@strapi/admin 5.49.0 → 5.50.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/admin/src/components/ConfirmDialog.js +2 -2
- package/dist/admin/admin/src/components/ConfirmDialog.js.map +1 -1
- package/dist/admin/admin/src/components/ContentBox.js +3 -3
- package/dist/admin/admin/src/components/ContentBox.js.map +1 -1
- package/dist/admin/admin/src/components/DescriptionComponentRenderer.js +8 -8
- package/dist/admin/admin/src/components/DescriptionComponentRenderer.js.map +1 -1
- package/dist/admin/admin/src/components/DescriptionComponentRenderer.mjs +8 -8
- package/dist/admin/admin/src/components/DescriptionComponentRenderer.mjs.map +1 -1
- package/dist/admin/admin/src/components/ErrorElement.js +100 -5
- package/dist/admin/admin/src/components/ErrorElement.js.map +1 -1
- package/dist/admin/admin/src/components/ErrorElement.mjs +99 -4
- package/dist/admin/admin/src/components/ErrorElement.mjs.map +1 -1
- package/dist/admin/admin/src/components/Form.js +41 -27
- package/dist/admin/admin/src/components/Form.js.map +1 -1
- package/dist/admin/admin/src/components/Form.mjs +41 -27
- package/dist/admin/admin/src/components/Form.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Boolean.js +3 -2
- package/dist/admin/admin/src/components/FormInputs/Boolean.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Boolean.mjs +3 -2
- package/dist/admin/admin/src/components/FormInputs/Boolean.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Date.js +1 -1
- package/dist/admin/admin/src/components/FormInputs/Date.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Date.mjs +1 -1
- package/dist/admin/admin/src/components/FormInputs/Date.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Email.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Email.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Enumeration.js +4 -1
- package/dist/admin/admin/src/components/FormInputs/Enumeration.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Enumeration.mjs +4 -1
- package/dist/admin/admin/src/components/FormInputs/Enumeration.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Json.js +2 -1
- package/dist/admin/admin/src/components/FormInputs/Json.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Json.mjs +2 -1
- package/dist/admin/admin/src/components/FormInputs/Json.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Password.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Password.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Renderer.js +18 -26
- package/dist/admin/admin/src/components/FormInputs/Renderer.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Renderer.mjs +20 -28
- package/dist/admin/admin/src/components/FormInputs/Renderer.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/String.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/String.mjs.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Textarea.js.map +1 -1
- package/dist/admin/admin/src/components/FormInputs/Textarea.mjs.map +1 -1
- package/dist/admin/admin/src/components/GapDropZone.js +2 -2
- package/dist/admin/admin/src/components/GapDropZone.js.map +1 -1
- package/dist/admin/admin/src/components/GradientBadge.js +3 -3
- package/dist/admin/admin/src/components/GradientBadge.js.map +1 -1
- package/dist/admin/admin/src/components/GuidedTour/Overview.js +8 -8
- package/dist/admin/admin/src/components/GuidedTour/Overview.js.map +1 -1
- package/dist/admin/admin/src/components/GuidedTour/Steps/Step.js +4 -4
- package/dist/admin/admin/src/components/GuidedTour/Steps/Step.js.map +1 -1
- package/dist/admin/admin/src/components/GuidedTour/Steps/Step.mjs.map +1 -1
- package/dist/admin/admin/src/components/GuidedTour/Tours.js +2 -2
- package/dist/admin/admin/src/components/GuidedTour/Tours.js.map +1 -1
- package/dist/admin/admin/src/components/Layouts/ActionLayout.js +2 -2
- package/dist/admin/admin/src/components/Layouts/ActionLayout.js.map +1 -1
- package/dist/admin/admin/src/components/Layouts/GridLayout.js +2 -2
- package/dist/admin/admin/src/components/Layouts/GridLayout.js.map +1 -1
- package/dist/admin/admin/src/components/Layouts/Layout.js +4 -4
- package/dist/admin/admin/src/components/Layouts/Layout.js.map +1 -1
- package/dist/admin/admin/src/components/LazyOutlet.js +57 -0
- package/dist/admin/admin/src/components/LazyOutlet.js.map +1 -0
- package/dist/admin/admin/src/components/LazyOutlet.mjs +35 -0
- package/dist/admin/admin/src/components/LazyOutlet.mjs.map +1 -0
- package/dist/admin/admin/src/components/LeftMenu.js +3 -3
- package/dist/admin/admin/src/components/LeftMenu.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/MainNav.js +2 -2
- package/dist/admin/admin/src/components/MainNav/MainNav.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/MainNavLinks.js +4 -4
- package/dist/admin/admin/src/components/MainNav/MainNavLinks.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/NavBrand.js +2 -2
- package/dist/admin/admin/src/components/MainNav/NavBrand.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/NavBurgerMenu.js +3 -3
- package/dist/admin/admin/src/components/MainNav/NavBurgerMenu.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/NavLink.js +8 -8
- package/dist/admin/admin/src/components/MainNav/NavLink.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/NavUser.js +17 -7
- package/dist/admin/admin/src/components/MainNav/NavUser.js.map +1 -1
- package/dist/admin/admin/src/components/MainNav/NavUser.mjs +10 -0
- package/dist/admin/admin/src/components/MainNav/NavUser.mjs.map +1 -1
- package/dist/admin/admin/src/components/MainNav/TrialCountdown.js +3 -3
- package/dist/admin/admin/src/components/MainNav/TrialCountdown.js.map +1 -1
- package/dist/admin/admin/src/components/NpsSurvey.js +2 -2
- package/dist/admin/admin/src/components/NpsSurvey.js.map +1 -1
- package/dist/admin/admin/src/components/RelativeTime.js +3 -2
- package/dist/admin/admin/src/components/RelativeTime.js.map +1 -1
- package/dist/admin/admin/src/components/RelativeTime.mjs +3 -2
- package/dist/admin/admin/src/components/RelativeTime.mjs.map +1 -1
- package/dist/admin/admin/src/components/ResizeIndicator.js +6 -6
- package/dist/admin/admin/src/components/ResizeIndicator.js.map +1 -1
- package/dist/admin/admin/src/components/SubNav.js +11 -9
- package/dist/admin/admin/src/components/SubNav.js.map +1 -1
- package/dist/admin/admin/src/components/SubNav.mjs +4 -2
- package/dist/admin/admin/src/components/SubNav.mjs.map +1 -1
- package/dist/admin/admin/src/components/Table.js +9 -5
- package/dist/admin/admin/src/components/Table.js.map +1 -1
- package/dist/admin/admin/src/components/Table.mjs +6 -2
- package/dist/admin/admin/src/components/Table.mjs.map +1 -1
- package/dist/admin/admin/src/components/Theme.js +2 -2
- package/dist/admin/admin/src/components/Theme.js.map +1 -1
- package/dist/admin/admin/src/components/UnauthenticatedLogo.js +2 -2
- package/dist/admin/admin/src/components/UnauthenticatedLogo.js.map +1 -1
- package/dist/admin/admin/src/components/UpsellBanner.js +3 -3
- package/dist/admin/admin/src/components/UpsellBanner.js.map +1 -1
- package/dist/admin/admin/src/components/WidgetRoot.js +4 -7
- package/dist/admin/admin/src/components/WidgetRoot.js.map +1 -1
- package/dist/admin/admin/src/components/WidgetRoot.mjs +1 -1
- package/dist/admin/admin/src/components/WidgetRoot.mjs.map +1 -1
- package/dist/admin/admin/src/components/Widgets.js +5 -5
- package/dist/admin/admin/src/components/Widgets.js.map +1 -1
- package/dist/admin/admin/src/core/apis/Plugin.js.map +1 -1
- package/dist/admin/admin/src/core/apis/Plugin.mjs.map +1 -1
- package/dist/admin/admin/src/core/apis/Widgets.js +1 -1
- package/dist/admin/admin/src/core/apis/Widgets.js.map +1 -1
- package/dist/admin/admin/src/core/apis/Widgets.mjs +1 -1
- package/dist/admin/admin/src/core/apis/Widgets.mjs.map +1 -1
- package/dist/admin/admin/src/core/apis/router.js +19 -17
- package/dist/admin/admin/src/core/apis/router.js.map +1 -1
- package/dist/admin/admin/src/core/apis/router.mjs +19 -17
- package/dist/admin/admin/src/core/apis/router.mjs.map +1 -1
- package/dist/admin/admin/src/core/store/configure.js.map +1 -1
- package/dist/admin/admin/src/core/store/configure.mjs.map +1 -1
- package/dist/admin/admin/src/core/utils/createHook.js.map +1 -1
- package/dist/admin/admin/src/core/utils/createHook.mjs.map +1 -1
- package/dist/admin/admin/src/features/Tracking.js +3 -1
- package/dist/admin/admin/src/features/Tracking.js.map +1 -1
- package/dist/admin/admin/src/features/Tracking.mjs +3 -1
- package/dist/admin/admin/src/features/Tracking.mjs.map +1 -1
- package/dist/admin/admin/src/features/Widgets.js.map +1 -1
- package/dist/admin/admin/src/features/Widgets.mjs.map +1 -1
- package/dist/admin/admin/src/hooks/useMediaQuery.js +4 -4
- package/dist/admin/admin/src/hooks/useMediaQuery.js.map +1 -1
- package/dist/admin/admin/src/hooks/useMenu.js +5 -3
- package/dist/admin/admin/src/hooks/useMenu.js.map +1 -1
- package/dist/admin/admin/src/hooks/useMenu.mjs +5 -3
- package/dist/admin/admin/src/hooks/useMenu.mjs.map +1 -1
- package/dist/admin/admin/src/hooks/useQueryParams.js +0 -1
- package/dist/admin/admin/src/hooks/useQueryParams.js.map +1 -1
- package/dist/admin/admin/src/hooks/useQueryParams.mjs +0 -1
- package/dist/admin/admin/src/hooks/useQueryParams.mjs.map +1 -1
- package/dist/admin/admin/src/hooks/useThrottledCallback.js.map +1 -1
- package/dist/admin/admin/src/hooks/useThrottledCallback.mjs.map +1 -1
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.js +5 -3
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.js.map +1 -1
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.mjs +5 -3
- package/dist/admin/admin/src/layouts/AuthenticatedLayout.mjs.map +1 -1
- package/dist/admin/admin/src/layouts/UnauthenticatedLayout.js +3 -3
- package/dist/admin/admin/src/layouts/UnauthenticatedLayout.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/AuthPage.js +3 -2
- package/dist/admin/admin/src/pages/Auth/AuthPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/AuthPage.mjs +3 -2
- package/dist/admin/admin/src/pages/Auth/AuthPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Auth/components/Register.js +17 -9
- package/dist/admin/admin/src/pages/Auth/components/Register.js.map +1 -1
- package/dist/admin/admin/src/pages/Auth/components/Register.mjs +15 -7
- package/dist/admin/admin/src/pages/Auth/components/Register.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Home/HomePage.js +2 -2
- package/dist/admin/admin/src/pages/Home/HomePage.js.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/AddWidgetModal.js +3 -6
- package/dist/admin/admin/src/pages/Home/components/AddWidgetModal.js.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/AddWidgetModal.mjs +1 -1
- package/dist/admin/admin/src/pages/Home/components/AddWidgetModal.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.js +4 -8
- package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.js.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.mjs +1 -1
- package/dist/admin/admin/src/pages/Home/components/FreeTrialEndedModal.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/FreeTrialWelcomeModal.js +4 -8
- package/dist/admin/admin/src/pages/Home/components/FreeTrialWelcomeModal.js.map +1 -1
- package/dist/admin/admin/src/pages/Home/components/FreeTrialWelcomeModal.mjs +1 -1
- package/dist/admin/admin/src/pages/Home/components/FreeTrialWelcomeModal.mjs.map +1 -1
- package/dist/admin/admin/src/pages/SessionsPage.js +318 -0
- package/dist/admin/admin/src/pages/SessionsPage.js.map +1 -0
- package/dist/admin/admin/src/pages/SessionsPage.mjs +296 -0
- package/dist/admin/admin/src/pages/SessionsPage.mjs.map +1 -0
- package/dist/admin/admin/src/pages/Settings/Layout.js +4 -1
- package/dist/admin/admin/src/pages/Settings/Layout.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/Layout.mjs +5 -2
- package/dist/admin/admin/src/pages/Settings/Layout.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/SettingsNav.js +2 -2
- package/dist/admin/admin/src/pages/Settings/components/SettingsNav.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/SettingsNav.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/Tokens/FormHead.js +2 -2
- package/dist/admin/admin/src/pages/Settings/components/Tokens/FormHead.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/Tokens/Table.js +2 -2
- package/dist/admin/admin/src/pages/Settings/components/Tokens/Table.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/components/Tokens/TokenBox.js +2 -2
- package/dist/admin/admin/src/pages/Settings/components/Tokens/TokenBox.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/BoundRoute.js +2 -2
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/BoundRoute.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.js +4 -4
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/reducer.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/reducer.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js +1 -2
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs +1 -2
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/components/LogoInput.js +2 -2
- package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/components/LogoInput.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js +9 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs +7 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.js +7 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.mjs +7 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/EditPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.js +2 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.js +44 -10
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.mjs +34 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/CollapsePropertyMatrix.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.js +3 -3
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ContentTypeCollapses.js +5 -5
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/ContentTypeCollapses.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/HiddenAction.js +2 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/HiddenAction.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.js +38 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.mjs +38 -2
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/Permissions.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.js +3 -3
- package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/createArrayOfValues.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/createArrayOfValues.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.js +18 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.mjs +18 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/forms.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.js +59 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.js.map +1 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.mjs +52 -0
- package/dist/admin/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.mjs.map +1 -0
- package/dist/admin/admin/src/pages/Settings/pages/Users/ListPage.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Users/ListPage.mjs.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Users/components/SelectRoles.js +3 -3
- package/dist/admin/admin/src/pages/Settings/pages/Users/components/SelectRoles.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/Events.js +2 -2
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/Events.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.js +2 -2
