@strapi/admin 5.0.0-rc.9 → 5.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/{AdminSeatInfo-j58AKYvZ.js → AdminSeatInfo-8vtNB3ck.js} +3 -3
- package/dist/admin/{AdminSeatInfo-j58AKYvZ.js.map → AdminSeatInfo-8vtNB3ck.js.map} +1 -1
- package/dist/admin/{AdminSeatInfo-qGNvhfii.mjs → AdminSeatInfo-qIgh5-QA.mjs} +4 -4
- package/dist/admin/{AdminSeatInfo-qGNvhfii.mjs.map → AdminSeatInfo-qIgh5-QA.mjs.map} +1 -1
- package/dist/admin/{ApplicationInfoPage-ahnTcFV1.mjs → ApplicationInfoPage-FPcBalFr.mjs} +5 -5
- package/dist/admin/{ApplicationInfoPage-ahnTcFV1.mjs.map → ApplicationInfoPage-FPcBalFr.mjs.map} +1 -1
- package/dist/admin/{ApplicationInfoPage-JfdJ0U4H.js → ApplicationInfoPage-hY4yez-z.js} +5 -5
- package/dist/admin/{ApplicationInfoPage-JfdJ0U4H.js.map → ApplicationInfoPage-hY4yez-z.js.map} +1 -1
- package/dist/admin/{AuthResponse-J8A48xdo.mjs → AuthResponse-HYXVuTDF.mjs} +2 -2
- package/dist/admin/{AuthResponse-J8A48xdo.mjs.map → AuthResponse-HYXVuTDF.mjs.map} +1 -1
- package/dist/admin/{AuthResponse-KlTDmm2i.js → AuthResponse-R8kR_yqS.js} +2 -2
- package/dist/admin/{AuthResponse-KlTDmm2i.js.map → AuthResponse-R8kR_yqS.js.map} +1 -1
- package/dist/admin/{AuthenticatedLayout-06fn7qrH.mjs → AuthenticatedLayout-WfWtk2vt.mjs} +32 -40
- package/dist/admin/AuthenticatedLayout-WfWtk2vt.mjs.map +1 -0
- package/dist/admin/{AuthenticatedLayout-eKDwvUFO.js → AuthenticatedLayout-_fHeS86w.js} +31 -39
- package/dist/admin/AuthenticatedLayout-_fHeS86w.js.map +1 -0
- package/dist/admin/{CreateActionEE-Yfp4hs7a.mjs → CreateActionEE-X2nnG2dm.mjs} +2 -2
- package/dist/admin/{CreateActionEE-Yfp4hs7a.mjs.map → CreateActionEE-X2nnG2dm.mjs.map} +1 -1
- package/dist/admin/{CreatePage-68skzZjY.js → CreatePage-2iQ7FkkX.js} +3 -3
- package/dist/admin/{CreatePage-68skzZjY.js.map → CreatePage-2iQ7FkkX.js.map} +1 -1
- package/dist/admin/{CreatePage-t5HQUOqJ.js → CreatePage-60fNdNfa.js} +6 -6
- package/dist/admin/CreatePage-60fNdNfa.js.map +1 -0
- package/dist/admin/{CreatePage-bdWb1wg4.mjs → CreatePage-pPnHpatu.mjs} +7 -7
- package/dist/admin/CreatePage-pPnHpatu.mjs.map +1 -0
- package/dist/admin/{CreatePage-Yd5JyWS5.mjs → CreatePage-z6N1v5X5.mjs} +3 -3
- package/dist/admin/{CreatePage-Yd5JyWS5.mjs.map → CreatePage-z6N1v5X5.mjs.map} +1 -1
- package/dist/admin/{CreateView-yv51Pyvw.js → CreateView-18WQPz4-.js} +3 -3
- package/dist/admin/{CreateView-yv51Pyvw.js.map → CreateView-18WQPz4-.js.map} +1 -1
- package/dist/admin/{CreateView-ZZaA8hbe.mjs → CreateView-4UcrE6vq.mjs} +3 -3
- package/dist/admin/{CreateView-ZZaA8hbe.mjs.map → CreateView-4UcrE6vq.mjs.map} +1 -1
- package/dist/admin/{CreateView-V0v5CK8t.mjs → CreateView-8k0KvpoK.mjs} +3 -3
- package/dist/admin/{CreateView-V0v5CK8t.mjs.map → CreateView-8k0KvpoK.mjs.map} +1 -1
- package/dist/admin/{CreateView-nzILLv0g.js → CreateView-YbqcAK_f.js} +3 -3
- package/dist/admin/{CreateView-nzILLv0g.js.map → CreateView-YbqcAK_f.js.map} +1 -1
- package/dist/admin/{EditPage-A7-BewPd.mjs → EditPage-Fu5aqX9h.mjs} +7 -7
- package/dist/admin/EditPage-Fu5aqX9h.mjs.map +1 -0
- package/dist/admin/{EditPage-Lw36XG9G.js → EditPage-H3D08t-N.js} +6 -6
- package/dist/admin/EditPage-H3D08t-N.js.map +1 -0
- package/dist/admin/{EditPage-cWJ8V1BK.mjs → EditPage-K8aawKOf.mjs} +27 -23
- package/dist/admin/EditPage-K8aawKOf.mjs.map +1 -0
- package/dist/admin/{EditPage-LoESB5pq.js → EditPage-U4UN4MeE.js} +7 -7
- package/dist/admin/{EditPage-LoESB5pq.js.map → EditPage-U4UN4MeE.js.map} +1 -1
- package/dist/admin/{EditPage-2cMhX4F_.mjs → EditPage-dZLyVDGx.mjs} +8 -8
- package/dist/admin/{EditPage-2cMhX4F_.mjs.map → EditPage-dZLyVDGx.mjs.map} +1 -1
- package/dist/admin/{EditPage-pTQCDncU.js → EditPage-ewduoYpT.js} +25 -21
- package/dist/admin/EditPage-ewduoYpT.js.map +1 -0
- package/dist/admin/{EditView-KzdDTSO-.js → EditView-1TEk6oaL.js} +5 -6
- package/dist/admin/EditView-1TEk6oaL.js.map +1 -0
- package/dist/admin/{EditView-HygMdUSf.mjs → EditView-xgk-lEu1.mjs} +7 -8
- package/dist/admin/EditView-xgk-lEu1.mjs.map +1 -0
- package/dist/admin/{EditViewPage-47F2xHBt.mjs → EditViewPage-2CHLYZlY.mjs} +6 -6
- package/dist/admin/{EditViewPage-47F2xHBt.mjs.map → EditViewPage-2CHLYZlY.mjs.map} +1 -1
- package/dist/admin/{EditViewPage-FgsrW_wV.js → EditViewPage-R2kud83M.js} +5 -5
- package/dist/admin/{EditViewPage-FgsrW_wV.js.map → EditViewPage-R2kud83M.js.map} +1 -1
- package/dist/admin/{EventsTable-mgIyB8DL.mjs → EventsTable-JJ16vr2h.mjs} +2 -2
- package/dist/admin/{EventsTable-mgIyB8DL.mjs.map → EventsTable-JJ16vr2h.mjs.map} +1 -1
- package/dist/admin/{EventsTable--XlOTHxM.js → EventsTable-fzeOe9NB.js} +2 -2
- package/dist/admin/{EventsTable--XlOTHxM.js.map → EventsTable-fzeOe9NB.js.map} +1 -1
- package/dist/admin/{HomePage-ywYHZHMa.js → HomePage-DB00H9y5.js} +15 -18
- package/dist/admin/HomePage-DB00H9y5.js.map +1 -0
- package/dist/admin/{HomePage-H77dsrr1.mjs → HomePage-EDHzBAy8.mjs} +3 -3
- package/dist/admin/{HomePage-H77dsrr1.mjs.map → HomePage-EDHzBAy8.mjs.map} +1 -1
- package/dist/admin/{HomePage-uVwht52t.js → HomePage-GsLJ4j4f.js} +3 -3
- package/dist/admin/{HomePage-uVwht52t.js.map → HomePage-GsLJ4j4f.js.map} +1 -1
- package/dist/admin/{HomePage-dyDldozB.mjs → HomePage-oz8OSt1B.mjs} +7 -10
- package/dist/admin/HomePage-oz8OSt1B.mjs.map +1 -0
- package/dist/admin/{InstalledPluginsPage-JkruwT2d.js → InstalledPlugins-T0ds5aOe.js} +9 -11
- package/dist/admin/InstalledPlugins-T0ds5aOe.js.map +1 -0
- package/dist/admin/{InstalledPluginsPage-3OSkplVn.mjs → InstalledPlugins-ngsQKZBi.mjs} +9 -11
- package/dist/admin/InstalledPlugins-ngsQKZBi.mjs.map +1 -0
- package/dist/admin/{Layout-pVTNV6PU.js → Layout-LTVvoQIP.js} +5 -5
- package/dist/admin/{Layout-pVTNV6PU.js.map → Layout-LTVvoQIP.js.map} +1 -1
- package/dist/admin/{Layout-8Ds_z3XN.mjs → Layout-dlsF2jYh.mjs} +5 -5
- package/dist/admin/{Layout-8Ds_z3XN.mjs.map → Layout-dlsF2jYh.mjs.map} +1 -1
- package/dist/admin/{ListPage-semY3kTl.mjs → ListPage-4VAaMuov.mjs} +4 -4
- package/dist/admin/{ListPage-semY3kTl.mjs.map → ListPage-4VAaMuov.mjs.map} +1 -1
- package/dist/admin/{ListPage-8M-bmv0a.mjs → ListPage-CAAa_iYD.mjs} +6 -6
- package/dist/admin/{ListPage-8M-bmv0a.mjs.map → ListPage-CAAa_iYD.mjs.map} +1 -1
- package/dist/admin/{ListPage-LokTy34i.mjs → ListPage-HjeCNXIL.mjs} +3 -3
- package/dist/admin/{ListPage-LokTy34i.mjs.map → ListPage-HjeCNXIL.mjs.map} +1 -1
- package/dist/admin/{ListPage-jTpJnTuQ.js → ListPage-J_zameoY.js} +3 -3
- package/dist/admin/{ListPage-jTpJnTuQ.js.map → ListPage-J_zameoY.js.map} +1 -1
- package/dist/admin/{ListPage-15KiUCLt.js → ListPage-W_j2UV6e.js} +3 -3
- package/dist/admin/{ListPage-15KiUCLt.js.map → ListPage-W_j2UV6e.js.map} +1 -1
- package/dist/admin/{ListPage-hNIbvh17.mjs → ListPage-cMqf3hxn.mjs} +10 -10
- package/dist/admin/ListPage-cMqf3hxn.mjs.map +1 -0
- package/dist/admin/{ListPage-OIdhjljI.js → ListPage-e_XhqWy-.js} +6 -6
- package/dist/admin/{ListPage-OIdhjljI.js.map → ListPage-e_XhqWy-.js.map} +1 -1
- package/dist/admin/{ListPage-NtjeF8R2.mjs → ListPage-fE9R8ZE1.mjs} +4 -4
- package/dist/admin/{ListPage-NtjeF8R2.mjs.map → ListPage-fE9R8ZE1.mjs.map} +1 -1
- package/dist/admin/{ListPage-dApwERT6.js → ListPage-kv14w7sy.js} +5 -5
- package/dist/admin/{ListPage-dApwERT6.js.map → ListPage-kv14w7sy.js.map} +1 -1
- package/dist/admin/{ListPage-DHUp0PDw.js → ListPage-qj3M7V0W.js} +8 -8
- package/dist/admin/ListPage-qj3M7V0W.js.map +1 -0
- package/dist/admin/{ListView-ZSEn2tK5.js → ListView-J3Bd1ZAj.js} +5 -5
- package/dist/admin/{ListView-ZSEn2tK5.js.map → ListView-J3Bd1ZAj.js.map} +1 -1
- package/dist/admin/{ListView-kEuSmXPm.mjs → ListView-JTtPuayE.mjs} +5 -5
- package/dist/admin/{ListView-kEuSmXPm.mjs.map → ListView-JTtPuayE.mjs.map} +1 -1
- package/dist/admin/{ListView-MA83TDJF.js → ListView-e_rZH3km.js} +4 -4
- package/dist/admin/{ListView-MA83TDJF.js.map → ListView-e_rZH3km.js.map} +1 -1
- package/dist/admin/{ListView-tCCo7pVS.mjs → ListView-ziItL2Hn.mjs} +5 -5
- package/dist/admin/{ListView-tCCo7pVS.mjs.map → ListView-ziItL2Hn.mjs.map} +1 -1
- package/dist/admin/{Login-RrWZQA_X.js → Login-B5mc1U2m.js} +3 -3
- package/dist/admin/{Login-RrWZQA_X.js.map → Login-B5mc1U2m.js.map} +1 -1
- package/dist/admin/{Login-GLcLgHUd.mjs → Login-STwy4gIQ.mjs} +3 -3
- package/dist/admin/{Login-GLcLgHUd.mjs.map → Login-STwy4gIQ.mjs.map} +1 -1
- package/dist/admin/{MagicLinkEE-u0n-nwtv.js → MagicLinkEE-3PSvKNEX.js} +3 -3
- package/dist/admin/{MagicLinkEE-u0n-nwtv.js.map → MagicLinkEE-3PSvKNEX.js.map} +1 -1
- package/dist/admin/{MagicLinkEE-_qltdLkk.mjs → MagicLinkEE-oXcvyO9m.mjs} +3 -3
- package/dist/admin/{MagicLinkEE-_qltdLkk.mjs.map → MagicLinkEE-oXcvyO9m.mjs.map} +1 -1
- package/dist/admin/{MarketplacePage-uyOTT12t.js → MarketplacePage-XkcAwVQL.js} +65 -64
- package/dist/admin/MarketplacePage-XkcAwVQL.js.map +1 -0
- package/dist/admin/{MarketplacePage-41CstG0b.mjs → MarketplacePage-s3TgP0pj.mjs} +64 -63
- package/dist/admin/MarketplacePage-s3TgP0pj.mjs.map +1 -0
- package/dist/admin/{Permissions-J2jRpCh_.mjs → Permissions-aSGK8VGG.mjs} +2 -2
- package/dist/admin/{Permissions-J2jRpCh_.mjs.map → Permissions-aSGK8VGG.mjs.map} +1 -1
- package/dist/admin/{Permissions-LMVH6wf4.js → Permissions-bmMBmcv7.js} +2 -2
- package/dist/admin/{Permissions-LMVH6wf4.js.map → Permissions-bmMBmcv7.js.map} +1 -1
- package/dist/admin/{PrivateRoute-ndqg7K6H.js → PrivateRoute-LO9G_pCJ.js} +2 -2
- package/dist/admin/{PrivateRoute-ndqg7K6H.js.map → PrivateRoute-LO9G_pCJ.js.map} +1 -1
- package/dist/admin/{PrivateRoute-4oRTB_tX.mjs → PrivateRoute-S4Lol0B9.mjs} +2 -2
- package/dist/admin/{PrivateRoute-4oRTB_tX.mjs.map → PrivateRoute-S4Lol0B9.mjs.map} +1 -1
- package/dist/admin/{ProfilePage-zwG0fq_e.mjs → ProfilePage-EPvpBxko.mjs} +6 -6
- package/dist/admin/ProfilePage-EPvpBxko.mjs.map +1 -0
- package/dist/admin/{ProfilePage-wxZFen3W.js → ProfilePage-TMGpOFkt.js} +5 -5
- package/dist/admin/ProfilePage-TMGpOFkt.js.map +1 -0
- package/dist/admin/{PurchaseAuditLogs-f6iczpRi.js → PurchaseAuditLogs-HcdrHEM2.js} +2 -2
- package/dist/admin/{PurchaseAuditLogs-f6iczpRi.js.map → PurchaseAuditLogs-HcdrHEM2.js.map} +1 -1
- package/dist/admin/{PurchaseAuditLogs-FDPV-ZqU.mjs → PurchaseAuditLogs-K2YmR4Il.mjs} +2 -2
- package/dist/admin/{PurchaseAuditLogs-FDPV-ZqU.mjs.map → PurchaseAuditLogs-K2YmR4Il.mjs.map} +1 -1
- package/dist/admin/{PurchaseSingleSignOn-S0B2HM4d.mjs → PurchaseSingleSignOn-sxd54apY.mjs} +2 -2
- package/dist/admin/{PurchaseSingleSignOn-S0B2HM4d.mjs.map → PurchaseSingleSignOn-sxd54apY.mjs.map} +1 -1
- package/dist/admin/{PurchaseSingleSignOn-0wXAjOLm.js → PurchaseSingleSignOn-y7p3yZ-b.js} +2 -2
- package/dist/admin/{PurchaseSingleSignOn-0wXAjOLm.js.map → PurchaseSingleSignOn-y7p3yZ-b.js.map} +1 -1
- package/dist/admin/{SelectRoles-MoDtdDcM.js → SelectRoles-L8dRONb-.js} +7 -7
- package/dist/admin/SelectRoles-L8dRONb-.js.map +1 -0
- package/dist/admin/{SelectRoles-h_1srnVz.mjs → SelectRoles-esk6LySb.mjs} +6 -6
- package/dist/admin/SelectRoles-esk6LySb.mjs.map +1 -0
- package/dist/admin/{SingleSignOnPage-5CdOsumW.js → SingleSignOnPage-cih5-oBZ.js} +4 -4
- package/dist/admin/{SingleSignOnPage-5CdOsumW.js.map → SingleSignOnPage-cih5-oBZ.js.map} +1 -1
- package/dist/admin/{SingleSignOnPage-AZVczKwR.mjs → SingleSignOnPage-idMTZOuN.mjs} +5 -5
- package/dist/admin/{SingleSignOnPage-AZVczKwR.mjs.map → SingleSignOnPage-idMTZOuN.mjs.map} +1 -1
- package/dist/admin/{Table-CpbvaRQh.js → Table-1mVE67Cd.js} +12 -19
- package/dist/admin/Table-1mVE67Cd.js.map +1 -0
- package/dist/admin/{Table-EPKfcF5-.mjs → Table-wZgpqMG3.mjs} +12 -19
- package/dist/admin/Table-wZgpqMG3.mjs.map +1 -0
- package/dist/admin/{Theme-PrUuuGtN.mjs → Theme-frC82ceE.mjs} +221 -20
- package/dist/admin/Theme-frC82ceE.mjs.map +1 -0
- package/dist/admin/{Theme-7W0we6BI.js → Theme-y_rWTknM.js} +225 -19
- package/dist/admin/Theme-y_rWTknM.js.map +1 -0
- package/dist/admin/{TokenTypeSelect-7Ki5z_3z.mjs → TokenTypeSelect-GplqVrbt.mjs} +4 -5
- package/dist/admin/{TokenTypeSelect-7Ki5z_3z.mjs.map → TokenTypeSelect-GplqVrbt.mjs.map} +1 -1
- package/dist/admin/{TokenTypeSelect-yRV19q7R.js → TokenTypeSelect-Itk7isiz.js} +4 -5
- package/dist/admin/{TokenTypeSelect-yRV19q7R.js.map → TokenTypeSelect-Itk7isiz.js.map} +1 -1
- package/dist/admin/{UseCasePage-l9OmQYhK.js → UseCasePage-1SuyjC6w.js} +4 -4
- package/dist/admin/{UseCasePage-l9OmQYhK.js.map → UseCasePage-1SuyjC6w.js.map} +1 -1
- package/dist/admin/{UseCasePage-as6-3qKD.mjs → UseCasePage-QPnZOFrC.mjs} +4 -4
- package/dist/admin/{UseCasePage-as6-3qKD.mjs.map → UseCasePage-QPnZOFrC.mjs.map} +1 -1
- package/dist/admin/{admin-B6AW0Kov.mjs → admin-GZ-AP2T0.mjs} +2 -2
- package/dist/admin/{admin-B6AW0Kov.mjs.map → admin-GZ-AP2T0.mjs.map} +1 -1
- package/dist/admin/{apiTokens-YMUmHnrH.mjs → apiTokens-GQe-GqwZ.mjs} +2 -2
- package/dist/admin/{apiTokens-YMUmHnrH.mjs.map → apiTokens-GQe-GqwZ.mjs.map} +1 -1
- package/dist/admin/{constants-X2uDAtEA.js → constants-K5ARNpfV.js} +3 -3
- package/dist/admin/{constants-X2uDAtEA.js.map → constants-K5ARNpfV.js.map} +1 -1
- package/dist/admin/{constants-AYR471DB.mjs → constants-T5y8alpG.mjs} +3 -3
- package/dist/admin/{constants-AYR471DB.mjs.map → constants-T5y8alpG.mjs.map} +1 -1
- package/dist/admin/ee.mjs +1 -1
- package/dist/admin/en-GB-8ipWI3xp.mjs +6 -0
- package/dist/admin/en-GB-8ipWI3xp.mjs.map +1 -0
- package/dist/admin/en-GB-vRfq_FQ3.js +10 -0
- package/dist/admin/en-GB-vRfq_FQ3.js.map +1 -0
- package/dist/admin/{en-TbnMBjZf.js → en-_1-Nn7iH.js} +3 -2
- package/dist/admin/{en-TbnMBjZf.js.map → en-_1-Nn7iH.js.map} +1 -1
- package/dist/admin/{en-0Ld-ipyI.mjs → en-lDO5lPD0.mjs} +3 -2
- package/dist/admin/{en-0Ld-ipyI.mjs.map → en-lDO5lPD0.mjs.map} +1 -1
- package/dist/admin/{index-Fu3hPmaj.mjs → index-QPUYgtlo.mjs} +143 -280
- package/dist/admin/index-QPUYgtlo.mjs.map +1 -0
- package/dist/admin/{index-w33_0vI-.js → index-YMz7KziV.js} +147 -287
- package/dist/admin/index-YMz7KziV.js.map +1 -0
- package/dist/admin/index.js +5 -4
- package/dist/admin/index.js.map +1 -1
- package/dist/admin/index.mjs +3 -3
- package/dist/admin/{selectors-ZpHhvPK4.mjs → selectors--muHmKGe.mjs} +2 -2
- package/dist/admin/{selectors-ZpHhvPK4.mjs.map → selectors--muHmKGe.mjs.map} +1 -1
- package/dist/admin/{selectors-zQKcCNuz.js → selectors-1ySxKbos.js} +2 -2
- package/dist/admin/{selectors-zQKcCNuz.js.map → selectors-1ySxKbos.js.map} +1 -1
- package/dist/admin/src/StrapiApp.d.ts +8 -6
- package/dist/admin/src/components/Form.d.ts +3 -1
- package/dist/admin/src/components/GuidedTour/Provider.d.ts +0 -4
- package/dist/admin/src/constants.d.ts +10 -0
- package/dist/admin/src/features/Auth.d.ts +1 -1
- package/dist/admin/src/hooks/useRBAC.d.ts +1 -1
- package/dist/admin/src/index.d.ts +3 -0
- package/dist/admin/src/layouts/UnauthenticatedLayout.d.ts +1 -1
- package/dist/admin/src/pages/Marketplace/hooks/useMarketplaceData.d.ts +2 -1
- package/dist/admin/src/pages/Settings/pages/InstalledPlugins.d.ts +3 -0
- package/dist/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.d.ts +1 -1
- package/dist/admin/src/translations/languageNativeNames.d.ts +1 -0
- package/dist/admin/src/types/permissions.d.ts +3 -1
- package/dist/admin/test.js +3 -3
- package/dist/admin/test.js.map +1 -1
- package/dist/admin/test.mjs +4 -4
- package/dist/admin/test.mjs.map +1 -1
- package/dist/admin/{transferTokens-CNI0TFdA.mjs → transferTokens-v8tNpI_l.mjs} +2 -2
- package/dist/admin/{transferTokens-CNI0TFdA.mjs.map → transferTokens-v8tNpI_l.mjs.map} +1 -1
- package/dist/admin/{useAdminRoles-lDesL4gN.mjs → useAdminRoles-DX1MOKC9.mjs} +2 -2
- package/dist/admin/{useAdminRoles-lDesL4gN.mjs.map → useAdminRoles-DX1MOKC9.mjs.map} +1 -1
- package/dist/admin/{useAdminRoles-w6h8NFK5.js → useAdminRoles-nNC9r0dz.js} +2 -2
- package/dist/admin/{useAdminRoles-w6h8NFK5.js.map → useAdminRoles-nNC9r0dz.js.map} +1 -1
- package/dist/admin/{useLicenseLimitNotification-PaR7jmqd.mjs → useLicenseLimitNotification-Qx_rSpUQ.mjs} +3 -3
- package/dist/admin/{useLicenseLimitNotification-PaR7jmqd.mjs.map → useLicenseLimitNotification-Qx_rSpUQ.mjs.map} +1 -1
- package/dist/admin/{useLicenseLimitNotification-g1vq6nzk.js → useLicenseLimitNotification-eau4ja6h.js} +2 -2
- package/dist/admin/{useLicenseLimitNotification-g1vq6nzk.js.map → useLicenseLimitNotification-eau4ja6h.js.map} +1 -1
- package/dist/admin/{useLicenseLimits-Jy6E6qc2.mjs → useLicenseLimits-j5znikzW.mjs} +2 -2
- package/dist/admin/{useLicenseLimits-Jy6E6qc2.mjs.map → useLicenseLimits-j5znikzW.mjs.map} +1 -1
- package/dist/admin/{useWebhooks-7thg-d57.mjs → useWebhooks-upF7mgdZ.mjs} +2 -2
- package/dist/admin/{useWebhooks-7thg-d57.mjs.map → useWebhooks-upF7mgdZ.mjs.map} +1 -1
- package/dist/admin/{validation-4SWh9S5z.js → validation-AQCTfU6y.js} +4 -4
- package/dist/admin/validation-AQCTfU6y.js.map +1 -0
- package/dist/admin/{validation-IcNGA_ef.mjs → validation-tnv2QISi.mjs} +4 -4
- package/dist/admin/validation-tnv2QISi.mjs.map +1 -0
- package/dist/ee/server/src/audit-logs/content-types/audit-log.d.ts +41 -0
- package/dist/ee/server/src/audit-logs/content-types/audit-log.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/controllers/audit-logs.d.ts +7 -0
- package/dist/ee/server/src/audit-logs/controllers/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/routes/audit-logs.d.ts +19 -0
- package/dist/ee/server/src/audit-logs/routes/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts +27 -0
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts +12 -0
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts.map +1 -0
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts +6 -0
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts.map +1 -0
- package/dist/ee/server/src/bootstrap.d.ts +3 -0
- package/dist/ee/server/src/bootstrap.d.ts.map +1 -0
- package/dist/ee/server/src/config/admin-actions.d.ts +20 -0
- package/dist/ee/server/src/config/admin-actions.d.ts.map +1 -0
- package/dist/ee/server/src/content-types/index.d.ts +3 -0
- package/dist/ee/server/src/content-types/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/admin.d.ts +29 -0
- package/dist/ee/server/src/controllers/admin.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/constants.d.ts +10 -0
- package/dist/ee/server/src/controllers/authentication-utils/constants.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/index.d.ts +5 -0
- package/dist/ee/server/src/controllers/authentication-utils/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/middlewares.d.ts +9 -0
- package/dist/ee/server/src/controllers/authentication-utils/middlewares.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts +55 -0
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/authentication.d.ts +9 -0
- package/dist/ee/server/src/controllers/authentication.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/index.d.ts +48 -0
- package/dist/ee/server/src/controllers/index.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/role.d.ts +20 -0
- package/dist/ee/server/src/controllers/role.d.ts.map +1 -0
- package/dist/ee/server/src/controllers/user.d.ts +8 -0
- package/dist/ee/server/src/controllers/user.d.ts.map +1 -0
- package/dist/ee/server/src/destroy.d.ts +6 -0
- package/dist/ee/server/src/destroy.d.ts.map +1 -0
- package/dist/ee/server/src/index.d.ts +380 -0
- package/dist/ee/server/src/index.d.ts.map +1 -0
- package/dist/ee/server/src/register.d.ts +6 -0
- package/dist/ee/server/src/register.d.ts.map +1 -0
- package/dist/ee/server/src/routes/index.d.ts +47 -0
- package/dist/ee/server/src/routes/index.d.ts.map +1 -0
- package/dist/ee/server/src/routes/license-limit.d.ts +18 -0
- package/dist/ee/server/src/routes/license-limit.d.ts.map +1 -0
- package/dist/ee/server/src/routes/sso.d.ts +29 -0
- package/dist/ee/server/src/routes/sso.d.ts.map +1 -0
- package/dist/ee/server/src/routes/utils.d.ts +3 -0
- package/dist/ee/server/src/routes/utils.d.ts.map +1 -0
- package/dist/ee/server/src/services/auth.d.ts +6 -0
- package/dist/ee/server/src/services/auth.d.ts.map +1 -0
- package/dist/ee/server/src/services/index.d.ts +39 -0
- package/dist/ee/server/src/services/index.d.ts.map +1 -0
- package/dist/ee/server/src/services/metrics.d.ts +8 -0
- package/dist/ee/server/src/services/metrics.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport/provider-registry.d.ts +4 -0
- package/dist/ee/server/src/services/passport/provider-registry.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport/sso.d.ts +19 -0
- package/dist/ee/server/src/services/passport/sso.d.ts.map +1 -0
- package/dist/ee/server/src/services/passport.d.ts +13 -0
- package/dist/ee/server/src/services/passport.d.ts.map +1 -0
- package/dist/ee/server/src/services/role.d.ts +5 -0
- package/dist/ee/server/src/services/role.d.ts.map +1 -0
- package/dist/ee/server/src/services/seat-enforcement.d.ts +6 -0
- package/dist/ee/server/src/services/seat-enforcement.d.ts.map +1 -0
- package/dist/ee/server/src/services/user.d.ts +10 -0
- package/dist/ee/server/src/services/user.d.ts.map +1 -0
- package/dist/ee/server/src/utils/index.d.ts +11 -0
- package/dist/ee/server/src/utils/index.d.ts.map +1 -0
