@strapi/admin 5.47.1 → 5.48.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (126) hide show
  1. package/dist/admin/admin/src/StrapiApp.js +8 -5
  2. package/dist/admin/admin/src/StrapiApp.js.map +1 -1
  3. package/dist/admin/admin/src/StrapiApp.mjs +9 -6
  4. package/dist/admin/admin/src/StrapiApp.mjs.map +1 -1
  5. package/dist/admin/admin/src/components/LeftMenu.js +1 -1
  6. package/dist/admin/admin/src/components/LeftMenu.js.map +1 -1
  7. package/dist/admin/admin/src/components/LeftMenu.mjs +1 -1
  8. package/dist/admin/admin/src/components/LeftMenu.mjs.map +1 -1
  9. package/dist/admin/admin/src/components/UpsellBanner.js +1 -1
  10. package/dist/admin/admin/src/components/UpsellBanner.js.map +1 -1
  11. package/dist/admin/admin/src/components/UpsellBanner.mjs +1 -1
  12. package/dist/admin/admin/src/components/UpsellBanner.mjs.map +1 -1
  13. package/dist/admin/admin/src/hooks/useMenu.js +40 -5
  14. package/dist/admin/admin/src/hooks/useMenu.js.map +1 -1
  15. package/dist/admin/admin/src/hooks/useMenu.mjs +40 -6
  16. package/dist/admin/admin/src/hooks/useMenu.mjs.map +1 -1
  17. package/dist/admin/admin/src/hooks/useSettingsMenu.js +61 -1
  18. package/dist/admin/admin/src/hooks/useSettingsMenu.js.map +1 -1
  19. package/dist/admin/admin/src/hooks/useSettingsMenu.mjs +61 -2
  20. package/dist/admin/admin/src/hooks/useSettingsMenu.mjs.map +1 -1
  21. package/dist/admin/admin/src/pages/Home/HomePage.js +6 -2
  22. package/dist/admin/admin/src/pages/Home/HomePage.js.map +1 -1
  23. package/dist/admin/admin/src/pages/Home/HomePage.mjs +6 -2
  24. package/dist/admin/admin/src/pages/Home/HomePage.mjs.map +1 -1
  25. package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.js +1 -1
  26. package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.js.map +1 -1
  27. package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.mjs +1 -1
  28. package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.mjs.map +1 -1
  29. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js +2 -0
  30. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js.map +1 -1
  31. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs +2 -0
  32. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs.map +1 -1
  33. package/dist/admin/admin/src/translations/ar.json.js +1 -1
  34. package/dist/admin/admin/src/translations/ar.json.mjs +1 -1
  35. package/dist/admin/admin/src/translations/cs.json.js +1 -1
  36. package/dist/admin/admin/src/translations/cs.json.mjs +1 -1
  37. package/dist/admin/admin/src/translations/de.json.js +1 -1
  38. package/dist/admin/admin/src/translations/de.json.mjs +1 -1
  39. package/dist/admin/admin/src/translations/en.json.js +1 -1
  40. package/dist/admin/admin/src/translations/en.json.mjs +1 -1
  41. package/dist/admin/admin/src/translations/es.json.js +1 -1
  42. package/dist/admin/admin/src/translations/es.json.mjs +1 -1
  43. package/dist/admin/admin/src/translations/fi.json.js +1 -1
  44. package/dist/admin/admin/src/translations/fi.json.mjs +1 -1
  45. package/dist/admin/admin/src/translations/fr.json.js +1 -1
  46. package/dist/admin/admin/src/translations/fr.json.mjs +1 -1
  47. package/dist/admin/admin/src/translations/it.json.js +1 -1
  48. package/dist/admin/admin/src/translations/it.json.mjs +1 -1
  49. package/dist/admin/admin/src/translations/ko.json.js +1 -1
  50. package/dist/admin/admin/src/translations/ko.json.mjs +1 -1
  51. package/dist/admin/admin/src/translations/nl.json.js +1 -1
  52. package/dist/admin/admin/src/translations/nl.json.mjs +1 -1
  53. package/dist/admin/admin/src/translations/pl.json.js +1 -1
  54. package/dist/admin/admin/src/translations/pl.json.mjs +1 -1
  55. package/dist/admin/admin/src/translations/ru.json.js +1 -1
  56. package/dist/admin/admin/src/translations/ru.json.mjs +1 -1
  57. package/dist/admin/admin/src/translations/tr.json.js +1 -1
  58. package/dist/admin/admin/src/translations/tr.json.mjs +1 -1
  59. package/dist/admin/admin/src/translations/uk.json.js +1 -1
  60. package/dist/admin/admin/src/translations/uk.json.mjs +1 -1
  61. package/dist/admin/admin/src/translations/vi.json.js +1 -1
  62. package/dist/admin/admin/src/translations/vi.json.mjs +1 -1
  63. package/dist/admin/admin/src/translations/zh-Hans.json.js +1 -1
  64. package/dist/admin/admin/src/translations/zh-Hans.json.mjs +1 -1
  65. package/dist/admin/admin/src/utils/getFetchClient.js +1 -1
  66. package/dist/admin/admin/src/utils/getFetchClient.js.map +1 -1
  67. package/dist/admin/admin/src/utils/getFetchClient.mjs +1 -1
  68. package/dist/admin/admin/src/utils/getFetchClient.mjs.map +1 -1
  69. package/dist/admin/admin/src/utils/widgetVisibility.js +25 -0
  70. package/dist/admin/admin/src/utils/widgetVisibility.js.map +1 -0
  71. package/dist/admin/admin/src/utils/widgetVisibility.mjs +22 -0
  72. package/dist/admin/admin/src/utils/widgetVisibility.mjs.map +1 -0
  73. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.js +6 -4
  74. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.js.map +1 -1
  75. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.mjs +6 -4
  76. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.mjs.map +1 -1
  77. package/dist/admin/src/hooks/useMenu.d.ts +2 -1
  78. package/dist/admin/src/hooks/useSettingsMenu.d.ts +2 -1
  79. package/dist/admin/src/utils/widgetVisibility.d.ts +18 -0
  80. package/dist/ee/server/src/controllers/user.d.ts.map +1 -1
  81. package/dist/server/ee/server/src/controllers/user.js +7 -6
  82. package/dist/server/ee/server/src/controllers/user.js.map +1 -1
  83. package/dist/server/ee/server/src/controllers/user.mjs +7 -6
  84. package/dist/server/ee/server/src/controllers/user.mjs.map +1 -1
  85. package/dist/server/server/src/controllers/authenticated-user.js +25 -4
  86. package/dist/server/server/src/controllers/authenticated-user.js.map +1 -1
  87. package/dist/server/server/src/controllers/authenticated-user.mjs +25 -4
  88. package/dist/server/server/src/controllers/authenticated-user.mjs.map +1 -1
  89. package/dist/server/server/src/controllers/authentication.js +1 -16
  90. package/dist/server/server/src/controllers/authentication.js.map +1 -1
  91. package/dist/server/server/src/controllers/authentication.mjs +1 -16
  92. package/dist/server/server/src/controllers/authentication.mjs.map +1 -1
  93. package/dist/server/server/src/controllers/user.js +6 -5
  94. package/dist/server/server/src/controllers/user.js.map +1 -1
  95. package/dist/server/server/src/controllers/user.mjs +6 -5
  96. package/dist/server/server/src/controllers/user.mjs.map +1 -1
  97. package/dist/server/server/src/routes/authentication.js +4 -1
  98. package/dist/server/server/src/routes/authentication.js.map +1 -1
  99. package/dist/server/server/src/routes/authentication.mjs +4 -1
  100. package/dist/server/server/src/routes/authentication.mjs.map +1 -1
  101. package/dist/server/server/src/services/permission/permissions-manager/permission-fields.js +20 -11
  102. package/dist/server/server/src/services/permission/permissions-manager/permission-fields.js.map +1 -1
  103. package/dist/server/server/src/services/permission/permissions-manager/permission-fields.mjs +21 -12
  104. package/dist/server/server/src/services/permission/permissions-manager/permission-fields.mjs.map +1 -1
  105. package/dist/server/server/src/services/user.js +40 -3
  106. package/dist/server/server/src/services/user.js.map +1 -1
  107. package/dist/server/server/src/services/user.mjs +40 -3
  108. package/dist/server/server/src/services/user.mjs.map +1 -1
  109. package/dist/server/server/src/utils/normalize-email.js +24 -0
  110. package/dist/server/server/src/utils/normalize-email.js.map +1 -0
  111. package/dist/server/server/src/utils/normalize-email.mjs +22 -0
  112. package/dist/server/server/src/utils/normalize-email.mjs.map +1 -0
  113. package/dist/server/src/controllers/authenticated-user.d.ts.map +1 -1
  114. package/dist/server/src/controllers/authentication.d.ts.map +1 -1
  115. package/dist/server/src/controllers/user.d.ts.map +1 -1
  116. package/dist/server/src/index.d.ts +1 -0
  117. package/dist/server/src/index.d.ts.map +1 -1
  118. package/dist/server/src/routes/authentication.d.ts.map +1 -1
  119. package/dist/server/src/services/index.d.ts +1 -0
  120. package/dist/server/src/services/index.d.ts.map +1 -1
  121. package/dist/server/src/services/permission/permissions-manager/permission-fields.d.ts.map +1 -1
  122. package/dist/server/src/services/user.d.ts +1 -0
  123. package/dist/server/src/services/user.d.ts.map +1 -1
  124. package/dist/server/src/utils/normalize-email.d.ts +12 -0
  125. package/dist/server/src/utils/normalize-email.d.ts.map +1 -0
  126. package/package.json +12 -14
package/dist/server/server/src/services/permission/permissions-manager/permission-fields.mjs CHANGED
@@ -1,6 +1,6 @@
1
1
  import { detectSubjectType } from '@casl/ability';
2
2
  import { permittedFieldsOf } from '@casl/ability/extra';
3
- import { isEmpty, some, isNil, flatMap, prop } from 'lodash/fp';
3
+ import { isEmpty, isNil, some, flatMap, prop } from 'lodash/fp';
4
4
 
5
5
  /**
6
6
  * Creates a cached permission fields calculator for a given CASL ability.
