npm - @strapi/admin - Versions diffs - 5.37.1 → 5.38.1 - Mend

@strapi/admin 5.37.1 → 5.38.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (992) hide show

package/dist/server/server/src/routes/webhooks.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"webhooks.mjs","sources":["../../../../../server/src/routes/webhooks.ts"],"sourcesContent":["export default [\n {\n method: 'GET',\n path: '/webhooks',\n handler: 'webhooks.listWebhooks',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.read'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks',\n handler: 'webhooks.createWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/webhooks/:id',\n handler: 'webhooks.getWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/webhooks/:id',\n handler: 'webhooks.updateWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.update'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/webhooks/:id',\n handler: 'webhooks.deleteWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.delete'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks/batch-delete',\n handler: 'webhooks.deleteWebhooks',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.delete'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks/:id/trigger',\n handler: 'webhooks.triggerWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.update'] } },\n ],\n },\n },\n];\n"],"names":["method","path","handler","config","policies","name","actions"],"mappings":"AAAA,eAAe;AACb,IAAA;QACEA,~~MAAQ~~,~~EAAA~~,KAAA;QACRC,~~IAAM~~,~~EAAA~~,WAAA;QACNC,~~OAAS~~,~~EAAA~~,uBAAA;QACTC,~~MAAQ~~,~~EAAA~~;YACNC,~~QAAU~~,~~EAAA~~;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,~~IAAM~~,~~EAAA~~,uBAAA;oBAAyBF,~~MAAQ~~,~~EAAA~~;wBAAEG,~~OAAS~~,~~EAAA~~;AAAC,4BAAA;AAAuB;AAAC;AAAE;AAChF;AACH;AACF,KAAA;AACA,IAAA;QACEN,~~MAAQ~~,~~EAAA~~,MAAA;QACRC,~~IAAM~~,~~EAAA~~,WAAA;QACNC,~~OAAS~~,~~EAAA~~,wBAAA;QACTC,~~MAAQ~~,~~EAAA~~;YACNC,~~QAAU~~,~~EAAA~~;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,~~IAAM~~,~~EAAA~~,uBAAA;oBAAyBF,~~MAAQ~~,~~EAAA~~;wBAAEG,~~OAAS~~,~~EAAA~~;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF,KAAA;AACA,IAAA;QACEN,~~MAAQ~~,~~EAAA~~,KAAA;QACRC,~~IAAM~~,~~EAAA~~,eAAA;QACNC,~~OAAS~~,~~EAAA~~,qBAAA;QACTC,~~MAAQ~~,~~EAAA~~;YACNC,~~QAAU~~,~~EAAA~~;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,~~IAAM~~,~~EAAA~~,uBAAA;oBAAyBF,~~MAAQ~~,~~EAAA~~;wBAAEG,~~OAAS~~,~~EAAA~~;AAAC,4BAAA;AAAuB;AAAC;AAAE;AAChF;AACH;AACF,KAAA;AACA,IAAA;QACEN,~~MAAQ~~,~~EAAA~~,KAAA;QACRC,~~IAAM~~,~~EAAA~~,eAAA;QACNC,~~OAAS~~,~~EAAA~~,wBAAA;QACTC,~~MAAQ~~,~~EAAA~~;YACNC,~~QAAU~~,~~EAAA~~;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,~~IAAM~~,~~EAAA~~,uBAAA;oBAAyBF,~~MAAQ~~,~~EAAA~~;wBAAEG,~~OAAS~~,~~EAAA~~;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF,KAAA;AACA,IAAA;QACEN,~~MAAQ~~,~~EAAA~~,QAAA;QACRC,~~IAAM~~,~~EAAA~~,eAAA;QACNC,~~OAAS~~,~~EAAA~~,wBAAA;QACTC,~~MAAQ~~,~~EAAA~~;YACNC,~~QAAU~~,~~EAAA~~;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,~~IAAM~~,~~EAAA~~,uBAAA;oBAAyBF,~~MAAQ~~,~~EAAA~~;wBAAEG,~~OAAS~~,~~EAAA~~;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF,KAAA;AACA,IAAA;QACEN,~~MAAQ~~,~~EAAA~~,MAAA;QACRC,~~IAAM~~,~~EAAA~~,wBAAA;QACNC,~~OAAS~~,~~EAAA~~,yBAAA;QACTC,~~MAAQ~~,~~EAAA~~;YACNC,~~QAAU~~,~~EAAA~~;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,~~IAAM~~,~~EAAA~~,uBAAA;oBAAyBF,~~MAAQ~~,~~EAAA~~;wBAAEG,~~OAAS~~,~~EAAA~~;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF,KAAA;AACA,IAAA;QACEN,~~MAAQ~~,~~EAAA~~,MAAA;QACRC,~~IAAM~~,~~EAAA~~,uBAAA;QACNC,~~OAAS~~,~~EAAA~~,yBAAA;QACTC,~~MAAQ~~,~~EAAA~~;YACNC,~~QAAU~~,~~EAAA~~;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,~~IAAM~~,~~EAAA~~,uBAAA;oBAAyBF,~~MAAQ~~,~~EAAA~~;wBAAEG,~~OAAS~~,~~EAAA~~;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF;CACD;;;;"}
1	+ {"version":3,"file":"webhooks.mjs","sources":["../../../../../server/src/routes/webhooks.ts"],"sourcesContent":["export default [\n {\n method: 'GET',\n path: '/webhooks',\n handler: 'webhooks.listWebhooks',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.read'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks',\n handler: 'webhooks.createWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/webhooks/:id',\n handler: 'webhooks.getWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/webhooks/:id',\n handler: 'webhooks.updateWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.update'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/webhooks/:id',\n handler: 'webhooks.deleteWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.delete'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks/batch-delete',\n handler: 'webhooks.deleteWebhooks',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.delete'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks/:id/trigger',\n handler: 'webhooks.triggerWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.update'] } },\n ],\n },\n },\n];\n"],"names":["method","path","handler","config","policies","name","actions"],"mappings":"AAAA,eAAe;AACb,IAAA;QACEA,MAAAA,EAAQ,KAAA;QACRC,IAAAA,EAAM,WAAA;QACNC,OAAAA,EAAS,uBAAA;QACTC,MAAAA,EAAQ;YACNC,QAAAA,EAAU;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,IAAAA,EAAM,uBAAA;oBAAyBF,MAAAA,EAAQ;wBAAEG,OAAAA,EAAS;AAAC,4BAAA;AAAuB;AAAC;AAAE;AAChF;AACH;AACF,KAAA;AACA,IAAA;QACEN,MAAAA,EAAQ,MAAA;QACRC,IAAAA,EAAM,WAAA;QACNC,OAAAA,EAAS,wBAAA;QACTC,MAAAA,EAAQ;YACNC,QAAAA,EAAU;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,IAAAA,EAAM,uBAAA;oBAAyBF,MAAAA,EAAQ;wBAAEG,OAAAA,EAAS;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF,KAAA;AACA,IAAA;QACEN,MAAAA,EAAQ,KAAA;QACRC,IAAAA,EAAM,eAAA;QACNC,OAAAA,EAAS,qBAAA;QACTC,MAAAA,EAAQ;YACNC,QAAAA,EAAU;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,IAAAA,EAAM,uBAAA;oBAAyBF,MAAAA,EAAQ;wBAAEG,OAAAA,EAAS;AAAC,4BAAA;AAAuB;AAAC;AAAE;AAChF;AACH;AACF,KAAA;AACA,IAAA;QACEN,MAAAA,EAAQ,KAAA;QACRC,IAAAA,EAAM,eAAA;QACNC,OAAAA,EAAS,wBAAA;QACTC,MAAAA,EAAQ;YACNC,QAAAA,EAAU;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,IAAAA,EAAM,uBAAA;oBAAyBF,MAAAA,EAAQ;wBAAEG,OAAAA,EAAS;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF,KAAA;AACA,IAAA;QACEN,MAAAA,EAAQ,QAAA;QACRC,IAAAA,EAAM,eAAA;QACNC,OAAAA,EAAS,wBAAA;QACTC,MAAAA,EAAQ;YACNC,QAAAA,EAAU;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,IAAAA,EAAM,uBAAA;oBAAyBF,MAAAA,EAAQ;wBAAEG,OAAAA,EAAS;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF,KAAA;AACA,IAAA;QACEN,MAAAA,EAAQ,MAAA;QACRC,IAAAA,EAAM,wBAAA;QACNC,OAAAA,EAAS,yBAAA;QACTC,MAAAA,EAAQ;YACNC,QAAAA,EAAU;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,IAAAA,EAAM,uBAAA;oBAAyBF,MAAAA,EAAQ;wBAAEG,OAAAA,EAAS;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF,KAAA;AACA,IAAA;QACEN,MAAAA,EAAQ,MAAA;QACRC,IAAAA,EAAM,uBAAA;QACNC,OAAAA,EAAS,yBAAA;QACTC,MAAAA,EAAQ;YACNC,QAAAA,EAAU;AACR,gBAAA,6BAAA;AACA,gBAAA;oBAAEC,IAAAA,EAAM,uBAAA;oBAAyBF,MAAAA,EAAQ;wBAAEG,OAAAA,EAAS;AAAC,4BAAA;AAAyB;AAAC;AAAE;AAClF;AACH;AACF;CACD;;;;"}

package/dist/server/server/src/services/action.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"action.js","sources":["../../../../../server/src/services/action.ts"],"sourcesContent":["import { isNil } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport constants from './constants';\nimport type { AdminRole } from '../../../shared/contracts/shared';\n\nconst { AUTHOR_CODE, PUBLISH_ACTION } = constants;\n\nconst { NotFoundError } = errors;\n// TODO: move actionProvider here instead of in the permission service\n\n/*\n Returns actions available for a role.\n * @param {string\|number} roleId\n * @returns {object[]}\n */\nconst getAllowedActionsForRole = async (roleId?: string) => {\n const { actionProvider } = getService('permission');\n\n if (!isNil(roleId)) {\n const role: AdminRole = await getService('role').findOne({ id: roleId });\n\n if (!role) {\n throw new NotFoundError('role.notFound');\n }\n\n if (role.code === AUTHOR_CODE) {\n return actionProvider.values().filter(({ actionId }: any) => actionId !== PUBLISH_ACTION);\n }\n }\n\n return actionProvider.values();\n};\n\nexport { getAllowedActionsForRole };\n"],"names":["AUTHOR_CODE","PUBLISH_ACTION","constants","NotFoundError","errors","getAllowedActionsForRole","roleId","actionProvider","getService","isNil","role","findOne","id","code","values","filter","actionId"],"mappings":";;;;;;;AAMA,MAAM,EAAEA,WAAW,EAAEC,cAAc,EAAE,GAAGC,SAAAA;AAExC,MAAM,EAAEC,aAAa,EAAE,GAAGC,YAAAA;AAC1B;AAEA;;;;IAKA,MAAMC,2BAA2B,OAAOC,MAAAA,GAAAA;AACtC,IAAA,MAAM,EAAEC,cAAc,EAAE,GAAGC,~~gBAAW~~,~~CAAA~~,YAAA,CAAA;IAEtC,IAAI,CAACC,SAAMH,~~MAAS~~,~~CAAA~~,~~EAAA~~;AAClB,QAAA,MAAMI,~~IAAkB~~,~~GAAA~~,MAAMF,~~gBAAW~~,~~CAAA~~,MAAA,CAAA,CAAQG,OAAO,CAAC;YAAEC,EAAIN~~,EAAAA~~;AAAO,SAAA,CAAA;AAEtE,QAAA,IAAI,CAACI,~~IAAM~~,~~EAAA~~;AACT,YAAA,MAAM,IAAIP,~~aAAc~~,~~CAAA~~,eAAA,CAAA;AAC1B;QAEA,IAAIO,IAAAA,CAAKG,IAAI,KAAKb,~~WAAa~~,~~EAAA~~;YAC7B,OAAOO,cAAAA,CAAeO,MAAM,EAAA,CAAGC,MAAM,CAAC,CAAC,EAAEC,QAAQ,EAAO,GAAKA,~~QAAaf~~,~~KAAAA~~,cAAAA,CAAAA;AAC5E;AACF;AAEA,IAAA,OAAOM,eAAeO,MAAM,EAAA;AAC9B;;;;"}
1	+ {"version":3,"file":"action.js","sources":["../../../../../server/src/services/action.ts"],"sourcesContent":["import { isNil } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport constants from './constants';\nimport type { AdminRole } from '../../../shared/contracts/shared';\n\nconst { AUTHOR_CODE, PUBLISH_ACTION } = constants;\n\nconst { NotFoundError } = errors;\n// TODO: move actionProvider here instead of in the permission service\n\n/*\n Returns actions available for a role.\n * @param {string\|number} roleId\n * @returns {object[]}\n */\nconst getAllowedActionsForRole = async (roleId?: string) => {\n const { actionProvider } = getService('permission');\n\n if (!isNil(roleId)) {\n const role: AdminRole = await getService('role').findOne({ id: roleId });\n\n if (!role) {\n throw new NotFoundError('role.notFound');\n }\n\n if (role.code === AUTHOR_CODE) {\n return actionProvider.values().filter(({ actionId }: any) => actionId !== PUBLISH_ACTION);\n }\n }\n\n return actionProvider.values();\n};\n\nexport { getAllowedActionsForRole };\n"],"names":["AUTHOR_CODE","PUBLISH_ACTION","constants","NotFoundError","errors","getAllowedActionsForRole","roleId","actionProvider","getService","isNil","role","findOne","id","code","values","filter","actionId"],"mappings":";;;;;;;AAMA,MAAM,EAAEA,WAAW,EAAEC,cAAc,EAAE,GAAGC,SAAAA;AAExC,MAAM,EAAEC,aAAa,EAAE,GAAGC,YAAAA;AAC1B;AAEA;;;;IAKA,MAAMC,2BAA2B,OAAOC,MAAAA,GAAAA;AACtC,IAAA,MAAM,EAAEC,cAAc,EAAE,GAAGC,gBAAAA,CAAW,YAAA,CAAA;IAEtC,IAAI,CAACC,SAAMH,MAAAA,CAAAA,EAAS;AAClB,QAAA,MAAMI,IAAAA,GAAkB,MAAMF,gBAAAA,CAAW,MAAA,CAAA,CAAQG,OAAO,CAAC;YAAEC,EAAAA,EAAIN;AAAO,SAAA,CAAA;AAEtE,QAAA,IAAI,CAACI,IAAAA,EAAM;AACT,YAAA,MAAM,IAAIP,aAAAA,CAAc,eAAA,CAAA;AAC1B,QAAA;QAEA,IAAIO,IAAAA,CAAKG,IAAI,KAAKb,WAAAA,EAAa;YAC7B,OAAOO,cAAAA,CAAeO,MAAM,EAAA,CAAGC,MAAM,CAAC,CAAC,EAAEC,QAAQ,EAAO,GAAKA,QAAAA,KAAaf,cAAAA,CAAAA;AAC5E,QAAA;AACF,IAAA;AAEA,IAAA,OAAOM,eAAeO,MAAM,EAAA;AAC9B;;;;"}

package/dist/server/server/src/services/action.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"action.mjs","sources":["../../../../../server/src/services/action.ts"],"sourcesContent":["import { isNil } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport constants from './constants';\nimport type { AdminRole } from '../../../shared/contracts/shared';\n\nconst { AUTHOR_CODE, PUBLISH_ACTION } = constants;\n\nconst { NotFoundError } = errors;\n// TODO: move actionProvider here instead of in the permission service\n\n/*\n Returns actions available for a role.\n * @param {string\|number} roleId\n * @returns {object[]}\n */\nconst getAllowedActionsForRole = async (roleId?: string) => {\n const { actionProvider } = getService('permission');\n\n if (!isNil(roleId)) {\n const role: AdminRole = await getService('role').findOne({ id: roleId });\n\n if (!role) {\n throw new NotFoundError('role.notFound');\n }\n\n if (role.code === AUTHOR_CODE) {\n return actionProvider.values().filter(({ actionId }: any) => actionId !== PUBLISH_ACTION);\n }\n }\n\n return actionProvider.values();\n};\n\nexport { getAllowedActionsForRole };\n"],"names":["AUTHOR_CODE","PUBLISH_ACTION","constants","NotFoundError","errors","getAllowedActionsForRole","roleId","actionProvider","getService","isNil","role","findOne","id","code","values","filter","actionId"],"mappings":";;;;;AAMA,MAAM,EAAEA,WAAW,EAAEC,cAAc,EAAE,GAAGC,SAAAA;AAExC,MAAM,EAAEC,aAAa,EAAE,GAAGC,MAAAA;AAC1B;AAEA;;;;IAKA,MAAMC,2BAA2B,OAAOC,MAAAA,GAAAA;AACtC,IAAA,MAAM,EAAEC,cAAc,EAAE,GAAGC,~~UAAW~~,~~CAAA~~,YAAA,CAAA;IAEtC,IAAI,CAACC,MAAMH,~~MAAS~~,~~CAAA~~,~~EAAA~~;AAClB,QAAA,MAAMI,~~IAAkB~~,~~GAAA~~,MAAMF,~~UAAW~~,~~CAAA~~,MAAA,CAAA,CAAQG,OAAO,CAAC;YAAEC,EAAIN~~,EAAAA~~;AAAO,SAAA,CAAA;AAEtE,QAAA,IAAI,CAACI,~~IAAM~~,~~EAAA~~;AACT,YAAA,MAAM,IAAIP,~~aAAc~~,~~CAAA~~,eAAA,CAAA;AAC1B;QAEA,IAAIO,IAAAA,CAAKG,IAAI,KAAKb,~~WAAa~~,~~EAAA~~;YAC7B,OAAOO,cAAAA,CAAeO,MAAM,EAAA,CAAGC,MAAM,CAAC,CAAC,EAAEC,QAAQ,EAAO,GAAKA,~~QAAaf~~,~~KAAAA~~,cAAAA,CAAAA;AAC5E;AACF;AAEA,IAAA,OAAOM,eAAeO,MAAM,EAAA;AAC9B;;;;"}
1	+ {"version":3,"file":"action.mjs","sources":["../../../../../server/src/services/action.ts"],"sourcesContent":["import { isNil } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport constants from './constants';\nimport type { AdminRole } from '../../../shared/contracts/shared';\n\nconst { AUTHOR_CODE, PUBLISH_ACTION } = constants;\n\nconst { NotFoundError } = errors;\n// TODO: move actionProvider here instead of in the permission service\n\n/*\n Returns actions available for a role.\n * @param {string\|number} roleId\n * @returns {object[]}\n */\nconst getAllowedActionsForRole = async (roleId?: string) => {\n const { actionProvider } = getService('permission');\n\n if (!isNil(roleId)) {\n const role: AdminRole = await getService('role').findOne({ id: roleId });\n\n if (!role) {\n throw new NotFoundError('role.notFound');\n }\n\n if (role.code === AUTHOR_CODE) {\n return actionProvider.values().filter(({ actionId }: any) => actionId !== PUBLISH_ACTION);\n }\n }\n\n return actionProvider.values();\n};\n\nexport { getAllowedActionsForRole };\n"],"names":["AUTHOR_CODE","PUBLISH_ACTION","constants","NotFoundError","errors","getAllowedActionsForRole","roleId","actionProvider","getService","isNil","role","findOne","id","code","values","filter","actionId"],"mappings":";;;;;AAMA,MAAM,EAAEA,WAAW,EAAEC,cAAc,EAAE,GAAGC,SAAAA;AAExC,MAAM,EAAEC,aAAa,EAAE,GAAGC,MAAAA;AAC1B;AAEA;;;;IAKA,MAAMC,2BAA2B,OAAOC,MAAAA,GAAAA;AACtC,IAAA,MAAM,EAAEC,cAAc,EAAE,GAAGC,UAAAA,CAAW,YAAA,CAAA;IAEtC,IAAI,CAACC,MAAMH,MAAAA,CAAAA,EAAS;AAClB,QAAA,MAAMI,IAAAA,GAAkB,MAAMF,UAAAA,CAAW,MAAA,CAAA,CAAQG,OAAO,CAAC;YAAEC,EAAAA,EAAIN;AAAO,SAAA,CAAA;AAEtE,QAAA,IAAI,CAACI,IAAAA,EAAM;AACT,YAAA,MAAM,IAAIP,aAAAA,CAAc,eAAA,CAAA;AAC1B,QAAA;QAEA,IAAIO,IAAAA,CAAKG,IAAI,KAAKb,WAAAA,EAAa;YAC7B,OAAOO,cAAAA,CAAeO,MAAM,EAAA,CAAGC,MAAM,CAAC,CAAC,EAAEC,QAAQ,EAAO,GAAKA,QAAAA,KAAaf,cAAAA,CAAAA;AAC5E,QAAA;AACF,IAAA;AAEA,IAAA,OAAOM,eAAeO,MAAM,EAAA;AAC9B;;;;"}

