@strapi/admin 5.48.1 → 5.50.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (657) hide show
  1. package/dist/admin/admin/src/StrapiApp.js +33 -20
  2. package/dist/admin/admin/src/StrapiApp.js.map +1 -1
  3. package/dist/admin/admin/src/StrapiApp.mjs +6 -1
  4. package/dist/admin/admin/src/StrapiApp.mjs.map +1 -1
  5. package/dist/admin/admin/src/components/ConfirmDialog.js +3 -2
  6. package/dist/admin/admin/src/components/ConfirmDialog.js.map +1 -1
  7. package/dist/admin/admin/src/components/Context.js +4 -3
  8. package/dist/admin/admin/src/components/Context.js.map +1 -1
  9. package/dist/admin/admin/src/components/DescriptionComponentRenderer.js +8 -4
  10. package/dist/admin/admin/src/components/DescriptionComponentRenderer.js.map +1 -1
  11. package/dist/admin/admin/src/components/ErrorElement.js +97 -2
  12. package/dist/admin/admin/src/components/ErrorElement.js.map +1 -1
  13. package/dist/admin/admin/src/components/ErrorElement.mjs +99 -4
  14. package/dist/admin/admin/src/components/ErrorElement.mjs.map +1 -1
  15. package/dist/admin/admin/src/components/Filters.js +3 -2
  16. package/dist/admin/admin/src/components/Filters.js.map +1 -1
  17. package/dist/admin/admin/src/components/Form.js +9 -5
  18. package/dist/admin/admin/src/components/Form.js.map +1 -1
  19. package/dist/admin/admin/src/components/FormInputs/Boolean.js +3 -2
  20. package/dist/admin/admin/src/components/FormInputs/Boolean.js.map +1 -1
  21. package/dist/admin/admin/src/components/FormInputs/Boolean.mjs +3 -2
  22. package/dist/admin/admin/src/components/FormInputs/Boolean.mjs.map +1 -1
  23. package/dist/admin/admin/src/components/FormInputs/Date.js +3 -2
  24. package/dist/admin/admin/src/components/FormInputs/Date.js.map +1 -1
  25. package/dist/admin/admin/src/components/FormInputs/Json.js +3 -2
  26. package/dist/admin/admin/src/components/FormInputs/Json.js.map +1 -1
  27. package/dist/admin/admin/src/components/GapDropZone.js +3 -2
  28. package/dist/admin/admin/src/components/GapDropZone.js.map +1 -1
  29. package/dist/admin/admin/src/components/GuidedTour/Context.js +3 -2
  30. package/dist/admin/admin/src/components/GuidedTour/Context.js.map +1 -1
  31. package/dist/admin/admin/src/components/GuidedTour/Steps/Step.js +3 -2
  32. package/dist/admin/admin/src/components/GuidedTour/Steps/Step.js.map +1 -1
  33. package/dist/admin/admin/src/components/GuidedTour/Tours.js +9 -3
  34. package/dist/admin/admin/src/components/GuidedTour/Tours.js.map +1 -1
  35. package/dist/admin/admin/src/components/GuidedTour/Tours.mjs +6 -1
  36. package/dist/admin/admin/src/components/GuidedTour/Tours.mjs.map +1 -1
  37. package/dist/admin/admin/src/components/LanguageProvider.js +5 -1
  38. package/dist/admin/admin/src/components/LanguageProvider.js.map +1 -1
  39. package/dist/admin/admin/src/components/Layouts/HeaderLayout.js +3 -2
  40. package/dist/admin/admin/src/components/Layouts/HeaderLayout.js.map +1 -1
  41. package/dist/admin/admin/src/components/LazyOutlet.js +57 -0
  42. package/dist/admin/admin/src/components/LazyOutlet.js.map +1 -0
  43. package/dist/admin/admin/src/components/LazyOutlet.mjs +35 -0
  44. package/dist/admin/admin/src/components/LazyOutlet.mjs.map +1 -0
  45. package/dist/admin/admin/src/components/LeftMenu.js +3 -2
  46. package/dist/admin/admin/src/components/LeftMenu.js.map +1 -1
  47. package/dist/admin/admin/src/components/MainNav/NavUser.js +10 -0
  48. package/dist/admin/admin/src/components/MainNav/NavUser.js.map +1 -1
  49. package/dist/admin/admin/src/components/MainNav/NavUser.mjs +10 -0
  50. package/dist/admin/admin/src/components/MainNav/NavUser.mjs.map +1 -1
  51. package/dist/admin/admin/src/components/NpsSurvey.js +4 -3
  52. package/dist/admin/admin/src/components/NpsSurvey.js.map +1 -1
  53. package/dist/admin/admin/src/components/PageHelpers.js +3 -2
  54. package/dist/admin/admin/src/components/PageHelpers.js.map +1 -1
  55. package/dist/admin/admin/src/components/Pagination.js +3 -2
  56. package/dist/admin/admin/src/components/Pagination.js.map +1 -1
  57. package/dist/admin/admin/src/components/PluginsInitializer.js +3 -2
  58. package/dist/admin/admin/src/components/PluginsInitializer.js.map +1 -1
  59. package/dist/admin/admin/src/components/RelativeTime.js +6 -4
  60. package/dist/admin/admin/src/components/RelativeTime.js.map +1 -1
  61. package/dist/admin/admin/src/components/RelativeTime.mjs +3 -2
  62. package/dist/admin/admin/src/components/RelativeTime.mjs.map +1 -1
  63. package/dist/admin/admin/src/components/ResizeIndicator.js +3 -2
  64. package/dist/admin/admin/src/components/ResizeIndicator.js.map +1 -1
  65. package/dist/admin/admin/src/components/SearchInput.js +3 -2
  66. package/dist/admin/admin/src/components/SearchInput.js.map +1 -1
  67. package/dist/admin/admin/src/components/Table.js +3 -2
  68. package/dist/admin/admin/src/components/Table.js.map +1 -1
  69. package/dist/admin/admin/src/components/Theme.js +3 -2
  70. package/dist/admin/admin/src/components/Theme.js.map +1 -1
  71. package/dist/admin/admin/src/components/WidgetRoot.js +9 -5
  72. package/dist/admin/admin/src/components/WidgetRoot.js.map +1 -1
  73. package/dist/admin/admin/src/core/apis/CustomFields.js +14 -10
  74. package/dist/admin/admin/src/core/apis/CustomFields.js.map +1 -1
  75. package/dist/admin/admin/src/core/apis/Widgets.js +8 -4
  76. package/dist/admin/admin/src/core/apis/Widgets.js.map +1 -1
  77. package/dist/admin/admin/src/core/apis/router.js +39 -33
  78. package/dist/admin/admin/src/core/apis/router.js.map +1 -1
  79. package/dist/admin/admin/src/core/apis/router.mjs +19 -17
  80. package/dist/admin/admin/src/core/apis/router.mjs.map +1 -1
  81. package/dist/admin/admin/src/features/Auth.js +78 -6
  82. package/dist/admin/admin/src/features/Auth.js.map +1 -1
  83. package/dist/admin/admin/src/features/Auth.mjs +77 -6
  84. package/dist/admin/admin/src/features/Auth.mjs.map +1 -1
  85. package/dist/admin/admin/src/features/BackButton.js +3 -2
  86. package/dist/admin/admin/src/features/BackButton.js.map +1 -1
  87. package/dist/admin/admin/src/features/Configuration.js +3 -2
  88. package/dist/admin/admin/src/features/Configuration.js.map +1 -1
  89. package/dist/admin/admin/src/features/Notifications.js +3 -2
  90. package/dist/admin/admin/src/features/Notifications.js.map +1 -1
  91. package/dist/admin/admin/src/features/Tracking.js +7 -3
  92. package/dist/admin/admin/src/features/Tracking.js.map +1 -1
  93. package/dist/admin/admin/src/features/Widgets.js +3 -2
  94. package/dist/admin/admin/src/features/Widgets.js.map +1 -1
  95. package/dist/admin/admin/src/hooks/useAPIErrorHandler.js +3 -2
  96. package/dist/admin/admin/src/hooks/useAPIErrorHandler.js.map +1 -1
  97. package/dist/admin/admin/src/hooks/useAdminRoles.js +3 -2
  98. package/dist/admin/admin/src/hooks/useAdminRoles.js.map +1 -1
  99. package/dist/admin/admin/src/hooks/useControllableState.js +3 -2
  100. package/dist/admin/admin/src/hooks/useControllableState.js.map +1 -1
  101. package/dist/admin/admin/src/hooks/useDebounce.js +3 -2
  102. package/dist/admin/admin/src/hooks/useDebounce.js.map +1 -1
  103. package/dist/admin/admin/src/hooks/useDeviceType.js +3 -2
  104. package/dist/admin/admin/src/hooks/useDeviceType.js.map +1 -1
  105. package/dist/admin/admin/src/hooks/useElementOnScreen.js +3 -2
  106. package/dist/admin/admin/src/hooks/useElementOnScreen.js.map +1 -1
  107. package/dist/admin/admin/src/hooks/useEnterprise.js +3 -2
  108. package/dist/admin/admin/src/hooks/useEnterprise.js.map +1 -1
  109. package/dist/admin/admin/src/hooks/useFetchClient.js +3 -2
  110. package/dist/admin/admin/src/hooks/useFetchClient.js.map +1 -1
  111. package/dist/admin/admin/src/hooks/useForceUpdate.js +3 -2
  112. package/dist/admin/admin/src/hooks/useForceUpdate.js.map +1 -1
  113. package/dist/admin/admin/src/hooks/useIdleSessionLogout.js +85 -15
  114. package/dist/admin/admin/src/hooks/useIdleSessionLogout.js.map +1 -1
  115. package/dist/admin/admin/src/hooks/useIdleSessionLogout.mjs +82 -14
  116. package/dist/admin/admin/src/hooks/useIdleSessionLogout.mjs.map +1 -1
  117. package/dist/admin/admin/src/hooks/useIsMounted.js +3 -2
  118. package/dist/admin/admin/src/hooks/useIsMounted.js.map +1 -1
  119. package/dist/admin/admin/src/hooks/useMediaQuery.js +3 -2
  120. package/dist/admin/admin/src/hooks/useMediaQuery.js.map +1 -1
  121. package/dist/admin/admin/src/hooks/useMenu.js +7 -3
  122. package/dist/admin/admin/src/hooks/useMenu.js.map +1 -1
  123. package/dist/admin/admin/src/hooks/useOnce.js +3 -2
  124. package/dist/admin/admin/src/hooks/useOnce.js.map +1 -1
  125. package/dist/admin/admin/src/hooks/useQueryParams.js +0 -1
  126. package/dist/admin/admin/src/hooks/useQueryParams.js.map +1 -1
  127. package/dist/admin/admin/src/hooks/useQueryParams.mjs +0 -1
  128. package/dist/admin/admin/src/hooks/useQueryParams.mjs.map +1 -1
  129. package/dist/admin/admin/src/hooks/useRBAC.js +7 -3
  130. package/dist/admin/admin/src/hooks/useRBAC.js.map +1 -1
  131. package/dist/admin/admin/src/hooks/useSettingsMenu.js +7 -3
  132. package/dist/admin/admin/src/hooks/useSettingsMenu.js.map +1 -1
  133. package/dist/admin/admin/src/hooks/useThrottledCallback.js +5 -1
  134. package/dist/admin/admin/src/hooks/useThrottledCallback.js.map +1 -1
  135. package/dist/admin/admin/src/layouts/AuthenticatedLayout.js +15 -7
  136. package/dist/admin/admin/src/layouts/AuthenticatedLayout.js.map +1 -1
  137. package/dist/admin/admin/src/layouts/AuthenticatedLayout.mjs +4 -2
  138. package/dist/admin/admin/src/layouts/AuthenticatedLayout.mjs.map +1 -1
  139. package/dist/admin/admin/src/pages/Auth/AuthPage.js +3 -2
  140. package/dist/admin/admin/src/pages/Auth/AuthPage.js.map +1 -1
  141. package/dist/admin/admin/src/pages/Auth/AuthPage.mjs +3 -2
  142. package/dist/admin/admin/src/pages/Auth/AuthPage.mjs.map +1 -1
  143. package/dist/admin/admin/src/pages/Auth/components/ForgotPassword.js +3 -2
  144. package/dist/admin/admin/src/pages/Auth/components/ForgotPassword.js.map +1 -1
  145. package/dist/admin/admin/src/pages/Auth/components/Login.js +8 -4
  146. package/dist/admin/admin/src/pages/Auth/components/Login.js.map +1 -1
  147. package/dist/admin/admin/src/pages/Auth/components/Oops.js +3 -2
  148. package/dist/admin/admin/src/pages/Auth/components/Oops.js.map +1 -1
  149. package/dist/admin/admin/src/pages/Auth/components/Register.js +9 -5
  150. package/dist/admin/admin/src/pages/Auth/components/Register.js.map +1 -1
  151. package/dist/admin/admin/src/pages/Auth/components/ResetPassword.js +4 -3
  152. package/dist/admin/admin/src/pages/Auth/components/ResetPassword.js.map +1 -1
  153. package/dist/admin/admin/src/pages/Home/HomePage.js +3 -2
  154. package/dist/admin/admin/src/pages/Home/HomePage.js.map +1 -1
  155. package/dist/admin/admin/src/pages/Home/components/AddWidgetModal.js +8 -4
  156. package/dist/admin/admin/src/pages/Home/components/AddWidgetModal.js.map +1 -1
  157. package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.js +7 -3
  158. package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.js.map +1 -1
  159. package/dist/admin/admin/src/pages/Home/components/FreeTrialWelcomeModal.js +7 -3
  160. package/dist/admin/admin/src/pages/Home/components/FreeTrialWelcomeModal.js.map +1 -1
  161. package/dist/admin/admin/src/pages/ProfilePage.js +8 -4
  162. package/dist/admin/admin/src/pages/ProfilePage.js.map +1 -1
  163. package/dist/admin/admin/src/pages/SessionsPage.js +318 -0
  164. package/dist/admin/admin/src/pages/SessionsPage.js.map +1 -0
  165. package/dist/admin/admin/src/pages/SessionsPage.mjs +296 -0
  166. package/dist/admin/admin/src/pages/SessionsPage.mjs.map +1 -0
  167. package/dist/admin/admin/src/pages/Settings/Layout.js +4 -1
  168. package/dist/admin/admin/src/pages/Settings/Layout.js.map +1 -1
  169. package/dist/admin/admin/src/pages/Settings/Layout.mjs +5 -2
  170. package/dist/admin/admin/src/pages/Settings/Layout.mjs.map +1 -1
  171. package/dist/admin/admin/src/pages/Settings/components/Tokens/FormHead.js +3 -2
  172. package/dist/admin/admin/src/pages/Settings/components/Tokens/FormHead.js.map +1 -1
  173. package/dist/admin/admin/src/pages/Settings/components/Tokens/Table.js +3 -2
  174. package/dist/admin/admin/src/pages/Settings/components/Tokens/Table.js.map +1 -1
  175. package/dist/admin/admin/src/pages/Settings/components/Tokens/constants.js +3 -2
  176. package/dist/admin/admin/src/pages/Settings/components/Tokens/constants.js.map +1 -1
  177. package/dist/admin/admin/src/pages/Settings/components/Tokens/utils/getDateOfExpiration.js +3 -2
  178. package/dist/admin/admin/src/pages/Settings/components/Tokens/utils/getDateOfExpiration.js.map +1 -1
  179. package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/EditView/EditViewPage.js +3 -2
  180. package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/EditView/EditViewPage.js.map +1 -1
  181. package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/EditView/components/AdminPermissions.js +3 -2
  182. package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/EditView/components/AdminPermissions.js.map +1 -1
  183. package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/ListView.js +4 -3
  184. package/dist/admin/admin/src/pages/Settings/pages/AdminTokens/ListView.js.map +1 -1
  185. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/EditViewPage.js +3 -2
  186. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/EditViewPage.js.map +1 -1
  187. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/BoundRoute.js +7 -2
  188. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/BoundRoute.js.map +1 -1
  189. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.js +5 -1
  190. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.js.map +1 -1
  191. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/reducer.js +6 -2
  192. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/reducer.js.map +1 -1
  193. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/ListView.js +4 -3
  194. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/ListView.js.map +1 -1
  195. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js +4 -2
  196. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js.map +1 -1
  197. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs +1 -0
  198. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs.map +1 -1
  199. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/components/LogoInput.js +7 -3
  200. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/components/LogoInput.js.map +1 -1
  201. package/dist/admin/admin/src/pages/Settings/pages/InstalledPlugins.js +3 -2
  202. package/dist/admin/admin/src/pages/Settings/pages/InstalledPlugins.js.map +1 -1
  203. package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js +11 -3
  204. package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js.map +1 -1
  205. package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs +7 -0
  206. package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs.map +1 -1
  207. package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.js +11 -4
  208. package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.js.map +1 -1
  209. package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.mjs +7 -1
  210. package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.mjs.map +1 -1
  211. package/dist/admin/admin/src/pages/Settings/pages/Roles/ListPage.js +3 -2
  212. package/dist/admin/admin/src/pages/Settings/pages/Roles/ListPage.js.map +1 -1
  213. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.js +44 -6
  214. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.js.map +1 -1
  215. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.mjs +34 -0
  216. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.mjs.map +1 -1
  217. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.js +3 -2
  218. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.js.map +1 -1
  219. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsModal.js +13 -7
