __proto__: null,
   default: constants$3
 }, Symbol.toStringTag, { value: "Module" }));
-const { UnauthorizedError: UnauthorizedError$2, ForbiddenError: ForbiddenError$1 } = utils$1.errors;
+const { UnauthorizedError: UnauthorizedError$3, ForbiddenError: ForbiddenError$2 } = utils$2.errors;
 const isReadScope = (scope) => scope.endsWith("find") || scope.endsWith("findOne");
 const extractToken$1 = (ctx) => {
   if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
@@ -510,8 +522,8 @@ const extractToken$1 = (ctx) => {
   }
   return null;
 };
-const authenticate$1 = async (ctx) => {
-  const apiTokenService = getService("api-token");
+const authenticate$2 = async (ctx) => {
+  const apiTokenService = getService$1("api-token");
   const token2 = extractToken$1(ctx);
   if (!token2) {
     return { authenticated: false };
@@ -526,7 +538,7 @@ const authenticate$1 = async (ctx) => {
   if (!fp.isNil(apiToken2.expiresAt)) {
     const expirationDate = new Date(apiToken2.expiresAt);
     if (expirationDate < currentDate) {
-      return { authenticated: false, error: new UnauthorizedError$2("Token expired") };
+      return { authenticated: false, error: new UnauthorizedError$3("Token expired") };
     }
   }
   const hoursSinceLastUsed = dateFns.differenceInHours(currentDate, dateFns.parseISO(apiToken2.lastUsedAt));
@@ -544,44 +556,44 @@ const authenticate$1 = async (ctx) => {
   }
   return { authenticated: true, credentials: apiToken2 };
 };
-const verify$2 = (auth2, config) => {
+const verify$2 = (auth2, config2) => {
   const { credentials: apiToken2, ability: ability2 } = auth2;
   if (!apiToken2) {
-    throw new UnauthorizedError$2("Token not found");
+    throw new UnauthorizedError$3("Token not found");
   }
   const currentDate = /* @__PURE__ */ new Date();
   if (!fp.isNil(apiToken2.expiresAt)) {
     const expirationDate = new Date(apiToken2.expiresAt);
     if (expirationDate < currentDate) {
-      throw new UnauthorizedError$2("Token expired");
+      throw new UnauthorizedError$3("Token expired");
     }
   }
   if (apiToken2.type === constants$3.API_TOKEN_TYPE.FULL_ACCESS) {
     return;
   }
   if (apiToken2.type === constants$3.API_TOKEN_TYPE.READ_ONLY) {
-    const scopes = fp.castArray(config.scope);
-    if (config.scope && scopes.every(isReadScope)) {
+    const scopes = fp.castArray(config2.scope);
+    if (config2.scope && scopes.every(isReadScope)) {
       return;
     }
   } else if (apiToken2.type === constants$3.API_TOKEN_TYPE.CUSTOM) {
     if (!ability2) {
-      throw new ForbiddenError$1();
+      throw new ForbiddenError$2();
     }
-    const scopes = fp.castArray(config.scope);
+    const scopes = fp.castArray(config2.scope);
     const isAllowed = scopes.every((scope) => ability2.can(scope));
     if (isAllowed) {
       return;
     }
   }
-  throw new ForbiddenError$1();
+  throw new ForbiddenError$2();
 };
 const apiTokenAuthStrategy = {
   name: "api-token",
-  authenticate: authenticate$1,
+  authenticate: authenticate$2,
   verify: verify$2
 };
-const register$1 = ({ strapi: strapi2 }) => {
+const register$2 = ({ strapi: strapi2 }) => {
   const passportMiddleware = strapi2.service("admin::passport").init();
   strapi2.server.api("admin").use(passportMiddleware);
   strapi2.get("auth").register("admin", adminAuthStrategy);
@@ -590,8 +602,8 @@ const register$1 = ({ strapi: strapi2 }) => {
     registerAdminPanelRoute({ strapi: strapi2 });
   }
 };
-const destroy = async () => {
-  const { conditionProvider: conditionProvider2, actionProvider: actionProvider2 } = getService("permission");
+const destroy$1 = async () => {
+  const { conditionProvider: conditionProvider2, actionProvider: actionProvider2 } = getService$1("permission");
   await conditionProvider2.clear();
   await actionProvider2.clear();
 };
@@ -611,34 +623,34 @@ But don’t worry! You can use the following link to reset your password:
 
 Thanks.`;
 const forgotPasswordTemplate = { subject, text, html };
-const forgotPassword$1 = {
+const forgotPassword$2 = {
   emailTemplate: forgotPasswordTemplate
 };
-const index$6 = {
-  forgotPassword: forgotPassword$1
+const config = {
+  forgotPassword: forgotPassword$2
 };
 const isAuthenticatedAdmin = (policyCtx) => {
   return Boolean(policyCtx.state.isAuthenticated);
 };
-const hasPermissionsSchema = utils$1.yup.object({
-  actions: utils$1.yup.array().of(
+const hasPermissionsSchema = utils$2.yup.object({
+  actions: utils$2.yup.array().of(
     // @ts-expect-error yup types
-    utils$1.yup.lazy((val) => {
+    utils$2.yup.lazy((val) => {
       if (___namespace.default.isArray(val)) {
-        return utils$1.yup.array().of(utils$1.yup.string()).min(1).max(2);
+        return utils$2.yup.array().of(utils$2.yup.string()).min(1).max(2);
       }
       if (___namespace.default.isString(val)) {
-        return utils$1.yup.string().required();
+        return utils$2.yup.string().required();
       }
-      return utils$1.yup.object().shape({
-        action: utils$1.yup.string().required(),
-        subject: utils$1.yup.string()
+      return utils$2.yup.object().shape({
+        action: utils$2.yup.string().required(),
+        subject: utils$2.yup.string()
       });
     })
   )
 });
-const validateHasPermissionsInput = utils$1.validateYupSchema(hasPermissionsSchema);
-const { createPolicy: createPolicy$1 } = utils$1.policy;
+const validateHasPermissionsInput = utils$2.validateYupSchema(hasPermissionsSchema);
+const { createPolicy: createPolicy$1 } = utils$2.policy;
 const inputModifiers = [
   {
     check: ___namespace.default.isString,
@@ -657,8 +669,8 @@ const inputModifiers = [
 const hasPermissions = createPolicy$1({
   name: "admin::hasPermissions",
   validator: validateHasPermissionsInput,
-  handler(ctx, config) {
-    const { actions: actions2 } = config;
+  handler(ctx, config2) {
+    const { actions: actions2 } = config2;
     const { userAbility: ability2 } = ctx.state;
     const permissions2 = actions2.map(
       (action2) => inputModifiers.find((modifier) => modifier.check(action2))?.transform(action2)
@@ -669,7 +681,7 @@ const hasPermissions = createPolicy$1({
     return isAuthorized;
   }
 });
-const { createPolicy } = utils$1.policy;
+const { createPolicy } = utils$2.policy;
 const isTelemetryEnabled = createPolicy({
   name: "admin::isTelemetryEnabled",
   handler(_ctx, _config, { strapi: strapi2 }) {
@@ -678,8 +690,8 @@ const isTelemetryEnabled = createPolicy({
     }
   }
 });
-const index$5 = { isAuthenticatedAdmin, hasPermissions, isTelemetryEnabled };
-const admin$1 = [
+const policies = { isAuthenticatedAdmin, hasPermissions, isTelemetryEnabled };
+const admin$4 = [
   {
     method: "GET",
     path: "/init",
@@ -748,7 +760,7 @@ const admin$1 = [
     }
   }
 ];
-const authentication$1 = [
+const authentication$2 = [
   {
     method: "POST",
     path: "/login",
@@ -1177,7 +1189,7 @@ const contentApi$1 = [
     }
   }
 ];
-const { UnauthorizedError: UnauthorizedError$1, ForbiddenError } = utils$1.errors;
+const { UnauthorizedError: UnauthorizedError$2, ForbiddenError: ForbiddenError$1 } = utils$2.errors;
 const extractToken = (ctx) => {
   if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
     const parts = ctx.request.header.authorization.split(/\s+/);
@@ -1188,8 +1200,8 @@ const extractToken = (ctx) => {
   }
   return null;
 };
-const authenticate = async (ctx) => {
-  const { token: tokenService } = getService("transfer");
+const authenticate$1 = async (ctx) => {
+  const { token: tokenService } = getService$1("transfer");
   const token2 = extractToken(ctx);
   if (!token2) {
     return { authenticated: false };
@@ -1202,7 +1214,7 @@ const authenticate = async (ctx) => {
   if (!fp.isNil(transferToken2.expiresAt)) {
     const expirationDate = new Date(transferToken2.expiresAt);
     if (expirationDate < currentDate) {
-      return { authenticated: false, error: new UnauthorizedError$1("Token expired") };
+      return { authenticated: false, error: new UnauthorizedError$2("Token expired") };
     }
   }
   const hoursSinceLastUsed = dateFns.differenceInHours(currentDate, dateFns.parseISO(transferToken2.lastUsedAt));
@@ -1212,36 +1224,36 @@ const authenticate = async (ctx) => {
       data: { lastUsedAt: currentDate }
     });
   }
-  const ability2 = await getService("transfer").permission.engine.generateAbility(
+  const ability2 = await getService$1("transfer").permission.engine.generateAbility(
     transferToken2.permissions.map((action2) => ({ action: action2 }))
   );
   return { authenticated: true, ability: ability2, credentials: transferToken2 };
 };
-const verify$1 = async (auth2, config = {}) => {
+const verify$1 = async (auth2, config2 = {}) => {
   const { credentials: transferToken2, ability: ability2 } = auth2;
   if (!transferToken2) {
-    throw new UnauthorizedError$1("Token not found");
+    throw new UnauthorizedError$2("Token not found");
   }
   const currentDate = /* @__PURE__ */ new Date();
   if (!fp.isNil(transferToken2.expiresAt)) {
     const expirationDate = new Date(transferToken2.expiresAt);
     if (expirationDate < currentDate) {
-      throw new UnauthorizedError$1("Token expired");
+      throw new UnauthorizedError$2("Token expired");
     }
   }
   if (!ability2) {
-    throw new ForbiddenError();
+    throw new ForbiddenError$1();
   }
-  const scopes = fp.castArray(config.scope ?? []);
+  const scopes = fp.castArray(config2.scope ?? []);
   const isAllowed = scopes.every((scope) => ability2.can(scope));
   if (!isAllowed) {
-    throw new ForbiddenError();
+    throw new ForbiddenError$1();
   }
 };
 const name = "data-transfer";
 const dataTransferAuthStrategy = {
   name,
-  authenticate,
+  authenticate: authenticate$1,
   verify: verify$1
 };
 const transfer$2 = [
@@ -1342,12 +1354,12 @@ const transfer$2 = [
     }
   }
 ];
-const routes = {
+const routes$1 = {
   admin: {
     type: "admin",
     routes: [
-      ...admin$1,
-      ...authentication$1,
+      ...admin$4,
+      ...authentication$2,
       ...permissions,
       ...users,
       ...roles$1,
@@ -1358,7 +1370,7 @@ const routes = {
     ]
   }
 };
-const { ApplicationError: ApplicationError$7 } = utils$1.errors;
+const { ApplicationError: ApplicationError$a } = utils$2.errors;
 const hashPassword = (password2) => bcrypt__default.default.hash(password2, 10);
 const validatePassword = (password2, hash2) => bcrypt__default.default.compare(password2, hash2);
 const checkCredentials = async ({ email: email2, password: password2 }) => {
@@ -1375,13 +1387,13 @@ const checkCredentials = async ({ email: email2, password: password2 }) => {
   }
   return [null, user2];
 };
-const forgotPassword = async ({ email: email2 } = {}) => {
+const forgotPassword$1 = async ({ email: email2 } = {}) => {
   const user2 = await strapi.db.query("admin::user").findOne({ where: { email: email2, isActive: true } });
   if (!user2) {
     return;
   }
-  const resetPasswordToken = getService("token").createToken();
-  await getService("user").updateById(user2.id, { resetPasswordToken });
+  const resetPasswordToken = getService$1("token").createToken();
+  await getService$1("user").updateById(user2.id, { resetPasswordToken });
   const url = `${strapi.config.get(
     "admin.absoluteUrl"
   )}/auth/reset-password?code=${resetPasswordToken}`;
@@ -1400,18 +1412,18 @@ const forgotPassword = async ({ email: email2 } = {}) => {
     strapi.log.error(err);
   });
 };
-const resetPassword = async ({ resetPasswordToken, password: password2 } = {}) => {
+const resetPassword$1 = async ({ resetPasswordToken, password: password2 } = {}) => {
   const matchingUser = await strapi.db.query("admin::user").findOne({ where: { resetPasswordToken, isActive: true } });
   if (!matchingUser) {
-    throw new ApplicationError$7();
+    throw new ApplicationError$a();
   }
-  return getService("user").updateById(matchingUser.id, {
+  return getService$1("user").updateById(matchingUser.id, {
     password: password2,
     resetPasswordToken: null
   });
 };
-const auth = { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };
-const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$3 } = constants$3;
+const auth$1 = { checkCredentials, validatePassword, hashPassword, forgotPassword: forgotPassword$1, resetPassword: resetPassword$1 };
+const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$5 } = constants$3;
 function createUser(attributes) {
   return {
     roles: [],
@@ -1421,7 +1433,7 @@ function createUser(attributes) {
   };
 }
 const hasSuperAdminRole$1 = (user2) => {
-  return user2.roles.filter((role2) => role2.code === SUPER_ADMIN_CODE$3).length > 0;
+  return user2.roles.filter((role2) => role2.code === SUPER_ADMIN_CODE$5).length > 0;
 };
 const ADMIN_USER_ALLOWED_FIELDS = ["id", "firstname", "lastname", "username"];
 const getDefaultActionAttributes = () => ({
@@ -1437,7 +1449,8 @@ const actionFields = [
   "pluginName",
   "subjects",
   "options",
-  "actionId"
+  "actionId",
+  "aliases"
 ];
 const sanitizeActionAttributes = fp.pick(actionFields);
 const computeActionId = (attributes) => {
@@ -1510,18 +1523,18 @@ const checkFieldsDontHaveDuplicates = (fields) => {
   return ___namespace.default.uniq(fields).length === fields.length;
 };
 const getActionFromProvider = (actionId) => {
-  return getService("permission").actionProvider.get(actionId);
-};
-const email = utils$1.yup.string().email().lowercase();
-const firstname = utils$1.yup.string().trim().min(1);
-const lastname = utils$1.yup.string();
-const username = utils$1.yup.string().min(1);
-const password = utils$1.yup.string().min(8).matches(/[a-z]/, "${path} must contain at least one lowercase character").matches(/[A-Z]/, "${path} must contain at least one uppercase character").matches(/\d/, "${path} must contain at least one number");
-const roles = utils$1.yup.array(utils$1.yup.strapiID()).min(1);
-const isAPluginName = utils$1.yup.string().test("is-a-plugin-name", "is not a plugin name", function(value) {
+  return getService$1("permission").actionProvider.get(actionId);
+};
+const email = utils$2.yup.string().email().lowercase();
+const firstname = utils$2.yup.string().trim().min(1);
+const lastname = utils$2.yup.string();
+const username = utils$2.yup.string().min(1);
+const password = utils$2.yup.string().min(8).matches(/[a-z]/, "${path} must contain at least one lowercase character").matches(/[A-Z]/, "${path} must contain at least one uppercase character").matches(/\d/, "${path} must contain at least one number");
+const roles = utils$2.yup.array(utils$2.yup.strapiID()).min(1);
+const isAPluginName = utils$2.yup.string().test("is-a-plugin-name", "is not a plugin name", function(value) {
   return [void 0, "admin", ...Object.keys(strapi.plugins)].includes(value) ? true : this.createError({ path: this.path, message: `${this.path} is not an existing plugin` });
 });
-const arrayOfConditionNames = utils$1.yup.array().of(utils$1.yup.string()).test("is-an-array-of-conditions", "is not a plugin name", function(value) {
+const arrayOfConditionNames = utils$2.yup.array().of(utils$2.yup.string()).test("is-an-array-of-conditions", "is not a plugin name", function(value) {
   const ids = strapi.service("admin::permission").conditionProvider.keys();
   return ___namespace.default.isUndefined(value) || ___namespace.default.difference(value, ids).length === 0 ? true : this.createError({ path: this.path, message: `contains conditions that don't exist` });
 });
@@ -1535,7 +1548,7 @@ const checkNilFields = (action2) => function(fields) {
   }
   return actionDomain.appliesToProperty("fields", action2) || fp.isNil(fields);
 };
-const fieldsPropertyValidation = (action2) => utils$1.yup.array().of(utils$1.yup.string()).nullable().test(
+const fieldsPropertyValidation = (action2) => utils$2.yup.array().of(utils$2.yup.string()).nullable().test(
   "field-nested",
   "Fields format are incorrect (bad nesting).",
   checkFieldsAreCorrectlyNested
@@ -1549,15 +1562,15 @@ const fieldsPropertyValidation = (action2) => utils$1.yup.array().of(utils$1.yup
   // @ts-expect-error yup types
   checkNilFields(action2)
 );
-const permission$3 = utils$1.yup.object().shape({
-  action: utils$1.yup.string().required().test("action-validity", "action is not an existing permission action", function(actionId) {
+const permission$3 = utils$2.yup.object().shape({
+  action: utils$2.yup.string().required().test("action-validity", "action is not an existing permission action", function(actionId) {
     if (fp.isNil(actionId)) {
       return true;
     }
     return !!getActionFromProvider(actionId);
   }),
-  actionParameters: utils$1.yup.object().nullable(),
-  subject: utils$1.yup.string().nullable().test("subject-validity", "Invalid subject submitted", function(subject2) {
+  actionParameters: utils$2.yup.object().nullable(),
+  subject: utils$2.yup.string().nullable().test("subject-validity", "Invalid subject submitted", function(subject2) {
     const action2 = getActionFromProvider(this.options.parent.action);
     if (!action2) {
       return true;
@@ -1565,12 +1578,12 @@ const permission$3 = utils$1.yup.object().shape({
     if (fp.isNil(action2.subjects)) {
       return fp.isNil(subject2);
     }
-    if (fp.isArray(action2.subjects)) {
+    if (fp.isArray(action2.subjects) && !fp.isNil(subject2)) {
       return action2.subjects.includes(subject2);
     }
     return false;
   }),
-  properties: utils$1.yup.object().test("properties-structure", "Invalid property set at ${path}", function(properties) {
+  properties: utils$2.yup.object().test("properties-structure", "Invalid property set at ${path}", function(properties) {
     const action2 = getActionFromProvider(this.options.parent.action);
     const hasNoProperties = fp.isEmpty(properties) || fp.isNil(properties);
     if (!fp.has("options.applyToProperties", action2)) {
@@ -1609,10 +1622,10 @@ const permission$3 = utils$1.yup.object().shape({
       }
     }
   ),
-  conditions: utils$1.yup.array().of(utils$1.yup.string())
+  conditions: utils$2.yup.array().of(utils$2.yup.string())
 }).noUnknown();
-const updatePermissions = utils$1.yup.object().shape({
-  permissions: utils$1.yup.array().required().of(permission$3).test(
+const updatePermissions = utils$2.yup.object().shape({
+  permissions: utils$2.yup.array().required().of(permission$3).test(
     "duplicated-permissions",
     "Some permissions are duplicated (same action and subject)",
     checkNoDuplicatedPermissions
@@ -1630,46 +1643,46 @@ const validators = {
   permission: permission$3,
   updatePermissions
 };
-const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$2 } = constants$3;
-const { ValidationError: ValidationError$4 } = utils$1.errors;
-const sanitizeUserRoles = (role2) => ___namespace.default.pick(role2, ["id", "name", "description", "code"]);
-const sanitizeUser = (user2) => {
+const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$4 } = constants$3;
+const { ValidationError: ValidationError$6 } = utils$2.errors;
+const sanitizeUserRoles$1 = (role2) => ___namespace.default.pick(role2, ["id", "name", "description", "code"]);
+const sanitizeUser$1 = (user2) => {
   return {
     ...___namespace.default.omit(user2, ["password", "resetPasswordToken", "registrationToken", "roles"]),
-    roles: user2.roles && user2.roles.map(sanitizeUserRoles)
+    roles: user2.roles && user2.roles.map(sanitizeUserRoles$1)
   };
 };
 const create$5 = async (attributes) => {
   const userInfo = {
-    registrationToken: getService("token").createToken(),
+    registrationToken: getService$1("token").createToken(),
     ...attributes
   };
   if (___namespace.default.has(attributes, "password")) {
-    userInfo.password = await getService("auth").hashPassword(attributes.password);
+    userInfo.password = await getService$1("auth").hashPassword(attributes.password);
   }
   const user2 = createUser(userInfo);
   const createdUser = await strapi.db.query("admin::user").create({ data: user2, populate: ["roles"] });
-  getService("metrics").sendDidInviteUser();
-  strapi.eventHub.emit("user.create", { user: sanitizeUser(createdUser) });
+  getService$1("metrics").sendDidInviteUser();