package/dist/server/server/src/services/api-token.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"api-token.js","sources":["../../../../../server/src/services/api-token.ts"],"sourcesContent":["import crypto from 'crypto';\nimport { omit, difference, isNil, isEmpty, map, isArray, uniq, isNumber } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\nimport { errors } from '@strapi/utils';\nimport type { Update, ApiToken, ApiTokenBody } from '../../../shared/contracts/api-token';\nimport constants from './constants';\nimport { getService } from '../utils';\n\nconst { ValidationError, NotFoundError } = errors;\n\ntype ApiTokenPermission = {\n id: number \| `${number}`;\n action: string;\n token: DBApiToken \| number;\n};\n\ntype DBApiToken = ApiToken & {\n permissions: (number \| ApiTokenPermission)[];\n};\n\nconst SELECT_FIELDS = [\n 'id',\n 'name',\n 'description',\n 'lastUsedAt',\n 'type',\n 'lifespan',\n 'expiresAt',\n 'createdAt',\n 'updatedAt',\n];\n\nconst POPULATE_FIELDS = ['permissions'];\n\n// TODO: we need to ensure the permissions are actually valid registered permissions!\n\n/*\n Assert that a token's permissions attribute is valid for its type\n /\nconst assertCustomTokenPermissionsValidity = (\n type: ApiTokenBody['type'],\n permissions: ApiTokenBody['permissions']\n) => {\n // Ensure non-custom tokens doesn't have permissions\n if (type !== constants.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions)) {\n throw new ValidationError('Non-custom tokens should not reference permissions');\n }\n\n // Custom type tokens should always have permissions attached to them\n if (type === constants.API_TOKEN_TYPE.CUSTOM && !isArray(permissions)) {\n throw new ValidationError('Missing permissions attribute for custom token');\n }\n\n // Permissions provided for a custom type token should be valid/registered permissions UID\n if (type === constants.API_TOKEN_TYPE.CUSTOM) {\n const validPermissions = strapi.contentAPI.permissions.providers.action.keys();\n const invalidPermissions = difference(permissions, validPermissions) as string[];\n\n if (!isEmpty(invalidPermissions)) {\n throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);\n }\n }\n};\n\n/\n Check if a token's lifespan is valid\n /\nconst isValidLifespan = (lifespan: unknown) => {\n if (isNil(lifespan)) {\n return true;\n }\n\n if (!isNumber(lifespan) \|\| !Object.values(constants.API_TOKEN_LIFESPANS).includes(lifespan)) {\n return false;\n }\n\n return true;\n};\n\n/\n Assert that a token's lifespan is valid\n /\nconst assertValidLifespan = (lifespan: unknown) => {\n if (!isValidLifespan(lifespan)) {\n throw new ValidationError(\n `lifespan must be one of the following values:\n ${Object.values(constants.API_TOKEN_LIFESPANS).join(', ')}`\n );\n }\n};\n\n/\n Flatten a token's database permissions objects to an array of strings\n /\nconst flattenTokenPermissions = (token: DBApiToken): ApiToken => {\n if (!token) {\n return token;\n }\n\n return {\n ...token,\n permissions: isArray(token.permissions) ? map('action', token.permissions) : token.permissions,\n };\n};\n\ntype WhereParams = {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n};\n\n/\n Get a token\n /\nconst getBy = async (whereParams: WhereParams = {}): Promise<ApiToken \| null> => {\n if (Object.keys(whereParams).length === 0) {\n return null;\n }\n\n const token = await strapi.db.query('admin::api-token').findOne({\n select: [...SELECT_FIELDS, 'encryptedKey'],\n populate: POPULATE_FIELDS,\n where: whereParams,\n });\n\n if (!token) {\n return token;\n }\n\n const { encryptedKey, ...rest } = token;\n\n if (!encryptedKey) {\n return flattenTokenPermissions(rest);\n }\n\n const accessKey = getService('encryption').decrypt(encryptedKey);\n\n return flattenTokenPermissions({\n ...rest,\n accessKey,\n });\n};\n\n/\n Check if token exists\n /\nconst exists = async (whereParams: WhereParams = {}): Promise<boolean> => {\n const apiToken = await getBy(whereParams);\n\n return !!apiToken;\n};\n\n/\n Return a secure sha512 hash of an accessKey\n /\nconst hash = (accessKey: string) => {\n const apiTokenCfg = strapi.config.get<Core.Config.Admin['apiToken']>('admin.apiToken');\n const salt = apiTokenCfg.salt;\n\n return crypto.createHmac('sha512', salt).update(accessKey).digest('hex');\n};\n\nconst getExpirationFields = (lifespan: ApiTokenBody['lifespan']) => {\n // it must be nil or a finite number >= 0\n const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;\n if (!isValidNumber && !isNil(lifespan)) {\n throw new ValidationError('lifespan must be a positive number or null');\n }\n\n return {\n lifespan: lifespan \|\| null,\n expiresAt: lifespan ? Date.now() + lifespan : null,\n };\n};\n\n/\n Create a token and its permissions\n /\nconst create = async (attributes: ApiTokenBody): Promise<ApiToken> => {\n const encryptionService = getService('encryption');\n const accessKey = crypto.randomBytes(128).toString('hex');\n const encryptedKey = encryptionService.encrypt(accessKey);\n\n assertCustomTokenPermissionsValidity(attributes.type, attributes.permissions);\n assertValidLifespan(attributes.lifespan);\n\n // Create the token\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').create({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n data: {\n ...omit('permissions', attributes),\n accessKey: hash(accessKey),\n encryptedKey,\n ...getExpirationFields(attributes.lifespan),\n },\n });\n\n const result: ApiToken = { ...apiToken, accessKey };\n\n // If this is a custom type token, create and the related permissions\n if (attributes.type === constants.API_TOKEN_TYPE.CUSTOM) {\n // TODO: createMany doesn't seem to create relation properly, implement a better way rather than a ton of queries\n // const permissionsCount = await strapi.db.query('admin::api-token-permission').createMany({\n // populate: POPULATE_FIELDS,\n // data: attributes.permissions.map(action => ({ action, token: apiToken })),\n // });\n await Promise.all(\n uniq(attributes.permissions).map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: apiToken },\n })\n )\n );\n\n const currentPermissions = await strapi.db\n .query('admin::api-token')\n .load(apiToken, 'permissions');\n\n if (currentPermissions) {\n Object.assign(result, { permissions: map('action', currentPermissions) });\n }\n }\n\n return result;\n};\n\nconst regenerate = async (id: string \| number): Promise<ApiToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n const encryptionService = getService('encryption');\n const encryptedKey = encryptionService.encrypt(accessKey);\n\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: ['id', 'accessKey'],\n where: { id },\n data: {\n accessKey: hash(accessKey),\n encryptedKey,\n },\n });\n\n if (!apiToken) {\n throw new NotFoundError('The provided token id does not exist');\n }\n\n return {\n ...apiToken,\n accessKey,\n };\n};\n\nconst checkSaltIsDefined = () => {\n const apiTokenCfg = strapi.config.get<Core.Config.Admin['apiToken']>('admin.apiToken');\n if (!apiTokenCfg?.salt) {\n // TODO V5: stop reading API_TOKEN_SALT\n if (process.env.API_TOKEN_SALT) {\n process.emitWarning(`[deprecated] In future versions, Strapi will stop reading directly from the environment variable API_TOKEN_SALT. Please set apiToken.salt in config/admin.js instead.\nFor security reasons, keep storing the secret in an environment variable and use env() to read it in config/admin.js (ex: \\`apiToken: { salt: env('API_TOKEN_SALT') }\\`). See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);\n\n strapi.config.set('admin.apiToken.salt', process.env.API_TOKEN_SALT);\n } else {\n throw new Error(\n `Missing apiToken.salt. Please set apiToken.salt in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n }\n};\n\n/\n Return a list of all tokens and their permissions\n /\nconst list = async (): Promise<Array<ApiToken>> => {\n const tokens: Array<DBApiToken> = await strapi.db.query('admin::api-token').findMany({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n orderBy: { name: 'ASC' },\n });\n\n if (!tokens) {\n return tokens;\n }\n\n return tokens.map((token) => flattenTokenPermissions(token));\n};\n\n/\n Revoke (delete) a token\n /\nconst revoke = async (id: string \| number): Promise<ApiToken> => {\n return strapi.db\n .query('admin::api-token')\n .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } });\n};\n\n/\n Retrieve a token by id\n /\nconst getById = async (id: string \| number) => {\n return getBy({ id });\n};\n\n/\n Retrieve a token by name\n /\nconst getByName = async (name: string) => {\n return getBy({ name });\n};\n\n/\n Update a token and its permissions\n */\nconst update = async (\n id: string \| number,\n attributes: Update.Request['body']\n): Promise<ApiToken> => {\n // retrieve token without permissions\n const originalToken: DBApiToken = await strapi.db\n .query('admin::api-token')\n .findOne({ where: { id } });\n\n if (!originalToken) {\n throw new NotFoundError('Token not found');\n }\n\n const changingTypeToCustom =\n attributes.type === constants.API_TOKEN_TYPE.CUSTOM &&\n originalToken.type !== constants.API_TOKEN_TYPE.CUSTOM;\n\n // if we're updating the permissions on any token type, or changing from non-custom to custom, ensure they're still valid\n // if neither type nor permissions are changing, we don't need to validate again or else we can't allow partial update\n if (attributes.permissions \|\| changingTypeToCustom) {\n assertCustomTokenPermissionsValidity(\n attributes.type \|\| originalToken.type,\n attributes.permissions \|\| originalToken.permissions\n );\n }\n\n assertValidLifespan(attributes.lifespan);\n\n const updatedToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: SELECT_FIELDS,\n where: { id },\n data: omit('permissions', attributes),\n });\n\n // custom tokens need to have their permissions updated as well\n if (updatedToken.type === constants.API_TOKEN_TYPE.CUSTOM && attributes.permissions) {\n const currentPermissionsResult = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n const currentPermissions = map('action', currentPermissionsResult \|\| []);\n const newPermissions = uniq(attributes.permissions);\n\n const actionsToDelete = difference(currentPermissions, newPermissions);\n const actionsToAdd = difference(newPermissions, currentPermissions);\n\n // TODO: improve efficiency here\n // method using a loop -- works but very inefficient\n await Promise.all(\n actionsToDelete.map((action) =>\n strapi.db.query('admin::api-token-permission').delete({\n where: { action, token: id },\n })\n )\n );\n\n // TODO: improve efficiency here\n // using a loop -- works but very inefficient\n await Promise.all(\n actionsToAdd.map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: id },\n })\n )\n );\n }\n // if type is not custom, make sure any old permissions get removed\n else if (updatedToken.type !== constants.API_TOKEN_TYPE.CUSTOM) {\n await strapi.db.query('admin::api-token-permission').delete({\n where: { token: id },\n });\n }\n\n // retrieve permissions\n const permissionsFromDb = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n return {\n ...updatedToken,\n permissions: permissionsFromDb ? permissionsFromDb.map((p: any) => p.action) : undefined,\n };\n};\n\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::api-token').count({ where });\n};\n\nexport {\n create,\n count,\n regenerate,\n exists,\n checkSaltIsDefined,\n hash,\n list,\n revoke,\n getById,\n update,\n getByName,\n getBy,\n};\n"],"names":["ValidationError","NotFoundError","errors","SELECT_FIELDS","POPULATE_FIELDS","assertCustomTokenPermissionsValidity","type","permissions","constants","API_TOKEN_TYPE","CUSTOM","isEmpty","isArray","validPermissions","strapi","contentAPI","providers","action","keys","invalidPermissions","difference","join","isValidLifespan","lifespan","isNil","isNumber","Object","values","API_TOKEN_LIFESPANS","includes","assertValidLifespan","flattenTokenPermissions","token","map","getBy","whereParams","length","db","query","findOne","select","populate","where","encryptedKey","rest","accessKey","getService","decrypt","exists","apiToken","hash","apiTokenCfg","config","get","salt","crypto","createHmac","update","digest","getExpirationFields","isValidNumber","Number","isFinite","expiresAt","Date","now","create","attributes","encryptionService","randomBytes","toString","encrypt","data","omit","result","Promise","all","uniq","currentPermissions","load","assign","regenerate","id","checkSaltIsDefined","process","env","API_TOKEN_SALT","emitWarning","set","Error","list","tokens","findMany","orderBy","name","revoke","delete","getById","getByName","originalToken","changingTypeToCustom","updatedToken","currentPermissionsResult","newPermissions","actionsToDelete","actionsToAdd","permissionsFromDb","p","undefined","count"],"mappings":";;;;;;;;AAQA,MAAM,EAAEA,eAAe,EAAEC,aAAa,EAAE,GAAGC,YAAAA;AAY3C,MAAMC,aAAgB,GAAA;AACpB,IAAA,IAAA;AACA,IAAA,MAAA;AACA,IAAA,aAAA;AACA,IAAA,YAAA;AACA,IAAA,MAAA;AACA,IAAA,UAAA;AACA,IAAA,WAAA;AACA,IAAA,WAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,eAAkB,GAAA;AAAC,IAAA;AAAc,CAAA;AAEvC;AAEA;;IAGA,MAAMC,oCAAuC,GAAA,CAC3CC,IACAC,EAAAA,WAAAA,GAAAA;;IAGA,IAAID,IAAAA,KAASE,UAAUC,cAAc,CAACC,MAAM,IAAI,CAACC,WAAQJ,WAAc,CAAA,EAAA;AACrE,QAAA,MAAM,IAAIP,eAAgB,CAAA,oDAAA,CAAA;AAC5B;;IAGA,IAAIM,IAAAA,KAASE,UAAUC,cAAc,CAACC,MAAM,IAAI,CAACE,WAAQL,WAAc,CAAA,EAAA;AACrE,QAAA,MAAM,IAAIP,eAAgB,CAAA,gDAAA,CAAA;AAC5B;;AAGA,IAAA,IAAIM,IAASE,KAAAA,SAAAA,CAAUC,cAAc,CAACC,MAAM,EAAE;QAC5C,MAAMG,gBAAAA,GAAmBC,MAAOC,CAAAA,UAAU,CAACR,WAAW,CAACS,SAAS,CAACC,MAAM,CAACC,IAAI,EAAA;QAC5E,MAAMC,kBAAAA,GAAqBC,cAAWb,WAAaM,EAAAA,gBAAAA,CAAAA;QAEnD,IAAI,CAACF,WAAQQ,kBAAqB,CAAA,EAAA;YAChC,MAAM,IAAInB,gBAAgB,CAAC,8BAA8B,EAAEmB,kBAAmBE,CAAAA,IAAI,CAAC,IAAO,CAAA,CAAA,CAAA,CAAA;AAC5F;AACF;AACF,CAAA;AAEA;;IAGA,MAAMC,kBAAkB,CAACC,QAAAA,GAAAA;AACvB,IAAA,IAAIC,SAAMD,QAAW,CAAA,EAAA;QACnB,OAAO,IAAA;AACT;AAEA,IAAA,IAAI,CAACE,WAAAA,CAASF,QAAa,CAAA,IAAA,CAACG,MAAOC,CAAAA,MAAM,CAACnB,SAAAA,CAAUoB,mBAAmB,CAAA,CAAEC,QAAQ,CAACN,QAAW,CAAA,EAAA;QAC3F,OAAO,KAAA;AACT;IAEA,OAAO,IAAA;AACT,CAAA;AAEA;;IAGA,MAAMO,sBAAsB,CAACP,QAAAA,GAAAA;IAC3B,IAAI,CAACD,gBAAgBC,QAAW,CAAA,EAAA;QAC9B,MAAM,IAAIvB,gBACR,CAAC;MACD,EAAE0B,MAAAA,CAAOC,MAAM,CAACnB,SAAAA,CAAUoB,mBAAmB,CAAEP,CAAAA,IAAI,CAAC,IAAO,CAAA,CAAA,CAAA,CAAA;AAE/D;AACF,CAAA;AAEA;;IAGA,MAAMU,0BAA0B,CAACC,KAAAA,GAAAA;AAC/B,IAAA,IAAI,CAACA,KAAO,EAAA;QACV,OAAOA,KAAAA;AACT;IAEA,OAAO;AACL,QAAA,GAAGA,KAAK;QACRzB,WAAaK,EAAAA,UAAAA,CAAQoB,KAAMzB,CAAAA,WAAW,CAAI0B,GAAAA,MAAAA,CAAI,UAAUD,KAAMzB,CAAAA,WAAW,CAAIyB,GAAAA,KAAAA,CAAMzB;AACrF,KAAA;AACF,CAAA;AAUA;;AAEC,IACK2B,MAAAA,KAAAA,GAAQ,OAAOC,WAAAA,GAA2B,EAAE,GAAA;AAChD,IAAA,IAAIT,OAAOR,IAAI,CAACiB,WAAaC,CAAAA,CAAAA,MAAM,KAAK,CAAG,EAAA;QACzC,OAAO,IAAA;AACT;IAEA,MAAMJ,KAAAA,GAAQ,MAAMlB,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoBC,CAAAA,CAAAA,OAAO,CAAC;QAC9DC,MAAQ,EAAA;AAAIrC,YAAAA,GAAAA,aAAAA;AAAe,YAAA;AAAe,SAAA;QAC1CsC,QAAUrC,EAAAA,eAAAA;QACVsC,KAAOP,EAAAA;AACT,KAAA,CAAA;AAEA,IAAA,IAAI,CAACH,KAAO,EAAA;QACV,OAAOA,KAAAA;AACT;AAEA,IAAA,MAAM,EAAEW,YAAY,EAAE,GAAGC,MAAM,GAAGZ,KAAAA;AAElC,IAAA,IAAI,CAACW,YAAc,EAAA;AACjB,QAAA,OAAOZ,uBAAwBa,CAAAA,IAAAA,CAAAA;AACjC;AAEA,IAAA,MAAMC,SAAYC,GAAAA,gBAAAA,CAAW,YAAcC,CAAAA,CAAAA,OAAO,CAACJ,YAAAA,CAAAA;AAEnD,IAAA,OAAOZ,uBAAwB,CAAA;AAC7B,QAAA,GAAGa,IAAI;AACPC,QAAAA;AACF,KAAA,CAAA;AACF;AAEA;;AAEC,IACKG,MAAAA,MAAAA,GAAS,OAAOb,WAAAA,GAA2B,EAAE,GAAA;IACjD,MAAMc,QAAAA,GAAW,MAAMf,KAAMC,CAAAA,WAAAA,CAAAA;AAE7B,IAAA,OAAO,CAAC,CAACc,QAAAA;AACX;AAEA;;IAGA,MAAMC,OAAO,CAACL,SAAAA,GAAAA;AACZ,IAAA,MAAMM,WAAcrC,GAAAA,MAAAA,CAAOsC,MAAM,CAACC,GAAG,CAAgC,gBAAA,CAAA;IACrE,MAAMC,IAAAA,GAAOH,YAAYG,IAAI;IAE7B,OAAOC,MAAAA,CAAOC,UAAU,CAAC,QAAA,EAAUF,MAAMG,MAAM,CAACZ,SAAWa,CAAAA,CAAAA,MAAM,CAAC,KAAA,CAAA;AACpE;AAEA,MAAMC,sBAAsB,CAACpC,QAAAA,GAAAA;;AAE3B,IAAA,MAAMqC,gBAAgBnC,WAASF,CAAAA,QAAAA,CAAAA,IAAasC,OAAOC,QAAQ,CAACvC,aAAaA,QAAW,GAAA,CAAA;AACpF,IAAA,IAAI,CAACqC,aAAAA,IAAiB,CAACpC,QAAAA,CAAMD,QAAW,CAAA,EAAA;AACtC,QAAA,MAAM,IAAIvB,eAAgB,CAAA,4CAAA,CAAA;AAC5B;IAEA,OAAO;AACLuB,QAAAA,QAAAA,EAAUA,QAAY,IAAA,IAAA;AACtBwC,QAAAA,SAAAA,EAAWxC,QAAWyC,GAAAA,IAAAA,CAAKC,GAAG,EAAA,GAAK1C,QAAW,GAAA;AAChD,KAAA;AACF,CAAA;AAEA;;IAGA,MAAM2C,SAAS,OAAOC,UAAAA,GAAAA;AACpB,IAAA,MAAMC,oBAAoBtB,gBAAW,CAAA,YAAA,CAAA;AACrC,IAAA,MAAMD,YAAYU,MAAOc,CAAAA,WAAW,CAAC,GAAA,CAAA,CAAKC,QAAQ,CAAC,KAAA,CAAA;IACnD,MAAM3B,YAAAA,GAAeyB,iBAAkBG,CAAAA,OAAO,CAAC1B,SAAAA,CAAAA;AAE/CxC,IAAAA,oCAAAA,CAAqC8D,UAAW7D,CAAAA,IAAI,EAAE6D,UAAAA,CAAW5D,WAAW,CAAA;AAC5EuB,IAAAA,mBAAAA,CAAoBqC,WAAW5C,QAAQ,CAAA;;IAGvC,MAAM0B,QAAAA,GAAqB,MAAMnC,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoB4B,CAAAA,CAAAA,MAAM,CAAC;QAC1E1B,MAAQrC,EAAAA,aAAAA;QACRsC,QAAUrC,EAAAA,eAAAA;QACVoE,IAAM,EAAA;YACJ,GAAGC,OAAAA,CAAK,eAAeN,UAAW,CAAA;AAClCtB,YAAAA,SAAAA,EAAWK,IAAKL,CAAAA,SAAAA,CAAAA;AAChBF,YAAAA,YAAAA;YACA,GAAGgB,mBAAAA,CAAoBQ,UAAW5C,CAAAA,QAAQ;AAC5C;AACF,KAAA,CAAA;AAEA,IAAA,MAAMmD,MAAmB,GAAA;AAAE,QAAA,GAAGzB,QAAQ;AAAEJ,QAAAA;AAAU,KAAA;;AAGlD,IAAA,IAAIsB,WAAW7D,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,EAAE;;;;;;AAMvD,QAAA,MAAMiE,QAAQC,GAAG,CACfC,QAAKV,UAAW5D,CAAAA,WAAW,EAAE0B,GAAG,CAAC,CAAChB,MAAAA,GAChCH,OAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B4B,MAAM,CAAC;gBACpDM,IAAM,EAAA;AAAEvD,oBAAAA,MAAAA;oBAAQe,KAAOiB,EAAAA;AAAS;AAClC,aAAA,CAAA,CAAA,CAAA;QAIJ,MAAM6B,kBAAAA,GAAqB,MAAMhE,MAAAA,CAAOuB,EAAE,CACvCC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAAC9B,QAAU,EAAA,aAAA,CAAA;AAElB,QAAA,IAAI6B,kBAAoB,EAAA;YACtBpD,MAAOsD,CAAAA,MAAM,CAACN,MAAQ,EAAA;AAAEnE,gBAAAA,WAAAA,EAAa0B,OAAI,QAAU6C,EAAAA,kBAAAA;AAAoB,aAAA,CAAA;AACzE;AACF;IAEA,OAAOJ,MAAAA;AACT;AAEA,MAAMO,aAAa,OAAOC,EAAAA,GAAAA;AACxB,IAAA,MAAMrC,YAAYU,MAAOc,CAAAA,WAAW,CAAC,GAAA,CAAA,CAAKC,QAAQ,CAAC,KAAA,CAAA;AACnD,IAAA,MAAMF,oBAAoBtB,gBAAW,CAAA,YAAA,CAAA;IACrC,MAAMH,YAAAA,GAAeyB,iBAAkBG,CAAAA,OAAO,CAAC1B,SAAAA,CAAAA;IAE/C,MAAMI,QAAAA,GAAqB,MAAMnC,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoBmB,CAAAA,CAAAA,MAAM,CAAC;QAC1EjB,MAAQ,EAAA;AAAC,YAAA,IAAA;AAAM,YAAA;AAAY,SAAA;QAC3BE,KAAO,EAAA;AAAEwC,YAAAA;AAAG,SAAA;QACZV,IAAM,EAAA;AACJ3B,YAAAA,SAAAA,EAAWK,IAAKL,CAAAA,SAAAA,CAAAA;AAChBF,YAAAA;AACF;AACF,KAAA,CAAA;AAEA,IAAA,IAAI,CAACM,QAAU,EAAA;AACb,QAAA,MAAM,IAAIhD,aAAc,CAAA,sCAAA,CAAA;AAC1B;IAEA,OAAO;AACL,QAAA,GAAGgD,QAAQ;AACXJ,QAAAA;AACF,KAAA;AACF;AAEA,MAAMsC,kBAAqB,GAAA,IAAA;AACzB,IAAA,MAAMhC,WAAcrC,GAAAA,MAAAA,CAAOsC,MAAM,CAACC,GAAG,CAAgC,gBAAA,CAAA;IACrE,IAAI,CAACF,aAAaG,IAAM,EAAA;;AAEtB,QAAA,IAAI8B,OAAQC,CAAAA,GAAG,CAACC,cAAc,EAAE;YAC9BF,OAAQG,CAAAA,WAAW,CAAC,CAAC;sUAC2S,CAAC,CAAA;YAEjUzE,MAAOsC,CAAAA,MAAM,CAACoC,GAAG,CAAC,uBAAuBJ,OAAQC,CAAAA,GAAG,CAACC,cAAc,CAAA;SAC9D,MAAA;YACL,MAAM,IAAIG,MACR,CAAC;uQAC8P,CAAC,CAAA;AAEpQ;AACF;AACF;AAEA;;AAEC,UACKC,IAAO,GAAA,UAAA;IACX,MAAMC,MAAAA,GAA4B,MAAM7E,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoBsD,CAAAA,CAAAA,QAAQ,CAAC;QACnFpD,MAAQrC,EAAAA,aAAAA;QACRsC,QAAUrC,EAAAA,eAAAA;QACVyF,OAAS,EAAA;YAAEC,IAAM,EAAA;AAAM;AACzB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACH,MAAQ,EAAA;QACX,OAAOA,MAAAA;AACT;AAEA,IAAA,OAAOA,MAAO1D,CAAAA,GAAG,CAAC,CAACD,QAAUD,uBAAwBC,CAAAA,KAAAA,CAAAA,CAAAA;AACvD;AAEA;;IAGA,MAAM+D,SAAS,OAAOb,EAAAA,GAAAA;AACpB,IAAA,OAAOpE,OAAOuB,EAAE,CACbC,KAAK,CAAC,kBAAA,CAAA,CACN0D,MAAM,CAAC;QAAExD,MAAQrC,EAAAA,aAAAA;QAAesC,QAAUrC,EAAAA,eAAAA;QAAiBsC,KAAO,EAAA;AAAEwC,YAAAA;AAAG;AAAE,KAAA,CAAA;AAC9E;AAEA;;IAGA,MAAMe,UAAU,OAAOf,EAAAA,GAAAA;AACrB,IAAA,OAAOhD,KAAM,CAAA;AAAEgD,QAAAA;AAAG,KAAA,CAAA;AACpB;AAEA;;IAGA,MAAMgB,YAAY,OAAOJ,IAAAA,GAAAA;AACvB,IAAA,OAAO5D,KAAM,CAAA;AAAE4D,QAAAA;AAAK,KAAA,CAAA;AACtB;AAEA;;IAGA,MAAMrC,MAAS,GAAA,OACbyB,EACAf,EAAAA,UAAAA,GAAAA;;IAGA,MAAMgC,aAAAA,GAA4B,MAAMrF,MAAOuB,CAAAA,EAAE,CAC9CC,KAAK,CAAC,kBACNC,CAAAA,CAAAA,OAAO,CAAC;QAAEG,KAAO,EAAA;AAAEwC,YAAAA;AAAG;AAAE,KAAA,CAAA;AAE3B,IAAA,IAAI,CAACiB,aAAe,EAAA;AAClB,QAAA,MAAM,IAAIlG,aAAc,CAAA,iBAAA,CAAA;AAC1B;AAEA,IAAA,MAAMmG,oBACJjC,GAAAA,UAAAA,CAAW7D,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,IACnDyF,cAAc7F,IAAI,KAAKE,SAAUC,CAAAA,cAAc,CAACC,MAAM;;;IAIxD,IAAIyD,UAAAA,CAAW5D,WAAW,IAAI6F,oBAAsB,EAAA;QAClD/F,oCACE8D,CAAAA,UAAAA,CAAW7D,IAAI,IAAI6F,aAAc7F,CAAAA,IAAI,EACrC6D,UAAW5D,CAAAA,WAAW,IAAI4F,aAAAA,CAAc5F,WAAW,CAAA;AAEvD;AAEAuB,IAAAA,mBAAAA,CAAoBqC,WAAW5C,QAAQ,CAAA;IAEvC,MAAM8E,YAAAA,GAAyB,MAAMvF,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoBmB,CAAAA,CAAAA,MAAM,CAAC;QAC9EjB,MAAQrC,EAAAA,aAAAA;QACRuC,KAAO,EAAA;AAAEwC,YAAAA;AAAG,SAAA;AACZV,QAAAA,IAAAA,EAAMC,QAAK,aAAeN,EAAAA,UAAAA;AAC5B,KAAA,CAAA;;IAGA,IAAIkC,YAAAA,CAAa/F,IAAI,KAAKE,SAAUC,CAAAA,cAAc,CAACC,MAAM,IAAIyD,UAAW5D,CAAAA,WAAW,EAAE;QACnF,MAAM+F,wBAAAA,GAA2B,MAAMxF,MAAAA,CAAOuB,EAAE,CAC7CC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAACsB,YAAc,EAAA,aAAA,CAAA;AAEtB,QAAA,MAAMvB,kBAAqB7C,GAAAA,MAAAA,CAAI,QAAUqE,EAAAA,wBAAAA,IAA4B,EAAE,CAAA;QACvE,MAAMC,cAAAA,GAAiB1B,OAAKV,CAAAA,UAAAA,CAAW5D,WAAW,CAAA;QAElD,MAAMiG,eAAAA,GAAkBpF,cAAW0D,kBAAoByB,EAAAA,cAAAA,CAAAA;QACvD,MAAME,YAAAA,GAAerF,cAAWmF,cAAgBzB,EAAAA,kBAAAA,CAAAA;;;AAIhD,QAAA,MAAMH,OAAQC,CAAAA,GAAG,CACf4B,eAAAA,CAAgBvE,GAAG,CAAC,CAAChB,MACnBH,GAAAA,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B0D,MAAM,CAAC;gBACpDtD,KAAO,EAAA;AAAEzB,oBAAAA,MAAAA;oBAAQe,KAAOkD,EAAAA;AAAG;AAC7B,aAAA,CAAA,CAAA,CAAA;;;AAMJ,QAAA,MAAMP,OAAQC,CAAAA,GAAG,CACf6B,YAAAA,CAAaxE,GAAG,CAAC,CAAChB,MAChBH,GAAAA,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B4B,MAAM,CAAC;gBACpDM,IAAM,EAAA;AAAEvD,oBAAAA,MAAAA;oBAAQe,KAAOkD,EAAAA;AAAG;AAC5B,aAAA,CAAA,CAAA,CAAA;KAKD,MAAA,IAAImB,aAAa/F,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,EAAE;AAC9D,QAAA,MAAMI,OAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B0D,MAAM,CAAC;YAC1DtD,KAAO,EAAA;gBAAEV,KAAOkD,EAAAA;AAAG;AACrB,SAAA,CAAA;AACF;;IAGA,MAAMwB,iBAAAA,GAAoB,MAAM5F,MAAAA,CAAOuB,EAAE,CACtCC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAACsB,YAAc,EAAA,aAAA,CAAA;IAEtB,OAAO;AACL,QAAA,GAAGA,YAAY;QACf9F,WAAamG,EAAAA,iBAAAA,GAAoBA,kBAAkBzE,GAAG,CAAC,CAAC0E,CAAWA,GAAAA,CAAAA,CAAE1F,MAAM,CAAI2F,GAAAA;AACjF,KAAA;AACF;AAEA,MAAMC,KAAQ,GAAA,OAAOnE,KAAQ,GAAA,EAAE,GAAA;AAC7B,IAAA,OAAO5B,OAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBuE,KAAK,CAAC;AAAEnE,QAAAA;AAAM,KAAA,CAAA;AAC3D;;;;;;;;;;;;;;;"}
1	+ {"version":3,"file":"api-token.js","sources":["../../../../../server/src/services/api-token.ts"],"sourcesContent":["import crypto from 'crypto';\nimport { omit, difference, isNil, isEmpty, map, isArray, uniq, isNumber } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\nimport { errors } from '@strapi/utils';\nimport type { Update, ApiToken, ApiTokenBody } from '../../../shared/contracts/api-token';\nimport constants from './constants';\nimport { getService } from '../utils';\n\nconst { ValidationError, NotFoundError } = errors;\n\ntype ApiTokenPermission = {\n id: number \| `${number}`;\n action: string;\n token: DBApiToken \| number;\n};\n\ntype DBApiToken = ApiToken & {\n permissions: (number \| ApiTokenPermission)[];\n};\n\nconst SELECT_FIELDS = [\n 'id',\n 'name',\n 'description',\n 'lastUsedAt',\n 'type',\n 'lifespan',\n 'expiresAt',\n 'createdAt',\n 'updatedAt',\n];\n\nconst POPULATE_FIELDS = ['permissions'];\n\n// TODO: we need to ensure the permissions are actually valid registered permissions!\n\n/*\n Assert that a token's permissions attribute is valid for its type\n /\nconst assertCustomTokenPermissionsValidity = (\n type: ApiTokenBody['type'],\n permissions: ApiTokenBody['permissions']\n) => {\n // Ensure non-custom tokens doesn't have permissions\n if (type !== constants.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions)) {\n throw new ValidationError('Non-custom tokens should not reference permissions');\n }\n\n // Custom type tokens should always have permissions attached to them\n if (type === constants.API_TOKEN_TYPE.CUSTOM && !isArray(permissions)) {\n throw new ValidationError('Missing permissions attribute for custom token');\n }\n\n // Permissions provided for a custom type token should be valid/registered permissions UID\n if (type === constants.API_TOKEN_TYPE.CUSTOM) {\n const validPermissions = strapi.contentAPI.permissions.providers.action.keys();\n const invalidPermissions = difference(permissions, validPermissions) as string[];\n\n if (!isEmpty(invalidPermissions)) {\n throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);\n }\n }\n};\n\n/\n Check if a token's lifespan is valid\n /\nconst isValidLifespan = (lifespan: unknown) => {\n if (isNil(lifespan)) {\n return true;\n }\n\n if (!isNumber(lifespan) \|\| !Object.values(constants.API_TOKEN_LIFESPANS).includes(lifespan)) {\n return false;\n }\n\n return true;\n};\n\n/\n Assert that a token's lifespan is valid\n /\nconst assertValidLifespan = (lifespan: unknown) => {\n if (!isValidLifespan(lifespan)) {\n throw new ValidationError(\n `lifespan must be one of the following values:\n ${Object.values(constants.API_TOKEN_LIFESPANS).join(', ')}`\n );\n }\n};\n\n/\n Flatten a token's database permissions objects to an array of strings\n /\nconst flattenTokenPermissions = (token: DBApiToken): ApiToken => {\n if (!token) {\n return token;\n }\n\n return {\n ...token,\n permissions: isArray(token.permissions) ? map('action', token.permissions) : token.permissions,\n };\n};\n\ntype WhereParams = {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n};\n\n/\n Get a token\n /\nconst getBy = async (whereParams: WhereParams = {}): Promise<ApiToken \| null> => {\n if (Object.keys(whereParams).length === 0) {\n return null;\n }\n\n const token = await strapi.db.query('admin::api-token').findOne({\n select: [...SELECT_FIELDS, 'encryptedKey'],\n populate: POPULATE_FIELDS,\n where: whereParams,\n });\n\n if (!token) {\n return token;\n }\n\n const { encryptedKey, ...rest } = token;\n\n if (!encryptedKey) {\n return flattenTokenPermissions(rest);\n }\n\n const accessKey = getService('encryption').decrypt(encryptedKey);\n\n return flattenTokenPermissions({\n ...rest,\n accessKey,\n });\n};\n\n/\n Check if token exists\n /\nconst exists = async (whereParams: WhereParams = {}): Promise<boolean> => {\n const apiToken = await getBy(whereParams);\n\n return !!apiToken;\n};\n\n/\n Return a secure sha512 hash of an accessKey\n /\nconst hash = (accessKey: string) => {\n const apiTokenCfg = strapi.config.get<Core.Config.Admin['apiToken']>('admin.apiToken');\n const salt = apiTokenCfg.salt;\n\n return crypto.createHmac('sha512', salt).update(accessKey).digest('hex');\n};\n\nconst getExpirationFields = (lifespan: ApiTokenBody['lifespan']) => {\n // it must be nil or a finite number >= 0\n const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;\n if (!isValidNumber && !isNil(lifespan)) {\n throw new ValidationError('lifespan must be a positive number or null');\n }\n\n return {\n lifespan: lifespan \|\| null,\n expiresAt: lifespan ? Date.now() + lifespan : null,\n };\n};\n\n/\n Create a token and its permissions\n /\nconst create = async (attributes: ApiTokenBody): Promise<ApiToken> => {\n const encryptionService = getService('encryption');\n const accessKey = crypto.randomBytes(128).toString('hex');\n const encryptedKey = encryptionService.encrypt(accessKey);\n\n assertCustomTokenPermissionsValidity(attributes.type, attributes.permissions);\n assertValidLifespan(attributes.lifespan);\n\n // Create the token\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').create({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n data: {\n ...omit('permissions', attributes),\n accessKey: hash(accessKey),\n encryptedKey,\n ...getExpirationFields(attributes.lifespan),\n },\n });\n\n const result: ApiToken = { ...apiToken, accessKey };\n\n // If this is a custom type token, create and the related permissions\n if (attributes.type === constants.API_TOKEN_TYPE.CUSTOM) {\n // TODO: createMany doesn't seem to create relation properly, implement a better way rather than a ton of queries\n // const permissionsCount = await strapi.db.query('admin::api-token-permission').createMany({\n // populate: POPULATE_FIELDS,\n // data: attributes.permissions.map(action => ({ action, token: apiToken })),\n // });\n await Promise.all(\n uniq(attributes.permissions).map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: apiToken },\n })\n )\n );\n\n const currentPermissions = await strapi.db\n .query('admin::api-token')\n .load(apiToken, 'permissions');\n\n if (currentPermissions) {\n Object.assign(result, { permissions: map('action', currentPermissions) });\n }\n }\n\n return result;\n};\n\nconst regenerate = async (id: string \| number): Promise<ApiToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n const encryptionService = getService('encryption');\n const encryptedKey = encryptionService.encrypt(accessKey);\n\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: ['id', 'accessKey'],\n where: { id },\n data: {\n accessKey: hash(accessKey),\n encryptedKey,\n },\n });\n\n if (!apiToken) {\n throw new NotFoundError('The provided token id does not exist');\n }\n\n return {\n ...apiToken,\n accessKey,\n };\n};\n\nconst checkSaltIsDefined = () => {\n const apiTokenCfg = strapi.config.get<Core.Config.Admin['apiToken']>('admin.apiToken');\n if (!apiTokenCfg?.salt) {\n // TODO V5: stop reading API_TOKEN_SALT\n if (process.env.API_TOKEN_SALT) {\n process.emitWarning(`[deprecated] In future versions, Strapi will stop reading directly from the environment variable API_TOKEN_SALT. Please set apiToken.salt in config/admin.js instead.\nFor security reasons, keep storing the secret in an environment variable and use env() to read it in config/admin.js (ex: \\`apiToken: { salt: env('API_TOKEN_SALT') }\\`). See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);\n\n strapi.config.set('admin.apiToken.salt', process.env.API_TOKEN_SALT);\n } else {\n throw new Error(\n `Missing apiToken.salt. Please set apiToken.salt in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n }\n};\n\n/\n Return a list of all tokens and their permissions\n /\nconst list = async (): Promise<Array<ApiToken>> => {\n const tokens: Array<DBApiToken> = await strapi.db.query('admin::api-token').findMany({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n orderBy: { name: 'ASC' },\n });\n\n if (!tokens) {\n return tokens;\n }\n\n return tokens.map((token) => flattenTokenPermissions(token));\n};\n\n/\n Revoke (delete) a token\n /\nconst revoke = async (id: string \| number): Promise<ApiToken> => {\n return strapi.db\n .query('admin::api-token')\n .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } });\n};\n\n/\n Retrieve a token by id\n /\nconst getById = async (id: string \| number) => {\n return getBy({ id });\n};\n\n/\n Retrieve a token by name\n /\nconst getByName = async (name: string) => {\n return getBy({ name });\n};\n\n/\n Update a token and its permissions\n */\nconst update = async (\n id: string \| number,\n attributes: Update.Request['body']\n): Promise<ApiToken> => {\n // retrieve token without permissions\n const originalToken: DBApiToken = await strapi.db\n .query('admin::api-token')\n .findOne({ where: { id } });\n\n if (!originalToken) {\n throw new NotFoundError('Token not found');\n }\n\n const changingTypeToCustom =\n attributes.type === constants.API_TOKEN_TYPE.CUSTOM &&\n originalToken.type !== constants.API_TOKEN_TYPE.CUSTOM;\n\n // if we're updating the permissions on any token type, or changing from non-custom to custom, ensure they're still valid\n // if neither type nor permissions are changing, we don't need to validate again or else we can't allow partial update\n if (attributes.permissions \|\| changingTypeToCustom) {\n assertCustomTokenPermissionsValidity(\n attributes.type \|\| originalToken.type,\n attributes.permissions \|\| originalToken.permissions\n );\n }\n\n assertValidLifespan(attributes.lifespan);\n\n const updatedToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: SELECT_FIELDS,\n where: { id },\n data: omit('permissions', attributes),\n });\n\n // custom tokens need to have their permissions updated as well\n if (updatedToken.type === constants.API_TOKEN_TYPE.CUSTOM && attributes.permissions) {\n const currentPermissionsResult = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n const currentPermissions = map('action', currentPermissionsResult \|\| []);\n const newPermissions = uniq(attributes.permissions);\n\n const actionsToDelete = difference(currentPermissions, newPermissions);\n const actionsToAdd = difference(newPermissions, currentPermissions);\n\n // TODO: improve efficiency here\n // method using a loop -- works but very inefficient\n await Promise.all(\n actionsToDelete.map((action) =>\n strapi.db.query('admin::api-token-permission').delete({\n where: { action, token: id },\n })\n )\n );\n\n // TODO: improve efficiency here\n // using a loop -- works but very inefficient\n await Promise.all(\n actionsToAdd.map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: id },\n })\n )\n );\n }\n // if type is not custom, make sure any old permissions get removed\n else if (updatedToken.type !== constants.API_TOKEN_TYPE.CUSTOM) {\n await strapi.db.query('admin::api-token-permission').delete({\n where: { token: id },\n });\n }\n\n // retrieve permissions\n const permissionsFromDb = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n return {\n ...updatedToken,\n permissions: permissionsFromDb ? permissionsFromDb.map((p: any) => p.action) : undefined,\n };\n};\n\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::api-token').count({ where });\n};\n\nexport {\n create,\n count,\n regenerate,\n exists,\n checkSaltIsDefined,\n hash,\n list,\n revoke,\n getById,\n update,\n getByName,\n getBy,\n};\n"],"names":["ValidationError","NotFoundError","errors","SELECT_FIELDS","POPULATE_FIELDS","assertCustomTokenPermissionsValidity","type","permissions","constants","API_TOKEN_TYPE","CUSTOM","isEmpty","isArray","validPermissions","strapi","contentAPI","providers","action","keys","invalidPermissions","difference","join","isValidLifespan","lifespan","isNil","isNumber","Object","values","API_TOKEN_LIFESPANS","includes","assertValidLifespan","flattenTokenPermissions","token","map","getBy","whereParams","length","db","query","findOne","select","populate","where","encryptedKey","rest","accessKey","getService","decrypt","exists","apiToken","hash","apiTokenCfg","config","get","salt","crypto","createHmac","update","digest","getExpirationFields","isValidNumber","Number","isFinite","expiresAt","Date","now","create","attributes","encryptionService","randomBytes","toString","encrypt","data","omit","result","Promise","all","uniq","currentPermissions","load","assign","regenerate","id","checkSaltIsDefined","process","env","API_TOKEN_SALT","emitWarning","set","Error","list","tokens","findMany","orderBy","name","revoke","delete","getById","getByName","originalToken","changingTypeToCustom","updatedToken","currentPermissionsResult","newPermissions","actionsToDelete","actionsToAdd","permissionsFromDb","p","undefined","count"],"mappings":";;;;;;;;AAQA,MAAM,EAAEA,eAAe,EAAEC,aAAa,EAAE,GAAGC,YAAAA;AAY3C,MAAMC,aAAAA,GAAgB;AACpB,IAAA,IAAA;AACA,IAAA,MAAA;AACA,IAAA,aAAA;AACA,IAAA,YAAA;AACA,IAAA,MAAA;AACA,IAAA,UAAA;AACA,IAAA,WAAA;AACA,IAAA,WAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,eAAAA,GAAkB;AAAC,IAAA;AAAc,CAAA;AAEvC;AAEA;;IAGA,MAAMC,oCAAAA,GAAuC,CAC3CC,IAAAA,EACAC,WAAAA,GAAAA;;IAGA,IAAID,IAAAA,KAASE,UAAUC,cAAc,CAACC,MAAM,IAAI,CAACC,WAAQJ,WAAAA,CAAAA,EAAc;AACrE,QAAA,MAAM,IAAIP,eAAAA,CAAgB,oDAAA,CAAA;AAC5B,IAAA;;IAGA,IAAIM,IAAAA,KAASE,UAAUC,cAAc,CAACC,MAAM,IAAI,CAACE,WAAQL,WAAAA,CAAAA,EAAc;AACrE,QAAA,MAAM,IAAIP,eAAAA,CAAgB,gDAAA,CAAA;AAC5B,IAAA;;AAGA,IAAA,IAAIM,IAAAA,KAASE,SAAAA,CAAUC,cAAc,CAACC,MAAM,EAAE;QAC5C,MAAMG,gBAAAA,GAAmBC,MAAAA,CAAOC,UAAU,CAACR,WAAW,CAACS,SAAS,CAACC,MAAM,CAACC,IAAI,EAAA;QAC5E,MAAMC,kBAAAA,GAAqBC,cAAWb,WAAAA,EAAaM,gBAAAA,CAAAA;QAEnD,IAAI,CAACF,WAAQQ,kBAAAA,CAAAA,EAAqB;YAChC,MAAM,IAAInB,gBAAgB,CAAC,8BAA8B,EAAEmB,kBAAAA,CAAmBE,IAAI,CAAC,IAAA,CAAA,CAAA,CAAO,CAAA;AAC5F,QAAA;AACF,IAAA;AACF,CAAA;AAEA;;IAGA,MAAMC,kBAAkB,CAACC,QAAAA,GAAAA;AACvB,IAAA,IAAIC,SAAMD,QAAAA,CAAAA,EAAW;QACnB,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,IAAI,CAACE,WAAAA,CAASF,QAAAA,CAAAA,IAAa,CAACG,MAAAA,CAAOC,MAAM,CAACnB,SAAAA,CAAUoB,mBAAmB,CAAA,CAAEC,QAAQ,CAACN,QAAAA,CAAAA,EAAW;QAC3F,OAAO,KAAA;AACT,IAAA;IAEA,OAAO,IAAA;AACT,CAAA;AAEA;;IAGA,MAAMO,sBAAsB,CAACP,QAAAA,GAAAA;IAC3B,IAAI,CAACD,gBAAgBC,QAAAA,CAAAA,EAAW;QAC9B,MAAM,IAAIvB,gBACR,CAAC;MACD,EAAE0B,MAAAA,CAAOC,MAAM,CAACnB,SAAAA,CAAUoB,mBAAmB,CAAA,CAAEP,IAAI,CAAC,IAAA,CAAA,CAAA,CAAO,CAAA;AAE/D,IAAA;AACF,CAAA;AAEA;;IAGA,MAAMU,0BAA0B,CAACC,KAAAA,GAAAA;AAC/B,IAAA,IAAI,CAACA,KAAAA,EAAO;QACV,OAAOA,KAAAA;AACT,IAAA;IAEA,OAAO;AACL,QAAA,GAAGA,KAAK;QACRzB,WAAAA,EAAaK,UAAAA,CAAQoB,KAAAA,CAAMzB,WAAW,CAAA,GAAI0B,MAAAA,CAAI,UAAUD,KAAAA,CAAMzB,WAAW,CAAA,GAAIyB,KAAAA,CAAMzB;AACrF,KAAA;AACF,CAAA;AAUA;;AAEC,IACD,MAAM2B,KAAAA,GAAQ,OAAOC,WAAAA,GAA2B,EAAE,GAAA;AAChD,IAAA,IAAIT,OAAOR,IAAI,CAACiB,WAAAA,CAAAA,CAAaC,MAAM,KAAK,CAAA,EAAG;QACzC,OAAO,IAAA;AACT,IAAA;IAEA,MAAMJ,KAAAA,GAAQ,MAAMlB,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBC,OAAO,CAAC;QAC9DC,MAAAA,EAAQ;AAAIrC,YAAAA,GAAAA,aAAAA;AAAe,YAAA;AAAe,SAAA;QAC1CsC,QAAAA,EAAUrC,eAAAA;QACVsC,KAAAA,EAAOP;AACT,KAAA,CAAA;AAEA,IAAA,IAAI,CAACH,KAAAA,EAAO;QACV,OAAOA,KAAAA;AACT,IAAA;AAEA,IAAA,MAAM,EAAEW,YAAY,EAAE,GAAGC,MAAM,GAAGZ,KAAAA;AAElC,IAAA,IAAI,CAACW,YAAAA,EAAc;AACjB,QAAA,OAAOZ,uBAAAA,CAAwBa,IAAAA,CAAAA;AACjC,IAAA;AAEA,IAAA,MAAMC,SAAAA,GAAYC,gBAAAA,CAAW,YAAA,CAAA,CAAcC,OAAO,CAACJ,YAAAA,CAAAA;AAEnD,IAAA,OAAOZ,uBAAAA,CAAwB;AAC7B,QAAA,GAAGa,IAAI;AACPC,QAAAA;AACF,KAAA,CAAA;AACF;AAEA;;AAEC,IACD,MAAMG,MAAAA,GAAS,OAAOb,WAAAA,GAA2B,EAAE,GAAA;IACjD,MAAMc,QAAAA,GAAW,MAAMf,KAAAA,CAAMC,WAAAA,CAAAA;AAE7B,IAAA,OAAO,CAAC,CAACc,QAAAA;AACX;AAEA;;IAGA,MAAMC,OAAO,CAACL,SAAAA,GAAAA;AACZ,IAAA,MAAMM,WAAAA,GAAcrC,MAAAA,CAAOsC,MAAM,CAACC,GAAG,CAAgC,gBAAA,CAAA;IACrE,MAAMC,IAAAA,GAAOH,YAAYG,IAAI;IAE7B,OAAOC,MAAAA,CAAOC,UAAU,CAAC,QAAA,EAAUF,MAAMG,MAAM,CAACZ,SAAAA,CAAAA,CAAWa,MAAM,CAAC,KAAA,CAAA;AACpE;AAEA,MAAMC,sBAAsB,CAACpC,QAAAA,GAAAA;;AAE3B,IAAA,MAAMqC,gBAAgBnC,WAAAA,CAASF,QAAAA,CAAAA,IAAasC,OAAOC,QAAQ,CAACvC,aAAaA,QAAAA,GAAW,CAAA;AACpF,IAAA,IAAI,CAACqC,aAAAA,IAAiB,CAACpC,QAAAA,CAAMD,QAAAA,CAAAA,EAAW;AACtC,QAAA,MAAM,IAAIvB,eAAAA,CAAgB,4CAAA,CAAA;AAC5B,IAAA;IAEA,OAAO;AACLuB,QAAAA,QAAAA,EAAUA,QAAAA,IAAY,IAAA;AACtBwC,QAAAA,SAAAA,EAAWxC,QAAAA,GAAWyC,IAAAA,CAAKC,GAAG,EAAA,GAAK1C,QAAAA,GAAW;AAChD,KAAA;AACF,CAAA;AAEA;;IAGA,MAAM2C,SAAS,OAAOC,UAAAA,GAAAA;AACpB,IAAA,MAAMC,oBAAoBtB,gBAAAA,CAAW,YAAA,CAAA;AACrC,IAAA,MAAMD,YAAYU,MAAAA,CAAOc,WAAW,CAAC,GAAA,CAAA,CAAKC,QAAQ,CAAC,KAAA,CAAA;IACnD,MAAM3B,YAAAA,GAAeyB,iBAAAA,CAAkBG,OAAO,CAAC1B,SAAAA,CAAAA;AAE/CxC,IAAAA,oCAAAA,CAAqC8D,UAAAA,CAAW7D,IAAI,EAAE6D,UAAAA,CAAW5D,WAAW,CAAA;AAC5EuB,IAAAA,mBAAAA,CAAoBqC,WAAW5C,QAAQ,CAAA;;IAGvC,MAAM0B,QAAAA,GAAqB,MAAMnC,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoB4B,MAAM,CAAC;QAC1E1B,MAAAA,EAAQrC,aAAAA;QACRsC,QAAAA,EAAUrC,eAAAA;QACVoE,IAAAA,EAAM;YACJ,GAAGC,OAAAA,CAAK,eAAeN,UAAAA,CAAW;AAClCtB,YAAAA,SAAAA,EAAWK,IAAAA,CAAKL,SAAAA,CAAAA;AAChBF,YAAAA,YAAAA;YACA,GAAGgB,mBAAAA,CAAoBQ,UAAAA,CAAW5C,QAAQ;AAC5C;AACF,KAAA,CAAA;AAEA,IAAA,MAAMmD,MAAAA,GAAmB;AAAE,QAAA,GAAGzB,QAAQ;AAAEJ,QAAAA;AAAU,KAAA;;AAGlD,IAAA,IAAIsB,WAAW7D,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,EAAE;;;;;;AAMvD,QAAA,MAAMiE,QAAQC,GAAG,CACfC,QAAKV,UAAAA,CAAW5D,WAAW,EAAE0B,GAAG,CAAC,CAAChB,MAAAA,GAChCH,OAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B4B,MAAM,CAAC;gBACpDM,IAAAA,EAAM;AAAEvD,oBAAAA,MAAAA;oBAAQe,KAAAA,EAAOiB;AAAS;AAClC,aAAA,CAAA,CAAA,CAAA;QAIJ,MAAM6B,kBAAAA,GAAqB,MAAMhE,MAAAA,CAAOuB,EAAE,CACvCC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAAC9B,QAAAA,EAAU,aAAA,CAAA;AAElB,QAAA,IAAI6B,kBAAAA,EAAoB;YACtBpD,MAAAA,CAAOsD,MAAM,CAACN,MAAAA,EAAQ;AAAEnE,gBAAAA,WAAAA,EAAa0B,OAAI,QAAA,EAAU6C,kBAAAA;AAAoB,aAAA,CAAA;AACzE,QAAA;AACF,IAAA;IAEA,OAAOJ,MAAAA;AACT;AAEA,MAAMO,aAAa,OAAOC,EAAAA,GAAAA;AACxB,IAAA,MAAMrC,YAAYU,MAAAA,CAAOc,WAAW,CAAC,GAAA,CAAA,CAAKC,QAAQ,CAAC,KAAA,CAAA;AACnD,IAAA,MAAMF,oBAAoBtB,gBAAAA,CAAW,YAAA,CAAA;IACrC,MAAMH,YAAAA,GAAeyB,iBAAAA,CAAkBG,OAAO,CAAC1B,SAAAA,CAAAA;IAE/C,MAAMI,QAAAA,GAAqB,MAAMnC,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBmB,MAAM,CAAC;QAC1EjB,MAAAA,EAAQ;AAAC,YAAA,IAAA;AAAM,YAAA;AAAY,SAAA;QAC3BE,KAAAA,EAAO;AAAEwC,YAAAA;AAAG,SAAA;QACZV,IAAAA,EAAM;AACJ3B,YAAAA,SAAAA,EAAWK,IAAAA,CAAKL,SAAAA,CAAAA;AAChBF,YAAAA;AACF;AACF,KAAA,CAAA;AAEA,IAAA,IAAI,CAACM,QAAAA,EAAU;AACb,QAAA,MAAM,IAAIhD,aAAAA,CAAc,sCAAA,CAAA;AAC1B,IAAA;IAEA,OAAO;AACL,QAAA,GAAGgD,QAAQ;AACXJ,QAAAA;AACF,KAAA;AACF;AAEA,MAAMsC,kBAAAA,GAAqB,IAAA;AACzB,IAAA,MAAMhC,WAAAA,GAAcrC,MAAAA,CAAOsC,MAAM,CAACC,GAAG,CAAgC,gBAAA,CAAA;IACrE,IAAI,CAACF,aAAaG,IAAAA,EAAM;;AAEtB,QAAA,IAAI8B,OAAAA,CAAQC,GAAG,CAACC,cAAc,EAAE;YAC9BF,OAAAA,CAAQG,WAAW,CAAC,CAAC;sUAC2S,CAAC,CAAA;YAEjUzE,MAAAA,CAAOsC,MAAM,CAACoC,GAAG,CAAC,uBAAuBJ,OAAAA,CAAQC,GAAG,CAACC,cAAc,CAAA;QACrE,CAAA,MAAO;YACL,MAAM,IAAIG,MACR,CAAC;uQAC8P,CAAC,CAAA;AAEpQ,QAAA;AACF,IAAA;AACF;AAEA;;AAEC,UACKC,IAAAA,GAAO,UAAA;IACX,MAAMC,MAAAA,GAA4B,MAAM7E,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBsD,QAAQ,CAAC;QACnFpD,MAAAA,EAAQrC,aAAAA;QACRsC,QAAAA,EAAUrC,eAAAA;QACVyF,OAAAA,EAAS;YAAEC,IAAAA,EAAM;AAAM;AACzB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACH,MAAAA,EAAQ;QACX,OAAOA,MAAAA;AACT,IAAA;AAEA,IAAA,OAAOA,MAAAA,CAAO1D,GAAG,CAAC,CAACD,QAAUD,uBAAAA,CAAwBC,KAAAA,CAAAA,CAAAA;AACvD;AAEA;;IAGA,MAAM+D,SAAS,OAAOb,EAAAA,GAAAA;AACpB,IAAA,OAAOpE,OAAOuB,EAAE,CACbC,KAAK,CAAC,kBAAA,CAAA,CACN0D,MAAM,CAAC;QAAExD,MAAAA,EAAQrC,aAAAA;QAAesC,QAAAA,EAAUrC,eAAAA;QAAiBsC,KAAAA,EAAO;AAAEwC,YAAAA;AAAG;AAAE,KAAA,CAAA;AAC9E;AAEA;;IAGA,MAAMe,UAAU,OAAOf,EAAAA,GAAAA;AACrB,IAAA,OAAOhD,KAAAA,CAAM;AAAEgD,QAAAA;AAAG,KAAA,CAAA;AACpB;AAEA;;IAGA,MAAMgB,YAAY,OAAOJ,IAAAA,GAAAA;AACvB,IAAA,OAAO5D,KAAAA,CAAM;AAAE4D,QAAAA;AAAK,KAAA,CAAA;AACtB;AAEA;;IAGA,MAAMrC,MAAAA,GAAS,OACbyB,EAAAA,EACAf,UAAAA,GAAAA;;IAGA,MAAMgC,aAAAA,GAA4B,MAAMrF,MAAAA,CAAOuB,EAAE,CAC9CC,KAAK,CAAC,kBAAA,CAAA,CACNC,OAAO,CAAC;QAAEG,KAAAA,EAAO;AAAEwC,YAAAA;AAAG;AAAE,KAAA,CAAA;AAE3B,IAAA,IAAI,CAACiB,aAAAA,EAAe;AAClB,QAAA,MAAM,IAAIlG,aAAAA,CAAc,iBAAA,CAAA;AAC1B,IAAA;AAEA,IAAA,MAAMmG,oBAAAA,GACJjC,UAAAA,CAAW7D,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,IACnDyF,cAAc7F,IAAI,KAAKE,SAAAA,CAAUC,cAAc,CAACC,MAAM;;;IAIxD,IAAIyD,UAAAA,CAAW5D,WAAW,IAAI6F,oBAAAA,EAAsB;QAClD/F,oCAAAA,CACE8D,UAAAA,CAAW7D,IAAI,IAAI6F,aAAAA,CAAc7F,IAAI,EACrC6D,UAAAA,CAAW5D,WAAW,IAAI4F,aAAAA,CAAc5F,WAAW,CAAA;AAEvD,IAAA;AAEAuB,IAAAA,mBAAAA,CAAoBqC,WAAW5C,QAAQ,CAAA;IAEvC,MAAM8E,YAAAA,GAAyB,MAAMvF,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBmB,MAAM,CAAC;QAC9EjB,MAAAA,EAAQrC,aAAAA;QACRuC,KAAAA,EAAO;AAAEwC,YAAAA;AAAG,SAAA;AACZV,QAAAA,IAAAA,EAAMC,QAAK,aAAA,EAAeN,UAAAA;AAC5B,KAAA,CAAA;;IAGA,IAAIkC,YAAAA,CAAa/F,IAAI,KAAKE,SAAAA,CAAUC,cAAc,CAACC,MAAM,IAAIyD,UAAAA,CAAW5D,WAAW,EAAE;QACnF,MAAM+F,wBAAAA,GAA2B,MAAMxF,MAAAA,CAAOuB,EAAE,CAC7CC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAACsB,YAAAA,EAAc,aAAA,CAAA;AAEtB,QAAA,MAAMvB,kBAAAA,GAAqB7C,MAAAA,CAAI,QAAA,EAAUqE,wBAAAA,IAA4B,EAAE,CAAA;QACvE,MAAMC,cAAAA,GAAiB1B,OAAAA,CAAKV,UAAAA,CAAW5D,WAAW,CAAA;QAElD,MAAMiG,eAAAA,GAAkBpF,cAAW0D,kBAAAA,EAAoByB,cAAAA,CAAAA;QACvD,MAAME,YAAAA,GAAerF,cAAWmF,cAAAA,EAAgBzB,kBAAAA,CAAAA;;;AAIhD,QAAA,MAAMH,OAAAA,CAAQC,GAAG,CACf4B,eAAAA,CAAgBvE,GAAG,CAAC,CAAChB,MAAAA,GACnBH,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B0D,MAAM,CAAC;gBACpDtD,KAAAA,EAAO;AAAEzB,oBAAAA,MAAAA;oBAAQe,KAAAA,EAAOkD;AAAG;AAC7B,aAAA,CAAA,CAAA,CAAA;;;AAMJ,QAAA,MAAMP,OAAAA,CAAQC,GAAG,CACf6B,YAAAA,CAAaxE,GAAG,CAAC,CAAChB,MAAAA,GAChBH,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B4B,MAAM,CAAC;gBACpDM,IAAAA,EAAM;AAAEvD,oBAAAA,MAAAA;oBAAQe,KAAAA,EAAOkD;AAAG;AAC5B,aAAA,CAAA,CAAA,CAAA;IAGN,CAAA,MAEK,IAAImB,aAAa/F,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,EAAE;AAC9D,QAAA,MAAMI,OAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B0D,MAAM,CAAC;YAC1DtD,KAAAA,EAAO;gBAAEV,KAAAA,EAAOkD;AAAG;AACrB,SAAA,CAAA;AACF,IAAA;;IAGA,MAAMwB,iBAAAA,GAAoB,MAAM5F,MAAAA,CAAOuB,EAAE,CACtCC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAACsB,YAAAA,EAAc,aAAA,CAAA;IAEtB,OAAO;AACL,QAAA,GAAGA,YAAY;QACf9F,WAAAA,EAAamG,iBAAAA,GAAoBA,kBAAkBzE,GAAG,CAAC,CAAC0E,CAAAA,GAAWA,CAAAA,CAAE1F,MAAM,CAAA,GAAI2F;AACjF,KAAA;AACF;AAEA,MAAMC,KAAAA,GAAQ,OAAOnE,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAO5B,OAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBuE,KAAK,CAAC;AAAEnE,QAAAA;AAAM,KAAA,CAAA;AAC3D;;;;;;;;;;;;;;;"}