- package/dist/ee/server/src/utils/persisted-tables.d.ts +42 -0
- package/dist/ee/server/src/utils/persisted-tables.d.ts.map +1 -0
- package/dist/ee/server/src/utils/sso-lock.d.ts +6 -0
- package/dist/ee/server/src/utils/sso-lock.d.ts.map +1 -0
- package/dist/ee/server/src/validation/authentication.d.ts +15 -0
- package/dist/ee/server/src/validation/authentication.d.ts.map +1 -0
- package/dist/ee/server/src/validation/role.d.ts +21 -0
- package/dist/ee/server/src/validation/role.d.ts.map +1 -0
- package/dist/ee/server/src/validation/user.d.ts +19 -0
- package/dist/ee/server/src/validation/user.d.ts.map +1 -0
- package/dist/package.json.d.ts +11 -10
- package/dist/server/index.js +1897 -538
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +1693 -333
- package/dist/server/index.mjs.map +1 -1
- package/dist/server/src/domain/action/provider.d.ts +1 -1
- package/dist/server/src/domain/condition/provider.d.ts +3 -1
- package/dist/server/src/domain/condition/provider.d.ts.map +1 -1
- package/dist/server/src/index.d.ts +738 -10
- package/dist/server/src/index.d.ts.map +1 -1
- package/dist/server/src/services/metrics.d.ts.map +1 -1
- package/dist/server/src/services/permission.d.ts +4 -2
- package/dist/server/src/services/permission.d.ts.map +1 -1
- package/dist/shared/contracts/admin.d.ts +1 -0
- package/dist/shared/contracts/admin.d.ts.map +1 -1
- package/dist/shared/contracts/user.d.ts +1 -1
- package/dist/shared/contracts/user.d.ts.map +1 -1
- package/package.json +18 -17
- package/dist/admin/AuthenticatedLayout-06fn7qrH.mjs.map +0 -1
- package/dist/admin/AuthenticatedLayout-eKDwvUFO.js.map +0 -1
- package/dist/admin/ContentBox-3MRTNw0X.js +0 -43
- package/dist/admin/ContentBox-3MRTNw0X.js.map +0 -1
- package/dist/admin/ContentBox-9LBDzws0.mjs +0 -41
- package/dist/admin/ContentBox-9LBDzws0.mjs.map +0 -1
- package/dist/admin/CreatePage-bdWb1wg4.mjs.map +0 -1
- package/dist/admin/CreatePage-t5HQUOqJ.js.map +0 -1
- package/dist/admin/EditPage-A7-BewPd.mjs.map +0 -1
- package/dist/admin/EditPage-Lw36XG9G.js.map +0 -1
- package/dist/admin/EditPage-cWJ8V1BK.mjs.map +0 -1
- package/dist/admin/EditPage-pTQCDncU.js.map +0 -1
- package/dist/admin/EditView-HygMdUSf.mjs.map +0 -1
- package/dist/admin/EditView-KzdDTSO-.js.map +0 -1
- package/dist/admin/HomePage-dyDldozB.mjs.map +0 -1
- package/dist/admin/HomePage-ywYHZHMa.js.map +0 -1
- package/dist/admin/InstalledPluginsPage-3OSkplVn.mjs.map +0 -1
- package/dist/admin/InstalledPluginsPage-JkruwT2d.js.map +0 -1
- package/dist/admin/ListPage-DHUp0PDw.js.map +0 -1
- package/dist/admin/ListPage-hNIbvh17.mjs.map +0 -1
- package/dist/admin/MarketplacePage-41CstG0b.mjs.map +0 -1
- package/dist/admin/MarketplacePage-uyOTT12t.js.map +0 -1
- package/dist/admin/ProfilePage-wxZFen3W.js.map +0 -1
- package/dist/admin/ProfilePage-zwG0fq_e.mjs.map +0 -1
- package/dist/admin/SelectRoles-MoDtdDcM.js.map +0 -1
- package/dist/admin/SelectRoles-h_1srnVz.mjs.map +0 -1
- package/dist/admin/Table-CpbvaRQh.js.map +0 -1
- package/dist/admin/Table-EPKfcF5-.mjs.map +0 -1
- package/dist/admin/Theme-7W0we6BI.js.map +0 -1
- package/dist/admin/Theme-PrUuuGtN.mjs.map +0 -1
- package/dist/admin/index-Fu3hPmaj.mjs.map +0 -1
- package/dist/admin/index-w33_0vI-.js.map +0 -1
- package/dist/admin/src/pages/InstalledPluginsPage.d.ts +0 -3
- package/dist/admin/validation-4SWh9S5z.js.map +0 -1
- package/dist/admin/validation-IcNGA_ef.mjs.map +0 -1
- package/dist/ee/server/index.js +0 -2193
- package/dist/ee/server/index.js.map +0 -1
- package/dist/ee/server/index.mjs +0 -2188
- package/dist/ee/server/index.mjs.map +0 -1
- package/strapi-server.js +0 -18
package/dist/server/index.mjs
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
|
-
import
|
|
2
|
-
import
|
|
1
|
+
import * as _ from "lodash";
|
|
2
|
+
import ___default, { pick as pick$1 } from "lodash";
|
|
3
|
+
import { merge, map, uniq, difference, isNil, castArray, pick, curry, pipe, prop, includes, isArray, set, omit, isEmpty, has, defaults, remove, eq, get, differenceWith, differenceBy, isEqual, toLower, isFunction, some, flatMap, isObject, cloneDeep, getOr, intersection, isPlainObject, matchesProperty, propEq, xor, startsWith, isString, isNumber, values, sumBy, trim, isUndefined, mapKeys, toString, toNumber, assign, reverse, take, drop, mapValues } from "lodash/fp";
|
|
4
|
+
import utils$2, { async, errors, yup, validateYupSchema, policy, arrays, hooks as hooks$1, dates, validateYupSchemaSync, providerFactory, sanitize, contentTypes as contentTypes$1, traverse, traverseEntity, validate, env, validateZod, strings } from "@strapi/utils";
|
|
3
5
|
import path, { resolve, basename, join, extname } from "path";
|
|
4
6
|
import fse, { exists as exists$4 } from "fs-extra";
|
|
5
7
|
import koaStatic from "koa-static";
|
|
6
8
|
import { differenceInHours, parseISO } from "date-fns";
|
|
7
9
|
import "@strapi/types";
|
|
8
|
-
import * as _ from "lodash";
|
|
9
|
-
import ___default, { pick as pick$1 } from "lodash";
|
|
10
10
|
import bcrypt from "bcryptjs";
|
|
11
|
-
import passport$
|
|
11
|
+
import passport$2 from "koa-passport";
|
|
12
12
|
import { Strategy } from "passport-local";
|
|
13
13
|
import crypto from "crypto";
|
|
14
14
|
import jwt from "jsonwebtoken";
|
|
@@ -24,10 +24,11 @@ import compose from "koa-compose";
|
|
|
24
24
|
import { strapi as strapi$1 } from "@strapi/data-transfer";
|
|
25
25
|
import isLocalhostIp from "is-localhost-ip";
|
|
26
26
|
import punycode from "punycode/";
|
|
27
|
-
|
|
27
|
+
import { scheduleJob } from "node-schedule";
|
|
28
|
+
const getService$1 = (name2) => {
|
|
28
29
|
return strapi.service(`admin::${name2}`);
|
|
29
30
|
};
|
|
30
|
-
const actions = [
|
|
31
|
+
const actions$1 = [
|
|
31
32
|
{
|
|
32
33
|
uid: "marketplace.read",
|
|
33
34
|
displayName: "Access the marketplace",
|
|
@@ -252,7 +253,7 @@ const actions = [
|
|
|
252
253
|
}
|
|
253
254
|
];
|
|
254
255
|
const adminActions = {
|
|
255
|
-
actions
|
|
256
|
+
actions: actions$1
|
|
256
257
|
};
|
|
257
258
|
const conditions = [
|
|
258
259
|
{
|
|
@@ -287,13 +288,13 @@ const defaultAdminAuthSettings = {
|
|
|
287
288
|
}
|
|
288
289
|
};
|
|
289
290
|
const registerPermissionActions = async () => {
|
|
290
|
-
await getService("permission").actionProvider.registerMany(adminActions.actions);
|
|
291
|
+
await getService$1("permission").actionProvider.registerMany(adminActions.actions);
|
|
291
292
|
};
|
|
292
293
|
const registerAdminConditions = async () => {
|
|
293
|
-
await getService("permission").conditionProvider.registerMany(adminConditions.conditions);
|
|
294
|
+
await getService$1("permission").conditionProvider.registerMany(adminConditions.conditions);
|
|
294
295
|
};
|
|
295
296
|
const registerModelHooks = () => {
|
|
296
|
-
const { sendDidChangeInterfaceLanguage: sendDidChangeInterfaceLanguage2 } = getService("metrics");
|
|
297
|
+
const { sendDidChangeInterfaceLanguage: sendDidChangeInterfaceLanguage2 } = getService$1("metrics");
|
|
297
298
|
strapi.db.lifecycles.subscribe({
|
|
298
299
|
models: ["admin::user"],
|
|
299
300
|
afterCreate: sendDidChangeInterfaceLanguage2,
|
|
@@ -309,7 +310,7 @@ const syncAuthSettings = async () => {
|
|
|
309
310
|
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
310
311
|
const adminAuthSettings = await adminStore.get({ key: "auth" });
|
|
311
312
|
const newAuthSettings = merge(defaultAdminAuthSettings, adminAuthSettings);
|
|
312
|
-
const roleExists = await getService("role").exists({
|
|
313
|
+
const roleExists = await getService$1("role").exists({
|
|
313
314
|
id: newAuthSettings.providers.defaultRole
|
|
314
315
|
});
|
|
315
316
|
if (!roleExists) {
|
|
@@ -328,16 +329,16 @@ const syncAPITokensPermissions = async () => {
|
|
|
328
329
|
await strapi.db.query("admin::api-token-permission").deleteMany({ where: { action: { $in: unknownPermissions } } });
|
|
329
330
|
}
|
|
330
331
|
};
|
|
331
|
-
const bootstrap = async ({ strapi: strapi2 }) => {
|
|
332
|
+
const bootstrap$1 = async ({ strapi: strapi2 }) => {
|
|
332
333
|
await registerAdminConditions();
|
|
333
334
|
await registerPermissionActions();
|
|
334
335
|
registerModelHooks();
|
|
335
|
-
const permissionService = getService("permission");
|
|
336
|
-
const userService = getService("user");
|
|
337
|
-
const roleService = getService("role");
|
|
338
|
-
const apiTokenService = getService("api-token");
|
|
339
|
-
const transferService = getService("transfer");
|
|
340
|
-
const tokenService = getService("token");
|
|
336
|
+
const permissionService = getService$1("permission");
|
|
337
|
+
const userService = getService$1("user");
|
|
338
|
+
const roleService = getService$1("role");
|
|
339
|
+
const apiTokenService = getService$1("api-token");
|
|
340
|
+
const transferService = getService$1("transfer");
|
|
341
|
+
const tokenService = getService$1("token");
|
|
341
342
|
await roleService.createRolesIfNoneExist();
|
|
342
343
|
await roleService.resetSuperAdminPermissions();
|
|
343
344
|
await roleService.displayWarningIfNoSuperAdmin();
|
|
@@ -345,8 +346,8 @@ const bootstrap = async ({ strapi: strapi2 }) => {
|
|
|
345
346
|
await userService.displayWarningIfUsersDontHaveRole();
|
|
346
347
|
await syncAuthSettings();
|
|
347
348
|
await syncAPITokensPermissions();
|
|
348
|
-
await getService("metrics").sendUpdateProjectInformation(strapi2);
|
|
349
|
-
getService("metrics").startCron(strapi2);
|
|
349
|
+
await getService$1("metrics").sendUpdateProjectInformation(strapi2);
|
|
350
|
+
getService$1("metrics").startCron(strapi2);
|
|
350
351
|
apiTokenService.checkSaltIsDefined();
|
|
351
352
|
transferService.token.checkSaltIsDefined();
|
|
352
353
|
tokenService.checkSecretIsDefined();
|
|
@@ -403,7 +404,7 @@ const serveStatic = (filesDir, koaStaticOptions = {}) => {
|
|
|
403
404
|
ctx.path = prev;
|
|
404
405
|
};
|
|
405
406
|
};
|
|
406
|
-
const authenticate$
|
|
407
|
+
const authenticate$3 = async (ctx) => {
|
|
407
408
|
const { authorization } = ctx.request.header;
|
|
408
409
|
if (!authorization) {
|
|
409
410
|
return { authenticated: false };
|
|
@@ -413,7 +414,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
413
414
|
return { authenticated: false };
|
|
414
415
|
}
|
|
415
416
|
const token2 = parts[1];
|
|
416
|
-
const { payload, isValid } = getService("token").decodeJwtToken(token2);
|
|
417
|
+
const { payload, isValid } = getService$1("token").decodeJwtToken(token2);
|
|
417
418
|
if (!isValid) {
|
|
418
419
|
return { authenticated: false };
|
|
419
420
|
}
|
|
@@ -421,7 +422,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
421
422
|
if (!user2 || !(user2.isActive === true)) {
|
|
422
423
|
return { authenticated: false };
|
|
423
424
|
}
|
|
424
|
-
const userAbility = await getService("permission").engine.generateUserAbility(user2);
|
|
425
|
+
const userAbility = await getService$1("permission").engine.generateUserAbility(user2);
|
|
425
426
|
ctx.state.userAbility = userAbility;
|
|
426
427
|
ctx.state.user = user2;
|
|
427
428
|
return {
|
|
@@ -433,7 +434,7 @@ const authenticate$2 = async (ctx) => {
|
|
|
433
434
|
const name$1 = "admin";
|
|
434
435
|
const adminAuthStrategy = {
|
|
435
436
|
name: name$1,
|
|
436
|
-
authenticate: authenticate$
|
|
437
|
+
authenticate: authenticate$3
|
|
437
438
|
};
|
|
438
439
|
const DAY_IN_MS = 24 * 60 * 60 * 1e3;
|
|
439
440
|
const constants$3 = {
|
|
@@ -473,7 +474,7 @@ const constants$4 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
473
474
|
__proto__: null,
|
|
474
475
|
default: constants$3
|
|
475
476
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
476
|
-
const { UnauthorizedError: UnauthorizedError$
|
|
477
|
+
const { UnauthorizedError: UnauthorizedError$3, ForbiddenError: ForbiddenError$2 } = errors;
|
|
477
478
|
const isReadScope = (scope) => scope.endsWith("find") || scope.endsWith("findOne");
|
|
478
479
|
const extractToken$1 = (ctx) => {
|
|
479
480
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
@@ -485,8 +486,8 @@ const extractToken$1 = (ctx) => {
|
|
|
485
486
|
}
|
|
486
487
|
return null;
|
|
487
488
|
};
|
|
488
|
-
const authenticate$
|
|
489
|
-
const apiTokenService = getService("api-token");
|
|
489
|
+
const authenticate$2 = async (ctx) => {
|
|
490
|
+
const apiTokenService = getService$1("api-token");
|
|
490
491
|
const token2 = extractToken$1(ctx);
|
|
491
492
|
if (!token2) {
|
|
492
493
|
return { authenticated: false };
|
|
@@ -501,7 +502,7 @@ const authenticate$1 = async (ctx) => {
|
|
|
501
502
|
if (!isNil(apiToken2.expiresAt)) {
|
|
502
503
|
const expirationDate = new Date(apiToken2.expiresAt);
|
|
503
504
|
if (expirationDate < currentDate) {
|
|
504
|
-
return { authenticated: false, error: new UnauthorizedError$
|
|
505
|
+
return { authenticated: false, error: new UnauthorizedError$3("Token expired") };
|
|
505
506
|
}
|
|
506
507
|
}
|
|
507
508
|
const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(apiToken2.lastUsedAt));
|
|
@@ -519,44 +520,44 @@ const authenticate$1 = async (ctx) => {
|
|
|
519
520
|
}
|
|
520
521
|
return { authenticated: true, credentials: apiToken2 };
|
|
521
522
|
};
|
|
522
|
-
const verify$2 = (auth2,
|
|
523
|
+
const verify$2 = (auth2, config2) => {
|
|
523
524
|
const { credentials: apiToken2, ability } = auth2;
|
|
524
525
|
if (!apiToken2) {
|
|
525
|
-
throw new UnauthorizedError$
|
|
526
|
+
throw new UnauthorizedError$3("Token not found");
|
|
526
527
|
}
|
|
527
528
|
const currentDate = /* @__PURE__ */ new Date();
|
|
528
529
|
if (!isNil(apiToken2.expiresAt)) {
|
|
529
530
|
const expirationDate = new Date(apiToken2.expiresAt);
|
|
530
531
|
if (expirationDate < currentDate) {
|
|
531
|
-
throw new UnauthorizedError$
|
|
532
|
+
throw new UnauthorizedError$3("Token expired");
|
|
532
533
|
}
|
|
533
534
|
}
|
|
534
535
|
if (apiToken2.type === constants$3.API_TOKEN_TYPE.FULL_ACCESS) {
|
|
535
536
|
return;
|
|
536
537
|
}
|
|
537
538
|
if (apiToken2.type === constants$3.API_TOKEN_TYPE.READ_ONLY) {
|
|
538
|
-
const scopes = castArray(
|
|
539
|
-
if (
|
|
539
|
+
const scopes = castArray(config2.scope);
|
|
540
|
+
if (config2.scope && scopes.every(isReadScope)) {
|
|
540
541
|
return;
|
|
541
542
|
}
|
|
542
543
|
} else if (apiToken2.type === constants$3.API_TOKEN_TYPE.CUSTOM) {
|
|
543
544
|
if (!ability) {
|
|
544
|
-
throw new ForbiddenError$
|
|
545
|
+
throw new ForbiddenError$2();
|
|
545
546
|
}
|
|
546
|
-
const scopes = castArray(
|
|
547
|
+
const scopes = castArray(config2.scope);
|
|
547
548
|
const isAllowed = scopes.every((scope) => ability.can(scope));
|
|
548
549
|
if (isAllowed) {
|
|
549
550
|
return;
|
|
550
551
|
}
|
|
551
552
|
}
|
|
552
|
-
throw new ForbiddenError$
|
|
553
|
+
throw new ForbiddenError$2();
|
|
553
554
|
};
|
|
554
555
|
const apiTokenAuthStrategy = {
|
|
555
556
|
name: "api-token",
|
|
556
|
-
authenticate: authenticate$
|
|
557
|
+
authenticate: authenticate$2,
|
|
557
558
|
verify: verify$2
|
|
558
559
|
};
|
|
559
|
-
const register$
|
|
560
|
+
const register$2 = ({ strapi: strapi2 }) => {
|
|
560
561
|
const passportMiddleware = strapi2.service("admin::passport").init();
|
|
561
562
|
strapi2.server.api("admin").use(passportMiddleware);
|
|
562
563
|
strapi2.get("auth").register("admin", adminAuthStrategy);
|
|
@@ -565,8 +566,8 @@ const register$1 = ({ strapi: strapi2 }) => {
|
|
|
565
566
|
registerAdminPanelRoute({ strapi: strapi2 });
|
|
566
567
|
}
|
|
567
568
|
};
|
|
568
|
-
const destroy = async () => {
|
|
569
|
-
const { conditionProvider: conditionProvider2, actionProvider: actionProvider2 } = getService("permission");
|
|
569
|
+
const destroy$1 = async () => {
|
|
570
|
+
const { conditionProvider: conditionProvider2, actionProvider: actionProvider2 } = getService$1("permission");
|
|
570
571
|
await conditionProvider2.clear();
|
|
571
572
|
await actionProvider2.clear();
|
|
572
573
|
};
|
|
@@ -586,11 +587,11 @@ But don’t worry! You can use the following link to reset your password:
|
|
|
586
587
|
|
|
587
588
|
Thanks.`;
|
|
588
589
|
const forgotPasswordTemplate = { subject, text, html };
|
|
589
|
-
const forgotPassword$
|
|
590
|
+
const forgotPassword$2 = {
|
|
590
591
|
emailTemplate: forgotPasswordTemplate
|
|
591
592
|
};
|
|
592
|
-
const
|
|
593
|
-
forgotPassword: forgotPassword$
|
|
593
|
+
const config = {
|
|
594
|
+
forgotPassword: forgotPassword$2
|
|
594
595
|
};
|
|
595
596
|
const isAuthenticatedAdmin = (policyCtx) => {
|
|
596
597
|
return Boolean(policyCtx.state.isAuthenticated);
|
|
@@ -632,8 +633,8 @@ const inputModifiers = [
|
|
|
632
633
|
const hasPermissions = createPolicy$1({
|
|
633
634
|
name: "admin::hasPermissions",
|
|
634
635
|
validator: validateHasPermissionsInput,
|
|
635
|
-
handler(ctx,
|
|
636
|
-
const { actions: actions2 } =
|
|
636
|
+
handler(ctx, config2) {
|
|
637
|
+
const { actions: actions2 } = config2;
|
|
637
638
|
const { userAbility: ability } = ctx.state;
|
|
638
639
|
const permissions2 = actions2.map(
|
|
639
640
|
(action2) => inputModifiers.find((modifier) => modifier.check(action2))?.transform(action2)
|
|
@@ -653,8 +654,8 @@ const isTelemetryEnabled = createPolicy({
|
|
|
653
654
|
}
|
|
654
655
|
}
|
|
655
656
|
});
|
|
656
|
-
const
|
|
657
|
-
const admin$
|
|
657
|
+
const policies = { isAuthenticatedAdmin, hasPermissions, isTelemetryEnabled };
|
|
658
|
+
const admin$4 = [
|
|
658
659
|
{
|
|
659
660
|
method: "GET",
|
|
660
661
|
path: "/init",
|
|
@@ -723,7 +724,7 @@ const admin$1 = [
|
|
|
723
724
|
}
|
|
724
725
|
}
|
|
725
726
|
];
|
|
726
|
-
const authentication$
|
|
727
|
+
const authentication$2 = [
|
|
727
728
|
{
|
|
728
729
|
method: "POST",
|
|
729
730
|
path: "/login",
|
|
@@ -1152,7 +1153,7 @@ const contentApi$1 = [
|
|
|
1152
1153
|
}
|
|
1153
1154
|
}
|
|
1154
1155
|
];
|
|
1155
|
-
const { UnauthorizedError: UnauthorizedError$
|
|
1156
|
+
const { UnauthorizedError: UnauthorizedError$2, ForbiddenError: ForbiddenError$1 } = errors;
|
|
1156
1157
|
const extractToken = (ctx) => {
|
|
1157
1158
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
1158
1159
|
const parts = ctx.request.header.authorization.split(/\s+/);
|
|
@@ -1163,8 +1164,8 @@ const extractToken = (ctx) => {
|
|
|
1163
1164
|
}
|
|
1164
1165
|
return null;
|
|
1165
1166
|
};
|
|
1166
|
-
const authenticate = async (ctx) => {
|
|
1167
|
-
const { token: tokenService } = getService("transfer");
|
|
1167
|
+
const authenticate$1 = async (ctx) => {
|
|
1168
|
+
const { token: tokenService } = getService$1("transfer");
|
|
1168
1169
|
const token2 = extractToken(ctx);
|
|
1169
1170
|
if (!token2) {
|
|
1170
1171
|
return { authenticated: false };
|
|
@@ -1177,7 +1178,7 @@ const authenticate = async (ctx) => {
|
|
|
1177
1178
|
if (!isNil(transferToken2.expiresAt)) {
|
|
1178
1179
|
const expirationDate = new Date(transferToken2.expiresAt);
|
|
1179
1180
|
if (expirationDate < currentDate) {
|
|
1180
|
-
return { authenticated: false, error: new UnauthorizedError$
|
|
1181
|
+
return { authenticated: false, error: new UnauthorizedError$2("Token expired") };
|
|
1181
1182
|
}
|
|
1182
1183
|
}
|
|
1183
1184
|
const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(transferToken2.lastUsedAt));
|
|
@@ -1187,36 +1188,36 @@ const authenticate = async (ctx) => {
|
|
|
1187
1188
|
data: { lastUsedAt: currentDate }
|
|
1188
1189
|
});
|
|
1189
1190
|
}
|
|
1190
|
-
const ability = await getService("transfer").permission.engine.generateAbility(
|
|
1191
|
+
const ability = await getService$1("transfer").permission.engine.generateAbility(
|
|
1191
1192
|
transferToken2.permissions.map((action2) => ({ action: action2 }))
|
|
1192
1193
|
);
|
|
1193
1194
|
return { authenticated: true, ability, credentials: transferToken2 };
|
|
1194
1195
|
};
|
|
1195
|
-
const verify$1 = async (auth2,
|
|
1196
|
+
const verify$1 = async (auth2, config2 = {}) => {
|
|
1196
1197
|
const { credentials: transferToken2, ability } = auth2;
|
|
1197
1198
|
if (!transferToken2) {
|
|
1198
|
-
throw new UnauthorizedError$
|
|
1199
|
+
throw new UnauthorizedError$2("Token not found");
|
|
1199
1200
|
}
|
|
1200
1201
|
const currentDate = /* @__PURE__ */ new Date();
|
|
1201
1202
|
if (!isNil(transferToken2.expiresAt)) {
|
|
1202
1203
|
const expirationDate = new Date(transferToken2.expiresAt);
|
|
1203
1204
|
if (expirationDate < currentDate) {
|
|
1204
|
-
throw new UnauthorizedError$
|
|
1205
|
+
throw new UnauthorizedError$2("Token expired");
|
|
1205
1206
|
}
|
|
1206
1207
|
}
|
|
1207
1208
|
if (!ability) {
|
|
1208
|
-
throw new ForbiddenError();
|
|
1209
|
+
throw new ForbiddenError$1();
|
|
1209
1210
|
}
|
|
1210
|
-
const scopes = castArray(
|
|
1211
|
+
const scopes = castArray(config2.scope ?? []);
|
|
1211
1212
|
const isAllowed = scopes.every((scope) => ability.can(scope));
|
|
1212
1213
|
if (!isAllowed) {
|
|
1213
|
-
throw new ForbiddenError();
|
|
1214
|
+
throw new ForbiddenError$1();
|
|
1214
1215
|
}
|
|
1215
1216
|
};
|
|
1216
1217
|
const name = "data-transfer";
|
|
1217