+  strapi.eventHub.emit("user.create", { user: sanitizeUser$1(createdUser) });
   return createdUser;
 };
-const updateById = async (id, attributes) => {
+const updateById$1 = async (id, attributes) => {
   if (___namespace.default.has(attributes, "roles")) {
-    const lastAdminUser = await isLastSuperAdminUser(id);
-    const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
-    const willRemoveSuperAdminRole = !utils$1.arrays.includesString(attributes.roles, superAdminRole.id);
+    const lastAdminUser = await isLastSuperAdminUser$1(id);
+    const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
+    const willRemoveSuperAdminRole = !utils$2.arrays.includesString(attributes.roles, superAdminRole.id);
     if (lastAdminUser && willRemoveSuperAdminRole) {
-      throw new ValidationError$4("You must have at least one user with super admin role.");
+      throw new ValidationError$6("You must have at least one user with super admin role.");
     }
   }
   if (attributes.isActive === false) {
-    const lastAdminUser = await isLastSuperAdminUser(id);
+    const lastAdminUser = await isLastSuperAdminUser$1(id);
     if (lastAdminUser) {
-      throw new ValidationError$4("You must have at least one user with super admin role.");
+      throw new ValidationError$6("You must have at least one user with super admin role.");
     }
   }
   if (___namespace.default.has(attributes, "password")) {
-    const hashedPassword = await getService("auth").hashPassword(attributes.password);
+    const hashedPassword = await getService$1("auth").hashPassword(attributes.password);
     const updatedUser2 = await strapi.db.query("admin::user").update({
       where: { id },
       data: {
@@ -1678,7 +1691,7 @@ const updateById = async (id, attributes) => {
       },
       populate: ["roles"]
     });
-    strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser2) });
+    strapi.eventHub.emit("user.update", { user: sanitizeUser$1(updatedUser2) });
     return updatedUser2;
   }
   const updatedUser = await strapi.db.query("admin::user").update({
@@ -1687,7 +1700,7 @@ const updateById = async (id, attributes) => {
     populate: ["roles"]
   });
   if (updatedUser) {
-    strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser) });
+    strapi.eventHub.emit("user.update", { user: sanitizeUser$1(updatedUser) });
   }
   return updatedUser;
 };
@@ -1699,17 +1712,17 @@ const resetPasswordByEmail = async (email2, password$1) => {
   try {
     await password.validate(password$1);
   } catch (error) {
-    throw new ValidationError$4(
+    throw new ValidationError$6(
       "Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter"
     );
   }
-  await updateById(user2.id, { password: password$1 });
+  await updateById$1(user2.id, { password: password$1 });
 };
-const isLastSuperAdminUser = async (userId) => {
-  const user2 = await findOne$1(userId);
+const isLastSuperAdminUser$1 = async (userId) => {
+  const user2 = await findOne$2(userId);
   if (!user2)
     return false;
-  const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
+  const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
   return superAdminRole.usersCount === 1 && hasSuperAdminRole$1(user2);
 };
 const exists$3 = async (attributes = {}) => {
@@ -1722,15 +1735,15 @@ const findRegistrationInfo = async (registrationToken) => {
   }
   return ___namespace.default.pick(user2, ["email", "firstname", "lastname"]);
 };
-const register = async ({
+const register$1 = async ({
   registrationToken,
   userInfo
 }) => {
   const matchingUser = await strapi.db.query("admin::user").findOne({ where: { registrationToken } });
   if (!matchingUser) {
-    throw new ValidationError$4("Invalid registration info");
+    throw new ValidationError$6("Invalid registration info");
   }
-  return getService("user").updateById(matchingUser.id, {
+  return getService$1("user").updateById(matchingUser.id, {
     password: userInfo.password,
     firstname: userInfo.firstname,
     lastname: userInfo.lastname,
@@ -1738,7 +1751,7 @@ const register = async ({
     isActive: true
   });
 };
-const findOne$1 = async (id, populate = ["roles"]) => {
+const findOne$2 = async (id, populate = ["roles"]) => {
   return strapi.db.query("admin::user").findOne({ where: { id }, populate });
 };
 const findOneByEmail = async (email2, populate = []) => {
@@ -1751,7 +1764,7 @@ const findPage = async (params = {}) => {
   const query = strapi.get("query-params").transform("admin::user", fp.defaults({ populate: ["roles"] }, params));
   return strapi.db.query("admin::user").findPage(query);
 };
-const deleteById = async (id) => {
+const deleteById$1 = async (id) => {
   const userToDelete = await strapi.db.query("admin::user").findOne({
     where: { id },
     populate: ["roles"]
@@ -1760,19 +1773,19 @@ const deleteById = async (id) => {
     return null;
   }
   if (userToDelete) {
-    if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$2)) {
-      const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
+    if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$4)) {
+      const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
       if (superAdminRole.usersCount === 1) {
-        throw new ValidationError$4("You must have at least one user with super admin role.");
+        throw new ValidationError$6("You must have at least one user with super admin role.");
       }
     }
   }
   const deletedUser = await strapi.db.query("admin::user").delete({ where: { id }, populate: ["roles"] });
-  strapi.eventHub.emit("user.delete", { user: sanitizeUser(deletedUser) });
+  strapi.eventHub.emit("user.delete", { user: sanitizeUser$1(deletedUser) });
   return deletedUser;
 };
-const deleteByIds$2 = async (ids) => {
-  const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
+const deleteByIds$3 = async (ids) => {
+  const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
   const nbOfSuperAdminToDelete = await strapi.db.query("admin::user").count({
     where: {
       id: ids,
@@ -1780,7 +1793,7 @@ const deleteByIds$2 = async (ids) => {
     }
   });
   if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
-    throw new ValidationError$4("You must have at least one user with super admin role.");
+    throw new ValidationError$6("You must have at least one user with super admin role.");
   }
   const deletedUsers = [];
   for (const id of ids) {
@@ -1791,7 +1804,7 @@ const deleteByIds$2 = async (ids) => {
     deletedUsers.push(deletedUser);
   }
   strapi.eventHub.emit("user.delete", {
-    users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser))
+    users: deletedUsers.map((deletedUser) => sanitizeUser$1(deletedUser))
   });
   return deletedUsers;
 };
@@ -1833,18 +1846,18 @@ const getLanguagesInUse = async () => {
   const users2 = await strapi.db.query("admin::user").findMany({ select: ["preferedLanguage"] });
   return users2.map((user2) => user2.preferedLanguage || "en");
 };
-const user$1 = {
+const user$3 = {
   create: create$5,
-  updateById,
+  updateById: updateById$1,
   exists: exists$3,
   findRegistrationInfo,
-  register,
-  sanitizeUser,
-  findOne: findOne$1,
+  register: register$1,
+  sanitizeUser: sanitizeUser$1,
+  findOne: findOne$2,
   findOneByEmail,
   findPage,
-  deleteById,
-  deleteByIds: deleteByIds$2,
+  deleteById: deleteById$1,
+  deleteByIds: deleteByIds$3,
   countUsersWithoutRole,
   count: count$1,
   assignARoleToAll,
@@ -1924,17 +1937,17 @@ const permissionDomain = {
   setProperty,
   toPermission
 };
-const checkPermissionsSchema = utils$1.yup.object().shape({
-  permissions: utils$1.yup.array().of(
-    utils$1.yup.object().shape({
-      action: utils$1.yup.string().required(),
-      subject: utils$1.yup.string().nullable(),
-      field: utils$1.yup.string()
+const checkPermissionsSchema = utils$2.yup.object().shape({
+  permissions: utils$2.yup.array().of(
+    utils$2.yup.object().shape({
+      action: utils$2.yup.string().required(),
+      subject: utils$2.yup.string().nullable(),
+      field: utils$2.yup.string()
     }).noUnknown()
   )
 });
 const checkPermissionsExist = function(permissions2) {
-  const existingActions = getService("permission").actionProvider.values();
+  const existingActions = getService$1("permission").actionProvider.values();
   const failIndex = permissions2.findIndex(
     (permission2) => !existingActions.some(
       (action2) => action2.actionId === permission2.action && (action2.section !== "contentTypes" || action2.subjects.includes(permission2.subject))
@@ -1948,17 +1961,17 @@ const checkPermissionsExist = function(permissions2) {
     })
   );
 };
-const actionsExistSchema = utils$1.yup.array().of(
-  utils$1.yup.object().shape({
-    conditions: utils$1.yup.array().of(utils$1.yup.string())
+const actionsExistSchema = utils$2.yup.array().of(
+  utils$2.yup.object().shape({
+    conditions: utils$2.yup.array().of(utils$2.yup.string())
   })
 ).test("actions-exist", "", checkPermissionsExist);
-const validatePermissionsExist = utils$1.validateYupSchema(actionsExistSchema);
-const validateCheckPermissionsInput = utils$1.validateYupSchema(checkPermissionsSchema);
-const validatedUpdatePermissionsInput = utils$1.validateYupSchema(validators.updatePermissions);
-const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$1, CONTENT_TYPE_SECTION } = constants$3;
-const { createAsyncSeriesWaterfallHook } = utils$1.hooks;
-const { ApplicationError: ApplicationError$6 } = utils$1.errors;
+const validatePermissionsExist = utils$2.validateYupSchema(actionsExistSchema);
+const validateCheckPermissionsInput = utils$2.validateYupSchema(checkPermissionsSchema);
+const validatedUpdatePermissionsInput = utils$2.validateYupSchema(validators.updatePermissions);
+const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$3, CONTENT_TYPE_SECTION } = constants$3;
+const { createAsyncSeriesWaterfallHook } = utils$2.hooks;
+const { ApplicationError: ApplicationError$9 } = utils$2.errors;
 const hooks = {
   willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook()
 };
@@ -1981,11 +1994,11 @@ const arePermissionsEqual = (p1, p2) => {
 const create$3 = async (attributes) => {
   const alreadyExists = await exists$2({ name: attributes.name });
   if (alreadyExists) {
-    throw new ApplicationError$6(
+    throw new ApplicationError$9(
       `The name must be unique and a role with name \`${attributes.name}\` already exists.`
     );
   }
-  const autoGeneratedCode = `${___namespace.default.kebabCase(attributes.name)}-${utils$1.dates.timestampCode()}`;
+  const autoGeneratedCode = `${___namespace.default.kebabCase(attributes.name)}-${utils$2.dates.timestampCode()}`;
   const rolesWithCode = {
     ...attributes,
     code: attributes.code || autoGeneratedCode
@@ -1994,7 +2007,7 @@ const create$3 = async (attributes) => {
   strapi.eventHub.emit("role.create", { role: sanitizeRole(result) });
   return result;
 };
-const findOne = (params = {}, populate) => {
+const findOne$1 = (params = {}, populate) => {
   return strapi.db.query("admin::role").findOne({ where: params, populate });
 };
 const findOneWithUsersCount = async (params = {}, populate) => {
@@ -2022,7 +2035,7 @@ const update$3 = async (params, attributes) => {
       id: { $ne: params.id }
     });
     if (alreadyExists) {
-      throw new ApplicationError$6(
+      throw new ApplicationError$9(
         `The name must be unique and a role with name \`${sanitizedAttributes.name}\` already exists.`
       );
     }
@@ -2040,19 +2053,19 @@ const count = async (params = {}) => {
 };
 const checkRolesIdForDeletion = async (ids = []) => {
   const superAdminRole = await getSuperAdmin();
-  if (superAdminRole && utils$1.arrays.includesString(ids, superAdminRole.id)) {
-    throw new ApplicationError$6("You cannot delete the super admin role");
+  if (superAdminRole && utils$2.arrays.includesString(ids, superAdminRole.id)) {
+    throw new ApplicationError$9("You cannot delete the super admin role");
   }
   for (const roleId of ids) {
     const usersCount = await getUsersCount(roleId);
     if (usersCount !== 0) {
-      throw new ApplicationError$6("Some roles are still assigned to some users");
+      throw new ApplicationError$9("Some roles are still assigned to some users");
     }
   }
 };
-const deleteByIds$1 = async (ids = []) => {
+const deleteByIds$2 = async (ids = []) => {
   await checkRolesIdForDeletion(ids);
-  await getService("permission").deleteByRolesIds(ids);
+  await getService$1("permission").deleteByRolesIds(ids);
   const deletedRoles = [];
   for (const id of ids) {
     const deletedRole = await strapi.db.query("admin::role").delete({ where: { id } });
@@ -2066,14 +2079,14 @@ const deleteByIds$1 = async (ids = []) => {
 const getUsersCount = async (roleId) => {
   return strapi.db.query("admin::user").count({ where: { roles: { id: roleId } } });
 };
-const getSuperAdmin = () => findOne({ code: SUPER_ADMIN_CODE$1 });
-const getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE$1 });
+const getSuperAdmin = () => findOne$1({ code: SUPER_ADMIN_CODE$3 });
+const getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE$3 });
 const createRolesIfNoneExist = async () => {
   const someRolesExist = await exists$2();
   if (someRolesExist) {
     return;
   }
-  const { actionProvider: actionProvider2 } = getService("permission");
+  const { actionProvider: actionProvider2 } = getService$1("permission");
   const allActions = actionProvider2.values();
   const contentTypesActions = allActions.filter((a) => a.section === "contentTypes");
   const superAdminRole = await create$3({
@@ -2081,7 +2094,7 @@ const createRolesIfNoneExist = async () => {
     code: "strapi-super-admin",
     description: "Super Admins can access and manage all features and settings."
   });
-  await getService("user").assignARoleToAll(superAdminRole.id);
+  await getService$1("user").assignARoleToAll(superAdminRole.id);
   const editorRole = await create$3({
     name: "Editor",
     code: "strapi-editor",
@@ -2092,7 +2105,7 @@ const createRolesIfNoneExist = async () => {
     code: "strapi-author",
     description: "Authors can manage the content they have created."
   });
-  const editorPermissions = getService("content-type").getPermissionsWithNestedFields(
+  const editorPermissions = getService$1("content-type").getPermissionsWithNestedFields(
     contentTypesActions,
     {
       restrictedSubjects: ["plugin::users-permissions.user"]
@@ -2119,7 +2132,7 @@ const getDefaultPluginPermissions = ({ isAuthor = false } = {}) => {
 };
 const displayWarningIfNoSuperAdmin = async () => {
   const superAdminRole = await getSuperAdminWithUsersCount();
-  const someUsersExists = await getService("user").exists();
+  const someUsersExists = await getService$1("user").exists();
   if (!superAdminRole) {
     strapi.log.warn("Your application doesn't have a super admin role.");
   } else if (someUsersExists && superAdminRole.usersCount === 0) {
@@ -2128,12 +2141,12 @@ const displayWarningIfNoSuperAdmin = async () => {
 };
 const assignPermissions = async (roleId, permissions2 = []) => {
   await validatePermissionsExist(permissions2);
-  const internalActions = getService("permission").actionProvider.values().filter((action2) => action2.section === "internal").map((action2) => action2.actionId);
-  const superAdmin = await getService("role").getSuperAdmin();
+  const internalActions = getService$1("permission").actionProvider.values().filter((action2) => action2.section === "internal").map((action2) => action2.actionId);
+  const superAdmin = await getService$1("role").getSuperAdmin();
   const isSuperAdmin = superAdmin && superAdmin.id === roleId;
   const assignRole = fp.set("role", roleId);
   const permissionsWithRole = permissions2.map(assignRole).map(permissionDomain.create);
-  const existingPermissions = await getService("permission").findMany({
+  const existingPermissions = await getService$1("permission").findMany({
     where: { role: { id: roleId } },
     populate: ["role"]
   });
@@ -2149,31 +2162,31 @@ const assignPermissions = async (roleId, permissions2 = []) => {
   ).filter((permission2) => !internalActions.includes(permission2.action));
   const permissionsToReturn = fp.differenceBy("id", permissionsToDelete, existingPermissions);
   if (permissionsToDelete.length > 0) {
-    await getService("permission").deleteByIds(permissionsToDelete.map(fp.prop("id")));
+    await getService$1("permission").deleteByIds(permissionsToDelete.map(fp.prop("id")));
   }
   if (permissionsToAdd.length > 0) {
     const newPermissions = await addPermissions(roleId, permissionsToAdd);
     permissionsToReturn.push(...newPermissions);
   }
   if (!isSuperAdmin && (permissionsToAdd.length || permissionsToDelete.length)) {
-    await getService("metrics").sendDidUpdateRolePermissions();
+    await getService$1("metrics").sendDidUpdateRolePermissions();
   }
   return permissionsToReturn;
 };
 const addPermissions = async (roleId, permissions2) => {
-  const { conditionProvider: conditionProvider2, createMany: createMany2 } = getService("permission");
+  const { conditionProvider: conditionProvider2, createMany: createMany2 } = getService$1("permission");
   const { sanitizeConditions: sanitizeConditions2 } = permissionDomain;
   const permissionsWithRole = permissions2.map(fp.set("role", roleId)).map(sanitizeConditions2(conditionProvider2)).map(permissionDomain.create);
   return createMany2(permissionsWithRole);
 };
 const isContentTypeAction = (action2) => action2.section === CONTENT_TYPE_SECTION;
 const resetSuperAdminPermissions = async () => {
-  const superAdminRole = await getService("role").getSuperAdmin();
+  const superAdminRole = await getService$1("role").getSuperAdmin();
   if (!superAdminRole) {
     return;
   }
-  const permissionService = getService("permission");
-  const contentTypeService = getService("content-type");
+  const permissionService = getService$1("permission");
+  const contentTypeService = getService$1("content-type");
   const allActions = permissionService.actionProvider.values();
   const contentTypesActions = allActions.filter((action2) => isContentTypeAction(action2));
   const otherActions = allActions.filter((action2) => !isContentTypeAction(action2));
@@ -2199,23 +2212,23 @@ const resetSuperAdminPermissions = async () => {
 };
 const hasSuperAdminRole = (user2) => {
   const roles2 = ___namespace.default.get(user2, "roles", []);
-  return roles2.map(fp.prop("code")).includes(SUPER_ADMIN_CODE$1);
+  return roles2.map(fp.prop("code")).includes(SUPER_ADMIN_CODE$3);
 };
 const constants$2 = {
-  superAdminCode: SUPER_ADMIN_CODE$1
+  superAdminCode: SUPER_ADMIN_CODE$3
 };
-const role$1 = {
+const role$3 = {
   hooks,
   sanitizeRole,
   create: create$3,
-  findOne,
+  findOne: findOne$1,
   findOneWithUsersCount,
   find,
   findAllWithUsersCount,
   update: update$3,
   exists: exists$2,
   count,
-  deleteByIds: deleteByIds$1,
+  deleteByIds: deleteByIds$2,
   getUsersCount,
   getSuperAdmin,
   getSuperAdminWithUsersCount,
@@ -2236,7 +2249,7 @@ const createLocalStrategy = (strapi2, middleware) => {
       session: false
     },
     (email2, password2, done) => {
-      return getService("auth").checkCredentials({ email: fp.toLower(email2), password: password2 }).then(async ([error, user2, message]) => {
+      return getService$1("auth").checkCredentials({ email: fp.toLower(email2), password: password2 }).then(async ([error, user2, message]) => {
         if (middleware) {
           return middleware([error, user2, message], done);
         }
@@ -2253,7 +2266,7 @@ const valueIsFunctionType = ([, value]) => fp.isFunction(value);
 const keyIsValidEventName = ([key]) => {
   return Object.keys(strapi.service("admin::passport").authEventsMapper).includes(key);
 };
-const getPassportStrategies = () => [createLocalStrategy(strapi)];
+const getPassportStrategies$1 = () => [createLocalStrategy(strapi)];
 const registerAuthEvents = () => {
   const { events = {} } = strapi.config.get("admin.auth", {});
   const { authEventsMapper: authEventsMapper2 } = strapi.service("admin::passport");
@@ -2267,10 +2280,10 @@ const init = () => {