@@ -24,17 +24,26 @@ import { isEmpty, some, isNil, flatMap, prop } from 'lodash/fp';
24
24
  if (!hasEntityConditions && permissionCache.has(cacheKey)) {
25
25
  return permissionCache.get(cacheKey);
26
26
  }
27
- // Compute permission fields (expensive CASL operation)
28
- const permittedFields = permittedFieldsOf(ability, actionOverride, subject, {
29
- fieldsFrom: (rule)=>rule.fields || []
30
- });
31
- const hasAtLeastOneRegistered = some((fields)=>!isNil(fields), flatMap(prop('fields'), rules));
32
- const shouldIncludeAll = isEmpty(permittedFields) && !hasAtLeastOneRegistered;
33
- const result = {
34
- permittedFields,
35
- hasAtLeastOneRegistered,
36
- shouldIncludeAll
37
- };
27
+ let result;
28
+ const allFieldsAllowed = rules.some((r)=>isNil(r.fields));
29
+ if (allFieldsAllowed) {
30
+ result = {
31
+ permittedFields: [],
32
+ hasAtLeastOneRegistered: rules.some((r)=>!isNil(r.fields)),
33
+ shouldIncludeAll: true
34
+ };
35
+ } else {
36
+ // Compute permission fields (expensive CASL operation)
37
+ const permittedFields = permittedFieldsOf(ability, actionOverride, subject, {
38
+ fieldsFrom: (rule)=>rule.fields || []
39
+ });
40
+ const hasAtLeastOneRegistered = some((fields)=>!isNil(fields), flatMap(prop('fields'), rules));
41
+ result = {
42
+ permittedFields,
43
+ hasAtLeastOneRegistered,
44
+ shouldIncludeAll: isEmpty(permittedFields) && !hasAtLeastOneRegistered
45
+ };
46
+ }
38
47
  // Cache for reuse if no entity-specific conditions
39
48
  if (!hasEntityConditions) {
40
49
  permissionCache.set(cacheKey, result);
package/dist/server/server/src/services/permission/permissions-manager/permission-fields.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"permission-fields.mjs","sources":["../../../../../../../server/src/services/permission/permissions-manager/permission-fields.ts"],"sourcesContent":["import { detectSubjectType } from '@casl/ability';\nimport { permittedFieldsOf } from '@casl/ability/extra';\nimport { isEmpty, isNil, flatMap, some, prop } from 'lodash/fp';\n\nimport type { Ability } from '@casl/ability';\n\nexport interface PermissionFieldsResult {\n permittedFields: string[];\n hasAtLeastOneRegistered: boolean;\n shouldIncludeAll: boolean;\n}\n\n/**\n * Creates a cached permission fields calculator for a given CASL ability.\n *\n * The cache stores permission field calculations per action+subjectType combination.\n * Results are only cached when rules have no entity-specific conditions, as those\n * must be computed per entity.\n *\n * @param ability - The CASL ability instance to use for permission checks\n * @returns Object with getPermissionFields function and cache\n */\nexport const createPermissionFieldsCache = (ability: Ability) => {\n const permissionCache = new Map<string, PermissionFieldsResult>();\n\n const getPermissionFields = (actionOverride: string, subject: any): PermissionFieldsResult => {\n const subjectType = detectSubjectType(subject);\n const rules = ability.rulesFor(actionOverride, subjectType);\n\n // Check if any rule has conditions that depend on entity data\n // If so, we can't cache - must compute per entity\n const hasEntityConditions = rules.some(\n (rule: any) => rule.conditions && !isEmpty(rule.conditions)\n );\n\n // Return cached result if available and safe to use\n const cacheKey = `${actionOverride}::${String(subjectType)}`;\n if (!hasEntityConditions && permissionCache.has(cacheKey)) {\n return permissionCache.get(cacheKey)!;\n }\n\n // Compute permission fields (expensive CASL operation)\n const permittedFields = permittedFieldsOf(ability, actionOverride, subject, {\n fieldsFrom: (rule) => rule.fields || [],\n });\n\n const hasAtLeastOneRegistered = some(\n (fields) => !isNil(fields),\n flatMap(prop('fields'), rules)\n );\n const shouldIncludeAll = isEmpty(permittedFields) && !hasAtLeastOneRegistered;\n\n const result: PermissionFieldsResult = {\n permittedFields,\n hasAtLeastOneRegistered,\n shouldIncludeAll,\n };\n\n // Cache for reuse if no entity-specific conditions\n if (!hasEntityConditions) {\n permissionCache.set(cacheKey, result);\n }\n\n return result;\n };\n\n return {\n getPermissionFields,\n clearCache: () => permissionCache.clear(),\n };\n};\n"],"names":["createPermissionFieldsCache","ability","permissionCache","Map","getPermissionFields","actionOverride","subject","subjectType","detectSubjectType","rules","rulesFor","hasEntityConditions","some","rule","conditions","isEmpty","cacheKey","String","has","get","permittedFields","permittedFieldsOf","fieldsFrom","fields","hasAtLeastOneRegistered","isNil","flatMap","prop","shouldIncludeAll","result","set","clearCache","clear"],"mappings":";;;;AAYA;;;;;;;;;IAUO,MAAMA,2BAAAA,GAA8B,CAACC,OAAAA,GAAAA;AAC1C,IAAA,MAAMC,kBAAkB,IAAIC,GAAAA,EAAAA;IAE5B,MAAMC,mBAAAA,GAAsB,CAACC,cAAAA,EAAwBC,OAAAA,GAAAA;AACnD,QAAA,MAAMC,cAAcC,iBAAAA,CAAkBF,OAAAA,CAAAA;AACtC,QAAA,MAAMG,KAAAA,GAAQR,OAAAA,CAAQS,QAAQ,CAACL,cAAAA,EAAgBE,WAAAA,CAAAA;;;AAI/C,QAAA,MAAMI,mBAAAA,GAAsBF,KAAAA,CAAMG,IAAI,CACpC,CAACC,IAAAA,GAAcA,IAAAA,CAAKC,UAAU,IAAI,CAACC,OAAAA,CAAQF,IAAAA,CAAKC,UAAU,CAAA,CAAA;;AAI5D,QAAA,MAAME,WAAW,CAAA,EAAGX,cAAAA,CAAe,EAAE,EAAEY,OAAOV,WAAAA,CAAAA,CAAAA,CAAc;AAC5D,QAAA,IAAI,CAACI,mBAAAA,IAAuBT,eAAAA,CAAgBgB,GAAG,CAACF,QAAAA,CAAAA,EAAW;YACzD,OAAOd,eAAAA,CAAgBiB,GAAG,CAACH,QAAAA,CAAAA;AAC7B,QAAA;;AAGA,QAAA,MAAMI,eAAAA,GAAkBC,iBAAAA,CAAkBpB,OAAAA,EAASI,cAAAA,EAAgBC,OAAAA,EAAS;AAC1EgB,YAAAA,UAAAA,EAAY,CAACT,IAAAA,GAASA,IAAAA,CAAKU,MAAM,IAAI;AACvC,SAAA,CAAA;QAEA,MAAMC,uBAAAA,GAA0BZ,KAC9B,CAACW,MAAAA,GAAW,CAACE,KAAAA,CAAMF,MAAAA,CAAAA,EACnBG,OAAAA,CAAQC,IAAAA,CAAK,QAAA,CAAA,EAAWlB,KAAAA,CAAAA,CAAAA;QAE1B,MAAMmB,gBAAAA,GAAmBb,OAAAA,CAAQK,eAAAA,CAAAA,IAAoB,CAACI,uBAAAA;AAEtD,QAAA,MAAMK,MAAAA,GAAiC;AACrCT,YAAAA,eAAAA;AACAI,YAAAA,uBAAAA;AACAI,YAAAA;AACF,SAAA;;AAGA,QAAA,IAAI,CAACjB,mBAAAA,EAAqB;YACxBT,eAAAA,CAAgB4B,GAAG,CAACd,QAAAA,EAAUa,MAAAA,CAAAA;AAChC,QAAA;QAEA,OAAOA,MAAAA;AACT,IAAA,CAAA;IAEA,OAAO;AACLzB,QAAAA,mBAAAA;QACA2B,UAAAA,EAAY,IAAM7B,gBAAgB8B,KAAK;AACzC,KAAA;AACF;;;;"}
1
+ {"version":3,"file":"permission-fields.mjs","sources":["../../../../../../../server/src/services/permission/permissions-manager/permission-fields.ts"],"sourcesContent":["import { detectSubjectType } from '@casl/ability';\nimport { permittedFieldsOf } from '@casl/ability/extra';\nimport { isEmpty, isNil, flatMap, some, prop } from 'lodash/fp';\n\nimport type { Ability } from '@casl/ability';\n\nexport interface PermissionFieldsResult {\n permittedFields: string[];\n hasAtLeastOneRegistered: boolean;\n shouldIncludeAll: boolean;\n}\n\n/**\n * Creates a cached permission fields calculator for a given CASL ability.\n *\n * The cache stores permission field calculations per action+subjectType combination.\n * Results are only cached when rules have no entity-specific conditions, as those\n * must be computed per entity.\n *\n * @param ability - The CASL ability instance to use for permission checks\n * @returns Object with getPermissionFields function and cache\n */\nexport const createPermissionFieldsCache = (ability: Ability) => {\n const permissionCache = new Map<string, PermissionFieldsResult>();\n\n const getPermissionFields = (actionOverride: string, subject: any): PermissionFieldsResult => {\n const subjectType = detectSubjectType(subject);\n const rules = ability.rulesFor(actionOverride, subjectType);\n\n // Check if any rule has conditions that depend on entity data\n // If so, we can't cache - must compute per entity\n const hasEntityConditions = rules.some(\n (rule: any) => rule.conditions && !isEmpty(rule.conditions)\n );\n\n // Return cached result if available and safe to use\n const cacheKey = `${actionOverride}::${String(subjectType)}`;\n if (!hasEntityConditions && permissionCache.has(cacheKey)) {\n return permissionCache.get(cacheKey)!;\n }\n\n let result: PermissionFieldsResult;\n\n const allFieldsAllowed = rules.some((r) => isNil(r.fields));\n if (allFieldsAllowed) {\n result = {\n permittedFields: [],\n hasAtLeastOneRegistered: rules.some((r) => !isNil(r.fields)),\n shouldIncludeAll: true,\n };\n } else {\n // Compute permission fields (expensive CASL operation)\n const permittedFields = permittedFieldsOf(ability, actionOverride, subject, {\n fieldsFrom: (rule) => rule.fields || [],\n });\n\n const hasAtLeastOneRegistered = some(\n (fields) => !isNil(fields),\n flatMap(prop('fields'), rules)\n );\n\n result = {\n permittedFields,\n hasAtLeastOneRegistered,\n shouldIncludeAll: isEmpty(permittedFields) && !hasAtLeastOneRegistered,\n };\n }\n\n // Cache for reuse if no entity-specific conditions\n if (!hasEntityConditions) {\n permissionCache.set(cacheKey, result);\n }\n\n return result;\n };\n\n return {\n getPermissionFields,\n clearCache: () => permissionCache.clear(),\n };\n};\n"],"names":["createPermissionFieldsCache","ability","permissionCache","Map","getPermissionFields","actionOverride","subject","subjectType","detectSubjectType","rules","rulesFor","hasEntityConditions","some","rule","conditions","isEmpty","cacheKey","String","has","get","result","allFieldsAllowed","r","isNil","fields","permittedFields","hasAtLeastOneRegistered","shouldIncludeAll","permittedFieldsOf","fieldsFrom","flatMap","prop","set","clearCache","clear"],"mappings":";;;;AAYA;;;;;;;;;IAUO,MAAMA,2BAAAA,GAA8B,CAACC,OAAAA,GAAAA;AAC1C,IAAA,MAAMC,kBAAkB,IAAIC,GAAAA,EAAAA;IAE5B,MAAMC,mBAAAA,GAAsB,CAACC,cAAAA,EAAwBC,OAAAA,GAAAA;AACnD,QAAA,MAAMC,cAAcC,iBAAAA,CAAkBF,OAAAA,CAAAA;AACtC,QAAA,MAAMG,KAAAA,GAAQR,OAAAA,CAAQS,QAAQ,CAACL,cAAAA,EAAgBE,WAAAA,CAAAA;;;AAI/C,QAAA,MAAMI,mBAAAA,GAAsBF,KAAAA,CAAMG,IAAI,CACpC,CAACC,IAAAA,GAAcA,IAAAA,CAAKC,UAAU,IAAI,CAACC,OAAAA,CAAQF,IAAAA,CAAKC,UAAU,CAAA,CAAA;;AAI5D,QAAA,MAAME,WAAW,CAAA,EAAGX,cAAAA,CAAe,EAAE,EAAEY,OAAOV,WAAAA,CAAAA,CAAAA,CAAc;AAC5D,QAAA,IAAI,CAACI,mBAAAA,IAAuBT,eAAAA,CAAgBgB,GAAG,CAACF,QAAAA,CAAAA,EAAW;YACzD,OAAOd,eAAAA,CAAgBiB,GAAG,CAACH,QAAAA,CAAAA;AAC7B,QAAA;QAEA,IAAII,MAAAA;QAEJ,MAAMC,gBAAAA,GAAmBZ,MAAMG,IAAI,CAAC,CAACU,CAAAA,GAAMC,KAAAA,CAAMD,EAAEE,MAAM,CAAA,CAAA;AACzD,QAAA,IAAIH,gBAAAA,EAAkB;YACpBD,MAAAA,GAAS;AACPK,gBAAAA,eAAAA,EAAiB,EAAE;gBACnBC,uBAAAA,EAAyBjB,KAAAA,CAAMG,IAAI,CAAC,CAACU,IAAM,CAACC,KAAAA,CAAMD,EAAEE,MAAM,CAAA,CAAA;gBAC1DG,gBAAAA,EAAkB;AACpB,aAAA;QACF,CAAA,MAAO;;AAEL,YAAA,MAAMF,eAAAA,GAAkBG,iBAAAA,CAAkB3B,OAAAA,EAASI,cAAAA,EAAgBC,OAAAA,EAAS;AAC1EuB,gBAAAA,UAAAA,EAAY,CAAChB,IAAAA,GAASA,IAAAA,CAAKW,MAAM,IAAI;AACvC,aAAA,CAAA;YAEA,MAAME,uBAAAA,GAA0Bd,KAC9B,CAACY,MAAAA,GAAW,CAACD,KAAAA,CAAMC,MAAAA,CAAAA,EACnBM,OAAAA,CAAQC,IAAAA,CAAK,QAAA,CAAA,EAAWtB,KAAAA,CAAAA,CAAAA;YAG1BW,MAAAA,GAAS;AACPK,gBAAAA,eAAAA;AACAC,gBAAAA,uBAAAA;gBACAC,gBAAAA,EAAkBZ,OAAAA,CAAQU,oBAAoB,CAACC;AACjD,aAAA;AACF,QAAA;;AAGA,QAAA,IAAI,CAACf,mBAAAA,EAAqB;YACxBT,eAAAA,CAAgB8B,GAAG,CAAChB,QAAAA,EAAUI,MAAAA,CAAAA;AAChC,QAAA;QAEA,OAAOA,MAAAA;AACT,IAAA,CAAA;IAEA,OAAO;AACLhB,QAAAA,mBAAAA;QACA6B,UAAAA,EAAY,IAAM/B,gBAAgBgC,KAAK;AACzC,KAAA;AACF;;;;"}
package/dist/server/server/src/services/user.js CHANGED
@@ -9,7 +9,7 @@ var index = require('../utils/index.js');
9
9
  var constants = require('./constants.js');
10
10
 
11
11
  const { SUPER_ADMIN_CODE } = constants;
12
- const { ValidationError } = utils.errors;
12
+ const { ApplicationError, ValidationError } = utils.errors;
13
13
  const sanitizeUserRoles = (role)=>_.pick(role, [
14
14
  'id',
15
15
  'name',
@@ -37,7 +37,7 @@ const getSessionManager = ()=>{
37
37
  /**
38
38
  * Create and save a user in database
39
39
  * @param attributes A partial user object
40
- */ const create = async (// isActive is added in the controller, it's not sent by the API.