1218
|
const dataTransferAuthStrategy = {
|
|
1218
1219
|
name,
|
|
1219
|
-
authenticate,
|
|
1220
|
+
authenticate: authenticate$1,
|
|
1220
1221
|
verify: verify$1
|
|
1221
1222
|
};
|
|
1222
1223
|
const transfer$2 = [
|
|
@@ -1317,12 +1318,12 @@ const transfer$2 = [
|
|
|
1317
1318
|
}
|
|
1318
1319
|
}
|
|
1319
1320
|
];
|
|
1320
|
-
const routes = {
|
|
1321
|
+
const routes$1 = {
|
|
1321
1322
|
admin: {
|
|
1322
1323
|
type: "admin",
|
|
1323
1324
|
routes: [
|
|
1324
|
-
...admin$
|
|
1325
|
-
...authentication$
|
|
1325
|
+
...admin$4,
|
|
1326
|
+
...authentication$2,
|
|
1326
1327
|
...permissions,
|
|
1327
1328
|
...users,
|
|
1328
1329
|
...roles$1,
|
|
@@ -1333,7 +1334,7 @@ const routes = {
|
|
|
1333
1334
|
]
|
|
1334
1335
|
}
|
|
1335
1336
|
};
|
|
1336
|
-
const { ApplicationError: ApplicationError$
|
|
1337
|
+
const { ApplicationError: ApplicationError$a } = errors;
|
|
1337
1338
|
const hashPassword = (password2) => bcrypt.hash(password2, 10);
|
|
1338
1339
|
const validatePassword = (password2, hash2) => bcrypt.compare(password2, hash2);
|
|
1339
1340
|
const checkCredentials = async ({ email: email2, password: password2 }) => {
|
|
@@ -1350,13 +1351,13 @@ const checkCredentials = async ({ email: email2, password: password2 }) => {
|
|
|
1350
1351
|
}
|
|
1351
1352
|
return [null, user2];
|
|
1352
1353
|
};
|
|
1353
|
-
const forgotPassword = async ({ email: email2 } = {}) => {
|
|
1354
|
+
const forgotPassword$1 = async ({ email: email2 } = {}) => {
|
|
1354
1355
|
const user2 = await strapi.db.query("admin::user").findOne({ where: { email: email2, isActive: true } });
|
|
1355
1356
|
if (!user2) {
|
|
1356
1357
|
return;
|
|
1357
1358
|
}
|
|
1358
|
-
const resetPasswordToken = getService("token").createToken();
|
|
1359
|
-
await getService("user").updateById(user2.id, { resetPasswordToken });
|
|
1359
|
+
const resetPasswordToken = getService$1("token").createToken();
|
|
1360
|
+
await getService$1("user").updateById(user2.id, { resetPasswordToken });
|
|
1360
1361
|
const url = `${strapi.config.get(
|
|
1361
1362
|
"admin.absoluteUrl"
|
|
1362
1363
|
)}/auth/reset-password?code=${resetPasswordToken}`;
|
|
@@ -1375,18 +1376,18 @@ const forgotPassword = async ({ email: email2 } = {}) => {
|
|
|
1375
1376
|
strapi.log.error(err);
|
|
1376
1377
|
});
|
|
1377
1378
|
};
|
|
1378
|
-
const resetPassword = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
1379
|
+
const resetPassword$1 = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
1379
1380
|
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { resetPasswordToken, isActive: true } });
|
|
1380
1381
|
if (!matchingUser) {
|
|
1381
|
-
throw new ApplicationError$
|
|
1382
|
+
throw new ApplicationError$a();
|
|
1382
1383
|
}
|
|
1383
|
-
return getService("user").updateById(matchingUser.id, {
|
|
1384
|
+
return getService$1("user").updateById(matchingUser.id, {
|
|
1384
1385
|
password: password2,
|
|
1385
1386
|
resetPasswordToken: null
|
|
1386
1387
|
});
|
|
1387
1388
|
};
|
|
1388
|
-
const auth = { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };
|
|
1389
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1389
|
+
const auth$1 = { checkCredentials, validatePassword, hashPassword, forgotPassword: forgotPassword$1, resetPassword: resetPassword$1 };
|
|
1390
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$5 } = constants$3;
|
|
1390
1391
|
function createUser(attributes) {
|
|
1391
1392
|
return {
|
|
1392
1393
|
roles: [],
|
|
@@ -1396,7 +1397,7 @@ function createUser(attributes) {
|
|
|
1396
1397
|
};
|
|
1397
1398
|
}
|
|
1398
1399
|
const hasSuperAdminRole$1 = (user2) => {
|
|
1399
|
-
return user2.roles.filter((role2) => role2.code === SUPER_ADMIN_CODE$
|
|
1400
|
+
return user2.roles.filter((role2) => role2.code === SUPER_ADMIN_CODE$5).length > 0;
|
|
1400
1401
|
};
|
|
1401
1402
|
const ADMIN_USER_ALLOWED_FIELDS = ["id", "firstname", "lastname", "username"];
|
|
1402
1403
|
const getDefaultActionAttributes = () => ({
|
|
@@ -1486,7 +1487,7 @@ const checkFieldsDontHaveDuplicates = (fields) => {
|
|
|
1486
1487
|
return ___default.uniq(fields).length === fields.length;
|
|
1487
1488
|
};
|
|
1488
1489
|
const getActionFromProvider = (actionId) => {
|
|
1489
|
-
return getService("permission").actionProvider.get(actionId);
|
|
1490
|
+
return getService$1("permission").actionProvider.get(actionId);
|
|
1490
1491
|
};
|
|
1491
1492
|
const email = yup.string().email().lowercase();
|
|
1492
1493
|
const firstname = yup.string().trim().min(1);
|
|
@@ -1606,46 +1607,46 @@ const validators = {
|
|
|
1606
1607
|
permission: permission$3,
|
|
1607
1608
|
updatePermissions
|
|
1608
1609
|
};
|
|
1609
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1610
|
-
const { ValidationError: ValidationError$
|
|
1611
|
-
const sanitizeUserRoles = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
1612
|
-
const sanitizeUser = (user2) => {
|
|
1610
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$4 } = constants$3;
|
|
1611
|
+
const { ValidationError: ValidationError$6 } = errors;
|
|
1612
|
+
const sanitizeUserRoles$1 = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
1613
|
+
const sanitizeUser$1 = (user2) => {
|
|
1613
1614
|
return {
|
|
1614
1615
|
...___default.omit(user2, ["password", "resetPasswordToken", "registrationToken", "roles"]),
|
|
1615
|
-
roles: user2.roles && user2.roles.map(sanitizeUserRoles)
|
|
1616
|
+
roles: user2.roles && user2.roles.map(sanitizeUserRoles$1)
|
|
1616
1617
|
};
|
|
1617
1618
|
};
|
|
1618
1619
|
const create$5 = async (attributes) => {
|
|
1619
1620
|
const userInfo = {
|
|
1620
|
-
registrationToken: getService("token").createToken(),
|
|
1621
|
+
registrationToken: getService$1("token").createToken(),
|
|
1621
1622
|
...attributes
|
|
1622
1623
|
};
|
|
1623
1624
|
if (___default.has(attributes, "password")) {
|
|
1624
|
-
userInfo.password = await getService("auth").hashPassword(attributes.password);
|
|
1625
|
+
userInfo.password = await getService$1("auth").hashPassword(attributes.password);
|
|
1625
1626
|
}
|
|
1626
1627
|
const user2 = createUser(userInfo);
|
|
1627
1628
|
const createdUser = await strapi.db.query("admin::user").create({ data: user2, populate: ["roles"] });
|
|
1628
|
-
getService("metrics").sendDidInviteUser();
|
|
1629
|
-
strapi.eventHub.emit("user.create", { user: sanitizeUser(createdUser) });
|
|
1629
|
+
getService$1("metrics").sendDidInviteUser();
|
|
1630
|
+
strapi.eventHub.emit("user.create", { user: sanitizeUser$1(createdUser) });
|
|
1630
1631
|
return createdUser;
|
|
1631
1632
|
};
|
|
1632
|
-
const updateById = async (id, attributes) => {
|
|
1633
|
+
const updateById$1 = async (id, attributes) => {
|
|
1633
1634
|
if (___default.has(attributes, "roles")) {
|
|
1634
|
-
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
1635
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1635
|
+
const lastAdminUser = await isLastSuperAdminUser$1(id);
|
|
1636
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1636
1637
|
const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles, superAdminRole.id);
|
|
1637
1638
|
if (lastAdminUser && willRemoveSuperAdminRole) {
|
|
1638
|
-
throw new ValidationError$
|
|
1639
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1639
1640
|
}
|
|
1640
1641
|
}
|
|
1641
1642
|
if (attributes.isActive === false) {
|
|
1642
|
-
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
1643
|
+
const lastAdminUser = await isLastSuperAdminUser$1(id);
|
|
1643
1644
|
if (lastAdminUser) {
|
|
1644
|
-
throw new ValidationError$
|
|
1645
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1645
1646
|
}
|
|
1646
1647
|
}
|
|
1647
1648
|
if (___default.has(attributes, "password")) {
|
|
1648
|
-
const hashedPassword = await getService("auth").hashPassword(attributes.password);
|
|
1649
|
+
const hashedPassword = await getService$1("auth").hashPassword(attributes.password);
|
|
1649
1650
|
const updatedUser2 = await strapi.db.query("admin::user").update({
|
|
1650
1651
|
where: { id },
|
|
1651
1652
|
data: {
|
|
@@ -1654,7 +1655,7 @@ const updateById = async (id, attributes) => {
|
|
|
1654
1655
|
},
|
|
1655
1656
|
populate: ["roles"]
|
|
1656
1657
|
});
|
|
1657
|
-
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser2) });
|
|
1658
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser$1(updatedUser2) });
|
|
1658
1659
|
return updatedUser2;
|
|
1659
1660
|
}
|
|
1660
1661
|
const updatedUser = await strapi.db.query("admin::user").update({
|
|
@@ -1663,7 +1664,7 @@ const updateById = async (id, attributes) => {
|
|
|
1663
1664
|
populate: ["roles"]
|
|
1664
1665
|
});
|
|
1665
1666
|
if (updatedUser) {
|
|
1666
|
-
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser) });
|
|
1667
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser$1(updatedUser) });
|
|
1667
1668
|
}
|
|
1668
1669
|
return updatedUser;
|
|
1669
1670
|
};
|
|
@@ -1675,17 +1676,17 @@ const resetPasswordByEmail = async (email2, password$1) => {
|
|
|
1675
1676
|
try {
|
|
1676
1677
|
await password.validate(password$1);
|
|
1677
1678
|
} catch (error) {
|
|
1678
|
-
throw new ValidationError$
|
|
1679
|
+
throw new ValidationError$6(
|
|
1679
1680
|
"Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter"
|
|
1680
1681
|
);
|
|
1681
1682
|
}
|
|
1682
|
-
await updateById(user2.id, { password: password$1 });
|
|
1683
|
+
await updateById$1(user2.id, { password: password$1 });
|
|
1683
1684
|
};
|
|
1684
|
-
const isLastSuperAdminUser = async (userId) => {
|
|
1685
|
-
const user2 = await findOne$
|
|
1685
|
+
const isLastSuperAdminUser$1 = async (userId) => {
|
|
1686
|
+
const user2 = await findOne$2(userId);
|
|
1686
1687
|
if (!user2)
|
|
1687
1688
|
return false;
|
|
1688
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1689
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1689
1690
|
return superAdminRole.usersCount === 1 && hasSuperAdminRole$1(user2);
|
|
1690
1691
|
};
|
|
1691
1692
|
const exists$3 = async (attributes = {}) => {
|
|
@@ -1698,15 +1699,15 @@ const findRegistrationInfo = async (registrationToken) => {
|
|
|
1698
1699
|
}
|
|
1699
1700
|
return ___default.pick(user2, ["email", "firstname", "lastname"]);
|
|
1700
1701
|
};
|
|
1701
|
-
const register = async ({
|
|
1702
|
+
const register$1 = async ({
|
|
1702
1703
|
registrationToken,
|
|
1703
1704
|
userInfo
|
|
1704
1705
|
}) => {
|
|
1705
1706
|
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { registrationToken } });
|
|
1706
1707
|
if (!matchingUser) {
|
|
1707
|
-
throw new ValidationError$
|
|
1708
|
+
throw new ValidationError$6("Invalid registration info");
|
|
1708
1709
|
}
|
|
1709
|
-
return getService("user").updateById(matchingUser.id, {
|
|
1710
|
+
return getService$1("user").updateById(matchingUser.id, {
|
|
1710
1711
|
password: userInfo.password,
|
|
1711
1712
|
firstname: userInfo.firstname,
|
|
1712
1713
|
lastname: userInfo.lastname,
|
|
@@ -1714,7 +1715,7 @@ const register = async ({
|
|
|
1714
1715
|
isActive: true
|
|
1715
1716
|
});
|
|
1716
1717
|
};
|
|
1717
|
-
const findOne$
|
|
1718
|
+
const findOne$2 = async (id, populate = ["roles"]) => {
|
|
1718
1719
|
return strapi.db.query("admin::user").findOne({ where: { id }, populate });
|
|
1719
1720
|
};
|
|
1720
1721
|
const findOneByEmail = async (email2, populate = []) => {
|
|
@@ -1727,7 +1728,7 @@ const findPage = async (params = {}) => {
|
|
|
1727
1728
|
const query = strapi.get("query-params").transform("admin::user", defaults({ populate: ["roles"] }, params));
|
|
1728
1729
|
return strapi.db.query("admin::user").findPage(query);
|
|
1729
1730
|
};
|
|
1730
|
-
const deleteById = async (id) => {
|
|
1731
|
+
const deleteById$1 = async (id) => {
|
|
1731
1732
|
const userToDelete = await strapi.db.query("admin::user").findOne({
|
|
1732
1733
|
where: { id },
|
|
1733
1734
|
populate: ["roles"]
|
|
@@ -1736,19 +1737,19 @@ const deleteById = async (id) => {
|
|
|
1736
1737
|
return null;
|
|
1737
1738
|
}
|
|
1738
1739
|
if (userToDelete) {
|
|
1739
|
-
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$
|
|
1740
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1740
|
+
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$4)) {
|
|
1741
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1741
1742
|
if (superAdminRole.usersCount === 1) {
|
|
1742
|
-
throw new ValidationError$
|
|
1743
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1743
1744
|
}
|
|
1744
1745
|
}
|
|
1745
1746
|
}
|
|
1746
1747
|
const deletedUser = await strapi.db.query("admin::user").delete({ where: { id }, populate: ["roles"] });
|
|
1747
|
-
strapi.eventHub.emit("user.delete", { user: sanitizeUser(deletedUser) });
|
|
1748
|
+
strapi.eventHub.emit("user.delete", { user: sanitizeUser$1(deletedUser) });
|
|
1748
1749
|
return deletedUser;
|
|
1749
1750
|
};
|
|
1750
|
-
const deleteByIds$
|
|
1751
|
-
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
1751
|
+
const deleteByIds$3 = async (ids) => {
|
|
1752
|
+
const superAdminRole = await getService$1("role").getSuperAdminWithUsersCount();
|
|
1752
1753
|
const nbOfSuperAdminToDelete = await strapi.db.query("admin::user").count({
|
|
1753
1754
|
where: {
|
|
1754
1755
|
id: ids,
|
|
@@ -1756,7 +1757,7 @@ const deleteByIds$2 = async (ids) => {
|
|
|
1756
1757
|
}
|
|
1757
1758
|
});
|
|
1758
1759
|
if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
|
|
1759
|
-
throw new ValidationError$
|
|
1760
|
+
throw new ValidationError$6("You must have at least one user with super admin role.");
|
|
1760
1761
|
}
|
|
1761
1762
|
const deletedUsers = [];
|
|
1762
1763
|
for (const id of ids) {
|
|
@@ -1767,7 +1768,7 @@ const deleteByIds$2 = async (ids) => {
|
|
|
1767
1768
|
deletedUsers.push(deletedUser);
|
|
1768
1769
|
}
|
|
1769
1770
|
strapi.eventHub.emit("user.delete", {
|
|
1770
|
-
users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser))
|
|
1771
|
+
users: deletedUsers.map((deletedUser) => sanitizeUser$1(deletedUser))
|
|
1771
1772
|
});
|
|
1772
1773
|
return deletedUsers;
|
|
1773
1774
|
};
|
|
@@ -1809,18 +1810,18 @@ const getLanguagesInUse = async () => {
|
|
|
1809
1810
|
const users2 = await strapi.db.query("admin::user").findMany({ select: ["preferedLanguage"] });
|
|
1810
1811
|
return users2.map((user2) => user2.preferedLanguage || "en");
|
|
1811
1812
|
};
|
|
1812
|
-
const user$
|
|
1813
|
+
const user$3 = {
|
|
1813
1814
|
create: create$5,
|
|
1814
|
-
updateById,
|
|
1815
|
+
updateById: updateById$1,
|
|
1815
1816
|
exists: exists$3,
|
|
1816
1817
|
findRegistrationInfo,
|
|
1817
|
-
register,
|
|
1818
|
-
sanitizeUser,
|
|
1819
|
-
findOne: findOne$
|
|
1818
|
+
register: register$1,
|
|
1819
|
+
sanitizeUser: sanitizeUser$1,
|
|
1820
|
+
findOne: findOne$2,
|
|
1820
1821
|
findOneByEmail,
|
|
1821
1822
|
findPage,
|
|
1822
|
-
deleteById,
|
|
1823
|
-
deleteByIds: deleteByIds$
|
|
1823
|
+
deleteById: deleteById$1,
|
|
1824
|
+
deleteByIds: deleteByIds$3,
|
|
1824
1825
|
countUsersWithoutRole,
|
|
1825
1826
|
count: count$1,
|
|
1826
1827
|
assignARoleToAll,
|
|
@@ -1910,7 +1911,7 @@ const checkPermissionsSchema = yup.object().shape({
|
|
|
1910
1911
|
)
|
|
1911
1912
|
});
|
|
1912
1913
|
const checkPermissionsExist = function(permissions2) {
|
|
1913
|
-
const existingActions = getService("permission").actionProvider.values();
|
|
1914
|
+
const existingActions = getService$1("permission").actionProvider.values();
|
|
1914
1915
|
const failIndex = permissions2.findIndex(
|
|
1915
1916
|
(permission2) => !existingActions.some(
|
|
1916
1917
|
(action2) => action2.actionId === permission2.action && (action2.section !== "contentTypes" || action2.subjects.includes(permission2.subject))
|
|
@@ -1932,9 +1933,9 @@ const actionsExistSchema = yup.array().of(
|
|
|
1932
1933
|
const validatePermissionsExist = validateYupSchema(actionsExistSchema);
|
|
1933
1934
|
const validateCheckPermissionsInput = validateYupSchema(checkPermissionsSchema);
|
|
1934
1935
|
const validatedUpdatePermissionsInput = validateYupSchema(validators.updatePermissions);
|
|
1935
|
-
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$
|
|
1936
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$3, CONTENT_TYPE_SECTION } = constants$3;
|
|
1936
1937
|
const { createAsyncSeriesWaterfallHook } = hooks$1;
|
|
1937
|
-
const { ApplicationError: ApplicationError$
|
|
1938
|
+
const { ApplicationError: ApplicationError$9 } = errors;
|
|
1938
1939
|
const hooks = {
|
|
1939
1940
|
willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook()
|
|
1940
1941
|
};
|
|
@@ -1957,7 +1958,7 @@ const arePermissionsEqual = (p1, p2) => {
|
|
|
1957
1958
|
const create$3 = async (attributes) => {
|
|
1958
1959
|
const alreadyExists = await exists$2({ name: attributes.name });
|
|
1959
1960
|
if (alreadyExists) {
|
|
1960
|
-
throw new ApplicationError$
|
|
1961
|
+
throw new ApplicationError$9(
|
|
1961
1962
|
`The name must be unique and a role with name \`${attributes.name}\` already exists.`
|
|
1962
1963
|
);
|
|
1963
1964
|
}
|
|
@@ -1970,7 +1971,7 @@ const create$3 = async (attributes) => {
|
|
|
1970
1971
|
strapi.eventHub.emit("role.create", { role: sanitizeRole(result) });
|
|
1971
1972
|
return result;
|
|
1972
1973
|
};
|
|
1973
|
-
const findOne = (params = {}, populate) => {
|
|
1974
|
+
const findOne$1 = (params = {}, populate) => {
|
|
1974
1975
|
return strapi.db.query("admin::role").findOne({ where: params, populate });
|
|
1975
1976
|
};
|
|
1976
1977
|
const findOneWithUsersCount = async (params = {}, populate) => {
|
|
@@ -1998,7 +1999,7 @@ const update$3 = async (params, attributes) => {
|
|
|
1998
1999
|
id: { $ne: params.id }
|
|
1999
2000
|
});
|
|
2000
2001
|
if (alreadyExists) {
|
|
2001
|
-
throw new ApplicationError$
|
|
2002
|
+
throw new ApplicationError$9(
|
|
2002
2003
|
`The name must be unique and a role with name \`${sanitizedAttributes.name}\` already exists.`
|
|
2003
2004
|
);
|
|
2004
2005
|
}
|
|
@@ -2017,18 +2018,18 @@ const count = async (params = {}) => {
|
|
|
2017
2018
|
const checkRolesIdForDeletion = async (ids = []) => {
|
|
2018
2019
|
const superAdminRole = await getSuperAdmin();
|
|
2019
2020
|
if (superAdminRole && arrays.includesString(ids, superAdminRole.id)) {
|
|
2020
|
-
throw new ApplicationError$
|
|
2021
|
+
throw new ApplicationError$9("You cannot delete the super admin role");
|
|
2021
2022
|
}
|
|
2022
2023
|
for (const roleId of ids) {
|
|
2023
2024
|
const usersCount = await getUsersCount(roleId);
|
|
2024
2025
|
if (usersCount !== 0) {
|
|
2025
|
-
throw new ApplicationError$
|
|
2026
|
+
throw new ApplicationError$9("Some roles are still assigned to some users");
|
|
2026
2027
|
}
|
|
2027
2028
|
}
|
|
2028
2029
|
};
|
|
2029
|
-
const deleteByIds$
|
|
2030
|
+
const deleteByIds$2 = async (ids = []) => {
|
|
2030
2031
|
await checkRolesIdForDeletion(ids);
|
|
2031
|
-
await getService("permission").deleteByRolesIds(ids);
|
|
2032
|
+
await getService$1("permission").deleteByRolesIds(ids);
|
|
2032
2033
|
const deletedRoles = [];
|
|
2033
2034
|
for (const id of ids) {
|
|
2034
2035
|
const deletedRole = await strapi.db.query("admin::role").delete({ where: { id } });
|
|
@@ -2042,14 +2043,14 @@ const deleteByIds$1 = async (ids = []) => {
|
|
|
2042
2043
|
const getUsersCount = async (roleId) => {
|
|
2043
2044
|
return strapi.db.query("admin::user").count({ where: { roles: { id: roleId } } });
|
|
2044
2045
|
};
|
|
2045
|
-
const getSuperAdmin = () => findOne({ code: SUPER_ADMIN_CODE$
|
|
2046
|
-
const getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE$
|
|
2046
|
+
const getSuperAdmin = () => findOne$1({ code: SUPER_ADMIN_CODE$3 });
|
|
2047
|
+
const getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE$3 });
|
|
2047
2048
|
const createRolesIfNoneExist = async () => {
|
|
2048
2049
|
const someRolesExist = await exists$2();
|
|
2049
2050
|
if (someRolesExist) {
|
|
2050
2051
|
return;
|
|
2051
2052
|
}
|
|
2052
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
2053
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
2053
2054
|
const allActions = actionProvider2.values();
|
|
2054
2055
|
const contentTypesActions = allActions.filter((a) => a.section === "contentTypes");
|
|
2055
2056
|
const superAdminRole = await create$3({
|
|
@@ -2057,7 +2058,7 @@ const createRolesIfNoneExist = async () => {
|
|
|
2057
2058
|
code: "strapi-super-admin",
|
|
2058
2059
|
description: "Super Admins can access and manage all features and settings."
|
|
2059
2060
|
});
|
|
2060
|
-
await getService("user").assignARoleToAll(superAdminRole.id);
|
|
2061
|
+
await getService$1("user").assignARoleToAll(superAdminRole.id);
|
|
2061
2062
|
const editorRole = await create$3({
|
|
2062
2063
|
name: "Editor",
|
|
2063
2064
|
code: "strapi-editor",
|
|
@@ -2068,7 +2069,7 @@ const createRolesIfNoneExist = async () => {
|
|
|
2068
2069
|
code: "strapi-author",
|
|
2069
2070
|
description: "Authors can manage the content they have created."
