@strapi/admin 5.23.5 → 5.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (108) hide show
  1. package/dist/admin/admin/src/features/Auth.js +9 -28
  2. package/dist/admin/admin/src/features/Auth.js.map +1 -1
  3. package/dist/admin/admin/src/features/Auth.mjs +11 -30
  4. package/dist/admin/admin/src/features/Auth.mjs.map +1 -1
  5. package/dist/admin/admin/src/pages/Auth/components/Register.js +9 -2
  6. package/dist/admin/admin/src/pages/Auth/components/Register.js.map +1 -1
  7. package/dist/admin/admin/src/pages/Auth/components/Register.mjs +9 -2
  8. package/dist/admin/admin/src/pages/Auth/components/Register.mjs.map +1 -1
  9. package/dist/admin/admin/src/services/auth.js +7 -6
  10. package/dist/admin/admin/src/services/auth.js.map +1 -1
  11. package/dist/admin/admin/src/services/auth.mjs +7 -6
  12. package/dist/admin/admin/src/services/auth.mjs.map +1 -1
  13. package/dist/admin/admin/src/utils/baseQuery.js +78 -42
  14. package/dist/admin/admin/src/utils/baseQuery.js.map +1 -1
  15. package/dist/admin/admin/src/utils/baseQuery.mjs +79 -43
  16. package/dist/admin/admin/src/utils/baseQuery.mjs.map +1 -1
  17. package/dist/admin/admin/src/utils/deviceId.js +38 -0
  18. package/dist/admin/admin/src/utils/deviceId.js.map +1 -0
  19. package/dist/admin/admin/src/utils/deviceId.mjs +36 -0
  20. package/dist/admin/admin/src/utils/deviceId.mjs.map +1 -0
  21. package/dist/admin/src/services/auth.d.ts +19 -10
  22. package/dist/admin/src/utils/deviceId.d.ts +5 -0
  23. package/dist/ee/server/src/controllers/authentication-utils/middlewares.d.ts.map +1 -1
  24. package/dist/ee/server/src/services/user.d.ts.map +1 -1
  25. package/dist/server/ee/server/src/controllers/authentication-utils/middlewares.js +43 -17
  26. package/dist/server/ee/server/src/controllers/authentication-utils/middlewares.js.map +1 -1
  27. package/dist/server/ee/server/src/controllers/authentication-utils/middlewares.mjs +43 -17
  28. package/dist/server/ee/server/src/controllers/authentication-utils/middlewares.mjs.map +1 -1
  29. package/dist/server/ee/server/src/services/user.js +14 -0
  30. package/dist/server/ee/server/src/services/user.js.map +1 -1
  31. package/dist/server/ee/server/src/services/user.mjs +14 -0
  32. package/dist/server/ee/server/src/services/user.mjs.map +1 -1
  33. package/dist/server/server/src/bootstrap.js +22 -0
  34. package/dist/server/server/src/bootstrap.js.map +1 -1
  35. package/dist/server/server/src/bootstrap.mjs +22 -0
  36. package/dist/server/server/src/bootstrap.mjs.map +1 -1
  37. package/dist/server/server/src/content-types/index.js +4 -0
  38. package/dist/server/server/src/content-types/index.js.map +1 -1
  39. package/dist/server/server/src/content-types/index.mjs +4 -0
  40. package/dist/server/server/src/content-types/index.mjs.map +1 -1
  41. package/dist/server/server/src/content-types/session.js +91 -0
  42. package/dist/server/server/src/content-types/session.js.map +1 -0
  43. package/dist/server/server/src/content-types/session.mjs +89 -0
  44. package/dist/server/server/src/content-types/session.mjs.map +1 -0
  45. package/dist/server/server/src/controllers/authentication.js +169 -38
  46. package/dist/server/server/src/controllers/authentication.js.map +1 -1
  47. package/dist/server/server/src/controllers/authentication.mjs +169 -38
  48. package/dist/server/server/src/controllers/authentication.mjs.map +1 -1
  49. package/dist/server/server/src/routes/authentication.js +2 -2
  50. package/dist/server/server/src/routes/authentication.js.map +1 -1
  51. package/dist/server/server/src/routes/authentication.mjs +2 -2
  52. package/dist/server/server/src/routes/authentication.mjs.map +1 -1
  53. package/dist/server/server/src/services/token.js +44 -31
  54. package/dist/server/server/src/services/token.js.map +1 -1
  55. package/dist/server/server/src/services/token.mjs +44 -30
  56. package/dist/server/server/src/services/token.mjs.map +1 -1
  57. package/dist/server/server/src/services/user.js +14 -0
  58. package/dist/server/server/src/services/user.js.map +1 -1
  59. package/dist/server/server/src/services/user.mjs +14 -0
  60. package/dist/server/server/src/services/user.mjs.map +1 -1
  61. package/dist/server/server/src/strategies/admin.js +23 -3
  62. package/dist/server/server/src/strategies/admin.js.map +1 -1
  63. package/dist/server/server/src/strategies/admin.mjs +23 -3
  64. package/dist/server/server/src/strategies/admin.mjs.map +1 -1
  65. package/dist/server/server/src/validation/authentication/login.js +16 -0
  66. package/dist/server/server/src/validation/authentication/login.js.map +1 -0
  67. package/dist/server/server/src/validation/authentication/login.mjs +14 -0
  68. package/dist/server/server/src/validation/authentication/login.mjs.map +1 -0
  69. package/dist/server/server/src/validation/authentication/register.js +6 -2
  70. package/dist/server/server/src/validation/authentication/register.js.map +1 -1
  71. package/dist/server/server/src/validation/authentication/register.mjs +6 -2
  72. package/dist/server/server/src/validation/authentication/register.mjs.map +1 -1
  73. package/dist/server/shared/utils/session-auth.js +76 -0
  74. package/dist/server/shared/utils/session-auth.js.map +1 -0
  75. package/dist/server/shared/utils/session-auth.mjs +65 -0
  76. package/dist/server/shared/utils/session-auth.mjs.map +1 -0
  77. package/dist/server/src/bootstrap.d.ts.map +1 -1
  78. package/dist/server/src/content-types/index.d.ts +88 -0
  79. package/dist/server/src/content-types/index.d.ts.map +1 -1
  80. package/dist/server/src/content-types/session.d.ts +88 -0
  81. package/dist/server/src/content-types/session.d.ts.map +1 -0
  82. package/dist/server/src/controllers/authentication.d.ts +5 -5
  83. package/dist/server/src/controllers/authentication.d.ts.map +1 -1
  84. package/dist/server/src/controllers/index.d.ts +5 -5
  85. package/dist/server/src/index.d.ts +93 -5
  86. package/dist/server/src/index.d.ts.map +1 -1
  87. package/dist/server/src/routes/authentication.d.ts.map +1 -1
  88. package/dist/server/src/services/token.d.ts +11 -19
  89. package/dist/server/src/services/token.d.ts.map +1 -1
  90. package/dist/server/src/services/user.d.ts.map +1 -1
  91. package/dist/server/src/strategies/admin.d.ts.map +1 -1
  92. package/dist/server/src/validation/authentication/index.d.ts +1 -1
  93. package/dist/server/src/validation/authentication/index.d.ts.map +1 -1
  94. package/dist/server/src/validation/authentication/login.d.ts +7 -0
  95. package/dist/server/src/validation/authentication/login.d.ts.map +1 -0
  96. package/dist/server/src/validation/authentication/register.d.ts +5 -0
  97. package/dist/server/src/validation/authentication/register.d.ts.map +1 -1
  98. package/dist/shared/contracts/authentication.d.ts +20 -10
  99. package/dist/shared/contracts/authentication.d.ts.map +1 -1
  100. package/dist/shared/utils/session-auth.d.ts +39 -0
  101. package/dist/shared/utils/session-auth.d.ts.map +1 -0
  102. package/package.json +7 -7
  103. package/dist/server/server/src/validation/authentication/renew-token.js +0 -11
  104. package/dist/server/server/src/validation/authentication/renew-token.js.map +0 -1
  105. package/dist/server/server/src/validation/authentication/renew-token.mjs +0 -9
  106. package/dist/server/server/src/validation/authentication/renew-token.mjs.map +0 -1
  107. package/dist/server/src/validation/authentication/renew-token.d.ts +0 -3
  108. package/dist/server/src/validation/authentication/renew-token.d.ts.map +0 -1
package/dist/server/server/src/services/token.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"token.mjs","sources":["../../../../../server/src/services/token.ts"],"sourcesContent":["import crypto from 'crypto';\nimport _ from 'lodash';\nimport jwt from 'jsonwebtoken';\nimport type { AdminUser } from '../../../shared/contracts/shared';\n\nconst defaultJwtOptions = { expiresIn: '30d' };\n\nexport type TokenOptions = {\n expiresIn?: string;\n [key: string]: unknown;\n};\n\nexport type TokenPayload = {\n id: AdminUser['id'];\n};\n\nexport type AdminAuthConfig = {\n secret: string;\n options: TokenOptions;\n};\n\nconst getTokenOptions = () => {\n const { options, secret } = strapi.config.get<AdminAuthConfig>(\n 'admin.auth',\n {} as AdminAuthConfig\n );\n\n return {\n secret,\n options: _.merge(defaultJwtOptions, options),\n };\n};\n\n/**\n * Create a random token\n */\nconst createToken = (): string => {\n return crypto.randomBytes(20).toString('hex');\n};\n\n/**\n * Creates a JWT token for an administration user\n * @param user - admin user\n */\nconst createJwtToken = (user: { id: AdminUser['id'] }) => {\n const { options, secret } = getTokenOptions();\n\n return jwt.sign({ id: user.id }, secret, options);\n};\n\n/**\n * Tries to decode a token an return its payload and if it is valid\n * @param token - a token to decode\n * @return decodeInfo - the decoded info\n */\nconst decodeJwtToken = (\n token: string\n): { payload: TokenPayload; isValid: true } | { payload: null; isValid: false } => {\n const { secret } = getTokenOptions();\n\n try {\n const payload = jwt.verify(token, secret) as TokenPayload;\n return { payload, isValid: true };\n } catch (err) {\n return { payload: null, isValid: false };\n }\n};\n\nconst checkSecretIsDefined = () => {\n if (strapi.config.get('admin.serveAdminPanel') && !strapi.config.get('admin.auth.secret')) {\n throw new Error(\n `Missing auth.secret. Please set auth.secret in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n};\n\nexport { createToken, createJwtToken, getTokenOptions, decodeJwtToken, checkSecretIsDefined };\n"],"names":["defaultJwtOptions","expiresIn","getTokenOptions","options","secret","strapi","config","get","_","merge","createToken","crypto","randomBytes","toString","createJwtToken","user","jwt","sign","id","decodeJwtToken","token","payload","verify","isValid","err","checkSecretIsDefined","Error"],"mappings":";;;;AAKA,MAAMA,iBAAoB,GAAA;IAAEC,SAAW,EAAA;AAAM,CAAA;AAgB7C,MAAMC,eAAkB,GAAA,IAAA;AACtB,IAAA,MAAM,EAAEC,OAAO,EAAEC,MAAM,EAAE,GAAGC,MAAOC,CAAAA,MAAM,CAACC,GAAG,CAC3C,YAAA,EACA,EAAC,CAAA;IAGH,OAAO;AACLH,QAAAA,MAAAA;QACAD,OAASK,EAAAA,UAAAA,CAAEC,KAAK,CAACT,iBAAmBG,EAAAA,OAAAA;AACtC,KAAA;AACF;AAEA;;AAEC,UACKO,WAAc,GAAA,IAAA;AAClB,IAAA,OAAOC,MAAOC,CAAAA,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AACzC;AAEA;;;IAIA,MAAMC,iBAAiB,CAACC,IAAAA,GAAAA;AACtB,IAAA,MAAM,EAAEZ,OAAO,EAAEC,MAAM,EAAE,GAAGF,eAAAA,EAAAA;IAE5B,OAAOc,GAAAA,CAAIC,IAAI,CAAC;AAAEC,QAAAA,EAAAA,EAAIH,KAAKG;AAAG,KAAA,EAAGd,MAAQD,EAAAA,OAAAA,CAAAA;AAC3C;AAEA;;;;IAKA,MAAMgB,iBAAiB,CACrBC,KAAAA,GAAAA;IAEA,MAAM,EAAEhB,MAAM,EAAE,GAAGF,eAAAA,EAAAA;IAEnB,IAAI;AACF,QAAA,MAAMmB,OAAUL,GAAAA,GAAAA,CAAIM,MAAM,CAACF,KAAOhB,EAAAA,MAAAA,CAAAA;QAClC,OAAO;AAAEiB,YAAAA,OAAAA;YAASE,OAAS,EAAA;AAAK,SAAA;AAClC,KAAA,CAAE,OAAOC,GAAK,EAAA;QACZ,OAAO;YAAEH,OAAS,EAAA,IAAA;YAAME,OAAS,EAAA;AAAM,SAAA;AACzC;AACF;AAEA,MAAME,oBAAuB,GAAA,IAAA;AAC3B,IAAA,IAAIpB,MAAOC,CAAAA,MAAM,CAACC,GAAG,CAAC,uBAAA,CAAA,IAA4B,CAACF,MAAAA,CAAOC,MAAM,CAACC,GAAG,CAAC,mBAAsB,CAAA,EAAA;QACzF,MAAM,IAAImB,MACR,CAAC;uQACgQ,CAAC,CAAA;AAEtQ;AACF;;;;"}
