@strapi/admin 5.48.1 → 5.50.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/admin/src/StrapiApp.js +33 -20
- package/dist/admin/admin/src/StrapiApp.js.map +1 -1
- package/dist/admin/admin/src/StrapiApp.mjs +6 -1
- package/dist/admin/admin/src/StrapiApp.mjs.map +1 -1
- package/dist/admin/admin/src/components/ConfirmDialog.js +3 -2
- package/dist/admin/admin/src/components/ConfirmDialog.js.map +1 -1
- package/dist/admin/admin/src/components/Context.js +4 -3
- package/dist/admin/admin/src/components/Context.js.map +1 -1
- package/dist/admin/admin/src/components/DescriptionComponentRenderer.js +8 -4
- package/dist/admin/admin/src/components/DescriptionComponentRenderer.js.map +1 -1
- package/dist/admin/admin/src/components/ErrorElement.js +97 -2
- package/dist/admin/admin/src/components/ErrorElement.js.map +1 -1
- package/dist/admin/admin/src/components/ErrorElement.mjs +99 -4
- package/dist/admin/admin/src/components/ErrorElement.mjs.map +1 -1
- package/dist/admin/admin/src/components/Filters.js +3 -2
- package/dist/admin/admin/src/components/Filters.js.map +1 -1
- package/dist/admin/admin/src/components/Form.js +9 -5
- package/dist/admin/admin/src/components/Form.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Boolean.js +3 -2
- package/dist/admin/admin/src/components/FormInputs/Boolean.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Boolean.mjs +3 -2
- package/dist/admin/admin/src/components/FormInputs/Boolean.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Date.js +3 -2
- package/dist/admin/admin/src/components/FormInputs/Date.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Json.js +3 -2
- package/dist/admin/admin/src/components/FormInputs/Json.js.map +1 -1
- package/dist/admin/admin/src/components/GapDropZone.js +3 -2
- package/dist/admin/admin/src/components/GapDropZone.js.map +1 -1
- package/dist/admin/admin/src/components/GuidedTour/Context.js +3 -2
- package/dist/admin/admin/src/components/GuidedTour/Context.js.map +1 -1
- package/dist/admin/admin/src/components/GuidedTour/Steps/Step.js +3 -2
- package/dist/admin/admin/src/components/GuidedTour/Steps/Step.js.map +1 -1
- package/dist/admin/admin/src/components/GuidedTour/Tours.js +9 -3
- package/dist/admin/admin/src/components/GuidedTour/Tours.js.map +1 -1
- package/dist/admin/admin/src/components/GuidedTour/Tours.mjs +6 -1
- package/dist/admin/admin/src/components/GuidedTour/Tours.mjs.map +1 -1
- package/dist/admin/admin/src/components/LanguageProvider.js +5 -1
- package/dist/admin/admin/src/components/LanguageProvider.js.map +1 -1
- package/dist/admin/admin/src/components/Layouts/HeaderLayout.js +3 -2
- package/dist/admin/admin/src/components/Layouts/HeaderLayout.js.map +1 -1
- package/dist/admin/admin/src/components/LazyOutlet.js +57 -0
- package/dist/admin/admin/src/components/LazyOutlet.js.map +1 -0
- package/dist/admin/admin/src/components/LazyOutlet.mjs +35 -0
- package/dist/admin/admin/src/components/LazyOutlet.mjs.map +1 -0
- package/dist/admin/admin/src/components/LeftMenu.js +3 -2
- package/dist/admin/admin/src/components/LeftMenu.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/NavUser.js +10 -0
- package/dist/admin/admin/src/components/MainNav/NavUser.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/NavUser.mjs +10 -0
- package/dist/admin/admin/src/components/MainNav/NavUser.mjs.map +1 -1
- package/dist/admin/admin/src/components/NpsSurvey.js +4 -3
- package/dist/admin/admin/src/components/NpsSurvey.js.map +1 -1
- package/dist/admin/admin/src/components/PageHelpers.js +3 -2
- package/dist/admin/admin/src/components/PageHelpers.js.map +1 -1
- package/dist/admin/admin/src/components/Pagination.js +3 -2
- package/dist/admin/admin/src/components/Pagination.js.map +1 -1
- package/dist/admin/admin/src/components/PluginsInitializer.js +3 -2
- package/dist/admin/admin/src/components/PluginsInitializer.js.map +1 -1
- package/dist/admin/admin/src/components/RelativeTime.js +6 -4
- package/dist/admin/admin/src/components/RelativeTime.js.map +1 -1
- package/dist/admin/admin/src/components/RelativeTime.mjs +3 -2
- package/dist/admin/admin/src/components/RelativeTime.mjs.map +1 -1
- package/dist/admin/admin/src/components/ResizeIndicator.js +3 -2
- package/dist/admin/admin/src/components/ResizeIndicator.js.map +1 -1
- package/dist/admin/admin/src/components/SearchInput.js +3 -2
- package/dist/admin/admin/src/components/SearchInput.js.map +1 -1
- package/dist/admin/admin/src/components/Table.js +3 -2
- package/dist/admin/admin/src/components/Table.js.map +1 -1
- package/dist/admin/admin/src/components/Theme.js +3 -2
- package/dist/admin/admin/src/components/Theme.js.map +1 -1
- package/dist/admin/admin/src/components/WidgetRoot.js +9 -5
- package/dist/admin/admin/src/components/WidgetRoot.js.map +1 -1
- package/dist/admin/admin/src/core/apis/CustomFields.js +14 -10
- package/dist/admin/admin/src/core/apis/CustomFields.js.map +1 -1
- package/dist/admin/admin/src/core/apis/Widgets.js +8 -4
- package/dist/admin/admin/src/core/apis/Widgets.js.map +1 -1
- package/dist/admin/admin/src/core/apis/router.js +39 -33
- package/dist/admin/admin/src/core/apis/router.js.map +1 -1
- package/dist/admin/admin/src/core/apis/router.mjs +19 -17
- package/dist/admin/admin/src/core/apis/router.mjs.map +1 -1
- package/dist/admin/admin/src/features/Auth.js +78 -6
- package/dist/admin/admin/src/features/Auth.js.map +1 -1
- package/dist/admin/admin/src/features/Auth.mjs +77 -6
- package/dist/admin/admin/src/features/Auth.mjs.map +1 -1
- package/dist/admin/admin/src/features/BackButton.js +3 -2
- package/dist/admin/admin/src/features/BackButton.js.map +1 -1
- package/dist/admin/admin/src/features/Configuration.js +3 -2
- package/dist/admin/admin/src/features/Configuration.js.map +1 -1
- package/dist/admin/admin/src/features/Notifications.js +3 -2
- package/dist/admin/admin/src/features/Notifications.js.map +1 -1
- package/dist/admin/admin/src/features/Tracking.js +7 -3
- package/dist/admin/admin/src/features/Tracking.js.map +1 -1
- package/dist/admin/admin/src/features/Widgets.js +3 -2
- package/dist/admin/admin/src/features/Widgets.js.map +1 -1
- package/dist/admin/admin/src/hooks/useAPIErrorHandler.js +3 -2
- package/dist/admin/admin/src/hooks/useAPIErrorHandler.js.map +1 -1
- package/dist/admin/admin/src/hooks/useAdminRoles.js +3 -2
- package/dist/admin/admin/src/hooks/useAdminRoles.js.map +1 -1
- package/dist/admin/admin/src/hooks/useControllableState.js +3 -2
- package/dist/admin/admin/src/hooks/useControllableState.js.map +1 -1
- package/dist/admin/admin/src/hooks/useDebounce.js +3 -2
- package/dist/admin/admin/src/hooks/useDebounce.js.map +1 -1
- package/dist/admin/admin/src/hooks/useDeviceType.js +3 -2
- package/dist/admin/admin/src/hooks/useDeviceType.js.map +1 -1
- package/dist/admin/admin/src/hooks/useElementOnScreen.js +3 -2
- package/dist/admin/admin/src/hooks/useElementOnScreen.js.map +1 -1
- package/dist/admin/admin/src/hooks/useEnterprise.js +3 -2
- package/dist/admin/admin/src/hooks/useEnterprise.js.map +1 -1
- package/dist/admin/admin/src/hooks/useFetchClient.js +3 -2
- package/dist/admin/admin/src/hooks/useFetchClient.js.map +1 -1
- package/dist/admin/admin/src/hooks/useForceUpdate.js +3 -2
- package/dist/admin/admin/src/hooks/useForceUpdate.js.map +1 -1
- package/dist/admin/admin/src/hooks/useIdleSessionLogout.js +85 -15
- package/dist/admin/admin/src/hooks/useIdleSessionLogout.js.map +1 -1
- package/dist/admin/admin/src/hooks/useIdleSessionLogout.mjs +82 -14
- package/dist/admin/admin/src/hooks/useIdleSessionLogout.mjs.map +1 -1
- package/dist/admin/admin/src/hooks/useIsMounted.js +3 -2
- package/dist/admin/admin/src/hooks/useIsMounted.js.map +1 -1
- package/dist/admin/admin/src/hooks/useMediaQuery.js +3 -2
- package/dist/admin/admin/src/hooks/useMediaQuery.js.map +1 -1
- package/dist/admin/admin/src/hooks/useMenu.js +7 -3
- package/dist/admin/admin/src/hooks/useMenu.js.map +1 -1
- package/dist/admin/admin/src/hooks/useOnce.js +3 -2
- package/dist/admin/admin/src/hooks/useOnce.js.map +1 -1
- package/dist/admin/admin/src/hooks/useQueryParams.js +0 -1
- package/dist/admin/admin/src/hooks/useQueryParams.js.map +1 -1
- package/dist/admin/admin/src/hooks/useQueryParams.mjs +0 -1
- package/dist/admin/admin/src/hooks/useQueryParams.mjs.map +1 -1
- package/dist/admin/admin/src/hooks/useRBAC.js +7 -3
- package/dist/admin/admin/src/hooks/useRBAC.js.map +1 -1
- package/dist/admin/admin/src/hooks/useSettingsMenu.js +7 -3
- package/dist/admin/admin/src/hooks/useSettingsMenu.js.map +1 -1
- package/dist/admin/admin/src/hooks/useThrottledCallback.js +5 -1
- package/dist/admin/admin/src/hooks/useThrottledCallback.js.map +1 -1
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.js +15 -7
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.js.map +1 -1
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.mjs +4 -2
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Auth/AuthPage.js +3 -2
- package/dist/admin/admin/src/pages/Auth/AuthPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/AuthPage.mjs +3 -2
- package/dist/admin/admin/src/pages/Auth/AuthPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Auth/components/ForgotPassword.js +3 -2
- package/dist/admin/admin/src/pages/Auth/components/ForgotPassword.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/components/Login.js +8 -4
- package/dist/admin/admin/src/pages/Auth/components/Login.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/components/Oops.js +3 -2
- package/dist/admin/admin/src/pages/Auth/components/Oops.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/components/Register.js +9 -5
- package/dist/admin/admin/src/pages/Auth/components/Register.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/components/ResetPassword.js +4 -3
- package/dist/admin/admin/src/pages/Auth/components/ResetPassword.js.map +1 -1
- package/dist/admin/admin/src/pages/Home/HomePage.js +3 -2
- package/dist/admin/admin/src/pages/Home/HomePage.js.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/AddWidgetModal.js +8 -4
- package/dist/admin/admin/src/pages/Home/components/AddWidgetModal.js.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.js +7 -3
- package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.js.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/FreeTrialWelcomeModal.js +7 -3
- package/dist/admin/admin/src/pages/Home/components/FreeTrialWelcomeModal.js.map +1 -1
- package/dist/admin/admin/src/pages/ProfilePage.js +8 -4
- package/dist/admin/admin/src/pages/ProfilePage.js.map +1 -1
- package/dist/admin/admin/src/pages/SessionsPage.js +318 -0
- package/dist/admin/admin/src/pages/SessionsPage.js.map +1 -0
- package/dist/admin/admin/src/pages/SessionsPage.mjs +296 -0