|
|
2070
2071
|
});
|
|
2071
|
-
const editorPermissions = getService("content-type").getPermissionsWithNestedFields(
|
|
2072
|
+
const editorPermissions = getService$1("content-type").getPermissionsWithNestedFields(
|
|
2072
2073
|
contentTypesActions,
|
|
2073
2074
|
{
|
|
2074
2075
|
restrictedSubjects: ["plugin::users-permissions.user"]
|
|
@@ -2095,7 +2096,7 @@ const getDefaultPluginPermissions = ({ isAuthor = false } = {}) => {
|
|
|
2095
2096
|
};
|
|
2096
2097
|
const displayWarningIfNoSuperAdmin = async () => {
|
|
2097
2098
|
const superAdminRole = await getSuperAdminWithUsersCount();
|
|
2098
|
-
const someUsersExists = await getService("user").exists();
|
|
2099
|
+
const someUsersExists = await getService$1("user").exists();
|
|
2099
2100
|
if (!superAdminRole) {
|
|
2100
2101
|
strapi.log.warn("Your application doesn't have a super admin role.");
|
|
2101
2102
|
} else if (someUsersExists && superAdminRole.usersCount === 0) {
|
|
@@ -2104,12 +2105,12 @@ const displayWarningIfNoSuperAdmin = async () => {
|
|
|
2104
2105
|
};
|
|
2105
2106
|
const assignPermissions = async (roleId, permissions2 = []) => {
|
|
2106
2107
|
await validatePermissionsExist(permissions2);
|
|
2107
|
-
const internalActions = getService("permission").actionProvider.values().filter((action2) => action2.section === "internal").map((action2) => action2.actionId);
|
|
2108
|
-
const superAdmin = await getService("role").getSuperAdmin();
|
|
2108
|
+
const internalActions = getService$1("permission").actionProvider.values().filter((action2) => action2.section === "internal").map((action2) => action2.actionId);
|
|
2109
|
+
const superAdmin = await getService$1("role").getSuperAdmin();
|
|
2109
2110
|
const isSuperAdmin = superAdmin && superAdmin.id === roleId;
|
|
2110
2111
|
const assignRole = set("role", roleId);
|
|
2111
2112
|
const permissionsWithRole = permissions2.map(assignRole).map(permissionDomain.create);
|
|
2112
|
-
const existingPermissions = await getService("permission").findMany({
|
|
2113
|
+
const existingPermissions = await getService$1("permission").findMany({
|
|
2113
2114
|
where: { role: { id: roleId } },
|
|
2114
2115
|
populate: ["role"]
|
|
2115
2116
|
});
|
|
@@ -2125,31 +2126,31 @@ const assignPermissions = async (roleId, permissions2 = []) => {
|
|
|
2125
2126
|
).filter((permission2) => !internalActions.includes(permission2.action));
|
|
2126
2127
|
const permissionsToReturn = differenceBy("id", permissionsToDelete, existingPermissions);
|
|
2127
2128
|
if (permissionsToDelete.length > 0) {
|
|
2128
|
-
await getService("permission").deleteByIds(permissionsToDelete.map(prop("id")));
|
|
2129
|
+
await getService$1("permission").deleteByIds(permissionsToDelete.map(prop("id")));
|
|
2129
2130
|
}
|
|
2130
2131
|
if (permissionsToAdd.length > 0) {
|
|
2131
2132
|
const newPermissions = await addPermissions(roleId, permissionsToAdd);
|
|
2132
2133
|
permissionsToReturn.push(...newPermissions);
|
|
2133
2134
|
}
|
|
2134
2135
|
if (!isSuperAdmin && (permissionsToAdd.length || permissionsToDelete.length)) {
|
|
2135
|
-
await getService("metrics").sendDidUpdateRolePermissions();
|
|
2136
|
+
await getService$1("metrics").sendDidUpdateRolePermissions();
|
|
2136
2137
|
}
|
|
2137
2138
|
return permissionsToReturn;
|
|
2138
2139
|
};
|
|
2139
2140
|
const addPermissions = async (roleId, permissions2) => {
|
|
2140
|
-
const { conditionProvider: conditionProvider2, createMany: createMany2 } = getService("permission");
|
|
2141
|
+
const { conditionProvider: conditionProvider2, createMany: createMany2 } = getService$1("permission");
|
|
2141
2142
|
const { sanitizeConditions: sanitizeConditions2 } = permissionDomain;
|
|
2142
2143
|
const permissionsWithRole = permissions2.map(set("role", roleId)).map(sanitizeConditions2(conditionProvider2)).map(permissionDomain.create);
|
|
2143
2144
|
return createMany2(permissionsWithRole);
|
|
2144
2145
|
};
|
|
2145
2146
|
const isContentTypeAction = (action2) => action2.section === CONTENT_TYPE_SECTION;
|
|
2146
2147
|
const resetSuperAdminPermissions = async () => {
|
|
2147
|
-
const superAdminRole = await getService("role").getSuperAdmin();
|
|
2148
|
+
const superAdminRole = await getService$1("role").getSuperAdmin();
|
|
2148
2149
|
if (!superAdminRole) {
|
|
2149
2150
|
return;
|
|
2150
2151
|
}
|
|
2151
|
-
const permissionService = getService("permission");
|
|
2152
|
-
const contentTypeService = getService("content-type");
|
|
2152
|
+
const permissionService = getService$1("permission");
|
|
2153
|
+
const contentTypeService = getService$1("content-type");
|
|
2153
2154
|
const allActions = permissionService.actionProvider.values();
|
|
2154
2155
|
const contentTypesActions = allActions.filter((action2) => isContentTypeAction(action2));
|
|
2155
2156
|
const otherActions = allActions.filter((action2) => !isContentTypeAction(action2));
|
|
@@ -2175,23 +2176,23 @@ const resetSuperAdminPermissions = async () => {
|
|
|
2175
2176
|
};
|
|
2176
2177
|
const hasSuperAdminRole = (user2) => {
|
|
2177
2178
|
const roles2 = ___default.get(user2, "roles", []);
|
|
2178
|
-
return roles2.map(prop("code")).includes(SUPER_ADMIN_CODE$
|
|
2179
|
+
return roles2.map(prop("code")).includes(SUPER_ADMIN_CODE$3);
|
|
2179
2180
|
};
|
|
2180
2181
|
const constants$2 = {
|
|
2181
|
-
superAdminCode: SUPER_ADMIN_CODE$
|
|
2182
|
+
superAdminCode: SUPER_ADMIN_CODE$3
|
|
2182
2183
|
};
|
|
2183
|
-
const role$
|
|
2184
|
+
const role$3 = {
|
|
2184
2185
|
hooks,
|
|
2185
2186
|
sanitizeRole,
|
|
2186
2187
|
create: create$3,
|
|
2187
|
-
findOne,
|
|
2188
|
+
findOne: findOne$1,
|
|
2188
2189
|
findOneWithUsersCount,
|
|
2189
2190
|
find,
|
|
2190
2191
|
findAllWithUsersCount,
|
|
2191
2192
|
update: update$3,
|
|
2192
2193
|
exists: exists$2,
|
|
2193
2194
|
count,
|
|
2194
|
-
deleteByIds: deleteByIds$
|
|
2195
|
+
deleteByIds: deleteByIds$2,
|
|
2195
2196
|
getUsersCount,
|
|
2196
2197
|
getSuperAdmin,
|
|
2197
2198
|
getSuperAdminWithUsersCount,
|
|
@@ -2212,7 +2213,7 @@ const createLocalStrategy = (strapi2, middleware) => {
|
|
|
2212
2213
|
session: false
|
|
2213
2214
|
},
|
|
2214
2215
|
(email2, password2, done) => {
|
|
2215
|
-
return getService("auth").checkCredentials({ email: toLower(email2), password: password2 }).then(async ([error, user2, message]) => {
|
|
2216
|
+
return getService$1("auth").checkCredentials({ email: toLower(email2), password: password2 }).then(async ([error, user2, message]) => {
|
|
2216
2217
|
if (middleware) {
|
|
2217
2218
|
return middleware([error, user2, message], done);
|
|
2218
2219
|
}
|
|
@@ -2229,7 +2230,7 @@ const valueIsFunctionType = ([, value]) => isFunction(value);
|
|
|
2229
2230
|
const keyIsValidEventName = ([key]) => {
|
|
2230
2231
|
return Object.keys(strapi.service("admin::passport").authEventsMapper).includes(key);
|
|
2231
2232
|
};
|
|
2232
|
-
const getPassportStrategies = () => [createLocalStrategy(strapi)];
|
|
2233
|
+
const getPassportStrategies$1 = () => [createLocalStrategy(strapi)];
|
|
2233
2234
|
const registerAuthEvents = () => {
|
|
2234
2235
|
const { events = {} } = strapi.config.get("admin.auth", {});
|
|
2235
2236
|
const { authEventsMapper: authEventsMapper2 } = strapi.service("admin::passport");
|
|
@@ -2239,14 +2240,14 @@ const registerAuthEvents = () => {
|
|
|
2239
2240
|
}
|
|
2240
2241
|
};
|
|
2241
2242
|
const init = () => {
|
|
2242
|
-
strapi.service("admin::passport").getPassportStrategies().forEach((strategy) => passport$
|
|
2243
|
+
strapi.service("admin::passport").getPassportStrategies().forEach((strategy) => passport$2.use(strategy));
|
|
2243
2244
|
registerAuthEvents();
|
|
2244
|
-
return passport$
|
|
2245
|
+
return passport$2.initialize();
|
|
2245
2246
|
};
|
|
2246
|
-
const passport = { init, getPassportStrategies, authEventsMapper };
|
|
2247
|
+
const passport$1 = { init, getPassportStrategies: getPassportStrategies$1, authEventsMapper };
|
|
2247
2248
|
const sendDidInviteUser = async () => {
|
|
2248
|
-
const numberOfUsers = await getService("user").count();
|
|
2249
|
-
const numberOfRoles = await getService("role").count();
|
|
2249
|
+
const numberOfUsers = await getService$1("user").count();
|
|
2250
|
+
const numberOfRoles = await getService$1("role").count();
|
|
2250
2251
|
strapi.telemetry.send("didInviteUser", {
|
|
2251
2252
|
groupProperties: { numberOfRoles, numberOfUsers }
|
|
2252
2253
|
});
|
|
@@ -2255,27 +2256,30 @@ const sendDidUpdateRolePermissions = async () => {
|
|
|
2255
2256
|
strapi.telemetry.send("didUpdateRolePermissions");
|
|
2256
2257
|
};
|
|
2257
2258
|
const sendDidChangeInterfaceLanguage = async () => {
|
|
2258
|
-
const languagesInUse = await getService("user").getLanguagesInUse();
|
|
2259
|
+
const languagesInUse = await getService$1("user").getLanguagesInUse();
|
|
2259
2260
|
strapi.telemetry.send("didChangeInterfaceLanguage", { userProperties: { languagesInUse } });
|
|
2260
2261
|
};
|
|
2261
|
-
const sendUpdateProjectInformation = async (strapi2) => {
|
|
2262
|
-
const numberOfActiveAdminUsers = await getService("user").count({ isActive: true });
|
|
2263
|
-
const numberOfAdminUsers = await getService("user").count();
|
|
2262
|
+
const sendUpdateProjectInformation$1 = async (strapi2) => {
|
|
2263
|
+
const numberOfActiveAdminUsers = await getService$1("user").count({ isActive: true });
|
|
2264
|
+
const numberOfAdminUsers = await getService$1("user").count();
|
|
2264
2265
|
strapi2.telemetry.send("didUpdateProjectInformation", {
|
|
2265
2266
|
groupProperties: { numberOfActiveAdminUsers, numberOfAdminUsers }
|
|
2266
2267
|
});
|
|
2267
2268
|
};
|
|
2268
|
-
const startCron = (strapi2) => {
|
|
2269
|
+
const startCron$1 = (strapi2) => {
|
|
2269
2270
|
strapi2.cron.add({
|
|
2270
|
-
|
|
2271
|
+
sendProjectInformation: {
|
|
2272
|
+
task: () => sendUpdateProjectInformation$1(strapi2),
|
|
2273
|
+
options: "0 0 0 * * *"
|
|
2274
|
+
}
|
|
2271
2275
|
});
|
|
2272
2276
|
};
|
|
2273
|
-
const metrics = {
|
|
2277
|
+
const metrics$1 = {
|
|
2274
2278
|
sendDidInviteUser,
|
|
2275
2279
|
sendDidUpdateRolePermissions,
|
|
2276
2280
|
sendDidChangeInterfaceLanguage,
|
|
2277
|
-
sendUpdateProjectInformation,
|
|
2278
|
-
startCron
|
|
2281
|
+
sendUpdateProjectInformation: sendUpdateProjectInformation$1,
|
|
2282
|
+
startCron: startCron$1
|
|
2279
2283
|
};
|
|
2280
2284
|
const defaultJwtOptions = { expiresIn: "30d" };
|
|
2281
2285
|
const getTokenOptions = () => {
|
|
@@ -2370,7 +2374,7 @@ const registerProviderActionSchema = yup.array().required().of(
|
|
|
2370
2374
|
}).noUnknown()
|
|
2371
2375
|
);
|
|
2372
2376
|
const validateRegisterProviderAction = validateYupSchemaSync(registerProviderActionSchema);
|
|
2373
|
-
const { ApplicationError: ApplicationError$
|
|
2377
|
+
const { ApplicationError: ApplicationError$8 } = errors;
|
|
2374
2378
|
const createActionProvider = (options) => {
|
|
2375
2379
|
const provider = providerFactory(options);
|
|
2376
2380
|
const actionHooks = {
|
|
@@ -2400,7 +2404,7 @@ const createActionProvider = (options) => {
|
|
|
2400
2404
|
async appliesToProperty(property, actionId, subject2) {
|
|
2401
2405
|
const action2 = provider.get(actionId);
|
|
2402
2406
|
if (!action2) {
|
|
2403
|
-
throw new ApplicationError$
|
|
2407
|
+
throw new ApplicationError$8(`No action found with id "${actionId}"`);
|
|
2404
2408
|
}
|
|
2405
2409
|
const appliesToAction = actionDomain.appliesToProperty(property, action2);
|
|
2406
2410
|
if (!appliesToAction) {
|
|
@@ -2505,7 +2509,7 @@ const {
|
|
|
2505
2509
|
getNonVisibleAttributes: getNonVisibleAttributes$1,
|
|
2506
2510
|
getNonWritableAttributes,
|
|
2507
2511
|
getWritableAttributes: getWritableAttributes$1
|
|
2508
|
-
} = contentTypes;
|
|
2512
|
+
} = contentTypes$1;
|
|
2509
2513
|
const {
|
|
2510
2514
|
ID_ATTRIBUTE: ID_ATTRIBUTE$1,
|
|
2511
2515
|
DOC_ID_ATTRIBUTE: DOC_ID_ATTRIBUTE$1,
|
|
@@ -2705,9 +2709,9 @@ const createSanitizeHelpers = ({ action: action2, ability, model }) => {
|
|
|
2705
2709
|
sanitizeQuery: wrapSanitize(createSanitizeQuery)
|
|
2706
2710
|
};
|
|
2707
2711
|
};
|
|
2708
|
-
const { ValidationError: ValidationError$
|
|
2712
|
+
const { ValidationError: ValidationError$5 } = errors;
|
|
2709
2713
|
const { throwPassword, throwDisallowedFields } = validate.visitors;
|
|
2710
|
-
const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = contentTypes;
|
|
2714
|
+
const { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } = contentTypes$1;
|
|
2711
2715
|
const {
|
|
2712
2716
|
ID_ATTRIBUTE,
|
|
2713
2717
|
DOC_ID_ATTRIBUTE,
|
|
@@ -2721,7 +2725,7 @@ const COMPONENT_FIELDS = ["__component"];
|
|
|
2721
2725
|
const STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];
|
|
2722
2726
|
const throwInvalidKey = ({ key, path: path2 }) => {
|
|
2723
2727
|
const msg = path2 && path2 !== key ? `Invalid key ${key} at ${path2}` : `Invalid key ${key}`;
|
|
2724
|
-
throw new ValidationError$
|
|
2728
|
+
throw new ValidationError$5(msg);
|
|
2725
2729
|
};
|
|
2726
2730
|
const createValidateHelpers = ({ action: action2, ability, model }) => {
|
|
2727
2731
|
const schema = strapi.getModel(model);
|
|
@@ -2906,7 +2910,7 @@ const unwrapDeep = (obj) => {
|
|
|
2906
2910
|
{}
|
|
2907
2911
|
);
|
|
2908
2912
|
};
|
|
2909
|
-
const index
|
|
2913
|
+
const index = ({ ability, action: action2, model }) => ({
|
|
2910
2914
|
ability,
|
|
2911
2915
|
action: action2,
|
|
2912
2916
|
model,
|
|
@@ -2979,7 +2983,7 @@ const createPermissionEngine = (params) => {
|
|
|
2979
2983
|
* @param user
|
|
2980
2984
|
*/
|
|
2981
2985
|
async generateUserAbility(user2) {
|
|
2982
|
-
const permissions2 = await getService("permission").findUserPermissions(user2);
|
|
2986
|
+
const permissions2 = await getService$1("permission").findUserPermissions(user2);
|
|
2983
2987
|
return engine2.generateAbility(permissions2, user2);
|
|
2984
2988
|
},
|
|
2985
2989
|
/**
|
|
@@ -3099,7 +3103,7 @@ const toSubjectTemplate = (ct) => ({
|
|
|
3099
3103
|
label: ct.info.singularName,
|
|
3100
3104
|
properties: []
|
|
3101
3105
|
});
|
|
3102
|
-
const { isVisibleAttribute } = contentTypes;
|
|
3106
|
+
const { isVisibleAttribute } = contentTypes$1;
|
|
3103
3107
|
const settings = ({ action: action2, section }) => {
|
|
3104
3108
|
const { category, subCategory, displayName, actionId } = action2;
|
|
3105
3109
|
section.push({
|
|
@@ -3209,10 +3213,10 @@ const deleteByRolesIds = async (rolesIds) => {
|
|
|
3209
3213
|
}
|
|
3210
3214
|
});
|
|
3211
3215
|
if (permissionsToDelete.length > 0) {
|
|
3212
|
-
await deleteByIds(permissionsToDelete.map(prop("id")));
|
|
3216
|
+
await deleteByIds$1(permissionsToDelete.map(prop("id")));
|
|
3213
3217
|
}
|
|
3214
3218
|
};
|
|
3215
|
-
const deleteByIds = async (ids) => {
|
|
3219
|
+
const deleteByIds$1 = async (ids) => {
|
|
3216
3220
|
const result = [];
|
|
3217
3221
|
for (const id of ids) {
|
|
3218
3222
|
const queryResult = await strapi.db.query("admin::permission").delete({ where: { id } });
|
|
@@ -3244,7 +3248,7 @@ const findUserPermissions = async (user2) => {
|
|
|
3244
3248
|
return findMany({ where: { role: { users: { id: user2.id } } } });
|
|
3245
3249
|
};
|
|
3246
3250
|
const filterPermissionsToRemove = async (permissions2) => {
|
|
3247
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3251
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3248
3252
|
const permissionsToRemove = [];
|
|
3249
3253
|
for (const permission2 of permissions2) {
|
|
3250
3254
|
const { subjects, options = {} } = actionProvider2.get(permission2.action) || {};
|
|
@@ -3270,7 +3274,7 @@ const filterPermissionsToRemove = async (permissions2) => {
|
|
|
3270
3274
|
};
|
|
3271
3275
|
const cleanPermissionsInDatabase = async () => {
|
|
3272
3276
|
const pageSize = 200;
|
|
3273
|
-
const contentTypeService = getService("content-type");
|
|
3277
|
+
const contentTypeService = getService$1("content-type");
|
|
3274
3278
|
const total = await strapi.db.query("admin::permission").count();
|
|
3275
3279
|
const pageCount = Math.ceil(total / pageSize);
|
|
3276
3280
|
for (let page = 0; page < pageCount; page += 1) {
|
|
@@ -3295,7 +3299,7 @@ const cleanPermissionsInDatabase = async () => {
|
|
|
3295
3299
|
return update$2({ id: permission2.id }, permission2);
|
|
3296
3300
|
};
|
|
3297
3301
|
await Promise.all([
|
|
3298
|
-
deleteByIds(permissionsIdToRemove),
|
|
3302
|
+
deleteByIds$1(permissionsIdToRemove),
|
|
3299
3303
|
pmap(permissionsNeedingToBeUpdated, updatePromiseProvider, {
|
|
3300
3304
|
concurrency: 100,
|
|
3301
3305
|
stopOnError: true
|
|
@@ -3316,8 +3320,8 @@ const permission$2 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.define
|
|
|
3316
3320
|
cleanPermissionsInDatabase,
|
|
3317
3321
|
conditionProvider,
|
|
3318
3322
|
createMany,
|
|
3319
|
-
createPermissionsManager: index
|
|
3320
|
-
deleteByIds,
|
|
3323
|
+
createPermissionsManager: index,
|
|
3324
|
+
deleteByIds: deleteByIds$1,
|
|
3321
3325
|
deleteByRolesIds,
|
|
3322
3326
|
engine: engine$1,
|
|
3323
3327
|
findMany,
|
|
@@ -3335,7 +3339,7 @@ const getNestedFields = (model, {
|
|
|
3335
3339
|
if (nestingLevel === 0) {
|
|
3336
3340
|
return prefix ? [prefix] : [];
|
|
3337
3341
|
}
|
|
3338
|
-
const nonAuthorizableFields = contentTypes.getNonVisibleAttributes(model);
|
|
3342
|
+
const nonAuthorizableFields = contentTypes$1.getNonVisibleAttributes(model);
|
|
3339
3343
|
return ___default.reduce(
|
|
3340
3344
|
model.attributes,
|
|
3341
3345
|
(fields, attr, key) => {
|
|
@@ -3372,7 +3376,7 @@ const getNestedFieldsWithIntermediate = (model, { prefix = "", nestingLevel = 15
|
|
|
3372
3376
|
if (nestingLevel === 0) {
|
|
3373
3377
|
return [];
|
|
3374
3378
|
}
|
|
3375
|
-
const nonAuthorizableFields = contentTypes.getNonVisibleAttributes(model);
|
|
3379
|
+
const nonAuthorizableFields = contentTypes$1.getNonVisibleAttributes(model);
|
|
3376
3380
|
return ___default.reduce(
|
|
3377
3381
|
model.attributes,
|
|
3378
3382
|
(fields, attr, key) => {
|
|
@@ -3414,7 +3418,7 @@ const getPermissionsWithNestedFields = (actions2, { nestingLevel, restrictedSubj
|
|
|
3414
3418
|
}, []);
|
|
3415
3419
|
};
|
|
3416
3420
|
const cleanPermissionFields = (permissions2, { nestingLevel } = {}) => {
|
|
3417
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3421
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3418
3422
|
return permissions2.map((permission2) => {
|
|
3419
3423
|
const {
|
|
3420
3424
|
action: actionId,
|
|
@@ -3453,7 +3457,7 @@ const contentType = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
3453
3457
|
getPermissionsWithNestedFields
|
|
3454
3458
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3455
3459
|
const isValidCondition = (condition2) => {
|
|
3456
|
-
const { conditionProvider: conditionProvider2 } = getService("permission");
|
|
3460
|
+
const { conditionProvider: conditionProvider2 } = getService$1("permission");
|
|
3457
3461
|
return isString(condition2) && conditionProvider2.has(condition2);
|
|
3458
3462
|
};
|
|
3459
3463
|
const condition = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
@@ -3463,9 +3467,9 @@ const condition = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePro
|
|
|
3463
3467
|
const { AUTHOR_CODE, PUBLISH_ACTION } = constants$3;
|
|
3464
3468
|
const { NotFoundError: NotFoundError$2 } = errors;
|
|
3465
3469
|
const getAllowedActionsForRole = async (roleId) => {
|
|
3466
|
-
const { actionProvider: actionProvider2 } = getService("permission");
|
|
3470
|
+
const { actionProvider: actionProvider2 } = getService$1("permission");
|
|
3467
3471
|
if (!isNil(roleId)) {
|
|
3468
|
-
const role2 = await getService("role").findOne({ id: roleId });
|
|
3472
|
+
const role2 = await getService$1("role").findOne({ id: roleId });
|
|
3469
3473
|
if (!role2) {
|
|
3470
3474
|
throw new NotFoundError$2("role.notFound");
|
|
3471
3475
|
}
|
|
@@ -3479,7 +3483,7 @@ const action = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProper
|
|
|
3479
3483
|
__proto__: null,
|
|
3480
3484
|
getAllowedActionsForRole
|
|
3481
3485
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3482
|
-
const { ValidationError: ValidationError$
|
|
3486
|
+
const { ValidationError: ValidationError$4, NotFoundError: NotFoundError$1 } = errors;
|
|
3483
3487
|
const SELECT_FIELDS$1 = [
|
|
3484
3488
|
"id",
|
|
3485
3489
|
"name",
|
|
@@ -3494,16 +3498,16 @@ const SELECT_FIELDS$1 = [
|
|
|
3494
3498
|
const POPULATE_FIELDS$1 = ["permissions"];
|
|
3495
3499
|
const assertCustomTokenPermissionsValidity = (type, permissions2) => {
|
|
3496
3500
|
if (type !== constants$3.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions2)) {
|
|
3497
|
-
throw new ValidationError$
|
|
3501
|
+
throw new ValidationError$4("Non-custom tokens should not reference permissions");
|
|
3498
3502
|
}
|
|
3499
3503
|
if (type === constants$3.API_TOKEN_TYPE.CUSTOM && !isArray(permissions2)) {
|
|
3500
|
-
throw new ValidationError$
|
|
3504
|
+
throw new ValidationError$4("Missing permissions attribute for custom token");
|
|
3501
3505
|
}
|
|
3502
3506
|
if (type === constants$3.API_TOKEN_TYPE.CUSTOM) {
|
|
3503
3507
|
const validPermissions = strapi.contentAPI.permissions.providers.action.keys();
|
|
3504
3508
|
const invalidPermissions = difference(permissions2, validPermissions);
|
|
3505
3509
|
if (!isEmpty(invalidPermissions)) {
|
|
3506
|
-
throw new ValidationError$
|
|
3510
|
+
throw new ValidationError$4(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
|
|
3507
3511
|
}
|
|
3508
3512
|
}
|
|
3509
3513
|
};
|
|
@@ -3518,7 +3522,7 @@ const isValidLifespan$1 = (lifespan) => {
|
|
|
3518
3522
|
};
|
|
3519
3523
|
const assertValidLifespan$1 = (lifespan) => {
|
|
3520
3524
|
if (!isValidLifespan$1(lifespan)) {
|
|
3521
|
-
throw new ValidationError$
|
|
3525
|
+
throw new ValidationError$4(
|
|
3522
3526
|
`lifespan must be one of the following values:
|
|
3523
3527
|
${Object.values(constants$3.API_TOKEN_LIFESPANS).join(", ")}`
|
|
3524
3528
|
);
|
|
@@ -3553,7 +3557,7 @@ const hash$1 = (accessKey) => {
|
|
|
3553
3557
|
const getExpirationFields$1 = (lifespan) => {
|
|
3554
3558
|
const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;
|
|
3555
3559
|
if (!isValidNumber && !isNil(lifespan)) {
|
|
3556
|
-
throw new ValidationError$
|
|
3560
|
+
throw new ValidationError$4("lifespan must be a positive number or null");
|
|
3557
3561
|
}
|
|
3558
3562
|
return {
|
|
3559
3563
|
lifespan: lifespan || null,
|
|
@@ -3717,7 +3721,7 @@ const permission$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.define
|
|
|
3717
3721
|
engine,
|
|
3718
3722
|
providers
|
|
3719
3723
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3720
|
-
const { ValidationError: ValidationError$
|
|
3724
|
+
const { ValidationError: ValidationError$3, NotFoundError } = errors;
|
|
3721
3725
|
const TRANSFER_TOKEN_UID = "admin::transfer-token";
|
|
3722
3726
|
const TRANSFER_TOKEN_PERMISSION_UID = "admin::transfer-token-permission";
|
|
3723
3727
|
const SELECT_FIELDS = [
|
|
@@ -3868,7 +3872,7 @@ const regenerate = async (id) => {
|
|
|
3868
3872
|
const getExpirationFields = (lifespan) => {
|
|
3869
3873
|
const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;
|
|
3870
3874
|
if (!isValidNumber && !isNil(lifespan)) {
|
|
3871
|
-
throw new ValidationError$
|
|
3875
|
+
throw new ValidationError$3("lifespan must be a positive number or null");
|
|
3872
3876
|
}
|
|
3873
3877
|
return {
|
|
3874
3878
|
lifespan: lifespan || null,
|
|
@@ -3876,14 +3880,14 @@ const getExpirationFields = (lifespan) => {
|
|
|
3876
3880
|
};
|
|
3877
3881
|
};
|
|
3878
3882
|
const hash = (accessKey) => {
|
|
3879
|
-
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService("transfer").utils;
|
|
3883
|
+
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService$1("transfer").utils;
|
|
3880
3884
|
if (!hasValidTokenSalt2()) {
|
|
3881
3885
|
throw new TypeError("Required token salt is not defined");
|
|
3882
3886
|
}
|
|
3883
3887
|
return crypto.createHmac("sha512", strapi.config.get("admin.transfer.token.salt")).update(accessKey).digest("hex");
|
|
3884
3888
|
};
|
|
3885
3889
|
const checkSaltIsDefined = () => {
|
|