package/dist/server/server/src/services/api-token.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"api-token.mjs","sources":["../../../../../server/src/services/api-token.ts"],"sourcesContent":["import crypto from 'crypto';\nimport { omit, difference, isNil, isEmpty, map, isArray, uniq, isNumber } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\nimport { errors } from '@strapi/utils';\nimport type { Update, ApiToken, ApiTokenBody } from '../../../shared/contracts/api-token';\nimport constants from './constants';\nimport { getService } from '../utils';\n\nconst { ValidationError, NotFoundError } = errors;\n\ntype ApiTokenPermission = {\n id: number \| `${number}`;\n action: string;\n token: DBApiToken \| number;\n};\n\ntype DBApiToken = ApiToken & {\n permissions: (number \| ApiTokenPermission)[];\n};\n\nconst SELECT_FIELDS = [\n 'id',\n 'name',\n 'description',\n 'lastUsedAt',\n 'type',\n 'lifespan',\n 'expiresAt',\n 'createdAt',\n 'updatedAt',\n];\n\nconst POPULATE_FIELDS = ['permissions'];\n\n// TODO: we need to ensure the permissions are actually valid registered permissions!\n\n/*\n Assert that a token's permissions attribute is valid for its type\n /\nconst assertCustomTokenPermissionsValidity = (\n type: ApiTokenBody['type'],\n permissions: ApiTokenBody['permissions']\n) => {\n // Ensure non-custom tokens doesn't have permissions\n if (type !== constants.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions)) {\n throw new ValidationError('Non-custom tokens should not reference permissions');\n }\n\n // Custom type tokens should always have permissions attached to them\n if (type === constants.API_TOKEN_TYPE.CUSTOM && !isArray(permissions)) {\n throw new ValidationError('Missing permissions attribute for custom token');\n }\n\n // Permissions provided for a custom type token should be valid/registered permissions UID\n if (type === constants.API_TOKEN_TYPE.CUSTOM) {\n const validPermissions = strapi.contentAPI.permissions.providers.action.keys();\n const invalidPermissions = difference(permissions, validPermissions) as string[];\n\n if (!isEmpty(invalidPermissions)) {\n throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);\n }\n }\n};\n\n/\n Check if a token's lifespan is valid\n /\nconst isValidLifespan = (lifespan: unknown) => {\n if (isNil(lifespan)) {\n return true;\n }\n\n if (!isNumber(lifespan) \|\| !Object.values(constants.API_TOKEN_LIFESPANS).includes(lifespan)) {\n return false;\n }\n\n return true;\n};\n\n/\n Assert that a token's lifespan is valid\n /\nconst assertValidLifespan = (lifespan: unknown) => {\n if (!isValidLifespan(lifespan)) {\n throw new ValidationError(\n `lifespan must be one of the following values:\n ${Object.values(constants.API_TOKEN_LIFESPANS).join(', ')}`\n );\n }\n};\n\n/\n Flatten a token's database permissions objects to an array of strings\n /\nconst flattenTokenPermissions = (token: DBApiToken): ApiToken => {\n if (!token) {\n return token;\n }\n\n return {\n ...token,\n permissions: isArray(token.permissions) ? map('action', token.permissions) : token.permissions,\n };\n};\n\ntype WhereParams = {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n};\n\n/\n Get a token\n /\nconst getBy = async (whereParams: WhereParams = {}): Promise<ApiToken \| null> => {\n if (Object.keys(whereParams).length === 0) {\n return null;\n }\n\n const token = await strapi.db.query('admin::api-token').findOne({\n select: [...SELECT_FIELDS, 'encryptedKey'],\n populate: POPULATE_FIELDS,\n where: whereParams,\n });\n\n if (!token) {\n return token;\n }\n\n const { encryptedKey, ...rest } = token;\n\n if (!encryptedKey) {\n return flattenTokenPermissions(rest);\n }\n\n const accessKey = getService('encryption').decrypt(encryptedKey);\n\n return flattenTokenPermissions({\n ...rest,\n accessKey,\n });\n};\n\n/\n Check if token exists\n /\nconst exists = async (whereParams: WhereParams = {}): Promise<boolean> => {\n const apiToken = await getBy(whereParams);\n\n return !!apiToken;\n};\n\n/\n Return a secure sha512 hash of an accessKey\n /\nconst hash = (accessKey: string) => {\n const apiTokenCfg = strapi.config.get<Core.Config.Admin['apiToken']>('admin.apiToken');\n const salt = apiTokenCfg.salt;\n\n return crypto.createHmac('sha512', salt).update(accessKey).digest('hex');\n};\n\nconst getExpirationFields = (lifespan: ApiTokenBody['lifespan']) => {\n // it must be nil or a finite number >= 0\n const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;\n if (!isValidNumber && !isNil(lifespan)) {\n throw new ValidationError('lifespan must be a positive number or null');\n }\n\n return {\n lifespan: lifespan \|\| null,\n expiresAt: lifespan ? Date.now() + lifespan : null,\n };\n};\n\n/\n Create a token and its permissions\n /\nconst create = async (attributes: ApiTokenBody): Promise<ApiToken> => {\n const encryptionService = getService('encryption');\n const accessKey = crypto.randomBytes(128).toString('hex');\n const encryptedKey = encryptionService.encrypt(accessKey);\n\n assertCustomTokenPermissionsValidity(attributes.type, attributes.permissions);\n assertValidLifespan(attributes.lifespan);\n\n // Create the token\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').create({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n data: {\n ...omit('permissions', attributes),\n accessKey: hash(accessKey),\n encryptedKey,\n ...getExpirationFields(attributes.lifespan),\n },\n });\n\n const result: ApiToken = { ...apiToken, accessKey };\n\n // If this is a custom type token, create and the related permissions\n if (attributes.type === constants.API_TOKEN_TYPE.CUSTOM) {\n // TODO: createMany doesn't seem to create relation properly, implement a better way rather than a ton of queries\n // const permissionsCount = await strapi.db.query('admin::api-token-permission').createMany({\n // populate: POPULATE_FIELDS,\n // data: attributes.permissions.map(action => ({ action, token: apiToken })),\n // });\n await Promise.all(\n uniq(attributes.permissions).map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: apiToken },\n })\n )\n );\n\n const currentPermissions = await strapi.db\n .query('admin::api-token')\n .load(apiToken, 'permissions');\n\n if (currentPermissions) {\n Object.assign(result, { permissions: map('action', currentPermissions) });\n }\n }\n\n return result;\n};\n\nconst regenerate = async (id: string \| number): Promise<ApiToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n const encryptionService = getService('encryption');\n const encryptedKey = encryptionService.encrypt(accessKey);\n\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: ['id', 'accessKey'],\n where: { id },\n data: {\n accessKey: hash(accessKey),\n encryptedKey,\n },\n });\n\n if (!apiToken) {\n throw new NotFoundError('The provided token id does not exist');\n }\n\n return {\n ...apiToken,\n accessKey,\n };\n};\n\nconst checkSaltIsDefined = () => {\n const apiTokenCfg = strapi.config.get<Core.Config.Admin['apiToken']>('admin.apiToken');\n if (!apiTokenCfg?.salt) {\n // TODO V5: stop reading API_TOKEN_SALT\n if (process.env.API_TOKEN_SALT) {\n process.emitWarning(`[deprecated] In future versions, Strapi will stop reading directly from the environment variable API_TOKEN_SALT. Please set apiToken.salt in config/admin.js instead.\nFor security reasons, keep storing the secret in an environment variable and use env() to read it in config/admin.js (ex: \\`apiToken: { salt: env('API_TOKEN_SALT') }\\`). See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);\n\n strapi.config.set('admin.apiToken.salt', process.env.API_TOKEN_SALT);\n } else {\n throw new Error(\n `Missing apiToken.salt. Please set apiToken.salt in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n }\n};\n\n/\n Return a list of all tokens and their permissions\n /\nconst list = async (): Promise<Array<ApiToken>> => {\n const tokens: Array<DBApiToken> = await strapi.db.query('admin::api-token').findMany({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n orderBy: { name: 'ASC' },\n });\n\n if (!tokens) {\n return tokens;\n }\n\n return tokens.map((token) => flattenTokenPermissions(token));\n};\n\n/\n Revoke (delete) a token\n /\nconst revoke = async (id: string \| number): Promise<ApiToken> => {\n return strapi.db\n .query('admin::api-token')\n .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } });\n};\n\n/\n Retrieve a token by id\n /\nconst getById = async (id: string \| number) => {\n return getBy({ id });\n};\n\n/\n Retrieve a token by name\n /\nconst getByName = async (name: string) => {\n return getBy({ name });\n};\n\n/\n Update a token and its permissions\n */\nconst update = async (\n id: string \| number,\n attributes: Update.Request['body']\n): Promise<ApiToken> => {\n // retrieve token without permissions\n const originalToken: DBApiToken = await strapi.db\n .query('admin::api-token')\n .findOne({ where: { id } });\n\n if (!originalToken) {\n throw new NotFoundError('Token not found');\n }\n\n const changingTypeToCustom =\n attributes.type === constants.API_TOKEN_TYPE.CUSTOM &&\n originalToken.type !== constants.API_TOKEN_TYPE.CUSTOM;\n\n // if we're updating the permissions on any token type, or changing from non-custom to custom, ensure they're still valid\n // if neither type nor permissions are changing, we don't need to validate again or else we can't allow partial update\n if (attributes.permissions \|\| changingTypeToCustom) {\n assertCustomTokenPermissionsValidity(\n attributes.type \|\| originalToken.type,\n attributes.permissions \|\| originalToken.permissions\n );\n }\n\n assertValidLifespan(attributes.lifespan);\n\n const updatedToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: SELECT_FIELDS,\n where: { id },\n data: omit('permissions', attributes),\n });\n\n // custom tokens need to have their permissions updated as well\n if (updatedToken.type === constants.API_TOKEN_TYPE.CUSTOM && attributes.permissions) {\n const currentPermissionsResult = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n const currentPermissions = map('action', currentPermissionsResult \|\| []);\n const newPermissions = uniq(attributes.permissions);\n\n const actionsToDelete = difference(currentPermissions, newPermissions);\n const actionsToAdd = difference(newPermissions, currentPermissions);\n\n // TODO: improve efficiency here\n // method using a loop -- works but very inefficient\n await Promise.all(\n actionsToDelete.map((action) =>\n strapi.db.query('admin::api-token-permission').delete({\n where: { action, token: id },\n })\n )\n );\n\n // TODO: improve efficiency here\n // using a loop -- works but very inefficient\n await Promise.all(\n actionsToAdd.map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: id },\n })\n )\n );\n }\n // if type is not custom, make sure any old permissions get removed\n else if (updatedToken.type !== constants.API_TOKEN_TYPE.CUSTOM) {\n await strapi.db.query('admin::api-token-permission').delete({\n where: { token: id },\n });\n }\n\n // retrieve permissions\n const permissionsFromDb = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n return {\n ...updatedToken,\n permissions: permissionsFromDb ? permissionsFromDb.map((p: any) => p.action) : undefined,\n };\n};\n\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::api-token').count({ where });\n};\n\nexport {\n create,\n count,\n regenerate,\n exists,\n checkSaltIsDefined,\n hash,\n list,\n revoke,\n getById,\n update,\n getByName,\n getBy,\n};\n"],"names":["ValidationError","NotFoundError","errors","SELECT_FIELDS","POPULATE_FIELDS","assertCustomTokenPermissionsValidity","type","permissions","constants","API_TOKEN_TYPE","CUSTOM","isEmpty","isArray","validPermissions","strapi","contentAPI","providers","action","keys","invalidPermissions","difference","join","isValidLifespan","lifespan","isNil","isNumber","Object","values","API_TOKEN_LIFESPANS","includes","assertValidLifespan","flattenTokenPermissions","token","map","getBy","whereParams","length","db","query","findOne","select","populate","where","encryptedKey","rest","accessKey","getService","decrypt","exists","apiToken","hash","apiTokenCfg","config","get","salt","crypto","createHmac","update","digest","getExpirationFields","isValidNumber","Number","isFinite","expiresAt","Date","now","create","attributes","encryptionService","randomBytes","toString","encrypt","data","omit","result","Promise","all","uniq","currentPermissions","load","assign","regenerate","id","checkSaltIsDefined","process","env","API_TOKEN_SALT","emitWarning","set","Error","list","tokens","findMany","orderBy","name","revoke","delete","getById","getByName","originalToken","changingTypeToCustom","updatedToken","currentPermissionsResult","newPermissions","actionsToDelete","actionsToAdd","permissionsFromDb","p","undefined","count"],"mappings":";;;;;;AAQA,MAAM,EAAEA,eAAe,EAAEC,aAAa,EAAE,GAAGC,MAAAA;AAY3C,MAAMC,aAAgB,GAAA;AACpB,IAAA,IAAA;AACA,IAAA,MAAA;AACA,IAAA,aAAA;AACA,IAAA,YAAA;AACA,IAAA,MAAA;AACA,IAAA,UAAA;AACA,IAAA,WAAA;AACA,IAAA,WAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,eAAkB,GAAA;AAAC,IAAA;AAAc,CAAA;AAEvC;AAEA;;IAGA,MAAMC,oCAAuC,GAAA,CAC3CC,IACAC,EAAAA,WAAAA,GAAAA;;IAGA,IAAID,IAAAA,KAASE,UAAUC,cAAc,CAACC,MAAM,IAAI,CAACC,QAAQJ,WAAc,CAAA,EAAA;AACrE,QAAA,MAAM,IAAIP,eAAgB,CAAA,oDAAA,CAAA;AAC5B;;IAGA,IAAIM,IAAAA,KAASE,UAAUC,cAAc,CAACC,MAAM,IAAI,CAACE,QAAQL,WAAc,CAAA,EAAA;AACrE,QAAA,MAAM,IAAIP,eAAgB,CAAA,gDAAA,CAAA;AAC5B;;AAGA,IAAA,IAAIM,IAASE,KAAAA,SAAAA,CAAUC,cAAc,CAACC,MAAM,EAAE;QAC5C,MAAMG,gBAAAA,GAAmBC,MAAOC,CAAAA,UAAU,CAACR,WAAW,CAACS,SAAS,CAACC,MAAM,CAACC,IAAI,EAAA;QAC5E,MAAMC,kBAAAA,GAAqBC,WAAWb,WAAaM,EAAAA,gBAAAA,CAAAA;QAEnD,IAAI,CAACF,QAAQQ,kBAAqB,CAAA,EAAA;YAChC,MAAM,IAAInB,gBAAgB,CAAC,8BAA8B,EAAEmB,kBAAmBE,CAAAA,IAAI,CAAC,IAAO,CAAA,CAAA,CAAA,CAAA;AAC5F;AACF;AACF,CAAA;AAEA;;IAGA,MAAMC,kBAAkB,CAACC,QAAAA,GAAAA;AACvB,IAAA,IAAIC,MAAMD,QAAW,CAAA,EAAA;QACnB,OAAO,IAAA;AACT;AAEA,IAAA,IAAI,CAACE,QAAAA,CAASF,QAAa,CAAA,IAAA,CAACG,MAAOC,CAAAA,MAAM,CAACnB,SAAAA,CAAUoB,mBAAmB,CAAA,CAAEC,QAAQ,CAACN,QAAW,CAAA,EAAA;QAC3F,OAAO,KAAA;AACT;IAEA,OAAO,IAAA;AACT,CAAA;AAEA;;IAGA,MAAMO,sBAAsB,CAACP,QAAAA,GAAAA;IAC3B,IAAI,CAACD,gBAAgBC,QAAW,CAAA,EAAA;QAC9B,MAAM,IAAIvB,gBACR,CAAC;MACD,EAAE0B,MAAAA,CAAOC,MAAM,CAACnB,SAAAA,CAAUoB,mBAAmB,CAAEP,CAAAA,IAAI,CAAC,IAAO,CAAA,CAAA,CAAA,CAAA;AAE/D;AACF,CAAA;AAEA;;IAGA,MAAMU,0BAA0B,CAACC,KAAAA,GAAAA;AAC/B,IAAA,IAAI,CAACA,KAAO,EAAA;QACV,OAAOA,KAAAA;AACT;IAEA,OAAO;AACL,QAAA,GAAGA,KAAK;QACRzB,WAAaK,EAAAA,OAAAA,CAAQoB,KAAMzB,CAAAA,WAAW,CAAI0B,GAAAA,GAAAA,CAAI,UAAUD,KAAMzB,CAAAA,WAAW,CAAIyB,GAAAA,KAAAA,CAAMzB;AACrF,KAAA;AACF,CAAA;AAUA;;AAEC,IACK2B,MAAAA,KAAAA,GAAQ,OAAOC,WAAAA,GAA2B,EAAE,GAAA;AAChD,IAAA,IAAIT,OAAOR,IAAI,CAACiB,WAAaC,CAAAA,CAAAA,MAAM,KAAK,CAAG,EAAA;QACzC,OAAO,IAAA;AACT;IAEA,MAAMJ,KAAAA,GAAQ,MAAMlB,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoBC,CAAAA,CAAAA,OAAO,CAAC;QAC9DC,MAAQ,EAAA;AAAIrC,YAAAA,GAAAA,aAAAA;AAAe,YAAA;AAAe,SAAA;QAC1CsC,QAAUrC,EAAAA,eAAAA;QACVsC,KAAOP,EAAAA;AACT,KAAA,CAAA;AAEA,IAAA,IAAI,CAACH,KAAO,EAAA;QACV,OAAOA,KAAAA;AACT;AAEA,IAAA,MAAM,EAAEW,YAAY,EAAE,GAAGC,MAAM,GAAGZ,KAAAA;AAElC,IAAA,IAAI,CAACW,YAAc,EAAA;AACjB,QAAA,OAAOZ,uBAAwBa,CAAAA,IAAAA,CAAAA;AACjC;AAEA,IAAA,MAAMC,SAAYC,GAAAA,UAAAA,CAAW,YAAcC,CAAAA,CAAAA,OAAO,CAACJ,YAAAA,CAAAA;AAEnD,IAAA,OAAOZ,uBAAwB,CAAA;AAC7B,QAAA,GAAGa,IAAI;AACPC,QAAAA;AACF,KAAA,CAAA;AACF;AAEA;;AAEC,IACKG,MAAAA,MAAAA,GAAS,OAAOb,WAAAA,GAA2B,EAAE,GAAA;IACjD,MAAMc,QAAAA,GAAW,MAAMf,KAAMC,CAAAA,WAAAA,CAAAA;AAE7B,IAAA,OAAO,CAAC,CAACc,QAAAA;AACX;AAEA;;IAGA,MAAMC,OAAO,CAACL,SAAAA,GAAAA;AACZ,IAAA,MAAMM,WAAcrC,GAAAA,MAAAA,CAAOsC,MAAM,CAACC,GAAG,CAAgC,gBAAA,CAAA;IACrE,MAAMC,IAAAA,GAAOH,YAAYG,IAAI;IAE7B,OAAOC,MAAAA,CAAOC,UAAU,CAAC,QAAA,EAAUF,MAAMG,MAAM,CAACZ,SAAWa,CAAAA,CAAAA,MAAM,CAAC,KAAA,CAAA;AACpE;AAEA,MAAMC,sBAAsB,CAACpC,QAAAA,GAAAA;;AAE3B,IAAA,MAAMqC,gBAAgBnC,QAASF,CAAAA,QAAAA,CAAAA,IAAasC,OAAOC,QAAQ,CAACvC,aAAaA,QAAW,GAAA,CAAA;AACpF,IAAA,IAAI,CAACqC,aAAAA,IAAiB,CAACpC,KAAAA,CAAMD,QAAW,CAAA,EAAA;AACtC,QAAA,MAAM,IAAIvB,eAAgB,CAAA,4CAAA,CAAA;AAC5B;IAEA,OAAO;AACLuB,QAAAA,QAAAA,EAAUA,QAAY,IAAA,IAAA;AACtBwC,QAAAA,SAAAA,EAAWxC,QAAWyC,GAAAA,IAAAA,CAAKC,GAAG,EAAA,GAAK1C,QAAW,GAAA;AAChD,KAAA;AACF,CAAA;AAEA;;IAGA,MAAM2C,SAAS,OAAOC,UAAAA,GAAAA;AACpB,IAAA,MAAMC,oBAAoBtB,UAAW,CAAA,YAAA,CAAA;AACrC,IAAA,MAAMD,YAAYU,MAAOc,CAAAA,WAAW,CAAC,GAAA,CAAA,CAAKC,QAAQ,CAAC,KAAA,CAAA;IACnD,MAAM3B,YAAAA,GAAeyB,iBAAkBG,CAAAA,OAAO,CAAC1B,SAAAA,CAAAA;AAE/CxC,IAAAA,oCAAAA,CAAqC8D,UAAW7D,CAAAA,IAAI,EAAE6D,UAAAA,CAAW5D,WAAW,CAAA;AAC5EuB,IAAAA,mBAAAA,CAAoBqC,WAAW5C,QAAQ,CAAA;;IAGvC,MAAM0B,QAAAA,GAAqB,MAAMnC,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoB4B,CAAAA,CAAAA,MAAM,CAAC;QAC1E1B,MAAQrC,EAAAA,aAAAA;QACRsC,QAAUrC,EAAAA,eAAAA;QACVoE,IAAM,EAAA;YACJ,GAAGC,IAAAA,CAAK,eAAeN,UAAW,CAAA;AAClCtB,YAAAA,SAAAA,EAAWK,IAAKL,CAAAA,SAAAA,CAAAA;AAChBF,YAAAA,YAAAA;YACA,GAAGgB,mBAAAA,CAAoBQ,UAAW5C,CAAAA,QAAQ;AAC5C;AACF,KAAA,CAAA;AAEA,IAAA,MAAMmD,MAAmB,GAAA;AAAE,QAAA,GAAGzB,QAAQ;AAAEJ,QAAAA;AAAU,KAAA;;AAGlD,IAAA,IAAIsB,WAAW7D,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,EAAE;;;;;;AAMvD,QAAA,MAAMiE,QAAQC,GAAG,CACfC,KAAKV,UAAW5D,CAAAA,WAAW,EAAE0B,GAAG,CAAC,CAAChB,MAAAA,GAChCH,OAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B4B,MAAM,CAAC;gBACpDM,IAAM,EAAA;AAAEvD,oBAAAA,MAAAA;oBAAQe,KAAOiB,EAAAA;AAAS;AAClC,aAAA,CAAA,CAAA,CAAA;QAIJ,MAAM6B,kBAAAA,GAAqB,MAAMhE,MAAAA,CAAOuB,EAAE,CACvCC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAAC9B,QAAU,EAAA,aAAA,CAAA;AAElB,QAAA,IAAI6B,kBAAoB,EAAA;YACtBpD,MAAOsD,CAAAA,MAAM,CAACN,MAAQ,EAAA;AAAEnE,gBAAAA,WAAAA,EAAa0B,IAAI,QAAU6C,EAAAA,kBAAAA;AAAoB,aAAA,CAAA;AACzE;AACF;IAEA,OAAOJ,MAAAA;AACT;AAEA,MAAMO,aAAa,OAAOC,EAAAA,GAAAA;AACxB,IAAA,MAAMrC,YAAYU,MAAOc,CAAAA,WAAW,CAAC,GAAA,CAAA,CAAKC,QAAQ,CAAC,KAAA,CAAA;AACnD,IAAA,MAAMF,oBAAoBtB,UAAW,CAAA,YAAA,CAAA;IACrC,MAAMH,YAAAA,GAAeyB,iBAAkBG,CAAAA,OAAO,CAAC1B,SAAAA,CAAAA;IAE/C,MAAMI,QAAAA,GAAqB,MAAMnC,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoBmB,CAAAA,CAAAA,MAAM,CAAC;QAC1EjB,MAAQ,EAAA;AAAC,YAAA,IAAA;AAAM,YAAA;AAAY,SAAA;QAC3BE,KAAO,EAAA;AAAEwC,YAAAA;AAAG,SAAA;QACZV,IAAM,EAAA;AACJ3B,YAAAA,SAAAA,EAAWK,IAAKL,CAAAA,SAAAA,CAAAA;AAChBF,YAAAA;AACF;AACF,KAAA,CAAA;AAEA,IAAA,IAAI,CAACM,QAAU,EAAA;AACb,QAAA,MAAM,IAAIhD,aAAc,CAAA,sCAAA,CAAA;AAC1B;IAEA,OAAO;AACL,QAAA,GAAGgD,QAAQ;AACXJ,QAAAA;AACF,KAAA;AACF;AAEA,MAAMsC,kBAAqB,GAAA,IAAA;AACzB,IAAA,MAAMhC,WAAcrC,GAAAA,MAAAA,CAAOsC,MAAM,CAACC,GAAG,CAAgC,gBAAA,CAAA;IACrE,IAAI,CAACF,aAAaG,IAAM,EAAA;;AAEtB,QAAA,IAAI8B,OAAQC,CAAAA,GAAG,CAACC,cAAc,EAAE;YAC9BF,OAAQG,CAAAA,WAAW,CAAC,CAAC;sUAC2S,CAAC,CAAA;YAEjUzE,MAAOsC,CAAAA,MAAM,CAACoC,GAAG,CAAC,uBAAuBJ,OAAQC,CAAAA,GAAG,CAACC,cAAc,CAAA;SAC9D,MAAA;YACL,MAAM,IAAIG,MACR,CAAC;uQAC8P,CAAC,CAAA;AAEpQ;AACF;AACF;AAEA;;AAEC,UACKC,IAAO,GAAA,UAAA;IACX,MAAMC,MAAAA,GAA4B,MAAM7E,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoBsD,CAAAA,CAAAA,QAAQ,CAAC;QACnFpD,MAAQrC,EAAAA,aAAAA;QACRsC,QAAUrC,EAAAA,eAAAA;QACVyF,OAAS,EAAA;YAAEC,IAAM,EAAA;AAAM;AACzB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACH,MAAQ,EAAA;QACX,OAAOA,MAAAA;AACT;AAEA,IAAA,OAAOA,MAAO1D,CAAAA,GAAG,CAAC,CAACD,QAAUD,uBAAwBC,CAAAA,KAAAA,CAAAA,CAAAA;AACvD;AAEA;;IAGA,MAAM+D,SAAS,OAAOb,EAAAA,GAAAA;AACpB,IAAA,OAAOpE,OAAOuB,EAAE,CACbC,KAAK,CAAC,kBAAA,CAAA,CACN0D,MAAM,CAAC;QAAExD,MAAQrC,EAAAA,aAAAA;QAAesC,QAAUrC,EAAAA,eAAAA;QAAiBsC,KAAO,EAAA;AAAEwC,YAAAA;AAAG;AAAE,KAAA,CAAA;AAC9E;AAEA;;IAGA,MAAMe,UAAU,OAAOf,EAAAA,GAAAA;AACrB,IAAA,OAAOhD,KAAM,CAAA;AAAEgD,QAAAA;AAAG,KAAA,CAAA;AACpB;AAEA;;IAGA,MAAMgB,YAAY,OAAOJ,IAAAA,GAAAA;AACvB,IAAA,OAAO5D,KAAM,CAAA;AAAE4D,QAAAA;AAAK,KAAA,CAAA;AACtB;AAEA;;IAGA,MAAMrC,MAAS,GAAA,OACbyB,EACAf,EAAAA,UAAAA,GAAAA;;IAGA,MAAMgC,aAAAA,GAA4B,MAAMrF,MAAOuB,CAAAA,EAAE,CAC9CC,KAAK,CAAC,kBACNC,CAAAA,CAAAA,OAAO,CAAC;QAAEG,KAAO,EAAA;AAAEwC,YAAAA;AAAG;AAAE,KAAA,CAAA;AAE3B,IAAA,IAAI,CAACiB,aAAe,EAAA;AAClB,QAAA,MAAM,IAAIlG,aAAc,CAAA,iBAAA,CAAA;AAC1B;AAEA,IAAA,MAAMmG,oBACJjC,GAAAA,UAAAA,CAAW7D,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,IACnDyF,cAAc7F,IAAI,KAAKE,SAAUC,CAAAA,cAAc,CAACC,MAAM;;;IAIxD,IAAIyD,UAAAA,CAAW5D,WAAW,IAAI6F,oBAAsB,EAAA;QAClD/F,oCACE8D,CAAAA,UAAAA,CAAW7D,IAAI,IAAI6F,aAAc7F,CAAAA,IAAI,EACrC6D,UAAW5D,CAAAA,WAAW,IAAI4F,aAAAA,CAAc5F,WAAW,CAAA;AAEvD;AAEAuB,IAAAA,mBAAAA,CAAoBqC,WAAW5C,QAAQ,CAAA;IAEvC,MAAM8E,YAAAA,GAAyB,MAAMvF,MAAOuB,CAAAA,EAAE,CAACC,KAAK,CAAC,kBAAoBmB,CAAAA,CAAAA,MAAM,CAAC;QAC9EjB,MAAQrC,EAAAA,aAAAA;QACRuC,KAAO,EAAA;AAAEwC,YAAAA;AAAG,SAAA;AACZV,QAAAA,IAAAA,EAAMC,KAAK,aAAeN,EAAAA,UAAAA;AAC5B,KAAA,CAAA;;IAGA,IAAIkC,YAAAA,CAAa/F,IAAI,KAAKE,SAAUC,CAAAA,cAAc,CAACC,MAAM,IAAIyD,UAAW5D,CAAAA,WAAW,EAAE;QACnF,MAAM+F,wBAAAA,GAA2B,MAAMxF,MAAAA,CAAOuB,EAAE,CAC7CC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAACsB,YAAc,EAAA,aAAA,CAAA;AAEtB,QAAA,MAAMvB,kBAAqB7C,GAAAA,GAAAA,CAAI,QAAUqE,EAAAA,wBAAAA,IAA4B,EAAE,CAAA;QACvE,MAAMC,cAAAA,GAAiB1B,IAAKV,CAAAA,UAAAA,CAAW5D,WAAW,CAAA;QAElD,MAAMiG,eAAAA,GAAkBpF,WAAW0D,kBAAoByB,EAAAA,cAAAA,CAAAA;QACvD,MAAME,YAAAA,GAAerF,WAAWmF,cAAgBzB,EAAAA,kBAAAA,CAAAA;;;AAIhD,QAAA,MAAMH,OAAQC,CAAAA,GAAG,CACf4B,eAAAA,CAAgBvE,GAAG,CAAC,CAAChB,MACnBH,GAAAA,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B0D,MAAM,CAAC;gBACpDtD,KAAO,EAAA;AAAEzB,oBAAAA,MAAAA;oBAAQe,KAAOkD,EAAAA;AAAG;AAC7B,aAAA,CAAA,CAAA,CAAA;;;AAMJ,QAAA,MAAMP,OAAQC,CAAAA,GAAG,CACf6B,YAAAA,CAAaxE,GAAG,CAAC,CAAChB,MAChBH,GAAAA,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B4B,MAAM,CAAC;gBACpDM,IAAM,EAAA;AAAEvD,oBAAAA,MAAAA;oBAAQe,KAAOkD,EAAAA;AAAG;AAC5B,aAAA,CAAA,CAAA,CAAA;KAKD,MAAA,IAAImB,aAAa/F,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,EAAE;AAC9D,QAAA,MAAMI,OAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B0D,MAAM,CAAC;YAC1DtD,KAAO,EAAA;gBAAEV,KAAOkD,EAAAA;AAAG;AACrB,SAAA,CAAA;AACF;;IAGA,MAAMwB,iBAAAA,GAAoB,MAAM5F,MAAAA,CAAOuB,EAAE,CACtCC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAACsB,YAAc,EAAA,aAAA,CAAA;IAEtB,OAAO;AACL,QAAA,GAAGA,YAAY;QACf9F,WAAamG,EAAAA,iBAAAA,GAAoBA,kBAAkBzE,GAAG,CAAC,CAAC0E,CAAWA,GAAAA,CAAAA,CAAE1F,MAAM,CAAI2F,GAAAA;AACjF,KAAA;AACF;AAEA,MAAMC,KAAQ,GAAA,OAAOnE,KAAQ,GAAA,EAAE,GAAA;AAC7B,IAAA,OAAO5B,OAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBuE,KAAK,CAAC;AAAEnE,QAAAA;AAAM,KAAA,CAAA;AAC3D;;;;"}
1	+ {"version":3,"file":"api-token.mjs","sources":["../../../../../server/src/services/api-token.ts"],"sourcesContent":["import crypto from 'crypto';\nimport { omit, difference, isNil, isEmpty, map, isArray, uniq, isNumber } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\nimport { errors } from '@strapi/utils';\nimport type { Update, ApiToken, ApiTokenBody } from '../../../shared/contracts/api-token';\nimport constants from './constants';\nimport { getService } from '../utils';\n\nconst { ValidationError, NotFoundError } = errors;\n\ntype ApiTokenPermission = {\n id: number \| `${number}`;\n action: string;\n token: DBApiToken \| number;\n};\n\ntype DBApiToken = ApiToken & {\n permissions: (number \| ApiTokenPermission)[];\n};\n\nconst SELECT_FIELDS = [\n 'id',\n 'name',\n 'description',\n 'lastUsedAt',\n 'type',\n 'lifespan',\n 'expiresAt',\n 'createdAt',\n 'updatedAt',\n];\n\nconst POPULATE_FIELDS = ['permissions'];\n\n// TODO: we need to ensure the permissions are actually valid registered permissions!\n\n/*\n Assert that a token's permissions attribute is valid for its type\n /\nconst assertCustomTokenPermissionsValidity = (\n type: ApiTokenBody['type'],\n permissions: ApiTokenBody['permissions']\n) => {\n // Ensure non-custom tokens doesn't have permissions\n if (type !== constants.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions)) {\n throw new ValidationError('Non-custom tokens should not reference permissions');\n }\n\n // Custom type tokens should always have permissions attached to them\n if (type === constants.API_TOKEN_TYPE.CUSTOM && !isArray(permissions)) {\n throw new ValidationError('Missing permissions attribute for custom token');\n }\n\n // Permissions provided for a custom type token should be valid/registered permissions UID\n if (type === constants.API_TOKEN_TYPE.CUSTOM) {\n const validPermissions = strapi.contentAPI.permissions.providers.action.keys();\n const invalidPermissions = difference(permissions, validPermissions) as string[];\n\n if (!isEmpty(invalidPermissions)) {\n throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);\n }\n }\n};\n\n/\n Check if a token's lifespan is valid\n /\nconst isValidLifespan = (lifespan: unknown) => {\n if (isNil(lifespan)) {\n return true;\n }\n\n if (!isNumber(lifespan) \|\| !Object.values(constants.API_TOKEN_LIFESPANS).includes(lifespan)) {\n return false;\n }\n\n return true;\n};\n\n/\n Assert that a token's lifespan is valid\n /\nconst assertValidLifespan = (lifespan: unknown) => {\n if (!isValidLifespan(lifespan)) {\n throw new ValidationError(\n `lifespan must be one of the following values:\n ${Object.values(constants.API_TOKEN_LIFESPANS).join(', ')}`\n );\n }\n};\n\n/\n Flatten a token's database permissions objects to an array of strings\n /\nconst flattenTokenPermissions = (token: DBApiToken): ApiToken => {\n if (!token) {\n return token;\n }\n\n return {\n ...token,\n permissions: isArray(token.permissions) ? map('action', token.permissions) : token.permissions,\n };\n};\n\ntype WhereParams = {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n};\n\n/\n Get a token\n /\nconst getBy = async (whereParams: WhereParams = {}): Promise<ApiToken \| null> => {\n if (Object.keys(whereParams).length === 0) {\n return null;\n }\n\n const token = await strapi.db.query('admin::api-token').findOne({\n select: [...SELECT_FIELDS, 'encryptedKey'],\n populate: POPULATE_FIELDS,\n where: whereParams,\n });\n\n if (!token) {\n return token;\n }\n\n const { encryptedKey, ...rest } = token;\n\n if (!encryptedKey) {\n return flattenTokenPermissions(rest);\n }\n\n const accessKey = getService('encryption').decrypt(encryptedKey);\n\n return flattenTokenPermissions({\n ...rest,\n accessKey,\n });\n};\n\n/\n Check if token exists\n /\nconst exists = async (whereParams: WhereParams = {}): Promise<boolean> => {\n const apiToken = await getBy(whereParams);\n\n return !!apiToken;\n};\n\n/\n Return a secure sha512 hash of an accessKey\n /\nconst hash = (accessKey: string) => {\n const apiTokenCfg = strapi.config.get<Core.Config.Admin['apiToken']>('admin.apiToken');\n const salt = apiTokenCfg.salt;\n\n return crypto.createHmac('sha512', salt).update(accessKey).digest('hex');\n};\n\nconst getExpirationFields = (lifespan: ApiTokenBody['lifespan']) => {\n // it must be nil or a finite number >= 0\n const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;\n if (!isValidNumber && !isNil(lifespan)) {\n throw new ValidationError('lifespan must be a positive number or null');\n }\n\n return {\n lifespan: lifespan \|\| null,\n expiresAt: lifespan ? Date.now() + lifespan : null,\n };\n};\n\n/\n Create a token and its permissions\n /\nconst create = async (attributes: ApiTokenBody): Promise<ApiToken> => {\n const encryptionService = getService('encryption');\n const accessKey = crypto.randomBytes(128).toString('hex');\n const encryptedKey = encryptionService.encrypt(accessKey);\n\n assertCustomTokenPermissionsValidity(attributes.type, attributes.permissions);\n assertValidLifespan(attributes.lifespan);\n\n // Create the token\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').create({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n data: {\n ...omit('permissions', attributes),\n accessKey: hash(accessKey),\n encryptedKey,\n ...getExpirationFields(attributes.lifespan),\n },\n });\n\n const result: ApiToken = { ...apiToken, accessKey };\n\n // If this is a custom type token, create and the related permissions\n if (attributes.type === constants.API_TOKEN_TYPE.CUSTOM) {\n // TODO: createMany doesn't seem to create relation properly, implement a better way rather than a ton of queries\n // const permissionsCount = await strapi.db.query('admin::api-token-permission').createMany({\n // populate: POPULATE_FIELDS,\n // data: attributes.permissions.map(action => ({ action, token: apiToken })),\n // });\n await Promise.all(\n uniq(attributes.permissions).map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: apiToken },\n })\n )\n );\n\n const currentPermissions = await strapi.db\n .query('admin::api-token')\n .load(apiToken, 'permissions');\n\n if (currentPermissions) {\n Object.assign(result, { permissions: map('action', currentPermissions) });\n }\n }\n\n return result;\n};\n\nconst regenerate = async (id: string \| number): Promise<ApiToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n const encryptionService = getService('encryption');\n const encryptedKey = encryptionService.encrypt(accessKey);\n\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: ['id', 'accessKey'],\n where: { id },\n data: {\n accessKey: hash(accessKey),\n encryptedKey,\n },\n });\n\n if (!apiToken) {\n throw new NotFoundError('The provided token id does not exist');\n }\n\n return {\n ...apiToken,\n accessKey,\n };\n};\n\nconst checkSaltIsDefined = () => {\n const apiTokenCfg = strapi.config.get<Core.Config.Admin['apiToken']>('admin.apiToken');\n if (!apiTokenCfg?.salt) {\n // TODO V5: stop reading API_TOKEN_SALT\n if (process.env.API_TOKEN_SALT) {\n process.emitWarning(`[deprecated] In future versions, Strapi will stop reading directly from the environment variable API_TOKEN_SALT. Please set apiToken.salt in config/admin.js instead.\nFor security reasons, keep storing the secret in an environment variable and use env() to read it in config/admin.js (ex: \\`apiToken: { salt: env('API_TOKEN_SALT') }\\`). See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);\n\n strapi.config.set('admin.apiToken.salt', process.env.API_TOKEN_SALT);\n } else {\n throw new Error(\n `Missing apiToken.salt. Please set apiToken.salt in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n }\n};\n\n/\n Return a list of all tokens and their permissions\n /\nconst list = async (): Promise<Array<ApiToken>> => {\n const tokens: Array<DBApiToken> = await strapi.db.query('admin::api-token').findMany({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n orderBy: { name: 'ASC' },\n });\n\n if (!tokens) {\n return tokens;\n }\n\n return tokens.map((token) => flattenTokenPermissions(token));\n};\n\n/\n Revoke (delete) a token\n /\nconst revoke = async (id: string \| number): Promise<ApiToken> => {\n return strapi.db\n .query('admin::api-token')\n .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } });\n};\n\n/\n Retrieve a token by id\n /\nconst getById = async (id: string \| number) => {\n return getBy({ id });\n};\n\n/\n Retrieve a token by name\n /\nconst getByName = async (name: string) => {\n return getBy({ name });\n};\n\n/\n Update a token and its permissions\n */\nconst update = async (\n id: string \| number,\n attributes: Update.Request['body']\n): Promise<ApiToken> => {\n // retrieve token without permissions\n const originalToken: DBApiToken = await strapi.db\n .query('admin::api-token')\n .findOne({ where: { id } });\n\n if (!originalToken) {\n throw new NotFoundError('Token not found');\n }\n\n const changingTypeToCustom =\n attributes.type === constants.API_TOKEN_TYPE.CUSTOM &&\n originalToken.type !== constants.API_TOKEN_TYPE.CUSTOM;\n\n // if we're updating the permissions on any token type, or changing from non-custom to custom, ensure they're still valid\n // if neither type nor permissions are changing, we don't need to validate again or else we can't allow partial update\n if (attributes.permissions \|\| changingTypeToCustom) {\n assertCustomTokenPermissionsValidity(\n attributes.type \|\| originalToken.type,\n attributes.permissions \|\| originalToken.permissions\n );\n }\n\n assertValidLifespan(attributes.lifespan);\n\n const updatedToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: SELECT_FIELDS,\n where: { id },\n data: omit('permissions', attributes),\n });\n\n // custom tokens need to have their permissions updated as well\n if (updatedToken.type === constants.API_TOKEN_TYPE.CUSTOM && attributes.permissions) {\n const currentPermissionsResult = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n const currentPermissions = map('action', currentPermissionsResult \|\| []);\n const newPermissions = uniq(attributes.permissions);\n\n const actionsToDelete = difference(currentPermissions, newPermissions);\n const actionsToAdd = difference(newPermissions, currentPermissions);\n\n // TODO: improve efficiency here\n // method using a loop -- works but very inefficient\n await Promise.all(\n actionsToDelete.map((action) =>\n strapi.db.query('admin::api-token-permission').delete({\n where: { action, token: id },\n })\n )\n );\n\n // TODO: improve efficiency here\n // using a loop -- works but very inefficient\n await Promise.all(\n actionsToAdd.map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: id },\n })\n )\n );\n }\n // if type is not custom, make sure any old permissions get removed\n else if (updatedToken.type !== constants.API_TOKEN_TYPE.CUSTOM) {\n await strapi.db.query('admin::api-token-permission').delete({\n where: { token: id },\n });\n }\n\n // retrieve permissions\n const permissionsFromDb = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n return {\n ...updatedToken,\n permissions: permissionsFromDb ? permissionsFromDb.map((p: any) => p.action) : undefined,\n };\n};\n\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::api-token').count({ where });\n};\n\nexport {\n create,\n count,\n regenerate,\n exists,\n checkSaltIsDefined,\n hash,\n list,\n revoke,\n getById,\n update,\n getByName,\n getBy,\n};\n"],"names":["ValidationError","NotFoundError","errors","SELECT_FIELDS","POPULATE_FIELDS","assertCustomTokenPermissionsValidity","type","permissions","constants","API_TOKEN_TYPE","CUSTOM","isEmpty","isArray","validPermissions","strapi","contentAPI","providers","action","keys","invalidPermissions","difference","join","isValidLifespan","lifespan","isNil","isNumber","Object","values","API_TOKEN_LIFESPANS","includes","assertValidLifespan","flattenTokenPermissions","token","map","getBy","whereParams","length","db","query","findOne","select","populate","where","encryptedKey","rest","accessKey","getService","decrypt","exists","apiToken","hash","apiTokenCfg","config","get","salt","crypto","createHmac","update","digest","getExpirationFields","isValidNumber","Number","isFinite","expiresAt","Date","now","create","attributes","encryptionService","randomBytes","toString","encrypt","data","omit","result","Promise","all","uniq","currentPermissions","load","assign","regenerate","id","checkSaltIsDefined","process","env","API_TOKEN_SALT","emitWarning","set","Error","list","tokens","findMany","orderBy","name","revoke","delete","getById","getByName","originalToken","changingTypeToCustom","updatedToken","currentPermissionsResult","newPermissions","actionsToDelete","actionsToAdd","permissionsFromDb","p","undefined","count"],"mappings":";;;;;;AAQA,MAAM,EAAEA,eAAe,EAAEC,aAAa,EAAE,GAAGC,MAAAA;AAY3C,MAAMC,aAAAA,GAAgB;AACpB,IAAA,IAAA;AACA,IAAA,MAAA;AACA,IAAA,aAAA;AACA,IAAA,YAAA;AACA,IAAA,MAAA;AACA,IAAA,UAAA;AACA,IAAA,WAAA;AACA,IAAA,WAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,eAAAA,GAAkB;AAAC,IAAA;AAAc,CAAA;AAEvC;AAEA;;IAGA,MAAMC,oCAAAA,GAAuC,CAC3CC,IAAAA,EACAC,WAAAA,GAAAA;;IAGA,IAAID,IAAAA,KAASE,UAAUC,cAAc,CAACC,MAAM,IAAI,CAACC,QAAQJ,WAAAA,CAAAA,EAAc;AACrE,QAAA,MAAM,IAAIP,eAAAA,CAAgB,oDAAA,CAAA;AAC5B,IAAA;;IAGA,IAAIM,IAAAA,KAASE,UAAUC,cAAc,CAACC,MAAM,IAAI,CAACE,QAAQL,WAAAA,CAAAA,EAAc;AACrE,QAAA,MAAM,IAAIP,eAAAA,CAAgB,gDAAA,CAAA;AAC5B,IAAA;;AAGA,IAAA,IAAIM,IAAAA,KAASE,SAAAA,CAAUC,cAAc,CAACC,MAAM,EAAE;QAC5C,MAAMG,gBAAAA,GAAmBC,MAAAA,CAAOC,UAAU,CAACR,WAAW,CAACS,SAAS,CAACC,MAAM,CAACC,IAAI,EAAA;QAC5E,MAAMC,kBAAAA,GAAqBC,WAAWb,WAAAA,EAAaM,gBAAAA,CAAAA;QAEnD,IAAI,CAACF,QAAQQ,kBAAAA,CAAAA,EAAqB;YAChC,MAAM,IAAInB,gBAAgB,CAAC,8BAA8B,EAAEmB,kBAAAA,CAAmBE,IAAI,CAAC,IAAA,CAAA,CAAA,CAAO,CAAA;AAC5F,QAAA;AACF,IAAA;AACF,CAAA;AAEA;;IAGA,MAAMC,kBAAkB,CAACC,QAAAA,GAAAA;AACvB,IAAA,IAAIC,MAAMD,QAAAA,CAAAA,EAAW;QACnB,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,IAAI,CAACE,QAAAA,CAASF,QAAAA,CAAAA,IAAa,CAACG,MAAAA,CAAOC,MAAM,CAACnB,SAAAA,CAAUoB,mBAAmB,CAAA,CAAEC,QAAQ,CAACN,QAAAA,CAAAA,EAAW;QAC3F,OAAO,KAAA;AACT,IAAA;IAEA,OAAO,IAAA;AACT,CAAA;AAEA;;IAGA,MAAMO,sBAAsB,CAACP,QAAAA,GAAAA;IAC3B,IAAI,CAACD,gBAAgBC,QAAAA,CAAAA,EAAW;QAC9B,MAAM,IAAIvB,gBACR,CAAC;MACD,EAAE0B,MAAAA,CAAOC,MAAM,CAACnB,SAAAA,CAAUoB,mBAAmB,CAAA,CAAEP,IAAI,CAAC,IAAA,CAAA,CAAA,CAAO,CAAA;AAE/D,IAAA;AACF,CAAA;AAEA;;IAGA,MAAMU,0BAA0B,CAACC,KAAAA,GAAAA;AAC/B,IAAA,IAAI,CAACA,KAAAA,EAAO;QACV,OAAOA,KAAAA;AACT,IAAA;IAEA,OAAO;AACL,QAAA,GAAGA,KAAK;QACRzB,WAAAA,EAAaK,OAAAA,CAAQoB,KAAAA,CAAMzB,WAAW,CAAA,GAAI0B,GAAAA,CAAI,UAAUD,KAAAA,CAAMzB,WAAW,CAAA,GAAIyB,KAAAA,CAAMzB;AACrF,KAAA;AACF,CAAA;AAUA;;AAEC,IACD,MAAM2B,KAAAA,GAAQ,OAAOC,WAAAA,GAA2B,EAAE,GAAA;AAChD,IAAA,IAAIT,OAAOR,IAAI,CAACiB,WAAAA,CAAAA,CAAaC,MAAM,KAAK,CAAA,EAAG;QACzC,OAAO,IAAA;AACT,IAAA;IAEA,MAAMJ,KAAAA,GAAQ,MAAMlB,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBC,OAAO,CAAC;QAC9DC,MAAAA,EAAQ;AAAIrC,YAAAA,GAAAA,aAAAA;AAAe,YAAA;AAAe,SAAA;QAC1CsC,QAAAA,EAAUrC,eAAAA;QACVsC,KAAAA,EAAOP;AACT,KAAA,CAAA;AAEA,IAAA,IAAI,CAACH,KAAAA,EAAO;QACV,OAAOA,KAAAA;AACT,IAAA;AAEA,IAAA,MAAM,EAAEW,YAAY,EAAE,GAAGC,MAAM,GAAGZ,KAAAA;AAElC,IAAA,IAAI,CAACW,YAAAA,EAAc;AACjB,QAAA,OAAOZ,uBAAAA,CAAwBa,IAAAA,CAAAA;AACjC,IAAA;AAEA,IAAA,MAAMC,SAAAA,GAAYC,UAAAA,CAAW,YAAA,CAAA,CAAcC,OAAO,CAACJ,YAAAA,CAAAA;AAEnD,IAAA,OAAOZ,uBAAAA,CAAwB;AAC7B,QAAA,GAAGa,IAAI;AACPC,QAAAA;AACF,KAAA,CAAA;AACF;AAEA;;AAEC,IACD,MAAMG,MAAAA,GAAS,OAAOb,WAAAA,GAA2B,EAAE,GAAA;IACjD,MAAMc,QAAAA,GAAW,MAAMf,KAAAA,CAAMC,WAAAA,CAAAA;AAE7B,IAAA,OAAO,CAAC,CAACc,QAAAA;AACX;AAEA;;IAGA,MAAMC,OAAO,CAACL,SAAAA,GAAAA;AACZ,IAAA,MAAMM,WAAAA,GAAcrC,MAAAA,CAAOsC,MAAM,CAACC,GAAG,CAAgC,gBAAA,CAAA;IACrE,MAAMC,IAAAA,GAAOH,YAAYG,IAAI;IAE7B,OAAOC,MAAAA,CAAOC,UAAU,CAAC,QAAA,EAAUF,MAAMG,MAAM,CAACZ,SAAAA,CAAAA,CAAWa,MAAM,CAAC,KAAA,CAAA;AACpE;AAEA,MAAMC,sBAAsB,CAACpC,QAAAA,GAAAA;;AAE3B,IAAA,MAAMqC,gBAAgBnC,QAAAA,CAASF,QAAAA,CAAAA,IAAasC,OAAOC,QAAQ,CAACvC,aAAaA,QAAAA,GAAW,CAAA;AACpF,IAAA,IAAI,CAACqC,aAAAA,IAAiB,CAACpC,KAAAA,CAAMD,QAAAA,CAAAA,EAAW;AACtC,QAAA,MAAM,IAAIvB,eAAAA,CAAgB,4CAAA,CAAA;AAC5B,IAAA;IAEA,OAAO;AACLuB,QAAAA,QAAAA,EAAUA,QAAAA,IAAY,IAAA;AACtBwC,QAAAA,SAAAA,EAAWxC,QAAAA,GAAWyC,IAAAA,CAAKC,GAAG,EAAA,GAAK1C,QAAAA,GAAW;AAChD,KAAA;AACF,CAAA;AAEA;;IAGA,MAAM2C,SAAS,OAAOC,UAAAA,GAAAA;AACpB,IAAA,MAAMC,oBAAoBtB,UAAAA,CAAW,YAAA,CAAA;AACrC,IAAA,MAAMD,YAAYU,MAAAA,CAAOc,WAAW,CAAC,GAAA,CAAA,CAAKC,QAAQ,CAAC,KAAA,CAAA;IACnD,MAAM3B,YAAAA,GAAeyB,iBAAAA,CAAkBG,OAAO,CAAC1B,SAAAA,CAAAA;AAE/CxC,IAAAA,oCAAAA,CAAqC8D,UAAAA,CAAW7D,IAAI,EAAE6D,UAAAA,CAAW5D,WAAW,CAAA;AAC5EuB,IAAAA,mBAAAA,CAAoBqC,WAAW5C,QAAQ,CAAA;;IAGvC,MAAM0B,QAAAA,GAAqB,MAAMnC,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoB4B,MAAM,CAAC;QAC1E1B,MAAAA,EAAQrC,aAAAA;QACRsC,QAAAA,EAAUrC,eAAAA;QACVoE,IAAAA,EAAM;YACJ,GAAGC,IAAAA,CAAK,eAAeN,UAAAA,CAAW;AAClCtB,YAAAA,SAAAA,EAAWK,IAAAA,CAAKL,SAAAA,CAAAA;AAChBF,YAAAA,YAAAA;YACA,GAAGgB,mBAAAA,CAAoBQ,UAAAA,CAAW5C,QAAQ;AAC5C;AACF,KAAA,CAAA;AAEA,IAAA,MAAMmD,MAAAA,GAAmB;AAAE,QAAA,GAAGzB,QAAQ;AAAEJ,QAAAA;AAAU,KAAA;;AAGlD,IAAA,IAAIsB,WAAW7D,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,EAAE;;;;;;AAMvD,QAAA,MAAMiE,QAAQC,GAAG,CACfC,KAAKV,UAAAA,CAAW5D,WAAW,EAAE0B,GAAG,CAAC,CAAChB,MAAAA,GAChCH,OAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B4B,MAAM,CAAC;gBACpDM,IAAAA,EAAM;AAAEvD,oBAAAA,MAAAA;oBAAQe,KAAAA,EAAOiB;AAAS;AAClC,aAAA,CAAA,CAAA,CAAA;QAIJ,MAAM6B,kBAAAA,GAAqB,MAAMhE,MAAAA,CAAOuB,EAAE,CACvCC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAAC9B,QAAAA,EAAU,aAAA,CAAA;AAElB,QAAA,IAAI6B,kBAAAA,EAAoB;YACtBpD,MAAAA,CAAOsD,MAAM,CAACN,MAAAA,EAAQ;AAAEnE,gBAAAA,WAAAA,EAAa0B,IAAI,QAAA,EAAU6C,kBAAAA;AAAoB,aAAA,CAAA;AACzE,QAAA;AACF,IAAA;IAEA,OAAOJ,MAAAA;AACT;AAEA,MAAMO,aAAa,OAAOC,EAAAA,GAAAA;AACxB,IAAA,MAAMrC,YAAYU,MAAAA,CAAOc,WAAW,CAAC,GAAA,CAAA,CAAKC,QAAQ,CAAC,KAAA,CAAA;AACnD,IAAA,MAAMF,oBAAoBtB,UAAAA,CAAW,YAAA,CAAA;IACrC,MAAMH,YAAAA,GAAeyB,iBAAAA,CAAkBG,OAAO,CAAC1B,SAAAA,CAAAA;IAE/C,MAAMI,QAAAA,GAAqB,MAAMnC,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBmB,MAAM,CAAC;QAC1EjB,MAAAA,EAAQ;AAAC,YAAA,IAAA;AAAM,YAAA;AAAY,SAAA;QAC3BE,KAAAA,EAAO;AAAEwC,YAAAA;AAAG,SAAA;QACZV,IAAAA,EAAM;AACJ3B,YAAAA,SAAAA,EAAWK,IAAAA,CAAKL,SAAAA,CAAAA;AAChBF,YAAAA;AACF;AACF,KAAA,CAAA;AAEA,IAAA,IAAI,CAACM,QAAAA,EAAU;AACb,QAAA,MAAM,IAAIhD,aAAAA,CAAc,sCAAA,CAAA;AAC1B,IAAA;IAEA,OAAO;AACL,QAAA,GAAGgD,QAAQ;AACXJ,QAAAA;AACF,KAAA;AACF;AAEA,MAAMsC,kBAAAA,GAAqB,IAAA;AACzB,IAAA,MAAMhC,WAAAA,GAAcrC,MAAAA,CAAOsC,MAAM,CAACC,GAAG,CAAgC,gBAAA,CAAA;IACrE,IAAI,CAACF,aAAaG,IAAAA,EAAM;;AAEtB,QAAA,IAAI8B,OAAAA,CAAQC,GAAG,CAACC,cAAc,EAAE;YAC9BF,OAAAA,CAAQG,WAAW,CAAC,CAAC;sUAC2S,CAAC,CAAA;YAEjUzE,MAAAA,CAAOsC,MAAM,CAACoC,GAAG,CAAC,uBAAuBJ,OAAAA,CAAQC,GAAG,CAACC,cAAc,CAAA;QACrE,CAAA,MAAO;YACL,MAAM,IAAIG,MACR,CAAC;uQAC8P,CAAC,CAAA;AAEpQ,QAAA;AACF,IAAA;AACF;AAEA;;AAEC,UACKC,IAAAA,GAAO,UAAA;IACX,MAAMC,MAAAA,GAA4B,MAAM7E,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBsD,QAAQ,CAAC;QACnFpD,MAAAA,EAAQrC,aAAAA;QACRsC,QAAAA,EAAUrC,eAAAA;QACVyF,OAAAA,EAAS;YAAEC,IAAAA,EAAM;AAAM;AACzB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACH,MAAAA,EAAQ;QACX,OAAOA,MAAAA;AACT,IAAA;AAEA,IAAA,OAAOA,MAAAA,CAAO1D,GAAG,CAAC,CAACD,QAAUD,uBAAAA,CAAwBC,KAAAA,CAAAA,CAAAA;AACvD;AAEA;;IAGA,MAAM+D,SAAS,OAAOb,EAAAA,GAAAA;AACpB,IAAA,OAAOpE,OAAOuB,EAAE,CACbC,KAAK,CAAC,kBAAA,CAAA,CACN0D,MAAM,CAAC;QAAExD,MAAAA,EAAQrC,aAAAA;QAAesC,QAAAA,EAAUrC,eAAAA;QAAiBsC,KAAAA,EAAO;AAAEwC,YAAAA;AAAG;AAAE,KAAA,CAAA;AAC9E;AAEA;;IAGA,MAAMe,UAAU,OAAOf,EAAAA,GAAAA;AACrB,IAAA,OAAOhD,KAAAA,CAAM;AAAEgD,QAAAA;AAAG,KAAA,CAAA;AACpB;AAEA;;IAGA,MAAMgB,YAAY,OAAOJ,IAAAA,GAAAA;AACvB,IAAA,OAAO5D,KAAAA,CAAM;AAAE4D,QAAAA;AAAK,KAAA,CAAA;AACtB;AAEA;;IAGA,MAAMrC,MAAAA,GAAS,OACbyB,EAAAA,EACAf,UAAAA,GAAAA;;IAGA,MAAMgC,aAAAA,GAA4B,MAAMrF,MAAAA,CAAOuB,EAAE,CAC9CC,KAAK,CAAC,kBAAA,CAAA,CACNC,OAAO,CAAC;QAAEG,KAAAA,EAAO;AAAEwC,YAAAA;AAAG;AAAE,KAAA,CAAA;AAE3B,IAAA,IAAI,CAACiB,aAAAA,EAAe;AAClB,QAAA,MAAM,IAAIlG,aAAAA,CAAc,iBAAA,CAAA;AAC1B,IAAA;AAEA,IAAA,MAAMmG,oBAAAA,GACJjC,UAAAA,CAAW7D,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,IACnDyF,cAAc7F,IAAI,KAAKE,SAAAA,CAAUC,cAAc,CAACC,MAAM;;;IAIxD,IAAIyD,UAAAA,CAAW5D,WAAW,IAAI6F,oBAAAA,EAAsB;QAClD/F,oCAAAA,CACE8D,UAAAA,CAAW7D,IAAI,IAAI6F,aAAAA,CAAc7F,IAAI,EACrC6D,UAAAA,CAAW5D,WAAW,IAAI4F,aAAAA,CAAc5F,WAAW,CAAA;AAEvD,IAAA;AAEAuB,IAAAA,mBAAAA,CAAoBqC,WAAW5C,QAAQ,CAAA;IAEvC,MAAM8E,YAAAA,GAAyB,MAAMvF,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBmB,MAAM,CAAC;QAC9EjB,MAAAA,EAAQrC,aAAAA;QACRuC,KAAAA,EAAO;AAAEwC,YAAAA;AAAG,SAAA;AACZV,QAAAA,IAAAA,EAAMC,KAAK,aAAA,EAAeN,UAAAA;AAC5B,KAAA,CAAA;;IAGA,IAAIkC,YAAAA,CAAa/F,IAAI,KAAKE,SAAAA,CAAUC,cAAc,CAACC,MAAM,IAAIyD,UAAAA,CAAW5D,WAAW,EAAE;QACnF,MAAM+F,wBAAAA,GAA2B,MAAMxF,MAAAA,CAAOuB,EAAE,CAC7CC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAACsB,YAAAA,EAAc,aAAA,CAAA;AAEtB,QAAA,MAAMvB,kBAAAA,GAAqB7C,GAAAA,CAAI,QAAA,EAAUqE,wBAAAA,IAA4B,EAAE,CAAA;QACvE,MAAMC,cAAAA,GAAiB1B,IAAAA,CAAKV,UAAAA,CAAW5D,WAAW,CAAA;QAElD,MAAMiG,eAAAA,GAAkBpF,WAAW0D,kBAAAA,EAAoByB,cAAAA,CAAAA;QACvD,MAAME,YAAAA,GAAerF,WAAWmF,cAAAA,EAAgBzB,kBAAAA,CAAAA;;;AAIhD,QAAA,MAAMH,OAAAA,CAAQC,GAAG,CACf4B,eAAAA,CAAgBvE,GAAG,CAAC,CAAChB,MAAAA,GACnBH,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B0D,MAAM,CAAC;gBACpDtD,KAAAA,EAAO;AAAEzB,oBAAAA,MAAAA;oBAAQe,KAAAA,EAAOkD;AAAG;AAC7B,aAAA,CAAA,CAAA,CAAA;;;AAMJ,QAAA,MAAMP,OAAAA,CAAQC,GAAG,CACf6B,YAAAA,CAAaxE,GAAG,CAAC,CAAChB,MAAAA,GAChBH,MAAAA,CAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B4B,MAAM,CAAC;gBACpDM,IAAAA,EAAM;AAAEvD,oBAAAA,MAAAA;oBAAQe,KAAAA,EAAOkD;AAAG;AAC5B,aAAA,CAAA,CAAA,CAAA;IAGN,CAAA,MAEK,IAAImB,aAAa/F,IAAI,KAAKE,UAAUC,cAAc,CAACC,MAAM,EAAE;AAC9D,QAAA,MAAMI,OAAOuB,EAAE,CAACC,KAAK,CAAC,6BAAA,CAAA,CAA+B0D,MAAM,CAAC;YAC1DtD,KAAAA,EAAO;gBAAEV,KAAAA,EAAOkD;AAAG;AACrB,SAAA,CAAA;AACF,IAAA;;IAGA,MAAMwB,iBAAAA,GAAoB,MAAM5F,MAAAA,CAAOuB,EAAE,CACtCC,KAAK,CAAC,kBAAA,CAAA,CACNyC,IAAI,CAACsB,YAAAA,EAAc,aAAA,CAAA;IAEtB,OAAO;AACL,QAAA,GAAGA,YAAY;QACf9F,WAAAA,EAAamG,iBAAAA,GAAoBA,kBAAkBzE,GAAG,CAAC,CAAC0E,CAAAA,GAAWA,CAAAA,CAAE1F,MAAM,CAAA,GAAI2F;AACjF,KAAA;AACF;AAEA,MAAMC,KAAAA,GAAQ,OAAOnE,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAO5B,OAAOuB,EAAE,CAACC,KAAK,CAAC,kBAAA,CAAA,CAAoBuE,KAAK,CAAC;AAAEnE,QAAAA;AAAM,KAAA,CAAA;AAC3D;;;;"}

