@strapi/admin 5.0.0-rc.9 → 5.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/{AdminSeatInfo-j58AKYvZ.js → AdminSeatInfo-8vtNB3ck.js} +3 -3
- package/dist/admin/{AdminSeatInfo-j58AKYvZ.js.map → AdminSeatInfo-8vtNB3ck.js.map} +1 -1
- package/dist/admin/{AdminSeatInfo-qGNvhfii.mjs → AdminSeatInfo-qIgh5-QA.mjs} +4 -4
- package/dist/admin/{AdminSeatInfo-qGNvhfii.mjs.map → AdminSeatInfo-qIgh5-QA.mjs.map} +1 -1
- package/dist/admin/{ApplicationInfoPage-ahnTcFV1.mjs → ApplicationInfoPage-AAIv_ZkF.mjs} +5 -5
- package/dist/admin/{ApplicationInfoPage-ahnTcFV1.mjs.map → ApplicationInfoPage-AAIv_ZkF.mjs.map} +1 -1
- package/dist/admin/{ApplicationInfoPage-JfdJ0U4H.js → ApplicationInfoPage-bkWa99An.js} +5 -5
- package/dist/admin/{ApplicationInfoPage-JfdJ0U4H.js.map → ApplicationInfoPage-bkWa99An.js.map} +1 -1
- package/dist/admin/{AuthResponse-J8A48xdo.mjs → AuthResponse-HYXVuTDF.mjs} +2 -2
- package/dist/admin/{AuthResponse-J8A48xdo.mjs.map → AuthResponse-HYXVuTDF.mjs.map} +1 -1
- package/dist/admin/{AuthResponse-KlTDmm2i.js → AuthResponse-R8kR_yqS.js} +2 -2
- package/dist/admin/{AuthResponse-KlTDmm2i.js.map → AuthResponse-R8kR_yqS.js.map} +1 -1
- package/dist/admin/{AuthenticatedLayout-06fn7qrH.mjs → AuthenticatedLayout-J22BBdYe.mjs} +31 -39
- package/dist/admin/AuthenticatedLayout-J22BBdYe.mjs.map +1 -0
- package/dist/admin/{AuthenticatedLayout-eKDwvUFO.js → AuthenticatedLayout-ZAXB7o93.js} +30 -38
- package/dist/admin/AuthenticatedLayout-ZAXB7o93.js.map +1 -0
- package/dist/admin/{CreateActionEE-Yfp4hs7a.mjs → CreateActionEE-X2nnG2dm.mjs} +2 -2
- package/dist/admin/{CreateActionEE-Yfp4hs7a.mjs.map → CreateActionEE-X2nnG2dm.mjs.map} +1 -1
- package/dist/admin/{CreatePage-68skzZjY.js → CreatePage-3V_sa8A4.js} +3 -3
- package/dist/admin/{CreatePage-68skzZjY.js.map → CreatePage-3V_sa8A4.js.map} +1 -1
- package/dist/admin/{CreatePage-bdWb1wg4.mjs → CreatePage-5WzWwepG.mjs} +7 -7
- package/dist/admin/CreatePage-5WzWwepG.mjs.map +1 -0
- package/dist/admin/{CreatePage-Yd5JyWS5.mjs → CreatePage-hEdR3uWK.mjs} +3 -3
- package/dist/admin/{CreatePage-Yd5JyWS5.mjs.map → CreatePage-hEdR3uWK.mjs.map} +1 -1
- package/dist/admin/{CreatePage-t5HQUOqJ.js → CreatePage-zzbF8IhD.js} +6 -6
- package/dist/admin/CreatePage-zzbF8IhD.js.map +1 -0
- package/dist/admin/{CreateView-yv51Pyvw.js → CreateView-5EC5Yv96.js} +3 -3
- package/dist/admin/{CreateView-yv51Pyvw.js.map → CreateView-5EC5Yv96.js.map} +1 -1
- package/dist/admin/{CreateView-ZZaA8hbe.mjs → CreateView-OjaERndy.mjs} +3 -3
- package/dist/admin/{CreateView-ZZaA8hbe.mjs.map → CreateView-OjaERndy.mjs.map} +1 -1
- package/dist/admin/{CreateView-V0v5CK8t.mjs → CreateView-S8gDQUCt.mjs} +3 -3
- package/dist/admin/{CreateView-V0v5CK8t.mjs.map → CreateView-S8gDQUCt.mjs.map} +1 -1
- package/dist/admin/{CreateView-nzILLv0g.js → CreateView-ZQEmP8-n.js} +3 -3
- package/dist/admin/{CreateView-nzILLv0g.js.map → CreateView-ZQEmP8-n.js.map} +1 -1
- package/dist/admin/{EditPage-cWJ8V1BK.mjs → EditPage-493L2-vV.mjs} +27 -23
- package/dist/admin/EditPage-493L2-vV.mjs.map +1 -0
- package/dist/admin/{EditPage-A7-BewPd.mjs → EditPage-7fMqo-c-.mjs} +7 -7
- package/dist/admin/EditPage-7fMqo-c-.mjs.map +1 -0
- package/dist/admin/{EditPage-pTQCDncU.js → EditPage-8T9gBnnc.js} +25 -21
- package/dist/admin/EditPage-8T9gBnnc.js.map +1 -0
- package/dist/admin/{EditPage-Lw36XG9G.js → EditPage-OFlfNGv0.js} +6 -6
- package/dist/admin/EditPage-OFlfNGv0.js.map +1 -0
- package/dist/admin/{EditPage-2cMhX4F_.mjs → EditPage-akxbKeqK.mjs} +8 -8
- package/dist/admin/{EditPage-2cMhX4F_.mjs.map → EditPage-akxbKeqK.mjs.map} +1 -1
- package/dist/admin/{EditPage-LoESB5pq.js → EditPage-gJJgatNc.js} +7 -7
- package/dist/admin/{EditPage-LoESB5pq.js.map → EditPage-gJJgatNc.js.map} +1 -1
- package/dist/admin/{EditView-KzdDTSO-.js → EditView-ZJPPeal2.js} +5 -6
- package/dist/admin/EditView-ZJPPeal2.js.map +1 -0
- package/dist/admin/{EditView-HygMdUSf.mjs → EditView-_QID3gT5.mjs} +7 -8
- package/dist/admin/EditView-_QID3gT5.mjs.map +1 -0
- package/dist/admin/{EditViewPage-FgsrW_wV.js → EditViewPage-_wx5u6QJ.js} +5 -5
- package/dist/admin/{EditViewPage-FgsrW_wV.js.map → EditViewPage-_wx5u6QJ.js.map} +1 -1
- package/dist/admin/{EditViewPage-47F2xHBt.mjs → EditViewPage-zkNmb1zg.mjs} +6 -6
- package/dist/admin/{EditViewPage-47F2xHBt.mjs.map → EditViewPage-zkNmb1zg.mjs.map} +1 -1
- package/dist/admin/{EventsTable--XlOTHxM.js → EventsTable-31485Cwq.js} +2 -2
- package/dist/admin/{EventsTable--XlOTHxM.js.map → EventsTable-31485Cwq.js.map} +1 -1
- package/dist/admin/{EventsTable-mgIyB8DL.mjs → EventsTable-_BT8dIHY.mjs} +2 -2
- package/dist/admin/{EventsTable-mgIyB8DL.mjs.map → EventsTable-_BT8dIHY.mjs.map} +1 -1
- package/dist/admin/{HomePage-dyDldozB.mjs → HomePage-LenrY0bj.mjs} +7 -10
- package/dist/admin/HomePage-LenrY0bj.mjs.map +1 -0
- package/dist/admin/{HomePage-H77dsrr1.mjs → HomePage-NdId9gqT.mjs} +3 -3
- package/dist/admin/{HomePage-H77dsrr1.mjs.map → HomePage-NdId9gqT.mjs.map} +1 -1
- package/dist/admin/{HomePage-ywYHZHMa.js → HomePage-T2yVEfC3.js} +15 -18
- package/dist/admin/HomePage-T2yVEfC3.js.map +1 -0
- package/dist/admin/{HomePage-uVwht52t.js → HomePage-yyizKL39.js} +3 -3
- package/dist/admin/{HomePage-uVwht52t.js.map → HomePage-yyizKL39.js.map} +1 -1
- package/dist/admin/{InstalledPluginsPage-3OSkplVn.mjs → InstalledPlugins-Z_uS95dC.mjs} +9 -11
- package/dist/admin/InstalledPlugins-Z_uS95dC.mjs.map +1 -0
- package/dist/admin/{InstalledPluginsPage-JkruwT2d.js → InstalledPlugins-spdwM8ub.js} +9 -11
- package/dist/admin/InstalledPlugins-spdwM8ub.js.map +1 -0
- package/dist/admin/{Layout-8Ds_z3XN.mjs → Layout-5lg6USuO.mjs} +5 -5
- package/dist/admin/{Layout-8Ds_z3XN.mjs.map → Layout-5lg6USuO.mjs.map} +1 -1
- package/dist/admin/{Layout-pVTNV6PU.js → Layout-B3TQMQxb.js} +5 -5
- package/dist/admin/{Layout-pVTNV6PU.js.map → Layout-B3TQMQxb.js.map} +1 -1
- package/dist/admin/{ListPage-semY3kTl.mjs → ListPage--B6TB-mt.mjs} +4 -4
- package/dist/admin/{ListPage-semY3kTl.mjs.map → ListPage--B6TB-mt.mjs.map} +1 -1
- package/dist/admin/{ListPage-DHUp0PDw.js → ListPage-GRLtmRuy.js} +8 -8
- package/dist/admin/ListPage-GRLtmRuy.js.map +1 -0
- package/dist/admin/{ListPage-NtjeF8R2.mjs → ListPage-Ggd99FLO.mjs} +4 -4
- package/dist/admin/{ListPage-NtjeF8R2.mjs.map → ListPage-Ggd99FLO.mjs.map} +1 -1
- package/dist/admin/{ListPage-OIdhjljI.js → ListPage-Hc3VZ9O3.js} +6 -6
- package/dist/admin/{ListPage-OIdhjljI.js.map → ListPage-Hc3VZ9O3.js.map} +1 -1
- package/dist/admin/{ListPage-LokTy34i.mjs → ListPage-LIn0aEKt.mjs} +3 -3
- package/dist/admin/{ListPage-LokTy34i.mjs.map → ListPage-LIn0aEKt.mjs.map} +1 -1
- package/dist/admin/{ListPage-15KiUCLt.js → ListPage-UEsKYDPH.js} +3 -3
- package/dist/admin/{ListPage-15KiUCLt.js.map → ListPage-UEsKYDPH.js.map} +1 -1
- package/dist/admin/{ListPage-dApwERT6.js → ListPage-Vf4xtn8w.js} +5 -5
- package/dist/admin/{ListPage-dApwERT6.js.map → ListPage-Vf4xtn8w.js.map} +1 -1
- package/dist/admin/{ListPage-8M-bmv0a.mjs → ListPage-rCkaHmeP.mjs} +6 -6
- package/dist/admin/{ListPage-8M-bmv0a.mjs.map → ListPage-rCkaHmeP.mjs.map} +1 -1
- package/dist/admin/{ListPage-hNIbvh17.mjs → ListPage-vJik-wkj.mjs} +10 -10
- package/dist/admin/ListPage-vJik-wkj.mjs.map +1 -0
- package/dist/admin/{ListPage-jTpJnTuQ.js → ListPage-y3rcDJX1.js} +3 -3
- package/dist/admin/{ListPage-jTpJnTuQ.js.map → ListPage-y3rcDJX1.js.map} +1 -1
- package/dist/admin/{ListView-ZSEn2tK5.js → ListView-8pEtfLsu.js} +5 -5
- package/dist/admin/{ListView-ZSEn2tK5.js.map → ListView-8pEtfLsu.js.map} +1 -1
- package/dist/admin/{ListView-tCCo7pVS.mjs → ListView-iCqFRGiO.mjs} +5 -5
- package/dist/admin/{ListView-tCCo7pVS.mjs.map → ListView-iCqFRGiO.mjs.map} +1 -1
- package/dist/admin/{ListView-kEuSmXPm.mjs → ListView-jrsV1wF_.mjs} +5 -5
- package/dist/admin/{ListView-kEuSmXPm.mjs.map → ListView-jrsV1wF_.mjs.map} +1 -1
- package/dist/admin/{ListView-MA83TDJF.js → ListView-noYLY_DM.js} +4 -4
- package/dist/admin/{ListView-MA83TDJF.js.map → ListView-noYLY_DM.js.map} +1 -1
- package/dist/admin/{Login-GLcLgHUd.mjs → Login--GgWQano.mjs} +3 -3
- package/dist/admin/{Login-GLcLgHUd.mjs.map → Login--GgWQano.mjs.map} +1 -1
- package/dist/admin/{Login-RrWZQA_X.js → Login-qr72UXGp.js} +3 -3
- package/dist/admin/{Login-RrWZQA_X.js.map → Login-qr72UXGp.js.map} +1 -1
- package/dist/admin/{MagicLinkEE-u0n-nwtv.js → MagicLinkEE-uTufI4yx.js} +3 -3
- package/dist/admin/{MagicLinkEE-u0n-nwtv.js.map → MagicLinkEE-uTufI4yx.js.map} +1 -1
- package/dist/admin/{MagicLinkEE-_qltdLkk.mjs → MagicLinkEE-vQcgXndx.mjs} +3 -3
- package/dist/admin/{MagicLinkEE-_qltdLkk.mjs.map → MagicLinkEE-vQcgXndx.mjs.map} +1 -1
- package/dist/admin/{MarketplacePage-41CstG0b.mjs → MarketplacePage-LRlL_4ys.mjs} +64 -63
- package/dist/admin/MarketplacePage-LRlL_4ys.mjs.map +1 -0
- package/dist/admin/{MarketplacePage-uyOTT12t.js → MarketplacePage-yRWZ54oN.js} +65 -64
- package/dist/admin/MarketplacePage-yRWZ54oN.js.map +1 -0
- package/dist/admin/{Permissions-J2jRpCh_.mjs → Permissions-aSGK8VGG.mjs} +2 -2
- package/dist/admin/{Permissions-J2jRpCh_.mjs.map → Permissions-aSGK8VGG.mjs.map} +1 -1
- package/dist/admin/{Permissions-LMVH6wf4.js → Permissions-bmMBmcv7.js} +2 -2
- package/dist/admin/{Permissions-LMVH6wf4.js.map → Permissions-bmMBmcv7.js.map} +1 -1
- package/dist/admin/{PrivateRoute-ndqg7K6H.js → PrivateRoute-LO9G_pCJ.js} +2 -2
- package/dist/admin/{PrivateRoute-ndqg7K6H.js.map → PrivateRoute-LO9G_pCJ.js.map} +1 -1
- package/dist/admin/{PrivateRoute-4oRTB_tX.mjs → PrivateRoute-S4Lol0B9.mjs} +2 -2
- package/dist/admin/{PrivateRoute-4oRTB_tX.mjs.map → PrivateRoute-S4Lol0B9.mjs.map} +1 -1
- package/dist/admin/{ProfilePage-wxZFen3W.js → ProfilePage-Mte9RhXw.js} +5 -5
- package/dist/admin/ProfilePage-Mte9RhXw.js.map +1 -0
- package/dist/admin/{ProfilePage-zwG0fq_e.mjs → ProfilePage-voofTYei.mjs} +6 -6
- package/dist/admin/ProfilePage-voofTYei.mjs.map +1 -0
- package/dist/admin/{PurchaseAuditLogs-FDPV-ZqU.mjs → PurchaseAuditLogs-8wmVhLCb.mjs} +2 -2
- package/dist/admin/{PurchaseAuditLogs-FDPV-ZqU.mjs.map → PurchaseAuditLogs-8wmVhLCb.mjs.map} +1 -1
- package/dist/admin/{PurchaseAuditLogs-f6iczpRi.js → PurchaseAuditLogs-qxVh-U_P.js} +2 -2
- package/dist/admin/{PurchaseAuditLogs-f6iczpRi.js.map → PurchaseAuditLogs-qxVh-U_P.js.map} +1 -1
- package/dist/admin/{PurchaseSingleSignOn-S0B2HM4d.mjs → PurchaseSingleSignOn-kgjD8gsd.mjs} +2 -2
- package/dist/admin/{PurchaseSingleSignOn-S0B2HM4d.mjs.map → PurchaseSingleSignOn-kgjD8gsd.mjs.map} +1 -1
- package/dist/admin/{PurchaseSingleSignOn-0wXAjOLm.js → PurchaseSingleSignOn-ovEsG_Ud.js} +2 -2
- package/dist/admin/{PurchaseSingleSignOn-0wXAjOLm.js.map → PurchaseSingleSignOn-ovEsG_Ud.js.map} +1 -1
- package/dist/admin/{SelectRoles-h_1srnVz.mjs → SelectRoles-Kzqv2-TI.mjs} +6 -6
- package/dist/admin/SelectRoles-Kzqv2-TI.mjs.map +1 -0
- package/dist/admin/{SelectRoles-MoDtdDcM.js → SelectRoles-pjJ11lBU.js} +7 -7
- package/dist/admin/SelectRoles-pjJ11lBU.js.map +1 -0
- package/dist/admin/{SingleSignOnPage-5CdOsumW.js → SingleSignOnPage-WjL8NvC5.js} +4 -4
- package/dist/admin/{SingleSignOnPage-5CdOsumW.js.map → SingleSignOnPage-WjL8NvC5.js.map} +1 -1
- package/dist/admin/{SingleSignOnPage-AZVczKwR.mjs → SingleSignOnPage-p1fTOytT.mjs} +5 -5
- package/dist/admin/{SingleSignOnPage-AZVczKwR.mjs.map → SingleSignOnPage-p1fTOytT.mjs.map} +1 -1
- package/dist/admin/{Table-EPKfcF5-.mjs → Table-ARSVxoYe.mjs} +12 -19
- package/dist/admin/Table-ARSVxoYe.mjs.map +1 -0
- package/dist/admin/{Table-CpbvaRQh.js → Table-QAvKSSis.js} +12 -19
- package/dist/admin/Table-QAvKSSis.js.map +1 -0
- package/dist/admin/{Theme-PrUuuGtN.mjs → Theme-frC82ceE.mjs} +221 -20
- package/dist/admin/Theme-frC82ceE.mjs.map +1 -0
- package/dist/admin/{Theme-7W0we6BI.js → Theme-y_rWTknM.js} +225 -19
- package/dist/admin/Theme-y_rWTknM.js.map +1 -0
- package/dist/admin/{TokenTypeSelect-yRV19q7R.js → TokenTypeSelect-biZzRJv2.js} +4 -5
- package/dist/admin/{TokenTypeSelect-yRV19q7R.js.map → TokenTypeSelect-biZzRJv2.js.map} +1 -1
- package/dist/admin/{TokenTypeSelect-7Ki5z_3z.mjs → TokenTypeSelect-j-b_9iB9.mjs} +4 -5
- package/dist/admin/{TokenTypeSelect-7Ki5z_3z.mjs.map → TokenTypeSelect-j-b_9iB9.mjs.map} +1 -1
- package/dist/admin/{UseCasePage-as6-3qKD.mjs → UseCasePage-b2VozaZB.mjs} +4 -4
- package/dist/admin/{UseCasePage-as6-3qKD.mjs.map → UseCasePage-b2VozaZB.mjs.map} +1 -1
- package/dist/admin/{UseCasePage-l9OmQYhK.js → UseCasePage-hJH0orUl.js} +4 -4
- package/dist/admin/{UseCasePage-l9OmQYhK.js.map → UseCasePage-hJH0orUl.js.map} +1 -1
- package/dist/admin/{admin-B6AW0Kov.mjs → admin-GZ-AP2T0.mjs} +2 -2
- package/dist/admin/{admin-B6AW0Kov.mjs.map → admin-GZ-AP2T0.mjs.map} +1 -1
- package/dist/admin/{apiTokens-YMUmHnrH.mjs → apiTokens-GQe-GqwZ.mjs} +2 -2
- package/dist/admin/{apiTokens-YMUmHnrH.mjs.map → apiTokens-GQe-GqwZ.mjs.map} +1 -1
- package/dist/admin/{constants-X2uDAtEA.js → constants-bgMqSKBQ.js} +3 -3
- package/dist/admin/{constants-X2uDAtEA.js.map → constants-bgMqSKBQ.js.map} +1 -1
- package/dist/admin/{constants-AYR471DB.mjs → constants-jKuNcrQj.mjs} +3 -3
- package/dist/admin/{constants-AYR471DB.mjs.map → constants-jKuNcrQj.mjs.map} +1 -1
- package/dist/admin/ee.mjs +1 -1
- package/dist/admin/{en-TbnMBjZf.js → en-_1-Nn7iH.js} +3 -2
- package/dist/admin/{en-TbnMBjZf.js.map → en-_1-Nn7iH.js.map} +1 -1
- package/dist/admin/{en-0Ld-ipyI.mjs → en-lDO5lPD0.mjs} +3 -2
- package/dist/admin/{en-0Ld-ipyI.mjs.map → en-lDO5lPD0.mjs.map} +1 -1
- package/dist/admin/{index-Fu3hPmaj.mjs → index-hoTsgrwy.mjs} +136 -279
- package/dist/admin/index-hoTsgrwy.mjs.map +1 -0
- package/dist/admin/{index-w33_0vI-.js → index-we0DbzVF.js} +140 -286
- package/dist/admin/index-we0DbzVF.js.map +1 -0
- package/dist/admin/index.js +5 -4
- package/dist/admin/index.js.map +1 -1
- package/dist/admin/index.mjs +3 -3
- package/dist/admin/{selectors-ZpHhvPK4.mjs → selectors--muHmKGe.mjs} +2 -2
- package/dist/admin/{selectors-ZpHhvPK4.mjs.map → selectors--muHmKGe.mjs.map} +1 -1
- package/dist/admin/{selectors-zQKcCNuz.js → selectors-1ySxKbos.js} +2 -2
- package/dist/admin/{selectors-zQKcCNuz.js.map → selectors-1ySxKbos.js.map} +1 -1
- package/dist/admin/src/StrapiApp.d.ts +8 -6
- package/dist/admin/src/components/Form.d.ts +3 -1
- package/dist/admin/src/components/GuidedTour/Provider.d.ts +0 -4
- package/dist/admin/src/constants.d.ts +10 -0
- package/dist/admin/src/features/Auth.d.ts +1 -1
- package/dist/admin/src/hooks/useRBAC.d.ts +1 -1
- package/dist/admin/src/index.d.ts +3 -0
- package/dist/admin/src/layouts/UnauthenticatedLayout.d.ts +1 -1
- package/dist/admin/src/pages/Marketplace/hooks/useMarketplaceData.d.ts +2 -1
- package/dist/admin/src/pages/Settings/pages/InstalledPlugins.d.ts +3 -0
- package/dist/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.d.ts +1 -1
- package/dist/admin/src/types/permissions.d.ts +3 -1
- package/dist/admin/test.js +3 -3
- package/dist/admin/test.js.map +1 -1
- package/dist/admin/test.mjs +4 -4
- package/dist/admin/test.mjs.map +1 -1
- package/dist/admin/{transferTokens-CNI0TFdA.mjs → transferTokens-v8tNpI_l.mjs} +2 -2
- package/dist/admin/{transferTokens-CNI0TFdA.mjs.map → transferTokens-v8tNpI_l.mjs.map} +1 -1
- package/dist/admin/{useAdminRoles-w6h8NFK5.js → useAdminRoles-0gM7o3f2.js} +2 -2
- package/dist/admin/{useAdminRoles-w6h8NFK5.js.map → useAdminRoles-0gM7o3f2.js.map} +1 -1
- package/dist/admin/{useAdminRoles-lDesL4gN.mjs → useAdminRoles-uRNvxyDX.mjs} +2 -2
- package/dist/admin/{useAdminRoles-lDesL4gN.mjs.map → useAdminRoles-uRNvxyDX.mjs.map} +1 -1
- package/dist/admin/{useLicenseLimitNotification-PaR7jmqd.mjs → useLicenseLimitNotification-Qx_rSpUQ.mjs} +3 -3
- package/dist/admin/{useLicenseLimitNotification-PaR7jmqd.mjs.map → useLicenseLimitNotification-Qx_rSpUQ.mjs.map} +1 -1
- package/dist/admin/{useLicenseLimitNotification-g1vq6nzk.js → useLicenseLimitNotification-eau4ja6h.js} +2 -2
- package/dist/admin/{useLicenseLimitNotification-g1vq6nzk.js.map → useLicenseLimitNotification-eau4ja6h.js.map} +1 -1
- package/dist/admin/{useLicenseLimits-Jy6E6qc2.mjs → useLicenseLimits-j5znikzW.mjs} +2 -2
- package/dist/admin/{useLicenseLimits-Jy6E6qc2.mjs.map → useLicenseLimits-j5znikzW.mjs.map} +1 -1
- package/dist/admin/{useWebhooks-7thg-d57.mjs → useWebhooks-upF7mgdZ.mjs} +2 -2
- package/dist/admin/{useWebhooks-7thg-d57.mjs.map → useWebhooks-upF7mgdZ.mjs.map} +1 -1
- package/dist/admin/{validation-IcNGA_ef.mjs → validation-OR7t0a-C.mjs} +4 -4
- package/dist/admin/validation-OR7t0a-C.mjs.map +1 -0
- package/dist/admin/{validation-4SWh9S5z.js → validation-VuxEFW4W.js} +4 -4
- package/dist/admin/validation-VuxEFW4W.js.map +1 -0
- package/dist/ee/server/src/audit-logs/content-types/audit-log.d.ts +41 -0
- package/dist/ee/server/src/audit-logs/content-types/audit-log.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/controllers/audit-logs.d.ts +7 -0
- package/dist/ee/server/src/audit-logs/controllers/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/routes/audit-logs.d.ts +19 -0
- package/dist/ee/server/src/audit-logs/routes/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts +27 -0
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts +12 -0
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts +6 -0
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/bootstrap.d.ts +3 -0
- package/dist/ee/server/src/bootstrap.d.ts.map +1 -0
- package/dist/ee/server/src/config/admin-actions.d.ts +20 -0
- package/dist/ee/server/src/config/admin-actions.d.ts.map +1 -0
- package/dist/ee/server/src/content-types/index.d.ts +3 -0
- package/dist/ee/server/src/content-types/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/admin.d.ts +29 -0
- package/dist/ee/server/src/controllers/admin.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/constants.d.ts +10 -0
- package/dist/ee/server/src/controllers/authentication-utils/constants.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/index.d.ts +5 -0
- package/dist/ee/server/src/controllers/authentication-utils/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/middlewares.d.ts +9 -0
- package/dist/ee/server/src/controllers/authentication-utils/middlewares.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts +55 -0
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication.d.ts +9 -0
- package/dist/ee/server/src/controllers/authentication.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/index.d.ts +48 -0
- package/dist/ee/server/src/controllers/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/role.d.ts +20 -0
- package/dist/ee/server/src/controllers/role.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/user.d.ts +8 -0
- package/dist/ee/server/src/controllers/user.d.ts.map +1 -0
- package/dist/ee/server/src/destroy.d.ts +6 -0
- package/dist/ee/server/src/destroy.d.ts.map +1 -0
- package/dist/ee/server/src/index.d.ts +380 -0
- package/dist/ee/server/src/index.d.ts.map +1 -0
- package/dist/ee/server/src/register.d.ts +6 -0
- package/dist/ee/server/src/register.d.ts.map +1 -0
- package/dist/ee/server/src/routes/index.d.ts +47 -0
- package/dist/ee/server/src/routes/index.d.ts.map +1 -0
- package/dist/ee/server/src/routes/license-limit.d.ts +18 -0
- package/dist/ee/server/src/routes/license-limit.d.ts.map +1 -0
- package/dist/ee/server/src/routes/sso.d.ts +29 -0
- package/dist/ee/server/src/routes/sso.d.ts.map +1 -0
- package/dist/ee/server/src/routes/utils.d.ts +3 -0
- package/dist/ee/server/src/routes/utils.d.ts.map +1 -0
- package/dist/ee/server/src/services/auth.d.ts +6 -0
- package/dist/ee/server/src/services/auth.d.ts.map +1 -0
- package/dist/ee/server/src/services/index.d.ts +39 -0
- package/dist/ee/server/src/services/index.d.ts.map +1 -0
- package/dist/ee/server/src/services/metrics.d.ts +8 -0
- package/dist/ee/server/src/services/metrics.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport/provider-registry.d.ts +4 -0
- package/dist/ee/server/src/services/passport/provider-registry.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport/sso.d.ts +19 -0
- package/dist/ee/server/src/services/passport/sso.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport.d.ts +13 -0
- package/dist/ee/server/src/services/passport.d.ts.map +1 -0
- package/dist/ee/server/src/services/role.d.ts +5 -0
- package/dist/ee/server/src/services/role.d.ts.map +1 -0
- package/dist/ee/server/src/services/seat-enforcement.d.ts +6 -0
- package/dist/ee/server/src/services/seat-enforcement.d.ts.map +1 -0
- package/dist/ee/server/src/services/user.d.ts +10 -0
- package/dist/ee/server/src/services/user.d.ts.map +1 -0
- package/dist/ee/server/src/utils/index.d.ts +11 -0
- package/dist/ee/server/src/utils/index.d.ts.map +1 -0
- package/dist/ee/server/src/utils/persisted-tables.d.ts +42 -0
- package/dist/ee/server/src/utils/persisted-tables.d.ts.map +1 -0
- package/dist/ee/server/src/utils/sso-lock.d.ts +6 -0
- package/dist/ee/server/src/utils/sso-lock.d.ts.map +1 -0