  220. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsModal.js.map +1 -1
  221. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ContentTypeCollapses.js +15 -9
  222. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ContentTypeCollapses.js.map +1 -1
  223. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/GlobalActions.js +9 -5
  224. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/GlobalActions.js.map +1 -1
  225. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.js +71 -27
  226. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.js.map +1 -1
  227. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.mjs +38 -2
  228. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.mjs.map +1 -1
  229. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.js +10 -6
  230. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.js.map +1 -1
  231. package/dist/admin/admin/src/pages/Settings/pages/Roles/hooks/usePermissionsDataManager.js +3 -2
  232. package/dist/admin/admin/src/pages/Settings/pages/Roles/hooks/usePermissionsDataManager.js.map +1 -1
  233. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/difference.js +9 -3
  234. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/difference.js.map +1 -1
  235. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.js +26 -4
  236. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.js.map +1 -1
  237. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.mjs +18 -1
  238. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.mjs.map +1 -1
  239. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/layouts.js +6 -2
  240. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/layouts.js.map +1 -1
  241. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.js +59 -0
  242. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.js.map +1 -0
  243. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.mjs +52 -0
  244. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.mjs.map +1 -0
  245. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/updateConditionsToFalse.js +8 -3
  246. package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/updateConditionsToFalse.js.map +1 -1
  247. package/dist/admin/admin/src/pages/Settings/pages/TransferTokens/EditView.js +4 -3
  248. package/dist/admin/admin/src/pages/Settings/pages/TransferTokens/EditView.js.map +1 -1
  249. package/dist/admin/admin/src/pages/Settings/pages/TransferTokens/ListView.js +4 -3
  250. package/dist/admin/admin/src/pages/Settings/pages/TransferTokens/ListView.js.map +1 -1
  251. package/dist/admin/admin/src/pages/Settings/pages/Users/EditPage.js +9 -5
  252. package/dist/admin/admin/src/pages/Settings/pages/Users/EditPage.js.map +1 -1
  253. package/dist/admin/admin/src/pages/Settings/pages/Users/ListPage.js +4 -3
  254. package/dist/admin/admin/src/pages/Settings/pages/Users/ListPage.js.map +1 -1
  255. package/dist/admin/admin/src/pages/Settings/pages/Users/components/CreateActionCE.js +3 -2
  256. package/dist/admin/admin/src/pages/Settings/pages/Users/components/CreateActionCE.js.map +1 -1
  257. package/dist/admin/admin/src/pages/Settings/pages/Users/components/NewUserForm.js +4 -3
  258. package/dist/admin/admin/src/pages/Settings/pages/Users/components/NewUserForm.js.map +1 -1
  259. package/dist/admin/admin/src/pages/Settings/pages/Users/utils/validation.js +3 -2
  260. package/dist/admin/admin/src/pages/Settings/pages/Users/utils/validation.js.map +1 -1
  261. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/EditPage.js +3 -2
  262. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/EditPage.js.map +1 -1
  263. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/ListPage.js +3 -2
  264. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/ListPage.js.map +1 -1
  265. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.js +3 -2
  266. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.js.map +1 -1
  267. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/WebhookForm.js +4 -3
  268. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/WebhookForm.js.map +1 -1
  269. package/dist/admin/admin/src/pages/UseCasePage.js +3 -2
  270. package/dist/admin/admin/src/pages/UseCasePage.js.map +1 -1
  271. package/dist/admin/admin/src/router.js +9 -0
  272. package/dist/admin/admin/src/router.js.map +1 -1
  273. package/dist/admin/admin/src/router.mjs +9 -0
  274. package/dist/admin/admin/src/router.mjs.map +1 -1
  275. package/dist/admin/admin/src/services/auth.js +43 -2
  276. package/dist/admin/admin/src/services/auth.js.map +1 -1
  277. package/dist/admin/admin/src/services/auth.mjs +41 -3
  278. package/dist/admin/admin/src/services/auth.mjs.map +1 -1
  279. package/dist/admin/admin/src/translations/en.json.js +22 -0
  280. package/dist/admin/admin/src/translations/en.json.js.map +1 -1
  281. package/dist/admin/admin/src/translations/en.json.mjs +22 -0
  282. package/dist/admin/admin/src/translations/en.json.mjs.map +1 -1
  283. package/dist/admin/admin/src/translations/ja.json.js +748 -265
  284. package/dist/admin/admin/src/translations/ja.json.js.map +1 -1
  285. package/dist/admin/admin/src/translations/ja.json.mjs +745 -266
  286. package/dist/admin/admin/src/translations/ja.json.mjs.map +1 -1
  287. package/dist/admin/admin/src/translations/languageNativeNames.js +1 -0
  288. package/dist/admin/admin/src/translations/languageNativeNames.js.map +1 -1
  289. package/dist/admin/admin/src/translations/languageNativeNames.mjs +1 -0
  290. package/dist/admin/admin/src/translations/languageNativeNames.mjs.map +1 -1
  291. package/dist/admin/admin/src/utils/getFetchClient.js +7 -2
  292. package/dist/admin/admin/src/utils/getFetchClient.js.map +1 -1
  293. package/dist/admin/admin/src/utils/locales.js +3 -2
  294. package/dist/admin/admin/src/utils/locales.js.map +1 -1
  295. package/dist/admin/admin/src/utils/objects.js +9 -4
  296. package/dist/admin/admin/src/utils/objects.js.map +1 -1
  297. package/dist/admin/admin/src/utils/retryDynamicImport.js +85 -0
  298. package/dist/admin/admin/src/utils/retryDynamicImport.js.map +1 -0
  299. package/dist/admin/admin/src/utils/retryDynamicImport.mjs +80 -0
  300. package/dist/admin/admin/src/utils/retryDynamicImport.mjs.map +1 -0
  301. package/dist/admin/admin/src/utils/rulesEngine.js +5 -1
  302. package/dist/admin/admin/src/utils/rulesEngine.js.map +1 -1
  303. package/dist/admin/admin/src/utils/urls.js +5 -1
  304. package/dist/admin/admin/src/utils/urls.js.map +1 -1
  305. package/dist/admin/admin/tests/server.js +25 -0
  306. package/dist/admin/admin/tests/server.js.map +1 -1
  307. package/dist/admin/admin/tests/server.mjs +25 -0
  308. package/dist/admin/admin/tests/server.mjs.map +1 -1
  309. package/dist/admin/admin/tests/utils.js +3 -2
  310. package/dist/admin/admin/tests/utils.js.map +1 -1
  311. package/dist/admin/ee/admin/src/hooks/useLicenseLimitNotification.js +7 -3
  312. package/dist/admin/ee/admin/src/hooks/useLicenseLimitNotification.js.map +1 -1
  313. package/dist/admin/ee/admin/src/hooks/useLicenseLimits.js +3 -2
  314. package/dist/admin/ee/admin/src/hooks/useLicenseLimits.js.map +1 -1
  315. package/dist/admin/ee/admin/src/pages/AuthResponse.js +3 -2
  316. package/dist/admin/ee/admin/src/pages/AuthResponse.js.map +1 -1
  317. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/components/Modal.js +3 -2
  318. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/components/Modal.js.map +1 -1
  319. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/hooks/useAuditLogsData.js +3 -2
  320. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/hooks/useAuditLogsData.js.map +1 -1
  321. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/hooks/useFormatTimeStamp.js +5 -1
  322. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/hooks/useFormatTimeStamp.js.map +1 -1
  323. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.js +3 -2
  324. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.js.map +1 -1
  325. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/Users/components/CreateActionEE.js +7 -3
  326. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/Users/components/CreateActionEE.js.map +1 -1
  327. package/dist/admin/index.js +2 -0
  328. package/dist/admin/index.js.map +1 -1
  329. package/dist/admin/index.mjs +1 -0
  330. package/dist/admin/index.mjs.map +1 -1
  331. package/dist/admin/src/StrapiApp.d.ts +11 -5
  332. package/dist/admin/src/components/FormInputs/Boolean.d.ts +0 -1
  333. package/dist/admin/src/components/FormInputs/Checkbox.d.ts +0 -1
  334. package/dist/admin/src/components/FormInputs/DateTime.d.ts +0 -1
  335. package/dist/admin/src/components/FormInputs/Email.d.ts +0 -1
  336. package/dist/admin/src/components/FormInputs/Enumeration.d.ts +0 -1
  337. package/dist/admin/src/components/FormInputs/Number.d.ts +0 -1
  338. package/dist/admin/src/components/FormInputs/Password.d.ts +0 -1
  339. package/dist/admin/src/components/FormInputs/Renderer.d.ts +0 -1
  340. package/dist/admin/src/components/FormInputs/String.d.ts +0 -1
  341. package/dist/admin/src/components/FormInputs/Textarea.d.ts +0 -1
  342. package/dist/admin/src/components/FormInputs/Time.d.ts +0 -1
  343. package/dist/admin/src/components/GuidedTour/GuidedTourProvider.d.ts +0 -1
  344. package/dist/admin/src/components/LazyOutlet.d.ts +20 -0
  345. package/dist/admin/src/components/MainNav/MainNav.d.ts +1 -1
  346. package/dist/admin/src/components/MainNav/NavUser.d.ts +0 -1
  347. package/dist/admin/src/components/SubNav.d.ts +5 -6
  348. package/dist/admin/src/core/apis/Plugin.d.ts +1 -1
  349. package/dist/admin/src/core/apis/Widgets.d.ts +0 -1
  350. package/dist/admin/src/core/apis/router.d.ts +2 -3
  351. package/dist/admin/src/core/store/configure.d.ts +2 -2
  352. package/dist/admin/src/core/utils/createHook.d.ts +4 -4
  353. package/dist/admin/src/features/AppInfo.d.ts +1 -2
  354. package/dist/admin/src/features/StrapiApp.d.ts +1 -2
  355. package/dist/admin/src/hooks/useAPIErrorHandler.d.ts +1 -1
  356. package/dist/admin/src/hooks/useAdminRoles.d.ts +2 -2
  357. package/dist/admin/src/hooks/useFetchClient.d.ts +1 -1
  358. package/dist/admin/src/hooks/useIdleSessionLogout.d.ts +66 -12
  359. package/dist/admin/src/hooks/usePersistentState.d.ts +0 -1
  360. package/dist/admin/src/hooks/useQueryParams.d.ts +1 -1
  361. package/dist/admin/src/hooks/useThrottledCallback.d.ts +0 -1
  362. package/dist/admin/src/index.d.ts +1 -0
  363. package/dist/admin/src/layouts/UnauthenticatedLayout.d.ts +2 -2
  364. package/dist/admin/src/pages/SessionsPage.d.ts +2 -0
  365. package/dist/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.d.ts +2 -3
  366. package/dist/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.d.ts +2 -2
  367. package/dist/admin/src/pages/Settings/pages/Roles/components/HiddenAction.d.ts +0 -1
  368. package/dist/admin/src/pages/Settings/pages/Roles/components/Permissions.d.ts +2 -0
  369. package/dist/admin/src/pages/Settings/pages/Roles/utils/forms.d.ts +1 -1
  370. package/dist/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.d.ts +5 -0
  371. package/dist/admin/src/pages/Settings/pages/Roles/utils/permissions.d.ts +3 -1
  372. package/dist/admin/src/pages/Settings/pages/Webhooks/hooks/useWebhooks.d.ts +8 -8
  373. package/dist/admin/src/reducer.d.ts +1 -1
  374. package/dist/admin/src/services/admin.d.ts +2 -2
  375. package/dist/admin/src/services/api.d.ts +1 -1
  376. package/dist/admin/src/services/apiTokens.d.ts +1 -1
  377. package/dist/admin/src/services/auth.d.ts +29 -27
  378. package/dist/admin/src/services/contentApi.d.ts +1 -1
  379. package/dist/admin/src/services/users.d.ts +7 -7
  380. package/dist/admin/src/services/webhooks.d.ts +2 -2
  381. package/dist/admin/src/translations/languageNativeNames.d.ts +1 -0
  382. package/dist/admin/src/utils/locales.d.ts +0 -1
  383. package/dist/admin/src/utils/retryDynamicImport.d.ts +19 -0
  384. package/dist/admin/src/utils/shims.d.ts +1 -1
  385. package/dist/admin/tests/store.d.ts +4 -4
  386. package/dist/admin/tests/utils.d.ts +5 -5
  387. package/dist/ee/admin/src/pages/SettingsPage/pages/AuditLogs/utils/getDisplayedFilters.d.ts +1 -1
  388. package/dist/ee/admin/src/services/ai.d.ts +2 -2
  389. package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts +1 -1
  390. package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts.map +1 -1
  391. package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts +3 -3
  392. package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts.map +1 -1
  393. package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts +2 -2
  394. package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts.map +1 -1
  395. package/dist/ee/server/src/bootstrap.d.ts.map +1 -1
  396. package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts +30 -31
  397. package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts.map +1 -1
  398. package/dist/ee/server/src/controllers/index.d.ts +1 -2
  399. package/dist/ee/server/src/controllers/index.d.ts.map +1 -1
  400. package/dist/ee/server/src/controllers/user.d.ts +1 -1
  401. package/dist/ee/server/src/destroy.d.ts.map +1 -1
  402. package/dist/ee/server/src/index.d.ts +2 -3
  403. package/dist/ee/server/src/index.d.ts.map +1 -1
  404. package/dist/ee/server/src/register.d.ts.map +1 -1
  405. package/dist/ee/server/src/routes/utils.d.ts.map +1 -1
  406. package/dist/ee/server/src/services/auth.d.ts.map +1 -1
  407. package/dist/ee/server/src/services/index.d.ts +1 -1
  408. package/dist/ee/server/src/services/metrics.d.ts.map +1 -1
  409. package/dist/ee/server/src/services/passport/sso.d.ts.map +1 -1
  410. package/dist/ee/server/src/services/persist-tables.d.ts +1 -1
  411. package/dist/ee/server/src/services/persist-tables.d.ts.map +1 -1
  412. package/dist/ee/server/src/services/role.d.ts.map +1 -1
  413. package/dist/ee/server/src/services/user.d.ts.map +1 -1
  414. package/dist/ee/server/src/utils/index.d.ts.map +1 -1
  415. package/dist/ee/server/src/utils/sso-lock.d.ts.map +1 -1
  416. package/dist/ee/server/src/validation/authentication.d.ts +2 -2
  417. package/dist/ee/server/src/validation/role.d.ts +6 -6
  418. package/dist/ee/server/src/validation/role.d.ts.map +1 -1
  419. package/dist/ee/server/src/validation/user.d.ts.map +1 -1
  420. package/dist/server/ee/server/src/controllers/authentication-utils/middlewares.js +5 -1
  421. package/dist/server/ee/server/src/controllers/authentication-utils/middlewares.js.map +1 -1
  422. package/dist/server/ee/server/src/controllers/authentication.js +5 -1
  423. package/dist/server/ee/server/src/controllers/authentication.js.map +1 -1
  424. package/dist/server/ee/server/src/controllers/user.js +6 -2
  425. package/dist/server/ee/server/src/controllers/user.js.map +1 -1
  426. package/dist/server/ee/server/src/services/auth.js +5 -1
  427. package/dist/server/ee/server/src/services/auth.js.map +1 -1
  428. package/dist/server/ee/server/src/services/user.js +8 -4
  429. package/dist/server/ee/server/src/services/user.js.map +1 -1
  430. package/dist/server/index.js +6 -2
  431. package/dist/server/index.js.map +1 -1
  432. package/dist/server/server/src/ai/services/ai.js +10 -4
  433. package/dist/server/server/src/ai/services/ai.js.map +1 -1
  434. package/dist/server/server/src/content-types/session.js +6 -0
  435. package/dist/server/server/src/content-types/session.js.map +1 -1
  436. package/dist/server/server/src/content-types/session.mjs +6 -0
  437. package/dist/server/server/src/content-types/session.mjs.map +1 -1
  438. package/dist/server/server/src/controllers/admin.js +9 -4
  439. package/dist/server/server/src/controllers/admin.js.map +1 -1
  440. package/dist/server/server/src/controllers/admin.mjs.map +1 -1
  441. package/dist/server/server/src/controllers/authenticated-session.js +61 -0
  442. package/dist/server/server/src/controllers/authenticated-session.js.map +1 -0
  443. package/dist/server/server/src/controllers/authenticated-session.mjs +59 -0
