@strapi/admin 5.0.0-rc.8 → 5.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/{AdminSeatInfo-E8azTFQY.js → AdminSeatInfo-8vtNB3ck.js} +4 -4
- package/dist/admin/AdminSeatInfo-8vtNB3ck.js.map +1 -0
- package/dist/admin/{AdminSeatInfo-Q_hUNC5B.mjs → AdminSeatInfo-qIgh5-QA.mjs} +5 -5
- package/dist/admin/AdminSeatInfo-qIgh5-QA.mjs.map +1 -0
- package/dist/admin/{ApplicationInfoPage-_QAWr13m.mjs → ApplicationInfoPage-AAIv_ZkF.mjs} +10 -10
- package/dist/admin/ApplicationInfoPage-AAIv_ZkF.mjs.map +1 -0
- package/dist/admin/{ApplicationInfoPage-DOljMjfU.js → ApplicationInfoPage-bkWa99An.js} +10 -10
- package/dist/admin/ApplicationInfoPage-bkWa99An.js.map +1 -0
- package/dist/admin/{AuthResponse-J8A48xdo.mjs → AuthResponse-HYXVuTDF.mjs} +2 -2
- package/dist/admin/{AuthResponse-J8A48xdo.mjs.map → AuthResponse-HYXVuTDF.mjs.map} +1 -1
- package/dist/admin/{AuthResponse-KlTDmm2i.js → AuthResponse-R8kR_yqS.js} +2 -2
- package/dist/admin/{AuthResponse-KlTDmm2i.js.map → AuthResponse-R8kR_yqS.js.map} +1 -1
- package/dist/admin/{AuthenticatedLayout-DhxlhqLg.mjs → AuthenticatedLayout-J22BBdYe.mjs} +69 -82
- package/dist/admin/AuthenticatedLayout-J22BBdYe.mjs.map +1 -0
- package/dist/admin/{AuthenticatedLayout-S2qRx5pp.js → AuthenticatedLayout-ZAXB7o93.js} +68 -81
- package/dist/admin/AuthenticatedLayout-ZAXB7o93.js.map +1 -0
- package/dist/admin/{CreateActionEE-Yfp4hs7a.mjs → CreateActionEE-X2nnG2dm.mjs} +2 -2
- package/dist/admin/{CreateActionEE-Yfp4hs7a.mjs.map → CreateActionEE-X2nnG2dm.mjs.map} +1 -1
- package/dist/admin/{CreatePage-czINWoI4.js → CreatePage-3V_sa8A4.js} +3 -3
- package/dist/admin/{CreatePage-czINWoI4.js.map → CreatePage-3V_sa8A4.js.map} +1 -1
- package/dist/admin/{CreatePage-4aSBZ-8M.mjs → CreatePage-5WzWwepG.mjs} +7 -7
- package/dist/admin/CreatePage-5WzWwepG.mjs.map +1 -0
- package/dist/admin/{CreatePage-5Lsxkk31.mjs → CreatePage-hEdR3uWK.mjs} +3 -3
- package/dist/admin/{CreatePage-5Lsxkk31.mjs.map → CreatePage-hEdR3uWK.mjs.map} +1 -1
- package/dist/admin/{CreatePage-HNRkTZwZ.js → CreatePage-zzbF8IhD.js} +6 -6
- package/dist/admin/CreatePage-zzbF8IhD.js.map +1 -0
- package/dist/admin/{CreateView-AXL3tH85.js → CreateView-5EC5Yv96.js} +3 -3
- package/dist/admin/{CreateView-AXL3tH85.js.map → CreateView-5EC5Yv96.js.map} +1 -1
- package/dist/admin/{CreateView-qzRvLGBC.mjs → CreateView-OjaERndy.mjs} +3 -3
- package/dist/admin/{CreateView-qzRvLGBC.mjs.map → CreateView-OjaERndy.mjs.map} +1 -1
- package/dist/admin/{CreateView-u0mACDyv.mjs → CreateView-S8gDQUCt.mjs} +3 -3
- package/dist/admin/{CreateView-u0mACDyv.mjs.map → CreateView-S8gDQUCt.mjs.map} +1 -1
- package/dist/admin/{CreateView-aIiiLy3C.js → CreateView-ZQEmP8-n.js} +3 -3
- package/dist/admin/{CreateView-aIiiLy3C.js.map → CreateView-ZQEmP8-n.js.map} +1 -1
- package/dist/admin/{EditPage-cMbU4NVE.mjs → EditPage-493L2-vV.mjs} +42 -29
- package/dist/admin/EditPage-493L2-vV.mjs.map +1 -0
- package/dist/admin/{EditPage-Qp1c1eXd.mjs → EditPage-7fMqo-c-.mjs} +9 -9
- package/dist/admin/EditPage-7fMqo-c-.mjs.map +1 -0
- package/dist/admin/{EditPage-RZcyUKwu.js → EditPage-8T9gBnnc.js} +40 -27
- package/dist/admin/EditPage-8T9gBnnc.js.map +1 -0
- package/dist/admin/{EditPage-BAq4SLUJ.js → EditPage-OFlfNGv0.js} +8 -8
- package/dist/admin/EditPage-OFlfNGv0.js.map +1 -0
- package/dist/admin/{EditPage-hHV9CNBD.mjs → EditPage-akxbKeqK.mjs} +26 -17
- package/dist/admin/EditPage-akxbKeqK.mjs.map +1 -0
- package/dist/admin/{EditPage-nJMUfPC_.js → EditPage-gJJgatNc.js} +25 -16
- package/dist/admin/EditPage-gJJgatNc.js.map +1 -0
- package/dist/admin/{EditView-CqQ7E0hw.js → EditView-ZJPPeal2.js} +9 -10
- package/dist/admin/EditView-ZJPPeal2.js.map +1 -0
- package/dist/admin/{EditView-cnGxE7oC.mjs → EditView-_QID3gT5.mjs} +11 -12
- package/dist/admin/EditView-_QID3gT5.mjs.map +1 -0
- package/dist/admin/{EditViewPage-uUDS6iky.js → EditViewPage-_wx5u6QJ.js} +76 -53
- package/dist/admin/EditViewPage-_wx5u6QJ.js.map +1 -0
- package/dist/admin/{EditViewPage-tTqJWPbg.mjs → EditViewPage-zkNmb1zg.mjs} +77 -54
- package/dist/admin/EditViewPage-zkNmb1zg.mjs.map +1 -0
- package/dist/admin/{EventsTable-MqaO8InG.js → EventsTable-31485Cwq.js} +2 -2
- package/dist/admin/{EventsTable-MqaO8InG.js.map → EventsTable-31485Cwq.js.map} +1 -1
- package/dist/admin/{EventsTable-bAm473aQ.mjs → EventsTable-_BT8dIHY.mjs} +2 -2
- package/dist/admin/{EventsTable-bAm473aQ.mjs.map → EventsTable-_BT8dIHY.mjs.map} +1 -1
- package/dist/admin/{HomePage-kxpv-2IT.mjs → HomePage-LenrY0bj.mjs} +11 -14
- package/dist/admin/HomePage-LenrY0bj.mjs.map +1 -0
- package/dist/admin/{HomePage-iOCLC8T5.mjs → HomePage-NdId9gqT.mjs} +3 -3
- package/dist/admin/{HomePage-iOCLC8T5.mjs.map → HomePage-NdId9gqT.mjs.map} +1 -1
- package/dist/admin/{HomePage-cSNwcjEI.js → HomePage-T2yVEfC3.js} +19 -22
- package/dist/admin/HomePage-T2yVEfC3.js.map +1 -0
- package/dist/admin/{HomePage-qHKQJ_vS.js → HomePage-yyizKL39.js} +3 -3
- package/dist/admin/{HomePage-qHKQJ_vS.js.map → HomePage-yyizKL39.js.map} +1 -1
- package/dist/admin/{InstalledPluginsPage-nryUCDD3.mjs → InstalledPlugins-Z_uS95dC.mjs} +9 -11
- package/dist/admin/InstalledPlugins-Z_uS95dC.mjs.map +1 -0
- package/dist/admin/{InstalledPluginsPage-Vj2K7uad.js → InstalledPlugins-spdwM8ub.js} +9 -11
- package/dist/admin/InstalledPlugins-spdwM8ub.js.map +1 -0
- package/dist/admin/{Layout-Z093DFKa.mjs → Layout-5lg6USuO.mjs} +5 -5
- package/dist/admin/{Layout-Z093DFKa.mjs.map → Layout-5lg6USuO.mjs.map} +1 -1
- package/dist/admin/{Layout-Y4dCGf7_.js → Layout-B3TQMQxb.js} +5 -5
- package/dist/admin/{Layout-Y4dCGf7_.js.map → Layout-B3TQMQxb.js.map} +1 -1
- package/dist/admin/{ListPage-3OjwvR-r.mjs → ListPage--B6TB-mt.mjs} +6 -6
- package/dist/admin/ListPage--B6TB-mt.mjs.map +1 -0
- package/dist/admin/{ListPage-eY08uWFn.js → ListPage-GRLtmRuy.js} +46 -28
- package/dist/admin/ListPage-GRLtmRuy.js.map +1 -0
- package/dist/admin/{ListPage-9Y5APon-.mjs → ListPage-Ggd99FLO.mjs} +5 -5
- package/dist/admin/{ListPage-9Y5APon-.mjs.map → ListPage-Ggd99FLO.mjs.map} +1 -1
- package/dist/admin/{ListPage-qr-mWRUO.js → ListPage-Hc3VZ9O3.js} +7 -7
- package/dist/admin/ListPage-Hc3VZ9O3.js.map +1 -0
- package/dist/admin/{ListPage-v8u0mb2U.mjs → ListPage-LIn0aEKt.mjs} +3 -3
- package/dist/admin/{ListPage-v8u0mb2U.mjs.map → ListPage-LIn0aEKt.mjs.map} +1 -1
- package/dist/admin/{ListPage-MQLTqMD4.js → ListPage-UEsKYDPH.js} +3 -3
- package/dist/admin/{ListPage-MQLTqMD4.js.map → ListPage-UEsKYDPH.js.map} +1 -1
- package/dist/admin/{ListPage-KvnBaksH.js → ListPage-Vf4xtn8w.js} +6 -6
- package/dist/admin/{ListPage-KvnBaksH.js.map → ListPage-Vf4xtn8w.js.map} +1 -1
- package/dist/admin/{ListPage-uSjUZ61P.mjs → ListPage-rCkaHmeP.mjs} +7 -7
- package/dist/admin/ListPage-rCkaHmeP.mjs.map +1 -0
- package/dist/admin/{ListPage-hyar31Ge.mjs → ListPage-vJik-wkj.mjs} +48 -30
- package/dist/admin/ListPage-vJik-wkj.mjs.map +1 -0
- package/dist/admin/{ListPage-2bW3tnRz.js → ListPage-y3rcDJX1.js} +5 -5
- package/dist/admin/ListPage-y3rcDJX1.js.map +1 -0
- package/dist/admin/{ListView-4XLHSTtI.js → ListView-8pEtfLsu.js} +5 -5
- package/dist/admin/{ListView-4XLHSTtI.js.map → ListView-8pEtfLsu.js.map} +1 -1
- package/dist/admin/{ListView-NUg6w25H.mjs → ListView-iCqFRGiO.mjs} +5 -5
- package/dist/admin/{ListView-NUg6w25H.mjs.map → ListView-iCqFRGiO.mjs.map} +1 -1
- package/dist/admin/{ListView-Hx1s5o_O.mjs → ListView-jrsV1wF_.mjs} +5 -5
- package/dist/admin/{ListView-Hx1s5o_O.mjs.map → ListView-jrsV1wF_.mjs.map} +1 -1
- package/dist/admin/{ListView-U0ueqVjR.js → ListView-noYLY_DM.js} +4 -4
- package/dist/admin/{ListView-U0ueqVjR.js.map → ListView-noYLY_DM.js.map} +1 -1
- package/dist/admin/{Login-StNvuHl2.mjs → Login--GgWQano.mjs} +4 -4
- package/dist/admin/{Login-StNvuHl2.mjs.map → Login--GgWQano.mjs.map} +1 -1
- package/dist/admin/{Login-D_lEvhlk.js → Login-qr72UXGp.js} +4 -4
- package/dist/admin/{Login-D_lEvhlk.js.map → Login-qr72UXGp.js.map} +1 -1
- package/dist/admin/{MagicLinkEE-yv0VjDUG.js → MagicLinkEE-uTufI4yx.js} +3 -3
- package/dist/admin/{MagicLinkEE-yv0VjDUG.js.map → MagicLinkEE-uTufI4yx.js.map} +1 -1
- package/dist/admin/{MagicLinkEE-Enht2VEX.mjs → MagicLinkEE-vQcgXndx.mjs} +3 -3
- package/dist/admin/{MagicLinkEE-Enht2VEX.mjs.map → MagicLinkEE-vQcgXndx.mjs.map} +1 -1
- package/dist/admin/{MarketplacePage-0HLsOYU8.mjs → MarketplacePage-LRlL_4ys.mjs} +86 -73
- package/dist/admin/MarketplacePage-LRlL_4ys.mjs.map +1 -0
- package/dist/admin/{MarketplacePage-eNFHM7J0.js → MarketplacePage-yRWZ54oN.js} +87 -74
- package/dist/admin/MarketplacePage-yRWZ54oN.js.map +1 -0
- package/dist/admin/{Permissions-oxdduJgE.mjs → Permissions-aSGK8VGG.mjs} +3 -3
- package/dist/admin/{Permissions-oxdduJgE.mjs.map → Permissions-aSGK8VGG.mjs.map} +1 -1
- package/dist/admin/{Permissions-SuZE5tW3.js → Permissions-bmMBmcv7.js} +3 -3
- package/dist/admin/{Permissions-SuZE5tW3.js.map → Permissions-bmMBmcv7.js.map} +1 -1
- package/dist/admin/{PrivateRoute-ndqg7K6H.js → PrivateRoute-LO9G_pCJ.js} +2 -2
- package/dist/admin/{PrivateRoute-ndqg7K6H.js.map → PrivateRoute-LO9G_pCJ.js.map} +1 -1
- package/dist/admin/{PrivateRoute-4oRTB_tX.mjs → PrivateRoute-S4Lol0B9.mjs} +2 -2
- package/dist/admin/{PrivateRoute-4oRTB_tX.mjs.map → PrivateRoute-S4Lol0B9.mjs.map} +1 -1
- package/dist/admin/{ProfilePage-8lhmqZEh.js → ProfilePage-Mte9RhXw.js} +8 -8
- package/dist/admin/ProfilePage-Mte9RhXw.js.map +1 -0
- package/dist/admin/{ProfilePage-5ix1J-t3.mjs → ProfilePage-voofTYei.mjs} +9 -9
- package/dist/admin/ProfilePage-voofTYei.mjs.map +1 -0
- package/dist/admin/{PurchaseAuditLogs-amcjjsft.mjs → PurchaseAuditLogs-8wmVhLCb.mjs} +2 -2
- package/dist/admin/{PurchaseAuditLogs-amcjjsft.mjs.map → PurchaseAuditLogs-8wmVhLCb.mjs.map} +1 -1
- package/dist/admin/{PurchaseAuditLogs-LAxKPeum.js → PurchaseAuditLogs-qxVh-U_P.js} +2 -2
- package/dist/admin/{PurchaseAuditLogs-LAxKPeum.js.map → PurchaseAuditLogs-qxVh-U_P.js.map} +1 -1
- package/dist/admin/{PurchaseSingleSignOn-2jOz2dDs.mjs → PurchaseSingleSignOn-kgjD8gsd.mjs} +2 -2
- package/dist/admin/{PurchaseSingleSignOn-2jOz2dDs.mjs.map → PurchaseSingleSignOn-kgjD8gsd.mjs.map} +1 -1
- package/dist/admin/{PurchaseSingleSignOn-trhjWQVO.js → PurchaseSingleSignOn-ovEsG_Ud.js} +2 -2
- package/dist/admin/{PurchaseSingleSignOn-trhjWQVO.js.map → PurchaseSingleSignOn-ovEsG_Ud.js.map} +1 -1
- package/dist/admin/{SSOProviders-QBcyB9VI.js → SSOProviders-9-d1vYXb.js} +4 -4
- package/dist/admin/SSOProviders-9-d1vYXb.js.map +1 -0
- package/dist/admin/{SSOProviders-nMmBLr8g.mjs → SSOProviders-sy3Xon2A.mjs} +4 -4
- package/dist/admin/SSOProviders-sy3Xon2A.mjs.map +1 -0
- package/dist/admin/{SelectRoles-b0crlFl7.mjs → SelectRoles-Kzqv2-TI.mjs} +7 -7
- package/dist/admin/SelectRoles-Kzqv2-TI.mjs.map +1 -0
- package/dist/admin/{SelectRoles-nRbY6X9X.js → SelectRoles-pjJ11lBU.js} +8 -8
- package/dist/admin/SelectRoles-pjJ11lBU.js.map +1 -0
- package/dist/admin/{SingleSignOnPage-ifswElWH.js → SingleSignOnPage-WjL8NvC5.js} +14 -5
- package/dist/admin/SingleSignOnPage-WjL8NvC5.js.map +1 -0
- package/dist/admin/{SingleSignOnPage-SoYGwm82.mjs → SingleSignOnPage-p1fTOytT.mjs} +15 -6
- package/dist/admin/SingleSignOnPage-p1fTOytT.mjs.map +1 -0
- package/dist/admin/{Table-GNJgJ_tZ.mjs → Table-ARSVxoYe.mjs} +13 -20
- package/dist/admin/Table-ARSVxoYe.mjs.map +1 -0
- package/dist/admin/{Table-b0AhH-1j.js → Table-QAvKSSis.js} +13 -20
- package/dist/admin/Table-QAvKSSis.js.map +1 -0
- package/dist/admin/{Theme-PrUuuGtN.mjs → Theme-frC82ceE.mjs} +221 -20
- package/dist/admin/Theme-frC82ceE.mjs.map +1 -0
- package/dist/admin/{Theme-7W0we6BI.js → Theme-y_rWTknM.js} +225 -19
- package/dist/admin/Theme-y_rWTknM.js.map +1 -0
- package/dist/admin/{TokenTypeSelect-88Lcbz54.js → TokenTypeSelect-biZzRJv2.js} +5 -6
- package/dist/admin/TokenTypeSelect-biZzRJv2.js.map +1 -0
- package/dist/admin/{TokenTypeSelect-9u9d8fcv.mjs → TokenTypeSelect-j-b_9iB9.mjs} +5 -6
- package/dist/admin/TokenTypeSelect-j-b_9iB9.mjs.map +1 -0
- package/dist/admin/{UseCasePage-z6GrO4cL.mjs → UseCasePage-b2VozaZB.mjs} +14 -8
- package/dist/admin/{UseCasePage-z6GrO4cL.mjs.map → UseCasePage-b2VozaZB.mjs.map} +1 -1
- package/dist/admin/{UseCasePage-ipjo7uhC.js → UseCasePage-hJH0orUl.js} +14 -8
- package/dist/admin/UseCasePage-hJH0orUl.js.map +1 -0
- package/dist/admin/{admin-B6AW0Kov.mjs → admin-GZ-AP2T0.mjs} +2 -2
- package/dist/admin/{admin-B6AW0Kov.mjs.map → admin-GZ-AP2T0.mjs.map} +1 -1
- package/dist/admin/{apiTokens-YMUmHnrH.mjs → apiTokens-GQe-GqwZ.mjs} +2 -2
- package/dist/admin/{apiTokens-YMUmHnrH.mjs.map → apiTokens-GQe-GqwZ.mjs.map} +1 -1
- package/dist/admin/{constants-PyUVE8mk.js → constants-bgMqSKBQ.js} +4 -4
- package/dist/admin/{constants-PyUVE8mk.js.map → constants-bgMqSKBQ.js.map} +1 -1
- package/dist/admin/{constants-JnuNds5i.mjs → constants-jKuNcrQj.mjs} +4 -4
- package/dist/admin/{constants-JnuNds5i.mjs.map → constants-jKuNcrQj.mjs.map} +1 -1
- package/dist/admin/ee.mjs +1 -1
- package/dist/admin/{en-TbnMBjZf.js → en-_1-Nn7iH.js} +3 -2
- package/dist/admin/{en-TbnMBjZf.js.map → en-_1-Nn7iH.js.map} +1 -1
- package/dist/admin/{en-0Ld-ipyI.mjs → en-lDO5lPD0.mjs} +3 -2
- package/dist/admin/{en-0Ld-ipyI.mjs.map → en-lDO5lPD0.mjs.map} +1 -1
- package/dist/admin/{index-4iCJ7_08.mjs → index-hoTsgrwy.mjs} +138 -281
- package/dist/admin/index-hoTsgrwy.mjs.map +1 -0
- package/dist/admin/{index-3GWFhGv_.js → index-we0DbzVF.js} +142 -288
- package/dist/admin/index-we0DbzVF.js.map +1 -0
- package/dist/admin/index.js +5 -4
- package/dist/admin/index.js.map +1 -1
- package/dist/admin/index.mjs +3 -3
- package/dist/admin/{selectors-ZpHhvPK4.mjs → selectors--muHmKGe.mjs} +2 -2
- package/dist/admin/{selectors-ZpHhvPK4.mjs.map → selectors--muHmKGe.mjs.map} +1 -1
- package/dist/admin/{selectors-zQKcCNuz.js → selectors-1ySxKbos.js} +2 -2
- package/dist/admin/{selectors-zQKcCNuz.js.map → selectors-1ySxKbos.js.map} +1 -1
- package/dist/admin/src/StrapiApp.d.ts +8 -6
- package/dist/admin/src/components/Form.d.ts +3 -1
- package/dist/admin/src/components/GuidedTour/Provider.d.ts +0 -4
- package/dist/admin/src/constants.d.ts +10 -0
- package/dist/admin/src/features/Auth.d.ts +1 -1
- package/dist/admin/src/hooks/useRBAC.d.ts +1 -1
- package/dist/admin/src/index.d.ts +3 -0
- package/dist/admin/src/layouts/UnauthenticatedLayout.d.ts +1 -1
- package/dist/admin/src/pages/Marketplace/hooks/useMarketplaceData.d.ts +2 -1
- package/dist/admin/src/pages/Settings/pages/InstalledPlugins.d.ts +3 -0
- package/dist/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.d.ts +1 -1
- package/dist/admin/src/types/permissions.d.ts +3 -1
- package/dist/admin/test.js +3 -3
- package/dist/admin/test.js.map +1 -1
- package/dist/admin/test.mjs +4 -4
- package/dist/admin/test.mjs.map +1 -1
- package/dist/admin/{transferTokens-CNI0TFdA.mjs → transferTokens-v8tNpI_l.mjs} +2 -2
- package/dist/admin/{transferTokens-CNI0TFdA.mjs.map → transferTokens-v8tNpI_l.mjs.map} +1 -1
- package/dist/admin/{useAdminRoles-T7bcAXVs.js → useAdminRoles-0gM7o3f2.js} +2 -2
- package/dist/admin/{useAdminRoles-T7bcAXVs.js.map → useAdminRoles-0gM7o3f2.js.map} +1 -1
- package/dist/admin/{useAdminRoles-ZBjAOdVi.mjs → useAdminRoles-uRNvxyDX.mjs} +2 -2
- package/dist/admin/{useAdminRoles-ZBjAOdVi.mjs.map → useAdminRoles-uRNvxyDX.mjs.map} +1 -1
- package/dist/admin/{useLicenseLimitNotification-PaR7jmqd.mjs → useLicenseLimitNotification-Qx_rSpUQ.mjs} +3 -3
- package/dist/admin/{useLicenseLimitNotification-PaR7jmqd.mjs.map → useLicenseLimitNotification-Qx_rSpUQ.mjs.map} +1 -1
- package/dist/admin/{useLicenseLimitNotification-g1vq6nzk.js → useLicenseLimitNotification-eau4ja6h.js} +2 -2
- package/dist/admin/{useLicenseLimitNotification-g1vq6nzk.js.map → useLicenseLimitNotification-eau4ja6h.js.map} +1 -1
- package/dist/admin/{useLicenseLimits-Jy6E6qc2.mjs → useLicenseLimits-j5znikzW.mjs} +2 -2
- package/dist/admin/{useLicenseLimits-Jy6E6qc2.mjs.map → useLicenseLimits-j5znikzW.mjs.map} +1 -1
- package/dist/admin/{useWebhooks-7thg-d57.mjs → useWebhooks-upF7mgdZ.mjs} +2 -2
- package/dist/admin/{useWebhooks-7thg-d57.mjs.map → useWebhooks-upF7mgdZ.mjs.map} +1 -1
- package/dist/admin/{validation-Yg-jfoIk.mjs → validation-OR7t0a-C.mjs} +4 -4
- package/dist/admin/validation-OR7t0a-C.mjs.map +1 -0
- package/dist/admin/{validation-bQ-dFrHn.js → validation-VuxEFW4W.js} +4 -4
- package/dist/admin/validation-VuxEFW4W.js.map +1 -0
- package/dist/ee/server/src/audit-logs/content-types/audit-log.d.ts +41 -0
- package/dist/ee/server/src/audit-logs/content-types/audit-log.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/controllers/audit-logs.d.ts +7 -0
- package/dist/ee/server/src/audit-logs/controllers/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/routes/audit-logs.d.ts +19 -0
- package/dist/ee/server/src/audit-logs/routes/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts +27 -0
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts +12 -0
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts +6 -0
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/bootstrap.d.ts +3 -0
- package/dist/ee/server/src/bootstrap.d.ts.map +1 -0
- package/dist/ee/server/src/config/admin-actions.d.ts +20 -0
- package/dist/ee/server/src/config/admin-actions.d.ts.map +1 -0
- package/dist/ee/server/src/content-types/index.d.ts +3 -0
- package/dist/ee/server/src/content-types/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/admin.d.ts +29 -0
- package/dist/ee/server/src/controllers/admin.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/constants.d.ts +10 -0
- package/dist/ee/server/src/controllers/authentication-utils/constants.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/index.d.ts +5 -0
- package/dist/ee/server/src/controllers/authentication-utils/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/middlewares.d.ts +9 -0
- package/dist/ee/server/src/controllers/authentication-utils/middlewares.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts +55 -0
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication.d.ts +9 -0
- package/dist/ee/server/src/controllers/authentication.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/index.d.ts +48 -0
- package/dist/ee/server/src/controllers/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/role.d.ts +20 -0
- package/dist/ee/server/src/controllers/role.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/user.d.ts +8 -0
- package/dist/ee/server/src/controllers/user.d.ts.map +1 -0
- package/dist/ee/server/src/destroy.d.ts +6 -0
- package/dist/ee/server/src/destroy.d.ts.map +1 -0
- package/dist/ee/server/src/index.d.ts +380 -0
- package/dist/ee/server/src/index.d.ts.map +1 -0
- package/dist/ee/server/src/register.d.ts +6 -0
- package/dist/ee/server/src/register.d.ts.map +1 -0
- package/dist/ee/server/src/routes/index.d.ts +47 -0
- package/dist/ee/server/src/routes/index.d.ts.map +1 -0
- package/dist/ee/server/src/routes/license-limit.d.ts +18 -0
- package/dist/ee/server/src/routes/license-limit.d.ts.map +1 -0
- package/dist/ee/server/src/routes/sso.d.ts +29 -0
- package/dist/ee/server/src/routes/sso.d.ts.map +1 -0
- package/dist/ee/server/src/routes/utils.d.ts +3 -0
- package/dist/ee/server/src/routes/utils.d.ts.map +1 -0
- package/dist/ee/server/src/services/auth.d.ts +6 -0
- package/dist/ee/server/src/services/auth.d.ts.map +1 -0
- package/dist/ee/server/src/services/index.d.ts +39 -0
- package/dist/ee/server/src/services/index.d.ts.map +1 -0
- package/dist/ee/server/src/services/metrics.d.ts +8 -0
- package/dist/ee/server/src/services/metrics.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport/provider-registry.d.ts +4 -0
- package/dist/ee/server/src/services/passport/provider-registry.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport/sso.d.ts +19 -0
- package/dist/ee/server/src/services/passport/sso.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport.d.ts +13 -0
- package/dist/ee/server/src/services/passport.d.ts.map +1 -0
- package/dist/ee/server/src/services/role.d.ts +5 -0
- package/dist/ee/server/src/services/role.d.ts.map +1 -0
- package/dist/ee/server/src/services/seat-enforcement.d.ts +6 -0
- package/dist/ee/server/src/services/seat-enforcement.d.ts.map +1 -0
- package/dist/ee/server/src/services/user.d.ts +10 -0
- package/dist/ee/server/src/services/user.d.ts.map +1 -0
- package/dist/ee/server/src/utils/index.d.ts +11 -0
- package/dist/ee/server/src/utils/index.d.ts.map +1 -0
- package/dist/ee/server/src/utils/persisted-tables.d.ts +42 -0
- package/dist/ee/server/src/utils/persisted-tables.d.ts.map +1 -0
- package/dist/ee/server/src/utils/sso-lock.d.ts +6 -0
- package/dist/ee/server/src/utils/sso-lock.d.ts.map +1 -0
- package/dist/ee/server/src/validation/authentication.d.ts +15 -0
- package/dist/ee/server/src/validation/authentication.d.ts.map +1 -0
- package/dist/ee/server/src/validation/role.d.ts +21 -0
- package/dist/ee/server/src/validation/role.d.ts.map +1 -0
- package/dist/ee/server/src/validation/user.d.ts +19 -0
- package/dist/ee/server/src/validation/user.d.ts.map +1 -0
- package/dist/package.json.d.ts +16 -15
- package/dist/server/index.js +1934 -539
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +1734 -338
- package/dist/server/index.mjs.map +1 -1
- package/dist/server/src/config/admin-actions.d.ts +26 -0
- package/dist/server/src/config/admin-actions.d.ts.map +1 -1
- package/dist/server/src/domain/action/index.d.ts +51 -1
- package/dist/server/src/domain/action/index.d.ts.map +1 -1
- package/dist/server/src/domain/action/provider.d.ts +10 -13
- package/dist/server/src/domain/action/provider.d.ts.map +1 -1
- package/dist/server/src/domain/condition/provider.d.ts +5 -6
- package/dist/server/src/domain/condition/provider.d.ts.map +1 -1
- package/dist/server/src/domain/permission/index.d.ts +2 -2
- package/dist/server/src/domain/permission/index.d.ts.map +1 -1
- package/dist/server/src/index.d.ts +738 -10
- package/dist/server/src/index.d.ts.map +1 -1
- package/dist/server/src/services/action.d.ts +1 -3