3886
|
-
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService("transfer").utils;
|
|
3890
|
+
const { hasValidTokenSalt: hasValidTokenSalt2 } = getService$1("transfer").utils;
|
|
3887
3891
|
if (!strapi.config.get("server.transfer.remote.enabled")) {
|
|
3888
3892
|
return;
|
|
3889
3893
|
}
|
|
@@ -3909,7 +3913,7 @@ const assertTokenPermissionsValidity = (attributes) => {
|
|
|
3909
3913
|
const validPermissions = permissionService.providers.action.keys();
|
|
3910
3914
|
const invalidPermissions = difference(attributes.permissions, validPermissions);
|
|
3911
3915
|
if (!isEmpty(invalidPermissions)) {
|
|
3912
|
-
throw new ValidationError$
|
|
3916
|
+
throw new ValidationError$3(`Unknown permissions provided: ${invalidPermissions.join(", ")}`);
|
|
3913
3917
|
}
|
|
3914
3918
|
};
|
|
3915
3919
|
const isValidLifespan = (lifespan) => {
|
|
@@ -3923,7 +3927,7 @@ const isValidLifespan = (lifespan) => {
|
|
|
3923
3927
|
};
|
|
3924
3928
|
const assertValidLifespan = (lifespan) => {
|
|
3925
3929
|
if (!isValidLifespan(lifespan)) {
|
|
3926
|
-
throw new ValidationError$
|
|
3930
|
+
throw new ValidationError$3(
|
|
3927
3931
|
`lifespan must be one of the following values:
|
|
3928
3932
|
${Object.values(constants$3.TRANSFER_TOKEN_LIFESPANS).join(", ")}`
|
|
3929
3933
|
);
|
|
@@ -3949,7 +3953,7 @@ const hasValidTokenSalt = () => {
|
|
|
3949
3953
|
return typeof salt === "string" && salt.length > 0;
|
|
3950
3954
|
};
|
|
3951
3955
|
const isRemoteTransferEnabled = () => {
|
|
3952
|
-
const { utils: utils2 } = getService("transfer");
|
|
3956
|
+
const { utils: utils2 } = getService$1("transfer");
|
|
3953
3957
|
if (env.bool("STRAPI_DISABLE_REMOTE_DATA_TRANSFER") !== void 0) {
|
|
3954
3958
|
strapi.log.warn(
|
|
3955
3959
|
"STRAPI_DISABLE_REMOTE_DATA_TRANSFER is no longer supported. Instead, set transfer.remote.enabled to false in your server configuration"
|
|
@@ -3957,7 +3961,7 @@ const isRemoteTransferEnabled = () => {
|
|
|
3957
3961
|
}
|
|
3958
3962
|
return utils2.hasValidTokenSalt() && strapi.config.get("server.transfer.remote.enabled");
|
|
3959
3963
|
};
|
|
3960
|
-
const utils = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
3964
|
+
const utils$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
3961
3965
|
__proto__: null,
|
|
3962
3966
|
hasValidTokenSalt,
|
|
3963
3967
|
isRemoteTransferEnabled
|
|
@@ -3966,7 +3970,7 @@ const transfer$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.definePr
|
|
|
3966
3970
|
__proto__: null,
|
|
3967
3971
|
permission: permission$1,
|
|
3968
3972
|
token: token$2,
|
|
3969
|
-
utils
|
|
3973
|
+
utils: utils$1
|
|
3970
3974
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
3971
3975
|
const PROJECT_SETTINGS_FILE_INPUTS = ["menuLogo", "authLogo"];
|
|
3972
3976
|
const parseFilesData = async (files) => {
|
|
@@ -4087,14 +4091,14 @@ const projectSettings = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.def
|
|
|
4087
4091
|
parseFilesData,
|
|
4088
4092
|
updateProjectSettings: updateProjectSettings$1
|
|
4089
4093
|
}, Symbol.toStringTag, { value: "Module" }));
|
|
4090
|
-
const
|
|
4091
|
-
auth,
|
|
4092
|
-
user: user$
|
|
4093
|
-
role: role$
|
|
4094
|
-
passport,
|
|
4094
|
+
const services$1 = {
|
|
4095
|
+
auth: auth$1,
|
|
4096
|
+
user: user$3,
|
|
4097
|
+
role: role$3,
|
|
4098
|
+
passport: passport$1,
|
|
4095
4099
|
token: token$3,
|
|
4096
4100
|
permission: permission$2,
|
|
4097
|
-
metrics,
|
|
4101
|
+
metrics: metrics$1,
|
|
4098
4102
|
"content-type": contentType,
|
|
4099
4103
|
constants: constants$4,
|
|
4100
4104
|
condition,
|
|
@@ -4133,7 +4137,7 @@ const validateUpdateProjectSettingsImagesDimensions = validateZod(
|
|
|
4133
4137
|
updateProjectSettingsImagesDimensions
|
|
4134
4138
|
);
|
|
4135
4139
|
const { isUsingTypeScript } = tsUtils;
|
|
4136
|
-
const admin = {
|
|
4140
|
+
const admin$3 = {
|
|
4137
4141
|
// TODO very temporary to check the switch ee/ce
|
|
4138
4142
|
// When removing this we need to update the /admin/src/index.js file
|
|
4139
4143
|
// whe,re we set the strapi.window.isEE value
|
|
@@ -4145,8 +4149,8 @@ const admin = {
|
|
|
4145
4149
|
},
|
|
4146
4150
|
async init() {
|
|
4147
4151
|
let uuid = strapi.config.get("uuid", false);
|
|
4148
|
-
const hasAdmin = await getService("user").exists();
|
|
4149
|
-
const { menuLogo, authLogo } = await getService("project-settings").getProjectSettings();
|
|
4152
|
+
const hasAdmin = await getService$1("user").exists();
|
|
4153
|
+
const { menuLogo, authLogo } = await getService$1("project-settings").getProjectSettings();
|
|
4150
4154
|
const telemetryDisabled = strapi.config.get(
|
|
4151
4155
|
"packageJsonStrapi.telemetryDisabled",
|
|
4152
4156
|
null
|
|
@@ -4164,7 +4168,7 @@ const admin = {
|
|
|
4164
4168
|
};
|
|
4165
4169
|
},
|
|
4166
4170
|
async getProjectSettings() {
|
|
4167
|
-
return getService(
|
|
4171
|
+
return getService$1(
|
|
4168
4172
|
"project-settings"
|
|
4169
4173
|
).getProjectSettings();
|
|
4170
4174
|
},
|
|
@@ -4172,7 +4176,7 @@ const admin = {
|
|
|
4172
4176
|
const {
|
|
4173
4177
|
request: { files, body }
|
|
4174
4178
|
} = ctx;
|
|
4175
|
-
const projectSettingsService = getService("project-settings");
|
|
4179
|
+
const projectSettingsService = getService$1("project-settings");
|
|
4176
4180
|
await validateUpdateProjectSettings(body);
|
|
4177
4181
|
await validateUpdateProjectSettingsFiles(files);
|
|
4178
4182
|
const formatedFiles = await projectSettingsService.parseFilesData(files);
|
|
@@ -4271,11 +4275,11 @@ const apiTokenUpdateSchema = yup.object().shape({
|
|
|
4271
4275
|
}).noUnknown().strict();
|
|
4272
4276
|
const validateApiTokenCreationInput = validateYupSchema(apiTokenCreationSchema);
|
|
4273
4277
|
const validateApiTokenUpdateInput = validateYupSchema(apiTokenUpdateSchema);
|
|
4274
|
-
const { ApplicationError: ApplicationError$
|
|
4278
|
+
const { ApplicationError: ApplicationError$7 } = errors;
|
|
4275
4279
|
const apiToken$1 = {
|
|
4276
4280
|
async create(ctx) {
|
|
4277
4281
|
const { body } = ctx.request;
|
|
4278
|
-
const apiTokenService = getService("api-token");
|
|
4282
|
+
const apiTokenService = getService$1("api-token");
|
|
4279
4283
|
const attributes = {
|
|
4280
4284
|
name: trim(body.name),
|
|
4281
4285
|
description: trim(body.description),
|
|
@@ -4286,14 +4290,14 @@ const apiToken$1 = {
|
|
|
4286
4290
|
await validateApiTokenCreationInput(attributes);
|
|
4287
4291
|
const alreadyExists = await apiTokenService.exists({ name: attributes.name });
|
|
4288
4292
|
if (alreadyExists) {
|
|
4289
|
-
throw new ApplicationError$
|
|
4293
|
+
throw new ApplicationError$7("Name already taken");
|
|
4290
4294
|
}
|
|
4291
4295
|
const apiToken2 = await apiTokenService.create(attributes);
|
|
4292
4296
|
ctx.created({ data: apiToken2 });
|
|
4293
4297
|
},
|
|
4294
4298
|
async regenerate(ctx) {
|
|
4295
4299
|
const { id } = ctx.params;
|
|
4296
|
-
const apiTokenService = getService("api-token");
|
|
4300
|
+
const apiTokenService = getService$1("api-token");
|
|
4297
4301
|
const apiTokenExists = await apiTokenService.getById(id);
|
|
4298
4302
|
if (!apiTokenExists) {
|
|
4299
4303
|
ctx.notFound("API Token not found");
|
|
@@ -4303,19 +4307,19 @@ const apiToken$1 = {
|
|
|
4303
4307
|
ctx.created({ data: accessToken });
|
|
4304
4308
|
},
|
|
4305
4309
|
async list(ctx) {
|
|
4306
|
-
const apiTokenService = getService("api-token");
|
|
4310
|
+
const apiTokenService = getService$1("api-token");
|
|
4307
4311
|
const apiTokens2 = await apiTokenService.list();
|
|
4308
4312
|
ctx.send({ data: apiTokens2 });
|
|
4309
4313
|
},
|
|
4310
4314
|
async revoke(ctx) {
|
|
4311
4315
|
const { id } = ctx.params;
|
|
4312
|
-
const apiTokenService = getService("api-token");
|
|
4316
|
+
const apiTokenService = getService$1("api-token");
|
|
4313
4317
|
const apiToken2 = await apiTokenService.revoke(id);
|
|
4314
4318
|
ctx.deleted({ data: apiToken2 });
|
|
4315
4319
|
},
|
|
4316
4320
|
async get(ctx) {
|
|
4317
4321
|
const { id } = ctx.params;
|
|
4318
|
-
const apiTokenService = getService("api-token");
|
|
4322
|
+
const apiTokenService = getService$1("api-token");
|
|
4319
4323
|
const apiToken2 = await apiTokenService.getById(id);
|
|
4320
4324
|
if (!apiToken2) {
|
|
4321
4325
|
ctx.notFound("API Token not found");
|
|
@@ -4326,7 +4330,7 @@ const apiToken$1 = {
|
|
|
4326
4330
|
async update(ctx) {
|
|
4327
4331
|
const { body } = ctx.request;
|
|
4328
4332
|
const { id } = ctx.params;
|
|
4329
|
-
const apiTokenService = getService("api-token");
|
|
4333
|
+
const apiTokenService = getService$1("api-token");
|
|
4330
4334
|
const attributes = body;
|
|
4331
4335
|
if (has("name", attributes)) {
|
|
4332
4336
|
attributes.name = trim(body.name);
|
|
@@ -4342,14 +4346,14 @@ const apiToken$1 = {
|
|
|
4342
4346
|
if (has("name", attributes)) {
|
|
4343
4347
|
const nameAlreadyTaken = await apiTokenService.getByName(attributes.name);
|
|
4344
4348
|
if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {
|
|
4345
|
-
throw new ApplicationError$
|
|
4349
|
+
throw new ApplicationError$7("Name already taken");
|
|
4346
4350
|
}
|
|
4347
4351
|
}
|
|
4348
4352
|
const apiToken2 = await apiTokenService.update(id, attributes);
|
|
4349
4353
|
ctx.send({ data: apiToken2 });
|
|
4350
4354
|
},
|
|
4351
4355
|
async getLayout(ctx) {
|
|
4352
|
-
const apiTokenService = getService("api-token");
|
|
4356
|
+
const apiTokenService = getService$1("api-token");
|
|
4353
4357
|
const layout = await apiTokenService.getApiTokenLayout();
|
|
4354
4358
|
ctx.send({ data: layout });
|
|
4355
4359
|
}
|
|
@@ -4385,13 +4389,18 @@ const userUpdateSchema = yup.object().shape({
|
|
|
4385
4389
|
const usersDeleteSchema = yup.object().shape({
|
|
4386
4390
|
ids: yup.array().of(yup.strapiID()).min(1).required()
|
|
4387
4391
|
}).noUnknown();
|
|
4388
|
-
const validateUserCreationInput = validateYupSchema(userCreationSchema);
|
|
4392
|
+
const validateUserCreationInput$1 = validateYupSchema(userCreationSchema);
|
|
4389
4393
|
const validateProfileUpdateInput = validateYupSchema(profileUpdateSchema);
|
|
4390
4394
|
const validateUserUpdateInput = validateYupSchema(userUpdateSchema);
|
|
4391
4395
|
const validateUsersDeleteInput = validateYupSchema(usersDeleteSchema);
|
|
4396
|
+
const schemas = {
|
|
4397
|
+
userCreationSchema,
|
|
4398
|
+
usersDeleteSchema,
|
|
4399
|
+
userUpdateSchema
|
|
4400
|
+
};
|
|
4392
4401
|
const authenticatedUser = {
|
|
4393
4402
|
async getMe(ctx) {
|
|
4394
|
-
const userInfo = getService("user").sanitizeUser(ctx.state.user);
|
|
4403
|
+
const userInfo = getService$1("user").sanitizeUser(ctx.state.user);
|
|
4395
4404
|
ctx.body = {
|
|
4396
4405
|
data: userInfo
|
|
4397
4406
|
};
|
|
@@ -4399,8 +4408,8 @@ const authenticatedUser = {
|
|
|
4399
4408
|
async updateMe(ctx) {
|
|
4400
4409
|
const input = ctx.request.body;
|
|
4401
4410
|
await validateProfileUpdateInput(input);
|
|
4402
|
-
const userService = getService("user");
|
|
4403
|
-
const authServer = getService("auth");
|
|
4411
|
+
const userService = getService$1("user");
|
|
4412
|
+
const authServer = getService$1("auth");
|
|
4404
4413
|
const { currentPassword, ...userInfo } = input;
|
|
4405
4414
|
if (currentPassword && userInfo.password) {
|
|
4406
4415
|
const isValid = await authServer.validatePassword(currentPassword, ctx.state.user.password);
|
|
@@ -4416,7 +4425,7 @@ const authenticatedUser = {
|
|
|
4416
4425
|
};
|
|
4417
4426
|
},
|
|
4418
4427
|
async getOwnPermissions(ctx) {
|
|
4419
|
-
const { findUserPermissions: findUserPermissions2, sanitizePermission: sanitizePermission2 } = getService("permission");
|
|
4428
|
+
const { findUserPermissions: findUserPermissions2, sanitizePermission: sanitizePermission2 } = getService$1("permission");
|
|
4420
4429
|
const { user: user2 } = ctx.state;
|
|
4421
4430
|
const userPermissions = await findUserPermissions2(user2);
|
|
4422
4431
|
ctx.body = {
|
|
@@ -4456,11 +4465,11 @@ const resetPasswordSchema = yup.object().shape({
|
|
|
4456
4465
|
const validateResetPasswordInput = validateYupSchema(resetPasswordSchema);
|
|
4457
4466
|
const renewToken = yup.object().shape({ token: yup.string().required() }).required().noUnknown();
|
|
4458
4467
|
const validateRenewTokenInput = validateYupSchema(renewToken);
|
|
4459
|
-
const { ApplicationError: ApplicationError$
|
|
4460
|
-
const authentication = {
|
|
4468
|
+
const { ApplicationError: ApplicationError$6, ValidationError: ValidationError$2 } = errors;
|
|
4469
|
+
const authentication$1 = {
|
|
4461
4470
|
login: compose([
|
|
4462
4471
|
(ctx, next) => {
|
|
4463
|
-
return passport$
|
|
4472
|
+
return passport$2.authenticate("local", { session: false }, (err, user2, info) => {
|
|
4464
4473
|
if (err) {
|
|
4465
4474
|
strapi.eventHub.emit("admin.auth.error", { error: err, provider: "local" });
|
|
4466
4475
|
if (err.details?.code === "LOGIN_NOT_ALLOWED") {
|
|
@@ -4473,11 +4482,11 @@ const authentication = {
|
|
|
4473
4482
|
error: new Error(info.message),
|
|
4474
4483
|
provider: "local"
|
|
4475
4484
|
});
|
|
4476
|
-
throw new ApplicationError$
|
|
4485
|
+
throw new ApplicationError$6(info.message);
|
|
4477
4486
|
}
|
|
4478
4487
|
const query = ctx.state;
|
|
4479
4488
|
query.user = user2;
|
|
4480
|
-
const sanitizedUser = getService("user").sanitizeUser(user2);
|
|
4489
|
+
const sanitizedUser = getService$1("user").sanitizeUser(user2);
|
|
4481
4490
|
strapi.eventHub.emit("admin.auth.success", { user: sanitizedUser, provider: "local" });
|
|
4482
4491
|
return next();
|
|
4483
4492
|
})(ctx, next);
|
|
@@ -4486,8 +4495,8 @@ const authentication = {
|
|
|
4486
4495
|
const { user: user2 } = ctx.state;
|
|
4487
4496
|
ctx.body = {
|
|
4488
4497
|
data: {
|
|
4489
|
-
token: getService("token").createJwtToken(user2),
|
|
4490
|
-
user: getService("user").sanitizeUser(ctx.state.user)
|
|
4498
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4499
|
+
user: getService$1("user").sanitizeUser(ctx.state.user)
|
|
4491
4500
|
// TODO: fetch more detailed info
|
|
4492
4501
|
}
|
|
4493
4502
|
};
|
|
@@ -4496,50 +4505,50 @@ const authentication = {
|
|
|
4496
4505
|
async renewToken(ctx) {
|
|
4497
4506
|
await validateRenewTokenInput(ctx.request.body);
|
|
4498
4507
|
const { token: token2 } = ctx.request.body;
|
|
4499
|
-
const { isValid, payload } = getService("token").decodeJwtToken(token2);
|
|
4508
|
+
const { isValid, payload } = getService$1("token").decodeJwtToken(token2);
|
|
4500
4509
|
if (!isValid) {
|
|
4501
|
-
throw new ValidationError("Invalid token");
|
|
4510
|
+
throw new ValidationError$2("Invalid token");
|
|
4502
4511
|
}
|
|
4503
4512
|
ctx.body = {
|
|
4504
4513
|
data: {
|
|
4505
|
-
token: getService("token").createJwtToken({ id: payload.id })
|
|
4514
|
+
token: getService$1("token").createJwtToken({ id: payload.id })
|
|
4506
4515
|
}
|
|
4507
4516
|
};
|
|
4508
4517
|
},
|
|
4509
4518
|
async registrationInfo(ctx) {
|
|
4510
4519
|
await validateRegistrationInfoQuery(ctx.request.query);
|
|
4511
4520
|
const { registrationToken } = ctx.request.query;
|
|
4512
|
-
const registrationInfo = await getService("user").findRegistrationInfo(registrationToken);
|
|
4521
|
+
const registrationInfo = await getService$1("user").findRegistrationInfo(registrationToken);
|
|
4513
4522
|
if (!registrationInfo) {
|
|
4514
|
-
throw new ValidationError("Invalid registrationToken");
|
|
4523
|
+
throw new ValidationError$2("Invalid registrationToken");
|
|
4515
4524
|
}
|
|
4516
4525
|
ctx.body = { data: registrationInfo };
|
|
4517
4526
|
},
|
|
4518
4527
|
async register(ctx) {
|
|
4519
4528
|
const input = ctx.request.body;
|
|
4520
4529
|
await validateRegistrationInput(input);
|
|
4521
|
-
const user2 = await getService("user").register(input);
|
|
4530
|
+
const user2 = await getService$1("user").register(input);
|
|
4522
4531
|
ctx.body = {
|
|
4523
4532
|
data: {
|
|
4524
|
-
token: getService("token").createJwtToken(user2),
|
|
4525
|
-
user: getService("user").sanitizeUser(user2)
|
|
4533
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4534
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4526
4535
|
}
|
|
4527
4536
|
};
|
|
4528
4537
|
},
|
|
4529
4538
|
async registerAdmin(ctx) {
|
|
4530
4539
|
const input = ctx.request.body;
|
|
4531
4540
|
await validateAdminRegistrationInput(input);
|
|
4532
|
-
const hasAdmin = await getService("user").exists();
|
|
4541
|
+
const hasAdmin = await getService$1("user").exists();
|
|
4533
4542
|
if (hasAdmin) {
|
|
4534
|
-
throw new ApplicationError$
|
|
4543
|
+
throw new ApplicationError$6("You cannot register a new super admin");
|
|
4535
4544
|
}
|
|
4536
|
-
const superAdminRole = await getService("role").getSuperAdmin();
|
|
4545
|
+
const superAdminRole = await getService$1("role").getSuperAdmin();
|
|
4537
4546
|
if (!superAdminRole) {
|
|
4538
|
-
throw new ApplicationError$
|
|
4547
|
+
throw new ApplicationError$6(
|
|
4539
4548
|
"Cannot register the first admin because the super admin role doesn't exist."
|
|
4540
4549
|
);
|
|
4541
4550
|
}
|
|
4542
|
-
const user2 = await getService("user").create({
|
|
4551
|
+
const user2 = await getService$1("user").create({
|
|
4543
4552
|
...input,
|
|
4544
4553
|
registrationToken: null,
|
|
4545
4554
|
isActive: true,
|
|
@@ -4548,30 +4557,30 @@ const authentication = {
|
|
|
4548
4557
|
strapi.telemetry.send("didCreateFirstAdmin");
|
|
4549
4558
|
ctx.body = {
|
|
4550
4559
|
data: {
|
|
4551
|
-
token: getService("token").createJwtToken(user2),
|
|
4552
|
-
user: getService("user").sanitizeUser(user2)
|
|
4560
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4561
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4553
4562
|
}
|
|
4554
4563
|
};
|
|
4555
4564
|
},
|
|
4556
4565
|
async forgotPassword(ctx) {
|
|
4557
4566
|
const input = ctx.request.body;
|
|
4558
4567
|
await validateForgotPasswordInput(input);
|
|
4559
|
-
getService("auth").forgotPassword(input);
|
|
4568
|
+
getService$1("auth").forgotPassword(input);
|
|
4560
4569
|
ctx.status = 204;
|
|
4561
4570
|
},
|
|
4562
4571
|
async resetPassword(ctx) {
|
|
4563
4572
|
const input = ctx.request.body;
|
|
4564
4573
|
await validateResetPasswordInput(input);
|
|
4565
|
-
const user2 = await getService("auth").resetPassword(input);
|
|
4574
|
+
const user2 = await getService$1("auth").resetPassword(input);
|
|
4566
4575
|
ctx.body = {
|
|
4567
4576
|
data: {
|
|
4568
|
-
token: getService("token").createJwtToken(user2),
|
|
4569
|
-
user: getService("user").sanitizeUser(user2)
|
|
4577
|
+
token: getService$1("token").createJwtToken(user2),
|
|
4578
|
+
user: getService$1("user").sanitizeUser(user2)
|
|
4570
4579
|
}
|
|
4571
4580
|
};
|
|
4572
4581
|
},
|
|
4573
4582
|
logout(ctx) {
|
|
4574
|
-
const sanitizedUser = getService("user").sanitizeUser(ctx.state.user);
|
|
4583
|
+
const sanitizedUser = getService$1("user").sanitizeUser(ctx.state.user);
|
|
4575
4584
|
strapi.eventHub.emit("admin.logout", { user: sanitizedUser });
|
|
4576
4585
|
ctx.body = { data: {} };
|
|
4577
4586
|
}
|
|
@@ -4587,7 +4596,7 @@ const permission = {
|
|
|
4587
4596
|
const { body: input } = ctx.request;
|
|
4588
4597
|
const { userAbility } = ctx.state;
|
|
4589
4598
|
await validateCheckPermissionsInput(input);
|
|
4590
|
-
const { engine: engine2 } = getService("permission");
|
|
4599
|
+
const { engine: engine2 } = getService$1("permission");
|
|
4591
4600
|
const checkPermissionsFn = engine2.checkMany(userAbility);
|
|
4592
4601
|
ctx.body = {
|
|
4593
4602
|
data: checkPermissionsFn(input.permissions)
|
|
@@ -4598,7 +4607,7 @@ const permission = {
|
|
|
4598
4607
|
* @param {KoaContext} ctx - koa context
|
|
4599
4608
|
*/
|
|
4600
4609
|
async getAll(ctx) {
|
|
4601
|
-
const { sectionsBuilder: sectionsBuilder2, actionProvider: actionProvider2, conditionProvider: conditionProvider2 } = getService("permission");
|
|
4610
|
+
const { sectionsBuilder: sectionsBuilder2, actionProvider: actionProvider2, conditionProvider: conditionProvider2 } = getService$1("permission");
|
|
4602
4611
|
const actions2 = actionProvider2.values();
|
|
4603
4612
|
const conditions2 = conditionProvider2.values();
|
|
4604
4613
|
const sections = await sectionsBuilder2.build(actions2);
|
|
@@ -4611,11 +4620,11 @@ const permission = {
|
|
|
4611
4620
|
};
|
|
4612
4621
|
}
|
|
4613
4622
|
};
|
|
4614
|
-
const roleCreateSchema = yup.object().shape({
|
|
4623
|
+
const roleCreateSchema$1 = yup.object().shape({
|
|
4615
4624
|
name: yup.string().min(1).required(),
|
|
4616
4625
|
description: yup.string().nullable()
|
|
4617
4626
|
}).noUnknown();
|
|
4618
|
-
const rolesDeleteSchema = yup.object().shape({
|
|
4627
|
+
const rolesDeleteSchema$1 = yup.object().shape({
|
|
4619
4628
|
ids: yup.array().of(yup.strapiID()).min(1).required().test("roles-deletion-checks", "Roles deletion checks have failed", async function(ids) {
|
|
4620
4629
|
try {
|
|
4621
4630
|
await strapi.service("admin::role").checkRolesIdForDeletion(ids);
|
|
@@ -4625,7 +4634,7 @@ const rolesDeleteSchema = yup.object().shape({
|
|
|
4625
4634
|
return true;
|
|
4626
4635
|
})
|
|
4627
4636
|
}).noUnknown();
|
|
4628
|
-
const roleDeleteSchema = yup.strapiID().required().test("no-admin-single-delete", "Role deletion checks have failed", async function(id) {
|
|
4637
|
+
const roleDeleteSchema$1 = yup.strapiID().required().test("no-admin-single-delete", "Role deletion checks have failed", async function(id) {
|
|
4629
4638
|
try {
|
|
4630
4639
|
await strapi.service("admin::role").checkRolesIdForDeletion([id]);
|
|
4631
4640
|
} catch (e) {
|
|
@@ -4637,21 +4646,21 @@ const roleUpdateSchema = yup.object().shape({
|
|
|
4637
4646
|
name: yup.string().min(1),
|
|
4638
4647
|
description: yup.string().nullable()
|
|
4639
4648
|
}).noUnknown();
|
|
4640
|
-
const validateRoleCreateInput = validateYupSchema(roleCreateSchema);
|
|
4649
|
+
const validateRoleCreateInput$1 = validateYupSchema(roleCreateSchema$1);
|
|
4641
4650
|
const validateRoleUpdateInput = validateYupSchema(roleUpdateSchema);
|
|
4642
|
-
const validateRolesDeleteInput = validateYupSchema(rolesDeleteSchema);
|
|
4643
|
-
const validateRoleDeleteInput = validateYupSchema(roleDeleteSchema);
|
|
4644
|
-
const { ApplicationError: ApplicationError$
|
|
4645
|
-
const { SUPER_ADMIN_CODE } = constants$3;
|
|
4646
|
-
const role = {
|
|
4651
|
+
const validateRolesDeleteInput$1 = validateYupSchema(rolesDeleteSchema$1);
|
|
4652
|
+
const validateRoleDeleteInput$1 = validateYupSchema(roleDeleteSchema$1);
|
|
4653
|
+
const { ApplicationError: ApplicationError$5 } = errors;
|
|
4654
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$2 } = constants$3;
|
|
4655
|
+
const role$2 = {
|
|
4647
4656
|
/**
|
|
4648
4657
|
* Create a new role
|
|
4649
4658
|
* @param {KoaContext} ctx - koa context
|
|
4650
4659
|
*/
|
|
4651
4660
|
async create(ctx) {
|
|
4652
4661
|
const { body } = ctx.request;
|
|
4653
|
-
await validateRoleCreateInput(body);
|
|
4654
|
-
const roleService = getService("role");
|
|
4662
|
+
await validateRoleCreateInput$1(body);
|
|
4663
|
+
const roleService = getService$1("role");
|
|
4655
4664
|
const role2 = await roleService.create(body);
|
|
4656
4665
|
const sanitizedRole = roleService.sanitizeRole(role2);
|
|
4657
4666
|
ctx.created({ data: sanitizedRole });
|
|
@@ -4662,7 +4671,7 @@ const role = {
|
|
|
4662
4671
|
*/
|
|
4663
4672
|
async findOne(ctx) {
|
|
4664
4673
|
const { id } = ctx.params;
|
|
4665
|
-
const role2 = await getService("role").findOneWithUsersCount({ id });
|
|
4674
|
+
const role2 = await getService$1("role").findOneWithUsersCount({ id });
|
|
4666
4675
|
if (!role2) {
|
|
4667
4676
|
return ctx.notFound("role.notFound");
|
|
4668
4677
|
}
|
|
@@ -4676,13 +4685,13 @@ const role = {
|
|
|
4676
4685
|
*/
|
|
4677
4686
|
async findAll(ctx) {
|
|
4678
4687
|
const { query } = ctx.request;
|
|
4679
|
-
const permissionsManager = getService("permission").createPermissionsManager({
|
|
4688
|
+
const permissionsManager = getService$1("permission").createPermissionsManager({
|
|
4680
4689
|
ability: ctx.state.userAbility,
|
|
4681
4690
|
model: "admin::role"