1
+ {"version":3,"file":"token.mjs","sources":["../../../../../server/src/services/token.ts"],"sourcesContent":["import crypto from 'crypto';\nimport _ from 'lodash';\nimport type { Algorithm } from 'jsonwebtoken';\nimport type { AdminUser } from '../../../shared/contracts/shared';\n\nconst defaultJwtOptions = { expiresIn: '30d' };\n\nexport type TokenOptions = {\n expiresIn?: string;\n algorithm?: Algorithm;\n [key: string]: unknown;\n};\n\nexport type TokenPayload = {\n id: AdminUser['id'];\n};\n\nexport type AdminAuthConfig = {\n secret: string;\n options: TokenOptions;\n};\n\nconst getTokenOptions = () => {\n const { options, secret } = strapi.config.get<AdminAuthConfig>(\n 'admin.auth',\n {} as AdminAuthConfig\n );\n\n return {\n secret,\n options: _.merge(defaultJwtOptions, options),\n };\n};\n\n/**\n * Create a random token\n */\nconst createToken = (): string => {\n return crypto.randomBytes(20).toString('hex');\n};\n\nconst checkSecretIsDefined = () => {\n if (strapi.config.get('admin.serveAdminPanel') && !strapi.config.get('admin.auth.secret')) {\n throw new Error(\n `Missing auth.secret. Please set auth.secret in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n};\n\nexport { createToken, getTokenOptions, checkSecretIsDefined };\n\n/**\n * Convert an expiresIn value (string or number) into seconds.\n * Supported formats:\n * - number: treated as seconds\n * - numeric string (e.g. \"180\"): treated as seconds\n * - shorthand string: \"Xs\", \"Xm\", \"Xh\", \"Xd\", \"Xw\" (case-insensitive)\n * Returns undefined when value is not set or invalid.\n */\nexport const expiresInToSeconds = (expiresIn: unknown): number | undefined => {\n if (expiresIn == null) return undefined;\n\n // Numeric input => seconds\n if (typeof expiresIn === 'number' && Number.isFinite(expiresIn)) {\n return Math.max(0, Math.floor(expiresIn));\n }\n\n if (typeof expiresIn !== 'string') return undefined;\n\n const value = expiresIn.trim().toLowerCase();\n\n // Pure numeric string => seconds\n if (/^\\d+$/.test(value)) {\n const seconds = Number.parseInt(value, 10);\n return Number.isFinite(seconds) ? Math.max(0, seconds) : undefined;\n }\n\n // Shorthand formats (s, m, h, d, w)\n const match = value.match(/^(\\d+)\\s*(ms|s|m|h|d|w)$/i);\n if (!match) return undefined;\n\n const amount = Number.parseInt(match[1], 10);\n if (!Number.isFinite(amount)) return undefined;\n\n const unit = match[2];\n switch (unit) {\n case 'ms':\n return Math.max(0, Math.floor(amount / 1000));\n case 's':\n return Math.max(0, amount);\n case 'm':\n return Math.max(0, amount * 60);\n case 'h':\n return Math.max(0, amount * 60 * 60);\n case 'd':\n return Math.max(0, amount * 24 * 60 * 60);\n case 'w':\n return Math.max(0, amount * 7 * 24 * 60 * 60);\n default:\n return undefined;\n }\n};\n"],"names":["defaultJwtOptions","expiresIn","getTokenOptions","options","secret","strapi","config","get","_","merge","createToken","crypto","randomBytes","toString","checkSecretIsDefined","Error","expiresInToSeconds","undefined","Number","isFinite","Math","max","floor","value","trim","toLowerCase","test","seconds","parseInt","match","amount","unit"],"mappings":";;;AAKA,MAAMA,iBAAoB,GAAA;IAAEC,SAAW,EAAA;AAAM,CAAA;AAiB7C,MAAMC,eAAkB,GAAA,IAAA;AACtB,IAAA,MAAM,EAAEC,OAAO,EAAEC,MAAM,EAAE,GAAGC,MAAOC,CAAAA,MAAM,CAACC,GAAG,CAC3C,YAAA,EACA,EAAC,CAAA;IAGH,OAAO;AACLH,QAAAA,MAAAA;QACAD,OAASK,EAAAA,UAAAA,CAAEC,KAAK,CAACT,iBAAmBG,EAAAA,OAAAA;AACtC,KAAA;AACF;AAEA;;AAEC,UACKO,WAAc,GAAA,IAAA;AAClB,IAAA,OAAOC,MAAOC,CAAAA,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AACzC;AAEA,MAAMC,oBAAuB,GAAA,IAAA;AAC3B,IAAA,IAAIT,MAAOC,CAAAA,MAAM,CAACC,GAAG,CAAC,uBAAA,CAAA,IAA4B,CAACF,MAAAA,CAAOC,MAAM,CAACC,GAAG,CAAC,mBAAsB,CAAA,EAAA;QACzF,MAAM,IAAIQ,MACR,CAAC;uQACgQ,CAAC,CAAA;AAEtQ;AACF;AAIA;;;;;;;IAQaC,MAAAA,kBAAAA,GAAqB,CAACf,SAAAA,GAAAA;IACjC,IAAIA,SAAAA,IAAa,MAAM,OAAOgB,SAAAA;;AAG9B,IAAA,IAAI,OAAOhB,SAAc,KAAA,QAAA,IAAYiB,MAAOC,CAAAA,QAAQ,CAAClB,SAAY,CAAA,EAAA;AAC/D,QAAA,OAAOmB,KAAKC,GAAG,CAAC,CAAGD,EAAAA,IAAAA,CAAKE,KAAK,CAACrB,SAAAA,CAAAA,CAAAA;AAChC;IAEA,IAAI,OAAOA,SAAc,KAAA,QAAA,EAAU,OAAOgB,SAAAA;AAE1C,IAAA,MAAMM,KAAQtB,GAAAA,SAAAA,CAAUuB,IAAI,EAAA,CAAGC,WAAW,EAAA;;IAG1C,IAAI,OAAA,CAAQC,IAAI,CAACH,KAAQ,CAAA,EAAA;AACvB,QAAA,MAAMI,OAAUT,GAAAA,MAAAA,CAAOU,QAAQ,CAACL,KAAO,EAAA,EAAA,CAAA;QACvC,OAAOL,MAAAA,CAAOC,QAAQ,CAACQ,OAAAA,CAAAA,GAAWP,KAAKC,GAAG,CAAC,GAAGM,OAAWV,CAAAA,GAAAA,SAAAA;AAC3D;;IAGA,MAAMY,KAAAA,GAAQN,KAAMM,CAAAA,KAAK,CAAC,2BAAA,CAAA;IAC1B,IAAI,CAACA,OAAO,OAAOZ,SAAAA;AAEnB,IAAA,MAAMa,SAASZ,MAAOU,CAAAA,QAAQ,CAACC,KAAK,CAAC,EAAE,EAAE,EAAA,CAAA;AACzC,IAAA,IAAI,CAACX,MAAAA,CAAOC,QAAQ,CAACW,SAAS,OAAOb,SAAAA;IAErC,MAAMc,IAAAA,GAAOF,KAAK,CAAC,CAAE,CAAA;IACrB,OAAQE,IAAAA;QACN,KAAK,IAAA;AACH,YAAA,OAAOX,KAAKC,GAAG,CAAC,GAAGD,IAAKE,CAAAA,KAAK,CAACQ,MAAS,GAAA,IAAA,CAAA,CAAA;QACzC,KAAK,GAAA;YACH,OAAOV,IAAAA,CAAKC,GAAG,CAAC,CAAGS,EAAAA,MAAAA,CAAAA;QACrB,KAAK,GAAA;AACH,YAAA,OAAOV,IAAKC,CAAAA,GAAG,CAAC,CAAA,EAAGS,MAAS,GAAA,EAAA,CAAA;QAC9B,KAAK,GAAA;AACH,YAAA,OAAOV,IAAKC,CAAAA,GAAG,CAAC,CAAA,EAAGS,SAAS,EAAK,GAAA,EAAA,CAAA;QACnC,KAAK,GAAA;AACH,YAAA,OAAOV,KAAKC,GAAG,CAAC,CAAGS,EAAAA,MAAAA,GAAS,KAAK,EAAK,GAAA,EAAA,CAAA;QACxC,KAAK,GAAA;AACH,YAAA,OAAOV,KAAKC,GAAG,CAAC,GAAGS,MAAS,GAAA,CAAA,GAAI,KAAK,EAAK,GAAA,EAAA,CAAA;AAC5C,QAAA;YACE,OAAOb,SAAAA;AACX;AACF;;;;"}
package/dist/server/server/src/services/user.js CHANGED
@@ -16,6 +16,10 @@ const sanitizeUserRoles = (role)=>_.pick(role, [
16
16
  'description',
17
17
  'code'
18
18
  ]);
19
+ const getSessionManager = ()=>{
20
+ const manager = strapi.sessionManager;
21
+ return manager ?? null;
22
+ };
19
23
  /**
20
24
  * Remove private user fields
21
25
  * @param user - user to sanitize
@@ -289,6 +293,11 @@ attributes)=>{
289
293
  'roles'
290
294
  ]
291
295
  });
296
+ // Invalidate all sessions for the deleted user
297
+ const sessionManager = getSessionManager();
298
+ if (sessionManager && sessionManager.hasOrigin('admin')) {
299
+ await sessionManager('admin').invalidateRefreshToken(String(id));
300
+ }
292
301
  strapi.eventHub.emit('user.delete', {
293
302
  user: sanitizeUser(deletedUser)
294
303
  });
@@ -320,6 +329,11 @@ attributes)=>{
320
329
  'roles'
321
330
  ]
322
331
  });
332
+ // Invalidate all sessions for the deleted user
333
+ const sessionManager = getSessionManager();
334
+ if (sessionManager && sessionManager.hasOrigin('admin')) {
335
+ await sessionManager('admin').invalidateRefreshToken(String(id));
336
+ }
323
337
  deletedUsers.push(deletedUser);
324
338
  }
325
339
  strapi.eventHub.emit('user.delete', {
package/dist/server/server/src/services/user.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.js","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\n\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","strapi","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,YAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,CAAEC,CAAAA,IAAI,CAACF,IAAM,EAAA;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGH,CAAAA,CAAEI,IAAI,CAACD,IAAM,EAAA;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACR,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMS,MAAS,GAAA;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAW,GAAA;QACfC,iBAAmBC,EAAAA,gBAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIR,CAAEa,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;QACjCC,QAASK,CAAAA,QAAQ,GAAG,MAAMH,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E;AAEA,IAAA,MAAMX,OAAOa,iBAAWP,CAAAA,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMC,MAAOC,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACNb,CAAAA,CAAAA,MAAM,CAAC;QAAEc,IAAMlB,EAAAA,IAAAA;QAAMmB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CX,IAAAA,gBAAAA,CAAW,WAAWY,iBAAiB,EAAA;AAEvCL,IAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAEtB,QAAAA,IAAAA,EAAMD,YAAae,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMS,UAAa,GAAA,OACjBC,EACAnB,EAAAA,UAAAA,GAAAA;;AAGA,IAAA,IAAIR,CAAEa,CAAAA,GAAG,CAACL,UAAAA,EAAY,OAAU,CAAA,EAAA;QAC9B,MAAMoB,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAiB,GAAA,MAAMnB,gBAAW,CAAA,MAAA,CAAA,CAAQoB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,YAAOC,CAAAA,cAAc,CAAC1B,UAAWH,CAAAA,KAAK,EAAGyB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAA0B,EAAA;AAC7C,YAAA,MAAM,IAAIpC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;IAGA,IAAIY,UAAAA,CAAW2B,QAAQ,KAAK,KAAO,EAAA;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAe,EAAA;AACjB,YAAA,MAAM,IAAIhC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;AAGA,IAAA,IAAII,CAAEa,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;AACjC,QAAA,MAAM4B,iBAAiB,MAAMzB,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMuB,WAAAA,GAAc,MAAMnB,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;YAC9DC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAM,EAAA;AACJ,gBAAA,GAAGb,UAAU;gBACbM,QAAUsB,EAAAA;AACZ,aAAA;YACAd,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEAJ,QAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAEtB,YAAAA,IAAAA,EAAMD,YAAamC,CAAAA,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT;IAEA,MAAMA,WAAAA,GAAc,MAAMnB,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;QAC9DC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAMb,EAAAA,UAAAA;QACNc,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAa,EAAA;AACfnB,QAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAEtB,YAAAA,IAAAA,EAAMD,YAAamC,CAAAA,WAAAA;AAAa,SAAA,CAAA;AACxE;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAuB,GAAA,OAAOC,KAAe3B,EAAAA,QAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMe,MAAOC,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAACnB,IAAM,EAAA;AACT,QAAA,MAAM,IAAIwC,KAAM,CAAA,CAAC,0BAA0B,EAAEF,MAAM,CAAC,CAAA;AACtD;IAEA,IAAI;QACF,MAAMG,yBAAAA,CAAkBC,QAAQ,CAAC/B,QAAAA,CAAAA;AACnC,KAAA,CAAE,OAAOgC,KAAO,EAAA;AACd,QAAA,MAAM,IAAIlD,eACR,CAAA,wGAAA,CAAA;AAEJ;IAEA,MAAM8B,UAAAA,CAAWvB,IAAKwB,CAAAA,EAAE,EAAE;AAAEb,QAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMe,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM5C,IAAAA,GAAQ,MAAMuC,OAAQK,CAAAA,MAAAA,CAAAA;IAC5B,IAAI,CAAC5C