- package/dist/server/src/services/action.d.ts.map +1 -1
- package/dist/server/src/services/permission.d.ts +11 -18
- package/dist/server/src/services/permission.d.ts.map +1 -1
- package/dist/server/src/services/transfer/permission.d.ts +6 -2
- package/dist/server/src/services/transfer/permission.d.ts.map +1 -1
- package/dist/server/src/validation/action-provider.d.ts.map +1 -1
- package/dist/shared/contracts/admin.d.ts +1 -0
- package/dist/shared/contracts/admin.d.ts.map +1 -1
- package/dist/shared/contracts/user.d.ts +1 -1
- package/dist/shared/contracts/user.d.ts.map +1 -1
- package/package.json +17 -16
- package/dist/admin/AdminSeatInfo-E8azTFQY.js.map +0 -1
- package/dist/admin/AdminSeatInfo-Q_hUNC5B.mjs.map +0 -1
- package/dist/admin/ApplicationInfoPage-DOljMjfU.js.map +0 -1
- package/dist/admin/ApplicationInfoPage-_QAWr13m.mjs.map +0 -1
- package/dist/admin/AuthenticatedLayout-DhxlhqLg.mjs.map +0 -1
- package/dist/admin/AuthenticatedLayout-S2qRx5pp.js.map +0 -1
- package/dist/admin/ContentBox-3MRTNw0X.js +0 -43
- package/dist/admin/ContentBox-3MRTNw0X.js.map +0 -1
- package/dist/admin/ContentBox-9LBDzws0.mjs +0 -41
- package/dist/admin/ContentBox-9LBDzws0.mjs.map +0 -1
- package/dist/admin/CreatePage-4aSBZ-8M.mjs.map +0 -1
- package/dist/admin/CreatePage-HNRkTZwZ.js.map +0 -1
- package/dist/admin/EditPage-BAq4SLUJ.js.map +0 -1
- package/dist/admin/EditPage-Qp1c1eXd.mjs.map +0 -1
- package/dist/admin/EditPage-RZcyUKwu.js.map +0 -1
- package/dist/admin/EditPage-cMbU4NVE.mjs.map +0 -1
- package/dist/admin/EditPage-hHV9CNBD.mjs.map +0 -1
- package/dist/admin/EditPage-nJMUfPC_.js.map +0 -1
- package/dist/admin/EditView-CqQ7E0hw.js.map +0 -1
- package/dist/admin/EditView-cnGxE7oC.mjs.map +0 -1
- package/dist/admin/EditViewPage-tTqJWPbg.mjs.map +0 -1
- package/dist/admin/EditViewPage-uUDS6iky.js.map +0 -1
- package/dist/admin/HomePage-cSNwcjEI.js.map +0 -1
- package/dist/admin/HomePage-kxpv-2IT.mjs.map +0 -1
- package/dist/admin/InstalledPluginsPage-Vj2K7uad.js.map +0 -1
- package/dist/admin/InstalledPluginsPage-nryUCDD3.mjs.map +0 -1
- package/dist/admin/ListPage-2bW3tnRz.js.map +0 -1
- package/dist/admin/ListPage-3OjwvR-r.mjs.map +0 -1
- package/dist/admin/ListPage-eY08uWFn.js.map +0 -1
- package/dist/admin/ListPage-hyar31Ge.mjs.map +0 -1
- package/dist/admin/ListPage-qr-mWRUO.js.map +0 -1
- package/dist/admin/ListPage-uSjUZ61P.mjs.map +0 -1
- package/dist/admin/MarketplacePage-0HLsOYU8.mjs.map +0 -1
- package/dist/admin/MarketplacePage-eNFHM7J0.js.map +0 -1
- package/dist/admin/ProfilePage-5ix1J-t3.mjs.map +0 -1
- package/dist/admin/ProfilePage-8lhmqZEh.js.map +0 -1
- package/dist/admin/SSOProviders-QBcyB9VI.js.map +0 -1
- package/dist/admin/SSOProviders-nMmBLr8g.mjs.map +0 -1
- package/dist/admin/SelectRoles-b0crlFl7.mjs.map +0 -1
- package/dist/admin/SelectRoles-nRbY6X9X.js.map +0 -1
- package/dist/admin/SingleSignOnPage-SoYGwm82.mjs.map +0 -1
- package/dist/admin/SingleSignOnPage-ifswElWH.js.map +0 -1
- package/dist/admin/Table-GNJgJ_tZ.mjs.map +0 -1
- package/dist/admin/Table-b0AhH-1j.js.map +0 -1
- package/dist/admin/Theme-7W0we6BI.js.map +0 -1
- package/dist/admin/Theme-PrUuuGtN.mjs.map +0 -1
- package/dist/admin/TokenTypeSelect-88Lcbz54.js.map +0 -1
- package/dist/admin/TokenTypeSelect-9u9d8fcv.mjs.map +0 -1
- package/dist/admin/UseCasePage-ipjo7uhC.js.map +0 -1
- package/dist/admin/index-3GWFhGv_.js.map +0 -1
- package/dist/admin/index-4iCJ7_08.mjs.map +0 -1
- package/dist/admin/src/pages/InstalledPluginsPage.d.ts +0 -3
- package/dist/admin/validation-Yg-jfoIk.mjs.map +0 -1
- package/dist/admin/validation-bQ-dFrHn.js.map +0 -1
- package/dist/ee/server/index.js +0 -2180
- package/dist/ee/server/index.js.map +0 -1
- package/dist/ee/server/index.mjs +0 -2175
- package/dist/ee/server/index.mjs.map +0 -1
- package/strapi-server.js +0 -18
package/dist/server/index.mjs
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
|
-
import
|
|
2
|
-
import
|
|
1
|
+
import * as _ from "lodash";
|
|
2
|
+
import ___default, { pick as pick$1 } from "lodash";
|
|
3
|
+
import { merge, map, uniq, difference, isNil, castArray, pick, curry, pipe, prop, includes, isArray, set, omit, isEmpty, has, defaults, remove, eq, get, differenceWith, differenceBy, isEqual, toLower, isFunction, some, flatMap, isObject, cloneDeep, getOr, intersection, isPlainObject, matchesProperty, propEq, xor, startsWith, isString, isNumber, values, sumBy, trim, isUndefined, mapKeys, toString, toNumber, assign, reverse, take, drop, mapValues } from "lodash/fp";
|
|
4
|
+
import utils$2, { async, errors, yup, validateYupSchema, policy, arrays, hooks as hooks$1, dates, validateYupSchemaSync, providerFactory, sanitize, contentTypes as contentTypes$1, traverse, traverseEntity, validate, env, validateZod, strings } from "@strapi/utils";
|
|
3
5
|
import path, { resolve, basename, join, extname } from "path";
|
|
4
6
|
import fse, { exists as exists$4 } from "fs-extra";
|
|
5
7
|
import koaStatic from "koa-static";
|
|
6
8
|
import { differenceInHours, parseISO } from "date-fns";
|
|
7
9
|
import "@strapi/types";
|
|
8
|
-
import * as _ from "lodash";
|
|
9
|
-
import ___default, { pick as pick$1 } from "lodash";
|
|
10
10
|
import bcrypt from "bcryptjs";
|
|
11
|
-
import passport$
|
|
11
|
+
import passport$2 from "koa-passport";
|
|
12
12
|
import { Strategy } from "passport-local";
|
|
13
13
|
import crypto from "crypto";
|
|
14
14
|
import jwt from "jsonwebtoken";
|
|
@@ -24,10 +24,11 @@ import compose from "koa-compose";
|
|
|
24
24
|
import { strapi as strapi$1 } from "@strapi/data-transfer";
|
|
25
25
|
import isLocalhostIp from "is-localhost-ip";
|
|
26
26
|
import punycode from "punycode/";
|
|
27
|
-
|
|
27
|
+
import { scheduleJob } from "node-schedule";
|
|
28
|
+
const getService$1 = (name2) => {
|
|
28
29
|
return strapi.service(`admin::${name2}`);
|
|
29
30
|
};
|
|
30
|
-
const actions = [
|
|
31
|
+
const actions$1 = [
|
|
31
32
|
{
|
|
32
33
|
uid: "marketplace.read",
|
|
33
34
|
displayName: "Access the marketplace",
|
|
@@ -78,7 +79,13 @@ const actions = [
|
|
|
78
79
|
pluginName: "admin",
|
|
79
80
|
section: "settings",
|
|
80
81
|
category: "users and roles",
|
|
81
|
-
subCategory: "users"
|
|
82
|
+
subCategory: "users",
|
|
83
|
+
aliases: [
|
|
84
|
+
{
|
|
85
|
+
actionId: "plugin::content-manager.explorer.read",
|
|
86
|
+
subjects: ["admin::user"]
|
|
87
|
+
}
|
|
88
|
+
]
|
|
82
89
|
},
|
|
83
90
|
{
|
|
84
91
|
uid: "users.update",
|
|
@@ -110,7 +117,13 @@ const actions = [
|
|
|
110
117
|
pluginName: "admin",
|
|
111
118
|
section: "settings",
|
|
112
119
|
category: "users and roles",
|
|
113
|
-
subCategory: "roles"
|
|
120
|
+
subCategory: "roles",
|
|
121
|
+
aliases: [
|
|
122
|
+
{
|
|
123
|
+
actionId: "plugin::content-manager.explorer.read",
|
|
124
|
+
subjects: ["admin::role"]
|
|
125
|
+
}
|
|
126
|
+
]
|
|
114
127
|
},
|
|
115
128
|
{
|
|
116
129
|
uid: "roles.update",
|
|
@@ -240,7 +253,7 @@ const actions = [
|
|
|
240
253
|
}
|
|
241
254
|
];
|
|
242
255
|
const adminActions = {
|
|
243
|
-
actions
|
|
256
|
+
actions: actions$1
|
|
244
257
|
};
|
|
245
258
|
const conditions = [
|
|
246
259
|
{
|
|
@@ -275,13 +288,13 @@ const defaultAdminAuthSettings = {
|
|
|
275
288
|
}
|
|
276
289
|
};
|
|
277
290
|
const registerPermissionActions = async () => {
|
|
278
|
-
await getService("permission").actionProvider.registerMany(adminActions.actions);
|
|
291
|
+
await getService$1("permission").actionProvider.registerMany(adminActions.actions);
|
|
279
292
|
};
|
|
280
293
|
const registerAdminConditions = async () => {
|
|
281
|
-
await getService("permission").conditionProvider.registerMany(adminConditions.conditions);
|
|
294
|
+
await getService$1("permission").conditionProvider.registerMany(adminConditions.conditions);
|
|
282
295
|
};
|
|
283
296
|
const registerModelHooks = () => {
|
|
284
|
-
const { sendDidChangeInterfaceLanguage: sendDidChangeInterfaceLanguage2 } = getService("metrics");
|
|
297
|
+
const { sendDidChangeInterfaceLanguage: sendDidChangeInterfaceLanguage2 } = getService$1("metrics");
|
|
285
298
|
strapi.db.lifecycles.subscribe({
|
|
286
299
|
models: ["admin::user"],
|
|
287
300
|
afterCreate: sendDidChangeInterfaceLanguage2,
|
|
@@ -297,7 +310,7 @@ const syncAuthSettings = async () => {
|
|
|
297
310
|
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
298
311
|
const adminAuthSettings = await adminStore.get({ key: "auth" });
|
|
299
312
|
const newAuthSettings = merge(defaultAdminAuthSettings, adminAuthSettings);
|
|
300
|
-
const roleExists = await getService("role").exists({
|
|
313
|
+
const roleExists = await getService$1("role").exists({
|
|
301
314
|
id: newAuthSettings.providers.defaultRole
|
|
302
315
|
});
|
|
303
316
|
if (!roleExists) {
|
|
@@ -316,16 +329,16 @@ const syncAPITokensPermissions = async () => {
|
|
|
316
329
|
await strapi.db.query("admin::api-token-permission").deleteMany({ where: { action: { $in: unknownPermissions } } });
|
|
317
330
|
}
|
|
318
331
|
};
|
|
319
|
-
const bootstrap = async ({ strapi: strapi2 }) => {
|
|
332
|
+
const bootstrap$1 = async ({ strapi: strapi2 }) => {
|
|
320
333
|
await registerAdminConditions();
|
|
321
334
|
await registerPermissionActions();
|
|
322
335
|
registerModelHooks();
|
|
323
|
-
const permissionService = getService("permission");
|
|
324
|
-
const userService = getService("user");
|
|
325
|
-
const roleService = getService("role");
|
|
326
|
-
const apiTokenService = getService("api-token");
|
|
327
|
-
const transferService = getService("transfer");
|
|
328
|
-
const tokenService = getService("token");
|
|
336
|
+
const permissionService = getService$1("permission");
|
|
337
|
+
const userService = getService$1("user");
|
|
338
|
+
const roleService = getService$1("role");
|
|
339
|
+
const apiTokenService = getService$1("api-token");
|
|
340
|
+
const transferService = getService$1("transfer");
|
|
341
|
+
const tokenService = getService$1("token");
|
|
329
342
|
await roleService.createRolesIfNoneExist();
|
|
330
343
|
await roleService.resetSuperAdminPermissions();
|
|
331
344
|
await roleService.displayWarningIfNoSuperAdmin();
|
|
@@ -333,8 +346,8 @@ const bootstrap = async ({ strapi: strapi2 }) => {
|
|
|
333
346
|
await userService.displayWarningIfUsersDontHaveRole();
|
|
334
347
|
await syncAuthSettings();
|
|
335
348
|
await syncAPITokensPermissions();
|
|
336
|
-
await getService("metrics").sendUpdateProjectInformation(strapi2);
|
|
337
|
-
getService("metrics").startCron(strapi2);
|
|
349
|
+
await getService$1("metrics").sendUpdateProjectInformation(strapi2);
|
|
350
|
+
getService$1("metrics").startCron(strapi2);
|
|
338
351
|
apiTokenService.checkSaltIsDefined();
|
|
339
352
|
transferService.token.checkSaltIsDefined();
|
|
340
353
|
tokenService.checkSecretIsDefined();
|
|
@@ -391,7 +404,7 @@ const serveStatic = (filesDir, koaStaticOptions = {}) => {
|
|
|
391
404
|
ctx.path = prev;
|
|
392
405
|
};
|
|
393
406
|
};
|
|
394
|
-
const authenticate$
|
|
407
|
+
const authenticate$3 = async (ctx) => {
|
|
395
408
|
const { authorization } = ctx.request.header;
|
|
396
409
|
if (!authorization) {
|
|
397
410
|
return { authenticated: false };
|
|
@@ -401,7 +414,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
401
414
|
return { authenticated: false };
|
|
402
415
|
}
|
|
403
416
|
const token2 = parts[1];
|
|
404
|
-
const { payload, isValid } = getService("token").decodeJwtToken(token2);
|
|
417
|
+
const { payload, isValid } = getService$1("token").decodeJwtToken(token2);
|
|
405
418
|
if (!isValid) {
|
|
406
419
|
return { authenticated: false };
|
|
407
420
|
}
|
|
@@ -409,7 +422,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
409
422
|
if (!user2 || !(user2.isActive === true)) {
|
|
410
423
|
return { authenticated: false };
|
|
411
424
|
}
|
|
412
|
-
const userAbility = await getService("permission").engine.generateUserAbility(user2);
|
|
425
|
+
const userAbility = await getService$1("permission").engine.generateUserAbility(user2);
|
|
413
426
|
ctx.state.userAbility = userAbility;
|
|
414
427
|
ctx.state.user = user2;
|
|
415
428
|
return {
|
|
@@ -421,7 +434,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
421
434
|
const name$1 = "admin";
|
|
422
435
|
const adminAuthStrategy = {
|
|
423
436
|
name: name$1,
|
|
424
|
-
authenticate: authenticate$
|
|
437
|
+
authenticate: authenticate$3
|
|
425
438
|
};
|
|
426
439
|
const DAY_IN_MS = 24 * 60 * 60 * 1e3;
|
|
427
440
|
const constants$3 = {
|
|
@@ -461,7 +474,7 @@ const constants$4 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
461
474
|
__proto__: null,
|
|
462
475
|
default: constants$3
|
|
463
476
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
464
|
-
const { UnauthorizedError: UnauthorizedError$
|
|
477
|
+
const { UnauthorizedError: UnauthorizedError$3, ForbiddenError: ForbiddenError$2 } = errors;
|
|
465
478
|
const isReadScope = (scope) => scope.endsWith("find") || scope.endsWith("findOne");
|
|
466
479
|
const extractToken$1 = (ctx) => {
|
|
467
480
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
@@ -473,8 +486,8 @@ const extractToken$1 = (ctx) => {
|
|
|
473
486
|
}
|
|
474
487
|
return null;
|
|
475
488
|
};
|
|
476
|
-
const authenticate$
|
|
477
|
-
const apiTokenService = getService("api-token");
|
|
489
|
+
const authenticate$2 = async (ctx) => {
|
|
490
|
+
const apiTokenService = getService$1("api-token");
|
|
478
491
|
const token2 = extractToken$1(ctx);
|
|
479
492
|
if (!token2) {
|
|
480
493
|
return { authenticated: false };
|
|
@@ -489,7 +502,7 @@ const authenticate$1 = async (ctx) => {
|
|
|
489
502
|
if (!isNil(apiToken2.expiresAt)) {
|
|
490
503
|
const expirationDate = new Date(apiToken2.expiresAt);
|
|
491
504
|
if (expirationDate < currentDate) {
|
|
492
|
-
return { authenticated: false, error: new UnauthorizedError$
|
|
505
|
+
return { authenticated: false, error: new UnauthorizedError$3("Token expired") };
|
|
493
506
|
}
|
|
494
507
|
}
|
|
495
508
|
const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(apiToken2.lastUsedAt));
|
|
@@ -507,44 +520,44 @@ const authenticate$1 = async (ctx) => {
|
|
|
507
520
|
}
|
|
508
521
|
return { authenticated: true, credentials: apiToken2 };
|
|
509
522
|
};
|
|
510
|
-
const verify$2 = (auth2,
|
|
523
|
+
const verify$2 = (auth2, config2) => {
|
|
511
524
|
const { credentials: apiToken2, ability } = auth2;
|
|
512
525
|
if (!apiToken2) {
|
|
513
|
-
throw new UnauthorizedError$
|
|
526
|
+
throw new UnauthorizedError$3("Token not found");
|
|
514
527
|
}
|
|
515
528
|
const currentDate = /* @__PURE__ */ new Date();
|
|
516
529
|
if (!isNil(apiToken2.expiresAt)) {
|
|
517
530
|
const expirationDate = new Date(apiToken2.expiresAt);
|
|
518
531
|
if (expirationDate < currentDate) {
|
|
519
|
-
throw new UnauthorizedError$
|
|
532
|
+
throw new UnauthorizedError$3("Token expired");
|
|
520
533
|
}
|
|
521
534
|
}
|
|
522
535
|
if (apiToken2.type === constants$3.API_TOKEN_TYPE.FULL_ACCESS) {
|
|
523
536
|
return;
|
|
524
537
|
}
|
|
525
538
|
if (apiToken2.type === constants$3.API_TOKEN_TYPE.READ_ONLY) {
|
|
526
|
-
const scopes = castArray(
|
|
527
|
-
if (
|
|
539
|
+
const scopes = castArray(config2.scope);
|
|
540
|
+
if (config2.scope && scopes.every(isReadScope)) {
|
|
528
541
|
return;
|
|
529
542
|
}
|
|
530
543
|
} else if (apiToken2.type === constants$3.API_TOKEN_TYPE.CUSTOM) {
|
|
531
544
|
if (!ability) {
|
|
532
|
-
throw new ForbiddenError$
|
|
545
|
+
throw new ForbiddenError$2();
|
|
533
546
|
}
|
|
534
|
-
const scopes = castArray(
|
|
547
|
+
const scopes = castArray(config2.scope);
|
|
535
548
|
const isAllowed = scopes.every((scope) => ability.can(scope));
|
|
536
549
|
if (isAllowed) {
|
|
537
550
|
return;
|
|
538
551
|
}
|
|
539
552
|
}
|
|
540
|
-
throw new ForbiddenError$
|
|
553
|
+
throw new ForbiddenError$2();
|
|
541
554
|
};
|
|
542
555
|
const apiTokenAuthStrategy = {
|
|
543
556
|
name: "api-token",
|
|
544
|
-
authenticate: authenticate$
|
|
557
|
+
authenticate: authenticate$2,
|
|
545
558
|
verify: verify$2
|
|
546
559
|
};
|
|
547
|
-
const register$
|
|
560
|
+
const register$2 = ({ strapi: strapi2 }) => {
|
|
548
561
|
const passportMiddleware = strapi2.service("admin::passport").init();
|
|
549
562
|
strapi2.server.api("admin").use(passportMiddleware);
|
|
550
563
|
strapi2.get("auth").register("admin", adminAuthStrategy);
|
|
@@ -553,8 +566,8 @@ const register$1 = ({ strapi: strapi2 }) => {
|
|
|
553
566
|
registerAdminPanelRoute({ strapi: strapi2 });
|
|
554
567
|
}
|
|
555
568
|
};
|
|
556
|
-
const destroy = async () => {
|
|
557
|
-
const { conditionProvider: conditionProvider2, actionProvider: actionProvider2 } = getService("permission");
|
|
569
|
+
const destroy$1 = async () => {
|
|
570
|
+
const { conditionProvider: conditionProvider2, actionProvider: actionProvider2 } = getService$1("permission");
|
|
558
571
|
await conditionProvider2.clear();
|
|
559
572
|
await actionProvider2.clear();
|
|
560
573
|
};
|
|
@@ -574,11 +587,11 @@ But don’t worry! You can use the following link to reset your password:
|
|
|
574
587
|
|
|
575
588
|
Thanks.`;
|
|
576
589
|
const forgotPasswordTemplate = { subject, text, html };
|
|
577
|
-
const forgotPassword$
|
|
590
|
+
const forgotPassword$2 = {
|
|
578
591
|
emailTemplate: forgotPasswordTemplate
|
|
579
592
|
};
|
|
580
|
-
const
|
|
581
|
-
forgotPassword: forgotPassword$
|
|
593
|
+
const config = {
|
|
594
|
+
forgotPassword: forgotPassword$2
|
|
582
595
|
};
|
|
583
596
|
const isAuthenticatedAdmin = (policyCtx) => {
|
|
584
597
|
return Boolean(policyCtx.state.isAuthenticated);
|
|
@@ -620,8 +633,8 @@ const inputModifiers = [
|
|
|
620
633
|
const hasPermissions = createPolicy$1({
|
|
621
634
|
name: "admin::hasPermissions",
|
|
622
635
|
validator: validateHasPermissionsInput,
|
|
623
|
-
handler(ctx,
|
|
624
|
-
const { actions: actions2 } =
|
|
636
|
+
handler(ctx, config2) {
|
|
637
|
+
const { actions: actions2 } = config2;
|
|
625
638
|
const { userAbility: ability } = ctx.state;
|
|
626
639
|
const permissions2 = actions2.map(
|
|
627
640
|
(action2) => inputModifiers.find((modifier) => modifier.check(action2))?.transform(action2)
|
|
@@ -641,8 +654,8 @@ const isTelemetryEnabled = createPolicy({
|
|
|
641
654
|
}
|
|
642
655
|
}
|
|
643
656
|
});
|
|
644
|
-
const
|
|
645
|
-
const admin$
|
|
657
|
+
const policies = { isAuthenticatedAdmin, hasPermissions, isTelemetryEnabled };
|
|
658
|
+
const admin$4 = [
|
|
646
659
|
{
|
|
647
660
|
method: "GET",
|
|
648
661
|
path: "/init",
|
|
@@ -711,7 +724,7 @@ const admin$1 = [
|
|
|
711
724
|
}
|
|
712
725
|
}
|
|
713
726
|
];
|
|
714
|
-
const authentication$
|
|
727
|
+
const authentication$2 = [
|
|
715
728
|
{
|
|
716
729
|
method: "POST",
|
|
717
730
|
path: "/login",
|
|
@@ -1140,7 +1153,7 @@ const contentApi$1 = [
|
|
|
1140
1153
|
}
|
|
1141
1154
|
}
|
|
1142
1155
|
];
|
|
1143
|
-
const { UnauthorizedError: UnauthorizedError$
|
|
1156
|
+
const { UnauthorizedError: UnauthorizedError$2, ForbiddenError: ForbiddenError$1 } = errors;
|
|
1144
1157
|
const extractToken = (ctx) => {
|
|
1145
1158
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
1146
1159
|
const parts = ctx.request.header.authorization.split(/\s+/);
|
|
@@ -1151,8 +1164,8 @@ const extractToken = (ctx) => {
|
|
|
1151
1164
|
}
|
|
1152
1165
|
return null;
|
|
1153
1166
|
};
|
|
1154
|
-
const authenticate = async (ctx) => {
|
|
1155
|
-
const { token: tokenService } = getService("transfer");
|
|
1167
|
+
const authenticate$1 = async (ctx) => {
|
|
1168
|
+
const { token: tokenService } = getService$1("transfer");
|
|
1156
1169
|
const token2 = extractToken(ctx);
|
|
1157
1170
|
if (!token2) {
|
|
1158
1171
|
return { authenticated: false };
|
|
@@ -1165,7 +1178,7 @@ const authenticate = async (ctx) => {
|
|
|
1165
1178
|
if (!isNil(transferToken2.expiresAt)) {
|
|
1166
1179
|
const expirationDate = new Date(transferToken2.expiresAt);
|
|
1167
1180
|
if (expirationDate < currentDate) {
|
|
1168
|
-
return { authenticated: false, error: new UnauthorizedError$
|
|
1181
|
+
return { authenticated: false, error: new UnauthorizedError$2("Token expired") };
|
|
1169
1182
|
}
|
|
1170
1183
|
}
|
|
1171
1184
|
const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(transferToken2.lastUsedAt));
|
|
@@ -1175,36 +1188,36 @@ const authenticate = async (ctx) => {
|
|
|
1175
1188
|
data: { lastUsedAt: currentDate }
|
|
1176
1189
|
});
|
|
1177
1190
|
}
|
|
1178
|
-
const ability = await getService("transfer").permission.engine.generateAbility(
|
|
1191
|
+
const ability = await getService$1("transfer").permission.engine.generateAbility(
|
|
1179
1192
|
transferToken2.permissions.map((action2) => ({ action: action2 }))
|
|
1180
1193
|
);
|
|
1181
1194
|
return { authenticated: true, ability, credentials: transferToken2 };
|
|
1182
1195
|
};
|
|
1183
|
-
const verify$1 = async (auth2,
|
|
1196
|
+
const verify$1 = async (auth2, config2 = {}) => {
|
|
1184
1197
|
const { credentials: transferToken2, ability } = auth2;
|
|
1185
1198
|
if (!transferToken2) {
|
|
1186
|
-
throw new UnauthorizedError$
|
|
1199
|
+
throw new UnauthorizedError$2("Token not found");
|
|
1187
1200
|
}
|
|
1188
1201
|
const currentDate = /* @__PURE__ */ new Date();
|
|
1189
1202
|
if (!isNil(transferToken2.expiresAt)) {
|
|
1190
1203
|
const expirationDate = new Date(transferToken2.expiresAt);
|
|
1191
1204
|
if (expirationDate < currentDate) {
|
|
1192
|
-
throw new UnauthorizedError$
|
|
1205
|
+
throw new UnauthorizedError$2("Token expired");
|
|
1193
1206
|
}
|
|
1194
1207
|
}
|
|
1195
1208
|
if (!ability) {
|
|
1196
|
-
throw new ForbiddenError();
|
|
1209
|
+
throw new ForbiddenError$1();
|
|
1197
1210
|
}
|
|
1198
|
-
const scopes = castArray(
|
|
1211
|
+
const scopes = castArray(config2.scope ?? []);
|
|
1199
1212
|
const isAllowed = scopes.every((scope) => ability.can(scope));