|
|
4682
4691
|
});
|
|
4683
4692
|
await permissionsManager.validateQuery(query);
|
|
4684
4693
|
const sanitizedQuery = await permissionsManager.sanitizeQuery(query);
|
|
4685
|
-
const roles2 = await getService("role").findAllWithUsersCount(sanitizedQuery);
|
|
4694
|
+
const roles2 = await getService$1("role").findAllWithUsersCount(sanitizedQuery);
|
|
4686
4695
|
ctx.body = {
|
|
4687
4696
|
data: roles2
|
|
4688
4697
|
};
|
|
@@ -4694,14 +4703,14 @@ const role = {
|
|
|
4694
4703
|
async update(ctx) {
|
|
4695
4704
|
const { id } = ctx.params;
|
|
4696
4705
|
const { body } = ctx.request;
|
|
4697
|
-
const roleService = getService("role");
|
|
4706
|
+
const roleService = getService$1("role");
|
|
4698
4707
|
await validateRoleUpdateInput(body);
|
|
4699
4708
|
const role2 = await roleService.findOne({ id });
|
|
4700
4709
|
if (!role2) {
|
|
4701
4710
|
return ctx.notFound("role.notFound");
|
|
4702
4711
|
}
|
|
4703
|
-
if (role2.code === SUPER_ADMIN_CODE) {
|
|
4704
|
-
throw new ApplicationError$
|
|
4712
|
+
if (role2.code === SUPER_ADMIN_CODE$2) {
|
|
4713
|
+
throw new ApplicationError$5("Super admin can't be edited.");
|
|
4705
4714
|
}
|
|
4706
4715
|
const updatedRole = await roleService.update({ id }, body);
|
|
4707
4716
|
const sanitizedRole = roleService.sanitizeRole(updatedRole);
|
|
@@ -4715,8 +4724,8 @@ const role = {
|
|
|
4715
4724
|
*/
|
|
4716
4725
|
async getPermissions(ctx) {
|
|
4717
4726
|
const { id } = ctx.params;
|
|
4718
|
-
const roleService = getService("role");
|
|
4719
|
-
const permissionService = getService("permission");
|
|
4727
|
+
const roleService = getService$1("role");
|
|
4728
|
+
const permissionService = getService$1("permission");
|
|
4720
4729
|
const role2 = await roleService.findOne({ id });
|
|
4721
4730
|
if (!role2) {
|
|
4722
4731
|
return ctx.notFound("role.notFound");
|
|
@@ -4735,14 +4744,14 @@ const role = {
|
|
|
4735
4744
|
async updatePermissions(ctx) {
|
|
4736
4745
|
const { id } = ctx.params;
|
|
4737
4746
|
const { body: input } = ctx.request;
|
|
4738
|
-
const roleService = getService("role");
|
|
4739
|
-
const permissionService = getService("permission");
|
|
4747
|
+
const roleService = getService$1("role");
|
|
4748
|
+
const permissionService = getService$1("permission");
|
|
4740
4749
|
const role2 = await roleService.findOne({ id });
|
|
4741
4750
|
if (!role2) {
|
|
4742
4751
|
return ctx.notFound("role.notFound");
|
|
4743
4752
|
}
|
|
4744
|
-
if (role2.code === SUPER_ADMIN_CODE) {
|
|
4745
|
-
throw new ApplicationError$
|
|
4753
|
+
if (role2.code === SUPER_ADMIN_CODE$2) {
|
|
4754
|
+
throw new ApplicationError$5("Super admin permissions can't be edited.");
|
|
4746
4755
|
}
|
|
4747
4756
|
await validatedUpdatePermissionsInput(input);
|
|
4748
4757
|
if (!role2) {
|
|
@@ -4760,8 +4769,8 @@ const role = {
|
|
|
4760
4769
|
*/
|
|
4761
4770
|
async deleteOne(ctx) {
|
|
4762
4771
|
const { id } = ctx.params;
|
|
4763
|
-
await validateRoleDeleteInput(id);
|
|
4764
|
-
const roleService = getService("role");
|
|
4772
|
+
await validateRoleDeleteInput$1(id);
|
|
4773
|
+
const roleService = getService$1("role");
|
|
4765
4774
|
const roles2 = await roleService.deleteByIds([id]);
|
|
4766
4775
|
const sanitizedRole = roles2.map((role2) => roleService.sanitizeRole(role2))[0] || null;
|
|
4767
4776
|
return ctx.deleted({
|
|
@@ -4774,8 +4783,8 @@ const role = {
|
|
|
4774
4783
|
*/
|
|
4775
4784
|
async deleteMany(ctx) {
|
|
4776
4785
|
const { body } = ctx.request;
|
|
4777
|
-
await validateRolesDeleteInput(body);
|
|
4778
|
-
const roleService = getService("role");
|
|
4786
|
+
await validateRolesDeleteInput$1(body);
|
|
4787
|
+
const roleService = getService$1("role");
|
|
4779
4788
|
const roles2 = await roleService.deleteByIds(body.ids);
|
|
4780
4789
|
const sanitizedRoles = roles2.map(roleService.sanitizeRole);
|
|
4781
4790
|
return ctx.deleted({
|
|
@@ -4788,11 +4797,11 @@ const {
|
|
|
4788
4797
|
handlers: { createPushController, createPullController }
|
|
4789
4798
|
}
|
|
4790
4799
|
} = strapi$1;
|
|
4791
|
-
const { UnauthorizedError } = errors;
|
|
4800
|
+
const { UnauthorizedError: UnauthorizedError$1 } = errors;
|
|
4792
4801
|
const verify = async (ctx, scope) => {
|
|
4793
4802
|
const { auth: auth2 } = ctx.state;
|
|
4794
4803
|
if (!auth2) {
|
|
4795
|
-
throw new UnauthorizedError();
|
|
4804
|
+
throw new UnauthorizedError$1();
|
|
4796
4805
|
}
|
|
4797
4806
|
await dataTransferAuthStrategy.verify(auth2, { scope });
|
|
4798
4807
|
};
|
|
@@ -4819,17 +4828,17 @@ const token$1 = {
|
|
|
4819
4828
|
validateTransferTokenCreationInput: validateTransferTokenCreationInput$1,
|
|
4820
4829
|
validateTransferTokenUpdateInput: validateTransferTokenUpdateInput$1
|
|
4821
4830
|
};
|
|
4822
|
-
const { ApplicationError: ApplicationError$
|
|
4831
|
+
const { ApplicationError: ApplicationError$4 } = errors;
|
|
4823
4832
|
const { validateTransferTokenCreationInput, validateTransferTokenUpdateInput } = token$1;
|
|
4824
4833
|
const token = {
|
|
4825
4834
|
async list(ctx) {
|
|
4826
|
-
const transferService = getService("transfer");
|
|
4835
|
+
const transferService = getService$1("transfer");
|
|
4827
4836
|
const transferTokens = await transferService.token.list();
|
|
4828
4837
|
ctx.body = { data: transferTokens };
|
|
4829
4838
|
},
|
|
4830
4839
|
async getById(ctx) {
|
|
4831
4840
|
const { id } = ctx.params;
|
|
4832
|
-
const tokenService = getService("transfer").token;
|
|
4841
|
+
const tokenService = getService$1("transfer").token;
|
|
4833
4842
|
const transferToken2 = await tokenService.getById(id);
|
|
4834
4843
|
if (!transferToken2) {
|
|
4835
4844
|
ctx.notFound("Transfer token not found");
|
|
@@ -4839,7 +4848,7 @@ const token = {
|
|
|
4839
4848
|
},
|
|
4840
4849
|
async create(ctx) {
|
|
4841
4850
|
const { body } = ctx.request;
|
|
4842
|
-
const { token: tokenService } = getService("transfer");
|
|
4851
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4843
4852
|
const attributes = {
|
|
4844
4853
|
name: trim(body.name),
|
|
4845
4854
|
description: trim(body.description),
|
|
@@ -4849,7 +4858,7 @@ const token = {
|
|
|
4849
4858
|
await validateTransferTokenCreationInput(attributes);
|
|
4850
4859
|
const alreadyExists = await tokenService.exists({ name: attributes.name });
|
|
4851
4860
|
if (alreadyExists) {
|
|
4852
|
-
throw new ApplicationError$
|
|
4861
|
+
throw new ApplicationError$4("Name already taken");
|
|
4853
4862
|
}
|
|
4854
4863
|
const transferTokens = await tokenService.create(attributes);
|
|
4855
4864
|
ctx.created({ data: transferTokens });
|
|
@@ -4857,7 +4866,7 @@ const token = {
|
|
|
4857
4866
|
async update(ctx) {
|
|
4858
4867
|
const { body } = ctx.request;
|
|
4859
4868
|
const { id } = ctx.params;
|
|
4860
|
-
const { token: tokenService } = getService("transfer");
|
|
4869
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4861
4870
|
const attributes = body;
|
|
4862
4871
|
if (has("name", attributes)) {
|
|
4863
4872
|
attributes.name = trim(body.name);
|
|
@@ -4873,7 +4882,7 @@ const token = {
|
|
|
4873
4882
|
if (has("name", attributes)) {
|
|
4874
4883
|
const nameAlreadyTaken = await tokenService.getByName(attributes.name);
|
|
4875
4884
|
if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {
|
|
4876
|
-
throw new ApplicationError$
|
|
4885
|
+
throw new ApplicationError$4("Name already taken");
|
|
4877
4886
|
}
|
|
4878
4887
|
}
|
|
4879
4888
|
const apiToken2 = await tokenService.update(id, attributes);
|
|
@@ -4881,13 +4890,13 @@ const token = {
|
|
|
4881
4890
|
},
|
|
4882
4891
|
async revoke(ctx) {
|
|
4883
4892
|
const { id } = ctx.params;
|
|
4884
|
-
const { token: tokenService } = getService("transfer");
|
|
4893
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4885
4894
|
const transferToken2 = await tokenService.revoke(id);
|
|
4886
4895
|
ctx.deleted({ data: transferToken2 });
|
|
4887
4896
|
},
|
|
4888
4897
|
async regenerate(ctx) {
|
|
4889
4898
|
const { id } = ctx.params;
|
|
4890
|
-
const { token: tokenService } = getService("transfer");
|
|
4899
|
+
const { token: tokenService } = getService$1("transfer");
|
|
4891
4900
|
const exists2 = await tokenService.getById(id);
|
|
4892
4901
|
if (!exists2) {
|
|
4893
4902
|
ctx.notFound("Transfer token not found");
|
|
@@ -4902,12 +4911,12 @@ const transfer = {
|
|
|
4902
4911
|
...prefixActionsName("runner", runner),
|
|
4903
4912
|
...prefixActionsName("token", token)
|
|
4904
4913
|
};
|
|
4905
|
-
const { ApplicationError } = errors;
|
|
4906
|
-
const user = {
|
|
4914
|
+
const { ApplicationError: ApplicationError$3 } = errors;
|
|
4915
|
+
const user$2 = {
|
|
4907
4916
|
async create(ctx) {
|
|
4908
4917
|
const { body } = ctx.request;
|
|
4909
4918
|
const cleanData = { ...body, email: _.get(body, `email`, ``).toLowerCase() };
|
|
4910
|
-
await validateUserCreationInput(cleanData);
|
|
4919
|
+
await validateUserCreationInput$1(cleanData);
|
|
4911
4920
|
const attributes = _.pick(cleanData, [
|
|
4912
4921
|
"firstname",
|
|
4913
4922
|
"lastname",
|
|
@@ -4915,19 +4924,19 @@ const user = {
|
|
|
4915
4924
|
"roles",
|
|
4916
4925
|
"preferedLanguage"
|
|
4917
4926
|
]);
|
|
4918
|
-
const userAlreadyExists = await getService("user").exists({
|
|
4927
|
+
const userAlreadyExists = await getService$1("user").exists({
|
|
4919
4928
|
email: attributes.email
|
|
4920
4929
|
});
|
|
4921
4930
|
if (userAlreadyExists) {
|
|
4922
|
-
throw new ApplicationError("Email already taken");
|
|
4931
|
+
throw new ApplicationError$3("Email already taken");
|
|
4923
4932
|
}
|
|
4924
|
-
const createdUser = await getService("user").create(attributes);
|
|
4925
|
-
const userInfo = getService("user").sanitizeUser(createdUser);
|
|
4933
|
+
const createdUser = await getService$1("user").create(attributes);
|
|
4934
|
+
const userInfo = getService$1("user").sanitizeUser(createdUser);
|
|
4926
4935
|
Object.assign(userInfo, { registrationToken: createdUser.registrationToken });
|
|
4927
4936
|
ctx.created({ data: userInfo });
|
|
4928
4937
|
},
|
|
4929
4938
|
async find(ctx) {
|
|
4930
|
-
const userService = getService("user");
|
|
4939
|
+
const userService = getService$1("user");
|
|
4931
4940
|
const permissionsManager = strapi.service("admin::permission").createPermissionsManager({
|
|
4932
4941
|
ability: ctx.state.userAbility,
|
|
4933
4942
|
model: "admin::user"
|
|
@@ -4944,12 +4953,12 @@ const user = {
|
|
|
4944
4953
|
},
|
|
4945
4954
|
async findOne(ctx) {
|
|
4946
4955
|
const { id } = ctx.params;
|
|
4947
|
-
const user2 = await getService("user").findOne(id);
|
|
4956
|
+
const user2 = await getService$1("user").findOne(id);
|
|
4948
4957
|
if (!user2) {
|
|
4949
4958
|
return ctx.notFound("User does not exist");
|
|
4950
4959
|
}
|
|
4951
4960
|
ctx.body = {
|
|
4952
|
-
data: getService("user").sanitizeUser(user2)
|
|
4961
|
+
data: getService$1("user").sanitizeUser(user2)
|
|
4953
4962
|
};
|
|
4954
4963
|
},
|
|
4955
4964
|
async update(ctx) {
|
|
@@ -4957,30 +4966,30 @@ const user = {
|
|
|
4957
4966
|
const { body: input } = ctx.request;
|
|
4958
4967
|
await validateUserUpdateInput(input);
|
|
4959
4968
|
if (_.has(input, "email")) {
|
|
4960
|
-
const uniqueEmailCheck = await getService("user").exists({
|
|
4969
|
+
const uniqueEmailCheck = await getService$1("user").exists({
|
|
4961
4970
|
id: { $ne: id },
|
|
4962
4971
|
email: input.email
|
|
4963
4972
|
});
|
|
4964
4973
|
if (uniqueEmailCheck) {
|
|
4965
|
-
throw new ApplicationError("A user with this email address already exists");
|
|
4974
|
+
throw new ApplicationError$3("A user with this email address already exists");
|
|
4966
4975
|
}
|
|
4967
4976
|
}
|
|
4968
|
-
const updatedUser = await getService("user").updateById(id, input);
|
|
4977
|
+
const updatedUser = await getService$1("user").updateById(id, input);
|
|
4969
4978
|
if (!updatedUser) {
|
|
4970
4979
|
return ctx.notFound("User does not exist");
|
|
4971
4980
|
}
|
|
4972
4981
|
ctx.body = {
|
|
4973
|
-
data: getService("user").sanitizeUser(updatedUser)
|
|
4982
|
+
data: getService$1("user").sanitizeUser(updatedUser)
|
|
4974
4983
|
};
|
|
4975
4984
|
},
|
|
4976
4985
|
async deleteOne(ctx) {
|
|
4977
4986
|
const { id } = ctx.params;
|
|
4978
|
-
const deletedUser = await getService("user").deleteById(id);
|
|
4987
|
+
const deletedUser = await getService$1("user").deleteById(id);
|
|
4979
4988
|
if (!deletedUser) {
|
|
4980
4989
|
return ctx.notFound("User not found");
|
|
4981
4990
|
}
|
|
4982
4991
|
return ctx.deleted({
|
|
4983
|
-
data: getService("user").sanitizeUser(deletedUser)
|
|
4992
|
+
data: getService$1("user").sanitizeUser(deletedUser)
|
|
4984
4993
|
});
|
|
4985
4994
|
},
|
|
4986
4995
|
/**
|
|
@@ -4990,8 +4999,8 @@ const user = {
|
|
|
4990
4999
|
async deleteMany(ctx) {
|
|
4991
5000
|
const { body } = ctx.request;
|
|
4992
5001
|
await validateUsersDeleteInput(body);
|
|
4993
|
-
const users2 = await getService("user").deleteByIds(body.ids);
|
|
4994
|
-
const sanitizedUsers = users2.map(getService("user").sanitizeUser);
|
|
5002
|
+
const users2 = await getService$1("user").deleteByIds(body.ids);
|
|
5003
|
+
const sanitizedUsers = users2.map(getService$1("user").sanitizeUser);
|
|
4995
5004
|
return ctx.deleted({
|
|
4996
5005
|
data: sanitizedUsers
|
|
4997
5006
|
});
|
|
@@ -5111,15 +5120,15 @@ const contentApi = {
|
|
|
5111
5120
|
ctx.send({ data: routesMap });
|
|
5112
5121
|
}
|
|
5113
5122
|
};
|
|
5114
|
-
const
|
|
5115
|
-
admin,
|
|
5123
|
+
const controllers$1 = {
|
|
5124
|
+
admin: admin$3,
|
|
5116
5125
|
"api-token": apiToken$1,
|
|
5117
5126
|
"authenticated-user": authenticatedUser,
|
|
5118
|
-
authentication,
|
|
5127
|
+
authentication: authentication$1,
|
|
5119
5128
|
permission,
|
|
5120
|
-
role,
|
|
5129
|
+
role: role$2,
|
|
5121
5130
|
transfer,
|
|
5122
|
-
user,
|
|
5131
|
+
user: user$2,
|
|
5123
5132
|
webhooks,
|
|
5124
5133
|
"content-api": contentApi
|
|
5125
5134
|
};
|
|
@@ -5544,7 +5553,7 @@ const transferTokenPermission = {
|
|
|
5544
5553
|
}
|
|
5545
5554
|
}
|
|
5546
5555
|
};
|
|
5547
|
-
const
|
|
5556
|
+
const contentTypes = {
|
|
5548
5557
|
permission: { schema: Permission },
|
|
5549
5558
|
user: { schema: User },
|
|
5550
5559
|
role: { schema: Role },
|
|
@@ -5553,8 +5562,8 @@ const index$1 = {
|
|
|
5553
5562
|
"transfer-token": { schema: transferToken },
|
|
5554
5563
|
"transfer-token-permission": { schema: transferTokenPermission }
|
|
5555
5564
|
};
|
|
5556
|
-
const { RateLimitError } = utils$
|
|
5557
|
-
const rateLimit = (
|
|
5565
|
+
const { RateLimitError } = utils$2.errors;
|
|
5566
|
+
const rateLimit = (config2, { strapi: strapi2 }) => async (ctx, next) => {
|
|
5558
5567
|
let rateLimitConfig = strapi2.config.get("admin.rateLimit");
|
|
5559
5568
|
if (!rateLimitConfig) {
|
|
5560
5569
|
rateLimitConfig = {
|
|
@@ -5577,14 +5586,14 @@ const rateLimit = (config, { strapi: strapi2 }) => async (ctx, next) => {
|
|
|
5577
5586
|
throw new RateLimitError();
|
|
5578
5587
|
},
|
|
5579
5588
|
...rateLimitConfig,
|
|
5580
|
-
...
|
|
5589
|
+
...config2
|
|
5581
5590
|
};
|
|
5582
5591
|
return rateLimit2.middleware(loadConfig)(ctx, next);
|
|
5583
5592
|
}
|
|
5584
5593
|
return next();
|
|
5585
5594
|
};
|
|
5586
5595
|
const dataTransfer = () => async (ctx, next) => {
|
|
5587
|
-
const transferUtils = getService("transfer").utils;
|
|
5596
|
+
const transferUtils = getService$1("transfer").utils;
|
|
5588
5597
|
const { hasValidTokenSalt: hasValidTokenSalt2, isRemoteTransferEnabled: isRemoteTransferEnabled2 } = transferUtils;
|
|
5589
5598
|
if (isRemoteTransferEnabled2()) {
|
|
5590
5599
|
return next();
|
|
@@ -5602,20 +5611,1371 @@ const dataTransfer = () => async (ctx, next) => {
|
|
|
5602
5611
|
}
|
|
5603
5612
|
throw new Error("Unexpected error while trying to access a data transfer route");
|
|
5604
5613
|
};
|
|
5605
|
-
const
|
|
5614
|
+
const middlewares$1 = {
|
|
5606
5615
|
rateLimit,
|
|
5607
5616
|
"data-transfer": dataTransfer
|
|
5608
5617
|
};
|
|
5618
|
+
const register = async ({ strapi: strapi2 }) => {
|
|
5619
|
+
await register$2({ strapi: strapi2 });
|
|
5620
|
+
};
|
|
5621
|
+
const getService = (name2, { strapi: strapi2 } = { strapi: global.strapi }) => {
|
|
5622
|
+
return strapi2.service(`admin::${name2}`);
|
|
5623
|
+
};
|
|
5624
|
+
const actions = {
|
|
5625
|
+
sso: [
|
|
5626
|
+
{
|
|
5627
|
+
uid: "provider-login.read",
|
|
5628
|
+
displayName: "Read",
|
|
5629
|
+
pluginName: "admin",
|
|
5630
|
+
section: "settings",
|
|
5631
|
+
category: "single sign on",
|
|
5632
|
+
subCategory: "options"
|
|
5633
|
+
},
|
|
5634
|
+
{
|
|
5635
|
+
uid: "provider-login.update",
|
|
5636
|
+
displayName: "Update",
|
|
5637
|
+
pluginName: "admin",
|
|
5638
|
+
section: "settings",
|
|
5639
|
+
category: "single sign on",
|
|
5640
|
+
subCategory: "options"
|
|
5641
|
+
}
|
|
5642
|
+
],
|
|
5643
|
+
auditLogs: [
|
|
5644
|
+
{
|
|
5645
|
+
uid: "audit-logs.read",
|
|
5646
|
+
displayName: "Read",
|
|
5647
|
+
pluginName: "admin",
|
|
5648
|
+
section: "settings",
|
|
5649
|
+
category: "audit logs",
|
|
5650
|
+
subCategory: "options"
|
|
5651
|
+
}
|
|
5652
|
+
]
|
|
5653
|
+
};
|
|
5654
|
+
const transformTableName = (table) => {
|
|
5655
|
+
if (typeof table === "string") {
|
|
5656
|
+
return { name: table };
|
|
5657
|
+
}
|
|
5658
|
+
return table;
|
|
5659
|
+
};
|
|
5660
|
+
async function findTables({ strapi: strapi2 }, regex) {
|
|
5661
|
+
const tables = await strapi2.db.dialect.schemaInspector.getTables();
|
|
5662
|
+
return tables.filter((tableName) => regex.test(tableName));
|
|
5663
|
+
}
|
|
5664
|
+
async function addPersistTables({ strapi: strapi2 }, tableNames) {
|
|
5665
|
+
const persistedTables = await getPersistedTables({ strapi: strapi2 });
|
|
5666
|
+
const tables = tableNames.map(transformTableName);
|
|
5667
|
+
const notPersistedTableNames = differenceWith(isEqual, tables, persistedTables);
|
|
5668
|
+
const tablesToPersist = differenceWith(
|
|
5669
|
+
(t1, t2) => t1.name === t2.name,
|
|
5670
|
+
persistedTables,
|
|
5671
|
+
notPersistedTableNames
|
|
5672
|
+
);
|
|
5673
|
+
if (!notPersistedTableNames.length) {
|
|
5674
|
+
return;
|
|
5675
|
+
}
|
|
5676
|
+
tablesToPersist.push(...notPersistedTableNames);
|
|
5677
|
+
await strapi2.store.set({
|
|
5678
|
+
type: "core",
|
|
5679
|
+
key: "persisted_tables",
|
|
5680
|
+
value: tablesToPersist
|
|
5681
|
+
});
|
|
5682
|
+
}
|
|
5683
|
+
async function getPersistedTables({ strapi: strapi2 }) {
|
|
5684
|
+
const persistedTables = await strapi2.store.get({
|
|
5685
|
+
type: "core",
|
|
5686
|
+
key: "persisted_tables"
|
|
5687
|
+
});
|
|
5688
|
+
return (persistedTables || []).map(transformTableName);
|
|
5689
|
+
}
|
|
5690
|
+
const persistTablesWithPrefix = async (tableNamePrefix) => {
|
|
5691
|
+
const tableNameRegex = new RegExp(`^${tableNamePrefix}.*`);
|
|
5692
|
+
const tableNames = await findTables({ strapi }, tableNameRegex);
|
|
5693
|
+
await addPersistTables({ strapi }, tableNames);
|
|
5694
|
+
};
|
|
5695
|
+
const bootstrap = async (args) => {
|
|
5696
|
+
const { actionProvider: actionProvider2 } = getService("permission");
|
|
5697
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
5698
|
+
await actionProvider2.registerMany(actions.sso);
|
|
5699
|
+
}
|
|
5700
|
+
if (strapi.ee.features.isEnabled("audit-logs")) {
|
|
5701
|
+
await persistTablesWithPrefix("strapi_audit_logs");
|
|
5702
|
+
await actionProvider2.registerMany(actions.auditLogs);
|
|
5703
|
+
}
|
|
5704
|
+
await getService("seat-enforcement").seatEnforcementWorkflow();
|
|
5705
|
+
await bootstrap$1(args);
|
|
5706
|
+
};
|
|
5707
|
+
const destroy = async ({ strapi: strapi2 }) => {
|
|
5708
|
+
await destroy$1();
|
|
5709
|
+
};
|
|
5710
|
+
const adminContentTypes = {};
|
|
5711
|
+
const isSsoLocked = async (user2) => {
|
|
5712
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5713
|
+
return false;
|
|
5714
|
+
}
|
|
5715
|
+
if (!user2) {
|
|
5716
|
+
throw new Error("Missing user object");
|
|
5717
|
+
}
|
|
5718
|
+
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
5719
|
+
const { providers: providers2 } = await adminStore.get({ key: "auth" });
|
|
5720
|
+
const lockedRoles = providers2.ssoLockedRoles ?? [];
|
|
5721
|
+
if (isEmpty(lockedRoles)) {
|
|
5722
|
+
return false;
|
|
5723
|
+
}
|
|
5724
|
+
const roles2 = (
|
|
5725
|
+
// If the roles are pre-loaded for the given user, then use them
|
|
5726
|
+
user2.roles ?? // Otherwise, try to load the role based on the given user ID
|
|
5727
|
+
await strapi.db.query("admin::user").load(user2, "roles", { roles: { fields: ["id"] } }) ?? // If the query fails somehow, default to an empty array
|
|
5728
|
+
[]
|
|
5729
|
+
);
|
|
5730
|
+
const isLocked = lockedRoles.some(
|
|
5731
|
+
(lockedId) => (
|
|
5732
|
+
// lockedRoles will be a string to avoid issues with frontend and bigints
|
|
5733
|
+
roles2.some((role2) => lockedId === role2.id.toString())
|
|
5734
|
+
)
|
|
5735
|
+
);
|
|
5736
|
+
return isLocked;
|
|
5737
|
+
};
|
|
5738
|
+
const { ApplicationError: ApplicationError$2 } = errors;
|
|
5739
|
+
const forgotPassword = async ({ email: email2 } = {}) => {
|
|
5740
|
+
const user2 = await strapi.db.query("admin::user").findOne({ where: { email: email2, isActive: true } });
|
|
5741
|
+
if (!user2 || await isSsoLocked(user2)) {
|
|
5742
|
+
return;
|
|
5743
|
+
}
|
|
5744
|
+
const resetPasswordToken = getService("token").createToken();
|
|
5745
|
+
await getService("user").updateById(user2.id, { resetPasswordToken });
|
|
5746
|
+
const url = `${strapi.config.get(
|
|
5747
|
+
"admin.absoluteUrl"
|
|
5748
|
+
)}/auth/reset-password?code=${resetPasswordToken}`;
|
|
5749
|
+
return strapi.plugin("email").service("email").sendTemplatedEmail(
|
|
5750
|
+
{
|
|
5751
|
+
to: user2.email,
|
|
5752
|
+
from: strapi.config.get("admin.forgotPassword.from"),
|
|
5753
|
+
replyTo: strapi.config.get("admin.forgotPassword.replyTo")
|
|
5754
|
+
},
|
|
5755
|
+
strapi.config.get("admin.forgotPassword.emailTemplate"),
|
|
5756
|
+
{
|
|
5757
|
+
url,
|
|
5758
|
+
user: ___default.pick(user2, ["email", "firstname", "lastname", "username"])
|
|
5759
|
+
}
|
|
5760
|
+
).catch((err) => {
|
|
5761
|
+
strapi.log.error(err);
|
|
5762
|
+
});
|
|
5763
|
+
};
|
|
5764
|
+
const resetPassword = async ({ resetPasswordToken, password: password2 } = {}) => {
|
|
5765
|
+
const matchingUser = await strapi.db.query("admin::user").findOne({ where: { resetPasswordToken, isActive: true } });
|
|
5766
|
+
if (!matchingUser || await isSsoLocked(matchingUser)) {
|
|
5767
|
+
throw new ApplicationError$2();
|
|
5768
|
+
}
|
|
5769
|
+
return getService("user").updateById(matchingUser.id, {
|
|
5770
|
+
password: password2,
|
|
5771
|
+
resetPasswordToken: null
|
|
5772
|
+
});
|
|
5773
|
+
};
|
|
5774
|
+
const auth = {
|
|
5775
|
+
forgotPassword,
|
|
5776
|
+
resetPassword
|
|
5777
|
+
};
|
|
5778
|
+
const createProviderRegistry = () => {
|
|
5779
|
+
const registry = /* @__PURE__ */ new Map();
|
|
5780
|
+
Object.assign(registry, {
|
|
5781
|
+
register(provider) {
|
|
5782
|
+
if (strapi.isLoaded) {
|
|
5783
|
+
throw new Error(`You can't register new provider after the bootstrap`);
|
|
5784
|
+
}
|
|
5785
|
+
this.set(provider.uid, provider);
|
|
5786
|
+
},
|
|
5787
|
+
registerMany(providers2) {
|
|
5788
|
+
providers2.forEach((provider) => {
|
|
5789
|
+
this.register(provider);
|
|
5790
|
+
});
|
|
5791
|
+
},
|
|
5792
|
+
getAll() {
|
|
5793
|
+
return Array.from(this.values());
|
|
5794
|
+
}
|
|
5795
|
+
});
|
|
5796
|
+
return registry;
|
|
5797
|
+
};
|
|
5798
|
+
const providerRegistry = createProviderRegistry();
|
|
5799
|
+
const errorMessage = "SSO is disabled. Its functionnalities cannot be accessed.";
|
|
5800
|
+
const getStrategyCallbackURL = (providerName) => {
|
|
5801
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5802
|
+
throw new Error(errorMessage);
|
|
5803
|
+
}
|
|
5804
|
+
return `/admin/connect/${providerName}`;
|
|
5805
|
+
};
|
|
5806
|
+
const syncProviderRegistryWithConfig = () => {
|
|
5807
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5808
|
+