   registerAuthEvents();
   return passport__default.default.initialize();
 };
-const passport = { init, getPassportStrategies, authEventsMapper };
+const passport$1 = { init, getPassportStrategies: getPassportStrategies$1, authEventsMapper };
 const sendDidInviteUser = async () => {
-  const numberOfUsers = await getService("user").count();
-  const numberOfRoles = await getService("role").count();
+  const numberOfUsers = await getService$1("user").count();
+  const numberOfRoles = await getService$1("role").count();
   strapi.telemetry.send("didInviteUser", {
     groupProperties: { numberOfRoles, numberOfUsers }
   });
@@ -2279,27 +2292,27 @@ const sendDidUpdateRolePermissions = async () => {
   strapi.telemetry.send("didUpdateRolePermissions");
 };
 const sendDidChangeInterfaceLanguage = async () => {
-  const languagesInUse = await getService("user").getLanguagesInUse();
+  const languagesInUse = await getService$1("user").getLanguagesInUse();
   strapi.telemetry.send("didChangeInterfaceLanguage", { userProperties: { languagesInUse } });
 };
-const sendUpdateProjectInformation = async (strapi2) => {
-  const numberOfActiveAdminUsers = await getService("user").count({ isActive: true });
-  const numberOfAdminUsers = await getService("user").count();
+const sendUpdateProjectInformation$1 = async (strapi2) => {
+  const numberOfActiveAdminUsers = await getService$1("user").count({ isActive: true });
+  const numberOfAdminUsers = await getService$1("user").count();
   strapi2.telemetry.send("didUpdateProjectInformation", {
     groupProperties: { numberOfActiveAdminUsers, numberOfAdminUsers }
   });
 };
-const startCron = (strapi2) => {
+const startCron$1 = (strapi2) => {
   strapi2.cron.add({
-    "0 0 0 * * *": () => sendUpdateProjectInformation(strapi2)
+    "0 0 0 * * *": () => sendUpdateProjectInformation$1(strapi2)
   });
 };
-const metrics = {
+const metrics$1 = {
   sendDidInviteUser,
   sendDidUpdateRolePermissions,
   sendDidChangeInterfaceLanguage,
-  sendUpdateProjectInformation,
-  startCron
+  sendUpdateProjectInformation: sendUpdateProjectInformation$1,
+  startCron: startCron$1
 };
 const defaultJwtOptions = { expiresIn: "30d" };
 const getTokenOptions = () => {
@@ -2344,37 +2357,37 @@ const token$3 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePrope
   decodeJwtToken,
   getTokenOptions
 }, Symbol.toStringTag, { value: "Module" }));
-const registerProviderActionSchema = utils$1.yup.array().required().of(
-  utils$1.yup.object().shape({
-    uid: utils$1.yup.string().matches(
+const registerProviderActionSchema = utils$2.yup.array().required().of(
+  utils$2.yup.object().shape({
+    uid: utils$2.yup.string().matches(
       /^[a-z]([a-z|.|-]+)[a-z]$/,
       (v) => `${v.path}: The id can only contain lowercase letters, dots and hyphens.`
     ).required(),
-    section: utils$1.yup.string().oneOf(["contentTypes", "plugins", "settings", "internal"]).required(),
-    pluginName: utils$1.yup.mixed().when("section", {
+    section: utils$2.yup.string().oneOf(["contentTypes", "plugins", "settings", "internal"]).required(),
+    pluginName: utils$2.yup.mixed().when("section", {
       is: "plugins",
       then: validators.isAPluginName.required(),
       otherwise: validators.isAPluginName
     }),
-    subjects: utils$1.yup.mixed().when("section", {
+    subjects: utils$2.yup.mixed().when("section", {
       is: "contentTypes",
-      then: utils$1.yup.array().of(utils$1.yup.string()).required(),
-      otherwise: utils$1.yup.mixed().oneOf([void 0], 'subjects should only be defined for the "contentTypes" section')
+      then: utils$2.yup.array().of(utils$2.yup.string()).required(),
+      otherwise: utils$2.yup.mixed().oneOf([void 0], 'subjects should only be defined for the "contentTypes" section')
     }),
-    displayName: utils$1.yup.string().required(),
-    category: utils$1.yup.mixed().when("section", {
+    displayName: utils$2.yup.string().required(),
+    category: utils$2.yup.mixed().when("section", {
       is: "settings",
-      then: utils$1.yup.string().required(),
-      otherwise: utils$1.yup.mixed().test(
+      then: utils$2.yup.string().required(),
+      otherwise: utils$2.yup.mixed().test(
         "settingsCategory",
         'category should only be defined for the "settings" section',
         (cat) => cat === void 0
       )
     }),
-    subCategory: utils$1.yup.mixed().when("section", {
+    subCategory: utils$2.yup.mixed().when("section", {
       is: (section) => ["settings", "plugins"].includes(section),
-      then: utils$1.yup.string(),
-      otherwise: utils$1.yup.mixed().test(
+      then: utils$2.yup.string(),
+      otherwise: utils$2.yup.mixed().test(
         "settingsSubCategory",
         'subCategory should only be defined for "plugins" and "settings" sections',
         (subCat) => {
@@ -2382,17 +2395,23 @@ const registerProviderActionSchema = utils$1.yup.array().required().of(
         }
       )
     }),
-    options: utils$1.yup.object({
-      applyToProperties: utils$1.yup.array().of(utils$1.yup.string())
-    })
+    options: utils$2.yup.object({
+      applyToProperties: utils$2.yup.array().of(utils$2.yup.string())
+    }),
+    aliases: utils$2.yup.array(
+      utils$2.yup.object({
+        actionId: utils$2.yup.string(),
+        subjects: utils$2.yup.array(utils$2.yup.string()).nullable()
+      })
+    ).nullable()
   }).noUnknown()
 );
-const validateRegisterProviderAction = utils$1.validateYupSchemaSync(registerProviderActionSchema);
-const { ApplicationError: ApplicationError$5 } = utils$1.errors;
+const validateRegisterProviderAction = utils$2.validateYupSchemaSync(registerProviderActionSchema);
+const { ApplicationError: ApplicationError$8 } = utils$2.errors;
 const createActionProvider = (options) => {
-  const provider = utils$1.providerFactory(options);
+  const provider = utils$2.providerFactory(options);
   const actionHooks = {
-    appliesPropertyToSubject: utils$1.hooks.createAsyncParallelHook()
+    appliesPropertyToSubject: utils$2.hooks.createAsyncParallelHook()
   };
   return {
     ...provider,
@@ -2418,7 +2437,7 @@ const createActionProvider = (options) => {
     async appliesToProperty(property, actionId, subject2) {
       const action2 = provider.get(actionId);
       if (!action2) {
-        throw new ApplicationError$5(`No action found with id "${actionId}"`);
+        throw new ApplicationError$8(`No action found with id "${actionId}"`);
       }
       const appliesToAction = actionDomain.appliesToProperty(property, action2);
       if (!appliesToAction) {
@@ -2436,6 +2455,29 @@ const createActionProvider = (options) => {
         subject: subject2
       });
       return results.every((result) => result !== false);
+    },
+    /**
+     * @experimental
+     */
+    unstable_aliases(actionId, subject2) {
+      const isRegistered = this.has(actionId);
+      if (!isRegistered) {
+        return [];
+      }
+      return this.values().filter(
+        (action2) => action2.aliases?.some((alias) => {
+          if (alias.actionId !== actionId) {
+            return false;
+          }
+          if (!Array.isArray(alias.subjects)) {
+            return true;
+          }
+          if (!subject2) {
+            return false;
+          }
+          return alias.subjects.includes(subject2);
+        })
+      ).map((action2) => action2.actionId);
     }
   };
 };
@@ -2473,7 +2515,7 @@ const domain = {
   sanitizeConditionAttributes
 };
 const createConditionProvider = () => {
-  const provider = utils$1.providerFactory();
+  const provider = utils$2.providerFactory();
   return {
     ...provider,
     async register(conditionAttributes) {
@@ -2493,14 +2535,14 @@ const createConditionProvider = () => {
 };
 const {
   visitors: { removePassword, expandWildcardPopulate }
-} = utils$1.sanitize;
+} = utils$2.sanitize;
 const {
   constants: constants$1,
   isScalarAttribute: isScalarAttribute$1,
   getNonVisibleAttributes: getNonVisibleAttributes$1,
   getNonWritableAttributes,
   getWritableAttributes: getWritableAttributes$1
-} = utils$1.contentTypes;
+} = utils$2.contentTypes;
 const {
   ID_ATTRIBUTE: ID_ATTRIBUTE$1,
   DOC_ID_ATTRIBUTE: DOC_ID_ATTRIBUTE$1,
@@ -2514,7 +2556,7 @@ const COMPONENT_FIELDS$1 = ["__component"];
 const STATIC_FIELDS$1 = [ID_ATTRIBUTE$1, DOC_ID_ATTRIBUTE$1];
 const createSanitizeHelpers = ({ action: action2, ability: ability$1, model }) => {
   const schema = strapi.getModel(model);
-  const { removeDisallowedFields } = utils$1.sanitize.visitors;
+  const { removeDisallowedFields } = utils$2.sanitize.visitors;
   const ctx = {
     schema,
     getModel: strapi.getModel.bind(strapi)
@@ -2522,39 +2564,39 @@ const createSanitizeHelpers = ({ action: action2, ability: ability$1, model }) =
   const createSanitizeQuery = (options = {}) => {
     const { fields } = options;
     const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);
-    const sanitizeFilters = utils$1.async.pipe(
-      utils$1.traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),
-      utils$1.traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),
-      utils$1.traverse.traverseQueryFilters(omitHiddenFields, ctx),
-      utils$1.traverse.traverseQueryFilters(removePassword, ctx),
-      utils$1.traverse.traverseQueryFilters(({ key, value }, { remove }) => {
+    const sanitizeFilters = utils$2.async.pipe(
+      utils$2.traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),
+      utils$2.traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),
+      utils$2.traverse.traverseQueryFilters(omitHiddenFields, ctx),
+      utils$2.traverse.traverseQueryFilters(removePassword, ctx),
+      utils$2.traverse.traverseQueryFilters(({ key, value }, { remove }) => {
         if (fp.isObject(value) && fp.isEmpty(value)) {
           remove(key);
         }
       }, ctx)
     );
-    const sanitizeSort = utils$1.async.pipe(
-      utils$1.traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),
-      utils$1.traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),
-      utils$1.traverse.traverseQuerySort(omitHiddenFields, ctx),
-      utils$1.traverse.traverseQuerySort(removePassword, ctx),
-      utils$1.traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {
+    const sanitizeSort = utils$2.async.pipe(
+      utils$2.traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),
+      utils$2.traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),
+      utils$2.traverse.traverseQuerySort(omitHiddenFields, ctx),
+      utils$2.traverse.traverseQuerySort(removePassword, ctx),
+      utils$2.traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {
         if (!isScalarAttribute$1(attribute) && fp.isEmpty(value)) {
           remove(key);
         }
       }, ctx)
     );
-    const sanitizePopulate = utils$1.async.pipe(
-      utils$1.traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),
-      utils$1.traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),
-      utils$1.traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),
-      utils$1.traverse.traverseQueryPopulate(omitHiddenFields, ctx),
-      utils$1.traverse.traverseQueryPopulate(removePassword, ctx)
+    const sanitizePopulate = utils$2.async.pipe(
+      utils$2.traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),
+      utils$2.traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),
+      utils$2.traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),
+      utils$2.traverse.traverseQueryPopulate(omitHiddenFields, ctx),
+      utils$2.traverse.traverseQueryPopulate(removePassword, ctx)
     );
-    const sanitizeFields = utils$1.async.pipe(
-      utils$1.traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),
-      utils$1.traverse.traverseQueryFields(omitHiddenFields, ctx),
-      utils$1.traverse.traverseQueryFields(removePassword, ctx)
+    const sanitizeFields = utils$2.async.pipe(
+      utils$2.traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),
+      utils$2.traverse.traverseQueryFields(omitHiddenFields, ctx),
+      utils$2.traverse.traverseQueryFields(removePassword, ctx)
     );
     return async (query) => {
       const sanitizedQuery = fp.cloneDeep(query);
@@ -2576,15 +2618,15 @@ const createSanitizeHelpers = ({ action: action2, ability: ability$1, model }) =
   const createSanitizeOutput = (options = {}) => {
     const { fields } = options;
     const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);
-    return utils$1.async.pipe(
+    return utils$2.async.pipe(
       // Remove fields hidden from the admin
-      utils$1.traverseEntity(omitHiddenFields, ctx),
+      utils$2.traverseEntity(omitHiddenFields, ctx),
       // Remove unallowed fields from admin::user relations
-      utils$1.traverseEntity(pickAllowedAdminUserFields, ctx),
+      utils$2.traverseEntity(pickAllowedAdminUserFields, ctx),
       // Remove not allowed fields (RBAC)
-      utils$1.traverseEntity(removeDisallowedFields(permittedFields), ctx),
+      utils$2.traverseEntity(removeDisallowedFields(permittedFields), ctx),
       // Remove all fields of type 'password'
-      utils$1.sanitize.sanitizers.sanitizePasswords({
+      utils$2.sanitize.sanitizers.sanitizePasswords({
         schema,
         getModel(uid) {
           return strapi.getModel(uid);
@@ -2595,11 +2637,11 @@ const createSanitizeHelpers = ({ action: action2, ability: ability$1, model }) =
   const createSanitizeInput = (options = {}) => {
     const { fields } = options;
     const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);
-    return utils$1.async.pipe(
+    return utils$2.async.pipe(
       // Remove fields hidden from the admin
-      utils$1.traverseEntity(omitHiddenFields, ctx),
+      utils$2.traverseEntity(omitHiddenFields, ctx),
       // Remove not allowed fields (RBAC)
-      utils$1.traverseEntity(removeDisallowedFields(permittedFields), ctx),
+      utils$2.traverseEntity(removeDisallowedFields(permittedFields), ctx),
       // Remove roles from createdBy & updatedBy fields
       omitCreatorRoles
     );
@@ -2700,9 +2742,9 @@ const createSanitizeHelpers = ({ action: action2, ability: ability$1, model }) =
     sanitizeQuery: wrapSanitize(createSanitizeQuery)
   };
 };
-const { ValidationError: ValidationError$3 } = utils$1.errors;
-const { throwPassword, throwDisallowedFields } = utils$1.validate.visitors;
-const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = utils$1.contentTypes;
+const { ValidationError: ValidationError$5 } = utils$2.errors;
+const { throwPassword, throwDisallowedFields } = utils$2.validate.visitors;
+const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = utils$2.contentTypes;
 const {
   ID_ATTRIBUTE,
   DOC_ID_ATTRIBUTE,
@@ -2716,7 +2758,7 @@ const COMPONENT_FIELDS = ["__component"];
 const STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];
 const throwInvalidKey = ({ key, path: path2 }) => {
   const msg = path2 && path2 !== key ? `Invalid key ${key} at ${path2}` : `Invalid key ${key}`;
-  throw new ValidationError$3(msg);
+  throw new ValidationError$5(msg);
 };
 const createValidateHelpers = ({ action: action2, ability: ability$1, model }) => {
   const schema = strapi.getModel(model);
@@ -2727,35 +2769,35 @@ const createValidateHelpers = ({ action: action2, ability: ability$1, model }) =
   const createValidateQuery = (options = {}) => {
     const { fields } = options;
     const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);
-    const validateFilters = utils$1.async.pipe(
-      utils$1.traverse.traverseQueryFilters(throwDisallowedFields(permittedFields), ctx),
-      utils$1.traverse.traverseQueryFilters(throwDisallowedAdminUserFields, ctx),
-      utils$1.traverse.traverseQueryFilters(throwPassword, ctx),
-      utils$1.traverse.traverseQueryFilters(({ key, value, path: path2 }) => {
+    const validateFilters = utils$2.async.pipe(
+      utils$2.traverse.traverseQueryFilters(throwDisallowedFields(permittedFields), ctx),
+      utils$2.traverse.traverseQueryFilters(throwDisallowedAdminUserFields, ctx),
+      utils$2.traverse.traverseQueryFilters(throwPassword, ctx),
+      utils$2.traverse.traverseQueryFilters(({ key, value, path: path2 }) => {
         if (fp.isObject(value) && fp.isEmpty(value)) {
           throwInvalidKey({ key, path: path2.attribute });
         }
       }, ctx)
     );
-    const validateSort = utils$1.async.pipe(
-      utils$1.traverse.traverseQuerySort(throwDisallowedFields(permittedFields), ctx),
-      utils$1.traverse.traverseQuerySort(throwDisallowedAdminUserFields, ctx),
-      utils$1.traverse.traverseQuerySort(throwPassword, ctx),
-      utils$1.traverse.traverseQuerySort(({ key, attribute, value, path: path2 }) => {
+    const validateSort = utils$2.async.pipe(
+      utils$2.traverse.traverseQuerySort(throwDisallowedFields(permittedFields), ctx),
+      utils$2.traverse.traverseQuerySort(throwDisallowedAdminUserFields, ctx),
+      utils$2.traverse.traverseQuerySort(throwPassword, ctx),
+      utils$2.traverse.traverseQuerySort(({ key, attribute, value, path: path2 }) => {
         if (!isScalarAttribute(attribute) && fp.isEmpty(value)) {
           throwInvalidKey({ key, path: path2.attribute });
         }
       }, ctx)
     );
-    const validateFields = utils$1.async.pipe(
-      utils$1.traverse.traverseQueryFields(throwDisallowedFields(permittedFields), ctx),
-      utils$1.traverse.traverseQueryFields(throwPassword, ctx)
+    const validateFields = utils$2.async.pipe(
+      utils$2.traverse.traverseQueryFields(throwDisallowedFields(permittedFields), ctx),
+      utils$2.traverse.traverseQueryFields(throwPassword, ctx)
     );
-    const validatePopulate = utils$1.async.pipe(
-      utils$1.traverse.traverseQueryPopulate(throwDisallowedFields(permittedFields), ctx),
-      utils$1.traverse.traverseQueryPopulate(throwDisallowedAdminUserFields, ctx),
-      utils$1.traverse.traverseQueryPopulate(throwHiddenFields, ctx),
-      utils$1.traverse.traverseQueryPopulate(throwPassword, ctx)
+    const validatePopulate = utils$2.async.pipe(
+      utils$2.traverse.traverseQueryPopulate(throwDisallowedFields(permittedFields), ctx),
+      utils$2.traverse.traverseQueryPopulate(throwDisallowedAdminUserFields, ctx),
+      utils$2.traverse.traverseQueryPopulate(throwHiddenFields, ctx),
+      utils$2.traverse.traverseQueryPopulate(throwPassword, ctx)
     );
     return async (query) => {
       if (query.filters) {
@@ -2776,11 +2818,11 @@ const createValidateHelpers = ({ action: action2, ability: ability$1, model }) =
   const createValidateInput = (options = {}) => {
     const { fields } = options;
     const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);
-    return utils$1.async.pipe(
+    return utils$2.async.pipe(
       // Remove fields hidden from the admin
-      utils$1.traverseEntity(throwHiddenFields, ctx),
+      utils$2.traverseEntity(throwHiddenFields, ctx),
       // Remove not allowed fields (RBAC)
-      utils$1.traverseEntity(throwDisallowedFields(permittedFields), ctx),
+      utils$2.traverseEntity(throwDisallowedFields(permittedFields), ctx),
       // Remove roles from createdBy & updatedBy fields
       omitCreatorRoles
     );
@@ -2901,7 +2943,7 @@ const unwrapDeep = (obj) => {
     {}
   );
 };
-const index$4 = ({ ability: ability$1, action: action2, model }) => ({
+const index = ({ ability: ability$1, action: action2, model }) => ({
   ability: ability$1,
   action: action2,
   model,
@@ -2974,7 +3016,7 @@ const createPermissionEngine = (params) => {
      * @param user
      */
     async generateUserAbility(user2) {
-      const permissions2 = await getService("permission").findUserPermissions(user2);
+      const permissions2 = await getService$1("permission").findUserPermissions(user2);
       return engine2.generateAbility(permissions2, user2);
     },
     /**
@@ -2989,8 +3031,8 @@ const emptyObjectFactory = () => ({});
 const createSection = ({ initialStateFactory = emptyObjectFactory, handlers = [], matchers = [] } = {}) => {
   const state = {
     hooks: {
-      handlers: utils$1.hooks.createAsyncSeriesHook(),
-      matchers: utils$1.hooks.createAsyncParallelHook()