- package/dist/admin/admin/src/pages/SessionsPage.mjs.map +1 -0
- package/dist/admin/admin/src/pages/Settings/Layout.js +4 -1
- package/dist/admin/admin/src/pages/Settings/Layout.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/Layout.mjs +5 -2
- package/dist/admin/admin/src/pages/Settings/Layout.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/Tokens/FormHead.js +3 -2
- package/dist/admin/admin/src/pages/Settings/components/Tokens/FormHead.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/Tokens/Table.js +3 -2
- package/dist/admin/admin/src/pages/Settings/components/Tokens/Table.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/Tokens/constants.js +3 -2
- package/dist/admin/admin/src/pages/Settings/components/Tokens/constants.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/Tokens/utils/getDateOfExpiration.js +3 -2
- package/dist/admin/admin/src/pages/Settings/components/Tokens/utils/getDateOfExpiration.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/EditView/EditViewPage.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/EditView/EditViewPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/EditView/components/AdminPermissions.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/EditView/components/AdminPermissions.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/ListView.js +4 -3
- package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/ListView.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/EditViewPage.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/EditViewPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/BoundRoute.js +7 -2
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/BoundRoute.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.js +5 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/reducer.js +6 -2
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/reducer.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/ListView.js +4 -3
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/ListView.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js +4 -2
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs +1 -0
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/components/LogoInput.js +7 -3
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/components/LogoInput.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/InstalledPlugins.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/InstalledPlugins.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js +11 -3
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs +7 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.js +11 -4
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.mjs +7 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/ListPage.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/ListPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.js +44 -6
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.mjs +34 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsModal.js +13 -7
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsModal.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ContentTypeCollapses.js +15 -9
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ContentTypeCollapses.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/GlobalActions.js +9 -5
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/GlobalActions.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.js +71 -27
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.mjs +38 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.js +10 -6
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/hooks/usePermissionsDataManager.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/hooks/usePermissionsDataManager.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/difference.js +9 -3
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/difference.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.js +26 -4
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.mjs +18 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/layouts.js +6 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/layouts.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.js +59 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.js.map +1 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.mjs +52 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.mjs.map +1 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/updateConditionsToFalse.js +8 -3
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/updateConditionsToFalse.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/TransferTokens/EditView.js +4 -3
- package/dist/admin/admin/src/pages/Settings/pages/TransferTokens/EditView.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/TransferTokens/ListView.js +4 -3
- package/dist/admin/admin/src/pages/Settings/pages/TransferTokens/ListView.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Users/EditPage.js +9 -5
- package/dist/admin/admin/src/pages/Settings/pages/Users/EditPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Users/ListPage.js +4 -3
- package/dist/admin/admin/src/pages/Settings/pages/Users/ListPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Users/components/CreateActionCE.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/Users/components/CreateActionCE.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Users/components/NewUserForm.js +4 -3
- package/dist/admin/admin/src/pages/Settings/pages/Users/components/NewUserForm.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Users/utils/validation.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/Users/utils/validation.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/EditPage.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/EditPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/ListPage.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/ListPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.js +3 -2
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/WebhookForm.js +4 -3
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/WebhookForm.js.map +1 -1
- package/dist/admin/admin/src/pages/UseCasePage.js +3 -2
- package/dist/admin/admin/src/pages/UseCasePage.js.map +1 -1
- package/dist/admin/admin/src/router.js +9 -0
- package/dist/admin/admin/src/router.js.map +1 -1
- package/dist/admin/admin/src/router.mjs +9 -0
- package/dist/admin/admin/src/router.mjs.map +1 -1
- package/dist/admin/admin/src/services/auth.js +43 -2
- package/dist/admin/admin/src/services/auth.js.map +1 -1
- package/dist/admin/admin/src/services/auth.mjs +41 -3
- package/dist/admin/admin/src/services/auth.mjs.map +1 -1
- package/dist/admin/admin/src/translations/en.json.js +22 -0
- package/dist/admin/admin/src/translations/en.json.js.map +1 -1
- package/dist/admin/admin/src/translations/en.json.mjs +22 -0
- package/dist/admin/admin/src/translations/en.json.mjs.map +1 -1
- package/dist/admin/admin/src/translations/ja.json.js +748 -265
- package/dist/admin/admin/src/translations/ja.json.js.map +1 -1
- package/dist/admin/admin/src/translations/ja.json.mjs +745 -266
- package/dist/admin/admin/src/translations/ja.json.mjs.map +1 -1
- package/dist/admin/admin/src/translations/languageNativeNames.js +1 -0
- package/dist/admin/admin/src/translations/languageNativeNames.js.map +1 -1
- package/dist/admin/admin/src/translations/languageNativeNames.mjs +1 -0
- package/dist/admin/admin/src/translations/languageNativeNames.mjs.map +1 -1
- package/dist/admin/admin/src/utils/getFetchClient.js +7 -2
- package/dist/admin/admin/src/utils/getFetchClient.js.map +1 -1
- package/dist/admin/admin/src/utils/locales.js +3 -2
- package/dist/admin/admin/src/utils/locales.js.map +1 -1
- package/dist/admin/admin/src/utils/objects.js +9 -4
- package/dist/admin/admin/src/utils/objects.js.map +1 -1
- package/dist/admin/admin/src/utils/retryDynamicImport.js +85 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.js.map +1 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.mjs +80 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.mjs.map +1 -0
- package/dist/admin/admin/src/utils/rulesEngine.js +5 -1
- package/dist/admin/admin/src/utils/rulesEngine.js.map +1 -1
- package/dist/admin/admin/src/utils/urls.js +5 -1
- package/dist/admin/admin/src/utils/urls.js.map +1 -1
- package/dist/admin/admin/tests/server.js +25 -0
- package/dist/admin/admin/tests/server.js.map +1 -1
- package/dist/admin/admin/tests/server.mjs +25 -0
- package/dist/admin/admin/tests/server.mjs.map +1 -1
- package/dist/admin/admin/tests/utils.js +3 -2
- package/dist/admin/admin/tests/utils.js.map +1 -1
- package/dist/admin/ee/admin/src/hooks/useLicenseLimitNotification.js +7 -3
- package/dist/admin/ee/admin/src/hooks/useLicenseLimitNotification.js.map +1 -1
- package/dist/admin/ee/admin/src/hooks/useLicenseLimits.js +3 -2
- package/dist/admin/ee/admin/src/hooks/useLicenseLimits.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/AuthResponse.js +3 -2
- package/dist/admin/ee/admin/src/pages/AuthResponse.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/components/Modal.js +3 -2
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/components/Modal.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/hooks/useAuditLogsData.js +3 -2
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/hooks/useAuditLogsData.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/hooks/useFormatTimeStamp.js +5 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/hooks/useFormatTimeStamp.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.js +3 -2
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/Users/components/CreateActionEE.js +7 -3
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/Users/components/CreateActionEE.js.map +1 -1
- package/dist/admin/index.js +2 -0
- package/dist/admin/index.js.map +1 -1
- package/dist/admin/index.mjs +1 -0
- package/dist/admin/index.mjs.map +1 -1
- package/dist/admin/src/StrapiApp.d.ts +11 -5
- package/dist/admin/src/components/FormInputs/Boolean.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Checkbox.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/DateTime.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Email.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Enumeration.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Number.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Password.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Renderer.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/String.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Textarea.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Time.d.ts +0 -1
- package/dist/admin/src/components/GuidedTour/GuidedTourProvider.d.ts +0 -1
- package/dist/admin/src/components/LazyOutlet.d.ts +20 -0