|
|
1200
1213
|
if (!isAllowed) {
|
|
1201
|
-
throw new ForbiddenError();
|
|
1214
|
+
throw new ForbiddenError$1();
|
|
1202
1215
|
}
|
|
1203
1216
|
};
|
|
1204
1217
|
const name = "data-transfer";
|
|
1205
1218
|
const dataTransferAuthStrategy = {
|
|
1206
1219
|
name,
|
|
1207
|
-
authenticate,
|
|
1220
|
+
authenticate: authenticate$1,
|
|
1208
1221
|
verify: verify$1
|
|
1209
1222
|
};
|
|
1210
1223
|
const transfer$2 = [
|
|
@@ -1305,12 +1318,12 @@ const transfer$2 = [
|
|
|
1305
1318
|
}
|
|
1306
1319
|
}
|
|
1307
1320
|
];
|
|
1308
|
-
const routes = {
|
|
1321
|
+
const routes$1 = {
|
|
1309
1322
|
admin: {
|
|
1310
1323
|
type: "admin",
|
|
1311
1324
|
routes: [
|
|
1312
|
-
...admin$
|
|
1313
|
-
...authentication$
|
|
1325
|
+
...admin$4,
|
|
1326
|
+
...authentication$2,
|
|
1314
1327
|
...permissions,
|
|
1315
1328
|
...users,
|
|
1316
1329
|
...roles$1,
|
|
@@ -1321,7 +1334,7 @@ const routes = {
|
|
|
1321
1334
|
]
|
|
1322
1335
|
}
|
|
1323
1336
|
};
|
|
1324
|
-
const { ApplicationError: ApplicationError$
|
|
1337
|
+
const { ApplicationError: ApplicationError$a } = errors;
|
|
1325
1338
|
const hashPassword = (password2) => bcrypt.hash(password2, 10);
|
|
1326
1339
|
const validatePassword = (password2, hash2) => bcrypt.compare(password2, hash2);
|
|
1327
1340
|
const checkCredentials = async ({ email: email2, password: password2 }) => {
|
|
@@ -1338,13 +1351,13 @@ const checkCredentials = async ({ email: email2, password: password2 }) => {
|
|
|
1338
1351
|
}
|
|
1339
1352
|
return [null, user2];
|
|
1340
1353
|
};
|
|
1341
|
-
const forgotPassword = async ({ email: email2 } = {}) => {
|
|
1354
|
+
const forgotPassword$1 = async ({ email: email2 } = {}) => {
|
|
1342
1355
|
const user2 = await strapi.db.query("admin::user").findOne({ where: { email: email2, isActive: true } });
|
|
1343
1356
|
if (!user2) {
|
|
1344
1357
|
return;
|
|
1345
1358
|
}
|
|
1346
|
-
const resetPasswordToken = getService("token").createToken();
|
|
1347
|
-
await getService("user").updateById(user2.id, { resetPasswordToken });
|
|
1359
|
+
const resetPasswordToken = getService$1("token").createToken();
|
|
1360
|
+
await getService$1("user").updateById(user2.id, { resetPasswordToken });
|
|
1348
1361
|
const url = `${strapi.config.get(
|
|
1349
1362
|
"admin.absoluteUrl"
|
|
1350
1363
|
)}/auth/reset-password?code=${resetPasswordToken}`;
|
|
@@ -1363,18 +1376,18 @@ const forgotPassword = async ({ email: email2 } = {}) => {
|
|
|
1363
1376
|
strapi.log.error(err);
|
|
1364
1377
|
});
|
|
1365
1378
|
};
|
|
1366
|
-
const resetPassword = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
1379
|
+
const resetPassword$1 = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
1367
1380
|
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { resetPasswordToken, isActive: true } });
|
|
1368
1381
|
if (!matchingUser) {
|
|
1369
|
-
throw new ApplicationError$
|
|
1382
|
+
throw new ApplicationError$a();
|
|
1370
1383
|
}
|
|
1371
|
-
return getService("user").updateById(matchingUser.id, {
|
|
1384
|
+
return getService$1("user").updateById(matchingUser.id, {
|
|
1372
1385
|
password: password2,
|
|
1373
1386
|
resetPasswordToken: null
|
|
1374
1387
|
});
|
|
1375
1388
|
};
|
|
1376
|
-
const auth = { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };
|
|
1377
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1389
|
+
const auth$1 = { checkCredentials, validatePassword, hashPassword, forgotPassword: forgotPassword$1, resetPassword: resetPassword$1 };
|
|
1390
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$5 } = constants$3;
|
|
1378
1391
|
function createUser(attributes) {
|
|
1379
1392
|
return {
|
|
1380
1393
|
roles: [],
|
|
@@ -1384,7 +1397,7 @@ function createUser(attributes) {
|
|
|
1384
1397
|
};
|
|
1385
1398
|
}
|
|
1386
1399
|
const hasSuperAdminRole$1 = (user2) => {
|
|
1387
|
-
return user2.roles.filter((role2) => role2.code === SUPER_ADMIN_CODE$
|
|
1400
|
+
return user2.roles.filter((role2) => role2.code === SUPER_ADMIN_CODE$5).length > 0;
|
|
1388
1401
|
};
|
|
1389
1402
|
const ADMIN_USER_ALLOWED_FIELDS = ["id", "firstname", "lastname", "username"];
|
|
1390
1403
|
const getDefaultActionAttributes = () => ({
|
|
@@ -1400,7 +1413,8 @@ const actionFields = [
|
|
|
1400
1413
|
"pluginName",
|
|
1401
1414
|
"subjects",
|
|
1402
1415
|
"options",
|
|
1403
|
-
"actionId"
|
|
1416
|
+
"actionId",
|
|
1417
|
+
"aliases"
|
|
1404
1418
|
];
|
|
1405
1419
|
const sanitizeActionAttributes = pick(actionFields);
|
|
1406
1420
|
const computeActionId = (attributes) => {
|
|
@@ -1473,7 +1487,7 @@ const checkFieldsDontHaveDuplicates = (fields) => {
|
|
|
1473
1487
|
return ___default.uniq(fields).length === fields.length;
|
|
1474
1488
|
};
|
|
1475
1489
|
const getActionFromProvider = (actionId) => {
|
|
1476
|
-
return getService("permission").actionProvider.get(actionId);
|
|
1490
|
+
return getService$1("permission").actionProvider.get(actionId);
|
|
1477
1491
|
};
|
|
1478
1492
|
const email = yup.string().email().lowercase();
|
|
1479
1493
|
const firstname = yup.string().trim().min(1);
|
|
@@ -1528,7 +1542,7 @@ const permission$3 = yup.object().shape({
|
|
|
1528
1542
|
if (isNil(action2.subjects)) {
|
|
1529
1543
|
return isNil(subject2);
|
|
1530
1544
|
}
|
|
1531
|
-
if (isArray(action2.subjects)) {
|
|
1545
|
+
if (isArray(action2.subjects) && !isNil(subject2)) {
|
|
1532
1546
|
return action2.subjects.includes(subject2);
|
|
1533
1547
|
}
|
|
1534
1548
|
return false;
|
|
@@ -1593,46 +1607,46 @@ const validators = {
|
|
|
1593
1607
|
permission: permission$3,
|
|
1594
1608
|
updatePermissions
|
|
1595
1609
|
};
|
|
1596
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1597
|
-
const { ValidationError: ValidationError$
|
|
1598
|
-
const sanitizeUserRoles = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
1599
|
-
const sanitizeUser = (user2) => {
|
|
1610
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$4 } = constants$3;
|
|
1611
|
+
const { ValidationError: ValidationError$6 } = errors;
|
|
1612
|
+
const sanitizeUserRoles$1 = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
1613
|
+
const sanitizeUser$1 = (user2) => {
|
|
1600
1614
|
return {
|
|
1601
1615
|
...___default.omit(user2, ["password", "resetPasswordToken", "registrationToken", "roles"]),
|
|
1602
|
-
roles: user2.roles && user2.roles.map(sanitizeUserRoles)
|
|
1616
|
+
roles: user2.roles && user2.roles.map(sanitizeUserRoles$1)
|
|
1603
1617
|
};
|
|
1604
1618
|
};
|
|
1605
1619
|
const create$5 = async (attributes) => {
|
|
1606
1620
|
const userInfo = {
|
|
1607
|
-
registrationToken: getService("token").createToken(),
|
|
1621
|
+
registrationToken: getService$1("token").createToken(),
|
|
1608
1622
|
...attributes
|
|
1609
1623
|
};
|
|
1610
1624
|
if (___default.has(attributes, "password")) {
|
|
1611
|
-
userInfo.password = await getService("auth").hashPassword(attributes.password);
|
|
1625
|
+
userInfo.password = await getService$1("auth").hashPassword(attributes.password);
|
|
1612
1626
|
}
|
|
1613
1627
|
const user2 = createUser(userInfo);
|
|
1614
1628
|
const createdUser = await strapi.db.query("admin::user").create({ data: user2, populate: ["roles"] });
|
|
1615
|
-
getService("metrics").sendDidInviteUser();
|
|
1616
|
-
strapi.eventHub.emit("user.create", { user: sanitizeUser(createdUser) });
|
|
1629
|
+
getService$1("metrics").sendDidInviteUser();
|
|
1630
|
+
strapi.eventHub.emit("user.create", { user: sanitizeUser$1(createdUser) });
|
|
1617
1631
|
return createdUser;
|
|
1618
1632
|
};
|
|
1619
|
-
const updateById = async (id, attributes) => {
|
|
1633
|
+
const updateById$1 = async (id, attributes) => {
|
|
1620
1634
|
if (___default.has(attributes, "roles")) {
|
|
1621
|
-
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
1622
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1635
|
+
const lastAdminUser = await isLastSuperAdminUser$1(id);
|
|
1636
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1623
1637
|
const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles, superAdminRole.id);
|
|
1624
1638
|
if (lastAdminUser && willRemoveSuperAdminRole) {
|
|
1625
|
-
throw new ValidationError$
|
|
1639
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1626
1640
|
}
|
|
1627
1641
|
}
|
|
1628
1642
|
if (attributes.isActive === false) {
|
|
1629
|
-
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
1643
|
+
const lastAdminUser = await isLastSuperAdminUser$1(id);
|
|
1630
1644
|
if (lastAdminUser) {
|
|
1631
|
-
throw new ValidationError$
|
|
1645
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1632
1646
|
}
|
|
1633
1647
|
}
|
|
1634
1648
|
if (___default.has(attributes, "password")) {
|
|
1635
|
-
const hashedPassword = await getService("auth").hashPassword(attributes.password);
|
|
1649
|
+
const hashedPassword = await getService$1("auth").hashPassword(attributes.password);
|
|
1636
1650
|
const updatedUser2 = await strapi.db.query("admin::user").update({
|
|
1637
1651
|
where: { id },
|
|
1638
1652
|
data: {
|
|
@@ -1641,7 +1655,7 @@ const updateById = async (id, attributes) => {
|
|
|
1641
1655
|
},
|
|
1642
1656
|
populate: ["roles"]
|
|
1643
1657
|
});
|
|
1644
|
-
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser2) });
|
|
1658
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser$1(updatedUser2) });
|
|
1645
1659
|
return updatedUser2;
|
|
1646
1660
|
}
|
|
1647
1661
|
const updatedUser = await strapi.db.query("admin::user").update({
|
|
@@ -1650,7 +1664,7 @@ const updateById = async (id, attributes) => {
|
|
|
1650
1664
|
populate: ["roles"]
|
|
1651
1665
|
});
|
|
1652
1666
|
if (updatedUser) {
|
|
1653
|
-
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser) });
|
|
1667
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser$1(updatedUser) });
|
|
1654
1668
|
}
|
|
1655
1669
|
return updatedUser;
|
|
1656
1670
|
};
|
|
@@ -1662,17 +1676,17 @@ const resetPasswordByEmail = async (email2, password$1) => {
|
|
|
1662
1676
|
try {
|
|
1663
1677
|
await password.validate(password$1);
|
|
1664
1678
|
} catch (error) {
|
|
1665
|
-
throw new ValidationError$
|
|
1679
|
+
throw new ValidationError$6(
|
|
1666
1680
|
"Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter"
|
|
1667
1681
|
);
|
|
1668
1682
|
}
|
|
1669
|
-
await updateById(user2.id, { password: password$1 });
|
|
1683
|
+
await updateById$1(user2.id, { password: password$1 });
|
|
1670
1684
|
};
|
|
1671
|
-
const isLastSuperAdminUser = async (userId) => {
|
|
1672
|
-
const user2 = await findOne$
|
|
1685
|
+
const isLastSuperAdminUser$1 = async (userId) => {
|
|
1686
|
+
const user2 = await findOne$2(userId);
|
|
1673
1687
|
if (!user2)
|
|
1674
1688
|
return false;
|
|
1675
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1689
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1676
1690
|
return superAdminRole.usersCount === 1 && hasSuperAdminRole$1(user2);
|
|
1677
1691
|
};
|
|
1678
1692
|
const exists$3 = async (attributes = {}) => {
|
|
@@ -1685,15 +1699,15 @@ const findRegistrationInfo = async (registrationToken) => {
|
|
|
1685
1699
|
}
|
|
1686
1700
|
return ___default.pick(user2, ["email", "firstname", "lastname"]);
|
|
1687
1701
|
};
|
|
1688
|
-
const register = async ({
|
|
1702
|
+
const register$1 = async ({
|
|
1689
1703
|
registrationToken,
|
|
1690
1704
|
userInfo
|
|
1691
1705
|
}) => {
|
|
1692
1706
|
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { registrationToken } });
|
|
1693
1707
|
if (!matchingUser) {
|
|
1694
|
-
throw new ValidationError$
|
|
1708
|
+
throw new ValidationError$6("Invalid registration info");
|
|
1695
1709
|
}
|
|
1696
|
-
return getService("user").updateById(matchingUser.id, {
|
|
1710
|
+
return getService$1("user").updateById(matchingUser.id, {
|
|
1697
1711
|
password: userInfo.password,
|
|
1698
1712
|
firstname: userInfo.firstname,
|
|
1699
1713
|
lastname: userInfo.lastname,
|
|
@@ -1701,7 +1715,7 @@ const register = async ({
|
|
|
1701
1715
|
isActive: true
|
|
1702
1716
|
});
|
|
1703
1717
|
};
|
|
1704
|
-
const findOne$
|
|
1718
|
+
const findOne$2 = async (id, populate = ["roles"]) => {
|
|
1705
1719
|
return strapi.db.query("admin::user").findOne({ where: { id }, populate });
|
|
1706
1720
|
};
|
|
1707
1721
|
const findOneByEmail = async (email2, populate = []) => {
|
|
@@ -1714,7 +1728,7 @@ const findPage = async (params = {}) => {
|
|
|
1714
1728
|
const query = strapi.get("query-params").transform("admin::user", defaults({ populate: ["roles"] }, params));
|
|
1715
1729
|
return strapi.db.query("admin::user").findPage(query);
|
|
1716
1730
|
};
|
|
1717
|
-
const deleteById = async (id) => {
|
|
1731
|
+
const deleteById$1 = async (id) => {
|
|
1718
1732
|
const userToDelete = await strapi.db.query("admin::user").findOne({
|
|
1719
1733
|
where: { id },
|
|
1720
1734
|
populate: ["roles"]
|
|
@@ -1723,19 +1737,19 @@ const deleteById = async (id) => {
|
|
|
1723
1737
|
return null;
|
|
1724
1738
|
}
|
|
1725
1739
|
if (userToDelete) {
|
|
1726
|
-
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$
|
|
1727
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1740
|
+
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$4)) {
|
|
1741
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1728
1742
|
if (superAdminRole.usersCount === 1) {
|
|
1729
|
-
throw new ValidationError$
|
|
1743
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1730
1744
|
}
|
|
1731
1745
|
}
|
|
1732
1746
|
}
|
|
1733
1747
|
const deletedUser = await strapi.db.query("admin::user").delete({ where: { id }, populate: ["roles"] });
|
|
1734
|
-
strapi.eventHub.emit("user.delete", { user: sanitizeUser(deletedUser) });
|
|
1748
|
+
strapi.eventHub.emit("user.delete", { user: sanitizeUser$1(deletedUser) });
|
|
1735
1749
|
return deletedUser;
|
|
1736
1750
|
};
|
|
1737
|
-
const deleteByIds$
|
|
1738
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1751
|
+
const deleteByIds$3 = async (ids) => {
|
|
1752
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1739
1753
|
const nbOfSuperAdminToDelete = await strapi.db.query("admin::user").count({
|
|
1740
1754
|
where: {
|
|
1741
1755
|
id: ids,
|
|
@@ -1743,7 +1757,7 @@ const deleteByIds$2 = async (ids) => {
|
|
|
1743
1757
|
}
|
|
1744
1758
|
});
|
|
1745
1759
|
if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
|
|
1746
|
-
throw new ValidationError$
|
|
1760
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1747
1761
|
}
|
|
1748
1762
|
const deletedUsers = [];
|
|
1749
1763
|
for (const id of ids) {
|
|
@@ -1754,7 +1768,7 @@ const deleteByIds$2 = async (ids) => {
|
|
|
1754
1768
|
deletedUsers.push(deletedUser);
|
|
1755
1769
|
}
|
|
1756
1770
|
strapi.eventHub.emit("user.delete", {
|
|
1757
|
-
users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser))
|
|
1771
|
+
users: deletedUsers.map((deletedUser) => sanitizeUser$1(deletedUser))
|
|
1758
1772
|
});
|
|
1759
1773
|
return deletedUsers;
|
|
1760
1774
|
};
|
|
@@ -1796,18 +1810,18 @@ const getLanguagesInUse = async () => {
|
|
|
1796
1810
|
const users2 = await strapi.db.query("admin::user").findMany({ select: ["preferedLanguage"] });
|
|
1797
1811
|
return users2.map((user2) => user2.preferedLanguage || "en");
|
|
1798
1812
|
};
|
|
1799
|
-
const user$
|
|
1813
|
+
const user$3 = {
|
|
1800
1814
|
create: create$5,
|
|
1801
|
-
updateById,
|
|
1815
|
+
updateById: updateById$1,
|
|
1802
1816
|
exists: exists$3,
|
|
1803
1817
|
findRegistrationInfo,
|
|
1804
|
-
register,
|
|
1805
|
-
sanitizeUser,
|
|
1806
|
-
findOne: findOne$
|
|
1818
|
+
register: register$1,
|
|
1819
|
+
sanitizeUser: sanitizeUser$1,
|
|
1820
|
+
findOne: findOne$2,
|
|
1807
1821
|
findOneByEmail,
|
|
1808
1822
|
findPage,
|
|
1809
|
-
deleteById,
|
|
1810
|
-
deleteByIds: deleteByIds$
|
|
1823
|
+
deleteById: deleteById$1,
|
|
1824
|
+
deleteByIds: deleteByIds$3,
|
|
1811
1825
|
countUsersWithoutRole,
|
|
1812
1826
|
count: count$1,
|
|
1813
1827
|
assignARoleToAll,
|
|
@@ -1897,7 +1911,7 @@ const checkPermissionsSchema = yup.object().shape({
|
|
|
1897
1911
|
)
|
|
1898
1912
|
});
|
|
1899
1913
|
const checkPermissionsExist = function(permissions2) {
|
|
1900
|
-
const existingActions = getService("permission").actionProvider.values();
|
|
1914
|
+
const existingActions = getService$1("permission").actionProvider.values();
|
|
1901
1915
|
const failIndex = permissions2.findIndex(
|
|
1902
1916
|
(permission2) => !existingActions.some(
|
|
1903
1917
|
(action2) => action2.actionId === permission2.action && (action2.section !== "contentTypes" || action2.subjects.includes(permission2.subject))
|
|
@@ -1919,9 +1933,9 @@ const actionsExistSchema = yup.array().of(
|
|
|
1919
1933
|
const validatePermissionsExist = validateYupSchema(actionsExistSchema);
|
|
1920
1934
|
const validateCheckPermissionsInput = validateYupSchema(checkPermissionsSchema);
|
|
1921
1935
|
const validatedUpdatePermissionsInput = validateYupSchema(validators.updatePermissions);
|
|
1922
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1936
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$3, CONTENT_TYPE_SECTION } = constants$3;
|
|
1923
1937
|
const { createAsyncSeriesWaterfallHook } = hooks$1;
|
|
1924
|
-
const { ApplicationError: ApplicationError$
|
|
1938
|
+
const { ApplicationError: ApplicationError$9 } = errors;
|
|
1925
1939
|
const hooks = {
|
|
1926
1940
|
willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook()
|
|
1927
1941
|
};
|
|
@@ -1944,7 +1958,7 @@ const arePermissionsEqual = (p1, p2) => {
|
|
|
1944
1958
|
const create$3 = async (attributes) => {
|
|
1945
1959
|
const alreadyExists = await exists$2({ name: attributes.name });
|
|
1946
1960
|
if (alreadyExists) {
|
|
1947
|
-
throw new ApplicationError$
|
|
1961
|
+
throw new ApplicationError$9(
|
|
1948
1962
|
`The name must be unique and a role with name \`${attributes.name}\` already exists.`
|
|
1949
1963
|
);
|
|
1950
1964
|
}
|
|
@@ -1957,7 +1971,7 @@ const create$3 = async (attributes) => {
|
|
|
1957
1971
|
strapi.eventHub.emit("role.create", { role: sanitizeRole(result) });
|
|
1958
1972
|
return result;
|
|
1959
1973
|
};
|
|
1960
|
-
const findOne = (params = {}, populate) => {
|
|
1974
|
+
const findOne$1 = (params = {}, populate) => {
|
|
1961
1975
|
return strapi.db.query("admin::role").findOne({ where: params, populate });
|
|
1962
1976
|
};
|
|
1963
1977
|
const findOneWithUsersCount = async (params = {}, populate) => {
|
|
@@ -1985,7 +1999,7 @@ const update$3 = async (params, attributes) => {
|
|
|
1985
1999
|
id: { $ne: params.id }
|
|
1986
2000
|
});
|
|
1987
2001
|
if (alreadyExists) {
|
|
1988
|
-
throw new ApplicationError$
|
|
2002
|
+
throw new ApplicationError$9(
|
|
1989
2003
|
`The name must be unique and a role with name \`${sanitizedAttributes.name}\` already exists.`
|
|
1990
2004
|
);
|
|
1991
2005
|
}
|
|
@@ -2004,18 +2018,18 @@ const count = async (params = {}) => {
|
|
|
2004
2018
|
const checkRolesIdForDeletion = async (ids = []) => {
|
|
2005
2019
|
const superAdminRole = await getSuperAdmin();
|
|
2006
2020
|
if (superAdminRole && arrays.includesString(ids, superAdminRole.id)) {
|
|
2007
|
-
throw new ApplicationError$
|
|
2021
|
+
throw new ApplicationError$9("You cannot delete the super admin role");
|
|
2008
2022
|
}
|
|
2009
2023
|
for (const roleId of ids) {
|
|
2010
2024
|
const usersCount = await getUsersCount(roleId);
|
|
2011
2025
|
if (usersCount !== 0) {
|
|
2012
|
-
throw new ApplicationError$
|
|
2026
|
+
throw new ApplicationError$9("Some roles are still assigned to some users");
|
|
2013
2027
|
}
|
|
2014
2028
|
}
|
|
2015
2029
|
};
|
|
2016
|
-
const deleteByIds$
|
|
2030
|
+
const deleteByIds$2 = async (ids = []) => {
|
|
2017
2031
|
await checkRolesIdForDeletion(ids);
|
|
2018
|
-
await getService("permission").deleteByRolesIds(ids);
|
|
2032
|
+
await getService$1("permission").deleteByRolesIds(ids);
|
|
2019
2033
|
const deletedRoles = [];
|
|
2020
2034
|
for (const id of ids) {
|
|
2021
2035
|
const deletedRole = await strapi.db.query("admin::role").delete({ where: { id } });
|
|
@@ -2029,14 +2043,14 @@ const deleteByIds$1 = async (ids = []) => {
|
|
|
2029
2043
|
const getUsersCount = async (roleId) => {
|
|
2030
2044
|
return strapi.db.query("admin::user").count({ where: { roles: { id: roleId } } });
|
|
2031
2045
|
};
|
|
2032
|
-
const getSuperAdmin = () => findOne({ code: SUPER_ADMIN_CODE$
|
|
2033
|
-
const getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE$
|
|
2046
|
+
const getSuperAdmin = () => findOne$1({ code: SUPER_ADMIN_CODE$3 });
|
|
2047
|
+
const getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE$3 });
|
|
2034
2048
|
const createRolesIfNoneExist = async () => {
|
|
2035
2049
|
const someRolesExist = await exists$2();
|
|
2036
2050
|
if (someRolesExist) {
|
|
2037
2051
|
return;
|
|
2038
2052
|
}
|
|
2039
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
2053
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
2040
2054
|
const allActions = actionProvider2.values();
|
|
2041
2055
|
const contentTypesActions = allActions.filter((a) => a.section === "contentTypes");
|
|
2042
2056
|
const superAdminRole = await create$3({
|
|
@@ -2044,7 +2058,7 @@ const createRolesIfNoneExist = async () => {
|
|
|
2044
2058
|
code: "strapi-super-admin",
|
|
2045
2059
|
description: "Super Admins can access and manage all features and settings."
|
|
2046
2060
|
});
|
|
2047
|
-
await getService("user").assignARoleToAll(superAdminRole.id);
|
|
2061
|
+
await getService$1("user").assignARoleToAll(superAdminRole.id);
|
|
2048
2062
|
const editorRole = await create$3({
|
|
2049
2063
|
name: "Editor",
|
|
2050
2064
|
code: "strapi-editor",
|
|
@@ -2055,7 +2069,7 @@ const createRolesIfNoneExist = async () => {
|
|
|
2055
2069
|
code: "strapi-author",
|
|
2056
2070
|
description: "Authors can manage the content they have created."