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM2B,cAAiB,GAAA,MAAMnB,gBAAW,CAAA,MAAA,CAAA,CAAQoB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAekB,CAAAA,UAAU,KAAK,CAAA,IAAKC,wBAAkB9C,CAAAA,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM+C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAQK,CAAAA,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,wBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAW,CAAA,GAAG,MAAMlC,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QACjE/B,QAAU,EAAA;YACRjB,KAAO,EAAA;gBACLkC,KAAO,EAAA;oBACLe,IAAM,EAAA;wBAAEC,GAAK7D,EAAAA;AAAiB;AAChC;AACF;AACF,SAAA;QACA8D,OAAS,EAAA;YAAEC,SAAW,EAAA;AAAM,SAAA;QAC5BC,KAAO,EAAA,CAAA;QACPC,MAAQ,EAAA;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAWzB,CAAAA,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOpD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMU,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QAAEtB,KAAO/B,EAAAA;KAAiB,CAAA,GAAA,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMsD,uBAAuB,OAC3BpD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMe,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE7B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAM,EAAA;QACT,OAAO4D,SAAAA;AACT;IAEA,OAAO/D,CAAAA,CAAEC,IAAI,CAACE,IAAM,EAAA;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM6D,QAAW,GAAA,OAAO,EACtBtD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMwD,YAAAA,GAAe,MAAM/C,MAAOC,CAAAA,EAAE,CACjCC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE7B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACuD,YAAc,EAAA;AACjB,QAAA,MAAM,IAAIrE,eAAgB,CAAA,2BAAA,CAAA;AAC5B;AAEA,IAAA,OAAOe,iBAAW,MAAQe,CAAAA,CAAAA,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDb,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BoD,QAAAA,SAAAA,EAAWzD,SAASyD,SAAS;AAC7BC,QAAAA,QAAAA,EAAU1D,SAAS0D,QAAQ;QAC3BzD,iBAAmB,EAAA,IAAA;QACnByB,QAAU,EAAA;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAW,GAAA;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOJ,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOJ,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAO,EAAA;YAAEE,KAAO,EAAA;gBAAE4B,IAAM5B,EAAAA;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQF,OACXsD,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,WAAS,CAAA;QAAEpD,QAAU,EAAA;AAAC,YAAA;AAAQ;KAAIiD,EAAAA,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOrD,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM1D,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAClFH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAc,EAAA;QACjB,OAAO,IAAA;AACT;AAEA,IAAA,IAAIA,YAAc,EAAA;QAChB,IAAIA,YAAAA,CAAavE,KAAK,CAACwE,IAAI,CAAC,CAACC,CAAMA,GAAAA,CAAAA,CAAExB,IAAI,KAAK5D,gBAAmB,CAAA,EAAA;AAC/D,YAAA,MAAMoC,cAAiB,GAAA,MAAMnB,gBAAW,CAAA,MAAA,CAAA,CAAQoB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAG,EAAA;AACnC,gBAAA,MAAM,IAAIpD,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;AACF;IAEA,MAAMmF,WAAAA,GAAc,MAAM7D,MAAOC,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACN4D,CAAAA,CAAAA,MAAM,CAAC;QAAEzC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE/CJ,IAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAEtB,QAAAA,IAAAA,EAAMD,YAAa6E,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAME,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMpD,cAAiB,GAAA,MAAMnB,gBAAW,CAAA,MAAA,CAAA,CAAQoB,2BAA2B,EAAA;IAC3E,MAAMoD,sBAAAA,GAAyB,MAAMjE,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QACxEtB,KAAO,EAAA;YACLZ,EAAIuD,EAAAA,GAAAA;YACJ7E,KAAO,EAAA;AAAEsB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKmC,sBAAwB,EAAA;AACxD,QAAA,MAAM,IAAIvF,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AAEA,IAAA,MAAMwF,eAAe,EAAE;IACvB,KAAK,MAAMzD,MAAMuD,GAAK,CAAA;QACpB,MAAMH,WAAAA,GAAc,MAAM7D,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAe4D,CAAAA,CAAAA,MAAM,CAAC;YAC9DzC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEA8D,QAAAA,YAAAA,CAAaC,IAAI,CAACN,WAAAA,CAAAA;AACpB;AAEA7D,IAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAClC6D,QAAAA,KAAAA,EAAOF,YAAa9E,CAAAA,GAAG,CAAC,CAACyE,cAAgB7E,YAAa6E,CAAAA,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOK,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAwB,GAAA,UAAA;AAC5B,IAAA,OAAOrE,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAO,EAAA;YACLlC,KAAO,EAAA;gBACLsB,EAAI,EAAA;oBAAE6D,KAAO,EAAA;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM3B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOrB,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMkD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMpE,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAC1DM,MAAQ,EAAA;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAO,EAAA;YACLlC,KAAO,EAAA;gBAAEsB,EAAI,EAAA;oBAAE6D,KAAO,EAAA;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAMhF,CAAAA,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOe,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAO,EAAA;AAAEZ,gBAAAA,EAAAA,EAAIxB,KAAKwB;AAAG,aAAA;YACrBN,IAAM,EAAA;gBAAEhB,KAAO,EAAA;AAACqF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAoC,GAAA,UAAA;AACxC,IAAA,MAAMhC,QAAQ,MAAM0B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI1B,QAAQ,CAAG,EAAA;QACb3C,MAAO4E,CAAAA,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAElC,KAAM,CAAA,sBAAsB,CAAC,CAAA;AAC9D;AACF,CAAA;AAEA;AACC,IACD,MAAMmC,iBAAoB,GAAA,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMpE,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAAEM,MAAQ,EAAA;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO2B,MAAMhF,GAAG,CAAC,CAACH,IAASA,GAAAA,IAAAA,CAAK8F,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AAEA,WAAe;AACb1F,IAAAA,MAAAA;AACAmB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA9D,IAAAA,YAAAA;AACAwC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAM,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA1B,IAAAA,KAAAA;AACA4B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACArD,IAAAA,oBAAAA;AACAwD,IAAAA,iBAAAA;AACA9C,IAAAA;AACF,CAAE;;;;"}
1
+ {"version":3,"file":"user.js","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\n\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,YAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,CAAEC,CAAAA,IAAI,CAACF,IAAM,EAAA;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAoB,GAAA,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,CAAAA,CAAEQ,IAAI,CAACD,IAAM,EAAA;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,MAAS,GAAA;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAW,GAAA;QACfC,iBAAmBC,EAAAA,gBAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;QACjCC,QAASK,CAAAA,QAAQ,GAAG,MAAMH,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E;AAEA,IAAA,MAAMX,OAAOa,iBAAWP,CAAAA,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACNZ,CAAAA,CAAAA,MAAM,CAAC;QAAEa,IAAMjB,EAAAA,IAAAA;QAAMkB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CV,IAAAA,gBAAAA,CAAW,WAAWW,iBAAiB,EAAA;AAEvCtB,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAae,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMQ,UAAa,GAAA,OACjBC,EACAlB,EAAAA,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,OAAU,CAAA,EAAA;QAC9B,MAAMmB,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,YAAOC,CAAAA,cAAc,CAACzB,UAAWH,CAAAA,KAAK,EAAGwB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAA0B,EAAA;AAC7C,YAAA,MAAM,IAAIvC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;IAGA,IAAIgB,UAAAA,CAAW0B,QAAQ,KAAK,KAAO,EAAA;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAe,EAAA;AACjB,YAAA,MAAM,IAAInC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;AAGA,IAAA,IAAII,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;AACjC,QAAA,MAAM2B,iBAAiB,MAAMxB,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMsB,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;YAC9DC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAM,EAAA;AACJ,gBAAA,GAAGZ,UAAU;gBACbM,QAAUqB,EAAAA;AACZ,aAAA;YACAd,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEArB,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT;IAEA,MAAMA,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;QAC9DC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAMZ,EAAAA,UAAAA;QACNa,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAa,EAAA;AACfpC,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;AACxE;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAuB,GAAA,OAAOC,KAAe1B,EAAAA,QAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAAClB,IAAM,EAAA;AACT,QAAA,MAAM,IAAIuC,KAAM,CAAA,CAAC,0BAA0B,EAAEF,MAAM,CAAC,CAAA;AACtD;IAEA,IAAI;QACF,MAAMG,yBAAAA,CAAkBC,QAAQ,CAAC9B,QAAAA,CAAAA;AACnC,KAAA,CAAE,OAAO+B,KAAO,EAAA;AACd,QAAA,MAAM,IAAIrD,eACR,CAAA,wGAAA,CAAA;AAEJ;IAEA,MAAMiC,UAAAA,CAAWtB,IAAKuB,CAAAA,EAAE,EAAE;AAAEZ,QAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMc,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM3C,IAAAA,GAAQ,MAAMsC,OAAQK,CAAAA,MAAAA,CAAAA;IAC5B,IAAI,CAAC3C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM0B,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAekB,CAAAA,UAAU,KAAK,CAAA,IAAKC,wBAAkB7C,CAAAA,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM8C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAQK,CAAAA,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,wBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAW,CAAA,GAAG,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QACjE/B,QAAU,EAAA;YACRhB,KAAO,EAAA;gBACLiC,KAAO,EAAA;oBACLe,IAAM,EAAA;wBAAEC,GAAKhE,EAAAA;AAAiB;AAChC;AACF;AACF,SAAA;QACAiE,OAAS,EAAA;YAAEC,SAAW,EAAA;AAAM,SAAA;QAC5BC,KAAO,EAAA,CAAA;QACPC,MAAQ,EAAA;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAWzB,CAAAA,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOnD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QAAEtB,KAAO9B,EAAAA;KAAiB,CAAA,GAAA,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMqD,uBAAuB,OAC3BnD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAM,EAAA;QACT,OAAO2D,SAAAA;AACT;IAEA,OAAOlE,CAAAA,CAAEC,IAAI,CAACM,IAAM,EAAA;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM4D,QAAW,GAAA,OAAO,EACtBrD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMuD,YAAAA,GAAe,MAAMhE,MAAOkB,CAAAA,EAAE,CACjCC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACsD,YAAc,EAAA;AACjB,QAAA,MAAM,IAAIxE,eAAgB,CAAA,2BAAA,CAAA;AAC5B;AAEA,IAAA,OAAOmB,iBAAW,MAAQc,CAAAA,CAAAA,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDZ,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BmD,QAAAA,SAAAA,EAAWxD,SAASwD,SAAS;AAC7BC,QAAAA,QAAAA,EAAUzD,SAASyD,QAAQ;QAC3BxD,iBAAmB,EAAA,IAAA;QACnBwB,QAAU,EAAA;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAW,GAAA;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAO,EAAA;YAAEE,KAAO,EAAA;gBAAE4B,IAAM5B,EAAAA;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQnB,OACXuE,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,WAAS,CAAA;QAAEpD,QAAU,EAAA;AAAC,YAAA;AAAQ;KAAIiD,EAAAA,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOtE,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM3E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAClFH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAc,EAAA;QACjB,OAAO,IAAA;AACT;AAEA,IAAA,IAAIA,YAAc,EAAA;QAChB,IAAIA,YAAAA,CAAatE,KAAK,CAACuE,IAAI,CAAC,CAACC,CAAMA,GAAAA,CAAAA,CAAExB,IAAI,KAAK/D,gBAAmB,CAAA,EAAA;AAC/D,YAAA,MAAMuC,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAG,EAAA;AACnC,gBAAA,MAAM,IAAIvD,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;AACF;IAEA,MAAMsF,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACN4D,CAAAA,CAAAA,MAAM,CAAC;QAAEzC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,QAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA1B,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAa4E,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMvD,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;IAC3E,MAAMuD,sBAAAA,GAAyB,MAAMrF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QACxEtB,KAAO,EAAA;YACLZ,EAAI0D,EAAAA,GAAAA;YACJ/E,KAAO,EAAA;AAAEqB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKsC,sBAAwB,EAAA;AACxD,QAAA,MAAM,IAAI7F,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AAEA,IAAA,MAAM8F,eAAe,EAAE;IACvB,KAAK,MAAM5D,MAAM0D,GAAK,CAAA;QACpB,MAAMN,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAe4D,CAAAA,CAAAA,MAAM,CAAC;YAC9DzC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,YAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA4D,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB;AAEA9E,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAClCgE,QAAAA,KAAAA,EAAOF,YAAahF,CAAAA,GAAG,CAAC,CAACwE,cAAgB5E,YAAa4E,CAAAA,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAwB,GAAA,UAAA;AAC5B,IAAA,OAAOzF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBACLqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOtC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAC1DM,MAAQ,EAAA;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBAAEqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAMlF,CAAAA,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAO,EAAA;AAAEZ,gBAAAA,EAAAA,EAAIvB,KAAKuB;AAAG,aAAA;YACrBN,IAAM,EAAA;gBAAEf,KAAO,EAAA;AAACuF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAoC,GAAA,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAG,EAAA;QACb5D,MAAOgG,CAAAA,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAM,CAAA,sBAAsB,CAAC,CAAA;AAC9D;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAoB,GAAA,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAAEM,MAAQ,EAAA;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO8B,MAAMlF,GAAG,CAAC,CAACH,IAASA,GAAAA,IAAAA,CAAKgG,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AAEA,WAAe;AACb5F,IAAAA,MAAAA;AACAkB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA7D,IAAAA,YAAAA;AACAuC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACAxD,IAAAA,oBAAAA;AACA2D,IAAAA,iBAAAA;AACAjD,IAAAA;AACF,CAAE;;;;"}
package/dist/server/server/src/services/user.mjs CHANGED
@@ -14,6 +14,10 @@ const sanitizeUserRoles = (role)=>___default.pick(role, [
14
14
  'description',
15
15
  'code'
16
16
  ]);
17
+ const getSessionManager = ()=>{
18
+ const manager = strapi.sessionManager;
19
+ return manager ?? null;
20
+ };
17
21
  /**
18
22
  * Remove private user fields
19
23
  * @param user - user to sanitize
@@ -287,6 +291,11 @@ attributes)=>{
287
291
  'roles'
288
292
  ]
289
293
  });
294
+ // Invalidate all sessions for the deleted user
295
+ const sessionManager = getSessionManager();
296
+ if (sessionManager && sessionManager.hasOrigin('admin')) {
297
+ await sessionManager('admin').invalidateRefreshToken(String(id));
298
+ }
290
299
  strapi.eventHub.emit('user.delete', {
291
300
  user: sanitizeUser(deletedUser)
292
301
  });
@@ -318,6 +327,11 @@ attributes)=>{
318
327
  'roles'
319
328
  ]
320
329
  });
330
+ // Invalidate all sessions for the deleted user
331
+ const sessionManager = getSessionManager();
332
+ if (sessionManager && sessionManager.hasOrigin('admin')) {
333
+ await sessionManager('admin').invalidateRefreshToken(String(id));
334
+ }
321
335
  deletedUsers.push(deletedUser);
322
336
  }
323
337
  strapi.eventHub.emit('user.delete', {
package/dist/server/server/src/services/user.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.mjs","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\n\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","strapi","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,MAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,UAAEC,CAAAA,IAAI,CAACF,IAAM,EAAA;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGH,UAAAA,CAAEI,IAAI,CAACD,IAAM,EAAA;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACR,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMS,MAAS,GAAA;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAW,GAAA;QACfC,iBAAmBC,EAAAA,UAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIR,UAAEa,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;QACjCC,QAASK,CAAAA,QAAQ,GAAG,MAAMH,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E;AAEA,IAAA,MAAMX,OAAOa,UAAWP,CAAAA,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMC,MAAOC,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACNb,CAAAA,CAAAA,MAAM,CAAC;QAAEc,IAAMlB,EAAAA,IAAAA;QAAMmB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CX,IAAAA,UAAAA,CAAW,WAAWY,iBAAiB,EAAA;AAEvCL,IAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAEtB,QAAAA,IAAAA,EAAMD,YAAae,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMS,UAAa,GAAA,OACjBC,EACAnB,EAAAA,UAAAA,GAAAA;;AAGA,IAAA,IAAIR,UAAEa,CAAAA,GAAG,CAACL,UAAAA,EAAY,OAAU,CAAA,EAAA;QAC9B,MAAMoB,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAiB,GAAA,MAAMnB,UAAW,CAAA,MAAA,CAAA,CAAQoB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,MAAOC,CAAAA,cAAc,CAAC1B,UAAWH,CAAAA,KAAK,EAAGyB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAA0B,EAAA;AAC7C,YAAA,MAAM,IAAIpC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;IAGA,IAAIY,UAAAA,CAAW2B,QAAQ,KAAK,KAAO,EAAA;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAe,EAAA;AACjB,YAAA,MAAM,IAAIhC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;AAGA,IAAA,IAAII,UAAEa,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;AACjC,QAAA,MAAM4B,iBAAiB,MAAMzB,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMuB,WAAAA,GAAc,MAAMnB,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;YAC9DC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAM,EAAA;AACJ,gBAAA,GAAGb,UAAU;gBACbM,QAAUsB,EAAAA;AACZ,aAAA;YACAd,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEAJ,QAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAEtB,YAAAA,IAAAA,EAAMD,YAAamC,CAAAA,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT;IAEA,MAAMA,WAAAA,GAAc,MAAMnB,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;QAC9DC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAMb,EAAAA,UAAAA;QACNc,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAa,EAAA;AACfnB,QAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAEtB,YAAAA,IAAAA,EAAMD,YAAamC,CAAAA,WAAAA;AAAa,SAAA,CAAA;AACxE;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAuB,GAAA,OAAOC,KAAe3B,EAAAA,UAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMe,MAAOC,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAACnB,IAAM,EAAA;AACT,QAAA,MAAM,IAAIwC,KAAM,CAAA,CAAC,0BAA0B,EAAEF,MAAM,CAAC,CAAA;AACtD;IAEA,IAAI;QACF,MAAMG,QAAAA,CAAkBC,QAAQ,CAAC/B,UAAAA,CAAAA;AACnC,KAAA,CAAE,OAAOgC,KAAO,EAAA;AACd,QAAA,MAAM,IAAIlD,eACR,CAAA,wGAAA,CAAA;AAEJ;IAEA,MAAM8B,UAAAA,CAAWvB,IAAKwB,CAAAA,EAAE,EAAE;AAAEb,kBAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMe,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM5C,IAAAA,GAAQ,MAAMuC,OAAQK,CAAAA,MAAAA,CAAAA;IAC5B,IAAI,CAAC5C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM2B,cAAiB,GAAA,MAAMnB,UAAW,CAAA,MAAA,CAAA,CAAQoB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAekB,CAAAA,UAAU,KAAK,CAAA,IAAKC,iBAAkB9C,CAAAA,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM+C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAQK,CAAAA,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,iBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAW,CAAA,GAAG,MAAMlC,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QACjE/B,QAAU,EAAA;YACRjB,KAAO,EAAA;gBACLkC,KAAO,EAAA;oBACLe,IAAM,EAAA;wBAAEC,GAAK7D,EAAAA;AAAiB;AAChC;AACF;AACF,SAAA;QACA8D,OAAS,EAAA;YAAEC,SAAW,EAAA;AAAM,SAAA;QAC5BC,KAAO,EAAA,CAAA;QACPC,MAAQ,EAAA;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAWzB,CAAAA,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOpD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMU,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QAAEtB,KAAO/B,EAAAA;KAAiB,CAAA,GAAA,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMsD,uBAAuB,OAC3BpD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMe,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE7B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAM,EAAA;QACT,OAAO4D,SAAAA;AACT;IAEA,OAAO/D,UAAAA,CAAEC,IAAI,CAACE,IAAM,EAAA;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM6D,QAAW,GAAA,OAAO,EACtBtD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMwD,YAAAA,GAAe,MAAM/C,MAAOC,CAAAA,EAAE,CACjCC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE7B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACuD,YAAc,EAAA;AACjB,QAAA,MAAM,IAAIrE,eAAgB,CAAA,2BAAA,CAAA;AAC5B;AAEA,IAAA,OAAOe,WAAW,MAAQe,CAAAA,CAAAA,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDb,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BoD,QAAAA,SAAAA,EAAWzD,SAASyD,SAAS;AAC7BC,QAAAA,QAAAA,EAAU1D,SAAS0D,QAAQ;QAC3BzD,iBAAmB,EAAA,IAAA;QACnByB,QAAU,EAAA;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAW,GAAA;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOJ,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOJ,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAO,EAAA;YAAEE,KAAO,EAAA;gBAAE4B,IAAM5B,EAAAA;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQF,OACXsD,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,QAAS,CAAA;QAAEpD,QAAU,EAAA;AAAC,YAAA;AAAQ;KAAIiD,EAAAA,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOrD,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM1D,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAClFH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAc,EAAA;QACjB,OAAO,IAAA;AACT;AAEA,IAAA,IAAIA,YAAc,EAAA;QAChB,IAAIA