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.js.map +1 -1
- package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.mjs.map +1 -1
- package/dist/admin/admin/src/router.js +9 -0
- package/dist/admin/admin/src/router.js.map +1 -1
- package/dist/admin/admin/src/router.mjs +9 -0
- package/dist/admin/admin/src/router.mjs.map +1 -1
- package/dist/admin/admin/src/services/auth.js +43 -2
- package/dist/admin/admin/src/services/auth.js.map +1 -1
- package/dist/admin/admin/src/services/auth.mjs +41 -3
- package/dist/admin/admin/src/services/auth.mjs.map +1 -1
- package/dist/admin/admin/src/translations/en.json.js +22 -0
- package/dist/admin/admin/src/translations/en.json.js.map +1 -1
- package/dist/admin/admin/src/translations/en.json.mjs +22 -0
- package/dist/admin/admin/src/translations/en.json.mjs.map +1 -1
- package/dist/admin/admin/src/translations/ja.json.js +726 -237
- package/dist/admin/admin/src/translations/ja.json.js.map +1 -1
- package/dist/admin/admin/src/translations/ja.json.mjs +723 -238
- package/dist/admin/admin/src/translations/ja.json.mjs.map +1 -1
- package/dist/admin/admin/src/translations/languageNativeNames.js +1 -0
- package/dist/admin/admin/src/translations/languageNativeNames.js.map +1 -1
- package/dist/admin/admin/src/translations/languageNativeNames.mjs +1 -0
- package/dist/admin/admin/src/translations/languageNativeNames.mjs.map +1 -1
- package/dist/admin/admin/src/translations/pl.json.js +22 -0
- package/dist/admin/admin/src/translations/pl.json.js.map +1 -1
- package/dist/admin/admin/src/translations/pl.json.mjs +22 -0
- package/dist/admin/admin/src/translations/pl.json.mjs.map +1 -1
- package/dist/admin/admin/src/utils/arrays.js.map +1 -1
- package/dist/admin/admin/src/utils/arrays.mjs.map +1 -1
- package/dist/admin/admin/src/utils/baseQuery.js +1 -1
- package/dist/admin/admin/src/utils/baseQuery.js.map +1 -1
- package/dist/admin/admin/src/utils/baseQuery.mjs +1 -1
- package/dist/admin/admin/src/utils/baseQuery.mjs.map +1 -1
- package/dist/admin/admin/src/utils/getFetchClient.js.map +1 -1
- package/dist/admin/admin/src/utils/getFetchClient.mjs.map +1 -1
- package/dist/admin/admin/src/utils/objects.js +43 -11
- package/dist/admin/admin/src/utils/objects.js.map +1 -1
- package/dist/admin/admin/src/utils/objects.mjs +43 -11
- package/dist/admin/admin/src/utils/objects.mjs.map +1 -1
- package/dist/admin/admin/src/utils/once.js.map +1 -1
- package/dist/admin/admin/src/utils/once.mjs.map +1 -1
- package/dist/admin/admin/src/utils/retryDynamicImport.js +85 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.js.map +1 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.mjs +80 -0
- package/dist/admin/admin/src/utils/retryDynamicImport.mjs.map +1 -0
- package/dist/admin/admin/src/utils/rulesEngine.js +2 -1
- package/dist/admin/admin/src/utils/rulesEngine.js.map +1 -1
- package/dist/admin/admin/src/utils/rulesEngine.mjs +2 -1
- package/dist/admin/admin/src/utils/rulesEngine.mjs.map +1 -1
- package/dist/admin/admin/src/utils/shims.js.map +1 -1
- package/dist/admin/admin/src/utils/shims.mjs.map +1 -1
- package/dist/admin/admin/src/utils/widgetVisibility.js +16 -1
- package/dist/admin/admin/src/utils/widgetVisibility.js.map +1 -1
- package/dist/admin/admin/src/utils/widgetVisibility.mjs +14 -2
- package/dist/admin/admin/src/utils/widgetVisibility.mjs.map +1 -1
- package/dist/admin/admin/tests/server.js +25 -0
- package/dist/admin/admin/tests/server.js.map +1 -1
- package/dist/admin/admin/tests/server.mjs +25 -0
- package/dist/admin/admin/tests/server.mjs.map +1 -1
- package/dist/admin/ee/admin/src/components/AuditLogs/Widgets.js +2 -2
- package/dist/admin/ee/admin/src/components/AuditLogs/Widgets.js.map +1 -1
- package/dist/admin/ee/admin/src/hooks/useLicenseLimitNotification.js +2 -2
- package/dist/admin/ee/admin/src/hooks/useLicenseLimitNotification.js.map +1 -1
- package/dist/admin/ee/admin/src/hooks/useLicenseLimitNotification.mjs +2 -2
- package/dist/admin/ee/admin/src/hooks/useLicenseLimitNotification.mjs.map +1 -1
- package/dist/admin/ee/admin/src/pages/AuthPage/components/Login.js +2 -2
- package/dist/admin/ee/admin/src/pages/AuthPage/components/Login.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/AuthPage/components/Providers.js +2 -2
- package/dist/admin/ee/admin/src/pages/AuthPage/components/Providers.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/AuthPage/components/SSOProviders.js +3 -3
- package/dist/admin/ee/admin/src/pages/AuthPage/components/SSOProviders.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AIUsage.js +3 -3
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AIUsage.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.mjs.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/components/ComboboxFilter.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/components/ComboboxFilter.mjs.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/components/Modal.js +2 -2
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/AuditLogs/components/Modal.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.js.map +1 -1
- package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.mjs.map +1 -1
- package/dist/admin/index.js +2 -0
- package/dist/admin/index.js.map +1 -1
- package/dist/admin/index.mjs +1 -0
- package/dist/admin/index.mjs.map +1 -1
- package/dist/admin/src/StrapiApp.d.ts +7 -7
- package/dist/admin/src/components/DescriptionComponentRenderer.d.ts +2 -1
- package/dist/admin/src/components/Form.d.ts +14 -12
- package/dist/admin/src/components/FormInputs/Boolean.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Checkbox.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/DateTime.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Email.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Enumeration.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Number.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Password.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Renderer.d.ts +1 -2
- package/dist/admin/src/components/FormInputs/String.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Textarea.d.ts +0 -1
- package/dist/admin/src/components/FormInputs/Time.d.ts +0 -1
- package/dist/admin/src/components/GuidedTour/GuidedTourProvider.d.ts +0 -1
- package/dist/admin/src/components/GuidedTour/Steps/Step.d.ts +1 -1
- package/dist/admin/src/components/LazyOutlet.d.ts +20 -0
- package/dist/admin/src/components/MainNav/MainNav.d.ts +1 -1
- package/dist/admin/src/components/MainNav/NavUser.d.ts +0 -1
- package/dist/admin/src/components/SubNav.d.ts +6 -7
- package/dist/admin/src/components/Table.d.ts +3 -2
- package/dist/admin/src/core/apis/Plugin.d.ts +2 -2
- package/dist/admin/src/core/apis/Widgets.d.ts +0 -1
- package/dist/admin/src/core/apis/router.d.ts +1 -1
- package/dist/admin/src/core/store/configure.d.ts +2 -2
- package/dist/admin/src/core/utils/createHook.d.ts +7 -7
- package/dist/admin/src/features/AppInfo.d.ts +1 -2
- package/dist/admin/src/features/StrapiApp.d.ts +1 -2
- package/dist/admin/src/hooks/useAPIErrorHandler.d.ts +1 -1
- package/dist/admin/src/hooks/useAdminRoles.d.ts +3 -3
- package/dist/admin/src/hooks/useFetchClient.d.ts +1 -1
- package/dist/admin/src/hooks/useMenu.d.ts +1 -1
- package/dist/admin/src/hooks/usePersistentState.d.ts +0 -1
- package/dist/admin/src/hooks/useQueryParams.d.ts +3 -2
- package/dist/admin/src/hooks/useThrottledCallback.d.ts +1 -2
- package/dist/admin/src/index.d.ts +1 -0
- package/dist/admin/src/layouts/UnauthenticatedLayout.d.ts +2 -2
- package/dist/admin/src/pages/SessionsPage.d.ts +2 -0
- package/dist/admin/src/pages/Settings/pages/ApiTokens/EditView/reducer.d.ts +1 -1
- package/dist/admin/src/pages/Settings/pages/Roles/components/CollapseLabel.d.ts +2 -3
- package/dist/admin/src/pages/Settings/pages/Roles/components/ConditionsButton.d.ts +2 -2
- package/dist/admin/src/pages/Settings/pages/Roles/components/HiddenAction.d.ts +0 -1
- package/dist/admin/src/pages/Settings/pages/Roles/components/Permissions.d.ts +2 -0
- package/dist/admin/src/pages/Settings/pages/Roles/utils/createArrayOfValues.d.ts +1 -1
- package/dist/admin/src/pages/Settings/pages/Roles/utils/forms.d.ts +1 -1
- package/dist/admin/src/pages/Settings/pages/Roles/utils/localePermissionValidation.d.ts +5 -0
- package/dist/admin/src/pages/Settings/pages/Roles/utils/permissions.d.ts +3 -1
- package/dist/admin/src/pages/Settings/pages/Webhooks/hooks/useWebhooks.d.ts +8 -8
- package/dist/admin/src/reducer.d.ts +1 -1
- package/dist/admin/src/services/admin.d.ts +8 -8
- package/dist/admin/src/services/api.d.ts +1 -1
- package/dist/admin/src/services/apiTokens.d.ts +3 -3
- package/dist/admin/src/services/auth.d.ts +29 -27
- package/dist/admin/src/services/contentApi.d.ts +2 -2
- package/dist/admin/src/services/contentManager.d.ts +1 -1
- package/dist/admin/src/services/homepage.d.ts +3 -3
- package/dist/admin/src/services/transferTokens.d.ts +1 -1
- package/dist/admin/src/services/users.d.ts +15 -15
- package/dist/admin/src/services/webhooks.d.ts +4 -4
- package/dist/admin/src/translations/languageNativeNames.d.ts +1 -0
- package/dist/admin/src/utils/arrays.d.ts +1 -1
- package/dist/admin/src/utils/baseQuery.d.ts +1 -1
- package/dist/admin/src/utils/getFetchClient.d.ts +7 -7
- package/dist/admin/src/utils/locales.d.ts +0 -1
- package/dist/admin/src/utils/objects.d.ts +6 -4
- package/dist/admin/src/utils/once.d.ts +1 -1
- package/dist/admin/src/utils/retryDynamicImport.d.ts +19 -0
- package/dist/admin/src/utils/shims.d.ts +1 -1
- package/dist/admin/src/utils/widgetVisibility.d.ts +11 -0
- package/dist/admin/tests/store.d.ts +4 -4
- package/dist/admin/tests/utils.d.ts +5 -5
- package/dist/ee/admin/src/pages/SettingsPage/pages/AuditLogs/utils/getDisplayedFilters.d.ts +1 -1
- package/dist/ee/admin/src/pages/SettingsPage/pages/AuditLogs/utils/tableHeaders.d.ts +2 -1
- package/dist/ee/admin/src/services/ai.d.ts +5 -5
- package/dist/ee/admin/src/services/auditLogs.d.ts +1 -1
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts +1 -1
- package/dist/ee/server/src/audit-logs/services/audit-logs.d.ts.map +1 -1
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts +3 -3
- package/dist/ee/server/src/audit-logs/services/lifecycles.d.ts.map +1 -1
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts +2 -2
- package/dist/ee/server/src/audit-logs/validation/audit-logs.d.ts.map +1 -1
- package/dist/ee/server/src/bootstrap.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts +30 -31
- package/dist/ee/server/src/controllers/authentication-utils/utils.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/index.d.ts +1 -2
- package/dist/ee/server/src/controllers/index.d.ts.map +1 -1
- package/dist/ee/server/src/controllers/user.d.ts +1 -1
- package/dist/ee/server/src/destroy.d.ts.map +1 -1
- package/dist/ee/server/src/index.d.ts +2 -3
- package/dist/ee/server/src/index.d.ts.map +1 -1
- package/dist/ee/server/src/register.d.ts.map +1 -1
- package/dist/ee/server/src/routes/utils.d.ts.map +1 -1
- package/dist/ee/server/src/services/auth.d.ts.map +1 -1
- package/dist/ee/server/src/services/index.d.ts +1 -1
- package/dist/ee/server/src/services/metrics.d.ts.map +1 -1
- package/dist/ee/server/src/services/passport/sso.d.ts.map +1 -1
- package/dist/ee/server/src/services/persist-tables.d.ts +1 -1
- package/dist/ee/server/src/services/persist-tables.d.ts.map +1 -1
- package/dist/ee/server/src/services/role.d.ts.map +1 -1
- package/dist/ee/server/src/services/user.d.ts.map +1 -1
- package/dist/ee/server/src/utils/index.d.ts.map +1 -1
- package/dist/ee/server/src/utils/sso-lock.d.ts.map +1 -1
- package/dist/ee/server/src/validation/authentication.d.ts +2 -2
- package/dist/ee/server/src/validation/role.d.ts +6 -6
- package/dist/ee/server/src/validation/role.d.ts.map +1 -1
- package/dist/ee/server/src/validation/user.d.ts.map +1 -1
- package/dist/server/server/src/content-types/session.js +6 -0
- package/dist/server/server/src/content-types/session.js.map +1 -1
- package/dist/server/server/src/content-types/session.mjs +6 -0
- package/dist/server/server/src/content-types/session.mjs.map +1 -1
- package/dist/server/server/src/controllers/admin.js.map +1 -1
- package/dist/server/server/src/controllers/admin.mjs.map +1 -1
- package/dist/server/server/src/controllers/authenticated-session.js +61 -0
- package/dist/server/server/src/controllers/authenticated-session.js.map +1 -0
- package/dist/server/server/src/controllers/authenticated-session.mjs +59 -0
- package/dist/server/server/src/controllers/authenticated-session.mjs.map +1 -0
- package/dist/server/server/src/controllers/authentication.js +11 -4
- package/dist/server/server/src/controllers/authentication.js.map +1 -1
- package/dist/server/server/src/controllers/authentication.mjs +12 -5
- package/dist/server/server/src/controllers/authentication.mjs.map +1 -1
- package/dist/server/server/src/controllers/index.js +2 -0
- package/dist/server/server/src/controllers/index.js.map +1 -1
- package/dist/server/server/src/controllers/index.mjs +2 -0
- package/dist/server/server/src/controllers/index.mjs.map +1 -1
- package/dist/server/server/src/controllers/role.js +2 -4
- package/dist/server/server/src/controllers/role.js.map +1 -1
- package/dist/server/server/src/controllers/role.mjs +2 -4
- package/dist/server/server/src/controllers/role.mjs.map +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.js +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.js.map +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.mjs +1 -1
- package/dist/server/server/src/routes/serve-admin-panel.mjs.map +1 -1
- package/dist/server/server/src/routes/users.js +12 -26
- package/dist/server/server/src/routes/users.js.map +1 -1
- package/dist/server/server/src/routes/users.mjs +12 -26
- package/dist/server/server/src/routes/users.mjs.map +1 -1
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.js +0 -2
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.js.map +1 -1
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.mjs +0 -2
- package/dist/server/server/src/services/permission/permissions-manager/sanitize.mjs.map +1 -1
- package/dist/server/server/src/services/permission/sections-builder/handlers.js +9 -2
- package/dist/server/server/src/services/permission/sections-builder/handlers.js.map +1 -1
- package/dist/server/server/src/services/permission/sections-builder/handlers.mjs +9 -2
- package/dist/server/server/src/services/permission/sections-builder/handlers.mjs.map +1 -1
- package/dist/server/server/src/services/role.js +7 -2
- package/dist/server/server/src/services/role.js.map +1 -1
- package/dist/server/server/src/services/role.mjs +7 -2
- package/dist/server/server/src/services/role.mjs.map +1 -1
- package/dist/server/server/src/strategies/admin.js +4 -0
- package/dist/server/server/src/strategies/admin.js.map +1 -1
- package/dist/server/server/src/strategies/admin.mjs +4 -0
- package/dist/server/server/src/strategies/admin.mjs.map +1 -1
- package/dist/server/server/src/validation/common-validators.js +19 -11
- package/dist/server/server/src/validation/common-validators.js.map +1 -1
- package/dist/server/server/src/validation/common-validators.mjs +19 -11
- package/dist/server/server/src/validation/common-validators.mjs.map +1 -1
- package/dist/server/server/src/validation/permission.js +1 -1
- package/dist/server/server/src/validation/permission.js.map +1 -1
- package/dist/server/server/src/validation/permission.mjs +1 -1
- package/dist/server/server/src/validation/permission.mjs.map +1 -1
- package/dist/server/server/src/validation/role.js +2 -2