- package/dist/ee/server/src/validation/authentication.d.ts +15 -0
- package/dist/ee/server/src/validation/authentication.d.ts.map +1 -0
- package/dist/ee/server/src/validation/role.d.ts +21 -0
- package/dist/ee/server/src/validation/role.d.ts.map +1 -0
- package/dist/ee/server/src/validation/user.d.ts +19 -0
- package/dist/ee/server/src/validation/user.d.ts.map +1 -0
- package/dist/package.json.d.ts +10 -9
- package/dist/server/index.js +1891 -538
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +1687 -333
- package/dist/server/index.mjs.map +1 -1
- package/dist/server/src/domain/action/provider.d.ts +1 -1
- package/dist/server/src/domain/condition/provider.d.ts +3 -1
- package/dist/server/src/domain/condition/provider.d.ts.map +1 -1
- package/dist/server/src/index.d.ts +738 -10
- package/dist/server/src/index.d.ts.map +1 -1
- package/dist/server/src/services/permission.d.ts +4 -2
- package/dist/server/src/services/permission.d.ts.map +1 -1
- package/dist/shared/contracts/admin.d.ts +1 -0
- package/dist/shared/contracts/admin.d.ts.map +1 -1
- package/dist/shared/contracts/user.d.ts +1 -1
- package/dist/shared/contracts/user.d.ts.map +1 -1
- package/package.json +17 -16
- package/dist/admin/AuthenticatedLayout-06fn7qrH.mjs.map +0 -1
- package/dist/admin/AuthenticatedLayout-eKDwvUFO.js.map +0 -1
- package/dist/admin/ContentBox-3MRTNw0X.js +0 -43
- package/dist/admin/ContentBox-3MRTNw0X.js.map +0 -1
- package/dist/admin/ContentBox-9LBDzws0.mjs +0 -41
- package/dist/admin/ContentBox-9LBDzws0.mjs.map +0 -1
- package/dist/admin/CreatePage-bdWb1wg4.mjs.map +0 -1
- package/dist/admin/CreatePage-t5HQUOqJ.js.map +0 -1
- package/dist/admin/EditPage-A7-BewPd.mjs.map +0 -1
- package/dist/admin/EditPage-Lw36XG9G.js.map +0 -1
- package/dist/admin/EditPage-cWJ8V1BK.mjs.map +0 -1
- package/dist/admin/EditPage-pTQCDncU.js.map +0 -1
- package/dist/admin/EditView-HygMdUSf.mjs.map +0 -1
- package/dist/admin/EditView-KzdDTSO-.js.map +0 -1
- package/dist/admin/HomePage-dyDldozB.mjs.map +0 -1
- package/dist/admin/HomePage-ywYHZHMa.js.map +0 -1
- package/dist/admin/InstalledPluginsPage-3OSkplVn.mjs.map +0 -1
- package/dist/admin/InstalledPluginsPage-JkruwT2d.js.map +0 -1
- package/dist/admin/ListPage-DHUp0PDw.js.map +0 -1
- package/dist/admin/ListPage-hNIbvh17.mjs.map +0 -1
- package/dist/admin/MarketplacePage-41CstG0b.mjs.map +0 -1
- package/dist/admin/MarketplacePage-uyOTT12t.js.map +0 -1
- package/dist/admin/ProfilePage-wxZFen3W.js.map +0 -1
- package/dist/admin/ProfilePage-zwG0fq_e.mjs.map +0 -1
- package/dist/admin/SelectRoles-MoDtdDcM.js.map +0 -1
- package/dist/admin/SelectRoles-h_1srnVz.mjs.map +0 -1
- package/dist/admin/Table-CpbvaRQh.js.map +0 -1
- package/dist/admin/Table-EPKfcF5-.mjs.map +0 -1
- package/dist/admin/Theme-7W0we6BI.js.map +0 -1
- package/dist/admin/Theme-PrUuuGtN.mjs.map +0 -1
- package/dist/admin/index-Fu3hPmaj.mjs.map +0 -1
- package/dist/admin/index-w33_0vI-.js.map +0 -1
- package/dist/admin/src/pages/InstalledPluginsPage.d.ts +0 -3
- package/dist/admin/validation-4SWh9S5z.js.map +0 -1
- package/dist/admin/validation-IcNGA_ef.mjs.map +0 -1
- package/dist/ee/server/index.js +0 -2193
- package/dist/ee/server/index.js.map +0 -1
- package/dist/ee/server/index.mjs +0 -2188
- package/dist/ee/server/index.mjs.map +0 -1
- package/strapi-server.js +0 -18
package/dist/server/index.mjs
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
|
-
import
|
|
2
|
-
import
|
|
1
|
+
import * as _ from "lodash";
|
|
2
|
+
import ___default, { pick as pick$1 } from "lodash";
|
|
3
|
+
import { merge, map, uniq, difference, isNil, castArray, pick, curry, pipe, prop, includes, isArray, set, omit, isEmpty, has, defaults, remove, eq, get, differenceWith, differenceBy, isEqual, toLower, isFunction, some, flatMap, isObject, cloneDeep, getOr, intersection, isPlainObject, matchesProperty, propEq, xor, startsWith, isString, isNumber, values, sumBy, trim, isUndefined, mapKeys, toString, toNumber, assign, reverse, take, drop, mapValues } from "lodash/fp";
|
|
4
|
+
import utils$2, { async, errors, yup, validateYupSchema, policy, arrays, hooks as hooks$1, dates, validateYupSchemaSync, providerFactory, sanitize, contentTypes as contentTypes$1, traverse, traverseEntity, validate, env, validateZod, strings } from "@strapi/utils";
|
|
3
5
|
import path, { resolve, basename, join, extname } from "path";
|
|
4
6
|
import fse, { exists as exists$4 } from "fs-extra";
|
|
5
7
|
import koaStatic from "koa-static";
|
|
6
8
|
import { differenceInHours, parseISO } from "date-fns";
|
|
7
9
|
import "@strapi/types";
|
|
8
|
-
import * as _ from "lodash";
|
|
9
|
-
import ___default, { pick as pick$1 } from "lodash";
|
|
10
10
|
import bcrypt from "bcryptjs";
|
|
11
|
-
import passport$
|
|
11
|
+
import passport$2 from "koa-passport";
|
|
12
12
|
import { Strategy } from "passport-local";
|
|
13
13
|
import crypto from "crypto";
|
|
14
14
|
import jwt from "jsonwebtoken";
|
|
@@ -24,10 +24,11 @@ import compose from "koa-compose";
|
|
|
24
24
|
import { strapi as strapi$1 } from "@strapi/data-transfer";
|
|
25
25
|
import isLocalhostIp from "is-localhost-ip";
|
|
26
26
|
import punycode from "punycode/";
|
|
27
|
-
|
|
27
|
+
import { scheduleJob } from "node-schedule";
|
|
28
|
+
const getService$1 = (name2) => {
|
|
28
29
|
return strapi.service(`admin::${name2}`);
|
|
29
30
|
};
|
|
30
|
-
const actions = [
|
|
31
|
+
const actions$1 = [
|
|
31
32
|
{
|
|
32
33
|
uid: "marketplace.read",
|
|
33
34
|
displayName: "Access the marketplace",
|
|
@@ -252,7 +253,7 @@ const actions = [
|
|
|
252
253
|
}
|
|
253
254
|
];
|
|
254
255
|
const adminActions = {
|
|
255
|
-
actions
|
|
256
|
+
actions: actions$1
|
|
256
257
|
};
|
|
257
258
|
const conditions = [
|
|
258
259
|
{
|
|
@@ -287,13 +288,13 @@ const defaultAdminAuthSettings = {
|
|
|
287
288
|
}
|
|
288
289
|
};
|
|
289
290
|
const registerPermissionActions = async () => {
|
|
290
|
-
await getService("permission").actionProvider.registerMany(adminActions.actions);
|
|
291
|
+
await getService$1("permission").actionProvider.registerMany(adminActions.actions);
|
|
291
292
|
};
|
|
292
293
|
const registerAdminConditions = async () => {
|
|
293
|
-
await getService("permission").conditionProvider.registerMany(adminConditions.conditions);
|
|
294
|
+
await getService$1("permission").conditionProvider.registerMany(adminConditions.conditions);
|
|
294
295
|
};
|
|
295
296
|
const registerModelHooks = () => {
|
|
296
|
-
const { sendDidChangeInterfaceLanguage: sendDidChangeInterfaceLanguage2 } = getService("metrics");
|
|
297
|
+
const { sendDidChangeInterfaceLanguage: sendDidChangeInterfaceLanguage2 } = getService$1("metrics");
|
|
297
298
|
strapi.db.lifecycles.subscribe({
|
|
298
299
|
models: ["admin::user"],
|
|
299
300
|
afterCreate: sendDidChangeInterfaceLanguage2,
|
|
@@ -309,7 +310,7 @@ const syncAuthSettings = async () => {
|
|
|
309
310
|
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
310
311
|
const adminAuthSettings = await adminStore.get({ key: "auth" });
|
|
311
312
|
const newAuthSettings = merge(defaultAdminAuthSettings, adminAuthSettings);
|
|
312
|
-
const roleExists = await getService("role").exists({
|
|
313
|
+
const roleExists = await getService$1("role").exists({
|
|
313
314
|
id: newAuthSettings.providers.defaultRole
|
|
314
315
|
});
|
|
315
316
|
if (!roleExists) {
|
|
@@ -328,16 +329,16 @@ const syncAPITokensPermissions = async () => {
|
|
|
328
329
|
await strapi.db.query("admin::api-token-permission").deleteMany({ where: { action: { $in: unknownPermissions } } });
|
|
329
330
|
}
|
|
330
331
|
};
|
|
331
|
-
const bootstrap = async ({ strapi: strapi2 }) => {
|
|
332
|
+
const bootstrap$1 = async ({ strapi: strapi2 }) => {
|
|
332
333
|
await registerAdminConditions();
|
|
333
334
|
await registerPermissionActions();
|
|
334
335
|
registerModelHooks();
|
|
335
|
-
const permissionService = getService("permission");
|
|
336
|
-
const userService = getService("user");
|
|
337
|
-
const roleService = getService("role");
|
|
338
|
-
const apiTokenService = getService("api-token");
|
|
339
|
-
const transferService = getService("transfer");
|
|
340
|
-
const tokenService = getService("token");
|
|
336
|
+
const permissionService = getService$1("permission");
|
|
337
|
+
const userService = getService$1("user");
|
|
338
|
+
const roleService = getService$1("role");
|
|
339
|
+
const apiTokenService = getService$1("api-token");
|
|
340
|
+
const transferService = getService$1("transfer");
|
|
341
|
+
const tokenService = getService$1("token");
|
|
341
342
|
await roleService.createRolesIfNoneExist();
|
|
342
343
|
await roleService.resetSuperAdminPermissions();
|
|
343
344
|
await roleService.displayWarningIfNoSuperAdmin();
|
|
@@ -345,8 +346,8 @@ const bootstrap = async ({ strapi: strapi2 }) => {
|
|
|
345
346
|
await userService.displayWarningIfUsersDontHaveRole();
|
|
346
347
|
await syncAuthSettings();
|
|
347
348
|
await syncAPITokensPermissions();
|
|
348
|
-
await getService("metrics").sendUpdateProjectInformation(strapi2);
|
|
349
|
-
getService("metrics").startCron(strapi2);
|
|
349
|
+
await getService$1("metrics").sendUpdateProjectInformation(strapi2);
|
|
350
|
+
getService$1("metrics").startCron(strapi2);
|
|
350
351
|
apiTokenService.checkSaltIsDefined();
|
|
351
352
|
transferService.token.checkSaltIsDefined();
|
|
352
353
|
tokenService.checkSecretIsDefined();
|
|
@@ -403,7 +404,7 @@ const serveStatic = (filesDir, koaStaticOptions = {}) => {
|
|
|
403
404
|
ctx.path = prev;
|
|
404
405
|
};
|
|
405
406
|
};
|
|
406
|
-
const authenticate$
|
|
407
|
+
const authenticate$3 = async (ctx) => {
|
|
407
408
|
const { authorization } = ctx.request.header;
|
|
408
409
|
if (!authorization) {
|
|
409
410
|
return { authenticated: false };
|
|
@@ -413,7 +414,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
413
414
|
return { authenticated: false };
|
|
414
415
|
}
|
|
415
416
|
const token2 = parts[1];
|
|
416
|
-
const { payload, isValid } = getService("token").decodeJwtToken(token2);
|
|
417
|
+
const { payload, isValid } = getService$1("token").decodeJwtToken(token2);
|
|
417
418
|
if (!isValid) {
|
|
418
419
|
return { authenticated: false };
|
|
419
420
|
}
|
|
@@ -421,7 +422,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
421
422
|
if (!user2 || !(user2.isActive === true)) {
|
|
422
423
|
return { authenticated: false };
|
|
423
424
|
}
|
|
424
|
-
const userAbility = await getService("permission").engine.generateUserAbility(user2);
|
|
425
|
+
const userAbility = await getService$1("permission").engine.generateUserAbility(user2);
|
|
425
426
|
ctx.state.userAbility = userAbility;
|
|
426
427
|
ctx.state.user = user2;
|
|
427
428
|
return {
|
|
@@ -433,7 +434,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
433
434
|
const name$1 = "admin";
|
|
434
435
|
const adminAuthStrategy = {
|
|
435
436
|
name: name$1,
|
|
436
|
-
authenticate: authenticate$
|
|
437
|
+
authenticate: authenticate$3
|
|
437
438
|
};
|
|
438
439
|
const DAY_IN_MS = 24 * 60 * 60 * 1e3;
|
|
439
440
|
const constants$3 = {
|
|
@@ -473,7 +474,7 @@ const constants$4 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
473
474
|
__proto__: null,
|
|
474
475
|
default: constants$3
|
|
475
476
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
476
|
-
const { UnauthorizedError: UnauthorizedError$
|
|
477
|
+
const { UnauthorizedError: UnauthorizedError$3, ForbiddenError: ForbiddenError$2 } = errors;
|
|
477
478
|
const isReadScope = (scope) => scope.endsWith("find") || scope.endsWith("findOne");
|
|
478
479
|
const extractToken$1 = (ctx) => {
|
|
479
480
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
@@ -485,8 +486,8 @@ const extractToken$1 = (ctx) => {
|
|
|
485
486
|
}
|
|
486
487
|
return null;
|
|
487
488
|
};
|
|
488
|
-
const authenticate$
|
|
489
|
-
const apiTokenService = getService("api-token");
|
|
489
|
+
const authenticate$2 = async (ctx) => {
|
|
490
|
+
const apiTokenService = getService$1("api-token");
|
|
490
491
|
const token2 = extractToken$1(ctx);
|
|
491
492
|
if (!token2) {
|
|
492
493
|
return { authenticated: false };
|
|
@@ -501,7 +502,7 @@ const authenticate$1 = async (ctx) => {
|
|
|
501
502
|
if (!isNil(apiToken2.expiresAt)) {
|
|
502
503
|
const expirationDate = new Date(apiToken2.expiresAt);
|
|
503
504
|
if (expirationDate < currentDate) {
|
|
504
|
-
return { authenticated: false, error: new UnauthorizedError$
|
|
505
|
+
return { authenticated: false, error: new UnauthorizedError$3("Token expired") };
|
|
505
506
|
}
|
|
506
507
|
}
|
|
507
508
|
const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(apiToken2.lastUsedAt));
|
|
@@ -519,44 +520,44 @@ const authenticate$1 = async (ctx) => {
|
|
|
519
520
|
}
|
|
520
521
|
return { authenticated: true, credentials: apiToken2 };
|
|
521
522
|
};
|
|
522
|
-
const verify$2 = (auth2,
|
|
523
|
+
const verify$2 = (auth2, config2) => {
|
|
523
524
|
const { credentials: apiToken2, ability } = auth2;
|
|
524
525
|
if (!apiToken2) {
|
|
525
|
-
throw new UnauthorizedError$
|
|
526
|
+
throw new UnauthorizedError$3("Token not found");
|
|
526
527
|
}
|
|
527
528
|
const currentDate = /* @__PURE__ */ new Date();
|
|
528
529
|
if (!isNil(apiToken2.expiresAt)) {
|
|
529
530
|
const expirationDate = new Date(apiToken2.expiresAt);
|
|
530
531
|
if (expirationDate < currentDate) {
|
|
531
|
-
throw new UnauthorizedError$
|
|
532
|
+
throw new UnauthorizedError$3("Token expired");
|
|
532
533
|
}
|
|
533
534
|
}
|
|
534
535
|
if (apiToken2.type === constants$3.API_TOKEN_TYPE.FULL_ACCESS) {
|
|
535
536
|
return;
|
|
536
537
|
}
|
|
537
538
|
if (apiToken2.type === constants$3.API_TOKEN_TYPE.READ_ONLY) {
|
|
538
|
-
const scopes = castArray(
|
|
539
|
-
if (
|
|
539
|
+
const scopes = castArray(config2.scope);
|
|
540
|
+
if (config2.scope && scopes.every(isReadScope)) {
|
|
540
541
|
return;
|
|
541
542
|
}
|
|
542
543
|
} else if (apiToken2.type === constants$3.API_TOKEN_TYPE.CUSTOM) {
|
|
543
544
|
if (!ability) {
|
|
544
|
-
throw new ForbiddenError$
|
|
545
|
+
throw new ForbiddenError$2();
|
|
545
546
|
}
|
|
546
|
-
const scopes = castArray(
|
|
547
|
+
const scopes = castArray(config2.scope);
|
|
547
548
|
const isAllowed = scopes.every((scope) => ability.can(scope));
|
|
548
549
|
if (isAllowed) {
|
|
549
550
|
return;
|
|
550
551
|
}
|
|
551
552
|
}
|
|
552
|
-
throw new ForbiddenError$
|
|
553
|
+
throw new ForbiddenError$2();
|
|
553
554
|
};
|
|
554
555
|
const apiTokenAuthStrategy = {
|
|
555
556
|
name: "api-token",
|
|
556
|
-
authenticate: authenticate$
|
|
557
|
+
authenticate: authenticate$2,
|
|
557
558
|
verify: verify$2
|
|
558
559
|
};
|
|
559
|
-
const register$
|
|
560
|
+
const register$2 = ({ strapi: strapi2 }) => {
|
|
560
561
|
const passportMiddleware = strapi2.service("admin::passport").init();
|
|
561
562
|
strapi2.server.api("admin").use(passportMiddleware);
|
|
562
563
|
strapi2.get("auth").register("admin", adminAuthStrategy);
|
|
@@ -565,8 +566,8 @@ const register$1 = ({ strapi: strapi2 }) => {
|
|
|
565
566
|
registerAdminPanelRoute({ strapi: strapi2 });
|
|
566
567
|
}
|
|
567
568
|
};
|
|
568
|
-
const destroy = async () => {
|
|
569
|
-
const { conditionProvider: conditionProvider2, actionProvider: actionProvider2 } = getService("permission");
|
|
569
|
+
const destroy$1 = async () => {
|
|
570
|
+
const { conditionProvider: conditionProvider2, actionProvider: actionProvider2 } = getService$1("permission");
|
|
570
571
|
await conditionProvider2.clear();
|
|
571
572
|
await actionProvider2.clear();
|
|
572
573
|
};
|
|
@@ -586,11 +587,11 @@ But don’t worry! You can use the following link to reset your password:
|
|
|
586
587
|
|
|
587
588
|
Thanks.`;
|
|
588
589
|
const forgotPasswordTemplate = { subject, text, html };
|
|
589
|
-
const forgotPassword$
|
|
590
|
+
const forgotPassword$2 = {
|
|
590
591
|
emailTemplate: forgotPasswordTemplate
|
|
591
592
|
};
|
|
592
|
-
const
|
|
593
|
-
forgotPassword: forgotPassword$
|
|
593
|
+
const config = {
|
|
594
|
+
forgotPassword: forgotPassword$2
|
|
594
595
|
};
|
|
595
596
|
const isAuthenticatedAdmin = (policyCtx) => {
|
|
596
597
|
return Boolean(policyCtx.state.isAuthenticated);
|
|
@@ -632,8 +633,8 @@ const inputModifiers = [
|
|
|
632
633
|
const hasPermissions = createPolicy$1({
|
|
633
634
|
name: "admin::hasPermissions",
|
|
634
635
|
validator: validateHasPermissionsInput,
|
|
635
|
-
handler(ctx,
|
|
636
|
-
const { actions: actions2 } =
|
|
636
|
+
handler(ctx, config2) {
|
|
637
|
+
const { actions: actions2 } = config2;
|
|
637
638
|
const { userAbility: ability } = ctx.state;
|
|
638
639
|
const permissions2 = actions2.map(
|
|
639
640
|
(action2) => inputModifiers.find((modifier) => modifier.check(action2))?.transform(action2)
|
|
@@ -653,8 +654,8 @@ const isTelemetryEnabled = createPolicy({
|
|
|
653
654
|
}
|
|
654
655
|
}
|
|
655
656
|
});
|
|
656
|
-
const
|
|
657
|
-
const admin$
|
|
657
|
+
const policies = { isAuthenticatedAdmin, hasPermissions, isTelemetryEnabled };
|
|
658
|
+
const admin$4 = [
|
|
658
659
|
{
|
|
659
660
|
method: "GET",
|
|
660
661
|
path: "/init",
|
|
@@ -723,7 +724,7 @@ const admin$1 = [
|
|
|
723
724
|
}
|
|
724
725
|
}
|
|
725
726
|
];
|
|
726
|
-
const authentication$
|
|
727
|
+
const authentication$2 = [
|
|
727
728
|
{
|
|
728
729
|
method: "POST",
|
|
729
730
|
path: "/login",
|
|
@@ -1152,7 +1153,7 @@ const contentApi$1 = [
|
|
|
1152
1153
|
}
|
|
1153
1154
|
}
|
|
1154
1155
|
];
|
|
1155
|
-
const { UnauthorizedError: UnauthorizedError$
|
|
1156
|
+
const { UnauthorizedError: UnauthorizedError$2, ForbiddenError: ForbiddenError$1 } = errors;
|
|
1156
1157
|
const extractToken = (ctx) => {
|
|
1157
1158
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
1158
1159
|
const parts = ctx.request.header.authorization.split(/\s+/);
|
|
@@ -1163,8 +1164,8 @@ const extractToken = (ctx) => {
|
|
|
1163
1164
|
}
|
|
1164
1165
|
return null;
|
|
1165
1166
|
};
|
|
1166
|
-
const authenticate = async (ctx) => {
|
|
1167
|
-
const { token: tokenService } = getService("transfer");
|
|
1167
|
+
const authenticate$1 = async (ctx) => {
|
|
1168
|
+
const { token: tokenService } = getService$1("transfer");
|
|
1168
1169
|
const token2 = extractToken(ctx);
|
|
1169
1170
|
if (!token2) {
|
|
1170
1171
|
return { authenticated: false };
|
|
@@ -1177,7 +1178,7 @@ const authenticate = async (ctx) => {
|
|
|
1177
1178
|
if (!isNil(transferToken2.expiresAt)) {
|
|
1178
1179
|
const expirationDate = new Date(transferToken2.expiresAt);
|
|
1179
1180
|
if (expirationDate < currentDate) {
|
|
1180
|
-
return { authenticated: false, error: new UnauthorizedError$
|
|
1181
|
+
return { authenticated: false, error: new UnauthorizedError$2("Token expired") };
|
|
1181
1182
|
}
|
|
1182
1183
|
}
|
|
1183
1184
|
const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(transferToken2.lastUsedAt));
|
|
@@ -1187,36 +1188,36 @@ const authenticate = async (ctx) => {
|
|
|
1187
1188
|
data: { lastUsedAt: currentDate }
|
|
1188
1189
|
});
|
|
1189
1190
|
}
|
|
1190
|
-
const ability = await getService("transfer").permission.engine.generateAbility(
|
|
1191
|
+
const ability = await getService$1("transfer").permission.engine.generateAbility(
|
|
1191
1192
|
transferToken2.permissions.map((action2) => ({ action: action2 }))
|
|
1192
1193
|
);
|
|
1193
1194
|
return { authenticated: true, ability, credentials: transferToken2 };
|
|
1194
1195
|
};
|
|
1195
|
-
const verify$1 = async (auth2,
|
|
1196
|
+
const verify$1 = async (auth2, config2 = {}) => {
|
|
1196
1197
|
const { credentials: transferToken2, ability } = auth2;
|
|
1197
1198
|
if (!transferToken2) {
|
|
1198
|
-
throw new UnauthorizedError$
|
|
1199
|
+
throw new UnauthorizedError$2("Token not found");
|
|
1199
1200
|
}
|
|
1200
1201
|
const currentDate = /* @__PURE__ */ new Date();
|
|
1201
1202
|
if (!isNil(transferToken2.expiresAt)) {
|
|
1202
1203
|
const expirationDate = new Date(transferToken2.expiresAt);
|
|
1203
1204
|
if (expirationDate < currentDate) {
|
|
1204
|
-
throw new UnauthorizedError$
|
|
1205
|
+
throw new UnauthorizedError$2("Token expired");
|
|
1205
1206
|
}
|
|
1206
1207
|
}
|
|
1207
1208
|
if (!ability) {
|
|
1208
|
-
throw new ForbiddenError();
|
|
1209
|
+
throw new ForbiddenError$1();
|
|
1209
1210
|
}
|
|
1210
|
-
const scopes = castArray(
|
|
1211
|
+
const scopes = castArray(config2.scope ?? []);
|
|
1211
1212
|
const isAllowed = scopes.every((scope) => ability.can(scope));
|
|
1212
1213
|
if (!isAllowed) {
|
|
1213
|
-
throw new ForbiddenError();
|
|
1214
|
+
throw new ForbiddenError$1();
|
|
1214
1215
|
}
|
|
1215
1216
|
};
|
|
1216
1217
|
const name = "data-transfer";
|
|
1217
1218
|
const dataTransferAuthStrategy = {
|
|
1218
1219
|
name,
|
|
1219
|
-
authenticate,