,YAAAA,CAAavE,KAAK,CAACwE,IAAI,CAAC,CAACC,CAAMA,GAAAA,CAAAA,CAAExB,IAAI,KAAK5D,gBAAmB,CAAA,EAAA;AAC/D,YAAA,MAAMoC,cAAiB,GAAA,MAAMnB,UAAW,CAAA,MAAA,CAAA,CAAQoB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAG,EAAA;AACnC,gBAAA,MAAM,IAAIpD,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;AACF;IAEA,MAAMmF,WAAAA,GAAc,MAAM7D,MAAOC,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACN4D,CAAAA,CAAAA,MAAM,CAAC;QAAEzC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE/CJ,IAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAEtB,QAAAA,IAAAA,EAAMD,YAAa6E,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAME,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMpD,cAAiB,GAAA,MAAMnB,UAAW,CAAA,MAAA,CAAA,CAAQoB,2BAA2B,EAAA;IAC3E,MAAMoD,sBAAAA,GAAyB,MAAMjE,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QACxEtB,KAAO,EAAA;YACLZ,EAAIuD,EAAAA,GAAAA;YACJ7E,KAAO,EAAA;AAAEsB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKmC,sBAAwB,EAAA;AACxD,QAAA,MAAM,IAAIvF,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AAEA,IAAA,MAAMwF,eAAe,EAAE;IACvB,KAAK,MAAMzD,MAAMuD,GAAK,CAAA;QACpB,MAAMH,WAAAA,GAAc,MAAM7D,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAe4D,CAAAA,CAAAA,MAAM,CAAC;YAC9DzC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEA8D,QAAAA,YAAAA,CAAaC,IAAI,CAACN,WAAAA,CAAAA;AACpB;AAEA7D,IAAAA,MAAAA,CAAOM,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAClC6D,QAAAA,KAAAA,EAAOF,YAAa9E,CAAAA,GAAG,CAAC,CAACyE,cAAgB7E,YAAa6E,CAAAA,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOK,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAwB,GAAA,UAAA;AAC5B,IAAA,OAAOrE,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAO,EAAA;YACLlC,KAAO,EAAA;gBACLsB,EAAI,EAAA;oBAAE6D,KAAO,EAAA;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM3B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOrB,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMkD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMpE,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAC1DM,MAAQ,EAAA;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAO,EAAA;YACLlC,KAAO,EAAA;gBAAEsB,EAAI,EAAA;oBAAE6D,KAAO,EAAA;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAMhF,CAAAA,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOe,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAO,EAAA;AAAEZ,gBAAAA,EAAAA,EAAIxB,KAAKwB;AAAG,aAAA;YACrBN,IAAM,EAAA;gBAAEhB,KAAO,EAAA;AAACqF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAoC,GAAA,UAAA;AACxC,IAAA,MAAMhC,QAAQ,MAAM0B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI1B,QAAQ,CAAG,EAAA;QACb3C,MAAO4E,CAAAA,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAElC,KAAM,CAAA,sBAAsB,CAAC,CAAA;AAC9D;AACF,CAAA;AAEA;AACC,IACD,MAAMmC,iBAAoB,GAAA,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMpE,MAAOC,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAAEM,MAAQ,EAAA;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO2B,MAAMhF,GAAG,CAAC,CAACH,IAASA,GAAAA,IAAAA,CAAK8F,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AAEA,WAAe;AACb1F,IAAAA,MAAAA;AACAmB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA9D,IAAAA,YAAAA;AACAwC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAM,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA1B,IAAAA,KAAAA;AACA4B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACArD,IAAAA,oBAAAA;AACAwD,IAAAA,iBAAAA;AACA9C,IAAAA;AACF,CAAE;;;;"}
1
+ {"version":3,"file":"user.mjs","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\n\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,MAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,UAAEC,CAAAA,IAAI,CAACF,IAAM,EAAA;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAoB,GAAA,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,UAAAA,CAAEQ,IAAI,CAACD,IAAM,EAAA;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,MAAS,GAAA;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAW,GAAA;QACfC,iBAAmBC,EAAAA,UAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;QACjCC,QAASK,CAAAA,QAAQ,GAAG,MAAMH,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E;AAEA,IAAA,MAAMX,OAAOa,UAAWP,CAAAA,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACNZ,CAAAA,CAAAA,MAAM,CAAC;QAAEa,IAAMjB,EAAAA,IAAAA;QAAMkB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CV,IAAAA,UAAAA,CAAW,WAAWW,iBAAiB,EAAA;AAEvCtB,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAae,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMQ,UAAa,GAAA,OACjBC,EACAlB,EAAAA,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,OAAU,CAAA,EAAA;QAC9B,MAAMmB,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,MAAOC,CAAAA,cAAc,CAACzB,UAAWH,CAAAA,KAAK,EAAGwB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAA0B,EAAA;AAC7C,YAAA,MAAM,IAAIvC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;IAGA,IAAIgB,UAAAA,CAAW0B,QAAQ,KAAK,KAAO,EAAA;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAe,EAAA;AACjB,YAAA,MAAM,IAAInC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;AAGA,IAAA,IAAII,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;AACjC,QAAA,MAAM2B,iBAAiB,MAAMxB,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMsB,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;YAC9DC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAM,EAAA;AACJ,gBAAA,GAAGZ,UAAU;gBACbM,QAAUqB,EAAAA;AACZ,aAAA;YACAd,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEArB,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT;IAEA,MAAMA,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;QAC9DC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAMZ,EAAAA,UAAAA;QACNa,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAa,EAAA;AACfpC,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;AACxE;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAuB,GAAA,OAAOC,KAAe1B,EAAAA,UAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAAClB,IAAM,EAAA;AACT,QAAA,MAAM,IAAIuC,KAAM,CAAA,CAAC,0BAA0B,EAAEF,MAAM,CAAC,CAAA;AACtD;IAEA,IAAI;QACF,MAAMG,QAAAA,CAAkBC,QAAQ,CAAC9B,UAAAA,CAAAA;AACnC,KAAA,CAAE,OAAO+B,KAAO,EAAA;AACd,QAAA,MAAM,IAAIrD,eACR,CAAA,wGAAA,CAAA;AAEJ;IAEA,MAAMiC,UAAAA,CAAWtB,IAAKuB,CAAAA,EAAE,EAAE;AAAEZ,kBAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMc,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM3C,IAAAA,GAAQ,MAAMsC,OAAQK,CAAAA,MAAAA,CAAAA;IAC5B,IAAI,CAAC3C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM0B,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAekB,CAAAA,UAAU,KAAK,CAAA,IAAKC,iBAAkB7C,CAAAA,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM8C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAQK,CAAAA,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,iBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAW,CAAA,GAAG,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QACjE/B,QAAU,EAAA;YACRhB,KAAO,EAAA;gBACLiC,KAAO,EAAA;oBACLe,IAAM,EAAA;wBAAEC,GAAKhE,EAAAA;AAAiB;AAChC;AACF;AACF,SAAA;QACAiE,OAAS,EAAA;YAAEC,SAAW,EAAA;AAAM,SAAA;QAC5BC,KAAO,EAAA,CAAA;QACPC,MAAQ,EAAA;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAWzB,CAAAA,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOnD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QAAEtB,KAAO9B,EAAAA;KAAiB,CAAA,GAAA,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMqD,uBAAuB,OAC3BnD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAM,EAAA;QACT,OAAO2D,SAAAA;AACT;IAEA,OAAOlE,UAAAA,CAAEC,IAAI,CAACM,IAAM,EAAA;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM4D,QAAW,GAAA,OAAO,EACtBrD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMuD,YAAAA,GAAe,MAAMhE,MAAOkB,CAAAA,EAAE,CACjCC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACsD,YAAc,EAAA;AACjB,QAAA,MAAM,IAAIxE,eAAgB,CAAA,2BAAA,CAAA;AAC5B;AAEA,IAAA,OAAOmB,WAAW,MAAQc,CAAAA,CAAAA,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDZ,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BmD,QAAAA,SAAAA,EAAWxD,SAASwD,SAAS;AAC7BC,QAAAA,QAAAA,EAAUzD,SAASyD,QAAQ;QAC3BxD,iBAAmB,EAAA,IAAA;QACnBwB,QAAU,EAAA;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAW,GAAA;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAO,EAAA;YAAEE,KAAO,EAAA;gBAAE4B,IAAM5B,EAAAA;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQnB,OACXuE,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,QAAS,CAAA;QAAEpD,QAAU,EAAA;AAAC,YAAA;AAAQ;KAAIiD,EAAAA,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOtE,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM3E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAClFH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAc,EAAA;QACjB,OAAO,IAAA;AACT;AAEA,IAAA,IAAIA,YAAc,EAAA;QAChB,IAAIA,YAAAA,CAAatE,KAAK,CAACuE,IAAI,CAAC,CAACC,CAAMA,GAAAA,CAAAA,CAAExB,IAAI,KAAK/D,gBAAmB,CAAA,EAAA;AAC/D,YAAA,MAAMuC,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAG,EAAA;AACnC,gBAAA,MAAM,IAAIvD,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;AACF;IAEA,MAAMsF,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACN4D,CAAAA,CAAAA,MAAM,CAAC;QAAEzC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,QAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA1B,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAa4E,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMvD,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;IAC3E,MAAMuD,sBAAAA,GAAyB,MAAMrF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QACxEtB,KAAO,EAAA;YACLZ,EAAI0D,EAAAA,GAAAA;YACJ/E,KAAO,EAAA;AAAEqB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKsC,sBAAwB,EAAA;AACxD,QAAA,MAAM,IAAI7F,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AAEA,IAAA,MAAM8F,eAAe,EAAE;IACvB,KAAK,MAAM5D,MAAM0D,GAAK,CAAA;QACpB,MAAMN,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAe4D,CAAAA,CAAAA,MAAM,CAAC;YAC9DzC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,YAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA4D,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB;AAEA9E,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAClCgE,QAAAA,KAAAA,EAAOF,YAAahF,CAAAA,GAAG,CAAC,CAACwE,cAAgB5E,YAAa4E,CAAAA,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAwB,GAAA,UAAA;AAC5B,IAAA,OAAOzF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBACLqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOtC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAC1DM,MAAQ,EAAA;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBAAEqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAMlF,CAAAA,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAO,EAAA;AAAEZ,gBAAAA,EAAAA,EAAIvB,KAAKuB;AAAG,aAAA;YACrBN,IAAM,EAAA;gBAAEf,KAAO,EAAA;AAACuF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAoC,GAAA,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAG,EAAA;QACb5D,MAAOgG,CAAAA,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAM,CAAA,sBAAsB,CAAC,CAAA;AAC9D;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAoB,GAAA,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAAEM,MAAQ,EAAA;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO8B,MAAMlF,GAAG,CAAC,CAACH,IAASA,GAAAA,IAAAA,CAAKgG,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AAEA,WAAe;AACb5F,IAAAA,MAAAA;AACAkB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA7D,IAAAA,YAAAA;AACAuC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACAxD,IAAAA,oBAAAA;AACA2D,IAAAA,iBAAAA;AACAjD,IAAAA;AACF,CAAE;;;;"}