- package/dist/server/server/src/validation/role.js.map +1 -1
- package/dist/server/server/src/validation/role.mjs +2 -2
- package/dist/server/server/src/validation/role.mjs.map +1 -1
- package/dist/server/src/ai/controllers/ai.d.ts +3 -3
- package/dist/server/src/ai/services/ai.d.ts.map +1 -1
- package/dist/server/src/bootstrap.d.ts.map +1 -1
- package/dist/server/src/config/admin-conditions.d.ts +2 -2
- package/dist/server/src/config/admin-conditions.d.ts.map +1 -1
- package/dist/server/src/content-types/index.d.ts +6 -0
- package/dist/server/src/content-types/index.d.ts.map +1 -1
- package/dist/server/src/content-types/session.d.ts +6 -0
- package/dist/server/src/content-types/session.d.ts.map +1 -1
- package/dist/server/src/controllers/admin-token.d.ts +5 -5
- package/dist/server/src/controllers/api-token.d.ts +1 -1
- package/dist/server/src/controllers/authenticated-session.d.ts +8 -0
- package/dist/server/src/controllers/authenticated-session.d.ts.map +1 -0
- package/dist/server/src/controllers/authenticated-user.d.ts +1 -1
- package/dist/server/src/controllers/authentication.d.ts +4 -4
- package/dist/server/src/controllers/authentication.d.ts.map +1 -1
- package/dist/server/src/controllers/formatters/conditions.d.ts +0 -1
- package/dist/server/src/controllers/formatters/conditions.d.ts.map +1 -1
- package/dist/server/src/controllers/formatters/format-actions-by-sections.d.ts.map +1 -1
- package/dist/server/src/controllers/homepage.d.ts +2 -2
- package/dist/server/src/controllers/homepage.d.ts.map +1 -1
- package/dist/server/src/controllers/index.d.ts +33 -43
- package/dist/server/src/controllers/index.d.ts.map +1 -1
- package/dist/server/src/controllers/role.d.ts +4 -4
- package/dist/server/src/controllers/transfer/runner.d.ts +4 -4
- package/dist/server/src/controllers/transfer/runner.d.ts.map +1 -1
- package/dist/server/src/controllers/transfer/token.d.ts +1 -1
- package/dist/server/src/controllers/user.d.ts +2 -2
- package/dist/server/src/controllers/webhooks.d.ts +4 -4
- package/dist/server/src/domain/action/index.d.ts +4 -65
- package/dist/server/src/domain/action/index.d.ts.map +1 -1
- package/dist/server/src/domain/action/provider.d.ts +30 -3
- package/dist/server/src/domain/action/provider.d.ts.map +1 -1
- package/dist/server/src/domain/condition/index.d.ts.map +1 -1
- package/dist/server/src/domain/condition/provider.d.ts +19 -2
- package/dist/server/src/domain/condition/provider.d.ts.map +1 -1
- package/dist/server/src/domain/permission/index.d.ts +0 -1
- package/dist/server/src/domain/permission/index.d.ts.map +1 -1
- package/dist/server/src/domain/user.d.ts.map +1 -1
- package/dist/server/src/index.d.ts +51 -63
- package/dist/server/src/index.d.ts.map +1 -1
- package/dist/server/src/middlewares/data-transfer.d.ts.map +1 -1
- package/dist/server/src/middlewares/index.d.ts +0 -1
- package/dist/server/src/middlewares/index.d.ts.map +1 -1
- package/dist/server/src/middlewares/rateLimit.d.ts.map +1 -1
- package/dist/server/src/policies/hasPermissions.d.ts.map +1 -1
- package/dist/server/src/policies/index.d.ts.map +1 -1
- package/dist/server/src/policies/isAuthenticatedAdmin.d.ts.map +1 -1
- package/dist/server/src/policies/isTelemetryEnabled.d.ts.map +1 -1
- package/dist/server/src/register.d.ts.map +1 -1
- package/dist/server/src/routes/index.d.ts +0 -1
- package/dist/server/src/routes/index.d.ts.map +1 -1
- package/dist/server/src/routes/serve-admin-panel.d.ts.map +1 -1
- package/dist/server/src/routes/transfer.d.ts +0 -1
- package/dist/server/src/routes/transfer.d.ts.map +1 -1
- package/dist/server/src/routes/users.d.ts.map +1 -1
- package/dist/server/src/services/action.d.ts.map +1 -1
- package/dist/server/src/services/api-token.d.ts +5 -6
- package/dist/server/src/services/api-token.d.ts.map +1 -1
- package/dist/server/src/services/auth.d.ts.map +1 -1
- package/dist/server/src/services/condition.d.ts.map +1 -1
- package/dist/server/src/services/content-type.d.ts.map +1 -1
- package/dist/server/src/services/encryption.d.ts.map +1 -1
- package/dist/server/src/services/homepage.d.ts.map +1 -1
- package/dist/server/src/services/index.d.ts +12 -21
- package/dist/server/src/services/index.d.ts.map +1 -1
- package/dist/server/src/services/metrics.d.ts.map +1 -1
- package/dist/server/src/services/passport/local-strategy.d.ts.map +1 -1
- package/dist/server/src/services/passport.d.ts +0 -1
- package/dist/server/src/services/passport.d.ts.map +1 -1
- package/dist/server/src/services/permission/engine.d.ts +1 -2
- package/dist/server/src/services/permission/engine.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/index.d.ts +5 -5
- package/dist/server/src/services/permission/permissions-manager/index.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/permission-fields.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/query-builders.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/sanitize.d.ts +3 -3
- package/dist/server/src/services/permission/permissions-manager/sanitize.d.ts.map +1 -1
- package/dist/server/src/services/permission/permissions-manager/validate.d.ts.map +1 -1
- package/dist/server/src/services/permission/queries.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/builder.d.ts +4 -4
- package/dist/server/src/services/permission/sections-builder/builder.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/handlers.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/index.d.ts +4 -4
- package/dist/server/src/services/permission/sections-builder/section.d.ts.map +1 -1
- package/dist/server/src/services/permission/sections-builder/utils.d.ts +0 -1
- package/dist/server/src/services/permission/sections-builder/utils.d.ts.map +1 -1
- package/dist/server/src/services/permission.d.ts +13 -38
- package/dist/server/src/services/permission.d.ts.map +1 -1
- package/dist/server/src/services/project-settings.d.ts +2 -4
- package/dist/server/src/services/project-settings.d.ts.map +1 -1
- package/dist/server/src/services/role.d.ts +7 -1
- package/dist/server/src/services/role.d.ts.map +1 -1
- package/dist/server/src/services/token.d.ts +1 -1
- package/dist/server/src/services/token.d.ts.map +1 -1
- package/dist/server/src/services/transfer/token.d.ts +11 -11
- package/dist/server/src/services/transfer/token.d.ts.map +1 -1
- package/dist/server/src/services/user.d.ts +3 -3
- package/dist/server/src/services/user.d.ts.map +1 -1
- package/dist/server/src/strategies/admin-token.d.ts +4 -4
- package/dist/server/src/strategies/admin-token.d.ts.map +1 -1
- package/dist/server/src/strategies/admin.d.ts.map +1 -1
- package/dist/server/src/strategies/api-token-utils.d.ts.map +1 -1
- package/dist/server/src/strategies/content-api-token.d.ts.map +1 -1
- package/dist/server/src/strategies/data-transfer.d.ts.map +1 -1
- package/dist/server/src/utils/normalize-email.d.ts.map +1 -1
- package/dist/server/src/validation/action-provider.d.ts +2 -2
- package/dist/server/src/validation/action-provider.d.ts.map +1 -1
- package/dist/server/src/validation/admin-tokens.d.ts +2 -2
- package/dist/server/src/validation/api-tokens.d.ts +4 -4
- package/dist/server/src/validation/authentication/forgot-password.d.ts +1 -1
- package/dist/server/src/validation/authentication/login.d.ts +1 -1
- package/dist/server/src/validation/authentication/register.d.ts +6 -6
- package/dist/server/src/validation/authentication/register.d.ts.map +1 -1
- package/dist/server/src/validation/authentication/reset-password.d.ts +1 -1
- package/dist/server/src/validation/common-functions/check-fields-are-correctly-nested.d.ts.map +1 -1
- package/dist/server/src/validation/common-functions/check-fields-dont-have-duplicates.d.ts.map +1 -1
- package/dist/server/src/validation/common-validators.d.ts.map +1 -1
- package/dist/server/src/validation/permission.d.ts +6 -6
- package/dist/server/src/validation/permission.d.ts.map +1 -1
- package/dist/server/src/validation/policies/hasPermissions.d.ts +2 -2
- package/dist/server/src/validation/project-settings.d.ts +6 -6
- package/dist/server/src/validation/role.d.ts +8 -8
- package/dist/server/src/validation/role.d.ts.map +1 -1
- package/dist/server/src/validation/transfer/token.d.ts +4 -4
- package/dist/server/src/validation/user.d.ts +8 -8
- package/dist/shared/contracts/permissions.d.ts +1 -0
- package/dist/shared/contracts/permissions.d.ts.map +1 -1
- package/dist/shared/contracts/sessions.d.ts +62 -0
- package/dist/shared/contracts/sessions.d.ts.map +1 -0
- package/dist/shared/contracts/shared.d.ts +1 -1
- package/dist/shared/contracts/shared.d.ts.map +1 -1
- package/dist/shared/utils/session-auth.d.ts +1 -1
- package/dist/shared/utils/session-auth.d.ts.map +1 -1
- package/package.json +12 -12
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sanitize.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedSanitize = async (data: unknown, options = {} as any) => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,cAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,kBAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,WAAEC,SAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,eAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,sBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,cAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,cAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,cAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,eAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,WAAAA,CAASF,KAAAA,CAAAA,IAAUG,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,YAAMC,IAAI,CACRC,eAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,cAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,eAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,eAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,cAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,cAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,cAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,WAAAA,CAAMC,IAAI,CACjCC,eAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,cAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,cAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,cAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,cAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,cAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,YAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,cAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,4CAAAA,CAA4BpE,SAAAA,CAAAA;;;AAI5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,WAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,WAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,gBAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,OAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,SAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,OAAAA,CAAKC,8BAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,8BAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"sanitize.js","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n const wrappedSanitize = async (data: unknown, options = {} as any): Promise<unknown> => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,cAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,kBAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,WAAEC,SAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,eAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,sBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,cAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,cAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,cAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,eAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,WAAAA,CAASF,KAAAA,CAAAA,IAAUG,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,YAAMC,IAAI,CACRC,eAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,cAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,eAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,eAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,cAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,UAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,WAAAA,CAAMC,IAAI,CACRC,cAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,cAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,cAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,WAAAA,CAAMC,IAAI,CACjCC,eAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,cAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,cAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,cAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,cAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,cAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,YAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,cAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,WAAAA,CAAMC,IAAI;QAEfsC,oBAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,oBAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,4CAAAA,CAA4BpE,SAAAA,CAAAA;AAE5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,WAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,WAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,gBAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,OAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,SAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,OAAAA,CAAKC,8BAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,8BAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,gBAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,OAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
|
|
@@ -102,8 +102,6 @@ var createSanitizeHelpers = (({ action, ability, model })=>{
|
|
|
102
102
|
};
|
|
103
103
|
const wrapSanitize = (createSanitizeFunction)=>{
|
|
104
104
|
const { getPermissionFields } = createPermissionFieldsCache(ability);
|
|
105
|
-
// TODO
|
|
106
|
-
// @ts-expect-error define the correct return type
|
|
107
105
|
const wrappedSanitize = async (data, options = {})=>{
|
|
108
106
|
if (isArray(data)) {
|
|
109
107
|