  444. package/dist/server/server/src/controllers/authenticated-session.mjs.map +1 -0
  445. package/dist/server/server/src/controllers/authentication.js +18 -6
  446. package/dist/server/server/src/controllers/authentication.js.map +1 -1
  447. package/dist/server/server/src/controllers/authentication.mjs +12 -5
  448. package/dist/server/server/src/controllers/authentication.mjs.map +1 -1
  449. package/dist/server/server/src/controllers/index.js +2 -0
  450. package/dist/server/server/src/controllers/index.js.map +1 -1
  451. package/dist/server/server/src/controllers/index.mjs +2 -0
  452. package/dist/server/server/src/controllers/index.mjs.map +1 -1
  453. package/dist/server/server/src/controllers/role.js +2 -4
  454. package/dist/server/server/src/controllers/role.js.map +1 -1
  455. package/dist/server/server/src/controllers/role.mjs +2 -4
  456. package/dist/server/server/src/controllers/role.mjs.map +1 -1
  457. package/dist/server/server/src/controllers/user.js +3 -2
  458. package/dist/server/server/src/controllers/user.js.map +1 -1
  459. package/dist/server/server/src/controllers/webhooks.js +7 -2
  460. package/dist/server/server/src/controllers/webhooks.js.map +1 -1
  461. package/dist/server/server/src/middlewares/rateLimit.js +7 -2
  462. package/dist/server/server/src/middlewares/rateLimit.js.map +1 -1
  463. package/dist/server/server/src/policies/hasPermissions.js +7 -3
  464. package/dist/server/server/src/policies/hasPermissions.js.map +1 -1
  465. package/dist/server/server/src/routes/serve-admin-panel.js +9 -4
  466. package/dist/server/server/src/routes/serve-admin-panel.js.map +1 -1
  467. package/dist/server/server/src/routes/serve-admin-panel.mjs +1 -1
  468. package/dist/server/server/src/routes/serve-admin-panel.mjs.map +1 -1
  469. package/dist/server/server/src/routes/users.js +12 -26
  470. package/dist/server/server/src/routes/users.js.map +1 -1
  471. package/dist/server/server/src/routes/users.mjs +12 -26
  472. package/dist/server/server/src/routes/users.mjs.map +1 -1
  473. package/dist/server/server/src/services/api-token.js +7 -3
  474. package/dist/server/server/src/services/api-token.js.map +1 -1
  475. package/dist/server/server/src/services/auth.js +8 -3
  476. package/dist/server/server/src/services/auth.js.map +1 -1
  477. package/dist/server/server/src/services/content-type.js +6 -2
  478. package/dist/server/server/src/services/content-type.js.map +1 -1
  479. package/dist/server/server/src/services/encryption.js +8 -4
  480. package/dist/server/server/src/services/encryption.js.map +1 -1
  481. package/dist/server/server/src/services/passport.js +6 -2
  482. package/dist/server/server/src/services/passport.js.map +1 -1
  483. package/dist/server/server/src/services/permission/engine.js +5 -1
  484. package/dist/server/server/src/services/permission/engine.js.map +1 -1
  485. package/dist/server/server/src/services/permission/permissions-manager/index.js +5 -1
  486. package/dist/server/server/src/services/permission/permissions-manager/index.js.map +1 -1
  487. package/dist/server/server/src/services/permission/permissions-manager/query-builders.js +14 -10
  488. package/dist/server/server/src/services/permission/permissions-manager/query-builders.js.map +1 -1
  489. package/dist/server/server/src/services/permission/permissions-manager/sanitize.js +0 -2
  490. package/dist/server/server/src/services/permission/permissions-manager/sanitize.js.map +1 -1
  491. package/dist/server/server/src/services/permission/permissions-manager/sanitize.mjs +0 -2
  492. package/dist/server/server/src/services/permission/permissions-manager/sanitize.mjs.map +1 -1
  493. package/dist/server/server/src/services/permission/queries.js +5 -1
  494. package/dist/server/server/src/services/permission/queries.js.map +1 -1
  495. package/dist/server/server/src/services/project-settings.js +6 -2
  496. package/dist/server/server/src/services/project-settings.js.map +1 -1
  497. package/dist/server/server/src/services/role.js +10 -5
  498. package/dist/server/server/src/services/role.js.map +1 -1
  499. package/dist/server/server/src/services/role.mjs +2 -1
  500. package/dist/server/server/src/services/role.mjs.map +1 -1
  501. package/dist/server/server/src/services/token.js +7 -2
  502. package/dist/server/server/src/services/token.js.map +1 -1
  503. package/dist/server/server/src/services/transfer/permission.js +5 -1
  504. package/dist/server/server/src/services/transfer/permission.js.map +1 -1
  505. package/dist/server/server/src/services/transfer/token.js +10 -5
  506. package/dist/server/server/src/services/transfer/token.js.map +1 -1
  507. package/dist/server/server/src/services/user.js +10 -6
  508. package/dist/server/server/src/services/user.js.map +1 -1
  509. package/dist/server/server/src/strategies/admin.js +4 -0
  510. package/dist/server/server/src/strategies/admin.js.map +1 -1
  511. package/dist/server/server/src/strategies/admin.mjs +4 -0
  512. package/dist/server/server/src/strategies/admin.mjs.map +1 -1
  513. package/dist/server/server/src/validation/common-functions/check-fields-are-correctly-nested.js +5 -1
  514. package/dist/server/server/src/validation/common-functions/check-fields-are-correctly-nested.js.map +1 -1
  515. package/dist/server/server/src/validation/common-functions/check-fields-dont-have-duplicates.js +6 -2
  516. package/dist/server/server/src/validation/common-functions/check-fields-dont-have-duplicates.js.map +1 -1
  517. package/dist/server/server/src/validation/common-validators.js +6 -2
  518. package/dist/server/server/src/validation/common-validators.js.map +1 -1
  519. package/dist/server/server/src/validation/policies/hasPermissions.js +6 -2
  520. package/dist/server/server/src/validation/policies/hasPermissions.js.map +1 -1
  521. package/dist/server/shared/utils/session-auth.js +5 -1
  522. package/dist/server/shared/utils/session-auth.js.map +1 -1
  523. package/dist/server/src/ai/controllers/ai.d.ts +3 -3
  524. package/dist/server/src/ai/services/ai.d.ts.map +1 -1
  525. package/dist/server/src/bootstrap.d.ts.map +1 -1
  526. package/dist/server/src/config/admin-conditions.d.ts +2 -2
  527. package/dist/server/src/config/admin-conditions.d.ts.map +1 -1
  528. package/dist/server/src/content-types/index.d.ts +6 -0
  529. package/dist/server/src/content-types/index.d.ts.map +1 -1
  530. package/dist/server/src/content-types/session.d.ts +6 -0
  531. package/dist/server/src/content-types/session.d.ts.map +1 -1
  532. package/dist/server/src/controllers/admin-token.d.ts +5 -5
  533. package/dist/server/src/controllers/api-token.d.ts +1 -1
  534. package/dist/server/src/controllers/authenticated-session.d.ts +8 -0
  535. package/dist/server/src/controllers/authenticated-session.d.ts.map +1 -0
  536. package/dist/server/src/controllers/authenticated-user.d.ts +1 -1
  537. package/dist/server/src/controllers/authentication.d.ts +4 -4
  538. package/dist/server/src/controllers/authentication.d.ts.map +1 -1
  539. package/dist/server/src/controllers/formatters/conditions.d.ts +0 -1
  540. package/dist/server/src/controllers/formatters/conditions.d.ts.map +1 -1
  541. package/dist/server/src/controllers/formatters/format-actions-by-sections.d.ts.map +1 -1
  542. package/dist/server/src/controllers/homepage.d.ts +2 -2
  543. package/dist/server/src/controllers/homepage.d.ts.map +1 -1
  544. package/dist/server/src/controllers/index.d.ts +33 -43
  545. package/dist/server/src/controllers/index.d.ts.map +1 -1
  546. package/dist/server/src/controllers/role.d.ts +4 -4
  547. package/dist/server/src/controllers/transfer/runner.d.ts +4 -4
  548. package/dist/server/src/controllers/transfer/runner.d.ts.map +1 -1
  549. package/dist/server/src/controllers/transfer/token.d.ts +1 -1
  550. package/dist/server/src/controllers/user.d.ts +2 -2
  551. package/dist/server/src/controllers/webhooks.d.ts +4 -4
  552. package/dist/server/src/domain/action/index.d.ts +4 -65
  553. package/dist/server/src/domain/action/index.d.ts.map +1 -1
  554. package/dist/server/src/domain/action/provider.d.ts +30 -3
  555. package/dist/server/src/domain/action/provider.d.ts.map +1 -1
  556. package/dist/server/src/domain/condition/index.d.ts.map +1 -1
  557. package/dist/server/src/domain/condition/provider.d.ts +19 -2
  558. package/dist/server/src/domain/condition/provider.d.ts.map +1 -1
  559. package/dist/server/src/domain/permission/index.d.ts +0 -1
  560. package/dist/server/src/domain/permission/index.d.ts.map +1 -1
  561. package/dist/server/src/domain/user.d.ts.map +1 -1
  562. package/dist/server/src/index.d.ts +51 -63
  563. package/dist/server/src/index.d.ts.map +1 -1
  564. package/dist/server/src/middlewares/data-transfer.d.ts.map +1 -1
  565. package/dist/server/src/middlewares/index.d.ts +0 -1
  566. package/dist/server/src/middlewares/index.d.ts.map +1 -1
  567. package/dist/server/src/middlewares/rateLimit.d.ts.map +1 -1
  568. package/dist/server/src/policies/hasPermissions.d.ts.map +1 -1
  569. package/dist/server/src/policies/index.d.ts.map +1 -1
  570. package/dist/server/src/policies/isAuthenticatedAdmin.d.ts.map +1 -1
  571. package/dist/server/src/policies/isTelemetryEnabled.d.ts.map +1 -1
  572. package/dist/server/src/register.d.ts.map +1 -1
  573. package/dist/server/src/routes/index.d.ts +0 -1
  574. package/dist/server/src/routes/index.d.ts.map +1 -1
  575. package/dist/server/src/routes/serve-admin-panel.d.ts.map +1 -1
  576. package/dist/server/src/routes/transfer.d.ts +0 -1
  577. package/dist/server/src/routes/transfer.d.ts.map +1 -1
  578. package/dist/server/src/routes/users.d.ts.map +1 -1
  579. package/dist/server/src/services/action.d.ts.map +1 -1
  580. package/dist/server/src/services/api-token.d.ts +5 -6
  581. package/dist/server/src/services/api-token.d.ts.map +1 -1
  582. package/dist/server/src/services/auth.d.ts.map +1 -1
  583. package/dist/server/src/services/condition.d.ts.map +1 -1
  584. package/dist/server/src/services/content-type.d.ts.map +1 -1
  585. package/dist/server/src/services/encryption.d.ts.map +1 -1
  586. package/dist/server/src/services/homepage.d.ts.map +1 -1
  587. package/dist/server/src/services/index.d.ts +12 -21
  588. package/dist/server/src/services/index.d.ts.map +1 -1
  589. package/dist/server/src/services/metrics.d.ts.map +1 -1
  590. package/dist/server/src/services/passport/local-strategy.d.ts.map +1 -1
  591. package/dist/server/src/services/passport.d.ts +0 -1
  592. package/dist/server/src/services/passport.d.ts.map +1 -1
  593. package/dist/server/src/services/permission/engine.d.ts +1 -2
  594. package/dist/server/src/services/permission/engine.d.ts.map +1 -1
  595. package/dist/server/src/services/permission/permissions-manager/index.d.ts +5 -5
  596. package/dist/server/src/services/permission/permissions-manager/index.d.ts.map +1 -1
  597. package/dist/server/src/services/permission/permissions-manager/permission-fields.d.ts.map +1 -1
  598. package/dist/server/src/services/permission/permissions-manager/query-builders.d.ts.map +1 -1
  599. package/dist/server/src/services/permission/permissions-manager/sanitize.d.ts +3 -3
  600. package/dist/server/src/services/permission/permissions-manager/sanitize.d.ts.map +1 -1
  601. package/dist/server/src/services/permission/permissions-manager/validate.d.ts.map +1 -1
  602. package/dist/server/src/services/permission/queries.d.ts.map +1 -1
  603. package/dist/server/src/services/permission/sections-builder/builder.d.ts +4 -4
  604. package/dist/server/src/services/permission/sections-builder/builder.d.ts.map +1 -1
  605. package/dist/server/src/services/permission/sections-builder/handlers.d.ts.map +1 -1
  606. package/dist/server/src/services/permission/sections-builder/index.d.ts +4 -4
  607. package/dist/server/src/services/permission/sections-builder/section.d.ts.map +1 -1
  608. package/dist/server/src/services/permission/sections-builder/utils.d.ts +0 -1
  609. package/dist/server/src/services/permission/sections-builder/utils.d.ts.map +1 -1
  610. package/dist/server/src/services/permission.d.ts +13 -38
  611. package/dist/server/src/services/permission.d.ts.map +1 -1
  612. package/dist/server/src/services/project-settings.d.ts +2 -4
  613. package/dist/server/src/services/project-settings.d.ts.map +1 -1
  614. package/dist/server/src/services/role.d.ts +7 -1
  615. package/dist/server/src/services/role.d.ts.map +1 -1
  616. package/dist/server/src/services/token.d.ts +1 -1
  617. package/dist/server/src/services/token.d.ts.map +1 -1
  618. package/dist/server/src/services/transfer/token.d.ts +11 -11
  619. package/dist/server/src/services/transfer/token.d.ts.map +1 -1
  620. package/dist/server/src/services/user.d.ts +3 -3
  621. package/dist/server/src/services/user.d.ts.map +1 -1
  622. package/dist/server/src/strategies/admin-token.d.ts +4 -4
  623. package/dist/server/src/strategies/admin-token.d.ts.map +1 -1
  624. package/dist/server/src/strategies/admin.d.ts.map +1 -1
  625. package/dist/server/src/strategies/api-token-utils.d.ts.map +1 -1
  626. package/dist/server/src/strategies/content-api-token.d.ts.map +1 -1
  627. package/dist/server/src/strategies/data-transfer.d.ts.map +1 -1
  628. package/dist/server/src/utils/normalize-email.d.ts.map +1 -1
  629. package/dist/server/src/validation/action-provider.d.ts +2 -2
  630. package/dist/server/src/validation/action-provider.d.ts.map +1 -1
  631. package/dist/server/src/validation/admin-tokens.d.ts +2 -2
  632. package/dist/server/src/validation/api-tokens.d.ts +4 -4
  633. package/dist/server/src/validation/authentication/forgot-password.d.ts +1 -1
  634. package/dist/server/src/validation/authentication/login.d.ts +1 -1
  635. package/dist/server/src/validation/authentication/register.d.ts +6 -6
  636. package/dist/server/src/validation/authentication/register.d.ts.map +1 -1
  637. package/dist/server/src/validation/authentication/reset-password.d.ts +1 -1
  638. package/dist/server/src/validation/common-functions/check-fields-are-correctly-nested.d.ts.map +1 -1
  639. package/dist/server/src/validation/common-functions/check-fields-dont-have-duplicates.d.ts.map +1 -1
  640. package/dist/server/src/validation/common-validators.d.ts.map +1 -1
  641. package/dist/server/src/validation/permission.d.ts +6 -6
  642. package/dist/server/src/validation/permission.d.ts.map +1 -1
  643. package/dist/server/src/validation/policies/hasPermissions.d.ts +2 -2
  644. package/dist/server/src/validation/project-settings.d.ts +6 -6
  645. package/dist/server/src/validation/role.d.ts +8 -8
  646. package/dist/server/src/validation/role.d.ts.map +1 -1
  647. package/dist/server/src/validation/transfer/token.d.ts +4 -4
  648. package/dist/server/src/validation/user.d.ts +8 -8
  649. package/dist/shared/contracts/permissions.d.ts +1 -0
  650. package/dist/shared/contracts/permissions.d.ts.map +1 -1
  651. package/dist/shared/contracts/sessions.d.ts +62 -0
  652. package/dist/shared/contracts/sessions.d.ts.map +1 -0
  653. package/dist/shared/contracts/shared.d.ts +1 -1
  654. package/dist/shared/contracts/shared.d.ts.map +1 -1
  655. package/dist/shared/utils/session-auth.d.ts +1 -1
  656. package/dist/shared/utils/session-auth.d.ts.map +1 -1
  657. package/package.json +11 -11
@@ -2,6 +2,10 @@
2
2
 
3
3
  var crypto = require('crypto');
4
4
 
5
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
6
+
7
+ var crypto__default = /*#__PURE__*/_interopDefault(crypto);
8
+
5
9
  const IV_LENGTH = 16; // 16 bytes for AES-GCM IV
6
10
  const ENCRYPTION_VERSION = 'v1';
7
11
  const getHashedKey = ()=>{
@@ -11,7 +15,7 @@ const getHashedKey = ()=>{
11
15
  strapi.log.warn('Encryption key is missing from admin.secrets.encryptionKey configuration');
12
16
  return null;
13
17
  }
14
- return crypto.createHash('sha256').update(rawKey).digest(); // Always 32 bytes
18
+ return crypto__default.default.createHash('sha256').update(rawKey).digest(); // Always 32 bytes
15
19
  };
16
20
  /**
17
21
  * Encrypts a value string using AES-256-GCM.