package/dist/server/server/src/strategies/admin.js CHANGED
@@ -4,6 +4,10 @@ Object.defineProperty(exports, '__esModule', { value: true });
4
4
 
5
5
  var index = require('../utils/index.js');
6
6
 
7
+ const getSessionManager = ()=>{
8
+ const manager = strapi.sessionManager;
9
+ return manager ?? null;
10
+ };
7
11
  /** @type {import('.').AuthenticateFunction} */ const authenticate = async (ctx)=>{
8
12
  const { authorization } = ctx.request.header;
9
13
  if (!authorization) {
@@ -18,15 +22,31 @@ var index = require('../utils/index.js');
18
22
  };
19
23
  }
20
24
  const token = parts[1];
21
- const { payload, isValid } = index.getService('token').decodeJwtToken(token);
22
- if (!isValid) {
25
+ // Validate access tokens via session manager and require an active session
26
+ const manager = getSessionManager();
27
+ if (!manager) {
28
+ return {
29
+ authenticated: false
30
+ };
31
+ }
32
+ const result = manager('admin').validateAccessToken(token);
33
+ if (!result.isValid) {
34
+ return {
35
+ authenticated: false
36
+ };
37
+ }
38
+ const isActive = await manager('admin').isSessionActive(result.payload.sessionId);
39
+ if (!isActive) {
23
40
  return {
24
41
  authenticated: false
25
42
  };
26
43
  }
44
+ const rawUserId = result.payload.userId;
45
+ const numericUserId = Number(rawUserId);
46
+ const userId = Number.isFinite(numericUserId) && String(numericUserId) === rawUserId ? numericUserId : rawUserId;
27
47
  const user = await strapi.db.query('admin::user').findOne({
28
48
  where: {
29
- id: payload.id
49
+ id: userId
30
50
  },
31
51
  populate: [
32
52
  'roles'
package/dist/server/server/src/strategies/admin.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"admin.js","sources":["../../../../../server/src/strategies/admin.ts"],"sourcesContent":["import type { Context } from 'koa';\nimport { getService } from '../utils';\n\n/** @type {import('.').AuthenticateFunction} */\nexport const authenticate = async (ctx: Context) => {\n const { authorization } = ctx.request.header;\n\n if (!authorization) {\n return { authenticated: false };\n }\n\n const parts = authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return { authenticated: false };\n }\n\n const token = parts[1];\n const { payload, isValid } = getService('token').decodeJwtToken(token);\n\n if (!isValid) {\n return { authenticated: false };\n }\n\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { id: payload.id }, populate: ['roles'] });\n\n if (!user || !(user.isActive === true)) {\n return { authenticated: false };\n }\n\n const userAbility = await getService('permission').engine.generateUserAbility(user);\n\n // TODO: use the ability from ctx.state.auth instead of\n // ctx.state.userAbility, and remove the assign below\n ctx.state.userAbility = userAbility;\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability: userAbility,\n };\n};\n\nexport const name = 'admin';\n\n/** @type {import('.').AuthStrategy} */\nexport default {\n name,\n authenticate,\n};\n"],"names":["authenticate","ctx","authorization","request","header","authenticated","parts","split","toLowerCase","length","token","payload","isValid","getService","decodeJwtToken","user","strapi","db","query","findOne","where","id","populate","isActive","userAbility","engine","generateUserAbility","state","credentials","ability","name"],"mappings":";;;;;;AAGA,gDACaA,MAAAA,YAAAA,GAAe,OAAOC,GAAAA,GAAAA;AACjC,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGD,GAAIE,CAAAA,OAAO,CAACC,MAAM;AAE5C,IAAA,IAAI,CAACF,aAAe,EAAA;QAClB,OAAO;YAAEG,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMC,KAAAA,GAAQJ,aAAcK,CAAAA,KAAK,CAAC,KAAA,CAAA;IAElC,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;QAC7D,OAAO;YAAEJ,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMK,KAAAA,GAAQJ,KAAK,CAAC,CAAE,CAAA;IACtB,MAAM,EAAEK,OAAO,EAAEC,OAAO,EAAE,GAAGC,gBAAAA,CAAW,OAASC,CAAAA,CAAAA,cAAc,CAACJ,KAAAA,CAAAA;AAEhE,IAAA,IAAI,CAACE,OAAS,EAAA;QACZ,OAAO;YAAEP,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMU,IAAAA,GAAO,MAAMC,MAAOC,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNC,CAAAA,CAAAA,OAAO,CAAC;QAAEC,KAAO,EAAA;AAAEC,YAAAA,EAAAA,EAAIV,QAAQU;AAAG,SAAA;QAAGC,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;IAE5D,IAAI,CAACP,QAAQ,EAAEA,KAAKQ,QAAQ,KAAK,IAAG,CAAI,EAAA;QACtC,OAAO;YAAElB,aAAe,EAAA;AAAM,SAAA;AAChC;AAEA,IAAA,MAAMmB,cAAc,MAAMX,gBAAAA,CAAW,cAAcY,MAAM,CAACC,mBAAmB,CAACX,IAAAA,CAAAA;;;IAI9Ed,GAAI0B,CAAAA,KAAK,CAACH,WAAW,GAAGA,WAAAA;IACxBvB,GAAI0B,CAAAA,KAAK,CAACZ,IAAI,GAAGA,IAAAA;IAEjB,OAAO;QACLV,aAAe,EAAA,IAAA;QACfuB,WAAab,EAAAA,IAAAA;QACbc,OAASL,EAAAA;AACX,KAAA;AACF;AAEO,MAAMM,OAAO;AAEpB,wCACA,wBAAe;AACbA,IAAAA,IAAAA;AACA9B,IAAAA;AACF,CAAE;;;;;;"}
1
+ {"version":3,"file":"admin.js","sources":["../../../../../server/src/strategies/admin.ts"],"sourcesContent":["import type { Context } from 'koa';\nimport type { Modules } from '@strapi/types';\nimport { getService } from '../utils';\n\nconst getSessionManager = (): Modules.SessionManager.SessionManagerService | null => {\n const manager = strapi.sessionManager as Modules.SessionManager.SessionManagerService | undefined;\n\n return manager ?? null;\n};\n\n/** @type {import('.').AuthenticateFunction} */\nexport const authenticate = async (ctx: Context) => {\n const { authorization } = ctx.request.header;\n\n if (!authorization) {\n return { authenticated: false };\n }\n\n const parts = authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return { authenticated: false };\n }\n\n const token = parts[1];\n\n // Validate access tokens via session manager and require an active session\n const manager = getSessionManager();\n if (!manager) {\n return { authenticated: false };\n }\n\n const result = manager('admin').validateAccessToken(token);\n if (!result.isValid) {\n return { authenticated: false };\n }\n\n const isActive = await manager('admin').isSessionActive(result.payload.sessionId);\n if (!isActive) {\n return { authenticated: false };\n }\n\n const rawUserId = result.payload.userId;\n const numericUserId = Number(rawUserId);\n const userId =\n Number.isFinite(numericUserId) && String(numericUserId) === rawUserId\n ? numericUserId\n : rawUserId;\n\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { id: userId }, populate: ['roles'] });\n\n if (!user || !(user.isActive === true)) {\n return { authenticated: false };\n }\n\n const userAbility = await getService('permission').engine.generateUserAbility(user);\n\n // TODO: use the ability from ctx.state.auth instead of\n // ctx.state.userAbility, and remove the assign below\n ctx.state.userAbility = userAbility;\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability: userAbility,\n };\n};\n\nexport const name = 'admin';\n\n/** @type {import('.').AuthStrategy} */\nexport default {\n name,\n authenticate,\n};\n"],"names":["getSessionManager","manager","strapi","sessionManager","authenticate","ctx","authorization","request","header","authenticated","parts","split","toLowerCase","length","token","result","validateAccessToken","isValid","isActive","isSessionActive","payload","sessionId","rawUserId","userId","numericUserId","Number","isFinite","String","user","db","query","findOne","where","id","populate","userAbility","getService","engine","generateUserAbility","state","credentials","ability","name"],"mappings":";;;;;;AAIA,MAAMA,iBAAoB,GAAA,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AAErC,IAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,CAAA;AAEA,gDACaG,MAAAA,YAAAA,GAAe,OAAOC,GAAAA,GAAAA;AACjC,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGD,GAAIE,CAAAA,OAAO,CAACC,MAAM;AAE5C,IAAA,IAAI,CAACF,aAAe,EAAA;QAClB,OAAO;YAAEG,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMC,KAAAA,GAAQJ,aAAcK,CAAAA,KAAK,CAAC,KAAA,CAAA;IAElC,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;QAC7D,OAAO;YAAEJ,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMK,KAAAA,GAAQJ,KAAK,CAAC,CAAE,CAAA;;AAGtB,IAAA,MAAMT,OAAUD,GAAAA,iBAAAA,EAAAA;AAChB,IAAA,IAAI,CAACC,OAAS,EAAA;QACZ,OAAO;YAAEQ,aAAe,EAAA;AAAM,SAAA;AAChC;AAEA,IAAA,MAAMM,MAASd,GAAAA,OAAAA,CAAQ,OAASe,CAAAA,CAAAA,mBAAmB,CAACF,KAAAA,CAAAA;IACpD,IAAI,CAACC,MAAOE,CAAAA,OAAO,EAAE;QACnB,OAAO;YAAER,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMS,QAAAA,GAAW,MAAMjB,OAAQ,CAAA,OAAA,CAAA,CAASkB,eAAe,CAACJ,MAAAA,CAAOK,OAAO,CAACC,SAAS,CAAA;AAChF,IAAA,IAAI,CAACH,QAAU,EAAA;QACb,OAAO;YAAET,aAAe,EAAA;AAAM,SAAA;AAChC;AAEA,IAAA,MAAMa,SAAYP,GAAAA,MAAAA,CAAOK,OAAO,CAACG,MAAM;AACvC,IAAA,MAAMC,gBAAgBC,MAAOH,CAAAA,SAAAA,CAAAA;IAC7B,MAAMC,MAAAA,GACJE,OAAOC,QAAQ,CAACF,kBAAkBG,MAAOH,CAAAA,aAAAA,CAAAA,KAAmBF,YACxDE,aACAF,GAAAA,SAAAA;IAEN,MAAMM,IAAAA,GAAO,MAAM1B,MAAO2B,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNC,CAAAA,CAAAA,OAAO,CAAC;QAAEC,KAAO,EAAA;YAAEC,EAAIV,EAAAA;AAAO,SAAA;QAAGW,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;IAExD,IAAI,CAACN,QAAQ,EAAEA,KAAKV,QAAQ,KAAK,IAAG,CAAI,EAAA;QACtC,OAAO;YAAET,aAAe,EAAA;AAAM,SAAA;AAChC;AAEA,IAAA,MAAM0B,cAAc,MAAMC,gBAAAA,CAAW,cAAcC,MAAM,CAACC,mBAAmB,CAACV,IAAAA,CAAAA;;;IAI9EvB,GAAIkC,CAAAA,KAAK,CAACJ,WAAW,GAAGA,WAAAA;IACxB9B,GAAIkC,CAAAA,KAAK,CAACX,IAAI,GAAGA,IAAAA;IAEjB,OAAO;QACLnB,aAAe,EAAA,IAAA;QACf+B,WAAaZ,EAAAA,IAAAA;QACba,OAASN,EAAAA;AACX,KAAA;AACF;AAEO,MAAMO,OAAO;AAEpB,wCACA,wBAAe;AACbA,IAAAA,IAAAA;AACAtC,IAAAA;AACF,CAAE;;;;;;"}
package/dist/server/server/src/strategies/admin.mjs CHANGED
@@ -1,5 +1,9 @@
1
1
  import { getService } from '../utils/index.mjs';
2
2
 
3
+ const getSessionManager = ()=>{
4
+ const manager = strapi.sessionManager;
5
+ return manager ?? null;
6
+ };
3
7
  /** @type {import('.').AuthenticateFunction} */ const authenticate = async (ctx)=>{
4
8
  const { authorization } = ctx.request.header;
5
9
  if (!authorization) {
@@ -14,15 +18,31 @@ import { getService } from '../utils/index.mjs';
14
18
  };
15
19
  }
16
20
  const token = parts[1];
17
- const { payload, isValid } = getService('token').decodeJwtToken(token);
18
- if (!isValid) {
21
+ // Validate access tokens via session manager and require an active session
22