return Promise.all(data.map((entity)=>wrappedSanitize(entity, options)));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sanitize.mjs","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedSanitize = async (data: unknown, options = {} as any) => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,QAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,YAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,EAAEC,OAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,SAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,gBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,QAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,QAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,QAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,SAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,QAAAA,CAASF,KAAAA,CAAAA,IAAUG,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,MAAMC,IAAI,CACRC,SAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,QAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,SAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,SAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,QAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,QAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,QAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,KAAAA,CAAMC,IAAI,CACjCC,SAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,QAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,QAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,QAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,QAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,QAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,SAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,QAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,2BAAAA,CAA4BpE,OAAAA,CAAAA;;;AAI5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,QAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,QAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,QAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,IAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,MAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,IAAAA,CAAKC,yBAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,yBAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"sanitize.mjs","sources":["../../../../../../../server/src/services/permission/permissions-manager/sanitize.ts"],"sourcesContent":["import { subject as asSubject } from '@casl/ability';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport {\n contentTypes,\n traverseEntity,\n sanitize,\n async,\n traverse,\n createModelCache,\n} from '@strapi/utils';\nimport { createPermissionFieldsCache } from './permission-fields';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n // Create request-scoped model cache to avoid redundant getModel() calls\n const modelCache = createModelCache(strapi.getModel.bind(strapi));\n\n const ctx = {\n schema,\n getModel: modelCache.getModel,\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const createSanitizeFilters = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeSort = (ctx: any) =>\n async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const createSanitizeFields = (ctx: any) =>\n async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n const sanitizeFilters = createSanitizeFilters(ctx);\n const sanitizeSort = createSanitizeSort(ctx);\n const sanitizeFields = createSanitizeFields(ctx);\n\n /** Sanitize nested filters, sort, and fields inside populate. */\n const sanitizeNestedPopulate = async (\n { key, value, schema, attribute, getModel }: any,\n { set }: any\n ) => {\n if (attribute) {\n return;\n }\n\n const nestedCtx = { schema, getModel };\n\n if (key === 'sort') {\n const sanitizedSort = await createSanitizeSort(nestedCtx)(value);\n set(key, sanitizedSort);\n }\n\n if (key === 'filters') {\n const sanitizedFilters = await createSanitizeFilters(nestedCtx)(value);\n set(key, sanitizedFilters);\n }\n\n if (key === 'fields') {\n const sanitizedFields = await createSanitizeFields(nestedCtx)(value);\n set(key, sanitizedFields);\n }\n };\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx),\n traverse.traverseQueryPopulate(sanitizeNestedPopulate, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n const [sanitizedFilters, sanitizedSort, sanitizedPopulate, sanitizedFields] =\n await Promise.all([\n query.filters ? sanitizeFilters(query.filters) : undefined,\n query.sort ? sanitizeSort(query.sort) : undefined,\n query.populate ? sanitizePopulate(query.populate) : undefined,\n query.fields ? sanitizeFields(query.fields) : undefined,\n ]);\n\n if (sanitizedFilters !== undefined) sanitizedQuery.filters = sanitizedFilters;\n if (sanitizedSort !== undefined) sanitizedQuery.sort = sanitizedSort;\n if (sanitizedPopulate !== undefined) sanitizedQuery.populate = sanitizedPopulate;\n if (sanitizedFields !== undefined) sanitizedQuery.fields = sanitizedFields;\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n const { getPermissionFields } = createPermissionFieldsCache(ability);\n\n const wrappedSanitize = async (data: unknown, options = {} as any): Promise<unknown> => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const { permittedFields, hasAtLeastOneRegistered, shouldIncludeAll } = getPermissionFields(\n actionOverride,\n subject\n );\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /**\n * Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n */\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /**\n * Visitor used to remove hidden fields from the admin API responses\n */\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /**\n * Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n */\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /**\n * Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n */\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n"],"names":["visitors","removePassword","expandWildcardPopulate","sanitize","constants","isScalarAttribute","getNonVisibleAttributes","getNonWritableAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","action","ability","model","schema","strapi","getModel","removeDisallowedFields","modelCache","createModelCache","bind","ctx","createSanitizeQuery","options","fields","permittedFields","shouldIncludeAll","getQueryFields","permitted","createSanitizeFilters","async","pipe","traverse","traverseQueryFilters","omitDisallowedAdminUserFields","omitHiddenFields","key","value","remove","isObject","isEmpty","createSanitizeSort","traverseQuerySort","attribute","createSanitizeFields","traverseQueryFields","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizeNestedPopulate","set","nestedCtx","sanitizedSort","sanitizedFilters","sanitizedFields","sanitizePopulate","traverseQueryPopulate","query","sanitizedQuery","cloneDeep","sanitizedPopulate","Promise","all","filters","undefined","sort","populate","createSanitizeOutput","getOutputFields","traverseEntity","pickAllowedAdminUserFields","sanitizers","sanitizePasswords","uid","createSanitizeInput","getInputFields","omitCreatorRoles","wrapSanitize","createSanitizeFunction","getPermissionFields","createPermissionFieldsCache","wrappedSanitize","data","isArray","map","entity","subject","actionOverride","getDefaultOptions","hasAtLeastOneRegistered","sanitizeOptions","sanitizeFunction","defaults","asSubject","omit","isHidden","getOr","pickAllowedFields","pick","ADMIN_USER_ALLOWED_FIELDS","type","target","Array","includes","nonVisibleAttributes","writableAttributes","nonVisibleWritableAttributes","intersection","uniq","nonWritableAttributes","sanitizeOutput","sanitizeInput","sanitizeQuery"],"mappings":";;;;;;AA2BA,MAAM,EACJA,UAAU,EAAEC,cAAc,EAAEC,sBAAsB,EAAE,EACrD,GAAGC,QAAAA;AAEJ,MAAM,EACJC,SAAS,EACTC,iBAAiB,EACjBC,uBAAuB,EACvBC,wBAAwB,EACxBC,qBAAqB,EACtB,GAAGC,YAAAA;AACJ,MAAM,EACJC,YAAY,EACZC,gBAAgB,EAChBC,oBAAoB,EACpBC,oBAAoB,EACpBC,sBAAsB,EACtBC,oBAAoB,EACpBC,oBAAoB,EACrB,GAAGZ,SAAAA;AAEJ,MAAMa,gBAAAA,GAAmB;AAAC,IAAA;AAAc,CAAA;AACxC,MAAMC,aAAAA,GAAgB;AAACR,IAAAA,YAAAA;AAAcC,IAAAA;AAAiB,CAAA;AAEtD,4BAAe,CAAA,CAAC,EAAEQ,MAAM,EAAEC,OAAO,EAAEC,KAAK,EAAO,GAAA;IAC7C,MAAMC,MAAAA,GAASC,MAAAA,CAAOC,QAAQ,CAACH,KAAAA,CAAAA;AAE/B,IAAA,MAAM,EAAEI,sBAAsB,EAAE,GAAGtB,SAASH,QAAQ;;AAGpD,IAAA,MAAM0B,aAAaC,gBAAAA,CAAiBJ,MAAAA,CAAOC,QAAQ,CAACI,IAAI,CAACL,MAAAA,CAAAA,CAAAA;AAEzD,IAAA,MAAMM,GAAAA,GAAM;AACVP,QAAAA,MAAAA;AACAE,QAAAA,QAAAA,EAAUE,WAAWF;AACvB,KAAA;AAEA,IAAA,MAAMM,mBAAAA,GAAsB,CAACC,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;;AAGnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOC,cAAAA,CAAeH,OAAOI,SAAS,CAAA;AAExF,QAAA,MAAMC,wBAAwB,CAACR,GAAAA,GAC7BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASC,oBAAoB,CAAChB,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACvEW,QAAAA,CAASC,oBAAoB,CAACC,6BAAAA,EAA+Bb,MAC7DW,QAAAA,CAASC,oBAAoB,CAACE,gBAAAA,EAAkBd,MAChDW,QAAAA,CAASC,oBAAoB,CAACxC,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC9CW,SAASC,oBAAoB,CAAC,CAAC,EAAEG,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;gBACvD,IAAIC,QAAAA,CAASF,KAAAA,CAAAA,IAAUG,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACrCC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;AAGP,QAAA,MAAMoB,qBAAqB,CAACpB,GAAAA,GAC1BS,MAAMC,IAAI,CACRC,SAASU,iBAAiB,CAACzB,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,MACpEW,QAAAA,CAASU,iBAAiB,CAACR,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC1DW,SAASU,iBAAiB,CAACP,gBAAAA,EAAkBd,GAAAA,CAAAA,EAC7CW,SAASU,iBAAiB,CAACjD,gBAAgB4B,GAAAA,CAAAA,EAC3CW,QAAAA,CAASU,iBAAiB,CAAC,CAAC,EAAEN,GAAG,EAAEO,SAAS,EAAEN,KAAK,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;AAC/D,gBAAA,IAAI,CAACzC,iBAAAA,CAAkB8C,SAAAA,CAAAA,IAAcH,OAAAA,CAAQH,KAAAA,CAAAA,EAAQ;oBACnDC,MAAAA,CAAOF,GAAAA,CAAAA;AACT,gBAAA;YACF,CAAA,EAAGf,GAAAA,CAAAA,CAAAA;QAGP,MAAMuB,oBAAAA,GAAuB,CAACvB,GAAAA,GAC5BS,KAAAA,CAAMC,IAAI,CACRC,QAAAA,CAASa,mBAAmB,CAAC5B,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACtEW,QAAAA,CAASa,mBAAmB,CAACV,gBAAAA,EAAkBd,MAC/CW,QAAAA,CAASa,mBAAmB,CAACpD,cAAAA,EAAgB4B,GAAAA,CAAAA,CAAAA;AAGjD,QAAA,MAAMyB,kBAAkBjB,qBAAAA,CAAsBR,GAAAA,CAAAA;AAC9C,QAAA,MAAM0B,eAAeN,kBAAAA,CAAmBpB,GAAAA,CAAAA;AACxC,QAAA,MAAM2B,iBAAiBJ,oBAAAA,CAAqBvB,GAAAA,CAAAA;AAE5C,0EACA,MAAM4B,sBAAAA,GAAyB,OAC7B,EAAEb,GAAG,EAAEC,KAAK,EAAEvB,MAAM,EAAE6B,SAAS,EAAE3B,QAAQ,EAAO,EAChD,EAAEkC,GAAG,EAAO,GAAA;AAEZ,YAAA,IAAIP,SAAAA,EAAW;AACb,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMQ,SAAAA,GAAY;AAAErC,gBAAAA,MAAAA;AAAQE,gBAAAA;AAAS,aAAA;AAErC,YAAA,IAAIoB,QAAQ,MAAA,EAAQ;gBAClB,MAAMgB,aAAAA,GAAgB,MAAMX,kBAAAA,CAAmBU,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC1Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKgB,aAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIhB,QAAQ,SAAA,EAAW;gBACrB,MAAMiB,gBAAAA,GAAmB,MAAMxB,qBAAAA,CAAsBsB,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAChEa,gBAAAA,GAAAA,CAAId,GAAAA,EAAKiB,gBAAAA,CAAAA;AACX,YAAA;AAEA,YAAA,IAAIjB,QAAQ,QAAA,EAAU;gBACpB,MAAMkB,eAAAA,GAAkB,MAAMV,oBAAAA,CAAqBO,SAAAA,CAAAA,CAAWd,KAAAA,CAAAA;AAC9Da,gBAAAA,GAAAA,CAAId,GAAAA,EAAKkB,eAAAA,CAAAA;AACX,YAAA;AACF,QAAA,CAAA;AAEA,QAAA,MAAMC,gBAAAA,GAAmBzB,KAAAA,CAAMC,IAAI,CACjCC,SAASwB,qBAAqB,CAAC9D,sBAAAA,EAAwB2B,GAAAA,CAAAA,EACvDW,QAAAA,CAASwB,qBAAqB,CAACvC,sBAAAA,CAAuBQ,kBAAkBJ,GAAAA,CAAAA,EACxEW,QAAAA,CAASwB,qBAAqB,CAACtB,6BAAAA,EAA+Bb,GAAAA,CAAAA,EAC9DW,QAAAA,CAASwB,qBAAqB,CAACrB,gBAAAA,EAAkBd,GAAAA,CAAAA,EACjDW,QAAAA,CAASwB,qBAAqB,CAAC/D,cAAAA,EAAgB4B,GAAAA,CAAAA,EAC/CW,QAAAA,CAASwB,qBAAqB,CAACP,sBAAAA,EAAwB5B,GAAAA,CAAAA,CAAAA;AAGzD,QAAA,OAAO,OAAOoC,KAAAA,GAAAA;AACZ,YAAA,MAAMC,iBAAiBC,SAAAA,CAAUF,KAAAA,CAAAA;YAEjC,MAAM,CAACJ,kBAAkBD,aAAAA,EAAeQ,iBAAAA,EAAmBN,gBAAgB,GACzE,MAAMO,OAAAA,CAAQC,GAAG,CAAC;AAChBL,gBAAAA,KAAAA,CAAMM,OAAO,GAAGjB,eAAAA,CAAgBW,KAAAA,CAAMM,OAAO,CAAA,GAAIC,SAAAA;AACjDP,gBAAAA,KAAAA,CAAMQ,IAAI,GAAGlB,YAAAA,CAAaU,KAAAA,CAAMQ,IAAI,CAAA,GAAID,SAAAA;AACxCP,gBAAAA,KAAAA,CAAMS,QAAQ,GAAGX,gBAAAA,CAAiBE,KAAAA,CAAMS,QAAQ,CAAA,GAAIF,SAAAA;AACpDP,gBAAAA,KAAAA,CAAMjC,MAAM,GAAGwB,cAAAA,CAAeS,KAAAA,CAAMjC,MAAM,CAAA,GAAIwC;AAC/C,aAAA,CAAA;AAEH,YAAA,IAAIX,gBAAAA,KAAqBW,SAAAA,EAAWN,cAAAA,CAAeK,OAAO,GAAGV,gBAAAA;AAC7D,YAAA,IAAID,aAAAA,KAAkBY,SAAAA,EAAWN,cAAAA,CAAeO,IAAI,GAAGb,aAAAA;AACvD,YAAA,IAAIQ,iBAAAA,KAAsBI,SAAAA,EAAWN,cAAAA,CAAeQ,QAAQ,GAAGN,iBAAAA;AAC/D,YAAA,IAAIN,eAAAA,KAAoBU,SAAAA,EAAWN,cAAAA,CAAelC,MAAM,GAAG8B,eAAAA;YAE3D,OAAOI,cAAAA;AACT,QAAA,CAAA;AACF,IAAA,CAAA;AAEA,IAAA,MAAMS,oBAAAA,GAAuB,CAAC5C,OAAAA,GAAU,EAAS,GAAA;QAC/C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAO0C,eAAAA,CAAgB5C,OAAOI,SAAS,CAAA;QAEzF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAeC,0BAAAA,EAA4BjD;QAE3CgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;QAExD1B,QAAAA,CAAS4E,UAAU,CAACC,iBAAiB,CAAC;AACpC1D,YAAAA,MAAAA;AACAE,YAAAA,QAAAA,CAAAA,CAASyD,GAAW,EAAA;gBAClB,OAAO1D,MAAAA,CAAOC,QAAQ,CAACyD,GAAAA,CAAAA;AACzB,YAAA;AACF,SAAA,CAAA,CAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,mBAAAA,GAAsB,CAACnD,OAAAA,GAAU,EAAS,GAAA;QAC9C,MAAM,EAAEC,MAAM,EAAE,GAAGD,OAAAA;AAEnB,QAAA,MAAME,kBAAkBD,MAAAA,CAAOE,gBAAgB,GAAG,IAAA,GAAOiD,cAAAA,CAAenD,OAAOI,SAAS,CAAA;QAExF,OAAOE,KAAAA,CAAMC,IAAI;QAEfsC,cAAAA,CAAelC,gBAAAA,EAAkBd;QAEjCgD,cAAAA,CAAepD,sBAAAA,CAAuBQ,eAAAA,CAAAA,EAAkBJ,GAAAA,CAAAA;AAExDuD,QAAAA,gBAAAA,CAAAA;AAEJ,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,CAACC,sBAAAA,GAAAA;AACpB,QAAA,MAAM,EAAEC,mBAAmB,EAAE,GAAGC,2BAAAA,CAA4BpE,OAAAA,CAAAA;AAE5D,QAAA,MAAMqE,eAAAA,GAAkB,OAAOC,IAAAA,EAAe3D,OAAAA,GAAU,EAAS,GAAA;AAC/D,YAAA,IAAI4D,QAAQD,IAAAA,CAAAA,EAAO;gBACjB,OAAOrB,OAAAA,CAAQC,GAAG,CAACoB,IAAAA,CAAKE,GAAG,CAAC,CAACC,MAAAA,GAAoBJ,eAAAA,CAAgBI,MAAAA,EAAQ9D,OAAAA,CAAAA,CAAAA,CAAAA;AAC3E,YAAA;YAEA,MAAM,EAAE+D,OAAO,EAAE3E,MAAAA,EAAQ4E,cAAc,EAAE,GAAGC,kBAAkBN,IAAAA,EAAM3D,OAAAA,CAAAA;YAEpE,MAAM,EAAEE,eAAe,EAAEgE,uBAAuB,EAAE/D,gBAAgB,EAAE,GAAGqD,mBAAAA,CACrEQ,cAAAA,EACAD,OAAAA,CAAAA;AAGF,YAAA,MAAMI,eAAAA,GAAkB;AACtB,gBAAA,GAAGnE,OAAO;gBACVC,MAAAA,EAAQ;AACNE,oBAAAA,gBAAAA;oBACAE,SAAAA,EAAWH,eAAAA;AACXgE,oBAAAA;AACF;AACF,aAAA;AAEA,YAAA,MAAME,mBAAmBb,sBAAAA,CAAuBY,eAAAA,CAAAA;AAEhD,YAAA,OAAOC,gBAAAA,CAAiBT,IAAAA,CAAAA;AAC1B,QAAA,CAAA;QAEA,OAAOD,eAAAA;AACT,IAAA,CAAA;IAEA,MAAMO,iBAAAA,GAAoB,CAACN,IAAAA,EAAW3D,OAAAA,GAAAA;AACpC,QAAA,OAAOqE,QAAAA,CAAS;AAAEN,YAAAA,OAAAA,EAASO,QAAUhF,KAAAA,EAAOqE,IAAAA,CAAAA;AAAOvE,YAAAA;SAAO,EAAGY,OAAAA,CAAAA;AAC/D,IAAA,CAAA;AAEA;;MAGA,MAAMqD,mBAAmBkB,IAAAA,CAAK;QAAC,CAAA,EAAGvF,oBAAAA,CAAqB,MAAM,CAAC;QAAE,CAAA,EAAGC,oBAAAA,CAAqB,MAAM;AAAE,KAAA,CAAA;AAEhG;;MAGA,MAAM2B,gBAAAA,GAAmB,CAAC,EAAEC,GAAG,EAAEtB,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QAC7D,MAAMyD,QAAAA,GAAWC,MAAM,KAAA,EAAO;AAAC,YAAA,QAAA;AAAU,YAAA,YAAA;AAAc5D,YAAAA,GAAAA;AAAK,YAAA;SAAS,EAAEtB,MAAAA,CAAAA;AAEvE,QAAA,IAAIiF,QAAAA,EAAU;YACZzD,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMkC,0BAAAA,GAA6B,CAAC,EAAE3B,SAAS,EAAEP,GAAG,EAAEC,KAAK,EAAO,EAAE,EAAEa,GAAG,EAAO,GAAA;AAC9E,QAAA,MAAM+C,oBAAoBC,IAAAA,CAAKC,yBAAAA,CAAAA;AAC/B,QAAA,IAAI,CAACxD,SAAAA,EAAW;AACd,YAAA;AACF,QAAA;QAEA,IAAIA,SAAAA,CAAUyD,IAAI,KAAK,UAAA,IAAczD,UAAU0D,MAAM,KAAK,iBAAiBhE,KAAAA,EAAO;YAChF,IAAIiE,KAAAA,CAAMnB,OAAO,CAAC9C,KAAAA,CAAAA,EAAQ;gBACxBa,GAAAA,CAAId,GAAAA,EAAKC,KAAAA,CAAM+C,GAAG,CAACa,iBAAAA,CAAAA,CAAAA;YACrB,CAAA,MAAO;AACL/C,gBAAAA,GAAAA,CAAId,KAAK6D,iBAAAA,CAAkB5D,KAAAA,CAAAA,CAAAA;AAC7B,YAAA;AACF,QAAA;AACF,IAAA,CAAA;AAEA;;AAEC,MACD,MAAMH,6BAAAA,GAAgC,CAAC,EAAEE,GAAG,EAAEO,SAAS,EAAE7B,MAAM,EAAO,EAAE,EAAEwB,MAAM,EAAO,GAAA;QACrF,IAAIxB,MAAAA,CAAO2D,GAAG,KAAK,aAAA,IAAiB9B,aAAa,CAACwD,yBAAAA,CAA0BI,QAAQ,CAACnE,GAAAA,CAAAA,EAAM;YACzFE,MAAAA,CAAOF,GAAAA,CAAAA;AACT,QAAA;AACF,IAAA,CAAA;IAEA,MAAMuC,cAAAA,GAAiB,CAACnD,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AAAIpF,YAAAA,GAAAA,MAAAA;AAAWf,YAAAA,GAAAA,gBAAAA;AAAqBiG,YAAAA,GAAAA;AAA6B,SAAA,CAAA;AAC/E,IAAA,CAAA;IAEA,MAAMtC,eAAAA,GAAkB,CAAC5C,MAAAA,GAAS,EAAE,GAAA;AAClC,QAAA,MAAMqF,wBAAwB9G,wBAAAA,CAAyBe,MAAAA,CAAAA;AACvD,QAAA,MAAM0F,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AAErD,QAAA,OAAO8F,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAoG,YAAAA,GAAAA,qBAAAA;AACAL,YAAAA,GAAAA,oBAAAA;AACHpG,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,MAAMsB,cAAAA,GAAiB,CAACH,MAAAA,GAAS,EAAE,GAAA;AACjC,QAAA,MAAMgF,uBAAuB1G,uBAAAA,CAAwBgB,MAAAA,CAAAA;AACrD,QAAA,MAAM2F,qBAAqBzG,qBAAAA,CAAsBc,MAAAA,CAAAA;QAEjD,MAAM4F,4BAAAA,GAA+BC,aAAaH,oBAAAA,EAAsBC,kBAAAA,CAAAA;AAExE,QAAA,OAAOG,IAAAA,CAAK;AACPpF,YAAAA,GAAAA,MAAAA;AACAd,YAAAA,GAAAA,aAAAA;AACAD,YAAAA,GAAAA,gBAAAA;AACAiG,YAAAA,GAAAA,4BAAAA;AACHtG,YAAAA,oBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA,sBAAAA;AACAC,YAAAA,oBAAAA;AACAC,YAAAA;AACD,SAAA,CAAA;AACH,IAAA,CAAA;IAEA,OAAO;AACLsG,QAAAA,cAAAA,EAAgBjC,YAAAA,CAAaV,oBAAAA,CAAAA;AAC7B4C,QAAAA,aAAAA,EAAelC,YAAAA,CAAaH,mBAAAA,CAAAA;AAC5BsC,QAAAA,aAAAA,EAAenC,YAAAA,CAAavD,mBAAAA;AAC9B,KAAA;AACF,CAAA;;;;"}
|
|
@@ -45,11 +45,15 @@ const { isVisibleAttribute } = utils.contentTypes;
|
|
|
45
45
|
* @param {ContentTypesSection} section
|
|
46
46
|
*/ const contentTypesBase = ({ action, section })=>{
|
|
47
47
|
const { displayName, actionId, subjects, options } = action;
|
|
48
|
+
// Strip non-displayed content types so they don't appear as configurable subjects
|
|
49
|
+
// in the roles UI (e.g. plugin::users-permissions.role).