@@ -19,8 +23,8 @@ const getHashedKey = ()=>{
19
23
  */ const encrypt = (value)=>{
20
24
  const key = getHashedKey();
21
25
  if (!key) return null;
22
- const iv = crypto.randomBytes(IV_LENGTH);
23
- const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
26
+ const iv = crypto__default.default.randomBytes(IV_LENGTH);
27
+ const cipher = crypto__default.default.createCipheriv('aes-256-gcm', key, iv);
24
28
  let encrypted = cipher.update(value, 'utf8', 'hex');
25
29
  encrypted += cipher.final('hex');
26
30
  const authTag = cipher.getAuthTag();
@@ -44,7 +48,7 @@ const getHashedKey = ()=>{
44
48
  const encryptedText = Buffer.from(encryptedHex, 'hex');
45
49
  const authTag = Buffer.from(tagHex, 'hex');
46
50
  try {
47
- const decipher = crypto.createDecipheriv('aes-256-gcm', key, iv);
51
+ const decipher = crypto__default.default.createDecipheriv('aes-256-gcm', key, iv);
48
52
  decipher.setAuthTag(authTag);
49
53
  let decrypted = decipher.update(encryptedText, undefined, 'utf8');
50
54
  decrypted += decipher.final('utf8');
@@ -1 +1 @@
1
- {"version":3,"file":"encryption.js","sources":["../../../../../server/src/services/encryption.ts"],"sourcesContent":["import crypto from 'crypto';\nimport type { Core } from '@strapi/types';\n\nconst IV_LENGTH = 16; // 16 bytes for AES-GCM IV\nconst ENCRYPTION_VERSION = 'v1';\n\nconst getHashedKey = (): Buffer | null => {\n const secrets = strapi.config.get<Core.Config.Admin['secrets']>('admin.secrets');\n const rawKey: string | undefined = secrets?.encryptionKey;\n if (!rawKey) {\n strapi.log.warn('Encryption key is missing from admin.secrets.encryptionKey configuration');\n return null;\n }\n\n return crypto.createHash('sha256').update(rawKey).digest(); // Always 32 bytes\n};\n\n/**\n * Encrypts a value string using AES-256-GCM.\n * Returns a string prefixed with the encryption version and includes IV, encrypted content, and auth tag (all hex-encoded).\n */\nconst encrypt = (value: string) => {\n const key = getHashedKey();\n if (!key) return null;\n\n const iv = crypto.randomBytes(IV_LENGTH);\n const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);\n\n let encrypted = cipher.update(value, 'utf8', 'hex');\n encrypted += cipher.final('hex');\n\n const authTag = cipher.getAuthTag();\n\n return `${ENCRYPTION_VERSION}:${iv.toString('hex')}:${encrypted}:${authTag.toString('hex')}`;\n};\n\n/**\n * Decrypts a value encrypted by encrypt().\n * Supports versioned formats like v1:iv:encrypted:authTag\n */\nconst decrypt = (encryptedValue: string) => {\n const [version, ...rest] = encryptedValue.split(':');\n\n if (version !== ENCRYPTION_VERSION) {\n throw new Error(`Unsupported encryption version: ${version}`);\n }\n\n const [ivHex, encryptedHex, tagHex] = rest;\n if (!ivHex || !encryptedHex || !tagHex) {\n throw new Error('Invalid encrypted value format');\n }\n\n const key = getHashedKey();\n if (!key) return null;\n\n const iv = Buffer.from(ivHex, 'hex');\n const encryptedText = Buffer.from(encryptedHex, 'hex');\n const authTag = Buffer.from(tagHex, 'hex');\n\n try {\n const decipher = crypto.createDecipheriv('aes-256-gcm', key, iv);\n decipher.setAuthTag(authTag);\n\n let decrypted = decipher.update(encryptedText, undefined, 'utf8');\n decrypted += decipher.final('utf8');\n\n return decrypted;\n } catch (err) {\n strapi.log.warn(\n '[decrypt] Unable to decrypt value — encryption key may have changed or data is corrupted.'\n );\n return null;\n }\n};\n\nexport default {\n encrypt,\n decrypt,\n};\n"],"names":["IV_LENGTH","ENCRYPTION_VERSION","getHashedKey","secrets","strapi","config","get","rawKey","encryptionKey","log","warn","crypto","createHash","update","digest","encrypt","value","key","iv","randomBytes","cipher","createCipheriv","encrypted","final","authTag","getAuthTag","toString","decrypt","encryptedValue","version","rest","split","Error","ivHex","encryptedHex","tagHex","Buffer","from","encryptedText","decipher","createDecipheriv","setAuthTag","decrypted","undefined","err"],"mappings":";;;;AAGA,MAAMA,SAAAA,GAAY;AAClB,MAAMC,kBAAAA,GAAqB,IAAA;AAE3B,MAAMC,YAAAA,GAAe,IAAA;AACnB,IAAA,MAAMC,OAAAA,GAAUC,MAAAA,CAAOC,MAAM,CAACC,GAAG,CAA+B,eAAA,CAAA;AAChE,IAAA,MAAMC,SAA6BJ,OAAAA,EAASK,aAAAA;AAC5C,IAAA,IAAI,CAACD,MAAAA,EAAQ;QACXH,MAAAA,CAAOK,GAAG,CAACC,IAAI,CAAC,0EAAA,CAAA;QAChB,OAAO,IAAA;AACT,IAAA;IAEA,OAAOC,MAAAA,CAAOC,UAAU,CAAC,QAAA,CAAA,CAAUC,MAAM,CAACN,MAAAA,CAAAA,CAAQO,MAAM,EAAA,CAAA;AAC1D,CAAA;AAEA;;;IAIA,MAAMC,UAAU,CAACC,KAAAA,GAAAA;AACf,IAAA,MAAMC,GAAAA,GAAMf,YAAAA,EAAAA;IACZ,IAAI,CAACe,KAAK,OAAO,IAAA;IAEjB,MAAMC,EAAAA,GAAKP,MAAAA,CAAOQ,WAAW,CAACnB,SAAAA,CAAAA;AAC9B,IAAA,MAAMoB,MAAAA,GAAST,MAAAA,CAAOU,cAAc,CAAC,eAAeJ,GAAAA,EAAKC,EAAAA,CAAAA;AAEzD,IAAA,IAAII,SAAAA,GAAYF,MAAAA,CAAOP,MAAM,CAACG,OAAO,MAAA,EAAQ,KAAA,CAAA;IAC7CM,SAAAA,IAAaF,MAAAA,CAAOG,KAAK,CAAC,KAAA,CAAA;IAE1B,MAAMC,OAAAA,GAAUJ,OAAOK,UAAU,EAAA;AAEjC,IAAA,OAAO,GAAGxB,kBAAAA,CAAmB,CAAC,EAAEiB,EAAAA,CAAGQ,QAAQ,CAAC,KAAA,CAAA,CAAO,CAAC,EAAEJ,UAAU,CAAC,EAAEE,OAAAA,CAAQE,QAAQ,CAAC,KAAA,CAAA,CAAA,CAAQ;AAC9F,CAAA;AAEA;;;IAIA,MAAMC,UAAU,CAACC,cAAAA,GAAAA;AACf,IAAA,MAAM,CAACC,OAAAA,EAAS,GAAGC,KAAK,GAAGF,cAAAA,CAAeG,KAAK,CAAC,GAAA,CAAA;AAEhD,IAAA,IAAIF,YAAY5B,kBAAAA,EAAoB;AAClC,QAAA,MAAM,IAAI+B,KAAAA,CAAM,CAAC,gCAAgC,EAAEH,OAAAA,CAAAA,CAAS,CAAA;AAC9D,IAAA;AAEA,IAAA,MAAM,CAACI,KAAAA,EAAOC,YAAAA,EAAcC,MAAAA,CAAO,GAAGL,IAAAA;AACtC,IAAA,IAAI,CAACG,KAAAA,IAAS,CAACC,YAAAA,IAAgB,CAACC,MAAAA,EAAQ;AACtC,QAAA,MAAM,IAAIH,KAAAA,CAAM,gCAAA,CAAA;AAClB,IAAA;AAEA,IAAA,MAAMf,GAAAA,GAAMf,YAAAA,EAAAA;IACZ,IAAI,CAACe,KAAK,OAAO,IAAA;AAEjB,IAAA,MAAMC,EAAAA,GAAKkB,MAAAA,CAAOC,IAAI,CAACJ,KAAAA,EAAO,KAAA,CAAA;AAC9B,IAAA,MAAMK,aAAAA,GAAgBF,MAAAA,CAAOC,IAAI,CAACH,YAAAA,EAAc,KAAA,CAAA;AAChD,IAAA,MAAMV,OAAAA,GAAUY,MAAAA,CAAOC,IAAI,CAACF,MAAAA,EAAQ,KAAA,CAAA;IAEpC,IAAI;AACF,QAAA,MAAMI,QAAAA,GAAW5B,MAAAA,CAAO6B,gBAAgB,CAAC,eAAevB,GAAAA,EAAKC,EAAAA,CAAAA;AAC7DqB,QAAAA,QAAAA,CAASE,UAAU,CAACjB,OAAAA,CAAAA;AAEpB,QAAA,IAAIkB,SAAAA,GAAYH,QAAAA,CAAS1B,MAAM,CAACyB,eAAeK,SAAAA,EAAW,MAAA,CAAA;QAC1DD,SAAAA,IAAaH,QAAAA,CAAShB,KAAK,CAAC,MAAA,CAAA;QAE5B,OAAOmB,SAAAA;AACT,IAAA,CAAA,CAAE,OAAOE,GAAAA,EAAK;QACZxC,MAAAA,CAAOK,GAAG,CAACC,IAAI,CACb,2FAAA,CAAA;QAEF,OAAO,IAAA;AACT,IAAA;AACF,CAAA;AAEA,iBAAe;AACbK,IAAAA,OAAAA;AACAY,IAAAA;AACF,CAAA;;;;"}
1
+ {"version":3,"file":"encryption.js","sources":["../../../../../server/src/services/encryption.ts"],"sourcesContent":["import crypto from 'crypto';\nimport type { Core } from '@strapi/types';\n\nconst IV_LENGTH = 16; // 16 bytes for AES-GCM IV\nconst ENCRYPTION_VERSION = 'v1';\n\nconst getHashedKey = (): Buffer | null => {\n const secrets = strapi.config.get<Core.Config.Admin['secrets']>('admin.secrets');\n const rawKey: string | undefined = secrets?.encryptionKey;\n if (!rawKey) {\n strapi.log.warn('Encryption key is missing from admin.secrets.encryptionKey configuration');\n return null;\n }\n\n return crypto.createHash('sha256').update(rawKey).digest(); // Always 32 bytes\n};\n\n/**\n * Encrypts a value string using AES-256-GCM.\n * Returns a string prefixed with the encryption version and includes IV, encrypted content, and auth tag (all hex-encoded).\n */\nconst encrypt = (value: string) => {\n const key = getHashedKey();\n if (!key) return null;\n\n const iv = crypto.randomBytes(IV_LENGTH);\n const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);\n\n let encrypted = cipher.update(value, 'utf8', 'hex');\n encrypted += cipher.final('hex');\n\n const authTag = cipher.getAuthTag();\n\n return `${ENCRYPTION_VERSION}:${iv.toString('hex')}:${encrypted}:${authTag.toString('hex')}`;\n};\n\n/**\n * Decrypts a value encrypted by encrypt().\n * Supports versioned formats like v1:iv:encrypted:authTag\n */\nconst decrypt = (encryptedValue: string) => {\n const [version, ...rest] = encryptedValue.split(':');\n\n if (version !== ENCRYPTION_VERSION) {\n throw new Error(`Unsupported encryption version: ${version}`);\n }\n\n const [ivHex, encryptedHex, tagHex] = rest;\n if (!ivHex || !encryptedHex || !tagHex) {\n throw new Error('Invalid encrypted value format');\n }\n\n const key = getHashedKey();\n if (!key) return null;\n\n const iv = Buffer.from(ivHex, 'hex');\n const encryptedText = Buffer.from(encryptedHex, 'hex');\n const authTag = Buffer.from(tagHex, 'hex');\n\n try {\n const decipher = crypto.createDecipheriv('aes-256-gcm', key, iv);\n decipher.setAuthTag(authTag);\n\n let decrypted = decipher.update(encryptedText, undefined, 'utf8');\n decrypted += decipher.final('utf8');\n\n return decrypted;\n } catch (err) {\n strapi.log.warn(\n '[decrypt] Unable to decrypt value — encryption key may have changed or data is corrupted.'\n );\n return null;\n }\n};\n\nexport default {\n encrypt,\n decrypt,\n};\n"],"names":["IV_LENGTH","ENCRYPTION_VERSION","getHashedKey","secrets","strapi","config","get","rawKey","encryptionKey","log","warn","crypto","createHash","update","digest","encrypt","value","key","iv","randomBytes","cipher","createCipheriv","encrypted","final","authTag","getAuthTag","toString","decrypt","encryptedValue","version","rest","split","Error","ivHex","encryptedHex","tagHex","Buffer","from","encryptedText","decipher","createDecipheriv","setAuthTag","decrypted","undefined","err"],"mappings":";;;;;;;;AAGA,MAAMA,SAAAA,GAAY;AAClB,MAAMC,kBAAAA,GAAqB,IAAA;AAE3B,MAAMC,YAAAA,GAAe,IAAA;AACnB,IAAA,MAAMC,OAAAA,GAAUC,MAAAA,CAAOC,MAAM,CAACC,GAAG,CAA+B,eAAA,CAAA;AAChE,IAAA,MAAMC,SAA6BJ,OAAAA,EAASK,aAAAA;AAC5C,IAAA,IAAI,CAACD,MAAAA,EAAQ;QACXH,MAAAA,CAAOK,GAAG,CAACC,IAAI,CAAC,0EAAA,CAAA;QAChB,OAAO,IAAA;AACT,IAAA;IAEA,OAAOC,uBAAAA,CAAOC,UAAU,CAAC,QAAA,CAAA,CAAUC,MAAM,CAACN,MAAAA,CAAAA,CAAQO,MAAM,EAAA,CAAA;AAC1D,CAAA;AAEA;;;IAIA,MAAMC,UAAU,CAACC,KAAAA,GAAAA;AACf,IAAA,MAAMC,GAAAA,GAAMf,YAAAA,EAAAA;IACZ,IAAI,CAACe,KAAK,OAAO,IAAA;IAEjB,MAAMC,EAAAA,GAAKP,uBAAAA,CAAOQ,WAAW,CAACnB,SAAAA,CAAAA;AAC9B,IAAA,MAAMoB,MAAAA,GAAST,uBAAAA,CAAOU,cAAc,CAAC,eAAeJ,GAAAA,EAAKC,EAAAA,CAAAA;AAEzD,IAAA,IAAII,SAAAA,GAAYF,MAAAA,CAAOP,MAAM,CAACG,OAAO,MAAA,EAAQ,KAAA,CAAA;IAC7CM,SAAAA,IAAaF,MAAAA,CAAOG,KAAK,CAAC,KAAA,CAAA;IAE1B,MAAMC,OAAAA,GAAUJ,OAAOK,UAAU,EAAA;AAEjC,IAAA,OAAO,GAAGxB,kBAAAA,CAAmB,CAAC,EAAEiB,EAAAA,CAAGQ,QAAQ,CAAC,KAAA,CAAA,CAAO,CAAC,EAAEJ,UAAU,CAAC,EAAEE,OAAAA,CAAQE,QAAQ,CAAC,KAAA,CAAA,CAAA,CAAQ;AAC9F,CAAA;AAEA;;;IAIA,MAAMC,UAAU,CAACC,cAAAA,GAAAA;AACf,IAAA,MAAM,CAACC,OAAAA,EAAS,GAAGC,KAAK,GAAGF,cAAAA,CAAeG,KAAK,CAAC,GAAA,CAAA;AAEhD,IAAA,IAAIF,YAAY5B,kBAAAA,EAAoB;AAClC,QAAA,MAAM,IAAI+B,KAAAA,CAAM,CAAC,gCAAgC,EAAEH,OAAAA,CAAAA,CAAS,CAAA;AAC9D,IAAA;AAEA,IAAA,MAAM,CAACI,KAAAA,EAAOC,YAAAA,EAAcC,MAAAA,CAAO,GAAGL,IAAAA;AACtC,IAAA,IAAI,CAACG,KAAAA,IAAS,CAACC,YAAAA,IAAgB,CAACC,MAAAA,EAAQ;AACtC,QAAA,MAAM,IAAIH,KAAAA,CAAM,gCAAA,CAAA;AAClB,IAAA;AAEA,IAAA,MAAMf,GAAAA,GAAMf,YAAAA,EAAAA;IACZ,IAAI,CAACe,KAAK,OAAO,IAAA;AAEjB,IAAA,MAAMC,EAAAA,GAAKkB,MAAAA,CAAOC,IAAI,CAACJ,KAAAA,EAAO,KAAA,CAAA;AAC9B,IAAA,MAAMK,aAAAA,GAAgBF,MAAAA,CAAOC,IAAI,CAACH,YAAAA,EAAc,KAAA,CAAA;AAChD,IAAA,MAAMV,OAAAA,GAAUY,MAAAA,CAAOC,IAAI,CAACF,MAAAA,EAAQ,KAAA,CAAA;IAEpC,IAAI;AACF,QAAA,MAAMI,QAAAA,GAAW5B,uBAAAA,CAAO6B,gBAAgB,CAAC,eAAevB,GAAAA,EAAKC,EAAAA,CAAAA;AAC7DqB,QAAAA,QAAAA,CAASE,UAAU,CAACjB,OAAAA,CAAAA;AAEpB,QAAA,IAAIkB,SAAAA,GAAYH,QAAAA,CAAS1B,MAAM,CAACyB,eAAeK,SAAAA,EAAW,MAAA,CAAA;QAC1DD,SAAAA,IAAaH,QAAAA,CAAShB,KAAK,CAAC,MAAA,CAAA;QAE5B,OAAOmB,SAAAA;AACT,IAAA,CAAA,CAAE,OAAOE,GAAAA,EAAK;QACZxC,MAAAA,CAAOK,GAAG,CAACC,IAAI,CACb,2FAAA,CAAA;QAEF,OAAO,IAAA;AACT,IAAA;AACF,CAAA;AAEA,iBAAe;AACbK,IAAAA,OAAAA;AACAY,IAAAA;AACF,CAAA;;;;"}
@@ -4,6 +4,10 @@ var passport$1 = require('koa-passport');
4
4
  var fp = require('lodash/fp');
5
5
  var localStrategy = require('./passport/local-strategy.js');
6
6
 
7
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
8
+
9
+ var passport__default = /*#__PURE__*/_interopDefault(passport$1);
10
+
7
11
  const authEventsMapper = {
8
12
  onConnectionSuccess: 'admin.auth.success',
9
13
  onConnectionError: 'admin.auth.error'