package/dist/server/server/src/services/auth.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth.js","sources":["../../../../../server/src/services/auth.ts"],"sourcesContent":["import bcrypt from 'bcryptjs';\nimport _ from 'lodash';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport type { AdminUser } from '../../../shared/contracts/shared';\nimport '@strapi/types';\n\nconst { ApplicationError } = errors;\n\n/*\n hashes a password\n * @param password - password to hash\n * @returns hashed password\n /\nconst hashPassword = (password: string) => bcrypt.hash(password, 10);\n\n/\n Validate a password\n * @param password\n * @param hash\n * @returns {Promise<boolean>} is the password valid\n /\nconst validatePassword = (password: string, hash: string) => bcrypt.compare(password, hash);\n\n/\n Check login credentials\n * @param email the users email address\n * @param password the users password\n /\nconst checkCredentials = async ({ email, password }: { email: string; password: string }) => {\n const user: AdminUser = await strapi.db.query('admin::user').findOne({ where: { email } });\n\n if (!user \|\| !user.password) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n const isValid = await validatePassword(password, user.password);\n\n if (!isValid) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n if (!(user.isActive === true)) {\n return [null, false, { message: 'User not active' }];\n }\n\n return [null, user];\n};\n\n/\n Send an email to the user if it exists or do nothing\n * @param email user email for which to reset the password\n /\nconst forgotPassword = async ({ email } = {} as { email: string }) => {\n const user: AdminUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { email, isActive: true } });\n if (!user) {\n return;\n }\n\n const resetPasswordToken = getService('token').createToken();\n await getService('user').updateById(user.id, { resetPasswordToken });\n\n // Send an email to the admin.\n const url = `${strapi.config.get(\n 'admin.absoluteUrl'\n )}/auth/reset-password?code=${resetPasswordToken}`;\n\n return strapi\n .plugin('email')\n .service('email')\n .sendTemplatedEmail(\n {\n to: user.email,\n from: strapi.config.get('admin.forgotPassword.from'),\n replyTo: strapi.config.get('admin.forgotPassword.replyTo'),\n },\n strapi.config.get('admin.forgotPassword.emailTemplate'),\n {\n url,\n user: _.pick(user, ['email', 'firstname', 'lastname', 'username']),\n }\n )\n .catch((err: unknown) => {\n // log error server side but do not disclose it to the user to avoid leaking informations\n strapi.log.error(err);\n });\n};\n\n/\n Reset a user password\n * @param resetPasswordToken token generated to request a password reset\n * @param password new user password\n */\nconst resetPassword = async (\n { resetPasswordToken, password } = {} as { resetPasswordToken: string; password: string }\n) => {\n const matchingUser: AdminUser \| undefined = await strapi.db\n .query('admin::user')\n .findOne({ where: { resetPasswordToken, isActive: true } });\n\n if (!matchingUser) {\n throw new ApplicationError();\n }\n\n return getService('user').updateById(matchingUser.id, {\n password,\n resetPasswordToken: null,\n });\n};\n\nexport default { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };\n"],"names":["ApplicationError","errors","hashPassword","password","bcrypt","hash","validatePassword","compare","checkCredentials","email","user","strapi","db","query","findOne","where","message","isValid","isActive","forgotPassword","resetPasswordToken","getService","createToken","updateById","id","url","config","get","plugin","service","sendTemplatedEmail","to","from","replyTo","_","pick","catch","err","log","error","resetPassword","matchingUser"],"mappings":";;;;;;;;AAOA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,YAAAA;AAE7B;;;;AAIC,IACD,MAAMC,~~YAAe~~,~~GAAA~~,CAACC,WAAqBC,~~MAAOC~~,~~CAAAA~~,IAAI,CAACF,~~QAAU~~,~~EAAA~~,EAAA,CAAA;AAEjE;;;;;IAMA,MAAMG,mBAAmB,CAACH,QAAAA,EAAkBE,OAAiBD,~~MAAOG~~,~~CAAAA~~,OAAO,CAACJ,~~QAAUE~~,~~EAAAA~~,IAAAA,CAAAA;AAEtF;;;;AAIC,IACD,MAAMG,~~gBAAmB~~,~~GAAA~~,OAAO,EAAEC,KAAK,EAAEN,QAAQ,EAAuC,GAAA;IACtF,MAAMO,IAAAA,GAAkB,MAAMC,~~MAAOC~~,~~CAAAA~~,EAAE,CAACC,KAAK,CAAC,~~aAAeC~~,~~CAAAA~~,~~CAAAA~~,OAAO,CAAC;QAAEC,~~KAAO~~,~~EAAA~~;AAAEN,YAAAA;AAAM;AAAE,KAAA,CAAA;AAExF,IAAA,IAAI,CAACC,IAAAA,IAAQ,CAACA,IAAAA,CAAKP,QAAQ,EAAE;QAC3B,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAEa,~~OAAS~~,~~EAAA~~;AAAsB;AAAE,SAAA;AAC1D;AAEA,IAAA,MAAMC,~~OAAU~~,~~GAAA~~,MAAMX,~~gBAAiBH~~,~~CAAAA~~,QAAAA,EAAUO,KAAKP,QAAQ,CAAA;AAE9D,IAAA,IAAI,CAACc,~~OAAS~~,~~EAAA~~;QACZ,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAED,~~OAAS~~,~~EAAA~~;AAAsB;AAAE,SAAA;AAC1D;AAEA,IAAA,IAAI,EAAEN,IAAAA,CAAKQ,QAAQ,KAAK,IAAG,~~CAAI~~,~~EAAA~~;QAC7B,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAEF,~~OAAS~~,~~EAAA~~;AAAkB;AAAE,SAAA;AACtD;IAEA,OAAO;AAAC,QAAA,IAAA;AAAMN,QAAAA;AAAK,KAAA;AACrB,CAAA;AAEA;;;IAIA,MAAMS,iBAAiB,OAAO,EAAEV,KAAK,EAAE,GAAG,EAAuB,GAAA;IAC/D,MAAMC,IAAAA,GAAkB,MAAMC,~~MAAOC~~,~~CAAAA~~,EAAE,CACpCC,KAAK,CAAC,~~aACNC~~,~~CAAAA~~,~~CAAAA~~,OAAO,CAAC;QAAEC,~~KAAO~~,~~EAAA~~;AAAEN,YAAAA,KAAAA;YAAOS,~~QAAU~~,~~EAAA~~;AAAK;AAAE,KAAA,CAAA;AAC9C,IAAA,IAAI,CAACR,~~IAAM~~,~~EAAA~~;AACT,QAAA;AACF;IAEA,MAAMU,kBAAAA,GAAqBC,~~gBAAW~~,~~CAAA~~,OAAA,CAAA,CAASC,WAAW,EAAA;AAC1D,IAAA,MAAMD,iBAAW,~~MAAQE~~,~~CAAAA~~,~~CAAAA~~,UAAU,CAACb,IAAAA,CAAKc,EAAE,EAAE;AAAEJ,QAAAA;AAAmB,KAAA,CAAA;;IAGlE,MAAMK,GAAAA,GAAM,~~CAAGd~~,~~EAAAA~~,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAC9B,mBAAA,CAAA,CACA,0BAA0B,EAAEP,~~kBAAoB~~,~~CAAA~~,~~CAAA~~;IAElD,OAAOT,MAAAA,CACJiB,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,kBAAkB,CACjB;AACEC,QAAAA,EAAAA,EAAIrB,KAAKD,KAAK;AACduB,QAAAA,IAAAA,EAAMrB,~~MAAOe~~,~~CAAAA~~,MAAM,CAACC,GAAG,CAAC,2BAAA,CAAA;AACxBM,QAAAA,OAAAA,EAAStB,~~MAAOe~~,~~CAAAA~~,MAAM,CAACC,GAAG,CAAC,8BAAA;AAC7B,KAAA,EACAhB,~~MAAOe~~,~~CAAAA~~,MAAM,CAACC,GAAG,CAAC,~~oCAClB~~,CAAA,~~EAAA~~;AACEF,QAAAA,GAAAA;QACAf,~~IAAMwB~~,~~EAAAA~~,CAAAA,CAAEC,IAAI,CAACzB,~~IAAM~~,~~EAAA~~;AAAC,YAAA,OAAA;AAAS,YAAA,WAAA;AAAa,YAAA,UAAA;AAAY,YAAA;AAAW,SAAA;~~KAGpE0B~~,~~CAAAA~~,~~CAAAA~~,KAAK,CAAC,CAACC,GAAAA,GAAAA;;QAEN1B,~~MAAO2B~~,~~CAAAA~~,GAAG,CAACC,KAAK,CAACF,GAAAA,CAAAA;AACnB,~~KAAA~~,CAAA;AACJ,CAAA;AAEA;;;;IAKA,MAAMG,~~aAAgB~~,~~GAAA~~,OACpB,EAAEpB,kBAAkB,EAAEjB,QAAQ,EAAE,GAAG,EAAsD,GAAA;IAEzF,MAAMsC,YAAAA,GAAsC,MAAM9B,~~MAAOC~~,~~CAAAA~~,EAAE,CACxDC,KAAK,CAAC,~~aACNC~~,~~CAAAA~~,~~CAAAA~~,OAAO,CAAC;QAAEC,~~KAAO~~,~~EAAA~~;AAAEK,YAAAA,kBAAAA;YAAoBF,~~QAAU~~,~~EAAA~~;AAAK;AAAE,KAAA,CAAA;AAE3D,IAAA,IAAI,CAACuB,~~YAAc~~,~~EAAA~~;AACjB,QAAA,MAAM,IAAIzC,gBAAAA,EAAAA;AACZ;AAEA,IAAA,OAAOqB,iBAAW,~~MAAQE~~,~~CAAAA~~,~~CAAAA~~,UAAU,CAACkB,YAAAA,CAAajB,EAAE,EAAE;AACpDrB,QAAAA,QAAAA;QACAiB,~~kBAAoB~~,~~EAAA~~;AACtB,KAAA,CAAA;AACF,CAAA;AAEA,WAAe;AAAEZ,IAAAA,gBAAAA;AAAkBF,IAAAA,gBAAAA;AAAkBJ,IAAAA,YAAAA;AAAciB,IAAAA,cAAAA;AAAgBqB,IAAAA;AAAc,~~CAAE~~;;;;"}
1	+ {"version":3,"file":"auth.js","sources":["../../../../../server/src/services/auth.ts"],"sourcesContent":["import bcrypt from 'bcryptjs';\nimport _ from 'lodash';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport type { AdminUser } from '../../../shared/contracts/shared';\nimport '@strapi/types';\n\nconst { ApplicationError } = errors;\n\n/*\n hashes a password\n * @param password - password to hash\n * @returns hashed password\n /\nconst hashPassword = (password: string) => bcrypt.hash(password, 10);\n\n/\n Validate a password\n * @param password\n * @param hash\n * @returns {Promise<boolean>} is the password valid\n /\nconst validatePassword = (password: string, hash: string) => bcrypt.compare(password, hash);\n\n/\n Check login credentials\n * @param email the users email address\n * @param password the users password\n /\nconst checkCredentials = async ({ email, password }: { email: string; password: string }) => {\n const user: AdminUser = await strapi.db.query('admin::user').findOne({ where: { email } });\n\n if (!user \|\| !user.password) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n const isValid = await validatePassword(password, user.password);\n\n if (!isValid) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n if (!(user.isActive === true)) {\n return [null, false, { message: 'User not active' }];\n }\n\n return [null, user];\n};\n\n/\n Send an email to the user if it exists or do nothing\n * @param email user email for which to reset the password\n /\nconst forgotPassword = async ({ email } = {} as { email: string }) => {\n const user: AdminUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { email, isActive: true } });\n if (!user) {\n return;\n }\n\n const resetPasswordToken = getService('token').createToken();\n await getService('user').updateById(user.id, { resetPasswordToken });\n\n // Send an email to the admin.\n const url = `${strapi.config.get(\n 'admin.absoluteUrl'\n )}/auth/reset-password?code=${resetPasswordToken}`;\n\n return strapi\n .plugin('email')\n .service('email')\n .sendTemplatedEmail(\n {\n to: user.email,\n from: strapi.config.get('admin.forgotPassword.from'),\n replyTo: strapi.config.get('admin.forgotPassword.replyTo'),\n },\n strapi.config.get('admin.forgotPassword.emailTemplate'),\n {\n url,\n user: _.pick(user, ['email', 'firstname', 'lastname', 'username']),\n }\n )\n .catch((err: unknown) => {\n // log error server side but do not disclose it to the user to avoid leaking informations\n strapi.log.error(err);\n });\n};\n\n/\n Reset a user password\n * @param resetPasswordToken token generated to request a password reset\n * @param password new user password\n */\nconst resetPassword = async (\n { resetPasswordToken, password } = {} as { resetPasswordToken: string; password: string }\n) => {\n const matchingUser: AdminUser \| undefined = await strapi.db\n .query('admin::user')\n .findOne({ where: { resetPasswordToken, isActive: true } });\n\n if (!matchingUser) {\n throw new ApplicationError();\n }\n\n return getService('user').updateById(matchingUser.id, {\n password,\n resetPasswordToken: null,\n });\n};\n\nexport default { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };\n"],"names":["ApplicationError","errors","hashPassword","password","bcrypt","hash","validatePassword","compare","checkCredentials","email","user","strapi","db","query","findOne","where","message","isValid","isActive","forgotPassword","resetPasswordToken","getService","createToken","updateById","id","url","config","get","plugin","service","sendTemplatedEmail","to","from","replyTo","_","pick","catch","err","log","error","resetPassword","matchingUser"],"mappings":";;;;;;;;AAOA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,YAAAA;AAE7B;;;;AAIC,IACD,MAAMC,YAAAA,GAAe,CAACC,WAAqBC,MAAAA,CAAOC,IAAI,CAACF,QAAAA,EAAU,EAAA,CAAA;AAEjE;;;;;IAMA,MAAMG,mBAAmB,CAACH,QAAAA,EAAkBE,OAAiBD,MAAAA,CAAOG,OAAO,CAACJ,QAAAA,EAAUE,IAAAA,CAAAA;AAEtF;;;;AAIC,IACD,MAAMG,gBAAAA,GAAmB,OAAO,EAAEC,KAAK,EAAEN,QAAQ,EAAuC,GAAA;IACtF,MAAMO,IAAAA,GAAkB,MAAMC,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeC,OAAO,CAAC;QAAEC,KAAAA,EAAO;AAAEN,YAAAA;AAAM;AAAE,KAAA,CAAA;AAExF,IAAA,IAAI,CAACC,IAAAA,IAAQ,CAACA,IAAAA,CAAKP,QAAQ,EAAE;QAC3B,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAEa,OAAAA,EAAS;AAAsB;AAAE,SAAA;AAC1D,IAAA;AAEA,IAAA,MAAMC,OAAAA,GAAU,MAAMX,gBAAAA,CAAiBH,QAAAA,EAAUO,KAAKP,QAAQ,CAAA;AAE9D,IAAA,IAAI,CAACc,OAAAA,EAAS;QACZ,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAED,OAAAA,EAAS;AAAsB;AAAE,SAAA;AAC1D,IAAA;AAEA,IAAA,IAAI,EAAEN,IAAAA,CAAKQ,QAAQ,KAAK,IAAG,CAAA,EAAI;QAC7B,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAEF,OAAAA,EAAS;AAAkB;AAAE,SAAA;AACtD,IAAA;IAEA,OAAO;AAAC,QAAA,IAAA;AAAMN,QAAAA;AAAK,KAAA;AACrB,CAAA;AAEA;;;IAIA,MAAMS,iBAAiB,OAAO,EAAEV,KAAK,EAAE,GAAG,EAAuB,GAAA;IAC/D,MAAMC,IAAAA,GAAkB,MAAMC,MAAAA,CAAOC,EAAE,CACpCC,KAAK,CAAC,aAAA,CAAA,CACNC,OAAO,CAAC;QAAEC,KAAAA,EAAO;AAAEN,YAAAA,KAAAA;YAAOS,QAAAA,EAAU;AAAK;AAAE,KAAA,CAAA;AAC9C,IAAA,IAAI,CAACR,IAAAA,EAAM;AACT,QAAA;AACF,IAAA;IAEA,MAAMU,kBAAAA,GAAqBC,gBAAAA,CAAW,OAAA,CAAA,CAASC,WAAW,EAAA;AAC1D,IAAA,MAAMD,iBAAW,MAAA,CAAA,CAAQE,UAAU,CAACb,IAAAA,CAAKc,EAAE,EAAE;AAAEJ,QAAAA;AAAmB,KAAA,CAAA;;IAGlE,MAAMK,GAAAA,GAAM,CAAA,EAAGd,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAC9B,mBAAA,CAAA,CACA,0BAA0B,EAAEP,kBAAAA,CAAAA,CAAoB;IAElD,OAAOT,MAAAA,CACJiB,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,kBAAkB,CACjB;AACEC,QAAAA,EAAAA,EAAIrB,KAAKD,KAAK;AACduB,QAAAA,IAAAA,EAAMrB,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAAC,2BAAA,CAAA;AACxBM,QAAAA,OAAAA,EAAStB,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAAC,8BAAA;AAC7B,KAAA,EACAhB,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAAC,oCAAA,CAAA,EAClB;AACEF,QAAAA,GAAAA;QACAf,IAAAA,EAAMwB,CAAAA,CAAEC,IAAI,CAACzB,IAAAA,EAAM;AAAC,YAAA,OAAA;AAAS,YAAA,WAAA;AAAa,YAAA,UAAA;AAAY,YAAA;AAAW,SAAA;KACnE,CAAA,CAED0B,KAAK,CAAC,CAACC,GAAAA,GAAAA;;QAEN1B,MAAAA,CAAO2B,GAAG,CAACC,KAAK,CAACF,GAAAA,CAAAA;AACnB,IAAA,CAAA,CAAA;AACJ,CAAA;AAEA;;;;IAKA,MAAMG,aAAAA,GAAgB,OACpB,EAAEpB,kBAAkB,EAAEjB,QAAQ,EAAE,GAAG,EAAsD,GAAA;IAEzF,MAAMsC,YAAAA,GAAsC,MAAM9B,MAAAA,CAAOC,EAAE,CACxDC,KAAK,CAAC,aAAA,CAAA,CACNC,OAAO,CAAC;QAAEC,KAAAA,EAAO;AAAEK,YAAAA,kBAAAA;YAAoBF,QAAAA,EAAU;AAAK;AAAE,KAAA,CAAA;AAE3D,IAAA,IAAI,CAACuB,YAAAA,EAAc;AACjB,QAAA,MAAM,IAAIzC,gBAAAA,EAAAA;AACZ,IAAA;AAEA,IAAA,OAAOqB,iBAAW,MAAA,CAAA,CAAQE,UAAU,CAACkB,YAAAA,CAAajB,EAAE,EAAE;AACpDrB,QAAAA,QAAAA;QACAiB,kBAAAA,EAAoB;AACtB,KAAA,CAAA;AACF,CAAA;AAEA,WAAe;AAAEZ,IAAAA,gBAAAA;AAAkBF,IAAAA,gBAAAA;AAAkBJ,IAAAA,YAAAA;AAAciB,IAAAA,cAAAA;AAAgBqB,IAAAA;AAAc,CAAA;;;;"}