+      handlers: utils$2.hooks.createAsyncSeriesHook(),
+      matchers: utils$2.hooks.createAsyncParallelHook()
     }
   };
   handlers.forEach((handler) => state.hooks.handlers.register(handler));
@@ -3094,7 +3136,7 @@ const toSubjectTemplate = (ct) => ({
   label: ct.info.singularName,
   properties: []
 });
-const { isVisibleAttribute } = utils$1.contentTypes;
+const { isVisibleAttribute } = utils$2.contentTypes;
 const settings = ({ action: action2, section }) => {
   const { category, subCategory, displayName, actionId } = action2;
   section.push({
@@ -3204,10 +3246,10 @@ const deleteByRolesIds = async (rolesIds) => {
     }
   });
   if (permissionsToDelete.length > 0) {
-    await deleteByIds(permissionsToDelete.map(fp.prop("id")));
+    await deleteByIds$1(permissionsToDelete.map(fp.prop("id")));
   }
 };
-const deleteByIds = async (ids) => {
+const deleteByIds$1 = async (ids) => {
   const result = [];
   for (const id of ids) {
     const queryResult = await strapi.db.query("admin::permission").delete({ where: { id } });
@@ -3239,7 +3281,7 @@ const findUserPermissions = async (user2) => {
   return findMany({ where: { role: { users: { id: user2.id } } } });
 };
 const filterPermissionsToRemove = async (permissions2) => {
-  const { actionProvider: actionProvider2 } = getService("permission");
+  const { actionProvider: actionProvider2 } = getService$1("permission");
   const permissionsToRemove = [];
   for (const permission2 of permissions2) {
     const { subjects, options = {} } = actionProvider2.get(permission2.action) || {};
@@ -3265,7 +3307,7 @@ const filterPermissionsToRemove = async (permissions2) => {
 };
 const cleanPermissionsInDatabase = async () => {
   const pageSize = 200;
-  const contentTypeService = getService("content-type");
+  const contentTypeService = getService$1("content-type");
   const total = await strapi.db.query("admin::permission").count();
   const pageCount = Math.ceil(total / pageSize);
   for (let page = 0; page < pageCount; page += 1) {
@@ -3290,7 +3332,7 @@ const cleanPermissionsInDatabase = async () => {
       return update$2({ id: permission2.id }, permission2);
     };
     await Promise.all([
-      deleteByIds(permissionsIdToRemove),
+      deleteByIds$1(permissionsIdToRemove),
       pmap__default.default(permissionsNeedingToBeUpdated, updatePromiseProvider, {
         concurrency: 100,
         stopOnError: true
@@ -3311,8 +3353,8 @@ const permission$2 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.define
   cleanPermissionsInDatabase,
   conditionProvider,
   createMany,
-  createPermissionsManager: index$4,
-  deleteByIds,
+  createPermissionsManager: index,
+  deleteByIds: deleteByIds$1,
   deleteByRolesIds,
   engine: engine$1,
   findMany,
@@ -3330,7 +3372,7 @@ const getNestedFields = (model, {
   if (nestingLevel === 0) {
     return prefix ? [prefix] : [];
   }
-  const nonAuthorizableFields = utils$1.contentTypes.getNonVisibleAttributes(model);
+  const nonAuthorizableFields = utils$2.contentTypes.getNonVisibleAttributes(model);
   return ___namespace.default.reduce(
     model.attributes,
     (fields, attr, key) => {
@@ -3367,7 +3409,7 @@ const getNestedFieldsWithIntermediate = (model, { prefix = "", nestingLevel = 15
   if (nestingLevel === 0) {
     return [];
   }
-  const nonAuthorizableFields = utils$1.contentTypes.getNonVisibleAttributes(model);
+  const nonAuthorizableFields = utils$2.contentTypes.getNonVisibleAttributes(model);
   return ___namespace.default.reduce(
     model.attributes,
     (fields, attr, key) => {
@@ -3409,7 +3451,7 @@ const getPermissionsWithNestedFields = (actions2, { nestingLevel, restrictedSubj
   }, []);
 };
 const cleanPermissionFields = (permissions2, { nestingLevel } = {}) => {
-  const { actionProvider: actionProvider2 } = getService("permission");
+  const { actionProvider: actionProvider2 } = getService$1("permission");
   return permissions2.map((permission2) => {
     const {
       action: actionId,
@@ -3448,7 +3490,7 @@ const contentType = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
   getPermissionsWithNestedFields
 }, Symbol.toStringTag, { value: "Module" }));
 const isValidCondition = (condition2) => {
-  const { conditionProvider: conditionProvider2 } = getService("permission");
+  const { conditionProvider: conditionProvider2 } = getService$1("permission");
   return fp.isString(condition2) && conditionProvider2.has(condition2);
 };
 const condition = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
@@ -3456,11 +3498,11 @@ const condition = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePro
   isValidCondition
 }, Symbol.toStringTag, { value: "Module" }));
 const { AUTHOR_CODE, PUBLISH_ACTION } = constants$3;
-const { NotFoundError: NotFoundError$2 } = utils$1.errors;
+const { NotFoundError: NotFoundError$2 } = utils$2.errors;
 const getAllowedActionsForRole = async (roleId) => {
-  const { actionProvider: actionProvider2 } = getService("permission");
+  const { actionProvider: actionProvider2 } = getService$1("permission");
   if (!fp.isNil(roleId)) {
-    const role2 = await getService("role").findOne({ id: roleId });
+    const role2 = await getService$1("role").findOne({ id: roleId });
     if (!role2) {
       throw new NotFoundError$2("role.notFound");
     }
@@ -3474,7 +3516,7 @@ const action = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProper
   __proto__: null,
   getAllowedActionsForRole
 }, Symbol.toStringTag, { value: "Module" }));
-const { ValidationError: ValidationError$2, NotFoundError: NotFoundError$1 } = utils$1.errors;
+const { ValidationError: ValidationError$4, NotFoundError: NotFoundError$1 } = utils$2.errors;
 const SELECT_FIELDS$1 = [
   "id",
   "name",
@@ -3489,16 +3531,16 @@ const SELECT_FIELDS$1 = [
 const POPULATE_FIELDS$1 = ["permissions"];
 const assertCustomTokenPermissionsValidity = (type, permissions2) => {
   if (type !== constants$3.API_TOKEN_TYPE.CUSTOM && !fp.isEmpty(permissions2)) {
-    throw new ValidationError$2("Non-custom tokens should not reference permissions");
+    throw new ValidationError$4("Non-custom tokens should not reference permissions");
   }
   if (type === constants$3.API_TOKEN_TYPE.CUSTOM && !fp.isArray(permissions2)) {
-    throw new ValidationError$2("Missing permissions attribute for custom token");
+    throw new ValidationError$4("Missing permissions attribute for custom token");
   }
   if (type === constants$3.API_TOKEN_TYPE.CUSTOM) {
     const validPermissions = strapi.contentAPI.permissions.providers.action.keys();
     const invalidPermissions = fp.difference(permissions2, validPermissions);
     if (!fp.isEmpty(invalidPermissions)) {
-      throw new ValidationError$2(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
+      throw new ValidationError$4(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
     }
   }
 };
@@ -3513,7 +3555,7 @@ const isValidLifespan$1 = (lifespan) => {
 };
 const assertValidLifespan$1 = (lifespan) => {
   if (!isValidLifespan$1(lifespan)) {
-    throw new ValidationError$2(
+    throw new ValidationError$4(
       `lifespan must be one of the following values:
       ${Object.values(constants$3.API_TOKEN_LIFESPANS).join(", ")}`
     );
@@ -3548,7 +3590,7 @@ const hash$1 = (accessKey) => {
 const getExpirationFields$1 = (lifespan) => {
   const isValidNumber = fp.isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;
   if (!isValidNumber && !fp.isNil(lifespan)) {
-    throw new ValidationError$2("lifespan must be a positive number or null");
+    throw new ValidationError$4("lifespan must be a positive number or null");
   }
   return {
     lifespan: lifespan || null,
@@ -3700,8 +3742,8 @@ const apiToken$2 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePr
 }, Symbol.toStringTag, { value: "Module" }));
 const DEFAULT_TRANSFER_ACTIONS = ["push", "pull"];
 const providers = {
-  action: utils$1.providerFactory(),
-  condition: utils$1.providerFactory()
+  action: utils$2.providerFactory(),
+  condition: utils$2.providerFactory()
 };
 DEFAULT_TRANSFER_ACTIONS.forEach((action2) => {
   providers.action.register(action2, { action: action2 });
@@ -3712,7 +3754,7 @@ const permission$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.define
   engine,
   providers
 }, Symbol.toStringTag, { value: "Module" }));
-const { ValidationError: ValidationError$1, NotFoundError } = utils$1.errors;
+const { ValidationError: ValidationError$3, NotFoundError } = utils$2.errors;
 const TRANSFER_TOKEN_UID = "admin::transfer-token";
 const TRANSFER_TOKEN_PERMISSION_UID = "admin::transfer-token-permission";
 const SELECT_FIELDS = [
@@ -3863,7 +3905,7 @@ const regenerate = async (id) => {
 const getExpirationFields = (lifespan) => {
   const isValidNumber = fp.isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;
   if (!isValidNumber && !fp.isNil(lifespan)) {
-    throw new ValidationError$1("lifespan must be a positive number or null");
+    throw new ValidationError$3("lifespan must be a positive number or null");
   }
   return {
     lifespan: lifespan || null,
@@ -3871,14 +3913,14 @@ const getExpirationFields = (lifespan) => {
   };
 };
 const hash = (accessKey) => {
-  const { hasValidTokenSalt: hasValidTokenSalt2 } = getService("transfer").utils;
+  const { hasValidTokenSalt: hasValidTokenSalt2 } = getService$1("transfer").utils;
   if (!hasValidTokenSalt2()) {
     throw new TypeError("Required token salt is not defined");
   }
   return crypto__default.default.createHmac("sha512", strapi.config.get("admin.transfer.token.salt")).update(accessKey).digest("hex");
 };
 const checkSaltIsDefined = () => {
-  const { hasValidTokenSalt: hasValidTokenSalt2 } = getService("transfer").utils;
+  const { hasValidTokenSalt: hasValidTokenSalt2 } = getService$1("transfer").utils;
   if (!strapi.config.get("server.transfer.remote.enabled")) {
     return;
   }
@@ -3904,7 +3946,7 @@ const assertTokenPermissionsValidity = (attributes) => {
   const validPermissions = permissionService.providers.action.keys();
   const invalidPermissions = fp.difference(attributes.permissions, validPermissions);
   if (!fp.isEmpty(invalidPermissions)) {
-    throw new ValidationError$1(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
+    throw new ValidationError$3(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
   }
 };
 const isValidLifespan = (lifespan) => {
@@ -3918,7 +3960,7 @@ const isValidLifespan = (lifespan) => {
 };
 const assertValidLifespan = (lifespan) => {
   if (!isValidLifespan(lifespan)) {
-    throw new ValidationError$1(
+    throw new ValidationError$3(
       `lifespan must be one of the following values:
       ${Object.values(constants$3.TRANSFER_TOKEN_LIFESPANS).join(", ")}`
     );
@@ -3944,15 +3986,15 @@ const hasValidTokenSalt = () => {
   return typeof salt === "string" && salt.length > 0;
 };
 const isRemoteTransferEnabled = () => {
-  const { utils: utils2 } = getService("transfer");
-  if (utils$1.env.bool("STRAPI_DISABLE_REMOTE_DATA_TRANSFER") !== void 0) {
+  const { utils: utils2 } = getService$1("transfer");
+  if (utils$2.env.bool("STRAPI_DISABLE_REMOTE_DATA_TRANSFER") !== void 0) {
     strapi.log.warn(
       "STRAPI_DISABLE_REMOTE_DATA_TRANSFER is no longer supported. Instead, set transfer.remote.enabled to false in your server configuration"
     );
   }
   return utils2.hasValidTokenSalt() && strapi.config.get("server.transfer.remote.enabled");
 };
-const utils = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
+const utils$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
   __proto__: null,
   hasValidTokenSalt,
   isRemoteTransferEnabled
@@ -3961,7 +4003,7 @@ const transfer$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePr
   __proto__: null,
   permission: permission$1,
   token: token$2,
-  utils
+  utils: utils$1
 }, Symbol.toStringTag, { value: "Module" }));
 const PROJECT_SETTINGS_FILE_INPUTS = ["menuLogo", "authLogo"];
 const parseFilesData = async (files) => {
@@ -4082,14 +4124,14 @@ const projectSettings = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.def
   parseFilesData,
   updateProjectSettings: updateProjectSettings$1
 }, Symbol.toStringTag, { value: "Module" }));
-const index$3 = {
-  auth,
-  user: user$1,
-  role: role$1,
-  passport,
+const services$1 = {
+  auth: auth$1,
+  user: user$3,
+  role: role$3,
+  passport: passport$1,
   token: token$3,
   permission: permission$2,
-  metrics,
+  metrics: metrics$1,
   "content-type": contentType,
   constants: constants$4,
   condition,
@@ -4122,13 +4164,13 @@ const updateProjectSettingsImagesDimensions = zod.z.object({
   menuLogo: logoDimensions.nullish(),
   authLogo: logoDimensions.nullish()
 }).strict();
-const validateUpdateProjectSettings = utils$1.validateZod(updateProjectSettings);
-const validateUpdateProjectSettingsFiles = utils$1.validateZod(updateProjectSettingsFiles);
-const validateUpdateProjectSettingsImagesDimensions = utils$1.validateZod(
+const validateUpdateProjectSettings = utils$2.validateZod(updateProjectSettings);
+const validateUpdateProjectSettingsFiles = utils$2.validateZod(updateProjectSettingsFiles);
+const validateUpdateProjectSettingsImagesDimensions = utils$2.validateZod(
   updateProjectSettingsImagesDimensions
 );
 const { isUsingTypeScript } = tsUtils__default.default;
-const admin = {
+const admin$3 = {
   // TODO very temporary to check the switch ee/ce
   // When removing this we need to update the /admin/src/index.js file
   // whe,re we set the strapi.window.isEE value
@@ -4140,8 +4182,8 @@ const admin = {
   },
   async init() {
     let uuid = strapi.config.get("uuid", false);
-    const hasAdmin = await getService("user").exists();
-    const { menuLogo, authLogo } = await getService("project-settings").getProjectSettings();
+    const hasAdmin = await getService$1("user").exists();
+    const { menuLogo, authLogo } = await getService$1("project-settings").getProjectSettings();
     const telemetryDisabled = strapi.config.get(
       "packageJsonStrapi.telemetryDisabled",
       null
@@ -4159,7 +4201,7 @@ const admin = {
     };
   },
   async getProjectSettings() {
-    return getService(
+    return getService$1(
       "project-settings"
     ).getProjectSettings();
   },
@@ -4167,7 +4209,7 @@ const admin = {
     const {
       request: { files, body }
     } = ctx;
-    const projectSettingsService = getService("project-settings");
+    const projectSettingsService = getService$1("project-settings");
     await validateUpdateProjectSettings(body);
     await validateUpdateProjectSettingsFiles(files);
     const formatedFiles = await projectSettingsService.parseFilesData(files);
@@ -4186,7 +4228,7 @@ const admin = {
     const useTypescriptOnAdmin = await isUsingTypeScript(
       path__default.default.join(strapi.dirs.app.root, "src", "admin")
     );
-    const isHostedOnStrapiCloud = utils$1.env("STRAPI_HOSTING", null) === "strapi.cloud";
+    const isHostedOnStrapiCloud = utils$2.env("STRAPI_HOSTING", null) === "strapi.cloud";
     const numberOfAllContentTypes = ___namespace.default.size(strapi.contentTypes);
     const numberOfComponents = ___namespace.default.size(strapi.components);
     const getNumberOfDynamicZones = () => {
@@ -4251,26 +4293,26 @@ const admin = {
     ctx.send({ plugins: plugins2 });
   }
 };
-const apiTokenCreationSchema = utils$1.yup.object().shape({
-  name: utils$1.yup.string().min(1).required(),
-  description: utils$1.yup.string().optional(),
-  type: utils$1.yup.string().oneOf(Object.values(constants$3.API_TOKEN_TYPE)).required(),
-  permissions: utils$1.yup.array().of(utils$1.yup.string()).nullable(),
-  lifespan: utils$1.yup.number().min(1).oneOf(Object.values(constants$3.API_TOKEN_LIFESPANS)).nullable()
+const apiTokenCreationSchema = utils$2.yup.object().shape({
+  name: utils$2.yup.string().min(1).required(),
+  description: utils$2.yup.string().optional(),
+  type: utils$2.yup.string().oneOf(Object.values(constants$3.API_TOKEN_TYPE)).required(),
+  permissions: utils$2.yup.array().of(utils$2.yup.string()).nullable(),
+  lifespan: utils$2.yup.number().min(1).oneOf(Object.values(constants$3.API_TOKEN_LIFESPANS)).nullable()
 }).noUnknown().strict();
-const apiTokenUpdateSchema = utils$1.yup.object().shape({
-  name: utils$1.yup.string().min(1).notNull(),
-  description: utils$1.yup.string().nullable(),
-  type: utils$1.yup.string().oneOf(Object.values(constants$3.API_TOKEN_TYPE)).notNull(),
-  permissions: utils$1.yup.array().of(utils$1.yup.string()).nullable()
+const apiTokenUpdateSchema = utils$2.yup.object().shape({
+  name: utils$2.yup.string().min(1).notNull(),
+  description: utils$2.yup.string().nullable(),
+  type: utils$2.yup.string().oneOf(Object.values(constants$3.API_TOKEN_TYPE)).notNull(),
+  permissions: utils$2.yup.array().of(utils$2.yup.string()).nullable()
 }).noUnknown().strict();
-const validateApiTokenCreationInput = utils$1.validateYupSchema(apiTokenCreationSchema);
-const validateApiTokenUpdateInput = utils$1.validateYupSchema(apiTokenUpdateSchema);
-const { ApplicationError: ApplicationError$4 } = utils$1.errors;
+const validateApiTokenCreationInput = utils$2.validateYupSchema(apiTokenCreationSchema);
+const validateApiTokenUpdateInput = utils$2.validateYupSchema(apiTokenUpdateSchema);
+const { ApplicationError: ApplicationError$7 } = utils$2.errors;
 const apiToken$1 = {
   async create(ctx) {
     const { body } = ctx.request;
-    const apiTokenService = getService("api-token");
+    const apiTokenService = getService$1("api-token");
     const attributes = {
       name: fp.trim(body.name),
       description: fp.trim(body.description),
@@ -4281,14 +4323,14 @@ const apiToken$1 = {
     await validateApiTokenCreationInput(attributes);
     const alreadyExists = await apiTokenService.exists({ name: attributes.name });
     if (alreadyExists) {
-      throw new ApplicationError$4("Name already taken");
+      throw new ApplicationError$7("Name already taken");
     }
     const apiToken2 = await apiTokenService.create(attributes);
     ctx.created({ data: apiToken2 });
   },
   async regenerate(ctx) {
     const { id } = ctx.params;
-    const apiTokenService = getService("api-token");
+    const apiTokenService = getService$1("api-token");
     const apiTokenExists = await apiTokenService.getById(id);
     if (!apiTokenExists) {
       ctx.notFound("API Token not found");
@@ -4298,19 +4340,19 @@ const apiToken$1 = {
     ctx.created({ data: accessToken });
   },
   async list(ctx) {
-    const apiTokenService = getService("api-token");
+    const apiTokenService = getService$1("api-token");
     const apiTokens2 = await apiTokenService.list();
     ctx.send({ data: apiTokens2 });
   },
   async revoke(ctx) {
     const { id } = ctx.params;
-    const apiTokenService = getService("api-token");
+    const apiTokenService = getService$1("api-token");
     const apiToken2 = await apiTokenService.revoke(id);
     ctx.deleted({ data: apiToken2 });
   },
   async get(ctx) {
     const { id } = ctx.params;
-    const apiTokenService = getService("api-token");
+    const apiTokenService = getService$1("api-token");
     const apiToken2 = await apiTokenService.getById(id);
     if (!apiToken2) {
       ctx.notFound("API Token not found");
@@ -4321,7 +4363,7 @@ const apiToken$1 = {
   async update(ctx) {
     const { body } = ctx.request;
     const { id } = ctx.params;
-    const apiTokenService = getService("api-token");
+    const apiTokenService = getService$1("api-token");
     const attributes = body;
     if (fp.has("name", attributes)) {
       attributes.name = fp.trim(body.name);
@@ -4336,57 +4378,62 @@ const apiToken$1 = {
     }
     if (fp.has("name", attributes)) {
       const nameAlreadyTaken = await apiTokenService.getByName(attributes.name);
-      if (!!nameAlreadyTaken && !utils$1.strings.isEqual(nameAlreadyTaken.id, id)) {
-        throw new ApplicationError$4("Name already taken");
+      if (!!nameAlreadyTaken && !utils$2.strings.isEqual(nameAlreadyTaken.id, id)) {
+        throw new ApplicationError$7("Name already taken");
       }
     }
     const apiToken2 = await apiTokenService.update(id, attributes);