|
|
50
|
+
const allContentTypes = strapi.contentTypes;
|
|
51
|
+
const filteredSubjects = subjects?.filter((uid)=>allContentTypes[uid]?.pluginOptions?.['content-manager']?.visible !== false);
|
|
48
52
|
section.actions.push({
|
|
49
53
|
// @ts-expect-error - label should be displayName, TODO: Investigate at which point the label property
|
|
50
54
|
label: displayName,
|
|
51
55
|
actionId,
|
|
52
|
-
subjects,
|
|
56
|
+
subjects: filteredSubjects,
|
|
53
57
|
...utils$1.getValidOptions(options)
|
|
54
58
|
});
|
|
55
59
|
};
|
|
@@ -64,7 +68,10 @@ const { isVisibleAttribute } = utils.contentTypes;
|
|
|
64
68
|
const newSubjects = subjects// Ignore already added subjects
|
|
65
69
|
.filter(utils$1.isNotInSubjects(contentTypesSection.subjects))// Transform UIDs into content-types
|
|
66
70
|
.map(utils$1.resolveContentType)// Only keep specific kind of content-types
|
|
67
|
-
.filter(utils$1.isOfKind(kind))//
|
|
71
|
+
.filter(utils$1.isOfKind(kind))// Exclude content types hidden from the content manager (e.g. plugin::users-permissions.role).
|
|
72
|
+
// Those types are valid explorer.read subjects so that super admin can read relation targets,
|
|
73
|
+
// but they should not appear as configurable permissions in the roles UI.
|
|
74
|
+
.filter((ct)=>ct?.pluginOptions?.['content-manager']?.visible !== false)// Transform the content-types into section's subjects
|
|
68
75
|
.map(utils$1.toSubjectTemplate);
|
|
69
76
|
contentTypesSection.subjects.push(...newSubjects);
|
|
70
77
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"handlers.js","sources":["../../../../../../../server/src/services/permission/sections-builder/handlers.ts"],"sourcesContent":["import type { Internal } from '@strapi/types';\nimport { contentTypes } from '@strapi/utils';\nimport {\n toSubjectTemplate,\n getValidOptions,\n hasProperty,\n isNotInSubjects,\n resolveContentType,\n isOfKind,\n} from './utils';\nimport type { Action } from '../../../domain/action';\n\nconst { isVisibleAttribute } = contentTypes;\n\nexport type ContentTypesSection = {\n actions: Action[];\n subjects: any[];\n};\n\nexport type ActionArraySection = Action[];\n\n/**\n * Transforms & adds the given setting action to the section\n * Note: The action is transformed to a setting specific format\n * @param options\n * @param options.action\n * @param section\n */\nconst settings = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { category, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n category,\n subCategory,\n // TODO: Investigate at which point the action property is transformed to actionId\n // @ts-expect-error - action should be actionID\n action: actionId,\n });\n};\n\n/**\n * Transforms & adds the given plugin action to the section\n * Note: The action is transformed to a plugin specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ActionArraySection} section\n */\nconst plugins = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { pluginName, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n // @ts-expect-error - plugin should be pluginName, TODO: Investigate at which point the plugin property\n plugin: pluginName,\n subCategory,\n action: actionId,\n });\n};\n\n/**\n * Transforms & adds the given action to the section's actions field\n * Note: The action is transformed to a content-type specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ContentTypesSection} section\n */\nconst contentTypesBase = ({\n action,\n section,\n}: {\n action: Action;\n section: ContentTypesSection;\n}) => {\n const { displayName, actionId, subjects, options } = action;\n\n section.actions.push({\n // @ts-expect-error - label should be displayName, TODO: Investigate at which point the label property\n label: displayName,\n actionId,\n subjects,\n ...getValidOptions(options),\n });\n};\n\n/**\n * Initialize the subjects array of a section based on the action's subjects\n */\nconst subjectsHandlerFor =\n (kind: string) =>\n ({ action, section: contentTypesSection }: { action: Action; section: ContentTypesSection }) => {\n // TODO: add a type guard for UID.ContentType\n const subjects = action.subjects as Internal.UID.ContentType[];\n\n if (!subjects?.length) {\n return;\n }\n\n const newSubjects = subjects\n // Ignore already added subjects\n .filter(isNotInSubjects(contentTypesSection.subjects))\n // Transform UIDs into content-types\n .map(resolveContentType)\n // Only keep specific kind of content-types\n .filter(isOfKind(kind))\n // Transform the content-types into section's subjects\n .map(toSubjectTemplate);\n\n contentTypesSection.subjects.push(...newSubjects);\n };\n\nconst buildNode = (model: any, attributeName: string, attribute: any) => {\n if (!isVisibleAttribute(model, attributeName)) {\n return null;\n }\n\n const node = { label: attributeName, value: attributeName };\n\n if (attribute.required) {\n Object.assign(node, { required: true });\n }\n\n if (attribute.type === 'component') {\n const component = strapi.components[attribute.component];\n return { ...node, children: buildDeepAttributesCollection(component) };\n }\n\n return node;\n};\n\nconst buildDeepAttributesCollection = (model: any): unknown => {\n return Object.entries(model.attributes)\n .map(([attributeName, attribute]) => buildNode(model, attributeName, attribute))\n .filter((node) => node !== null);\n};\n\n/**\n * Create and populate the fields property for section's subjects based on the action's subjects list\n */\nconst fieldsProperty = ({ action, section }: { action: Action; section: ContentTypesSection }) => {\n const { subjects } = action;\n\n section.subjects\n .filter((subject) => subjects?.includes(subject.uid))\n .forEach((subject) => {\n const { uid } = subject;\n const contentType = resolveContentType(uid);\n\n if (hasProperty('fields', subject)) {\n return;\n }\n\n const fields = buildDeepAttributesCollection(contentType);\n const fieldsProp = { label: 'Fields', value: 'fields', children: fields };\n\n subject.properties.push(fieldsProp);\n });\n};\n\nexport { plugins, settings, subjectsHandlerFor, contentTypesBase, fieldsProperty };\n"],"names":["isVisibleAttribute","contentTypes","settings","action","section","category","subCategory","displayName","actionId","push","plugins","pluginName","plugin","contentTypesBase","subjects","options","actions","label","getValidOptions","subjectsHandlerFor","kind","contentTypesSection","length","newSubjects","
|
|
1
|
+
{"version":3,"file":"handlers.js","sources":["../../../../../../../server/src/services/permission/sections-builder/handlers.ts"],"sourcesContent":["import type { Internal } from '@strapi/types';\nimport { contentTypes } from '@strapi/utils';\nimport {\n toSubjectTemplate,\n getValidOptions,\n hasProperty,\n isNotInSubjects,\n resolveContentType,\n isOfKind,\n} from './utils';\nimport type { Action } from '../../../domain/action';\n\nconst { isVisibleAttribute } = contentTypes;\n\nexport type ContentTypesSection = {\n actions: Action[];\n subjects: any[];\n};\n\nexport type ActionArraySection = Action[];\n\n/**\n * Transforms & adds the given setting action to the section\n * Note: The action is transformed to a setting specific format\n * @param options\n * @param options.action\n * @param section\n */\nconst settings = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { category, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n category,\n subCategory,\n // TODO: Investigate at which point the action property is transformed to actionId\n // @ts-expect-error - action should be actionID\n action: actionId,\n });\n};\n\n/**\n * Transforms & adds the given plugin action to the section\n * Note: The action is transformed to a plugin specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ActionArraySection} section\n */\nconst plugins = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { pluginName, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n // @ts-expect-error - plugin should be pluginName, TODO: Investigate at which point the plugin property\n plugin: pluginName,\n subCategory,\n action: actionId,\n });\n};\n\n/**\n * Transforms & adds the given action to the section's actions field\n * Note: The action is transformed to a content-type specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ContentTypesSection} section\n */\nconst contentTypesBase = ({\n action,\n section,\n}: {\n action: Action;\n section: ContentTypesSection;\n}) => {\n const { displayName, actionId, subjects, options } = action;\n\n // Strip non-displayed content types so they don't appear as configurable subjects\n // in the roles UI (e.g. plugin::users-permissions.role).\n const allContentTypes = strapi.contentTypes as Record<string, any>;\n const filteredSubjects = subjects?.filter(\n (uid) =>\n (\n allContentTypes[uid as string]?.pluginOptions?.['content-manager'] as\n | { visible?: boolean }\n | undefined\n )?.visible !== false\n );\n\n section.actions.push({\n // @ts-expect-error - label should be displayName, TODO: Investigate at which point the label property\n label: displayName,\n actionId,\n subjects: filteredSubjects,\n ...getValidOptions(options),\n });\n};\n\n/**\n * Initialize the subjects array of a section based on the action's subjects\n */\nconst subjectsHandlerFor =\n (kind: string) =>\n ({ action, section: contentTypesSection }: { action: Action; section: ContentTypesSection }) => {\n // TODO: add a type guard for UID.ContentType\n const subjects = action.subjects as Internal.UID.ContentType[];\n\n if (!subjects?.length) {\n return;\n }\n\n const newSubjects = subjects\n // Ignore already added subjects\n .filter(isNotInSubjects(contentTypesSection.subjects))\n // Transform UIDs into content-types\n .map(resolveContentType)\n // Only keep specific kind of content-types\n .filter(isOfKind(kind))\n // Exclude content types hidden from the content manager (e.g. plugin::users-permissions.role).\n // Those types are valid explorer.read subjects so that super admin can read relation targets,\n // but they should not appear as configurable permissions in the roles UI.\n .filter(\n (ct) =>\n (ct?.pluginOptions?.['content-manager'] as { visible?: boolean } | undefined)?.visible !==\n false\n )\n // Transform the content-types into section's subjects\n .map(toSubjectTemplate);\n\n contentTypesSection.subjects.push(...newSubjects);\n };\n\nconst buildNode = (model: any, attributeName: string, attribute: any) => {\n if (!isVisibleAttribute(model, attributeName)) {\n return null;\n }\n\n const node = { label: attributeName, value: attributeName };\n\n if (attribute.required) {\n Object.assign(node, { required: true });\n }\n\n if (attribute.type === 'component') {\n const component = strapi.components[attribute.component];\n return { ...node, children: buildDeepAttributesCollection(component) };\n }\n\n return node;\n};\n\nconst buildDeepAttributesCollection = (model: any): unknown => {\n return Object.entries(model.attributes)\n .map(([attributeName, attribute]) => buildNode(model, attributeName, attribute))\n .filter((node) => node !== null);\n};\n\n/**\n * Create and populate the fields property for section's subjects based on the action's subjects list\n */\nconst fieldsProperty = ({ action, section }: { action: Action; section: ContentTypesSection }) => {\n const { subjects } = action;\n\n section.subjects\n .filter((subject) => subjects?.includes(subject.uid))\n .forEach((subject) => {\n const { uid } = subject;\n const contentType = resolveContentType(uid);\n\n if (hasProperty('fields', subject)) {\n return;\n }\n\n const fields = buildDeepAttributesCollection(contentType);\n const fieldsProp = { label: 'Fields', value: 'fields', children: fields };\n\n subject.properties.push(fieldsProp);\n });\n};\n\nexport { plugins, settings, subjectsHandlerFor, contentTypesBase, fieldsProperty };\n"],"names":["isVisibleAttribute","contentTypes","settings","action","section","category","subCategory","displayName","actionId","push","plugins","pluginName","plugin","contentTypesBase","subjects","options","allContentTypes","strapi","filteredSubjects","filter","uid","pluginOptions","visible","actions","label","getValidOptions","subjectsHandlerFor","kind","contentTypesSection","length","newSubjects","isNotInSubjects","map","resolveContentType","isOfKind","ct","toSubjectTemplate","buildNode","model","attributeName","attribute","node","value","required","Object","assign","type","component","components","children","buildDeepAttributesCollection","entries","attributes","fieldsProperty","subject","includes","forEach","contentType","hasProperty","fields","fieldsProp","properties"],"mappings":";;;;;AAYA,MAAM,EAAEA,kBAAkB,EAAE,GAAGC,kBAAAA;AAS/B;;;;;;AAMC,UACKC,QAAAA,GAAW,CAAC,EAAEC,MAAM,EAAEC,OAAO,EAAmD,GAAA;IACpF,MAAM,EAAEC,QAAQ,EAAEC,WAAW,EAAEC,WAAW,EAAEC,QAAQ,EAAE,GAAGL,MAAAA;AAEzDC,IAAAA,OAAAA,CAAQK,IAAI,CAAC;AACXF,QAAAA,WAAAA;AACAF,QAAAA,QAAAA;AACAC,QAAAA,WAAAA;;;QAGAH,MAAAA,EAAQK;AACV,KAAA,CAAA;AACF;AAEA;;;;;;AAMC,UACKE,OAAAA,GAAU,CAAC,EAAEP,MAAM,EAAEC,OAAO,EAAmD,GAAA;IACnF,MAAM,EAAEO,UAAU,EAAEL,WAAW,EAAEC,WAAW,EAAEC,QAAQ,EAAE,GAAGL,MAAAA;AAE3DC,IAAAA,OAAAA,CAAQK,IAAI,CAAC;AACXF,QAAAA,WAAAA;;QAEAK,MAAAA,EAAQD,UAAAA;AACRL,QAAAA,WAAAA;QACAH,MAAAA,EAAQK;AACV,KAAA,CAAA;AACF;AAEA;;;;;;AAMC,UACKK,gBAAAA,GAAmB,CAAC,EACxBV,MAAM,EACNC,OAAO,EAIR,GAAA;IACC,MAAM,EAAEG,WAAW,EAAEC,QAAQ,EAAEM,QAAQ,EAAEC,OAAO,EAAE,GAAGZ,MAAAA;;;IAIrD,MAAMa,eAAAA,GAAkBC,OAAOhB,YAAY;AAC3C,IAAA,MAAMiB,gBAAAA,GAAmBJ,QAAAA,EAAUK,MAAAA,CACjC,CAACC,MACC,eACiB,CAACA,GAAAA,CAAc,EAAEC,aAAAA,GAAgB,iBAAA,CAAkB,EAGjEC,OAAAA,KAAY,KAAA,CAAA;IAGnBlB,OAAAA,CAAQmB,OAAO,CAACd,IAAI,CAAC;;QAEnBe,KAAAA,EAAOjB,WAAAA;AACPC,QAAAA,QAAAA;QACAM,QAAAA,EAAUI,gBAAAA;AACV,QAAA,GAAGO,wBAAgBV,OAAAA;AACrB,KAAA,CAAA;AACF;AAEA;;IAGA,MAAMW,kBAAAA,GACJ,CAACC,IAAAA,GACD,CAAC,EAAExB,MAAM,EAAEC,OAAAA,EAASwB,mBAAmB,EAAoD,GAAA;;QAEzF,MAAMd,QAAAA,GAAWX,OAAOW,QAAQ;QAEhC,IAAI,CAACA,UAAUe,MAAAA,EAAQ;AACrB,YAAA;AACF,QAAA;QAEA,MAAMC,WAAAA,GAAchB,QAClB;AACCK,SAAAA,MAAM,CAACY,uBAAAA,CAAgBH,mBAAAA,CAAoBd,QAAQ,EACpD;SACCkB,GAAG,CAACC,2BACL;SACCd,MAAM,CAACe,gBAAAA,CAASP,IAAAA,CAAAA,CACjB;;;SAGCR,MAAM,CACL,CAACgB,EAAAA,GACC,EAACA,EAAId,aAAAA,GAAgB,iBAAA,CAAkB,EAAwCC,OAAAA,KAC/E,KAAA,CAEJ;AACCU,SAAAA,GAAG,CAACI,yBAAAA,CAAAA;QAEPR,mBAAAA,CAAoBd,QAAQ,CAACL,IAAI,CAAA,GAAIqB,WAAAA,CAAAA;AACvC,IAAA;AAEF,MAAMO,SAAAA,GAAY,CAACC,KAAAA,EAAYC,aAAAA,EAAuBC,SAAAA,GAAAA;IACpD,IAAI,CAACxC,kBAAAA,CAAmBsC,KAAAA,EAAOC,aAAAA,CAAAA,EAAgB;QAC7C,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,MAAME,IAAAA,GAAO;QAAEjB,KAAAA,EAAOe,aAAAA;QAAeG,KAAAA,EAAOH;AAAc,KAAA;IAE1D,IAAIC,SAAAA,CAAUG,QAAQ,EAAE;QACtBC,MAAAA,CAAOC,MAAM,CAACJ,IAAAA,EAAM;YAAEE,QAAAA,EAAU;AAAK,SAAA,CAAA;AACvC,IAAA;IAEA,IAAIH,SAAAA,CAAUM,IAAI,KAAK,WAAA,EAAa;AAClC,QAAA,MAAMC,YAAY9B,MAAAA,CAAO+B,UAAU,CAACR,SAAAA,CAAUO,SAAS,CAAC;QACxD,OAAO;AAAE,YAAA,GAAGN,IAAI;AAAEQ,YAAAA,QAAAA,EAAUC,6BAAAA,CAA8BH,SAAAA;AAAW,SAAA;AACvE,IAAA;IAEA,OAAON,IAAAA;AACT,CAAA;AAEA,MAAMS,gCAAgC,CAACZ,KAAAA,GAAAA;IACrC,OAAOM,MAAAA,CAAOO,OAAO,CAACb,KAAAA,CAAMc,UAAU,CAAA,CACnCpB,GAAG,CAAC,CAAC,CAACO,eAAeC,SAAAA,CAAU,GAAKH,UAAUC,KAAAA,EAAOC,aAAAA,EAAeC,YACpErB,MAAM,CAAC,CAACsB,IAAAA,GAASA,IAAAA,KAAS,IAAA,CAAA;AAC/B,CAAA;AAEA;;AAEC,UACKY,cAAAA,GAAiB,CAAC,EAAElD,MAAM,EAAEC,OAAO,EAAoD,GAAA;IAC3F,MAAM,EAAEU,QAAQ,EAAE,GAAGX,MAAAA;AAErBC,IAAAA,OAAAA,CAAQU,QAAQ,CACbK,MAAM,CAAC,CAACmC,OAAAA,GAAYxC,QAAAA,EAAUyC,QAAAA,CAASD,OAAAA,CAAQlC,GAAG,CAAA,CAAA,CAClDoC,OAAO,CAAC,CAACF,OAAAA,GAAAA;QACR,MAAM,EAAElC,GAAG,EAAE,GAAGkC,OAAAA;AAChB,QAAA,MAAMG,cAAcxB,0BAAAA,CAAmBb,GAAAA,CAAAA;QAEvC,IAAIsC,mBAAAA,CAAY,UAAUJ,OAAAA,CAAAA,EAAU;AAClC,YAAA;AACF,QAAA;AAEA,QAAA,MAAMK,SAAST,6BAAAA,CAA8BO,WAAAA,CAAAA;AAC7C,QAAA,MAAMG,UAAAA,GAAa;YAAEpC,KAAAA,EAAO,QAAA;YAAUkB,KAAAA,EAAO,QAAA;YAAUO,QAAAA,EAAUU;AAAO,SAAA;QAExEL,OAAAA,CAAQO,UAAU,CAACpD,IAAI,CAACmD,UAAAA,CAAAA;AAC1B,IAAA,CAAA,CAAA;AACJ;;;;;;;;"}
|
|
@@ -43,11 +43,15 @@ const { isVisibleAttribute } = contentTypes;
|
|
|
43
43
|
* @param {ContentTypesSection} section
|
|
44
44
|
*/ const contentTypesBase = ({ action, section })=>{
|
|
45
45
|
const { displayName, actionId, subjects, options } = action;
|
|
46
|
+
// Strip non-displayed content types so they don't appear as configurable subjects
|
|
47
|
+
// in the roles UI (e.g. plugin::users-permissions.role).