|
|
1220
|
+
authenticate: authenticate$1,
|
|
1220
1221
|
verify: verify$1
|
|
1221
1222
|
};
|
|
1222
1223
|
const transfer$2 = [
|
|
@@ -1317,12 +1318,12 @@ const transfer$2 = [
|
|
|
1317
1318
|
}
|
|
1318
1319
|
}
|
|
1319
1320
|
];
|
|
1320
|
-
const routes = {
|
|
1321
|
+
const routes$1 = {
|
|
1321
1322
|
admin: {
|
|
1322
1323
|
type: "admin",
|
|
1323
1324
|
routes: [
|
|
1324
|
-
...admin$
|
|
1325
|
-
...authentication$
|
|
1325
|
+
...admin$4,
|
|
1326
|
+
...authentication$2,
|
|
1326
1327
|
...permissions,
|
|
1327
1328
|
...users,
|
|
1328
1329
|
...roles$1,
|
|
@@ -1333,7 +1334,7 @@ const routes = {
|
|
|
1333
1334
|
]
|
|
1334
1335
|
}
|
|
1335
1336
|
};
|
|
1336
|
-
const { ApplicationError: ApplicationError$
|
|
1337
|
+
const { ApplicationError: ApplicationError$a } = errors;
|
|
1337
1338
|
const hashPassword = (password2) => bcrypt.hash(password2, 10);
|
|
1338
1339
|
const validatePassword = (password2, hash2) => bcrypt.compare(password2, hash2);
|
|
1339
1340
|
const checkCredentials = async ({ email: email2, password: password2 }) => {
|
|
@@ -1350,13 +1351,13 @@ const checkCredentials = async ({ email: email2, password: password2 }) => {
|
|
|
1350
1351
|
}
|
|
1351
1352
|
return [null, user2];
|
|
1352
1353
|
};
|
|
1353
|
-
const forgotPassword = async ({ email: email2 } = {}) => {
|
|
1354
|
+
const forgotPassword$1 = async ({ email: email2 } = {}) => {
|
|
1354
1355
|
const user2 = await strapi.db.query("admin::user").findOne({ where: { email: email2, isActive: true } });
|
|
1355
1356
|
if (!user2) {
|
|
1356
1357
|
return;
|
|
1357
1358
|
}
|
|
1358
|
-
const resetPasswordToken = getService("token").createToken();
|
|
1359
|
-
await getService("user").updateById(user2.id, { resetPasswordToken });
|
|
1359
|
+
const resetPasswordToken = getService$1("token").createToken();
|
|
1360
|
+
await getService$1("user").updateById(user2.id, { resetPasswordToken });
|
|
1360
1361
|
const url = `${strapi.config.get(
|
|
1361
1362
|
"admin.absoluteUrl"
|
|
1362
1363
|
)}/auth/reset-password?code=${resetPasswordToken}`;
|
|
@@ -1375,18 +1376,18 @@ const forgotPassword = async ({ email: email2 } = {}) => {
|
|
|
1375
1376
|
strapi.log.error(err);
|
|
1376
1377
|
});
|
|
1377
1378
|
};
|
|
1378
|
-
const resetPassword = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
1379
|
+
const resetPassword$1 = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
1379
1380
|
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { resetPasswordToken, isActive: true } });
|
|
1380
1381
|
if (!matchingUser) {
|
|
1381
|
-
throw new ApplicationError$
|
|
1382
|
+
throw new ApplicationError$a();
|
|
1382
1383
|
}
|
|
1383
|
-
return getService("user").updateById(matchingUser.id, {
|
|
1384
|
+
return getService$1("user").updateById(matchingUser.id, {
|
|
1384
1385
|
password: password2,
|
|
1385
1386
|
resetPasswordToken: null
|
|
1386
1387
|
});
|
|
1387
1388
|
};
|
|
1388
|
-
const auth = { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };
|
|
1389
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1389
|
+
const auth$1 = { checkCredentials, validatePassword, hashPassword, forgotPassword: forgotPassword$1, resetPassword: resetPassword$1 };
|
|
1390
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$5 } = constants$3;
|
|
1390
1391
|
function createUser(attributes) {
|
|
1391
1392
|
return {
|
|
1392
1393
|
roles: [],
|
|
@@ -1396,7 +1397,7 @@ function createUser(attributes) {
|
|
|
1396
1397
|
};
|
|
1397
1398
|
}
|
|
1398
1399
|
const hasSuperAdminRole$1 = (user2) => {
|
|
1399
|
-
return user2.roles.filter((role2) => role2.code === SUPER_ADMIN_CODE$
|
|
1400
|
+
return user2.roles.filter((role2) => role2.code === SUPER_ADMIN_CODE$5).length > 0;
|
|
1400
1401
|
};
|
|
1401
1402
|
const ADMIN_USER_ALLOWED_FIELDS = ["id", "firstname", "lastname", "username"];
|
|
1402
1403
|
const getDefaultActionAttributes = () => ({
|
|
@@ -1486,7 +1487,7 @@ const checkFieldsDontHaveDuplicates = (fields) => {
|
|
|
1486
1487
|
return ___default.uniq(fields).length === fields.length;
|
|
1487
1488
|
};
|
|
1488
1489
|
const getActionFromProvider = (actionId) => {
|
|
1489
|
-
return getService("permission").actionProvider.get(actionId);
|
|
1490
|
+
return getService$1("permission").actionProvider.get(actionId);
|
|
1490
1491
|
};
|
|
1491
1492
|
const email = yup.string().email().lowercase();
|
|
1492
1493
|
const firstname = yup.string().trim().min(1);
|
|
@@ -1606,46 +1607,46 @@ const validators = {
|
|
|
1606
1607
|
permission: permission$3,
|
|
1607
1608
|
updatePermissions
|
|
1608
1609
|
};
|
|
1609
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1610
|
-
const { ValidationError: ValidationError$
|
|
1611
|
-
const sanitizeUserRoles = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
1612
|
-
const sanitizeUser = (user2) => {
|
|
1610
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$4 } = constants$3;
|
|
1611
|
+
const { ValidationError: ValidationError$6 } = errors;
|
|
1612
|
+
const sanitizeUserRoles$1 = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
1613
|
+
const sanitizeUser$1 = (user2) => {
|
|
1613
1614
|
return {
|
|
1614
1615
|
...___default.omit(user2, ["password", "resetPasswordToken", "registrationToken", "roles"]),
|
|
1615
|
-
roles: user2.roles && user2.roles.map(sanitizeUserRoles)
|
|
1616
|
+
roles: user2.roles && user2.roles.map(sanitizeUserRoles$1)
|
|
1616
1617
|
};
|
|
1617
1618
|
};
|
|
1618
1619
|
const create$5 = async (attributes) => {
|
|
1619
1620
|
const userInfo = {
|
|
1620
|
-
registrationToken: getService("token").createToken(),
|
|
1621
|
+
registrationToken: getService$1("token").createToken(),
|
|
1621
1622
|
...attributes
|
|
1622
1623
|
};
|
|
1623
1624
|
if (___default.has(attributes, "password")) {
|
|
1624
|
-
userInfo.password = await getService("auth").hashPassword(attributes.password);
|
|
1625
|
+
userInfo.password = await getService$1("auth").hashPassword(attributes.password);
|
|
1625
1626
|
}
|
|
1626
1627
|
const user2 = createUser(userInfo);
|
|
1627
1628
|
const createdUser = await strapi.db.query("admin::user").create({ data: user2, populate: ["roles"] });
|
|
1628
|
-
getService("metrics").sendDidInviteUser();
|
|
1629
|
-
strapi.eventHub.emit("user.create", { user: sanitizeUser(createdUser) });
|
|
1629
|
+
getService$1("metrics").sendDidInviteUser();
|
|
1630
|
+
strapi.eventHub.emit("user.create", { user: sanitizeUser$1(createdUser) });
|
|
1630
1631
|
return createdUser;
|
|
1631
1632
|
};
|
|
1632
|
-
const updateById = async (id, attributes) => {
|
|
1633
|
+
const updateById$1 = async (id, attributes) => {
|
|
1633
1634
|
if (___default.has(attributes, "roles")) {
|
|
1634
|
-
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
1635
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1635
|
+
const lastAdminUser = await isLastSuperAdminUser$1(id);
|
|
1636
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1636
1637
|
const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles, superAdminRole.id);
|
|
1637
1638
|
if (lastAdminUser && willRemoveSuperAdminRole) {
|
|
1638
|
-
throw new ValidationError$
|
|
1639
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1639
1640
|
}
|
|
1640
1641
|
}
|
|
1641
1642
|
if (attributes.isActive === false) {
|
|
1642
|
-
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
1643
|
+
const lastAdminUser = await isLastSuperAdminUser$1(id);
|
|
1643
1644
|
if (lastAdminUser) {
|
|
1644
|
-
throw new ValidationError$
|
|
1645
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1645
1646
|
}
|
|
1646
1647
|
}
|
|
1647
1648
|
if (___default.has(attributes, "password")) {
|
|
1648
|
-
const hashedPassword = await getService("auth").hashPassword(attributes.password);
|
|
1649
|
+
const hashedPassword = await getService$1("auth").hashPassword(attributes.password);
|
|
1649
1650
|
const updatedUser2 = await strapi.db.query("admin::user").update({
|
|
1650
1651
|
where: { id },
|
|
1651
1652
|
data: {
|
|
@@ -1654,7 +1655,7 @@ const updateById = async (id, attributes) => {
|
|
|
1654
1655
|
},
|
|
1655
1656
|
populate: ["roles"]
|
|
1656
1657
|
});
|
|
1657
|
-
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser2) });
|
|
1658
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser$1(updatedUser2) });
|
|
1658
1659
|
return updatedUser2;
|
|
1659
1660
|
}
|
|
1660
1661
|
const updatedUser = await strapi.db.query("admin::user").update({
|
|
@@ -1663,7 +1664,7 @@ const updateById = async (id, attributes) => {
|
|
|
1663
1664
|
populate: ["roles"]
|
|
1664
1665
|
});
|
|
1665
1666
|
if (updatedUser) {
|
|
1666
|
-
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser) });
|
|
1667
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser$1(updatedUser) });
|
|
1667
1668
|
}
|
|
1668
1669
|
return updatedUser;
|
|
1669
1670
|
};
|
|
@@ -1675,17 +1676,17 @@ const resetPasswordByEmail = async (email2, password$1) => {
|
|
|
1675
1676
|
try {
|
|
1676
1677
|
await password.validate(password$1);
|
|
1677
1678
|
} catch (error) {
|
|
1678
|
-
throw new ValidationError$
|
|
1679
|
+
throw new ValidationError$6(
|
|
1679
1680
|
"Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter"
|
|
1680
1681
|
);
|
|
1681
1682
|
}
|
|
1682
|
-
await updateById(user2.id, { password: password$1 });
|
|
1683
|
+
await updateById$1(user2.id, { password: password$1 });
|
|
1683
1684
|
};
|
|
1684
|
-
const isLastSuperAdminUser = async (userId) => {
|
|
1685
|
-
const user2 = await findOne$
|
|
1685
|
+
const isLastSuperAdminUser$1 = async (userId) => {
|
|
1686
|
+
const user2 = await findOne$2(userId);
|
|
1686
1687
|
if (!user2)
|
|
1687
1688
|
return false;
|
|
1688
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1689
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1689
1690
|
return superAdminRole.usersCount === 1 && hasSuperAdminRole$1(user2);
|
|
1690
1691
|
};
|
|
1691
1692
|
const exists$3 = async (attributes = {}) => {
|
|
@@ -1698,15 +1699,15 @@ const findRegistrationInfo = async (registrationToken) => {
|
|
|
1698
1699
|
}
|
|
1699
1700
|
return ___default.pick(user2, ["email", "firstname", "lastname"]);
|
|
1700
1701
|
};
|
|
1701
|
-
const register = async ({
|
|
1702
|
+
const register$1 = async ({
|
|
1702
1703
|
registrationToken,
|
|
1703
1704
|
userInfo
|
|
1704
1705
|
}) => {
|
|
1705
1706
|
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { registrationToken } });
|
|
1706
1707
|
if (!matchingUser) {
|
|
1707
|
-
throw new ValidationError$
|
|
1708
|
+
throw new ValidationError$6("Invalid registration info");
|
|
1708
1709
|
}
|
|
1709
|
-
return getService("user").updateById(matchingUser.id, {
|
|
1710
|
+
return getService$1("user").updateById(matchingUser.id, {
|
|
1710
1711
|
password: userInfo.password,
|
|
1711
1712
|
firstname: userInfo.firstname,
|
|
1712
1713
|
lastname: userInfo.lastname,
|
|
@@ -1714,7 +1715,7 @@ const register = async ({
|
|
|
1714
1715
|
isActive: true
|
|
1715
1716
|
});
|
|
1716
1717
|
};
|
|
1717
|
-
const findOne$
|
|
1718
|
+
const findOne$2 = async (id, populate = ["roles"]) => {
|
|
1718
1719
|
return strapi.db.query("admin::user").findOne({ where: { id }, populate });
|
|
1719
1720
|
};
|
|
1720
1721
|
const findOneByEmail = async (email2, populate = []) => {
|
|
@@ -1727,7 +1728,7 @@ const findPage = async (params = {}) => {
|
|
|
1727
1728
|
const query = strapi.get("query-params").transform("admin::user", defaults({ populate: ["roles"] }, params));
|
|
1728
1729
|
return strapi.db.query("admin::user").findPage(query);
|
|
1729
1730
|
};
|
|
1730
|
-
const deleteById = async (id) => {
|
|
1731
|
+
const deleteById$1 = async (id) => {
|
|
1731
1732
|
const userToDelete = await strapi.db.query("admin::user").findOne({
|
|
1732
1733
|
where: { id },
|
|
1733
1734
|
populate: ["roles"]
|
|
@@ -1736,19 +1737,19 @@ const deleteById = async (id) => {
|
|
|
1736
1737
|
return null;
|
|
1737
1738
|
}
|
|
1738
1739
|
if (userToDelete) {
|
|
1739
|
-
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$
|
|
1740
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1740
|
+
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$4)) {
|
|
1741
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1741
1742
|
if (superAdminRole.usersCount === 1) {
|
|
1742
|
-
throw new ValidationError$
|
|
1743
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1743
1744
|
}
|
|
1744
1745
|
}
|
|
1745
1746
|
}
|
|
1746
1747
|
const deletedUser = await strapi.db.query("admin::user").delete({ where: { id }, populate: ["roles"] });
|
|
1747
|
-
strapi.eventHub.emit("user.delete", { user: sanitizeUser(deletedUser) });
|
|
1748
|
+
strapi.eventHub.emit("user.delete", { user: sanitizeUser$1(deletedUser) });
|
|
1748
1749
|
return deletedUser;
|
|
1749
1750
|
};
|
|
1750
|
-
const deleteByIds$
|
|
1751
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1751
|
+
const deleteByIds$3 = async (ids) => {
|
|
1752
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1752
1753
|
const nbOfSuperAdminToDelete = await strapi.db.query("admin::user").count({
|
|
1753
1754
|
where: {
|
|
1754
1755
|
id: ids,
|
|
@@ -1756,7 +1757,7 @@ const deleteByIds$2 = async (ids) => {
|
|
|
1756
1757
|
}
|
|
1757
1758
|
});
|
|
1758
1759
|
if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
|
|
1759
|
-
throw new ValidationError$
|
|
1760
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1760
1761
|
}
|
|
1761
1762
|
const deletedUsers = [];
|
|
1762
1763
|
for (const id of ids) {
|
|
@@ -1767,7 +1768,7 @@ const deleteByIds$2 = async (ids) => {
|
|
|
1767
1768
|
deletedUsers.push(deletedUser);
|
|
1768
1769
|
}
|
|
1769
1770
|
strapi.eventHub.emit("user.delete", {
|
|
1770
|
-
users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser))
|
|
1771
|
+
users: deletedUsers.map((deletedUser) => sanitizeUser$1(deletedUser))
|
|
1771
1772
|
});
|
|
1772
1773
|
return deletedUsers;
|
|
1773
1774
|
};
|
|
@@ -1809,18 +1810,18 @@ const getLanguagesInUse = async () => {
|
|
|
1809
1810
|
const users2 = await strapi.db.query("admin::user").findMany({ select: ["preferedLanguage"] });
|
|
1810
1811
|
return users2.map((user2) => user2.preferedLanguage || "en");
|
|
1811
1812
|
};
|
|
1812
|
-
const user$
|
|
1813
|
+
const user$3 = {
|
|
1813
1814
|
create: create$5,
|
|
1814
|
-
updateById,
|
|
1815
|
+
updateById: updateById$1,
|
|
1815
1816
|
exists: exists$3,
|
|
1816
1817
|
findRegistrationInfo,
|
|
1817
|
-
register,
|
|
1818
|
-
sanitizeUser,
|
|
1819
|
-
findOne: findOne$
|
|
1818
|
+
register: register$1,
|
|
1819
|
+
sanitizeUser: sanitizeUser$1,
|
|
1820
|
+
findOne: findOne$2,
|
|
1820
1821
|
findOneByEmail,
|
|
1821
1822
|
findPage,
|
|
1822
|
-
deleteById,
|
|
1823
|
-
deleteByIds: deleteByIds$
|
|
1823
|
+
deleteById: deleteById$1,
|
|
1824
|
+
deleteByIds: deleteByIds$3,
|
|
1824
1825
|
countUsersWithoutRole,
|
|
1825
1826
|
count: count$1,
|
|
1826
1827
|
assignARoleToAll,
|
|
@@ -1910,7 +1911,7 @@ const checkPermissionsSchema = yup.object().shape({
|
|
|
1910
1911
|
)
|
|
1911
1912
|
});
|
|
1912
1913
|
const checkPermissionsExist = function(permissions2) {
|
|
1913
|
-
const existingActions = getService("permission").actionProvider.values();
|
|
1914
|
+
const existingActions = getService$1("permission").actionProvider.values();
|
|
1914
1915
|
const failIndex = permissions2.findIndex(
|
|
1915
1916
|
(permission2) => !existingActions.some(
|
|
1916
1917
|
(action2) => action2.actionId === permission2.action && (action2.section !== "contentTypes" || action2.subjects.includes(permission2.subject))
|
|
@@ -1932,9 +1933,9 @@ const actionsExistSchema = yup.array().of(
|
|
|
1932
1933
|
const validatePermissionsExist = validateYupSchema(actionsExistSchema);
|
|
1933
1934
|
const validateCheckPermissionsInput = validateYupSchema(checkPermissionsSchema);
|
|
1934
1935
|
const validatedUpdatePermissionsInput = validateYupSchema(validators.updatePermissions);
|
|
1935
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1936
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$3, CONTENT_TYPE_SECTION } = constants$3;
|
|
1936
1937
|
const { createAsyncSeriesWaterfallHook } = hooks$1;
|
|
1937
|
-
const { ApplicationError: ApplicationError$
|
|
1938
|
+
const { ApplicationError: ApplicationError$9 } = errors;
|
|
1938
1939
|
const hooks = {
|
|
1939
1940
|
willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook()
|
|
1940
1941
|
};
|
|
@@ -1957,7 +1958,7 @@ const arePermissionsEqual = (p1, p2) => {
|
|
|
1957
1958
|
const create$3 = async (attributes) => {
|
|
1958
1959
|
const alreadyExists = await exists$2({ name: attributes.name });
|
|
1959
1960
|
if (alreadyExists) {
|
|
1960
|
-
throw new ApplicationError$
|
|
1961
|
+
throw new ApplicationError$9(
|
|
1961
1962
|
`The name must be unique and a role with name \`${attributes.name}\` already exists.`
|
|
1962
1963
|
);
|
|
1963
1964
|
}
|
|
@@ -1970,7 +1971,7 @@ const create$3 = async (attributes) => {
|
|
|
1970
1971
|
strapi.eventHub.emit("role.create", { role: sanitizeRole(result) });
|
|
1971
1972
|
return result;
|
|
1972
1973
|
};
|
|
1973
|
-
const findOne = (params = {}, populate) => {
|
|
1974
|
+
const findOne$1 = (params = {}, populate) => {
|
|
1974
1975
|
return strapi.db.query("admin::role").findOne({ where: params, populate });
|
|
1975
1976
|
};
|
|
1976
1977
|
const findOneWithUsersCount = async (params = {}, populate) => {
|
|
@@ -1998,7 +1999,7 @@ const update$3 = async (params, attributes) => {
|
|
|
1998
1999
|
id: { $ne: params.id }
|
|
1999
2000
|
});
|
|
2000
2001
|
if (alreadyExists) {
|
|
2001
|
-
throw new ApplicationError$
|
|
2002
|
+
throw new ApplicationError$9(
|
|
2002
2003
|
`The name must be unique and a role with name \`${sanitizedAttributes.name}\` already exists.`
|
|
2003
2004
|
);
|
|
2004
2005
|
}
|
|
@@ -2017,18 +2018,18 @@ const count = async (params = {}) => {
|
|
|
2017
2018
|
const checkRolesIdForDeletion = async (ids = []) => {
|
|
2018
2019
|
const superAdminRole = await getSuperAdmin();
|
|
2019
2020
|
if (superAdminRole && arrays.includesString(ids, superAdminRole.id)) {
|
|
2020
|
-
throw new ApplicationError$
|
|
2021
|
+
throw new ApplicationError$9("You cannot delete the super admin role");
|
|
2021
2022
|
}
|
|
2022
2023
|
for (const roleId of ids) {
|
|
2023
2024
|
const usersCount = await getUsersCount(roleId);
|
|
2024
2025
|
if (usersCount !== 0) {
|
|
2025
|
-
throw new ApplicationError$
|
|
2026
|
+
throw new ApplicationError$9("Some roles are still assigned to some users");
|
|
2026
2027
|
}
|
|
2027
2028
|
}
|
|
2028
2029
|
};
|
|
2029
|
-
const deleteByIds$
|
|
2030
|
+
const deleteByIds$2 = async (ids = []) => {
|
|
2030
2031
|
await checkRolesIdForDeletion(ids);
|
|
2031
|
-
await getService("permission").deleteByRolesIds(ids);
|
|
2032
|
+
await getService$1("permission").deleteByRolesIds(ids);
|
|
2032
2033
|
const deletedRoles = [];
|
|
2033
2034
|
for (const id of ids) {
|
|
2034
2035
|
const deletedRole = await strapi.db.query("admin::role").delete({ where: { id } });
|
|
@@ -2042,14 +2043,14 @@ const deleteByIds$1 = async (ids = []) => {
|
|
|
2042
2043
|
const getUsersCount = async (roleId) => {
|
|
2043
2044
|
return strapi.db.query("admin::user").count({ where: { roles: { id: roleId } } });
|
|
2044
2045
|
};
|
|
2045
|
-
const getSuperAdmin = () => findOne({ code: SUPER_ADMIN_CODE$
|
|
2046
|
-
const getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE$
|
|
2046
|
+
const getSuperAdmin = () => findOne$1({ code: SUPER_ADMIN_CODE$3 });
|
|
2047
|
+
const getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE$3 });
|
|
2047
2048
|
const createRolesIfNoneExist = async () => {
|
|
2048
2049
|
const someRolesExist = await exists$2();
|
|
2049
2050
|
if (someRolesExist) {
|
|
2050
2051
|
return;
|
|
2051
2052
|
}
|
|
2052
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
2053
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
2053
2054
|
const allActions = actionProvider2.values();
|
|
2054
2055
|
const contentTypesActions = allActions.filter((a) => a.section === "contentTypes");
|
|
2055
2056
|
const superAdminRole = await create$3({
|
|
@@ -2057,7 +2058,7 @@ const createRolesIfNoneExist = async () => {
|
|
|
2057
2058
|
code: "strapi-super-admin",
|
|
2058
2059
|
description: "Super Admins can access and manage all features and settings."
|
|
2059
2060
|
});
|
|
2060
|
-
await getService("user").assignARoleToAll(superAdminRole.id);
|
|
2061
|
+
await getService$1("user").assignARoleToAll(superAdminRole.id);
|
|
2061
2062
|
const editorRole = await create$3({
|
|
2062
2063
|
name: "Editor",
|
|
2063
2064
|
code: "strapi-editor",
|
|
@@ -2068,7 +2069,7 @@ const createRolesIfNoneExist = async () => {
|
|
|
2068
2069
|
code: "strapi-author",
|
|
2069
2070
|
description: "Authors can manage the content they have created."