@@ -26,9 +30,9 @@ const registerAuthEvents = ()=>{
26
30
  }
27
31
  };
28
32
  const init = ()=>{
29
- strapi.service('admin::passport').getPassportStrategies().forEach((strategy)=>passport$1.use(strategy));
33
+ strapi.service('admin::passport').getPassportStrategies().forEach((strategy)=>passport__default.default.use(strategy));
30
34
  registerAuthEvents();
31
- return passport$1.initialize();
35
+ return passport__default.default.initialize();
32
36
  };
33
37
  var passport = {
34
38
  init,
@@ -1 +1 @@
1
- {"version":3,"file":"passport.js","sources":["../../../../../server/src/services/passport.ts"],"sourcesContent":["import passport from 'koa-passport';\nimport type { Strategy } from 'passport-local';\nimport { isFunction } from 'lodash/fp';\n\nimport createLocalStrategy from './passport/local-strategy';\n\nconst authEventsMapper = {\n onConnectionSuccess: 'admin.auth.success',\n onConnectionError: 'admin.auth.error',\n};\n\nconst valueIsFunctionType = ([, value]: [any, any]) => isFunction(value);\nconst keyIsValidEventName = ([key]: any) => {\n return Object.keys(strapi.service('admin::passport').authEventsMapper).includes(key);\n};\n\nconst getPassportStrategies = () => [createLocalStrategy(strapi)] as Strategy[];\n\nconst registerAuthEvents = () => {\n // @ts-expect-error - TODO: migrate auth service to TS\n const { events = {} } = strapi.config.get('admin.auth', {});\n const { authEventsMapper } = strapi.service('admin::passport');\n\n const eventList = Object.entries(events).filter(keyIsValidEventName).filter(valueIsFunctionType);\n\n for (const [eventName, handler] of eventList) {\n // TODO - TS: ensure the handler is an EventHub.Listener\n strapi.eventHub.on(authEventsMapper[eventName], handler as any);\n }\n};\n\nconst init = () => {\n strapi\n .service('admin::passport')\n .getPassportStrategies()\n .forEach((strategy: Strategy) => passport.use(strategy));\n\n registerAuthEvents();\n\n return passport.initialize();\n};\n\nexport default { init, getPassportStrategies, authEventsMapper };\n"],"names":["authEventsMapper","onConnectionSuccess","onConnectionError","valueIsFunctionType","value","isFunction","keyIsValidEventName","key","Object","keys","strapi","service","includes","getPassportStrategies","createLocalStrategy","registerAuthEvents","events","config","get","eventList","entries","filter","eventName","handler","eventHub","on","init","forEach","strategy","passport","use","initialize"],"mappings":";;;;;;AAMA,MAAMA,gBAAAA,GAAmB;IACvBC,mBAAAA,EAAqB,oBAAA;IACrBC,iBAAAA,EAAmB;AACrB,CAAA;AAEA,MAAMC,mBAAAA,GAAsB,CAAC,GAAGC,KAAAA,CAAkB,GAAKC,aAAAA,CAAWD,KAAAA,CAAAA;AAClE,MAAME,mBAAAA,GAAsB,CAAC,CAACC,GAAAA,CAAS,GAAA;IACrC,OAAOC,MAAAA,CAAOC,IAAI,CAACC,MAAAA,CAAOC,OAAO,CAAC,iBAAA,CAAA,CAAmBX,gBAAgB,CAAA,CAAEY,QAAQ,CAACL,GAAAA,CAAAA;AAClF,CAAA;AAEA,MAAMM,wBAAwB,IAAM;QAACC,aAAAA,CAAoBJ,MAAAA;AAAQ,KAAA;AAEjE,MAAMK,kBAAAA,GAAqB,IAAA;;AAEzB,IAAA,MAAM,EAAEC,MAAAA,GAAS,EAAE,EAAE,GAAGN,MAAAA,CAAOO,MAAM,CAACC,GAAG,CAAC,YAAA,EAAc,EAAC,CAAA;AACzD,IAAA,MAAM,EAAElB,gBAAgB,EAAE,GAAGU,MAAAA,CAAOC,OAAO,CAAC,iBAAA,CAAA;IAE5C,MAAMQ,SAAAA,GAAYX,OAAOY,OAAO,CAACJ,QAAQK,MAAM,CAACf,mBAAAA,CAAAA,CAAqBe,MAAM,CAAClB,mBAAAA,CAAAA;AAE5E,IAAA,KAAK,MAAM,CAACmB,SAAAA,EAAWC,OAAAA,CAAQ,IAAIJ,SAAAA,CAAW;;AAE5CT,QAAAA,MAAAA,CAAOc,QAAQ,CAACC,EAAE,CAACzB,gBAAgB,CAACsB,UAAU,EAAEC,OAAAA,CAAAA;AAClD,IAAA;AACF,CAAA;AAEA,MAAMG,IAAAA,GAAO,IAAA;IACXhB,MAAAA,CACGC,OAAO,CAAC,iBAAA,CAAA,CACRE,qBAAqB,EAAA,CACrBc,OAAO,CAAC,CAACC,QAAAA,GAAuBC,UAAAA,CAASC,GAAG,CAACF,QAAAA,CAAAA,CAAAA;AAEhDb,IAAAA,kBAAAA,EAAAA;AAEA,IAAA,OAAOc,WAASE,UAAU,EAAA;AAC5B,CAAA;AAEA,eAAe;AAAEL,IAAAA,IAAAA;AAAMb,IAAAA,qBAAAA;AAAuBb,IAAAA;AAAiB,CAAA;;;;"}
1
+ {"version":3,"file":"passport.js","sources":["../../../../../server/src/services/passport.ts"],"sourcesContent":["import passport from 'koa-passport';\nimport type { Strategy } from 'passport-local';\nimport { isFunction } from 'lodash/fp';\n\nimport createLocalStrategy from './passport/local-strategy';\n\nconst authEventsMapper = {\n onConnectionSuccess: 'admin.auth.success',\n onConnectionError: 'admin.auth.error',\n};\n\nconst valueIsFunctionType = ([, value]: [any, any]) => isFunction(value);\nconst keyIsValidEventName = ([key]: any) => {\n return Object.keys(strapi.service('admin::passport').authEventsMapper).includes(key);\n};\n\nconst getPassportStrategies = () => [createLocalStrategy(strapi)] as Strategy[];\n\nconst registerAuthEvents = () => {\n // @ts-expect-error - TODO: migrate auth service to TS\n const { events = {} } = strapi.config.get('admin.auth', {});\n const { authEventsMapper } = strapi.service('admin::passport');\n\n const eventList = Object.entries(events).filter(keyIsValidEventName).filter(valueIsFunctionType);\n\n for (const [eventName, handler] of eventList) {\n // TODO - TS: ensure the handler is an EventHub.Listener\n strapi.eventHub.on(authEventsMapper[eventName], handler as any);\n }\n};\n\nconst init = () => {\n strapi\n .service('admin::passport')\n .getPassportStrategies()\n .forEach((strategy: Strategy) => passport.use(strategy));\n\n registerAuthEvents();\n\n return passport.initialize();\n};\n\nexport default { init, getPassportStrategies, authEventsMapper };\n"],"names":["authEventsMapper","onConnectionSuccess","onConnectionError","valueIsFunctionType","value","isFunction","keyIsValidEventName","key","Object","keys","strapi","service","includes","getPassportStrategies","createLocalStrategy","registerAuthEvents","events","config","get","eventList","entries","filter","eventName","handler","eventHub","on","init","forEach","strategy","passport","use","initialize"],"mappings":";;;;;;;;;;AAMA,MAAMA,gBAAAA,GAAmB;IACvBC,mBAAAA,EAAqB,oBAAA;IACrBC,iBAAAA,EAAmB;AACrB,CAAA;AAEA,MAAMC,mBAAAA,GAAsB,CAAC,GAAGC,KAAAA,CAAkB,GAAKC,aAAAA,CAAWD,KAAAA,CAAAA;AAClE,MAAME,mBAAAA,GAAsB,CAAC,CAACC,GAAAA,CAAS,GAAA;IACrC,OAAOC,MAAAA,CAAOC,IAAI,CAACC,MAAAA,CAAOC,OAAO,CAAC,iBAAA,CAAA,CAAmBX,gBAAgB,CAAA,CAAEY,QAAQ,CAACL,GAAAA,CAAAA;AAClF,CAAA;AAEA,MAAMM,wBAAwB,IAAM;QAACC,aAAAA,CAAoBJ,MAAAA;AAAQ,KAAA;AAEjE,MAAMK,kBAAAA,GAAqB,IAAA;;AAEzB,IAAA,MAAM,EAAEC,MAAAA,GAAS,EAAE,EAAE,GAAGN,MAAAA,CAAOO,MAAM,CAACC,GAAG,CAAC,YAAA,EAAc,EAAC,CAAA;AACzD,IAAA,MAAM,EAAElB,gBAAgB,EAAE,GAAGU,MAAAA,CAAOC,OAAO,CAAC,iBAAA,CAAA;IAE5C,MAAMQ,SAAAA,GAAYX,OAAOY,OAAO,CAACJ,QAAQK,MAAM,CAACf,mBAAAA,CAAAA,CAAqBe,MAAM,CAAClB,mBAAAA,CAAAA;AAE5E,IAAA,KAAK,MAAM,CAACmB,SAAAA,EAAWC,OAAAA,CAAQ,IAAIJ,SAAAA,CAAW;;AAE5CT,QAAAA,MAAAA,CAAOc,QAAQ,CAACC,EAAE,CAACzB,gBAAgB,CAACsB,UAAU,EAAEC,OAAAA,CAAAA;AAClD,IAAA;AACF,CAAA;AAEA,MAAMG,IAAAA,GAAO,IAAA;IACXhB,MAAAA,CACGC,OAAO,CAAC,iBAAA,CAAA,CACRE,qBAAqB,EAAA,CACrBc,OAAO,CAAC,CAACC,QAAAA,GAAuBC,yBAAAA,CAASC,GAAG,CAACF,QAAAA,CAAAA,CAAAA;AAEhDb,IAAAA,kBAAAA,EAAAA;AAEA,IAAA,OAAOc,0BAASE,UAAU,EAAA;AAC5B,CAAA;AAEA,eAAe;AAAEL,IAAAA,IAAAA;AAAMb,IAAAA,qBAAAA;AAAuBb,IAAAA;AAAiB,CAAA;;;;"}
@@ -5,9 +5,13 @@ var permissions = require('@strapi/permissions');
5
5
  var index = require('../../domain/permission/index.js');
6
6
  var index$1 = require('../../utils/index.js');
7
7
 
8
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
9
+
10
+ var permissions__default = /*#__PURE__*/_interopDefault(permissions);
11
+
8
12
  var createPermissionEngine = ((params)=>{
9
13
  const { providers } = params;
10
- const engine = permissions.engine.new({
14
+ const engine = permissions__default.default.engine.new({
11
15
  providers
12
16
  })/**
13
17
  * Validate the permission's action exists in the action registry
@@ -1 +1 @@
1
- {"version":3,"file":"engine.js","sources":["../../../../../../server/src/services/permission/engine.ts"],"sourcesContent":["import { curry, isArray, isEmpty, difference } from 'lodash/fp';\nimport permissions, { type engine } from '@strapi/permissions';\nimport type { Ability } from '@casl/ability';\nimport permissionDomain from '../../domain/permission';\nimport { getService } from '../../utils';\nimport { Action } from '../../domain/action';\nimport type { AdminUser, Permission } from '../../../../shared/contracts/shared';\n\nexport default (params: { providers: engine.EngineParams['providers'] }) => {\n const { providers } = params;\n\n const engine = permissions.engine\n .new({ providers })\n /**\n * Validate the permission's action exists in the action registry\n */\n .on('before-format::validate.permission', ({ permission }) => {\n const action = providers.action.get(permission.action);\n\n // If the action isn't registered into the action provider, then ignore the permission\n if (!action) {\n strapi.log.debug(\n `Unknown action \"${permission.action}\" supplied when registering a new permission in engine`\n );\n return false;\n }\n })\n\n /**\n * Remove invalid properties from the permission based on the action (applyToProperties)\n */\n .on('format.permission', (permission: Permission) => {\n const action = providers.action.get(permission.action) as Action;\n const properties = permission.properties || {};\n\n // Only keep the properties allowed by the action (action.applyToProperties)\n const propertiesName = Object.keys(properties);\n const invalidProperties = difference(\n propertiesName,\n // @ts-expect-error - applyToProperties is defined inside the options of an action\n action.applyToProperties || propertiesName\n );\n\n const permissionWithSanitizedProperties = invalidProperties.reduce(\n // @ts-expect-error - fix reduce, property should be a string but it's actually the permission object\n (property) => permissionDomain.deleteProperty(property, permission) as Permission,\n permission\n );\n\n return permissionWithSanitizedProperties;\n })\n\n /**\n * Ignore the permission if the fields property is an empty array (access to no field)\n */\n .on('after-format::validate.permission', ({ permission }) => {\n const { fields } = permission.properties;\n\n if (isArray(fields) && isEmpty(fields)) {\n return false;\n }\n });\n\n return {\n get hooks() {\n return engine.hooks;\n },\n\n /**\n * Generate an ability based on the given user (using associated roles & permissions)\n * @param user\n */\n async generateUserAbility(user: AdminUser): Promise<Ability> {\n const permissions = (await getService('permission').findUserPermissions(user)) as any;\n\n return engine.generateAbility(permissions, user);\n },\n\n /**\n * Generate an ability based on an admin token's stored permissions, scoped to the owner.\n * Token permissions are already validated and ceiling-clamped at write time.\n */\n async generateTokenAbility(tokenPermissions: Permission[], owner: AdminUser): Promise<Ability> {\n return engine.generateAbility(tokenPermissions as any, owner);\n },\n\n /**\n * Check many permissions based on an ability\n */\n checkMany: curry((ability: Ability, permissions: Permission[]) => {\n // @ts-expect-error - Permissions does not contain any field property\n return permissions.map(({ action, subject, field }) => ability.can(action, subject, field));\n }),\n };\n};\n"],"names":["params","providers","engine","permissions","new","on","permission","action","get","strapi","log","debug","properties","propertiesName","Object","keys","invalidProperties","difference","applyToProperties","permissionWithSanitizedProperties","reduce","property","permissionDomain","deleteProperty","fields","isArray","isEmpty","hooks","generateUserAbility","user","getService","findUserPermissions","generateAbility","generateTokenAbility","tokenPermissions","owner","checkMany","curry","ability","map","subject","field","can"],"mappings":";;;;;;;AAQA,6BAAe,CAAA,CAACA,MAAAA,GAAAA;IACd,MAAM,EAAEC,SAAS,EAAE,GAAGD,MAAAA;AAEtB,IAAA,MAAME,MAAAA,GAASC,WAAAA,CAAYD,MAAM,CAC9BE,GAAG,CAAC;AAAEH,QAAAA;KAAU,CACjB;;AAEC,SACAI,EAAE,CAAC,oCAAA,EAAsC,CAAC,EAAEC,UAAU,EAAE,GAAA;AACvD,QAAA,MAAMC,SAASN,SAAAA,CAAUM,MAAM,CAACC,GAAG,CAACF,WAAWC,MAAM,CAAA;;AAGrD,QAAA,IAAI,CAACA,MAAAA,EAAQ;YACXE,MAAAA,CAAOC,GAAG,CAACC,KAAK,CACd,CAAC,gBAAgB,EAAEL,UAAAA,CAAWC,MAAM,CAAC,sDAAsD,CAAC,CAAA;YAE9F,OAAO,KAAA;AACT,QAAA;IACF,CAAA,CAEA;;SAGCF,EAAE,CAAC,mBAAA,EAAqB,CAACC,UAAAA,GAAAA;AACxB,QAAA,MAAMC,SAASN,SAAAA,CAAUM,MAAM,CAACC,GAAG,CAACF,WAAWC,MAAM,CAAA;AACrD,QAAA,MAAMK,UAAAA,GAAaN,UAAAA,CAAWM,UAAU,IAAI,EAAC;;QAG7C,MAAMC,cAAAA,GAAiBC,MAAAA,CAAOC,IAAI,CAACH,UAAAA,CAAAA;QACnC,MAAMI,iBAAAA,GAAoBC,aAAAA,CACxBJ,cAAAA;AAEAN,QAAAA,MAAAA,CAAOW,iBAAiB,IAAIL,cAAAA,CAAAA;AAG9B,QAAA,MAAMM,iCAAAA,GAAoCH,iBAAAA,CAAkBI,MAAM;AAEhE,QAAA,CAACC,QAAAA,GAAaC,aAAAA,CAAiBC,cAAc,CAACF,UAAUf,UAAAA,CAAAA,EACxDA,UAAAA,CAAAA;QAGF,OAAOa,iCAAAA;IACT,CAAA,CAEA;;AAEC,SACAd,EAAE,CAAC,mCAAA,EAAqC,CAAC,EAAEC,UAAU,EAAE,GAAA;AACtD,QAAA,MAAM,EAAEkB,MAAM,EAAE,GAAGlB,WAAWM,UAAU;QAExC,IAAIa,UAAAA,CAAQD,MAAAA,CAAAA,IAAWE,UAAAA,CAAQF,MAAAA,CAAAA,EAAS;YACtC,OAAO,KAAA;AACT,QAAA;AACF,IAAA,CAAA,CAAA;IAEF,OAAO;AACL,QAAA,IAAIG,KAAAA,CAAAA,GAAQ;AACV,YAAA,OAAOzB,OAAOyB,KAAK;AACrB,QAAA,CAAA;AAEA;;;QAIA,MAAMC,qBAAoBC,IAAe,EAAA;AACvC,YAAA,MAAM1B,WAAAA,GAAe,MAAM2B,kBAAAA,CAAW,YAAA,CAAA,CAAcC,mBAAmB,CAACF,IAAAA,CAAAA;YAExE,OAAO3B,MAAAA,CAAO8B,eAAe,CAAC7B,WAAAA,EAAa0B,IAAAA,CAAAA;AAC7C,QAAA,CAAA;AAEA;;;AAGC,QACD,MAAMI,oBAAAA,CAAAA,CAAqBC,gBAA8B,EAAEC,KAAgB,EAAA;YACzE,OAAOjC,MAAAA,CAAO8B,eAAe,CAACE,gBAAAA,EAAyBC,KAAAA,CAAAA;AACzD,QAAA,CAAA;AAEA;;QAGAC,SAAAA,EAAWC,QAAAA,CAAM,CAACC,OAAAA,EAAkBnC,WAAAA,GAAAA;;AAElC,YAAA,OAAOA,YAAYoC,GAAG,CAAC,CAAC,EAAEhC,MAAM,EAAEiC,OAAO,EAAEC,KAAK,EAAE,GAAKH,OAAAA,CAAQI,GAAG,CAACnC,QAAQiC,OAAAA,EAASC,KAAAA,CAAAA,CAAAA;AACtF,QAAA,CAAA;AACF,KAAA;AACF,CAAA;;;;"}