|
|
48
|
+
const allContentTypes = strapi.contentTypes;
|
|
49
|
+
const filteredSubjects = subjects?.filter((uid)=>allContentTypes[uid]?.pluginOptions?.['content-manager']?.visible !== false);
|
|
46
50
|
section.actions.push({
|
|
47
51
|
// @ts-expect-error - label should be displayName, TODO: Investigate at which point the label property
|
|
48
52
|
label: displayName,
|
|
49
53
|
actionId,
|
|
50
|
-
subjects,
|
|
54
|
+
subjects: filteredSubjects,
|
|
51
55
|
...getValidOptions(options)
|
|
52
56
|
});
|
|
53
57
|
};
|
|
@@ -62,7 +66,10 @@ const { isVisibleAttribute } = contentTypes;
|
|
|
62
66
|
const newSubjects = subjects// Ignore already added subjects
|
|
63
67
|
.filter(isNotInSubjects(contentTypesSection.subjects))// Transform UIDs into content-types
|
|
64
68
|
.map(resolveContentType)// Only keep specific kind of content-types
|
|
65
|
-
.filter(isOfKind(kind))//
|
|
69
|
+
.filter(isOfKind(kind))// Exclude content types hidden from the content manager (e.g. plugin::users-permissions.role).
|
|
70
|
+
// Those types are valid explorer.read subjects so that super admin can read relation targets,
|
|
71
|
+
// but they should not appear as configurable permissions in the roles UI.
|
|
72
|
+
.filter((ct)=>ct?.pluginOptions?.['content-manager']?.visible !== false)// Transform the content-types into section's subjects
|
|
66
73
|
.map(toSubjectTemplate);
|
|
67
74
|
contentTypesSection.subjects.push(...newSubjects);
|
|
68
75
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"handlers.mjs","sources":["../../../../../../../server/src/services/permission/sections-builder/handlers.ts"],"sourcesContent":["import type { Internal } from '@strapi/types';\nimport { contentTypes } from '@strapi/utils';\nimport {\n toSubjectTemplate,\n getValidOptions,\n hasProperty,\n isNotInSubjects,\n resolveContentType,\n isOfKind,\n} from './utils';\nimport type { Action } from '../../../domain/action';\n\nconst { isVisibleAttribute } = contentTypes;\n\nexport type ContentTypesSection = {\n actions: Action[];\n subjects: any[];\n};\n\nexport type ActionArraySection = Action[];\n\n/**\n * Transforms & adds the given setting action to the section\n * Note: The action is transformed to a setting specific format\n * @param options\n * @param options.action\n * @param section\n */\nconst settings = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { category, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n category,\n subCategory,\n // TODO: Investigate at which point the action property is transformed to actionId\n // @ts-expect-error - action should be actionID\n action: actionId,\n });\n};\n\n/**\n * Transforms & adds the given plugin action to the section\n * Note: The action is transformed to a plugin specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ActionArraySection} section\n */\nconst plugins = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { pluginName, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n // @ts-expect-error - plugin should be pluginName, TODO: Investigate at which point the plugin property\n plugin: pluginName,\n subCategory,\n action: actionId,\n });\n};\n\n/**\n * Transforms & adds the given action to the section's actions field\n * Note: The action is transformed to a content-type specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ContentTypesSection} section\n */\nconst contentTypesBase = ({\n action,\n section,\n}: {\n action: Action;\n section: ContentTypesSection;\n}) => {\n const { displayName, actionId, subjects, options } = action;\n\n section.actions.push({\n // @ts-expect-error - label should be displayName, TODO: Investigate at which point the label property\n label: displayName,\n actionId,\n subjects,\n ...getValidOptions(options),\n });\n};\n\n/**\n * Initialize the subjects array of a section based on the action's subjects\n */\nconst subjectsHandlerFor =\n (kind: string) =>\n ({ action, section: contentTypesSection }: { action: Action; section: ContentTypesSection }) => {\n // TODO: add a type guard for UID.ContentType\n const subjects = action.subjects as Internal.UID.ContentType[];\n\n if (!subjects?.length) {\n return;\n }\n\n const newSubjects = subjects\n // Ignore already added subjects\n .filter(isNotInSubjects(contentTypesSection.subjects))\n // Transform UIDs into content-types\n .map(resolveContentType)\n // Only keep specific kind of content-types\n .filter(isOfKind(kind))\n // Transform the content-types into section's subjects\n .map(toSubjectTemplate);\n\n contentTypesSection.subjects.push(...newSubjects);\n };\n\nconst buildNode = (model: any, attributeName: string, attribute: any) => {\n if (!isVisibleAttribute(model, attributeName)) {\n return null;\n }\n\n const node = { label: attributeName, value: attributeName };\n\n if (attribute.required) {\n Object.assign(node, { required: true });\n }\n\n if (attribute.type === 'component') {\n const component = strapi.components[attribute.component];\n return { ...node, children: buildDeepAttributesCollection(component) };\n }\n\n return node;\n};\n\nconst buildDeepAttributesCollection = (model: any): unknown => {\n return Object.entries(model.attributes)\n .map(([attributeName, attribute]) => buildNode(model, attributeName, attribute))\n .filter((node) => node !== null);\n};\n\n/**\n * Create and populate the fields property for section's subjects based on the action's subjects list\n */\nconst fieldsProperty = ({ action, section }: { action: Action; section: ContentTypesSection }) => {\n const { subjects } = action;\n\n section.subjects\n .filter((subject) => subjects?.includes(subject.uid))\n .forEach((subject) => {\n const { uid } = subject;\n const contentType = resolveContentType(uid);\n\n if (hasProperty('fields', subject)) {\n return;\n }\n\n const fields = buildDeepAttributesCollection(contentType);\n const fieldsProp = { label: 'Fields', value: 'fields', children: fields };\n\n subject.properties.push(fieldsProp);\n });\n};\n\nexport { plugins, settings, subjectsHandlerFor, contentTypesBase, fieldsProperty };\n"],"names":["isVisibleAttribute","contentTypes","settings","action","section","category","subCategory","displayName","actionId","push","plugins","pluginName","plugin","contentTypesBase","subjects","options","actions","label","getValidOptions","subjectsHandlerFor","kind","contentTypesSection","length","newSubjects","
|
|
1
|
+
{"version":3,"file":"handlers.mjs","sources":["../../../../../../../server/src/services/permission/sections-builder/handlers.ts"],"sourcesContent":["import type { Internal } from '@strapi/types';\nimport { contentTypes } from '@strapi/utils';\nimport {\n toSubjectTemplate,\n getValidOptions,\n hasProperty,\n isNotInSubjects,\n resolveContentType,\n isOfKind,\n} from './utils';\nimport type { Action } from '../../../domain/action';\n\nconst { isVisibleAttribute } = contentTypes;\n\nexport type ContentTypesSection = {\n actions: Action[];\n subjects: any[];\n};\n\nexport type ActionArraySection = Action[];\n\n/**\n * Transforms & adds the given setting action to the section\n * Note: The action is transformed to a setting specific format\n * @param options\n * @param options.action\n * @param section\n */\nconst settings = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { category, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n category,\n subCategory,\n // TODO: Investigate at which point the action property is transformed to actionId\n // @ts-expect-error - action should be actionID\n action: actionId,\n });\n};\n\n/**\n * Transforms & adds the given plugin action to the section\n * Note: The action is transformed to a plugin specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ActionArraySection} section\n */\nconst plugins = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { pluginName, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n // @ts-expect-error - plugin should be pluginName, TODO: Investigate at which point the plugin property\n plugin: pluginName,\n subCategory,\n action: actionId,\n });\n};\n\n/**\n * Transforms & adds the given action to the section's actions field\n * Note: The action is transformed to a content-type specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ContentTypesSection} section\n */\nconst contentTypesBase = ({\n action,\n section,\n}: {\n action: Action;\n section: ContentTypesSection;\n}) => {\n const { displayName, actionId, subjects, options } = action;\n\n // Strip non-displayed content types so they don't appear as configurable subjects\n // in the roles UI (e.g. plugin::users-permissions.role).\n const allContentTypes = strapi.contentTypes as Record<string, any>;\n const filteredSubjects = subjects?.filter(\n (uid) =>\n (\n allContentTypes[uid as string]?.pluginOptions?.['content-manager'] as\n | { visible?: boolean }\n | undefined\n )?.visible !== false\n );\n\n section.actions.push({\n // @ts-expect-error - label should be displayName, TODO: Investigate at which point the label property\n label: displayName,\n actionId,\n subjects: filteredSubjects,\n ...getValidOptions(options),\n });\n};\n\n/**\n * Initialize the subjects array of a section based on the action's subjects\n */\nconst subjectsHandlerFor =\n (kind: string) =>\n ({ action, section: contentTypesSection }: { action: Action; section: ContentTypesSection }) => {\n // TODO: add a type guard for UID.ContentType\n const subjects = action.subjects as Internal.UID.ContentType[];\n\n if (!subjects?.length) {\n return;\n }\n\n const newSubjects = subjects\n // Ignore already added subjects\n .filter(isNotInSubjects(contentTypesSection.subjects))\n // Transform UIDs into content-types\n .map(resolveContentType)\n // Only keep specific kind of content-types\n .filter(isOfKind(kind))\n // Exclude content types hidden from the content manager (e.g. plugin::users-permissions.role).\n // Those types are valid explorer.read subjects so that super admin can read relation targets,\n // but they should not appear as configurable permissions in the roles UI.\n .filter(\n (ct) =>\n (ct?.pluginOptions?.['content-manager'] as { visible?: boolean } | undefined)?.visible !==\n false\n )\n // Transform the content-types into section's subjects\n .map(toSubjectTemplate);\n\n contentTypesSection.subjects.push(...newSubjects);\n };\n\nconst buildNode = (model: any, attributeName: string, attribute: any) => {\n if (!isVisibleAttribute(model, attributeName)) {\n return null;\n }\n\n const node = { label: attributeName, value: attributeName };\n\n if (attribute.required) {\n Object.assign(node, { required: true });\n }\n\n if (attribute.type === 'component') {\n const component = strapi.components[attribute.component];\n return { ...node, children: buildDeepAttributesCollection(component) };\n }\n\n return node;\n};\n\nconst buildDeepAttributesCollection = (model: any): unknown => {\n return Object.entries(model.attributes)\n .map(([attributeName, attribute]) => buildNode(model, attributeName, attribute))\n .filter((node) => node !