|
|
2070
2071
|
});
|
|
2071
|
-
const editorPermissions = getService("content-type").getPermissionsWithNestedFields(
|
|
2072
|
+
const editorPermissions = getService$1("content-type").getPermissionsWithNestedFields(
|
|
2072
2073
|
contentTypesActions,
|
|
2073
2074
|
{
|
|
2074
2075
|
restrictedSubjects: ["plugin::users-permissions.user"]
|
|
@@ -2095,7 +2096,7 @@ const getDefaultPluginPermissions = ({ isAuthor = false } = {}) => {
|
|
|
2095
2096
|
};
|
|
2096
2097
|
const displayWarningIfNoSuperAdmin = async () => {
|
|
2097
2098
|
const superAdminRole = await getSuperAdminWithUsersCount();
|
|
2098
|
-
const someUsersExists = await getService("user").exists();
|
|
2099
|
+
const someUsersExists = await getService$1("user").exists();
|
|
2099
2100
|
if (!superAdminRole) {
|
|
2100
2101
|
strapi.log.warn("Your application doesn't have a super admin role.");
|
|
2101
2102
|
} else if (someUsersExists && superAdminRole.usersCount === 0) {
|
|
@@ -2104,12 +2105,12 @@ const displayWarningIfNoSuperAdmin = async () => {
|
|
|
2104
2105
|
};
|
|
2105
2106
|
const assignPermissions = async (roleId, permissions2 = []) => {
|
|
2106
2107
|
await validatePermissionsExist(permissions2);
|
|
2107
|
-
const internalActions = getService("permission").actionProvider.values().filter((action2) => action2.section === "internal").map((action2) => action2.actionId);
|
|
2108
|
-
const superAdmin = await getService("role").getSuperAdmin();
|
|
2108
|
+
const internalActions = getService$1("permission").actionProvider.values().filter((action2) => action2.section === "internal").map((action2) => action2.actionId);
|
|
2109
|
+
const superAdmin = await getService$1("role").getSuperAdmin();
|
|
2109
2110
|
const isSuperAdmin = superAdmin && superAdmin.id === roleId;
|
|
2110
2111
|
const assignRole = set("role", roleId);
|
|
2111
2112
|
const permissionsWithRole = permissions2.map(assignRole).map(permissionDomain.create);
|
|
2112
|
-
const existingPermissions = await getService("permission").findMany({
|
|
2113
|
+
const existingPermissions = await getService$1("permission").findMany({
|
|
2113
2114
|
where: { role: { id: roleId } },
|
|
2114
2115
|
populate: ["role"]
|
|
2115
2116
|
});
|
|
@@ -2125,31 +2126,31 @@ const assignPermissions = async (roleId, permissions2 = []) => {
|
|
|
2125
2126
|
).filter((permission2) => !internalActions.includes(permission2.action));
|
|
2126
2127
|
const permissionsToReturn = differenceBy("id", permissionsToDelete, existingPermissions);
|
|
2127
2128
|
if (permissionsToDelete.length > 0) {
|
|
2128
|
-
await getService("permission").deleteByIds(permissionsToDelete.map(prop("id")));
|
|
2129
|
+
await getService$1("permission").deleteByIds(permissionsToDelete.map(prop("id")));
|
|
2129
2130
|
}
|
|
2130
2131
|
if (permissionsToAdd.length > 0) {
|
|
2131
2132
|
const newPermissions = await addPermissions(roleId, permissionsToAdd);
|
|
2132
2133
|
permissionsToReturn.push(...newPermissions);
|
|
2133
2134
|
}
|
|
2134
2135
|
if (!isSuperAdmin && (permissionsToAdd.length || permissionsToDelete.length)) {
|
|
2135
|
-
await getService("metrics").sendDidUpdateRolePermissions();
|
|
2136
|
+
await getService$1("metrics").sendDidUpdateRolePermissions();
|
|
2136
2137
|
}
|
|
2137
2138
|
return permissionsToReturn;
|
|
2138
2139
|
};
|
|
2139
2140
|
const addPermissions = async (roleId, permissions2) => {
|
|
2140
|
-
const { conditionProvider: conditionProvider2, createMany: createMany2 } = getService("permission");
|
|
2141
|
+
const { conditionProvider: conditionProvider2, createMany: createMany2 } = getService$1("permission");
|
|
2141
2142
|
const { sanitizeConditions: sanitizeConditions2 } = permissionDomain;
|
|
2142
2143
|
const permissionsWithRole = permissions2.map(set("role", roleId)).map(sanitizeConditions2(conditionProvider2)).map(permissionDomain.create);
|
|
2143
2144
|
return createMany2(permissionsWithRole);
|
|
2144
2145
|
};
|
|
2145
2146
|
const isContentTypeAction = (action2) => action2.section === CONTENT_TYPE_SECTION;
|
|
2146
2147
|
const resetSuperAdminPermissions = async () => {
|
|
2147
|
-
const superAdminRole = await getService("role").getSuperAdmin();
|
|
2148
|
+
const superAdminRole = await getService$1("role").getSuperAdmin();
|
|
2148
2149
|
if (!superAdminRole) {
|
|
2149
2150
|
return;
|
|
2150
2151
|
}
|
|
2151
|
-
const permissionService = getService("permission");
|
|
2152
|
-
const contentTypeService = getService("content-type");
|
|
2152
|
+
const permissionService = getService$1("permission");
|
|
2153
|
+
const contentTypeService = getService$1("content-type");
|
|
2153
2154
|
const allActions = permissionService.actionProvider.values();
|
|
2154
2155
|
const contentTypesActions = allActions.filter((action2) => isContentTypeAction(action2));
|
|
2155
2156
|
const otherActions = allActions.filter((action2) => !isContentTypeAction(action2));
|
|
@@ -2175,23 +2176,23 @@ const resetSuperAdminPermissions = async () => {
|
|
|
2175
2176
|
};
|
|
2176
2177
|
const hasSuperAdminRole = (user2) => {
|
|
2177
2178
|
const roles2 = ___default.get(user2, "roles", []);
|
|
2178
|
-
return roles2.map(prop("code")).includes(SUPER_ADMIN_CODE$
|
|
2179
|
+
return roles2.map(prop("code")).includes(SUPER_ADMIN_CODE$3);
|
|
2179
2180
|
};
|
|
2180
2181
|
const constants$2 = {
|
|
2181
|
-
superAdminCode: SUPER_ADMIN_CODE$
|
|
2182
|
+
superAdminCode: SUPER_ADMIN_CODE$3
|
|
2182
2183
|
};
|
|
2183
|
-
const role$
|
|
2184
|
+
const role$3 = {
|
|
2184
2185
|
hooks,
|
|
2185
2186
|
sanitizeRole,
|
|
2186
2187
|
create: create$3,
|
|
2187
|
-
findOne,
|
|
2188
|
+
findOne: findOne$1,
|
|
2188
2189
|
findOneWithUsersCount,
|
|
2189
2190
|
find,
|
|
2190
2191
|
findAllWithUsersCount,
|
|
2191
2192
|
update: update$3,
|
|
2192
2193
|
exists: exists$2,
|
|
2193
2194
|
count,
|
|
2194
|
-
deleteByIds: deleteByIds$
|
|
2195
|
+
deleteByIds: deleteByIds$2,
|
|
2195
2196
|
getUsersCount,
|
|
2196
2197
|
getSuperAdmin,
|
|
2197
2198
|
getSuperAdminWithUsersCount,
|
|
@@ -2212,7 +2213,7 @@ const createLocalStrategy = (strapi2, middleware) => {
|
|
|
2212
2213
|
session: false
|
|
2213
2214
|
},
|
|
2214
2215
|
(email2, password2, done) => {
|
|
2215
|
-
return getService("auth").checkCredentials({ email: toLower(email2), password: password2 }).then(async ([error, user2, message]) => {
|
|
2216
|
+
return getService$1("auth").checkCredentials({ email: toLower(email2), password: password2 }).then(async ([error, user2, message]) => {
|
|
2216
2217
|
if (middleware) {
|
|
2217
2218
|
return middleware([error, user2, message], done);
|
|
2218
2219
|
}
|
|
@@ -2229,7 +2230,7 @@ const valueIsFunctionType = ([, value]) => isFunction(value);
|
|
|
2229
2230
|
const keyIsValidEventName = ([key]) => {
|
|
2230
2231
|
return Object.keys(strapi.service("admin::passport").authEventsMapper).includes(key);
|
|
2231
2232
|
};
|
|
2232
|
-
const getPassportStrategies = () => [createLocalStrategy(strapi)];
|
|
2233
|
+
const getPassportStrategies$1 = () => [createLocalStrategy(strapi)];
|
|
2233
2234
|
const registerAuthEvents = () => {
|
|
2234
2235
|
const { events = {} } = strapi.config.get("admin.auth", {});
|
|
2235
2236
|
const { authEventsMapper: authEventsMapper2 } = strapi.service("admin::passport");
|
|
@@ -2239,14 +2240,14 @@ const registerAuthEvents = () => {
|
|
|
2239
2240
|
}
|
|
2240
2241
|
};
|
|
2241
2242
|
const init = () => {
|
|
2242
|
-
strapi.service("admin::passport").getPassportStrategies().forEach((strategy) => passport$
|
|
2243
|
+
strapi.service("admin::passport").getPassportStrategies().forEach((strategy) => passport$2.use(strategy));
|
|
2243
2244
|
registerAuthEvents();
|
|
2244
|
-
return passport$
|
|
2245
|
+
return passport$2.initialize();
|
|
2245
2246
|
};
|
|
2246
|
-
const passport = { init, getPassportStrategies, authEventsMapper };
|
|
2247
|
+
const passport$1 = { init, getPassportStrategies: getPassportStrategies$1, authEventsMapper };
|
|
2247
2248
|
const sendDidInviteUser = async () => {
|
|
2248
|
-
const numberOfUsers = await getService("user").count();
|
|
2249
|
-
const numberOfRoles = await getService("role").count();
|
|
2249
|
+
const numberOfUsers = await getService$1("user").count();
|
|
2250
|
+
const numberOfRoles = await getService$1("role").count();
|
|
2250
2251
|
strapi.telemetry.send("didInviteUser", {
|
|
2251
2252
|
groupProperties: { numberOfRoles, numberOfUsers }
|
|
2252
2253
|
});
|
|
@@ -2255,27 +2256,27 @@ const sendDidUpdateRolePermissions = async () => {
|
|
|
2255
2256
|
strapi.telemetry.send("didUpdateRolePermissions");
|
|
2256
2257
|
};
|
|
2257
2258
|
const sendDidChangeInterfaceLanguage = async () => {
|
|
2258
|
-
const languagesInUse = await getService("user").getLanguagesInUse();
|
|
2259
|
+
const languagesInUse = await getService$1("user").getLanguagesInUse();
|
|
2259
2260
|
strapi.telemetry.send("didChangeInterfaceLanguage", { userProperties: { languagesInUse } });
|
|
2260
2261
|
};
|
|
2261
|
-
const sendUpdateProjectInformation = async (strapi2) => {
|
|
2262
|
-
const numberOfActiveAdminUsers = await getService("user").count({ isActive: true });
|
|
2263
|
-
const numberOfAdminUsers = await getService("user").count();
|
|
2262
|
+
const sendUpdateProjectInformation$1 = async (strapi2) => {
|
|
2263
|
+
const numberOfActiveAdminUsers = await getService$1("user").count({ isActive: true });
|
|
2264
|
+
const numberOfAdminUsers = await getService$1("user").count();
|
|
2264
2265
|
strapi2.telemetry.send("didUpdateProjectInformation", {
|
|
2265
2266
|
groupProperties: { numberOfActiveAdminUsers, numberOfAdminUsers }
|
|
2266
2267
|
});
|
|
2267
2268
|
};
|
|
2268
|
-
const startCron = (strapi2) => {
|
|
2269
|
+
const startCron$1 = (strapi2) => {
|
|
2269
2270
|
strapi2.cron.add({
|
|
2270
|
-
"0 0 0 * * *": () => sendUpdateProjectInformation(strapi2)
|
|
2271
|
+
"0 0 0 * * *": () => sendUpdateProjectInformation$1(strapi2)
|
|
2271
2272
|
});
|
|
2272
2273
|
};
|
|
2273
|
-
const metrics = {
|
|
2274
|
+
const metrics$1 = {
|
|
2274
2275
|
sendDidInviteUser,
|
|
2275
2276
|
sendDidUpdateRolePermissions,
|
|
2276
2277
|
sendDidChangeInterfaceLanguage,
|
|
2277
|
-
sendUpdateProjectInformation,
|
|
2278
|
-
startCron
|
|
2278
|
+
sendUpdateProjectInformation: sendUpdateProjectInformation$1,
|
|
2279
|
+
startCron: startCron$1
|
|
2279
2280
|
};
|
|
2280
2281
|
const defaultJwtOptions = { expiresIn: "30d" };
|
|
2281
2282
|
const getTokenOptions = () => {
|
|
@@ -2370,7 +2371,7 @@ const registerProviderActionSchema = yup.array().required().of(
|
|
|
2370
2371
|
}).noUnknown()
|
|
2371
2372
|
);
|
|
2372
2373
|
const validateRegisterProviderAction = validateYupSchemaSync(registerProviderActionSchema);
|
|
2373
|
-
const { ApplicationError: ApplicationError$
|
|
2374
|
+
const { ApplicationError: ApplicationError$8 } = errors;
|
|
2374
2375
|
const createActionProvider = (options) => {
|
|
2375
2376
|
const provider = providerFactory(options);
|
|
2376
2377
|
const actionHooks = {
|
|
@@ -2400,7 +2401,7 @@ const createActionProvider = (options) => {
|
|
|
2400
2401
|
async appliesToProperty(property, actionId, subject2) {
|
|
2401
2402
|
const action2 = provider.get(actionId);
|
|
2402
2403
|
if (!action2) {
|
|
2403
|
-
throw new ApplicationError$
|
|
2404
|
+
throw new ApplicationError$8(`No action found with id "${actionId}"`);
|
|
2404
2405
|
}
|
|
2405
2406
|
const appliesToAction = actionDomain.appliesToProperty(property, action2);
|
|
2406
2407
|
if (!appliesToAction) {
|
|
@@ -2505,7 +2506,7 @@ const {
|
|
|
2505
2506
|
getNonVisibleAttributes: getNonVisibleAttributes$1,
|
|
2506
2507
|
getNonWritableAttributes,
|
|
2507
2508
|
getWritableAttributes: getWritableAttributes$1
|
|
2508
|
-
} = contentTypes;
|
|
2509
|
+
} = contentTypes$1;
|
|
2509
2510
|
const {
|
|
2510
2511
|
ID_ATTRIBUTE: ID_ATTRIBUTE$1,
|
|
2511
2512
|
DOC_ID_ATTRIBUTE: DOC_ID_ATTRIBUTE$1,
|
|
@@ -2705,9 +2706,9 @@ const createSanitizeHelpers = ({ action: action2, ability, model }) => {
|
|
|
2705
2706
|
sanitizeQuery: wrapSanitize(createSanitizeQuery)
|
|
2706
2707
|
};
|
|
2707
2708
|
};
|
|
2708
|
-
const { ValidationError: ValidationError$
|
|
2709
|
+
const { ValidationError: ValidationError$5 } = errors;
|
|
2709
2710
|
const { throwPassword, throwDisallowedFields } = validate.visitors;
|
|
2710
|
-
const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = contentTypes;
|
|
2711
|
+
const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = contentTypes$1;
|
|
2711
2712
|
const {
|
|
2712
2713
|
ID_ATTRIBUTE,
|
|
2713
2714
|
DOC_ID_ATTRIBUTE,
|
|
@@ -2721,7 +2722,7 @@ const COMPONENT_FIELDS = ["__component"];
|
|
|
2721
2722
|
const STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];
|
|
2722
2723
|
const throwInvalidKey = ({ key, path: path2 }) => {
|
|
2723
2724
|
const msg = path2 && path2 !== key ? `Invalid key ${key} at ${path2}` : `Invalid key ${key}`;
|
|
2724
|
-
throw new ValidationError$
|
|
2725
|
+
throw new ValidationError$5(msg);
|
|
2725
2726
|
};
|
|
2726
2727
|
const createValidateHelpers = ({ action: action2, ability, model }) => {
|
|
2727
2728
|
const schema = strapi.getModel(model);
|
|
@@ -2906,7 +2907,7 @@ const unwrapDeep = (obj) => {
|
|
|
2906
2907
|
{}
|
|
2907
2908
|
);
|
|
2908
2909
|
};
|
|
2909
|
-
const index
|
|
2910
|
+
const index = ({ ability, action: action2, model }) => ({
|
|
2910
2911
|
ability,
|
|
2911
2912
|
action: action2,
|
|
2912
2913
|
model,
|
|
@@ -2979,7 +2980,7 @@ const createPermissionEngine = (params) => {
|
|
|
2979
2980
|
* @param user
|
|
2980
2981
|
*/
|
|
2981
2982
|
async generateUserAbility(user2) {
|
|
2982
|
-
const permissions2 = await getService("permission").findUserPermissions(user2);
|
|
2983
|
+
const permissions2 = await getService$1("permission").findUserPermissions(user2);
|
|
2983
2984
|
return engine2.generateAbility(permissions2, user2);
|
|
2984
2985
|
},
|
|
2985
2986
|
/**
|
|
@@ -3099,7 +3100,7 @@ const toSubjectTemplate = (ct) => ({
|
|
|
3099
3100
|
label: ct.info.singularName,
|
|
3100
3101
|
properties: []
|
|
3101
3102
|
});
|
|
3102
|
-
const { isVisibleAttribute } = contentTypes;
|
|
3103
|
+
const { isVisibleAttribute } = contentTypes$1;
|
|
3103
3104
|
const settings = ({ action: action2, section }) => {
|
|
3104
3105
|
const { category, subCategory, displayName, actionId } = action2;
|
|
3105
3106
|
section.push({
|
|
@@ -3209,10 +3210,10 @@ const deleteByRolesIds = async (rolesIds) => {
|
|
|
3209
3210
|
}
|
|
3210
3211
|
});
|
|
3211
3212
|
if (permissionsToDelete.length > 0) {
|
|
3212
|
-
await deleteByIds(permissionsToDelete.map(prop("id")));
|
|
3213
|
+
await deleteByIds$1(permissionsToDelete.map(prop("id")));
|
|
3213
3214
|
}
|
|
3214
3215
|
};
|
|
3215
|
-
const deleteByIds = async (ids) => {
|
|
3216
|
+
const deleteByIds$1 = async (ids) => {
|
|
3216
3217
|
const result = [];
|
|
3217
3218
|
for (const id of ids) {
|
|
3218
3219
|
const queryResult = await strapi.db.query("admin::permission").delete({ where: { id } });
|
|
@@ -3244,7 +3245,7 @@ const findUserPermissions = async (user2) => {
|
|
|
3244
3245
|
return findMany({ where: { role: { users: { id: user2.id } } } });
|
|
3245
3246
|
};
|
|
3246
3247
|
const filterPermissionsToRemove = async (permissions2) => {
|
|
3247
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3248
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3248
3249
|
const permissionsToRemove = [];
|
|
3249
3250
|
for (const permission2 of permissions2) {
|
|
3250
3251
|
const { subjects, options = {} } = actionProvider2.get(permission2.action) || {};
|
|
@@ -3270,7 +3271,7 @@ const filterPermissionsToRemove = async (permissions2) => {
|
|
|
3270
3271
|
};
|
|
3271
3272
|
const cleanPermissionsInDatabase = async () => {
|
|
3272
3273
|
const pageSize = 200;
|
|
3273
|
-
const contentTypeService = getService("content-type");
|
|
3274
|
+
const contentTypeService = getService$1("content-type");
|
|
3274
3275
|
const total = await strapi.db.query("admin::permission").count();
|
|
3275
3276
|
const pageCount = Math.ceil(total / pageSize);
|
|
3276
3277
|
for (let page = 0; page < pageCount; page += 1) {
|
|
@@ -3295,7 +3296,7 @@ const cleanPermissionsInDatabase = async () => {
|
|
|
3295
3296
|
return update$2({ id: permission2.id }, permission2);
|
|
3296
3297
|
};
|
|
3297
3298
|
await Promise.all([
|
|
3298
|
-
deleteByIds(permissionsIdToRemove),
|
|
3299
|
+
deleteByIds$1(permissionsIdToRemove),
|
|
3299
3300
|
pmap(permissionsNeedingToBeUpdated, updatePromiseProvider, {
|
|
3300
3301
|
concurrency: 100,
|
|
3301
3302
|
stopOnError: true
|
|
@@ -3316,8 +3317,8 @@ const permission$2 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.define
|
|
|
3316
3317
|
cleanPermissionsInDatabase,
|
|
3317
3318
|
conditionProvider,
|
|
3318
3319
|
createMany,
|
|
3319
|
-
createPermissionsManager: index
|
|
3320
|
-
deleteByIds,
|
|
3320
|
+
createPermissionsManager: index,
|
|
3321
|
+
deleteByIds: deleteByIds$1,
|
|
3321
3322
|
deleteByRolesIds,
|
|
3322
3323
|
engine: engine$1,
|
|
3323
3324
|
findMany,
|
|
@@ -3335,7 +3336,7 @@ const getNestedFields = (model, {
|
|
|
3335
3336
|
if (nestingLevel === 0) {
|
|
3336
3337
|
return prefix ? [prefix] : [];
|
|
3337
3338
|
}
|
|
3338
|
-
const nonAuthorizableFields = contentTypes.getNonVisibleAttributes(model);
|
|
3339
|
+
const nonAuthorizableFields = contentTypes$1.getNonVisibleAttributes(model);
|
|
3339
3340
|
return ___default.reduce(
|
|
3340
3341
|
model.attributes,
|
|
3341
3342
|
(fields, attr, key) => {
|
|
@@ -3372,7 +3373,7 @@ const getNestedFieldsWithIntermediate = (model, { prefix = "", nestingLevel = 15
|
|
|
3372
3373
|
if (nestingLevel === 0) {
|
|
3373
3374
|
return [];
|
|
3374
3375
|
}
|
|
3375
|
-
const nonAuthorizableFields = contentTypes.getNonVisibleAttributes(model);
|
|
3376
|
+
const nonAuthorizableFields = contentTypes$1.getNonVisibleAttributes(model);
|
|
3376
3377
|
return ___default.reduce(
|
|
3377
3378
|
model.attributes,
|
|
3378
3379
|
(fields, attr, key) => {
|
|
@@ -3414,7 +3415,7 @@ const getPermissionsWithNestedFields = (actions2, { nestingLevel, restrictedSubj
|
|
|
3414
3415
|
}, []);
|
|
3415
3416
|
};
|
|
3416
3417
|
const cleanPermissionFields = (permissions2, { nestingLevel } = {}) => {
|
|
3417
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3418
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3418
3419
|
return permissions2.map((permission2) => {
|
|
3419
3420
|
const {
|
|
3420
3421
|
action: actionId,
|
|
@@ -3453,7 +3454,7 @@ const contentType = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
3453
3454
|
getPermissionsWithNestedFields
|
|
3454
3455
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3455
3456
|
const isValidCondition = (condition2) => {
|
|
3456
|
-
const { conditionProvider: conditionProvider2 } = getService("permission");
|
|
3457
|
+
const { conditionProvider: conditionProvider2 } = getService$1("permission");
|
|
3457
3458
|
return isString(condition2) && conditionProvider2.has(condition2);
|
|
3458
3459
|
};
|
|
3459
3460
|
const condition = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
@@ -3463,9 +3464,9 @@ const condition = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePro
|
|
|
3463
3464
|
const { AUTHOR_CODE, PUBLISH_ACTION } = constants$3;
|
|
3464
3465
|
const { NotFoundError: NotFoundError$2 } = errors;
|
|
3465
3466
|
const getAllowedActionsForRole = async (roleId) => {
|
|
3466
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3467
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3467
3468
|
if (!isNil(roleId)) {
|
|
3468
|
-
const role2 = await getService("role").findOne({ id: roleId });
|
|
3469
|
+
const role2 = await getService$1("role").findOne({ id: roleId });
|
|
3469
3470
|
if (!role2) {
|
|
3470
3471
|
throw new NotFoundError$2("role.notFound");
|
|
3471
3472
|
}
|
|
@@ -3479,7 +3480,7 @@ const action = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProper
|
|
|
3479
3480
|
__proto__: null,
|
|
3480
3481
|
getAllowedActionsForRole
|
|
3481
3482
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3482
|
-
const { ValidationError: ValidationError$
|
|
3483
|
+
const { ValidationError: ValidationError$4, NotFoundError: NotFoundError$1 } = errors;
|
|
3483
3484
|
const SELECT_FIELDS$1 = [
|
|
3484
3485
|
"id",
|
|
3485
3486
|
"name",
|
|
@@ -3494,16 +3495,16 @@ const SELECT_FIELDS$1 = [
|
|
|
3494
3495
|
const POPULATE_FIELDS$1 = ["permissions"];
|
|
3495
3496
|
const assertCustomTokenPermissionsValidity = (type, permissions2) => {
|
|
3496
3497
|
if (type !== constants$3.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions2)) {
|
|
3497
|
-
throw new ValidationError$
|
|
3498
|
+
throw new ValidationError$4("Non-custom tokens should not reference permissions");
|
|
3498
3499
|
}
|
|
3499
3500
|
if (type === constants$3.API_TOKEN_TYPE.CUSTOM && !isArray(permissions2)) {
|
|
3500
|
-
throw new ValidationError$
|
|
3501
|
+
throw new ValidationError$4("Missing permissions attribute for custom token");
|
|
3501
3502
|
}
|
|
3502
3503
|
if (type === constants$3.API_TOKEN_TYPE.CUSTOM) {
|
|
3503
3504
|
const validPermissions = strapi.contentAPI.permissions.providers.action.keys();
|
|
3504
3505
|
const invalidPermissions = difference(permissions2, validPermissions);
|
|
3505
3506
|
if (!isEmpty(invalidPermissions)) {
|
|
3506
|
-
throw new ValidationError$
|
|
3507
|
+
throw new ValidationError$4(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
|
|
3507
3508
|
}
|
|
3508
3509
|
}
|
|
3509
3510
|
};
|
|
@@ -3518,7 +3519,7 @@ const isValidLifespan$1 = (lifespan) => {
|
|
|
3518
3519
|
};
|
|
3519
3520
|
const assertValidLifespan$1 = (lifespan) => {
|
|
3520
3521
|
if (!isValidLifespan$1(lifespan)) {
|
|
3521
|
-
throw new ValidationError$
|
|
3522
|
+
throw new ValidationError$4(
|
|
3522
3523
|
`lifespan must be one of the following values:
|
|
3523
3524
|
${Object.values(constants$3.API_TOKEN_LIFESPANS).join(", ")}`
|
|
3524
3525
|
);
|
|
@@ -3553,7 +3554,7 @@ const hash$1 = (accessKey) => {
|
|
|
3553
3554
|
const getExpirationFields$1 = (lifespan) => {
|
|
3554
3555
|
const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;
|
|
3555
3556
|
if (!isValidNumber && !isNil(lifespan)) {
|
|
3556
|
-
throw new ValidationError$
|
|
3557
|
+
throw new ValidationError$4("lifespan must be a positive number or null");
|
|
3557
3558
|
}
|
|
3558
3559
|
return {
|
|
3559
3560
|
lifespan: lifespan || null,
|
|
@@ -3717,7 +3718,7 @@ const permission$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.define
|
|
|
3717
3718
|
engine,
|
|
3718
3719
|
providers
|
|
3719
3720
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3720
|
-
const { ValidationError: ValidationError$
|
|
3721
|
+
const { ValidationError: ValidationError$3, NotFoundError } = errors;
|
|
3721
3722
|
const TRANSFER_TOKEN_UID = "admin::transfer-token";
|
|
3722
3723
|
const TRANSFER_TOKEN_PERMISSION_UID = "admin::transfer-token-permission";
|
|
3723
3724
|
const SELECT_FIELDS = [
|
|
@@ -3868,7 +3869,7 @@ const regenerate = async (id) => {
|
|
|
3868
3869
|
const getExpirationFields = (lifespan) => {
|
|
3869
3870
|
const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;
|
|
3870
3871
|
if (!isValidNumber && !isNil(lifespan)) {
|
|
3871
|
-
throw new ValidationError$
|
|
3872
|
+
throw new ValidationError$3("lifespan must be a positive number or null");
|
|
3872
3873
|
}
|
|
3873
3874
|
return {
|
|
3874
3875
|
lifespan: lifespan || null,
|
|
@@ -3876,14 +3877,14 @@ const getExpirationFields = (lifespan) => {
|
|
|
3876
3877
|
};
|
|
3877
3878
|
};
|
|
3878
3879
|
const hash = (accessKey) => {
|
|
3879
|
-
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService("transfer").utils;
|
|
3880
|
+
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService$1("transfer").utils;
|
|
3880
3881
|
if (!hasValidTokenSalt2()) {
|
|
3881
3882
|
throw new TypeError("Required token salt is not defined");
|
|
3882
3883
|
}
|
|
3883
3884
|
return crypto.createHmac("sha512", strapi.config.get("admin.transfer.token.salt")).update(accessKey).digest("hex");
|
|
3884
3885
|
};
|
|
3885
3886
|
const checkSaltIsDefined = () => {