package/dist/server/server/src/services/auth.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth.mjs","sources":["../../../../../server/src/services/auth.ts"],"sourcesContent":["import bcrypt from 'bcryptjs';\nimport _ from 'lodash';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport type { AdminUser } from '../../../shared/contracts/shared';\nimport '@strapi/types';\n\nconst { ApplicationError } = errors;\n\n/*\n hashes a password\n * @param password - password to hash\n * @returns hashed password\n /\nconst hashPassword = (password: string) => bcrypt.hash(password, 10);\n\n/\n Validate a password\n * @param password\n * @param hash\n * @returns {Promise<boolean>} is the password valid\n /\nconst validatePassword = (password: string, hash: string) => bcrypt.compare(password, hash);\n\n/\n Check login credentials\n * @param email the users email address\n * @param password the users password\n /\nconst checkCredentials = async ({ email, password }: { email: string; password: string }) => {\n const user: AdminUser = await strapi.db.query('admin::user').findOne({ where: { email } });\n\n if (!user \|\| !user.password) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n const isValid = await validatePassword(password, user.password);\n\n if (!isValid) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n if (!(user.isActive === true)) {\n return [null, false, { message: 'User not active' }];\n }\n\n return [null, user];\n};\n\n/\n Send an email to the user if it exists or do nothing\n * @param email user email for which to reset the password\n /\nconst forgotPassword = async ({ email } = {} as { email: string }) => {\n const user: AdminUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { email, isActive: true } });\n if (!user) {\n return;\n }\n\n const resetPasswordToken = getService('token').createToken();\n await getService('user').updateById(user.id, { resetPasswordToken });\n\n // Send an email to the admin.\n const url = `${strapi.config.get(\n 'admin.absoluteUrl'\n )}/auth/reset-password?code=${resetPasswordToken}`;\n\n return strapi\n .plugin('email')\n .service('email')\n .sendTemplatedEmail(\n {\n to: user.email,\n from: strapi.config.get('admin.forgotPassword.from'),\n replyTo: strapi.config.get('admin.forgotPassword.replyTo'),\n },\n strapi.config.get('admin.forgotPassword.emailTemplate'),\n {\n url,\n user: _.pick(user, ['email', 'firstname', 'lastname', 'username']),\n }\n )\n .catch((err: unknown) => {\n // log error server side but do not disclose it to the user to avoid leaking informations\n strapi.log.error(err);\n });\n};\n\n/\n Reset a user password\n * @param resetPasswordToken token generated to request a password reset\n * @param password new user password\n */\nconst resetPassword = async (\n { resetPasswordToken, password } = {} as { resetPasswordToken: string; password: string }\n) => {\n const matchingUser: AdminUser \| undefined = await strapi.db\n .query('admin::user')\n .findOne({ where: { resetPasswordToken, isActive: true } });\n\n if (!matchingUser) {\n throw new ApplicationError();\n }\n\n return getService('user').updateById(matchingUser.id, {\n password,\n resetPasswordToken: null,\n });\n};\n\nexport default { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };\n"],"names":["ApplicationError","errors","hashPassword","password","bcrypt","hash","validatePassword","compare","checkCredentials","email","user","strapi","db","query","findOne","where","message","isValid","isActive","forgotPassword","resetPasswordToken","getService","createToken","updateById","id","url","config","get","plugin","service","sendTemplatedEmail","to","from","replyTo","_","pick","catch","err","log","error","resetPassword","matchingUser"],"mappings":";;;;;;AAOA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,MAAAA;AAE7B;;;;AAIC,IACD,MAAMC,~~YAAe~~,~~GAAA~~,CAACC,WAAqBC,~~MAAOC~~,~~CAAAA~~,IAAI,CAACF,~~QAAU~~,~~EAAA~~,EAAA,CAAA;AAEjE;;;;;IAMA,MAAMG,mBAAmB,CAACH,QAAAA,EAAkBE,OAAiBD,~~MAAOG~~,~~CAAAA~~,OAAO,CAACJ,~~QAAUE~~,~~EAAAA~~,IAAAA,CAAAA;AAEtF;;;;AAIC,IACD,MAAMG,~~gBAAmB~~,~~GAAA~~,OAAO,EAAEC,KAAK,EAAEN,QAAQ,EAAuC,GAAA;IACtF,MAAMO,IAAAA,GAAkB,MAAMC,~~MAAOC~~,~~CAAAA~~,EAAE,CAACC,KAAK,CAAC,~~aAAeC~~,~~CAAAA~~,~~CAAAA~~,OAAO,CAAC;QAAEC,~~KAAO~~,~~EAAA~~;AAAEN,YAAAA;AAAM;AAAE,KAAA,CAAA;AAExF,IAAA,IAAI,CAACC,IAAAA,IAAQ,CAACA,IAAAA,CAAKP,QAAQ,EAAE;QAC3B,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAEa,~~OAAS~~,~~EAAA~~;AAAsB;AAAE,SAAA;AAC1D;AAEA,IAAA,MAAMC,~~OAAU~~,~~GAAA~~,MAAMX,~~gBAAiBH~~,~~CAAAA~~,QAAAA,EAAUO,KAAKP,QAAQ,CAAA;AAE9D,IAAA,IAAI,CAACc,~~OAAS~~,~~EAAA~~;QACZ,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAED,~~OAAS~~,~~EAAA~~;AAAsB;AAAE,SAAA;AAC1D;AAEA,IAAA,IAAI,EAAEN,IAAAA,CAAKQ,QAAQ,KAAK,IAAG,~~CAAI~~,~~EAAA~~;QAC7B,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAEF,~~OAAS~~,~~EAAA~~;AAAkB;AAAE,SAAA;AACtD;IAEA,OAAO;AAAC,QAAA,IAAA;AAAMN,QAAAA;AAAK,KAAA;AACrB,CAAA;AAEA;;;IAIA,MAAMS,iBAAiB,OAAO,EAAEV,KAAK,EAAE,GAAG,EAAuB,GAAA;IAC/D,MAAMC,IAAAA,GAAkB,MAAMC,~~MAAOC~~,~~CAAAA~~,EAAE,CACpCC,KAAK,CAAC,~~aACNC~~,~~CAAAA~~,~~CAAAA~~,OAAO,CAAC;QAAEC,~~KAAO~~,~~EAAA~~;AAAEN,YAAAA,KAAAA;YAAOS,~~QAAU~~,~~EAAA~~;AAAK;AAAE,KAAA,CAAA;AAC9C,IAAA,IAAI,CAACR,~~IAAM~~,~~EAAA~~;AACT,QAAA;AACF;IAEA,MAAMU,kBAAAA,GAAqBC,~~UAAW~~,~~CAAA~~,OAAA,CAAA,CAASC,WAAW,EAAA;AAC1D,IAAA,MAAMD,WAAW,~~MAAQE~~,~~CAAAA~~,~~CAAAA~~,UAAU,CAACb,IAAAA,CAAKc,EAAE,EAAE;AAAEJ,QAAAA;AAAmB,KAAA,CAAA;;IAGlE,MAAMK,GAAAA,GAAM,~~CAAGd~~,~~EAAAA~~,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAC9B,mBAAA,CAAA,CACA,0BAA0B,EAAEP,~~kBAAoB~~,~~CAAA~~,~~CAAA~~;IAElD,OAAOT,MAAAA,CACJiB,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,kBAAkB,CACjB;AACEC,QAAAA,EAAAA,EAAIrB,KAAKD,KAAK;AACduB,QAAAA,IAAAA,EAAMrB,~~MAAOe~~,~~CAAAA~~,MAAM,CAACC,GAAG,CAAC,2BAAA,CAAA;AACxBM,QAAAA,OAAAA,EAAStB,~~MAAOe~~,~~CAAAA~~,MAAM,CAACC,GAAG,CAAC,8BAAA;AAC7B,KAAA,EACAhB,~~MAAOe~~,~~CAAAA~~,MAAM,CAACC,GAAG,CAAC,~~oCAClB~~,CAAA,~~EAAA~~;AACEF,QAAAA,GAAAA;QACAf,~~IAAMwB~~,~~EAAAA~~,UAAAA,CAAEC,IAAI,CAACzB,~~IAAM~~,~~EAAA~~;AAAC,YAAA,OAAA;AAAS,YAAA,WAAA;AAAa,YAAA,UAAA;AAAY,YAAA;AAAW,SAAA;~~KAGpE0B~~,~~CAAAA~~,~~CAAAA~~,KAAK,CAAC,CAACC,GAAAA,GAAAA;;QAEN1B,~~MAAO2B~~,~~CAAAA~~,GAAG,CAACC,KAAK,CAACF,GAAAA,CAAAA;AACnB,~~KAAA~~,CAAA;AACJ,CAAA;AAEA;;;;IAKA,MAAMG,~~aAAgB~~,~~GAAA~~,OACpB,EAAEpB,kBAAkB,EAAEjB,QAAQ,EAAE,GAAG,EAAsD,GAAA;IAEzF,MAAMsC,YAAAA,GAAsC,MAAM9B,~~MAAOC~~,~~CAAAA~~,EAAE,CACxDC,KAAK,CAAC,~~aACNC~~,~~CAAAA~~,~~CAAAA~~,OAAO,CAAC;QAAEC,~~KAAO~~,~~EAAA~~;AAAEK,YAAAA,kBAAAA;YAAoBF,~~QAAU~~,~~EAAA~~;AAAK;AAAE,KAAA,CAAA;AAE3D,IAAA,IAAI,CAACuB,~~YAAc~~,~~EAAA~~;AACjB,QAAA,MAAM,IAAIzC,gBAAAA,EAAAA;AACZ;AAEA,IAAA,OAAOqB,WAAW,~~MAAQE~~,~~CAAAA~~,~~CAAAA~~,UAAU,CAACkB,YAAAA,CAAajB,EAAE,EAAE;AACpDrB,QAAAA,QAAAA;QACAiB,~~kBAAoB~~,~~EAAA~~;AACtB,KAAA,CAAA;AACF,CAAA;AAEA,WAAe;AAAEZ,IAAAA,gBAAAA;AAAkBF,IAAAA,gBAAAA;AAAkBJ,IAAAA,YAAAA;AAAciB,IAAAA,cAAAA;AAAgBqB,IAAAA;AAAc,~~CAAE~~;;;;"}
1	+ {"version":3,"file":"auth.mjs","sources":["../../../../../server/src/services/auth.ts"],"sourcesContent":["import bcrypt from 'bcryptjs';\nimport _ from 'lodash';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport type { AdminUser } from '../../../shared/contracts/shared';\nimport '@strapi/types';\n\nconst { ApplicationError } = errors;\n\n/*\n hashes a password\n * @param password - password to hash\n * @returns hashed password\n /\nconst hashPassword = (password: string) => bcrypt.hash(password, 10);\n\n/\n Validate a password\n * @param password\n * @param hash\n * @returns {Promise<boolean>} is the password valid\n /\nconst validatePassword = (password: string, hash: string) => bcrypt.compare(password, hash);\n\n/\n Check login credentials\n * @param email the users email address\n * @param password the users password\n /\nconst checkCredentials = async ({ email, password }: { email: string; password: string }) => {\n const user: AdminUser = await strapi.db.query('admin::user').findOne({ where: { email } });\n\n if (!user \|\| !user.password) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n const isValid = await validatePassword(password, user.password);\n\n if (!isValid) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n if (!(user.isActive === true)) {\n return [null, false, { message: 'User not active' }];\n }\n\n return [null, user];\n};\n\n/\n Send an email to the user if it exists or do nothing\n * @param email user email for which to reset the password\n /\nconst forgotPassword = async ({ email } = {} as { email: string }) => {\n const user: AdminUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { email, isActive: true } });\n if (!user) {\n return;\n }\n\n const resetPasswordToken = getService('token').createToken();\n await getService('user').updateById(user.id, { resetPasswordToken });\n\n // Send an email to the admin.\n const url = `${strapi.config.get(\n 'admin.absoluteUrl'\n )}/auth/reset-password?code=${resetPasswordToken}`;\n\n return strapi\n .plugin('email')\n .service('email')\n .sendTemplatedEmail(\n {\n to: user.email,\n from: strapi.config.get('admin.forgotPassword.from'),\n replyTo: strapi.config.get('admin.forgotPassword.replyTo'),\n },\n strapi.config.get('admin.forgotPassword.emailTemplate'),\n {\n url,\n user: _.pick(user, ['email', 'firstname', 'lastname', 'username']),\n }\n )\n .catch((err: unknown) => {\n // log error server side but do not disclose it to the user to avoid leaking informations\n strapi.log.error(err);\n });\n};\n\n/\n Reset a user password\n * @param resetPasswordToken token generated to request a password reset\n * @param password new user password\n */\nconst resetPassword = async (\n { resetPasswordToken, password } = {} as { resetPasswordToken: string; password: string }\n) => {\n const matchingUser: AdminUser \| undefined = await strapi.db\n .query('admin::user')\n .findOne({ where: { resetPasswordToken, isActive: true } });\n\n if (!matchingUser) {\n throw new ApplicationError();\n }\n\n return getService('user').updateById(matchingUser.id, {\n password,\n resetPasswordToken: null,\n });\n};\n\nexport default { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };\n"],"names":["ApplicationError","errors","hashPassword","password","bcrypt","hash","validatePassword","compare","checkCredentials","email","user","strapi","db","query","findOne","where","message","isValid","isActive","forgotPassword","resetPasswordToken","getService","createToken","updateById","id","url","config","get","plugin","service","sendTemplatedEmail","to","from","replyTo","_","pick","catch","err","log","error","resetPassword","matchingUser"],"mappings":";;;;;;AAOA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,MAAAA;AAE7B;;;;AAIC,IACD,MAAMC,YAAAA,GAAe,CAACC,WAAqBC,MAAAA,CAAOC,IAAI,CAACF,QAAAA,EAAU,EAAA,CAAA;AAEjE;;;;;IAMA,MAAMG,mBAAmB,CAACH,QAAAA,EAAkBE,OAAiBD,MAAAA,CAAOG,OAAO,CAACJ,QAAAA,EAAUE,IAAAA,CAAAA;AAEtF;;;;AAIC,IACD,MAAMG,gBAAAA,GAAmB,OAAO,EAAEC,KAAK,EAAEN,QAAQ,EAAuC,GAAA;IACtF,MAAMO,IAAAA,GAAkB,MAAMC,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeC,OAAO,CAAC;QAAEC,KAAAA,EAAO;AAAEN,YAAAA;AAAM;AAAE,KAAA,CAAA;AAExF,IAAA,IAAI,CAACC,IAAAA,IAAQ,CAACA,IAAAA,CAAKP,QAAQ,EAAE;QAC3B,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAEa,OAAAA,EAAS;AAAsB;AAAE,SAAA;AAC1D,IAAA;AAEA,IAAA,MAAMC,OAAAA,GAAU,MAAMX,gBAAAA,CAAiBH,QAAAA,EAAUO,KAAKP,QAAQ,CAAA;AAE9D,IAAA,IAAI,CAACc,OAAAA,EAAS;QACZ,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAED,OAAAA,EAAS;AAAsB;AAAE,SAAA;AAC1D,IAAA;AAEA,IAAA,IAAI,EAAEN,IAAAA,CAAKQ,QAAQ,KAAK,IAAG,CAAA,EAAI;QAC7B,OAAO;AAAC,YAAA,IAAA;AAAM,YAAA,KAAA;AAAO,YAAA;gBAAEF,OAAAA,EAAS;AAAkB;AAAE,SAAA;AACtD,IAAA;IAEA,OAAO;AAAC,QAAA,IAAA;AAAMN,QAAAA;AAAK,KAAA;AACrB,CAAA;AAEA;;;IAIA,MAAMS,iBAAiB,OAAO,EAAEV,KAAK,EAAE,GAAG,EAAuB,GAAA;IAC/D,MAAMC,IAAAA,GAAkB,MAAMC,MAAAA,CAAOC,EAAE,CACpCC,KAAK,CAAC,aAAA,CAAA,CACNC,OAAO,CAAC;QAAEC,KAAAA,EAAO;AAAEN,YAAAA,KAAAA;YAAOS,QAAAA,EAAU;AAAK;AAAE,KAAA,CAAA;AAC9C,IAAA,IAAI,CAACR,IAAAA,EAAM;AACT,QAAA;AACF,IAAA;IAEA,MAAMU,kBAAAA,GAAqBC,UAAAA,CAAW,OAAA,CAAA,CAASC,WAAW,EAAA;AAC1D,IAAA,MAAMD,WAAW,MAAA,CAAA,CAAQE,UAAU,CAACb,IAAAA,CAAKc,EAAE,EAAE;AAAEJ,QAAAA;AAAmB,KAAA,CAAA;;IAGlE,MAAMK,GAAAA,GAAM,CAAA,EAAGd,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAC9B,mBAAA,CAAA,CACA,0BAA0B,EAAEP,kBAAAA,CAAAA,CAAoB;IAElD,OAAOT,MAAAA,CACJiB,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,kBAAkB,CACjB;AACEC,QAAAA,EAAAA,EAAIrB,KAAKD,KAAK;AACduB,QAAAA,IAAAA,EAAMrB,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAAC,2BAAA,CAAA;AACxBM,QAAAA,OAAAA,EAAStB,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAAC,8BAAA;AAC7B,KAAA,EACAhB,MAAAA,CAAOe,MAAM,CAACC,GAAG,CAAC,oCAAA,CAAA,EAClB;AACEF,QAAAA,GAAAA;QACAf,IAAAA,EAAMwB,UAAAA,CAAEC,IAAI,CAACzB,IAAAA,EAAM;AAAC,YAAA,OAAA;AAAS,YAAA,WAAA;AAAa,YAAA,UAAA;AAAY,YAAA;AAAW,SAAA;KACnE,CAAA,CAED0B,KAAK,CAAC,CAACC,GAAAA,GAAAA;;QAEN1B,MAAAA,CAAO2B,GAAG,CAACC,KAAK,CAACF,GAAAA,CAAAA;AACnB,IAAA,CAAA,CAAA;AACJ,CAAA;AAEA;;;;IAKA,MAAMG,aAAAA,GAAgB,OACpB,EAAEpB,kBAAkB,EAAEjB,QAAQ,EAAE,GAAG,EAAsD,GAAA;IAEzF,MAAMsC,YAAAA,GAAsC,MAAM9B,MAAAA,CAAOC,EAAE,CACxDC,KAAK,CAAC,aAAA,CAAA,CACNC,OAAO,CAAC;QAAEC,KAAAA,EAAO;AAAEK,YAAAA,kBAAAA;YAAoBF,QAAAA,EAAU;AAAK;AAAE,KAAA,CAAA;AAE3D,IAAA,IAAI,CAACuB,YAAAA,EAAc;AACjB,QAAA,MAAM,IAAIzC,gBAAAA,EAAAA;AACZ,IAAA;AAEA,IAAA,OAAOqB,WAAW,MAAA,CAAA,CAAQE,UAAU,CAACkB,YAAAA,CAAajB,EAAE,EAAE;AACpDrB,QAAAA,QAAAA;QACAiB,kBAAAA,EAAoB;AACtB,KAAA,CAAA;AACF,CAAA;AAEA,WAAe;AAAEZ,IAAAA,gBAAAA;AAAkBF,IAAAA,gBAAAA;AAAkBJ,IAAAA,YAAAA;AAAciB,IAAAA,cAAAA;AAAgBqB,IAAAA;AAAc,CAAA;;;;"}