     ctx.send({ data: apiToken2 });
   },
   async getLayout(ctx) {
-    const apiTokenService = getService("api-token");
+    const apiTokenService = getService$1("api-token");
     const layout = await apiTokenService.getApiTokenLayout();
     ctx.send({ data: layout });
   }
 };
-const userCreationSchema = utils$1.yup.object().shape({
+const userCreationSchema = utils$2.yup.object().shape({
   email: validators.email.required(),
   firstname: validators.firstname.required(),
   lastname: validators.lastname,
   roles: validators.roles.min(1),
-  preferedLanguage: utils$1.yup.string().nullable()
+  preferedLanguage: utils$2.yup.string().nullable()
 }).noUnknown();
-const profileUpdateSchema = utils$1.yup.object().shape({
+const profileUpdateSchema = utils$2.yup.object().shape({
   email: validators.email.notNull(),
   firstname: validators.firstname.notNull(),
   lastname: validators.lastname.nullable(),
   username: validators.username.nullable(),
   password: validators.password.notNull(),
-  currentPassword: utils$1.yup.string().when(
+  currentPassword: utils$2.yup.string().when(
     "password",
     (password2, schema) => !fp.isUndefined(password2) ? schema.required() : schema
   ).notNull(),
-  preferedLanguage: utils$1.yup.string().nullable()
+  preferedLanguage: utils$2.yup.string().nullable()
 }).noUnknown();
-const userUpdateSchema = utils$1.yup.object().shape({
+const userUpdateSchema = utils$2.yup.object().shape({
   email: validators.email.notNull(),
   firstname: validators.firstname.notNull(),
   lastname: validators.lastname.nullable(),
   username: validators.username.nullable(),
   password: validators.password.notNull(),
-  isActive: utils$1.yup.bool().notNull(),
+  isActive: utils$2.yup.bool().notNull(),
   roles: validators.roles.min(1).notNull()
 }).noUnknown();
-const usersDeleteSchema = utils$1.yup.object().shape({
-  ids: utils$1.yup.array().of(utils$1.yup.strapiID()).min(1).required()
+const usersDeleteSchema = utils$2.yup.object().shape({
+  ids: utils$2.yup.array().of(utils$2.yup.strapiID()).min(1).required()
 }).noUnknown();
-const validateUserCreationInput = utils$1.validateYupSchema(userCreationSchema);
-const validateProfileUpdateInput = utils$1.validateYupSchema(profileUpdateSchema);
-const validateUserUpdateInput = utils$1.validateYupSchema(userUpdateSchema);
-const validateUsersDeleteInput = utils$1.validateYupSchema(usersDeleteSchema);
+const validateUserCreationInput$1 = utils$2.validateYupSchema(userCreationSchema);
+const validateProfileUpdateInput = utils$2.validateYupSchema(profileUpdateSchema);
+const validateUserUpdateInput = utils$2.validateYupSchema(userUpdateSchema);
+const validateUsersDeleteInput = utils$2.validateYupSchema(usersDeleteSchema);
+const schemas = {
+  userCreationSchema,
+  usersDeleteSchema,
+  userUpdateSchema
+};
 const authenticatedUser = {
   async getMe(ctx) {
-    const userInfo = getService("user").sanitizeUser(ctx.state.user);
+    const userInfo = getService$1("user").sanitizeUser(ctx.state.user);
     ctx.body = {
       data: userInfo
     };
@@ -4394,8 +4441,8 @@ const authenticatedUser = {
   async updateMe(ctx) {
     const input = ctx.request.body;
     await validateProfileUpdateInput(input);
-    const userService = getService("user");
-    const authServer = getService("auth");
+    const userService = getService$1("user");
+    const authServer = getService$1("auth");
     const { currentPassword, ...userInfo } = input;
     if (currentPassword && userInfo.password) {
       const isValid = await authServer.validatePassword(currentPassword, ctx.state.user.password);
@@ -4411,7 +4458,7 @@ const authenticatedUser = {
     };
   },
   async getOwnPermissions(ctx) {
-    const { findUserPermissions: findUserPermissions2, sanitizePermission: sanitizePermission2 } = getService("permission");
+    const { findUserPermissions: findUserPermissions2, sanitizePermission: sanitizePermission2 } = getService$1("permission");
     const { user: user2 } = ctx.state;
     const userPermissions = await findUserPermissions2(user2);
     ctx.body = {
@@ -4420,39 +4467,39 @@ const authenticatedUser = {
     };
   }
 };
-const registrationSchema = utils$1.yup.object().shape({
-  registrationToken: utils$1.yup.string().required(),
-  userInfo: utils$1.yup.object().shape({
+const registrationSchema = utils$2.yup.object().shape({
+  registrationToken: utils$2.yup.string().required(),
+  userInfo: utils$2.yup.object().shape({
     firstname: validators.firstname.required(),
     lastname: validators.lastname.nullable(),
     password: validators.password.required()
   }).required().noUnknown()
 }).noUnknown();
-const registrationInfoQuerySchema = utils$1.yup.object().shape({
-  registrationToken: utils$1.yup.string().required()
+const registrationInfoQuerySchema = utils$2.yup.object().shape({
+  registrationToken: utils$2.yup.string().required()
 }).required().noUnknown();
-const adminRegistrationSchema = utils$1.yup.object().shape({
+const adminRegistrationSchema = utils$2.yup.object().shape({
   email: validators.email.required(),
   firstname: validators.firstname.required(),
   lastname: validators.lastname.nullable(),
   password: validators.password.required()
 }).required().noUnknown();
-const validateRegistrationInput = utils$1.validateYupSchema(registrationSchema);
-const validateRegistrationInfoQuery = utils$1.validateYupSchema(registrationInfoQuerySchema);
-const validateAdminRegistrationInput = utils$1.validateYupSchema(adminRegistrationSchema);
-const forgotPasswordSchema = utils$1.yup.object().shape({
+const validateRegistrationInput = utils$2.validateYupSchema(registrationSchema);
+const validateRegistrationInfoQuery = utils$2.validateYupSchema(registrationInfoQuerySchema);
+const validateAdminRegistrationInput = utils$2.validateYupSchema(adminRegistrationSchema);
+const forgotPasswordSchema = utils$2.yup.object().shape({
   email: validators.email.required()
 }).required().noUnknown();
-const validateForgotPasswordInput = utils$1.validateYupSchema(forgotPasswordSchema);
-const resetPasswordSchema = utils$1.yup.object().shape({
-  resetPasswordToken: utils$1.yup.string().required(),
+const validateForgotPasswordInput = utils$2.validateYupSchema(forgotPasswordSchema);
+const resetPasswordSchema = utils$2.yup.object().shape({
+  resetPasswordToken: utils$2.yup.string().required(),
   password: validators.password.required()
 }).required().noUnknown();
-const validateResetPasswordInput = utils$1.validateYupSchema(resetPasswordSchema);
-const renewToken = utils$1.yup.object().shape({ token: utils$1.yup.string().required() }).required().noUnknown();
-const validateRenewTokenInput = utils$1.validateYupSchema(renewToken);
-const { ApplicationError: ApplicationError$3, ValidationError } = utils$1.errors;
-const authentication = {
+const validateResetPasswordInput = utils$2.validateYupSchema(resetPasswordSchema);
+const renewToken = utils$2.yup.object().shape({ token: utils$2.yup.string().required() }).required().noUnknown();
+const validateRenewTokenInput = utils$2.validateYupSchema(renewToken);
+const { ApplicationError: ApplicationError$6, ValidationError: ValidationError$2 } = utils$2.errors;
+const authentication$1 = {
   login: compose__default.default([
     (ctx, next) => {
       return passport__default.default.authenticate("local", { session: false }, (err, user2, info) => {
@@ -4468,11 +4515,11 @@ const authentication = {
             error: new Error(info.message),
             provider: "local"
           });
-          throw new ApplicationError$3(info.message);
+          throw new ApplicationError$6(info.message);
         }
         const query = ctx.state;
         query.user = user2;
-        const sanitizedUser = getService("user").sanitizeUser(user2);
+        const sanitizedUser = getService$1("user").sanitizeUser(user2);
         strapi.eventHub.emit("admin.auth.success", { user: sanitizedUser, provider: "local" });
         return next();
       })(ctx, next);
@@ -4481,8 +4528,8 @@ const authentication = {
       const { user: user2 } = ctx.state;
       ctx.body = {
         data: {
-          token: getService("token").createJwtToken(user2),
-          user: getService("user").sanitizeUser(ctx.state.user)
+          token: getService$1("token").createJwtToken(user2),
+          user: getService$1("user").sanitizeUser(ctx.state.user)
           // TODO: fetch more detailed info
         }
       };
@@ -4491,50 +4538,50 @@ const authentication = {
   async renewToken(ctx) {
     await validateRenewTokenInput(ctx.request.body);
     const { token: token2 } = ctx.request.body;
-    const { isValid, payload } = getService("token").decodeJwtToken(token2);
+    const { isValid, payload } = getService$1("token").decodeJwtToken(token2);
     if (!isValid) {
-      throw new ValidationError("Invalid token");
+      throw new ValidationError$2("Invalid token");
     }
     ctx.body = {
       data: {
-        token: getService("token").createJwtToken({ id: payload.id })
+        token: getService$1("token").createJwtToken({ id: payload.id })
       }
     };
   },
   async registrationInfo(ctx) {
     await validateRegistrationInfoQuery(ctx.request.query);
     const { registrationToken } = ctx.request.query;
-    const registrationInfo = await getService("user").findRegistrationInfo(registrationToken);
+    const registrationInfo = await getService$1("user").findRegistrationInfo(registrationToken);
     if (!registrationInfo) {
-      throw new ValidationError("Invalid registrationToken");
+      throw new ValidationError$2("Invalid registrationToken");
     }
     ctx.body = { data: registrationInfo };
   },
   async register(ctx) {
     const input = ctx.request.body;
     await validateRegistrationInput(input);
-    const user2 = await getService("user").register(input);
+    const user2 = await getService$1("user").register(input);
     ctx.body = {
       data: {
-        token: getService("token").createJwtToken(user2),
-        user: getService("user").sanitizeUser(user2)
+        token: getService$1("token").createJwtToken(user2),
+        user: getService$1("user").sanitizeUser(user2)
       }
     };
   },
   async registerAdmin(ctx) {
     const input = ctx.request.body;
     await validateAdminRegistrationInput(input);
-    const hasAdmin = await getService("user").exists();
+    const hasAdmin = await getService$1("user").exists();
     if (hasAdmin) {
-      throw new ApplicationError$3("You cannot register a new super admin");
+      throw new ApplicationError$6("You cannot register a new super admin");
     }
-    const superAdminRole = await getService("role").getSuperAdmin();
+    const superAdminRole = await getService$1("role").getSuperAdmin();
     if (!superAdminRole) {
-      throw new ApplicationError$3(
+      throw new ApplicationError$6(
         "Cannot register the first admin because the super admin role doesn't exist."
       );
     }
-    const user2 = await getService("user").create({
+    const user2 = await getService$1("user").create({
       ...input,
       registrationToken: null,
       isActive: true,
@@ -4543,30 +4590,30 @@ const authentication = {
     strapi.telemetry.send("didCreateFirstAdmin");
     ctx.body = {
       data: {
-        token: getService("token").createJwtToken(user2),
-        user: getService("user").sanitizeUser(user2)
+        token: getService$1("token").createJwtToken(user2),
+        user: getService$1("user").sanitizeUser(user2)
       }
     };
   },
   async forgotPassword(ctx) {
     const input = ctx.request.body;
     await validateForgotPasswordInput(input);
-    getService("auth").forgotPassword(input);
+    getService$1("auth").forgotPassword(input);
     ctx.status = 204;
   },
   async resetPassword(ctx) {
     const input = ctx.request.body;
     await validateResetPasswordInput(input);
-    const user2 = await getService("auth").resetPassword(input);
+    const user2 = await getService$1("auth").resetPassword(input);
     ctx.body = {
       data: {
-        token: getService("token").createJwtToken(user2),
-        user: getService("user").sanitizeUser(user2)
+        token: getService$1("token").createJwtToken(user2),
+        user: getService$1("user").sanitizeUser(user2)
       }
     };
   },
   logout(ctx) {
-    const sanitizedUser = getService("user").sanitizeUser(ctx.state.user);
+    const sanitizedUser = getService$1("user").sanitizeUser(ctx.state.user);
     strapi.eventHub.emit("admin.logout", { user: sanitizedUser });
     ctx.body = { data: {} };
   }
@@ -4582,7 +4629,7 @@ const permission = {
     const { body: input } = ctx.request;
     const { userAbility } = ctx.state;
     await validateCheckPermissionsInput(input);
-    const { engine: engine2 } = getService("permission");
+    const { engine: engine2 } = getService$1("permission");
     const checkPermissionsFn = engine2.checkMany(userAbility);
     ctx.body = {
       data: checkPermissionsFn(input.permissions)
@@ -4593,7 +4640,7 @@ const permission = {
    * @param {KoaContext} ctx - koa context
    */
   async getAll(ctx) {
-    const { sectionsBuilder: sectionsBuilder2, actionProvider: actionProvider2, conditionProvider: conditionProvider2 } = getService("permission");
+    const { sectionsBuilder: sectionsBuilder2, actionProvider: actionProvider2, conditionProvider: conditionProvider2 } = getService$1("permission");
     const actions2 = actionProvider2.values();
     const conditions2 = conditionProvider2.values();
     const sections = await sectionsBuilder2.build(actions2);
@@ -4606,12 +4653,12 @@ const permission = {
     };
   }
 };
-const roleCreateSchema = utils$1.yup.object().shape({
-  name: utils$1.yup.string().min(1).required(),
-  description: utils$1.yup.string().nullable()
+const roleCreateSchema$1 = utils$2.yup.object().shape({
+  name: utils$2.yup.string().min(1).required(),
+  description: utils$2.yup.string().nullable()
 }).noUnknown();
-const rolesDeleteSchema = utils$1.yup.object().shape({
-  ids: utils$1.yup.array().of(utils$1.yup.strapiID()).min(1).required().test("roles-deletion-checks", "Roles deletion checks have failed", async function(ids) {
+const rolesDeleteSchema$1 = utils$2.yup.object().shape({
+  ids: utils$2.yup.array().of(utils$2.yup.strapiID()).min(1).required().test("roles-deletion-checks", "Roles deletion checks have failed", async function(ids) {
     try {
       await strapi.service("admin::role").checkRolesIdForDeletion(ids);
     } catch (e) {
@@ -4620,7 +4667,7 @@ const rolesDeleteSchema = utils$1.yup.object().shape({
     return true;
   })
 }).noUnknown();
-const roleDeleteSchema = utils$1.yup.strapiID().required().test("no-admin-single-delete", "Role deletion checks have failed", async function(id) {
+const roleDeleteSchema$1 = utils$2.yup.strapiID().required().test("no-admin-single-delete", "Role deletion checks have failed", async function(id) {
   try {
     await strapi.service("admin::role").checkRolesIdForDeletion([id]);
   } catch (e) {
@@ -4628,25 +4675,25 @@ const roleDeleteSchema = utils$1.yup.strapiID().required().test("no-admin-single
   }
   return true;
 });
-const roleUpdateSchema = utils$1.yup.object().shape({
-  name: utils$1.yup.string().min(1),
-  description: utils$1.yup.string().nullable()
+const roleUpdateSchema = utils$2.yup.object().shape({
+  name: utils$2.yup.string().min(1),
+  description: utils$2.yup.string().nullable()
 }).noUnknown();
-const validateRoleCreateInput = utils$1.validateYupSchema(roleCreateSchema);
-const validateRoleUpdateInput = utils$1.validateYupSchema(roleUpdateSchema);
-const validateRolesDeleteInput = utils$1.validateYupSchema(rolesDeleteSchema);
-const validateRoleDeleteInput = utils$1.validateYupSchema(roleDeleteSchema);
-const { ApplicationError: ApplicationError$2 } = utils$1.errors;
-const { SUPER_ADMIN_CODE } = constants$3;
-const role = {
+const validateRoleCreateInput$1 = utils$2.validateYupSchema(roleCreateSchema$1);
+const validateRoleUpdateInput = utils$2.validateYupSchema(roleUpdateSchema);
+const validateRolesDeleteInput$1 = utils$2.validateYupSchema(rolesDeleteSchema$1);
+const validateRoleDeleteInput$1 = utils$2.validateYupSchema(roleDeleteSchema$1);
+const { ApplicationError: ApplicationError$5 } = utils$2.errors;
+const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$2 } = constants$3;
+const role$2 = {
   /**
    * Create a new role
    * @param {KoaContext} ctx - koa context
    */
   async create(ctx) {
     const { body } = ctx.request;
-    await validateRoleCreateInput(body);
-    const roleService = getService("role");
+    await validateRoleCreateInput$1(body);
+    const roleService = getService$1("role");
     const role2 = await roleService.create(body);
     const sanitizedRole = roleService.sanitizeRole(role2);
     ctx.created({ data: sanitizedRole });
@@ -4657,7 +4704,7 @@ const role = {
    */
   async findOne(ctx) {
     const { id } = ctx.params;
-    const role2 = await getService("role").findOneWithUsersCount({ id });
+    const role2 = await getService$1("role").findOneWithUsersCount({ id });
     if (!role2) {
       return ctx.notFound("role.notFound");
     }
@@ -4671,13 +4718,13 @@ const role = {
    */
   async findAll(ctx) {
     const { query } = ctx.request;
-    const permissionsManager = getService("permission").createPermissionsManager({
+    const permissionsManager = getService$1("permission").createPermissionsManager({
       ability: ctx.state.userAbility,
       model: "admin::role"
     });
     await permissionsManager.validateQuery(query);
     const sanitizedQuery = await permissionsManager.sanitizeQuery(query);
-    const roles2 = await getService("role").findAllWithUsersCount(sanitizedQuery);
+    const roles2 = await getService$1("role").findAllWithUsersCount(sanitizedQuery);
     ctx.body = {
       data: roles2
     };
@@ -4689,14 +4736,14 @@ const role = {
   async update(ctx) {
     const { id } = ctx.params;
     const { body } = ctx.request;
-    const roleService = getService("role");
+    const roleService = getService$1("role");
     await validateRoleUpdateInput(body);
     const role2 = await roleService.findOne({ id });
     if (!role2) {
       return ctx.notFound("role.notFound");
     }
-    if (role2.code === SUPER_ADMIN_CODE) {
-      throw new ApplicationError$2("Super admin can't be edited.");
+    if (role2.code === SUPER_ADMIN_CODE$2) {
+      throw new ApplicationError$5("Super admin can't be edited.");
     }
     const updatedRole = await roleService.update({ id }, body);
     const sanitizedRole = roleService.sanitizeRole(updatedRole);
@@ -4710,8 +4757,8 @@ const role = {
    */
   async getPermissions(ctx) {
     const { id } = ctx.params;
-    const roleService = getService("role");
-    const permissionService = getService("permission");
+    const roleService = getService$1("role");
+    const permissionService = getService$1("permission");
     const role2 = await roleService.findOne({ id });
     if (!role2) {
       return ctx.notFound("role.notFound");
@@ -4730,14 +4777,14 @@ const role = {
   async updatePermissions(ctx) {
     const { id } = ctx.params;
     const { body: input } = ctx.request;
-    const roleService = getService("role");
-    const permissionService = getService("permission");
+    const roleService = getService$1("role");
+    const permissionService = getService$1("permission");
     const role2 = await roleService.findOne({ id });
     if (!role2) {
       return ctx.notFound("role.notFound");
     }
-    if (role2.code === SUPER_ADMIN_CODE) {
-      throw new ApplicationError$2("Super admin permissions can't be edited.");
+    if (role2.code === SUPER_ADMIN_CODE$2) {
+      throw new ApplicationError$5("Super admin permissions can't be edited.");
     }
     await validatedUpdatePermissionsInput(input);
     if (!role2) {
@@ -4755,8 +4802,8 @@ const role = {
    */
   async deleteOne(ctx) {
     const { id } = ctx.params;
-    await validateRoleDeleteInput(id);
-    const roleService = getService("role");
+    await validateRoleDeleteInput$1(id);
+    const roleService = getService$1("role");
     const roles2 = await roleService.deleteByIds([id]);