|
|
2057
2071
|
});
|
|
2058
|
-
const editorPermissions = getService("content-type").getPermissionsWithNestedFields(
|
|
2072
|
+
const editorPermissions = getService$1("content-type").getPermissionsWithNestedFields(
|
|
2059
2073
|
contentTypesActions,
|
|
2060
2074
|
{
|
|
2061
2075
|
restrictedSubjects: ["plugin::users-permissions.user"]
|
|
@@ -2082,7 +2096,7 @@ const getDefaultPluginPermissions = ({ isAuthor = false } = {}) => {
|
|
|
2082
2096
|
};
|
|
2083
2097
|
const displayWarningIfNoSuperAdmin = async () => {
|
|
2084
2098
|
const superAdminRole = await getSuperAdminWithUsersCount();
|
|
2085
|
-
const someUsersExists = await getService("user").exists();
|
|
2099
|
+
const someUsersExists = await getService$1("user").exists();
|
|
2086
2100
|
if (!superAdminRole) {
|
|
2087
2101
|
strapi.log.warn("Your application doesn't have a super admin role.");
|
|
2088
2102
|
} else if (someUsersExists && superAdminRole.usersCount === 0) {
|
|
@@ -2091,12 +2105,12 @@ const displayWarningIfNoSuperAdmin = async () => {
|
|
|
2091
2105
|
};
|
|
2092
2106
|
const assignPermissions = async (roleId, permissions2 = []) => {
|
|
2093
2107
|
await validatePermissionsExist(permissions2);
|
|
2094
|
-
const internalActions = getService("permission").actionProvider.values().filter((action2) => action2.section === "internal").map((action2) => action2.actionId);
|
|
2095
|
-
const superAdmin = await getService("role").getSuperAdmin();
|
|
2108
|
+
const internalActions = getService$1("permission").actionProvider.values().filter((action2) => action2.section === "internal").map((action2) => action2.actionId);
|
|
2109
|
+
const superAdmin = await getService$1("role").getSuperAdmin();
|
|
2096
2110
|
const isSuperAdmin = superAdmin && superAdmin.id === roleId;
|
|
2097
2111
|
const assignRole = set("role", roleId);
|
|
2098
2112
|
const permissionsWithRole = permissions2.map(assignRole).map(permissionDomain.create);
|
|
2099
|
-
const existingPermissions = await getService("permission").findMany({
|
|
2113
|
+
const existingPermissions = await getService$1("permission").findMany({
|
|
2100
2114
|
where: { role: { id: roleId } },
|
|
2101
2115
|
populate: ["role"]
|
|
2102
2116
|
});
|
|
@@ -2112,31 +2126,31 @@ const assignPermissions = async (roleId, permissions2 = []) => {
|
|
|
2112
2126
|
).filter((permission2) => !internalActions.includes(permission2.action));
|
|
2113
2127
|
const permissionsToReturn = differenceBy("id", permissionsToDelete, existingPermissions);
|
|
2114
2128
|
if (permissionsToDelete.length > 0) {
|
|
2115
|
-
await getService("permission").deleteByIds(permissionsToDelete.map(prop("id")));
|
|
2129
|
+
await getService$1("permission").deleteByIds(permissionsToDelete.map(prop("id")));
|
|
2116
2130
|
}
|
|
2117
2131
|
if (permissionsToAdd.length > 0) {
|
|
2118
2132
|
const newPermissions = await addPermissions(roleId, permissionsToAdd);
|
|
2119
2133
|
permissionsToReturn.push(...newPermissions);
|
|
2120
2134
|
}
|
|
2121
2135
|
if (!isSuperAdmin && (permissionsToAdd.length || permissionsToDelete.length)) {
|
|
2122
|
-
await getService("metrics").sendDidUpdateRolePermissions();
|
|
2136
|
+
await getService$1("metrics").sendDidUpdateRolePermissions();
|
|
2123
2137
|
}
|
|
2124
2138
|
return permissionsToReturn;
|
|
2125
2139
|
};
|
|
2126
2140
|
const addPermissions = async (roleId, permissions2) => {
|
|
2127
|
-
const { conditionProvider: conditionProvider2, createMany: createMany2 } = getService("permission");
|
|
2141
|
+
const { conditionProvider: conditionProvider2, createMany: createMany2 } = getService$1("permission");
|
|
2128
2142
|
const { sanitizeConditions: sanitizeConditions2 } = permissionDomain;
|
|
2129
2143
|
const permissionsWithRole = permissions2.map(set("role", roleId)).map(sanitizeConditions2(conditionProvider2)).map(permissionDomain.create);
|
|
2130
2144
|
return createMany2(permissionsWithRole);
|
|
2131
2145
|
};
|
|
2132
2146
|
const isContentTypeAction = (action2) => action2.section === CONTENT_TYPE_SECTION;
|
|
2133
2147
|
const resetSuperAdminPermissions = async () => {
|
|
2134
|
-
const superAdminRole = await getService("role").getSuperAdmin();
|
|
2148
|
+
const superAdminRole = await getService$1("role").getSuperAdmin();
|
|
2135
2149
|
if (!superAdminRole) {
|
|
2136
2150
|
return;
|
|
2137
2151
|
}
|
|
2138
|
-
const permissionService = getService("permission");
|
|
2139
|
-
const contentTypeService = getService("content-type");
|
|
2152
|
+
const permissionService = getService$1("permission");
|
|
2153
|
+
const contentTypeService = getService$1("content-type");
|
|
2140
2154
|
const allActions = permissionService.actionProvider.values();
|
|
2141
2155
|
const contentTypesActions = allActions.filter((action2) => isContentTypeAction(action2));
|
|
2142
2156
|
const otherActions = allActions.filter((action2) => !isContentTypeAction(action2));
|
|
@@ -2162,23 +2176,23 @@ const resetSuperAdminPermissions = async () => {
|
|
|
2162
2176
|
};
|
|
2163
2177
|
const hasSuperAdminRole = (user2) => {
|
|
2164
2178
|
const roles2 = ___default.get(user2, "roles", []);
|
|
2165
|
-
return roles2.map(prop("code")).includes(SUPER_ADMIN_CODE$
|
|
2179
|
+
return roles2.map(prop("code")).includes(SUPER_ADMIN_CODE$3);
|
|
2166
2180
|
};
|
|
2167
2181
|
const constants$2 = {
|
|
2168
|
-
superAdminCode: SUPER_ADMIN_CODE$
|
|
2182
|
+
superAdminCode: SUPER_ADMIN_CODE$3
|
|
2169
2183
|
};
|
|
2170
|
-
const role$
|
|
2184
|
+
const role$3 = {
|
|
2171
2185
|
hooks,
|
|
2172
2186
|
sanitizeRole,
|
|
2173
2187
|
create: create$3,
|
|
2174
|
-
findOne,
|
|
2188
|
+
findOne: findOne$1,
|
|
2175
2189
|
findOneWithUsersCount,
|
|
2176
2190
|
find,
|
|
2177
2191
|
findAllWithUsersCount,
|
|
2178
2192
|
update: update$3,
|
|
2179
2193
|
exists: exists$2,
|
|
2180
2194
|
count,
|
|
2181
|
-
deleteByIds: deleteByIds$
|
|
2195
|
+
deleteByIds: deleteByIds$2,
|
|
2182
2196
|
getUsersCount,
|
|
2183
2197
|
getSuperAdmin,
|
|
2184
2198
|
getSuperAdminWithUsersCount,
|
|
@@ -2199,7 +2213,7 @@ const createLocalStrategy = (strapi2, middleware) => {
|
|
|
2199
2213
|
session: false
|
|
2200
2214
|
},
|
|
2201
2215
|
(email2, password2, done) => {
|
|
2202
|
-
return getService("auth").checkCredentials({ email: toLower(email2), password: password2 }).then(async ([error, user2, message]) => {
|
|
2216
|
+
return getService$1("auth").checkCredentials({ email: toLower(email2), password: password2 }).then(async ([error, user2, message]) => {
|
|
2203
2217
|
if (middleware) {
|
|
2204
2218
|
return middleware([error, user2, message], done);
|
|
2205
2219
|
}
|
|
@@ -2216,7 +2230,7 @@ const valueIsFunctionType = ([, value]) => isFunction(value);
|
|
|
2216
2230
|
const keyIsValidEventName = ([key]) => {
|
|
2217
2231
|
return Object.keys(strapi.service("admin::passport").authEventsMapper).includes(key);
|
|
2218
2232
|
};
|
|
2219
|
-
const getPassportStrategies = () => [createLocalStrategy(strapi)];
|
|
2233
|
+
const getPassportStrategies$1 = () => [createLocalStrategy(strapi)];
|
|
2220
2234
|
const registerAuthEvents = () => {
|
|
2221
2235
|
const { events = {} } = strapi.config.get("admin.auth", {});
|
|
2222
2236
|
const { authEventsMapper: authEventsMapper2 } = strapi.service("admin::passport");
|
|
@@ -2226,14 +2240,14 @@ const registerAuthEvents = () => {
|
|
|
2226
2240
|
}
|
|
2227
2241
|
};
|
|
2228
2242
|
const init = () => {
|
|
2229
|
-
strapi.service("admin::passport").getPassportStrategies().forEach((strategy) => passport$
|
|
2243
|
+
strapi.service("admin::passport").getPassportStrategies().forEach((strategy) => passport$2.use(strategy));
|
|
2230
2244
|
registerAuthEvents();
|
|
2231
|
-
return passport$
|
|
2245
|
+
return passport$2.initialize();
|
|
2232
2246
|
};
|
|
2233
|
-
const passport = { init, getPassportStrategies, authEventsMapper };
|
|
2247
|
+
const passport$1 = { init, getPassportStrategies: getPassportStrategies$1, authEventsMapper };
|
|
2234
2248
|
const sendDidInviteUser = async () => {
|
|
2235
|
-
const numberOfUsers = await getService("user").count();
|
|
2236
|
-
const numberOfRoles = await getService("role").count();
|
|
2249
|
+
const numberOfUsers = await getService$1("user").count();
|
|
2250
|
+
const numberOfRoles = await getService$1("role").count();
|
|
2237
2251
|
strapi.telemetry.send("didInviteUser", {
|
|
2238
2252
|
groupProperties: { numberOfRoles, numberOfUsers }
|
|
2239
2253
|
});
|
|
@@ -2242,27 +2256,27 @@ const sendDidUpdateRolePermissions = async () => {
|
|
|
2242
2256
|
strapi.telemetry.send("didUpdateRolePermissions");
|
|
2243
2257
|
};
|
|
2244
2258
|
const sendDidChangeInterfaceLanguage = async () => {
|
|
2245
|
-
const languagesInUse = await getService("user").getLanguagesInUse();
|
|
2259
|
+
const languagesInUse = await getService$1("user").getLanguagesInUse();
|
|
2246
2260
|
strapi.telemetry.send("didChangeInterfaceLanguage", { userProperties: { languagesInUse } });
|
|
2247
2261
|
};
|
|
2248
|
-
const sendUpdateProjectInformation = async (strapi2) => {
|
|
2249
|
-
const numberOfActiveAdminUsers = await getService("user").count({ isActive: true });
|
|
2250
|
-
const numberOfAdminUsers = await getService("user").count();
|
|
2262
|
+
const sendUpdateProjectInformation$1 = async (strapi2) => {
|
|
2263
|
+
const numberOfActiveAdminUsers = await getService$1("user").count({ isActive: true });
|
|
2264
|
+
const numberOfAdminUsers = await getService$1("user").count();
|
|
2251
2265
|
strapi2.telemetry.send("didUpdateProjectInformation", {
|
|
2252
2266
|
groupProperties: { numberOfActiveAdminUsers, numberOfAdminUsers }
|
|
2253
2267
|
});
|
|
2254
2268
|
};
|
|
2255
|
-
const startCron = (strapi2) => {
|
|
2269
|
+
const startCron$1 = (strapi2) => {
|
|
2256
2270
|
strapi2.cron.add({
|
|
2257
|
-
"0 0 0 * * *": () => sendUpdateProjectInformation(strapi2)
|
|
2271
|
+
"0 0 0 * * *": () => sendUpdateProjectInformation$1(strapi2)
|
|
2258
2272
|
});
|
|
2259
2273
|
};
|
|
2260
|
-
const metrics = {
|
|
2274
|
+
const metrics$1 = {
|
|
2261
2275
|
sendDidInviteUser,
|
|
2262
2276
|
sendDidUpdateRolePermissions,
|
|
2263
2277
|
sendDidChangeInterfaceLanguage,
|
|
2264
|
-
sendUpdateProjectInformation,
|
|
2265
|
-
startCron
|
|
2278
|
+
sendUpdateProjectInformation: sendUpdateProjectInformation$1,
|
|
2279
|
+
startCron: startCron$1
|
|
2266
2280
|
};
|
|
2267
2281
|
const defaultJwtOptions = { expiresIn: "30d" };
|
|
2268
2282
|
const getTokenOptions = () => {
|
|
@@ -2347,11 +2361,17 @@ const registerProviderActionSchema = yup.array().required().of(
|
|
|
2347
2361
|
}),
|
|
2348
2362
|
options: yup.object({
|
|
2349
2363
|
applyToProperties: yup.array().of(yup.string())
|
|
2350
|
-
})
|
|
2364
|
+
}),
|
|
2365
|
+
aliases: yup.array(
|
|
2366
|
+
yup.object({
|
|
2367
|
+
actionId: yup.string(),
|
|
2368
|
+
subjects: yup.array(yup.string()).nullable()
|
|
2369
|
+
})
|
|
2370
|
+
).nullable()
|
|
2351
2371
|
}).noUnknown()
|
|
2352
2372
|
);
|
|
2353
2373
|
const validateRegisterProviderAction = validateYupSchemaSync(registerProviderActionSchema);
|
|
2354
|
-
const { ApplicationError: ApplicationError$
|
|
2374
|
+
const { ApplicationError: ApplicationError$8 } = errors;
|
|
2355
2375
|
const createActionProvider = (options) => {
|
|
2356
2376
|
const provider = providerFactory(options);
|
|
2357
2377
|
const actionHooks = {
|
|
@@ -2381,7 +2401,7 @@ const createActionProvider = (options) => {
|
|
|
2381
2401
|
async appliesToProperty(property, actionId, subject2) {
|
|
2382
2402
|
const action2 = provider.get(actionId);
|
|
2383
2403
|
if (!action2) {
|
|
2384
|
-
throw new ApplicationError$
|
|
2404
|
+
throw new ApplicationError$8(`No action found with id "${actionId}"`);
|
|
2385
2405
|
}
|
|
2386
2406
|
const appliesToAction = actionDomain.appliesToProperty(property, action2);
|
|
2387
2407
|
if (!appliesToAction) {
|
|
@@ -2399,6 +2419,29 @@ const createActionProvider = (options) => {
|
|
|
2399
2419
|
subject: subject2
|
|
2400
2420
|
});
|
|
2401
2421
|
return results.every((result) => result !== false);
|
|
2422
|
+
},
|
|
2423
|
+
/**
|
|
2424
|
+
* @experimental
|
|
2425
|
+
*/
|
|
2426
|
+
unstable_aliases(actionId, subject2) {
|
|
2427
|
+
const isRegistered = this.has(actionId);
|
|
2428
|
+
if (!isRegistered) {
|
|
2429
|
+
return [];
|
|
2430
|
+
}
|
|
2431
|
+
return this.values().filter(
|
|
2432
|
+
(action2) => action2.aliases?.some((alias) => {
|
|
2433
|
+
if (alias.actionId !== actionId) {
|
|
2434
|
+
return false;
|
|
2435
|
+
}
|
|
2436
|
+
if (!Array.isArray(alias.subjects)) {
|
|
2437
|
+
return true;
|
|
2438
|
+
}
|
|
2439
|
+
if (!subject2) {
|
|
2440
|
+
return false;
|
|
2441
|
+
}
|
|
2442
|
+
return alias.subjects.includes(subject2);
|
|
2443
|
+
})
|
|
2444
|
+
).map((action2) => action2.actionId);
|
|
2402
2445
|
}
|
|
2403
2446
|
};
|
|
2404
2447
|
};
|
|
@@ -2463,7 +2506,7 @@ const {
|
|
|
2463
2506
|
getNonVisibleAttributes: getNonVisibleAttributes$1,
|
|
2464
2507
|
getNonWritableAttributes,
|
|
2465
2508
|
getWritableAttributes: getWritableAttributes$1
|
|
2466
|
-
} = contentTypes;
|
|
2509
|
+
} = contentTypes$1;
|
|
2467
2510
|
const {
|
|
2468
2511
|
ID_ATTRIBUTE: ID_ATTRIBUTE$1,
|
|
2469
2512
|
DOC_ID_ATTRIBUTE: DOC_ID_ATTRIBUTE$1,
|
|
@@ -2663,9 +2706,9 @@ const createSanitizeHelpers = ({ action: action2, ability, model }) => {
|
|
|
2663
2706
|
sanitizeQuery: wrapSanitize(createSanitizeQuery)
|
|
2664
2707
|
};
|
|
2665
2708
|
};
|
|
2666
|
-
const { ValidationError: ValidationError$
|
|
2709
|
+
const { ValidationError: ValidationError$5 } = errors;
|
|
2667
2710
|
const { throwPassword, throwDisallowedFields } = validate.visitors;
|
|
2668
|
-
const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = contentTypes;
|
|
2711
|
+
const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = contentTypes$1;
|
|
2669
2712
|
const {
|
|
2670
2713
|
ID_ATTRIBUTE,
|
|
2671
2714
|
DOC_ID_ATTRIBUTE,
|
|
@@ -2679,7 +2722,7 @@ const COMPONENT_FIELDS = ["__component"];
|
|
|
2679
2722
|
const STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];
|
|
2680
2723
|
const throwInvalidKey = ({ key, path: path2 }) => {
|
|
2681
2724
|
const msg = path2 && path2 !== key ? `Invalid key ${key} at ${path2}` : `Invalid key ${key}`;
|
|
2682
|
-
throw new ValidationError$
|
|
2725
|
+
throw new ValidationError$5(msg);
|
|
2683
2726
|
};
|
|
2684
2727
|
const createValidateHelpers = ({ action: action2, ability, model }) => {
|
|
2685
2728
|
const schema = strapi.getModel(model);
|
|
@@ -2864,7 +2907,7 @@ const unwrapDeep = (obj) => {
|
|
|
2864
2907
|
{}
|
|
2865
2908
|
);
|
|
2866
2909
|
};
|
|
2867
|
-
const index
|
|
2910
|
+
const index = ({ ability, action: action2, model }) => ({
|
|
2868
2911
|
ability,
|
|
2869
2912
|
action: action2,
|
|
2870
2913
|
model,
|
|
@@ -2937,7 +2980,7 @@ const createPermissionEngine = (params) => {
|
|
|
2937
2980
|
* @param user
|
|
2938
2981
|
*/
|
|
2939
2982
|
async generateUserAbility(user2) {
|
|
2940
|
-
const permissions2 = await getService("permission").findUserPermissions(user2);
|
|
2983
|
+
const permissions2 = await getService$1("permission").findUserPermissions(user2);
|
|
2941
2984
|
return engine2.generateAbility(permissions2, user2);
|
|
2942
2985
|
},
|
|
2943
2986
|
/**
|
|
@@ -3057,7 +3100,7 @@ const toSubjectTemplate = (ct) => ({
|
|
|
3057
3100
|
label: ct.info.singularName,
|
|
3058
3101
|
properties: []
|
|
3059
3102
|
});
|
|
3060
|
-
const { isVisibleAttribute } = contentTypes;
|
|
3103
|
+
const { isVisibleAttribute } = contentTypes$1;
|
|
3061
3104
|
const settings = ({ action: action2, section }) => {
|
|
3062
3105
|
const { category, subCategory, displayName, actionId } = action2;
|
|
3063
3106
|
section.push({
|
|
@@ -3167,10 +3210,10 @@ const deleteByRolesIds = async (rolesIds) => {
|
|
|
3167
3210
|
}
|
|
3168
3211
|
});
|
|
3169
3212
|
if (permissionsToDelete.length > 0) {
|
|
3170
|
-
await deleteByIds(permissionsToDelete.map(prop("id")));
|
|
3213
|
+
await deleteByIds$1(permissionsToDelete.map(prop("id")));
|
|
3171
3214
|
}
|
|
3172
3215
|
};
|
|
3173
|
-
const deleteByIds = async (ids) => {
|
|
3216
|
+
const deleteByIds$1 = async (ids) => {
|
|
3174
3217
|
const result = [];
|
|
3175
3218
|
for (const id of ids) {
|
|
3176
3219
|
const queryResult = await strapi.db.query("admin::permission").delete({ where: { id } });
|
|
@@ -3202,7 +3245,7 @@ const findUserPermissions = async (user2) => {
|
|
|
3202
3245
|
return findMany({ where: { role: { users: { id: user2.id } } } });
|
|
3203
3246
|
};
|
|
3204
3247
|
const filterPermissionsToRemove = async (permissions2) => {
|
|
3205
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3248
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3206
3249
|
const permissionsToRemove = [];
|
|
3207
3250
|
for (const permission2 of permissions2) {
|
|
3208
3251
|
const { subjects, options = {} } = actionProvider2.get(permission2.action) || {};
|
|
@@ -3228,7 +3271,7 @@ const filterPermissionsToRemove = async (permissions2) => {
|
|
|
3228
3271
|
};
|
|
3229
3272
|
const cleanPermissionsInDatabase = async () => {
|
|
3230
3273
|
const pageSize = 200;
|
|
3231
|
-
const contentTypeService = getService("content-type");
|
|
3274
|
+
const contentTypeService = getService$1("content-type");
|
|
3232
3275
|
const total = await strapi.db.query("admin::permission").count();
|
|
3233
3276
|
const pageCount = Math.ceil(total / pageSize);
|
|
3234
3277
|
for (let page = 0; page < pageCount; page += 1) {
|
|
@@ -3253,7 +3296,7 @@ const cleanPermissionsInDatabase = async () => {
|
|
|
3253
3296
|
return update$2({ id: permission2.id }, permission2);
|
|
3254
3297
|
};
|
|
3255
3298
|
await Promise.all([
|
|
3256
|
-
deleteByIds(permissionsIdToRemove),
|
|
3299
|
+
deleteByIds$1(permissionsIdToRemove),
|
|
3257
3300
|
pmap(permissionsNeedingToBeUpdated, updatePromiseProvider, {
|
|
3258
3301
|
concurrency: 100,
|
|
3259
3302
|
stopOnError: true
|
|
@@ -3274,8 +3317,8 @@ const permission$2 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.define
|
|
|
3274
3317
|
cleanPermissionsInDatabase,
|
|
3275
3318
|
conditionProvider,
|
|
3276
3319
|
createMany,
|
|
3277
|
-
createPermissionsManager: index
|
|
3278
|
-
deleteByIds,
|
|
3320
|
+
createPermissionsManager: index,
|
|
3321
|
+
deleteByIds: deleteByIds$1,
|
|
3279
3322
|
deleteByRolesIds,
|
|
3280
3323
|
engine: engine$1,
|
|
3281
3324
|
findMany,
|
|
@@ -3293,7 +3336,7 @@ const getNestedFields = (model, {
|
|
|
3293
3336
|
if (nestingLevel === 0) {
|
|
3294
3337
|
return prefix ? [prefix] : [];
|
|
3295
3338
|
}
|
|
3296
|
-
const nonAuthorizableFields = contentTypes.getNonVisibleAttributes(model);
|
|
3339
|
+
const nonAuthorizableFields = contentTypes$1.getNonVisibleAttributes(model);
|
|
3297
3340
|
return ___default.reduce(
|
|
3298
3341
|
model.attributes,
|
|
3299
3342
|
(fields, attr, key) => {
|
|
@@ -3330,7 +3373,7 @@ const getNestedFieldsWithIntermediate = (model, { prefix = "", nestingLevel = 15
|
|
|
3330
3373
|
if (nestingLevel === 0) {
|
|
3331
3374
|
return [];
|
|
3332
3375
|
}
|
|
3333
|
-
const nonAuthorizableFields = contentTypes.getNonVisibleAttributes(model);
|
|
3376
|
+
const nonAuthorizableFields = contentTypes$1.getNonVisibleAttributes(model);
|
|
3334
3377
|
return ___default.reduce(
|
|
3335
3378
|
model.attributes,
|
|
3336
3379
|
(fields, attr, key) => {
|
|
@@ -3372,7 +3415,7 @@ const getPermissionsWithNestedFields = (actions2, { nestingLevel, restrictedSubj
|
|
|
3372
3415
|
}, []);
|
|
3373
3416
|
};
|
|
3374
3417
|
const cleanPermissionFields = (permissions2, { nestingLevel } = {}) => {
|
|
3375
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3418
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3376
3419
|
return permissions2.map((permission2) => {
|
|
3377
3420
|
const {
|
|
3378
3421
|
action: actionId,
|
|
@@ -3411,7 +3454,7 @@ const contentType = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
3411
3454
|
getPermissionsWithNestedFields
|
|
3412
3455
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3413
3456
|
const isValidCondition = (condition2) => {
|
|
3414
|
-
const { conditionProvider: conditionProvider2 } = getService("permission");
|
|
3457
|
+
const { conditionProvider: conditionProvider2 } = getService$1("permission");
|
|
3415
3458
|
return isString(condition2) && conditionProvider2.has(condition2);
|
|
3416
3459
|
};
|
|
3417
3460
|
const condition = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
@@ -3421,9 +3464,9 @@ const condition = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePro
|
|
|
3421
3464
|
const { AUTHOR_CODE, PUBLISH_ACTION } = constants$3;
|
|
3422
3465
|
const { NotFoundError: NotFoundError$2 } = errors;
|
|
3423
3466
|
const getAllowedActionsForRole = async (roleId) => {
|
|
3424
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3467
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3425
3468
|
if (!isNil(roleId)) {
|
|
3426
|
-
const role2 = await getService("role").findOne({ id: roleId });
|
|
3469
|
+
const role2 = await getService$1("role").findOne({ id: roleId });
|
|
3427
3470
|
if (!role2) {
|
|
3428
3471
|
throw new NotFoundError$2("role.notFound");
|
|
3429
3472
|
}
|
|
@@ -3437,7 +3480,7 @@ const action = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProper
|
|
|
3437
3480
|
__proto__: null,
|
|
3438
3481
|
getAllowedActionsForRole
|
|
3439
3482
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3440
|
-
const { ValidationError: ValidationError$
|
|
3483
|
+
const { ValidationError: ValidationError$4, NotFoundError: NotFoundError$1 } = errors;
|
|
3441
3484
|
const SELECT_FIELDS$1 = [
|
|
3442
3485
|
"id",
|
|
3443
3486
|
"name",
|
|
@@ -3452,16 +3495,16 @@ const SELECT_FIELDS$1 = [
|
|
|
3452
3495
|
const POPULATE_FIELDS$1 = ["permissions"];
|
|
3453
3496
|
const assertCustomTokenPermissionsValidity = (type, permissions2) => {
|
|
3454
3497
|
if (type !== constants$3.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions2)) {
|
|
3455
|
-
throw new ValidationError$
|
|
3498
|
+
throw new ValidationError$4("Non-custom tokens should not reference permissions");
|
|
3456
3499
|
}
|
|
3457
3500
|
if (type === constants$3.API_TOKEN_TYPE.CUSTOM && !isArray(permissions2)) {
|
|
3458
|
-
throw new ValidationError$
|
|
3501
|
+
throw new ValidationError$4("Missing permissions attribute for custom token");
|
|
3459
3502
|
}
|
|
3460
3503
|
if (type === constants$3.API_TOKEN_TYPE.CUSTOM) {
|
|
3461
3504
|
const validPermissions = strapi.contentAPI.permissions.providers.action.keys();
|
|
3462
3505
|
const invalidPermissions = difference(permissions2, validPermissions);
|
|
3463
3506
|
if (!isEmpty(invalidPermissions)) {
|
|
3464
|
-
throw new ValidationError$
|
|
3507
|
+
throw new ValidationError$4(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
|
|
3465
3508
|
}
|
|
3466
3509
|
}
|
|
3467
3510
|
};
|
|
@@ -3476,7 +3519,7 @@ const isValidLifespan$1 = (lifespan) => {
|
|
|
3476
3519
|
};
|
|
3477
3520
|
const assertValidLifespan$1 = (lifespan) => {
|
|
3478
3521
|
if (!isValidLifespan$1(lifespan)) {
|
|
3479
|
-
throw new ValidationError$
|
|
3522
|
+
throw new ValidationError$4(
|
|
3480
3523
|
`lifespan must be one of the following values:
|
|
3481
3524
|
${Object.values(constants$3.API_TOKEN_LIFESPANS).join(", ")}`
|
|
3482
3525
|
);
|
|
@@ -3511,7 +3554,7 @@ const hash$1 = (accessKey) => {
|
|
|
3511
3554
|
const getExpirationFields$1 = (lifespan) => {
|
|
3512
3555
|
const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;
|
|
3513
3556
|
if (!isValidNumber && !isNil(lifespan)) {
|
|
3514
|
-
throw new ValidationError$
|
|
3557
|
+
throw new ValidationError$4("lifespan must be a positive number or null");
|
|
3515
3558
|
}
|
|
3516
3559
|
return {
|
|
3517
3560
|
lifespan: lifespan || null,
|
|
@@ -3675,7 +3718,7 @@ const permission$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.define
|
|
|
3675
3718
|
engine,
|
|
3676
3719
|
providers
|
|
3677
3720
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3678
|
-
const { ValidationError: ValidationError$
|
|
3721
|
+
const { ValidationError: ValidationError$3, NotFoundError } = errors;
|
|
3679
3722
|
const TRANSFER_TOKEN_UID = "admin::transfer-token";
|
|
3680
3723
|
const TRANSFER_TOKEN_PERMISSION_UID = "admin::transfer-token-permission";
|
|
3681
3724
|
const SELECT_FIELDS = [
|
|
@@ -3826,7 +3869,7 @@ const regenerate = async (id) => {
|
|
|
3826
3869
|