- package/dist/admin/src/components/MainNav/MainNav.d.ts +1 -1
- package/dist/admin/src/components/MainNav/NavUser.d.ts +0 -1
- package/dist/admin/src/components/SubNav.d.ts +5 -6
- package/dist/admin/src/core/apis/Plugin.d.ts +1 -1
- package/dist/admin/src/core/apis/Widgets.d.ts +0 -1
- package/dist/admin/src/core/apis/router.d.ts +2 -3
- package/dist/admin/src/core/store/configure.d.ts +2 -2
- package/dist/admin/src/core/utils/createHook.d.ts +4 -4
- package/dist/admin/src/features/AppInfo.d.ts +1 -2
- package/dist/admin/src/features/StrapiApp.d.ts +1 -2
- package/dist/admin/src/hooks/useAPIErrorHandler.d.ts +1 -1
- package/dist/admin/src/hooks/useAdminRoles.d.ts +2 -2
- package/dist/admin/src/hooks/useFetchClient.d.ts +1 -1
- package/dist/admin/src/hooks/useIdleSessionLogout.d.ts +66 -12
- package/dist/admin/src/hooks/usePersistentState.d.ts +0 -1
- package/dist/admin/src/hooks/useQueryParams.d.ts +1 -1
- package/dist/admin/src/hooks/useThrottledCallback.d.ts +0 -1
- package/dist/admin/src/index.d.ts +1 -0
- package/dist/admin/src/layouts/UnauthenticatedLayout.d.ts +2 -2
- package/dist/admin/src/pages/SessionsPage.d.ts +2 -0
- package/dist/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.d.ts +2 -3
- package/dist/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.d.ts +2 -2
- package/dist/admin/src/pages/Settings/pages/Roles/components/HiddenAction.d.ts +0 -1
- package/dist/admin/src/pages/Settings/pages/Roles/components/Permissions.d.ts +2 -0
- package/dist/admin/src/pages/Settings/pages/Roles/utils/forms.d.ts +1 -1
- package/dist/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.d.ts +5 -0
- package/dist/admin/src/pages/Settings/pages/Roles/utils/permissions.d.ts +3 -1
- package/dist/admin/src/pages/Settings/pages/Webhooks/hooks/useWebhooks.d.ts +8 -8
- package/dist/admin/src/reducer.d.ts +1 -1
- package/dist/admin/src/services/admin.d.ts +2 -2
- package/dist/admin/src/services/api.d.ts +1 -1
- package/dist/admin/src/services/apiTokens.d.ts +1 -1
- package/dist/admin/src/services/auth.d.ts +29 -27
- package/dist/admin/src/services/contentApi.d.ts +1 -1
- package/dist/admin/src/services/users.d.ts +7 -7
- package/dist/admin/src/services/webhooks.d.ts +2 -2
- package/dist/admin/src/translations/languageNativeNames.d.ts +1 -0
- package/dist/admin/src/utils/locales.d.ts +0 -1
- package/dist/admin/src/utils/retryDynamicImport.d.ts +19 -0
- package/dist/admin/src/utils/shims.d.ts +1 -1
- package/dist/admin/tests/store.d.ts +4 -4
- package/dist/admin/tests/utils.d.ts +5 -5
- package/dist/ee/admin/src/pages/SettingsPage/pages/AuditLogs/utils/getDisplayedFilters.d.ts +1 -1
- package/dist/ee/admin/src/services/ai.d.ts +2 -2
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts +1 -1
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts.map +1 -1
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts +3 -3
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts.map +1 -1
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts +2 -2
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts.map +1 -1
- package/dist/ee/server/src/bootstrap.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts +30 -31
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/index.d.ts +1 -2
- package/dist/ee/server/src/controllers/index.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/user.d.ts +1 -1
- package/dist/ee/server/src/destroy.d.ts.map +1 -1
- package/dist/ee/server/src/index.d.ts +2 -3
- package/dist/ee/server/src/index.d.ts.map +1 -1
- package/dist/ee/server/src/register.d.ts.map +1 -1
- package/dist/ee/server/src/routes/utils.d.ts.map +1 -1
- package/dist/ee/server/src/services/auth.d.ts.map +1 -1
- package/dist/ee/server/src/services/index.d.ts +1 -1
- package/dist/ee/server/src/services/metrics.d.ts.map +1 -1
- package/dist/ee/server/src/services/passport/sso.d.ts.map +1 -1
- package/dist/ee/server/src/services/persist-tables.d.ts +1 -1
- package/dist/ee/server/src/services/persist-tables.d.ts.map +1 -1
- package/dist/ee/server/src/services/role.d.ts.map +1 -1
- package/dist/ee/server/src/services/user.d.ts.map +1 -1
- package/dist/ee/server/src/utils/index.d.ts.map +1 -1
- package/dist/ee/server/src/utils/sso-lock.d.ts.map +1 -1
- package/dist/ee/server/src/validation/authentication.d.ts +2 -2
- package/dist/ee/server/src/validation/role.d.ts +6 -6
- package/dist/ee/server/src/validation/role.d.ts.map +1 -1
- package/dist/ee/server/src/validation/user.d.ts.map +1 -1
- package/dist/server/ee/server/src/controllers/authentication-utils/middlewares.js +5 -1
- package/dist/server/ee/server/src/controllers/authentication-utils/middlewares.js.map +1 -1
- package/dist/server/ee/server/src/controllers/authentication.js +5 -1
- package/dist/server/ee/server/src/controllers/authentication.js.map +1 -1
- package/dist/server/ee/server/src/controllers/user.js +6 -2
- package/dist/server/ee/server/src/controllers/user.js.map +1 -1
- package/dist/server/ee/server/src/services/auth.js +5 -1
- package/dist/server/ee/server/src/services/auth.js.map +1 -1
- package/dist/server/ee/server/src/services/user.js +8 -4
- package/dist/server/ee/server/src/services/user.js.map +1 -1
- package/dist/server/index.js +6 -2
- package/dist/server/index.js.map +1 -1
- package/dist/server/server/src/ai/services/ai.js +10 -4
- package/dist/server/server/src/ai/services/ai.js.map +1 -1
- package/dist/server/server/src/content-types/session.js +6 -0
- package/dist/server/server/src/content-types/session.js.map +1 -1
- package/dist/server/server/src/content-types/session.mjs +6 -0
- package/dist/server/server/src/content-types/session.mjs.map +1 -1
- package/dist/server/server/src/controllers/admin.js +9 -4
- package/dist/server/server/src/controllers/admin.js.map +1 -1
- package/dist/server/server/src/controllers/admin.mjs.map +1 -1
- package/dist/server/server/src/controllers/authenticated-session.js +61 -0
- package/dist/server/server/src/controllers/authenticated-session.js.map +1 -0
- package/dist/server/server/src/controllers/authenticated-session.mjs +59 -0
- package/dist/server/server/src/controllers/authenticated-session.mjs.map +1 -0
- package/dist/server/server/src/controllers/authentication.js +18 -6
- package/dist/server/server/src/controllers/authentication.js.map +1 -1
- package/dist/server/server/src/controllers/authentication.mjs +12 -5
- package/dist/server/server/src/controllers/authentication.mjs.map +1 -1
- package/dist/server/server/src/controllers/index.js +2 -0
- package/dist/server/server/src/controllers/index.js.map +1 -1
- package/dist/server/server/src/controllers/index.mjs +2 -0
- package/dist/server/server/src/controllers/index.mjs.map +1 -1
- package/dist/server/server/src/controllers/role.js +2 -4
- package/dist/server/server/src/controllers/role.js.map +1 -1
- package/dist/server/server/src/controllers/role.mjs +2 -4
- package/dist/server/server/src/controllers/role.mjs.map +1 -1
- package/dist/server/server/src/controllers/user.js +3 -2
- package/dist/server/server/src/controllers/user.js.map +1 -1
- package/dist/server/server/src/controllers/webhooks.js +7 -2
- package/dist/server/server/src/controllers/webhooks.js.map +1 -1
- package/dist/server/server/src/middlewares/rateLimit.js +7 -2
- package/dist/server/server/src/middlewares/rateLimit.js.map +1 -1
- package/dist/server/server/src/policies/hasPermissions.js +7 -3
- package/dist/server/server/src/policies/hasPermissions.js.map +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.js +9 -4
- package/dist/server/server/src/routes/serve-admin-panel.js.map +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.mjs +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.mjs.map +1 -1
- package/dist/server/server/src/routes/users.js +12 -26
- package/dist/server/server/src/routes/users.js.map +1 -1
- package/dist/server/server/src/routes/users.mjs +12 -26
- package/dist/server/server/src/routes/users.mjs.map +1 -1
- package/dist/server/server/src/services/api-token.js +7 -3
- package/dist/server/server/src/services/api-token.js.map +1 -1
- package/dist/server/server/src/services/auth.js +8 -3
- package/dist/server/server/src/services/auth.js.map +1 -1
- package/dist/server/server/src/services/content-type.js +6 -2
- package/dist/server/server/src/services/content-type.js.map +1 -1
- package/dist/server/server/src/services/encryption.js +8 -4
- package/dist/server/server/src/services/encryption.js.map +1 -1
- package/dist/server/server/src/services/passport.js +6 -2
- package/dist/server/server/src/services/passport.js.map +1 -1
- package/dist/server/server/src/services/permission/engine.js +5 -1
- package/dist/server/server/src/services/permission/engine.js.map +1 -1
- package/dist/server/server/src/services/permission/permissions-manager/index.js +5 -1
- package/dist/server/server/src/services/permission/permissions-manager/index.js.map +1 -1
- package/dist/server/server/src/services/permission/permissions-manager/query-builders.js +14 -10
- package/dist/server/server/src/services/permission/permissions-manager/query-builders.js.map +1 -1
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.js +0 -2
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.js.map +1 -1
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.mjs +0 -2
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.mjs.map +1 -1
- package/dist/server/server/src/services/permission/queries.js +5 -1
- package/dist/server/server/src/services/permission/queries.js.map +1 -1
- package/dist/server/server/src/services/project-settings.js +6 -2
- package/dist/server/server/src/services/project-settings.js.map +1 -1
- package/dist/server/server/src/services/role.js +10 -5
- package/dist/server/server/src/services/role.js.map +1 -1
- package/dist/server/server/src/services/role.mjs +2 -1
- package/dist/server/server/src/services/role.mjs.map +1 -1
- package/dist/server/server/src/services/token.js +7 -2
- package/dist/server/server/src/services/token.js.map +1 -1
- package/dist/server/server/src/services/transfer/permission.js +5 -1
- package/dist/server/server/src/services/transfer/permission.js.map +1 -1
- package/dist/server/server/src/services/transfer/token.js +10 -5
- package/dist/server/server/src/services/transfer/token.js.map +1 -1
- package/dist/server/server/src/services/user.js +10 -6
- package/dist/server/server/src/services/user.js.map +1 -1
- package/dist/server/server/src/strategies/admin.js +4 -0
- package/dist/server/server/src/strategies/admin.js.map +1 -1
- package/dist/server/server/src/strategies/admin.mjs +4 -0
- package/dist/server/server/src/strategies/admin.mjs.map +1 -1
- package/dist/server/server/src/validation/common-functions/check-fields-are-correctly-nested.js +5 -1