|
|
3886
|
-
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService("transfer").utils;
|
|
3887
|
+
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService$1("transfer").utils;
|
|
3887
3888
|
if (!strapi.config.get("server.transfer.remote.enabled")) {
|
|
3888
3889
|
return;
|
|
3889
3890
|
}
|
|
@@ -3909,7 +3910,7 @@ const assertTokenPermissionsValidity = (attributes) => {
|
|
|
3909
3910
|
const validPermissions = permissionService.providers.action.keys();
|
|
3910
3911
|
const invalidPermissions = difference(attributes.permissions, validPermissions);
|
|
3911
3912
|
if (!isEmpty(invalidPermissions)) {
|
|
3912
|
-
throw new ValidationError$
|
|
3913
|
+
throw new ValidationError$3(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
|
|
3913
3914
|
}
|
|
3914
3915
|
};
|
|
3915
3916
|
const isValidLifespan = (lifespan) => {
|
|
@@ -3923,7 +3924,7 @@ const isValidLifespan = (lifespan) => {
|
|
|
3923
3924
|
};
|
|
3924
3925
|
const assertValidLifespan = (lifespan) => {
|
|
3925
3926
|
if (!isValidLifespan(lifespan)) {
|
|
3926
|
-
throw new ValidationError$
|
|
3927
|
+
throw new ValidationError$3(
|
|
3927
3928
|
`lifespan must be one of the following values:
|
|
3928
3929
|
${Object.values(constants$3.TRANSFER_TOKEN_LIFESPANS).join(", ")}`
|
|
3929
3930
|
);
|
|
@@ -3949,7 +3950,7 @@ const hasValidTokenSalt = () => {
|
|
|
3949
3950
|
return typeof salt === "string" && salt.length > 0;
|
|
3950
3951
|
};
|
|
3951
3952
|
const isRemoteTransferEnabled = () => {
|
|
3952
|
-
const { utils: utils2 } = getService("transfer");
|
|
3953
|
+
const { utils: utils2 } = getService$1("transfer");
|
|
3953
3954
|
if (env.bool("STRAPI_DISABLE_REMOTE_DATA_TRANSFER") !== void 0) {
|
|
3954
3955
|
strapi.log.warn(
|
|
3955
3956
|
"STRAPI_DISABLE_REMOTE_DATA_TRANSFER is no longer supported. Instead, set transfer.remote.enabled to false in your server configuration"
|
|
@@ -3957,7 +3958,7 @@ const isRemoteTransferEnabled = () => {
|
|
|
3957
3958
|
}
|
|
3958
3959
|
return utils2.hasValidTokenSalt() && strapi.config.get("server.transfer.remote.enabled");
|
|
3959
3960
|
};
|
|
3960
|
-
const utils = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
3961
|
+
const utils$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
3961
3962
|
__proto__: null,
|
|
3962
3963
|
hasValidTokenSalt,
|
|
3963
3964
|
isRemoteTransferEnabled
|
|
@@ -3966,7 +3967,7 @@ const transfer$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePr
|
|
|
3966
3967
|
__proto__: null,
|
|
3967
3968
|
permission: permission$1,
|
|
3968
3969
|
token: token$2,
|
|
3969
|
-
utils
|
|
3970
|
+
utils: utils$1
|
|
3970
3971
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3971
3972
|
const PROJECT_SETTINGS_FILE_INPUTS = ["menuLogo", "authLogo"];
|
|
3972
3973
|
const parseFilesData = async (files) => {
|
|
@@ -4087,14 +4088,14 @@ const projectSettings = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.def
|
|
|
4087
4088
|
parseFilesData,
|
|
4088
4089
|
updateProjectSettings: updateProjectSettings$1
|
|
4089
4090
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
4090
|
-
const
|
|
4091
|
-
auth,
|
|
4092
|
-
user: user$
|
|
4093
|
-
role: role$
|
|
4094
|
-
passport,
|
|
4091
|
+
const services$1 = {
|
|
4092
|
+
auth: auth$1,
|
|
4093
|
+
user: user$3,
|
|
4094
|
+
role: role$3,
|
|
4095
|
+
passport: passport$1,
|
|
4095
4096
|
token: token$3,
|
|
4096
4097
|
permission: permission$2,
|
|
4097
|
-
metrics,
|
|
4098
|
+
metrics: metrics$1,
|
|
4098
4099
|
"content-type": contentType,
|
|
4099
4100
|
constants: constants$4,
|
|
4100
4101
|
condition,
|
|
@@ -4133,7 +4134,7 @@ const validateUpdateProjectSettingsImagesDimensions = validateZod(
|
|
|
4133
4134
|
updateProjectSettingsImagesDimensions
|
|
4134
4135
|
);
|
|
4135
4136
|
const { isUsingTypeScript } = tsUtils;
|
|
4136
|
-
const admin = {
|
|
4137
|
+
const admin$3 = {
|
|
4137
4138
|
// TODO very temporary to check the switch ee/ce
|
|
4138
4139
|
// When removing this we need to update the /admin/src/index.js file
|
|
4139
4140
|
// whe,re we set the strapi.window.isEE value
|
|
@@ -4145,8 +4146,8 @@ const admin = {
|
|
|
4145
4146
|
},
|
|
4146
4147
|
async init() {
|
|
4147
4148
|
let uuid = strapi.config.get("uuid", false);
|
|
4148
|
-
const hasAdmin = await getService("user").exists();
|
|
4149
|
-
const { menuLogo, authLogo } = await getService("project-settings").getProjectSettings();
|
|
4149
|
+
const hasAdmin = await getService$1("user").exists();
|
|
4150
|
+
const { menuLogo, authLogo } = await getService$1("project-settings").getProjectSettings();
|
|
4150
4151
|
const telemetryDisabled = strapi.config.get(
|
|
4151
4152
|
"packageJsonStrapi.telemetryDisabled",
|
|
4152
4153
|
null
|
|
@@ -4164,7 +4165,7 @@ const admin = {
|
|
|
4164
4165
|
};
|
|
4165
4166
|
},
|
|
4166
4167
|
async getProjectSettings() {
|
|
4167
|
-
return getService(
|
|
4168
|
+
return getService$1(
|
|
4168
4169
|
"project-settings"
|
|
4169
4170
|
).getProjectSettings();
|
|
4170
4171
|
},
|
|
@@ -4172,7 +4173,7 @@ const admin = {
|
|
|
4172
4173
|
const {
|
|
4173
4174
|
request: { files, body }
|
|
4174
4175
|
} = ctx;
|
|
4175
|
-
const projectSettingsService = getService("project-settings");
|
|
4176
|
+
const projectSettingsService = getService$1("project-settings");
|
|
4176
4177
|
await validateUpdateProjectSettings(body);
|
|
4177
4178
|
await validateUpdateProjectSettingsFiles(files);
|
|
4178
4179
|
const formatedFiles = await projectSettingsService.parseFilesData(files);
|
|
@@ -4271,11 +4272,11 @@ const apiTokenUpdateSchema = yup.object().shape({
|
|
|
4271
4272
|
}).noUnknown().strict();
|
|
4272
4273
|
const validateApiTokenCreationInput = validateYupSchema(apiTokenCreationSchema);
|
|
4273
4274
|
const validateApiTokenUpdateInput = validateYupSchema(apiTokenUpdateSchema);
|
|
4274
|
-
const { ApplicationError: ApplicationError$
|
|
4275
|
+
const { ApplicationError: ApplicationError$7 } = errors;
|
|
4275
4276
|
const apiToken$1 = {
|
|
4276
4277
|
async create(ctx) {
|
|
4277
4278
|
const { body } = ctx.request;
|
|
4278
|
-
const apiTokenService = getService("api-token");
|
|
4279
|
+
const apiTokenService = getService$1("api-token");
|
|
4279
4280
|
const attributes = {
|
|
4280
4281
|
name: trim(body.name),
|
|
4281
4282
|
description: trim(body.description),
|
|
@@ -4286,14 +4287,14 @@ const apiToken$1 = {
|
|
|
4286
4287
|
await validateApiTokenCreationInput(attributes);
|
|
4287
4288
|
const alreadyExists = await apiTokenService.exists({ name: attributes.name });
|
|
4288
4289
|
if (alreadyExists) {
|
|
4289
|
-
throw new ApplicationError$
|
|
4290
|
+
throw new ApplicationError$7("Name already taken");
|
|
4290
4291
|
}
|
|
4291
4292
|
const apiToken2 = await apiTokenService.create(attributes);
|
|
4292
4293
|
ctx.created({ data: apiToken2 });
|
|
4293
4294
|
},
|
|
4294
4295
|
async regenerate(ctx) {
|
|
4295
4296
|
const { id } = ctx.params;
|
|
4296
|
-
const apiTokenService = getService("api-token");
|
|
4297
|
+
const apiTokenService = getService$1("api-token");
|
|
4297
4298
|
const apiTokenExists = await apiTokenService.getById(id);
|
|
4298
4299
|
if (!apiTokenExists) {
|
|
4299
4300
|
ctx.notFound("API Token not found");
|
|
@@ -4303,19 +4304,19 @@ const apiToken$1 = {
|
|
|
4303
4304
|
ctx.created({ data: accessToken });
|
|
4304
4305
|
},
|
|
4305
4306
|
async list(ctx) {
|
|
4306
|
-
const apiTokenService = getService("api-token");
|
|
4307
|
+
const apiTokenService = getService$1("api-token");
|
|
4307
4308
|
const apiTokens2 = await apiTokenService.list();
|
|
4308
4309
|
ctx.send({ data: apiTokens2 });
|
|
4309
4310
|
},
|
|
4310
4311
|
async revoke(ctx) {
|
|
4311
4312
|
const { id } = ctx.params;
|
|
4312
|
-
const apiTokenService = getService("api-token");
|
|
4313
|
+
const apiTokenService = getService$1("api-token");
|
|
4313
4314
|
const apiToken2 = await apiTokenService.revoke(id);
|
|
4314
4315
|
ctx.deleted({ data: apiToken2 });
|
|
4315
4316
|
},
|
|
4316
4317
|
async get(ctx) {
|
|
4317
4318
|
const { id } = ctx.params;
|
|
4318
|
-
const apiTokenService = getService("api-token");
|
|
4319
|
+
const apiTokenService = getService$1("api-token");
|
|
4319
4320
|
const apiToken2 = await apiTokenService.getById(id);
|
|
4320
4321
|
if (!apiToken2) {
|
|
4321
4322
|
ctx.notFound("API Token not found");
|
|
@@ -4326,7 +4327,7 @@ const apiToken$1 = {
|
|
|
4326
4327
|
async update(ctx) {
|
|
4327
4328
|
const { body } = ctx.request;
|
|
4328
4329
|
const { id } = ctx.params;
|
|
4329
|
-
const apiTokenService = getService("api-token");
|
|
4330
|
+
const apiTokenService = getService$1("api-token");
|
|
4330
4331
|
const attributes = body;
|
|
4331
4332
|
if (has("name", attributes)) {
|
|
4332
4333
|
attributes.name = trim(body.name);
|
|
@@ -4342,14 +4343,14 @@ const apiToken$1 = {
|
|
|
4342
4343
|
if (has("name", attributes)) {
|
|
4343
4344
|
const nameAlreadyTaken = await apiTokenService.getByName(attributes.name);
|
|
4344
4345
|
if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {
|
|
4345
|
-
throw new ApplicationError$
|
|
4346
|
+
throw new ApplicationError$7("Name already taken");
|
|
4346
4347
|
}
|
|
4347
4348
|
}
|
|
4348
4349
|
const apiToken2 = await apiTokenService.update(id, attributes);
|
|
4349
4350
|
ctx.send({ data: apiToken2 });
|
|
4350
4351
|
},
|
|
4351
4352
|
async getLayout(ctx) {
|
|
4352
|
-
const apiTokenService = getService("api-token");
|
|
4353
|
+
const apiTokenService = getService$1("api-token");
|
|
4353
4354
|
const layout = await apiTokenService.getApiTokenLayout();
|
|
4354
4355
|
ctx.send({ data: layout });
|
|
4355
4356
|
}
|
|
@@ -4385,13 +4386,18 @@ const userUpdateSchema = yup.object().shape({
|
|
|
4385
4386
|
const usersDeleteSchema = yup.object().shape({
|
|
4386
4387
|
ids: yup.array().of(yup.strapiID()).min(1).required()
|
|
4387
4388
|
}).noUnknown();
|
|
4388
|
-
const validateUserCreationInput = validateYupSchema(userCreationSchema);
|
|
4389
|
+
const validateUserCreationInput$1 = validateYupSchema(userCreationSchema);
|
|
4389
4390
|
const validateProfileUpdateInput = validateYupSchema(profileUpdateSchema);
|
|
4390
4391
|
const validateUserUpdateInput = validateYupSchema(userUpdateSchema);
|
|
4391
4392
|
const validateUsersDeleteInput = validateYupSchema(usersDeleteSchema);
|
|
4393
|
+
const schemas = {
|
|
4394
|
+
userCreationSchema,
|
|
4395
|
+
usersDeleteSchema,
|
|
4396
|
+
userUpdateSchema
|
|
4397
|
+
};
|
|
4392
4398
|
const authenticatedUser = {
|
|
4393
4399
|
async getMe(ctx) {
|
|
4394
|
-
const userInfo = getService("user").sanitizeUser(ctx.state.user);
|
|
4400
|
+
const userInfo = getService$1("user").sanitizeUser(ctx.state.user);
|
|
4395
4401
|
ctx.body = {
|
|
4396
4402
|
data: userInfo
|
|
4397
4403
|
};
|
|
@@ -4399,8 +4405,8 @@ const authenticatedUser = {
|
|
|
4399
4405
|
async updateMe(ctx) {
|
|
4400
4406
|
const input = ctx.request.body;
|
|
4401
4407
|
await validateProfileUpdateInput(input);
|
|
4402
|
-
const userService = getService("user");
|
|
4403
|
-
const authServer = getService("auth");
|
|
4408
|
+
const userService = getService$1("user");
|
|
4409
|
+
const authServer = getService$1("auth");
|
|
4404
4410
|
const { currentPassword, ...userInfo } = input;
|
|
4405
4411
|
if (currentPassword && userInfo.password) {
|
|
4406
4412
|
const isValid = await authServer.validatePassword(currentPassword, ctx.state.user.password);
|
|
@@ -4416,7 +4422,7 @@ const authenticatedUser = {
|
|
|
4416
4422
|
};
|
|
4417
4423
|
},
|
|
4418
4424
|
async getOwnPermissions(ctx) {
|
|
4419
|
-
const { findUserPermissions: findUserPermissions2, sanitizePermission: sanitizePermission2 } = getService("permission");
|
|
4425
|
+
const { findUserPermissions: findUserPermissions2, sanitizePermission: sanitizePermission2 } = getService$1("permission");
|
|
4420
4426
|
const { user: user2 } = ctx.state;
|
|
4421
4427
|
const userPermissions = await findUserPermissions2(user2);
|
|
4422
4428
|
ctx.body = {
|
|
@@ -4456,11 +4462,11 @@ const resetPasswordSchema = yup.object().shape({
|
|
|
4456
4462
|
const validateResetPasswordInput = validateYupSchema(resetPasswordSchema);
|
|
4457
4463
|
const renewToken = yup.object().shape({ token: yup.string().required() }).required().noUnknown();
|
|
4458
4464
|
const validateRenewTokenInput = validateYupSchema(renewToken);
|
|
4459
|
-
const { ApplicationError: ApplicationError$
|
|
4460
|
-
const authentication = {
|
|
4465
|
+
const { ApplicationError: ApplicationError$6, ValidationError: ValidationError$2 } = errors;
|
|
4466
|
+
const authentication$1 = {
|
|
4461
4467
|
login: compose([
|
|
4462
4468
|
(ctx, next) => {
|
|
4463
|
-
return passport$
|
|
4469
|
+
return passport$2.authenticate("local", { session: false }, (err, user2, info) => {
|
|
4464
4470
|
if (err) {
|
|
4465
4471
|
strapi.eventHub.emit("admin.auth.error", { error: err, provider: "local" });
|
|
4466
4472
|
if (err.details?.code === "LOGIN_NOT_ALLOWED") {
|
|
@@ -4473,11 +4479,11 @@ const authentication = {
|
|
|
4473
4479
|
error: new Error(info.message),
|
|
4474
4480
|
provider: "local"
|
|
4475
4481
|
});
|
|
4476
|
-
throw new ApplicationError$
|
|
4482
|
+
throw new ApplicationError$6(info.message);
|
|
4477
4483
|
}
|
|
4478
4484
|
const query = ctx.state;
|
|
4479
4485
|
query.user = user2;
|
|
4480
|
-
const sanitizedUser = getService("user").sanitizeUser(user2);
|
|
4486
|
+
const sanitizedUser = getService$1("user").sanitizeUser(user2);
|
|
4481
4487
|
strapi.eventHub.emit("admin.auth.success", { user: sanitizedUser, provider: "local" });
|
|
4482
4488
|
return next();
|
|
4483
4489
|
})(ctx, next);
|
|
@@ -4486,8 +4492,8 @@ const authentication = {
|
|
|
4486
4492
|
const { user: user2 } = ctx.state;
|
|
4487
4493
|
ctx.body = {
|
|
4488
4494
|
data: {
|
|
4489
|
-
token: getService("token").createJwtToken(user2),
|
|
4490
|
-
user: getService("user").sanitizeUser(ctx.state.user)
|
|
4495
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4496
|
+
user: getService$1("user").sanitizeUser(ctx.state.user)
|
|
4491
4497
|
// TODO: fetch more detailed info
|
|
4492
4498
|
}
|
|
4493
4499
|
};
|
|
@@ -4496,50 +4502,50 @@ const authentication = {
|
|
|
4496
4502
|
async renewToken(ctx) {
|
|
4497
4503
|
await validateRenewTokenInput(ctx.request.body);
|
|
4498
4504
|
const { token: token2 } = ctx.request.body;
|
|
4499
|
-
const { isValid, payload } = getService("token").decodeJwtToken(token2);
|
|
4505
|
+
const { isValid, payload } = getService$1("token").decodeJwtToken(token2);
|
|
4500
4506
|
if (!isValid) {
|
|
4501
|
-
throw new ValidationError("Invalid token");
|
|
4507
|
+
throw new ValidationError$2("Invalid token");
|
|
4502
4508
|
}
|
|
4503
4509
|
ctx.body = {
|
|
4504
4510
|
data: {
|
|
4505
|
-
token: getService("token").createJwtToken({ id: payload.id })
|
|
4511
|
+
token: getService$1("token").createJwtToken({ id: payload.id })
|
|
4506
4512
|
}
|
|
4507
4513
|
};
|
|
4508
4514
|
},
|
|
4509
4515
|
async registrationInfo(ctx) {
|
|
4510
4516
|
await validateRegistrationInfoQuery(ctx.request.query);
|
|
4511
4517
|
const { registrationToken } = ctx.request.query;
|
|
4512
|
-
const registrationInfo = await getService("user").findRegistrationInfo(registrationToken);
|
|
4518
|
+
const registrationInfo = await getService$1("user").findRegistrationInfo(registrationToken);
|
|
4513
4519
|
if (!registrationInfo) {
|
|
4514
|
-
throw new ValidationError("Invalid registrationToken");
|
|
4520
|
+
throw new ValidationError$2("Invalid registrationToken");
|
|
4515
4521
|
}
|
|
4516
4522
|
ctx.body = { data: registrationInfo };
|
|
4517
4523
|
},
|
|
4518
4524
|
async register(ctx) {
|
|
4519
4525
|
const input = ctx.request.body;
|
|
4520
4526
|
await validateRegistrationInput(input);
|
|
4521
|
-
const user2 = await getService("user").register(input);
|
|
4527
|
+
const user2 = await getService$1("user").register(input);
|
|
4522
4528
|
ctx.body = {
|
|
4523
4529
|
data: {
|
|
4524
|
-
token: getService("token").createJwtToken(user2),
|
|
4525
|
-
user: getService("user").sanitizeUser(user2)
|
|
4530
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4531
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4526
4532
|
}
|
|
4527
4533
|
};
|
|
4528
4534
|
},
|
|
4529
4535
|
async registerAdmin(ctx) {
|
|
4530
4536
|
const input = ctx.request.body;
|
|
4531
4537
|
await validateAdminRegistrationInput(input);
|
|
4532
|
-
const hasAdmin = await getService("user").exists();
|
|
4538
|
+
const hasAdmin = await getService$1("user").exists();
|
|
4533
4539
|
if (hasAdmin) {
|
|
4534
|
-
throw new ApplicationError$
|
|
4540
|
+
throw new ApplicationError$6("You cannot register a new super admin");
|
|
4535
4541
|
}
|
|
4536
|
-
const superAdminRole = await getService("role").getSuperAdmin();
|
|
4542
|
+
const superAdminRole = await getService$1("role").getSuperAdmin();
|
|
4537
4543
|
if (!superAdminRole) {
|
|
4538
|
-
throw new ApplicationError$
|
|
4544
|
+
throw new ApplicationError$6(
|
|
4539
4545
|
"Cannot register the first admin because the super admin role doesn't exist."
|
|
4540
4546
|
);
|
|
4541
4547
|
}
|
|
4542
|
-
const user2 = await getService("user").create({
|
|
4548
|
+
const user2 = await getService$1("user").create({
|
|
4543
4549
|
...input,
|
|
4544
4550
|
registrationToken: null,
|
|
4545
4551
|
isActive: true,
|
|
@@ -4548,30 +4554,30 @@ const authentication = {
|
|
|
4548
4554
|
strapi.telemetry.send("didCreateFirstAdmin");
|
|
4549
4555
|
ctx.body = {
|
|
4550
4556
|
data: {
|
|
4551
|
-
token: getService("token").createJwtToken(user2),
|
|
4552
|
-
user: getService("user").sanitizeUser(user2)
|
|
4557
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4558
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4553
4559
|
}
|
|
4554
4560
|
};
|
|
4555
4561
|
},
|
|
4556
4562
|
async forgotPassword(ctx) {
|
|
4557
4563
|
const input = ctx.request.body;
|
|
4558
4564
|
await validateForgotPasswordInput(input);
|
|
4559
|
-
getService("auth").forgotPassword(input);
|
|
4565
|
+
getService$1("auth").forgotPassword(input);
|
|
4560
4566
|
ctx.status = 204;
|
|
4561
4567
|
},
|
|
4562
4568
|
async resetPassword(ctx) {
|
|
4563
4569
|
const input = ctx.request.body;
|
|
4564
4570
|
await validateResetPasswordInput(input);
|
|
4565
|
-
const user2 = await getService("auth").resetPassword(input);
|
|
4571
|
+
const user2 = await getService$1("auth").resetPassword(input);
|
|
4566
4572
|
ctx.body = {
|
|
4567
4573
|
data: {
|
|
4568
|
-
token: getService("token").createJwtToken(user2),
|
|
4569
|
-
user: getService("user").sanitizeUser(user2)
|
|
4574
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4575
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4570
4576
|
}
|
|
4571
4577
|
};
|
|
4572
4578
|
},
|
|
4573
4579
|
logout(ctx) {
|
|
4574
|
-
const sanitizedUser = getService("user").sanitizeUser(ctx.state.user);
|
|
4580
|
+
const sanitizedUser = getService$1("user").sanitizeUser(ctx.state.user);
|
|
4575
4581
|
strapi.eventHub.emit("admin.logout", { user: sanitizedUser });
|
|
4576
4582
|
ctx.body = { data: {} };
|
|
4577
4583
|
}
|
|
@@ -4587,7 +4593,7 @@ const permission = {
|
|
|
4587
4593
|
const { body: input } = ctx.request;
|
|
4588
4594
|
const { userAbility } = ctx.state;
|
|
4589
4595
|
await validateCheckPermissionsInput(input);
|
|
4590
|
-
const { engine: engine2 } = getService("permission");
|
|
4596
|
+
const { engine: engine2 } = getService$1("permission");
|
|
4591
4597
|
const checkPermissionsFn = engine2.checkMany(userAbility);
|
|
4592
4598
|
ctx.body = {
|
|
4593
4599
|
data: checkPermissionsFn(input.permissions)
|
|
@@ -4598,7 +4604,7 @@ const permission = {
|
|
|
4598
4604
|
* @param {KoaContext} ctx - koa context
|
|
4599
4605
|
*/
|
|
4600
4606
|
async getAll(ctx) {
|
|
4601
|
-
const { sectionsBuilder: sectionsBuilder2, actionProvider: actionProvider2, conditionProvider: conditionProvider2 } = getService("permission");
|
|
4607
|
+
const { sectionsBuilder: sectionsBuilder2, actionProvider: actionProvider2, conditionProvider: conditionProvider2 } = getService$1("permission");
|
|
4602
4608
|
const actions2 = actionProvider2.values();
|
|
4603
4609
|
const conditions2 = conditionProvider2.values();
|
|
4604
4610
|
const sections = await sectionsBuilder2.build(actions2);
|
|
@@ -4611,11 +4617,11 @@ const permission = {
|
|
|
4611
4617
|
};
|
|
4612
4618
|
}
|
|
4613
4619
|
};
|
|
4614
|
-
const roleCreateSchema = yup.object().shape({
|
|
4620
|
+
const roleCreateSchema$1 = yup.object().shape({
|
|
4615
4621
|
name: yup.string().min(1).required(),
|
|
4616
4622
|
description: yup.string().nullable()
|
|
4617
4623
|
}).noUnknown();
|
|
4618
|
-
const rolesDeleteSchema = yup.object().shape({
|
|
4624
|
+
const rolesDeleteSchema$1 = yup.object().shape({
|
|
4619
4625
|
ids: yup.array().of(yup.strapiID()).min(1).required().test("roles-deletion-checks", "Roles deletion checks have failed", async function(ids) {
|
|
4620
4626
|
try {
|
|
4621
4627
|
await strapi.service("admin::role").checkRolesIdForDeletion(ids);
|
|
@@ -4625,7 +4631,7 @@ const rolesDeleteSchema = yup.object().shape({
|
|
|
4625
4631
|
return true;
|
|
4626
4632
|
})
|
|
4627
4633
|
}).noUnknown();
|
|
4628
|
-
const roleDeleteSchema = yup.strapiID().required().test("no-admin-single-delete", "Role deletion checks have failed", async function(id) {
|
|
4634
|
+
const roleDeleteSchema$1 = yup.strapiID().required().test("no-admin-single-delete", "Role deletion checks have failed", async function(id) {
|
|
4629
4635
|
try {
|
|
4630
4636
|
await strapi.service("admin::role").checkRolesIdForDeletion([id]);
|
|
4631
4637
|
} catch (e) {
|
|
@@ -4637,21 +4643,21 @@ const roleUpdateSchema = yup.object().shape({
|
|
|
4637
4643
|
name: yup.string().min(1),
|
|
4638
4644
|
description: yup.string().nullable()
|
|
4639
4645
|
}).noUnknown();
|
|
4640
|
-
const validateRoleCreateInput = validateYupSchema(roleCreateSchema);
|
|
4646
|
+
const validateRoleCreateInput$1 = validateYupSchema(roleCreateSchema$1);
|
|
4641
4647
|
const validateRoleUpdateInput = validateYupSchema(roleUpdateSchema);
|
|
4642
|
-
const validateRolesDeleteInput = validateYupSchema(rolesDeleteSchema);
|
|
4643
|
-
const validateRoleDeleteInput = validateYupSchema(roleDeleteSchema);
|
|
4644
|
-
const { ApplicationError: ApplicationError$
|
|
4645
|
-
const { SUPER_ADMIN_CODE } = constants$3;
|
|
4646
|
-
const role = {
|
|
4648
|
+
const validateRolesDeleteInput$1 = validateYupSchema(rolesDeleteSchema$1);
|
|
4649
|
+
const validateRoleDeleteInput$1 = validateYupSchema(roleDeleteSchema$1);
|
|
4650
|
+
const { ApplicationError: ApplicationError$5 } = errors;
|
|
4651
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$2 } = constants$3;
|
|
4652
|
+
const role$2 = {
|
|
4647
4653
|
/**
|
|
4648
4654
|
* Create a new role
|
|
4649
4655
|
* @param {KoaContext} ctx - koa context
|
|
4650
4656
|
*/
|
|
4651
4657
|
async create(ctx) {
|
|
4652
4658
|
const { body } = ctx.request;
|
|
4653
|
-
await validateRoleCreateInput(body);
|
|
4654
|
-
const roleService = getService("role");
|
|
4659
|
+
await validateRoleCreateInput$1(body);
|
|
4660
|
+
const roleService = getService$1("role");
|
|
4655
4661
|
const role2 = await roleService.create(body);
|
|
4656
4662
|
const sanitizedRole = roleService.sanitizeRole(role2);
|
|
4657
4663
|
ctx.created({ data: sanitizedRole });
|
|
@@ -4662,7 +4668,7 @@ const role = {
|
|
|
4662
4668
|
*/
|
|
4663
4669
|
async findOne(ctx) {
|
|
4664
4670
|
const { id } = ctx.params;
|
|
4665
|
-
const role2 = await getService("role").findOneWithUsersCount({ id });
|
|
4671
|
+
const role2 = await getService$1("role").findOneWithUsersCount({ id });
|
|
4666
4672
|
if (!role2) {
|
|
4667
4673
|
return ctx.notFound("role.notFound");
|
|
4668
4674
|
}
|
|
@@ -4676,13 +4682,13 @@ const role = {
|
|
|
4676
4682
|
*/
|
|
4677
4683
|
async findAll(ctx) {
|
|
4678
4684
|
const { query } = ctx.request;
|
|
4679
|
-
const permissionsManager = getService("permission").createPermissionsManager({
|
|
4685
|
+
const permissionsManager = getService$1("permission").createPermissionsManager({
|
|