package/dist/server/server/src/services/condition.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"condition.js","sources":["../../../../../server/src/services/condition.ts"],"sourcesContent":["import { isString } from 'lodash/fp';\nimport { getService } from '../utils';\n\nconst isValidCondition = (condition: unknown) => {\n const { conditionProvider } = getService('permission');\n\n return isString(condition) && conditionProvider.has(condition);\n};\n\nexport { isValidCondition };\n"],"names":["isValidCondition","condition","conditionProvider","getService","isString","has"],"mappings":";;;;;AAGA,MAAMA,mBAAmB,CAACC,SAAAA,GAAAA;AACxB,IAAA,MAAM,EAAEC,iBAAiB,EAAE,GAAGC,~~gBAAW~~,~~CAAA~~,YAAA,CAAA;AAEzC,IAAA,OAAOC,~~WAASH~~,~~CAAAA~~,SAAAA,CAAAA,IAAcC,~~iBAAkBG~~,~~CAAAA~~,GAAG,CAACJ,SAAAA,CAAAA;AACtD;;;;"}
1	+ {"version":3,"file":"condition.js","sources":["../../../../../server/src/services/condition.ts"],"sourcesContent":["import { isString } from 'lodash/fp';\nimport { getService } from '../utils';\n\nconst isValidCondition = (condition: unknown) => {\n const { conditionProvider } = getService('permission');\n\n return isString(condition) && conditionProvider.has(condition);\n};\n\nexport { isValidCondition };\n"],"names":["isValidCondition","condition","conditionProvider","getService","isString","has"],"mappings":";;;;;AAGA,MAAMA,mBAAmB,CAACC,SAAAA,GAAAA;AACxB,IAAA,MAAM,EAAEC,iBAAiB,EAAE,GAAGC,gBAAAA,CAAW,YAAA,CAAA;AAEzC,IAAA,OAAOC,WAAAA,CAASH,SAAAA,CAAAA,IAAcC,iBAAAA,CAAkBG,GAAG,CAACJ,SAAAA,CAAAA;AACtD;;;;"}