     const sanitizedRole = roles2.map((role2) => roleService.sanitizeRole(role2))[0] || null;
     return ctx.deleted({
@@ -4769,8 +4816,8 @@ const role = {
    */
   async deleteMany(ctx) {
     const { body } = ctx.request;
-    await validateRolesDeleteInput(body);
-    const roleService = getService("role");
+    await validateRolesDeleteInput$1(body);
+    const roleService = getService$1("role");
     const roles2 = await roleService.deleteByIds(body.ids);
     const sanitizedRoles = roles2.map(roleService.sanitizeRole);
     return ctx.deleted({
@@ -4783,11 +4830,11 @@ const {
     handlers: { createPushController, createPullController }
   }
 } = dataTransfer$1.strapi;
-const { UnauthorizedError } = utils$1.errors;
+const { UnauthorizedError: UnauthorizedError$1 } = utils$2.errors;
 const verify = async (ctx, scope) => {
   const { auth: auth2 } = ctx.state;
   if (!auth2) {
-    throw new UnauthorizedError();
+    throw new UnauthorizedError$1();
   }
   await dataTransferAuthStrategy.verify(auth2, { scope });
 };
@@ -4797,34 +4844,34 @@ const runner = {
   push,
   pull
 };
-const transferTokenCreationSchema = utils$1.yup.object().shape({
-  name: utils$1.yup.string().min(1).required(),
-  description: utils$1.yup.string().optional(),
-  permissions: utils$1.yup.array().min(1).of(utils$1.yup.string().oneOf(Object.values(constants$3.TRANSFER_TOKEN_TYPE))).required(),
-  lifespan: utils$1.yup.number().min(1).oneOf(Object.values(constants$3.TRANSFER_TOKEN_LIFESPANS)).nullable()
+const transferTokenCreationSchema = utils$2.yup.object().shape({
+  name: utils$2.yup.string().min(1).required(),
+  description: utils$2.yup.string().optional(),
+  permissions: utils$2.yup.array().min(1).of(utils$2.yup.string().oneOf(Object.values(constants$3.TRANSFER_TOKEN_TYPE))).required(),
+  lifespan: utils$2.yup.number().min(1).oneOf(Object.values(constants$3.TRANSFER_TOKEN_LIFESPANS)).nullable()
 }).noUnknown().strict();
-const transferTokenUpdateSchema = utils$1.yup.object().shape({
-  name: utils$1.yup.string().min(1).notNull(),
-  description: utils$1.yup.string().nullable(),
-  permissions: utils$1.yup.array().min(1).of(utils$1.yup.string().oneOf(Object.values(constants$3.TRANSFER_TOKEN_TYPE))).nullable()
+const transferTokenUpdateSchema = utils$2.yup.object().shape({
+  name: utils$2.yup.string().min(1).notNull(),
+  description: utils$2.yup.string().nullable(),
+  permissions: utils$2.yup.array().min(1).of(utils$2.yup.string().oneOf(Object.values(constants$3.TRANSFER_TOKEN_TYPE))).nullable()
 }).noUnknown().strict();
-const validateTransferTokenCreationInput$1 = utils$1.validateYupSchema(transferTokenCreationSchema);
-const validateTransferTokenUpdateInput$1 = utils$1.validateYupSchema(transferTokenUpdateSchema);
+const validateTransferTokenCreationInput$1 = utils$2.validateYupSchema(transferTokenCreationSchema);
+const validateTransferTokenUpdateInput$1 = utils$2.validateYupSchema(transferTokenUpdateSchema);
 const token$1 = {
   validateTransferTokenCreationInput: validateTransferTokenCreationInput$1,
   validateTransferTokenUpdateInput: validateTransferTokenUpdateInput$1
 };
-const { ApplicationError: ApplicationError$1 } = utils$1.errors;
+const { ApplicationError: ApplicationError$4 } = utils$2.errors;
 const { validateTransferTokenCreationInput, validateTransferTokenUpdateInput } = token$1;
 const token = {
   async list(ctx) {
-    const transferService = getService("transfer");
+    const transferService = getService$1("transfer");
     const transferTokens = await transferService.token.list();
     ctx.body = { data: transferTokens };
   },
   async getById(ctx) {
     const { id } = ctx.params;
-    const tokenService = getService("transfer").token;
+    const tokenService = getService$1("transfer").token;
     const transferToken2 = await tokenService.getById(id);
     if (!transferToken2) {
       ctx.notFound("Transfer token not found");
@@ -4834,7 +4881,7 @@ const token = {
   },
   async create(ctx) {
     const { body } = ctx.request;
-    const { token: tokenService } = getService("transfer");
+    const { token: tokenService } = getService$1("transfer");
     const attributes = {
       name: fp.trim(body.name),
       description: fp.trim(body.description),
@@ -4844,7 +4891,7 @@ const token = {
     await validateTransferTokenCreationInput(attributes);
     const alreadyExists = await tokenService.exists({ name: attributes.name });
     if (alreadyExists) {
-      throw new ApplicationError$1("Name already taken");
+      throw new ApplicationError$4("Name already taken");
     }
     const transferTokens = await tokenService.create(attributes);
     ctx.created({ data: transferTokens });
@@ -4852,7 +4899,7 @@ const token = {
   async update(ctx) {
     const { body } = ctx.request;
     const { id } = ctx.params;
-    const { token: tokenService } = getService("transfer");
+    const { token: tokenService } = getService$1("transfer");
     const attributes = body;
     if (fp.has("name", attributes)) {
       attributes.name = fp.trim(body.name);
@@ -4867,8 +4914,8 @@ const token = {
     }
     if (fp.has("name", attributes)) {
       const nameAlreadyTaken = await tokenService.getByName(attributes.name);
-      if (!!nameAlreadyTaken && !utils$1.strings.isEqual(nameAlreadyTaken.id, id)) {
-        throw new ApplicationError$1("Name already taken");
+      if (!!nameAlreadyTaken && !utils$2.strings.isEqual(nameAlreadyTaken.id, id)) {
+        throw new ApplicationError$4("Name already taken");
       }
     }
     const apiToken2 = await tokenService.update(id, attributes);
@@ -4876,13 +4923,13 @@ const token = {
   },
   async revoke(ctx) {
     const { id } = ctx.params;
-    const { token: tokenService } = getService("transfer");
+    const { token: tokenService } = getService$1("transfer");
     const transferToken2 = await tokenService.revoke(id);
     ctx.deleted({ data: transferToken2 });
   },
   async regenerate(ctx) {
     const { id } = ctx.params;
-    const { token: tokenService } = getService("transfer");
+    const { token: tokenService } = getService$1("transfer");
     const exists2 = await tokenService.getById(id);
     if (!exists2) {
       ctx.notFound("Transfer token not found");
@@ -4897,12 +4944,12 @@ const transfer = {
   ...prefixActionsName("runner", runner),
   ...prefixActionsName("token", token)
 };
-const { ApplicationError } = utils$1.errors;
-const user = {
+const { ApplicationError: ApplicationError$3 } = utils$2.errors;
+const user$2 = {
   async create(ctx) {
     const { body } = ctx.request;
     const cleanData = { ...body, email: ___namespace.get(body, `email`, ``).toLowerCase() };
-    await validateUserCreationInput(cleanData);
+    await validateUserCreationInput$1(cleanData);
     const attributes = ___namespace.pick(cleanData, [
       "firstname",
       "lastname",
@@ -4910,19 +4957,19 @@ const user = {
       "roles",
       "preferedLanguage"
     ]);
-    const userAlreadyExists = await getService("user").exists({
+    const userAlreadyExists = await getService$1("user").exists({
       email: attributes.email
     });
     if (userAlreadyExists) {
-      throw new ApplicationError("Email already taken");
+      throw new ApplicationError$3("Email already taken");
     }
-    const createdUser = await getService("user").create(attributes);
-    const userInfo = getService("user").sanitizeUser(createdUser);
+    const createdUser = await getService$1("user").create(attributes);
+    const userInfo = getService$1("user").sanitizeUser(createdUser);
     Object.assign(userInfo, { registrationToken: createdUser.registrationToken });
     ctx.created({ data: userInfo });
   },
   async find(ctx) {
-    const userService = getService("user");
+    const userService = getService$1("user");
     const permissionsManager = strapi.service("admin::permission").createPermissionsManager({
       ability: ctx.state.userAbility,
       model: "admin::user"
@@ -4939,12 +4986,12 @@ const user = {
   },
   async findOne(ctx) {
     const { id } = ctx.params;
-    const user2 = await getService("user").findOne(id);
+    const user2 = await getService$1("user").findOne(id);
     if (!user2) {
       return ctx.notFound("User does not exist");
     }
     ctx.body = {
-      data: getService("user").sanitizeUser(user2)
+      data: getService$1("user").sanitizeUser(user2)
     };
   },
   async update(ctx) {
@@ -4952,30 +4999,30 @@ const user = {
     const { body: input } = ctx.request;
     await validateUserUpdateInput(input);
     if (___namespace.has(input, "email")) {
-      const uniqueEmailCheck = await getService("user").exists({
+      const uniqueEmailCheck = await getService$1("user").exists({
         id: { $ne: id },
         email: input.email
       });
       if (uniqueEmailCheck) {
-        throw new ApplicationError("A user with this email address already exists");
+        throw new ApplicationError$3("A user with this email address already exists");
       }
     }
-    const updatedUser = await getService("user").updateById(id, input);
+    const updatedUser = await getService$1("user").updateById(id, input);
     if (!updatedUser) {
       return ctx.notFound("User does not exist");
     }
     ctx.body = {
-      data: getService("user").sanitizeUser(updatedUser)
+      data: getService$1("user").sanitizeUser(updatedUser)
     };
   },
   async deleteOne(ctx) {
     const { id } = ctx.params;
-    const deletedUser = await getService("user").deleteById(id);
+    const deletedUser = await getService$1("user").deleteById(id);
     if (!deletedUser) {
       return ctx.notFound("User not found");
     }
     return ctx.deleted({
-      data: getService("user").sanitizeUser(deletedUser)
+      data: getService$1("user").sanitizeUser(deletedUser)
     });
   },
   /**
@@ -4985,17 +5032,17 @@ const user = {
   async deleteMany(ctx) {
     const { body } = ctx.request;
     await validateUsersDeleteInput(body);
-    const users2 = await getService("user").deleteByIds(body.ids);
-    const sanitizedUsers = users2.map(getService("user").sanitizeUser);
+    const users2 = await getService$1("user").deleteByIds(body.ids);
+    const sanitizedUsers = users2.map(getService$1("user").sanitizeUser);
     return ctx.deleted({
       data: sanitizedUsers
     });
   }
 };
 const urlRegex = /^(?:([a-z0-9+.-]+):\/\/)(?:\S+(?::\S*)?@)?(?:(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\u00a1-\uffff0-9_]-*)*[a-z\u00a1-\uffff0-9_]+)(?:\.(?:[a-z\u00a1-\uffff0-9_]-*)*[a-z\u00a1-\uffff0-9_]+)*\.?)(?::\d{2,5})?(?:[/?#]\S*)?$/;
-const webhookValidator = utils$1.yup.object({
-  name: utils$1.yup.string().required(),
-  url: utils$1.yup.string().matches(urlRegex, "url must be a valid URL").required().test(
+const webhookValidator = utils$2.yup.object({
+  name: utils$2.yup.string().required(),
+  url: utils$2.yup.string().matches(urlRegex, "url must be a valid URL").required().test(
     "is-public-url",
     "Url is not supported because it isn't reachable over the public internet",
     async (url) => {
@@ -5011,21 +5058,21 @@ const webhookValidator = utils$1.yup.object({
       }
     }
   ),
-  headers: utils$1.yup.lazy((data) => {
+  headers: utils$2.yup.lazy((data) => {
     if (typeof data !== "object") {
-      return utils$1.yup.object().required();
+      return utils$2.yup.object().required();
     }
-    return utils$1.yup.object(
+    return utils$2.yup.object(
       // @ts-expect-error lodash types
       ___namespace.default.mapValues(data, () => {
-        utils$1.yup.string().min(1).required();
+        utils$2.yup.string().min(1).required();
       })
     ).required();
   }),
-  events: utils$1.yup.array().of(utils$1.yup.string()).required()
+  events: utils$2.yup.array().of(utils$2.yup.string()).required()
 }).noUnknown();
 const updateWebhookValidator = webhookValidator.shape({
-  isEnabled: utils$1.yup.boolean()
+  isEnabled: utils$2.yup.boolean()
 });
 const webhooks = {
   async listWebhooks(ctx) {
@@ -5042,7 +5089,7 @@ const webhooks = {
   },
   async createWebhook(ctx) {
     const { body } = ctx.request;
-    await utils$1.validateYupSchema(webhookValidator)(body);
+    await utils$2.validateYupSchema(webhookValidator)(body);
     const webhook = await strapi.get("webhookStore").createWebhook(body);
     strapi.get("webhookRunner").add(webhook);
     ctx.created({ data: webhook });
@@ -5050,7 +5097,7 @@ const webhooks = {
   async updateWebhook(ctx) {
     const { id } = ctx.params;
     const { body } = ctx.request;
-    await utils$1.validateYupSchema(updateWebhookValidator)(body);
+    await utils$2.validateYupSchema(updateWebhookValidator)(body);
     const webhook = await strapi.get("webhookStore").findWebhook(id);
     if (!webhook) {
       return ctx.notFound("webhook.notFound");
@@ -5106,15 +5153,15 @@ const contentApi = {
     ctx.send({ data: routesMap });
   }
 };
-const index$2 = {
-  admin,
+const controllers$1 = {
+  admin: admin$3,
   "api-token": apiToken$1,
   "authenticated-user": authenticatedUser,
-  authentication,
+  authentication: authentication$1,
   permission,
-  role,
+  role: role$2,
   transfer,
-  user,
+  user: user$2,
   webhooks,
   "content-api": contentApi
 };
@@ -5539,7 +5586,7 @@ const transferTokenPermission = {
     }
   }
 };
-const index$1 = {
+const contentTypes = {
   permission: { schema: Permission },
   user: { schema: User },
   role: { schema: Role },
@@ -5549,7 +5596,7 @@ const index$1 = {
   "transfer-token-permission": { schema: transferTokenPermission }
 };
 const { RateLimitError } = utils__default.default.errors;
-const rateLimit = (config, { strapi: strapi2 }) => async (ctx, next) => {
+const rateLimit = (config2, { strapi: strapi2 }) => async (ctx, next) => {
   let rateLimitConfig = strapi2.config.get("admin.rateLimit");
   if (!rateLimitConfig) {
     rateLimitConfig = {
@@ -5572,14 +5619,14 @@ const rateLimit = (config, { strapi: strapi2 }) => async (ctx, next) => {
         throw new RateLimitError();
       },
       ...rateLimitConfig,
-      ...config
+      ...config2
     };
     return rateLimit2.middleware(loadConfig)(ctx, next);
   }
   return next();
 };
 const dataTransfer = () => async (ctx, next) => {
-  const transferUtils = getService("transfer").utils;
+  const transferUtils = getService$1("transfer").utils;
   const { hasValidTokenSalt: hasValidTokenSalt2, isRemoteTransferEnabled: isRemoteTransferEnabled2 } = transferUtils;
   if (isRemoteTransferEnabled2()) {
     return next();
@@ -5597,18 +5644,1366 @@ const dataTransfer = () => async (ctx, next) => {
   }
   throw new Error("Unexpected error while trying to access a data transfer route");
 };
-const index = {
+const middlewares$1 = {
   rateLimit,
   "data-transfer": dataTransfer
 };
-exports.bootstrap = bootstrap;
-exports.config = index$6;
-exports.contentTypes = index$1;
-exports.controllers = index$2;
-exports.destroy = destroy;
-exports.middlewares = index;
-exports.policies = index$5;
-exports.register = register$1;
-exports.routes = routes;
-exports.services = index$3;
+const register = async ({ strapi: strapi2 }) => {
+  await register$2({ strapi: strapi2 });
+};
+const getService = (name2, { strapi: strapi2 } = { strapi: global.strapi }) => {
+  return strapi2.service(`admin::${name2}`);
+};
+const actions = {
+  sso: [
+    {
+      uid: "provider-login.read",
+      displayName: "Read",
+      pluginName: "admin",
+      section: "settings",
+      category: "single sign on",
+      subCategory: "options"
+    },
+    {
+      uid: "provider-login.update",
+      displayName: "Update",
+      pluginName: "admin",
+      section: "settings",
+      category: "single sign on",
+      subCategory: "options"
+    }
+  ],
+  auditLogs: [
+    {
+      uid: "audit-logs.read",
+      displayName: "Read",
+      pluginName: "admin",
+      section: "settings",
+      category: "audit logs",
+      subCategory: "options"
+    }
+  ]
+};
+const transformTableName = (table) => {
+  if (typeof table === "string") {
+    return { name: table };
+  }
+  return table;
+};
+async function findTables({ strapi: strapi2 }, regex) {
+  const tables = await strapi2.db.dialect.schemaInspector.getTables();
+  return tables.filter((tableName) => regex.test(tableName));
+}
+async function addPersistTables({ strapi: strapi2 }, tableNames) {
+  const persistedTables = await getPersistedTables({ strapi: strapi2 });
+  const tables = tableNames.map(transformTableName);
+  const notPersistedTableNames = fp.differenceWith(fp.isEqual, tables, persistedTables);
+  const tablesToPersist = fp.differenceWith(
+    (t1, t2) => t1.name === t2.name,
+    persistedTables,
+    notPersistedTableNames
+  );
+  if (!notPersistedTableNames.length) {
+    return;
+  }
+  tablesToPersist.push(...notPersistedTableNames);
+  await strapi2.store.set({
+    type: "core",
+    key: "persisted_tables",
+    value: tablesToPersist
+  });
+}
+async function getPersistedTables({ strapi: strapi2 }) {
+  const persistedTables = await strapi2.store.get({
+    type: "core",
+    key: "persisted_tables"
+  });
+  return (persistedTables || []).map(transformTableName);
+}
+const persistTablesWithPrefix = async (tableNamePrefix) => {
+  const tableNameRegex = new RegExp(`^${tableNamePrefix}.*`);
+  const tableNames = await findTables({ strapi }, tableNameRegex);
+  await addPersistTables({ strapi }, tableNames);
+};
+const bootstrap = async (args) => {
+  const { actionProvider: actionProvider2 } = getService("permission");
+  if (strapi.ee.features.isEnabled("sso")) {
+    await actionProvider2.registerMany(actions.sso);
+  }
+  if (strapi.ee.features.isEnabled("audit-logs")) {
+    await persistTablesWithPrefix("strapi_audit_logs");
+    await actionProvider2.registerMany(actions.auditLogs);
+  }
+  await getService("seat-enforcement").seatEnforcementWorkflow();
+  await bootstrap$1(args);
+};
+const destroy = async ({ strapi: strapi2 }) => {
+  await destroy$1();
+};
+const adminContentTypes = {};
+const isSsoLocked = async (user2) => {
+  if (!strapi.ee.features.isEnabled("sso")) {
+    return false;
+  }
+  if (!user2) {
+    throw new Error("Missing user object");
+  }
+  const adminStore = await strapi.store({ type: "core", name: "admin" });
+  const { providers: providers2 } = await adminStore.get({ key: "auth" });
+  const lockedRoles = providers2.ssoLockedRoles ?? [];
+  if (fp.isEmpty(lockedRoles)) {
+    return false;
+  }
+  const roles2 = (
+    // If the roles are pre-loaded for the given user, then use them
+    user2.roles ?? // Otherwise, try to load the role based on the given user ID
+    await strapi.db.query("admin::user").load(user2, "roles", { roles: { fields: ["id"] } }) ?? // If the query fails somehow, default to an empty array
+    []
+  );
+  const isLocked = lockedRoles.some(
+    (lockedId) => (
+      // lockedRoles will be a string to avoid issues with frontend and bigints
+      roles2.some((role2) => lockedId === role2.id.toString())
+    )
+  );
+  return isLocked;
+};
+const { ApplicationError: ApplicationError$2 } = utils$2.errors;
+const forgotPassword = async ({ email: email2 } = {}) => {
+  const user2 = await strapi.db.query("admin::user").findOne({ where: { email: email2, isActive: true } });
+  if (!user2 || await isSsoLocked(user2)) {
+    return;
+  }
+  const resetPasswordToken = getService("token").createToken();
+  await getService("user").updateById(user2.id, { resetPasswordToken });
+  const url = `${strapi.config.get(
+    "admin.absoluteUrl"
+  )}/auth/reset-password?code=${resetPasswordToken}`;
+  return strapi.plugin("email").service("email").sendTemplatedEmail(
+    {
+      to: user2.email,
+      from: strapi.config.get("admin.forgotPassword.from"),
+      replyTo: strapi.config.get("admin.forgotPassword.replyTo")
+    },
+    strapi.config.get("admin.forgotPassword.emailTemplate"),
+    {
+      url,
+      user: ___namespace.default.pick(user2, ["email", "firstname", "lastname", "username"])
+    }
+  ).catch((err) => {
+    strapi.log.error(err);
+  });
+};
+const resetPassword = async ({ resetPasswordToken, password: password2 } = {}) => {