4680
4686
|
ability: ctx.state.userAbility,
|
|
4681
4687
|
model: "admin::role"
|
|
4682
4688
|
});
|
|
4683
4689
|
await permissionsManager.validateQuery(query);
|
|
4684
4690
|
const sanitizedQuery = await permissionsManager.sanitizeQuery(query);
|
|
4685
|
-
const roles2 = await getService("role").findAllWithUsersCount(sanitizedQuery);
|
|
4691
|
+
const roles2 = await getService$1("role").findAllWithUsersCount(sanitizedQuery);
|
|
4686
4692
|
ctx.body = {
|
|
4687
4693
|
data: roles2
|
|
4688
4694
|
};
|
|
@@ -4694,14 +4700,14 @@ const role = {
|
|
|
4694
4700
|
async update(ctx) {
|
|
4695
4701
|
const { id } = ctx.params;
|
|
4696
4702
|
const { body } = ctx.request;
|
|
4697
|
-
const roleService = getService("role");
|
|
4703
|
+
const roleService = getService$1("role");
|
|
4698
4704
|
await validateRoleUpdateInput(body);
|
|
4699
4705
|
const role2 = await roleService.findOne({ id });
|
|
4700
4706
|
if (!role2) {
|
|
4701
4707
|
return ctx.notFound("role.notFound");
|
|
4702
4708
|
}
|
|
4703
|
-
if (role2.code === SUPER_ADMIN_CODE) {
|
|
4704
|
-
throw new ApplicationError$
|
|
4709
|
+
if (role2.code === SUPER_ADMIN_CODE$2) {
|
|
4710
|
+
throw new ApplicationError$5("Super admin can't be edited.");
|
|
4705
4711
|
}
|
|
4706
4712
|
const updatedRole = await roleService.update({ id }, body);
|
|
4707
4713
|
const sanitizedRole = roleService.sanitizeRole(updatedRole);
|
|
@@ -4715,8 +4721,8 @@ const role = {
|
|
|
4715
4721
|
*/
|
|
4716
4722
|
async getPermissions(ctx) {
|
|
4717
4723
|
const { id } = ctx.params;
|
|
4718
|
-
const roleService = getService("role");
|
|
4719
|
-
const permissionService = getService("permission");
|
|
4724
|
+
const roleService = getService$1("role");
|
|
4725
|
+
const permissionService = getService$1("permission");
|
|
4720
4726
|
const role2 = await roleService.findOne({ id });
|
|
4721
4727
|
if (!role2) {
|
|
4722
4728
|
return ctx.notFound("role.notFound");
|
|
@@ -4735,14 +4741,14 @@ const role = {
|
|
|
4735
4741
|
async updatePermissions(ctx) {
|
|
4736
4742
|
const { id } = ctx.params;
|
|
4737
4743
|
const { body: input } = ctx.request;
|
|
4738
|
-
const roleService = getService("role");
|
|
4739
|
-
const permissionService = getService("permission");
|
|
4744
|
+
const roleService = getService$1("role");
|
|
4745
|
+
const permissionService = getService$1("permission");
|
|
4740
4746
|
const role2 = await roleService.findOne({ id });
|
|
4741
4747
|
if (!role2) {
|
|
4742
4748
|
return ctx.notFound("role.notFound");
|
|
4743
4749
|
}
|
|
4744
|
-
if (role2.code === SUPER_ADMIN_CODE) {
|
|
4745
|
-
throw new ApplicationError$
|
|
4750
|
+
if (role2.code === SUPER_ADMIN_CODE$2) {
|
|
4751
|
+
throw new ApplicationError$5("Super admin permissions can't be edited.");
|
|
4746
4752
|
}
|
|
4747
4753
|
await validatedUpdatePermissionsInput(input);
|
|
4748
4754
|
if (!role2) {
|
|
@@ -4760,8 +4766,8 @@ const role = {
|
|
|
4760
4766
|
*/
|
|
4761
4767
|
async deleteOne(ctx) {
|
|
4762
4768
|
const { id } = ctx.params;
|
|
4763
|
-
await validateRoleDeleteInput(id);
|
|
4764
|
-
const roleService = getService("role");
|
|
4769
|
+
await validateRoleDeleteInput$1(id);
|
|
4770
|
+
const roleService = getService$1("role");
|
|
4765
4771
|
const roles2 = await roleService.deleteByIds([id]);
|
|
4766
4772
|
const sanitizedRole = roles2.map((role2) => roleService.sanitizeRole(role2))[0] || null;
|
|
4767
4773
|
return ctx.deleted({
|
|
@@ -4774,8 +4780,8 @@ const role = {
|
|
|
4774
4780
|
*/
|
|
4775
4781
|
async deleteMany(ctx) {
|
|
4776
4782
|
const { body } = ctx.request;
|
|
4777
|
-
await validateRolesDeleteInput(body);
|
|
4778
|
-
const roleService = getService("role");
|
|
4783
|
+
await validateRolesDeleteInput$1(body);
|
|
4784
|
+
const roleService = getService$1("role");
|
|
4779
4785
|
const roles2 = await roleService.deleteByIds(body.ids);
|
|
4780
4786
|
const sanitizedRoles = roles2.map(roleService.sanitizeRole);
|
|
4781
4787
|
return ctx.deleted({
|
|
@@ -4788,11 +4794,11 @@ const {
|
|
|
4788
4794
|
handlers: { createPushController, createPullController }
|
|
4789
4795
|
}
|
|
4790
4796
|
} = strapi$1;
|
|
4791
|
-
const { UnauthorizedError } = errors;
|
|
4797
|
+
const { UnauthorizedError: UnauthorizedError$1 } = errors;
|
|
4792
4798
|
const verify = async (ctx, scope) => {
|
|
4793
4799
|
const { auth: auth2 } = ctx.state;
|
|
4794
4800
|
if (!auth2) {
|
|
4795
|
-
throw new UnauthorizedError();
|
|
4801
|
+
throw new UnauthorizedError$1();
|
|
4796
4802
|
}
|
|
4797
4803
|
await dataTransferAuthStrategy.verify(auth2, { scope });
|
|
4798
4804
|
};
|
|
@@ -4819,17 +4825,17 @@ const token$1 = {
|
|
|
4819
4825
|
validateTransferTokenCreationInput: validateTransferTokenCreationInput$1,
|
|
4820
4826
|
validateTransferTokenUpdateInput: validateTransferTokenUpdateInput$1
|
|
4821
4827
|
};
|
|
4822
|
-
const { ApplicationError: ApplicationError$
|
|
4828
|
+
const { ApplicationError: ApplicationError$4 } = errors;
|
|
4823
4829
|
const { validateTransferTokenCreationInput, validateTransferTokenUpdateInput } = token$1;
|
|
4824
4830
|
const token = {
|
|
4825
4831
|
async list(ctx) {
|
|
4826
|
-
const transferService = getService("transfer");
|
|
4832
|
+
const transferService = getService$1("transfer");
|
|
4827
4833
|
const transferTokens = await transferService.token.list();
|
|
4828
4834
|
ctx.body = { data: transferTokens };
|
|
4829
4835
|
},
|
|
4830
4836
|
async getById(ctx) {
|
|
4831
4837
|
const { id } = ctx.params;
|
|
4832
|
-
const tokenService = getService("transfer").token;
|
|
4838
|
+
const tokenService = getService$1("transfer").token;
|
|
4833
4839
|
const transferToken2 = await tokenService.getById(id);
|
|
4834
4840
|
if (!transferToken2) {
|
|
4835
4841
|
ctx.notFound("Transfer token not found");
|
|
@@ -4839,7 +4845,7 @@ const token = {
|
|
|
4839
4845
|
},
|
|
4840
4846
|
async create(ctx) {
|
|
4841
4847
|
const { body } = ctx.request;
|
|
4842
|
-
const { token: tokenService } = getService("transfer");
|
|
4848
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4843
4849
|
const attributes = {
|
|
4844
4850
|
name: trim(body.name),
|
|
4845
4851
|
description: trim(body.description),
|
|
@@ -4849,7 +4855,7 @@ const token = {
|
|
|
4849
4855
|
await validateTransferTokenCreationInput(attributes);
|
|
4850
4856
|
const alreadyExists = await tokenService.exists({ name: attributes.name });
|
|
4851
4857
|
if (alreadyExists) {
|
|
4852
|
-
throw new ApplicationError$
|
|
4858
|
+
throw new ApplicationError$4("Name already taken");
|
|
4853
4859
|
}
|
|
4854
4860
|
const transferTokens = await tokenService.create(attributes);
|
|
4855
4861
|
ctx.created({ data: transferTokens });
|
|
@@ -4857,7 +4863,7 @@ const token = {
|
|
|
4857
4863
|
async update(ctx) {
|
|
4858
4864
|
const { body } = ctx.request;
|
|
4859
4865
|
const { id } = ctx.params;
|
|
4860
|
-
const { token: tokenService } = getService("transfer");
|
|
4866
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4861
4867
|
const attributes = body;
|
|
4862
4868
|
if (has("name", attributes)) {
|
|
4863
4869
|
attributes.name = trim(body.name);
|
|
@@ -4873,7 +4879,7 @@ const token = {
|
|
|
4873
4879
|
if (has("name", attributes)) {
|
|
4874
4880
|
const nameAlreadyTaken = await tokenService.getByName(attributes.name);
|
|
4875
4881
|
if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {
|
|
4876
|
-
throw new ApplicationError$
|
|
4882
|
+
throw new ApplicationError$4("Name already taken");
|
|
4877
4883
|
}
|
|
4878
4884
|
}
|
|
4879
4885
|
const apiToken2 = await tokenService.update(id, attributes);
|
|
@@ -4881,13 +4887,13 @@ const token = {
|
|
|
4881
4887
|
},
|
|
4882
4888
|
async revoke(ctx) {
|
|
4883
4889
|
const { id } = ctx.params;
|
|
4884
|
-
const { token: tokenService } = getService("transfer");
|
|
4890
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4885
4891
|
const transferToken2 = await tokenService.revoke(id);
|
|
4886
4892
|
ctx.deleted({ data: transferToken2 });
|
|
4887
4893
|
},
|
|
4888
4894
|
async regenerate(ctx) {
|
|
4889
4895
|
const { id } = ctx.params;
|
|
4890
|
-
const { token: tokenService } = getService("transfer");
|
|
4896
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4891
4897
|
const exists2 = await tokenService.getById(id);
|
|
4892
4898
|
if (!exists2) {
|
|
4893
4899
|
ctx.notFound("Transfer token not found");
|
|
@@ -4902,12 +4908,12 @@ const transfer = {
|
|
|
4902
4908
|
...prefixActionsName("runner", runner),
|
|
4903
4909
|
...prefixActionsName("token", token)
|
|
4904
4910
|
};
|
|
4905
|
-
const { ApplicationError } = errors;
|
|
4906
|
-
const user = {
|
|
4911
|
+
const { ApplicationError: ApplicationError$3 } = errors;
|
|
4912
|
+
const user$2 = {
|
|
4907
4913
|
async create(ctx) {
|
|
4908
4914
|
const { body } = ctx.request;
|
|
4909
4915
|
const cleanData = { ...body, email: _.get(body, `email`, ``).toLowerCase() };
|
|
4910
|
-
await validateUserCreationInput(cleanData);
|
|
4916
|
+
await validateUserCreationInput$1(cleanData);
|
|
4911
4917
|
const attributes = _.pick(cleanData, [
|
|
4912
4918
|
"firstname",
|
|
4913
4919
|
"lastname",
|
|
@@ -4915,19 +4921,19 @@ const user = {
|
|
|
4915
4921
|
"roles",
|
|
4916
4922
|
"preferedLanguage"
|
|
4917
4923
|
]);
|
|
4918
|
-
const userAlreadyExists = await getService("user").exists({
|
|
4924
|
+
const userAlreadyExists = await getService$1("user").exists({
|
|
4919
4925
|
email: attributes.email
|
|
4920
4926
|
});
|
|
4921
4927
|
if (userAlreadyExists) {
|
|
4922
|
-
throw new ApplicationError("Email already taken");
|
|
4928
|
+
throw new ApplicationError$3("Email already taken");
|
|
4923
4929
|
}
|
|
4924
|
-
const createdUser = await getService("user").create(attributes);
|
|
4925
|
-
const userInfo = getService("user").sanitizeUser(createdUser);
|
|
4930
|
+
const createdUser = await getService$1("user").create(attributes);
|
|
4931
|
+
const userInfo = getService$1("user").sanitizeUser(createdUser);
|
|
4926
4932
|
Object.assign(userInfo, { registrationToken: createdUser.registrationToken });
|
|
4927
4933
|
ctx.created({ data: userInfo });
|
|
4928
4934
|
},
|
|
4929
4935
|
async find(ctx) {
|
|
4930
|
-
const userService = getService("user");
|
|
4936
|
+
const userService = getService$1("user");
|
|
4931
4937
|
const permissionsManager = strapi.service("admin::permission").createPermissionsManager({
|
|
4932
4938
|
ability: ctx.state.userAbility,
|
|
4933
4939
|
model: "admin::user"
|
|
@@ -4944,12 +4950,12 @@ const user = {
|
|
|
4944
4950
|
},
|
|
4945
4951
|
async findOne(ctx) {
|
|
4946
4952
|
const { id } = ctx.params;
|
|
4947
|
-
const user2 = await getService("user").findOne(id);
|
|
4953
|
+
const user2 = await getService$1("user").findOne(id);
|
|
4948
4954
|
if (!user2) {
|
|
4949
4955
|
return ctx.notFound("User does not exist");
|
|
4950
4956
|
}
|
|
4951
4957
|
ctx.body = {
|
|
4952
|
-
data: getService("user").sanitizeUser(user2)
|
|
4958
|
+
data: getService$1("user").sanitizeUser(user2)
|
|
4953
4959
|
};
|
|
4954
4960
|
},
|
|
4955
4961
|
async update(ctx) {
|
|
@@ -4957,30 +4963,30 @@ const user = {
|
|
|
4957
4963
|
const { body: input } = ctx.request;
|
|
4958
4964
|
await validateUserUpdateInput(input);
|
|
4959
4965
|
if (_.has(input, "email")) {
|
|
4960
|
-
const uniqueEmailCheck = await getService("user").exists({
|
|
4966
|
+
const uniqueEmailCheck = await getService$1("user").exists({
|
|
4961
4967
|
id: { $ne: id },
|
|
4962
4968
|
email: input.email
|
|
4963
4969
|
});
|
|
4964
4970
|
if (uniqueEmailCheck) {
|
|
4965
|
-
throw new ApplicationError("A user with this email address already exists");
|
|
4971
|
+
throw new ApplicationError$3("A user with this email address already exists");
|
|
4966
4972
|
}
|
|
4967
4973
|
}
|
|
4968
|
-
const updatedUser = await getService("user").updateById(id, input);
|
|
4974
|
+
const updatedUser = await getService$1("user").updateById(id, input);
|
|
4969
4975
|
if (!updatedUser) {
|
|
4970
4976
|
return ctx.notFound("User does not exist");
|
|
4971
4977
|
}
|
|
4972
4978
|
ctx.body = {
|
|
4973
|
-
data: getService("user").sanitizeUser(updatedUser)
|
|
4979
|
+
data: getService$1("user").sanitizeUser(updatedUser)
|
|
4974
4980
|
};
|
|
4975
4981
|
},
|
|
4976
4982
|
async deleteOne(ctx) {
|
|
4977
4983
|
const { id } = ctx.params;
|
|
4978
|
-
const deletedUser = await getService("user").deleteById(id);
|
|
4984
|
+
const deletedUser = await getService$1("user").deleteById(id);
|
|
4979
4985
|
if (!deletedUser) {
|
|
4980
4986
|
return ctx.notFound("User not found");
|
|
4981
4987
|
}
|
|
4982
4988
|
return ctx.deleted({
|
|
4983
|
-
data: getService("user").sanitizeUser(deletedUser)
|
|
4989
|
+
data: getService$1("user").sanitizeUser(deletedUser)
|
|
4984
4990
|
});
|
|
4985
4991
|
},
|
|
4986
4992
|
/**
|
|
@@ -4990,8 +4996,8 @@ const user = {
|
|
|
4990
4996
|
async deleteMany(ctx) {
|
|
4991
4997
|
const { body } = ctx.request;
|
|
4992
4998
|
await validateUsersDeleteInput(body);
|
|
4993
|
-
const users2 = await getService("user").deleteByIds(body.ids);
|
|
4994
|
-
const sanitizedUsers = users2.map(getService("user").sanitizeUser);
|
|
4999
|
+
const users2 = await getService$1("user").deleteByIds(body.ids);
|
|
5000
|
+
const sanitizedUsers = users2.map(getService$1("user").sanitizeUser);
|
|
4995
5001
|
return ctx.deleted({
|
|
4996
5002
|
data: sanitizedUsers
|
|
4997
5003
|
});
|
|
@@ -5111,15 +5117,15 @@ const contentApi = {
|
|
|
5111
5117
|
ctx.send({ data: routesMap });
|
|
5112
5118
|
}
|
|
5113
5119
|
};
|
|
5114
|
-
const
|
|
5115
|
-
admin,
|
|
5120
|
+
const controllers$1 = {
|
|
5121
|
+
admin: admin$3,
|
|
5116
5122
|
"api-token": apiToken$1,
|
|
5117
5123
|
"authenticated-user": authenticatedUser,
|
|
5118
|
-
authentication,
|
|
5124
|
+
authentication: authentication$1,
|
|
5119
5125
|
permission,
|
|
5120
|
-
role,
|
|
5126
|
+
role: role$2,
|
|
5121
5127
|
transfer,
|
|
5122
|
-
user,
|
|
5128
|
+
user: user$2,
|
|
5123
5129
|
webhooks,
|
|
5124
5130
|
"content-api": contentApi
|
|
5125
5131
|
};
|
|
@@ -5544,7 +5550,7 @@ const transferTokenPermission = {
|
|
|
5544
5550
|
}
|
|
5545
5551
|
}
|
|
5546
5552
|
};
|
|
5547
|
-
const
|
|
5553
|
+
const contentTypes = {
|
|
5548
5554
|
permission: { schema: Permission },
|
|
5549
5555
|
user: { schema: User },
|
|
5550
5556
|
role: { schema: Role },
|
|
@@ -5553,8 +5559,8 @@ const index$1 = {
|
|
|
5553
5559
|
"transfer-token": { schema: transferToken },
|
|
5554
5560
|
"transfer-token-permission": { schema: transferTokenPermission }
|
|
5555
5561
|
};
|
|
5556
|
-
const { RateLimitError } = utils$
|
|
5557
|
-
const rateLimit = (
|
|
5562
|
+
const { RateLimitError } = utils$2.errors;
|
|
5563
|
+
const rateLimit = (config2, { strapi: strapi2 }) => async (ctx, next) => {
|
|
5558
5564
|
let rateLimitConfig = strapi2.config.get("admin.rateLimit");
|
|
5559
5565
|
if (!rateLimitConfig) {
|
|
5560
5566
|
rateLimitConfig = {
|
|
@@ -5577,14 +5583,14 @@ const rateLimit = (config, { strapi: strapi2 }) => async (ctx, next) => {
|
|
|
5577
5583
|
throw new RateLimitError();
|
|
5578
5584
|
},
|
|
5579
5585
|
...rateLimitConfig,
|
|
5580
|
-
...
|
|
5586
|
+
...config2
|
|
5581
5587
|
};
|
|
5582
5588
|
return rateLimit2.middleware(loadConfig)(ctx, next);
|
|
5583
5589
|
}
|
|
5584
5590
|
return next();
|
|
5585
5591
|
};
|
|
5586
5592
|
const dataTransfer = () => async (ctx, next) => {
|
|
5587
|
-
const transferUtils = getService("transfer").utils;
|
|
5593
|
+
const transferUtils = getService$1("transfer").utils;
|
|
5588
5594
|
const { hasValidTokenSalt: hasValidTokenSalt2, isRemoteTransferEnabled: isRemoteTransferEnabled2 } = transferUtils;
|
|
5589
5595
|
if (isRemoteTransferEnabled2()) {
|
|
5590
5596
|
return next();
|
|
@@ -5602,20 +5608,1368 @@ const dataTransfer = () => async (ctx, next) => {
|
|
|
5602
5608
|
}
|
|
5603
5609
|
throw new Error("Unexpected error while trying to access a data transfer route");
|
|
5604
5610
|
};
|
|
5605
|
-
const
|
|
5611
|
+
const middlewares$1 = {
|
|
5606
5612
|
rateLimit,
|
|
5607
5613
|
"data-transfer": dataTransfer
|
|
5608
5614
|
};
|
|
5615
|
+
const register = async ({ strapi: strapi2 }) => {
|
|
5616
|
+
await register$2({ strapi: strapi2 });
|
|
5617
|
+
};
|
|
5618
|
+
const getService = (name2, { strapi: strapi2 } = { strapi: global.strapi }) => {
|
|
5619
|
+
return strapi2.service(`admin::${name2}`);
|
|
5620
|
+
};
|
|
5621
|
+
const actions = {
|
|
5622
|
+
sso: [
|
|
5623
|
+
{
|
|
5624
|
+
uid: "provider-login.read",
|
|
5625
|
+
displayName: "Read",
|
|
5626
|
+
pluginName: "admin",
|
|
5627
|
+
section: "settings",
|
|
5628
|
+
category: "single sign on",
|
|
5629
|
+
subCategory: "options"
|
|
5630
|
+
},
|
|
5631
|
+
{
|
|
5632
|
+
uid: "provider-login.update",
|
|
5633
|
+
displayName: "Update",
|
|
5634
|
+
pluginName: "admin",
|
|
5635
|
+
section: "settings",
|
|
5636
|
+
category: "single sign on",
|
|
5637
|
+
subCategory: "options"
|
|
5638
|
+
}
|
|
5639
|
+
],
|
|
5640
|
+
auditLogs: [
|
|
5641
|
+
{
|
|
5642
|
+
uid: "audit-logs.read",
|
|
5643
|
+
displayName: "Read",
|
|
5644
|
+
pluginName: "admin",
|
|
5645
|
+
section: "settings",
|
|
5646
|
+
category: "audit logs",
|
|
5647
|
+
subCategory: "options"
|
|
5648
|
+
}
|
|
5649
|
+
]
|
|
5650
|
+
};
|
|
5651
|
+
const transformTableName = (table) => {
|
|
5652
|
+
if (typeof table === "string") {
|
|
5653
|
+
return { name: table };
|
|
5654
|
+
}
|
|
5655
|
+
return table;
|
|
5656
|
+
};
|
|
5657
|
+
async function findTables({ strapi: strapi2 }, regex) {
|
|
5658
|
+
const tables = await strapi2.db.dialect.schemaInspector.getTables();
|
|
5659
|
+
return tables.filter((tableName) => regex.test(tableName));
|
|
5660
|
+
}
|
|
5661
|
+
async function addPersistTables({ strapi: strapi2 }, tableNames) {
|
|
5662
|
+
const persistedTables = await getPersistedTables({ strapi: strapi2 });
|
|
5663
|
+
const tables = tableNames.map(transformTableName);
|
|
5664
|
+
const notPersistedTableNames = differenceWith(isEqual, tables, persistedTables);
|
|
5665
|
+
const tablesToPersist = differenceWith(
|
|
5666
|
+
(t1, t2) => t1.name === t2.name,
|
|
5667
|
+
persistedTables,
|
|
5668
|
+
notPersistedTableNames
|
|
5669
|
+
);
|
|
5670
|
+
if (!notPersistedTableNames.length) {
|
|
5671
|
+
return;
|
|
5672
|
+
}
|
|
5673
|
+
tablesToPersist.push(...notPersistedTableNames);
|
|
5674
|
+
await strapi2.store.set({
|
|
5675
|
+
type: "core",
|
|
5676
|
+
key: "persisted_tables",
|
|
5677
|
+
value: tablesToPersist
|
|
5678
|
+
});
|
|
5679
|
+
}
|
|
5680
|
+
async function getPersistedTables({ strapi: strapi2 }) {
|
|
5681
|
+
const persistedTables = await strapi2.store.get({
|
|
5682
|
+
type: "core",
|
|
5683
|
+
key: "persisted_tables"
|
|
5684
|
+
});
|
|
5685
|
+
return (persistedTables || []).map(transformTableName);
|
|
5686
|
+
}
|
|
5687
|
+
const persistTablesWithPrefix = async (tableNamePrefix) => {
|
|
5688
|
+
const tableNameRegex = new RegExp(`^${tableNamePrefix}.*`);
|
|
5689
|
+
const tableNames = await findTables({ strapi }, tableNameRegex);
|
|
5690
|
+
await addPersistTables({ strapi }, tableNames);
|
|
5691
|
+
};
|
|
5692
|
+
const bootstrap = async (args) => {
|
|
5693
|
+
const { actionProvider: actionProvider2 } = getService("permission");
|
|
5694
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
5695
|
+
await actionProvider2.registerMany(actions.sso);
|
|
5696
|
+
}
|
|
5697
|
+
if (strapi.ee.features.isEnabled("audit-logs")) {
|
|
5698
|
+
await persistTablesWithPrefix("strapi_audit_logs");
|
|
5699
|
+
await actionProvider2.registerMany(actions.auditLogs);
|
|
5700
|
+
}
|
|
5701
|
+
await getService("seat-enforcement").seatEnforcementWorkflow();
|
|
5702
|
+
await bootstrap$1(args);
|
|
5703
|
+
};
|
|
5704
|
+
const destroy = async ({ strapi: strapi2 }) => {
|
|
5705
|
+
await destroy$1();
|
|
5706
|
+
};
|
|
5707
|
+
const adminContentTypes = {};
|
|
5708
|
+
const isSsoLocked = async (user2) => {
|
|
5709
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5710
|
+
return false;
|
|
5711
|
+
}
|
|
5712
|
+
if (!user2) {
|
|
5713
|
+
throw new Error("Missing user object");
|
|
5714
|
+
}
|
|
5715
|
+
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
5716
|
+
const { providers: providers2 } = await adminStore.get({ key: "auth" });
|
|
5717
|
+
const lockedRoles = providers2.ssoLockedRoles ?? [];
|
|
5718
|
+
if (isEmpty(lockedRoles)) {
|
|
5719
|
+
return false;
|
|
5720
|
+
}
|
|
5721
|
+
const roles2 = (
|
|
5722
|
+
// If the roles are pre-loaded for the given user, then use them
|
|
5723
|
+
user2.roles ?? // Otherwise, try to load the role based on the given user ID
|
|
5724
|
+
await strapi.db.query("admin::user").load(user2, "roles", { roles: { fields: ["id"] } }) ?? // If the query fails somehow, default to an empty array
|
|
5725
|
+
[]
|
|
5726
|
+
);
|
|
5727
|
+
const isLocked = lockedRoles.some(
|
|
5728
|
+
(lockedId) => (
|
|
5729
|
+
// lockedRoles will be a string to avoid issues with frontend and bigints
|
|
5730
|
+
roles2.some((role2) => lockedId === role2.id.toString())
|
|
5731
|
+
)
|
|
5732
|
+
);
|
|
5733
|
+
return isLocked;
|
|
5734
|
+
};
|
|
5735
|
+
const { ApplicationError: ApplicationError$2 } = errors;
|
|
5736
|
+
const forgotPassword = async ({ email: email2 } = {}) => {
|
|
5737
|
+
const user2 = await strapi.db.query("admin::user").findOne({ where: { email: email2, isActive: true } });
|
|
5738
|
+
if (!user2 || await isSsoLocked(user2)) {
|
|
5739
|
+
return;
|
|
5740
|
+
}
|
|
5741
|
+
const resetPasswordToken = getService("token").createToken();
|
|
5742
|
+
await getService("user").updateById(user2.id, { resetPasswordToken });
|
|
5743
|
+
const url = `${strapi.config.get(
|
|
5744
|
+
"admin.absoluteUrl"
|
|
5745
|
+
)}/auth/reset-password?code=${resetPasswordToken}`;
|
|
5746
|
+
return strapi.plugin("email").service("email").sendTemplatedEmail(
|
|
5747
|
+
{
|
|
5748
|
+
to: user2.email,
|
|
5749
|
+
from: strapi.config.get("admin.forgotPassword.from"),
|
|
5750
|
+
replyTo: strapi.config.get("admin.forgotPassword.replyTo")
|
|
5751
|
+
},
|
|
5752
|
+
strapi.config.get("admin.forgotPassword.emailTemplate"),
|
|
5753
|
+
{
|
|
5754
|
+
url,
|
|
5755
|
+
user: ___default.pick(user2, ["email", "firstname", "lastname", "username"])
|
|
5756
|
+
}
|
|
5757
|
+
).catch((err) => {
|
|
5758
|
+
strapi.log.error(err);
|
|
5759
|
+
});
|
|
5760
|
+
};
|
|
5761
|
+
const resetPassword = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
5762
|
+
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { resetPasswordToken, isActive: true } });
|
|
5763
|
+
if (!matchingUser || await isSsoLocked(matchingUser)) {
|
|
5764
|
+
throw new ApplicationError$2();
|
|
5765
|
+
}
|
|
5766
|
+
return getService("user").updateById(matchingUser.id, {
|
|
5767
|
+
password: password2,
|
|
5768
|
+
resetPasswordToken: null
|
|
5769
|
+
});
|
|
5770
|
+
};
|
|
5771
|
+
const auth = {
|
|
5772
|
+
forgotPassword,
|
|
5773
|
+
resetPassword
|
|
5774
|
+
};
|
|
5775
|
+
const createProviderRegistry = () => {
|
|
5776
|
+
const registry = /* @__PURE__ */ new Map();
|
|
5777
|
+
Object.assign(registry, {
|
|
5778
|
+
register(provider) {
|
|
5779
|
+
if (strapi.isLoaded) {
|
|
5780
|
+
throw new Error(`You can't register new provider after the bootstrap`);
|
|
5781
|
+
}
|
|
5782
|
+
this.set(provider.uid, provider);
|
|
5783
|
+
},
|
|
5784
|
+
registerMany(providers2) {
|
|
5785
|
+
providers2.forEach((provider) => {
|
|
5786
|
+
this.register(provider);
|
|
5787
|
+
});
|
|
5788
|
+
},
|
|
5789
|
+
getAll() {
|
|
5790
|
+
return Array.from(this.values());
|
|
5791
|
+
}
|
|
5792
|
+
});
|
|
5793
|
+
return registry;
|
|
5794
|
+
};
|
|
5795
|
+
const providerRegistry = createProviderRegistry();
|
|
5796
|
+
const errorMessage = "SSO is disabled. Its functionnalities cannot be accessed.";
|
|
5797
|
+
const getStrategyCallbackURL = (providerName) => {
|
|
5798
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5799
|
+
throw new Error(errorMessage);
|
|
5800
|
+
}
|
|
5801
|
+
return `/admin/connect/${providerName}`;
|
|
5802
|
+
};
|
|
5803
|
+