== null);\n};\n\n/**\n * Create and populate the fields property for section's subjects based on the action's subjects list\n */\nconst fieldsProperty = ({ action, section }: { action: Action; section: ContentTypesSection }) => {\n const { subjects } = action;\n\n section.subjects\n .filter((subject) => subjects?.includes(subject.uid))\n .forEach((subject) => {\n const { uid } = subject;\n const contentType = resolveContentType(uid);\n\n if (hasProperty('fields', subject)) {\n return;\n }\n\n const fields = buildDeepAttributesCollection(contentType);\n const fieldsProp = { label: 'Fields', value: 'fields', children: fields };\n\n subject.properties.push(fieldsProp);\n });\n};\n\nexport { plugins, settings, subjectsHandlerFor, contentTypesBase, fieldsProperty };\n"],"names":["isVisibleAttribute","contentTypes","settings","action","section","category","subCategory","displayName","actionId","push","plugins","pluginName","plugin","contentTypesBase","subjects","options","allContentTypes","strapi","filteredSubjects","filter","uid","pluginOptions","visible","actions","label","getValidOptions","subjectsHandlerFor","kind","contentTypesSection","length","newSubjects","isNotInSubjects","map","resolveContentType","isOfKind","ct","toSubjectTemplate","buildNode","model","attributeName","attribute","node","value","required","Object","assign","type","component","components","children","buildDeepAttributesCollection","entries","attributes","fieldsProperty","subject","includes","forEach","contentType","hasProperty","fields","fieldsProp","properties"],"mappings":";;;AAYA,MAAM,EAAEA,kBAAkB,EAAE,GAAGC,YAAAA;AAS/B;;;;;;AAMC,UACKC,QAAAA,GAAW,CAAC,EAAEC,MAAM,EAAEC,OAAO,EAAmD,GAAA;IACpF,MAAM,EAAEC,QAAQ,EAAEC,WAAW,EAAEC,WAAW,EAAEC,QAAQ,EAAE,GAAGL,MAAAA;AAEzDC,IAAAA,OAAAA,CAAQK,IAAI,CAAC;AACXF,QAAAA,WAAAA;AACAF,QAAAA,QAAAA;AACAC,QAAAA,WAAAA;;;QAGAH,MAAAA,EAAQK;AACV,KAAA,CAAA;AACF;AAEA;;;;;;AAMC,UACKE,OAAAA,GAAU,CAAC,EAAEP,MAAM,EAAEC,OAAO,EAAmD,GAAA;IACnF,MAAM,EAAEO,UAAU,EAAEL,WAAW,EAAEC,WAAW,EAAEC,QAAQ,EAAE,GAAGL,MAAAA;AAE3DC,IAAAA,OAAAA,CAAQK,IAAI,CAAC;AACXF,QAAAA,WAAAA;;QAEAK,MAAAA,EAAQD,UAAAA;AACRL,QAAAA,WAAAA;QACAH,MAAAA,EAAQK;AACV,KAAA,CAAA;AACF;AAEA;;;;;;AAMC,UACKK,gBAAAA,GAAmB,CAAC,EACxBV,MAAM,EACNC,OAAO,EAIR,GAAA;IACC,MAAM,EAAEG,WAAW,EAAEC,QAAQ,EAAEM,QAAQ,EAAEC,OAAO,EAAE,GAAGZ,MAAAA;;;IAIrD,MAAMa,eAAAA,GAAkBC,OAAOhB,YAAY;AAC3C,IAAA,MAAMiB,gBAAAA,GAAmBJ,QAAAA,EAAUK,MAAAA,CACjC,CAACC,MACC,eACiB,CAACA,GAAAA,CAAc,EAAEC,aAAAA,GAAgB,iBAAA,CAAkB,EAGjEC,OAAAA,KAAY,KAAA,CAAA;IAGnBlB,OAAAA,CAAQmB,OAAO,CAACd,IAAI,CAAC;;QAEnBe,KAAAA,EAAOjB,WAAAA;AACPC,QAAAA,QAAAA;QACAM,QAAAA,EAAUI,gBAAAA;AACV,QAAA,GAAGO,gBAAgBV,OAAAA;AACrB,KAAA,CAAA;AACF;AAEA;;IAGA,MAAMW,kBAAAA,GACJ,CAACC,IAAAA,GACD,CAAC,EAAExB,MAAM,EAAEC,OAAAA,EAASwB,mBAAmB,EAAoD,GAAA;;QAEzF,MAAMd,QAAAA,GAAWX,OAAOW,QAAQ;QAEhC,IAAI,CAACA,UAAUe,MAAAA,EAAQ;AACrB,YAAA;AACF,QAAA;QAEA,MAAMC,WAAAA,GAAchB,QAClB;AACCK,SAAAA,MAAM,CAACY,eAAAA,CAAgBH,mBAAAA,CAAoBd,QAAQ,EACpD;SACCkB,GAAG,CAACC,mBACL;SACCd,MAAM,CAACe,QAAAA,CAASP,IAAAA,CAAAA,CACjB;;;SAGCR,MAAM,CACL,CAACgB,EAAAA,GACC,EAACA,EAAId,aAAAA,GAAgB,iBAAA,CAAkB,EAAwCC,OAAAA,KAC/E,KAAA,CAEJ;AACCU,SAAAA,GAAG,CAACI,iBAAAA,CAAAA;QAEPR,mBAAAA,CAAoBd,QAAQ,CAACL,IAAI,CAAA,GAAIqB,WAAAA,CAAAA;AACvC,IAAA;AAEF,MAAMO,SAAAA,GAAY,CAACC,KAAAA,EAAYC,aAAAA,EAAuBC,SAAAA,GAAAA;IACpD,IAAI,CAACxC,kBAAAA,CAAmBsC,KAAAA,EAAOC,aAAAA,CAAAA,EAAgB;QAC7C,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,MAAME,IAAAA,GAAO;QAAEjB,KAAAA,EAAOe,aAAAA;QAAeG,KAAAA,EAAOH;AAAc,KAAA;IAE1D,IAAIC,SAAAA,CAAUG,QAAQ,EAAE;QACtBC,MAAAA,CAAOC,MAAM,CAACJ,IAAAA,EAAM;YAAEE,QAAAA,EAAU;AAAK,SAAA,CAAA;AACvC,IAAA;IAEA,IAAIH,SAAAA,CAAUM,IAAI,KAAK,WAAA,EAAa;AAClC,QAAA,MAAMC,YAAY9B,MAAAA,CAAO+B,UAAU,CAACR,SAAAA,CAAUO,SAAS,CAAC;QACxD,OAAO;AAAE,YAAA,GAAGN,IAAI;AAAEQ,YAAAA,QAAAA,EAAUC,6BAAAA,CAA8BH,SAAAA;AAAW,SAAA;AACvE,IAAA;IAEA,OAAON,IAAAA;AACT,CAAA;AAEA,MAAMS,gCAAgC,CAACZ,KAAAA,GAAAA;IACrC,OAAOM,MAAAA,CAAOO,OAAO,CAACb,KAAAA,CAAMc,UAAU,CAAA,CACnCpB,GAAG,CAAC,CAAC,CAACO,eAAeC,SAAAA,CAAU,GAAKH,UAAUC,KAAAA,EAAOC,aAAAA,EAAeC,YACpErB,MAAM,CAAC,CAACsB,IAAAA,GAASA,IAAAA,KAAS,IAAA,CAAA;AAC/B,CAAA;AAEA;;AAEC,UACKY,cAAAA,GAAiB,CAAC,EAAElD,MAAM,EAAEC,OAAO,EAAoD,GAAA;IAC3F,MAAM,EAAEU,QAAQ,EAAE,GAAGX,MAAAA;AAErBC,IAAAA,OAAAA,CAAQU,QAAQ,CACbK,MAAM,CAAC,CAACmC,OAAAA,GAAYxC,QAAAA,EAAUyC,QAAAA,CAASD,OAAAA,CAAQlC,GAAG,CAAA,CAAA,CAClDoC,OAAO,CAAC,CAACF,OAAAA,GAAAA;QACR,MAAM,EAAElC,GAAG,EAAE,GAAGkC,OAAAA;AAChB,QAAA,MAAMG,cAAcxB,kBAAAA,CAAmBb,GAAAA,CAAAA;QAEvC,IAAIsC,WAAAA,CAAY,UAAUJ,OAAAA,CAAAA,EAAU;AAClC,YAAA;AACF,QAAA;AAEA,QAAA,MAAMK,SAAST,6BAAAA,CAA8BO,WAAAA,CAAAA;AAC7C,QAAA,MAAMG,UAAAA,GAAa;YAAEpC,KAAAA,EAAO,QAAA;YAAUkB,KAAAA,EAAO,QAAA;YAAUO,QAAAA,EAAUU;AAAO,SAAA;QAExEL,OAAAA,CAAQO,UAAU,CAACpD,IAAI,CAACmD,UAAAA,CAAAA;AAC1B,IAAA,CAAA,CAAA;AACJ;;;;"}
|
|
@@ -17,7 +17,8 @@ const { SUPER_ADMIN_CODE, CONTENT_TYPE_SECTION } = constants$1;
|
|
|
17
17
|
const { createAsyncSeriesWaterfallHook } = utils.hooks;
|
|
18
18
|
const { ApplicationError } = utils.errors;
|
|
19
19
|
const hooks = {
|
|
20
|
-
willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook()
|
|
20
|
+
willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook(),
|
|
21
|
+
willValidateUpdatePermissions: createAsyncSeriesWaterfallHook()
|
|
21
22
|
};
|
|
22
23
|
const ACTIONS = {
|
|
23
24
|
publish: 'plugin::content-manager.explorer.publish'
|
|
@@ -236,9 +237,13 @@ const jsonClean = (data)=>JSON.parse(JSON.stringify(data));
|
|
|
236
237
|
description: 'Authors can manage the content they have created.'
|
|
237
238
|
});
|
|
238
239
|
// create content-type permissions for each role
|
|
240
|
+
// Exclude non-displayed content types (e.g. plugin::users-permissions.role) from Editor/Author
|
|
241
|
+
// since those types are in explorer.read subjects only for super admin relation reads.
|
|
242
|
+
const nonDisplayedUids = Object.values(strapi.contentTypes).filter((ct)=>ct?.pluginOptions?.['content-manager']?.visible === false).map((ct)=>ct.uid);
|
|
239
243
|
const editorPermissions = index.getService('content-type').getPermissionsWithNestedFields(contentTypesActions, {
|
|
240
244
|
restrictedSubjects: [
|
|
241
|
-
'plugin::users-permissions.user'
|
|
245
|
+
'plugin::users-permissions.user',
|
|
246
|
+
...nonDisplayedUids
|
|
242
247
|
]
|
|
243
248
|
});
|
|
244
249
|
const authorPermissions = editorPermissions.filter(({ action })=>action !== ACTIONS.publish).map((permission)=>index$1.default.create({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"role.js","sources":["../../../../../server/src/services/role.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-explicit-any */ // TODO: TS - Use database parameters interface when they are ready\n/* eslint-disable @typescript-eslint/default-param-last */\nimport _ from 'lodash';\nimport { set, omit, pick, prop, isArray, differenceWith, differenceBy, isEqual } from 'lodash/fp';\n\nimport { dates, arrays, hooks as hooksUtils, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\n\nimport permissionDomain from '../domain/permission';\nimport type { AdminUser, AdminRole, Permission } from '../../../shared/contracts/shared';\nimport type { Action } from '../domain/action';\n\nimport { validatePermissionsExist } from '../validation/permission';\nimport roleConstants from './constants';\nimport { getService } from '../utils';\n\nconst { SUPER_ADMIN_CODE, CONTENT_TYPE_SECTION } = roleConstants;\n\nconst { createAsyncSeriesWaterfallHook } = hooksUtils;\nconst { ApplicationError } = errors;\n\nconst hooks = {\n willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook(),\n};\n\nconst ACTIONS = {\n publish: 'plugin::content-manager.explorer.publish',\n};\n\n// @ts-expect-error lodash types\nconst sanitizeRole: <T extends object>(obj: T) => Omit<T, 'users' | 'permissions'> = omit([\n 'users',\n 'permissions',\n] as const);\n\nexport type AdminRoleWithUsersCount = AdminRole & { usersCount: number };\n\nconst COMPARABLE_FIELDS = ['conditions', 'properties', 'subject', 'action', 'actionParameters'];\nconst pickComparableFields = pick(COMPARABLE_FIELDS);\n\nconst jsonClean = <T extends object>(data: T): T => JSON.parse(JSON.stringify(data));\n\n/**\n * Compare two permissions\n */\nconst arePermissionsEqual = (p1: Permission, p2: Permission): boolean => {\n if (p1.action === p2.action) {\n return isEqual(jsonClean(pickComparableFields(p1)), jsonClean(pickComparableFields(p2)));\n }\n\n return false;\n};\n\n/**\n * Create and save a role in database\n * @param attributes A partial role object\n */\nconst create = async (attributes: Partial<AdminRole>): Promise<AdminRole> => {\n const alreadyExists = await exists({ name: attributes.name });\n\n if (alreadyExists) {\n throw new ApplicationError(\n `The name must be unique and a role with name \\`${attributes.name}\\` already exists.`\n );\n }\n const autoGeneratedCode = `${_.kebabCase(attributes.name)}-${dates.timestampCode()}`;\n\n const rolesWithCode = {\n ...attributes,\n code: attributes.code || autoGeneratedCode,\n };\n\n const result = await strapi.db.query('admin::role').create({ data: rolesWithCode });\n strapi.eventHub.emit('role.create', { role: sanitizeRole(result) });\n\n return result;\n};\n\n/**\n * Find a role in database\n * @param params query params to find the role\n * @param populate\n */\nconst findOne = (params = {}, populate?: unknown): Promise<AdminRole> => {\n return strapi.db.query('admin::role').findOne({ where: params, populate });\n};\n\n/**\n * Find a role in database with usersCounts\n * @param params query params to find the role\n * @param populate\n */\nconst findOneWithUsersCount = async (\n params = {},\n populate?: unknown\n): Promise<AdminRoleWithUsersCount> => {\n const role = await strapi.db.query('admin::role').findOne({ where: params, populate });\n\n if (role) {\n role.usersCount = await getUsersCount(role.id);\n }\n\n return role;\n};\n\n/**\n * Find roles in database\n * @param params query params to find the roles\n * @param populate\n */\nconst find = (params = {}, populate: unknown): Promise<AdminRole[]> => {\n return strapi.db.query('admin::role').findMany({ where: params, populate });\n};\n\n/**\n * Find all roles in database\n */\nconst findAllWithUsersCount = async (params: any): Promise<AdminRoleWithUsersCount[]> => {\n const roles: AdminRoleWithUsersCount[] = await strapi.db\n .query('admin::role')\n .findMany(strapi.get('query-params').transform('admin::role', params));\n\n for (const role of roles) {\n role.usersCount = await getUsersCount(role.id);\n }\n\n return roles;\n};\n\n/**\n * Update a role in database\n * @param params query params to find the role to update\n * @param attributes A partial role object\n */\nconst update = async (params: any, attributes: Partial<AdminRole>): Promise<AdminRole> => {\n const sanitizedAttributes = _.omit(attributes, ['code']);\n\n if (_.has(params, 'id') && _.has(sanitizedAttributes, 'name')) {\n const alreadyExists = await exists({\n name: sanitizedAttributes.name,\n id: { $ne: params.id },\n });\n if (alreadyExists) {\n throw new ApplicationError(\n `The name must be unique and a role with name \\`${sanitizedAttributes.name}\\` already exists.`\n );\n }\n }\n\n const result = await strapi.db\n .query('admin::role')\n .update({ where: params, data: sanitizedAttributes });\n\n strapi.eventHub.emit('role.update', { role: sanitizeRole(result) });\n\n return result;\n};\n\n/**\n * Check if a role exists in database\n * @param params query params to find the role\n */\nconst exists = async (params = {} as unknown): Promise<boolean> => {\n const count = await strapi.db.query('admin::role').count({ where: params });\n return count > 0;\n};\n\n/**\n * Count the number of roles based on search params\n * @param params params used for the query\n */\nconst count = async (params = {} as any): Promise<number> => {\n return strapi.db.query('admin::role').count(params);\n};\n\n/**\n * Check if the given roles id can be deleted safely, throw otherwise\n * @param ids\n */\nconst checkRolesIdForDeletion = async (ids = [] as Data.ID[]) => {\n const superAdminRole = await getSuperAdmin();\n\n if (superAdminRole && arrays.includesString(ids, superAdminRole.id)) {\n throw new ApplicationError('You cannot delete the super admin role');\n }\n\n for (const roleId of ids) {\n const usersCount = await getUsersCount(roleId);\n if (usersCount !== 0) {\n throw new ApplicationError('Some roles are still assigned to some users');\n }\n }\n};\n\n/**\n * Delete roles in database if they have no user assigned\n * @param ids query params to find the roles\n */\nconst deleteByIds = async (ids = [] as Data.ID[]): Promise<AdminRole[]> => {\n await checkRolesIdForDeletion(ids);\n\n await getService('permission').deleteByRolesIds(ids);\n\n const deletedRoles: AdminRole[] = [];\n for (const id of ids) {\n const deletedRole = await strapi.db.query('admin::role').delete({ where: { id } });\n\n if (deletedRole) {\n strapi.eventHub.emit('role.delete', { role: deletedRole });\n deletedRoles.push(deletedRole);\n }\n }\n\n return deletedRoles;\n};\n\n/** Count the number of users for some roles\n */\nconst getUsersCount = async (roleId: Data.ID): Promise<number> => {\n return strapi.db.query('admin::user').count({ where: { roles: { id: roleId } } });\n};\n\n/** Returns admin role\n */\nconst getSuperAdmin = (): Promise<AdminRole | undefined> => findOne({ code: SUPER_ADMIN_CODE });\n\n/** Returns admin role with userCount\n * @returns {Promise<role>}\n */\nconst getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE });\n\n/** Create superAdmin, Author and Editor role is no role already exist\n */\nconst createRolesIfNoneExist = async () => {\n const someRolesExist = await exists();\n if (someRolesExist) {\n return;\n }\n\n const { actionProvider } = getService('permission');\n\n const allActions = actionProvider.values();\n const contentTypesActions = allActions.filter((a) => a.section === 'contentTypes');\n\n // create 3 roles\n const superAdminRole = await create({\n name: 'Super Admin',\n code: 'strapi-super-admin',\n description: 'Super Admins can access and manage all features and settings.',\n });\n\n await getService('user').assignARoleToAll(superAdminRole.id);\n\n const editorRole = await create({\n name: 'Editor',\n code: 'strapi-editor',\n description: 'Editors can manage and publish contents including those of other users.',\n });\n\n const authorRole = await create({\n name: 'Author',\n code: 'strapi-author',\n description: 'Authors can manage the content they have created.',\n });\n\n // create content-type permissions for each role\n const editorPermissions = getService('content-type').getPermissionsWithNestedFields(\n contentTypesActions,\n {\n restrictedSubjects: ['plugin::users-permissions.user'],\n }\n );\n\n const authorPermissions = editorPermissions\n .filter(({ action }: any) => action !