+  const matchingUser = await strapi.db.query("admin::user").findOne({ where: { resetPasswordToken, isActive: true } });
+  if (!matchingUser || await isSsoLocked(matchingUser)) {
+    throw new ApplicationError$2();
+  }
+  return getService("user").updateById(matchingUser.id, {
+    password: password2,
+    resetPasswordToken: null
+  });
+};
+const auth = {
+  forgotPassword,
+  resetPassword
+};
+const createProviderRegistry = () => {
+  const registry = /* @__PURE__ */ new Map();
+  Object.assign(registry, {
+    register(provider) {
+      if (strapi.isLoaded) {
+        throw new Error(`You can't register new provider after the bootstrap`);
+      }
+      this.set(provider.uid, provider);
+    },
+    registerMany(providers2) {
+      providers2.forEach((provider) => {
+        this.register(provider);
+      });
+    },
+    getAll() {
+      return Array.from(this.values());
+    }
+  });
+  return registry;
+};
+const providerRegistry = createProviderRegistry();
+const errorMessage = "SSO is disabled. Its functionnalities cannot be accessed.";
+const getStrategyCallbackURL = (providerName) => {
+  if (!strapi.ee.features.isEnabled("sso")) {
+    throw new Error(errorMessage);
+  }
+  return `/admin/connect/${providerName}`;
+};
+const syncProviderRegistryWithConfig = () => {
+  if (!strapi.ee.features.isEnabled("sso")) {
+    throw new Error(errorMessage);
+  }
+  const { providers: providers2 = [] } = strapi.config.get("admin.auth", {});
+  providerRegistry.registerMany(providers2);
+};
+const SSOAuthEventsMapper = {
+  onSSOAutoRegistration: "admin.auth.autoRegistration"
+};
+const sso$1 = {
+  providerRegistry,
+  getStrategyCallbackURL,
+  syncProviderRegistryWithConfig,
+  authEventsMapper: { ...passport$1.authEventsMapper, ...SSOAuthEventsMapper }
+};
+const { UnauthorizedError } = utils$2.errors;
+const localStrategyMiddleware = async ([error, user2, message], done) => {
+  if (user2 && !error && await isSsoLocked(user2)) {
+    return done(
+      new UnauthorizedError("Login not allowed, please contact your administrator", {
+        code: "LOGIN_NOT_ALLOWED"
+      }),
+      user2,
+      message
+    );
+  }
+  return done(error, user2, message);
+};
+const getPassportStrategies = () => {
+  if (!strapi.ee.features.isEnabled("sso")) {
+    return [createLocalStrategy(strapi)];
+  }
+  const localStrategy = createLocalStrategy(strapi, localStrategyMiddleware);
+  if (!strapi.isLoaded) {
+    sso$1.syncProviderRegistryWithConfig();
+  }
+  const providers2 = sso$1.providerRegistry.getAll();
+  const strategies = providers2.map((provider) => provider.createStrategy(strapi));
+  return [localStrategy, ...strategies];
+};
+const passport = {
+  getPassportStrategies,
+  ...sso$1
+};
+const { ApplicationError: ApplicationError$1 } = utils$2.errors;
+const ssoCheckRolesIdForDeletion = async (ids) => {
+  const adminStore = await strapi.store({ type: "core", name: "admin" });
+  const {
+    providers: { defaultRole }
+  } = await adminStore.get({ key: "auth" });
+  for (const roleId of ids) {
+    if (defaultRole && fp.toString(defaultRole) === fp.toString(roleId)) {
+      throw new ApplicationError$1(
+        "This role is used as the default SSO role. Make sure to change this configuration before deleting the role"
+      );
+    }
+  }
+};
+const role$1 = {
+  ssoCheckRolesIdForDeletion
+};
+const { ValidationError: ValidationError$1 } = utils$2.errors;
+const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$1 } = constants$3;
+const updateEEDisabledUsersList = async (id, input) => {
+  const disabledUsers = await getService("seat-enforcement").getDisabledUserList();
+  if (!disabledUsers) {
+    return;
+  }
+  const user2 = disabledUsers.find((user22) => user22.id === Number(id));
+  if (!user2) {
+    return;
+  }
+  if (user2.isActive !== input.isActive) {
+    const newDisabledUsersList = disabledUsers.filter((user22) => user22.id !== Number(id));
+    await strapi.store.set({
+      type: "ee",
+      key: "disabled_users",
+      value: newDisabledUsersList
+    });
+  }
+};
+const castNumberArray = fp.pipe(fp.castArray, fp.map(fp.toNumber));
+const removeFromEEDisabledUsersList = async (ids) => {
+  let idsToCheck;
+  if (typeof ids === "object") {
+    idsToCheck = castNumberArray(ids);
+  } else {
+    idsToCheck = [Number(ids)];
+  }
+  const disabledUsers = await getService("seat-enforcement").getDisabledUserList();
+  if (!disabledUsers) {
+    return;
+  }
+  const newDisabledUsersList = disabledUsers.filter((user2) => !idsToCheck.includes(user2.id));
+  await strapi.store.set({
+    type: "ee",
+    key: "disabled_users",
+    value: newDisabledUsersList
+  });
+};
+const updateById = async (id, attributes) => {
+  if (___namespace.default.has(attributes, "roles")) {
+    const lastAdminUser = await isLastSuperAdminUser(id);
+    const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
+    const willRemoveSuperAdminRole = !utils$2.arrays.includesString(attributes.roles, superAdminRole.id);
+    if (lastAdminUser && willRemoveSuperAdminRole) {
+      throw new ValidationError$1("You must have at least one user with super admin role.");
+    }
+  }
+  if (attributes.isActive === false) {
+    const lastAdminUser = await isLastSuperAdminUser(id);
+    if (lastAdminUser) {
+      throw new ValidationError$1("You must have at least one user with super admin role.");
+    }
+  }
+  if (___namespace.default.has(attributes, "password")) {
+    const hashedPassword = await getService("auth").hashPassword(attributes.password);
+    const updatedUser2 = await strapi.db.query("admin::user").update({
+      where: { id },
+      data: {
+        ...attributes,
+        password: hashedPassword
+      },
+      populate: ["roles"]
+    });
+    strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser2) });
+    return updatedUser2;
+  }
+  const updatedUser = await strapi.db.query("admin::user").update({
+    where: { id },
+    data: attributes,
+    populate: ["roles"]
+  });
+  await updateEEDisabledUsersList(id, attributes);
+  if (updatedUser) {
+    strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser) });
+  }
+  return updatedUser;
+};
+const deleteById = async (id) => {
+  const userToDelete = await strapi.db.query("admin::user").findOne({
+    where: { id },
+    populate: ["roles"]
+  });
+  if (!userToDelete) {
+    return null;
+  }
+  if (userToDelete) {
+    if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$1)) {
+      const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
+      if (superAdminRole.usersCount === 1) {
+        throw new ValidationError$1("You must have at least one user with super admin role.");
+      }
+    }
+  }
+  const deletedUser = await strapi.db.query("admin::user").delete({ where: { id }, populate: ["roles"] });
+  await removeFromEEDisabledUsersList(id);
+  strapi.eventHub.emit("user.delete", { user: sanitizeUser(deletedUser) });
+  return deletedUser;
+};
+const deleteByIds = async (ids) => {
+  const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
+  const nbOfSuperAdminToDelete = await strapi.db.query("admin::user").count({
+    where: {
+      id: ids,
+      roles: { id: superAdminRole.id }
+    }
+  });
+  if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
+    throw new ValidationError$1("You must have at least one user with super admin role.");
+  }
+  const deletedUsers = [];
+  for (const id of ids) {
+    const deletedUser = await strapi.db.query("admin::user").delete({
+      where: { id },
+      populate: ["roles"]
+    });
+    deletedUsers.push(deletedUser);
+  }
+  await removeFromEEDisabledUsersList(ids);
+  strapi.eventHub.emit("user.delete", {
+    users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser))
+  });
+  return deletedUsers;
+};
+const sanitizeUserRoles = (role2) => ___namespace.default.pick(role2, ["id", "name", "description", "code"]);
+const isLastSuperAdminUser = async (userId) => {
+  const user2 = await findOne(userId);
+  const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
+  return superAdminRole.usersCount === 1 && hasSuperAdminRole$1(user2);
+};
+const sanitizeUser = (user2) => {
+  return {
+    ...___namespace.default.omit(user2, ["password", "resetPasswordToken", "registrationToken", "roles"]),
+    roles: user2.roles && user2.roles.map(sanitizeUserRoles)
+  };
+};
+const findOne = async (id, populate = ["roles"]) => {
+  return strapi.db.query("admin::user").findOne({ where: { id }, populate });
+};
+const getCurrentActiveUserCount = async () => {
+  return strapi.db.query("admin::user").count({ where: { isActive: true } });
+};
+const user$1 = {
+  updateEEDisabledUsersList,
+  removeFromEEDisabledUsersList,
+  getCurrentActiveUserCount,
+  deleteByIds,
+  deleteById,
+  updateById
+};
+const getSSOProvidersList = async () => {
+  const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
+  return providerRegistry2.getAll().map(({ uid }) => uid);
+};
+const sendUpdateProjectInformation = async (strapi2) => {
+  let groupProperties = {};
+  const numberOfActiveAdminUsers = await getService("user").count({ isActive: true });
+  const numberOfAdminUsers = await getService("user").count();
+  if (strapi2.ee.features.isEnabled("sso")) {
+    const SSOProviders = await getSSOProvidersList();
+    groupProperties = fp.assign(groupProperties, {
+      SSOProviders,
+      isSSOConfigured: SSOProviders.length !== 0
+    });
+  }
+  if (strapi2.ee.features.isEnabled("cms-content-releases")) {
+    const numberOfContentReleases = await strapi2.db.query("plugin::content-releases.release").count();
+    const numberOfPublishedContentReleases = await strapi2.db.query("plugin::content-releases.release").count({
+      filters: { releasedAt: { $notNull: true } }
+    });
+    groupProperties = fp.assign(groupProperties, {
+      numberOfContentReleases,
+      numberOfPublishedContentReleases
+    });
+  }
+  groupProperties = fp.assign(groupProperties, { numberOfActiveAdminUsers, numberOfAdminUsers });
+  strapi2.telemetry.send("didUpdateProjectInformation", {
+    groupProperties
+  });
+};
+const startCron = (strapi2) => {
+  strapi2.cron.add({
+    "0 0 0 * * *": () => sendUpdateProjectInformation(strapi2)
+  });
+};
+const metrics = { startCron, getSSOProvidersList, sendUpdateProjectInformation };
+const { SUPER_ADMIN_CODE } = constants$3;
+const getDisabledUserList = async () => {
+  return strapi.store.get({ type: "ee", key: "disabled_users" });
+};
+const enableMaximumUserCount = async (numberOfUsersToEnable) => {
+  const disabledUsers = await getDisabledUserList();
+  const orderedDisabledUsers = fp.reverse(disabledUsers);
+  const usersToEnable = fp.take(numberOfUsersToEnable, orderedDisabledUsers);
+  await strapi.db.query("admin::user").updateMany({
+    where: { id: fp.map(fp.prop("id"), usersToEnable) },
+    data: { isActive: true }
+  });
+  const remainingDisabledUsers = fp.drop(numberOfUsersToEnable, orderedDisabledUsers);
+  await strapi.store.set({
+    type: "ee",
+    key: "disabled_users",
+    value: remainingDisabledUsers
+  });
+};
+const disableUsersAboveLicenseLimit = async (numberOfUsersToDisable) => {
+  const currentlyDisabledUsers = await getDisabledUserList() ?? [];
+  const usersToDisable = [];
+  const nonSuperAdminUsersToDisable = await strapi.db.query("admin::user").findMany({
+    where: {
+      isActive: true,
+      roles: {
+        code: { $ne: SUPER_ADMIN_CODE }
+      }
+    },
+    orderBy: { createdAt: "DESC" },
+    limit: numberOfUsersToDisable
+  });
+  usersToDisable.push(...nonSuperAdminUsersToDisable);
+  if (nonSuperAdminUsersToDisable.length < numberOfUsersToDisable) {
+    const superAdminUsersToDisable = await strapi.db.query("admin::user").findMany({
+      where: {
+        isActive: true,
+        roles: { code: SUPER_ADMIN_CODE }
+      },
+      orderBy: { createdAt: "DESC" },
+      limit: numberOfUsersToDisable - nonSuperAdminUsersToDisable.length
+    });
+    usersToDisable.push(...superAdminUsersToDisable);
+  }
+  await strapi.db.query("admin::user").updateMany({
+    where: { id: fp.map(fp.prop("id"), usersToDisable) },
+    data: { isActive: false }
+  });
+  await strapi.store.set({
+    type: "ee",
+    key: "disabled_users",
+    value: currentlyDisabledUsers.concat(fp.map(fp.pick(["id", "isActive"]), usersToDisable))
+  });
+};
+const syncDisabledUserRecords = async () => {
+  const disabledUsers = await strapi.store.get({ type: "ee", key: "disabled_users" });
+  if (!disabledUsers) {
+    return;
+  }
+  await strapi.db.query("admin::user").updateMany({
+    where: { id: fp.map(fp.prop("id"), disabledUsers) },
+    data: { isActive: false }
+  });
+};
+const seatEnforcementWorkflow = async () => {
+  const adminSeats = strapi.ee.seats;
+  if (fp.isNil(adminSeats)) {
+    return;
+  }
+  await syncDisabledUserRecords();
+  const currentActiveUserCount = await getService("user").getCurrentActiveUserCount();
+  const adminSeatsLeft = adminSeats - currentActiveUserCount;
+  if (adminSeatsLeft > 0) {
+    await enableMaximumUserCount(adminSeatsLeft);
+  } else if (adminSeatsLeft < 0) {
+    await disableUsersAboveLicenseLimit(-adminSeatsLeft);
+  }
+};
+const seatEnforcement = {
+  seatEnforcementWorkflow,
+  getDisabledUserList
+};
+const services = {
+  auth,
+  passport,
+  role: role$1,
+  user: user$1,
+  metrics,
+  "seat-enforcement": seatEnforcement
+};
+const providerOptionsUpdateSchema = utils$2.yup.object().shape({
+  autoRegister: utils$2.yup.boolean().required(),
+  defaultRole: utils$2.yup.strapiID().when("autoRegister", (value, initSchema) => {
+    return value ? initSchema.required() : initSchema.nullable();
+  }).test("is-valid-role", "You must submit a valid default role", (roleId) => {
+    if (roleId === null) {
+      return true;
+    }
+    return strapi.service("admin::role").exists({ id: roleId });
+  }),
+  ssoLockedRoles: utils$2.yup.array().nullable().of(
+    utils$2.yup.strapiID().test(
+      "is-valid-role",
+      "You must submit a valid role for the SSO Locked roles",
+      (roleId) => {
+        return strapi.service("admin::role").exists({ id: roleId });
+      }
+    )
+  )
+});
+const validateProviderOptionsUpdate = utils$2.validateYupSchema(providerOptionsUpdateSchema);
+const PROVIDER_REDIRECT_BASE = "/auth/login";
+const PROVIDER_REDIRECT_SUCCESS = `${PROVIDER_REDIRECT_BASE}/success`;
+const PROVIDER_REDIRECT_ERROR = `${PROVIDER_REDIRECT_BASE}/error`;
+const PROVIDER_URLS_MAP = {
+  success: PROVIDER_REDIRECT_SUCCESS,
+  error: PROVIDER_REDIRECT_ERROR
+};
+const getAdminStore = async () => strapi.store({ type: "core", name: "admin" });
+const getPrefixedRedirectUrls = () => {
+  const { url: adminUrl } = strapi.config.get("admin");
+  const prefixUrl = (url) => `${adminUrl || "/admin"}${url}`;
+  return fp.mapValues(prefixUrl, PROVIDER_URLS_MAP);
+};
+const utils = {
+  getAdminStore,
+  getPrefixedRedirectUrls
+};
+const defaultConnectionError = () => new Error("Invalid connection payload");
+const authenticate = async (ctx, next) => {
+  const {
+    params: { provider }
+  } = ctx;
+  const redirectUrls = utils.getPrefixedRedirectUrls();
+  return passport__default.default.authenticate(provider, null, async (error, profile) => {
+    if (error || !profile || !profile.email) {
+      if (error) {
+        strapi.log.error(error);
+      }
+      strapi.eventHub.emit("admin.auth.error", {
+        error: error || defaultConnectionError(),
+        provider
+      });
+      return ctx.redirect(redirectUrls.error);
+    }
+    const user2 = await getService("user").findOneByEmail(profile.email);
+    const scenario = user2 ? existingUserScenario : nonExistingUserScenario;
+    return scenario(ctx, next)(user2 || profile, provider);
+  })(ctx, next);
+};
+const existingUserScenario = (ctx, next) => async (user2, provider) => {
+  const redirectUrls = utils.getPrefixedRedirectUrls();
+  if (!user2.isActive) {
+    strapi.eventHub.emit("admin.auth.error", {
+      error: new Error(`Deactivated user tried to login (${user2.id})`),
+      provider
+    });
+    return ctx.redirect(redirectUrls.error);
+  }
+  ctx.state.user = user2;
+  return next();
+};
+const nonExistingUserScenario = (ctx, next) => async (profile, provider) => {
+  const { email: email2, firstname: firstname2, lastname: lastname2, username: username2 } = profile;
+  const redirectUrls = utils.getPrefixedRedirectUrls();
+  const adminStore = await utils.getAdminStore();
+  const { providers: providers2 } = await adminStore.get({ key: "auth" });
+  const isMissingRegisterFields = !username2 && (!firstname2 || !lastname2);
+  if (!providers2.autoRegister || !providers2.defaultRole || isMissingRegisterFields) {
+    strapi.eventHub.emit("admin.auth.error", { error: defaultConnectionError(), provider });
+    return ctx.redirect(redirectUrls.error);
+  }
+  const defaultRole = await getService("role").findOne({ id: providers2.defaultRole });
+  if (!defaultRole) {
+    strapi.eventHub.emit("admin.auth.error", { error: defaultConnectionError(), provider });
+    return ctx.redirect(redirectUrls.error);
+  }
+  ctx.state.user = await getService("user").create({
+    email: email2,
+    username: username2,
+    firstname: firstname2,
+    lastname: lastname2,
+    roles: [defaultRole.id],
+    isActive: true,
+    registrationToken: null
+  });
+  strapi.eventHub.emit("admin.auth.autoRegistration", {
+    user: ctx.state.user,
+    provider
+  });
+  return next();
+};
+const redirectWithAuth = (ctx) => {
+  const {
+    params: { provider }
+  } = ctx;
+  const redirectUrls = utils.getPrefixedRedirectUrls();
+  const domain2 = strapi.config.get("admin.auth.domain");
+  const { user: user2 } = ctx.state;
+  const jwt2 = getService("token").createJwtToken(user2);
+  const isProduction = strapi.config.get("environment") === "production";
+  const cookiesOptions = { httpOnly: false, secure: isProduction, overwrite: true, domain: domain2 };
+  const sanitizedUser = getService("user").sanitizeUser(user2);
+  strapi.eventHub.emit("admin.auth.success", { user: sanitizedUser, provider });
+  ctx.cookies.set("jwtToken", jwt2, cookiesOptions);
+  ctx.redirect(redirectUrls.success);
+};
+const middlewares = {
+  authenticate,
+  redirectWithAuth
+};
+const toProviderDTO = fp.pick(["uid", "displayName", "icon"]);
+const toProviderLoginOptionsDTO = fp.pick(["autoRegister", "defaultRole", "ssoLockedRoles"]);
+const { ValidationError } = utils$2.errors;
+const providerAuthenticationFlow = compose__default.default([
+  middlewares.authenticate,
+  middlewares.redirectWithAuth
+]);
+const authentication = {
+  async getProviders(ctx) {
+    const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
+    ctx.body = providerRegistry2.getAll().map(toProviderDTO);
+  },
+  async getProviderLoginOptions(ctx) {
+    const adminStore = await utils.getAdminStore();
+    const { providers: providersOptions } = await adminStore.get({ key: "auth" });
+    ctx.body = {
+      data: toProviderLoginOptionsDTO(providersOptions)
+    };
+  },
+  async updateProviderLoginOptions(ctx) {
+    const {
+      request: { body }
+    } = ctx;
+    await validateProviderOptionsUpdate(body);
+    const adminStore = await utils.getAdminStore();
+    const currentAuthOptions = await adminStore.get({ key: "auth" });
+    const newAuthOptions = { ...currentAuthOptions, providers: body };
+    await adminStore.set({ key: "auth", value: newAuthOptions });
+    strapi.telemetry.send("didUpdateSSOSettings");
+    ctx.body = {
+      data: toProviderLoginOptionsDTO(newAuthOptions.providers)
+    };
+  },
+  providerLogin(ctx, next) {
+    const {
+      params: { provider: providerName }
+    } = ctx;
+    const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
+    if (!providerRegistry2.has(providerName)) {
+      throw new ValidationError(`Invalid provider supplied: ${providerName}`);
+    }
+    return providerAuthenticationFlow(ctx, next);
+  }
+};
+const roleCreateSchema = utils$2.yup.object().shape({
+  name: utils$2.yup.string().min(1).required(),
+  description: utils$2.yup.string().nullable()
+}).noUnknown();
+const rolesDeleteSchema = utils$2.yup.object().shape({