40
+ */ const createUserInDatabase = async (// isActive is added in the controller, it's not sent by the API.
41
41
  attributes)=>{
42
42
  const userInfo = {
43
43
  registrationToken: index.getService('token').createToken(),
@@ -53,10 +53,46 @@ attributes)=>{
53
53
  'roles'
54
54
  ]
55
55
  });
56
+ return createdUser;
57
+ };
58
+ const emitUserCreated = (user)=>{
56
59
  index.getService('metrics').sendDidInviteUser();
57
60
  strapi.eventHub.emit('user.create', {
58
- user: sanitizeUser(createdUser)
61
+ user: sanitizeUser(user)
62
+ });
63
+ };
64
+ const create = async (// isActive is added in the controller, it's not sent by the API.
65
+ attributes)=>{
66
+ const createdUser = await createUserInDatabase(attributes);
67
+ emitUserCreated(createdUser);
68
+ return createdUser;
69
+ };
70
+ const createFirstAdmin = async (attributes)=>{
71
+ const createdUser = await strapi.db.transaction(async ({ trx })=>{
72
+ // Serialize first-admin creation across processes by locking a stable role row.
73
+ // SQLite ignores FOR UPDATE, but falls back to its single-writer transaction behavior.
74
+ const superAdminRole = await strapi.db.queryBuilder('admin::role').select([
75
+ 'id'
76
+ ]).where({
77
+ code: SUPER_ADMIN_CODE
78
+ }).first().transacting(trx).forUpdate().execute();
79
+ if (!superAdminRole) {
80
+ throw new ApplicationError("Cannot register the first admin because the super admin role doesn't exist.");
81
+ }
82
+ const hasAdmin = await exists();
83
+ if (hasAdmin) {
84
+ throw new ApplicationError('You cannot register a new super admin');
85
+ }
86
+ return createUserInDatabase({
87
+ ...attributes,
88
+ registrationToken: null,
89
+ isActive: true,
90
+ roles: [
91
+ superAdminRole.id
92
+ ]
93
+ });
59
94
  });
95
+ emitUserCreated(createdUser);
60
96
  return createdUser;
61
97
  };
62
98
  /**
@@ -407,6 +443,7 @@ attributes)=>{
407
443
  };
408
444
  var user = {
409
445
  create,
446
+ createFirstAdmin,
410
447
  updateById,
411
448
  exists,
412
449
  findRegistrationInfo,
package/dist/server/server/src/services/user.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.js","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,YAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,CAAAA,CAAEC,IAAI,CAACF,IAAAA,EAAM;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAAA,GAAoB,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,CAAAA,CAAEQ,IAAI,CAACD,IAAAA,EAAM;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,MAAAA,GAAS;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAAA,GAAW;QACfC,iBAAAA,EAAmBC,gBAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,CAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,UAAA,CAAA,EAAa;QACjCC,QAAAA,CAASK,QAAQ,GAAG,MAAMH,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E,IAAA;AAEA,IAAA,MAAMX,OAAOa,iBAAAA,CAAWP,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAAA,CAAOkB,EAAE,CAChCC,KAAK,CAAC,aAAA,CAAA,CACNZ,MAAM,CAAC;QAAEa,IAAAA,EAAMjB,IAAAA;QAAMkB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CV,IAAAA,gBAAAA,CAAW,WAAWW,iBAAiB,EAAA;AAEvCtB,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAErB,QAAAA,IAAAA,EAAMD,YAAAA,CAAae,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMQ,UAAAA,GAAa,OACjBC,EAAAA,EACAlB,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,CAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,OAAA,CAAA,EAAU;QAC9B,MAAMmB,aAAAA,GAAgB,MAAMC,oBAAAA,CAAqBF,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAAA,GAAiB,MAAMlB,gBAAAA,CAAW,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,YAAAA,CAAOC,cAAc,CAACzB,UAAAA,CAAWH,KAAK,EAAGwB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAAAA,EAA0B;AAC7C,YAAA,MAAM,IAAIvC,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,QAAA;AACF,IAAA;;IAGA,IAAIgB,UAAAA,CAAW0B,QAAQ,KAAK,KAAA,EAAO;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAAA,CAAqBF,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAAA,EAAe;AACjB,YAAA,MAAM,IAAInC,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,QAAA;AACF,IAAA;;AAGA,IAAA,IAAII,CAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,UAAA,CAAA,EAAa;AACjC,QAAA,MAAM2B,iBAAiB,MAAMxB,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMsB,WAAAA,GAAc,MAAMpC,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC9DC,KAAAA,EAAO;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAAA,EAAM;AACJ,gBAAA,GAAGZ,UAAU;gBACbM,QAAAA,EAAUqB;AACZ,aAAA;YACAd,QAAAA,EAAU;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEArB,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAErB,YAAAA,IAAAA,EAAMD,YAAAA,CAAakC,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT,IAAA;IAEA,MAAMA,WAAAA,GAAc,MAAMpC,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;QAC9DC,KAAAA,EAAO;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAAA,EAAMZ,UAAAA;QACNa,QAAAA,EAAU;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAAA,EAAa;AACfpC,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAErB,YAAAA,IAAAA,EAAMD,YAAAA,CAAakC,WAAAA;AAAa,SAAA,CAAA;AACxE,IAAA;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAAA,GAAuB,OAAOC,KAAAA,EAAe1B,QAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAAA,CAAOkB,EAAE,CACzBC,KAAK,CAAC,aAAA,CAAA,CACNsB,OAAO,CAAC;QAAEH,KAAAA,EAAO;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAAClB,IAAAA,EAAM;AACT,QAAA,MAAM,IAAIuC,KAAAA,CAAM,CAAC,0BAA0B,EAAEF,KAAAA,CAAAA,CAAO,CAAA;AACtD,IAAA;IAEA,IAAI;QACF,MAAMG,yBAAAA,CAAkBC,QAAQ,CAAC9B,QAAAA,CAAAA;AACnC,IAAA,CAAA,CAAE,OAAO+B,KAAAA,EAAO;AACd,QAAA,MAAM,IAAIrD,eAAAA,CACR,wGAAA,CAAA;AAEJ,IAAA;IAEA,MAAMiC,UAAAA,CAAWtB,IAAAA,CAAKuB,EAAE,EAAE;AAAEZ,QAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMc,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM3C,IAAAA,GAAQ,MAAMsC,OAAAA,CAAQK,MAAAA,CAAAA;IAC5B,IAAI,CAAC3C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM0B,cAAAA,GAAiB,MAAMlB,gBAAAA,CAAW,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAAA,CAAekB,UAAU,KAAK,CAAA,IAAKC,wBAAAA,CAAkB7C,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM8C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAAA,CAAQK,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,wBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAAA,CAAW,GAAG,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,QAAQ,CAAC;QACjE/B,QAAAA,EAAU;YACRhB,KAAAA,EAAO;gBACLiC,KAAAA,EAAO;oBACLe,IAAAA,EAAM;wBAAEC,GAAAA,EAAKhE;AAAiB;AAChC;AACF;AACF,SAAA;QACAiE,OAAAA,EAAS;YAAEC,SAAAA,EAAW;AAAM,SAAA;QAC5BC,KAAAA,EAAO,CAAA;QACPC,MAAAA,EAAQ;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAAA,CAAWzB,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOnD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAAEtB,KAAAA,EAAO9B;KAAW,CAAA,GAAM,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMqD,uBAAuB,OAC3BnD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAAA,EAAO;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAAA,EAAM;QACT,OAAO2D,SAAAA;AACT,IAAA;IAEA,OAAOlE,CAAAA,CAAEC,IAAI,CAACM,IAAAA,EAAM;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM4D,QAAAA,GAAW,OAAO,EACtBrD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMuD,YAAAA,GAAe,MAAMhE,MAAAA,CAAOkB,EAAE,CACjCC,KAAK,CAAC,aAAA,CAAA,CACNsB,OAAO,CAAC;QAAEH,KAAAA,EAAO;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACsD,YAAAA,EAAc;AACjB,QAAA,MAAM,IAAIxE,eAAAA,CAAgB,2BAAA,CAAA;AAC5B,IAAA;AAEA,IAAA,OAAOmB,iBAAW,MAAA,CAAA,CAAQc,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDZ,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BmD,QAAAA,SAAAA,EAAWxD,SAASwD,SAAS;AAC7BC,QAAAA,QAAAA,EAAUzD,SAASyD,QAAQ;QAC3BxD,iBAAAA,EAAmB,IAAA;QACnBwB,QAAAA,EAAU;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAAA,GAAW;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAAA,EAAO;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAAA,EAAO;YAAEE,KAAAA,EAAO;gBAAE4B,IAAAA,EAAM5B;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQnB,OACXuE,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,WAAAA,CAAS;QAAEpD,QAAAA,EAAU;AAAC,YAAA;AAAQ;KAAC,EAAGiD,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOtE,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM3E,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAClFH,KAAAA,EAAO;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAAA,EAAU;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAAA,EAAc;QACjB,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,IAAIA,YAAAA,EAAc;QAChB,IAAIA,YAAAA,CAAatE,KAAK,CAACuE,IAAI,CAAC,CAACC,CAAAA,GAAMA,CAAAA,CAAExB,IAAI,KAAK/D,gBAAAA,CAAAA,EAAmB;AAC/D,YAAA,MAAMuC,cAAAA,GAAiB,MAAMlB,gBAAAA,CAAW,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAA,EAAG;AACnC,gBAAA,MAAM,IAAIvD,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,YAAA;AACF,QAAA;AACF,IAAA;IAEA,MAAMsF,WAAAA,GAAc,MAAM9E,MAAAA,CAAOkB,EAAE,CAChCC,KAAK,CAAC,aAAA,CAAA,CACN4D,MAAM,CAAC;QAAEzC,KAAAA,EAAO;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMpB,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAAA,IAAkBA,cAAAA,CAAe+E,SAAS,CAAC,OAAA,CAAA,EAAU;AACvD,QAAA,MAAM/E,cAAAA,CAAe,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAAA,CAAOxD,EAAAA,CAAAA,CAAAA;AAC9D,IAAA;AAEA1B,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAErB,QAAAA,IAAAA,EAAMD,YAAAA,CAAa4E,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMvD,cAAAA,GAAiB,MAAMlB,gBAAAA,CAAW,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;IAC3E,MAAMuD,sBAAAA,GAAyB,MAAMrF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QACxEtB,KAAAA,EAAO;YACLZ,EAAAA,EAAI0D,GAAAA;YACJ/E,KAAAA,EAAO;AAAEqB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKsC,sBAAAA,EAAwB;AACxD,QAAA,MAAM,IAAI7F,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,IAAA;AAEA,IAAA,MAAM8F,eAAe,EAAE;IACvB,KAAK,MAAM5D,MAAM0D,GAAAA,CAAK;QACpB,MAAMN,WAAAA,GAAc,MAAM9E,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe4D,MAAM,CAAC;YAC9DzC,KAAAA,EAAO;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAAA,EAAU;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMpB,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAAA,IAAkBA,cAAAA,CAAe+E,SAAS,CAAC,OAAA,CAAA,EAAU;AACvD,YAAA,MAAM/E,cAAAA,CAAe,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAAA,CAAOxD,EAAAA,CAAAA,CAAAA;AAC9D,QAAA;AAEA4D,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB,IAAA;AAEA9E,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAClCgE,QAAAA,KAAAA,EAAOF,YAAAA,CAAahF,GAAG,CAAC,CAACwE,cAAgB5E,YAAAA,CAAa4E,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAAA,GAAwB,UAAA;AAC5B,IAAA,OAAOzF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAAA,EAAO;YACLjC,KAAAA,EAAO;gBACLqB,EAAAA,EAAI;oBAAEgE,KAAAA,EAAO;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOtC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMxF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,QAAQ,CAAC;QAC1DM,MAAAA,EAAQ;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAAA,EAAO;YACLjC,KAAAA,EAAO;gBAAEqB,EAAAA,EAAI;oBAAEgE,KAAAA,EAAO;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAAA,CAAMlF,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAAA,EAAO;AAAEZ,gBAAAA,EAAAA,EAAIvB,KAAKuB;AAAG,aAAA;YACrBN,IAAAA,EAAM;gBAAEf,KAAAA,EAAO;AAACuF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,IAAA,CAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAAA,GAAoC,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAA,EAAG;QACb5D,MAAAA,CAAOgG,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAAA,CAAM,sBAAsB,CAAC,CAAA;AAC9D,IAAA;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAAA,GAAoB,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMxF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,QAAQ,CAAC;QAAEM,MAAAA,EAAQ;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO8B,MAAMlF,GAAG,CAAC,CAACH,IAAAA,GAASA,IAAAA,CAAKgG,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AACA,WAAe;AACb5F,IAAAA,MAAAA;AACAkB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA7D,IAAAA,YAAAA;AACAuC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACAxD,IAAAA,oBAAAA;AACA2D,IAAAA,iBAAAA;AACAjD,IAAAA;AACF,CAAA;;;;"}