- package/dist/server/server/src/validation/common-functions/check-fields-are-correctly-nested.js.map +1 -1
- package/dist/server/server/src/validation/common-functions/check-fields-dont-have-duplicates.js +6 -2
- package/dist/server/server/src/validation/common-functions/check-fields-dont-have-duplicates.js.map +1 -1
- package/dist/server/server/src/validation/common-validators.js +6 -2
- package/dist/server/server/src/validation/common-validators.js.map +1 -1
- package/dist/server/server/src/validation/policies/hasPermissions.js +6 -2
- package/dist/server/server/src/validation/policies/hasPermissions.js.map +1 -1
- package/dist/server/shared/utils/session-auth.js +5 -1
- package/dist/server/shared/utils/session-auth.js.map +1 -1
- package/dist/server/src/ai/controllers/ai.d.ts +3 -3
- package/dist/server/src/ai/services/ai.d.ts.map +1 -1
- package/dist/server/src/bootstrap.d.ts.map +1 -1
- package/dist/server/src/config/admin-conditions.d.ts +2 -2
- package/dist/server/src/config/admin-conditions.d.ts.map +1 -1
- package/dist/server/src/content-types/index.d.ts +6 -0
- package/dist/server/src/content-types/index.d.ts.map +1 -1
- package/dist/server/src/content-types/session.d.ts +6 -0
- package/dist/server/src/content-types/session.d.ts.map +1 -1
- package/dist/server/src/controllers/admin-token.d.ts +5 -5
- package/dist/server/src/controllers/api-token.d.ts +1 -1
- package/dist/server/src/controllers/authenticated-session.d.ts +8 -0
- package/dist/server/src/controllers/authenticated-session.d.ts.map +1 -0
- package/dist/server/src/controllers/authenticated-user.d.ts +1 -1
- package/dist/server/src/controllers/authentication.d.ts +4 -4
- package/dist/server/src/controllers/authentication.d.ts.map +1 -1
- package/dist/server/src/controllers/formatters/conditions.d.ts +0 -1
- package/dist/server/src/controllers/formatters/conditions.d.ts.map +1 -1
- package/dist/server/src/controllers/formatters/format-actions-by-sections.d.ts.map +1 -1
- package/dist/server/src/controllers/homepage.d.ts +2 -2
- package/dist/server/src/controllers/homepage.d.ts.map +1 -1
- package/dist/server/src/controllers/index.d.ts +33 -43
- package/dist/server/src/controllers/index.d.ts.map +1 -1
- package/dist/server/src/controllers/role.d.ts +4 -4
- package/dist/server/src/controllers/transfer/runner.d.ts +4 -4
- package/dist/server/src/controllers/transfer/runner.d.ts.map +1 -1
- package/dist/server/src/controllers/transfer/token.d.ts +1 -1
- package/dist/server/src/controllers/user.d.ts +2 -2
- package/dist/server/src/controllers/webhooks.d.ts +4 -4
- package/dist/server/src/domain/action/index.d.ts +4 -65
- package/dist/server/src/domain/action/index.d.ts.map +1 -1
- package/dist/server/src/domain/action/provider.d.ts +30 -3
- package/dist/server/src/domain/action/provider.d.ts.map +1 -1
- package/dist/server/src/domain/condition/index.d.ts.map +1 -1
- package/dist/server/src/domain/condition/provider.d.ts +19 -2
- package/dist/server/src/domain/condition/provider.d.ts.map +1 -1
- package/dist/server/src/domain/permission/index.d.ts +0 -1
- package/dist/server/src/domain/permission/index.d.ts.map +1 -1
- package/dist/server/src/domain/user.d.ts.map +1 -1
- package/dist/server/src/index.d.ts +51 -63
- package/dist/server/src/index.d.ts.map +1 -1
- package/dist/server/src/middlewares/data-transfer.d.ts.map +1 -1
- package/dist/server/src/middlewares/index.d.ts +0 -1
- package/dist/server/src/middlewares/index.d.ts.map +1 -1
- package/dist/server/src/middlewares/rateLimit.d.ts.map +1 -1
- package/dist/server/src/policies/hasPermissions.d.ts.map +1 -1
- package/dist/server/src/policies/index.d.ts.map +1 -1
- package/dist/server/src/policies/isAuthenticatedAdmin.d.ts.map +1 -1
- package/dist/server/src/policies/isTelemetryEnabled.d.ts.map +1 -1
- package/dist/server/src/register.d.ts.map +1 -1
- package/dist/server/src/routes/index.d.ts +0 -1
- package/dist/server/src/routes/index.d.ts.map +1 -1
- package/dist/server/src/routes/serve-admin-panel.d.ts.map +1 -1
- package/dist/server/src/routes/transfer.d.ts +0 -1
- package/dist/server/src/routes/transfer.d.ts.map +1 -1
- package/dist/server/src/routes/users.d.ts.map +1 -1
- package/dist/server/src/services/action.d.ts.map +1 -1
- package/dist/server/src/services/api-token.d.ts +5 -6
- package/dist/server/src/services/api-token.d.ts.map +1 -1
- package/dist/server/src/services/auth.d.ts.map +1 -1
- package/dist/server/src/services/condition.d.ts.map +1 -1
- package/dist/server/src/services/content-type.d.ts.map +1 -1
- package/dist/server/src/services/encryption.d.ts.map +1 -1
- package/dist/server/src/services/homepage.d.ts.map +1 -1
- package/dist/server/src/services/index.d.ts +12 -21
- package/dist/server/src/services/index.d.ts.map +1 -1
- package/dist/server/src/services/metrics.d.ts.map +1 -1
- package/dist/server/src/services/passport/local-strategy.d.ts.map +1 -1
- package/dist/server/src/services/passport.d.ts +0 -1
- package/dist/server/src/services/passport.d.ts.map +1 -1
- package/dist/server/src/services/permission/engine.d.ts +1 -2
- package/dist/server/src/services/permission/engine.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/index.d.ts +5 -5
- package/dist/server/src/services/permission/permissions-manager/index.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/permission-fields.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/query-builders.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/sanitize.d.ts +3 -3
- package/dist/server/src/services/permission/permissions-manager/sanitize.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/validate.d.ts.map +1 -1
- package/dist/server/src/services/permission/queries.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/builder.d.ts +4 -4
- package/dist/server/src/services/permission/sections-builder/builder.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/handlers.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/index.d.ts +4 -4
- package/dist/server/src/services/permission/sections-builder/section.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/utils.d.ts +0 -1
- package/dist/server/src/services/permission/sections-builder/utils.d.ts.map +1 -1
- package/dist/server/src/services/permission.d.ts +13 -38
- package/dist/server/src/services/permission.d.ts.map +1 -1
- package/dist/server/src/services/project-settings.d.ts +2 -4
- package/dist/server/src/services/project-settings.d.ts.map +1 -1
- package/dist/server/src/services/role.d.ts +7 -1
- package/dist/server/src/services/role.d.ts.map +1 -1
- package/dist/server/src/services/token.d.ts +1 -1
- package/dist/server/src/services/token.d.ts.map +1 -1
- package/dist/server/src/services/transfer/token.d.ts +11 -11
- package/dist/server/src/services/transfer/token.d.ts.map +1 -1
- package/dist/server/src/services/user.d.ts +3 -3
- package/dist/server/src/services/user.d.ts.map +1 -1
- package/dist/server/src/strategies/admin-token.d.ts +4 -4
- package/dist/server/src/strategies/admin-token.d.ts.map +1 -1
- package/dist/server/src/strategies/admin.d.ts.map +1 -1
- package/dist/server/src/strategies/api-token-utils.d.ts.map +1 -1
- package/dist/server/src/strategies/content-api-token.d.ts.map +1 -1
- package/dist/server/src/strategies/data-transfer.d.ts.map +1 -1
- package/dist/server/src/utils/normalize-email.d.ts.map +1 -1
- package/dist/server/src/validation/action-provider.d.ts +2 -2
- package/dist/server/src/validation/action-provider.d.ts.map +1 -1
- package/dist/server/src/validation/admin-tokens.d.ts +2 -2
- package/dist/server/src/validation/api-tokens.d.ts +4 -4
- package/dist/server/src/validation/authentication/forgot-password.d.ts +1 -1
- package/dist/server/src/validation/authentication/login.d.ts +1 -1
- package/dist/server/src/validation/authentication/register.d.ts +6 -6
- package/dist/server/src/validation/authentication/register.d.ts.map +1 -1
- package/dist/server/src/validation/authentication/reset-password.d.ts +1 -1
- package/dist/server/src/validation/common-functions/check-fields-are-correctly-nested.d.ts.map +1 -1
- package/dist/server/src/validation/common-functions/check-fields-dont-have-duplicates.d.ts.map +1 -1
- package/dist/server/src/validation/common-validators.d.ts.map +1 -1
- package/dist/server/src/validation/permission.d.ts +6 -6
- package/dist/server/src/validation/permission.d.ts.map +1 -1
- package/dist/server/src/validation/policies/hasPermissions.d.ts +2 -2
- package/dist/server/src/validation/project-settings.d.ts +6 -6
- package/dist/server/src/validation/role.d.ts +8 -8
- package/dist/server/src/validation/role.d.ts.map +1 -1
- package/dist/server/src/validation/transfer/token.d.ts +4 -4
- package/dist/server/src/validation/user.d.ts +8 -8
- package/dist/shared/contracts/permissions.d.ts +1 -0
- package/dist/shared/contracts/permissions.d.ts.map +1 -1
- package/dist/shared/contracts/sessions.d.ts +62 -0
- package/dist/shared/contracts/sessions.d.ts.map +1 -0
- package/dist/shared/contracts/shared.d.ts +1 -1
- package/dist/shared/contracts/shared.d.ts.map +1 -1
- package/dist/shared/utils/session-auth.d.ts +1 -1
- package/dist/shared/utils/session-auth.d.ts.map +1 -1
- package/package.json +11 -11
|
@@ -2,6 +2,10 @@
|
|
|
2
2
|
|
|
3
3
|
var crypto = require('crypto');
|
|
4
4
|
|
|
5
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
6
|
+
|
|
7
|
+
var crypto__default = /*#__PURE__*/_interopDefault(crypto);
|
|
8
|
+
|
|
5
9
|
const IV_LENGTH = 16; // 16 bytes for AES-GCM IV
|
|
6
10
|
const ENCRYPTION_VERSION = 'v1';
|
|
7
11
|
const getHashedKey = ()=>{
|
|
@@ -11,7 +15,7 @@ const getHashedKey = ()=>{
|
|
|
11
15
|
strapi.log.warn('Encryption key is missing from admin.secrets.encryptionKey configuration');
|
|
12
16
|
return null;
|
|
13
17
|
}
|
|
14
|
-
return
|
|
18
|
+
return crypto__default.default.createHash('sha256').update(rawKey).digest(); // Always 32 bytes
|
|
15
19
|
};
|
|
16
20
|
/**
|
|
17
21
|
* Encrypts a value string using AES-256-GCM.
|
|
@@ -19,8 +23,8 @@ const getHashedKey = ()=>{
|
|
|
19
23
|
*/ const encrypt = (value)=>{
|
|
20
24
|
const key = getHashedKey();
|
|
21
25
|
if (!key) return null;
|
|
22
|
-
const iv =
|
|
23
|
-
const cipher =
|
|
26
|
+
const iv = crypto__default.default.randomBytes(IV_LENGTH);
|
|
27
|
+
const cipher = crypto__default.default.createCipheriv('aes-256-gcm', key, iv);
|
|
24
28
|
let encrypted = cipher.update(value, 'utf8', 'hex');
|
|
25
29
|
encrypted += cipher.final('hex');
|
|
26
30
|
const authTag = cipher.getAuthTag();
|
|
@@ -44,7 +48,7 @@ const getHashedKey = ()=>{
|
|
|
44
48
|
const encryptedText = Buffer.from(encryptedHex, 'hex');
|
|
45
49
|
const authTag = Buffer.from(tagHex, 'hex');
|
|
46
50
|
try {
|
|
47
|
-
const decipher =
|
|
51
|
+