1
+ {"version":3,"file":"engine.js","sources":["../../../../../../server/src/services/permission/engine.ts"],"sourcesContent":["import { curry, isArray, isEmpty, difference } from 'lodash/fp';\nimport permissions, { type engine } from '@strapi/permissions';\nimport type { Ability } from '@casl/ability';\nimport permissionDomain from '../../domain/permission';\nimport { getService } from '../../utils';\nimport { Action } from '../../domain/action';\nimport type { AdminUser, Permission } from '../../../../shared/contracts/shared';\n\nexport default (params: { providers: engine.EngineParams['providers'] }) => {\n const { providers } = params;\n\n const engine = permissions.engine\n .new({ providers })\n /**\n * Validate the permission's action exists in the action registry\n */\n .on('before-format::validate.permission', ({ permission }) => {\n const action = providers.action.get(permission.action);\n\n // If the action isn't registered into the action provider, then ignore the permission\n if (!action) {\n strapi.log.debug(\n `Unknown action \"${permission.action}\" supplied when registering a new permission in engine`\n );\n return false;\n }\n })\n\n /**\n * Remove invalid properties from the permission based on the action (applyToProperties)\n */\n .on('format.permission', (permission: Permission) => {\n const action = providers.action.get(permission.action) as Action;\n const properties = permission.properties || {};\n\n // Only keep the properties allowed by the action (action.applyToProperties)\n const propertiesName = Object.keys(properties);\n const invalidProperties = difference(\n propertiesName,\n // @ts-expect-error - applyToProperties is defined inside the options of an action\n action.applyToProperties || propertiesName\n );\n\n const permissionWithSanitizedProperties = invalidProperties.reduce(\n // @ts-expect-error - fix reduce, property should be a string but it's actually the permission object\n (property) => permissionDomain.deleteProperty(property, permission) as Permission,\n permission\n );\n\n return permissionWithSanitizedProperties;\n })\n\n /**\n * Ignore the permission if the fields property is an empty array (access to no field)\n */\n .on('after-format::validate.permission', ({ permission }) => {\n const { fields } = permission.properties;\n\n if (isArray(fields) && isEmpty(fields)) {\n return false;\n }\n });\n\n return {\n get hooks() {\n return engine.hooks;\n },\n\n /**\n * Generate an ability based on the given user (using associated roles & permissions)\n * @param user\n */\n async generateUserAbility(user: AdminUser): Promise<Ability> {\n const permissions = (await getService('permission').findUserPermissions(user)) as any;\n\n return engine.generateAbility(permissions, user);\n },\n\n /**\n * Generate an ability based on an admin token's stored permissions, scoped to the owner.\n * Token permissions are already validated and ceiling-clamped at write time.\n */\n async generateTokenAbility(tokenPermissions: Permission[], owner: AdminUser): Promise<Ability> {\n return engine.generateAbility(tokenPermissions as any, owner);\n },\n\n /**\n * Check many permissions based on an ability\n */\n checkMany: curry((ability: Ability, permissions: Permission[]) => {\n // @ts-expect-error - Permissions does not contain any field property\n return permissions.map(({ action, subject, field }) => ability.can(action, subject, field));\n }),\n };\n};\n"],"names":["params","providers","engine","permissions","new","on","permission","action","get","strapi","log","debug","properties","propertiesName","Object","keys","invalidProperties","difference","applyToProperties","permissionWithSanitizedProperties","reduce","property","permissionDomain","deleteProperty","fields","isArray","isEmpty","hooks","generateUserAbility","user","getService","findUserPermissions","generateAbility","generateTokenAbility","tokenPermissions","owner","checkMany","curry","ability","map","subject","field","can"],"mappings":";;;;;;;;;;;AAQA,6BAAe,CAAA,CAACA,MAAAA,GAAAA;IACd,MAAM,EAAEC,SAAS,EAAE,GAAGD,MAAAA;AAEtB,IAAA,MAAME,MAAAA,GAASC,4BAAAA,CAAYD,MAAM,CAC9BE,GAAG,CAAC;AAAEH,QAAAA;KAAU,CACjB;;AAEC,SACAI,EAAE,CAAC,oCAAA,EAAsC,CAAC,EAAEC,UAAU,EAAE,GAAA;AACvD,QAAA,MAAMC,SAASN,SAAAA,CAAUM,MAAM,CAACC,GAAG,CAACF,WAAWC,MAAM,CAAA;;AAGrD,QAAA,IAAI,CAACA,MAAAA,EAAQ;YACXE,MAAAA,CAAOC,GAAG,CAACC,KAAK,CACd,CAAC,gBAAgB,EAAEL,UAAAA,CAAWC,MAAM,CAAC,sDAAsD,CAAC,CAAA;YAE9F,OAAO,KAAA;AACT,QAAA;IACF,CAAA,CAEA;;SAGCF,EAAE,CAAC,mBAAA,EAAqB,CAACC,UAAAA,GAAAA;AACxB,QAAA,MAAMC,SAASN,SAAAA,CAAUM,MAAM,CAACC,GAAG,CAACF,WAAWC,MAAM,CAAA;AACrD,QAAA,MAAMK,UAAAA,GAAaN,UAAAA,CAAWM,UAAU,IAAI,EAAC;;QAG7C,MAAMC,cAAAA,GAAiBC,MAAAA,CAAOC,IAAI,CAACH,UAAAA,CAAAA;QACnC,MAAMI,iBAAAA,GAAoBC,aAAAA,CACxBJ,cAAAA;AAEAN,QAAAA,MAAAA,CAAOW,iBAAiB,IAAIL,cAAAA,CAAAA;AAG9B,QAAA,MAAMM,iCAAAA,GAAoCH,iBAAAA,CAAkBI,MAAM;AAEhE,QAAA,CAACC,QAAAA,GAAaC,aAAAA,CAAiBC,cAAc,CAACF,UAAUf,UAAAA,CAAAA,EACxDA,UAAAA,CAAAA;QAGF,OAAOa,iCAAAA;IACT,CAAA,CAEA;;AAEC,SACAd,EAAE,CAAC,mCAAA,EAAqC,CAAC,EAAEC,UAAU,EAAE,GAAA;AACtD,QAAA,MAAM,EAAEkB,MAAM,EAAE,GAAGlB,WAAWM,UAAU;QAExC,IAAIa,UAAAA,CAAQD,MAAAA,CAAAA,IAAWE,UAAAA,CAAQF,MAAAA,CAAAA,EAAS;YACtC,OAAO,KAAA;AACT,QAAA;AACF,IAAA,CAAA,CAAA;IAEF,OAAO;AACL,QAAA,IAAIG,KAAAA,CAAAA,GAAQ;AACV,YAAA,OAAOzB,OAAOyB,KAAK;AACrB,QAAA,CAAA;AAEA;;;QAIA,MAAMC,qBAAoBC,IAAe,EAAA;AACvC,YAAA,MAAM1B,WAAAA,GAAe,MAAM2B,kBAAAA,CAAW,YAAA,CAAA,CAAcC,mBAAmB,CAACF,IAAAA,CAAAA;YAExE,OAAO3B,MAAAA,CAAO8B,eAAe,CAAC7B,WAAAA,EAAa0B,IAAAA,CAAAA;AAC7C,QAAA,CAAA;AAEA;;;AAGC,QACD,MAAMI,oBAAAA,CAAAA,CAAqBC,gBAA8B,EAAEC,KAAgB,EAAA;YACzE,OAAOjC,MAAAA,CAAO8B,eAAe,CAACE,gBAAAA,EAAyBC,KAAAA,CAAAA;AACzD,QAAA,CAAA;AAEA;;QAGAC,SAAAA,EAAWC,QAAAA,CAAM,CAACC,OAAAA,EAAkBnC,WAAAA,GAAAA;;AAElC,YAAA,OAAOA,YAAYoC,GAAG,CAAC,CAAC,EAAEhC,MAAM,EAAEiC,OAAO,EAAEC,KAAK,EAAE,GAAKH,OAAAA,CAAQI,GAAG,CAACnC,QAAQiC,OAAAA,EAASC,KAAAA,CAAAA,CAAAA;AACtF,QAAA,CAAA;AACF,KAAA;AACF,CAAA;;;;"}
@@ -7,6 +7,10 @@ var sanitize = require('./sanitize.js');
7
7
  var validate = require('./validate.js');
8
8
  var queryBuilders = require('./query-builders.js');
9
9
 
10
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
11
+
12
+ var ___default = /*#__PURE__*/_interopDefault(_);
13
+
10
14
  var index = (({ ability: ability$1, action, model })=>({
11
15
  ability: ability$1,
12
16
  action,
@@ -21,7 +25,7 @@ var index = (({ ability: ability$1, action, model })=>({
21
25
  return this.sanitizeInput(data, options);
22
26
  },
23
27
  getQuery (queryAction = action) {
24
- if (_.isUndefined(queryAction)) {
28
+ if (___default.default.isUndefined(queryAction)) {
25
29
  throw new Error('Action must be defined to build a permission query');
26
30
  }
27
31
  return queryBuilders.buildStrapiQuery(queryBuilders.buildCaslQuery(ability$1, queryAction, model));
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/index.ts"],"sourcesContent":["import _ from 'lodash';\nimport { cloneDeep, isPlainObject } from 'lodash/fp';\nimport { subject as asSubject } from '@casl/ability';\nimport createSanitizeHelpers from './sanitize';\nimport createValidateHelpers from './validate';\n\nimport { buildStrapiQuery, buildCaslQuery } from './query-builders';\n\nexport default ({ ability, action, model }: any) => ({\n ability,\n action,\n model,\n\n get isAllowed(): unknown {\n return this.ability.can(action, model);\n },\n\n toSubject(target: any, subjectType = model) {\n return asSubject(subjectType, target);\n },\n\n pickPermittedFieldsOf(data: unknown, options = {}) {\n return this.sanitizeInput(data, options);\n },\n\n getQuery(queryAction = action) {\n if (_.isUndefined(queryAction)) {\n throw new Error('Action must be defined to build a permission query');\n }\n\n return buildStrapiQuery(buildCaslQuery(ability, queryAction, model));\n },\n\n // eslint-disable-next-line @typescript-eslint/default-param-last\n addPermissionsQueryTo(query = {} as any, action: unknown) {\n const newQuery = cloneDeep(query);\n const permissionQuery = this.getQuery(action) ?? undefined;\n\n if (isPlainObject(query.filters)) {\n newQuery.filters = permissionQuery\n ? { $and: [query.filters, permissionQuery] }\n : query.filters;\n } else {\n newQuery.filters = permissionQuery;\n }\n\n return newQuery;\n },\n\n ...createSanitizeHelpers({ action, ability, model }),\n ...createValidateHelpers({ action, ability, model }),\n});\n"],"names":["ability","action","model","isAllowed","can","toSubject","target","subjectType","asSubject","pickPermittedFieldsOf","data","options","sanitizeInput","getQuery","queryAction","_","isUndefined","Error","buildStrapiQuery","buildCaslQuery","addPermissionsQueryTo","query","newQuery","cloneDeep","permissionQuery","undefined","isPlainObject","filters","$and","createSanitizeHelpers","createValidateHelpers"],"mappings":";;;;;;;;;AAQA,YAAe,CAAA,CAAC,WAAEA,SAAO,EAAEC,MAAM,EAAEC,KAAK,EAAO,IAAM;AACnDF,iBAAAA,SAAAA;AACAC,QAAAA,MAAAA;AACAC,QAAAA,KAAAA;AAEA,QAAA,IAAIC,SAAAA,CAAAA,GAAqB;AACvB,YAAA,OAAO,IAAI,CAACH,OAAO,CAACI,GAAG,CAACH,MAAAA,EAAQC,KAAAA,CAAAA;AAClC,QAAA,CAAA;QAEAG,SAAAA,CAAAA,CAAUC,MAAW,EAAEC,WAAAA,GAAcL,KAAK,EAAA;AACxC,YAAA,OAAOM,gBAAUD,WAAAA,EAAaD,MAAAA,CAAAA;AAChC,QAAA,CAAA;AAEAG,QAAAA,qBAAAA,CAAAA,CAAsBC,IAAa,EAAEC,OAAAA,GAAU,EAAE,EAAA;AAC/C,YAAA,OAAO,IAAI,CAACC,aAAa,CAACF,IAAAA,EAAMC,OAAAA,CAAAA;AAClC,QAAA,CAAA;AAEAE,QAAAA,QAAAA,CAAAA,CAASC,cAAcb,MAAM,EAAA;YAC3B,IAAIc,CAAAA,CAAEC,WAAW,CAACF,WAAAA,CAAAA,EAAc;AAC9B,gBAAA,MAAM,IAAIG,KAAAA,CAAM,oDAAA,CAAA;AAClB,YAAA;YAEA,OAAOC,8BAAAA,CAAiBC,4BAAAA,CAAenB,SAAAA,EAASc,WAAAA,EAAaZ,KAAAA,CAAAA,CAAAA;AAC/D,QAAA,CAAA;;AAGAkB,QAAAA,qBAAAA,CAAAA,CAAsBC,KAAAA,GAAQ,EAAS,EAAEpB,MAAe,EAAA;AACtD,YAAA,MAAMqB,WAAWC,YAAAA,CAAUF,KAAAA,CAAAA;AAC3B,YAAA,MAAMG,eAAAA,GAAkB,IAAI,CAACX,QAAQ,CAACZ,MAAAA,CAAAA,IAAWwB,SAAAA;YAEjD,IAAIC,gBAAAA,CAAcL,KAAAA,CAAMM,OAAO,CAAA,EAAG;gBAChCL,QAAAA,CAASK,OAAO,GAAGH,eAAAA,GACf;oBAAEI,IAAAA,EAAM;AAACP,wBAAAA,KAAAA,CAAMM,OAAO;AAAEH,wBAAAA;AAAgB;AAAC,iBAAA,GACzCH,MAAMM,OAAO;YACnB,CAAA,MAAO;AACLL,gBAAAA,QAAAA,CAASK,OAAO,GAAGH,eAAAA;AACrB,YAAA;YAEA,OAAOF,QAAAA;AACT,QAAA,CAAA;AAEA,QAAA,GAAGO,QAAAA,CAAsB;AAAE5B,YAAAA,MAAAA;AAAQD,qBAAAA,SAAAA;AAASE,YAAAA;SAAM,CAAE;AACpD,QAAA,GAAG4B,QAAAA,CAAsB;AAAE7B,YAAAA,MAAAA;AAAQD,qBAAAA,SAAAA;AAASE,YAAAA;SAAM;AACpD,KAAA,CAAC;;;;"}
1