const getExpirationFields = (lifespan) => {
|
|
3827
3870
|
const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;
|
|
3828
3871
|
if (!isValidNumber && !isNil(lifespan)) {
|
|
3829
|
-
throw new ValidationError$
|
|
3872
|
+
throw new ValidationError$3("lifespan must be a positive number or null");
|
|
3830
3873
|
}
|
|
3831
3874
|
return {
|
|
3832
3875
|
lifespan: lifespan || null,
|
|
@@ -3834,14 +3877,14 @@ const getExpirationFields = (lifespan) => {
|
|
|
3834
3877
|
};
|
|
3835
3878
|
};
|
|
3836
3879
|
const hash = (accessKey) => {
|
|
3837
|
-
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService("transfer").utils;
|
|
3880
|
+
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService$1("transfer").utils;
|
|
3838
3881
|
if (!hasValidTokenSalt2()) {
|
|
3839
3882
|
throw new TypeError("Required token salt is not defined");
|
|
3840
3883
|
}
|
|
3841
3884
|
return crypto.createHmac("sha512", strapi.config.get("admin.transfer.token.salt")).update(accessKey).digest("hex");
|
|
3842
3885
|
};
|
|
3843
3886
|
const checkSaltIsDefined = () => {
|
|
3844
|
-
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService("transfer").utils;
|
|
3887
|
+
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService$1("transfer").utils;
|
|
3845
3888
|
if (!strapi.config.get("server.transfer.remote.enabled")) {
|
|
3846
3889
|
return;
|
|
3847
3890
|
}
|
|
@@ -3867,7 +3910,7 @@ const assertTokenPermissionsValidity = (attributes) => {
|
|
|
3867
3910
|
const validPermissions = permissionService.providers.action.keys();
|
|
3868
3911
|
const invalidPermissions = difference(attributes.permissions, validPermissions);
|
|
3869
3912
|
if (!isEmpty(invalidPermissions)) {
|
|
3870
|
-
throw new ValidationError$
|
|
3913
|
+
throw new ValidationError$3(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
|
|
3871
3914
|
}
|
|
3872
3915
|
};
|
|
3873
3916
|
const isValidLifespan = (lifespan) => {
|
|
@@ -3881,7 +3924,7 @@ const isValidLifespan = (lifespan) => {
|
|
|
3881
3924
|
};
|
|
3882
3925
|
const assertValidLifespan = (lifespan) => {
|
|
3883
3926
|
if (!isValidLifespan(lifespan)) {
|
|
3884
|
-
throw new ValidationError$
|
|
3927
|
+
throw new ValidationError$3(
|
|
3885
3928
|
`lifespan must be one of the following values:
|
|
3886
3929
|
${Object.values(constants$3.TRANSFER_TOKEN_LIFESPANS).join(", ")}`
|
|
3887
3930
|
);
|
|
@@ -3907,7 +3950,7 @@ const hasValidTokenSalt = () => {
|
|
|
3907
3950
|
return typeof salt === "string" && salt.length > 0;
|
|
3908
3951
|
};
|
|
3909
3952
|
const isRemoteTransferEnabled = () => {
|
|
3910
|
-
const { utils: utils2 } = getService("transfer");
|
|
3953
|
+
const { utils: utils2 } = getService$1("transfer");
|
|
3911
3954
|
if (env.bool("STRAPI_DISABLE_REMOTE_DATA_TRANSFER") !== void 0) {
|
|
3912
3955
|
strapi.log.warn(
|
|
3913
3956
|
"STRAPI_DISABLE_REMOTE_DATA_TRANSFER is no longer supported. Instead, set transfer.remote.enabled to false in your server configuration"
|
|
@@ -3915,7 +3958,7 @@ const isRemoteTransferEnabled = () => {
|
|
|
3915
3958
|
}
|
|
3916
3959
|
return utils2.hasValidTokenSalt() && strapi.config.get("server.transfer.remote.enabled");
|
|
3917
3960
|
};
|
|
3918
|
-
const utils = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
3961
|
+
const utils$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
3919
3962
|
__proto__: null,
|
|
3920
3963
|
hasValidTokenSalt,
|
|
3921
3964
|
isRemoteTransferEnabled
|
|
@@ -3924,7 +3967,7 @@ const transfer$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePr
|
|
|
3924
3967
|
__proto__: null,
|
|
3925
3968
|
permission: permission$1,
|
|
3926
3969
|
token: token$2,
|
|
3927
|
-
utils
|
|
3970
|
+
utils: utils$1
|
|
3928
3971
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3929
3972
|
const PROJECT_SETTINGS_FILE_INPUTS = ["menuLogo", "authLogo"];
|
|
3930
3973
|
const parseFilesData = async (files) => {
|
|
@@ -4045,14 +4088,14 @@ const projectSettings = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.def
|
|
|
4045
4088
|
parseFilesData,
|
|
4046
4089
|
updateProjectSettings: updateProjectSettings$1
|
|
4047
4090
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
4048
|
-
const
|
|
4049
|
-
auth,
|
|
4050
|
-
user: user$
|
|
4051
|
-
role: role$
|
|
4052
|
-
passport,
|
|
4091
|
+
const services$1 = {
|
|
4092
|
+
auth: auth$1,
|
|
4093
|
+
user: user$3,
|
|
4094
|
+
role: role$3,
|
|
4095
|
+
passport: passport$1,
|
|
4053
4096
|
token: token$3,
|
|
4054
4097
|
permission: permission$2,
|
|
4055
|
-
metrics,
|
|
4098
|
+
metrics: metrics$1,
|
|
4056
4099
|
"content-type": contentType,
|
|
4057
4100
|
constants: constants$4,
|
|
4058
4101
|
condition,
|
|
@@ -4091,7 +4134,7 @@ const validateUpdateProjectSettingsImagesDimensions = validateZod(
|
|
|
4091
4134
|
updateProjectSettingsImagesDimensions
|
|
4092
4135
|
);
|
|
4093
4136
|
const { isUsingTypeScript } = tsUtils;
|
|
4094
|
-
const admin = {
|
|
4137
|
+
const admin$3 = {
|
|
4095
4138
|
// TODO very temporary to check the switch ee/ce
|
|
4096
4139
|
// When removing this we need to update the /admin/src/index.js file
|
|
4097
4140
|
// whe,re we set the strapi.window.isEE value
|
|
@@ -4103,8 +4146,8 @@ const admin = {
|
|
|
4103
4146
|
},
|
|
4104
4147
|
async init() {
|
|
4105
4148
|
let uuid = strapi.config.get("uuid", false);
|
|
4106
|
-
const hasAdmin = await getService("user").exists();
|
|
4107
|
-
const { menuLogo, authLogo } = await getService("project-settings").getProjectSettings();
|
|
4149
|
+
const hasAdmin = await getService$1("user").exists();
|
|
4150
|
+
const { menuLogo, authLogo } = await getService$1("project-settings").getProjectSettings();
|
|
4108
4151
|
const telemetryDisabled = strapi.config.get(
|
|
4109
4152
|
"packageJsonStrapi.telemetryDisabled",
|
|
4110
4153
|
null
|
|
@@ -4122,7 +4165,7 @@ const admin = {
|
|
|
4122
4165
|
};
|
|
4123
4166
|
},
|
|
4124
4167
|
async getProjectSettings() {
|
|
4125
|
-
return getService(
|
|
4168
|
+
return getService$1(
|
|
4126
4169
|
"project-settings"
|
|
4127
4170
|
).getProjectSettings();
|
|
4128
4171
|
},
|
|
@@ -4130,7 +4173,7 @@ const admin = {
|
|
|
4130
4173
|
const {
|
|
4131
4174
|
request: { files, body }
|
|
4132
4175
|
} = ctx;
|
|
4133
|
-
const projectSettingsService = getService("project-settings");
|
|
4176
|
+
const projectSettingsService = getService$1("project-settings");
|
|
4134
4177
|
await validateUpdateProjectSettings(body);
|
|
4135
4178
|
await validateUpdateProjectSettingsFiles(files);
|
|
4136
4179
|
const formatedFiles = await projectSettingsService.parseFilesData(files);
|
|
@@ -4229,11 +4272,11 @@ const apiTokenUpdateSchema = yup.object().shape({
|
|
|
4229
4272
|
}).noUnknown().strict();
|
|
4230
4273
|
const validateApiTokenCreationInput = validateYupSchema(apiTokenCreationSchema);
|
|
4231
4274
|
const validateApiTokenUpdateInput = validateYupSchema(apiTokenUpdateSchema);
|
|
4232
|
-
const { ApplicationError: ApplicationError$
|
|
4275
|
+
const { ApplicationError: ApplicationError$7 } = errors;
|
|
4233
4276
|
const apiToken$1 = {
|
|
4234
4277
|
async create(ctx) {
|
|
4235
4278
|
const { body } = ctx.request;
|
|
4236
|
-
const apiTokenService = getService("api-token");
|
|
4279
|
+
const apiTokenService = getService$1("api-token");
|
|
4237
4280
|
const attributes = {
|
|
4238
4281
|
name: trim(body.name),
|
|
4239
4282
|
description: trim(body.description),
|
|
@@ -4244,14 +4287,14 @@ const apiToken$1 = {
|
|
|
4244
4287
|
await validateApiTokenCreationInput(attributes);
|
|
4245
4288
|
const alreadyExists = await apiTokenService.exists({ name: attributes.name });
|
|
4246
4289
|
if (alreadyExists) {
|
|
4247
|
-
throw new ApplicationError$
|
|
4290
|
+
throw new ApplicationError$7("Name already taken");
|
|
4248
4291
|
}
|
|
4249
4292
|
const apiToken2 = await apiTokenService.create(attributes);
|
|
4250
4293
|
ctx.created({ data: apiToken2 });
|
|
4251
4294
|
},
|
|
4252
4295
|
async regenerate(ctx) {
|
|
4253
4296
|
const { id } = ctx.params;
|
|
4254
|
-
const apiTokenService = getService("api-token");
|
|
4297
|
+
const apiTokenService = getService$1("api-token");
|
|
4255
4298
|
const apiTokenExists = await apiTokenService.getById(id);
|
|
4256
4299
|
if (!apiTokenExists) {
|
|
4257
4300
|
ctx.notFound("API Token not found");
|
|
@@ -4261,19 +4304,19 @@ const apiToken$1 = {
|
|
|
4261
4304
|
ctx.created({ data: accessToken });
|
|
4262
4305
|
},
|
|
4263
4306
|
async list(ctx) {
|
|
4264
|
-
const apiTokenService = getService("api-token");
|
|
4307
|
+
const apiTokenService = getService$1("api-token");
|
|
4265
4308
|
const apiTokens2 = await apiTokenService.list();
|
|
4266
4309
|
ctx.send({ data: apiTokens2 });
|
|
4267
4310
|
},
|
|
4268
4311
|
async revoke(ctx) {
|
|
4269
4312
|
const { id } = ctx.params;
|
|
4270
|
-
const apiTokenService = getService("api-token");
|
|
4313
|
+
const apiTokenService = getService$1("api-token");
|
|
4271
4314
|
const apiToken2 = await apiTokenService.revoke(id);
|
|
4272
4315
|
ctx.deleted({ data: apiToken2 });
|
|
4273
4316
|
},
|
|
4274
4317
|
async get(ctx) {
|
|
4275
4318
|
const { id } = ctx.params;
|
|
4276
|
-
const apiTokenService = getService("api-token");
|
|
4319
|
+
const apiTokenService = getService$1("api-token");
|
|
4277
4320
|
const apiToken2 = await apiTokenService.getById(id);
|
|
4278
4321
|
if (!apiToken2) {
|
|
4279
4322
|
ctx.notFound("API Token not found");
|
|
@@ -4284,7 +4327,7 @@ const apiToken$1 = {
|
|
|
4284
4327
|
async update(ctx) {
|
|
4285
4328
|
const { body } = ctx.request;
|
|
4286
4329
|
const { id } = ctx.params;
|
|
4287
|
-
const apiTokenService = getService("api-token");
|
|
4330
|
+
const apiTokenService = getService$1("api-token");
|
|
4288
4331
|
const attributes = body;
|
|
4289
4332
|
if (has("name", attributes)) {
|
|
4290
4333
|
attributes.name = trim(body.name);
|
|
@@ -4300,14 +4343,14 @@ const apiToken$1 = {
|
|
|
4300
4343
|
if (has("name", attributes)) {
|
|
4301
4344
|
const nameAlreadyTaken = await apiTokenService.getByName(attributes.name);
|
|
4302
4345
|
if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {
|
|
4303
|
-
throw new ApplicationError$
|
|
4346
|
+
throw new ApplicationError$7("Name already taken");
|
|
4304
4347
|
}
|
|
4305
4348
|
}
|
|
4306
4349
|
const apiToken2 = await apiTokenService.update(id, attributes);
|
|
4307
4350
|
ctx.send({ data: apiToken2 });
|
|
4308
4351
|
},
|
|
4309
4352
|
async getLayout(ctx) {
|
|
4310
|
-
const apiTokenService = getService("api-token");
|
|
4353
|
+
const apiTokenService = getService$1("api-token");
|
|
4311
4354
|
const layout = await apiTokenService.getApiTokenLayout();
|
|
4312
4355
|
ctx.send({ data: layout });
|
|
4313
4356
|
}
|
|
@@ -4343,13 +4386,18 @@ const userUpdateSchema = yup.object().shape({
|
|
|
4343
4386
|
const usersDeleteSchema = yup.object().shape({
|
|
4344
4387
|
ids: yup.array().of(yup.strapiID()).min(1).required()
|
|
4345
4388
|
}).noUnknown();
|
|
4346
|
-
const validateUserCreationInput = validateYupSchema(userCreationSchema);
|
|
4389
|
+
const validateUserCreationInput$1 = validateYupSchema(userCreationSchema);
|
|
4347
4390
|
const validateProfileUpdateInput = validateYupSchema(profileUpdateSchema);
|
|
4348
4391
|
const validateUserUpdateInput = validateYupSchema(userUpdateSchema);
|
|
4349
4392
|
const validateUsersDeleteInput = validateYupSchema(usersDeleteSchema);
|
|
4393
|
+
const schemas = {
|
|
4394
|
+
userCreationSchema,
|
|
4395
|
+
usersDeleteSchema,
|
|
4396
|
+
userUpdateSchema
|
|
4397
|
+
};
|
|
4350
4398
|
const authenticatedUser = {
|
|
4351
4399
|
async getMe(ctx) {
|
|
4352
|
-
const userInfo = getService("user").sanitizeUser(ctx.state.user);
|
|
4400
|
+
const userInfo = getService$1("user").sanitizeUser(ctx.state.user);
|
|
4353
4401
|
ctx.body = {
|
|
4354
4402
|
data: userInfo
|
|
4355
4403
|
};
|
|
@@ -4357,8 +4405,8 @@ const authenticatedUser = {
|
|
|
4357
4405
|
async updateMe(ctx) {
|
|
4358
4406
|
const input = ctx.request.body;
|
|
4359
4407
|
await validateProfileUpdateInput(input);
|
|
4360
|
-
const userService = getService("user");
|
|
4361
|
-
const authServer = getService("auth");
|
|
4408
|
+
const userService = getService$1("user");
|
|
4409
|
+
const authServer = getService$1("auth");
|
|
4362
4410
|
const { currentPassword, ...userInfo } = input;
|
|
4363
4411
|
if (currentPassword && userInfo.password) {
|
|
4364
4412
|
const isValid = await authServer.validatePassword(currentPassword, ctx.state.user.password);
|
|
@@ -4374,7 +4422,7 @@ const authenticatedUser = {
|
|
|
4374
4422
|
};
|
|
4375
4423
|
},
|
|
4376
4424
|
async getOwnPermissions(ctx) {
|
|
4377
|
-
const { findUserPermissions: findUserPermissions2, sanitizePermission: sanitizePermission2 } = getService("permission");
|
|
4425
|
+
const { findUserPermissions: findUserPermissions2, sanitizePermission: sanitizePermission2 } = getService$1("permission");
|
|
4378
4426
|
const { user: user2 } = ctx.state;
|
|
4379
4427
|
const userPermissions = await findUserPermissions2(user2);
|
|
4380
4428
|
ctx.body = {
|
|
@@ -4414,11 +4462,11 @@ const resetPasswordSchema = yup.object().shape({
|
|
|
4414
4462
|
const validateResetPasswordInput = validateYupSchema(resetPasswordSchema);
|
|
4415
4463
|
const renewToken = yup.object().shape({ token: yup.string().required() }).required().noUnknown();
|
|
4416
4464
|
const validateRenewTokenInput = validateYupSchema(renewToken);
|
|
4417
|
-
const { ApplicationError: ApplicationError$
|
|
4418
|
-
const authentication = {
|
|
4465
|
+
const { ApplicationError: ApplicationError$6, ValidationError: ValidationError$2 } = errors;
|
|
4466
|
+
const authentication$1 = {
|
|
4419
4467
|
login: compose([
|
|
4420
4468
|
(ctx, next) => {
|
|
4421
|
-
return passport$
|
|
4469
|
+
return passport$2.authenticate("local", { session: false }, (err, user2, info) => {
|
|
4422
4470
|
if (err) {
|
|
4423
4471
|
strapi.eventHub.emit("admin.auth.error", { error: err, provider: "local" });
|
|
4424
4472
|
if (err.details?.code === "LOGIN_NOT_ALLOWED") {
|
|
@@ -4431,11 +4479,11 @@ const authentication = {
|
|
|
4431
4479
|
error: new Error(info.message),
|
|
4432
4480
|
provider: "local"
|
|
4433
4481
|
});
|
|
4434
|
-
throw new ApplicationError$
|
|
4482
|
+
throw new ApplicationError$6(info.message);
|
|
4435
4483
|
}
|
|
4436
4484
|
const query = ctx.state;
|
|
4437
4485
|
query.user = user2;
|
|
4438
|
-
const sanitizedUser = getService("user").sanitizeUser(user2);
|
|
4486
|
+
const sanitizedUser = getService$1("user").sanitizeUser(user2);
|
|
4439
4487
|
strapi.eventHub.emit("admin.auth.success", { user: sanitizedUser, provider: "local" });
|
|
4440
4488
|
return next();
|
|
4441
4489
|
})(ctx, next);
|
|
@@ -4444,8 +4492,8 @@ const authentication = {
|
|
|
4444
4492
|
const { user: user2 } = ctx.state;
|
|
4445
4493
|
ctx.body = {
|
|
4446
4494
|
data: {
|
|
4447
|
-
token: getService("token").createJwtToken(user2),
|
|
4448
|
-
user: getService("user").sanitizeUser(ctx.state.user)
|
|
4495
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4496
|
+
user: getService$1("user").sanitizeUser(ctx.state.user)
|
|
4449
4497
|
// TODO: fetch more detailed info
|
|
4450
4498
|
}
|
|
4451
4499
|
};
|
|
@@ -4454,50 +4502,50 @@ const authentication = {
|
|
|
4454
4502
|
async renewToken(ctx) {
|
|
4455
4503
|
await validateRenewTokenInput(ctx.request.body);
|
|
4456
4504
|
const { token: token2 } = ctx.request.body;
|
|
4457
|
-
const { isValid, payload } = getService("token").decodeJwtToken(token2);
|
|
4505
|
+
const { isValid, payload } = getService$1("token").decodeJwtToken(token2);
|
|
4458
4506
|
if (!isValid) {
|
|
4459
|
-
throw new ValidationError("Invalid token");
|
|
4507
|
+
throw new ValidationError$2("Invalid token");
|
|
4460
4508
|
}
|
|
4461
4509
|
ctx.body = {
|
|
4462
4510
|
data: {
|
|
4463
|
-
token: getService("token").createJwtToken({ id: payload.id })
|
|
4511
|
+
token: getService$1("token").createJwtToken({ id: payload.id })
|
|
4464
4512
|
}
|
|
4465
4513
|
};
|
|
4466
4514
|
},
|
|
4467
4515
|
async registrationInfo(ctx) {
|
|
4468
4516
|
await validateRegistrationInfoQuery(ctx.request.query);
|
|
4469
4517
|
const { registrationToken } = ctx.request.query;
|
|
4470
|
-
const registrationInfo = await getService("user").findRegistrationInfo(registrationToken);
|
|
4518
|
+
const registrationInfo = await getService$1("user").findRegistrationInfo(registrationToken);
|
|
4471
4519
|
if (!registrationInfo) {
|
|
4472
|
-
throw new ValidationError("Invalid registrationToken");
|
|
4520
|
+
throw new ValidationError$2("Invalid registrationToken");
|
|
4473
4521
|
}
|
|
4474
4522
|
ctx.body = { data: registrationInfo };
|
|
4475
4523
|
},
|
|
4476
4524
|
async register(ctx) {
|
|
4477
4525
|
const input = ctx.request.body;
|
|
4478
4526
|
await validateRegistrationInput(input);
|
|
4479
|
-
const user2 = await getService("user").register(input);
|
|
4527
|
+
const user2 = await getService$1("user").register(input);
|
|
4480
4528
|
ctx.body = {
|
|
4481
4529
|
data: {
|
|
4482
|
-
token: getService("token").createJwtToken(user2),
|
|
4483
|
-
user: getService("user").sanitizeUser(user2)
|
|
4530
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4531
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4484
4532
|
}
|
|
4485
4533
|
};
|
|
4486
4534
|
},
|
|
4487
4535
|
async registerAdmin(ctx) {
|
|
4488
4536
|
const input = ctx.request.body;
|
|
4489
4537
|
await validateAdminRegistrationInput(input);
|
|
4490
|
-
const hasAdmin = await getService("user").exists();
|
|
4538
|
+
const hasAdmin = await getService$1("user").exists();
|
|
4491
4539
|
if (hasAdmin) {
|
|
4492
|
-
throw new ApplicationError$
|
|
4540
|
+
throw new ApplicationError$6("You cannot register a new super admin");
|
|
4493
4541
|
}
|
|
4494
|
-
const superAdminRole = await getService("role").getSuperAdmin();
|
|
4542
|
+
const superAdminRole = await getService$1("role").getSuperAdmin();
|
|
4495
4543
|
if (!superAdminRole) {
|
|
4496
|
-
throw new ApplicationError$
|
|
4544
|
+
throw new ApplicationError$6(
|
|
4497
4545
|
"Cannot register the first admin because the super admin role doesn't exist."
|
|
4498
4546
|
);
|
|
4499
4547
|
}
|
|
4500
|
-
const user2 = await getService("user").create({
|
|
4548
|
+
const user2 = await getService$1("user").create({
|
|
4501
4549
|
...input,
|
|
4502
4550
|
registrationToken: null,
|
|
4503
4551
|
isActive: true,
|
|
@@ -4506,30 +4554,30 @@ const authentication = {
|
|
|
4506
4554
|
strapi.telemetry.send("didCreateFirstAdmin");
|
|
4507
4555
|
ctx.body = {
|
|
4508
4556
|
data: {
|
|
4509
|
-
token: getService("token").createJwtToken(user2),
|
|
4510
|
-
user: getService("user").sanitizeUser(user2)
|
|
4557
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4558
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4511
4559
|
}
|
|
4512
4560
|
};
|
|
4513
4561
|
},
|
|
4514
4562
|
async forgotPassword(ctx) {
|
|
4515
4563
|
const input = ctx.request.body;
|
|
4516
4564
|
await validateForgotPasswordInput(input);
|
|
4517
|
-
getService("auth").forgotPassword(input);
|
|
4565
|
+
getService$1("auth").forgotPassword(input);
|
|
4518
4566
|
ctx.status = 204;
|
|
4519
4567
|
},
|
|
4520
4568
|
async resetPassword(ctx) {
|
|
4521
4569
|
const input = ctx.request.body;
|
|
4522
4570
|
await validateResetPasswordInput(input);
|
|
4523
|
-
const user2 = await getService("auth").resetPassword(input);
|
|
4571
|
+
const user2 = await getService$1("auth").resetPassword(input);
|
|
4524
4572
|
ctx.body = {
|
|
4525
4573
|
data: {
|
|
4526
|
-
token: getService("token").createJwtToken(user2),
|
|
4527
|
-
user: getService("user").sanitizeUser(user2)
|
|
4574
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4575
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4528
4576
|
}
|
|
4529
4577
|
};
|
|
4530
4578
|
},
|
|
4531
4579
|
logout(ctx) {
|
|
4532
|
-
const sanitizedUser = getService("user").sanitizeUser(ctx.state.user);
|
|
4580
|
+
const sanitizedUser = getService$1("user").sanitizeUser(ctx.state.user);
|
|
4533
4581
|
strapi.eventHub.emit("admin.logout", { user: sanitizedUser });
|
|
4534
4582
|
ctx.body = { data: {} };
|
|
4535
4583
|
}
|
|
@@ -4545,7 +4593,7 @@ const permission = {
|
|
|
4545
4593
|
const { body: input } = ctx.request;
|
|
4546
4594
|
const { userAbility } = ctx.state;
|
|
4547
4595
|
await validateCheckPermissionsInput(input);
|
|
4548
|
-
const { engine: engine2 } = getService("permission");
|
|
4596
|
+
const { engine: engine2 } = getService$1("permission");
|
|
4549
4597
|
const checkPermissionsFn = engine2.checkMany(userAbility);
|
|
4550
4598
|
ctx.body = {
|
|
4551
4599
|
data: checkPermissionsFn(input.permissions)
|
|
@@ -4556,7 +4604,7 @@ const permission = {
|
|
|
4556
4604
|
* @param {KoaContext} ctx - koa context
|
|
4557
4605
|
*/
|
|
4558
4606
|
async getAll(ctx) {
|
|
4559
|
-
const { sectionsBuilder: sectionsBuilder2, actionProvider: actionProvider2, conditionProvider: conditionProvider2 } = getService("permission");
|
|
4607
|
+
const { sectionsBuilder: sectionsBuilder2, actionProvider: actionProvider2, conditionProvider: conditionProvider2 } = getService$1("permission");
|
|
4560
4608
|
const actions2 = actionProvider2.values();
|
|
4561
4609
|
const conditions2 = conditionProvider2.values();
|
|
4562
4610
|
const sections = await sectionsBuilder2.build(actions2);
|
|
@@ -4569,11 +4617,11 @@ const permission = {
|
|
|
4569
4617
|
};
|
|
4570
4618
|
}
|
|
4571
4619
|
};
|
|
4572
|
-
const roleCreateSchema = yup.object().shape({
|
|
4620
|
+
const roleCreateSchema$1 = yup.object().shape({
|
|
4573
4621
|
name: yup.string().min(1).required(),
|
|
4574
4622
|
description: yup.string().nullable()
|
|
4575
4623
|
}).noUnknown();
|
|
4576
|
-
const rolesDeleteSchema = yup.object().shape({
|
|
4624
|
+
const rolesDeleteSchema$1 = yup.object().shape({
|
|
4577
4625
|
ids: yup.array().of(yup.strapiID()).min(1).required().test("roles-deletion-checks", "Roles deletion checks have failed", async function(ids) {
|
|
4578
4626
|
try {
|
|
4579
4627
|
await strapi.service("admin::role").checkRolesIdForDeletion(ids);
|
|
@@ -4583,7 +4631,7 @@ const rolesDeleteSchema = yup.object().shape({
|
|
|
4583
4631
|
return true;
|
|
4584
4632
|
})
|
|
4585
4633
|
}).noUnknown();
|
|
4586
|
-
const roleDeleteSchema = yup.strapiID().required().test("no-admin-single-delete", "Role deletion checks have failed", async function(id) {
|
|
4634
|
+
const roleDeleteSchema$1 = yup.strapiID().required().test("no-admin-single-delete", "Role deletion checks have failed", async function(id) {
|
|
4587
4635
|
try {
|
|
4588
4636
|
await strapi.service("admin::role").checkRolesIdForDeletion([id]);
|
|
4589
4637
|
} catch (e) {
|
|
@@ -4595,21 +4643,21 @@ const roleUpdateSchema = yup.object().shape({
|
|
|
4595
4643
|
name: yup.string().min(1),
|
|
4596
4644
|
description: yup.string().nullable()
|
|
4597
4645
|
}).noUnknown();
|
|
4598
|
-
const validateRoleCreateInput = validateYupSchema(roleCreateSchema);
|
|
4646
|
+
const validateRoleCreateInput$1 = validateYupSchema(roleCreateSchema$1);
|
|
4599
4647
|
const validateRoleUpdateInput = validateYupSchema(roleUpdateSchema);
|
|
4600
|
-
const validateRolesDeleteInput = validateYupSchema(rolesDeleteSchema);
|
|
4601
|
-
const validateRoleDeleteInput = validateYupSchema(roleDeleteSchema);
|
|
4602
|
-
const { ApplicationError: ApplicationError$
|
|
4603
|
-
const { SUPER_ADMIN_CODE } = constants$3;
|
|
4604
|
-
const role = {
|
|
4648
|
+
const validateRolesDeleteInput$1 = validateYupSchema(rolesDeleteSchema$1);
|
|
4649
|
+
const validateRoleDeleteInput$1 = validateYupSchema(roleDeleteSchema$1);
|
|
4650
|
+
const { ApplicationError: ApplicationError$5 } = errors;
|
|
4651
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$2 } = constants$3;
|
|
4652
|
+
const role$2 = {
|
|
4605
4653
|
/**
|
|
4606
4654
|
* Create a new role
|
|
4607
4655
|
* @param {KoaContext} ctx - koa context
|
|
4608
4656
|
*/
|
|
4609
4657
|
async create(ctx) {
|
|
4610
4658
|
const { body } = ctx.request;
|
|
4611
|
-
await validateRoleCreateInput(body);
|
|
4612
|
-
const roleService = getService("role");
|
|
4659
|
+
await validateRoleCreateInput$1(body);
|
|
4660
|
+
const roleService = getService$1("role");
|
|
4613
4661
|
const role2 = await roleService.create(body);
|
|
4614
4662
|
const sanitizedRole = roleService.sanitizeRole(role2);
|