const decipher = crypto__default.default.createDecipheriv('aes-256-gcm', key, iv);
|
|
48
52
|
decipher.setAuthTag(authTag);
|
|
49
53
|
let decrypted = decipher.update(encryptedText, undefined, 'utf8');
|
|
50
54
|
decrypted += decipher.final('utf8');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"encryption.js","sources":["../../../../../server/src/services/encryption.ts"],"sourcesContent":["import crypto from 'crypto';\nimport type { Core } from '@strapi/types';\n\nconst IV_LENGTH = 16; // 16 bytes for AES-GCM IV\nconst ENCRYPTION_VERSION = 'v1';\n\nconst getHashedKey = (): Buffer | null => {\n const secrets = strapi.config.get<Core.Config.Admin['secrets']>('admin.secrets');\n const rawKey: string | undefined = secrets?.encryptionKey;\n if (!rawKey) {\n strapi.log.warn('Encryption key is missing from admin.secrets.encryptionKey configuration');\n return null;\n }\n\n return crypto.createHash('sha256').update(rawKey).digest(); // Always 32 bytes\n};\n\n/**\n * Encrypts a value string using AES-256-GCM.\n * Returns a string prefixed with the encryption version and includes IV, encrypted content, and auth tag (all hex-encoded).\n */\nconst encrypt = (value: string) => {\n const key = getHashedKey();\n if (!key) return null;\n\n const iv = crypto.randomBytes(IV_LENGTH);\n const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);\n\n let encrypted = cipher.update(value, 'utf8', 'hex');\n encrypted += cipher.final('hex');\n\n const authTag = cipher.getAuthTag();\n\n return `${ENCRYPTION_VERSION}:${iv.toString('hex')}:${encrypted}:${authTag.toString('hex')}`;\n};\n\n/**\n * Decrypts a value encrypted by encrypt().\n * Supports versioned formats like v1:iv:encrypted:authTag\n */\nconst decrypt = (encryptedValue: string) => {\n const [version, ...rest] = encryptedValue.split(':');\n\n if (version !== ENCRYPTION_VERSION) {\n throw new Error(`Unsupported encryption version: ${version}`);\n }\n\n const [ivHex, encryptedHex, tagHex] = rest;\n if (!ivHex || !encryptedHex || !tagHex) {\n throw new Error('Invalid encrypted value format');\n }\n\n const key = getHashedKey();\n if (!key) return null;\n\n const iv = Buffer.from(ivHex, 'hex');\n const encryptedText = Buffer.from(encryptedHex, 'hex');\n const authTag = Buffer.from(tagHex, 'hex');\n\n try {\n const decipher = crypto.createDecipheriv('aes-256-gcm', key, iv);\n decipher.setAuthTag(authTag);\n\n let decrypted = decipher.update(encryptedText, undefined, 'utf8');\n decrypted += decipher.final('utf8');\n\n return decrypted;\n } catch (err) {\n strapi.log.warn(\n '[decrypt] Unable to decrypt value — encryption key may have changed or data is corrupted.'\n );\n return null;\n }\n};\n\nexport default {\n encrypt,\n decrypt,\n};\n"],"names":["IV_LENGTH","ENCRYPTION_VERSION","getHashedKey","secrets","strapi","config","get","rawKey","encryptionKey","log","warn","crypto","createHash","update","digest","encrypt","value","key","iv","randomBytes","cipher","createCipheriv","encrypted","final","authTag","getAuthTag","toString","decrypt","encryptedValue","version","rest","split","Error","ivHex","encryptedHex","tagHex","Buffer","from","encryptedText","decipher","createDecipheriv","setAuthTag","decrypted","undefined","err"],"mappings":"
|
|
1
|
+
{"version":3,"file":"encryption.js","sources":["../../../../../server/src/services/encryption.ts"],"sourcesContent":["import crypto from 'crypto';\nimport type { Core } from '@strapi/types';\n\nconst IV_LENGTH = 16; // 16 bytes for AES-GCM IV\nconst ENCRYPTION_VERSION = 'v1';\n\nconst getHashedKey = (): Buffer | null => {\n const secrets = strapi.config.get<Core.Config.Admin['secrets']>('admin.secrets');\n const rawKey: string | undefined = secrets?.encryptionKey;\n if (!rawKey) {\n strapi.log.warn('Encryption key is missing from admin.secrets.encryptionKey configuration');\n return null;\n }\n\n return crypto.createHash('sha256').update(rawKey).digest(); // Always 32 bytes\n};\n\n/**\n * Encrypts a value string using AES-256-GCM.\n * Returns a string prefixed with the encryption version and includes IV, encrypted content, and auth tag (all hex-encoded).\n */\nconst encrypt = (value: string) => {\n const key = getHashedKey();\n if (!key) return null;\n\n const iv = crypto.randomBytes(IV_LENGTH);\n const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);\n\n let encrypted = cipher.update(value, 'utf8', 'hex');\n encrypted += cipher.final('hex');\n\n const authTag = cipher.getAuthTag();\n\n return `${ENCRYPTION_VERSION}:${iv.toString('hex')}:${encrypted}:${authTag.toString('hex')}`;\n};\n\n/**\n * Decrypts a value encrypted by encrypt().\n * Supports versioned formats like v1:iv:encrypted:authTag\n */\nconst decrypt = (encryptedValue: string) => {\n const [version, ...rest] = encryptedValue.split(':');\n\n if (version !== ENCRYPTION_VERSION) {\n throw new Error(`Unsupported encryption version: ${version}`);\n }\n\n const [ivHex, encryptedHex, tagHex] = rest;\n if (!ivHex || !encryptedHex || !tagHex) {\n throw new Error('Invalid encrypted value format');\n }\n\n const key = getHashedKey();\n if (!key) return null;\n\n const iv = Buffer.from(ivHex, 'hex');\n const encryptedText = Buffer.from(encryptedHex, 'hex');\n const authTag = Buffer.from(tagHex, 'hex');\n\n try {\n const decipher = crypto.createDecipheriv('aes-256-gcm', key, iv);\n decipher.setAuthTag(authTag);\n\n let decrypted = decipher.update(encryptedText, undefined, 'utf8');\n decrypted += decipher.final('utf8');\n\n return decrypted;\n } catch (err) {\n strapi.log.warn(\n '[decrypt] Unable to decrypt value — encryption key may have changed or data is corrupted.'\n );\n return null;\n }\n};\n\nexport default {\n encrypt,\n decrypt,\n};\n"],"names":["IV_LENGTH","ENCRYPTION_VERSION","getHashedKey","secrets","strapi","config","get","rawKey","encryptionKey","log","warn","crypto","createHash","update","digest","encrypt","value","key","iv","randomBytes","cipher","createCipheriv","encrypted","final","authTag","getAuthTag","toString","decrypt","encryptedValue","version","rest","split","Error","ivHex","encryptedHex","tagHex","Buffer","from","encryptedText","decipher","createDecipheriv","setAuthTag","decrypted","undefined","err"],"mappings":";;;;;;;;AAGA,MAAMA,SAAAA,GAAY;AAClB,MAAMC,kBAAAA,GAAqB,IAAA;AAE3B,MAAMC,YAAAA,GAAe,IAAA;AACnB,IAAA,MAAMC,OAAAA,GAAUC,MAAAA,CAAOC,MAAM,CAACC,GAAG,CAA+B,eAAA,CAAA;AAChE,IAAA,MAAMC,SAA6BJ,OAAAA,EAASK,aAAAA;AAC5C,IAAA,IAAI,CAACD,MAAAA,EAAQ;QACXH,MAAAA,CAAOK,GAAG,CAACC,IAAI,CAAC,0EAAA,CAAA;QAChB,OAAO,IAAA;AACT,IAAA;IAEA,OAAOC,uBAAAA,CAAOC,UAAU,CAAC,QAAA,CAAA,CAAUC,MAAM,CAACN,MAAAA,CAAAA,CAAQO,MAAM,EAAA,CAAA;AAC1D,CAAA;AAEA;;;IAIA,MAAMC,UAAU,CAACC,KAAAA,GAAAA;AACf,IAAA,MAAMC,GAAAA,GAAMf,YAAAA,EAAAA;IACZ,IAAI,CAACe,KAAK,OAAO,IAAA;IAEjB,MAAMC,EAAAA,GAAKP,uBAAAA,CAAOQ,WAAW,CAACnB,SAAAA,CAAAA;AAC9B,IAAA,MAAMoB,MAAAA,GAAST,uBAAAA,CAAOU,cAAc,CAAC,eAAeJ,GAAAA,EAAKC,EAAAA,CAAAA;AAEzD,IAAA,IAAII,SAAAA,GAAYF,MAAAA,CAAOP,MAAM,CAACG,OAAO,MAAA,EAAQ,KAAA,CAAA;IAC7CM,SAAAA,IAAaF,MAAAA,CAAOG,KAAK,CAAC,KAAA,CAAA;IAE1B,MAAMC,OAAAA,GAAUJ,OAAOK,UAAU,EAAA;AAEjC,IAAA,OAAO,GAAGxB,kBAAAA,CAAmB,CAAC,EAAEiB,EAAAA,CAAGQ,QAAQ,CAAC,KAAA,CAAA,CAAO,CAAC,EAAEJ,UAAU,CAAC,EAAEE,OAAAA,CAAQE,QAAQ,CAAC,KAAA,CAAA,CAAA,CAAQ;AAC9F,CAAA;AAEA;;;IAIA,MAAMC,UAAU,CAACC,cAAAA,GAAAA;AACf,IAAA,MAAM,CAACC,OAAAA,EAAS,GAAGC,KAAK,GAAGF,cAAAA,CAAeG,KAAK,CAAC,GAAA,CAAA;AAEhD,IAAA,IAAIF,YAAY5B,kBAAAA,EAAoB;AAClC,QAAA,MAAM,IAAI+B,KAAAA,CAAM,CAAC,gCAAgC,EAAEH,OAAAA,CAAAA,CAAS,CAAA;AAC9D,IAAA;AAEA,IAAA,MAAM,CAACI,KAAAA,EAAOC,YAAAA,EAAcC,MAAAA,CAAO,GAAGL,IAAAA;AACtC,IAAA,IAAI,CAACG,KAAAA,IAAS,CAACC,YAAAA,IAAgB,CAACC,MAAAA,EAAQ;AACtC,QAAA,MAAM,IAAIH,KAAAA,CAAM,gCAAA,CAAA;AAClB,IAAA;AAEA,IAAA,MAAMf,GAAAA,GAAMf,YAAAA,EAAAA;IACZ,IAAI,CAACe,KAAK,OAAO,IAAA;AAEjB,IAAA,MAAMC,EAAAA,GAAKkB,MAAAA,CAAOC,IAAI,CAACJ,KAAAA,EAAO,KAAA,CAAA;AAC9B,IAAA,MAAMK,aAAAA,GAAgBF,MAAAA,CAAOC,IAAI,CAACH,YAAAA,EAAc,KAAA,CAAA;AAChD,IAAA,MAAMV,OAAAA,GAAUY,MAAAA,CAAOC,IAAI,CAACF,MAAAA,EAAQ,KAAA,CAAA;IAEpC,IAAI;AACF,QAAA,MAAMI,QAAAA,GAAW5B,uBAAAA,CAAO6B,gBAAgB,CAAC,eAAevB,GAAAA,EAAKC,EAAAA,CAAAA;AAC7DqB,QAAAA,QAAAA,CAASE,UAAU,CAACjB,OAAAA,CAAAA;AAEpB,QAAA,IAAIkB,SAAAA,GAAYH,QAAAA,CAAS1B,MAAM,CAACyB,eAAeK,SAAAA,EAAW,MAAA,CAAA;QAC1DD,SAAAA,IAAaH,QAAAA,CAAShB,KAAK,CAAC,MAAA,CAAA;QAE5B,OAAOmB,SAAAA;AACT,IAAA,CAAA,CAAE,OAAOE,GAAAA,EAAK;QACZxC,MAAAA,CAAOK,GAAG,CAACC,IAAI,CACb,2FAAA,CAAA;QAEF,OAAO,IAAA;AACT,IAAA;AACF,CAAA;AAEA,iBAAe;AACbK,IAAAA,OAAAA;AACAY,IAAAA;AACF,CAAA;;;;"}
|
|
@@ -4,6 +4,10 @@ var passport$1 = require('koa-passport');
|
|
|
4
4
|
var fp = require('lodash/fp');
|
|
5
5
|
var localStrategy = require('./passport/local-strategy.js');
|
|
6
6
|
|
|
7
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
8
|
+
|
|
9
|
+
var passport__default = /*#__PURE__*/_interopDefault(passport$1);
|
|
10
|
+
|
|
7
11
|
const authEventsMapper = {
|
|
8
12
|
onConnectionSuccess: 'admin.auth.success',
|
|
9
13
|
onConnectionError: 'admin.auth.error'
|
|
@@ -26,9 +30,9 @@ const registerAuthEvents = ()=>{
|
|
|
26
30
|
}
|
|
27
31
|
};
|
|
28
32
|
const init = ()=>{
|
|
29
|
-
strapi.service('admin::passport').getPassportStrategies().forEach((strategy)=>
|
|
33
|
+
strapi.service('admin::passport').getPassportStrategies().forEach((strategy)=>passport__default.default.use(strategy));
|
|
30
34
|
registerAuthEvents();
|
|
31
|
-
return
|
|
35
|
+
return passport__default.default.initialize();
|
|
32
36
|
};
|
|
33
37
|
var passport = {
|
|
34
38
|
init,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"passport.js","sources":["../../../../../server/src/services/passport.ts"],"sourcesContent":["import passport from 'koa-passport';\nimport type { Strategy } from 'passport-local';\nimport { isFunction } from 'lodash/fp';\n\nimport createLocalStrategy from './passport/local-strategy';\n\nconst authEventsMapper = {\n onConnectionSuccess: 'admin.auth.success',\n onConnectionError: 'admin.auth.error',\n};\n\nconst valueIsFunctionType = ([, value]: [any, any]) => isFunction(value);\nconst keyIsValidEventName = ([key]: any) => {\n return Object.keys(strapi.service('admin::passport').authEventsMapper).includes(key);\n};\n\nconst getPassportStrategies = () => [createLocalStrategy(strapi)] as Strategy[];\n\nconst registerAuthEvents = () => {\n // @ts-expect-error - TODO: migrate auth service to TS\n const { events = {} } = strapi.config.get('admin.auth', {});\n const { authEventsMapper } = strapi.service('admin::passport');\n\n const eventList = Object.entries(events).filter(keyIsValidEventName).filter(valueIsFunctionType);\n\n for (const [eventName, handler] of eventList) {\n // TODO - TS: ensure the handler is an EventHub.Listener\n strapi.eventHub.on(authEventsMapper[eventName], handler as any);\n }\n};\n\nconst init = () => {\n strapi\n .service('admin::passport')\n .getPassportStrategies()\n .forEach((strategy: Strategy) => passport.use(strategy));\n\n registerAuthEvents();\n\n return passport.initialize();\n};\n\nexport default { init, getPassportStrategies, authEventsMapper };\n"],"names":["authEventsMapper","onConnectionSuccess","onConnectionError","valueIsFunctionType","value","isFunction","keyIsValidEventName","key","Object","keys","strapi","service","includes","getPassportStrategies","createLocalStrategy","registerAuthEvents","events","config","get","eventList","entries","filter","eventName","handler","eventHub","on","init","forEach","strategy","passport","use","initialize"],"mappings":"