+ const manager = getSessionManager();
23
+ if (!manager) {
24
+ return {
25
+ authenticated: false
26
+ };
27
+ }
28
+ const result = manager('admin').validateAccessToken(token);
29
+ if (!result.isValid) {
30
+ return {
31
+ authenticated: false
32
+ };
33
+ }
34
+ const isActive = await manager('admin').isSessionActive(result.payload.sessionId);
35
+ if (!isActive) {
19
36
  return {
20
37
  authenticated: false
21
38
  };
22
39
  }
40
+ const rawUserId = result.payload.userId;
41
+ const numericUserId = Number(rawUserId);
42
+ const userId = Number.isFinite(numericUserId) && String(numericUserId) === rawUserId ? numericUserId : rawUserId;
23
43
  const user = await strapi.db.query('admin::user').findOne({
24
44
  where: {
25
- id: payload.id
45
+ id: userId
26
46
  },
27
47
  populate: [
28
48
  'roles'
package/dist/server/server/src/strategies/admin.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"admin.mjs","sources":["../../../../../server/src/strategies/admin.ts"],"sourcesContent":["import type { Context } from 'koa';\nimport { getService } from '../utils';\n\n/** @type {import('.').AuthenticateFunction} */\nexport const authenticate = async (ctx: Context) => {\n const { authorization } = ctx.request.header;\n\n if (!authorization) {\n return { authenticated: false };\n }\n\n const parts = authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return { authenticated: false };\n }\n\n const token = parts[1];\n const { payload, isValid } = getService('token').decodeJwtToken(token);\n\n if (!isValid) {\n return { authenticated: false };\n }\n\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { id: payload.id }, populate: ['roles'] });\n\n if (!user || !(user.isActive === true)) {\n return { authenticated: false };\n }\n\n const userAbility = await getService('permission').engine.generateUserAbility(user);\n\n // TODO: use the ability from ctx.state.auth instead of\n // ctx.state.userAbility, and remove the assign below\n ctx.state.userAbility = userAbility;\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability: userAbility,\n };\n};\n\nexport const name = 'admin';\n\n/** @type {import('.').AuthStrategy} */\nexport default {\n name,\n authenticate,\n};\n"],"names":["authenticate","ctx","authorization","request","header","authenticated","parts","split","toLowerCase","length","token","payload","isValid","getService","decodeJwtToken","user","strapi","db","query","findOne","where","id","populate","isActive","userAbility","engine","generateUserAbility","state","credentials","ability","name"],"mappings":";;AAGA,gDACaA,MAAAA,YAAAA,GAAe,OAAOC,GAAAA,GAAAA;AACjC,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGD,GAAIE,CAAAA,OAAO,CAACC,MAAM;AAE5C,IAAA,IAAI,CAACF,aAAe,EAAA;QAClB,OAAO;YAAEG,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMC,KAAAA,GAAQJ,aAAcK,CAAAA,KAAK,CAAC,KAAA,CAAA;IAElC,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;QAC7D,OAAO;YAAEJ,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMK,KAAAA,GAAQJ,KAAK,CAAC,CAAE,CAAA;IACtB,MAAM,EAAEK,OAAO,EAAEC,OAAO,EAAE,GAAGC,UAAAA,CAAW,OAASC,CAAAA,CAAAA,cAAc,CAACJ,KAAAA,CAAAA;AAEhE,IAAA,IAAI,CAACE,OAAS,EAAA;QACZ,OAAO;YAAEP,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMU,IAAAA,GAAO,MAAMC,MAAOC,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNC,CAAAA,CAAAA,OAAO,CAAC;QAAEC,KAAO,EAAA;AAAEC,YAAAA,EAAAA,EAAIV,QAAQU;AAAG,SAAA;QAAGC,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;IAE5D,IAAI,CAACP,QAAQ,EAAEA,KAAKQ,QAAQ,KAAK,IAAG,CAAI,EAAA;QACtC,OAAO;YAAElB,aAAe,EAAA;AAAM,SAAA;AAChC;AAEA,IAAA,MAAMmB,cAAc,MAAMX,UAAAA,CAAW,cAAcY,MAAM,CAACC,mBAAmB,CAACX,IAAAA,CAAAA;;;IAI9Ed,GAAI0B,CAAAA,KAAK,CAACH,WAAW,GAAGA,WAAAA;IACxBvB,GAAI0B,CAAAA,KAAK,CAACZ,IAAI,GAAGA,IAAAA;IAEjB,OAAO;QACLV,aAAe,EAAA,IAAA;QACfuB,WAAab,EAAAA,IAAAA;QACbc,OAASL,EAAAA;AACX,KAAA;AACF;AAEO,MAAMM,OAAO;AAEpB,wCACA,wBAAe;AACbA,IAAAA,IAAAA;AACA9B,IAAAA;AACF,CAAE;;;;"}
1
+ {"version":3,"file":"admin.mjs","sources":["../../../../../server/src/strategies/admin.ts"],"sourcesContent":["import type { Context } from 'koa';\nimport type { Modules } from '@strapi/types';\nimport { getService } from '../utils';\n\nconst getSessionManager = (): Modules.SessionManager.SessionManagerService | null => {\n const manager = strapi.sessionManager as Modules.SessionManager.SessionManagerService | undefined;\n\n return manager ?? null;\n};\n\n/** @type {import('.').AuthenticateFunction} */\nexport const authenticate = async (ctx: Context) => {\n const { authorization } = ctx.request.header;\n\n if (!authorization) {\n return { authenticated: false };\n }\n\n const parts = authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return { authenticated: false };\n }\n\n const token = parts[1];\n\n // Validate access tokens via session manager and require an active session\n const manager = getSessionManager();\n if (!manager) {\n return { authenticated: false };\n }\n\n const result = manager('admin').validateAccessToken(token);\n if (!result.isValid) {\n return { authenticated: false };\n }\n\n const isActive = await manager('admin').isSessionActive(result.payload.sessionId);\n if (!isActive) {\n return { authenticated: false };\n }\n\n const rawUserId = result.payload.userId;\n const numericUserId = Number(rawUserId);\n const userId =\n Number.isFinite(numericUserId) && String(numericUserId) === rawUserId\n ? numericUserId\n : rawUserId;\n\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { id: userId }, populate: ['roles'] });\n\n if (!user || !(user.isActive === true)) {\n return { authenticated: false };\n }\n\n const userAbility = await getService('permission').engine.generateUserAbility(user);\n\n // TODO: use the ability from ctx.state.auth instead of\n // ctx.state.userAbility, and remove the assign below\n ctx.state.userAbility = userAbility;\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability: userAbility,\n };\n};\n\nexport const name = 'admin';\n\n/** @type {import('.').AuthStrategy} */\nexport default {\n name,\n authenticate,\n};\n"],"names":["getSessionManager","manager","strapi","sessionManager","authenticate","ctx","authorization","request","header","authenticated","parts","split","toLowerCase","length","token","result","validateAccessToken","isValid","isActive","isSessionActive","payload","sessionId","rawUserId","userId","numericUserId","Number","isFinite","String","user","db","query","findOne","where","id","populate","userAbility","getService","engine","generateUserAbility","state","credentials","ability","name"],"mappings":";;AAIA,MAAMA,iBAAoB,GAAA,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AAErC,IAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,CAAA;AAEA,gDACaG,MAAAA,YAAAA,GAAe,OAAOC,GAAAA,GAAAA;AACjC,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGD,GAAIE,CAAAA,OAAO,CAACC,MAAM;AAE5C,IAAA,IAAI,CAACF,aAAe,EAAA;QAClB,OAAO;YAAEG,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMC,KAAAA,GAAQJ,aAAcK,CAAAA,KAAK,CAAC,KAAA,CAAA;IAElC,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;QAC7D,OAAO;YAAEJ,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMK,KAAAA,GAAQJ,KAAK,CAAC,CAAE,CAAA;;AAGtB,IAAA,MAAMT,OAAUD,GAAAA,iBAAAA,EAAAA;AAChB,IAAA,IAAI,CAACC,OAAS,EAAA;QACZ,OAAO;YAAEQ,aAAe,EAAA;AAAM,SAAA;AAChC;AAEA,IAAA,MAAMM,MAASd,GAAAA,OAAAA,CAAQ,OAASe,CAAAA,CAAAA,mBAAmB,CAACF,KAAAA,CAAAA;IACpD,IAAI,CAACC,MAAOE,CAAAA,OAAO,EAAE;QACnB,OAAO;YAAER,aAAe,EAAA;AAAM,SAAA;AAChC;IAEA,MAAMS,QAAAA,GAAW,MAAMjB,OAAQ,CAAA,OAAA,CAAA,CAASkB,eAAe,CAACJ,MAAAA,CAAOK,OAAO,CAACC,SAAS,CAAA;AAChF,IAAA,IAAI,CAACH,QAAU,EAAA;QACb,OAAO;YAAET,aAAe,EAAA;AAAM,SAAA;AAChC;AAEA,IAAA,MAAMa,SAAYP,GAAAA,MAAAA,CAAOK,OAAO,CAACG,MAAM;AACvC,IAAA,MAAMC,gBAAgBC,MAAOH,CAAAA,SAAAA,CAAAA;IAC7B,MAAMC,MAAAA,GACJE,OAAOC,QAAQ,CAACF,kBAAkBG,MAAOH,CAAAA,aAAAA,CAAAA,KAAmBF,YACxDE,aACAF,GAAAA,SAAAA;IAEN,MAAMM,IAAAA,GAAO,MAAM1B,MAAO2B,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNC,CAAAA,CAAAA,OAAO,CAAC;QAAEC,KAAO,EAAA;YAAEC,EAAIV,EAAAA;AAAO,SAAA;QAAGW,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;IAExD,IAAI,CAACN,QAAQ,EAAEA,KAAKV,QAAQ,KAAK,IAAG,CAAI,EAAA;QACtC,OAAO;YAAET,aAAe,EAAA;AAAM,SAAA;AAChC;AAEA,IAAA,MAAM0B,cAAc,MAAMC,UAAAA,CAAW,cAAcC,MAAM,CAACC,mBAAmB,CAACV,IAAAA,CAAAA;;;IAI9EvB,GAAIkC,CAAAA,KAAK,CAACJ,WAAW,GAAGA,WAAAA;IACxB9B,GAAIkC,CAAAA,KAAK,CAACX,IAAI,GAAGA,IAAAA;IAEjB,OAAO;QACLnB,aAAe,EAAA,IAAA;QACf+B,WAAaZ,EAAAA,IAAAA;QACba,OAASN,EAAAA;AACX,KAAA;AACF;AAEO,MAAMO,OAAO;AAEpB,wCACA,wBAAe;AACbA,IAAAA,IAAAA;AACAtC,IAAAA;AACF,CAAE;;;;"}
package/dist/server/server/src/validation/authentication/login.js ADDED
@@ -0,0 +1,16 @@
1
+ 'use strict';
2
+
3
+ var utils = require('@strapi/utils');
4
+
5
+ /**
6
+ * Validates optional session-related fields for login requests.
7
+ * Does not constrain credential fields (email/password) handled by passport.
8
+ */ const schema = utils.yup.object().shape({
9
+ deviceId: utils.yup.string().uuid().optional(),
10
+ rememberMe: utils.yup.boolean().optional()
11
+ })// Allow other properties (like email/password) to be present
12
+ .noUnknown(false);
13
+ var validateLoginSessionInput = utils.validateYupSchema(schema);
14
+
15
+ module.exports = validateLoginSessionInput;
16
+ //# sourceMappingURL=login.js.map
package/dist/server/server/src/validation/authentication/login.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"login.js","sources":["../../../../../../server/src/validation/authentication/login.ts"],"sourcesContent":["import { yup, validateYupSchema } from '@strapi/utils';\n\n/**\n * Validates optional session-related fields for login requests.\n * Does not constrain credential fields (email/password) handled by passport.\n */\nconst schema = yup\n .object()\n .shape({\n deviceId: yup.string().uuid().optional(),\n rememberMe: yup.boolean().optional(),\n })\n // Allow other properties (like email/password) to be present\n .noUnknown(false);\n\nexport default validateYupSchema(schema);\n"],"names":["schema","yup","object","shape","deviceId","string","uuid","optional","rememberMe","boolean","noUnknown","validateYupSchema"],"mappings":";;;;AAEA;;;AAGC,IACD,MAAMA,MAASC,GAAAA,SAAAA,CACZC,MAAM,EAAA,CACNC,KAAK,CAAC;AACLC,IAAAA,QAAAA,EAAUH,SAAII,CAAAA,MAAM,EAAGC,CAAAA,IAAI,GAAGC,QAAQ,EAAA;IACtCC,UAAYP,EAAAA,SAAAA,CAAIQ,OAAO,EAAA,CAAGF,QAAQ;AACpC,CAAA,CACA;AACCG,CAAAA,SAAS,CAAC,KAAA,CAAA;AAEb,gCAAeC,wBAAkBX,MAAQ,CAAA;;;;"}
package/dist/server/server/src/validation/authentication/login.mjs ADDED
@@ -0,0 +1,14 @@
1
+ import { yup, validateYupSchema } from '@strapi/utils';
2
+
3
+ /**
4
+ * Validates optional session-related fields for login requests.
5
+ * Does not constrain credential fields (email/password) handled by passport.