|
4615
4663
|
ctx.created({ data: sanitizedRole });
|
|
@@ -4620,7 +4668,7 @@ const role = {
|
|
|
4620
4668
|
*/
|
|
4621
4669
|
async findOne(ctx) {
|
|
4622
4670
|
const { id } = ctx.params;
|
|
4623
|
-
const role2 = await getService("role").findOneWithUsersCount({ id });
|
|
4671
|
+
const role2 = await getService$1("role").findOneWithUsersCount({ id });
|
|
4624
4672
|
if (!role2) {
|
|
4625
4673
|
return ctx.notFound("role.notFound");
|
|
4626
4674
|
}
|
|
@@ -4634,13 +4682,13 @@ const role = {
|
|
|
4634
4682
|
*/
|
|
4635
4683
|
async findAll(ctx) {
|
|
4636
4684
|
const { query } = ctx.request;
|
|
4637
|
-
const permissionsManager = getService("permission").createPermissionsManager({
|
|
4685
|
+
const permissionsManager = getService$1("permission").createPermissionsManager({
|
|
4638
4686
|
ability: ctx.state.userAbility,
|
|
4639
4687
|
model: "admin::role"
|
|
4640
4688
|
});
|
|
4641
4689
|
await permissionsManager.validateQuery(query);
|
|
4642
4690
|
const sanitizedQuery = await permissionsManager.sanitizeQuery(query);
|
|
4643
|
-
const roles2 = await getService("role").findAllWithUsersCount(sanitizedQuery);
|
|
4691
|
+
const roles2 = await getService$1("role").findAllWithUsersCount(sanitizedQuery);
|
|
4644
4692
|
ctx.body = {
|
|
4645
4693
|
data: roles2
|
|
4646
4694
|
};
|
|
@@ -4652,14 +4700,14 @@ const role = {
|
|
|
4652
4700
|
async update(ctx) {
|
|
4653
4701
|
const { id } = ctx.params;
|
|
4654
4702
|
const { body } = ctx.request;
|
|
4655
|
-
const roleService = getService("role");
|
|
4703
|
+
const roleService = getService$1("role");
|
|
4656
4704
|
await validateRoleUpdateInput(body);
|
|
4657
4705
|
const role2 = await roleService.findOne({ id });
|
|
4658
4706
|
if (!role2) {
|
|
4659
4707
|
return ctx.notFound("role.notFound");
|
|
4660
4708
|
}
|
|
4661
|
-
if (role2.code === SUPER_ADMIN_CODE) {
|
|
4662
|
-
throw new ApplicationError$
|
|
4709
|
+
if (role2.code === SUPER_ADMIN_CODE$2) {
|
|
4710
|
+
throw new ApplicationError$5("Super admin can't be edited.");
|
|
4663
4711
|
}
|
|
4664
4712
|
const updatedRole = await roleService.update({ id }, body);
|
|
4665
4713
|
const sanitizedRole = roleService.sanitizeRole(updatedRole);
|
|
@@ -4673,8 +4721,8 @@ const role = {
|
|
|
4673
4721
|
*/
|
|
4674
4722
|
async getPermissions(ctx) {
|
|
4675
4723
|
const { id } = ctx.params;
|
|
4676
|
-
const roleService = getService("role");
|
|
4677
|
-
const permissionService = getService("permission");
|
|
4724
|
+
const roleService = getService$1("role");
|
|
4725
|
+
const permissionService = getService$1("permission");
|
|
4678
4726
|
const role2 = await roleService.findOne({ id });
|
|
4679
4727
|
if (!role2) {
|
|
4680
4728
|
return ctx.notFound("role.notFound");
|
|
@@ -4693,14 +4741,14 @@ const role = {
|
|
|
4693
4741
|
async updatePermissions(ctx) {
|
|
4694
4742
|
const { id } = ctx.params;
|
|
4695
4743
|
const { body: input } = ctx.request;
|
|
4696
|
-
const roleService = getService("role");
|
|
4697
|
-
const permissionService = getService("permission");
|
|
4744
|
+
const roleService = getService$1("role");
|
|
4745
|
+
const permissionService = getService$1("permission");
|
|
4698
4746
|
const role2 = await roleService.findOne({ id });
|
|
4699
4747
|
if (!role2) {
|
|
4700
4748
|
return ctx.notFound("role.notFound");
|
|
4701
4749
|
}
|
|
4702
|
-
if (role2.code === SUPER_ADMIN_CODE) {
|
|
4703
|
-
throw new ApplicationError$
|
|
4750
|
+
if (role2.code === SUPER_ADMIN_CODE$2) {
|
|
4751
|
+
throw new ApplicationError$5("Super admin permissions can't be edited.");
|
|
4704
4752
|
}
|
|
4705
4753
|
await validatedUpdatePermissionsInput(input);
|
|
4706
4754
|
if (!role2) {
|
|
@@ -4718,8 +4766,8 @@ const role = {
|
|
|
4718
4766
|
*/
|
|
4719
4767
|
async deleteOne(ctx) {
|
|
4720
4768
|
const { id } = ctx.params;
|
|
4721
|
-
await validateRoleDeleteInput(id);
|
|
4722
|
-
const roleService = getService("role");
|
|
4769
|
+
await validateRoleDeleteInput$1(id);
|
|
4770
|
+
const roleService = getService$1("role");
|
|
4723
4771
|
const roles2 = await roleService.deleteByIds([id]);
|
|
4724
4772
|
const sanitizedRole = roles2.map((role2) => roleService.sanitizeRole(role2))[0] || null;
|
|
4725
4773
|
return ctx.deleted({
|
|
@@ -4732,8 +4780,8 @@ const role = {
|
|
|
4732
4780
|
*/
|
|
4733
4781
|
async deleteMany(ctx) {
|
|
4734
4782
|
const { body } = ctx.request;
|
|
4735
|
-
await validateRolesDeleteInput(body);
|
|
4736
|
-
const roleService = getService("role");
|
|
4783
|
+
await validateRolesDeleteInput$1(body);
|
|
4784
|
+
const roleService = getService$1("role");
|
|
4737
4785
|
const roles2 = await roleService.deleteByIds(body.ids);
|
|
4738
4786
|
const sanitizedRoles = roles2.map(roleService.sanitizeRole);
|
|
4739
4787
|
return ctx.deleted({
|
|
@@ -4746,11 +4794,11 @@ const {
|
|
|
4746
4794
|
handlers: { createPushController, createPullController }
|
|
4747
4795
|
}
|
|
4748
4796
|
} = strapi$1;
|
|
4749
|
-
const { UnauthorizedError } = errors;
|
|
4797
|
+
const { UnauthorizedError: UnauthorizedError$1 } = errors;
|
|
4750
4798
|
const verify = async (ctx, scope) => {
|
|
4751
4799
|
const { auth: auth2 } = ctx.state;
|
|
4752
4800
|
if (!auth2) {
|
|
4753
|
-
throw new UnauthorizedError();
|
|
4801
|
+
throw new UnauthorizedError$1();
|
|
4754
4802
|
}
|
|
4755
4803
|
await dataTransferAuthStrategy.verify(auth2, { scope });
|
|
4756
4804
|
};
|
|
@@ -4777,17 +4825,17 @@ const token$1 = {
|
|
|
4777
4825
|
validateTransferTokenCreationInput: validateTransferTokenCreationInput$1,
|
|
4778
4826
|
validateTransferTokenUpdateInput: validateTransferTokenUpdateInput$1
|
|
4779
4827
|
};
|
|
4780
|
-
const { ApplicationError: ApplicationError$
|
|
4828
|
+
const { ApplicationError: ApplicationError$4 } = errors;
|
|
4781
4829
|
const { validateTransferTokenCreationInput, validateTransferTokenUpdateInput } = token$1;
|
|
4782
4830
|
const token = {
|
|
4783
4831
|
async list(ctx) {
|
|
4784
|
-
const transferService = getService("transfer");
|
|
4832
|
+
const transferService = getService$1("transfer");
|
|
4785
4833
|
const transferTokens = await transferService.token.list();
|
|
4786
4834
|
ctx.body = { data: transferTokens };
|
|
4787
4835
|
},
|
|
4788
4836
|
async getById(ctx) {
|
|
4789
4837
|
const { id } = ctx.params;
|
|
4790
|
-
const tokenService = getService("transfer").token;
|
|
4838
|
+
const tokenService = getService$1("transfer").token;
|
|
4791
4839
|
const transferToken2 = await tokenService.getById(id);
|
|
4792
4840
|
if (!transferToken2) {
|
|
4793
4841
|
ctx.notFound("Transfer token not found");
|
|
@@ -4797,7 +4845,7 @@ const token = {
|
|
|
4797
4845
|
},
|
|
4798
4846
|
async create(ctx) {
|
|
4799
4847
|
const { body } = ctx.request;
|
|
4800
|
-
const { token: tokenService } = getService("transfer");
|
|
4848
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4801
4849
|
const attributes = {
|
|
4802
4850
|
name: trim(body.name),
|
|
4803
4851
|
description: trim(body.description),
|
|
@@ -4807,7 +4855,7 @@ const token = {
|
|
|
4807
4855
|
await validateTransferTokenCreationInput(attributes);
|
|
4808
4856
|
const alreadyExists = await tokenService.exists({ name: attributes.name });
|
|
4809
4857
|
if (alreadyExists) {
|
|
4810
|
-
throw new ApplicationError$
|
|
4858
|
+
throw new ApplicationError$4("Name already taken");
|
|
4811
4859
|
}
|
|
4812
4860
|
const transferTokens = await tokenService.create(attributes);
|
|
4813
4861
|
ctx.created({ data: transferTokens });
|
|
@@ -4815,7 +4863,7 @@ const token = {
|
|
|
4815
4863
|
async update(ctx) {
|
|
4816
4864
|
const { body } = ctx.request;
|
|
4817
4865
|
const { id } = ctx.params;
|
|
4818
|
-
const { token: tokenService } = getService("transfer");
|
|
4866
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4819
4867
|
const attributes = body;
|
|
4820
4868
|
if (has("name", attributes)) {
|
|
4821
4869
|
attributes.name = trim(body.name);
|
|
@@ -4831,7 +4879,7 @@ const token = {
|
|
|
4831
4879
|
if (has("name", attributes)) {
|
|
4832
4880
|
const nameAlreadyTaken = await tokenService.getByName(attributes.name);
|
|
4833
4881
|
if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {
|
|
4834
|
-
throw new ApplicationError$
|
|
4882
|
+
throw new ApplicationError$4("Name already taken");
|
|
4835
4883
|
}
|
|
4836
4884
|
}
|
|
4837
4885
|
const apiToken2 = await tokenService.update(id, attributes);
|
|
@@ -4839,13 +4887,13 @@ const token = {
|
|
|
4839
4887
|
},
|
|
4840
4888
|
async revoke(ctx) {
|
|
4841
4889
|
const { id } = ctx.params;
|
|
4842
|
-
const { token: tokenService } = getService("transfer");
|
|
4890
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4843
4891
|
const transferToken2 = await tokenService.revoke(id);
|
|
4844
4892
|
ctx.deleted({ data: transferToken2 });
|
|
4845
4893
|
},
|
|
4846
4894
|
async regenerate(ctx) {
|
|
4847
4895
|
const { id } = ctx.params;
|
|
4848
|
-
const { token: tokenService } = getService("transfer");
|
|
4896
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4849
4897
|
const exists2 = await tokenService.getById(id);
|
|
4850
4898
|
if (!exists2) {
|
|
4851
4899
|
ctx.notFound("Transfer token not found");
|
|
@@ -4860,12 +4908,12 @@ const transfer = {
|
|
|
4860
4908
|
...prefixActionsName("runner", runner),
|
|
4861
4909
|
...prefixActionsName("token", token)
|
|
4862
4910
|
};
|
|
4863
|
-
const { ApplicationError } = errors;
|
|
4864
|
-
const user = {
|
|
4911
|
+
const { ApplicationError: ApplicationError$3 } = errors;
|
|
4912
|
+
const user$2 = {
|
|
4865
4913
|
async create(ctx) {
|
|
4866
4914
|
const { body } = ctx.request;
|
|
4867
4915
|
const cleanData = { ...body, email: _.get(body, `email`, ``).toLowerCase() };
|
|
4868
|
-
await validateUserCreationInput(cleanData);
|
|
4916
|
+
await validateUserCreationInput$1(cleanData);
|
|
4869
4917
|
const attributes = _.pick(cleanData, [
|
|
4870
4918
|
"firstname",
|
|
4871
4919
|
"lastname",
|
|
@@ -4873,19 +4921,19 @@ const user = {
|
|
|
4873
4921
|
"roles",
|
|
4874
4922
|
"preferedLanguage"
|
|
4875
4923
|
]);
|
|
4876
|
-
const userAlreadyExists = await getService("user").exists({
|
|
4924
|
+
const userAlreadyExists = await getService$1("user").exists({
|
|
4877
4925
|
email: attributes.email
|
|
4878
4926
|
});
|
|
4879
4927
|
if (userAlreadyExists) {
|
|
4880
|
-
throw new ApplicationError("Email already taken");
|
|
4928
|
+
throw new ApplicationError$3("Email already taken");
|
|
4881
4929
|
}
|
|
4882
|
-
const createdUser = await getService("user").create(attributes);
|
|
4883
|
-
const userInfo = getService("user").sanitizeUser(createdUser);
|
|
4930
|
+
const createdUser = await getService$1("user").create(attributes);
|
|
4931
|
+
const userInfo = getService$1("user").sanitizeUser(createdUser);
|
|
4884
4932
|
Object.assign(userInfo, { registrationToken: createdUser.registrationToken });
|
|
4885
4933
|
ctx.created({ data: userInfo });
|
|
4886
4934
|
},
|
|
4887
4935
|
async find(ctx) {
|
|
4888
|
-
const userService = getService("user");
|
|
4936
|
+
const userService = getService$1("user");
|
|
4889
4937
|
const permissionsManager = strapi.service("admin::permission").createPermissionsManager({
|
|
4890
4938
|
ability: ctx.state.userAbility,
|
|
4891
4939
|
model: "admin::user"
|
|
@@ -4902,12 +4950,12 @@ const user = {
|
|
|
4902
4950
|
},
|
|
4903
4951
|
async findOne(ctx) {
|
|
4904
4952
|
const { id } = ctx.params;
|
|
4905
|
-
const user2 = await getService("user").findOne(id);
|
|
4953
|
+
const user2 = await getService$1("user").findOne(id);
|
|
4906
4954
|
if (!user2) {
|
|
4907
4955
|
return ctx.notFound("User does not exist");
|
|
4908
4956
|
}
|
|
4909
4957
|
ctx.body = {
|
|
4910
|
-
data: getService("user").sanitizeUser(user2)
|
|
4958
|
+
data: getService$1("user").sanitizeUser(user2)
|
|
4911
4959
|
};
|
|
4912
4960
|
},
|
|
4913
4961
|
async update(ctx) {
|
|
@@ -4915,30 +4963,30 @@ const user = {
|
|
|
4915
4963
|
const { body: input } = ctx.request;
|
|
4916
4964
|
await validateUserUpdateInput(input);
|
|
4917
4965
|
if (_.has(input, "email")) {
|
|
4918
|
-
const uniqueEmailCheck = await getService("user").exists({
|
|
4966
|
+
const uniqueEmailCheck = await getService$1("user").exists({
|
|
4919
4967
|
id: { $ne: id },
|
|
4920
4968
|
email: input.email
|
|
4921
4969
|
});
|
|
4922
4970
|
if (uniqueEmailCheck) {
|
|
4923
|
-
throw new ApplicationError("A user with this email address already exists");
|
|
4971
|
+
throw new ApplicationError$3("A user with this email address already exists");
|
|
4924
4972
|
}
|
|
4925
4973
|
}
|
|
4926
|
-
const updatedUser = await getService("user").updateById(id, input);
|
|
4974
|
+
const updatedUser = await getService$1("user").updateById(id, input);
|
|
4927
4975
|
if (!updatedUser) {
|
|
4928
4976
|
return ctx.notFound("User does not exist");
|
|
4929
4977
|
}
|
|
4930
4978
|
ctx.body = {
|
|
4931
|
-
data: getService("user").sanitizeUser(updatedUser)
|
|
4979
|
+
data: getService$1("user").sanitizeUser(updatedUser)
|
|
4932
4980
|
};
|
|
4933
4981
|
},
|
|
4934
4982
|
async deleteOne(ctx) {
|
|
4935
4983
|
const { id } = ctx.params;
|
|
4936
|
-
const deletedUser = await getService("user").deleteById(id);
|
|
4984
|
+
const deletedUser = await getService$1("user").deleteById(id);
|
|
4937
4985
|
if (!deletedUser) {
|
|
4938
4986
|
return ctx.notFound("User not found");
|
|
4939
4987
|
}
|
|
4940
4988
|
return ctx.deleted({
|
|
4941
|
-
data: getService("user").sanitizeUser(deletedUser)
|
|
4989
|
+
data: getService$1("user").sanitizeUser(deletedUser)
|
|
4942
4990
|
});
|
|
4943
4991
|
},
|
|
4944
4992
|
/**
|
|
@@ -4948,8 +4996,8 @@ const user = {
|
|
|
4948
4996
|
async deleteMany(ctx) {
|
|
4949
4997
|
const { body } = ctx.request;
|
|
4950
4998
|
await validateUsersDeleteInput(body);
|
|
4951
|
-
const users2 = await getService("user").deleteByIds(body.ids);
|
|
4952
|
-
const sanitizedUsers = users2.map(getService("user").sanitizeUser);
|
|
4999
|
+
const users2 = await getService$1("user").deleteByIds(body.ids);
|
|
5000
|
+
const sanitizedUsers = users2.map(getService$1("user").sanitizeUser);
|
|
4953
5001
|
return ctx.deleted({
|
|
4954
5002
|
data: sanitizedUsers
|
|
4955
5003
|
});
|
|
@@ -5069,15 +5117,15 @@ const contentApi = {
|
|
|
5069
5117
|
ctx.send({ data: routesMap });
|
|
5070
5118
|
}
|
|
5071
5119
|
};
|
|
5072
|
-
const
|
|
5073
|
-
admin,
|
|
5120
|
+
const controllers$1 = {
|
|
5121
|
+
admin: admin$3,
|
|
5074
5122
|
"api-token": apiToken$1,
|
|
5075
5123
|
"authenticated-user": authenticatedUser,
|
|
5076
|
-
authentication,
|
|
5124
|
+
authentication: authentication$1,
|
|
5077
5125
|
permission,
|
|
5078
|
-
role,
|
|
5126
|
+
role: role$2,
|
|
5079
5127
|
transfer,
|
|
5080
|
-
user,
|
|
5128
|
+
user: user$2,
|
|
5081
5129
|
webhooks,
|
|
5082
5130
|
"content-api": contentApi
|
|
5083
5131
|
};
|
|
@@ -5502,7 +5550,7 @@ const transferTokenPermission = {
|
|
|
5502
5550
|
}
|
|
5503
5551
|
}
|
|
5504
5552
|
};
|
|
5505
|
-
const
|
|
5553
|
+
const contentTypes = {
|
|
5506
5554
|
permission: { schema: Permission },
|
|
5507
5555
|
user: { schema: User },
|
|
5508
5556
|
role: { schema: Role },
|
|
@@ -5511,8 +5559,8 @@ const index$1 = {
|
|
|
5511
5559
|
"transfer-token": { schema: transferToken },
|
|
5512
5560
|
"transfer-token-permission": { schema: transferTokenPermission }
|
|
5513
5561
|
};
|
|
5514
|
-
const { RateLimitError } = utils$
|
|
5515
|
-
const rateLimit = (
|
|
5562
|
+
const { RateLimitError } = utils$2.errors;
|
|
5563
|
+
const rateLimit = (config2, { strapi: strapi2 }) => async (ctx, next) => {
|
|
5516
5564
|
let rateLimitConfig = strapi2.config.get("admin.rateLimit");
|
|
5517
5565
|
if (!rateLimitConfig) {
|
|
5518
5566
|
rateLimitConfig = {
|
|
@@ -5535,14 +5583,14 @@ const rateLimit = (config, { strapi: strapi2 }) => async (ctx, next) => {
|
|
|
5535
5583
|
throw new RateLimitError();
|
|
5536
5584
|
},
|
|
5537
5585
|
...rateLimitConfig,
|
|
5538
|
-
...
|
|
5586
|
+
...config2
|
|
5539
5587
|
};
|
|
5540
5588
|
return rateLimit2.middleware(loadConfig)(ctx, next);
|
|
5541
5589
|
}
|
|
5542
5590
|
return next();
|
|
5543
5591
|
};
|
|
5544
5592
|
const dataTransfer = () => async (ctx, next) => {
|
|
5545
|
-
const transferUtils = getService("transfer").utils;
|
|
5593
|
+
const transferUtils = getService$1("transfer").utils;
|
|
5546
5594
|
const { hasValidTokenSalt: hasValidTokenSalt2, isRemoteTransferEnabled: isRemoteTransferEnabled2 } = transferUtils;
|
|
5547
5595
|
if (isRemoteTransferEnabled2()) {
|
|
5548
5596
|
return next();
|
|
@@ -5560,20 +5608,1368 @@ const dataTransfer = () => async (ctx, next) => {
|
|
|
5560
5608
|
}
|
|
5561
5609
|
throw new Error("Unexpected error while trying to access a data transfer route");
|
|
5562
5610
|
};
|
|
5563
|
-
const
|
|
5611
|
+
const middlewares$1 = {
|
|
5564
5612
|
rateLimit,
|
|
5565
5613
|
"data-transfer": dataTransfer
|
|
5566
5614
|
};
|
|
5615
|
+
const register = async ({ strapi: strapi2 }) => {
|
|
5616
|
+
await register$2({ strapi: strapi2 });
|
|
5617
|
+
};
|
|
5618
|
+
const getService = (name2, { strapi: strapi2 } = { strapi: global.strapi }) => {
|
|
5619
|
+
return strapi2.service(`admin::${name2}`);
|
|
5620
|
+
};
|
|
5621
|
+
const actions = {
|
|
5622
|
+
sso: [
|
|
5623
|
+
{
|
|
5624
|
+
uid: "provider-login.read",
|
|
5625
|
+
displayName: "Read",
|
|
5626
|
+
pluginName: "admin",
|
|
5627
|
+
section: "settings",
|
|
5628
|
+
category: "single sign on",
|
|
5629
|
+
subCategory: "options"
|
|
5630
|
+
},
|
|
5631
|
+
{
|
|
5632
|
+
uid: "provider-login.update",
|
|
5633
|
+
displayName: "Update",
|
|
5634
|
+
pluginName: "admin",
|
|
5635
|
+
section: "settings",
|
|
5636
|
+
category: "single sign on",
|
|
5637
|
+
subCategory: "options"
|
|
5638
|
+
}
|
|
5639
|
+
],
|
|
5640
|
+
auditLogs: [
|
|
5641
|
+
{
|
|
5642
|
+
uid: "audit-logs.read",
|
|
5643
|
+
displayName: "Read",
|
|
5644
|
+
pluginName: "admin",
|
|
5645
|
+
section: "settings",
|
|
5646
|
+
category: "audit logs",
|
|
5647
|
+
subCategory: "options"
|
|
5648
|
+
}
|
|
5649
|
+
]
|
|
5650
|
+
};
|
|
5651
|
+
const transformTableName = (table) => {
|
|
5652
|
+
if (typeof table === "string") {
|
|
5653
|
+
return { name: table };
|
|
5654
|
+
}
|
|
5655
|
+
return table;
|
|
5656
|
+
};
|
|
5657
|
+
async function findTables({ strapi: strapi2 }, regex) {
|
|
5658
|
+
const tables = await strapi2.db.dialect.schemaInspector.getTables();
|
|
5659
|
+
return tables.filter((tableName) => regex.test(tableName));
|
|
5660
|
+
}
|
|
5661
|
+
async function addPersistTables({ strapi: strapi2 }, tableNames) {
|
|
5662
|
+
const persistedTables = await getPersistedTables({ strapi: strapi2 });
|
|
5663
|
+
const tables = tableNames.map(transformTableName);
|
|
5664
|
+
const notPersistedTableNames = differenceWith(isEqual, tables, persistedTables);
|
|
5665
|
+
const tablesToPersist = differenceWith(
|
|
5666
|
+
(t1, t2) => t1.name === t2.name,
|
|
5667
|
+
persistedTables,
|
|
5668
|
+
notPersistedTableNames
|
|
5669
|
+
);
|
|
5670
|
+
if (!notPersistedTableNames.length) {
|
|
5671
|
+
return;
|
|
5672
|
+
}
|
|
5673
|
+
tablesToPersist.push(...notPersistedTableNames);
|
|
5674
|
+
await strapi2.store.set({
|
|
5675
|
+
type: "core",
|
|
5676
|
+
key: "persisted_tables",
|
|
5677
|
+
value: tablesToPersist
|
|
5678
|
+
});
|
|
5679
|
+
}
|
|
5680
|
+
async function getPersistedTables({ strapi: strapi2 }) {
|
|
5681
|
+
const persistedTables = await strapi2.store.get({
|
|
5682
|
+
type: "core",
|
|
5683
|
+
key: "persisted_tables"
|
|
5684
|
+
});
|
|
5685
|
+
return (persistedTables || []).map(transformTableName);
|
|
5686
|
+
}
|
|
5687
|
+
const persistTablesWithPrefix = async (tableNamePrefix) => {
|
|
5688
|
+
const tableNameRegex = new RegExp(`^${tableNamePrefix}.*`);
|
|
5689
|
+
const tableNames = await findTables({ strapi }, tableNameRegex);
|
|
5690
|
+
await addPersistTables({ strapi }, tableNames);
|
|
5691
|
+
};
|
|
5692
|
+
const bootstrap = async (args) => {
|
|
5693
|
+
const { actionProvider: actionProvider2 } = getService("permission");
|
|
5694
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
5695
|
+
await actionProvider2.registerMany(actions.sso);
|
|
5696
|
+
}
|
|
5697
|
+
if (strapi.ee.features.isEnabled("audit-logs")) {
|
|
5698
|
+
await persistTablesWithPrefix("strapi_audit_logs");
|
|
5699
|
+
await actionProvider2.registerMany(actions.auditLogs);
|
|
5700
|
+
}
|
|
5701
|
+
await getService("seat-enforcement").seatEnforcementWorkflow();
|
|
5702
|
+
await bootstrap$1(args);
|
|
5703
|
+
};
|
|
5704
|
+
const destroy = async ({ strapi: strapi2 }) => {
|
|
5705
|
+
await destroy$1();
|
|
5706
|
+
};
|
|
5707
|
+
const adminContentTypes = {};
|
|
5708
|
+
const isSsoLocked = async (user2) => {
|
|
5709
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5710
|
+
return false;
|
|
5711
|
+
}
|
|
5712
|
+
if (!user2) {
|
|
5713
|
+
throw new Error("Missing user object");
|
|
5714
|
+
}
|
|
5715
|
+
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
5716
|
+
const { providers: providers2 } = await adminStore.get({ key: "auth" });
|
|
5717
|
+
const lockedRoles = providers2.ssoLockedRoles ?? [];
|
|
5718
|
+
if (isEmpty(lockedRoles)) {
|
|
5719
|
+
return false;
|
|
5720
|
+
}
|
|
5721
|
+
const roles2 = (
|
|
5722
|
+
// If the roles are pre-loaded for the given user, then use them
|
|
5723
|
+
user2.roles ?? // Otherwise, try to load the role based on the given user ID
|
|
5724
|
+
await strapi.db.query("admin::user").load(user2, "roles", { roles: { fields: ["id"] } }) ?? // If the query fails somehow, default to an empty array
|
|
5725
|
+
[]
|
|
5726
|
+
);
|
|
5727
|
+
const isLocked = lockedRoles.some(
|
|
5728
|
+
(lockedId) => (
|
|
5729
|
+
// lockedRoles will be a string to avoid issues with frontend and bigints
|
|
5730
|
+
roles2.some((role2) => lockedId === role2.id.toString())
|
|
5731
|
+
)
|
|
5732
|
+
);
|
|
5733
|
+
return isLocked;
|
|
5734
|
+
};
|
|
5735
|
+
const { ApplicationError: ApplicationError$2 } = errors;
|
|
5736
|
+
const forgotPassword = async ({ email: email2 } = {}) => {
|
|
5737
|
+
const user2 = await strapi.db.query("admin::user").findOne({ where: { email: email2, isActive: true } });
|
|
5738
|
+
if (!user2 || await isSsoLocked(user2)) {
|
|
5739
|
+
return;
|
|
5740
|
+
}
|
|
5741
|
+
const resetPasswordToken = getService("token").createToken();
|
|
5742
|
+
await getService("user").updateById(user2.id, { resetPasswordToken });
|
|
5743
|
+
const url = `${strapi.config.get(
|
|
5744
|
+
"admin.absoluteUrl"
|
|
5745
|
+
)}/auth/reset-password?code=${resetPasswordToken}`;
|
|
5746
|
+
return strapi.plugin("email").service("email").sendTemplatedEmail(
|
|
5747
|
+
{
|
|
5748
|
+
to: user2.email,
|
|
5749
|
+
from: strapi.config.get("admin.forgotPassword.from"),
|
|
5750
|
+
replyTo: strapi.config.get("admin.forgotPassword.replyTo")
|
|
5751
|
+
},
|
|
5752
|
+
strapi.config.get("admin.forgotPassword.emailTemplate"),
|
|
5753
|
+
{
|
|
5754
|
+
url,
|
|
5755
|
+
user: ___default.pick(user2, ["email", "firstname", "lastname", "username"])
|
|
5756
|
+
}
|
|
5757
|
+
).catch((err) => {
|
|
5758
|
+
strapi.log.error(err);
|
|
5759
|
+
});
|
|
5760
|
+
};
|
|
5761
|
+
const resetPassword = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
5762
|
+
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { resetPasswordToken, isActive: true } });
|
|
5763
|
+
if (!matchingUser || await isSsoLocked(matchingUser)) {
|
|
5764
|
+
throw new ApplicationError$2();
|
|
5765
|
+
}
|
|
5766
|
+
return getService("user").updateById(matchingUser.id, {
|
|
5767
|
+
password: password2,
|
|
5768
|
+
resetPasswordToken: null
|
|
5769
|
+
});
|
|
5770
|
+
};
|
|
5771
|
+
const auth = {
|
|
5772
|
+
forgotPassword,
|
|
5773
|
+
resetPassword
|
|
5774
|
+
};
|
|
5775
|
+
const createProviderRegistry = () => {
|
|
5776
|
+
const registry = /* @__PURE__ */ new Map();
|
|
5777
|
+
Object.assign(registry, {
|
|
5778
|
+
register(provider) {
|
|
5779
|
+
if (strapi.isLoaded) {
|
|
5780
|
+
throw new Error(`You can't register new provider after the bootstrap`);
|
|
5781
|
+
}
|
|
5782
|
+
this.set(provider.uid, provider);
|
|
5783
|
+
},
|
|
5784
|
+
registerMany(providers2) {
|
|
5785
|
+
providers2.forEach((provider) => {
|
|
5786
|
+
this.register(provider);
|
|
5787
|
+
});
|
|
5788
|
+
},
|
|
5789
|
+
getAll() {
|
|
5790
|
+