1
+ {"version":3,"file":"user.js","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ApplicationError, ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst createUserInDatabase = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n return createdUser;\n};\n\nconst emitUserCreated = (user: AdminUser) => {\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(user) });\n};\n\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const createdUser = await createUserInDatabase(attributes);\n\n emitUserCreated(createdUser);\n\n return createdUser;\n};\n\nconst createFirstAdmin = async (\n attributes: Omit<Partial<AdminUserCreationPayload>, 'registrationToken' | 'isActive' | 'roles'>\n): Promise<AdminUser> => {\n const createdUser = await strapi.db.transaction(async ({ trx }) => {\n // Serialize first-admin creation across processes by locking a stable role row.\n // SQLite ignores FOR UPDATE, but falls back to its single-writer transaction behavior.\n const superAdminRole = await strapi.db\n .queryBuilder('admin::role')\n .select(['id'])\n .where({ code: SUPER_ADMIN_CODE })\n .first()\n .transacting(trx)\n .forUpdate()\n .execute<AdminRole | undefined>();\n\n if (!superAdminRole) {\n throw new ApplicationError(\n \"Cannot register the first admin because the super admin role doesn't exist.\"\n );\n }\n\n const hasAdmin = await exists();\n\n if (hasAdmin) {\n throw new ApplicationError('You cannot register a new super admin');\n }\n\n return createUserInDatabase({\n ...attributes,\n registrationToken: null,\n isActive: true,\n roles: [superAdminRole.id],\n });\n });\n\n emitUserCreated(createdUser);\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\nexport default {\n create,\n createFirstAdmin,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ApplicationError","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","createUserInDatabase","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","create","data","populate","emitUserCreated","sendDidInviteUser","eventHub","emit","createFirstAdmin","transaction","trx","superAdminRole","queryBuilder","select","where","code","first","transacting","forUpdate","execute","hasAdmin","exists","isActive","id","updateById","lastAdminUser","isLastSuperAdminUser","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","hashedPassword","updatedUser","update","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","$eq","orderBy","createdAt","limit","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,gBAAgB,EAAEC,eAAe,EAAE,GAAGC,YAAAA;AAC9C,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,CAAAA,CAAEC,IAAI,CAACF,IAAAA,EAAM;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAAA,GAAoB,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,CAAAA,CAAEQ,IAAI,CAACD,IAAAA,EAAM;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,oBAAAA,GAAuB;AAE3BC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAAA,GAAW;QACfC,iBAAAA,EAAmBC,gBAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,CAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,UAAA,CAAA,EAAa;QACjCC,QAAAA,CAASK,QAAQ,GAAG,MAAMH,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E,IAAA;AAEA,IAAA,MAAMX,OAAOa,iBAAAA,CAAWP,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAAA,CAAOkB,EAAE,CAChCC,KAAK,CAAC,aAAA,CAAA,CACNC,MAAM,CAAC;QAAEC,IAAAA,EAAMlB,IAAAA;QAAMmB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;IAE5C,OAAOL,WAAAA;AACT,CAAA;AAEA,MAAMM,kBAAkB,CAACpB,IAAAA,GAAAA;AACvBQ,IAAAA,gBAAAA,CAAW,WAAWa,iBAAiB,EAAA;AAEvCxB,IAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEvB,QAAAA,IAAAA,EAAMD,YAAAA,CAAaC,IAAAA;AAAM,KAAA,CAAA;AACjE,CAAA;AAEA,MAAMiB,MAAAA,GAAS;AAEbZ,UAAAA,GAAAA;IAEA,MAAMS,WAAAA,GAAc,MAAMV,oBAAAA,CAAqBC,UAAAA,CAAAA;IAE/Ce,eAAAA,CAAgBN,WAAAA,CAAAA;IAEhB,OAAOA,WAAAA;AACT,CAAA;AAEA,MAAMU,mBAAmB,OACvBnB,UAAAA,GAAAA;IAEA,MAAMS,WAAAA,GAAc,MAAMjB,MAAAA,CAAOkB,EAAE,CAACU,WAAW,CAAC,OAAO,EAAEC,GAAG,EAAE,GAAA;;;QAG5D,MAAMC,cAAAA,GAAiB,MAAM9B,MAAAA,CAAOkB,EAAE,CACnCa,YAAY,CAAC,aAAA,CAAA,CACbC,MAAM,CAAC;AAAC,YAAA;AAAK,SAAA,CAAA,CACbC,KAAK,CAAC;YAAEC,IAAAA,EAAM7C;AAAiB,SAAA,CAAA,CAC/B8C,KAAK,EAAA,CACLC,WAAW,CAACP,GAAAA,CAAAA,CACZQ,SAAS,GACTC,OAAO,EAAA;AAEV,QAAA,IAAI,CAACR,cAAAA,EAAgB;AACnB,YAAA,MAAM,IAAIvC,gBAAAA,CACR,6EAAA,CAAA;AAEJ,QAAA;AAEA,QAAA,MAAMgD,WAAW,MAAMC,MAAAA,EAAAA;AAEvB,QAAA,IAAID,QAAAA,EAAU;AACZ,YAAA,MAAM,IAAIhD,gBAAAA,CAAiB,uCAAA,CAAA;AAC7B,QAAA;AAEA,QAAA,OAAOgB,oBAAAA,CAAqB;AAC1B,YAAA,GAAGC,UAAU;YACbE,iBAAAA,EAAmB,IAAA;YACnB+B,QAAAA,EAAU,IAAA;YACVpC,KAAAA,EAAO;AAACyB,gBAAAA,cAAAA,CAAeY;AAAG;AAC5B,SAAA,CAAA;AACF,IAAA,CAAA,CAAA;IAEAnB,eAAAA,CAAgBN,WAAAA,CAAAA;IAEhB,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAM0B,UAAAA,GAAa,OACjBD,EAAAA,EACAlC,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,CAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,OAAA,CAAA,EAAU;QAC9B,MAAMoC,aAAAA,GAAgB,MAAMC,oBAAAA,CAAqBH,EAAAA,CAAAA;AACjD,QAAA,MAAMZ,cAAAA,GAAiB,MAAMnB,gBAAAA,CAAW,MAAA,CAAA,CAAQmC,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,YAAAA,CAAOC,cAAc,CAACzC,UAAAA,CAAWH,KAAK,EAAGyB,cAAAA,CAAeY,EAAE,CAAA;AAE5F,QAAA,IAAIE,iBAAiBG,wBAAAA,EAA0B;AAC7C,YAAA,MAAM,IAAIvD,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,QAAA;AACF,IAAA;;IAGA,IAAIgB,UAAAA,CAAWiC,QAAQ,KAAK,KAAA,EAAO;QACjC,MAAMG,aAAAA,GAAgB,MAAMC,oBAAAA,CAAqBH,EAAAA,CAAAA;AACjD,QAAA,IAAIE,aAAAA,EAAe;AACjB,YAAA,MAAM,IAAIpD,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,QAAA;AACF,IAAA;;AAGA,IAAA,IAAII,CAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,UAAA,CAAA,EAAa;AACjC,QAAA,MAAM0C,iBAAiB,MAAMvC,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMqC,WAAAA,GAAc,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,MAAM,CAAC;YAC9DnB,KAAAA,EAAO;AAAES,gBAAAA;AAAG,aAAA;YACZrB,IAAAA,EAAM;AACJ,gBAAA,GAAGb,UAAU;gBACbM,QAAAA,EAAUoC;AACZ,aAAA;YACA5B,QAAAA,EAAU;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEAtB,QAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEvB,YAAAA,IAAAA,EAAMD,YAAAA,CAAaiD,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT,IAAA;IAEA,MAAMA,WAAAA,GAAc,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,MAAM,CAAC;QAC9DnB,KAAAA,EAAO;AAAES,YAAAA;AAAG,SAAA;QACZrB,IAAAA,EAAMb,UAAAA;QACNc,QAAAA,EAAU;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI6B,WAAAA,EAAa;AACfnD,QAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEvB,YAAAA,IAAAA,EAAMD,YAAAA,CAAaiD,WAAAA;AAAa,SAAA,CAAA;AACxE,IAAA;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAME,oBAAAA,GAAuB,OAAOC,KAAAA,EAAexC,QAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAAA,CAAOkB,EAAE,CACzBC,KAAK,CAAC,aAAA,CAAA,CACNoC,OAAO,CAAC;QAAEtB,KAAAA,EAAO;AAAEqB,YAAAA;AAAM,SAAA;QAAGhC,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAACnB,IAAAA,EAAM;AACT,QAAA,MAAM,IAAIqD,KAAAA,CAAM,CAAC,0BAA0B,EAAEF,KAAAA,CAAAA,CAAO,CAAA;AACtD,IAAA;IAEA,IAAI;QACF,MAAMG,yBAAAA,CAAkBC,QAAQ,CAAC5C,QAAAA,CAAAA;AACnC,IAAA,CAAA,CAAE,OAAO6C,KAAAA,EAAO;AACd,QAAA,MAAM,IAAInE,eAAAA,CACR,wGAAA,CAAA;AAEJ,IAAA;IAEA,MAAMmD,UAAAA,CAAWxC,IAAAA,CAAKuC,EAAE,EAAE;AAAE5B,QAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAM+B,uBAAuB,OAAOe,MAAAA,GAAAA;IAClC,MAAMzD,IAAAA,GAAQ,MAAMoD,OAAAA,CAAQK,MAAAA,CAAAA;IAC5B,IAAI,CAACzD,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM2B,cAAAA,GAAiB,MAAMnB,gBAAAA,CAAW,MAAA,CAAA,CAAQmC,2BAA2B,EAAA;AAE3E,IAAA,OAAOhB,cAAAA,CAAe+B,UAAU,KAAK,CAAA,IAAKC,wBAAAA,CAAkB3D,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM4D,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAAA,CAAQK,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,wBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAAA,CAAW,GAAG,MAAMjE,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe+C,QAAQ,CAAC;QACjE5C,QAAAA,EAAU;YACRjB,KAAAA,EAAO;gBACL4B,KAAAA,EAAO;oBACLC,IAAAA,EAAM;wBAAEiC,GAAAA,EAAK9E;AAAiB;AAChC;AACF;AACF,SAAA;QACA+E,OAAAA,EAAS;YAAEC,SAAAA,EAAW;AAAM,SAAA;QAC5BC,KAAAA,EAAO,CAAA;QACPtC,MAAAA,EAAQ;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOiC,UAAAA,CAAWvB,EAAE,KAAKsB,WAAAA,CAAYtB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMF,MAAAA,GAAS,OAAOhC,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoD,KAAK,CAAC;QAAEtC,KAAAA,EAAOzB;KAAW,CAAA,GAAM,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMgE,uBAAuB,OAC3B9D,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoC,OAAO,CAAC;QAAEtB,KAAAA,EAAO;AAAEvB,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAAA,EAAM;QACT,OAAOsE,SAAAA;AACT,IAAA;IAEA,OAAO7E,CAAAA,CAAEC,IAAI,CAACM,IAAAA,EAAM;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAMuE,QAAAA,GAAW,OAAO,EACtBhE,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMkE,YAAAA,GAAe,MAAM3E,MAAAA,CAAOkB,EAAE,CACjCC,KAAK,CAAC,aAAA,CAAA,CACNoC,OAAO,CAAC;QAAEtB,KAAAA,EAAO;AAAEvB,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACiE,YAAAA,EAAc;AACjB,QAAA,MAAM,IAAInF,eAAAA,CAAgB,2BAAA,CAAA;AAC5B,IAAA;AAEA,IAAA,OAAOmB,iBAAW,MAAA,CAAA,CAAQgC,UAAU,CAACgC,YAAAA,CAAajC,EAAE,EAAE;AACpD5B,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3B8D,QAAAA,SAAAA,EAAWnE,SAASmE,SAAS;AAC7BC,QAAAA,QAAAA,EAAUpE,SAASoE,QAAQ;QAC3BnE,iBAAAA,EAAmB,IAAA;QACnB+B,QAAAA,EAAU;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMc,OAAAA,GAAU,OAAOb,EAAAA,EAAapB,QAAAA,GAAW;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOtB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoC,OAAO,CAAC;QAAEtB,KAAAA,EAAO;AAAES,YAAAA;AAAG,SAAA;AAAGpB,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAMwD,cAAAA,GAAiB,OAAOxB,KAAAA,EAAehC,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOtB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoC,OAAO,CAAC;QAC5CtB,KAAAA,EAAO;YAAEqB,KAAAA,EAAO;gBAAEyB,IAAAA,EAAMzB;AAAM;AAAE,SAAA;AAChChC,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAM0D,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAM9D,KAAAA,GAAQnB,OACXkF,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,WAAAA,CAAS;QAAE9D,QAAAA,EAAU;AAAC,YAAA;AAAQ;KAAC,EAAG2D,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOjF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe6D,QAAQ,CAAC7D,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMkE,aAAa,OAAO3C,EAAAA,GAAAA;;IAExB,MAAM4C,YAAAA,GAAiC,MAAMtF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoC,OAAO,CAAC;QAClFtB,KAAAA,EAAO;AAAES,YAAAA;AAAG,SAAA;QACZpB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACgE,YAAAA,EAAc;QACjB,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,IAAIA,YAAAA,EAAc;QAChB,IAAIA,YAAAA,CAAajF,KAAK,CAACkF,IAAI,CAAC,CAACC,CAAAA,GAAMA,CAAAA,CAAEtD,IAAI,KAAK7C,gBAAAA,CAAAA,EAAmB;AAC/D,YAAA,MAAMyC,cAAAA,GAAiB,MAAMnB,gBAAAA,CAAW,MAAA,CAAA,CAAQmC,2BAA2B,EAAA;YAC3E,IAAIhB,cAAAA,CAAe+B,UAAU,KAAK,CAAA,EAAG;AACnC,gBAAA,MAAM,IAAIrE,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,YAAA;AACF,QAAA;AACF,IAAA;IAEA,MAAMiG,WAAAA,GAAc,MAAMzF,MAAAA,CAAOkB,EAAE,CAChCC,KAAK,CAAC,aAAA,CAAA,CACNuE,MAAM,CAAC;QAAEzD,KAAAA,EAAO;AAAES,YAAAA;AAAG,SAAA;QAAGpB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMrB,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAAA,IAAkBA,cAAAA,CAAe0F,SAAS,CAAC,OAAA,CAAA,EAAU;AACvD,QAAA,MAAM1F,cAAAA,CAAe,OAAA,CAAA,CAAS2F,sBAAsB,CAACC,MAAAA,CAAOnD,EAAAA,CAAAA,CAAAA;AAC9D,IAAA;AAEA1C,IAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEvB,QAAAA,IAAAA,EAAMD,YAAAA,CAAauF,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMjE,cAAAA,GAAiB,MAAMnB,gBAAAA,CAAW,MAAA,CAAA,CAAQmC,2BAA2B,EAAA;IAC3E,MAAMkD,sBAAAA,GAAyB,MAAMhG,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoD,KAAK,CAAC;QACxEtC,KAAAA,EAAO;YACLS,EAAAA,EAAIqD,GAAAA;YACJ1F,KAAAA,EAAO;AAAEqC,gBAAAA,EAAAA,EAAIZ,eAAeY;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIZ,cAAAA,CAAe+B,UAAU,KAAKmC,sBAAAA,EAAwB;AACxD,QAAA,MAAM,IAAIxG,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,IAAA;AAEA,IAAA,MAAMyG,eAAe,EAAE;IACvB,KAAK,MAAMvD,MAAMqD,GAAAA,CAAK;QACpB,MAAMN,WAAAA,GAAc,MAAMzF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeuE,MAAM,CAAC;YAC9DzD,KAAAA,EAAO;AAAES,gBAAAA;AAAG,aAAA;YACZpB,QAAAA,EAAU;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMrB,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAAA,IAAkBA,cAAAA,CAAe0F,SAAS,CAAC,OAAA,CAAA,EAAU;AACvD,YAAA,MAAM1F,cAAAA,CAAe,OAAA,CAAA,CAAS2F,sBAAsB,CAACC,MAAAA,CAAOnD,EAAAA,CAAAA,CAAAA;AAC9D,QAAA;AAEAuD,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB,IAAA;AAEAzF,IAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAClCyE,QAAAA,KAAAA,EAAOF,YAAAA,CAAa3F,GAAG,CAAC,CAACmF,cAAgBvF,YAAAA,CAAauF,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAAA,GAAwB,UAAA;AAC5B,IAAA,OAAOpG,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoD,KAAK,CAAC;QAC1CtC,KAAAA,EAAO;YACL5B,KAAAA,EAAO;gBACLqC,EAAAA,EAAI;oBAAE2D,KAAAA,EAAO;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtC,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOjC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoD,KAAK,CAAC;AAAEtC,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqE,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMnG,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe+C,QAAQ,CAAC;QAC1DlC,MAAAA,EAAQ;AAAC,YAAA;AAAK,SAAA;QACdC,KAAAA,EAAO;YACL5B,KAAAA,EAAO;gBAAEqC,EAAAA,EAAI;oBAAE2D,KAAAA,EAAO;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAAA,CAAM7F,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,MAAM,CAAC;YAC3CnB,KAAAA,EAAO;AAAES,gBAAAA,EAAAA,EAAIvC,KAAKuC;AAAG,aAAA;YACrBrB,IAAAA,EAAM;gBAAEhB,KAAAA,EAAO;AAACkG,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,IAAA,CAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAAA,GAAoC,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAA,EAAG;QACbvE,MAAAA,CAAO2G,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAAA,CAAM,sBAAsB,CAAC,CAAA;AAC9D,IAAA;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAAA,GAAoB,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMnG,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe+C,QAAQ,CAAC;QAAElC,MAAAA,EAAQ;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAOmE,MAAM7F,GAAG,CAAC,CAACH,IAAAA,GAASA,IAAAA,CAAK2G,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AACA,WAAe;AACb1F,IAAAA,MAAAA;AACAO,IAAAA,gBAAAA;AACAgB,IAAAA,UAAAA;AACAH,IAAAA,MAAAA;AACAgC,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACAxE,IAAAA,YAAAA;AACAqD,IAAAA,OAAAA;AACAuB,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACArD,IAAAA,oBAAAA;AACAwD,IAAAA,iBAAAA;AACA9C,IAAAA;AACF,CAAA;;;;"}
package/dist/server/server/src/services/user.mjs CHANGED
@@ -7,7 +7,7 @@ import { getService } from '../utils/index.mjs';
7
7
  import constants from './constants.mjs';
8
8
 
9
9
  const { SUPER_ADMIN_CODE } = constants;
10
- const { ValidationError } = errors;
10
+ const { ApplicationError, ValidationError } = errors;
11
11
  const sanitizeUserRoles = (role)=>___default.pick(role, [
12
12
  'id',
13
13
  'name',
@@ -35,7 +35,7 @@ const getSessionManager = ()=>{
35
35
  /**
36
36
  * Create and save a user in database
37
37
  * @param attributes A partial user object
38
- */ const create = async (// isActive is added in the controller, it's not sent by the API.
38
+ */ const createUserInDatabase = async (// isActive is added in the controller, it's not sent by the API.
39
39
  attributes)=>{
40
40
  const userInfo = {
41
41
  registrationToken: getService('token').createToken(),
@@ -51,10 +51,46 @@ attributes)=>{
51
51
  'roles'
52
52
  ]
53
53
  });
54
+ return createdUser;
55
+ };
56
+ const emitUserCreated = (user)=>{
54
57
  getService('metrics').sendDidInviteUser();
55
58
  strapi.eventHub.emit('user.create', {
56
- user: sanitizeUser(createdUser)
59
+ user: sanitizeUser(user)
60
+ });
61
+ };
62
+ const create = async (// isActive is added in the controller, it's not sent by the API.
63
+ attributes)=>{
64
+ const createdUser = await createUserInDatabase(attributes);
65
+ emitUserCreated(createdUser);
66
+ return createdUser;
67
+ };
68
+ const createFirstAdmin = async (attributes)=>{
69
+ const createdUser = await strapi.db.transaction(async ({ trx })=>{
70
+ // Serialize first-admin creation across processes by locking a stable role row.
71
+ // SQLite ignores FOR UPDATE, but falls back to its single-writer transaction behavior.
72
+ const superAdminRole = await strapi.db.queryBuilder('admin::role').select([
73
+ 'id'
74
+ ]).where({
75
+ code: SUPER_ADMIN_CODE
76
+ }).first().transacting(trx).forUpdate().execute();
77
+ if (!superAdminRole) {
78
+ throw new ApplicationError("Cannot register the first admin because the super admin role doesn't exist.");
79
+ }
80
+ const hasAdmin = await exists();
81
+ if (hasAdmin) {
82
+ throw new ApplicationError('You cannot register a new super admin');
83
+ }
84
+ return createUserInDatabase({
85
+ ...attributes,
86
+ registrationToken: null,
87
+ isActive: true,
88
+ roles: [
89
+ superAdminRole.id
90
+ ]
91
+ });
57
92
  });
93
+ emitUserCreated(createdUser);
58
94
  return createdUser;
59
95
  };
60
96
  /**
@@ -405,6 +441,7 @@ attributes)=>{
405
441
  };
406
442
  var user = {
407
443
  create,
444
+ createFirstAdmin,
408
445
  updateById,
409
446
  exists,
410
447
  findRegistrationInfo,
package/dist/server/server/src/services/user.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.mjs","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,MAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,UAAAA,CAAEC,IAAI,CAACF,IAAAA,EAAM;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAAA,GAAoB,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,UAAAA,CAAEQ,IAAI,CAACD,IAAAA,EAAM;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,MAAAA,GAAS;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAAA,GAAW;QACfC,iBAAAA,EAAmBC,UAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,UAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,UAAA,CAAA,EAAa;QACjCC,QAAAA,CAASK,QAAQ,GAAG,MAAMH,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E,IAAA;AAEA,IAAA,MAAMX,OAAOa,UAAAA,CAAWP,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAAA,CAAOkB,EAAE,CAChCC,KAAK,CAAC,aAAA,CAAA,CACNZ,MAAM,CAAC;QAAEa,IAAAA,EAAMjB,IAAAA;QAAMkB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CV,IAAAA,UAAAA,CAAW,WAAWW,iBAAiB,EAAA;AAEvCtB,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAErB,QAAAA,IAAAA,EAAMD,YAAAA,CAAae,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMQ,UAAAA,GAAa,OACjBC,EAAAA,EACAlB,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,UAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,OAAA,CAAA,EAAU;QAC9B,MAAMmB,aAAAA,GAAgB,MAAMC,oBAAAA,CAAqBF,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAAA,GAAiB,MAAMlB,UAAAA,CAAW,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,MAAAA,CAAOC,cAAc,CAACzB,UAAAA,CAAWH,KAAK,EAAGwB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAAAA,EAA0B;AAC7C,YAAA,MAAM,IAAIvC,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,QAAA;AACF,IAAA;;IAGA,IAAIgB,UAAAA,CAAW0B,QAAQ,KAAK,KAAA,EAAO;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAAA,CAAqBF,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAAA,EAAe;AACjB,YAAA,MAAM,IAAInC,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,QAAA;AACF,IAAA;;AAGA,IAAA,IAAII,UAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,UAAA,CAAA,EAAa;AACjC,QAAA,MAAM2B,iBAAiB,MAAMxB,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMsB,WAAAA,GAAc,MAAMpC,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC9DC,KAAAA,EAAO;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAAA,EAAM;AACJ,gBAAA,GAAGZ,UAAU;gBACbM,QAAAA,EAAUqB;AACZ,aAAA;YACAd,QAAAA,EAAU;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEArB,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAErB,YAAAA,IAAAA,EAAMD,YAAAA,CAAakC,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT,IAAA;IAEA,MAAMA,WAAAA,GAAc,MAAMpC,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;QAC9DC,KAAAA,EAAO;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAAA,EAAMZ,UAAAA;QACNa,QAAAA,EAAU;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAAA,EAAa;AACfpC,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAErB,YAAAA,IAAAA,EAAMD,YAAAA,CAAakC,WAAAA;AAAa,SAAA,CAAA;AACxE,IAAA;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAAA,GAAuB,OAAOC,KAAAA,EAAe1B,UAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAAA,CAAOkB,EAAE,CACzBC,KAAK,CAAC,aAAA,CAAA,CACNsB,OAAO,CAAC;QAAEH,KAAAA,EAAO;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAAClB,IAAAA,EAAM;AACT,QAAA,MAAM,IAAIuC,KAAAA,CAAM,CAAC,0BAA0B,EAAEF,KAAAA,CAAAA,CAAO,CAAA;AACtD,IAAA;IAEA,IAAI;QACF,MAAMG,QAAAA,CAAkBC,QAAQ,CAAC9B,UAAAA,CAAAA;AACnC,IAAA,CAAA,CAAE,OAAO+B,KAAAA,EAAO;AACd,QAAA,MAAM,IAAIrD,eAAAA,CACR,wGAAA,CAAA;AAEJ,IAAA;IAEA,MAAMiC,UAAAA,CAAWtB,IAAAA,CAAKuB,EAAE,EAAE;AAAEZ,kBAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMc,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM3C,IAAAA,GAAQ,MAAMsC,OAAAA,CAAQK,MAAAA,CAAAA;IAC5B,IAAI,CAAC3C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM0B,cAAAA,GAAiB,MAAMlB,UAAAA,CAAW,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAAA,CAAekB,UAAU,KAAK,CAAA,IAAKC,iBAAAA,CAAkB7C,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM8C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAAA,CAAQK,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,iBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAAA,CAAW,GAAG,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,QAAQ,CAAC;QACjE/B,QAAAA,EAAU;YACRhB,KAAAA,EAAO;gBACLiC,KAAAA,EAAO;oBACLe,IAAAA,EAAM;wBAAEC,GAAAA,EAAKhE;AAAiB;AAChC;AACF;AACF,SAAA;QACAiE,OAAAA,EAAS;YAAEC,SAAAA,EAAW;AAAM,SAAA;QAC5BC,KAAAA,EAAO,CAAA;QACPC,MAAAA,EAAQ;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAAA,CAAWzB,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOnD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAAEtB,KAAAA,EAAO9B;KAAW,CAAA,GAAM,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMqD,uBAAuB,OAC3BnD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAAA,EAAO;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAAA,EAAM;QACT,OAAO2D,SAAAA;AACT,IAAA;IAEA,OAAOlE,UAAAA,CAAEC,IAAI,CAACM,IAAAA,EAAM;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM4D,QAAAA,GAAW,OAAO,EACtBrD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMuD,YAAAA,GAAe,MAAMhE,MAAAA,CAAOkB,EAAE,CACjCC,KAAK,CAAC,aAAA,CAAA,CACNsB,OAAO,CAAC;QAAEH,KAAAA,EAAO;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACsD,YAAAA,EAAc;AACjB,QAAA,MAAM,IAAIxE,eAAAA,CAAgB,2BAAA,CAAA;AAC5B,IAAA;AAEA,IAAA,OAAOmB,WAAW,MAAA,CAAA,CAAQc,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDZ,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BmD,QAAAA,SAAAA,EAAWxD,SAASwD,SAAS;AAC7BC,QAAAA,QAAAA,EAAUzD,SAASyD,QAAQ;QAC3BxD,iBAAAA,EAAmB,IAAA;QACnBwB,QAAAA,EAAU;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAAA,GAAW;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAAA,EAAO;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAAA,EAAO;YAAEE,KAAAA,EAAO;gBAAE4B,IAAAA,EAAM5B;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQnB,OACXuE,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,QAAAA,CAAS;QAAEpD,QAAAA,EAAU;AAAC,YAAA;AAAQ;KAAC,EAAGiD,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOtE,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM3E,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAClFH,KAAAA,EAAO;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAAA,EAAU;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAAA,EAAc;QACjB,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,IAAIA,YAAAA,EAAc;QAChB,IAAIA,YAAAA,CAAatE,KAAK,CAACuE,IAAI,CAAC,CAACC,CAAAA,GAAMA,CAAAA,CAAExB,IAAI,KAAK/D,gBAAAA,CAAAA,EAAmB;AAC/D,YAAA,MAAMuC,cAAAA,GAAiB,MAAMlB,UAAAA,CAAW,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAA,EAAG;AACnC,gBAAA,MAAM,IAAIvD,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,YAAA;AACF,QAAA;AACF,IAAA;IAEA,MAAMsF,WAAAA,GAAc,MAAM9E,MAAAA,CAAOkB,EAAE,CAChCC,KAAK,CAAC,aAAA,CAAA,CACN4D,MAAM,CAAC;QAAEzC,KAAAA,EAAO;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMpB,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAAA,IAAkBA,cAAAA,CAAe+E,SAAS,CAAC,OAAA,CAAA,EAAU;AACvD,QAAA,MAAM/E,cAAAA,CAAe,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAAA,CAAOxD,EAAAA,CAAAA,CAAAA;AAC9D,IAAA;AAEA1B,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAErB,QAAAA,IAAAA,EAAMD,YAAAA,CAAa4E,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMvD,cAAAA,GAAiB,MAAMlB,UAAAA,CAAW,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;IAC3E,MAAMuD,sBAAAA,GAAyB,MAAMrF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QACxEtB,KAAAA,EAAO;YACLZ,EAAAA,EAAI0D,GAAAA;YACJ/E,KAAAA,EAAO;AAAEqB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKsC,sBAAAA,EAAwB;AACxD,QAAA,MAAM,IAAI7F,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,IAAA;AAEA,IAAA,MAAM8F,eAAe,EAAE;IACvB,KAAK,MAAM5D,MAAM0D,GAAAA,CAAK;QACpB,MAAMN,WAAAA,GAAc,MAAM9E,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe4D,MAAM,CAAC;YAC9DzC,KAAAA,EAAO;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAAA,EAAU;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMpB,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAAA,IAAkBA,cAAAA,CAAe+E,SAAS,CAAC,OAAA,CAAA,EAAU;AACvD,YAAA,MAAM/E,cAAAA,CAAe,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAAA,CAAOxD,EAAAA,CAAAA,CAAAA;AAC9D,QAAA;AAEA4D,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB,IAAA;AAEA9E,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAClCgE,QAAAA,KAAAA,EAAOF,YAAAA,CAAahF,GAAG,CAAC,CAACwE,cAAgB5E,YAAAA,CAAa4E,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAAA,GAAwB,UAAA;AAC5B,IAAA,OAAOzF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAAA,EAAO;YACLjC,KAAAA,EAAO;gBACLqB,EAAAA,EAAI;oBAAEgE,KAAAA,EAAO;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOtC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMxF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,QAAQ,CAAC;QAC1DM,MAAAA,EAAQ;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAAA,EAAO;YACLjC,KAAAA,EAAO;gBAAEqB,EAAAA,EAAI;oBAAEgE,KAAAA,EAAO;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAAA,CAAMlF,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAAA,EAAO;AAAEZ,gBAAAA,EAAAA,EAAIvB,KAAKuB;AAAG,aAAA;YACrBN,IAAAA,EAAM;gBAAEf,KAAAA,EAAO;AAACuF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,IAAA,CAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAAA,GAAoC,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAA,EAAG;QACb5D,MAAAA,CAAOgG,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAAA,CAAM,sBAAsB,CAAC,CAAA;AAC9D,IAAA;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAAA,GAAoB,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMxF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,QAAQ,CAAC;QAAEM,MAAAA,EAAQ;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO8B,MAAMlF,GAAG,CAAC,CAACH,IAAAA,GAASA,IAAAA,CAAKgG,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AACA,WAAe;AACb5F,IAAAA,MAAAA;AACAkB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA7D,IAAAA,YAAAA;AACAuC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACAxD,IAAAA,oBAAAA;AACA2D,IAAAA,iBAAAA;AACAjD,IAAAA;AACF,CAAA;;;;"}
1
+ {"version":3,"file":"user.mjs","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ApplicationError, ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst createUserInDatabase = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n return createdUser;\n};\n\nconst emitUserCreated = (user: AdminUser) => {\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(user) });\n};\n\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const createdUser = await createUserInDatabase(attributes);\n\n emitUserCreated(createdUser);\n\n return createdUser;\n};\n\nconst createFirstAdmin = async (\n attributes: Omit<Partial<AdminUserCreationPayload>, 'registrationToken' | 'isActive' | 'roles'>\n): Promise<AdminUser> => {\n const createdUser = await strapi.db.transaction(async ({ trx }) => {\n // Serialize first-admin creation across processes by locking a stable role row.\n // SQLite ignores FOR UPDATE, but falls back to its single-writer transaction behavior.\n const superAdminRole = await strapi.db\n .queryBuilder('admin::role')\n .select(['id'])\n .where({ code: SUPER_ADMIN_CODE })\n .first()\n .transacting(trx)\n .forUpdate()\n .execute<AdminRole | undefined>();\n\n if (!superAdminRole) {\n throw new ApplicationError(\n \"Cannot register the first admin because the super admin role doesn't exist.\"\n );\n }\n\n const hasAdmin = await exists();\n\n if (hasAdmin) {\n throw new ApplicationError('You cannot register a new super admin');\n }\n\n return createUserInDatabase({\n ...attributes,\n registrationToken: null,\n isActive: true,\n roles: [superAdminRole.id],\n });\n });\n\n emitUserCreated(createdUser);\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\nexport default {\n create,\n createFirstAdmin,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ApplicationError","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","createUserInDatabase","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","create","data","populate","emitUserCreated","sendDidInviteUser","eventHub","emit","createFirstAdmin","transaction","trx","superAdminRole","queryBuilder","select","where","code","first","transacting","forUpdate","execute","hasAdmin","exists","isActive","id","updateById","lastAdminUser","isLastSuperAdminUser","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","hashedPassword","updatedUser","update","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","$eq","orderBy","createdAt","limit","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,gBAAgB,EAAEC,eAAe,EAAE,GAAGC,MAAAA;AAC9C,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,UAAAA,CAAEC,IAAI,CAACF,IAAAA,EAAM;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAAA,GAAoB,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,UAAAA,CAAEQ,IAAI,CAACD,IAAAA,EAAM;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,oBAAAA,GAAuB;AAE3BC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAAA,GAAW;QACfC,iBAAAA,EAAmBC,UAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,UAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,UAAA,CAAA,EAAa;QACjCC,QAAAA,CAASK,QAAQ,GAAG,MAAMH,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E,IAAA;AAEA,IAAA,MAAMX,OAAOa,UAAAA,CAAWP,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAAA,CAAOkB,EAAE,CAChCC,KAAK,CAAC,aAAA,CAAA,CACNC,MAAM,CAAC;QAAEC,IAAAA,EAAMlB,IAAAA;QAAMmB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;IAE5C,OAAOL,WAAAA;AACT,CAAA;AAEA,MAAMM,kBAAkB,CAACpB,IAAAA,GAAAA;AACvBQ,IAAAA,UAAAA,CAAW,WAAWa,iBAAiB,EAAA;AAEvCxB,IAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEvB,QAAAA,IAAAA,EAAMD,YAAAA,CAAaC,IAAAA;AAAM,KAAA,CAAA;AACjE,CAAA;AAEA,MAAMiB,MAAAA,GAAS;AAEbZ,UAAAA,GAAAA;IAEA,MAAMS,WAAAA,GAAc,MAAMV,oBAAAA,CAAqBC,UAAAA,CAAAA;IAE/Ce,eAAAA,CAAgBN,WAAAA,CAAAA;IAEhB,OAAOA,WAAAA;AACT,CAAA;AAEA,MAAMU,mBAAmB,OACvBnB,UAAAA,GAAAA;IAEA,MAAMS,WAAAA,GAAc,MAAMjB,MAAAA,CAAOkB,EAAE,CAACU,WAAW,CAAC,OAAO,EAAEC,GAAG,EAAE,GAAA;;;QAG5D,MAAMC,cAAAA,GAAiB,MAAM9B,MAAAA,CAAOkB,EAAE,CACnCa,YAAY,CAAC,aAAA,CAAA,CACbC,MAAM,CAAC;AAAC,YAAA;AAAK,SAAA,CAAA,CACbC,KAAK,CAAC;YAAEC,IAAAA,EAAM7C;AAAiB,SAAA,CAAA,CAC/B8C,KAAK,EAAA,CACLC,WAAW,CAACP,GAAAA,CAAAA,CACZQ,SAAS,GACTC,OAAO,EAAA;AAEV,QAAA,IAAI,CAACR,cAAAA,EAAgB;AACnB,YAAA,MAAM,IAAIvC,gBAAAA,CACR,6EAAA,CAAA;AAEJ,QAAA;AAEA,QAAA,MAAMgD,WAAW,MAAMC,MAAAA,EAAAA;AAEvB,QAAA,IAAID,QAAAA,EAAU;AACZ,YAAA,MAAM,IAAIhD,gBAAAA,CAAiB,uCAAA,CAAA;AAC7B,QAAA;AAEA,QAAA,OAAOgB,oBAAAA,CAAqB;AAC1B,YAAA,GAAGC,UAAU;YACbE,iBAAAA,EAAmB,IAAA;YACnB+B,QAAAA,EAAU,IAAA;YACVpC,KAAAA,EAAO;AAACyB,gBAAAA,cAAAA,CAAeY;AAAG;AAC5B,SAAA,CAAA;AACF,IAAA,CAAA,CAAA;IAEAnB,eAAAA,CAAgBN,WAAAA,CAAAA;IAEhB,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAM0B,UAAAA,GAAa,OACjBD,EAAAA,EACAlC,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,UAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,OAAA,CAAA,EAAU;QAC9B,MAAMoC,aAAAA,GAAgB,MAAMC,oBAAAA,CAAqBH,EAAAA,CAAAA;AACjD,QAAA,MAAMZ,cAAAA,GAAiB,MAAMnB,UAAAA,CAAW,MAAA,CAAA,CAAQmC,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,MAAAA,CAAOC,cAAc,CAACzC,UAAAA,CAAWH,KAAK,EAAGyB,cAAAA,CAAeY,EAAE,CAAA;AAE5F,QAAA,IAAIE,iBAAiBG,wBAAAA,EAA0B;AAC7C,YAAA,MAAM,IAAIvD,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,QAAA;AACF,IAAA;;IAGA,IAAIgB,UAAAA,CAAWiC,QAAQ,KAAK,KAAA,EAAO;QACjC,MAAMG,aAAAA,GAAgB,MAAMC,oBAAAA,CAAqBH,EAAAA,CAAAA;AACjD,QAAA,IAAIE,aAAAA,EAAe;AACjB,YAAA,MAAM,IAAIpD,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,QAAA;AACF,IAAA;;AAGA,IAAA,IAAII,UAAAA,CAAEiB,GAAG,CAACL,UAAAA,EAAY,UAAA,CAAA,EAAa;AACjC,QAAA,MAAM0C,iBAAiB,MAAMvC,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMqC,WAAAA,GAAc,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,MAAM,CAAC;YAC9DnB,KAAAA,EAAO;AAAES,gBAAAA;AAAG,aAAA;YACZrB,IAAAA,EAAM;AACJ,gBAAA,GAAGb,UAAU;gBACbM,QAAAA,EAAUoC;AACZ,aAAA;YACA5B,QAAAA,EAAU;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEAtB,QAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEvB,YAAAA,IAAAA,EAAMD,YAAAA,CAAaiD,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT,IAAA;IAEA,MAAMA,WAAAA,GAAc,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,MAAM,CAAC;QAC9DnB,KAAAA,EAAO;AAAES,YAAAA;AAAG,SAAA;QACZrB,IAAAA,EAAMb,UAAAA;QACNc,QAAAA,EAAU;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI6B,WAAAA,EAAa;AACfnD,QAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEvB,YAAAA,IAAAA,EAAMD,YAAAA,CAAaiD,WAAAA;AAAa,SAAA,CAAA;AACxE,IAAA;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAME,oBAAAA,GAAuB,OAAOC,KAAAA,EAAexC,UAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAAA,CAAOkB,EAAE,CACzBC,KAAK,CAAC,aAAA,CAAA,CACNoC,OAAO,CAAC;QAAEtB,KAAAA,EAAO;AAAEqB,YAAAA;AAAM,SAAA;QAAGhC,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAACnB,IAAAA,EAAM;AACT,QAAA,MAAM,IAAIqD,KAAAA,CAAM,CAAC,0BAA0B,EAAEF,KAAAA,CAAAA,CAAO,CAAA;AACtD,IAAA;IAEA,IAAI;QACF,MAAMG,QAAAA,CAAkBC,QAAQ,CAAC5C,UAAAA,CAAAA;AACnC,IAAA,CAAA,CAAE,OAAO6C,KAAAA,EAAO;AACd,QAAA,MAAM,IAAInE,eAAAA,CACR,wGAAA,CAAA;AAEJ,IAAA;IAEA,MAAMmD,UAAAA,CAAWxC,IAAAA,CAAKuC,EAAE,EAAE;AAAE5B,kBAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAM+B,uBAAuB,OAAOe,MAAAA,GAAAA;IAClC,MAAMzD,IAAAA,GAAQ,MAAMoD,OAAAA,CAAQK,MAAAA,CAAAA;IAC5B,IAAI,CAACzD,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM2B,cAAAA,GAAiB,MAAMnB,UAAAA,CAAW,MAAA,CAAA,CAAQmC,2BAA2B,EAAA;AAE3E,IAAA,OAAOhB,cAAAA,CAAe+B,UAAU,KAAK,CAAA,IAAKC,iBAAAA,CAAkB3D,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM4D,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAAA,CAAQK,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,iBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAAA,CAAW,GAAG,MAAMjE,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe+C,QAAQ,CAAC;QACjE5C,QAAAA,EAAU;YACRjB,KAAAA,EAAO;gBACL4B,KAAAA,EAAO;oBACLC,IAAAA,EAAM;wBAAEiC,GAAAA,EAAK9E;AAAiB;AAChC;AACF;AACF,SAAA;QACA+E,OAAAA,EAAS;YAAEC,SAAAA,EAAW;AAAM,SAAA;QAC5BC,KAAAA,EAAO,CAAA;QACPtC,MAAAA,EAAQ;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOiC,UAAAA,CAAWvB,EAAE,KAAKsB,WAAAA,CAAYtB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMF,MAAAA,GAAS,OAAOhC,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoD,KAAK,CAAC;QAAEtC,KAAAA,EAAOzB;KAAW,CAAA,GAAM,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMgE,uBAAuB,OAC3B9D,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoC,OAAO,CAAC;QAAEtB,KAAAA,EAAO;AAAEvB,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAAA,EAAM;QACT,OAAOsE,SAAAA;AACT,IAAA;IAEA,OAAO7E,UAAAA,CAAEC,IAAI,CAACM,IAAAA,EAAM;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAMuE,QAAAA,GAAW,OAAO,EACtBhE,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMkE,YAAAA,GAAe,MAAM3E,MAAAA,CAAOkB,EAAE,CACjCC,KAAK,CAAC,aAAA,CAAA,CACNoC,OAAO,CAAC;QAAEtB,KAAAA,EAAO;AAAEvB,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACiE,YAAAA,EAAc;AACjB,QAAA,MAAM,IAAInF,eAAAA,CAAgB,2BAAA,CAAA;AAC5B,IAAA;AAEA,IAAA,OAAOmB,WAAW,MAAA,CAAA,CAAQgC,UAAU,CAACgC,YAAAA,CAAajC,EAAE,EAAE;AACpD5B,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3B8D,QAAAA,SAAAA,EAAWnE,SAASmE,SAAS;AAC7BC,QAAAA,QAAAA,EAAUpE,SAASoE,QAAQ;QAC3BnE,iBAAAA,EAAmB,IAAA;QACnB+B,QAAAA,EAAU;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMc,OAAAA,GAAU,OAAOb,EAAAA,EAAapB,QAAAA,GAAW;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOtB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoC,OAAO,CAAC;QAAEtB,KAAAA,EAAO;AAAES,YAAAA;AAAG,SAAA;AAAGpB,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAMwD,cAAAA,GAAiB,OAAOxB,KAAAA,EAAehC,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOtB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoC,OAAO,CAAC;QAC5CtB,KAAAA,EAAO;YAAEqB,KAAAA,EAAO;gBAAEyB,IAAAA,EAAMzB;AAAM;AAAE,SAAA;AAChChC,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAM0D,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAM9D,KAAAA,GAAQnB,OACXkF,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,QAAAA,CAAS;QAAE9D,QAAAA,EAAU;AAAC,YAAA;AAAQ;KAAC,EAAG2D,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOjF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe6D,QAAQ,CAAC7D,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMkE,aAAa,OAAO3C,EAAAA,GAAAA;;IAExB,MAAM4C,YAAAA,GAAiC,MAAMtF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoC,OAAO,CAAC;QAClFtB,KAAAA,EAAO;AAAES,YAAAA;AAAG,SAAA;QACZpB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACgE,YAAAA,EAAc;QACjB,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,IAAIA,YAAAA,EAAc;QAChB,IAAIA,YAAAA,CAAajF,KAAK,CAACkF,IAAI,CAAC,CAACC,CAAAA,GAAMA,CAAAA,CAAEtD,IAAI,KAAK7C,gBAAAA,CAAAA,EAAmB;AAC/D,YAAA,MAAMyC,cAAAA,GAAiB,MAAMnB,UAAAA,CAAW,MAAA,CAAA,CAAQmC,2BAA2B,EAAA;YAC3E,IAAIhB,cAAAA,CAAe+B,UAAU,KAAK,CAAA,EAAG;AACnC,gBAAA,MAAM,IAAIrE,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,YAAA;AACF,QAAA;AACF,IAAA;IAEA,MAAMiG,WAAAA,GAAc,MAAMzF,MAAAA,CAAOkB,EAAE,CAChCC,KAAK,CAAC,aAAA,CAAA,CACNuE,MAAM,CAAC;QAAEzD,KAAAA,EAAO;AAAES,YAAAA;AAAG,SAAA;QAAGpB,QAAAA,EAAU;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMrB,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAAA,IAAkBA,cAAAA,CAAe0F,SAAS,CAAC,OAAA,CAAA,EAAU;AACvD,QAAA,MAAM1F,cAAAA,CAAe,OAAA,CAAA,CAAS2F,sBAAsB,CAACC,MAAAA,CAAOnD,EAAAA,CAAAA,CAAAA;AAC9D,IAAA;AAEA1C,IAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEvB,QAAAA,IAAAA,EAAMD,YAAAA,CAAauF,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMjE,cAAAA,GAAiB,MAAMnB,UAAAA,CAAW,MAAA,CAAA,CAAQmC,2BAA2B,EAAA;IAC3E,MAAMkD,sBAAAA,GAAyB,MAAMhG,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoD,KAAK,CAAC;QACxEtC,KAAAA,EAAO;YACLS,EAAAA,EAAIqD,GAAAA;YACJ1F,KAAAA,EAAO;AAAEqC,gBAAAA,EAAAA,EAAIZ,eAAeY;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIZ,cAAAA,CAAe+B,UAAU,KAAKmC,sBAAAA,EAAwB;AACxD,QAAA,MAAM,IAAIxG,eAAAA,CAAgB,wDAAA,CAAA;AAC5B,IAAA;AAEA,IAAA,MAAMyG,eAAe,EAAE;IACvB,KAAK,MAAMvD,MAAMqD,GAAAA,CAAK;QACpB,MAAMN,WAAAA,GAAc,MAAMzF,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeuE,MAAM,CAAC;YAC9DzD,KAAAA,EAAO;AAAES,gBAAAA;AAAG,aAAA;YACZpB,QAAAA,EAAU;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMrB,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAAA,IAAkBA,cAAAA,CAAe0F,SAAS,CAAC,OAAA,CAAA,EAAU;AACvD,YAAA,MAAM1F,cAAAA,CAAe,OAAA,CAAA,CAAS2F,sBAAsB,CAACC,MAAAA,CAAOnD,EAAAA,CAAAA,CAAAA;AAC9D,QAAA;AAEAuD,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB,IAAA;AAEAzF,IAAAA,MAAAA,CAAOyB,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAClCyE,QAAAA,KAAAA,EAAOF,YAAAA,CAAa3F,GAAG,CAAC,CAACmF,cAAgBvF,YAAAA,CAAauF,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAAA,GAAwB,UAAA;AAC5B,IAAA,OAAOpG,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoD,KAAK,CAAC;QAC1CtC,KAAAA,EAAO;YACL5B,KAAAA,EAAO;gBACLqC,EAAAA,EAAI;oBAAE2D,KAAAA,EAAO;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtC,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOjC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeoD,KAAK,CAAC;AAAEtC,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqE,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMnG,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe+C,QAAQ,CAAC;QAC1DlC,MAAAA,EAAQ;AAAC,YAAA;AAAK,SAAA;QACdC,KAAAA,EAAO;YACL5B,KAAAA,EAAO;gBAAEqC,EAAAA,EAAI;oBAAE2D,KAAAA,EAAO;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAAA,CAAM7F,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeiC,MAAM,CAAC;YAC3CnB,KAAAA,EAAO;AAAES,gBAAAA,EAAAA,EAAIvC,KAAKuC;AAAG,aAAA;YACrBrB,IAAAA,EAAM;gBAAEhB,KAAAA,EAAO;AAACkG,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,IAAA,CAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAAA,GAAoC,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAA,EAAG;QACbvE,MAAAA,CAAO2G,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAAA,CAAM,sBAAsB,CAAC,CAAA;AAC9D,IAAA;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAAA,GAAoB,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMnG,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAe+C,QAAQ,CAAC;QAAElC,MAAAA,EAAQ;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAOmE,MAAM7F,GAAG,CAAC,CAACH,IAAAA,GAASA,IAAAA,CAAK2G,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AACA,WAAe;AACb1F,IAAAA,MAAAA;AACAO,IAAAA,gBAAAA;AACAgB,IAAAA,UAAAA;AACAH,IAAAA,MAAAA;AACAgC,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACAxE,IAAAA,YAAAA;AACAqD,IAAAA,OAAAA;AACAuB,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACArD,IAAAA,oBAAAA;AACAwD,IAAAA,iBAAAA;AACA9C,IAAAA;AACF,CAAA;;;;"}
package/dist/server/server/src/utils/normalize-email.js ADDED
@@ -0,0 +1,24 @@
1
+ 'use strict';
2
+
3
+ /**
4
+ * Returns a shallow copy of an admin user payload with `email` lowercased.