+ {"version":3,"file":"index.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/index.ts"],"sourcesContent":["import _ from 'lodash';\nimport { cloneDeep, isPlainObject } from 'lodash/fp';\nimport { subject as asSubject } from '@casl/ability';\nimport createSanitizeHelpers from './sanitize';\nimport createValidateHelpers from './validate';\n\nimport { buildStrapiQuery, buildCaslQuery } from './query-builders';\n\nexport default ({ ability, action, model }: any) => ({\n ability,\n action,\n model,\n\n get isAllowed(): unknown {\n return this.ability.can(action, model);\n },\n\n toSubject(target: any, subjectType = model) {\n return asSubject(subjectType, target);\n },\n\n pickPermittedFieldsOf(data: unknown, options = {}) {\n return this.sanitizeInput(data, options);\n },\n\n getQuery(queryAction = action) {\n if (_.isUndefined(queryAction)) {\n throw new Error('Action must be defined to build a permission query');\n }\n\n return buildStrapiQuery(buildCaslQuery(ability, queryAction, model));\n },\n\n // eslint-disable-next-line @typescript-eslint/default-param-last\n addPermissionsQueryTo(query = {} as any, action: unknown) {\n const newQuery = cloneDeep(query);\n const permissionQuery = this.getQuery(action) ?? undefined;\n\n if (isPlainObject(query.filters)) {\n newQuery.filters = permissionQuery\n ? { $and: [query.filters, permissionQuery] }\n : query.filters;\n } else {\n newQuery.filters = permissionQuery;\n }\n\n return newQuery;\n },\n\n ...createSanitizeHelpers({ action, ability, model }),\n ...createValidateHelpers({ action, ability, model }),\n});\n"],"names":["ability","action","model","isAllowed","can","toSubject","target","subjectType","asSubject","pickPermittedFieldsOf","data","options","sanitizeInput","getQuery","queryAction","_","isUndefined","Error","buildStrapiQuery","buildCaslQuery","addPermissionsQueryTo","query","newQuery","cloneDeep","permissionQuery","undefined","isPlainObject","filters","$and","createSanitizeHelpers","createValidateHelpers"],"mappings":";;;;;;;;;;;;;AAQA,YAAe,CAAA,CAAC,WAAEA,SAAO,EAAEC,MAAM,EAAEC,KAAK,EAAO,IAAM;AACnDF,iBAAAA,SAAAA;AACAC,QAAAA,MAAAA;AACAC,QAAAA,KAAAA;AAEA,QAAA,IAAIC,SAAAA,CAAAA,GAAqB;AACvB,YAAA,OAAO,IAAI,CAACH,OAAO,CAACI,GAAG,CAACH,MAAAA,EAAQC,KAAAA,CAAAA;AAClC,QAAA,CAAA;QAEAG,SAAAA,CAAAA,CAAUC,MAAW,EAAEC,WAAAA,GAAcL,KAAK,EAAA;AACxC,YAAA,OAAOM,gBAAUD,WAAAA,EAAaD,MAAAA,CAAAA;AAChC,QAAA,CAAA;AAEAG,QAAAA,qBAAAA,CAAAA,CAAsBC,IAAa,EAAEC,OAAAA,GAAU,EAAE,EAAA;AAC/C,YAAA,OAAO,IAAI,CAACC,aAAa,CAACF,IAAAA,EAAMC,OAAAA,CAAAA;AAClC,QAAA,CAAA;AAEAE,QAAAA,QAAAA,CAAAA,CAASC,cAAcb,MAAM,EAAA;YAC3B,IAAIc,kBAAAA,CAAEC,WAAW,CAACF,WAAAA,CAAAA,EAAc;AAC9B,gBAAA,MAAM,IAAIG,KAAAA,CAAM,oDAAA,CAAA;AAClB,YAAA;YAEA,OAAOC,8BAAAA,CAAiBC,4BAAAA,CAAenB,SAAAA,EAASc,WAAAA,EAAaZ,KAAAA,CAAAA,CAAAA;AAC/D,QAAA,CAAA;;AAGAkB,QAAAA,qBAAAA,CAAAA,CAAsBC,KAAAA,GAAQ,EAAS,EAAEpB,MAAe,EAAA;AACtD,YAAA,MAAMqB,WAAWC,YAAAA,CAAUF,KAAAA,CAAAA;AAC3B,YAAA,MAAMG,eAAAA,GAAkB,IAAI,CAACX,QAAQ,CAACZ,MAAAA,CAAAA,IAAWwB,SAAAA;YAEjD,IAAIC,gBAAAA,CAAcL,KAAAA,CAAMM,OAAO,CAAA,EAAG;gBAChCL,QAAAA,CAASK,OAAO,GAAGH,eAAAA,GACf;oBAAEI,IAAAA,EAAM;AAACP,wBAAAA,KAAAA,CAAMM,OAAO;AAAEH,wBAAAA;AAAgB;AAAC,iBAAA,GACzCH,MAAMM,OAAO;YACnB,CAAA,MAAO;AACLL,gBAAAA,QAAAA,CAASK,OAAO,GAAGH,eAAAA;AACrB,YAAA;YAEA,OAAOF,QAAAA;AACT,QAAA,CAAA;AAEA,QAAA,GAAGO,QAAAA,CAAsB;AAAE5B,YAAAA,MAAAA;AAAQD,qBAAAA,SAAAA;AAASE,YAAAA;SAAM,CAAE;AACpD,QAAA,GAAG4B,QAAAA,CAAsB;AAAE7B,YAAAA,MAAAA;AAAQD,qBAAAA,SAAAA;AAASE,YAAAA;SAAM;AACpD,KAAA,CAAC;;;;"}
@@ -3,6 +3,10 @@
3
3
  var _ = require('lodash');
4
4
  var extra = require('@casl/ability/extra');
5
5
 
6
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
7
+
8
+ var ___default = /*#__PURE__*/_interopDefault(_);
9
+
6
10
  // TODO: migration
7
11
  const operatorsMap = {
8
12
  $in: '$in',
@@ -19,7 +23,7 @@ const operatorsMap = {
19
23
  $not: '$not'
20
24
  };
21
25
  const mapKey = (key)=>{
22
- if (_.isString(key) && key.startsWith('$') && key in operatorsMap) {
26
+ if (___default.default.isString(key) && key.startsWith('$') && key in operatorsMap) {
23
27
  return operatorsMap[key];
24
28
  }
25
29
  return key;
@@ -32,25 +36,25 @@ const buildStrapiQuery = (caslQuery)=>{
32
36
  return unwrapDeep(caslQuery);
33
37
  };
34
38
  const unwrapDeep = (obj)=>{
35
- if (!_.isPlainObject(obj) && !_.isArray(obj)) {
39
+ if (!___default.default.isPlainObject(obj) && !___default.default.isArray(obj)) {
36
40
  return obj;
37
41
  }
38
- if (_.isArray(obj)) {
42
+ if (___default.default.isArray(obj)) {
39
43
  return obj.map((v)=>unwrapDeep(v));
40
44
  }
41
- return _.reduce(obj, (acc, v, k)=>{
45
+ return ___default.default.reduce(obj, (acc, v, k)=>{
42
46
  const key = mapKey(k);
43
- if (_.isPlainObject(v)) {
47
+ if (___default.default.isPlainObject(v)) {
44
48
  if ('$elemMatch' in v) {
45
- _.setWith(acc, key, unwrapDeep(v.$elemMatch));
49
+ ___default.default.setWith(acc, key, unwrapDeep(v.$elemMatch));
46
50
  } else {
47
- _.setWith(acc, key, unwrapDeep(v));
51
+ ___default.default.setWith(acc, key, unwrapDeep(v));
48
52
  }
49
- } else if (_.isArray(v)) {
53
+ } else if (___default.default.isArray(v)) {
50
54
  // prettier-ignore
51
- _.setWith(acc, key, v.map((v)=>unwrapDeep(v)));
55
+ ___default.default.setWith(acc, key, v.map((v)=>unwrapDeep(v)));
52
56
  } else {
53
- _.setWith(acc, key, v);
57
+ ___default.default.setWith(acc, key, v);
54
58
  }
55
59
  return acc;
56
60
  }, {});
@@ -1 +1 @@
1
- {"version":3,"file":"query-builders.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/query-builders.ts"],"sourcesContent":["// TODO: migration\nimport _ from 'lodash';\nimport { rulesToQuery } from '@casl/ability/extra';\n\nconst operatorsMap = {\n $in: '$in',\n $nin: '$notIn',\n $exists: '$notNull',\n $gte: '$gte',\n $gt: '$gt',\n $lte: '$lte',\n $lt: '$lt',\n $eq: '$eq',\n $ne: '$ne',\n $and: '$and',\n $or: '$or',\n $not: '$not',\n} as const;\n\nconst mapKey = (key: keyof typeof operatorsMap) => {\n if (_.isString(key) && key.startsWith('$') && key in operatorsMap) {\n return operatorsMap[key];\n }\n return key;\n};\n\nconst buildCaslQuery = (ability: unknown, action: unknown, model: unknown) => {\n // @ts-expect-error casl types\n return rulesToQuery(ability, action, model, (o) => o.conditions);\n};\n\nconst buildStrapiQuery = (caslQuery: unknown) => {\n return unwrapDeep(caslQuery);\n};\n\nconst unwrapDeep = (obj: any): unknown => {\n if (!_.isPlainObject(obj) && !_.isArray(obj)) {\n return obj;\n }\n if (_.isArray(obj)) {\n return obj.map((v: unknown) => unwrapDeep(v));\n }\n\n return _.reduce(\n obj,\n (acc, v, k: any) => {\n const key = mapKey(k);\n\n if (_.isPlainObject(v)) {\n if ('$elemMatch' in v) {\n _.setWith(acc, key, unwrapDeep(v.$elemMatch));\n } else {\n _.setWith(acc, key, unwrapDeep(v));\n }\n } else if (_.isArray(v)) {\n // prettier-ignore\n _.setWith(acc, key, v.map(v => unwrapDeep(v)));\n } else {\n _.setWith(acc, key, v);\n }\n\n return acc;\n },\n {}\n );\n};\n\nexport { buildCaslQuery, buildStrapiQuery };\n"],"names":["operatorsMap","$in","$nin","$exists","$gte","$gt","$lte","$lt","$eq","$ne","$and","$or","$not","mapKey","key","_","isString","startsWith","buildCaslQuery","ability","action","model","rulesToQuery","o","conditions","buildStrapiQuery","caslQuery","unwrapDeep","obj","isPlainObject","isArray","map","v","reduce","acc","k","setWith","$elemMatch"],"mappings":";;;;;AAAA;AAIA,MAAMA,YAAAA,GAAe;IACnBC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,QAAA;IACNC,OAAAA,EAAS,UAAA;IACTC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,GAAAA,EAAK,KAAA;IACLC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM;AACR,CAAA;AAEA,MAAMC,SAAS,CAACC,GAAAA,GAAAA;IACd,IAAIC,CAAAA,CAAEC,QAAQ,CAACF,GAAAA,CAAAA,IAAQA,IAAIG,UAAU,CAAC,GAAA,CAAA,IAAQH,GAAAA,IAAOd,YAAAA,EAAc;QACjE,OAAOA,YAAY,CAACc,GAAAA,CAAI;AAC1B,IAAA;IACA,OAAOA,GAAAA;AACT,CAAA;AAEA,MAAMI,cAAAA,GAAiB,CAACC,OAAAA,EAAkBC,MAAAA,EAAiBC,KAAAA,GAAAA;;AAEzD,IAAA,OAAOC,mBAAaH,OAAAA,EAASC,MAAAA,EAAQC,OAAO,CAACE,CAAAA,GAAMA,EAAEC,UAAU,CAAA;AACjE;AAEA,MAAMC,mBAAmB,CAACC,SAAAA,GAAAA;AACxB,IAAA,OAAOC,UAAAA,CAAWD,SAAAA,CAAAA;AACpB;AAEA,MAAMC,aAAa,CAACC,GAAAA,GAAAA;IAClB,IAAI,CAACb,EAAEc,aAAa,CAACD,QAAQ,CAACb,CAAAA,CAAEe,OAAO,CAACF,GAAAA,CAAAA,EAAM;QAC5C,OAAOA,GAAAA;AACT,IAAA;IACA,IAAIb,CAAAA,CAAEe,OAAO,CAACF,GAAAA,CAAAA,EAAM;AAClB,QAAA,OAAOA,GAAAA,CAAIG,GAAG,CAAC,CAACC,IAAeL,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA;AAC5C,IAAA;AAEA,IAAA,OAAOjB,EAAEkB,MAAM,CACbL,GAAAA,EACA,CAACM,KAAKF,CAAAA,EAAGG,CAAAA,GAAAA;AACP,QAAA,MAAMrB,MAAMD,MAAAA,CAAOsB,CAAAA,CAAAA;QAEnB,IAAIpB,CAAAA,CAAEc,aAAa,CAACG,CAAAA,CAAAA,EAAI;AACtB,YAAA,IAAI,gBAAgBA,CAAAA,EAAG;AACrBjB,gBAAAA,CAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKa,UAAAA,CAAWK,EAAEK,UAAU,CAAA,CAAA;YAC7C,CAAA,MAAO;AACLtB,gBAAAA,CAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKa,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA;AACjC,YAAA;AACF,QAAA,CAAA,MAAO,IAAIjB,CAAAA,CAAEe,OAAO,CAACE,CAAAA,CAAAA,EAAI;;YAEvBjB,CAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKkB,EAAED,GAAG,CAACC,CAAAA,CAAAA,GAAKL,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA,CAAAA;QAC5C,CAAA,MAAO;YACLjB,CAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKkB,CAAAA,CAAAA;AACtB,QAAA;QAEA,OAAOE,GAAAA;AACT,IAAA,CAAA,EACA,EAAC,CAAA;AAEL,CAAA;;;;;"}
1
+ {"version":3,"file":"query-builders.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/query-builders.ts"],"sourcesContent":["// TODO: migration\nimport _ from 'lodash';\nimport { rulesToQuery } from '@casl/ability/extra';\n\nconst operatorsMap = {\n $in: '$in',\n $nin: '$notIn',\n $exists: '$notNull',\n $gte: '$gte',\n $gt: '$gt',\n $lte: '$lte',\n $lt: '$lt',\n $eq: '$eq',\n $ne: '$ne',\n $and: '$and',\n $or: '$or',\n $not: '$not',\n} as const;\n\nconst mapKey = (key: keyof typeof operatorsMap) => {\n if (_.isString(key) && key.startsWith('$') && key in operatorsMap) {\n return operatorsMap[key];\n }\n return key;\n};\n\nconst buildCaslQuery = (ability: unknown, action: unknown, model: unknown) => {\n // @ts-expect-error casl types\n return rulesToQuery(ability, action, model, (o) => o.conditions);\n};\n\nconst buildStrapiQuery = (caslQuery: unknown) => {\n return unwrapDeep(caslQuery);\n};\n\nconst unwrapDeep = (obj: any): unknown => {\n if (!_.isPlainObject(obj) && !_.isArray(obj)) {\n return obj;\n }\n if (_.isArray(obj)) {\n return obj.map((v: unknown) => unwrapDeep(v));\n }\n\n return _.reduce(\n obj,\n (acc, v, k: any) => {\n const key = mapKey(k);\n\n if (_.isPlainObject(v)) {\n if ('$elemMatch' in v) {\n _.setWith(acc, key, unwrapDeep(v.$elemMatch));\n } else {\n _.setWith(acc, key, unwrapDeep(v));\n }\n } else if (_.isArray(v)) {\n // prettier-ignore\n _.setWith(acc, key, v.map(v => unwrapDeep(v)));\n } else {\n _.setWith(acc, key, v);\n }\n\n return acc;\n },\n {}\n );\n};\n\nexport { buildCaslQuery, buildStrapiQuery };\n"],"names":["operatorsMap","$in","$nin","$exists","$gte","$gt","$lte","$lt","$eq","$ne","$and","$or","$not","mapKey","key","_","isString","startsWith","buildCaslQuery","ability","action","model","rulesToQuery","o","conditions","buildStrapiQuery","caslQuery","unwrapDeep","obj","isPlainObject","isArray","map","v","reduce","acc","k","setWith","$elemMatch"],"mappings":";;;;;;;;;AAAA;AAIA,MAAMA,YAAAA,GAAe;IACnBC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,QAAA;IACNC,OAAAA,EAAS,UAAA;IACTC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,GAAAA,EAAK,KAAA;IACLC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM,MAAA;IACNC,GAAAA,EAAK,KAAA;IACLC,IAAAA,EAAM;AACR,CAAA;AAEA,MAAMC,SAAS,CAACC,GAAAA,GAAAA;IACd,IAAIC,kBAAAA,CAAEC,QAAQ,CAACF,GAAAA,CAAAA,IAAQA,IAAIG,UAAU,CAAC,GAAA,CAAA,IAAQH,GAAAA,IAAOd,YAAAA,EAAc;QACjE,OAAOA,YAAY,CAACc,GAAAA,CAAI;AAC1B,IAAA;IACA,OAAOA,GAAAA;AACT,CAAA;AAEA,MAAMI,cAAAA,GAAiB,CAACC,OAAAA,EAAkBC,MAAAA,EAAiBC,KAAAA,GAAAA;;AAEzD,IAAA,OAAOC,mBAAaH,OAAAA,EAASC,MAAAA,EAAQC,OAAO,CAACE,CAAAA,GAAMA,EAAEC,UAAU,CAAA;AACjE;AAEA,MAAMC,mBAAmB,CAACC,SAAAA,GAAAA;AACxB,IAAA,OAAOC,UAAAA,CAAWD,SAAAA,CAAAA;AACpB;AAEA,MAAMC,aAAa,CAACC,GAAAA,GAAAA;IAClB,IAAI,CAACb,mBAAEc,aAAa,CAACD,QAAQ,CAACb,kBAAAA,CAAEe,OAAO,CAACF,GAAAA,CAAAA,EAAM;QAC5C,OAAOA,GAAAA;AACT,IAAA;IACA,IAAIb,kBAAAA,CAAEe,OAAO,CAACF,GAAAA,CAAAA,EAAM;AAClB,QAAA,OAAOA,GAAAA,CAAIG,GAAG,CAAC,CAACC,IAAeL,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA;AAC5C,IAAA;AAEA,IAAA,OAAOjB,mBAAEkB,MAAM,CACbL,GAAAA,EACA,CAACM,KAAKF,CAAAA,EAAGG,CAAAA,GAAAA;AACP,QAAA,MAAMrB,MAAMD,MAAAA,CAAOsB,CAAAA,CAAAA;QAEnB,IAAIpB,kBAAAA,CAAEc,aAAa,CAACG,CAAAA,CAAAA,EAAI;AACtB,YAAA,IAAI,gBAAgBA,CAAAA,EAAG;AACrBjB,gBAAAA,kBAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKa,UAAAA,CAAWK,EAAEK,UAAU,CAAA,CAAA;YAC7C,CAAA,MAAO;AACLtB,gBAAAA,kBAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKa,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA;AACjC,YAAA;AACF,QAAA,CAAA,MAAO,IAAIjB,kBAAAA,CAAEe,OAAO,CAACE,CAAAA,CAAAA,EAAI;;YAEvBjB,kBAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKkB,EAAED,GAAG,CAACC,CAAAA,CAAAA,GAAKL,UAAAA,CAAWK,CAAAA,CAAAA,CAAAA,CAAAA;QAC5C,CAAA,MAAO;YACLjB,kBAAAA,CAAEqB,OAAO,CAACF,GAAAA,EAAKpB,GAAAA,EAAKkB,CAAAA,CAAAA;AACtB,QAAA;QAEA,OAAOE,GAAAA;AACT,IAAA,CAAA,EACA,EAAC,CAAA;AAEL,CAAA;;;;;"}