|
|
1
|
+
{"version":3,"file":"passport.js","sources":["../../../../../server/src/services/passport.ts"],"sourcesContent":["import passport from 'koa-passport';\nimport type { Strategy } from 'passport-local';\nimport { isFunction } from 'lodash/fp';\n\nimport createLocalStrategy from './passport/local-strategy';\n\nconst authEventsMapper = {\n onConnectionSuccess: 'admin.auth.success',\n onConnectionError: 'admin.auth.error',\n};\n\nconst valueIsFunctionType = ([, value]: [any, any]) => isFunction(value);\nconst keyIsValidEventName = ([key]: any) => {\n return Object.keys(strapi.service('admin::passport').authEventsMapper).includes(key);\n};\n\nconst getPassportStrategies = () => [createLocalStrategy(strapi)] as Strategy[];\n\nconst registerAuthEvents = () => {\n // @ts-expect-error - TODO: migrate auth service to TS\n const { events = {} } = strapi.config.get('admin.auth', {});\n const { authEventsMapper } = strapi.service('admin::passport');\n\n const eventList = Object.entries(events).filter(keyIsValidEventName).filter(valueIsFunctionType);\n\n for (const [eventName, handler] of eventList) {\n // TODO - TS: ensure the handler is an EventHub.Listener\n strapi.eventHub.on(authEventsMapper[eventName], handler as any);\n }\n};\n\nconst init = () => {\n strapi\n .service('admin::passport')\n .getPassportStrategies()\n .forEach((strategy: Strategy) => passport.use(strategy));\n\n registerAuthEvents();\n\n return passport.initialize();\n};\n\nexport default { init, getPassportStrategies, authEventsMapper };\n"],"names":["authEventsMapper","onConnectionSuccess","onConnectionError","valueIsFunctionType","value","isFunction","keyIsValidEventName","key","Object","keys","strapi","service","includes","getPassportStrategies","createLocalStrategy","registerAuthEvents","events","config","get","eventList","entries","filter","eventName","handler","eventHub","on","init","forEach","strategy","passport","use","initialize"],"mappings":";;;;;;;;;;AAMA,MAAMA,gBAAAA,GAAmB;IACvBC,mBAAAA,EAAqB,oBAAA;IACrBC,iBAAAA,EAAmB;AACrB,CAAA;AAEA,MAAMC,mBAAAA,GAAsB,CAAC,GAAGC,KAAAA,CAAkB,GAAKC,aAAAA,CAAWD,KAAAA,CAAAA;AAClE,MAAME,mBAAAA,GAAsB,CAAC,CAACC,GAAAA,CAAS,GAAA;IACrC,OAAOC,MAAAA,CAAOC,IAAI,CAACC,MAAAA,CAAOC,OAAO,CAAC,iBAAA,CAAA,CAAmBX,gBAAgB,CAAA,CAAEY,QAAQ,CAACL,GAAAA,CAAAA;AAClF,CAAA;AAEA,MAAMM,wBAAwB,IAAM;QAACC,aAAAA,CAAoBJ,MAAAA;AAAQ,KAAA;AAEjE,MAAMK,kBAAAA,GAAqB,IAAA;;AAEzB,IAAA,MAAM,EAAEC,MAAAA,GAAS,EAAE,EAAE,GAAGN,MAAAA,CAAOO,MAAM,CAACC,GAAG,CAAC,YAAA,EAAc,EAAC,CAAA;AACzD,IAAA,MAAM,EAAElB,gBAAgB,EAAE,GAAGU,MAAAA,CAAOC,OAAO,CAAC,iBAAA,CAAA;IAE5C,MAAMQ,SAAAA,GAAYX,OAAOY,OAAO,CAACJ,QAAQK,MAAM,CAACf,mBAAAA,CAAAA,CAAqBe,MAAM,CAAClB,mBAAAA,CAAAA;AAE5E,IAAA,KAAK,MAAM,CAACmB,SAAAA,EAAWC,OAAAA,CAAQ,IAAIJ,SAAAA,CAAW;;AAE5CT,QAAAA,MAAAA,CAAOc,QAAQ,CAACC,EAAE,CAACzB,gBAAgB,CAACsB,UAAU,EAAEC,OAAAA,CAAAA;AAClD,IAAA;AACF,CAAA;AAEA,MAAMG,IAAAA,GAAO,IAAA;IACXhB,MAAAA,CACGC,OAAO,CAAC,iBAAA,CAAA,CACRE,qBAAqB,EAAA,CACrBc,OAAO,CAAC,CAACC,QAAAA,GAAuBC,yBAAAA,CAASC,GAAG,CAACF,QAAAA,CAAAA,CAAAA;AAEhDb,IAAAA,kBAAAA,EAAAA;AAEA,IAAA,OAAOc,0BAASE,UAAU,EAAA;AAC5B,CAAA;AAEA,eAAe;AAAEL,IAAAA,IAAAA;AAAMb,IAAAA,qBAAAA;AAAuBb,IAAAA;AAAiB,CAAA;;;;"}
|
|
@@ -5,9 +5,13 @@ var permissions = require('@strapi/permissions');
|
|
|
5
5
|
var index = require('../../domain/permission/index.js');
|
|
6
6
|
var index$1 = require('../../utils/index.js');
|
|
7
7
|
|
|
8
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
9
|
+
|
|
10
|
+
var permissions__default = /*#__PURE__*/_interopDefault(permissions);
|
|
11
|
+
|
|
8
12
|
var createPermissionEngine = ((params)=>{
|
|
9
13
|
const { providers } = params;
|
|
10
|
-
const engine =
|
|
14
|
+
const engine = permissions__default.default.engine.new({
|
|
11
15
|
providers
|
|
12
16
|
})/**
|
|
13
17
|
* Validate the permission's action exists in the action registry
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.js","sources":["../../../../../../server/src/services/permission/engine.ts"],"sourcesContent":["import { curry, isArray, isEmpty, difference } from 'lodash/fp';\nimport permissions, { type engine } from '@strapi/permissions';\nimport type { Ability } from '@casl/ability';\nimport permissionDomain from '../../domain/permission';\nimport { getService } from '../../utils';\nimport { Action } from '../../domain/action';\nimport type { AdminUser, Permission } from '../../../../shared/contracts/shared';\n\nexport default (params: { providers: engine.EngineParams['providers'] }) => {\n const { providers } = params;\n\n const engine = permissions.engine\n .new({ providers })\n /**\n * Validate the permission's action exists in the action registry\n */\n .on('before-format::validate.permission', ({ permission }) => {\n const action = providers.action.get(permission.action);\n\n // If the action isn't registered into the action provider, then ignore the permission\n if (!action) {\n strapi.log.debug(\n `Unknown action \"${permission.action}\" supplied when registering a new permission in engine`\n );\n return false;\n }\n })\n\n /**\n * Remove invalid properties from the permission based on the action (applyToProperties)\n */\n .on('format.permission', (permission: Permission) => {\n const action = providers.action.get(permission.action) as Action;\n const properties = permission.properties || {};\n\n // Only keep the properties allowed by the action (action.applyToProperties)\n const propertiesName = Object.keys(properties);\n const invalidProperties = difference(\n propertiesName,\n // @ts-expect-error - applyToProperties is defined inside the options of an action\n action.applyToProperties || propertiesName\n );\n\n const permissionWithSanitizedProperties = invalidProperties.reduce(\n // @ts-expect-error - fix reduce, property should be a string but it's actually the permission object\n (property) => permissionDomain.deleteProperty(property, permission) as Permission,\n permission\n );\n\n return permissionWithSanitizedProperties;\n })\n\n /**\n * Ignore the permission if the fields property is an empty array (access to no field)\n */\n .on('after-format::validate.permission', ({ permission }) => {\n const { fields } = permission.properties;\n\n if (isArray(fields) && isEmpty(fields)) {\n return false;\n }\n });\n\n return {\n get hooks() {\n return engine.hooks;\n },\n\n /**\n * Generate an ability based on the given user (using associated roles & permissions)\n * @param user\n */\n async generateUserAbility(user: AdminUser): Promise<Ability> {\n const permissions = (await getService('permission').findUserPermissions(user)) as any;\n\n return engine.generateAbility(permissions, user);\n },\n\n /**\n * Generate an ability based on an admin token's stored permissions, scoped to the owner.\n * Token permissions are already validated and ceiling-clamped at write time.\n */\n async generateTokenAbility(tokenPermissions: Permission[], owner: AdminUser): Promise<Ability> {\n return engine.generateAbility(tokenPermissions as any, owner);\n },\n\n /**\n * Check many permissions based on an ability\n */\n checkMany: curry((ability: Ability, permissions: Permission[]) => {\n // @ts-expect-error - Permissions does not contain any field property\n return permissions.map(({ action, subject, field }) => ability.can(action, subject, field));\n }),\n };\n};\n"],"names":["params","providers","engine","permissions","new","on","permission","action","get","strapi","log","debug","properties","propertiesName","Object","keys","invalidProperties","difference","applyToProperties","permissionWithSanitizedProperties","reduce","property","permissionDomain","deleteProperty","fields","isArray","isEmpty","hooks","generateUserAbility","user","getService","findUserPermissions","generateAbility","generateTokenAbility","tokenPermissions","owner","checkMany","curry","ability","map","subject","field","can"],"mappings":"
|
|
1
|
+
{"version":3,"file":"engine.js","sources":["../../../../../../server/src/services/permission/engine.ts"],"sourcesContent":["import { curry, isArray, isEmpty, difference } from 'lodash/fp';\nimport permissions, { type engine } from '@strapi/permissions';\nimport type { Ability } from '@casl/ability';\nimport permissionDomain from '../../domain/permission';\nimport { getService } from '../../utils';\nimport { Action } from '../../domain/action';\nimport type { AdminUser, Permission } from '../../../../shared/contracts/shared';\n\nexport default (params: { providers: engine.EngineParams['providers'] }) => {\n const { providers } = params;\n\n const engine = permissions.engine\n .new({ providers })\n /**\n * Validate the permission's action exists in the action registry\n */\n .on('before-format::validate.permission', ({ permission }) => {\n const action = providers.action.get(permission.action);\n\n // If the action isn't registered into the action provider, then ignore the permission\n if (!action) {\n strapi.log.debug(\n `Unknown action \"${permission.action}\" supplied when registering a new permission in engine`\n );\n return false;\n }\n })\n\n /**\n * Remove invalid properties from the permission based on the action (applyToProperties)\n */\n .on('format.permission', (permission: Permission) => {\n const action = providers.action.get(permission.action) as Action;\n const properties = permission.properties || {};\n\n // Only keep the properties allowed by the action (action.applyToProperties)\n const propertiesName = Object.keys(properties);\n const invalidProperties = difference(\n propertiesName,\n // @ts-expect-error - applyToProperties is defined inside the options of an action\n action.applyToProperties || propertiesName\n );\n\n const permissionWithSanitizedProperties = invalidProperties.reduce(\n // @ts-expect-error - fix reduce, property should be a string but it's actually the permission object\n (property) => permissionDomain.deleteProperty(property, permission) as Permission,\n permission\n );\n\n return permissionWithSanitizedProperties;\n })\n\n /**\n * Ignore the permission if the fields property is an empty array (access to no field)\n */\n .on('after-format::validate.permission', ({ permission }) => {\n const { fields } = permission.properties;\n\n if (isArray(fields) && isEmpty(fields)) {\n return false;\n }\n });\n\n return {\n get hooks() {\n return engine.hooks;\n },\n\n /**\n * Generate an ability based on the given user (using associated roles & permissions)\n * @param user\n */\n async generateUserAbility(user: AdminUser): Promise<Ability> {\n const permissions = (await getService('permission').findUserPermissions(user)) as any;\n\n return engine.generateAbility(permissions, user);\n },\n\n /**\n * Generate an ability based on an admin token's stored permissions, scoped to the owner.