throw new Error(errorMessage);
|
|
5809
|
+
}
|
|
5810
|
+
const { providers: providers2 = [] } = strapi.config.get("admin.auth", {});
|
|
5811
|
+
providerRegistry.registerMany(providers2);
|
|
5812
|
+
};
|
|
5813
|
+
const SSOAuthEventsMapper = {
|
|
5814
|
+
onSSOAutoRegistration: "admin.auth.autoRegistration"
|
|
5815
|
+
};
|
|
5816
|
+
const sso$1 = {
|
|
5817
|
+
providerRegistry,
|
|
5818
|
+
getStrategyCallbackURL,
|
|
5819
|
+
syncProviderRegistryWithConfig,
|
|
5820
|
+
authEventsMapper: { ...passport$1.authEventsMapper, ...SSOAuthEventsMapper }
|
|
5821
|
+
};
|
|
5822
|
+
const { UnauthorizedError } = errors;
|
|
5823
|
+
const localStrategyMiddleware = async ([error, user2, message], done) => {
|
|
5824
|
+
if (user2 && !error && await isSsoLocked(user2)) {
|
|
5825
|
+
return done(
|
|
5826
|
+
new UnauthorizedError("Login not allowed, please contact your administrator", {
|
|
5827
|
+
code: "LOGIN_NOT_ALLOWED"
|
|
5828
|
+
}),
|
|
5829
|
+
user2,
|
|
5830
|
+
message
|
|
5831
|
+
);
|
|
5832
|
+
}
|
|
5833
|
+
return done(error, user2, message);
|
|
5834
|
+
};
|
|
5835
|
+
const getPassportStrategies = () => {
|
|
5836
|
+
if (!strapi.ee.features.isEnabled("sso")) {
|
|
5837
|
+
return [createLocalStrategy(strapi)];
|
|
5838
|
+
}
|
|
5839
|
+
const localStrategy = createLocalStrategy(strapi, localStrategyMiddleware);
|
|
5840
|
+
if (!strapi.isLoaded) {
|
|
5841
|
+
sso$1.syncProviderRegistryWithConfig();
|
|
5842
|
+
}
|
|
5843
|
+
const providers2 = sso$1.providerRegistry.getAll();
|
|
5844
|
+
const strategies = providers2.map((provider) => provider.createStrategy(strapi));
|
|
5845
|
+
return [localStrategy, ...strategies];
|
|
5846
|
+
};
|
|
5847
|
+
const passport = {
|
|
5848
|
+
getPassportStrategies,
|
|
5849
|
+
...sso$1
|
|
5850
|
+
};
|
|
5851
|
+
const { ApplicationError: ApplicationError$1 } = errors;
|
|
5852
|
+
const ssoCheckRolesIdForDeletion = async (ids) => {
|
|
5853
|
+
const adminStore = await strapi.store({ type: "core", name: "admin" });
|
|
5854
|
+
const {
|
|
5855
|
+
providers: { defaultRole }
|
|
5856
|
+
} = await adminStore.get({ key: "auth" });
|
|
5857
|
+
for (const roleId of ids) {
|
|
5858
|
+
if (defaultRole && toString(defaultRole) === toString(roleId)) {
|
|
5859
|
+
throw new ApplicationError$1(
|
|
5860
|
+
"This role is used as the default SSO role. Make sure to change this configuration before deleting the role"
|
|
5861
|
+
);
|
|
5862
|
+
}
|
|
5863
|
+
}
|
|
5864
|
+
};
|
|
5865
|
+
const role$1 = {
|
|
5866
|
+
ssoCheckRolesIdForDeletion
|
|
5867
|
+
};
|
|
5868
|
+
const { ValidationError: ValidationError$1 } = errors;
|
|
5869
|
+
const { SUPER_ADMIN_CODE: SUPER_ADMIN_CODE$1 } = constants$3;
|
|
5870
|
+
const updateEEDisabledUsersList = async (id, input) => {
|
|
5871
|
+
const disabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
5872
|
+
if (!disabledUsers) {
|
|
5873
|
+
return;
|
|
5874
|
+
}
|
|
5875
|
+
const user2 = disabledUsers.find((user22) => user22.id === Number(id));
|
|
5876
|
+
if (!user2) {
|
|
5877
|
+
return;
|
|
5878
|
+
}
|
|
5879
|
+
if (user2.isActive !== input.isActive) {
|
|
5880
|
+
const newDisabledUsersList = disabledUsers.filter((user22) => user22.id !== Number(id));
|
|
5881
|
+
await strapi.store.set({
|
|
5882
|
+
type: "ee",
|
|
5883
|
+
key: "disabled_users",
|
|
5884
|
+
value: newDisabledUsersList
|
|
5885
|
+
});
|
|
5886
|
+
}
|
|
5887
|
+
};
|
|
5888
|
+
const castNumberArray = pipe(castArray, map(toNumber));
|
|
5889
|
+
const removeFromEEDisabledUsersList = async (ids) => {
|
|
5890
|
+
let idsToCheck;
|
|
5891
|
+
if (typeof ids === "object") {
|
|
5892
|
+
idsToCheck = castNumberArray(ids);
|
|
5893
|
+
} else {
|
|
5894
|
+
idsToCheck = [Number(ids)];
|
|
5895
|
+
}
|
|
5896
|
+
const disabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
5897
|
+
if (!disabledUsers) {
|
|
5898
|
+
return;
|
|
5899
|
+
}
|
|
5900
|
+
const newDisabledUsersList = disabledUsers.filter((user2) => !idsToCheck.includes(user2.id));
|
|
5901
|
+
await strapi.store.set({
|
|
5902
|
+
type: "ee",
|
|
5903
|
+
key: "disabled_users",
|
|
5904
|
+
value: newDisabledUsersList
|
|
5905
|
+
});
|
|
5906
|
+
};
|
|
5907
|
+
const updateById = async (id, attributes) => {
|
|
5908
|
+
if (___default.has(attributes, "roles")) {
|
|
5909
|
+
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
5910
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5911
|
+
const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles, superAdminRole.id);
|
|
5912
|
+
if (lastAdminUser && willRemoveSuperAdminRole) {
|
|
5913
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5914
|
+
}
|
|
5915
|
+
}
|
|
5916
|
+
if (attributes.isActive === false) {
|
|
5917
|
+
const lastAdminUser = await isLastSuperAdminUser(id);
|
|
5918
|
+
if (lastAdminUser) {
|
|
5919
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5920
|
+
}
|
|
5921
|
+
}
|
|
5922
|
+
if (___default.has(attributes, "password")) {
|
|
5923
|
+
const hashedPassword = await getService("auth").hashPassword(attributes.password);
|
|
5924
|
+
const updatedUser2 = await strapi.db.query("admin::user").update({
|
|
5925
|
+
where: { id },
|
|
5926
|
+
data: {
|
|
5927
|
+
...attributes,
|
|
5928
|
+
password: hashedPassword
|
|
5929
|
+
},
|
|
5930
|
+
populate: ["roles"]
|
|
5931
|
+
});
|
|
5932
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser2) });
|
|
5933
|
+
return updatedUser2;
|
|
5934
|
+
}
|
|
5935
|
+
const updatedUser = await strapi.db.query("admin::user").update({
|
|
5936
|
+
where: { id },
|
|
5937
|
+
data: attributes,
|
|
5938
|
+
populate: ["roles"]
|
|
5939
|
+
});
|
|
5940
|
+
await updateEEDisabledUsersList(id, attributes);
|
|
5941
|
+
if (updatedUser) {
|
|
5942
|
+
strapi.eventHub.emit("user.update", { user: sanitizeUser(updatedUser) });
|
|
5943
|
+
}
|
|
5944
|
+
return updatedUser;
|
|
5945
|
+
};
|
|
5946
|
+
const deleteById = async (id) => {
|
|
5947
|
+
const userToDelete = await strapi.db.query("admin::user").findOne({
|
|
5948
|
+
where: { id },
|
|
5949
|
+
populate: ["roles"]
|
|
5950
|
+
});
|
|
5951
|
+
if (!userToDelete) {
|
|
5952
|
+
return null;
|
|
5953
|
+
}
|
|
5954
|
+
if (userToDelete) {
|
|
5955
|
+
if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE$1)) {
|
|
5956
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5957
|
+
if (superAdminRole.usersCount === 1) {
|
|
5958
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5959
|
+
}
|
|
5960
|
+
}
|
|
5961
|
+
}
|
|
5962
|
+
const deletedUser = await strapi.db.query("admin::user").delete({ where: { id }, populate: ["roles"] });
|
|
5963
|
+
await removeFromEEDisabledUsersList(id);
|
|
5964
|
+
strapi.eventHub.emit("user.delete", { user: sanitizeUser(deletedUser) });
|
|
5965
|
+
return deletedUser;
|
|
5966
|
+
};
|
|
5967
|
+
const deleteByIds = async (ids) => {
|
|
5968
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5969
|
+
const nbOfSuperAdminToDelete = await strapi.db.query("admin::user").count({
|
|
5970
|
+
where: {
|
|
5971
|
+
id: ids,
|
|
5972
|
+
roles: { id: superAdminRole.id }
|
|
5973
|
+
}
|
|
5974
|
+
});
|
|
5975
|
+
if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {
|
|
5976
|
+
throw new ValidationError$1("You must have at least one user with super admin role.");
|
|
5977
|
+
}
|
|
5978
|
+
const deletedUsers = [];
|
|
5979
|
+
for (const id of ids) {
|
|
5980
|
+
const deletedUser = await strapi.db.query("admin::user").delete({
|
|
5981
|
+
where: { id },
|
|
5982
|
+
populate: ["roles"]
|
|
5983
|
+
});
|
|
5984
|
+
deletedUsers.push(deletedUser);
|
|
5985
|
+
}
|
|
5986
|
+
await removeFromEEDisabledUsersList(ids);
|
|
5987
|
+
strapi.eventHub.emit("user.delete", {
|
|
5988
|
+
users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser))
|
|
5989
|
+
});
|
|
5990
|
+
return deletedUsers;
|
|
5991
|
+
};
|
|
5992
|
+
const sanitizeUserRoles = (role2) => ___default.pick(role2, ["id", "name", "description", "code"]);
|
|
5993
|
+
const isLastSuperAdminUser = async (userId) => {
|
|
5994
|
+
const user2 = await findOne(userId);
|
|
5995
|
+
const superAdminRole = await getService("role").getSuperAdminWithUsersCount();
|
|
5996
|
+
return superAdminRole.usersCount === 1 && hasSuperAdminRole$1(user2);
|
|
5997
|
+
};
|
|
5998
|
+
const sanitizeUser = (user2) => {
|
|
5999
|
+
return {
|
|
6000
|
+
...___default.omit(user2, ["password", "resetPasswordToken", "registrationToken", "roles"]),
|
|
6001
|
+
roles: user2.roles && user2.roles.map(sanitizeUserRoles)
|
|
6002
|
+
};
|
|
6003
|
+
};
|
|
6004
|
+
const findOne = async (id, populate = ["roles"]) => {
|
|
6005
|
+
return strapi.db.query("admin::user").findOne({ where: { id }, populate });
|
|
6006
|
+
};
|
|
6007
|
+
const getCurrentActiveUserCount = async () => {
|
|
6008
|
+
return strapi.db.query("admin::user").count({ where: { isActive: true } });
|
|
6009
|
+
};
|
|
6010
|
+
const user$1 = {
|
|
6011
|
+
updateEEDisabledUsersList,
|
|
6012
|
+
removeFromEEDisabledUsersList,
|
|
6013
|
+
getCurrentActiveUserCount,
|
|
6014
|
+
deleteByIds,
|
|
6015
|
+
deleteById,
|
|
6016
|
+
updateById
|
|
6017
|
+
};
|
|
6018
|
+
const getSSOProvidersList = async () => {
|
|
6019
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6020
|
+
return providerRegistry2.getAll().map(({ uid }) => uid);
|
|
6021
|
+
};
|
|
6022
|
+
const sendUpdateProjectInformation = async (strapi2) => {
|
|
6023
|
+
let groupProperties = {};
|
|
6024
|
+
const numberOfActiveAdminUsers = await getService("user").count({ isActive: true });
|
|
6025
|
+
const numberOfAdminUsers = await getService("user").count();
|
|
6026
|
+
if (strapi2.ee.features.isEnabled("sso")) {
|
|
6027
|
+
const SSOProviders = await getSSOProvidersList();
|
|
6028
|
+
groupProperties = assign(groupProperties, {
|
|
6029
|
+
SSOProviders,
|
|
6030
|
+
isSSOConfigured: SSOProviders.length !== 0
|
|
6031
|
+
});
|
|
6032
|
+
}
|
|
6033
|
+
if (strapi2.ee.features.isEnabled("cms-content-releases")) {
|
|
6034
|
+
const numberOfContentReleases = await strapi2.db.query("plugin::content-releases.release").count();
|
|
6035
|
+
const numberOfPublishedContentReleases = await strapi2.db.query("plugin::content-releases.release").count({
|
|
6036
|
+
filters: { releasedAt: { $notNull: true } }
|
|
6037
|
+
});
|
|
6038
|
+
groupProperties = assign(groupProperties, {
|
|
6039
|
+
numberOfContentReleases,
|
|
6040
|
+
numberOfPublishedContentReleases
|
|
6041
|
+
});
|
|
6042
|
+
}
|
|
6043
|
+
groupProperties = assign(groupProperties, { numberOfActiveAdminUsers, numberOfAdminUsers });
|
|
6044
|
+
strapi2.telemetry.send("didUpdateProjectInformation", {
|
|
6045
|
+
groupProperties
|
|
6046
|
+
});
|
|
6047
|
+
};
|
|
6048
|
+
const startCron = (strapi2) => {
|
|
6049
|
+
strapi2.cron.add({
|
|
6050
|
+
sendProjectInformation: {
|
|
6051
|
+
task: () => sendUpdateProjectInformation(strapi2),
|
|
6052
|
+
options: "0 0 0 * * *"
|
|
6053
|
+
}
|
|
6054
|
+
});
|
|
6055
|
+
};
|
|
6056
|
+
const metrics = { startCron, getSSOProvidersList, sendUpdateProjectInformation };
|
|
6057
|
+
const { SUPER_ADMIN_CODE } = constants$3;
|
|
6058
|
+
const getDisabledUserList = async () => {
|
|
6059
|
+
return strapi.store.get({ type: "ee", key: "disabled_users" });
|
|
6060
|
+
};
|
|
6061
|
+
const enableMaximumUserCount = async (numberOfUsersToEnable) => {
|
|
6062
|
+
const disabledUsers = await getDisabledUserList();
|
|
6063
|
+
const orderedDisabledUsers = reverse(disabledUsers);
|
|
6064
|
+
const usersToEnable = take(numberOfUsersToEnable, orderedDisabledUsers);
|
|
6065
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6066
|
+
where: { id: map(prop("id"), usersToEnable) },
|
|
6067
|
+
data: { isActive: true }
|
|
6068
|
+
});
|
|
6069
|
+
const remainingDisabledUsers = drop(numberOfUsersToEnable, orderedDisabledUsers);
|
|
6070
|
+
await strapi.store.set({
|
|
6071
|
+
type: "ee",
|
|
6072
|
+
key: "disabled_users",
|
|
6073
|
+
value: remainingDisabledUsers
|
|
6074
|
+
});
|
|
6075
|
+
};
|
|
6076
|
+
const disableUsersAboveLicenseLimit = async (numberOfUsersToDisable) => {
|
|
6077
|
+
const currentlyDisabledUsers = await getDisabledUserList() ?? [];
|
|
6078
|
+
const usersToDisable = [];
|
|
6079
|
+
const nonSuperAdminUsersToDisable = await strapi.db.query("admin::user").findMany({
|
|
6080
|
+
where: {
|
|
6081
|
+
isActive: true,
|
|
6082
|
+
roles: {
|
|
6083
|
+
code: { $ne: SUPER_ADMIN_CODE }
|
|
6084
|
+
}
|
|
6085
|
+
},
|
|
6086
|
+
orderBy: { createdAt: "DESC" },
|
|
6087
|
+
limit: numberOfUsersToDisable
|
|
6088
|
+
});
|
|
6089
|
+
usersToDisable.push(...nonSuperAdminUsersToDisable);
|
|
6090
|
+
if (nonSuperAdminUsersToDisable.length < numberOfUsersToDisable) {
|
|
6091
|
+
const superAdminUsersToDisable = await strapi.db.query("admin::user").findMany({
|
|
6092
|
+
where: {
|
|
6093
|
+
isActive: true,
|
|
6094
|
+
roles: { code: SUPER_ADMIN_CODE }
|
|
6095
|
+
},
|
|
6096
|
+
orderBy: { createdAt: "DESC" },
|
|
6097
|
+
limit: numberOfUsersToDisable - nonSuperAdminUsersToDisable.length
|
|
6098
|
+
});
|
|
6099
|
+
usersToDisable.push(...superAdminUsersToDisable);
|
|
6100
|
+
}
|
|
6101
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6102
|
+
where: { id: map(prop("id"), usersToDisable) },
|
|
6103
|
+
data: { isActive: false }
|
|
6104
|
+
});
|
|
6105
|
+
await strapi.store.set({
|
|
6106
|
+
type: "ee",
|
|
6107
|
+
key: "disabled_users",
|
|
6108
|
+
value: currentlyDisabledUsers.concat(map(pick(["id", "isActive"]), usersToDisable))
|
|
6109
|
+
});
|
|
6110
|
+
};
|
|
6111
|
+
const syncDisabledUserRecords = async () => {
|
|
6112
|
+
const disabledUsers = await strapi.store.get({ type: "ee", key: "disabled_users" });
|
|
6113
|
+
if (!disabledUsers) {
|
|
6114
|
+
return;
|
|
6115
|
+
}
|
|
6116
|
+
await strapi.db.query("admin::user").updateMany({
|
|
6117
|
+
where: { id: map(prop("id"), disabledUsers) },
|
|
6118
|
+
data: { isActive: false }
|
|
6119
|
+
});
|
|
6120
|
+
};
|
|
6121
|
+
const seatEnforcementWorkflow = async () => {
|
|
6122
|
+
const adminSeats = strapi.ee.seats;
|
|
6123
|
+
if (isNil(adminSeats)) {
|
|
6124
|
+
return;
|
|
6125
|
+
}
|
|
6126
|
+
await syncDisabledUserRecords();
|
|
6127
|
+
const currentActiveUserCount = await getService("user").getCurrentActiveUserCount();
|
|
6128
|
+
const adminSeatsLeft = adminSeats - currentActiveUserCount;
|
|
6129
|
+
if (adminSeatsLeft > 0) {
|
|
6130
|
+
await enableMaximumUserCount(adminSeatsLeft);
|
|
6131
|
+
} else if (adminSeatsLeft < 0) {
|
|
6132
|
+
await disableUsersAboveLicenseLimit(-adminSeatsLeft);
|
|
6133
|
+
}
|
|
6134
|
+
};
|
|
6135
|
+
const seatEnforcement = {
|
|
6136
|
+
seatEnforcementWorkflow,
|
|
6137
|
+
getDisabledUserList
|
|
6138
|
+
};
|
|
6139
|
+
const services = {
|
|
6140
|
+
auth,
|
|
6141
|
+
passport,
|
|
6142
|
+
role: role$1,
|
|
6143
|
+
user: user$1,
|
|
6144
|
+
metrics,
|
|
6145
|
+
"seat-enforcement": seatEnforcement
|
|
6146
|
+
};
|
|
6147
|
+
const providerOptionsUpdateSchema = yup.object().shape({
|
|
6148
|
+
autoRegister: yup.boolean().required(),
|
|
6149
|
+
defaultRole: yup.strapiID().when("autoRegister", (value, initSchema) => {
|
|
6150
|
+
return value ? initSchema.required() : initSchema.nullable();
|
|
6151
|
+
}).test("is-valid-role", "You must submit a valid default role", (roleId) => {
|
|
6152
|
+
if (roleId === null) {
|
|
6153
|
+
return true;
|
|
6154
|
+
}
|
|
6155
|
+
return strapi.service("admin::role").exists({ id: roleId });
|
|
6156
|
+
}),
|
|
6157
|
+
ssoLockedRoles: yup.array().nullable().of(
|
|
6158
|
+
yup.strapiID().test(
|
|
6159
|
+
"is-valid-role",
|
|
6160
|
+
"You must submit a valid role for the SSO Locked roles",
|
|
6161
|
+
(roleId) => {
|
|
6162
|
+
return strapi.service("admin::role").exists({ id: roleId });
|
|
6163
|
+
}
|
|
6164
|
+
)
|
|
6165
|
+
)
|
|
6166
|
+
});
|
|
6167
|
+
const validateProviderOptionsUpdate = validateYupSchema(providerOptionsUpdateSchema);
|
|
6168
|
+
const PROVIDER_REDIRECT_BASE = "/auth/login";
|
|
6169
|
+
const PROVIDER_REDIRECT_SUCCESS = `${PROVIDER_REDIRECT_BASE}/success`;
|
|
6170
|
+
const PROVIDER_REDIRECT_ERROR = `${PROVIDER_REDIRECT_BASE}/error`;
|
|
6171
|
+
const PROVIDER_URLS_MAP = {
|
|
6172
|
+
success: PROVIDER_REDIRECT_SUCCESS,
|
|
6173
|
+
error: PROVIDER_REDIRECT_ERROR
|
|
6174
|
+
};
|
|
6175
|
+
const getAdminStore = async () => strapi.store({ type: "core", name: "admin" });
|
|
6176
|
+
const getPrefixedRedirectUrls = () => {
|
|
6177
|
+
const { url: adminUrl } = strapi.config.get("admin");
|
|
6178
|
+
const prefixUrl = (url) => `${adminUrl || "/admin"}${url}`;
|
|
6179
|
+
return mapValues(prefixUrl, PROVIDER_URLS_MAP);
|
|
6180
|
+
};
|
|
6181
|
+
const utils = {
|
|
6182
|
+
getAdminStore,
|
|
6183
|
+
getPrefixedRedirectUrls
|
|
6184
|
+
};
|
|
6185
|
+
const defaultConnectionError = () => new Error("Invalid connection payload");
|
|
6186
|
+
const authenticate = async (ctx, next) => {
|
|
6187
|
+
const {
|
|
6188
|
+
params: { provider }
|
|
6189
|
+
} = ctx;
|
|
6190
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6191
|
+
return passport$2.authenticate(provider, null, async (error, profile) => {
|
|
6192
|
+
if (error || !profile || !profile.email) {
|
|
6193
|
+
if (error) {
|
|
6194
|
+
strapi.log.error(error);
|
|
6195
|
+
}
|
|
6196
|
+
strapi.eventHub.emit("admin.auth.error", {
|
|
6197
|
+
error: error || defaultConnectionError(),
|
|
6198
|
+
provider
|
|
6199
|
+
});
|
|
6200
|
+
return ctx.redirect(redirectUrls.error);
|
|
6201
|
+
}
|
|
6202
|
+
const user2 = await getService("user").findOneByEmail(profile.email);
|
|
6203
|
+
const scenario = user2 ? existingUserScenario : nonExistingUserScenario;
|
|
6204
|
+
return scenario(ctx, next)(user2 || profile, provider);
|
|
6205
|
+
})(ctx, next);
|
|
6206
|
+
};
|
|
6207
|
+
const existingUserScenario = (ctx, next) => async (user2, provider) => {
|
|
6208
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6209
|
+
if (!user2.isActive) {
|
|
6210
|
+
strapi.eventHub.emit("admin.auth.error", {
|
|
6211
|
+
error: new Error(`Deactivated user tried to login (${user2.id})`),
|
|
6212
|
+
provider
|
|
6213
|
+
});
|
|
6214
|
+
return ctx.redirect(redirectUrls.error);
|
|
6215
|
+
}
|
|
6216
|
+
ctx.state.user = user2;
|
|
6217
|
+
return next();
|
|
6218
|
+
};
|
|
6219
|
+
const nonExistingUserScenario = (ctx, next) => async (profile, provider) => {
|
|
6220
|
+
const { email: email2, firstname: firstname2, lastname: lastname2, username: username2 } = profile;
|
|
6221
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6222
|
+
const adminStore = await utils.getAdminStore();
|
|
6223
|
+
const { providers: providers2 } = await adminStore.get({ key: "auth" });
|
|
6224
|
+
const isMissingRegisterFields = !username2 && (!firstname2 || !lastname2);
|
|
6225
|
+
if (!providers2.autoRegister || !providers2.defaultRole || isMissingRegisterFields) {
|
|
6226
|
+
strapi.eventHub.emit("admin.auth.error", { error: defaultConnectionError(), provider });
|
|
6227
|
+
return ctx.redirect(redirectUrls.error);
|
|
6228
|
+
}
|
|
6229
|
+
const defaultRole = await getService("role").findOne({ id: providers2.defaultRole });
|
|
6230
|
+
if (!defaultRole) {
|
|
6231
|
+
strapi.eventHub.emit("admin.auth.error", { error: defaultConnectionError(), provider });
|
|
6232
|
+
return ctx.redirect(redirectUrls.error);
|
|
6233
|
+
}
|
|
6234
|
+
ctx.state.user = await getService("user").create({
|
|
6235
|
+
email: email2,
|
|
6236
|
+
username: username2,
|
|
6237
|
+
firstname: firstname2,
|
|
6238
|
+
lastname: lastname2,
|
|
6239
|
+
roles: [defaultRole.id],
|
|
6240
|
+
isActive: true,
|
|
6241
|
+
registrationToken: null
|
|
6242
|
+
});
|
|
6243
|
+
strapi.eventHub.emit("admin.auth.autoRegistration", {
|
|
6244
|
+
user: ctx.state.user,
|
|
6245
|
+
provider
|
|
6246
|
+
});
|
|
6247
|
+
return next();
|
|
6248
|
+
};
|
|
6249
|
+
const redirectWithAuth = (ctx) => {
|
|
6250
|
+
const {
|
|
6251
|
+
params: { provider }
|
|
6252
|
+
} = ctx;
|
|
6253
|
+
const redirectUrls = utils.getPrefixedRedirectUrls();
|
|
6254
|
+
const domain2 = strapi.config.get("admin.auth.domain");
|
|
6255
|
+
const { user: user2 } = ctx.state;
|
|
6256
|
+
const jwt2 = getService("token").createJwtToken(user2);
|
|
6257
|
+
const isProduction = strapi.config.get("environment") === "production";
|
|
6258
|
+
const cookiesOptions = { httpOnly: false, secure: isProduction, overwrite: true, domain: domain2 };
|
|
6259
|
+
const sanitizedUser = getService("user").sanitizeUser(user2);
|
|
6260
|
+
strapi.eventHub.emit("admin.auth.success", { user: sanitizedUser, provider });
|
|
6261
|
+
ctx.cookies.set("jwtToken", jwt2, cookiesOptions);
|
|
6262
|
+
ctx.redirect(redirectUrls.success);
|
|
6263
|
+
};
|
|
6264
|
+
const middlewares = {
|
|
6265
|
+
authenticate,
|
|
6266
|
+
redirectWithAuth
|
|
6267
|
+
};
|
|
6268
|
+
const toProviderDTO = pick(["uid", "displayName", "icon"]);
|
|
6269
|
+
const toProviderLoginOptionsDTO = pick(["autoRegister", "defaultRole", "ssoLockedRoles"]);
|
|
6270
|
+
const { ValidationError } = errors;
|
|
6271
|
+
const providerAuthenticationFlow = compose([
|
|
6272
|
+
middlewares.authenticate,
|
|
6273
|
+
middlewares.redirectWithAuth
|
|
6274
|
+
]);
|
|
6275
|
+
const authentication = {
|
|
6276
|
+
async getProviders(ctx) {
|
|
6277
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6278
|
+
ctx.body = providerRegistry2.getAll().map(toProviderDTO);
|
|
6279
|
+
},
|
|
6280
|
+
async getProviderLoginOptions(ctx) {
|
|
6281
|
+
const adminStore = await utils.getAdminStore();
|
|
6282
|
+
const { providers: providersOptions } = await adminStore.get({ key: "auth" });
|
|
6283
|
+
ctx.body = {
|
|
6284
|
+
data: toProviderLoginOptionsDTO(providersOptions)
|
|
6285
|
+
};
|
|
6286
|
+
},
|
|
6287
|
+
async updateProviderLoginOptions(ctx) {
|
|
6288
|
+
const {
|
|
6289
|
+
request: { body }
|
|
6290
|
+
} = ctx;
|
|
6291
|
+
await validateProviderOptionsUpdate(body);
|
|
6292
|
+
const adminStore = await utils.getAdminStore();
|
|
6293
|
+
const currentAuthOptions = await adminStore.get({ key: "auth" });
|
|
6294
|
+
const newAuthOptions = { ...currentAuthOptions, providers: body };
|
|
6295
|
+
await adminStore.set({ key: "auth", value: newAuthOptions });
|
|
6296
|
+
strapi.telemetry.send("didUpdateSSOSettings");
|
|
6297
|
+
ctx.body = {
|
|
6298
|
+
data: toProviderLoginOptionsDTO(newAuthOptions.providers)
|
|
6299
|
+
};
|
|
6300
|
+
},
|
|
6301
|
+
providerLogin(ctx, next) {
|
|
6302
|
+
const {
|
|
6303
|
+
params: { provider: providerName }
|
|
6304
|
+
} = ctx;
|
|
6305
|
+
const { providerRegistry: providerRegistry2 } = strapi.service("admin::passport");
|
|
6306
|
+
if (!providerRegistry2.has(providerName)) {
|
|
6307
|
+
throw new ValidationError(`Invalid provider supplied: ${providerName}`);
|
|
6308
|
+
}
|
|
6309
|
+
return providerAuthenticationFlow(ctx, next);
|
|
6310
|
+
}
|
|
6311
|
+
};
|
|
6312
|
+
const roleCreateSchema = yup.object().shape({
|
|
6313
|
+
name: yup.string().min(1).required(),
|
|
6314
|
+
description: yup.string().nullable()
|
|
6315
|
+
}).noUnknown();
|
|
6316
|
+
const rolesDeleteSchema = yup.object().shape({
|
|
6317
|
+
ids: yup.array().of(yup.strapiID()).min(1).required().test(
|
|
6318
|
+
"roles-deletion-checks",
|
|
6319
|
+
"Roles deletion checks have failed",
|
|
6320
|
+
async function rolesDeletionChecks(ids) {
|
|
6321
|
+
try {
|
|
6322
|
+
await strapi.service("admin::role").checkRolesIdForDeletion(ids);
|
|
6323
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6324
|
+
await strapi.service("admin::role").ssoCheckRolesIdForDeletion(ids);
|
|
6325
|
+
}
|
|
6326
|
+
} catch (e) {
|
|
6327
|
+
return this.createError({ path: "ids", message: e.message });
|
|
6328
|
+
}
|
|
6329
|
+
return true;
|
|
6330
|
+
}
|
|
6331
|
+
)
|
|
6332
|
+
}).noUnknown();
|
|
6333
|
+
const roleDeleteSchema = yup.strapiID().required().test(
|
|
6334
|
+
"no-admin-single-delete",
|
|
6335
|
+
"Role deletion checks have failed",
|
|
6336
|
+
async function noAdminSingleDelete(id) {
|
|
6337
|
+
try {
|
|
6338
|
+
await strapi.service("admin::role").checkRolesIdForDeletion([id]);
|
|
6339
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6340
|
+