6
+ */ const schema = yup.object().shape({
7
+ deviceId: yup.string().uuid().optional(),
8
+ rememberMe: yup.boolean().optional()
9
+ })// Allow other properties (like email/password) to be present
10
+ .noUnknown(false);
11
+ var validateLoginSessionInput = validateYupSchema(schema);
12
+
13
+ export { validateLoginSessionInput as default };
14
+ //# sourceMappingURL=login.mjs.map
package/dist/server/server/src/validation/authentication/login.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"login.mjs","sources":["../../../../../../server/src/validation/authentication/login.ts"],"sourcesContent":["import { yup, validateYupSchema } from '@strapi/utils';\n\n/**\n * Validates optional session-related fields for login requests.\n * Does not constrain credential fields (email/password) handled by passport.\n */\nconst schema = yup\n .object()\n .shape({\n deviceId: yup.string().uuid().optional(),\n rememberMe: yup.boolean().optional(),\n })\n // Allow other properties (like email/password) to be present\n .noUnknown(false);\n\nexport default validateYupSchema(schema);\n"],"names":["schema","yup","object","shape","deviceId","string","uuid","optional","rememberMe","boolean","noUnknown","validateYupSchema"],"mappings":";;AAEA;;;AAGC,IACD,MAAMA,MAASC,GAAAA,GAAAA,CACZC,MAAM,EAAA,CACNC,KAAK,CAAC;AACLC,IAAAA,QAAAA,EAAUH,GAAII,CAAAA,MAAM,EAAGC,CAAAA,IAAI,GAAGC,QAAQ,EAAA;IACtCC,UAAYP,EAAAA,GAAAA,CAAIQ,OAAO,EAAA,CAAGF,QAAQ;AACpC,CAAA,CACA;AACCG,CAAAA,SAAS,CAAC,KAAA,CAAA;AAEb,gCAAeC,kBAAkBX,MAAQ,CAAA;;;;"}
package/dist/server/server/src/validation/authentication/register.js CHANGED
@@ -9,7 +9,9 @@ const registrationSchema = utils.yup.object().shape({
9
9
  firstname: commonValidators.default.firstname.required(),
10
10
  lastname: commonValidators.default.lastname.nullable(),
11
11
  password: commonValidators.default.password.required()
12
- }).required().noUnknown()
12
+ }).required().noUnknown(),
13
+ deviceId: utils.yup.string().uuid().optional(),
14
+ rememberMe: utils.yup.boolean().optional()
13
15
  }).noUnknown();
14
16
  const registrationInfoQuerySchema = utils.yup.object().shape({
15
17
  registrationToken: utils.yup.string().required()
@@ -18,7 +20,9 @@ const adminRegistrationSchema = utils.yup.object().shape({
18
20
  email: commonValidators.default.email.required(),
19
21
  firstname: commonValidators.default.firstname.required(),
20
22
  lastname: commonValidators.default.lastname.nullable(),
21
- password: commonValidators.default.password.required()
23
+ password: commonValidators.default.password.required(),
24
+ deviceId: utils.yup.string().uuid().optional(),
25
+ rememberMe: utils.yup.boolean().optional()
22
26
  }).required().noUnknown();
23
27
  const validateRegistrationInput = utils.validateYupSchema(registrationSchema);
24
28
  const validateRegistrationInfoQuery = utils.validateYupSchema(registrationInfoQuerySchema);
package/dist/server/server/src/validation/authentication/register.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"register.js","sources":["../../../../../../server/src/validation/authentication/register.ts"],"sourcesContent":["import { yup, validateYupSchema } from '@strapi/utils';\nimport validators from '../common-validators';\n\nconst registrationSchema = yup\n .object()\n .shape({\n registrationToken: yup.string().required(),\n userInfo: yup\n .object()\n .shape({\n firstname: validators.firstname.required(),\n lastname: validators.lastname.nullable(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown(),\n })\n .noUnknown();\n\nconst registrationInfoQuerySchema = yup\n .object()\n .shape({\n registrationToken: yup.string().required(),\n })\n .required()\n .noUnknown();\n\nconst adminRegistrationSchema = yup\n .object()\n .shape({\n email: validators.email.required(),\n firstname: validators.firstname.required(),\n lastname: validators.lastname.nullable(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown();\n\nexport const validateRegistrationInput = validateYupSchema(registrationSchema);\nexport const validateRegistrationInfoQuery = validateYupSchema(registrationInfoQuerySchema);\nexport const validateAdminRegistrationInput = validateYupSchema(adminRegistrationSchema);\n\nexport default {\n validateRegistrationInput,\n validateRegistrationInfoQuery,\n validateAdminRegistrationInput,\n};\n"],"names":["registrationSchema","yup","object","shape","registrationToken","string","required","userInfo","firstname","validators","lastname","nullable","password","noUnknown","registrationInfoQuerySchema","adminRegistrationSchema","email","validateRegistrationInput","validateYupSchema","validateRegistrationInfoQuery","validateAdminRegistrationInput"],"mappings":";;;;;AAGA,MAAMA,kBAAqBC,GAAAA,SAAAA,CACxBC,MAAM,EAAA,CACNC,KAAK,CAAC;IACLC,iBAAmBH,EAAAA,SAAAA,CAAII,MAAM,EAAA,CAAGC,QAAQ,EAAA;AACxCC,IAAAA,QAAAA,EAAUN,SACPC,CAAAA,MAAM,EACNC,CAAAA,KAAK,CAAC;QACLK,SAAWC,EAAAA,wBAAAA,CAAWD,SAAS,CAACF,QAAQ,EAAA;QACxCI,QAAUD,EAAAA,wBAAAA,CAAWC,QAAQ,CAACC,QAAQ,EAAA;QACtCC,QAAUH,EAAAA,wBAAAA,CAAWG,QAAQ,CAACN,QAAQ;KAEvCA,CAAAA,CAAAA,QAAQ,GACRO,SAAS;AACd,CAAA,CAAA,CACCA,SAAS,EAAA;AAEZ,MAAMC,2BAA8Bb,GAAAA,SAAAA,CACjCC,MAAM,EAAA,CACNC,KAAK,CAAC;IACLC,iBAAmBH,EAAAA,SAAAA,CAAII,MAAM,EAAA,CAAGC,QAAQ;AAC1C,CACCA,CAAAA,CAAAA,QAAQ,GACRO,SAAS,EAAA;AAEZ,MAAME,uBAA0Bd,GAAAA,SAAAA,CAC7BC,MAAM,EAAA,CACNC,KAAK,CAAC;IACLa,KAAOP,EAAAA,wBAAAA,CAAWO,KAAK,CAACV,QAAQ,EAAA;IAChCE,SAAWC,EAAAA,wBAAAA,CAAWD,SAAS,CAACF,QAAQ,EAAA;IACxCI,QAAUD,EAAAA,wBAAAA,CAAWC,QAAQ,CAACC,QAAQ,EAAA;IACtCC,QAAUH,EAAAA,wBAAAA,CAAWG,QAAQ,CAACN,QAAQ;AACxC,CACCA,CAAAA,CAAAA,QAAQ,GACRO,SAAS,EAAA;AAEL,MAAMI,yBAA4BC,GAAAA,uBAAAA,CAAkBlB,kBAAoB;AACxE,MAAMmB,6BAAgCD,GAAAA,uBAAAA,CAAkBJ,2BAA6B;AACrF,MAAMM,8BAAiCF,GAAAA,uBAAAA,CAAkBH,uBAAyB;;;;;;"}
1
+ {"version":3,"file":"register.js","sources":["../../../../../../server/src/validation/authentication/register.ts"],"sourcesContent":["import { yup, validateYupSchema } from '@strapi/utils';\nimport validators from '../common-validators';\n\nconst registrationSchema = yup\n .object()\n .shape({\n registrationToken: yup.string().required(),\n userInfo: yup\n .object()\n .shape({\n firstname: validators.firstname.required(),\n lastname: validators.lastname.nullable(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown(),\n deviceId: yup.string().uuid().optional(),\n rememberMe: yup.boolean().optional(),\n })\n .noUnknown();\n\nconst registrationInfoQuerySchema = yup\n .object()\n .shape({\n registrationToken: yup.string().required(),\n })\n .required()\n .noUnknown();\n\nconst adminRegistrationSchema = yup\n .object()\n .shape({\n email: validators.email.required(),\n firstname: validators.firstname.required(),\n lastname: validators.lastname.nullable(),\n password: validators.password.required(),\n deviceId: yup.string().uuid().optional(),\n rememberMe: yup.boolean().optional(),\n })\n .required()\n .noUnknown();\n\nexport const validateRegistrationInput = validateYupSchema(registrationSchema);\nexport const validateRegistrationInfoQuery = validateYupSchema(registrationInfoQuerySchema);\nexport const validateAdminRegistrationInput = validateYupSchema(adminRegistrationSchema);\n\nexport default {\n validateRegistrationInput,\n validateRegistrationInfoQuery,\n validateAdminRegistrationInput,\n};\n"],"names":["registrationSchema","yup","object","shape","registrationToken","string","required","userInfo","firstname","validators","lastname","nullable","password","noUnknown","deviceId","uuid","optional","rememberMe","boolean","registrationInfoQuerySchema","adminRegistrationSchema","email","validateRegistrationInput","validateYupSchema","validateRegistrationInfoQuery","validateAdminRegistrationInput"],"mappings":";;;;;AAGA,MAAMA,kBAAqBC,GAAAA,SAAAA,CACxBC,MAAM,EAAA,CACNC,KAAK,CAAC;IACLC,iBAAmBH,EAAAA,SAAAA,CAAII,MAAM,EAAA,CAAGC,QAAQ,EAAA;AACxCC,IAAAA,QAAAA,EAAUN,SACPC,CAAAA,MAAM,EACNC,CAAAA,KAAK,CAAC;QACLK,SAAWC,EAAAA,wBAAAA,CAAWD,SAAS,CAACF,QAAQ,EAAA;QACxCI,QAAUD,EAAAA,wBAAAA,CAAWC,QAAQ,CAACC,QAAQ,EAAA;QACtCC,QAAUH,EAAAA,wBAAAA,CAAWG,QAAQ,CAACN,QAAQ;KAEvCA,CAAAA,CAAAA,QAAQ,GACRO,SAAS,EAAA;AACZC,IAAAA,QAAAA,EAAUb,SAAII,CAAAA,MAAM,EAAGU,CAAAA,IAAI,GAAGC,QAAQ,EAAA;IACtCC,UAAYhB,EAAAA,SAAAA,CAAIiB,OAAO,EAAA,CAAGF,QAAQ;AACpC,CAAA,CAAA,CACCH,SAAS,EAAA;AAEZ,MAAMM,2BAA8BlB,GAAAA,SAAAA,CACjCC,MAAM,EAAA,CACNC,KAAK,CAAC;IACLC,iBAAmBH,EAAAA,SAAAA,CAAII,MAAM,EAAA,CAAGC,QAAQ;AAC1C,CACCA,CAAAA,CAAAA,QAAQ,GACRO,SAAS,EAAA;AAEZ,MAAMO,uBAA0BnB,GAAAA,SAAAA,CAC7BC,MAAM,EAAA,CACNC,KAAK,CAAC;IACLkB,KAAOZ,EAAAA,wBAAAA,CAAWY,KAAK,CAACf,QAAQ,EAAA;IAChCE,SAAWC,EAAAA,wBAAAA,CAAWD,SAAS,CAACF,QAAQ,EAAA;IACxCI,QAAUD,EAAAA,wBAAAA,CAAWC,QAAQ,CAACC,QAAQ,EAAA;IACtCC,QAAUH,EAAAA,wBAAAA,CAAWG,QAAQ,CAACN,QAAQ,EAAA;AACtCQ,IAAAA,QAAAA,EAAUb,SAAII,CAAAA,MAAM,EAAGU,CAAAA,IAAI,GAAGC,QAAQ,EAAA;IACtCC,UAAYhB,EAAAA,SAAAA,CAAIiB,OAAO,EAAA,CAAGF,QAAQ;AACpC,CACCV,CAAAA,CAAAA,QAAQ,GACRO,SAAS,EAAA;AAEL,MAAMS,yBAA4BC,GAAAA,uBAAAA,CAAkBvB,kBAAoB;AACxE,MAAMwB,6BAAgCD,GAAAA,uBAAAA,CAAkBJ,2BAA6B;AACrF,MAAMM,8BAAiCF,GAAAA,uBAAAA,CAAkBH,uBAAyB;;;;;;"}