@@ -104,8 +104,6 @@ var createSanitizeHelpers = (({ action, ability: ability$1, model })=>{
104
104
  };
105
105
  const wrapSanitize = (createSanitizeFunction)=>{
106
106
  const { getPermissionFields } = permissionFields.createPermissionFieldsCache(ability$1);
107
- // TODO
108
- // @ts-expect-error define the correct return type
109
107
  const wrappedSanitize = async (data, options = {})=>{
110
108
  if (fp.isArray(data)) {
111
109
  return Promise.all(data.map((entity)=>wrappedSanitize(entity, options)));
@@ -1 +1 @@
1
- {"version":3,"file":"sanitize.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedSanitize = async (data: unknown, options = {} as any) => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,cAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,kBAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,WAAEC,SAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,eAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,sBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,cAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,cAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,cAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,eAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,WAAAA,CAASF,KAAAA,CAAAA,IAAUG,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,YAAMC,IAAI,CACRC,eAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,cAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,eAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,eAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,cAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,cAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,cAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,WAAAA,CAAMC,IAAI,CACjCC,eAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,cAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,cAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,cAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,cAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,cAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,YAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,cAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,4CAAAA,CAA4BpE,SAAAA,CAAAA;;;AAI5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,WAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,WAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,gBAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,OAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,SAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,OAAAA,CAAKC,8BAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,8BAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
1
+ {"version":3,"file":"sanitize.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n const wrappedSanitize = async (data: unknown, options = {} as any): Promise<unknown> => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,cAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,kBAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,WAAEC,SAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,eAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,sBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,cAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,cAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,cAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,eAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,WAAAA,CAASF,KAAAA,CAAAA,IAAUG,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,YAAMC,IAAI,CACRC,eAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,cAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,eAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,eAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,cAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,cAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,cAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,WAAAA,CAAMC,IAAI,CACjCC,eAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,cAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,cAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,cAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,cAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,cAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,YAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,cAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,4CAAAA,CAA4BpE,SAAAA,CAAAA;AAE5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,WAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,WAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,gBAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,OAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,SAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,OAAAA,CAAKC,8BAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,8BAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
@@ -102,8 +102,6 @@ var createSanitizeHelpers = (({ action, ability, model })=>{
102
102
  };
103
103
  const wrapSanitize = (createSanitizeFunction)=>{
104
104
  const { getPermissionFields } = createPermissionFieldsCache(ability);
105
- // TODO
106
- // @ts-expect-error define the correct return type
107
105
  const wrappedSanitize = async (data, options = {})=>{
108
106
  if (isArray(data)) {
109
107
  return Promise.all(data.map((entity)=>wrappedSanitize(entity, options)));
@@ -1 +1 @@
1
- {"version":3,"file":"sanitize.mjs","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedSanitize = async (data: unknown, options = {} as any) => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,QAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,YAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,EAAEC,OAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,SAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,gBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,QAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,QAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,QAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,SAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,QAAAA,CAASF,KAAAA,CAAAA,IAAUG,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,MAAMC,IAAI,CACRC,SAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,QAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,SAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,SAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,QAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,QAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,QAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,KAAAA,CAAMC,IAAI,CACjCC,SAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,QAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,QAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,QAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,QAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,QAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,SAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,QAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,2BAAAA,CAA4BpE,OAAAA,CAAAA;;;AAI5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,QAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,QAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,QAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,IAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,MAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,IAAAA,CAAKC,yBAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,yBAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
1
+ {"version":3,"file":"sanitize.mjs","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n const wrappedSanitize = async (data: unknown, options = {} as any): Promise<unknown> => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,QAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,YAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,EAAEC,OAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,SAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,gBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,QAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,QAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,QAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,SAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,QAAAA,CAASF,KAAAA,CAAAA,IAAUG,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,MAAMC,IAAI,CACRC,SAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,QAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,SAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,SAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,QAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,QAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,QAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,KAAAA,CAAMC,IAAI,CACjCC,SAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,QAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,QAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,QAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,QAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,QAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,SAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,QAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,2BAAAA,CAA4BpE,OAAAA,CAAAA;AAE5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,QAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,QAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,QAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,IAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,MAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,IAAAA,CAAKC,yBAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,yBAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
@@ -5,6 +5,10 @@ var pmap = require('p-map');
5
5
  var index = require('../../utils/index.js');
6
6
  var index$1 = require('../../domain/permission/index.js');
7
7
 
8
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
9
+
10
+ var pmap__default = /*#__PURE__*/_interopDefault(pmap);
11
+
8
12
  /**
9
13
  * Delete permissions of roles in database
10
14
  * @param rolesIds ids of roles
@@ -153,7 +157,7 @@ const filterPermissionsToRemove = async (permissions)=>{
153
157
  // Execute all the queries, update the database
154
158
  await Promise.all([
155
159
  deleteByIds(permissionsIdToRemove),
156
- pmap(permissionsNeedingToBeUpdated, updatePromiseProvider, {
160
+ pmap__default.default(permissionsNeedingToBeUpdated, updatePromiseProvider, {
157
161
  concurrency: 100,
158
162
  stopOnError: true
159
163
  })