return Array.from(this.values());
|
|
5791
|
+
}
|
|
5792
|
+
});
|
|
5793
|
+
return registry;
|
|
5794
|
+
};
|
|
5795
|
+
const providerRegistry = createProviderRegistry();
|
|
5796
|
+
const errorMessage = "SSO is disabled. Its functionnalities cannot be accessed.";
|
|
5797
|
+
const getStrategyCallbackURL = (providerName) => {
|
|
5798
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5799
|
+
throw new Error(errorMessage);
|
|
5800
|
+
}
|
|
5801
|
+
return `/admin/connect/${providerName}`;
|
|
5802
|
+
};
|
|
5803
|
+
const syncProviderRegistryWithConfig = () => {
|
|
5804
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5805
|
+
throw new Error(errorMessage);
|
|
5806
|
+
}
|
|
5807
|
+
const { providers: providers2 = [] } = strapi.config.get("admin.auth", {});
|
|
5808
|
+
providerRegistry.registerMany(providers2);
|
|
5809
|
+
};
|
|
5810
|
+
const SSOAuthEventsMapper = {
|
|
5811
|
+
onSSOAutoRegistration: "admin.auth.autoRegistration"
|
|
5812
|
+
};
|
|
5813
|
+
const sso$1 = {
|
|
5814
|
+
providerRegistry,
|
|
5815
|
+
getStrategyCallbackURL,
|
|
5816
|
+
syncProviderRegistryWithConfig,
|
|
5817
|
+
authEventsMapper: { ...passport$1.authEventsMapper, ...SSOAuthEventsMapper }
|
|
5818
|
+
};
|
|
5819
|
+
const { UnauthorizedError } = errors;
|
|
5820
|
+
const localStrategyMiddleware = async ([error, user2, message], done) => {
|
|
5821
|
+
if (user2 && !error && await isSsoLocked(user2)) {
|
|
5822
|
+
return done(
|
|
5823
|
+
new UnauthorizedError("Login not allowed, please contact your administrator", {
|
|
5824
|
+
code: "LOGIN_NOT_ALLOWED"
|
|
5825
|
+
}),
|
|
5826
|
+
user2,
|
|
5827
|
+
message
|
|
5828
|
+
);
|
|
5829
|
+
}
|
|
5830
|
+
return done(error, user2, message);
|
|
5831
|
+
};
|
|
5832
|
+
const getPassportStrategies = () => {
|
|
5833
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5834
|
+
return [createLocalStrategy(strapi)];
|
|
5835
|
+
}
|
|
5836
|
+
const localStrategy = createLocalStrategy(strapi, localStrategyMiddleware);
|
|
5837
|
+
if (!strapi.isLoaded) {
|
|
5838
|
+
sso$1.syncProviderRegistryWithConfig();
|
|
5839
|
+
}
|
|
5840
|
+
const providers2 = sso$1.providerRegistry.getAll();
|
|
5841
|
+
const strategies = providers2.map((provider) => provider.createStrategy(strapi));
|
|
5842
|
+
return [localStrategy, ...strategies];
|
|
5843
|
+
};
|
|
5844
|
+
const passport = {
|
|
5845
|
+
getPassportStrategies,
|
|
5846
|
+
...sso$1
|
|
5847
|
+
};
|
|
5848
|
+
const { ApplicationError: ApplicationError$1 } = errors;
|
|
5849
|
+
const ssoCheckRolesIdForDeletion = async (ids) => {
|
|
5850
|
+
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
5851
|
+
const {
|
|
5852
|
+
providers: { defaultRole }
|
|
5853
|
+
} = await adminStore.get({ key: "auth" });
|
|
5854
|
+
for (const roleId of ids) {
|
|
5855
|
+
if (defaultRole && toString(defaultRole) === toString(roleId)) {
|
|
5856
|
+
throw new ApplicationError$1(
|
|
5857
|
+
"This role is used as the default SSO role. Make sure to change this configuration before deleting the role"
|
|
5858
|
+
);
|
|
5859
|
+
}
|
|
5860
|
+
}
|
|
5861
|
+
};
|
|
5862
|
+
const role$1 = {
|
|
5863
|
+
ssoCheckRolesIdForDeletion
|
|
5864
|
+
};
|
|
5865
|
+
const { ValidationError: ValidationError$1 } = errors;
|
|
5866
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$1 } = constants$3;
|
|
5867
|
+
const updateEEDisabledUsersList = async (id, input) => {
|
|
5868
|
+
const disabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
5869
|
+
if (!disabledUsers) {
|
|
5870
|
+
return;
|
|
5871
|
+
}
|
|
5872
|
+
const user2 = disabledUsers.find((user22) => user22.id === Number(id));
|
|
5873
|
+
if (!user2) {
|
|
5874
|
+
return;
|
|
5875
|
+
}
|
|
5876
|
+
if (user2.isActive !== input.isActive) {
|
|
5877
|
+
const newDisabledUsersList = disabledUsers.filter((user22) => user22.id !== Number(id));
|
|
5878
|
+
await strapi.store.set({
|
|
5879
|
+
type: "ee",
|
|
5880
|
+
key: "disabled_users",
|
|
5881
|
+
value: newDisabledUsersList
|
|
5882
|
+
});
|
|
5883
|
+
}
|
|
5884
|
+
};
|
|
5885
|
+
const castNumberArray = pipe(castArray, map(toNumber));
|
|
5886
|
+
const removeFromEEDisabledUsersList = async (ids) => {
|
|
5887
|
+
let idsToCheck;
|
|
5888
|
+
if (typeof ids === "object") {
|
|
5889
|
+
idsToCheck = castNumberArray(ids);
|
|
5890
|
+
} else {
|
|
5891
|
+
idsToCheck = [Number(ids)];
|
|
5892
|
+
}
|
|
5893
|
+
const disabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
5894
|
+
if (!disabledUsers) {
|
|
5895
|
+
return;
|
|
5896
|
+
}
|
|
5897
|
+
const newDisabledUsersList = disabledUsers.filter((user2) => !idsToCheck.includes(user2.id));
|
|
5898
|
+
await strapi.store.set({
|
|
5899
|
+
type: "ee",
|
|
5900
|
+
key: "disabled_users",
|
|
5901
|
+
value: newDisabledUsersList
|
|
5902
|
+
});
|
|
5903
|
+
};
|
|
5904
|
+
const updateById = async (id, attributes) => {
|
|
5905
|
+
if (___default.has(attributes, "roles")) {
|
|
5906
|
+
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
5907
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5908
|
+
const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles, superAdminRole.id);
|
|
5909
|
+
if (lastAdminUser && willRemoveSuperAdminRole) {
|
|
5910
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5911
|
+
}
|
|
5912
|
+
}
|
|
5913
|
+
if (attributes.isActive === false) {
|
|
5914
|
+
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
5915
|
+
if (lastAdminUser) {
|
|
5916
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5917
|
+
}
|
|
5918
|
+
}
|
|
5919
|
+
if (___default.has(attributes, "password")) {
|
|
5920
|
+
const hashedPassword = await getService("auth").hashPassword(attributes.password);
|
|
5921
|
+
const updatedUser2 = await strapi.db.query("admin::user").update({
|
|
5922
|
+
where: { id },
|
|
5923
|
+
data: {
|
|
5924
|
+
...attributes,
|
|
5925
|
+
password: hashedPassword
|
|
5926
|
+
},
|
|
5927
|
+
populate: ["roles"]
|
|
5928
|
+
});
|
|
5929
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser2) });
|
|
5930
|
+
return updatedUser2;
|
|
5931
|
+
}
|
|
5932
|
+
const updatedUser = await strapi.db.query("admin::user").update({
|
|
5933
|
+
where: { id },
|
|
5934
|
+
data: attributes,
|
|
5935
|
+
populate: ["roles"]
|
|
5936
|
+
});
|
|
5937
|
+
await updateEEDisabledUsersList(id, attributes);
|
|
5938
|
+
if (updatedUser) {
|
|
5939
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser) });
|
|
5940
|
+
}
|
|
5941
|
+
return updatedUser;
|
|
5942
|
+
};
|
|
5943
|
+
const deleteById = async (id) => {
|
|
5944
|
+
const userToDelete = await strapi.db.query("admin::user").findOne({
|
|
5945
|
+
where: { id },
|
|
5946
|
+
populate: ["roles"]
|
|
5947
|
+
});
|
|
5948
|
+
if (!userToDelete) {
|
|
5949
|
+
return null;
|
|
5950
|
+
}
|
|
5951
|
+
if (userToDelete) {
|
|
5952
|
+
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$1)) {
|
|
5953
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5954
|
+
if (superAdminRole.usersCount === 1) {
|
|
5955
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5956
|
+
}
|
|
5957
|
+
}
|
|
5958
|
+
}
|
|
5959
|
+
const deletedUser = await strapi.db.query("admin::user").delete({ where: { id }, populate: ["roles"] });
|
|
5960
|
+
await removeFromEEDisabledUsersList(id);
|
|
5961
|
+
strapi.eventHub.emit("user.delete", { user: sanitizeUser(deletedUser) });
|
|
5962
|
+
return deletedUser;
|
|
5963
|
+
};
|
|
5964
|
+
const deleteByIds = async (ids) => {
|
|
5965
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5966
|
+
const nbOfSuperAdminToDelete = await strapi.db.query("admin::user").count({
|
|
5967
|
+
where: {
|
|
5968
|
+
id: ids,
|
|
5969
|
+
roles: { id: superAdminRole.id }
|
|
5970
|
+
}
|
|
5971
|
+
});
|
|
5972
|
+
if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
|
|
5973
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5974
|
+
}
|
|
5975
|
+
const deletedUsers = [];
|
|
5976
|
+
for (const id of ids) {
|
|
5977
|
+
const deletedUser = await strapi.db.query("admin::user").delete({
|
|
5978
|
+
where: { id },
|
|
5979
|
+
populate: ["roles"]
|
|
5980
|
+
});
|
|
5981
|
+
deletedUsers.push(deletedUser);
|
|
5982
|
+
}
|
|
5983
|
+
await removeFromEEDisabledUsersList(ids);
|
|
5984
|
+
strapi.eventHub.emit("user.delete", {
|
|
5985
|
+
users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser))
|
|
5986
|
+
});
|
|
5987
|
+
return deletedUsers;
|
|
5988
|
+
};
|
|
5989
|
+
const sanitizeUserRoles = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
5990
|
+
const isLastSuperAdminUser = async (userId) => {
|
|
5991
|
+
const user2 = await findOne(userId);
|
|
5992
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5993
|
+
return superAdminRole.usersCount === 1 && hasSuperAdminRole$1(user2);
|
|
5994
|
+
};
|
|
5995
|
+
const sanitizeUser = (user2) => {
|
|
5996
|
+
return {
|
|
5997
|
+
...___default.omit(user2, ["password", "resetPasswordToken", "registrationToken", "roles"]),
|
|
5998
|
+
roles: user2.roles && user2.roles.map(sanitizeUserRoles)
|
|
5999
|
+
};
|
|
6000
|
+
};
|
|
6001
|
+
const findOne = async (id, populate = ["roles"]) => {
|
|
6002
|
+
return strapi.db.query("admin::user").findOne({ where: { id }, populate });
|
|
6003
|
+
};
|
|
6004
|
+
const getCurrentActiveUserCount = async () => {
|
|
6005
|
+
return strapi.db.query("admin::user").count({ where: { isActive: true } });
|
|
6006
|
+
};
|
|
6007
|
+
const user$1 = {
|
|
6008
|
+
updateEEDisabledUsersList,
|
|
6009
|
+
removeFromEEDisabledUsersList,
|
|
6010
|
+
getCurrentActiveUserCount,
|
|
6011
|
+
deleteByIds,
|
|
6012
|
+
deleteById,
|
|
6013
|
+
updateById
|
|
6014
|
+
};
|
|
6015
|
+
const getSSOProvidersList = async () => {
|
|
6016
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6017
|
+
return providerRegistry2.getAll().map(({ uid }) => uid);
|
|
6018
|
+
};
|
|
6019
|
+
const sendUpdateProjectInformation = async (strapi2) => {
|
|
6020
|
+
let groupProperties = {};
|
|
6021
|
+
const numberOfActiveAdminUsers = await getService("user").count({ isActive: true });
|
|
6022
|
+
const numberOfAdminUsers = await getService("user").count();
|
|
6023
|
+
if (strapi2.ee.features.isEnabled("sso")) {
|
|
6024
|
+
const SSOProviders = await getSSOProvidersList();
|
|
6025
|
+
groupProperties = assign(groupProperties, {
|
|
6026
|
+
SSOProviders,
|
|
6027
|
+
isSSOConfigured: SSOProviders.length !== 0
|
|
6028
|
+
});
|
|
6029
|
+
}
|
|
6030
|
+
if (strapi2.ee.features.isEnabled("cms-content-releases")) {
|
|
6031
|
+
const numberOfContentReleases = await strapi2.db.query("plugin::content-releases.release").count();
|
|
6032
|
+
const numberOfPublishedContentReleases = await strapi2.db.query("plugin::content-releases.release").count({
|
|
6033
|
+
filters: { releasedAt: { $notNull: true } }
|
|
6034
|
+
});
|
|
6035
|
+
groupProperties = assign(groupProperties, {
|
|
6036
|
+
numberOfContentReleases,
|
|
6037
|
+
numberOfPublishedContentReleases
|
|
6038
|
+
});
|
|
6039
|
+
}
|
|
6040
|
+
groupProperties = assign(groupProperties, { numberOfActiveAdminUsers, numberOfAdminUsers });
|
|
6041
|
+
strapi2.telemetry.send("didUpdateProjectInformation", {
|
|
6042
|
+
groupProperties
|
|
6043
|
+
});
|
|
6044
|
+
};
|
|
6045
|
+
const startCron = (strapi2) => {
|
|
6046
|
+
strapi2.cron.add({
|
|
6047
|
+
"0 0 0 * * *": () => sendUpdateProjectInformation(strapi2)
|
|
6048
|
+
});
|
|
6049
|
+
};
|
|
6050
|
+
const metrics = { startCron, getSSOProvidersList, sendUpdateProjectInformation };
|
|
6051
|
+
const { SUPER_ADMIN_CODE } = constants$3;
|
|
6052
|
+
const getDisabledUserList = async () => {
|
|
6053
|
+
return strapi.store.get({ type: "ee", key: "disabled_users" });
|
|
6054
|
+
};
|
|
6055
|
+
const enableMaximumUserCount = async (numberOfUsersToEnable) => {
|
|
6056
|
+
const disabledUsers = await getDisabledUserList();
|
|
6057
|
+
const orderedDisabledUsers = reverse(disabledUsers);
|
|
6058
|
+
const usersToEnable = take(numberOfUsersToEnable, orderedDisabledUsers);
|
|
6059
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6060
|
+
where: { id: map(prop("id"), usersToEnable) },
|
|
6061
|
+
data: { isActive: true }
|
|
6062
|
+
});
|
|
6063
|
+
const remainingDisabledUsers = drop(numberOfUsersToEnable, orderedDisabledUsers);
|
|
6064
|
+
await strapi.store.set({
|
|
6065
|
+
type: "ee",
|
|
6066
|
+
key: "disabled_users",
|
|
6067
|
+
value: remainingDisabledUsers
|
|
6068
|
+
});
|
|
6069
|
+
};
|
|
6070
|
+
const disableUsersAboveLicenseLimit = async (numberOfUsersToDisable) => {
|
|
6071
|
+
const currentlyDisabledUsers = await getDisabledUserList() ?? [];
|
|
6072
|
+
const usersToDisable = [];
|
|
6073
|
+
const nonSuperAdminUsersToDisable = await strapi.db.query("admin::user").findMany({
|
|
6074
|
+
where: {
|
|
6075
|
+
isActive: true,
|
|
6076
|
+
roles: {
|
|
6077
|
+
code: { $ne: SUPER_ADMIN_CODE }
|
|
6078
|
+
}
|
|
6079
|
+
},
|
|
6080
|
+
orderBy: { createdAt: "DESC" },
|
|
6081
|
+
limit: numberOfUsersToDisable
|
|
6082
|
+
});
|
|
6083
|
+
usersToDisable.push(...nonSuperAdminUsersToDisable);
|
|
6084
|
+
if (nonSuperAdminUsersToDisable.length < numberOfUsersToDisable) {
|
|
6085
|
+
const superAdminUsersToDisable = await strapi.db.query("admin::user").findMany({
|
|
6086
|
+
where: {
|
|
6087
|
+
isActive: true,
|
|
6088
|
+
roles: { code: SUPER_ADMIN_CODE }
|
|
6089
|
+
},
|
|
6090
|
+
orderBy: { createdAt: "DESC" },
|
|
6091
|
+
limit: numberOfUsersToDisable - nonSuperAdminUsersToDisable.length
|
|
6092
|
+
});
|
|
6093
|
+
usersToDisable.push(...superAdminUsersToDisable);
|
|
6094
|
+
}
|
|
6095
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6096
|
+
where: { id: map(prop("id"), usersToDisable) },
|
|
6097
|
+
data: { isActive: false }
|
|
6098
|
+
});
|
|
6099
|
+
await strapi.store.set({
|
|
6100
|
+
type: "ee",
|
|
6101
|
+
key: "disabled_users",
|
|
6102
|
+
value: currentlyDisabledUsers.concat(map(pick(["id", "isActive"]), usersToDisable))
|
|
6103
|
+
});
|
|
6104
|
+
};
|
|
6105
|
+
const syncDisabledUserRecords = async () => {
|
|
6106
|
+
const disabledUsers = await strapi.store.get({ type: "ee", key: "disabled_users" });
|
|
6107
|
+
if (!disabledUsers) {
|
|
6108
|
+
return;
|
|
6109
|
+
}
|
|
6110
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6111
|
+
where: { id: map(prop("id"), disabledUsers) },
|
|
6112
|
+
data: { isActive: false }
|
|
6113
|
+
});
|
|
6114
|
+
};
|
|
6115
|
+
const seatEnforcementWorkflow = async () => {
|
|
6116
|
+
const adminSeats = strapi.ee.seats;
|
|
6117
|
+
if (isNil(adminSeats)) {
|
|
6118
|
+
return;
|
|
6119
|
+
}
|
|
6120
|
+
await syncDisabledUserRecords();
|
|
6121
|
+
const currentActiveUserCount = await getService("user").getCurrentActiveUserCount();
|
|
6122
|
+
const adminSeatsLeft = adminSeats - currentActiveUserCount;
|
|
6123
|
+
if (adminSeatsLeft > 0) {
|
|
6124
|
+
await enableMaximumUserCount(adminSeatsLeft);
|
|
6125
|
+
} else if (adminSeatsLeft < 0) {
|
|
6126
|
+
await disableUsersAboveLicenseLimit(-adminSeatsLeft);
|
|
6127
|
+
}
|
|
6128
|
+
};
|
|
6129
|
+
const seatEnforcement = {
|
|
6130
|
+
seatEnforcementWorkflow,
|
|
6131
|
+
getDisabledUserList
|
|
6132
|
+
};
|
|
6133
|
+
const services = {
|
|
6134
|
+
auth,
|
|
6135
|
+
passport,
|
|
6136
|
+
role: role$1,
|
|
6137
|
+
user: user$1,
|
|
6138
|
+
metrics,
|
|
6139
|
+
"seat-enforcement": seatEnforcement
|
|
6140
|
+
};
|
|
6141
|
+
const providerOptionsUpdateSchema = yup.object().shape({
|
|
6142
|
+
autoRegister: yup.boolean().required(),
|
|
6143
|
+
defaultRole: yup.strapiID().when("autoRegister", (value, initSchema) => {
|
|
6144
|
+
return value ? initSchema.required() : initSchema.nullable();
|
|
6145
|
+
}).test("is-valid-role", "You must submit a valid default role", (roleId) => {
|
|
6146
|
+
if (roleId === null) {
|
|
6147
|
+
return true;
|
|
6148
|
+
}
|
|
6149
|
+
return strapi.service("admin::role").exists({ id: roleId });
|
|
6150
|
+
}),
|
|
6151
|
+
ssoLockedRoles: yup.array().nullable().of(
|
|
6152
|
+
yup.strapiID().test(
|
|
6153
|
+
"is-valid-role",
|
|
6154
|
+
"You must submit a valid role for the SSO Locked roles",
|
|
6155
|
+
(roleId) => {
|
|
6156
|
+
return strapi.service("admin::role").exists({ id: roleId });
|
|
6157
|
+
}
|
|
6158
|
+
)
|
|
6159
|
+
)
|
|
6160
|
+
});
|
|
6161
|
+
const validateProviderOptionsUpdate = validateYupSchema(providerOptionsUpdateSchema);
|
|
6162
|
+
const PROVIDER_REDIRECT_BASE = "/auth/login";
|
|
6163
|
+
const PROVIDER_REDIRECT_SUCCESS = `${PROVIDER_REDIRECT_BASE}/success`;
|
|
6164
|
+
const PROVIDER_REDIRECT_ERROR = `${PROVIDER_REDIRECT_BASE}/error`;
|
|
6165
|
+
const PROVIDER_URLS_MAP = {
|
|
6166
|
+
success: PROVIDER_REDIRECT_SUCCESS,
|
|
6167
|
+
error: PROVIDER_REDIRECT_ERROR
|
|
6168
|
+
};
|
|
6169
|
+
const getAdminStore = async () => strapi.store({ type: "core", name: "admin" });
|
|
6170
|
+
const getPrefixedRedirectUrls = () => {
|
|
6171
|
+
const { url: adminUrl } = strapi.config.get("admin");
|
|
6172
|
+
const prefixUrl = (url) => `${adminUrl || "/admin"}${url}`;
|
|
6173
|
+
return mapValues(prefixUrl, PROVIDER_URLS_MAP);
|
|
6174
|
+
};
|
|
6175
|
+
const utils = {
|
|
6176
|
+
getAdminStore,
|
|
6177
|
+
getPrefixedRedirectUrls
|
|
6178
|
+
};
|
|
6179
|
+
const defaultConnectionError = () => new Error("Invalid connection payload");
|
|
6180
|
+
const authenticate = async (ctx, next) => {
|
|
6181
|
+
const {
|
|
6182
|
+
params: { provider }
|
|
6183
|
+
} = ctx;
|
|
6184
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6185
|
+
return passport$2.authenticate(provider, null, async (error, profile) => {
|
|
6186
|
+
if (error || !profile || !profile.email) {
|
|
6187
|
+
if (error) {
|
|
6188
|
+
strapi.log.error(error);
|
|
6189
|
+
}
|
|
6190
|
+
strapi.eventHub.emit("admin.auth.error", {
|
|
6191
|
+
error: error || defaultConnectionError(),
|
|
6192
|
+
provider
|
|
6193
|
+
});
|
|
6194
|
+
return ctx.redirect(redirectUrls.error);
|
|
6195
|
+
}
|
|
6196
|
+
const user2 = await getService("user").findOneByEmail(profile.email);
|
|
6197
|
+
const scenario = user2 ? existingUserScenario : nonExistingUserScenario;
|
|
6198
|
+
return scenario(ctx, next)(user2 || profile, provider);
|
|
6199
|
+
})(ctx, next);
|
|
6200
|
+
};
|
|
6201
|
+
const existingUserScenario = (ctx, next) => async (user2, provider) => {
|
|
6202
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6203
|
+
if (!user2.isActive) {
|
|
6204
|
+
strapi.eventHub.emit("admin.auth.error", {
|
|
6205
|
+
error: new Error(`Deactivated user tried to login (${user2.id})`),
|
|
6206
|
+
provider
|
|
6207
|
+
});
|
|
6208
|
+
return ctx.redirect(redirectUrls.error);
|
|
6209
|
+
}
|
|
6210
|
+
ctx.state.user = user2;
|
|
6211
|
+
return next();
|
|
6212
|
+
};
|
|
6213
|
+
const nonExistingUserScenario = (ctx, next) => async (profile, provider) => {
|
|
6214
|
+
const { email: email2, firstname: firstname2, lastname: lastname2, username: username2 } = profile;
|
|
6215
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6216
|
+
const adminStore = await utils.getAdminStore();
|
|
6217
|
+
const { providers: providers2 } = await adminStore.get({ key: "auth" });
|
|
6218
|
+
const isMissingRegisterFields = !username2 && (!firstname2 || !lastname2);
|
|
6219
|
+
if (!providers2.autoRegister || !providers2.defaultRole || isMissingRegisterFields) {
|
|
6220
|
+
strapi.eventHub.emit("admin.auth.error", { error: defaultConnectionError(), provider });
|
|
6221
|
+
return ctx.redirect(redirectUrls.error);
|
|
6222
|
+
}
|
|
6223
|
+
const defaultRole = await getService("role").findOne({ id: providers2.defaultRole });
|
|
6224
|
+
if (!defaultRole) {
|
|
6225
|
+
strapi.eventHub.emit("admin.auth.error", { error: defaultConnectionError(), provider });
|
|
6226
|
+
return ctx.redirect(redirectUrls.error);
|
|
6227
|
+
}
|
|
6228
|
+
ctx.state.user = await getService("user").create({
|
|
6229
|
+
email: email2,
|
|
6230
|
+
username: username2,
|
|
6231
|
+
firstname: firstname2,
|
|
6232
|
+
lastname: lastname2,
|
|
6233
|
+
roles: [defaultRole.id],
|
|
6234
|
+
isActive: true,
|
|
6235
|
+
registrationToken: null
|
|
6236
|
+
});
|
|
6237
|
+
strapi.eventHub.emit("admin.auth.autoRegistration", {
|
|
6238
|
+
user: ctx.state.user,
|
|
6239
|
+
provider
|
|
6240
|
+
});
|
|
6241
|
+
return next();
|
|
6242
|
+
};
|
|
6243
|
+
const redirectWithAuth = (ctx) => {
|
|
6244
|
+
const {
|
|
6245
|
+
params: { provider }
|
|
6246
|
+
} = ctx;
|
|
6247
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6248
|
+
const domain2 = strapi.config.get("admin.auth.domain");
|
|
6249
|
+
const { user: user2 } = ctx.state;
|
|
6250
|
+
const jwt2 = getService("token").createJwtToken(user2);
|
|
6251
|
+
const isProduction = strapi.config.get("environment") === "production";
|
|
6252
|
+
const cookiesOptions = { httpOnly: false, secure: isProduction, overwrite: true, domain: domain2 };
|
|
6253
|
+
const sanitizedUser = getService("user").sanitizeUser(user2);
|
|
6254
|
+
strapi.eventHub.emit("admin.auth.success", { user: sanitizedUser, provider });
|
|
6255
|
+
ctx.cookies.set("jwtToken", jwt2, cookiesOptions);
|
|
6256
|
+
ctx.redirect(redirectUrls.success);
|
|
6257
|
+
};
|
|
6258
|
+
const middlewares = {
|
|
6259
|
+
authenticate,
|
|
6260
|
+
redirectWithAuth
|
|
6261
|
+
};
|
|
6262
|
+
const toProviderDTO = pick(["uid", "displayName", "icon"]);
|
|
6263
|
+
const toProviderLoginOptionsDTO = pick(["autoRegister", "defaultRole", "ssoLockedRoles"]);
|
|
6264
|
+
const { ValidationError } = errors;
|
|
6265
|
+
const providerAuthenticationFlow = compose([
|
|
6266
|
+
middlewares.authenticate,
|
|
6267
|
+
middlewares.redirectWithAuth
|
|
6268
|
+
]);
|
|
6269
|
+
const authentication = {
|
|
6270
|
+
async getProviders(ctx) {
|
|
6271
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6272
|
+
ctx.body = providerRegistry2.getAll().map(toProviderDTO);
|
|
6273
|
+
},
|
|
6274
|
+
async getProviderLoginOptions(ctx) {
|
|
6275
|
+
const adminStore = await utils.getAdminStore();
|
|
6276
|
+
const { providers: providersOptions } = await adminStore.get({ key: "auth" });
|
|
6277
|
+
ctx.body = {
|
|
6278
|
+
data: toProviderLoginOptionsDTO(providersOptions)
|
|
6279
|
+
};
|
|
6280
|
+
},
|
|
6281
|
+
async updateProviderLoginOptions(ctx) {
|
|
6282
|
+
const {
|
|
6283
|
+
request: { body }
|
|
6284
|
+
} = ctx;
|
|
6285
|
+
await validateProviderOptionsUpdate(body);
|
|
6286
|
+
const adminStore = await utils.getAdminStore();
|
|
6287
|
+
const currentAuthOptions = await adminStore.get({ key: "auth" });
|
|
6288
|
+
const newAuthOptions = { ...currentAuthOptions, providers: body };
|
|
6289
|
+
await adminStore.set({ key: "auth", value: newAuthOptions });
|
|
6290
|
+
strapi.telemetry.send("didUpdateSSOSettings");
|
|
6291
|
+
ctx.body = {
|
|
6292
|
+
data: toProviderLoginOptionsDTO(newAuthOptions.providers)
|
|
6293
|
+
};
|
|
6294
|
+
},
|
|
6295
|
+
providerLogin(ctx, next) {
|
|
6296
|
+
const {
|
|
6297
|
+
params: { provider: providerName }
|
|
6298
|
+
} = ctx;
|
|
6299
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6300
|
+
if (!providerRegistry2.has(providerName)) {
|
|
6301
|
+
throw new ValidationError(`Invalid provider supplied: ${providerName}`);
|
|
6302
|
+
}
|
|
6303
|
+
return providerAuthenticationFlow(ctx, next);
|
|
6304
|
+
}
|
|
6305
|
+
};
|
|
6306
|
+
const roleCreateSchema = yup.object().shape({
|
|
6307
|
+
name: yup.string().min(1).required(),
|
|
6308
|
+
description: yup.string().nullable()
|
|
6309
|
+
}).noUnknown();
|
|
6310
|
+
const rolesDeleteSchema = yup.object().shape({
|
|
6311
|
+
ids: yup.array().of(yup.strapiID()).min(1).required().test(
|
|
6312
|
+
"roles-deletion-checks",
|
|
6313
|
+
"Roles deletion checks have failed",
|
|
6314
|
+
async function rolesDeletionChecks(ids) {
|
|
6315
|
+
try {
|
|
6316
|
+
await strapi.service("admin::role").checkRolesIdForDeletion(ids);
|
|
6317
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6318
|
+
await strapi.service("admin::role").ssoCheckRolesIdForDeletion(ids);
|
|
6319
|
+
}
|
|
6320
|
+
} catch (e) {
|
|
6321
|
+
return this.createError({ path: "ids", message: e.message });
|
|
6322
|
+
}
|
|
6323
|
+
return true;
|
|
6324
|
+
}
|
|
6325
|
+
)
|
|
6326
|
+
}).noUnknown();
|
|
6327
|
+
const roleDeleteSchema = yup.strapiID().required().test(
|
|
6328
|
+
"no-admin-single-delete",
|
|
6329
|
+
"Role deletion checks have failed",
|
|
6330
|
+