await strapi.service("admin::role").ssoCheckRolesIdForDeletion([id]);
|
|
6341
|
+
}
|
|
6342
|
+
} catch (e) {
|
|
6343
|
+
return this.createError({ path: "id", message: e.message });
|
|
6344
|
+
}
|
|
6345
|
+
return true;
|
|
6346
|
+
}
|
|
6347
|
+
);
|
|
6348
|
+
const validateRoleCreateInput = validateYupSchema(roleCreateSchema);
|
|
6349
|
+
const validateRolesDeleteInput = validateYupSchema(rolesDeleteSchema);
|
|
6350
|
+
const validateRoleDeleteInput = validateYupSchema(roleDeleteSchema);
|
|
6351
|
+
const role = {
|
|
6352
|
+
/**
|
|
6353
|
+
* Create a new role
|
|
6354
|
+
* @param {KoaContext} ctx - koa context
|
|
6355
|
+
*/
|
|
6356
|
+
async create(ctx) {
|
|
6357
|
+
await validateRoleCreateInput(ctx.request.body);
|
|
6358
|
+
const roleService = getService("role");
|
|
6359
|
+
const role2 = await roleService.create(ctx.request.body);
|
|
6360
|
+
const sanitizedRole = roleService.sanitizeRole(role2);
|
|
6361
|
+
ctx.created({ data: sanitizedRole });
|
|
6362
|
+
},
|
|
6363
|
+
/**
|
|
6364
|
+
* Delete a role
|
|
6365
|
+
* @param {KoaContext} ctx - koa context
|
|
6366
|
+
*/
|
|
6367
|
+
async deleteOne(ctx) {
|
|
6368
|
+
const { id } = ctx.params;
|
|
6369
|
+
await validateRoleDeleteInput(id);
|
|
6370
|
+
const roleService = getService("role");
|
|
6371
|
+
const roles2 = await roleService.deleteByIds([id]);
|
|
6372
|
+
const sanitizedRole = roles2.map((role2) => roleService.sanitizeRole(role2))[0] || null;
|
|
6373
|
+
return ctx.deleted({
|
|
6374
|
+
data: sanitizedRole
|
|
6375
|
+
});
|
|
6376
|
+
},
|
|
6377
|
+
/**
|
|
6378
|
+
* delete several roles
|
|
6379
|
+
* @param {KoaContext} ctx - koa context
|
|
6380
|
+
*/
|
|
6381
|
+
async deleteMany(ctx) {
|
|
6382
|
+
const { body } = ctx.request;
|
|
6383
|
+
await validateRolesDeleteInput(body);
|
|
6384
|
+
const roleService = getService("role");
|
|
6385
|
+
const roles2 = await roleService.deleteByIds(body.ids);
|
|
6386
|
+
const sanitizedRoles = roles2.map(roleService.sanitizeRole);
|
|
6387
|
+
return ctx.deleted({
|
|
6388
|
+
data: sanitizedRoles
|
|
6389
|
+
});
|
|
6390
|
+
}
|
|
6391
|
+
};
|
|
6392
|
+
const ssoUserCreationInputExtension = yup.object().shape({
|
|
6393
|
+
useSSORegistration: yup.boolean()
|
|
6394
|
+
}).noUnknown();
|
|
6395
|
+
const validateUserCreationInput = (data) => {
|
|
6396
|
+
let schema = schemas.userCreationSchema;
|
|
6397
|
+
if (strapi.ee.features.isEnabled("sso")) {
|
|
6398
|
+
schema = schema.concat(ssoUserCreationInputExtension);
|
|
6399
|
+
}
|
|
6400
|
+
return validateYupSchema(schema)(data);
|
|
6401
|
+
};
|
|
6402
|
+
const { ApplicationError, ForbiddenError } = errors;
|
|
6403
|
+
const pickUserCreationAttributes = pick(["firstname", "lastname", "email", "roles"]);
|
|
6404
|
+
const hasAdminSeatsAvaialble = async () => {
|
|
6405
|
+
if (!strapi.EE) {
|
|
6406
|
+
return true;
|
|
6407
|
+
}
|
|
6408
|
+
const permittedSeats = strapi.ee.seats;
|
|
6409
|
+
if (isNil(permittedSeats)) {
|
|
6410
|
+
return true;
|
|
6411
|
+
}
|
|
6412
|
+
const userCount = await strapi.service("admin::user").getCurrentActiveUserCount();
|
|
6413
|
+
if (userCount < permittedSeats) {
|
|
6414
|
+
return true;
|
|
6415
|
+
}
|
|
6416
|
+
};
|
|
6417
|
+
const user = {
|
|
6418
|
+
async create(ctx) {
|
|
6419
|
+
if (!await hasAdminSeatsAvaialble()) {
|
|
6420
|
+
throw new ForbiddenError("License seat limit reached. You cannot create a new user");
|
|
6421
|
+
}
|
|
6422
|
+
const { body } = ctx.request;
|
|
6423
|
+
const cleanData = { ...body, email: ___default.get(body, `email`, ``).toLowerCase() };
|
|
6424
|
+
await validateUserCreationInput(cleanData);
|
|
6425
|
+
const attributes = pickUserCreationAttributes(cleanData);
|
|
6426
|
+
const { useSSORegistration } = cleanData;
|
|
6427
|
+
const userAlreadyExists = await getService("user").exists({ email: attributes.email });
|
|
6428
|
+
if (userAlreadyExists) {
|
|
6429
|
+
throw new ApplicationError("Email already taken");
|
|
6430
|
+
}
|
|
6431
|
+
if (useSSORegistration) {
|
|
6432
|
+
Object.assign(attributes, { registrationToken: null, isActive: true });
|
|
6433
|
+
}
|
|
6434
|
+
const createdUser = await getService("user").create(attributes);
|
|
6435
|
+
const userInfo = getService("user").sanitizeUser(createdUser);
|
|
6436
|
+
Object.assign(userInfo, { registrationToken: createdUser.registrationToken });
|
|
6437
|
+
ctx.created({ data: userInfo });
|
|
6438
|
+
},
|
|
6439
|
+
async update(ctx) {
|
|
6440
|
+
const { id } = ctx.params;
|
|
6441
|
+
const { body: input } = ctx.request;
|
|
6442
|
+
await validateUserUpdateInput(input);
|
|
6443
|
+
if (___default.has(input, "email")) {
|
|
6444
|
+
const uniqueEmailCheck = await getService("user").exists({
|
|
6445
|
+
id: { $ne: id },
|
|
6446
|
+
email: input.email
|
|
6447
|
+
});
|
|
6448
|
+
if (uniqueEmailCheck) {
|
|
6449
|
+
throw new ApplicationError("A user with this email address already exists");
|
|
6450
|
+
}
|
|
6451
|
+
}
|
|
6452
|
+
const user2 = await getService("user").findOne(id, null);
|
|
6453
|
+
if (!await hasAdminSeatsAvaialble() && !user2.isActive && input.isActive) {
|
|
6454
|
+
throw new ForbiddenError("License seat limit reached. You cannot active this user");
|
|
6455
|
+
}
|
|
6456
|
+
const updatedUser = await getService("user").updateById(id, input);
|
|
6457
|
+
if (!updatedUser) {
|
|
6458
|
+
return ctx.notFound("User does not exist");
|
|
6459
|
+
}
|
|
6460
|
+
ctx.body = {
|
|
6461
|
+
data: getService("user").sanitizeUser(updatedUser)
|
|
6462
|
+
};
|
|
6463
|
+
},
|
|
6464
|
+
async isSSOLocked(ctx) {
|
|
6465
|
+
const { user: user2 } = ctx.state;
|
|
6466
|
+
const isSSOLocked = await isSsoLocked(user2);
|
|
6467
|
+
ctx.body = {
|
|
6468
|
+
data: {
|
|
6469
|
+
isSSOLocked
|
|
6470
|
+
}
|
|
6471
|
+
};
|
|
6472
|
+
}
|
|
6473
|
+
};
|
|
6474
|
+
const admin$2 = {
|
|
6475
|
+
// NOTE: Overrides CE admin controller
|
|
6476
|
+
async getProjectType() {
|
|
6477
|
+
const flags = strapi.config.get("admin.flags", {});
|
|
6478
|
+
try {
|
|
6479
|
+
return { data: { isEE: strapi.EE, features: strapi.ee.features.list(), flags } };
|
|
6480
|
+
} catch (err) {
|
|
6481
|
+
return { data: { isEE: false, features: [], flags } };
|
|
6482
|
+
}
|
|
6483
|
+
},
|
|
6484
|
+
async licenseLimitInformation() {
|
|
6485
|
+
const permittedSeats = strapi.ee.seats;
|
|
6486
|
+
let shouldNotify = false;
|
|
6487
|
+
let licenseLimitStatus = null;
|
|
6488
|
+
let enforcementUserCount;
|
|
6489
|
+
const currentActiveUserCount = await getService("user").getCurrentActiveUserCount();
|
|
6490
|
+
const eeDisabledUsers = await getService("seat-enforcement").getDisabledUserList();
|
|
6491
|
+
if (eeDisabledUsers) {
|
|
6492
|
+
enforcementUserCount = currentActiveUserCount + eeDisabledUsers.length;
|
|
6493
|
+
} else {
|
|
6494
|
+
enforcementUserCount = currentActiveUserCount;
|
|
6495
|
+
}
|
|
6496
|
+
if (!isNil(permittedSeats) && enforcementUserCount > permittedSeats) {
|
|
6497
|
+
shouldNotify = true;
|
|
6498
|
+
licenseLimitStatus = "OVER_LIMIT";
|
|
6499
|
+
}
|
|
6500
|
+
if (!isNil(permittedSeats) && enforcementUserCount === permittedSeats) {
|
|
6501
|
+
shouldNotify = true;
|
|
6502
|
+
licenseLimitStatus = "AT_LIMIT";
|
|
6503
|
+
}
|
|
6504
|
+
const data = {
|
|
6505
|
+
enforcementUserCount,
|
|
6506
|
+
currentActiveUserCount,
|
|
6507
|
+
permittedSeats,
|
|
6508
|
+
shouldNotify,
|
|
6509
|
+
shouldStopCreate: isNil(permittedSeats) ? false : currentActiveUserCount >= permittedSeats,
|
|
6510
|
+
licenseLimitStatus,
|
|
6511
|
+
isHostedOnStrapiCloud: env("STRAPI_HOSTING", null) === "strapi.cloud",
|
|
6512
|
+
features: strapi.ee.features.list() ?? []
|
|
6513
|
+
};
|
|
6514
|
+
return { data };
|
|
6515
|
+
}
|
|
6516
|
+
};
|
|
6517
|
+
const controllers = {
|
|
6518
|
+
authentication,
|
|
6519
|
+
role,
|
|
6520
|
+
user,
|
|
6521
|
+
admin: admin$2
|
|
6522
|
+
};
|
|
6523
|
+
const enableFeatureMiddleware = (featureName) => (ctx, next) => {
|
|
6524
|
+
if (strapi.ee.features.isEnabled(featureName)) {
|
|
6525
|
+
return next();
|
|
6526
|
+
}
|
|
6527
|
+
ctx.status = 404;
|
|
6528
|
+
};
|
|
6529
|
+
const sso = {
|
|
6530
|
+
type: "admin",
|
|
6531
|
+
routes: [
|
|
6532
|
+
{
|
|
6533
|
+
method: "GET",
|
|
6534
|
+
path: "/providers",
|
|
6535
|
+
handler: "authentication.getProviders",
|
|
6536
|
+
config: {
|
|
6537
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6538
|
+
auth: false
|
|
6539
|
+
}
|
|
6540
|
+
},
|
|
6541
|
+
{
|
|
6542
|
+
method: "GET",
|
|
6543
|
+
path: "/connect/:provider",
|
|
6544
|
+
handler: "authentication.providerLogin",
|
|
6545
|
+
config: {
|
|
6546
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6547
|
+
auth: false
|
|
6548
|
+
}
|
|
6549
|
+
},
|
|
6550
|
+
{
|
|
6551
|
+
method: "POST",
|
|
6552
|
+
path: "/connect/:provider",
|
|
6553
|
+
handler: "authentication.providerLogin",
|
|
6554
|
+
config: {
|
|
6555
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6556
|
+
auth: false
|
|
6557
|
+
}
|
|
6558
|
+
},
|
|
6559
|
+
{
|
|
6560
|
+
method: "GET",
|
|
6561
|
+
path: "/providers/options",
|
|
6562
|
+
handler: "authentication.getProviderLoginOptions",
|
|
6563
|
+
config: {
|
|
6564
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6565
|
+
policies: [
|
|
6566
|
+
"admin::isAuthenticatedAdmin",
|
|
6567
|
+
{ name: "admin::hasPermissions", config: { actions: ["admin::provider-login.read"] } }
|
|
6568
|
+
]
|
|
6569
|
+
}
|
|
6570
|
+
},
|
|
6571
|
+
{
|
|
6572
|
+
method: "PUT",
|
|
6573
|
+
path: "/providers/options",
|
|
6574
|
+
handler: "authentication.updateProviderLoginOptions",
|
|
6575
|
+
config: {
|
|
6576
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6577
|
+
policies: [
|
|
6578
|
+
"admin::isAuthenticatedAdmin",
|
|
6579
|
+
{ name: "admin::hasPermissions", config: { actions: ["admin::provider-login.update"] } }
|
|
6580
|
+
]
|
|
6581
|
+
}
|
|
6582
|
+
},
|
|
6583
|
+
{
|
|
6584
|
+
method: "GET",
|
|
6585
|
+
path: "/providers/isSSOLocked",
|
|
6586
|
+
handler: "user.isSSOLocked",
|
|
6587
|
+
config: {
|
|
6588
|
+
middlewares: [enableFeatureMiddleware("sso")],
|
|
6589
|
+
policies: ["admin::isAuthenticatedAdmin"]
|
|
6590
|
+
}
|
|
6591
|
+
}
|
|
6592
|
+
]
|
|
6593
|
+
};
|
|
6594
|
+
const licenseLimit = {
|
|
6595
|
+
type: "admin",
|
|
6596
|
+
routes: [
|
|
6597
|
+
// License limit infos
|
|
6598
|
+
{
|
|
6599
|
+
method: "GET",
|
|
6600
|
+
path: "/license-limit-information",
|
|
6601
|
+
handler: "admin.licenseLimitInformation",
|
|
6602
|
+
config: {
|
|
6603
|
+
policies: [
|
|
6604
|
+
"admin::isAuthenticatedAdmin",
|
|
6605
|
+
{
|
|
6606
|
+
name: "admin::hasPermissions",
|
|
6607
|
+
config: {
|
|
6608
|
+
actions: [
|
|
6609
|
+
"admin::users.create",
|
|
6610
|
+
"admin::users.read",
|
|
6611
|
+
"admin::users.update",
|
|
6612
|
+
"admin::users.delete"
|
|
6613
|
+
]
|
|
6614
|
+
}
|
|
6615
|
+
}
|
|
6616
|
+
]
|
|
6617
|
+
}
|
|
6618
|
+
}
|
|
6619
|
+
]
|
|
6620
|
+
};
|
|
6621
|
+
const routes = {
|
|
6622
|
+
sso,
|
|
6623
|
+
"license-limit": licenseLimit
|
|
6624
|
+
};
|
|
6625
|
+
const auditLogsRoutes = {
|
|
6626
|
+
type: "admin",
|
|
6627
|
+
routes: [
|
|
6628
|
+
{
|
|
6629
|
+
method: "GET",
|
|
6630
|
+
path: "/audit-logs",
|
|
6631
|
+
handler: "audit-logs.findMany",
|
|
6632
|
+
config: {
|
|
6633
|
+
middlewares: [enableFeatureMiddleware("audit-logs")],
|
|
6634
|
+
policies: [
|
|
6635
|
+
"admin::isAuthenticatedAdmin",
|
|
6636
|
+
{
|
|
6637
|
+
name: "admin::hasPermissions",
|
|
6638
|
+
config: {
|
|
6639
|
+
actions: ["admin::audit-logs.read"]
|
|
6640
|
+
}
|
|
6641
|
+
}
|
|
6642
|
+
]
|
|
6643
|
+
}
|
|
6644
|
+
},
|
|
6645
|
+
{
|
|
6646
|
+
method: "GET",
|
|
6647
|
+
path: "/audit-logs/:id",
|
|
6648
|
+
handler: "audit-logs.findOne",
|
|
6649
|
+
config: {
|
|
6650
|
+
middlewares: [enableFeatureMiddleware("audit-logs")],
|
|
6651
|
+
policies: [
|
|
6652
|
+
"admin::isAuthenticatedAdmin",
|
|
6653
|
+
{
|
|
6654
|
+
name: "admin::hasPermissions",
|
|
6655
|
+
config: {
|
|
6656
|
+
actions: ["admin::audit-logs.read"]
|
|
6657
|
+
}
|
|
6658
|
+
}
|
|
6659
|
+
]
|
|
6660
|
+
}
|
|
6661
|
+
}
|
|
6662
|
+
]
|
|
6663
|
+
};
|
|
6664
|
+
const ALLOWED_SORT_STRINGS = ["action:ASC", "action:DESC", "date:ASC", "date:DESC"];
|
|
6665
|
+
const validateFindManySchema = yup.object().shape({
|
|
6666
|
+
page: yup.number().integer().min(1),
|
|
6667
|
+
pageSize: yup.number().integer().min(1).max(100),
|
|
6668
|
+
sort: yup.mixed().oneOf(ALLOWED_SORT_STRINGS)
|
|
6669
|
+
}).required();
|
|
6670
|
+
const validateFindMany = validateYupSchema(validateFindManySchema, { strict: false });
|
|
6671
|
+
const auditLogsController = {
|
|
6672
|
+
async findMany(ctx) {
|
|
6673
|
+
const { query } = ctx.request;
|
|
6674
|
+
await validateFindMany(query);
|
|
6675
|
+
const auditLogs = strapi.get("audit-logs");
|
|
6676
|
+
const body = await auditLogs.findMany(query);
|
|
6677
|
+
ctx.body = body;
|
|
6678
|
+
},
|
|
6679
|
+
async findOne(ctx) {
|
|
6680
|
+
const { id } = ctx.params;
|
|
6681
|
+
const auditLogs = strapi.get("audit-logs");
|
|
6682
|
+
const body = await auditLogs.findOne(id);
|
|
6683
|
+
ctx.body = body;
|
|
6684
|
+
strapi.telemetry.send("didWatchAnAuditLog");
|
|
6685
|
+
}
|
|
6686
|
+
};
|
|
6687
|
+
const getSanitizedUser = (user2) => {
|
|
6688
|
+
let displayName = user2.email;
|
|
6689
|
+
if (user2.username) {
|
|
6690
|
+
displayName = user2.username;
|
|
6691
|
+
} else if (user2.firstname && user2.lastname) {
|
|
6692
|
+
displayName = `${user2.firstname} ${user2.lastname}`;
|
|
6693
|
+
}
|
|
6694
|
+
return {
|
|
6695
|
+
id: user2.id,
|
|
6696
|
+
email: user2.email,
|
|
6697
|
+
displayName
|
|
6698
|
+
};
|
|
6699
|
+
};
|
|
6700
|
+
const createAuditLogsService = (strapi2) => {
|
|
6701
|
+
return {
|
|
6702
|
+
async saveEvent(event) {
|
|
6703
|
+
const { userId, ...rest } = event;
|
|
6704
|
+
const auditLog2 = { ...rest, user: userId };
|
|
6705
|
+
await strapi2.db?.query("admin::audit-log").create({ data: auditLog2 });
|
|
6706
|
+
return this;
|
|
6707
|
+
},
|
|
6708
|
+
async findMany(query) {
|
|
6709
|
+
const { results, pagination } = await strapi2.db?.query("admin::audit-log").findPage({
|
|
6710
|
+
populate: ["user"],
|
|
6711
|
+
select: ["action", "date", "payload"],
|
|
6712
|
+
...strapi2.get("query-params").transform("admin::audit-log", query)
|
|
6713
|
+
});
|
|
6714
|
+
const sanitizedResults = results.map((result) => {
|
|
6715
|
+
const { user: user2, ...rest } = result;
|
|
6716
|
+
return {
|
|
6717
|
+
...rest,
|
|
6718
|
+
user: user2 ? getSanitizedUser(user2) : null
|
|
6719
|
+
};
|
|
6720
|
+
});
|
|
6721
|
+
return {
|
|
6722
|
+
results: sanitizedResults,
|
|
6723
|
+
pagination
|
|
6724
|
+
};
|
|
6725
|
+
},
|
|
6726
|
+
async findOne(id) {
|
|
6727
|
+
const result = await strapi2.db?.query("admin::audit-log").findOne({
|
|
6728
|
+
where: { id },
|
|
6729
|
+
populate: ["user"],
|
|
6730
|
+
select: ["action", "date", "payload"]
|
|
6731
|
+
});
|
|
6732
|
+
if (!result) {
|
|
6733
|
+
return null;
|
|
6734
|
+
}
|
|
6735
|
+
const { user: user2, ...rest } = result;
|
|
6736
|
+
return {
|
|
6737
|
+
...rest,
|
|
6738
|
+
user: user2 ? getSanitizedUser(user2) : null
|
|
6739
|
+
};
|
|
6740
|
+
},
|
|
6741
|
+
deleteExpiredEvents(expirationDate) {
|
|
6742
|
+
return strapi2.db?.query("admin::audit-log").deleteMany({
|
|
6743
|
+
where: {
|
|
6744
|
+
date: {
|
|
6745
|
+
$lt: expirationDate.toISOString()
|
|
6746
|
+
}
|
|
6747
|
+
}
|
|
6748
|
+
});
|
|
6749
|
+
}
|
|
6750
|
+
};
|
|
6751
|
+
};
|
|
6752
|
+
const DEFAULT_RETENTION_DAYS = 90;
|
|
6753
|
+
const defaultEvents = [
|
|
6754
|
+
"entry.create",
|
|
6755
|
+
"entry.update",
|
|
6756
|
+
"entry.delete",
|
|
6757
|
+
"entry.publish",
|
|
6758
|
+
"entry.unpublish",
|
|
6759
|
+
"media.create",
|
|
6760
|
+
"media.update",
|
|
6761
|
+
"media.delete",
|
|
6762
|
+
"media-folder.create",
|
|
6763
|
+
"media-folder.update",
|
|
6764
|
+
"media-folder.delete",
|
|
6765
|
+
"user.create",
|
|
6766
|
+
"user.update",
|
|
6767
|
+
"user.delete",
|
|
6768
|
+
"admin.auth.success",
|
|
6769
|
+
"admin.logout",
|
|
6770
|
+
"content-type.create",
|
|
6771
|
+
"content-type.update",
|
|
6772
|
+
"content-type.delete",
|
|
6773
|
+
"component.create",
|
|
6774
|
+
"component.update",
|
|
6775
|
+
"component.delete",
|
|
6776
|
+
"role.create",
|
|
6777
|
+
"role.update",
|
|
6778
|
+
"role.delete",
|
|
6779
|
+
"permission.create",
|
|
6780
|
+
"permission.update",
|
|
6781
|
+
"permission.delete"
|
|
6782
|
+
];
|
|
6783
|
+
const getEventMap = (defaultEvents2) => {
|
|
6784
|
+
const getDefaultPayload = (...args) => args[0];
|
|
6785
|
+
return defaultEvents2.reduce((acc, event) => {
|
|
6786
|
+
acc[event] = getDefaultPayload;
|
|
6787
|
+
return acc;
|
|
6788
|
+
}, {});
|
|
6789
|
+
};
|
|
6790
|
+
const getRetentionDays = (strapi2) => {
|
|
6791
|
+
const featureConfig = strapi2.ee.features.get("audit-logs");
|
|
6792
|
+
const licenseRetentionDays = typeof featureConfig === "object" && featureConfig?.options.retentionDays;
|
|
6793
|
+
const userRetentionDays = strapi2.config.get("admin.auditLogs.retentionDays");
|
|
6794
|
+
if (licenseRetentionDays == null) {
|
|
6795
|
+
return userRetentionDays ?? DEFAULT_RETENTION_DAYS;
|
|
6796
|
+
}
|
|
6797
|
+
if (userRetentionDays && userRetentionDays < licenseRetentionDays) {
|
|
6798
|
+
return userRetentionDays;
|
|
6799
|
+
}
|
|
6800
|
+
return licenseRetentionDays;
|
|
6801
|
+
};
|
|
6802
|
+
const createAuditLogsLifecycleService = (strapi2) => {
|
|
6803
|
+
const state = {};
|
|
6804
|
+
const auditLogsService = strapi2.get("audit-logs");
|
|
6805
|
+
const eventMap = getEventMap(defaultEvents);
|
|
6806
|
+
const processEvent = (name2, ...args) => {
|
|
6807
|
+
const requestState = strapi2.requestContext.get()?.state;
|
|
6808
|
+
const isUsingAdminAuth = requestState?.route.info.type === "admin";
|
|
6809
|
+
const user2 = requestState?.user;
|
|
6810
|
+
if (!isUsingAdminAuth || !user2) {
|
|
6811
|
+
return null;
|
|
6812
|
+
}
|
|
6813
|
+
const getPayload = eventMap[name2];
|
|
6814
|
+
if (!getPayload) {
|
|
6815
|
+
return null;
|
|
6816
|
+
}
|
|
6817
|
+
const ignoredUids = ["plugin::upload.file", "plugin::upload.folder"];
|
|
6818
|
+
if (ignoredUids.includes(args[0]?.uid)) {
|
|
6819
|
+
return null;
|
|
6820
|
+
}
|
|
6821
|
+
return {
|
|
6822
|
+
action: name2,
|
|
6823
|
+
date: (/* @__PURE__ */ new Date()).toISOString(),
|
|
6824
|
+
payload: getPayload(...args) || {},
|
|
6825
|
+
userId: user2.id
|
|
6826
|
+
};
|
|
6827
|
+
};
|
|
6828
|
+
const handleEvent = async (name2, ...args) => {
|
|
6829
|
+
const processedEvent = processEvent(name2, ...args);
|
|
6830
|
+
if (processedEvent) {
|
|
6831
|
+
await auditLogsService.saveEvent(processedEvent);
|
|
6832
|
+
}
|
|
6833
|
+
};
|
|
6834
|
+
return {
|
|
6835
|
+
async register() {
|
|
6836
|
+
if (!state.eeEnableUnsubscribe) {
|
|
6837
|
+
state.eeEnableUnsubscribe = strapi2.eventHub.on("ee.enable", () => {
|
|
6838
|
+
this.destroy();
|
|
6839
|
+
this.register();
|
|
6840
|
+
});
|
|
6841
|
+
}
|
|
6842
|
+
if (!state.eeUpdateUnsubscribe) {
|
|
6843
|
+
state.eeUpdateUnsubscribe = strapi2.eventHub.on("ee.update", () => {
|
|
6844
|
+
this.destroy();
|
|
6845
|
+
this.register();
|
|
6846
|
+
});
|
|
6847
|
+
}
|
|
6848
|
+
state.eeDisableUnsubscribe = strapi2.eventHub.on("ee.disable", () => {
|
|
6849
|
+
this.destroy();
|
|
6850
|
+
});
|
|
6851
|
+
if (!strapi2.ee.features.isEnabled("audit-logs")) {
|
|
6852
|
+
return this;
|
|
6853
|
+
}
|
|
6854
|
+
state.eventHubUnsubscribe = strapi2.eventHub.subscribe(handleEvent);
|
|
6855
|
+
const retentionDays = getRetentionDays(strapi2);
|
|
6856
|
+
state.deleteExpiredJob = scheduleJob("0 0 * * *", () => {
|
|
6857
|
+
const expirationDate = new Date(Date.now() - retentionDays * 24 * 60 * 60 * 1e3);
|
|
6858
|
+
auditLogsService.deleteExpiredEvents(expirationDate);
|
|
6859
|
+
});
|
|
6860
|
+
return this;
|
|
6861
|
+
},
|
|
6862
|
+
unsubscribe() {
|
|
6863
|
+
if (state.eeDisableUnsubscribe) {
|
|
6864
|
+
state.eeDisableUnsubscribe();
|
|
6865
|
+
}
|
|
6866
|
+
if (state.eventHubUnsubscribe) {
|
|
6867
|
+
state.eventHubUnsubscribe();
|
|
6868
|
+
}
|
|
6869
|
+
if (state.deleteExpiredJob) {
|
|
6870
|
+
state.deleteExpiredJob.cancel();
|
|
6871
|
+
}
|
|
6872
|
+
return this;
|
|
6873
|
+
},
|
|
6874
|
+
destroy() {
|
|
6875
|
+
return this.unsubscribe();
|
|
6876
|
+
}
|
|
6877
|
+
};
|
|
6878
|
+
};
|
|
6879
|
+
const auditLog = {
|
|
6880
|
+
schema: {
|
|
6881
|
+
kind: "collectionType",
|
|
6882
|
+
collectionName: "strapi_audit_logs",
|
|
6883
|
+
info: {
|
|
6884
|
+
singularName: "audit-log",
|
|
6885
|
+
pluralName: "audit-logs",
|
|
6886
|
+
displayName: "Audit Log"
|
|
6887
|
+
},
|
|
6888
|
+
options: {
|
|
6889
|
+
timestamps: false
|
|
6890
|
+
},
|
|
6891
|
+
pluginOptions: {
|
|
6892
|
+
"content-manager": {
|
|
6893
|
+
visible: false
|
|
6894
|
+
},
|
|
6895
|
+
"content-type-builder": {
|
|
6896
|
+
visible: false
|
|
6897
|
+
}
|
|
6898
|
+
},
|
|
6899
|
+
attributes: {
|
|
6900
|
+
action: {
|
|
6901
|
+
type: "string",
|
|
6902
|
+
required: true
|
|
6903
|
+
},
|
|
6904
|
+
date: {
|
|
6905
|
+
type: "datetime",
|
|
6906
|
+
required: true
|
|
6907
|
+
},
|
|
6908
|
+
user: {
|
|
6909
|
+
type: "relation",
|
|
6910
|
+
relation: "oneToOne",
|
|
6911
|
+
target: "admin::user"
|
|
6912
|
+
},
|
|
6913
|
+
payload: {
|
|
6914
|
+
type: "json"
|
|
6915
|
+
}
|
|
6916
|
+
}
|
|
6917
|
+
}
|
|
6918
|
+
};
|
|
6919
|
+
const getAdminEE = () => {
|
|
6920
|
+
const eeAdmin = {
|
|
6921
|
+
register,
|
|
6922
|
+
bootstrap,
|
|
6923
|
+
destroy,
|
|
6924
|
+
contentTypes: {
|
|
6925
|
+
// Always register the audit-log content type to prevent data loss
|
|
6926
|
+
"audit-log": auditLog,
|
|
6927
|
+
...adminContentTypes
|
|
6928
|
+
},
|
|
6929
|
+
services,
|
|
6930
|
+
controllers,
|
|
6931
|
+
routes
|
|
6932
|
+
};
|
|
6933
|
+
if (strapi.config.get("admin.auditLogs.enabled", true) && strapi.ee.features.isEnabled("audit-logs")) {
|
|
6934
|
+
return {
|
|
6935
|
+
...eeAdmin,
|
|
6936
|
+
controllers: {
|
|
6937
|
+
...eeAdmin.controllers,
|
|
6938
|
+
"audit-logs": auditLogsController
|
|
6939
|
+
},
|
|
6940
|
+
routes: {
|
|
6941
|
+
...eeAdmin.routes,
|
|
6942
|
+
"audit-logs": auditLogsRoutes
|
|
6943
|
+
},
|
|
6944
|
+
async register({ strapi: strapi2 }) {
|
|
6945
|
+
await eeAdmin.register({ strapi: strapi2 });
|
|
6946
|
+
strapi2.add("audit-logs", createAuditLogsService(strapi2));
|
|
6947
|
+
const auditLogsLifecycle = createAuditLogsLifecycleService(strapi2);
|
|
6948
|
+
strapi2.add("audit-logs-lifecycle", auditLogsLifecycle);
|
|
6949
|
+
await auditLogsLifecycle.register();
|
|
6950
|
+
},
|
|
6951
|
+
async destroy({ strapi: strapi2 }) {
|
|
6952
|
+
strapi2.get("audit-logs-lifecycle").destroy();
|
|
6953
|
+
await eeAdmin.destroy({ strapi: strapi2 });
|
|
6954
|
+
}
|
|
6955
|
+
};
|
|
6956
|
+
}
|
|
6957
|
+
return eeAdmin;
|
|
6958
|
+
};
|
|
6959
|
+
let admin = {
|
|
6960
|
+
bootstrap: bootstrap$1,
|
|
6961
|
+
register: register$2,
|
|
6962
|
+
destroy: destroy$1,
|
|
6963
|
+
config,
|
|
6964
|
+
policies,
|
|
6965
|
+
routes: routes$1,
|
|
6966
|
+
services: services$1,
|
|
6967
|
+
controllers: controllers$1,
|
|
6968
|
+
contentTypes,
|
|
6969
|
+
middlewares: middlewares$1
|
|
6970
|
+
};
|
|
6971
|
+
const mergeRoutes = (a, b, key) => {
|
|
6972
|
+
return ___default.isArray(a) && ___default.isArray(b) && key === "routes" ? a.concat(b) : void 0;
|
|
6973
|
+
};
|
|
6974
|
+
if (strapi.EE) {
|
|
6975
|
+
admin = ___default.mergeWith({}, admin, getAdminEE(), mergeRoutes);
|
|
6976
|
+
}
|
|
6977
|
+
const admin$1 = admin;
|
|
5609
6978
|
export {
|
|
5610
|
-
|
|
5611
|
-
index$6 as config,
|
|
5612
|
-
index$1 as contentTypes,
|
|
5613
|
-
index$2 as controllers,
|
|
5614
|
-
destroy,
|
|
5615
|
-
index as middlewares,
|
|
5616
|
-
index$5 as policies,
|
|
5617
|
-
register$1 as register,
|
|
5618
|
-
routes,
|
|
5619
|
-
index$3 as services
|
|
6979
|
+
admin$1 as default
|
|
5620
6980
|
};
|
|
5621
6981
|
//# sourceMappingURL=index.mjs.map
|