\n * Token permissions are already validated and ceiling-clamped at write time.\n */\n async generateTokenAbility(tokenPermissions: Permission[], owner: AdminUser): Promise<Ability> {\n return engine.generateAbility(tokenPermissions as any, owner);\n },\n\n /**\n * Check many permissions based on an ability\n */\n checkMany: curry((ability: Ability, permissions: Permission[]) => {\n // @ts-expect-error - Permissions does not contain any field property\n return permissions.map(({ action, subject, field }) => ability.can(action, subject, field));\n }),\n };\n};\n"],"names":["params","providers","engine","permissions","new","on","permission","action","get","strapi","log","debug","properties","propertiesName","Object","keys","invalidProperties","difference","applyToProperties","permissionWithSanitizedProperties","reduce","property","permissionDomain","deleteProperty","fields","isArray","isEmpty","hooks","generateUserAbility","user","getService","findUserPermissions","generateAbility","generateTokenAbility","tokenPermissions","owner","checkMany","curry","ability","map","subject","field","can"],"mappings":";;;;;;;;;;;AAQA,6BAAe,CAAA,CAACA,MAAAA,GAAAA;IACd,MAAM,EAAEC,SAAS,EAAE,GAAGD,MAAAA;AAEtB,IAAA,MAAME,MAAAA,GAASC,4BAAAA,CAAYD,MAAM,CAC9BE,GAAG,CAAC;AAAEH,QAAAA;KAAU,CACjB;;AAEC,SACAI,EAAE,CAAC,oCAAA,EAAsC,CAAC,EAAEC,UAAU,EAAE,GAAA;AACvD,QAAA,MAAMC,SAASN,SAAAA,CAAUM,MAAM,CAACC,GAAG,CAACF,WAAWC,MAAM,CAAA;;AAGrD,QAAA,IAAI,CAACA,MAAAA,EAAQ;YACXE,MAAAA,CAAOC,GAAG,CAACC,KAAK,CACd,CAAC,gBAAgB,EAAEL,UAAAA,CAAWC,MAAM,CAAC,sDAAsD,CAAC,CAAA;YAE9F,OAAO,KAAA;AACT,QAAA;IACF,CAAA,CAEA;;SAGCF,EAAE,CAAC,mBAAA,EAAqB,CAACC,UAAAA,GAAAA;AACxB,QAAA,MAAMC,SAASN,SAAAA,CAAUM,MAAM,CAACC,GAAG,CAACF,WAAWC,MAAM,CAAA;AACrD,QAAA,MAAMK,UAAAA,GAAaN,UAAAA,CAAWM,UAAU,IAAI,EAAC;;QAG7C,MAAMC,cAAAA,GAAiBC,MAAAA,CAAOC,IAAI,CAACH,UAAAA,CAAAA;QACnC,MAAMI,iBAAAA,GAAoBC,aAAAA,CACxBJ,cAAAA;AAEAN,QAAAA,MAAAA,CAAOW,iBAAiB,IAAIL,cAAAA,CAAAA;AAG9B,QAAA,MAAMM,iCAAAA,GAAoCH,iBAAAA,CAAkBI,MAAM;AAEhE,QAAA,CAACC,QAAAA,GAAaC,aAAAA,CAAiBC,cAAc,CAACF,UAAUf,UAAAA,CAAAA,EACxDA,UAAAA,CAAAA;QAGF,OAAOa,iCAAAA;IACT,CAAA,CAEA;;AAEC,SACAd,EAAE,CAAC,mCAAA,EAAqC,CAAC,EAAEC,UAAU,EAAE,GAAA;AACtD,QAAA,MAAM,EAAEkB,MAAM,EAAE,GAAGlB,WAAWM,UAAU;QAExC,IAAIa,UAAAA,CAAQD,MAAAA,CAAAA,IAAWE,UAAAA,CAAQF,MAAAA,CAAAA,EAAS;YACtC,OAAO,KAAA;AACT,QAAA;AACF,IAAA,CAAA,CAAA;IAEF,OAAO;AACL,QAAA,IAAIG,KAAAA,CAAAA,GAAQ;AACV,YAAA,OAAOzB,OAAOyB,KAAK;AACrB,QAAA,CAAA;AAEA;;;QAIA,MAAMC,qBAAoBC,IAAe,EAAA;AACvC,YAAA,MAAM1B,WAAAA,GAAe,MAAM2B,kBAAAA,CAAW,YAAA,CAAA,CAAcC,mBAAmB,CAACF,IAAAA,CAAAA;YAExE,OAAO3B,MAAAA,CAAO8B,eAAe,CAAC7B,WAAAA,EAAa0B,IAAAA,CAAAA;AAC7C,QAAA,CAAA;AAEA;;;AAGC,QACD,MAAMI,oBAAAA,CAAAA,CAAqBC,gBAA8B,EAAEC,KAAgB,EAAA;YACzE,OAAOjC,MAAAA,CAAO8B,eAAe,CAACE,gBAAAA,EAAyBC,KAAAA,CAAAA;AACzD,QAAA,CAAA;AAEA;;QAGAC,SAAAA,EAAWC,QAAAA,CAAM,CAACC,OAAAA,EAAkBnC,WAAAA,GAAAA;;AAElC,YAAA,OAAOA,YAAYoC,GAAG,CAAC,CAAC,EAAEhC,MAAM,EAAEiC,OAAO,EAAEC,KAAK,EAAE,GAAKH,OAAAA,CAAQI,GAAG,CAACnC,QAAQiC,OAAAA,EAASC,KAAAA,CAAAA,CAAAA;AACtF,QAAA,CAAA;AACF,KAAA;AACF,CAAA;;;;"}
|
|
@@ -7,6 +7,10 @@ var sanitize = require('./sanitize.js');
|
|
|
7
7
|
var validate = require('./validate.js');
|
|
8
8
|
var queryBuilders = require('./query-builders.js');
|
|
9
9
|
|
|
10
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
11
|
+
|
|
12
|
+
var ___default = /*#__PURE__*/_interopDefault(_);
|
|
13
|
+
|
|
10
14
|
var index = (({ ability: ability$1, action, model })=>({
|
|
11
15
|
ability: ability$1,
|
|
12
16
|
action,
|
|
@@ -21,7 +25,7 @@ var index = (({ ability: ability$1, action, model })=>({
|
|
|
21
25
|
return this.sanitizeInput(data, options);
|
|
22
26
|
},
|
|
23
27
|
getQuery (queryAction = action) {
|
|
24
|
-
if (
|
|
28
|
+
if (___default.default.isUndefined(queryAction)) {
|
|
25
29
|
throw new Error('Action must be defined to build a permission query');
|
|
26
30
|
}
|
|
27
31
|
return queryBuilders.buildStrapiQuery(queryBuilders.buildCaslQuery(ability$1, queryAction, model));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/index.ts"],"sourcesContent":["import _ from 'lodash';\nimport { cloneDeep, isPlainObject } from 'lodash/fp';\nimport { subject as asSubject } from '@casl/ability';\nimport createSanitizeHelpers from './sanitize';\nimport createValidateHelpers from './validate';\n\nimport { buildStrapiQuery, buildCaslQuery } from './query-builders';\n\nexport default ({ ability, action, model }: any) => ({\n ability,\n action,\n model,\n\n get isAllowed(): unknown {\n return this.ability.can(action, model);\n },\n\n toSubject(target: any, subjectType = model) {\n return asSubject(subjectType, target);\n },\n\n pickPermittedFieldsOf(data: unknown, options = {}) {\n return this.sanitizeInput(data, options);\n },\n\n getQuery(queryAction = action) {\n if (_.isUndefined(queryAction)) {\n throw new Error('Action must be defined to build a permission query');\n }\n\n return buildStrapiQuery(buildCaslQuery(ability, queryAction, model));\n },\n\n // eslint-disable-next-line @typescript-eslint/default-param-last\n addPermissionsQueryTo(query = {} as any, action: unknown) {\n const newQuery = cloneDeep(query);\n const permissionQuery = this.getQuery(action) ?? undefined;\n\n if (isPlainObject(query.filters)) {\n newQuery.filters = permissionQuery\n ? { $and: [query.filters, permissionQuery] }\n : query.filters;\n } else {\n newQuery.filters = permissionQuery;\n }\n\n return newQuery;\n },\n\n ...createSanitizeHelpers({ action, ability, model }),\n ...createValidateHelpers({ action, ability, model }),\n});\n"],"names":["ability","action","model","isAllowed","can","toSubject","target","subjectType","asSubject","pickPermittedFieldsOf","data","options","sanitizeInput","getQuery","queryAction","_","isUndefined","Error","buildStrapiQuery","buildCaslQuery","addPermissionsQueryTo","query","newQuery","cloneDeep","permissionQuery","undefined","isPlainObject","filters","$and","createSanitizeHelpers","createValidateHelpers"],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/index.ts"],"sourcesContent":["import _ from 'lodash';\nimport { cloneDeep, isPlainObject } from 'lodash/fp';\nimport { subject as asSubject } from '@casl/ability';\nimport createSanitizeHelpers from './sanitize';\nimport createValidateHelpers from './validate';\n\nimport { buildStrapiQuery, buildCaslQuery } from './query-builders';\n\nexport default ({ ability, action, model }: any) => ({\n ability,\n action,\n model,\n\n get isAllowed(): unknown {\n return this.ability.can(action, model);\n },\n\n toSubject(target: any, subjectType = model) {\n return asSubject(subjectType, target);\n },\n\n pickPermittedFieldsOf(data: unknown, options = {}) {\n return this.sanitizeInput(data, options);\n },\n\n getQuery(queryAction = action) {\n if (_.isUndefined(queryAction)) {\n throw new Error('Action must be defined to build a permission query');\n }\n\n return buildStrapiQuery(buildCaslQuery(ability, queryAction, model));\n },\n\n // eslint-disable-next-line @typescript-eslint/default-param-last\n addPermissionsQueryTo(query = {} as any, action: unknown) {\n const newQuery = cloneDeep(query);\n const permissionQuery = this.getQuery(action) ?? undefined;\n\n if (isPlainObject(query.filters)) {\n newQuery.filters = permissionQuery\n ? { $and: [query.filters, permissionQuery] }\n : query.filters;\n } else {\n newQuery.filters = permissionQuery;\n }\n\n return newQuery;\n },\n\n ...createSanitizeHelpers({ action, ability, model }),\n ...createValidateHelpers({ action, ability, model }),\n});\n"],"names":["ability","action","model","isAllowed","can","toSubject","target","subjectType","asSubject","pickPermittedFieldsOf","data","options","sanitizeInput","getQuery","queryAction","_","isUndefined","Error","buildStrapiQuery","buildCaslQuery","addPermissionsQueryTo","query","newQuery","cloneDeep","permissionQuery","undefined","isPlainObject","filters","$and","createSanitizeHelpers","createValidateHelpers"],"mappings":";;;;;;;;;;;;;AAQA,YAAe,CAAA,CAAC,WAAEA,SAAO,EAAEC,MAAM,EAAEC,KAAK,EAAO,IAAM;AACnDF,iBAAAA,SAAAA;AACAC,QAAAA,MAAAA;AACAC,QAAAA,KAAAA;AAEA,QAAA,IAAIC,SAAAA,CAAAA,GAAqB;AACvB,YAAA,OAAO,IAAI,CAACH,OAAO,CAACI,GAAG,CAACH,MAAAA,EAAQC,KAAAA,CAAAA;AAClC,QAAA,CAAA;QAEAG,SAAAA,CAAAA,CAAUC,MAAW,EAAEC,WAAAA,GAAcL,KAAK,EAAA;AACxC,YAAA,OAAOM,gBAAUD,WAAAA,EAAaD,MAAAA,CAAAA;AAChC,QAAA,CAAA;AAEAG,QAAAA,qBAAAA,CAAAA,CAAsBC,IAAa,EAAEC,OAAAA,GAAU,EAAE,EAAA;AAC/C,YAAA,OAAO,IAAI,CAACC,aAAa,CAACF,IAAAA,EAAMC,OAAAA,CAAAA;AAClC,QAAA,CAAA;AAEAE,QAAAA,QAAAA,CAAAA,CAASC,cAAcb,MAAM,EAAA;YAC3B,IAAIc,kBAAAA,CAAEC,WAAW,CAACF,WAAAA,CAAAA,EAAc;AAC9B,gBAAA,MAAM,IAAIG,KAAAA,CAAM,oDAAA,CAAA;AAClB,YAAA;YAEA,OAAOC,8BAAAA,CAAiBC,4BAAAA,CAAenB,SAAAA,EAASc,WAAAA,EAAaZ,KAAAA,CAAAA,CAAAA;AAC/D,QAAA,CAAA;;AAGAkB,QAAAA,qBAAAA,CAAAA,CAAsBC,KAAAA,GAAQ,EAAS,EAAEpB,MAAe,EAAA;AACtD,YAAA,MAAMqB,WAAWC,YAAAA,CAAUF,KAAAA,CAAAA;AAC3B,YAAA,MAAMG,eAAAA,GAAkB,IAAI,CAACX,QAAQ,CAACZ,MAAAA,CAAAA,IAAWwB,SAAAA;YAEjD,IAAIC,gBAAAA,CAAcL,KAAAA,CAAMM,OAAO,CAAA,EAAG;gBAChCL,QAAAA,CAASK,OAAO,GAAGH,eAAAA,GACf;oBAAEI,IAAAA,EAAM;AAACP,wBAAAA,KAAAA,CAAMM,OAAO;AAAEH,wBAAAA;AAAgB;AAAC,iBAAA,GACzCH,MAAMM,OAAO;YACnB,CAAA,MAAO;AACLL,gBAAAA,QAAAA,CAASK,OAAO,GAAGH,eAAAA;AACrB,YAAA;YAEA,OAAOF,QAAAA;AACT,QAAA,CAAA;AAEA,QAAA,GAAGO,QAAAA,CAAsB;AAAE5B,YAAAA,MAAAA;AAAQD,qBAAAA,SAAAA;AAASE,YAAAA;SAAM,CAAE;AACpD,QAAA,GAAG4B,QAAAA,CAAsB;AAAE7B,YAAAA,MAAAA;AAAQD,qBAAAA,SAAAA;AAASE,YAAAA;SAAM;AACpD,KAAA,CAAC;;;;"}
|
|
@@ -3,6 +3,10 @@
|
|
|
3
3
|
var _ = require('lodash');
|
|
4
4
|
var extra = require('@casl/ability/extra');
|
|
5
5
|
|
|
6
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
7
|
+
|
|
8
|
+
var ___default = /*#__PURE__*/_interopDefault(_);
|
|
9
|
+
|
|
6
10
|
// TODO: migration
|
|
7
11
|
const operatorsMap = {
|
|
8
12
|
$in: '$in',
|
|
@@ -19,7 +23,7 @@ const operatorsMap = {
|
|
|
19
23
|
$not: '$not'
|
|
20
24
|
};
|
|
21
25
|
const mapKey = (key)=>{
|
|
22
|
-
if (
|
|
26
|
+
if (___default.default.isString(key) && key.startsWith('$') && key in operatorsMap) {
|
|
23
27
|
return operatorsMap[key];
|
|
24
28
|
}
|
|
25
29
|
return key;
|
|
@@ -32,25 +36,25 @@ const buildStrapiQuery = (caslQuery)=>{
|
|
|
32
36
|
return unwrapDeep(caslQuery);
|
|
33
37
|
};
|
|
34
38
|
const unwrapDeep = (obj)=>{
|
|
35
|
-
if (!