const syncProviderRegistryWithConfig = () => {
|
|
5804
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5805
|
+
throw new Error(errorMessage);
|
|
5806
|
+
}
|
|
5807
|
+
const { providers: providers2 = [] } = strapi.config.get("admin.auth", {});
|
|
5808
|
+
providerRegistry.registerMany(providers2);
|
|
5809
|
+
};
|
|
5810
|
+
const SSOAuthEventsMapper = {
|
|
5811
|
+
onSSOAutoRegistration: "admin.auth.autoRegistration"
|
|
5812
|
+
};
|
|
5813
|
+
const sso$1 = {
|
|
5814
|
+
providerRegistry,
|
|
5815
|
+
getStrategyCallbackURL,
|
|
5816
|
+
syncProviderRegistryWithConfig,
|
|
5817
|
+
authEventsMapper: { ...passport$1.authEventsMapper, ...SSOAuthEventsMapper }
|
|
5818
|
+
};
|
|
5819
|
+
const { UnauthorizedError } = errors;
|
|
5820
|
+
const localStrategyMiddleware = async ([error, user2, message], done) => {
|
|
5821
|
+
if (user2 && !error && await isSsoLocked(user2)) {
|
|
5822
|
+
return done(
|
|
5823
|
+
new UnauthorizedError("Login not allowed, please contact your administrator", {
|
|
5824
|
+
code: "LOGIN_NOT_ALLOWED"
|
|
5825
|
+
}),
|
|
5826
|
+
user2,
|
|
5827
|
+
message
|
|
5828
|
+
);
|
|
5829
|
+
}
|
|
5830
|
+
return done(error, user2, message);
|
|
5831
|
+
};
|
|
5832
|
+
const getPassportStrategies = () => {
|
|
5833
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5834
|
+
return [createLocalStrategy(strapi)];
|
|
5835
|
+
}
|
|
5836
|
+
const localStrategy = createLocalStrategy(strapi, localStrategyMiddleware);
|
|
5837
|
+
if (!strapi.isLoaded) {
|
|
5838
|
+
sso$1.syncProviderRegistryWithConfig();
|
|
5839
|
+
}
|
|
5840
|
+
const providers2 = sso$1.providerRegistry.getAll();
|
|
5841
|
+
const strategies = providers2.map((provider) => provider.createStrategy(strapi));
|
|
5842
|
+
return [localStrategy, ...strategies];
|
|
5843
|
+
};
|
|
5844
|
+
const passport = {
|
|
5845
|
+
getPassportStrategies,
|
|
5846
|
+
...sso$1
|
|
5847
|
+
};
|
|
5848
|
+
const { ApplicationError: ApplicationError$1 } = errors;
|
|
5849
|
+
const ssoCheckRolesIdForDeletion = async (ids) => {
|
|
5850
|
+
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
5851
|
+
const {
|
|
5852
|
+
providers: { defaultRole }
|
|
5853
|
+
} = await adminStore.get({ key: "auth" });
|
|
5854
|
+
for (const roleId of ids) {
|
|
5855
|
+
if (defaultRole && toString(defaultRole) === toString(roleId)) {
|
|
5856
|
+
throw new ApplicationError$1(
|
|
5857
|
+
"This role is used as the default SSO role. Make sure to change this configuration before deleting the role"
|
|
5858
|
+
);
|
|
5859
|
+
}
|
|
5860
|
+
}
|
|
5861
|
+
};
|
|
5862
|
+
const role$1 = {
|
|
5863
|
+
ssoCheckRolesIdForDeletion
|
|
5864
|
+
};
|
|
5865
|
+
const { ValidationError: ValidationError$1 } = errors;
|
|
5866
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$1 } = constants$3;
|
|
5867
|
+
const updateEEDisabledUsersList = async (id, input) => {
|
|
5868
|
+
const disabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
5869
|
+
if (!disabledUsers) {
|
|
5870
|
+
return;
|
|
5871
|
+
}
|
|
5872
|
+
const user2 = disabledUsers.find((user22) => user22.id === Number(id));
|
|
5873
|
+
if (!user2) {
|
|
5874
|
+
return;
|
|
5875
|
+
}
|
|
5876
|
+
if (user2.isActive !== input.isActive) {
|
|
5877
|
+
const newDisabledUsersList = disabledUsers.filter((user22) => user22.id !== Number(id));
|
|
5878
|
+
await strapi.store.set({
|
|
5879
|
+
type: "ee",
|
|
5880
|
+
key: "disabled_users",
|
|
5881
|
+
value: newDisabledUsersList
|
|
5882
|
+
});
|
|
5883
|
+
}
|
|
5884
|
+
};
|
|
5885
|
+
const castNumberArray = pipe(castArray, map(toNumber));
|
|
5886
|
+
const removeFromEEDisabledUsersList = async (ids) => {
|
|
5887
|
+
let idsToCheck;
|
|
5888
|
+
if (typeof ids === "object") {
|
|
5889
|
+
idsToCheck = castNumberArray(ids);
|
|
5890
|
+
} else {
|
|
5891
|
+
idsToCheck = [Number(ids)];
|
|
5892
|
+
}
|
|
5893
|
+
const disabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
5894
|
+
if (!disabledUsers) {
|
|
5895
|
+
return;
|
|
5896
|
+
}
|
|
5897
|
+
const newDisabledUsersList = disabledUsers.filter((user2) => !idsToCheck.includes(user2.id));
|
|
5898
|
+
await strapi.store.set({
|
|
5899
|
+
type: "ee",
|
|
5900
|
+
key: "disabled_users",
|
|
5901
|
+
value: newDisabledUsersList
|
|
5902
|
+
});
|
|
5903
|
+
};
|
|
5904
|
+
const updateById = async (id, attributes) => {
|
|
5905
|
+
if (___default.has(attributes, "roles")) {
|
|
5906
|
+
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
5907
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5908
|
+
const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles, superAdminRole.id);
|
|
5909
|
+
if (lastAdminUser && willRemoveSuperAdminRole) {
|
|
5910
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5911
|
+
}
|
|
5912
|
+
}
|
|
5913
|
+
if (attributes.isActive === false) {
|
|
5914
|
+
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
5915
|
+
if (lastAdminUser) {
|
|
5916
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5917
|
+
}
|
|
5918
|
+
}
|
|
5919
|
+
if (___default.has(attributes, "password")) {
|
|
5920
|
+
const hashedPassword = await getService("auth").hashPassword(attributes.password);
|
|
5921
|
+
const updatedUser2 = await strapi.db.query("admin::user").update({
|
|
5922
|
+
where: { id },
|
|
5923
|
+
data: {
|
|
5924
|
+
...attributes,
|
|
5925
|
+
password: hashedPassword
|
|
5926
|
+
},
|
|
5927
|
+
populate: ["roles"]
|
|
5928
|
+
});
|
|
5929
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser2) });
|
|
5930
|
+
return updatedUser2;
|
|
5931
|
+
}
|
|
5932
|
+
const updatedUser = await strapi.db.query("admin::user").update({
|
|
5933
|
+
where: { id },
|
|
5934
|
+
data: attributes,
|
|
5935
|
+
populate: ["roles"]
|
|
5936
|
+
});
|
|
5937
|
+
await updateEEDisabledUsersList(id, attributes);
|
|
5938
|
+
if (updatedUser) {
|
|
5939
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser) });
|
|
5940
|
+
}
|
|
5941
|
+
return updatedUser;
|
|
5942
|
+
};
|
|
5943
|
+
const deleteById = async (id) => {
|
|
5944
|
+
const userToDelete = await strapi.db.query("admin::user").findOne({
|
|
5945
|
+
where: { id },
|
|
5946
|
+
populate: ["roles"]
|
|
5947
|
+
});
|
|
5948
|
+
if (!userToDelete) {
|
|
5949
|
+
return null;
|
|
5950
|
+
}
|
|
5951
|
+
if (userToDelete) {
|
|
5952
|
+
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$1)) {
|
|
5953
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5954
|
+
if (superAdminRole.usersCount === 1) {
|
|
5955
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5956
|
+
}
|
|
5957
|
+
}
|
|
5958
|
+
}
|
|
5959
|
+
const deletedUser = await strapi.db.query("admin::user").delete({ where: { id }, populate: ["roles"] });
|
|
5960
|
+
await removeFromEEDisabledUsersList(id);
|
|
5961
|
+
strapi.eventHub.emit("user.delete", { user: sanitizeUser(deletedUser) });
|
|
5962
|
+
return deletedUser;
|
|
5963
|
+
};
|
|
5964
|
+
const deleteByIds = async (ids) => {
|
|
5965
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5966
|
+
const nbOfSuperAdminToDelete = await strapi.db.query("admin::user").count({
|
|
5967
|
+
where: {
|
|
5968
|
+
id: ids,
|
|
5969
|
+
roles: { id: superAdminRole.id }
|
|
5970
|
+
}
|
|
5971
|
+
});
|
|
5972
|
+
if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
|
|
5973
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5974
|
+
}
|
|
5975
|
+
const deletedUsers = [];
|
|
5976
|
+
for (const id of ids) {
|
|
5977
|
+
const deletedUser = await strapi.db.query("admin::user").delete({
|
|
5978
|
+
where: { id },
|
|
5979
|
+
populate: ["roles"]
|
|
5980
|
+
});
|
|
5981
|
+
deletedUsers.push(deletedUser);
|
|
5982
|
+
}
|
|
5983
|
+
await removeFromEEDisabledUsersList(ids);
|
|
5984
|
+
strapi.eventHub.emit("user.delete", {
|
|
5985
|
+
users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser))
|
|
5986
|
+
});
|
|
5987
|
+
return deletedUsers;
|
|
5988
|
+
};
|
|
5989
|
+
const sanitizeUserRoles = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
5990
|
+
const isLastSuperAdminUser = async (userId) => {
|
|
5991
|
+
const user2 = await findOne(userId);
|
|
5992
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5993
|
+
return superAdminRole.usersCount === 1 && hasSuperAdminRole$1(user2);
|
|
5994
|
+
};
|
|
5995
|
+
const sanitizeUser = (user2) => {
|
|
5996
|
+
return {
|
|
5997
|
+
...___default.omit(user2, ["password", "resetPasswordToken", "registrationToken", "roles"]),
|
|
5998
|
+
roles: user2.roles && user2.roles.map(sanitizeUserRoles)
|
|
5999
|
+
};
|
|
6000
|
+
};
|
|
6001
|
+
const findOne = async (id, populate = ["roles"]) => {
|
|
6002
|
+
return strapi.db.query("admin::user").findOne({ where: { id }, populate });
|
|
6003
|
+
};
|
|
6004
|
+
const getCurrentActiveUserCount = async () => {
|
|
6005
|
+
return strapi.db.query("admin::user").count({ where: { isActive: true } });
|
|
6006
|
+
};
|
|
6007
|
+
const user$1 = {
|
|
6008
|
+
updateEEDisabledUsersList,
|
|
6009
|
+
removeFromEEDisabledUsersList,
|
|
6010
|
+
getCurrentActiveUserCount,
|
|
6011
|
+
deleteByIds,
|
|
6012
|
+
deleteById,
|
|
6013
|
+
updateById
|
|
6014
|
+
};
|
|
6015
|
+
const getSSOProvidersList = async () => {
|
|
6016
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6017
|
+
return providerRegistry2.getAll().map(({ uid }) => uid);
|
|
6018
|
+
};
|
|
6019
|
+
const sendUpdateProjectInformation = async (strapi2) => {
|
|
6020
|
+
let groupProperties = {};
|
|
6021
|
+
const numberOfActiveAdminUsers = await getService("user").count({ isActive: true });
|
|
6022
|
+
const numberOfAdminUsers = await getService("user").count();
|
|
6023
|
+
if (strapi2.ee.features.isEnabled("sso")) {
|
|
6024
|
+
const SSOProviders = await getSSOProvidersList();
|
|
6025
|
+
groupProperties = assign(groupProperties, {
|
|
6026
|
+
SSOProviders,
|
|
6027
|
+
isSSOConfigured: SSOProviders.length !== 0
|
|
6028
|
+
});
|
|
6029
|
+
}
|
|
6030
|
+
if (strapi2.ee.features.isEnabled("cms-content-releases")) {
|
|
6031
|
+
const numberOfContentReleases = await strapi2.db.query("plugin::content-releases.release").count();
|
|
6032
|
+
const numberOfPublishedContentReleases = await strapi2.db.query("plugin::content-releases.release").count({
|
|
6033
|
+
filters: { releasedAt: { $notNull: true } }
|
|
6034
|
+
});
|
|
6035
|
+
groupProperties = assign(groupProperties, {
|
|
6036
|
+
numberOfContentReleases,
|
|
6037
|
+
numberOfPublishedContentReleases
|
|
6038
|
+
});
|
|
6039
|
+
}
|
|
6040
|
+
groupProperties = assign(groupProperties, { numberOfActiveAdminUsers, numberOfAdminUsers });
|
|
6041
|
+
strapi2.telemetry.send("didUpdateProjectInformation", {
|
|
6042
|
+
groupProperties
|
|
6043
|
+
});
|
|
6044
|
+
};
|
|
6045
|
+
const startCron = (strapi2) => {
|
|
6046
|
+
strapi2.cron.add({
|
|
6047
|
+
"0 0 0 * * *": () => sendUpdateProjectInformation(strapi2)
|
|
6048
|
+
});
|
|
6049
|
+
};
|
|
6050
|
+
const metrics = { startCron, getSSOProvidersList, sendUpdateProjectInformation };
|
|
6051
|
+
const { SUPER_ADMIN_CODE } = constants$3;
|
|
6052
|
+
const getDisabledUserList = async () => {
|
|
6053
|
+
return strapi.store.get({ type: "ee", key: "disabled_users" });
|
|
6054
|
+
};
|
|
6055
|
+
const enableMaximumUserCount = async (numberOfUsersToEnable) => {
|
|
6056
|
+
const disabledUsers = await getDisabledUserList();
|
|
6057
|
+
const orderedDisabledUsers = reverse(disabledUsers);
|
|
6058
|
+
const usersToEnable = take(numberOfUsersToEnable, orderedDisabledUsers);
|
|
6059
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6060
|
+
where: { id: map(prop("id"), usersToEnable) },
|
|
6061
|
+
data: { isActive: true }
|
|
6062
|
+
});
|
|
6063
|
+
const remainingDisabledUsers = drop(numberOfUsersToEnable, orderedDisabledUsers);
|
|
6064
|
+
await strapi.store.set({
|
|
6065
|
+
type: "ee",
|
|
6066
|
+
key: "disabled_users",
|
|
6067
|
+
value: remainingDisabledUsers
|
|
6068
|
+
});
|
|
6069
|
+
};
|
|
6070
|
+
const disableUsersAboveLicenseLimit = async (numberOfUsersToDisable) => {
|
|
6071
|
+
const currentlyDisabledUsers = await getDisabledUserList() ?? [];
|
|
6072
|
+
const usersToDisable = [];
|
|
6073
|
+
const nonSuperAdminUsersToDisable = await strapi.db.query("admin::user").findMany({
|
|
6074
|
+
where: {
|
|
6075
|
+
isActive: true,
|
|
6076
|
+
roles: {
|
|
6077
|
+
code: { $ne: SUPER_ADMIN_CODE }
|
|
6078
|
+
}
|
|
6079
|
+
},
|
|
6080
|
+
orderBy: { createdAt: "DESC" },
|
|
6081
|
+
limit: numberOfUsersToDisable
|
|
6082
|
+
});
|
|
6083
|
+
usersToDisable.push(...nonSuperAdminUsersToDisable);
|
|
6084
|
+
if (nonSuperAdminUsersToDisable.length < numberOfUsersToDisable) {
|
|
6085
|
+
const superAdminUsersToDisable = await strapi.db.query("admin::user").findMany({
|
|
6086
|
+
where: {
|
|
6087
|
+
isActive: true,
|
|
6088
|
+
roles: { code: SUPER_ADMIN_CODE }
|
|
6089
|
+
},
|
|
6090
|
+
orderBy: { createdAt: "DESC" },
|
|
6091
|
+
limit: numberOfUsersToDisable - nonSuperAdminUsersToDisable.length
|
|
6092
|
+
});
|
|
6093
|
+
usersToDisable.push(...superAdminUsersToDisable);
|
|
6094
|
+
}
|
|
6095
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6096
|
+
where: { id: map(prop("id"), usersToDisable) },
|
|
6097
|
+
data: { isActive: false }
|
|
6098
|
+
});
|
|
6099
|
+
await strapi.store.set({
|
|
6100
|
+
type: "ee",
|
|
6101
|
+
key: "disabled_users",
|
|
6102
|
+
value: currentlyDisabledUsers.concat(map(pick(["id", "isActive"]), usersToDisable))
|
|
6103
|
+
});
|
|
6104
|
+
};
|
|
6105
|
+
const syncDisabledUserRecords = async () => {
|
|
6106
|
+
const disabledUsers = await strapi.store.get({ type: "ee", key: "disabled_users" });
|
|
6107
|
+
if (!disabledUsers) {
|
|
6108
|
+
return;
|
|
6109
|
+
}
|
|
6110
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6111
|
+
where: { id: map(prop("id"), disabledUsers) },
|
|
6112
|
+
data: { isActive: false }
|
|
6113
|
+
});
|
|
6114
|
+
};
|
|
6115
|
+
const seatEnforcementWorkflow = async () => {
|
|
6116
|
+
const adminSeats = strapi.ee.seats;
|
|
6117
|
+
if (isNil(adminSeats)) {
|
|
6118
|
+
return;
|
|
6119
|
+
}
|
|
6120
|
+
await syncDisabledUserRecords();
|
|
6121
|
+
const currentActiveUserCount = await getService("user").getCurrentActiveUserCount();
|
|
6122
|
+
const adminSeatsLeft = adminSeats - currentActiveUserCount;
|
|
6123
|
+
if (adminSeatsLeft > 0) {
|
|
6124
|
+
await enableMaximumUserCount(adminSeatsLeft);
|
|
6125
|
+
} else if (adminSeatsLeft < 0) {
|
|
6126
|
+
await disableUsersAboveLicenseLimit(-adminSeatsLeft);
|
|
6127
|
+
}
|
|
6128
|
+
};
|
|
6129
|
+
const seatEnforcement = {
|
|
6130
|
+
seatEnforcementWorkflow,
|
|
6131
|
+
getDisabledUserList
|
|
6132
|
+
};
|
|
6133
|
+
const services = {
|
|
6134
|
+
auth,
|
|
6135
|
+
passport,
|
|
6136
|
+
role: role$1,
|
|
6137
|
+
user: user$1,
|
|
6138
|
+
metrics,
|
|
6139
|
+
"seat-enforcement": seatEnforcement
|
|
6140
|
+
};
|
|
6141
|
+
const providerOptionsUpdateSchema = yup.object().shape({
|
|
6142
|
+
autoRegister: yup.boolean().required(),
|
|
6143
|
+
defaultRole: yup.strapiID().when("autoRegister", (value, initSchema) => {
|
|
6144
|
+
return value ? initSchema.required() : initSchema.nullable();
|
|
6145
|
+
}).test("is-valid-role", "You must submit a valid default role", (roleId) => {
|
|
6146
|
+
if (roleId === null) {
|
|
6147
|
+
return true;
|
|
6148
|
+
}
|
|
6149
|
+
return strapi.service("admin::role").exists({ id: roleId });
|
|
6150
|
+
}),
|
|
6151
|
+
ssoLockedRoles: yup.array().nullable().of(
|
|
6152
|
+
yup.strapiID().test(
|
|
6153
|
+
"is-valid-role",
|
|
6154
|
+
"You must submit a valid role for the SSO Locked roles",
|
|
6155
|
+
(roleId) => {
|
|
6156
|
+
return strapi.service("admin::role").exists({ id: roleId });
|
|
6157
|
+
}
|
|
6158
|
+
)
|
|
6159
|
+
)
|
|
6160
|
+
});
|
|
6161
|
+
const validateProviderOptionsUpdate = validateYupSchema(providerOptionsUpdateSchema);
|
|
6162
|
+
const PROVIDER_REDIRECT_BASE = "/auth/login";
|
|
6163
|
+
const PROVIDER_REDIRECT_SUCCESS = `${PROVIDER_REDIRECT_BASE}/success`;
|
|
6164
|
+
const PROVIDER_REDIRECT_ERROR = `${PROVIDER_REDIRECT_BASE}/error`;
|
|
6165
|
+
const PROVIDER_URLS_MAP = {
|
|
6166
|
+
success: PROVIDER_REDIRECT_SUCCESS,
|
|
6167
|
+
error: PROVIDER_REDIRECT_ERROR
|
|
6168
|
+
};
|
|
6169
|
+
const getAdminStore = async () => strapi.store({ type: "core", name: "admin" });
|
|
6170
|
+
const getPrefixedRedirectUrls = () => {
|
|
6171
|
+
const { url: adminUrl } = strapi.config.get("admin");
|
|
6172
|
+
const prefixUrl = (url) => `${adminUrl || "/admin"}${url}`;
|
|
6173
|
+
return mapValues(prefixUrl, PROVIDER_URLS_MAP);
|
|
6174
|
+
};
|
|
6175
|
+
const utils = {
|
|
6176
|
+
getAdminStore,
|
|
6177
|
+
getPrefixedRedirectUrls
|
|
6178
|
+
};
|
|
6179
|
+
const defaultConnectionError = () => new Error("Invalid connection payload");
|
|
6180
|
+
const authenticate = async (ctx, next) => {
|
|
6181
|
+
const {
|
|
6182
|
+
params: { provider }
|
|
6183
|
+
} = ctx;
|
|
6184
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6185
|
+
return passport$2.authenticate(provider, null, async (error, profile) => {
|
|
6186
|
+
if (error || !profile || !profile.email) {
|
|
6187
|
+
if (error) {
|
|
6188
|
+
strapi.log.error(error);
|
|
6189
|
+
}
|
|
6190
|
+
strapi.eventHub.emit("admin.auth.error", {
|
|
6191
|
+
error: error || defaultConnectionError(),
|
|
6192
|
+
provider
|
|
6193
|
+
});
|
|
6194
|
+
return ctx.redirect(redirectUrls.error);
|
|
6195
|
+
}
|
|
6196
|
+
const user2 = await getService("user").findOneByEmail(profile.email);
|
|
6197
|
+
const scenario = user2 ? existingUserScenario : nonExistingUserScenario;
|
|
6198
|
+
return scenario(ctx, next)(user2 || profile, provider);
|
|
6199
|
+
})(ctx, next);
|
|
6200
|
+
};
|
|
6201
|
+
const existingUserScenario = (ctx, next) => async (user2, provider) => {
|
|
6202
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6203
|
+
if (!user2.isActive) {
|
|
6204
|
+
strapi.eventHub.emit("admin.auth.error", {
|
|
6205
|
+
error: new Error(`Deactivated user tried to login (${user2.id})`),
|
|
6206
|
+
provider
|
|
6207
|
+
});
|
|
6208
|
+
return ctx.redirect(redirectUrls.error);
|
|
6209
|
+
}
|
|
6210
|
+
ctx.state.user = user2;
|
|
6211
|
+
return next();
|
|
6212
|
+
};
|
|
6213
|
+
const nonExistingUserScenario = (ctx, next) => async (profile, provider) => {
|
|
6214
|
+
const { email: email2, firstname: firstname2, lastname: lastname2, username: username2 } = profile;
|
|
6215
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6216
|
+
const adminStore = await utils.getAdminStore();
|
|
6217
|
+
const { providers: providers2 } = await adminStore.get({ key: "auth" });
|
|
6218
|
+
const isMissingRegisterFields = !username2 && (!firstname2 || !lastname2);
|
|
6219
|
+
if (!providers2.autoRegister || !providers2.defaultRole || isMissingRegisterFields) {
|
|
6220
|
+
strapi.eventHub.emit("admin.auth.error", { error: defaultConnectionError(), provider });
|
|
6221
|
+
return ctx.redirect(redirectUrls.error);
|
|
6222
|
+
}
|
|
6223
|
+
const defaultRole = await getService("role").findOne({ id: providers2.defaultRole });
|
|
6224
|
+
if (!defaultRole) {
|
|
6225
|
+
strapi.eventHub.emit("admin.auth.error", { error: defaultConnectionError(), provider });
|
|
6226
|
+
return ctx.redirect(redirectUrls.error);
|
|
6227
|
+
}
|
|
6228
|
+
ctx.state.user = await getService("user").create({
|
|
6229
|
+
email: email2,
|
|
6230
|
+
username: username2,
|
|
6231
|
+
firstname: firstname2,
|
|
6232
|
+
lastname: lastname2,
|
|
6233
|
+
roles: [defaultRole.id],
|
|
6234
|
+
isActive: true,
|
|
6235
|
+
registrationToken: null
|
|
6236
|
+
});
|
|
6237
|
+
strapi.eventHub.emit("admin.auth.autoRegistration", {
|
|
6238
|
+
user: ctx.state.user,
|
|
6239
|
+
provider
|
|
6240
|
+
});
|
|
6241
|
+
return next();
|
|
6242
|
+
};
|
|
6243
|
+
const redirectWithAuth = (ctx) => {
|
|
6244
|
+
const {
|
|
6245
|
+
params: { provider }
|
|
6246
|
+
} = ctx;
|
|
6247
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6248
|
+
const domain2 = strapi.config.get("admin.auth.domain");
|
|
6249
|
+
const { user: user2 } = ctx.state;
|
|
6250
|
+
const jwt2 = getService("token").createJwtToken(user2);
|
|
6251
|
+
const isProduction = strapi.config.get("environment") === "production";
|
|
6252
|
+
const cookiesOptions = { httpOnly: false, secure: isProduction, overwrite: true, domain: domain2 };
|
|
6253
|
+
const sanitizedUser = getService("user").sanitizeUser(user2);
|
|
6254
|
+
strapi.eventHub.emit("admin.auth.success", { user: sanitizedUser, provider });
|
|
6255
|
+
ctx.cookies.set("jwtToken", jwt2, cookiesOptions);
|
|
6256
|
+
ctx.redirect(redirectUrls.success);
|
|
6257
|
+
};
|
|
6258
|
+
const middlewares = {
|
|
6259
|
+
authenticate,
|
|
6260
|
+
redirectWithAuth
|
|
6261
|
+
};
|
|
6262
|
+
const toProviderDTO = pick(["uid", "displayName", "icon"]);
|
|
6263
|
+
const toProviderLoginOptionsDTO = pick(["autoRegister", "defaultRole", "ssoLockedRoles"]);
|
|
6264
|
+
const { ValidationError } = errors;
|
|
6265
|
+
const providerAuthenticationFlow = compose([
|
|
6266
|
+
middlewares.authenticate,
|
|
6267
|
+
middlewares.redirectWithAuth
|
|
6268
|
+
]);
|
|
6269
|
+
const authentication = {
|
|
6270
|
+
async getProviders(ctx) {
|
|
6271
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6272
|
+
ctx.body = providerRegistry2.getAll().map(toProviderDTO);
|
|
6273
|
+
},
|
|
6274
|
+
async getProviderLoginOptions(ctx) {
|
|
6275
|
+
const adminStore = await utils.getAdminStore();
|
|
6276
|
+
const { providers: providersOptions } = await adminStore.get({ key: "auth" });
|
|
6277
|
+
ctx.body = {
|
|
6278
|
+
data: toProviderLoginOptionsDTO(providersOptions)
|
|
6279
|
+
};
|
|
6280
|
+
},
|
|
6281
|
+
async updateProviderLoginOptions(ctx) {
|
|
6282
|
+
const {
|
|
6283
|
+
request: { body }
|
|
6284
|
+
} = ctx;
|
|
6285
|
+
await validateProviderOptionsUpdate(body);
|
|
6286
|
+
const adminStore = await utils.getAdminStore();
|
|
6287
|
+
const currentAuthOptions = await adminStore.get({ key: "auth" });
|
|
6288
|
+
const newAuthOptions = { ...currentAuthOptions, providers: body };
|
|
6289
|
+
await adminStore.set({ key: "auth", value: newAuthOptions });
|
|
6290
|
+
strapi.telemetry.send("didUpdateSSOSettings");
|
|
6291
|
+
ctx.body = {
|
|
6292
|
+
data: toProviderLoginOptionsDTO(newAuthOptions.providers)
|
|
6293
|
+
};
|
|
6294
|
+
},
|
|
6295
|
+
providerLogin(ctx, next) {
|
|
6296
|
+
const {
|
|
6297
|
+
params: { provider: providerName }
|
|
6298
|
+
} = ctx;
|
|
6299
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6300
|
+
if (!providerRegistry2.has(providerName)) {
|
|
6301
|
+
throw new ValidationError(`Invalid provider supplied: ${providerName}`);
|
|
6302
|
+
}
|
|
6303
|
+
return providerAuthenticationFlow(ctx, next);
|
|
6304
|
+
}
|
|
6305
|
+
};
|
|
6306
|
+
const roleCreateSchema = yup.object().shape({
|
|
6307
|
+
name: yup.string().min(1).required(),
|
|
6308
|
+
description: yup.string().nullable()
|
|
6309
|
+
}).noUnknown();
|
|
6310
|
+
const rolesDeleteSchema = yup.object().shape({
|
|
6311
|
+
ids: yup.array().of(yup.strapiID()).min(1).required().test(
|
|
6312
|
+
"roles-deletion-checks",
|
|
6313
|
+
"Roles deletion checks have failed",
|
|
6314
|
+
async function rolesDeletionChecks(ids) {
|
|
6315
|
+
try {
|
|
6316
|
+
await strapi.service("admin::role").checkRolesIdForDeletion(ids);
|
|
6317
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6318
|
+
await strapi.service("admin::role").ssoCheckRolesIdForDeletion(ids);
|
|
6319
|
+
}
|
|
6320
|
+
} catch (e) {
|
|
6321
|
+
return this.createError({ path: "ids", message: e.message });
|
|
6322
|
+
}
|
|
6323
|
+
return true;
|
|
6324
|
+
}
|
|
6325
|
+
)
|
|
6326
|
+
}).noUnknown();
|
|
6327
|
+
const roleDeleteSchema = yup.strapiID().required().test(
|
|
6328
|
+
"no-admin-single-delete",
|
|
6329
|
+
"Role deletion checks have failed",
|
|
6330
|
+
async function noAdminSingleDelete(id) {
|
|
6331
|
+
try {
|
|
6332
|
+
await strapi.service("admin::role").checkRolesIdForDeletion([id]);
|
|
6333
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6334
|
+
await strapi.service("admin::role").ssoCheckRolesIdForDeletion([id]);
|
|
6335