package/dist/server/server/src/services/condition.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"condition.mjs","sources":["../../../../../server/src/services/condition.ts"],"sourcesContent":["import { isString } from 'lodash/fp';\nimport { getService } from '../utils';\n\nconst isValidCondition = (condition: unknown) => {\n const { conditionProvider } = getService('permission');\n\n return isString(condition) && conditionProvider.has(condition);\n};\n\nexport { isValidCondition };\n"],"names":["isValidCondition","condition","conditionProvider","getService","isString","has"],"mappings":";;;AAGA,MAAMA,mBAAmB,CAACC,SAAAA,GAAAA;AACxB,IAAA,MAAM,EAAEC,iBAAiB,EAAE,GAAGC,~~UAAW~~,~~CAAA~~,YAAA,CAAA;AAEzC,IAAA,OAAOC,~~QAASH~~,~~CAAAA~~,SAAAA,CAAAA,IAAcC,~~iBAAkBG~~,~~CAAAA~~,GAAG,CAACJ,SAAAA,CAAAA;AACtD;;;;"}
1	+ {"version":3,"file":"condition.mjs","sources":["../../../../../server/src/services/condition.ts"],"sourcesContent":["import { isString } from 'lodash/fp';\nimport { getService } from '../utils';\n\nconst isValidCondition = (condition: unknown) => {\n const { conditionProvider } = getService('permission');\n\n return isString(condition) && conditionProvider.has(condition);\n};\n\nexport { isValidCondition };\n"],"names":["isValidCondition","condition","conditionProvider","getService","isString","has"],"mappings":";;;AAGA,MAAMA,mBAAmB,CAACC,SAAAA,GAAAA;AACxB,IAAA,MAAM,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA,CAAW,YAAA,CAAA;AAEzC,IAAA,OAAOC,QAAAA,CAASH,SAAAA,CAAAA,IAAcC,iBAAAA,CAAkBG,GAAG,CAACJ,SAAAA,CAAAA;AACtD;;;;"}

package/dist/server/server/src/services/constants.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"constants.js","sources":["../../../../../server/src/services/constants.ts"],"sourcesContent":["const DAY_IN_MS = 24 * 60 * 60 * 1000;\n\nconst constants = {\n CONTENT_TYPE_SECTION: 'contentTypes',\n SUPER_ADMIN_CODE: 'strapi-super-admin',\n EDITOR_CODE: 'strapi-editor',\n AUTHOR_CODE: 'strapi-author',\n READ_ACTION: 'plugin::content-manager.explorer.read',\n CREATE_ACTION: 'plugin::content-manager.explorer.create',\n UPDATE_ACTION: 'plugin::content-manager.explorer.update',\n DELETE_ACTION: 'plugin::content-manager.explorer.delete',\n PUBLISH_ACTION: 'plugin::content-manager.explorer.publish',\n API_TOKEN_TYPE: {\n READ_ONLY: 'read-only',\n FULL_ACCESS: 'full-access',\n CUSTOM: 'custom',\n },\n // The front-end only displays these values\n API_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n DEFAULT_API_TOKENS: [\n {\n name: 'Read Only',\n description:\n 'A default API token with read-only permissions, only used for accessing resources',\n type: 'read-only',\n lifespan: null,\n },\n {\n name: 'Full Access',\n description:\n 'A default API token with full access permissions, used for accessing or modifying resources',\n type: 'full-access',\n lifespan: null,\n },\n ] as const,\n TRANSFER_TOKEN_TYPE: {\n PUSH: 'push',\n PULL: 'pull',\n },\n TRANSFER_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n};\n\nexport default constants;\n"],"names":["DAY_IN_MS","constants","CONTENT_TYPE_SECTION","SUPER_ADMIN_CODE","EDITOR_CODE","AUTHOR_CODE","READ_ACTION","CREATE_ACTION","UPDATE_ACTION","DELETE_ACTION","PUBLISH_ACTION","API_TOKEN_TYPE","READ_ONLY","FULL_ACCESS","CUSTOM","API_TOKEN_LIFESPANS","UNLIMITED","DAYS_7","DAYS_30","DAYS_90","DEFAULT_API_TOKENS","name","description","type","lifespan","TRANSFER_TOKEN_TYPE","PUSH","PULL","TRANSFER_TOKEN_LIFESPANS"],"mappings":";;AAAA,MAAMA,SAAAA,GAAY,~~EAAK~~,~~GAAA~~,EAAA,GAAK,~~EAAK~~,~~GAAA~~,IAAA;AAEjC,MAAMC,~~SAAY~~,~~GAAA~~;IAChBC,~~oBAAsB~~,~~EAAA~~,cAAA;IACtBC,~~gBAAkB~~,~~EAAA~~,oBAAA;IAClBC,~~WAAa~~,~~EAAA~~,eAAA;IACbC,~~WAAa~~,~~EAAA~~,eAAA;IACbC,~~WAAa~~,~~EAAA~~,uCAAA;IACbC,~~aAAe~~,~~EAAA~~,yCAAA;IACfC,~~aAAe~~,~~EAAA~~,yCAAA;IACfC,~~aAAe~~,~~EAAA~~,yCAAA;IACfC,~~cAAgB~~,~~EAAA~~,0CAAA;IAChBC,~~cAAgB~~,~~EAAA~~;QACdC,~~SAAW~~,~~EAAA~~,WAAA;QACXC,~~WAAa~~,~~EAAA~~,aAAA;QACbC,~~MAAQ~~,~~EAAA~~;AACV,KAAA;;IAEAC,~~mBAAqB~~,~~EAAA~~;QACnBC,~~SAAW~~,~~EAAA~~,IAAA;AACXC,QAAAA,MAAAA,EAAQ,~~CAAIjB~~,~~GAAAA~~,SAAAA;AACZkB,QAAAA,OAAAA,EAAS,~~EAAKlB~~,~~GAAAA~~,SAAAA;AACdmB,QAAAA,OAAAA,EAAS,~~EAAKnB~~,~~GAAAA~~;AAChB,KAAA;IACAoB,~~kBAAoB~~,~~EAAA~~;AAClB,QAAA;YACEC,~~IAAM~~,~~EAAA~~,WAAA;YACNC,~~WACE~~,~~EAAA~~,mFAAA;YACFC,~~IAAM~~,~~EAAA~~,WAAA;YACNC,~~QAAU~~,~~EAAA~~;AACZ,SAAA;AACA,QAAA;YACEH,~~IAAM~~,~~EAAA~~,aAAA;YACNC,~~WACE~~,~~EAAA~~,6FAAA;YACFC,~~IAAM~~,~~EAAA~~,aAAA;YACNC,~~QAAU~~,~~EAAA~~;AACZ;AACD,KAAA;IACDC,~~mBAAqB~~,~~EAAA~~;QACnBC,~~IAAM~~,~~EAAA~~,MAAA;QACNC,~~IAAM~~,~~EAAA~~;AACR,KAAA;IACAC,~~wBAA0B~~,~~EAAA~~;QACxBZ,~~SAAW~~,~~EAAA~~,IAAA;AACXC,QAAAA,MAAAA,EAAQ,~~CAAIjB~~,~~GAAAA~~,SAAAA;AACZkB,QAAAA,OAAAA,EAAS,~~EAAKlB~~,~~GAAAA~~,SAAAA;AACdmB,QAAAA,OAAAA,EAAS,~~EAAKnB~~,~~GAAAA~~;AAChB;AACF;;;;"}
1	+ {"version":3,"file":"constants.js","sources":["../../../../../server/src/services/constants.ts"],"sourcesContent":["const DAY_IN_MS = 24 * 60 * 60 * 1000;\n\nconst constants = {\n CONTENT_TYPE_SECTION: 'contentTypes',\n SUPER_ADMIN_CODE: 'strapi-super-admin',\n EDITOR_CODE: 'strapi-editor',\n AUTHOR_CODE: 'strapi-author',\n READ_ACTION: 'plugin::content-manager.explorer.read',\n CREATE_ACTION: 'plugin::content-manager.explorer.create',\n UPDATE_ACTION: 'plugin::content-manager.explorer.update',\n DELETE_ACTION: 'plugin::content-manager.explorer.delete',\n PUBLISH_ACTION: 'plugin::content-manager.explorer.publish',\n API_TOKEN_TYPE: {\n READ_ONLY: 'read-only',\n FULL_ACCESS: 'full-access',\n CUSTOM: 'custom',\n },\n // The front-end only displays these values\n API_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n DEFAULT_API_TOKENS: [\n {\n name: 'Read Only',\n description:\n 'A default API token with read-only permissions, only used for accessing resources',\n type: 'read-only',\n lifespan: null,\n },\n {\n name: 'Full Access',\n description:\n 'A default API token with full access permissions, used for accessing or modifying resources',\n type: 'full-access',\n lifespan: null,\n },\n ] as const,\n TRANSFER_TOKEN_TYPE: {\n PUSH: 'push',\n PULL: 'pull',\n },\n TRANSFER_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n};\n\nexport default constants;\n"],"names":["DAY_IN_MS","constants","CONTENT_TYPE_SECTION","SUPER_ADMIN_CODE","EDITOR_CODE","AUTHOR_CODE","READ_ACTION","CREATE_ACTION","UPDATE_ACTION","DELETE_ACTION","PUBLISH_ACTION","API_TOKEN_TYPE","READ_ONLY","FULL_ACCESS","CUSTOM","API_TOKEN_LIFESPANS","UNLIMITED","DAYS_7","DAYS_30","DAYS_90","DEFAULT_API_TOKENS","name","description","type","lifespan","TRANSFER_TOKEN_TYPE","PUSH","PULL","TRANSFER_TOKEN_LIFESPANS"],"mappings":";;AAAA,MAAMA,SAAAA,GAAY,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,IAAA;AAEjC,MAAMC,SAAAA,GAAY;IAChBC,oBAAAA,EAAsB,cAAA;IACtBC,gBAAAA,EAAkB,oBAAA;IAClBC,WAAAA,EAAa,eAAA;IACbC,WAAAA,EAAa,eAAA;IACbC,WAAAA,EAAa,uCAAA;IACbC,aAAAA,EAAe,yCAAA;IACfC,aAAAA,EAAe,yCAAA;IACfC,aAAAA,EAAe,yCAAA;IACfC,cAAAA,EAAgB,0CAAA;IAChBC,cAAAA,EAAgB;QACdC,SAAAA,EAAW,WAAA;QACXC,WAAAA,EAAa,aAAA;QACbC,MAAAA,EAAQ;AACV,KAAA;;IAEAC,mBAAAA,EAAqB;QACnBC,SAAAA,EAAW,IAAA;AACXC,QAAAA,MAAAA,EAAQ,CAAA,GAAIjB,SAAAA;AACZkB,QAAAA,OAAAA,EAAS,EAAA,GAAKlB,SAAAA;AACdmB,QAAAA,OAAAA,EAAS,EAAA,GAAKnB;AAChB,KAAA;IACAoB,kBAAAA,EAAoB;AAClB,QAAA;YACEC,IAAAA,EAAM,WAAA;YACNC,WAAAA,EACE,mFAAA;YACFC,IAAAA,EAAM,WAAA;YACNC,QAAAA,EAAU;AACZ,SAAA;AACA,QAAA;YACEH,IAAAA,EAAM,aAAA;YACNC,WAAAA,EACE,6FAAA;YACFC,IAAAA,EAAM,aAAA;YACNC,QAAAA,EAAU;AACZ;AACD,KAAA;IACDC,mBAAAA,EAAqB;QACnBC,IAAAA,EAAM,MAAA;QACNC,IAAAA,EAAM;AACR,KAAA;IACAC,wBAAAA,EAA0B;QACxBZ,SAAAA,EAAW,IAAA;AACXC,QAAAA,MAAAA,EAAQ,CAAA,GAAIjB,SAAAA;AACZkB,QAAAA,OAAAA,EAAS,EAAA,GAAKlB,SAAAA;AACdmB,QAAAA,OAAAA,EAAS,EAAA,GAAKnB;AAChB;AACF;;;;"}

package/dist/server/server/src/services/constants.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"constants.mjs","sources":["../../../../../server/src/services/constants.ts"],"sourcesContent":["const DAY_IN_MS = 24 * 60 * 60 * 1000;\n\nconst constants = {\n CONTENT_TYPE_SECTION: 'contentTypes',\n SUPER_ADMIN_CODE: 'strapi-super-admin',\n EDITOR_CODE: 'strapi-editor',\n AUTHOR_CODE: 'strapi-author',\n READ_ACTION: 'plugin::content-manager.explorer.read',\n CREATE_ACTION: 'plugin::content-manager.explorer.create',\n UPDATE_ACTION: 'plugin::content-manager.explorer.update',\n DELETE_ACTION: 'plugin::content-manager.explorer.delete',\n PUBLISH_ACTION: 'plugin::content-manager.explorer.publish',\n API_TOKEN_TYPE: {\n READ_ONLY: 'read-only',\n FULL_ACCESS: 'full-access',\n CUSTOM: 'custom',\n },\n // The front-end only displays these values\n API_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n DEFAULT_API_TOKENS: [\n {\n name: 'Read Only',\n description:\n 'A default API token with read-only permissions, only used for accessing resources',\n type: 'read-only',\n lifespan: null,\n },\n {\n name: 'Full Access',\n description:\n 'A default API token with full access permissions, used for accessing or modifying resources',\n type: 'full-access',\n lifespan: null,\n },\n ] as const,\n TRANSFER_TOKEN_TYPE: {\n PUSH: 'push',\n PULL: 'pull',\n },\n TRANSFER_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n};\n\nexport default constants;\n"],"names":["DAY_IN_MS","constants","CONTENT_TYPE_SECTION","SUPER_ADMIN_CODE","EDITOR_CODE","AUTHOR_CODE","READ_ACTION","CREATE_ACTION","UPDATE_ACTION","DELETE_ACTION","PUBLISH_ACTION","API_TOKEN_TYPE","READ_ONLY","FULL_ACCESS","CUSTOM","API_TOKEN_LIFESPANS","UNLIMITED","DAYS_7","DAYS_30","DAYS_90","DEFAULT_API_TOKENS","name","description","type","lifespan","TRANSFER_TOKEN_TYPE","PUSH","PULL","TRANSFER_TOKEN_LIFESPANS"],"mappings":"AAAA,MAAMA,SAAAA,GAAY,~~EAAK~~,~~GAAA~~,EAAA,GAAK,~~EAAK~~,~~GAAA~~,IAAA;AAEjC,MAAMC,~~SAAY~~,~~GAAA~~;IAChBC,~~oBAAsB~~,~~EAAA~~,cAAA;IACtBC,~~gBAAkB~~,~~EAAA~~,oBAAA;IAClBC,~~WAAa~~,~~EAAA~~,eAAA;IACbC,~~WAAa~~,~~EAAA~~,eAAA;IACbC,~~WAAa~~,~~EAAA~~,uCAAA;IACbC,~~aAAe~~,~~EAAA~~,yCAAA;IACfC,~~aAAe~~,~~EAAA~~,yCAAA;IACfC,~~aAAe~~,~~EAAA~~,yCAAA;IACfC,~~cAAgB~~,~~EAAA~~,0CAAA;IAChBC,~~cAAgB~~,~~EAAA~~;QACdC,~~SAAW~~,~~EAAA~~,WAAA;QACXC,~~WAAa~~,~~EAAA~~,aAAA;QACbC,~~MAAQ~~,~~EAAA~~;AACV,KAAA;;IAEAC,~~mBAAqB~~,~~EAAA~~;QACnBC,~~SAAW~~,~~EAAA~~,IAAA;AACXC,QAAAA,MAAAA,EAAQ,~~CAAIjB~~,~~GAAAA~~,SAAAA;AACZkB,QAAAA,OAAAA,EAAS,~~EAAKlB~~,~~GAAAA~~,SAAAA;AACdmB,QAAAA,OAAAA,EAAS,~~EAAKnB~~,~~GAAAA~~;AAChB,KAAA;IACAoB,~~kBAAoB~~,~~EAAA~~;AAClB,QAAA;YACEC,~~IAAM~~,~~EAAA~~,WAAA;YACNC,~~WACE~~,~~EAAA~~,mFAAA;YACFC,~~IAAM~~,~~EAAA~~,WAAA;YACNC,~~QAAU~~,~~EAAA~~;AACZ,SAAA;AACA,QAAA;YACEH,~~IAAM~~,~~EAAA~~,aAAA;YACNC,~~WACE~~,~~EAAA~~,6FAAA;YACFC,~~IAAM~~,~~EAAA~~,aAAA;YACNC,~~QAAU~~,~~EAAA~~;AACZ;AACD,KAAA;IACDC,~~mBAAqB~~,~~EAAA~~;QACnBC,~~IAAM~~,~~EAAA~~,MAAA;QACNC,~~IAAM~~,~~EAAA~~;AACR,KAAA;IACAC,~~wBAA0B~~,~~EAAA~~;QACxBZ,~~SAAW~~,~~EAAA~~,IAAA;AACXC,QAAAA,MAAAA,EAAQ,~~CAAIjB~~,~~GAAAA~~,SAAAA;AACZkB,QAAAA,OAAAA,EAAS,~~EAAKlB~~,~~GAAAA~~,SAAAA;AACdmB,QAAAA,OAAAA,EAAS,~~EAAKnB~~,~~GAAAA~~;AAChB;AACF;;;;"}
1	+ {"version":3,"file":"constants.mjs","sources":["../../../../../server/src/services/constants.ts"],"sourcesContent":["const DAY_IN_MS = 24 * 60 * 60 * 1000;\n\nconst constants = {\n CONTENT_TYPE_SECTION: 'contentTypes',\n SUPER_ADMIN_CODE: 'strapi-super-admin',\n EDITOR_CODE: 'strapi-editor',\n AUTHOR_CODE: 'strapi-author',\n READ_ACTION: 'plugin::content-manager.explorer.read',\n CREATE_ACTION: 'plugin::content-manager.explorer.create',\n UPDATE_ACTION: 'plugin::content-manager.explorer.update',\n DELETE_ACTION: 'plugin::content-manager.explorer.delete',\n PUBLISH_ACTION: 'plugin::content-manager.explorer.publish',\n API_TOKEN_TYPE: {\n READ_ONLY: 'read-only',\n FULL_ACCESS: 'full-access',\n CUSTOM: 'custom',\n },\n // The front-end only displays these values\n API_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n DEFAULT_API_TOKENS: [\n {\n name: 'Read Only',\n description:\n 'A default API token with read-only permissions, only used for accessing resources',\n type: 'read-only',\n lifespan: null,\n },\n {\n name: 'Full Access',\n description:\n 'A default API token with full access permissions, used for accessing or modifying resources',\n type: 'full-access',\n lifespan: null,\n },\n ] as const,\n TRANSFER_TOKEN_TYPE: {\n PUSH: 'push',\n PULL: 'pull',\n },\n TRANSFER_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n};\n\nexport default constants;\n"],"names":["DAY_IN_MS","constants","CONTENT_TYPE_SECTION","SUPER_ADMIN_CODE","EDITOR_CODE","AUTHOR_CODE","READ_ACTION","CREATE_ACTION","UPDATE_ACTION","DELETE_ACTION","PUBLISH_ACTION","API_TOKEN_TYPE","READ_ONLY","FULL_ACCESS","CUSTOM","API_TOKEN_LIFESPANS","UNLIMITED","DAYS_7","DAYS_30","DAYS_90","DEFAULT_API_TOKENS","name","description","type","lifespan","TRANSFER_TOKEN_TYPE","PUSH","PULL","TRANSFER_TOKEN_LIFESPANS"],"mappings":"AAAA,MAAMA,SAAAA,GAAY,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,IAAA;AAEjC,MAAMC,SAAAA,GAAY;IAChBC,oBAAAA,EAAsB,cAAA;IACtBC,gBAAAA,EAAkB,oBAAA;IAClBC,WAAAA,EAAa,eAAA;IACbC,WAAAA,EAAa,eAAA;IACbC,WAAAA,EAAa,uCAAA;IACbC,aAAAA,EAAe,yCAAA;IACfC,aAAAA,EAAe,yCAAA;IACfC,aAAAA,EAAe,yCAAA;IACfC,cAAAA,EAAgB,0CAAA;IAChBC,cAAAA,EAAgB;QACdC,SAAAA,EAAW,WAAA;QACXC,WAAAA,EAAa,aAAA;QACbC,MAAAA,EAAQ;AACV,KAAA;;IAEAC,mBAAAA,EAAqB;QACnBC,SAAAA,EAAW,IAAA;AACXC,QAAAA,MAAAA,EAAQ,CAAA,GAAIjB,SAAAA;AACZkB,QAAAA,OAAAA,EAAS,EAAA,GAAKlB,SAAAA;AACdmB,QAAAA,OAAAA,EAAS,EAAA,GAAKnB;AAChB,KAAA;IACAoB,kBAAAA,EAAoB;AAClB,QAAA;YACEC,IAAAA,EAAM,WAAA;YACNC,WAAAA,EACE,mFAAA;YACFC,IAAAA,EAAM,WAAA;YACNC,QAAAA,EAAU;AACZ,SAAA;AACA,QAAA;YACEH,IAAAA,EAAM,aAAA;YACNC,WAAAA,EACE,6FAAA;YACFC,IAAAA,EAAM,aAAA;YACNC,QAAAA,EAAU;AACZ;AACD,KAAA;IACDC,mBAAAA,EAAqB;QACnBC,IAAAA,EAAM,MAAA;QACNC,IAAAA,EAAM;AACR,KAAA;IACAC,wBAAAA,EAA0B;QACxBZ,SAAAA,EAAW,IAAA;AACXC,QAAAA,MAAAA,EAAQ,CAAA,GAAIjB,SAAAA;AACZkB,QAAAA,OAAAA,EAAS,EAAA,GAAKlB,SAAAA;AACdmB,QAAAA,OAAAA,EAAS,EAAA,GAAKnB;AAChB;AACF;;;;"}

package/dist/server/server/src/services/content-type.js CHANGED Viewed

@@ -3,9 +3,9 @@
 var _ = require('lodash');
 var fp = require('lodash/fp');
 var utils = require('@strapi/utils');
-var index$2 = require('../utils/index.js');
-var index = require('../domain/action/index.js');
-var index$1 = require('../domain/permission/index.js');
+var index = require('../utils/index.js');
+var index$1 = require('../domain/action/index.js');
+var index$2 = require('../domain/permission/index.js');
 /**
  * Creates an array of paths to the fields and nested fields, without path nodes
@@ -72,11 +72,11 @@ var index$1 = require('../domain/permission/index.js');
         const validSubjects = action.subjects.filter((subject)=>!restrictedSubjects.includes(subject));
         // Create a Permission for each subject (content-type uid) within the action
         for (const subject of validSubjects){
-            const fields = index.appliesToProperty('fields', action) ? getNestedFields(strapi.contentTypes[subject], {
+            const fields = index$1.appliesToProperty('fields', action) ? getNestedFields(strapi.contentTypes[subject], {
                 components: strapi.components,
                 nestingLevel
             }) : undefined;
-            const permission = index$1.default.create({
+            const permission = index$2.default.create({
                 action: action.actionId,
                 subject,
                 properties: {
@@ -91,13 +91,13 @@ var index$1 = require('../domain/permission/index.js');
 /**
  * Cleans permissions' fields (add required ones, remove the non-existing ones)
  */ const cleanPermissionFields = (permissions)=>{
-    const { actionProvider } = index$2.getService('permission');
+    const { actionProvider } = index.getService('permission');
     return permissions.map((permission)=>{
         const { action: actionId, subject, properties: { fields } } = permission;
         const action = actionProvider.get(actionId);
         // todo see if it's possible to check property on action + subject (async)
-        if (!index.appliesToProperty('fields', action)) {
-            return index$1.default.deleteProperty('fields', permission);
+        if (!index$1.appliesToProperty('fields', action)) {
+            return index$2.default.deleteProperty('fields', permission);
         }
         if (!subject || !strapi.contentTypes[subject]) {
             return permission;
@@ -113,7 +113,7 @@ var index$1 = require('../domain/permission/index.js');
         const isNotNestedField = (field)=>!validUserFields.some((validUserField)=>validUserField !== field && fp.startsWith(`${field}.`, validUserField));
         // Filter out fields that are parent paths of other included fields.
         const newFields = validUserFields.filter(isNotNestedField);
-        return index$1.default.setProperty('fields', newFields, permission);
+        return index$2.default.setProperty('fields', newFields, permission);
     }, []);
 };