+  ids: utils$2.yup.array().of(utils$2.yup.strapiID()).min(1).required().test(
+    "roles-deletion-checks",
+    "Roles deletion checks have failed",
+    async function rolesDeletionChecks(ids) {
+      try {
+        await strapi.service("admin::role").checkRolesIdForDeletion(ids);
+        if (strapi.ee.features.isEnabled("sso")) {
+          await strapi.service("admin::role").ssoCheckRolesIdForDeletion(ids);
+        }
+      } catch (e) {
+        return this.createError({ path: "ids", message: e.message });
+      }
+      return true;
+    }
+  )
+}).noUnknown();
+const roleDeleteSchema = utils$2.yup.strapiID().required().test(
+  "no-admin-single-delete",
+  "Role deletion checks have failed",
+  async function noAdminSingleDelete(id) {
+    try {
+      await strapi.service("admin::role").checkRolesIdForDeletion([id]);
+      if (strapi.ee.features.isEnabled("sso")) {
+        await strapi.service("admin::role").ssoCheckRolesIdForDeletion([id]);
+      }
+    } catch (e) {
+      return this.createError({ path: "id", message: e.message });
+    }
+    return true;
+  }
+);
+const validateRoleCreateInput = utils$2.validateYupSchema(roleCreateSchema);
+const validateRolesDeleteInput = utils$2.validateYupSchema(rolesDeleteSchema);
+const validateRoleDeleteInput = utils$2.validateYupSchema(roleDeleteSchema);
+const role = {
+  /**
+   * Create a new role
+   * @param {KoaContext} ctx - koa context
+   */
+  async create(ctx) {
+    await validateRoleCreateInput(ctx.request.body);
+    const roleService = getService("role");
+    const role2 = await roleService.create(ctx.request.body);
+    const sanitizedRole = roleService.sanitizeRole(role2);
+    ctx.created({ data: sanitizedRole });
+  },
+  /**
+   * Delete a role
+   * @param {KoaContext} ctx - koa context
+   */
+  async deleteOne(ctx) {
+    const { id } = ctx.params;
+    await validateRoleDeleteInput(id);
+    const roleService = getService("role");
+    const roles2 = await roleService.deleteByIds([id]);
+    const sanitizedRole = roles2.map((role2) => roleService.sanitizeRole(role2))[0] || null;
+    return ctx.deleted({
+      data: sanitizedRole
+    });
+  },
+  /**
+   * delete several roles
+   * @param {KoaContext} ctx - koa context
+   */
+  async deleteMany(ctx) {
+    const { body } = ctx.request;
+    await validateRolesDeleteInput(body);
+    const roleService = getService("role");
+    const roles2 = await roleService.deleteByIds(body.ids);
+    const sanitizedRoles = roles2.map(roleService.sanitizeRole);
+    return ctx.deleted({
+      data: sanitizedRoles
+    });
+  }
+};
+const ssoUserCreationInputExtension = utils$2.yup.object().shape({
+  useSSORegistration: utils$2.yup.boolean()
+}).noUnknown();
+const validateUserCreationInput = (data) => {
+  let schema = schemas.userCreationSchema;
+  if (strapi.ee.features.isEnabled("sso")) {
+    schema = schema.concat(ssoUserCreationInputExtension);
+  }
+  return utils$2.validateYupSchema(schema)(data);
+};
+const { ApplicationError, ForbiddenError } = utils$2.errors;
+const pickUserCreationAttributes = fp.pick(["firstname", "lastname", "email", "roles"]);
+const hasAdminSeatsAvaialble = async () => {
+  if (!strapi.EE) {
+    return true;
+  }
+  const permittedSeats = strapi.ee.seats;
+  if (fp.isNil(permittedSeats)) {
+    return true;
+  }
+  const userCount = await strapi.service("admin::user").getCurrentActiveUserCount();
+  if (userCount < permittedSeats) {
+    return true;
+  }
+};
+const user = {
+  async create(ctx) {
+    if (!await hasAdminSeatsAvaialble()) {
+      throw new ForbiddenError("License seat limit reached. You cannot create a new user");
+    }
+    const { body } = ctx.request;
+    const cleanData = { ...body, email: ___namespace.default.get(body, `email`, ``).toLowerCase() };
+    await validateUserCreationInput(cleanData);
+    const attributes = pickUserCreationAttributes(cleanData);
+    const { useSSORegistration } = cleanData;
+    const userAlreadyExists = await getService("user").exists({ email: attributes.email });
+    if (userAlreadyExists) {
+      throw new ApplicationError("Email already taken");
+    }
+    if (useSSORegistration) {
+      Object.assign(attributes, { registrationToken: null, isActive: true });
+    }
+    const createdUser = await getService("user").create(attributes);
+    const userInfo = getService("user").sanitizeUser(createdUser);
+    Object.assign(userInfo, { registrationToken: createdUser.registrationToken });
+    ctx.created({ data: userInfo });
+  },
+  async update(ctx) {
+    const { id } = ctx.params;
+    const { body: input } = ctx.request;
+    await validateUserUpdateInput(input);
+    if (___namespace.default.has(input, "email")) {
+      const uniqueEmailCheck = await getService("user").exists({
+        id: { $ne: id },
+        email: input.email
+      });
+      if (uniqueEmailCheck) {
+        throw new ApplicationError("A user with this email address already exists");
+      }
+    }
+    const user2 = await getService("user").findOne(id, null);
+    if (!await hasAdminSeatsAvaialble() && !user2.isActive && input.isActive) {
+      throw new ForbiddenError("License seat limit reached. You cannot active this user");
+    }
+    const updatedUser = await getService("user").updateById(id, input);
+    if (!updatedUser) {
+      return ctx.notFound("User does not exist");
+    }
+    ctx.body = {
+      data: getService("user").sanitizeUser(updatedUser)
+    };
+  },
+  async isSSOLocked(ctx) {
+    const { user: user2 } = ctx.state;
+    const isSSOLocked = await isSsoLocked(user2);
+    ctx.body = {
+      data: {
+        isSSOLocked
+      }
+    };
+  }
+};
+const admin$2 = {
+  // NOTE: Overrides CE admin controller
+  async getProjectType() {
+    const flags = strapi.config.get("admin.flags", {});
+    try {
+      return { data: { isEE: strapi.EE, features: strapi.ee.features.list(), flags } };
+    } catch (err) {
+      return { data: { isEE: false, features: [], flags } };
+    }
+  },
+  async licenseLimitInformation() {
+    const permittedSeats = strapi.ee.seats;
+    let shouldNotify = false;
+    let licenseLimitStatus = null;
+    let enforcementUserCount;
+    const currentActiveUserCount = await getService("user").getCurrentActiveUserCount();
+    const eeDisabledUsers = await getService("seat-enforcement").getDisabledUserList();
+    if (eeDisabledUsers) {
+      enforcementUserCount = currentActiveUserCount + eeDisabledUsers.length;
+    } else {
+      enforcementUserCount = currentActiveUserCount;
+    }
+    if (!fp.isNil(permittedSeats) && enforcementUserCount > permittedSeats) {
+      shouldNotify = true;
+      licenseLimitStatus = "OVER_LIMIT";
+    }
+    if (!fp.isNil(permittedSeats) && enforcementUserCount === permittedSeats) {
+      shouldNotify = true;
+      licenseLimitStatus = "AT_LIMIT";
+    }
+    const data = {
+      enforcementUserCount,
+      currentActiveUserCount,
+      permittedSeats,
+      shouldNotify,
+      shouldStopCreate: fp.isNil(permittedSeats) ? false : currentActiveUserCount >= permittedSeats,
+      licenseLimitStatus,
+      isHostedOnStrapiCloud: utils$2.env("STRAPI_HOSTING", null) === "strapi.cloud",
+      features: strapi.ee.features.list() ?? []
+    };
+    return { data };
+  }
+};
+const controllers = {
+  authentication,
+  role,
+  user,
+  admin: admin$2
+};
+const enableFeatureMiddleware = (featureName) => (ctx, next) => {
+  if (strapi.ee.features.isEnabled(featureName)) {
+    return next();
+  }
+  ctx.status = 404;
+};
+const sso = {
+  type: "admin",
+  routes: [
+    {
+      method: "GET",
+      path: "/providers",
+      handler: "authentication.getProviders",
+      config: {
+        middlewares: [enableFeatureMiddleware("sso")],
+        auth: false
+      }
+    },
+    {
+      method: "GET",
+      path: "/connect/:provider",
+      handler: "authentication.providerLogin",
+      config: {
+        middlewares: [enableFeatureMiddleware("sso")],
+        auth: false
+      }
+    },
+    {
+      method: "POST",
+      path: "/connect/:provider",
+      handler: "authentication.providerLogin",
+      config: {
+        middlewares: [enableFeatureMiddleware("sso")],
+        auth: false
+      }
+    },
+    {
+      method: "GET",
+      path: "/providers/options",
+      handler: "authentication.getProviderLoginOptions",
+      config: {
+        middlewares: [enableFeatureMiddleware("sso")],
+        policies: [
+          "admin::isAuthenticatedAdmin",
+          { name: "admin::hasPermissions", config: { actions: ["admin::provider-login.read"] } }
+        ]
+      }
+    },
+    {
+      method: "PUT",
+      path: "/providers/options",
+      handler: "authentication.updateProviderLoginOptions",
+      config: {
+        middlewares: [enableFeatureMiddleware("sso")],
+        policies: [
+          "admin::isAuthenticatedAdmin",
+          { name: "admin::hasPermissions", config: { actions: ["admin::provider-login.update"] } }
+        ]
+      }
+    },
+    {
+      method: "GET",
+      path: "/providers/isSSOLocked",
+      handler: "user.isSSOLocked",
+      config: {
+        middlewares: [enableFeatureMiddleware("sso")],
+        policies: ["admin::isAuthenticatedAdmin"]
+      }
+    }
+  ]
+};
+const licenseLimit = {
+  type: "admin",
+  routes: [
+    // License limit infos
+    {
+      method: "GET",
+      path: "/license-limit-information",
+      handler: "admin.licenseLimitInformation",
+      config: {
+        policies: [
+          "admin::isAuthenticatedAdmin",
+          {
+            name: "admin::hasPermissions",
+            config: {
+              actions: [
+                "admin::users.create",
+                "admin::users.read",
+                "admin::users.update",
+                "admin::users.delete"
+              ]
+            }
+          }
+        ]
+      }
+    }
+  ]
+};
+const routes = {
+  sso,
+  "license-limit": licenseLimit
+};
+const auditLogsRoutes = {
+  type: "admin",
+  routes: [
+    {
+      method: "GET",
+      path: "/audit-logs",
+      handler: "audit-logs.findMany",
+      config: {
+        middlewares: [enableFeatureMiddleware("audit-logs")],
+        policies: [
+          "admin::isAuthenticatedAdmin",
+          {
+            name: "admin::hasPermissions",
+            config: {
+              actions: ["admin::audit-logs.read"]
+            }
+          }
+        ]
+      }
+    },
+    {
+      method: "GET",
+      path: "/audit-logs/:id",
+      handler: "audit-logs.findOne",
+      config: {
+        middlewares: [enableFeatureMiddleware("audit-logs")],
+        policies: [
+          "admin::isAuthenticatedAdmin",
+          {
+            name: "admin::hasPermissions",
+            config: {
+              actions: ["admin::audit-logs.read"]
+            }
+          }
+        ]
+      }
+    }
+  ]
+};
+const ALLOWED_SORT_STRINGS = ["action:ASC", "action:DESC", "date:ASC", "date:DESC"];
+const validateFindManySchema = utils$2.yup.object().shape({
+  page: utils$2.yup.number().integer().min(1),
+  pageSize: utils$2.yup.number().integer().min(1).max(100),
+  sort: utils$2.yup.mixed().oneOf(ALLOWED_SORT_STRINGS)
+}).required();
+const validateFindMany = utils$2.validateYupSchema(validateFindManySchema, { strict: false });
+const auditLogsController = {
+  async findMany(ctx) {
+    const { query } = ctx.request;
+    await validateFindMany(query);
+    const auditLogs = strapi.get("audit-logs");
+    const body = await auditLogs.findMany(query);
+    ctx.body = body;
+  },
+  async findOne(ctx) {
+    const { id } = ctx.params;
+    const auditLogs = strapi.get("audit-logs");
+    const body = await auditLogs.findOne(id);
+    ctx.body = body;
+    strapi.telemetry.send("didWatchAnAuditLog");
+  }
+};
+const getSanitizedUser = (user2) => {
+  let displayName = user2.email;
+  if (user2.username) {
+    displayName = user2.username;
+  } else if (user2.firstname && user2.lastname) {
+    displayName = `${user2.firstname} ${user2.lastname}`;
+  }
+  return {
+    id: user2.id,
+    email: user2.email,
+    displayName
+  };
+};
+const createAuditLogsService = (strapi2) => {
+  return {
+    async saveEvent(event) {
+      const { userId, ...rest } = event;
+      const auditLog2 = { ...rest, user: userId };
+      await strapi2.db?.query("admin::audit-log").create({ data: auditLog2 });
+      return this;
+    },
+    async findMany(query) {
+      const { results, pagination } = await strapi2.db?.query("admin::audit-log").findPage({
+        populate: ["user"],
+        select: ["action", "date", "payload"],
+        ...strapi2.get("query-params").transform("admin::audit-log", query)
+      });
+      const sanitizedResults = results.map((result) => {
+        const { user: user2, ...rest } = result;
+        return {
+          ...rest,
+          user: user2 ? getSanitizedUser(user2) : null
+        };
+      });
+      return {
+        results: sanitizedResults,
+        pagination
+      };
+    },
+    async findOne(id) {
+      const result = await strapi2.db?.query("admin::audit-log").findOne({
+        where: { id },
+        populate: ["user"],
+        select: ["action", "date", "payload"]
+      });
+      if (!result) {
+        return null;
+      }
+      const { user: user2, ...rest } = result;
+      return {
+        ...rest,
+        user: user2 ? getSanitizedUser(user2) : null
+      };
+    },
+    deleteExpiredEvents(expirationDate) {
+      return strapi2.db?.query("admin::audit-log").deleteMany({
+        where: {
+          date: {
+            $lt: expirationDate.toISOString()
+          }
+        }
+      });
+    }
+  };
+};
+const DEFAULT_RETENTION_DAYS = 90;
+const defaultEvents = [
+  "entry.create",
+  "entry.update",
+  "entry.delete",
+  "entry.publish",
+  "entry.unpublish",
+  "media.create",
+  "media.update",
+  "media.delete",
+  "media-folder.create",
+  "media-folder.update",
+  "media-folder.delete",
+  "user.create",
+  "user.update",
+  "user.delete",
+  "admin.auth.success",
+  "admin.logout",
+  "content-type.create",
+  "content-type.update",
+  "content-type.delete",
+  "component.create",
+  "component.update",
+  "component.delete",
+  "role.create",
+  "role.update",
+  "role.delete",
+  "permission.create",
+  "permission.update",
+  "permission.delete"
+];
+const getEventMap = (defaultEvents2) => {
+  const getDefaultPayload = (...args) => args[0];
+  return defaultEvents2.reduce((acc, event) => {
+    acc[event] = getDefaultPayload;
+    return acc;
+  }, {});
+};
+const getRetentionDays = (strapi2) => {
+  const featureConfig = strapi2.ee.features.get("audit-logs");
+  const licenseRetentionDays = typeof featureConfig === "object" && featureConfig?.options.retentionDays;
+  const userRetentionDays = strapi2.config.get("admin.auditLogs.retentionDays");
+  if (licenseRetentionDays == null) {
+    return userRetentionDays ?? DEFAULT_RETENTION_DAYS;
+  }
+  if (userRetentionDays && userRetentionDays < licenseRetentionDays) {
+    return userRetentionDays;
+  }
+  return licenseRetentionDays;
+};
+const createAuditLogsLifecycleService = (strapi2) => {
+  const state = {};
+  const auditLogsService = strapi2.get("audit-logs");
+  const eventMap = getEventMap(defaultEvents);
+  const processEvent = (name2, ...args) => {
+    const requestState = strapi2.requestContext.get()?.state;
+    const isUsingAdminAuth = requestState?.route.info.type === "admin";
+    const user2 = requestState?.user;
+    if (!isUsingAdminAuth || !user2) {
+      return null;
+    }
+    const getPayload = eventMap[name2];
+    if (!getPayload) {
+      return null;
+    }
+    const ignoredUids = ["plugin::upload.file", "plugin::upload.folder"];
+    if (ignoredUids.includes(args[0]?.uid)) {
+      return null;
+    }
+    return {
+      action: name2,
+      date: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: getPayload(...args) || {},
+      userId: user2.id
+    };
+  };
+  const handleEvent = async (name2, ...args) => {
+    const processedEvent = processEvent(name2, ...args);
+    if (processedEvent) {
+      await auditLogsService.saveEvent(processedEvent);
+    }
+  };
+  return {
+    async register() {
+      if (!state.eeEnableUnsubscribe) {
+        state.eeEnableUnsubscribe = strapi2.eventHub.on("ee.enable", () => {
+          this.destroy();
+          this.register();
+        });
+      }
+      if (!state.eeUpdateUnsubscribe) {
+        state.eeUpdateUnsubscribe = strapi2.eventHub.on("ee.update", () => {
+          this.destroy();
+          this.register();
+        });
+      }
+      state.eeDisableUnsubscribe = strapi2.eventHub.on("ee.disable", () => {
+        this.destroy();
+      });
+      if (!strapi2.ee.features.isEnabled("audit-logs")) {
+        return this;
+      }
+      state.eventHubUnsubscribe = strapi2.eventHub.subscribe(handleEvent);
+      const retentionDays = getRetentionDays(strapi2);
+      state.deleteExpiredJob = nodeSchedule.scheduleJob("0 0 * * *", () => {
+        const expirationDate = new Date(Date.now() - retentionDays * 24 * 60 * 60 * 1e3);
+        auditLogsService.deleteExpiredEvents(expirationDate);
+      });
+      return this;
+    },
+    unsubscribe() {
+      if (state.eeDisableUnsubscribe) {
+        state.eeDisableUnsubscribe();
+      }
+      if (state.eventHubUnsubscribe) {
+        state.eventHubUnsubscribe();
+      }
+      if (state.deleteExpiredJob) {
+        state.deleteExpiredJob.cancel();
+      }
+      return this;
+    },
+    destroy() {
+      return this.unsubscribe();
+    }
+  };
+};
+const auditLog = {
+  schema: {
+    kind: "collectionType",
+    collectionName: "strapi_audit_logs",
+    info: {
+      singularName: "audit-log",
+      pluralName: "audit-logs",
+      displayName: "Audit Log"
+    },
+    options: {
+      timestamps: false
+    },
+    pluginOptions: {
+      "content-manager": {
+        visible: false
+      },
+      "content-type-builder": {
+        visible: false
+      }
+    },
+    attributes: {
+      action: {
+        type: "string",
+        required: true
+      },
+      date: {
+        type: "datetime",
+        required: true
+      },
+      user: {
+        type: "relation",
+        relation: "oneToOne",
+        target: "admin::user"
+      },
+      payload: {
+        type: "json"
+      }
+    }
+  }
+};
+const getAdminEE = () => {
+  const eeAdmin = {
+    register,
+    bootstrap,
+    destroy,
+    contentTypes: {
+      // Always register the audit-log content type to prevent data loss
+      "audit-log": auditLog,
+      ...adminContentTypes
+    },
+    services,
+    controllers,
+    routes
+  };
+  if (strapi.config.get("admin.auditLogs.enabled", true) && strapi.ee.features.isEnabled("audit-logs")) {
+    return {
+      ...eeAdmin,
+      controllers: {
+        ...eeAdmin.controllers,
+        "audit-logs": auditLogsController
+      },
+      routes: {
+        ...eeAdmin.routes,
+        "audit-logs": auditLogsRoutes
+      },
+      async register({ strapi: strapi2 }) {
+        await eeAdmin.register({ strapi: strapi2 });
+        strapi2.add("audit-logs", createAuditLogsService(strapi2));
+        const auditLogsLifecycle = createAuditLogsLifecycleService(strapi2);
+        strapi2.add("audit-logs-lifecycle", auditLogsLifecycle);
+        await auditLogsLifecycle.register();
+      },
+      async destroy({ strapi: strapi2 }) {
+        strapi2.get("audit-logs-lifecycle").destroy();
+        await eeAdmin.destroy({ strapi: strapi2 });
+      }
+    };
+  }
+  return eeAdmin;
+};
+let admin = {
+  bootstrap: bootstrap$1,
+  register: register$2,
+  destroy: destroy$1,
+  config,
+  policies,
+  routes: routes$1,
+  services: services$1,
+  controllers: controllers$1,
+  contentTypes,
+  middlewares: middlewares$1
+};
+const mergeRoutes = (a, b, key) => {
+  return ___namespace.default.isArray(a) && ___namespace.default.isArray(b) && key === "routes" ? a.concat(b) : void 0;
+};
+if (strapi.EE) {
+  admin = ___namespace.default.mergeWith({}, admin, getAdminEE(), mergeRoutes);
+}
+const admin$1 = admin;
+module.exports = admin$1;
 //# sourceMappingURL=index.js.map