5
+ *
6
+ * Admin email uniqueness depends on values being stored canonically lowercase: `admin_users.email`
7
+ * is a plain unique index with no guaranteed case-insensitive collation across SQLite/Postgres/MySQL,
8
+ * and the strict Yup email validator rejects mixed-case input rather than normalizing it. Controllers
9
+ * must therefore lowercase the email before validation, the uniqueness check, and persistence
10
+ * (mirroring `user.create`). The `email` key is only rewritten when present, so partial updates that
11
+ * omit it are left untouched.
12
+ */ const normalizeEmail = (payload)=>{
13
+ const { email } = payload;
14
+ if (typeof email === 'string') {
15
+ return {
16
+ ...payload,
17
+ email: email.toLowerCase()
18
+ };
19
+ }
20
+ return payload;
21
+ };
22
+
23
+ exports.normalizeEmail = normalizeEmail;
24
+ //# sourceMappingURL=normalize-email.js.map
package/dist/server/server/src/utils/normalize-email.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"normalize-email.js","sources":["../../../../../server/src/utils/normalize-email.ts"],"sourcesContent":["/**\n * Returns a shallow copy of an admin user payload with `email` lowercased.\n *\n * Admin email uniqueness depends on values being stored canonically lowercase: `admin_users.email`\n * is a plain unique index with no guaranteed case-insensitive collation across SQLite/Postgres/MySQL,\n * and the strict Yup email validator rejects mixed-case input rather than normalizing it. Controllers\n * must therefore lowercase the email before validation, the uniqueness check, and persistence\n * (mirroring `user.create`). The `email` key is only rewritten when present, so partial updates that\n * omit it are left untouched.\n */\nexport const normalizeEmail = <T extends object>(payload: T): T => {\n const { email } = payload as { email?: unknown };\n\n if (typeof email === 'string') {\n return { ...payload, email: email.toLowerCase() };\n }\n\n return payload;\n};\n"],"names":["normalizeEmail","payload","email","toLowerCase"],"mappings":";;AAAA;;;;;;;;;IAUO,MAAMA,cAAAA,GAAiB,CAAmBC,OAAAA,GAAAA;IAC/C,MAAM,EAAEC,KAAK,EAAE,GAAGD,OAAAA;IAElB,IAAI,OAAOC,UAAU,QAAA,EAAU;QAC7B,OAAO;AAAE,YAAA,GAAGD,OAAO;AAAEC,YAAAA,KAAAA,EAAOA,MAAMC,WAAW;AAAG,SAAA;AAClD,IAAA;IAEA,OAAOF,OAAAA;AACT;;;;"}
package/dist/server/server/src/utils/normalize-email.mjs ADDED
@@ -0,0 +1,22 @@
1
+ /**
2
+ * Returns a shallow copy of an admin user payload with `email` lowercased.
3
+ *
4
+ * Admin email uniqueness depends on values being stored canonically lowercase: `admin_users.email`
5
+ * is a plain unique index with no guaranteed case-insensitive collation across SQLite/Postgres/MySQL,
6
+ * and the strict Yup email validator rejects mixed-case input rather than normalizing it. Controllers
7
+ * must therefore lowercase the email before validation, the uniqueness check, and persistence
8
+ * (mirroring `user.create`). The `email` key is only rewritten when present, so partial updates that
9
+ * omit it are left untouched.
10
+ */ const normalizeEmail = (payload)=>{
11
+ const { email } = payload;
12
+ if (typeof email === 'string') {
13
+ return {
14
+ ...payload,
15
+ email: email.toLowerCase()
16
+ };
17
+ }
18
+ return payload;
19
+ };
20
+
21
+ export { normalizeEmail };
22
+ //# sourceMappingURL=normalize-email.mjs.map
package/dist/server/server/src/utils/normalize-email.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"normalize-email.mjs","sources":["../../../../../server/src/utils/normalize-email.ts"],"sourcesContent":["/**\n * Returns a shallow copy of an admin user payload with `email` lowercased.\n *\n * Admin email uniqueness depends on values being stored canonically lowercase: `admin_users.email`\n * is a plain unique index with no guaranteed case-insensitive collation across SQLite/Postgres/MySQL,\n * and the strict Yup email validator rejects mixed-case input rather than normalizing it. Controllers\n * must therefore lowercase the email before validation, the uniqueness check, and persistence\n * (mirroring `user.create`). The `email` key is only rewritten when present, so partial updates that\n * omit it are left untouched.\n */\nexport const normalizeEmail = <T extends object>(payload: T): T => {\n const { email } = payload as { email?: unknown };\n\n if (typeof email === 'string') {\n return { ...payload, email: email.toLowerCase() };\n }\n\n return payload;\n};\n"],"names":["normalizeEmail","payload","email","toLowerCase"],"mappings":"AAAA;;;;;;;;;IAUO,MAAMA,cAAAA,GAAiB,CAAmBC,OAAAA,GAAAA;IAC/C,MAAM,EAAEC,KAAK,EAAE,GAAGD,OAAAA;IAElB,IAAI,OAAOC,UAAU,QAAA,EAAU;QAC7B,OAAO;AAAE,YAAA,GAAGD,OAAO;AAAEC,YAAAA,KAAAA,EAAOA,MAAMC,WAAW;AAAG,SAAA;AAClD,IAAA;IAEA,OAAOF,OAAAA;AACT;;;;"}
package/dist/server/src/controllers/authenticated-user.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authenticated-user.d.ts","sourceRoot":"","sources":["../../../../server/src/controllers/authenticated-user.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;;eAShB,OAAO;kBAQJ,OAAO;2BAiCE,OAAO;;AA1CtC,wBAqDE"}
1
+ {"version":3,"file":"authenticated-user.d.ts","sourceRoot":"","sources":["../../../../server/src/controllers/authenticated-user.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;;eAUhB,OAAO;kBAQJ,OAAO;2BAoDE,OAAO;;AA7DtC,wBAwEE"}
package/dist/server/src/controllers/authentication.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authentication.d.ts","sourceRoot":"","sources":["../../../../server/src/controllers/authentication.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAQ,MAAM,KAAK,CAAC;AAGzC,OAAO,eAAe,CAAC;;;0BAiHO,OAAO;kBAcf,OAAO;uBA8CF,OAAO;wBAmEN,OAAO;uBAUR,OAAO;qBAmDT,OAAO;gBAyCZ,OAAO;;AAtT3B,wBA+UE"}
1
+ {"version":3,"file":"authentication.d.ts","sourceRoot":"","sources":["../../../../server/src/controllers/authentication.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAQ,MAAM,KAAK,CAAC;AAGzC,OAAO,eAAe,CAAC;;;0BAkHO,OAAO;kBAcf,OAAO;uBA8CF,OAAO;wBAgDN,OAAO;uBAUR,OAAO;qBAmDT,OAAO;gBAyCZ,OAAO;;AAnS3B,wBA4TE"}
package/dist/server/src/controllers/user.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../../../server/src/controllers/user.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;;gBAuBf,OAAO;cAkCT,OAAO;iBAsBJ,OAAO;gBAcR,OAAO;mBA4BJ,OAAO;IAmB5B;;;OAGG;oBACmB,OAAO;;AA1H/B,wBA4IE"}
1
+ {"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../../../server/src/controllers/user.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;;gBAwBf,OAAO;cAkCT,OAAO;iBAsBJ,OAAO;gBAcR,OAAO;mBA4BJ,OAAO;IAmB5B;;;OAGG;oBACmB,OAAO;;AA1H/B,wBA4IE"}
package/dist/server/src/index.d.ts CHANGED
@@ -108,6 +108,7 @@ declare let admin: {
108
108
  create: (attributes: Partial<import("../../shared/contracts/shared").AdminUserCreationPayload> & {
109
109
  isActive?: true | undefined;
110
110
  }) => Promise<import("../../shared/contracts/shared").AdminUser>;
111
+ createFirstAdmin: (attributes: Omit<Partial<import("../../shared/contracts/shared").AdminUserCreationPayload>, "roles" | "isActive" | "registrationToken">) => Promise<import("../../shared/contracts/shared").AdminUser>;
111
112
  updateById: (id: import("@strapi/types/dist/data").ID, attributes: Partial<import("../../shared/contracts/shared").AdminUserUpdatePayload>) => Promise<import("../../shared/contracts/shared").AdminUser>;
112
113
  exists: (attributes?: unknown) => Promise<boolean>;
113
114
  findRegistrationInfo: (registrationToken: string) => Promise<Pick<import("../../shared/contracts/shared").AdminUser, "firstname" | "lastname" | "email"> | undefined>;
package/dist/server/src/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../server/src/index.ts"],"names":[],"mappings":";AAeA,QAAA,IAAI,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWR,CAAC;AAUF,eAAe,KAAK,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../server/src/index.ts"],"names":[],"mappings":";AAeA,QAAA,IAAI,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWR,CAAC;AAUF,eAAe,KAAK,CAAC"}
package/dist/server/src/routes/authentication.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authentication.d.ts","sourceRoot":"","sources":["../../../../server/src/routes/authentication.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wBA2DE"}
1
+ {"version":3,"file":"authentication.d.ts","sourceRoot":"","sources":["../../../../server/src/routes/authentication.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wBA8DE"}
package/dist/server/src/services/index.d.ts CHANGED
@@ -29,6 +29,7 @@ declare const _default: {
29
29
  create: (attributes: Partial<import("../../../shared/contracts/shared").AdminUserCreationPayload> & {
30
30
  isActive?: true | undefined;
31
31
  }) => Promise<import("../../../shared/contracts/shared").AdminUser>;
32
+ createFirstAdmin: (attributes: Omit<Partial<import("../../../shared/contracts/shared").AdminUserCreationPayload>, "roles" | "isActive" | "registrationToken">) => Promise<import("../../../shared/contracts/shared").AdminUser>;
32
33
  updateById: (id: import("@strapi/types/dist/data").ID, attributes: Partial<import("../../../shared/contracts/shared").AdminUserUpdatePayload>) => Promise<import("../../../shared/contracts/shared").AdminUser>;
33
34
  exists: (attributes?: unknown) => Promise<boolean>;
34
35
  findRegistrationInfo: (registrationToken: string) => Promise<Pick<import("../../../shared/contracts/shared").AdminUser, "firstname" | "lastname" | "email"> | undefined>;
package/dist/server/src/services/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../server/src/services/index.ts"],"names":[],"mappings":";AAOA,OAAO,KAAK,KAAK,MAAM,SAAS,CAAC;AACjC,OAAO,KAAK,UAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,KAAK,WAAW,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,SAAS,MAAM,aAAa,CAAC;AACzC,OAAO,KAAK,SAAS,MAAM,aAAa,CAAC;AACzC,OAAO,KAAK,MAAM,MAAM,UAAU,CAAC;AAEnC,OAAO,KAAK,QAAQ,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,eAAe,MAAM,oBAAoB,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAmBpD,sDAAsD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAZxD,wBAoBE"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../server/src/services/index.ts"],"names":[],"mappings":";AAOA,OAAO,KAAK,KAAK,MAAM,SAAS,CAAC;AACjC,OAAO,KAAK,UAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,KAAK,WAAW,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,SAAS,MAAM,aAAa,CAAC;AACzC,OAAO,KAAK,SAAS,MAAM,aAAa,CAAC;AACzC,OAAO,KAAK,MAAM,MAAM,UAAU,CAAC;AAEnC,OAAO,KAAK,QAAQ,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,eAAe,MAAM,oBAAoB,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAmBpD,sDAAsD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAZxD,wBAoBE"}