package/dist/server/server/src/services/content-type.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"content-type.js","sources":["../../../../../server/src/services/content-type.ts"],"sourcesContent":["import _ from 'lodash';\nimport { uniq, startsWith } from 'lodash/fp';\nimport { contentTypes as contentTypesUtils } from '@strapi/utils';\nimport type { Modules, Struct } from '@strapi/types';\nimport { getService } from '../utils';\nimport actionDomain from '../domain/action';\nimport permissionDomain from '../domain/permission';\n\ninterface FieldOptions {\n prefix?: string; // prefix to add to the path\n nestingLevel?: number; // level of nesting to achieve\n requiredOnly?: boolean; // only returns required nestedFields\n existingFields?: string[]; // fields that are already selected, meaning that some sub-fields may be required\n restrictedSubjects?: string[]; // subjectsId to ignore\n components?: {\n // components where components attributes can be found\n [key: string]: any;\n };\n}\n\n/*\n Creates an array of paths to the fields and nested fields, without path nodes\n /\nconst getNestedFields = (\n model: Struct.ContentTypeSchema,\n {\n prefix = '',\n nestingLevel = 15,\n components = {},\n requiredOnly = false,\n existingFields = [],\n }: FieldOptions\n): string[] => {\n if (nestingLevel === 0) {\n return prefix ? [prefix] : [];\n }\n\n const nonAuthorizableFields = contentTypesUtils.getNonVisibleAttributes(model);\n\n return _.reduce(\n model.attributes,\n (fields: any, attr: any, key: any) => {\n if (nonAuthorizableFields.includes(key)) return fields;\n\n const fieldPath = prefix ? `${prefix}.${key}` : key;\n const shouldBeIncluded = !requiredOnly \|\| attr.required === true;\n const insideExistingFields = existingFields && existingFields.some(startsWith(fieldPath));\n\n if (attr.type === 'component') {\n if (shouldBeIncluded \|\| insideExistingFields) {\n const compoFields = getNestedFields(components[attr.component], {\n nestingLevel: nestingLevel - 1,\n prefix: fieldPath,\n components,\n requiredOnly,\n existingFields,\n });\n\n if (compoFields.length === 0 && shouldBeIncluded) {\n return fields.concat(fieldPath);\n }\n\n return fields.concat(compoFields);\n }\n return fields;\n }\n\n if (shouldBeIncluded) {\n return fields.concat(fieldPath);\n }\n\n return fields;\n },\n []\n );\n};\n\n/\n Creates an array of paths to the fields and nested fields, with path nodes\n /\nconst getNestedFieldsWithIntermediate = (\n model: Struct.ContentTypeSchema,\n { prefix = '', nestingLevel = 15, components = {} }: FieldOptions\n): string[] => {\n if (nestingLevel === 0) {\n return [];\n }\n\n const nonAuthorizableFields = contentTypesUtils.getNonVisibleAttributes(model);\n\n return _.reduce(\n model.attributes,\n (fields: any, attr: any, key: any) => {\n if (nonAuthorizableFields.includes(key)) return fields;\n\n const fieldPath = prefix ? `${prefix}.${key}` : key;\n fields.push(fieldPath);\n\n if (attr.type === 'component') {\n const compoFields = getNestedFieldsWithIntermediate(components[attr.component], {\n nestingLevel: nestingLevel - 1,\n prefix: fieldPath,\n components,\n });\n\n fields.push(...compoFields);\n }\n\n return fields;\n },\n []\n );\n};\n\n/\n Creates an array of permissions with the \"properties.fields\" attribute filled\n /\nconst getPermissionsWithNestedFields = (\n actions: any[],\n { nestingLevel, restrictedSubjects = [] }: FieldOptions = {}\n): Modules.Permissions.PermissionRule[] => {\n return actions.reduce((permissions, action) => {\n const validSubjects = action.subjects.filter(\n (subject: any) => !restrictedSubjects.includes(subject)\n );\n\n // Create a Permission for each subject (content-type uid) within the action\n for (const subject of validSubjects) {\n const fields = actionDomain.appliesToProperty('fields', action)\n ? getNestedFields(strapi.contentTypes[subject], {\n components: strapi.components,\n nestingLevel,\n })\n : undefined;\n\n const permission = permissionDomain.create({\n action: action.actionId,\n subject,\n properties: { fields },\n });\n\n permissions.push(permission);\n }\n\n return permissions;\n }, []);\n};\n\n/\n Cleans permissions' fields (add required ones, remove the non-existing ones)\n */\nconst cleanPermissionFields = (\n permissions: Modules.Permissions.PermissionRule[]\n): Modules.Permissions.PermissionRule[] => {\n const { actionProvider } = getService('permission');\n\n return permissions.map((permission: any) => {\n const {\n action: actionId,\n subject,\n properties: { fields },\n } = permission;\n\n const action = actionProvider.get(actionId) as any;\n\n // todo see if it's possible to check property on action + subject (async)\n if (!actionDomain.appliesToProperty('fields', action)) {\n return permissionDomain.deleteProperty('fields', permission);\n }\n\n if (!subject \|\| !strapi.contentTypes[subject]) {\n return permission;\n }\n\n const possibleFields = getNestedFieldsWithIntermediate(strapi.contentTypes[subject], {\n components: strapi.components,\n });\n\n const currentFields: string[] = fields \|\| [];\n\n const validUserFields: string[] = uniq(\n possibleFields.filter((pf) =>\n currentFields.some((cf) => pf === cf \|\| startsWith(`${cf}.`, pf))\n )\n );\n\n // A field is considered \"not nested\" if no other valid user field starts with this field's path followed by a dot.\n // This helps to remove redundant parent paths when a more specific child path is already included.\n // For example, if 'component.title' is present, 'component' would be filtered out by this condition.\n const isNotNestedField = (field: string) =>\n !validUserFields.some(\n (validUserField: string) =>\n validUserField !== field && startsWith(`${field}.`, validUserField)\n );\n\n // Filter out fields that are parent paths of other included fields.\n const newFields = validUserFields.filter(isNotNestedField);\n\n return permissionDomain.setProperty('fields', newFields, permission);\n }, []);\n};\n\nexport {\n getNestedFields,\n getPermissionsWithNestedFields,\n cleanPermissionFields,\n getNestedFieldsWithIntermediate,\n};\n"],"names":["getNestedFields","model","prefix","nestingLevel","components","requiredOnly","existingFields","nonAuthorizableFields","contentTypesUtils","getNonVisibleAttributes","_","reduce","attributes","fields","attr","key","includes","fieldPath","shouldBeIncluded","required","insideExistingFields","some","startsWith","type","compoFields","component","length","concat","getNestedFieldsWithIntermediate","push","getPermissionsWithNestedFields","actions","restrictedSubjects","permissions","action","validSubjects","subjects","filter","subject","actionDomain","appliesToProperty","strapi","contentTypes","undefined","permission","permissionDomain","create","actionId","properties","cleanPermissionFields","actionProvider","getService","map","get","deleteProperty","possibleFields","currentFields","validUserFields","uniq","pf","cf","isNotNestedField","field","validUserField","newFields","setProperty"],"mappings":";;;;;;;;;AAoBA;;IAGA,MAAMA,kBAAkB,CACtBC,KAAAA,EACA,EACEC,MAAS,GAAA,EAAE,EACXC,YAAe,GAAA,EAAE,EACjBC,UAAa,GAAA,EAAE,EACfC,YAAAA,GAAe,KAAK,EACpBC,cAAAA,GAAiB,EAAE,EACN,GAAA;AAEf,IAAA,IAAIH,iBAAiB,CAAG,EAAA;AACtB,QAAA,OAAOD,MAAS,GAAA;AAACA,YAAAA;AAAO,SAAA,GAAG,EAAE;AAC/B;IAEA,MAAMK,qBAAAA,GAAwBC,kBAAkBC,CAAAA,uBAAuB,CAACR,KAAAA,CAAAA;IAExE,OAAOS,CAAAA,CAAEC,MAAM,CACbV,KAAAA,CAAMW,UAAU,EAChB,CAACC,QAAaC,IAAWC,EAAAA,GAAAA,GAAAA;AACvB,QAAA,IAAIR,qBAAsBS,CAAAA,QAAQ,CAACD,GAAAA,CAAAA,EAAM,OAAOF,MAAAA;AAEhD,QAAA,MAAMI,YAAYf,MAAS,GAAA,CAAA,EAAGA,OAAO,CAAC,EAAEa,KAAK,GAAGA,GAAAA;AAChD,QAAA,MAAMG,gBAAmB,GAAA,CAACb,YAAgBS,IAAAA,IAAAA,CAAKK,QAAQ,KAAK,IAAA;AAC5D,QAAA,MAAMC,oBAAuBd,GAAAA,cAAAA,IAAkBA,cAAee,CAAAA,IAAI,CAACC,aAAWL,CAAAA,SAAAA,CAAAA,CAAAA;QAE9E,IAAIH,IAAAA,CAAKS,IAAI,KAAK,WAAa,EAAA;AAC7B,YAAA,IAAIL,oBAAoBE,oBAAsB,EAAA;AAC5C,gBAAA,MAAMI,cAAcxB,eAAgBI,CAAAA,UAAU,CAACU,IAAKW,CAAAA,SAAS,CAAC,EAAE;AAC9DtB,oBAAAA,YAAAA,EAAcA,YAAe,GAAA,CAAA;oBAC7BD,MAAQe,EAAAA,SAAAA;AACRb,oBAAAA,UAAAA;AACAC,oBAAAA,YAAAA;AACAC,oBAAAA;AACF,iBAAA,CAAA;AAEA,gBAAA,IAAIkB,WAAYE,CAAAA,MAAM,KAAK,CAAA,IAAKR,gBAAkB,EAAA;oBAChD,OAAOL,MAAAA,CAAOc,MAAM,CAACV,SAAAA,CAAAA;AACvB;gBAEA,OAAOJ,MAAAA,CAAOc,MAAM,CAACH,WAAAA,CAAAA;AACvB;YACA,OAAOX,MAAAA;AACT;AAEA,QAAA,IAAIK,gBAAkB,EAAA;YACpB,OAAOL,MAAAA,CAAOc,MAAM,CAACV,SAAAA,CAAAA;AACvB;QAEA,OAAOJ,MAAAA;AACT,KAAA,EACA,EAAE,CAAA;AAEN;AAEA;;AAEC,IACKe,MAAAA,+BAAAA,GAAkC,CACtC3B,KAAAA,EACA,EAAEC,MAAS,GAAA,EAAE,EAAEC,YAAAA,GAAe,EAAE,EAAEC,UAAa,GAAA,EAAE,EAAgB,GAAA;AAEjE,IAAA,IAAID,iBAAiB,CAAG,EAAA;AACtB,QAAA,OAAO,EAAE;AACX;IAEA,MAAMI,qBAAAA,GAAwBC,kBAAkBC,CAAAA,uBAAuB,CAACR,KAAAA,CAAAA;IAExE,OAAOS,CAAAA,CAAEC,MAAM,CACbV,KAAAA,CAAMW,UAAU,EAChB,CAACC,QAAaC,IAAWC,EAAAA,GAAAA,GAAAA;AACvB,QAAA,IAAIR,qBAAsBS,CAAAA,QAAQ,CAACD,GAAAA,CAAAA,EAAM,OAAOF,MAAAA;AAEhD,QAAA,MAAMI,YAAYf,MAAS,GAAA,CAAA,EAAGA,OAAO,CAAC,EAAEa,KAAK,GAAGA,GAAAA;AAChDF,QAAAA,MAAAA,CAAOgB,IAAI,CAACZ,SAAAA,CAAAA;QAEZ,IAAIH,IAAAA,CAAKS,IAAI,KAAK,WAAa,EAAA;AAC7B,YAAA,MAAMC,cAAcI,+BAAgCxB,CAAAA,UAAU,CAACU,IAAKW,CAAAA,SAAS,CAAC,EAAE;AAC9EtB,gBAAAA,YAAAA,EAAcA,YAAe,GAAA,CAAA;gBAC7BD,MAAQe,EAAAA,SAAAA;AACRb,gBAAAA;AACF,aAAA,CAAA;AAEAS,YAAAA,MAAAA,CAAOgB,IAAI,CAAIL,GAAAA,WAAAA,CAAAA;AACjB;QAEA,OAAOX,MAAAA;AACT,KAAA,EACA,EAAE,CAAA;AAEN;AAEA;;AAEC,IACKiB,MAAAA,8BAAAA,GAAiC,CACrCC,OAAAA,EACA,EAAE5B,YAAY,EAAE6B,kBAAAA,GAAqB,EAAE,EAAgB,GAAG,EAAE,GAAA;AAE5D,IAAA,OAAOD,OAAQpB,CAAAA,MAAM,CAAC,CAACsB,WAAaC,EAAAA,MAAAA,GAAAA;QAClC,MAAMC,aAAAA,GAAgBD,MAAOE,CAAAA,QAAQ,CAACC,MAAM,CAC1C,CAACC,OAAiB,GAAA,CAACN,kBAAmBhB,CAAAA,QAAQ,CAACsB,OAAAA,CAAAA,CAAAA;;QAIjD,KAAK,MAAMA,WAAWH,aAAe,CAAA;YACnC,MAAMtB,MAAAA,GAAS0B,KAAaC,CAAAA,iBAAiB,CAAC,QAAA,EAAUN,MACpDlC,CAAAA,GAAAA,eAAAA,CAAgByC,MAAOC,CAAAA,YAAY,CAACJ,OAAAA,CAAQ,EAAE;AAC5ClC,gBAAAA,UAAAA,EAAYqC,OAAOrC,UAAU;AAC7BD,gBAAAA;aAEFwC,CAAAA,GAAAA,SAAAA;YAEJ,MAAMC,UAAAA,GAAaC,eAAiBC,CAAAA,MAAM,CAAC;AACzCZ,gBAAAA,MAAAA,EAAQA,OAAOa,QAAQ;AACvBT,gBAAAA,OAAAA;gBACAU,UAAY,EAAA;AAAEnC,oBAAAA;AAAO;AACvB,aAAA,CAAA;AAEAoB,YAAAA,WAAAA,CAAYJ,IAAI,CAACe,UAAAA,CAAAA;AACnB;QAEA,OAAOX,WAAAA;AACT,KAAA,EAAG,EAAE,CAAA;AACP;AAEA;;IAGA,MAAMgB,wBAAwB,CAC5BhB,WAAAA,GAAAA;AAEA,IAAA,MAAM,EAAEiB,cAAc,EAAE,GAAGC,kBAAW,CAAA,YAAA,CAAA;IAEtC,OAAOlB,WAAAA,CAAYmB,GAAG,CAAC,CAACR,UAAAA,GAAAA;QACtB,MAAM,EACJV,MAAQa,EAAAA,QAAQ,EAChBT,OAAO,EACPU,UAAAA,EAAY,EAAEnC,MAAM,EAAE,EACvB,GAAG+B,UAAAA;QAEJ,MAAMV,MAAAA,GAASgB,cAAeG,CAAAA,GAAG,CAACN,QAAAA,CAAAA;;AAGlC,QAAA,IAAI,CAACR,KAAAA,CAAaC,iBAAiB,CAAC,UAAUN,MAAS,CAAA,EAAA;YACrD,OAAOW,eAAAA,CAAiBS,cAAc,CAAC,QAAUV,EAAAA,UAAAA,CAAAA;AACnD;AAEA,QAAA,IAAI,CAACN,OAAW,IAAA,CAACG,OAAOC,YAAY,CAACJ,QAAQ,EAAE;YAC7C,OAAOM,UAAAA;AACT;AAEA,QAAA,MAAMW,iBAAiB3B,+BAAgCa,CAAAA,MAAAA,CAAOC,YAAY,CAACJ,QAAQ,EAAE;AACnFlC,YAAAA,UAAAA,EAAYqC,OAAOrC;AACrB,SAAA,CAAA;QAEA,MAAMoD,aAAAA,GAA0B3C,UAAU,EAAE;AAE5C,QAAA,MAAM4C,kBAA4BC,OAChCH,CAAAA,cAAAA,CAAelB,MAAM,CAAC,CAACsB,KACrBH,aAAcnC,CAAAA,IAAI,CAAC,CAACuC,EAAAA,GAAOD,OAAOC,EAAMtC,IAAAA,aAAAA,CAAW,GAAGsC,EAAG,CAAA,CAAC,CAAC,EAAED,EAAAA,CAAAA,CAAAA,CAAAA,CAAAA;;;;AAOjE,QAAA,MAAME,mBAAmB,CAACC,KAAAA,GACxB,CAACL,eAAAA,CAAgBpC,IAAI,CACnB,CAAC0C,cACCA,GAAAA,cAAAA,KAAmBD,SAASxC,aAAW,CAAA,CAAA,EAAGwC,KAAM,CAAA,CAAC,CAAC,EAAEC,cAAAA,CAAAA,CAAAA;;QAI1D,MAAMC,SAAAA,GAAYP,eAAgBpB,CAAAA,MAAM,CAACwB,gBAAAA,CAAAA;AAEzC,QAAA,OAAOhB,eAAiBoB,CAAAA,WAAW,CAAC,QAAA,EAAUD,SAAWpB,EAAAA,UAAAA,CAAAA;AAC3D,KAAA,EAAG,EAAE,CAAA;AACP;;;;;;;"}
1	+ {"version":3,"file":"content-type.js","sources":["../../../../../server/src/services/content-type.ts"],"sourcesContent":["import _ from 'lodash';\nimport { uniq, startsWith } from 'lodash/fp';\nimport { contentTypes as contentTypesUtils } from '@strapi/utils';\nimport type { Modules, Struct } from '@strapi/types';\nimport { getService } from '../utils';\nimport actionDomain from '../domain/action';\nimport permissionDomain from '../domain/permission';\n\ninterface FieldOptions {\n prefix?: string; // prefix to add to the path\n nestingLevel?: number; // level of nesting to achieve\n requiredOnly?: boolean; // only returns required nestedFields\n existingFields?: string[]; // fields that are already selected, meaning that some sub-fields may be required\n restrictedSubjects?: string[]; // subjectsId to ignore\n components?: {\n // components where components attributes can be found\n [key: string]: any;\n };\n}\n\n/*\n Creates an array of paths to the fields and nested fields, without path nodes\n /\nconst getNestedFields = (\n model: Struct.ContentTypeSchema,\n {\n prefix = '',\n nestingLevel = 15,\n components = {},\n requiredOnly = false,\n existingFields = [],\n }: FieldOptions\n): string[] => {\n if (nestingLevel === 0) {\n return prefix ? [prefix] : [];\n }\n\n const nonAuthorizableFields = contentTypesUtils.getNonVisibleAttributes(model);\n\n return _.reduce(\n model.attributes,\n (fields: any, attr: any, key: any) => {\n if (nonAuthorizableFields.includes(key)) return fields;\n\n const fieldPath = prefix ? `${prefix}.${key}` : key;\n const shouldBeIncluded = !requiredOnly \|\| attr.required === true;\n const insideExistingFields = existingFields && existingFields.some(startsWith(fieldPath));\n\n if (attr.type === 'component') {\n if (shouldBeIncluded \|\| insideExistingFields) {\n const compoFields = getNestedFields(components[attr.component], {\n nestingLevel: nestingLevel - 1,\n prefix: fieldPath,\n components,\n requiredOnly,\n existingFields,\n });\n\n if (compoFields.length === 0 && shouldBeIncluded) {\n return fields.concat(fieldPath);\n }\n\n return fields.concat(compoFields);\n }\n return fields;\n }\n\n if (shouldBeIncluded) {\n return fields.concat(fieldPath);\n }\n\n return fields;\n },\n []\n );\n};\n\n/\n Creates an array of paths to the fields and nested fields, with path nodes\n /\nconst getNestedFieldsWithIntermediate = (\n model: Struct.ContentTypeSchema,\n { prefix = '', nestingLevel = 15, components = {} }: FieldOptions\n): string[] => {\n if (nestingLevel === 0) {\n return [];\n }\n\n const nonAuthorizableFields = contentTypesUtils.getNonVisibleAttributes(model);\n\n return _.reduce(\n model.attributes,\n (fields: any, attr: any, key: any) => {\n if (nonAuthorizableFields.includes(key)) return fields;\n\n const fieldPath = prefix ? `${prefix}.${key}` : key;\n fields.push(fieldPath);\n\n if (attr.type === 'component') {\n const compoFields = getNestedFieldsWithIntermediate(components[attr.component], {\n nestingLevel: nestingLevel - 1,\n prefix: fieldPath,\n components,\n });\n\n fields.push(...compoFields);\n }\n\n return fields;\n },\n []\n );\n};\n\n/\n Creates an array of permissions with the \"properties.fields\" attribute filled\n /\nconst getPermissionsWithNestedFields = (\n actions: any[],\n { nestingLevel, restrictedSubjects = [] }: FieldOptions = {}\n): Modules.Permissions.PermissionRule[] => {\n return actions.reduce((permissions, action) => {\n const validSubjects = action.subjects.filter(\n (subject: any) => !restrictedSubjects.includes(subject)\n );\n\n // Create a Permission for each subject (content-type uid) within the action\n for (const subject of validSubjects) {\n const fields = actionDomain.appliesToProperty('fields', action)\n ? getNestedFields(strapi.contentTypes[subject], {\n components: strapi.components,\n nestingLevel,\n })\n : undefined;\n\n const permission = permissionDomain.create({\n action: action.actionId,\n subject,\n properties: { fields },\n });\n\n permissions.push(permission);\n }\n\n return permissions;\n }, []);\n};\n\n/\n Cleans permissions' fields (add required ones, remove the non-existing ones)\n */\nconst cleanPermissionFields = (\n permissions: Modules.Permissions.PermissionRule[]\n): Modules.Permissions.PermissionRule[] => {\n const { actionProvider } = getService('permission');\n\n return permissions.map((permission: any) => {\n const {\n action: actionId,\n subject,\n properties: { fields },\n } = permission;\n\n const action = actionProvider.get(actionId) as any;\n\n // todo see if it's possible to check property on action + subject (async)\n if (!actionDomain.appliesToProperty('fields', action)) {\n return permissionDomain.deleteProperty('fields', permission);\n }\n\n if (!subject \|\| !strapi.contentTypes[subject]) {\n return permission;\n }\n\n const possibleFields = getNestedFieldsWithIntermediate(strapi.contentTypes[subject], {\n components: strapi.components,\n });\n\n const currentFields: string[] = fields \|\| [];\n\n const validUserFields: string[] = uniq(\n possibleFields.filter((pf) =>\n currentFields.some((cf) => pf === cf \|\| startsWith(`${cf}.`, pf))\n )\n );\n\n // A field is considered \"not nested\" if no other valid user field starts with this field's path followed by a dot.\n // This helps to remove redundant parent paths when a more specific child path is already included.\n // For example, if 'component.title' is present, 'component' would be filtered out by this condition.\n const isNotNestedField = (field: string) =>\n !validUserFields.some(\n (validUserField: string) =>\n validUserField !== field && startsWith(`${field}.`, validUserField)\n );\n\n // Filter out fields that are parent paths of other included fields.\n const newFields = validUserFields.filter(isNotNestedField);\n\n return permissionDomain.setProperty('fields', newFields, permission);\n }, []);\n};\n\nexport {\n getNestedFields,\n getPermissionsWithNestedFields,\n cleanPermissionFields,\n getNestedFieldsWithIntermediate,\n};\n"],"names":["getNestedFields","model","prefix","nestingLevel","components","requiredOnly","existingFields","nonAuthorizableFields","contentTypesUtils","getNonVisibleAttributes","_","reduce","attributes","fields","attr","key","includes","fieldPath","shouldBeIncluded","required","insideExistingFields","some","startsWith","type","compoFields","component","length","concat","getNestedFieldsWithIntermediate","push","getPermissionsWithNestedFields","actions","restrictedSubjects","permissions","action","validSubjects","subjects","filter","subject","actionDomain","appliesToProperty","strapi","contentTypes","undefined","permission","permissionDomain","create","actionId","properties","cleanPermissionFields","actionProvider","getService","map","get","deleteProperty","possibleFields","currentFields","validUserFields","uniq","pf","cf","isNotNestedField","field","validUserField","newFields","setProperty"],"mappings":";;;;;;;;;AAoBA;;IAGA,MAAMA,kBAAkB,CACtBC,KAAAA,EACA,EACEC,MAAAA,GAAS,EAAE,EACXC,YAAAA,GAAe,EAAE,EACjBC,UAAAA,GAAa,EAAE,EACfC,YAAAA,GAAe,KAAK,EACpBC,cAAAA,GAAiB,EAAE,EACN,GAAA;AAEf,IAAA,IAAIH,iBAAiB,CAAA,EAAG;AACtB,QAAA,OAAOD,MAAAA,GAAS;AAACA,YAAAA;AAAO,SAAA,GAAG,EAAE;AAC/B,IAAA;IAEA,MAAMK,qBAAAA,GAAwBC,kBAAAA,CAAkBC,uBAAuB,CAACR,KAAAA,CAAAA;IAExE,OAAOS,CAAAA,CAAEC,MAAM,CACbV,KAAAA,CAAMW,UAAU,EAChB,CAACC,QAAaC,IAAAA,EAAWC,GAAAA,GAAAA;AACvB,QAAA,IAAIR,qBAAAA,CAAsBS,QAAQ,CAACD,GAAAA,CAAAA,EAAM,OAAOF,MAAAA;AAEhD,QAAA,MAAMI,YAAYf,MAAAA,GAAS,CAAA,EAAGA,OAAO,CAAC,EAAEa,KAAK,GAAGA,GAAAA;AAChD,QAAA,MAAMG,gBAAAA,GAAmB,CAACb,YAAAA,IAAgBS,IAAAA,CAAKK,QAAQ,KAAK,IAAA;AAC5D,QAAA,MAAMC,oBAAAA,GAAuBd,cAAAA,IAAkBA,cAAAA,CAAee,IAAI,CAACC,aAAAA,CAAWL,SAAAA,CAAAA,CAAAA;QAE9E,IAAIH,IAAAA,CAAKS,IAAI,KAAK,WAAA,EAAa;AAC7B,YAAA,IAAIL,oBAAoBE,oBAAAA,EAAsB;AAC5C,gBAAA,MAAMI,cAAcxB,eAAAA,CAAgBI,UAAU,CAACU,IAAAA,CAAKW,SAAS,CAAC,EAAE;AAC9DtB,oBAAAA,YAAAA,EAAcA,YAAAA,GAAe,CAAA;oBAC7BD,MAAAA,EAAQe,SAAAA;AACRb,oBAAAA,UAAAA;AACAC,oBAAAA,YAAAA;AACAC,oBAAAA;AACF,iBAAA,CAAA;AAEA,gBAAA,IAAIkB,WAAAA,CAAYE,MAAM,KAAK,CAAA,IAAKR,gBAAAA,EAAkB;oBAChD,OAAOL,MAAAA,CAAOc,MAAM,CAACV,SAAAA,CAAAA;AACvB,gBAAA;gBAEA,OAAOJ,MAAAA,CAAOc,MAAM,CAACH,WAAAA,CAAAA;AACvB,YAAA;YACA,OAAOX,MAAAA;AACT,QAAA;AAEA,QAAA,IAAIK,gBAAAA,EAAkB;YACpB,OAAOL,MAAAA,CAAOc,MAAM,CAACV,SAAAA,CAAAA;AACvB,QAAA;QAEA,OAAOJ,MAAAA;AACT,IAAA,CAAA,EACA,EAAE,CAAA;AAEN;AAEA;;AAEC,IACD,MAAMe,+BAAAA,GAAkC,CACtC3B,KAAAA,EACA,EAAEC,MAAAA,GAAS,EAAE,EAAEC,YAAAA,GAAe,EAAE,EAAEC,UAAAA,GAAa,EAAE,EAAgB,GAAA;AAEjE,IAAA,IAAID,iBAAiB,CAAA,EAAG;AACtB,QAAA,OAAO,EAAE;AACX,IAAA;IAEA,MAAMI,qBAAAA,GAAwBC,kBAAAA,CAAkBC,uBAAuB,CAACR,KAAAA,CAAAA;IAExE,OAAOS,CAAAA,CAAEC,MAAM,CACbV,KAAAA,CAAMW,UAAU,EAChB,CAACC,QAAaC,IAAAA,EAAWC,GAAAA,GAAAA;AACvB,QAAA,IAAIR,qBAAAA,CAAsBS,QAAQ,CAACD,GAAAA,CAAAA,EAAM,OAAOF,MAAAA;AAEhD,QAAA,MAAMI,YAAYf,MAAAA,GAAS,CAAA,EAAGA,OAAO,CAAC,EAAEa,KAAK,GAAGA,GAAAA;AAChDF,QAAAA,MAAAA,CAAOgB,IAAI,CAACZ,SAAAA,CAAAA;QAEZ,IAAIH,IAAAA,CAAKS,IAAI,KAAK,WAAA,EAAa;AAC7B,YAAA,MAAMC,cAAcI,+BAAAA,CAAgCxB,UAAU,CAACU,IAAAA,CAAKW,SAAS,CAAC,EAAE;AAC9EtB,gBAAAA,YAAAA,EAAcA,YAAAA,GAAe,CAAA;gBAC7BD,MAAAA,EAAQe,SAAAA;AACRb,gBAAAA;AACF,aAAA,CAAA;AAEAS,YAAAA,MAAAA,CAAOgB,IAAI,CAAA,GAAIL,WAAAA,CAAAA;AACjB,QAAA;QAEA,OAAOX,MAAAA;AACT,IAAA,CAAA,EACA,EAAE,CAAA;AAEN;AAEA;;AAEC,IACD,MAAMiB,8BAAAA,GAAiC,CACrCC,OAAAA,EACA,EAAE5B,YAAY,EAAE6B,kBAAAA,GAAqB,EAAE,EAAgB,GAAG,EAAE,GAAA;AAE5D,IAAA,OAAOD,OAAAA,CAAQpB,MAAM,CAAC,CAACsB,WAAAA,EAAaC,MAAAA,GAAAA;QAClC,MAAMC,aAAAA,GAAgBD,MAAAA,CAAOE,QAAQ,CAACC,MAAM,CAC1C,CAACC,OAAAA,GAAiB,CAACN,kBAAAA,CAAmBhB,QAAQ,CAACsB,OAAAA,CAAAA,CAAAA;;QAIjD,KAAK,MAAMA,WAAWH,aAAAA,CAAe;YACnC,MAAMtB,MAAAA,GAAS0B,OAAAA,CAAaC,iBAAiB,CAAC,QAAA,EAAUN,MAAAA,CAAAA,GACpDlC,eAAAA,CAAgByC,MAAAA,CAAOC,YAAY,CAACJ,OAAAA,CAAQ,EAAE;AAC5ClC,gBAAAA,UAAAA,EAAYqC,OAAOrC,UAAU;AAC7BD,gBAAAA;aACF,CAAA,GACAwC,SAAAA;YAEJ,MAAMC,UAAAA,GAAaC,eAAAA,CAAiBC,MAAM,CAAC;AACzCZ,gBAAAA,MAAAA,EAAQA,OAAOa,QAAQ;AACvBT,gBAAAA,OAAAA;gBACAU,UAAAA,EAAY;AAAEnC,oBAAAA;AAAO;AACvB,aAAA,CAAA;AAEAoB,YAAAA,WAAAA,CAAYJ,IAAI,CAACe,UAAAA,CAAAA;AACnB,QAAA;QAEA,OAAOX,WAAAA;AACT,IAAA,CAAA,EAAG,EAAE,CAAA;AACP;AAEA;;IAGA,MAAMgB,wBAAwB,CAC5BhB,WAAAA,GAAAA;AAEA,IAAA,MAAM,EAAEiB,cAAc,EAAE,GAAGC,gBAAAA,CAAW,YAAA,CAAA;IAEtC,OAAOlB,WAAAA,CAAYmB,GAAG,CAAC,CAACR,UAAAA,GAAAA;QACtB,MAAM,EACJV,MAAAA,EAAQa,QAAQ,EAChBT,OAAO,EACPU,UAAAA,EAAY,EAAEnC,MAAM,EAAE,EACvB,GAAG+B,UAAAA;QAEJ,MAAMV,MAAAA,GAASgB,cAAAA,CAAeG,GAAG,CAACN,QAAAA,CAAAA;;AAGlC,QAAA,IAAI,CAACR,OAAAA,CAAaC,iBAAiB,CAAC,UAAUN,MAAAA,CAAAA,EAAS;YACrD,OAAOW,eAAAA,CAAiBS,cAAc,CAAC,QAAA,EAAUV,UAAAA,CAAAA;AACnD,QAAA;AAEA,QAAA,IAAI,CAACN,OAAAA,IAAW,CAACG,OAAOC,YAAY,CAACJ,QAAQ,EAAE;YAC7C,OAAOM,UAAAA;AACT,QAAA;AAEA,QAAA,MAAMW,iBAAiB3B,+BAAAA,CAAgCa,MAAAA,CAAOC,YAAY,CAACJ,QAAQ,EAAE;AACnFlC,YAAAA,UAAAA,EAAYqC,OAAOrC;AACrB,SAAA,CAAA;QAEA,MAAMoD,aAAAA,GAA0B3C,UAAU,EAAE;AAE5C,QAAA,MAAM4C,kBAA4BC,OAAAA,CAChCH,cAAAA,CAAelB,MAAM,CAAC,CAACsB,KACrBH,aAAAA,CAAcnC,IAAI,CAAC,CAACuC,EAAAA,GAAOD,OAAOC,EAAAA,IAAMtC,aAAAA,CAAW,GAAGsC,EAAAA,CAAG,CAAC,CAAC,EAAED,EAAAA,CAAAA,CAAAA,CAAAA,CAAAA;;;;AAOjE,QAAA,MAAME,mBAAmB,CAACC,KAAAA,GACxB,CAACL,eAAAA,CAAgBpC,IAAI,CACnB,CAAC0C,cAAAA,GACCA,cAAAA,KAAmBD,SAASxC,aAAAA,CAAW,CAAA,EAAGwC,KAAAA,CAAM,CAAC,CAAC,EAAEC,cAAAA,CAAAA,CAAAA;;QAI1D,MAAMC,SAAAA,GAAYP,eAAAA,CAAgBpB,MAAM,CAACwB,gBAAAA,CAAAA;AAEzC,QAAA,OAAOhB,eAAAA,CAAiBoB,WAAW,CAAC,QAAA,EAAUD,SAAAA,EAAWpB,UAAAA,CAAAA;AAC3D,IAAA,CAAA,EAAG,EAAE,CAAA;AACP;;;;;;;"}

package/dist/server/server/src/services/content-type.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
 import ___default from 'lodash';
-import { startsWith, uniq } from 'lodash/fp';
+import { uniq, startsWith } from 'lodash/fp';
 import { contentTypes } from '@strapi/utils';
 import { getService } from '../utils/index.mjs';
 import actionDomain from '../domain/action/index.mjs';