|
+
}
|
|
6336
|
+
} catch (e) {
|
|
6337
|
+
return this.createError({ path: "id", message: e.message });
|
|
6338
|
+
}
|
|
6339
|
+
return true;
|
|
6340
|
+
}
|
|
6341
|
+
);
|
|
6342
|
+
const validateRoleCreateInput = validateYupSchema(roleCreateSchema);
|
|
6343
|
+
const validateRolesDeleteInput = validateYupSchema(rolesDeleteSchema);
|
|
6344
|
+
const validateRoleDeleteInput = validateYupSchema(roleDeleteSchema);
|
|
6345
|
+
const role = {
|
|
6346
|
+
/**
|
|
6347
|
+
* Create a new role
|
|
6348
|
+
* @param {KoaContext} ctx - koa context
|
|
6349
|
+
*/
|
|
6350
|
+
async create(ctx) {
|
|
6351
|
+
await validateRoleCreateInput(ctx.request.body);
|
|
6352
|
+
const roleService = getService("role");
|
|
6353
|
+
const role2 = await roleService.create(ctx.request.body);
|
|
6354
|
+
const sanitizedRole = roleService.sanitizeRole(role2);
|
|
6355
|
+
ctx.created({ data: sanitizedRole });
|
|
6356
|
+
},
|
|
6357
|
+
/**
|
|
6358
|
+
* Delete a role
|
|
6359
|
+
* @param {KoaContext} ctx - koa context
|
|
6360
|
+
*/
|
|
6361
|
+
async deleteOne(ctx) {
|
|
6362
|
+
const { id } = ctx.params;
|
|
6363
|
+
await validateRoleDeleteInput(id);
|
|
6364
|
+
const roleService = getService("role");
|
|
6365
|
+
const roles2 = await roleService.deleteByIds([id]);
|
|
6366
|
+
const sanitizedRole = roles2.map((role2) => roleService.sanitizeRole(role2))[0] || null;
|
|
6367
|
+
return ctx.deleted({
|
|
6368
|
+
data: sanitizedRole
|
|
6369
|
+
});
|
|
6370
|
+
},
|
|
6371
|
+
/**
|
|
6372
|
+
* delete several roles
|
|
6373
|
+
* @param {KoaContext} ctx - koa context
|
|
6374
|
+
*/
|
|
6375
|
+
async deleteMany(ctx) {
|
|
6376
|
+
const { body } = ctx.request;
|
|
6377
|
+
await validateRolesDeleteInput(body);
|
|
6378
|
+
const roleService = getService("role");
|
|
6379
|
+
const roles2 = await roleService.deleteByIds(body.ids);
|
|
6380
|
+
const sanitizedRoles = roles2.map(roleService.sanitizeRole);
|
|
6381
|
+
return ctx.deleted({
|
|
6382
|
+
data: sanitizedRoles
|
|
6383
|
+
});
|
|
6384
|
+
}
|
|
6385
|
+
};
|
|
6386
|
+
const ssoUserCreationInputExtension = yup.object().shape({
|
|
6387
|
+
useSSORegistration: yup.boolean()
|
|
6388
|
+
}).noUnknown();
|
|
6389
|
+
const validateUserCreationInput = (data) => {
|
|
6390
|
+
let schema = schemas.userCreationSchema;
|
|
6391
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6392
|
+
schema = schema.concat(ssoUserCreationInputExtension);
|
|
6393
|
+
}
|
|
6394
|
+
return validateYupSchema(schema)(data);
|
|
6395
|
+
};
|
|
6396
|
+
const { ApplicationError, ForbiddenError } = errors;
|
|
6397
|
+
const pickUserCreationAttributes = pick(["firstname", "lastname", "email", "roles"]);
|
|
6398
|
+
const hasAdminSeatsAvaialble = async () => {
|
|
6399
|
+
if (!strapi.EE) {
|
|
6400
|
+
return true;
|
|
6401
|
+
}
|
|
6402
|
+
const permittedSeats = strapi.ee.seats;
|
|
6403
|
+
if (isNil(permittedSeats)) {
|
|
6404
|
+
return true;
|
|
6405
|
+
}
|
|
6406
|
+
const userCount = await strapi.service("admin::user").getCurrentActiveUserCount();
|
|
6407
|
+
if (userCount < permittedSeats) {
|
|
6408
|
+
return true;
|
|
6409
|
+
}
|
|
6410
|
+
};
|
|
6411
|
+
const user = {
|
|
6412
|
+
async create(ctx) {
|
|
6413
|
+
if (!await hasAdminSeatsAvaialble()) {
|
|
6414
|
+
throw new ForbiddenError("License seat limit reached. You cannot create a new user");
|
|
6415
|
+
}
|
|
6416
|
+
const { body } = ctx.request;
|
|
6417
|
+
const cleanData = { ...body, email: ___default.get(body, `email`, ``).toLowerCase() };
|
|
6418
|
+
await validateUserCreationInput(cleanData);
|
|
6419
|
+
const attributes = pickUserCreationAttributes(cleanData);
|
|
6420
|
+
const { useSSORegistration } = cleanData;
|
|
6421
|
+
const userAlreadyExists = await getService("user").exists({ email: attributes.email });
|
|
6422
|
+
if (userAlreadyExists) {
|
|
6423
|
+
throw new ApplicationError("Email already taken");
|
|
6424
|
+
}
|
|
6425
|
+
if (useSSORegistration) {
|
|
6426
|
+
Object.assign(attributes, { registrationToken: null, isActive: true });
|
|
6427
|
+
}
|
|
6428
|
+
const createdUser = await getService("user").create(attributes);
|
|
6429
|
+
const userInfo = getService("user").sanitizeUser(createdUser);
|
|
6430
|
+
Object.assign(userInfo, { registrationToken: createdUser.registrationToken });
|
|
6431
|
+
ctx.created({ data: userInfo });
|
|
6432
|
+
},
|
|
6433
|
+
async update(ctx) {
|
|
6434
|
+
const { id } = ctx.params;
|
|
6435
|
+
const { body: input } = ctx.request;
|
|
6436
|
+
await validateUserUpdateInput(input);
|
|
6437
|
+
if (___default.has(input, "email")) {
|
|
6438
|
+
const uniqueEmailCheck = await getService("user").exists({
|
|
6439
|
+
id: { $ne: id },
|
|
6440
|
+
email: input.email
|
|
6441
|
+
});
|
|
6442
|
+
if (uniqueEmailCheck) {
|
|
6443
|
+
throw new ApplicationError("A user with this email address already exists");
|
|
6444
|
+
}
|
|
6445
|
+
}
|
|
6446
|
+
const user2 = await getService("user").findOne(id, null);
|
|
6447
|
+
if (!await hasAdminSeatsAvaialble() && !user2.isActive && input.isActive) {
|
|
6448
|
+
throw new ForbiddenError("License seat limit reached. You cannot active this user");
|
|
6449
|
+
}
|
|
6450
|
+
const updatedUser = await getService("user").updateById(id, input);
|
|
6451
|
+
if (!updatedUser) {
|
|
6452
|
+
return ctx.notFound("User does not exist");
|
|
6453
|
+
}
|
|
6454
|
+
ctx.body = {
|
|
6455
|
+
data: getService("user").sanitizeUser(updatedUser)
|
|
6456
|
+
};
|
|
6457
|
+
},
|
|
6458
|
+
async isSSOLocked(ctx) {
|
|
6459
|
+
const { user: user2 } = ctx.state;
|
|
6460
|
+
const isSSOLocked = await isSsoLocked(user2);
|
|
6461
|
+
ctx.body = {
|
|
6462
|
+
data: {
|
|
6463
|
+
isSSOLocked
|
|
6464
|
+
}
|
|
6465
|
+
};
|
|
6466
|
+
}
|
|
6467
|
+
};
|
|
6468
|
+
const admin$2 = {
|
|
6469
|
+
// NOTE: Overrides CE admin controller
|
|
6470
|
+
async getProjectType() {
|
|
6471
|
+
const flags = strapi.config.get("admin.flags", {});
|
|
6472
|
+
try {
|
|
6473
|
+
return { data: { isEE: strapi.EE, features: strapi.ee.features.list(), flags } };
|
|
6474
|
+
} catch (err) {
|
|
6475
|
+
return { data: { isEE: false, features: [], flags } };
|
|
6476
|
+
}
|
|
6477
|
+
},
|
|
6478
|
+
async licenseLimitInformation() {
|
|
6479
|
+
const permittedSeats = strapi.ee.seats;
|
|
6480
|
+
let shouldNotify = false;
|
|
6481
|
+
let licenseLimitStatus = null;
|
|
6482
|
+
let enforcementUserCount;
|
|
6483
|
+
const currentActiveUserCount = await getService("user").getCurrentActiveUserCount();
|
|
6484
|
+
const eeDisabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
6485
|
+
if (eeDisabledUsers) {
|
|
6486
|
+
enforcementUserCount = currentActiveUserCount + eeDisabledUsers.length;
|
|
6487
|
+
} else {
|
|
6488
|
+
enforcementUserCount = currentActiveUserCount;
|
|
6489
|
+
}
|
|
6490
|
+
if (!isNil(permittedSeats) && enforcementUserCount > permittedSeats) {
|
|
6491
|
+
shouldNotify = true;
|
|
6492
|
+
licenseLimitStatus = "OVER_LIMIT";
|
|
6493
|
+
}
|
|
6494
|
+
if (!isNil(permittedSeats) && enforcementUserCount === permittedSeats) {
|
|
6495
|
+
shouldNotify = true;
|
|
6496
|
+
licenseLimitStatus = "AT_LIMIT";
|
|
6497
|
+
}
|
|
6498
|
+
const data = {
|
|
6499
|
+
enforcementUserCount,
|
|
6500
|
+
currentActiveUserCount,
|
|
6501
|
+
permittedSeats,
|
|
6502
|
+
shouldNotify,
|
|
6503
|
+
shouldStopCreate: isNil(permittedSeats) ? false : currentActiveUserCount >= permittedSeats,
|
|
6504
|
+
licenseLimitStatus,
|
|
6505
|
+
isHostedOnStrapiCloud: env("STRAPI_HOSTING", null) === "strapi.cloud",
|
|
6506
|
+
features: strapi.ee.features.list() ?? []
|
|
6507
|
+
};
|
|
6508
|
+
return { data };
|
|
6509
|
+
}
|
|
6510
|
+
};
|
|
6511
|
+
const controllers = {
|
|
6512
|
+
authentication,
|
|
6513
|
+
role,
|
|
6514
|
+
user,
|
|
6515
|
+
admin: admin$2
|
|
6516
|
+
};
|
|
6517
|
+
const enableFeatureMiddleware = (featureName) => (ctx, next) => {
|
|
6518
|
+
if (strapi.ee.features.isEnabled(featureName)) {
|
|
6519
|
+
return next();
|
|
6520
|
+
}
|
|
6521
|
+
ctx.status = 404;
|
|
6522
|
+
};
|
|
6523
|
+
const sso = {
|
|
6524
|
+
type: "admin",
|
|
6525
|
+
routes: [
|
|
6526
|
+
{
|
|
6527
|
+
method: "GET",
|
|
6528
|
+
path: "/providers",
|
|
6529
|
+
handler: "authentication.getProviders",
|
|
6530
|
+
config: {
|
|
6531
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6532
|
+
auth: false
|
|
6533
|
+
}
|
|
6534
|
+
},
|
|
6535
|
+
{
|
|
6536
|
+
method: "GET",
|
|
6537
|
+
path: "/connect/:provider",
|
|
6538
|
+
handler: "authentication.providerLogin",
|
|
6539
|
+
config: {
|
|
6540
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6541
|
+
auth: false
|
|
6542
|
+
}
|
|
6543
|
+
},
|
|
6544
|
+
{
|
|
6545
|
+
method: "POST",
|
|
6546
|
+
path: "/connect/:provider",
|
|
6547
|
+
handler: "authentication.providerLogin",
|
|
6548
|
+
config: {
|
|
6549
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6550
|
+
auth: false
|
|
6551
|
+
}
|
|
6552
|
+
},
|
|
6553
|
+
{
|
|
6554
|
+
method: "GET",
|
|
6555
|
+
path: "/providers/options",
|
|
6556
|
+
handler: "authentication.getProviderLoginOptions",
|
|
6557
|
+
config: {
|
|
6558
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6559
|
+
policies: [
|
|
6560
|
+
"admin::isAuthenticatedAdmin",
|
|
6561
|
+
{ name: "admin::hasPermissions", config: { actions: ["admin::provider-login.read"] } }
|
|
6562
|
+
]
|
|
6563
|
+
}
|
|
6564
|
+
},
|
|
6565
|
+
{
|
|
6566
|
+
method: "PUT",
|
|
6567
|
+
path: "/providers/options",
|
|
6568
|
+
handler: "authentication.updateProviderLoginOptions",
|
|
6569
|
+
config: {
|
|
6570
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6571
|
+
policies: [
|
|
6572
|
+
"admin::isAuthenticatedAdmin",
|
|
6573
|
+
{ name: "admin::hasPermissions", config: { actions: ["admin::provider-login.update"] } }
|
|
6574
|
+
]
|
|
6575
|
+
}
|
|
6576
|
+
},
|
|
6577
|
+
{
|
|
6578
|
+
method: "GET",
|
|
6579
|
+
path: "/providers/isSSOLocked",
|
|
6580
|
+
handler: "user.isSSOLocked",
|
|
6581
|
+
config: {
|
|
6582
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6583
|
+
policies: ["admin::isAuthenticatedAdmin"]
|
|
6584
|
+
}
|
|
6585
|
+
}
|
|
6586
|
+
]
|
|
6587
|
+
};
|
|
6588
|
+
const licenseLimit = {
|
|
6589
|
+
type: "admin",
|
|
6590
|
+
routes: [
|
|
6591
|
+
// License limit infos
|
|
6592
|
+
{
|
|
6593
|
+
method: "GET",
|
|
6594
|
+
path: "/license-limit-information",
|
|
6595
|
+
handler: "admin.licenseLimitInformation",
|
|
6596
|
+
config: {
|
|
6597
|
+
policies: [
|
|
6598
|
+
"admin::isAuthenticatedAdmin",
|
|
6599
|
+
{
|
|
6600
|
+
name: "admin::hasPermissions",
|
|
6601
|
+
config: {
|
|
6602
|
+
actions: [
|
|
6603
|
+
"admin::users.create",
|
|
6604
|
+
"admin::users.read",
|
|
6605
|
+
"admin::users.update",
|
|
6606
|
+
"admin::users.delete"
|
|
6607
|
+
]
|
|
6608
|
+
}
|
|
6609
|
+
}
|
|
6610
|
+
]
|
|
6611
|
+
}
|
|
6612
|
+
}
|
|
6613
|
+
]
|
|
6614
|
+
};
|
|
6615
|
+
const routes = {
|
|
6616
|
+
sso,
|
|
6617
|
+
"license-limit": licenseLimit
|
|
6618
|
+
};
|
|
6619
|
+
const auditLogsRoutes = {
|
|
6620
|
+
type: "admin",
|
|
6621
|
+
routes: [
|
|
6622
|
+
{
|
|
6623
|
+
method: "GET",
|
|
6624
|
+
path: "/audit-logs",
|
|
6625
|
+
handler: "audit-logs.findMany",
|
|
6626
|
+
config: {
|
|
6627
|
+
middlewares: [enableFeatureMiddleware("audit-logs")],
|
|
6628
|
+
policies: [
|
|
6629
|
+
"admin::isAuthenticatedAdmin",
|
|
6630
|
+
{
|
|
6631
|
+
name: "admin::hasPermissions",
|
|
6632
|
+
config: {
|
|
6633
|
+
actions: ["admin::audit-logs.read"]
|
|
6634
|
+
}
|
|
6635
|
+
}
|
|
6636
|
+
]
|
|
6637
|
+
}
|
|
6638
|
+
},
|
|
6639
|
+
{
|
|
6640
|
+
method: "GET",
|
|
6641
|
+
path: "/audit-logs/:id",
|
|
6642
|
+
handler: "audit-logs.findOne",
|
|
6643
|
+
config: {
|
|
6644
|
+
middlewares: [enableFeatureMiddleware("audit-logs")],
|
|
6645
|
+
policies: [
|
|
6646
|
+
"admin::isAuthenticatedAdmin",
|
|
6647
|
+
{
|
|
6648
|
+
name: "admin::hasPermissions",
|
|
6649
|
+
config: {
|
|
6650
|
+
actions: ["admin::audit-logs.read"]
|
|
6651
|
+
}
|
|
6652
|
+
}
|
|
6653
|
+
]
|
|
6654
|
+
}
|
|
6655
|
+
}
|
|
6656
|
+
]
|
|
6657
|
+
};
|
|
6658
|
+
const ALLOWED_SORT_STRINGS = ["action:ASC", "action:DESC", "date:ASC", "date:DESC"];
|
|
6659
|
+
const validateFindManySchema = yup.object().shape({
|
|
6660
|
+
page: yup.number().integer().min(1),
|
|
6661
|
+
pageSize: yup.number().integer().min(1).max(100),
|
|
6662
|
+
sort: yup.mixed().oneOf(ALLOWED_SORT_STRINGS)
|
|
6663
|
+
}).required();
|
|
6664
|
+
const validateFindMany = validateYupSchema(validateFindManySchema, { strict: false });
|
|
6665
|
+
const auditLogsController = {
|
|
6666
|
+
async findMany(ctx) {
|
|
6667
|
+
const { query } = ctx.request;
|
|
6668
|
+
await validateFindMany(query);
|
|
6669
|
+
const auditLogs = strapi.get("audit-logs");
|
|
6670
|
+
const body = await auditLogs.findMany(query);
|
|
6671
|
+
ctx.body = body;
|
|
6672
|
+
},
|
|
6673
|
+
async findOne(ctx) {
|
|
6674
|
+
const { id } = ctx.params;
|
|
6675
|
+
const auditLogs = strapi.get("audit-logs");
|
|
6676
|
+
const body = await auditLogs.findOne(id);
|
|
6677
|
+
ctx.body = body;
|
|
6678
|
+
strapi.telemetry.send("didWatchAnAuditLog");
|
|
6679
|
+
}
|
|
6680
|
+
};
|
|
6681
|
+
const getSanitizedUser = (user2) => {
|
|
6682
|
+
let displayName = user2.email;
|
|
6683
|
+
if (user2.username) {
|
|
6684
|
+
displayName = user2.username;
|
|
6685
|
+
} else if (user2.firstname && user2.lastname) {
|
|
6686
|
+
displayName = `${user2.firstname} ${user2.lastname}`;
|
|
6687
|
+
}
|
|
6688
|
+
return {
|
|
6689
|
+
id: user2.id,
|
|
6690
|
+
email: user2.email,
|
|
6691
|
+
displayName
|
|
6692
|
+
};
|
|
6693
|
+
};
|
|
6694
|
+
const createAuditLogsService = (strapi2) => {
|
|
6695
|
+
return {
|
|
6696
|
+
async saveEvent(event) {
|
|
6697
|
+
const { userId, ...rest } = event;
|
|
6698
|
+
const auditLog2 = { ...rest, user: userId };
|
|
6699
|
+
await strapi2.db?.query("admin::audit-log").create({ data: auditLog2 });
|
|
6700
|
+
return this;
|
|
6701
|
+
},
|
|
6702
|
+
async findMany(query) {
|
|
6703
|
+
const { results, pagination } = await strapi2.db?.query("admin::audit-log").findPage({
|
|
6704
|
+
populate: ["user"],
|
|
6705
|
+
select: ["action", "date", "payload"],
|
|
6706
|
+
...strapi2.get("query-params").transform("admin::audit-log", query)
|
|
6707
|
+
});
|
|
6708
|
+
const sanitizedResults = results.map((result) => {
|
|
6709
|
+
const { user: user2, ...rest } = result;
|
|
6710
|
+
return {
|
|
6711
|
+
...rest,
|
|
6712
|
+
user: user2 ? getSanitizedUser(user2) : null
|
|
6713
|
+
};
|
|
6714
|
+
});
|
|
6715
|
+
return {
|
|
6716
|
+
results: sanitizedResults,
|
|
6717
|
+
pagination
|
|
6718
|
+
};
|
|
6719
|
+
},
|
|
6720
|
+
async findOne(id) {
|
|
6721
|
+
const result = await strapi2.db?.query("admin::audit-log").findOne({
|
|
6722
|
+
where: { id },
|
|
6723
|
+
populate: ["user"],
|
|
6724
|
+
select: ["action", "date", "payload"]
|
|
6725
|
+
});
|
|
6726
|
+
if (!result) {
|
|
6727
|
+
return null;
|
|
6728
|
+
}
|
|
6729
|
+
const { user: user2, ...rest } = result;
|
|
6730
|
+
return {
|
|
6731
|
+
...rest,
|
|
6732
|
+
user: user2 ? getSanitizedUser(user2) : null
|
|
6733
|
+
};
|
|
6734
|
+
},
|
|
6735
|
+
deleteExpiredEvents(expirationDate) {
|
|
6736
|
+
return strapi2.db?.query("admin::audit-log").deleteMany({
|
|
6737
|
+
where: {
|
|
6738
|
+
date: {
|
|
6739
|
+
$lt: expirationDate.toISOString()
|
|
6740
|
+
}
|
|
6741
|
+
}
|
|
6742
|
+
});
|
|
6743
|
+
}
|
|
6744
|
+
};
|
|
6745
|
+
};
|
|
6746
|
+
const DEFAULT_RETENTION_DAYS = 90;
|
|
6747
|
+
const defaultEvents = [
|
|
6748
|
+
"entry.create",
|
|
6749
|
+
"entry.update",
|
|
6750
|
+
"entry.delete",
|
|
6751
|
+
"entry.publish",
|
|
6752
|
+
"entry.unpublish",
|
|
6753
|
+
"media.create",
|
|
6754
|
+
"media.update",
|
|
6755
|
+
"media.delete",
|
|
6756
|
+
"media-folder.create",
|
|
6757
|
+
"media-folder.update",
|
|
6758
|
+
"media-folder.delete",
|
|
6759
|
+
"user.create",
|
|
6760
|
+
"user.update",
|
|
6761
|
+
"user.delete",
|
|
6762
|
+
"admin.auth.success",
|
|
6763
|
+
"admin.logout",
|
|
6764
|
+
"content-type.create",
|
|
6765
|
+
"content-type.update",
|
|
6766
|
+
"content-type.delete",
|
|
6767
|
+
"component.create",
|
|
6768
|
+
"component.update",
|
|
6769
|
+
"component.delete",
|
|
6770
|
+
"role.create",
|
|
6771
|
+
"role.update",
|
|
6772
|
+
"role.delete",
|
|
6773
|
+
"permission.create",
|
|
6774
|
+
"permission.update",
|
|
6775
|
+
"permission.delete"
|
|
6776
|
+
];
|
|
6777
|
+
const getEventMap = (defaultEvents2) => {
|
|
6778
|
+
const getDefaultPayload = (...args) => args[0];
|
|
6779
|
+
return defaultEvents2.reduce((acc, event) => {
|
|
6780
|
+
acc[event] = getDefaultPayload;
|
|
6781
|
+
return acc;
|
|
6782
|
+
}, {});
|
|
6783
|
+
};
|
|
6784
|
+
const getRetentionDays = (strapi2) => {
|
|
6785
|
+
const featureConfig = strapi2.ee.features.get("audit-logs");
|
|
6786
|
+
const licenseRetentionDays = typeof featureConfig === "object" && featureConfig?.options.retentionDays;
|
|
6787
|
+
const userRetentionDays = strapi2.config.get("admin.auditLogs.retentionDays");
|
|
6788
|
+
if (licenseRetentionDays == null) {
|
|
6789
|
+
return userRetentionDays ?? DEFAULT_RETENTION_DAYS;
|
|
6790
|
+
}
|
|
6791
|
+
if (userRetentionDays && userRetentionDays < licenseRetentionDays) {
|
|
6792
|
+
return userRetentionDays;
|
|
6793
|
+
}
|
|
6794
|
+
return licenseRetentionDays;
|
|
6795
|
+
};
|
|
6796
|
+
const createAuditLogsLifecycleService = (strapi2) => {
|
|
6797
|
+
const state = {};
|
|
6798
|
+
const auditLogsService = strapi2.get("audit-logs");
|
|
6799
|
+
const eventMap = getEventMap(defaultEvents);
|
|
6800
|
+
const processEvent = (name2, ...args) => {
|
|
6801
|
+
const requestState = strapi2.requestContext.get()?.state;
|
|
6802
|
+
const isUsingAdminAuth = requestState?.route.info.type === "admin";
|
|
6803
|
+
const user2 = requestState?.user;
|
|
6804
|
+
if (!isUsingAdminAuth || !user2) {
|
|
6805
|
+
return null;
|
|
6806
|
+
}
|
|
6807
|
+
const getPayload = eventMap[name2];
|
|
6808
|
+
if (!getPayload) {
|
|
6809
|
+
return null;
|
|
6810
|
+
}
|
|
6811
|
+
const ignoredUids = ["plugin::upload.file", "plugin::upload.folder"];
|
|
6812
|
+
if (ignoredUids.includes(args[0]?.uid)) {
|
|
6813
|
+
return null;
|
|
6814
|
+
}
|
|
6815
|
+
return {
|
|
6816
|
+
action: name2,
|
|
6817
|
+
date: (/* @__PURE__ */ new Date()).toISOString(),
|
|
6818
|
+
payload: getPayload(...args) || {},
|
|
6819
|
+
userId: user2.id
|
|
6820
|
+
};
|
|
6821
|
+
};
|
|
6822
|
+
const handleEvent = async (name2, ...args) => {
|
|
6823
|
+
const processedEvent = processEvent(name2, ...args);
|
|
6824
|
+
if (processedEvent) {
|
|
6825
|
+
await auditLogsService.saveEvent(processedEvent);
|
|
6826
|
+
}
|
|
6827
|
+
};
|
|
6828
|
+
return {
|
|
6829
|
+
async register() {
|
|
6830
|
+
if (!state.eeEnableUnsubscribe) {
|
|
6831
|
+
state.eeEnableUnsubscribe = strapi2.eventHub.on("ee.enable", () => {
|
|
6832
|
+
this.destroy();
|
|
6833
|
+
this.register();
|
|
6834
|
+
});
|
|
6835
|
+
}
|
|
6836
|
+
if (!state.eeUpdateUnsubscribe) {
|
|
6837
|
+
state.eeUpdateUnsubscribe = strapi2.eventHub.on("ee.update", () => {
|
|
6838
|
+
this.destroy();
|
|
6839
|
+
this.register();
|
|
6840
|
+
});
|
|
6841
|
+
}
|
|
6842
|
+
state.eeDisableUnsubscribe = strapi2.eventHub.on("ee.disable", () => {
|
|
6843
|
+
this.destroy();
|
|
6844
|
+
});
|
|
6845
|
+
if (!strapi2.ee.features.isEnabled("audit-logs")) {
|
|
6846
|
+
return this;
|
|
6847
|
+
}
|
|
6848
|
+
state.eventHubUnsubscribe = strapi2.eventHub.subscribe(handleEvent);
|
|
6849
|
+
const retentionDays = getRetentionDays(strapi2);
|
|
6850
|
+
state.deleteExpiredJob = scheduleJob("0 0 * * *", () => {
|
|
6851
|
+
const expirationDate = new Date(Date.now() - retentionDays * 24 * 60 * 60 * 1e3);
|
|
6852
|
+
auditLogsService.deleteExpiredEvents(expirationDate);
|
|
6853
|
+
});
|
|
6854
|
+
return this;
|
|
6855
|
+
},
|
|
6856
|
+
unsubscribe() {
|
|
6857
|
+
if (state.eeDisableUnsubscribe) {
|
|
6858
|
+
state.eeDisableUnsubscribe();
|
|
6859
|
+
}
|
|
6860
|
+
if (state.eventHubUnsubscribe) {
|
|
6861
|
+
state.eventHubUnsubscribe();
|
|
6862
|
+
}
|
|
6863
|
+
if (state.deleteExpiredJob) {
|
|
6864
|
+
state.deleteExpiredJob.cancel();
|
|
6865
|
+
}
|
|
6866
|
+
return this;
|
|
6867
|
+
},
|
|
6868
|
+
destroy() {
|
|
6869
|
+
return this.unsubscribe();
|
|
6870
|
+
}
|
|
6871
|
+
};
|
|
6872
|
+
};
|
|
6873
|
+
const auditLog = {
|
|
6874
|
+
schema: {
|
|
6875
|
+
kind: "collectionType",
|
|
6876
|
+
collectionName: "strapi_audit_logs",
|
|
6877
|
+
info: {
|
|
6878
|
+
singularName: "audit-log",
|
|
6879
|
+
pluralName: "audit-logs",
|
|
6880
|
+
displayName: "Audit Log"
|
|
6881
|
+
},
|
|
6882
|
+
options: {
|
|
6883
|
+
timestamps: false
|
|
6884
|
+
},
|
|
6885
|
+
pluginOptions: {
|
|
6886
|
+
"content-manager": {
|
|
6887
|
+
visible: false
|
|
6888
|
+
},
|
|
6889
|
+
"content-type-builder": {
|
|
6890
|
+
visible: false
|
|
6891
|
+
}
|
|
6892
|
+
},
|
|
6893
|
+
attributes: {
|
|
6894
|
+
action: {
|
|
6895
|
+
type: "string",
|
|
6896
|
+
required: true
|
|
6897
|
+
},
|
|
6898
|
+
date: {
|
|
6899
|
+
type: "datetime",
|
|
6900
|
+
required: true
|
|
6901
|
+
},
|
|
6902
|
+
user: {
|
|
6903
|
+
type: "relation",
|
|
6904
|
+
relation: "oneToOne",
|
|
6905
|
+
target: "admin::user"
|
|
6906
|
+
},
|
|
6907
|
+
payload: {
|
|
6908
|
+
type: "json"
|
|
6909
|
+
}
|
|
6910
|
+
}
|
|
6911
|
+
}
|
|
6912
|
+
};
|
|
6913
|
+
const getAdminEE = () => {
|
|
6914
|
+
const eeAdmin = {
|
|
6915
|
+
register,
|
|
6916
|
+
bootstrap,
|
|
6917
|
+
destroy,
|
|
6918
|
+
contentTypes: {
|
|
6919
|
+
// Always register the audit-log content type to prevent data loss
|
|
6920
|
+
"audit-log": auditLog,
|
|
6921
|
+
...adminContentTypes
|
|
6922
|
+
},
|
|
6923
|
+
services,
|
|
6924
|
+
controllers,
|
|
6925
|
+
routes
|
|
6926
|
+
};
|
|
6927
|
+
if (strapi.config.get("admin.auditLogs.enabled", true) && strapi.ee.features.isEnabled("audit-logs")) {
|
|
6928
|
+
return {
|
|
6929
|
+
...eeAdmin,
|
|
6930
|
+
controllers: {
|
|
6931
|
+
...eeAdmin.controllers,
|
|
6932
|
+
"audit-logs": auditLogsController
|
|
6933
|
+
},
|
|
6934
|
+
routes: {
|
|
6935
|
+
...eeAdmin.routes,
|
|
6936
|
+
"audit-logs": auditLogsRoutes
|
|
6937
|
+
},
|
|
6938
|
+
async register({ strapi: strapi2 }) {
|
|
6939
|
+
await eeAdmin.register({ strapi: strapi2 });
|
|
6940
|
+
strapi2.add("audit-logs", createAuditLogsService(strapi2));
|
|
6941
|
+
const auditLogsLifecycle = createAuditLogsLifecycleService(strapi2);
|
|
6942
|
+
strapi2.add("audit-logs-lifecycle", auditLogsLifecycle);
|
|
6943
|
+
await auditLogsLifecycle.register();
|
|
6944
|
+
},
|
|
6945
|
+
async destroy({ strapi: strapi2 }) {
|
|
6946
|
+
strapi2.get("audit-logs-lifecycle").destroy();
|
|
6947
|
+
await eeAdmin.destroy({ strapi: strapi2 });
|
|
6948
|
+
}
|
|
6949
|
+
};
|
|
6950
|
+
}
|
|
6951
|
+
return eeAdmin;
|
|
6952
|
+
};
|
|
6953
|
+
let admin = {
|
|
6954
|
+
bootstrap: bootstrap$1,
|
|
6955
|
+
register: register$2,
|
|
6956
|
+
destroy: destroy$1,
|
|
6957
|
+
config,
|
|
6958
|
+
policies,
|
|
6959
|
+
routes: routes$1,
|
|
6960
|
+
services: services$1,
|
|
6961
|
+
controllers: controllers$1,
|
|
6962
|
+
contentTypes,
|
|
6963
|
+
middlewares: middlewares$1
|
|
6964
|
+
};
|
|
6965
|
+
const mergeRoutes = (a, b, key) => {
|
|
6966
|
+
return ___default.isArray(a) && ___default.isArray(b) && key === "routes" ? a.concat(b) : void 0;
|
|
6967
|
+
};
|
|
6968
|
+
if (strapi.EE) {
|
|
6969
|
+
admin = ___default.mergeWith({}, admin, getAdminEE(), mergeRoutes);
|
|
6970
|
+
}
|
|
6971
|
+
const admin$1 = admin;
|
|
5609
6972
|
export {
|
|
5610
|
-
|
|
5611
|
-
index$6 as config,
|
|
5612
|
-
index$1 as contentTypes,
|
|
5613
|
-
index$2 as controllers,
|
|
5614
|
-
destroy,
|
|
5615
|
-
index as middlewares,
|
|
5616
|
-
index$5 as policies,
|
|
5617
|
-
register$1 as register,
|
|
5618
|
-
routes,
|
|
5619
|
-
index$3 as services
|
|
6973
|
+
admin$1 as default
|
|
5620
6974
|
};
|
|
5621
6975
|
//# sourceMappingURL=index.mjs.map
|