|
|
39
|
+
if (!___default.default.isPlainObject(obj) && !___default.default.isArray(obj)) {
|
|
36
40
|
return obj;
|
|
37
41
|
}
|
|
38
|
-
if (
|
|
42
|
+
if (___default.default.isArray(obj)) {
|
|
39
43
|
return obj.map((v)=>unwrapDeep(v));
|
|
40
44
|
}
|
|
41
|
-
return
|
|
45
|
+
return ___default.default.reduce(obj, (acc, v, k)=>{
|
|
42
46
|
const key = mapKey(k);
|
|
43
|
-
if (
|
|
47
|
+
if (___default.default.isPlainObject(v)) {
|
|
44
48
|
if ('$elemMatch' in v) {
|
|
45
|
-
|
|
49
|
+
___default.default.setWith(acc, key, unwrapDeep(v.$elemMatch));
|
|
46
50
|
} else {
|
|
47
|
-
|
|
51
|
+
___default.default.setWith(acc, key, unwrapDeep(v));
|
|
48
52
|
}
|
|
49
|
-
} else if (
|
|
53
|
+
} else if (___default.default.isArray(v)) {
|
|
50
54
|
// prettier-ignore
|
|
51
|
-
|
|
55
|
+
___default.default.setWith(acc, key, v.map((v)=>unwrapDeep(v)));
|
|
52
56
|
} else {
|
|
53
|
-
|
|
57
|
+
___default.default.setWith(acc, key, v);
|
|
54
58
|
}
|
|
55
59
|
return acc;
|
|
56
60
|
}, {});
|
package/dist/server/server/src/services/permission/permissions-manager/query-builders.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"query-builders.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/query-builders.ts"],"sourcesContent":["// TODO: migration\nimport _ from 'lodash';\nimport { rulesToQuery } from '@casl/ability/extra';\n\nconst operatorsMap = {\n $in: '$in',\n $nin: '$notIn',\n $exists: '$notNull',\n $gte: '$gte',\n $gt: '$gt',\n $lte: '$lte',\n $lt: '$lt',\n $eq: '$eq',\n $ne: '$ne',\n $and: '$and',\n $or: '$or',\n $not: '$not',\n} as const;\n\nconst mapKey = (key: keyof typeof operatorsMap) => {\n if (_.isString(key) && key.startsWith('$') && key in operatorsMap) {\n return operatorsMap[key];\n }\n return key;\n};\n\nconst buildCaslQuery = (ability: unknown, action: unknown, model: unknown) => {\n // @ts-expect-error casl types\n return rulesToQuery(ability, action, model, (o) => o.conditions);\n};\n\nconst buildStrapiQuery = (caslQuery: unknown) => {\n return unwrapDeep(caslQuery);\n};\n\nconst unwrapDeep = (obj: any): unknown => {\n if (!_.isPlainObject(obj) && !_.isArray(obj)) {\n return obj;\n }\n if (_.isArray(obj)) {\n return obj.map((v: unknown) => unwrapDeep(v));\n }\n\n return _.reduce(\n obj,\n (acc, v, k: any) => {\n const key = mapKey(k);\n\n if (_.isPlainObject(v)) {\n if ('$elemMatch' in v) {\n _.setWith(acc, key, unwrapDeep(v.$elemMatch));\n } else {\n _.setWith(acc, key, unwrapDeep(v));\n }\n } else if (_.isArray(v)) {\n // prettier-ignore\n _.setWith(acc, key, v.map(v => unwrapDeep(v)));\n } else {\n _.setWith(acc, key, v);\n }\n\n return acc;\n },\n {}\n );\n};\n\nexport { buildCaslQuery, buildStrapiQuery };\n"],"names":["operatorsMap","$in","$nin","$exists","$gte","$gt","$lte","$lt","$eq","$ne","$and","$or","$not","mapKey","key","_","isString","startsWith","buildCaslQuery","ability","action","model","rulesToQuery","o","conditions","buildStrapiQuery","caslQuery","unwrapDeep","obj","isPlainObject","isArray","map","v","reduce","acc","k","setWith","$elemMatch"],"mappings":"
|
|
1
|
+
{"version":3,"file":"query-builders.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/query-builders.ts"],"sourcesContent":["// TODO: migration\nimport _ from 'lodash';\nimport { rulesToQuery } from '@casl/ability/extra';\n\nconst operatorsMap = {\n $in: '$in',\n $nin: '$notIn',\n $exists: '$notNull',\n $gte: '$gte',\n $gt: '$gt',\n $lte: '$lte',\n $lt: '$lt',\n $eq: '$eq',\n $ne: '$ne',\n $and: '$and',\n $or: '$or',\n $not: '$not',\n} as const;\n\nconst mapKey = (key: keyof typeof operatorsMap) => {\n if (_.isString(key) && key.startsWith('$') && key in operatorsMap) {\n return operatorsMap[key];\n }\n return key;\n};\n\nconst buildCaslQuery = (ability: unknown, action: unknown, model: unknown) => {\n // @ts-expect-error casl types\n return rulesToQuery(ability, action, model, (o) => o.conditions);\n};\n\nconst buildStrapiQuery = (caslQuery: unknown) => {\n return unwrapDeep(caslQuery);\n};\n\nconst unwrapDeep = (obj: any): unknown => {\n if (!_.isPlainObject(obj) && !_.isArray(obj)) {\n return obj;\n }\n if (_.isArray(obj)) {\n return obj.map((v: unknown) => unwrapDeep(v));\n }\n\n return _.reduce(\n obj,\n (acc, v, k: any) => {\n const key = mapKey(k);\n\n if (_.isPlainObject(v)) {\n if ('$elemMatch' in v) {\n _.setWith(acc, key, unwrapDeep(v.$elemMatch));\n } else {\n _.setWith(acc, key, unwrapDeep(v));\n }\n } else if (_.isArray(v)) {\n // prettier-ignore\n _.setWith(acc, key, v.map(v => unwrapDeep(v)));\n } else {\n _.setWith(acc, key, v);\n }\n\n return acc;\n },\n {}\n );\n};\n\nexport { buildCaslQuery, buildStrapiQuery };\n"],"names":["operatorsMap","$in","$nin","$exists","$gte","$gt","$lte","$lt","$eq","$ne","$and","$or","$not","mapKey","key","_","isString","startsWith","buildCaslQuery","ability","action","model","rulesToQuery","o","conditions","buildStrapiQuery","caslQuery","unwrapDeep","obj","isPlainObject","isArray","map","v","reduce","acc","k","setWith","$elemMatch"],"mappings":";;;;;;;;;AAAA;AAIA,MAAMA,YAAAA,GAAe;IACnBC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,QAAA;IACNC,OAAAA,EAAS,UAAA;IACTC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,GAAAA,EAAK,KAAA;IACLC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM;AACR,CAAA;AAEA,MAAMC,SAAS,CAACC,GAAAA,GAAAA;IACd,IAAIC,kBAAAA,CAAEC,QAAQ,CAACF,GAAAA,CAAAA,IAAQA,IAAIG,UAAU,CAAC,GAAA,CAAA,IAAQH,GAAAA,IAAOd,YAAAA,EAAc;QACjE,OAAOA,YAAY,CAACc,GAAAA,CAAI;AAC1B,IAAA;IACA,OAAOA,GAAAA;AACT,CAAA;AAEA,MAAMI,cAAAA,GAAiB,CAACC,OAAAA,EAAkBC,MAAAA,EAAiBC,KAAAA,GAAAA;;AAEzD,IAAA,OAAOC,mBAAaH,OAAAA,EAASC,MAAAA,EAAQC,OAAO,CAACE,CAAAA,GAAMA,EAAEC,UAAU,CAAA;AACjE;AAEA,MAAMC,mBAAmB,CAACC,SAAAA,GAAAA;AACxB,IAAA,OAAOC,UAAAA,CAAWD,SAAAA,CAAAA;AACpB;AAEA,MAAMC,aAAa,CAACC,GAAAA,GAAAA;IAClB,IAAI,CAACb,mBAAEc,aAAa,CAACD,QAAQ,CAACb,kBAAAA,CAAEe,OAAO,CAACF,GAAAA,CAAAA,EAAM;QAC5C,OAAOA,GAAAA;AACT,IAAA;IACA,IAAIb,kBAAAA,CAAEe,OAAO,CAACF,GAAAA,CAAAA,EAAM;AAClB,QAAA,OAAOA,GAAAA,CAAIG,GAAG,CAAC,CAACC,IAAeL,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA;AAC5C,IAAA;AAEA,IAAA,OAAOjB,mBAAEkB,MAAM,CACbL,GAAAA,EACA,CAACM,KAAKF,CAAAA,EAAGG,CAAAA,GAAAA;AACP,QAAA,MAAMrB,MAAMD,MAAAA,CAAOsB,CAAAA,CAAAA;QAEnB,IAAIpB,kBAAAA,CAAEc,aAAa,CAACG,CAAAA,CAAAA,EAAI;AACtB,YAAA,IAAI,gBAAgBA,CAAAA,EAAG;AACrBjB,gBAAAA,kBAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKa,UAAAA,CAAWK,EAAEK,UAAU,CAAA,CAAA;YAC7C,CAAA,MAAO;AACLtB,gBAAAA,kBAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKa,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA;AACjC,YAAA;AACF,QAAA,CAAA,MAAO,IAAIjB,kBAAAA,CAAEe,OAAO,CAACE,CAAAA,CAAAA,EAAI;;YAEvBjB,kBAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKkB,EAAED,GAAG,CAACC,CAAAA,CAAAA,GAAKL,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA,CAAAA;QAC5C,CAAA,MAAO;YACLjB,kBAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKkB,CAAAA,CAAAA;AACtB,QAAA;QAEA,OAAOE,GAAAA;AACT,IAAA,CAAA,EACA,EAAC,CAAA;AAEL,CAAA;;;;;"}
|
|
@@ -104,8 +104,6 @@ var createSanitizeHelpers = (({ action, ability: ability$1, model })=>{
|
|
|
104
104
|
};
|
|
105
105
|
const wrapSanitize = (createSanitizeFunction)=>{
|
|
106
106
|
const { getPermissionFields } = permissionFields.createPermissionFieldsCache(ability$1);
|
|
107
|
-
// TODO
|
|
108
|
-
// @ts-expect-error define the correct return type
|
|
109
107
|
const wrappedSanitize = async (data, options = {})=>{
|
|
110
108
|
if (fp.isArray(data)) {
|
|
111
109
|
return Promise.all(data.map((entity)=>wrappedSanitize(entity, options)));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sanitize.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedSanitize = async (data: unknown, options = {} as any) => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,cAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,kBAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,WAAEC,SAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,eAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,sBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,cAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,cAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,cAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,eAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,WAAAA,CAASF,KAAAA,CAAAA,IAAUG,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,YAAMC,IAAI,CACRC,eAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,cAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,eAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,eAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,cAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,cAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,cAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,WAAAA,CAAMC,IAAI,CACjCC,eAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,cAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,cAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,cAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,cAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,cAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,YAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,cAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,4CAAAA,CAA4BpE,SAAAA,CAAAA;;;AAI5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,WAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,WAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,gBAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,OAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,SAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,OAAAA,CAAKC,8BAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,8BAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"sanitize.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n const wrappedSanitize = async (data: unknown, options = {} as any): Promise<unknown> => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,cAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,kBAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,WAAEC,SAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,eAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,sBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,cAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,cAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,cAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,eAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,WAAAA,CAASF,KAAAA,CAAAA,IAAUG,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,YAAMC,IAAI,CACRC,eAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,cAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,eAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,eAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,cAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,cAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,cAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,WAAAA,CAAMC,IAAI,CACjCC,eAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,cAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,cAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,cAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,cAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,cAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,YAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,cAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,4CAAAA,CAA4BpE,SAAAA,CAAAA;AAE5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,WAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,WAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,gBAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,OAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,SAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,OAAAA,CAAKC,8BAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,8BAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
|
|
@@ -102,8 +102,6 @@ var createSanitizeHelpers = (({ action, ability, model })=>{
|
|
|
102
102
|
};
|
|
103
103
|
const wrapSanitize = (createSanitizeFunction)=>{
|
|
104
104
|
const { getPermissionFields } = createPermissionFieldsCache(ability);
|
|
105
|
-
// TODO
|
|
106
|
-
// @ts-expect-error define the correct return type
|
|
107
105
|
const wrappedSanitize = async (data, options = {})=>{
|
|
108
106
|
if (isArray(data)) {
|
|
109
107
|
return Promise.all(data.map((entity)=>wrappedSanitize(entity, options)));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sanitize.mjs","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedSanitize = async (data: unknown, options = {} as any) => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,QAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,YAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,EAAEC,OAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,SAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,gBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,QAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,QAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,QAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,SAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,QAAAA,CAASF,KAAAA,CAAAA,IAAUG,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,MAAMC,IAAI,CACRC,SAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,QAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,SAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,SAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,QAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,QAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,QAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,KAAAA,CAAMC,IAAI,CACjCC,SAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,QAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,QAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,QAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,QAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,QAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,SAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,QAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,2BAAAA,CAA4BpE,OAAAA,CAAAA;;;AAI5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,QAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,QAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,QAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,IAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,MAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,IAAAA,CAAKC,yBAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,yBAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"sanitize.mjs","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n const wrappedSanitize = async (data: unknown, options = {} as any): Promise<unknown> => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,QAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,YAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,EAAEC,OAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,SAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,gBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,QAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,QAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,QAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,SAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,QAAAA,CAASF,KAAAA,CAAAA,IAAUG,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,MAAMC,IAAI,CACRC,SAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,QAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,SAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,SAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,QAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,QAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,QAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,KAAAA,CAAMC,IAAI,CACjCC,SAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,QAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,QAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,QAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,QAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,QAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,SAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,QAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,2BAAAA,CAA4BpE,OAAAA,CAAAA;AAE5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,QAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,QAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,QAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,IAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,MAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,IAAAA,CAAKC,yBAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,yBAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
|
|
@@ -5,6 +5,10 @@ var pmap = require('p-map');
|
|
|
5
5
|
var index = require('../../utils/index.js');
|
|
6
6
|
var index$1 = require('../../domain/permission/index.js');
|
|
7
7
|
|
|
8
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
9
|
+
|
|
10
|
+
var pmap__default = /*#__PURE__*/_interopDefault(pmap);
|
|
11
|
+
|
|
8
12
|
/**
|
|
9
13
|
* Delete permissions of roles in database
|
|
10
14
|
* @param rolesIds ids of roles
|
|
@@ -153,7 +157,7 @@ const filterPermissionsToRemove = async (permissions)=>{
|
|
|
153
157
|
// Execute all the queries, update the database
|
|
154
158
|
await Promise.all([
|
|
155
159
|
deleteByIds(permissionsIdToRemove),
|
|
156
|
-
|
|
160
|
+
pmap__default.default(permissionsNeedingToBeUpdated, updatePromiseProvider, {
|
|
157
161
|
concurrency: 100,
|
|
158
162
|
stopOnError: true
|
|
159
163
|
})
|