async function noAdminSingleDelete(id) {
|
|
6331
|
+
try {
|
|
6332
|
+
await strapi.service("admin::role").checkRolesIdForDeletion([id]);
|
|
6333
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6334
|
+
await strapi.service("admin::role").ssoCheckRolesIdForDeletion([id]);
|
|
6335
|
+
}
|
|
6336
|
+
} catch (e) {
|
|
6337
|
+
return this.createError({ path: "id", message: e.message });
|
|
6338
|
+
}
|
|
6339
|
+
return true;
|
|
6340
|
+
}
|
|
6341
|
+
);
|
|
6342
|
+
const validateRoleCreateInput = validateYupSchema(roleCreateSchema);
|
|
6343
|
+
const validateRolesDeleteInput = validateYupSchema(rolesDeleteSchema);
|
|
6344
|
+
const validateRoleDeleteInput = validateYupSchema(roleDeleteSchema);
|
|
6345
|
+
const role = {
|
|
6346
|
+
/**
|
|
6347
|
+
* Create a new role
|
|
6348
|
+
* @param {KoaContext} ctx - koa context
|
|
6349
|
+
*/
|
|
6350
|
+
async create(ctx) {
|
|
6351
|
+
await validateRoleCreateInput(ctx.request.body);
|
|
6352
|
+
const roleService = getService("role");
|
|
6353
|
+
const role2 = await roleService.create(ctx.request.body);
|
|
6354
|
+
const sanitizedRole = roleService.sanitizeRole(role2);
|
|
6355
|
+
ctx.created({ data: sanitizedRole });
|
|
6356
|
+
},
|
|
6357
|
+
/**
|
|
6358
|
+
* Delete a role
|
|
6359
|
+
* @param {KoaContext} ctx - koa context
|
|
6360
|
+
*/
|
|
6361
|
+
async deleteOne(ctx) {
|
|
6362
|
+
const { id } = ctx.params;
|
|
6363
|
+
await validateRoleDeleteInput(id);
|
|
6364
|
+
const roleService = getService("role");
|
|
6365
|
+
const roles2 = await roleService.deleteByIds([id]);
|
|
6366
|
+
const sanitizedRole = roles2.map((role2) => roleService.sanitizeRole(role2))[0] || null;
|
|
6367
|
+
return ctx.deleted({
|
|
6368
|
+
data: sanitizedRole
|
|
6369
|
+
});
|
|
6370
|
+
},
|
|
6371
|
+
/**
|
|
6372
|
+
* delete several roles
|
|
6373
|
+
* @param {KoaContext} ctx - koa context
|
|
6374
|
+
*/
|
|
6375
|
+
async deleteMany(ctx) {
|
|
6376
|
+
const { body } = ctx.request;
|
|
6377
|
+
await validateRolesDeleteInput(body);
|
|
6378
|
+
const roleService = getService("role");
|
|
6379
|
+
const roles2 = await roleService.deleteByIds(body.ids);
|
|
6380
|
+
const sanitizedRoles = roles2.map(roleService.sanitizeRole);
|
|
6381
|
+
return ctx.deleted({
|
|
6382
|
+
data: sanitizedRoles
|
|
6383
|
+
});
|
|
6384
|
+
}
|
|
6385
|
+
};
|
|
6386
|
+
const ssoUserCreationInputExtension = yup.object().shape({
|
|
6387
|
+
useSSORegistration: yup.boolean()
|
|
6388
|
+
}).noUnknown();
|
|
6389
|
+
const validateUserCreationInput = (data) => {
|
|
6390
|
+
let schema = schemas.userCreationSchema;
|
|
6391
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6392
|
+
schema = schema.concat(ssoUserCreationInputExtension);
|
|
6393
|
+
}
|
|
6394
|
+
return validateYupSchema(schema)(data);
|
|
6395
|
+
};
|
|
6396
|
+
const { ApplicationError, ForbiddenError } = errors;
|
|
6397
|
+
const pickUserCreationAttributes = pick(["firstname", "lastname", "email", "roles"]);
|
|
6398
|
+
const hasAdminSeatsAvaialble = async () => {
|
|
6399
|
+
if (!strapi.EE) {
|
|
6400
|
+
return true;
|
|
6401
|
+
}
|
|
6402
|
+
const permittedSeats = strapi.ee.seats;
|
|
6403
|
+
if (isNil(permittedSeats)) {
|
|
6404
|
+
return true;
|
|
6405
|
+
}
|
|
6406
|
+
const userCount = await strapi.service("admin::user").getCurrentActiveUserCount();
|
|
6407
|
+
if (userCount < permittedSeats) {
|
|
6408
|
+
return true;
|
|
6409
|
+
}
|
|
6410
|
+
};
|
|
6411
|
+
const user = {
|
|
6412
|
+
async create(ctx) {
|
|
6413
|
+
if (!await hasAdminSeatsAvaialble()) {
|
|
6414
|
+
throw new ForbiddenError("License seat limit reached. You cannot create a new user");
|
|
6415
|
+
}
|
|
6416
|
+
const { body } = ctx.request;
|
|
6417
|
+
const cleanData = { ...body, email: ___default.get(body, `email`, ``).toLowerCase() };
|
|
6418
|
+
await validateUserCreationInput(cleanData);
|
|
6419
|
+
const attributes = pickUserCreationAttributes(cleanData);
|
|
6420
|
+
const { useSSORegistration } = cleanData;
|
|
6421
|
+
const userAlreadyExists = await getService("user").exists({ email: attributes.email });
|
|
6422
|
+
if (userAlreadyExists) {
|
|
6423
|
+
throw new ApplicationError("Email already taken");
|
|
6424
|
+
}
|
|
6425
|
+
if (useSSORegistration) {
|
|
6426
|
+
Object.assign(attributes, { registrationToken: null, isActive: true });
|
|
6427
|
+
}
|
|
6428
|
+
const createdUser = await getService("user").create(attributes);
|
|
6429
|
+
const userInfo = getService("user").sanitizeUser(createdUser);
|
|
6430
|
+
Object.assign(userInfo, { registrationToken: createdUser.registrationToken });
|
|
6431
|
+
ctx.created({ data: userInfo });
|
|
6432
|
+
},
|
|
6433
|
+
async update(ctx) {
|
|
6434
|
+
const { id } = ctx.params;
|
|
6435
|
+
const { body: input } = ctx.request;
|
|
6436
|
+
await validateUserUpdateInput(input);
|
|
6437
|
+
if (___default.has(input, "email")) {
|
|
6438
|
+
const uniqueEmailCheck = await getService("user").exists({
|
|
6439
|
+
id: { $ne: id },
|
|
6440
|
+
email: input.email
|
|
6441
|
+
});
|
|
6442
|
+
if (uniqueEmailCheck) {
|
|
6443
|
+
throw new ApplicationError("A user with this email address already exists");
|
|
6444
|
+
}
|
|
6445
|
+
}
|
|
6446
|
+
const user2 = await getService("user").findOne(id, null);
|
|
6447
|
+
if (!await hasAdminSeatsAvaialble() && !user2.isActive && input.isActive) {
|
|
6448
|
+
throw new ForbiddenError("License seat limit reached. You cannot active this user");
|
|
6449
|
+
}
|
|
6450
|
+
const updatedUser = await getService("user").updateById(id, input);
|
|
6451
|
+
if (!updatedUser) {
|
|
6452
|
+
return ctx.notFound("User does not exist");
|
|
6453
|
+
}
|
|
6454
|
+
ctx.body = {
|
|
6455
|
+
data: getService("user").sanitizeUser(updatedUser)
|
|
6456
|
+
};
|
|
6457
|
+
},
|
|
6458
|
+
async isSSOLocked(ctx) {
|
|
6459
|
+
const { user: user2 } = ctx.state;
|
|
6460
|
+
const isSSOLocked = await isSsoLocked(user2);
|
|
6461
|
+
ctx.body = {
|
|
6462
|
+
data: {
|
|
6463
|
+
isSSOLocked
|
|
6464
|
+
}
|
|
6465
|
+
};
|
|
6466
|
+
}
|
|
6467
|
+
};
|
|
6468
|
+
const admin$2 = {
|
|
6469
|
+
// NOTE: Overrides CE admin controller
|
|
6470
|
+
async getProjectType() {
|
|
6471
|
+
const flags = strapi.config.get("admin.flags", {});
|
|
6472
|
+
try {
|
|
6473
|
+
return { data: { isEE: strapi.EE, features: strapi.ee.features.list(), flags } };
|
|
6474
|
+
} catch (err) {
|
|
6475
|
+
return { data: { isEE: false, features: [], flags } };
|
|
6476
|
+
}
|
|
6477
|
+
},
|
|
6478
|
+
async licenseLimitInformation() {
|
|
6479
|
+
const permittedSeats = strapi.ee.seats;
|
|
6480
|
+
let shouldNotify = false;
|
|
6481
|
+
let licenseLimitStatus = null;
|
|
6482
|
+
let enforcementUserCount;
|
|
6483
|
+
const currentActiveUserCount = await getService("user").getCurrentActiveUserCount();
|
|
6484
|
+
const eeDisabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
6485
|
+
if (eeDisabledUsers) {
|
|
6486
|
+
enforcementUserCount = currentActiveUserCount + eeDisabledUsers.length;
|
|
6487
|
+
} else {
|
|
6488
|
+
enforcementUserCount = currentActiveUserCount;
|
|
6489
|
+
}
|
|
6490
|
+
if (!isNil(permittedSeats) && enforcementUserCount > permittedSeats) {
|
|
6491
|
+
shouldNotify = true;
|
|
6492
|
+
licenseLimitStatus = "OVER_LIMIT";
|
|
6493
|
+
}
|
|
6494
|
+
if (!isNil(permittedSeats) && enforcementUserCount === permittedSeats) {
|
|
6495
|
+
shouldNotify = true;
|
|
6496
|
+
licenseLimitStatus = "AT_LIMIT";
|
|
6497
|
+
}
|
|
6498
|
+
const data = {
|
|
6499
|
+
enforcementUserCount,
|
|
6500
|
+
currentActiveUserCount,
|
|
6501
|
+
permittedSeats,
|
|
6502
|
+
shouldNotify,
|
|
6503
|
+
shouldStopCreate: isNil(permittedSeats) ? false : currentActiveUserCount >= permittedSeats,
|
|
6504
|
+
licenseLimitStatus,
|
|
6505
|
+
isHostedOnStrapiCloud: env("STRAPI_HOSTING", null) === "strapi.cloud",
|
|
6506
|
+
features: strapi.ee.features.list() ?? []
|
|
6507
|
+
};
|
|
6508
|
+
return { data };
|
|
6509
|
+
}
|
|
6510
|
+
};
|
|
6511
|
+
const controllers = {
|
|
6512
|
+
authentication,
|
|
6513
|
+
role,
|
|
6514
|
+
user,
|
|
6515
|
+
admin: admin$2
|
|
6516
|
+
};
|
|
6517
|
+
const enableFeatureMiddleware = (featureName) => (ctx, next) => {
|
|
6518
|
+
if (strapi.ee.features.isEnabled(featureName)) {
|
|
6519
|
+
return next();
|
|
6520
|
+
}
|
|
6521
|
+
ctx.status = 404;
|
|
6522
|
+
};
|
|
6523
|
+
const sso = {
|
|
6524
|
+
type: "admin",
|
|
6525
|
+
routes: [
|
|
6526
|
+
{
|
|
6527
|
+
method: "GET",
|
|
6528
|
+
path: "/providers",
|
|
6529
|
+
handler: "authentication.getProviders",
|
|
6530
|
+
config: {
|
|
6531
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6532
|
+
auth: false
|
|
6533
|
+
}
|
|
6534
|
+
},
|
|
6535
|
+
{
|
|
6536
|
+
method: "GET",
|
|
6537
|
+
path: "/connect/:provider",
|
|
6538
|
+
handler: "authentication.providerLogin",
|
|
6539
|
+
config: {
|
|
6540
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6541
|
+
auth: false
|
|
6542
|
+
}
|
|
6543
|
+
},
|
|
6544
|
+
{
|
|
6545
|
+
method: "POST",
|
|
6546
|
+
path: "/connect/:provider",
|
|
6547
|
+
handler: "authentication.providerLogin",
|
|
6548
|
+
config: {
|
|
6549
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6550
|
+
auth: false
|
|
6551
|
+
}
|
|
6552
|
+
},
|
|
6553
|
+
{
|
|
6554
|
+
method: "GET",
|
|
6555
|
+
path: "/providers/options",
|
|
6556
|
+
handler: "authentication.getProviderLoginOptions",
|
|
6557
|
+
config: {
|
|
6558
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6559
|
+
policies: [
|
|
6560
|
+
"admin::isAuthenticatedAdmin",
|
|
6561
|
+
{ name: "admin::hasPermissions", config: { actions: ["admin::provider-login.read"] } }
|
|
6562
|
+
]
|
|
6563
|
+
}
|
|
6564
|
+
},
|
|
6565
|
+
{
|
|
6566
|
+
method: "PUT",
|
|
6567
|
+
path: "/providers/options",
|
|
6568
|
+
handler: "authentication.updateProviderLoginOptions",
|
|
6569
|
+
config: {
|
|
6570
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6571
|
+
policies: [
|
|
6572
|
+
"admin::isAuthenticatedAdmin",
|
|
6573
|
+
{ name: "admin::hasPermissions", config: { actions: ["admin::provider-login.update"] } }
|
|
6574
|
+
]
|
|
6575
|
+
}
|
|
6576
|
+
},
|
|
6577
|
+
{
|
|
6578
|
+
method: "GET",
|
|
6579
|
+
path: "/providers/isSSOLocked",
|
|
6580
|
+
handler: "user.isSSOLocked",
|
|
6581
|
+
config: {
|
|
6582
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6583
|
+
policies: ["admin::isAuthenticatedAdmin"]
|
|
6584
|
+
}
|
|
6585
|
+
}
|
|
6586
|
+
]
|
|
6587
|
+
};
|
|
6588
|
+
const licenseLimit = {
|
|
6589
|
+
type: "admin",
|
|
6590
|
+
routes: [
|
|
6591
|
+
// License limit infos
|
|
6592
|
+
{
|
|
6593
|
+
method: "GET",
|
|
6594
|
+
path: "/license-limit-information",
|
|
6595
|
+
handler: "admin.licenseLimitInformation",
|
|
6596
|
+
config: {
|
|
6597
|
+
policies: [
|
|
6598
|
+
"admin::isAuthenticatedAdmin",
|
|
6599
|
+
{
|
|
6600
|
+
name: "admin::hasPermissions",
|
|
6601
|
+
config: {
|
|
6602
|
+
actions: [
|
|
6603
|
+
"admin::users.create",
|
|
6604
|
+
"admin::users.read",
|
|
6605
|
+
"admin::users.update",
|
|
6606
|
+
"admin::users.delete"
|
|
6607
|
+
]
|
|
6608
|
+
}
|
|
6609
|
+
}
|
|
6610
|
+
]
|
|
6611
|
+
}
|
|
6612
|
+
}
|
|
6613
|
+
]
|
|
6614
|
+
};
|
|
6615
|
+
const routes = {
|
|
6616
|
+
sso,
|
|
6617
|
+
"license-limit": licenseLimit
|
|
6618
|
+
};
|
|
6619
|
+
const auditLogsRoutes = {
|
|
6620
|
+
type: "admin",
|
|
6621
|
+
routes: [
|
|
6622
|
+
{
|
|
6623
|
+
method: "GET",
|
|
6624
|
+
path: "/audit-logs",
|
|
6625
|
+
handler: "audit-logs.findMany",
|
|
6626
|
+
config: {
|
|
6627
|
+
middlewares: [enableFeatureMiddleware("audit-logs")],
|
|
6628
|
+
policies: [
|
|
6629
|
+
"admin::isAuthenticatedAdmin",
|
|
6630
|
+
{
|
|
6631
|
+
name: "admin::hasPermissions",
|
|
6632
|
+
config: {
|
|
6633
|
+
actions: ["admin::audit-logs.read"]
|
|
6634
|
+
}
|
|
6635
|
+
}
|
|
6636
|
+
]
|
|
6637
|
+
}
|
|
6638
|
+
},
|
|
6639
|
+
{
|
|
6640
|
+
method: "GET",
|
|
6641
|
+
path: "/audit-logs/:id",
|
|
6642
|
+
handler: "audit-logs.findOne",
|
|
6643
|
+
config: {
|
|
6644
|
+
middlewares: [enableFeatureMiddleware("audit-logs")],
|
|
6645
|
+
policies: [
|
|
6646
|
+
"admin::isAuthenticatedAdmin",
|
|
6647
|
+
{
|
|
6648
|
+
name: "admin::hasPermissions",
|
|
6649
|
+
config: {
|
|
6650
|
+
actions: ["admin::audit-logs.read"]
|
|
6651
|
+
}
|
|
6652
|
+
}
|
|
6653
|
+
]
|
|
6654
|
+
}
|
|
6655
|
+
}
|
|
6656
|
+
]
|
|
6657
|
+
};
|
|
6658
|
+
const ALLOWED_SORT_STRINGS = ["action:ASC", "action:DESC", "date:ASC", "date:DESC"];
|
|
6659
|
+
const validateFindManySchema = yup.object().shape({
|
|
6660
|
+
page: yup.number().integer().min(1),
|
|
6661
|
+
pageSize: yup.number().integer().min(1).max(100),
|
|
6662
|
+
sort: yup.mixed().oneOf(ALLOWED_SORT_STRINGS)
|
|
6663
|
+
}).required();
|
|
6664
|
+
const validateFindMany = validateYupSchema(validateFindManySchema, { strict: false });
|
|
6665
|
+
const auditLogsController = {
|
|
6666
|
+
async findMany(ctx) {
|
|
6667
|
+
const { query } = ctx.request;
|
|
6668
|
+
await validateFindMany(query);
|
|
6669
|
+
const auditLogs = strapi.get("audit-logs");
|
|
6670
|
+
const body = await auditLogs.findMany(query);
|
|
6671
|
+
ctx.body = body;
|
|
6672
|
+
},
|
|
6673
|
+
async findOne(ctx) {
|
|
6674
|
+
const { id } = ctx.params;
|
|
6675
|
+
const auditLogs = strapi.get("audit-logs");
|
|
6676
|
+
const body = await auditLogs.findOne(id);
|
|
6677
|
+
ctx.body = body;
|
|
6678
|
+
strapi.telemetry.send("didWatchAnAuditLog");
|
|
6679
|
+
}
|
|
6680
|
+
};
|
|
6681
|
+
const getSanitizedUser = (user2) => {
|
|
6682
|
+
let displayName = user2.email;
|
|
6683
|
+
if (user2.username) {
|
|
6684
|
+
displayName = user2.username;
|
|
6685
|
+
} else if (user2.firstname && user2.lastname) {
|
|
6686
|
+
displayName = `${user2.firstname} ${user2.lastname}`;
|
|
6687
|
+
}
|
|
6688
|
+
return {
|
|
6689
|
+
id: user2.id,
|
|
6690
|
+
email: user2.email,
|
|
6691
|
+
displayName
|
|
6692
|
+
};
|
|
6693
|
+
};
|
|
6694
|
+
const createAuditLogsService = (strapi2) => {
|
|
6695
|
+
return {
|
|
6696
|
+
async saveEvent(event) {
|
|
6697
|
+
const { userId, ...rest } = event;
|
|
6698
|
+
const auditLog2 = { ...rest, user: userId };
|
|
6699
|
+
await strapi2.db?.query("admin::audit-log").create({ data: auditLog2 });
|
|
6700
|
+
return this;
|
|
6701
|
+
},
|
|
6702
|
+
async findMany(query) {
|
|
6703
|
+
const { results, pagination } = await strapi2.db?.query("admin::audit-log").findPage({
|
|
6704
|
+
populate: ["user"],
|
|
6705
|
+
select: ["action", "date", "payload"],
|
|
6706
|
+
...strapi2.get("query-params").transform("admin::audit-log", query)
|
|
6707
|
+
});
|
|
6708
|
+
const sanitizedResults = results.map((result) => {
|
|
6709
|
+
const { user: user2, ...rest } = result;
|
|
6710
|
+
return {
|
|
6711
|
+
...rest,
|
|
6712
|
+
user: user2 ? getSanitizedUser(user2) : null
|
|
6713
|
+
};
|
|
6714
|
+
});
|
|
6715
|
+
return {
|
|
6716
|
+
results: sanitizedResults,
|
|
6717
|
+
pagination
|
|
6718
|
+
};
|
|
6719
|
+
},
|
|
6720
|
+
async findOne(id) {
|
|
6721
|
+
const result = await strapi2.db?.query("admin::audit-log").findOne({
|
|
6722
|
+
where: { id },
|
|
6723
|
+
populate: ["user"],
|
|
6724
|
+
select: ["action", "date", "payload"]
|
|
6725
|
+
});
|
|
6726
|
+
if (!result) {
|
|
6727
|
+
return null;
|
|
6728
|
+
}
|
|
6729
|
+
const { user: user2, ...rest } = result;
|
|
6730
|
+
return {
|
|
6731
|
+
...rest,
|
|
6732
|
+
user: user2 ? getSanitizedUser(user2) : null
|
|
6733
|
+
};
|
|
6734
|
+
},
|
|
6735
|
+
deleteExpiredEvents(expirationDate) {
|
|
6736
|
+
return strapi2.db?.query("admin::audit-log").deleteMany({
|
|
6737
|
+
where: {
|
|
6738
|
+
date: {
|
|
6739
|
+
$lt: expirationDate.toISOString()
|
|
6740
|
+
}
|
|
6741
|
+
}
|
|
6742
|
+
});
|
|
6743
|
+
}
|
|
6744
|
+
};
|
|
6745
|
+
};
|
|
6746
|
+
const DEFAULT_RETENTION_DAYS = 90;
|
|
6747
|
+
const defaultEvents = [
|
|
6748
|
+
"entry.create",
|
|
6749
|
+
"entry.update",
|
|
6750
|
+
"entry.delete",
|
|
6751
|
+
"entry.publish",
|
|
6752
|
+
"entry.unpublish",
|
|
6753
|
+
"media.create",
|
|
6754
|
+
"media.update",
|
|
6755
|
+
"media.delete",
|
|
6756
|
+
"media-folder.create",
|
|
6757
|
+
"media-folder.update",
|
|
6758
|
+
"media-folder.delete",
|
|
6759
|
+
"user.create",
|
|
6760
|
+
"user.update",
|
|
6761
|
+
"user.delete",
|
|
6762
|
+
"admin.auth.success",
|
|
6763
|
+
"admin.logout",
|
|
6764
|
+
"content-type.create",
|
|
6765
|
+
"content-type.update",
|
|
6766
|
+
"content-type.delete",
|
|
6767
|
+
"component.create",
|
|
6768
|
+
"component.update",
|
|
6769
|
+
"component.delete",
|
|
6770
|
+
"role.create",
|
|
6771
|
+
"role.update",
|
|
6772
|
+
"role.delete",
|
|
6773
|
+
"permission.create",
|
|
6774
|
+
"permission.update",
|
|
6775
|
+
"permission.delete"
|
|
6776
|
+
];
|
|
6777
|
+
const getEventMap = (defaultEvents2) => {
|
|
6778
|
+
const getDefaultPayload = (...args) => args[0];
|
|
6779
|
+
return defaultEvents2.reduce((acc, event) => {
|
|
6780
|
+
acc[event] = getDefaultPayload;
|
|
6781
|
+
return acc;
|
|
6782
|
+
}, {});
|
|
6783
|
+
};
|
|
6784
|
+
const getRetentionDays = (strapi2) => {
|
|
6785
|
+
const featureConfig = strapi2.ee.features.get("audit-logs");
|
|
6786
|
+
const licenseRetentionDays = typeof featureConfig === "object" && featureConfig?.options.retentionDays;
|
|
6787
|
+
const userRetentionDays = strapi2.config.get("admin.auditLogs.retentionDays");
|
|
6788
|
+
if (licenseRetentionDays == null) {
|
|
6789
|
+
return userRetentionDays ?? DEFAULT_RETENTION_DAYS;
|
|
6790
|
+
}
|
|
6791
|
+
if (userRetentionDays && userRetentionDays < licenseRetentionDays) {
|
|
6792
|
+
return userRetentionDays;
|
|
6793
|
+
}
|
|
6794
|
+
return licenseRetentionDays;
|
|
6795
|
+
};
|
|
6796
|
+
const createAuditLogsLifecycleService = (strapi2) => {
|
|
6797
|
+
const state = {};
|
|
6798
|
+
const auditLogsService = strapi2.get("audit-logs");
|
|
6799
|
+
const eventMap = getEventMap(defaultEvents);
|
|
6800
|
+
const processEvent = (name2, ...args) => {
|
|
6801
|
+
const requestState = strapi2.requestContext.get()?.state;
|
|
6802
|
+
const isUsingAdminAuth = requestState?.route.info.type === "admin";
|
|
6803
|
+
const user2 = requestState?.user;
|
|
6804
|
+
if (!isUsingAdminAuth || !user2) {
|
|
6805
|
+
return null;
|
|
6806
|
+
}
|
|
6807
|
+
const getPayload = eventMap[name2];
|
|
6808
|
+
if (!getPayload) {
|
|
6809
|
+
return null;
|
|
6810
|
+
}
|
|
6811
|
+
const ignoredUids = ["plugin::upload.file", "plugin::upload.folder"];
|
|
6812
|
+
if (ignoredUids.includes(args[0]?.uid)) {
|
|
6813
|
+
return null;
|
|
6814
|
+
}
|
|
6815
|
+
return {
|
|
6816
|
+
action: name2,
|
|
6817
|
+
date: (/* @__PURE__ */ new Date()).toISOString(),
|
|
6818
|
+
payload: getPayload(...args) || {},
|
|
6819
|
+
userId: user2.id
|
|
6820
|
+
};
|
|
6821
|
+
};
|
|
6822
|
+
const handleEvent = async (name2, ...args) => {
|
|
6823
|
+
const processedEvent = processEvent(name2, ...args);
|
|
6824
|
+
if (processedEvent) {
|
|
6825
|
+
await auditLogsService.saveEvent(processedEvent);
|
|
6826
|
+
}
|
|
6827
|
+
};
|
|
6828
|
+
return {
|
|
6829
|
+
async register() {
|
|
6830
|
+
if (!state.eeEnableUnsubscribe) {
|
|
6831
|
+
state.eeEnableUnsubscribe = strapi2.eventHub.on("ee.enable", () => {
|
|
6832
|
+
this.destroy();
|
|
6833
|
+
this.register();
|
|
6834
|
+
});
|
|
6835
|
+
}
|
|
6836
|
+
if (!state.eeUpdateUnsubscribe) {
|
|
6837
|
+
state.eeUpdateUnsubscribe = strapi2.eventHub.on("ee.update", () => {
|
|
6838
|
+
this.destroy();
|
|
6839
|
+
this.register();
|
|
6840
|
+
});
|
|
6841
|
+
}
|
|
6842
|
+
state.eeDisableUnsubscribe = strapi2.eventHub.on("ee.disable", () => {
|
|
6843
|
+
this.destroy();
|
|
6844
|
+
});
|
|
6845
|
+
if (!strapi2.ee.features.isEnabled("audit-logs")) {
|
|
6846
|
+
return this;
|
|
6847
|
+
}
|
|
6848
|
+
state.eventHubUnsubscribe = strapi2.eventHub.subscribe(handleEvent);
|
|
6849
|
+
const retentionDays = getRetentionDays(strapi2);
|
|
6850
|
+
state.deleteExpiredJob = scheduleJob("0 0 * * *", () => {
|
|
6851
|
+
const expirationDate = new Date(Date.now() - retentionDays * 24 * 60 * 60 * 1e3);
|
|
6852
|
+
auditLogsService.deleteExpiredEvents(expirationDate);
|
|
6853
|
+
});
|
|
6854
|
+
return this;
|
|
6855
|
+
},
|
|
6856
|
+
unsubscribe() {
|
|
6857
|
+
if (state.eeDisableUnsubscribe) {
|
|
6858
|
+
state.eeDisableUnsubscribe();
|
|
6859
|
+
}
|
|
6860
|
+
if (state.eventHubUnsubscribe) {
|
|
6861
|
+
state.eventHubUnsubscribe();
|
|
6862
|
+
}
|
|
6863
|
+
if (state.deleteExpiredJob) {
|
|
6864
|
+
state.deleteExpiredJob.cancel();
|
|
6865
|
+
}
|
|
6866
|
+
return this;
|
|
6867
|
+
},
|
|
6868
|
+
destroy() {
|
|
6869
|
+
return this.unsubscribe();
|
|
6870
|
+
}
|
|
6871
|
+
};
|
|
6872
|
+
};
|
|
6873
|
+
const auditLog = {
|
|
6874
|
+
schema: {
|
|
6875
|
+
kind: "collectionType",
|
|
6876
|
+
collectionName: "strapi_audit_logs",
|
|
6877
|
+
info: {
|
|
6878
|
+
singularName: "audit-log",
|
|
6879
|
+
pluralName: "audit-logs",
|
|
6880
|
+
displayName: "Audit Log"
|
|
6881
|
+
},
|
|
6882
|
+
options: {
|
|
6883
|
+
timestamps: false
|
|
6884
|
+
},
|
|
6885
|
+
pluginOptions: {
|
|
6886
|
+
"content-manager": {
|
|
6887
|
+
visible: false
|
|
6888
|
+
},
|
|
6889
|
+
"content-type-builder": {
|
|
6890
|
+
visible: false
|
|
6891
|
+
}
|
|
6892
|
+
},
|
|
6893
|
+
attributes: {
|
|
6894
|
+
action: {
|
|
6895
|
+
type: "string",
|
|
6896
|
+
required: true
|
|
6897
|
+
},
|
|
6898
|
+
date: {
|
|
6899
|
+
type: "datetime",
|
|
6900
|
+
required: true
|
|
6901
|
+
},
|
|
6902
|
+
user: {
|
|
6903
|
+
type: "relation",
|
|
6904
|
+
relation: "oneToOne",
|
|
6905
|
+
target: "admin::user"
|
|
6906
|
+
},
|
|
6907
|
+
payload: {
|
|
6908
|
+
type: "json"
|
|
6909
|
+
}
|
|
6910
|
+
}
|
|
6911
|
+
}
|
|
6912
|
+
};
|
|
6913
|
+
const getAdminEE = () => {
|
|
6914
|
+
const eeAdmin = {
|
|
6915
|
+
register,
|
|
6916
|
+
bootstrap,
|
|
6917
|
+
destroy,
|
|
6918
|
+
contentTypes: {
|
|
6919
|
+
// Always register the audit-log content type to prevent data loss
|
|
6920
|
+
"audit-log": auditLog,
|
|
6921
|
+
...adminContentTypes
|
|
6922
|
+
},
|
|
6923
|
+
services,
|
|
6924
|
+
controllers,
|
|
6925
|
+
routes
|
|
6926
|
+
};
|
|
6927
|
+
if (strapi.config.get("admin.auditLogs.enabled", true) && strapi.ee.features.isEnabled("audit-logs")) {
|
|
6928
|
+
return {
|
|
6929
|
+
...eeAdmin,
|
|
6930
|
+
controllers: {
|
|
6931
|
+
...eeAdmin.controllers,
|
|
6932
|
+
"audit-logs": auditLogsController
|
|
6933
|
+
},
|
|
6934
|
+
routes: {
|
|
6935
|
+
...eeAdmin.routes,
|
|
6936
|
+
"audit-logs": auditLogsRoutes
|
|
6937
|
+
},
|
|
6938
|
+
async register({ strapi: strapi2 }) {
|
|
6939
|
+
await eeAdmin.register({ strapi: strapi2 });
|
|
6940
|
+
strapi2.add("audit-logs", createAuditLogsService(strapi2));
|
|
6941
|
+
const auditLogsLifecycle = createAuditLogsLifecycleService(strapi2);
|
|
6942
|
+
strapi2.add("audit-logs-lifecycle", auditLogsLifecycle);
|
|
6943
|
+
await auditLogsLifecycle.register();
|
|
6944
|
+
},
|
|
6945
|
+
async destroy({ strapi: strapi2 }) {
|
|
6946
|
+
strapi2.get("audit-logs-lifecycle").destroy();
|
|
6947
|
+
await eeAdmin.destroy({ strapi: strapi2 });
|
|
6948
|
+
}
|
|
6949
|
+
};
|
|
6950
|
+
}
|
|
6951
|
+
return eeAdmin;
|
|
6952
|
+
};
|
|
6953
|
+
let admin = {
|
|
6954
|
+
bootstrap: bootstrap$1,
|
|
6955
|
+
register: register$2,
|
|
6956
|
+
destroy: destroy$1,
|
|
6957
|
+
config,
|
|
6958
|
+
policies,
|
|
6959
|
+
routes: routes$1,
|
|
6960
|
+
services: services$1,
|
|
6961
|
+
controllers: controllers$1,
|
|
6962
|
+
contentTypes,
|
|
6963
|
+
middlewares: middlewares$1
|
|
6964
|
+
};
|
|
6965
|
+
const mergeRoutes = (a, b, key) => {
|
|
6966
|
+
return ___default.isArray(a) && ___default.isArray(b) && key === "routes" ? a.concat(b) : void 0;
|
|
6967
|
+
};
|
|
6968
|
+
if (strapi.EE) {
|
|
6969
|
+
admin = ___default.mergeWith({}, admin, getAdminEE(), mergeRoutes);
|
|
6970
|
+
}
|
|
6971
|
+
const admin$1 = admin;
|
|
5567
6972
|
export {
|
|
5568
|
-
|
|
5569
|
-
index$6 as config,
|
|
5570
|
-
index$1 as contentTypes,
|
|
5571
|
-
index$2 as controllers,
|
|
5572
|
-
destroy,
|
|
5573
|
-
index as middlewares,
|
|
5574
|
-
index$5 as policies,
|
|
5575
|
-
register$1 as register,
|
|
5576
|
-
routes,
|
|
5577
|
-
index$3 as services
|
|
6973
|
+
admin$1 as default
|
|
5578
6974
|
};
|
|
5579
6975
|
//# sourceMappingURL=index.mjs.map
|