== ACTIONS.publish)\n .map((permission: any) =>\n permissionDomain.create({ ...permission, conditions: ['admin::is-creator'] })\n );\n\n editorPermissions.push(...getDefaultPluginPermissions());\n authorPermissions.push(...getDefaultPluginPermissions({ isAuthor: true }));\n\n // assign permissions to roles\n await addPermissions(editorRole.id, editorPermissions);\n await addPermissions(authorRole.id, authorPermissions);\n};\n\nconst getDefaultPluginPermissions = ({ isAuthor = false } = {}) => {\n const conditions = isAuthor ? ['admin::is-creator'] : [];\n\n // add plugin permissions for each role\n return [\n { action: 'plugin::upload.read', conditions },\n { action: 'plugin::upload.configure-view' },\n { action: 'plugin::upload.assets.create' },\n { action: 'plugin::upload.assets.update', conditions },\n { action: 'plugin::upload.assets.download' },\n { action: 'plugin::upload.assets.copy-link' },\n ].map(permissionDomain.create);\n};\n\n/** Display a warning if the role superAdmin doesn't exist\n * or if the role is not assigned to at least one user\n */\nconst displayWarningIfNoSuperAdmin = async () => {\n const superAdminRole = await getSuperAdminWithUsersCount();\n const someUsersExists = await getService('user').exists();\n\n if (!superAdminRole) {\n strapi.log.warn(\"Your application doesn't have a super admin role.\");\n } else if (someUsersExists && superAdminRole.usersCount === 0) {\n strapi.log.warn(\"Your application doesn't have a super admin user.\");\n }\n};\n\n/**\n * Assign permissions to a role\n * @param roleId - role Data.ID\n * @param {Array<Permission{action,subject,fields,conditions}>} permissions - permissions to assign to the role\n */\nconst assignPermissions = async (\n roleId: Data.ID,\n permissions: Array<Pick<Permission, 'action' | 'subject' | 'conditions'>> = []\n) => {\n await validatePermissionsExist(permissions);\n\n // Internal actions are not handled by the role service, so any permission\n // with an internal action is filtered out\n const internalActions = getService('permission')\n .actionProvider.values()\n .filter((action) => action.section === 'internal')\n .map((action) => action.actionId);\n\n const superAdmin = await getService('role').getSuperAdmin();\n const isSuperAdmin = superAdmin && superAdmin.id === roleId;\n const assignRole = set('role', roleId);\n\n const permissionsWithRole = permissions\n // Add the role attribute to every permission\n .map(assignRole)\n // Transform each permission into a Permission instance\n // @ts-expect-error - lodash set doesn't resolve the type appropriately\n .map(permissionDomain.create);\n\n const existingPermissions = await getService('permission').findMany({\n where: { role: { id: roleId } },\n populate: ['role'],\n });\n\n const permissionsToAdd = differenceWith(\n arePermissionsEqual,\n permissionsWithRole,\n existingPermissions\n ).filter((permission: Permission) => !internalActions.includes(permission.action));\n\n const permissionsToDelete = differenceWith(\n arePermissionsEqual,\n existingPermissions,\n permissionsWithRole\n ).filter((permission: Permission) => !internalActions.includes(permission.action));\n\n const permissionsToReturn = differenceBy('id', permissionsToDelete, existingPermissions);\n\n if (permissionsToDelete.length > 0) {\n // @ts-expect-error - lodash prop doesn't resolve the type appropriately\n await getService('permission').deleteByIds(permissionsToDelete.map(prop('id')));\n }\n\n if (permissionsToAdd.length > 0) {\n const newPermissions = await addPermissions(roleId, permissionsToAdd);\n permissionsToReturn.push(...newPermissions);\n }\n\n if (!isSuperAdmin && (permissionsToAdd.length || permissionsToDelete.length)) {\n await getService('metrics').sendDidUpdateRolePermissions();\n }\n\n if (permissionsToAdd.length > 0 || permissionsToDelete.length > 0) {\n await getService('api-token-admin').syncPermissionsForRole(roleId);\n }\n\n return permissionsToReturn;\n};\n\nconst addPermissions = async (roleId: Data.ID, permissions: any) => {\n const { conditionProvider, createMany } = getService('permission');\n const { sanitizeConditions } = permissionDomain;\n\n const permissionsWithRole = permissions\n .map(set('role', roleId))\n // @ts-expect-error - refactor domain/permission Condition type, as it's now expecting\n // a string but it should be a Condition interface\n .map(sanitizeConditions(conditionProvider))\n .map(permissionDomain.create);\n\n return createMany(permissionsWithRole);\n};\n\nconst isContentTypeAction = (action: Action) => action.section === CONTENT_TYPE_SECTION;\n\n/**\n * Reset super admin permissions (giving it all permissions)\n */\nconst resetSuperAdminPermissions = async () => {\n const superAdminRole = await getService('role').getSuperAdmin();\n if (!superAdminRole) {\n return;\n }\n\n const permissionService = getService('permission');\n const contentTypeService = getService('content-type');\n\n const allActions = permissionService.actionProvider.values() as Action[];\n\n const contentTypesActions = allActions.filter((action) => isContentTypeAction(action));\n const otherActions = allActions.filter((action) => !isContentTypeAction(action));\n\n // First, get the content-types permissions\n const permissions = contentTypeService.getPermissionsWithNestedFields(\n contentTypesActions\n ) as Permission[];\n\n // Then add every other permission\n const otherPermissions = otherActions.reduce((acc, action) => {\n const { actionId, subjects } = action;\n\n if (isArray(subjects)) {\n acc.push(\n ...subjects.map((subject) => permissionDomain.create({ action: actionId, subject }))\n );\n } else {\n acc.push(permissionDomain.create({ action: actionId }));\n }\n\n return acc;\n }, [] as Permission[]);\n\n permissions.push(...otherPermissions);\n\n const transformedPermissions = (await hooks.willResetSuperAdminPermissions.call(\n permissions\n )) as Permission[];\n\n await assignPermissions(superAdminRole.id, transformedPermissions);\n};\n\n/**\n * Check if a user object includes the super admin role\n */\nconst hasSuperAdminRole = (user: AdminUser): boolean => {\n const roles = _.get(user, 'roles', []) as AdminRole[];\n\n return roles.map(prop('code')).includes(SUPER_ADMIN_CODE);\n};\n\nconst constants = {\n superAdminCode: SUPER_ADMIN_CODE,\n};\n\nexport default {\n hooks,\n sanitizeRole,\n create,\n findOne,\n findOneWithUsersCount,\n find,\n findAllWithUsersCount,\n update,\n exists,\n count,\n deleteByIds,\n getUsersCount,\n getSuperAdmin,\n getSuperAdminWithUsersCount,\n createRolesIfNoneExist,\n displayWarningIfNoSuperAdmin,\n addPermissions,\n hasSuperAdminRole,\n assignPermissions,\n resetSuperAdminPermissions,\n checkRolesIdForDeletion,\n constants,\n};\n"],"names":["SUPER_ADMIN_CODE","CONTENT_TYPE_SECTION","roleConstants","createAsyncSeriesWaterfallHook","hooksUtils","ApplicationError","errors","hooks","willResetSuperAdminPermissions","ACTIONS","publish","sanitizeRole","omit","COMPARABLE_FIELDS","pickComparableFields","pick","jsonClean","data","JSON","parse","stringify","arePermissionsEqual","p1","p2","action","isEqual","create","attributes","alreadyExists","exists","name","autoGeneratedCode","_","kebabCase","dates","timestampCode","rolesWithCode","code","result","strapi","db","query","eventHub","emit","role","findOne","params","populate","where","findOneWithUsersCount","usersCount","getUsersCount","id","find","findMany","findAllWithUsersCount","roles","get","transform","update","sanitizedAttributes","has","$ne","count","checkRolesIdForDeletion","ids","superAdminRole","getSuperAdmin","arrays","includesString","roleId","deleteByIds","getService","deleteByRolesIds","deletedRoles","deletedRole","delete","push","getSuperAdminWithUsersCount","createRolesIfNoneExist","someRolesExist","actionProvider","allActions","values","contentTypesActions","filter","a","section","description","assignARoleToAll","editorRole","authorRole","editorPermissions","getPermissionsWithNestedFields","restrictedSubjects","authorPermissions","map","permission","permissionDomain","conditions","getDefaultPluginPermissions","isAuthor","addPermissions","displayWarningIfNoSuperAdmin","someUsersExists","log","warn","assignPermissions","permissions","validatePermissionsExist","internalActions","actionId","superAdmin","isSuperAdmin","assignRole","set","permissionsWithRole","existingPermissions","permissionsToAdd","differenceWith","includes","permissionsToDelete","permissionsToReturn","differenceBy","length","prop","newPermissions","sendDidUpdateRolePermissions","syncPermissionsForRole","conditionProvider","createMany","sanitizeConditions","isContentTypeAction","resetSuperAdminPermissions","permissionService","contentTypeService","otherActions","otherPermissions","reduce","acc","subjects","isArray","subject","transformedPermissions","call","hasSuperAdminRole","user","constants","superAdminCode"],"mappings":";;;;;;;;;;;;;;AAAA;AAgBA,MAAM,EAAEA,gBAAgB,EAAEC,oBAAoB,EAAE,GAAGC,WAAAA;AAEnD,MAAM,EAAEC,8BAA8B,EAAE,GAAGC,WAAAA;AAC3C,MAAM,EAAEC,gBAAgB,EAAE,GAAGC,YAAAA;AAE7B,MAAMC,KAAAA,GAAQ;IACZC,8BAAAA,EAAgCL,8BAAAA;AAClC,CAAA;AAEA,MAAMM,OAAAA,GAAU;IACdC,OAAAA,EAAS;AACX,CAAA;AAEA;AACA,MAAMC,eAA+EC,OAAAA,CAAK;AACxF,IAAA,OAAA;AACA,IAAA;AACD,CAAA,CAAA;AAID,MAAMC,iBAAAA,GAAoB;AAAC,IAAA,YAAA;AAAc,IAAA,YAAA;AAAc,IAAA,SAAA;AAAW,IAAA,QAAA;AAAU,IAAA;AAAmB,CAAA;AAC/F,MAAMC,uBAAuBC,OAAAA,CAAKF,iBAAAA,CAAAA;AAElC,MAAMG,SAAAA,GAAY,CAAmBC,IAAAA,GAAeC,IAAAA,CAAKC,KAAK,CAACD,IAAAA,CAAKE,SAAS,CAACH,IAAAA,CAAAA,CAAAA;AAE9E;;IAGA,MAAMI,mBAAAA,GAAsB,CAACC,EAAAA,EAAgBC,EAAAA,GAAAA;AAC3C,IAAA,IAAID,EAAAA,CAAGE,MAAM,KAAKD,EAAAA,CAAGC,MAAM,EAAE;AAC3B,QAAA,OAAOC,UAAAA,CAAQT,SAAAA,CAAUF,oBAAAA,CAAqBQ,EAAAA,CAAAA,CAAAA,EAAMN,UAAUF,oBAAAA,CAAqBS,EAAAA,CAAAA,CAAAA,CAAAA;AACrF,IAAA;IAEA,OAAO,KAAA;AACT,CAAA;AAEA;;;IAIA,MAAMG,SAAS,OAAOC,UAAAA,GAAAA;IACpB,MAAMC,aAAAA,GAAgB,MAAMC,MAAAA,CAAO;AAAEC,QAAAA,IAAAA,EAAMH,WAAWG;AAAK,KAAA,CAAA;AAE3D,IAAA,IAAIF,aAAAA,EAAe;QACjB,MAAM,IAAIvB,iBACR,CAAC,+CAA+C,EAAEsB,UAAAA,CAAWG,IAAI,CAAC,kBAAkB,CAAC,CAAA;AAEzF,IAAA;AACA,IAAA,MAAMC,iBAAAA,GAAoB,CAAA,EAAGC,kBAAAA,CAAEC,SAAS,CAACN,UAAAA,CAAWG,IAAI,CAAA,CAAE,CAAC,EAAEI,WAAAA,CAAMC,aAAa,EAAA,CAAA,CAAI;AAEpF,IAAA,MAAMC,aAAAA,GAAgB;AACpB,QAAA,GAAGT,UAAU;QACbU,IAAAA,EAAMV,UAAAA,CAAWU,IAAI,IAAIN;AAC3B,KAAA;IAEA,MAAMO,MAAAA,GAAS,MAAMC,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAef,MAAM,CAAC;QAAET,IAAAA,EAAMmB;AAAc,KAAA,CAAA;AACjFG,IAAAA,MAAAA,CAAOG,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEC,QAAAA,IAAAA,EAAMjC,YAAAA,CAAa2B,MAAAA;AAAQ,KAAA,CAAA;IAEjE,OAAOA,MAAAA;AACT,CAAA;AAEA;;;;AAIC,IACD,MAAMO,OAAAA,GAAU,CAACC,MAAAA,GAAS,EAAE,EAAEC,QAAAA,GAAAA;AAC5B,IAAA,OAAOR,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeI,OAAO,CAAC;QAAEG,KAAAA,EAAOF,MAAAA;AAAQC,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;AAIC,IACD,MAAME,qBAAAA,GAAwB,OAC5BH,MAAAA,GAAS,EAAE,EACXC,QAAAA,GAAAA;IAEA,MAAMH,IAAAA,GAAO,MAAML,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeI,OAAO,CAAC;QAAEG,KAAAA,EAAOF,MAAAA;AAAQC,QAAAA;AAAS,KAAA,CAAA;AAEpF,IAAA,IAAIH,IAAAA,EAAM;AACRA,QAAAA,IAAAA,CAAKM,UAAU,GAAG,MAAMC,aAAAA,CAAcP,KAAKQ,EAAE,CAAA;AAC/C,IAAA;IAEA,OAAOR,IAAAA;AACT,CAAA;AAEA;;;;AAIC,IACD,MAAMS,IAAAA,GAAO,CAACP,MAAAA,GAAS,EAAE,EAAEC,QAAAA,GAAAA;AACzB,IAAA,OAAOR,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAea,QAAQ,CAAC;QAAEN,KAAAA,EAAOF,MAAAA;AAAQC,QAAAA;AAAS,KAAA,CAAA;AAC3E,CAAA;AAEA;;IAGA,MAAMQ,wBAAwB,OAAOT,MAAAA,GAAAA;AACnC,IAAA,MAAMU,QAAmC,MAAMjB,MAAAA,CAAOC,EAAE,CACrDC,KAAK,CAAC,aAAA,CAAA,CACNa,QAAQ,CAACf,OAAOkB,GAAG,CAAC,cAAA,CAAA,CAAgBC,SAAS,CAAC,aAAA,EAAeZ,MAAAA,CAAAA,CAAAA;IAEhE,KAAK,MAAMF,QAAQY,KAAAA,CAAO;AACxBZ,QAAAA,IAAAA,CAAKM,UAAU,GAAG,MAAMC,aAAAA,CAAcP,KAAKQ,EAAE,CAAA;AAC/C,IAAA;IAEA,OAAOI,KAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,MAAAA,GAAS,OAAOb,MAAAA,EAAanB,UAAAA,GAAAA;AACjC,IAAA,MAAMiC,mBAAAA,GAAsB5B,kBAAAA,CAAEpB,IAAI,CAACe,UAAAA,EAAY;AAAC,QAAA;AAAO,KAAA,CAAA;IAEvD,IAAIK,kBAAAA,CAAE6B,GAAG,CAACf,MAAAA,EAAQ,SAASd,kBAAAA,CAAE6B,GAAG,CAACD,mBAAAA,EAAqB,MAAA,CAAA,EAAS;QAC7D,MAAMhC,aAAAA,GAAgB,MAAMC,MAAAA,CAAO;AACjCC,YAAAA,IAAAA,EAAM8B,oBAAoB9B,IAAI;YAC9BsB,EAAAA,EAAI;AAAEU,gBAAAA,GAAAA,EAAKhB,OAAOM;AAAG;AACvB,SAAA,CAAA;AACA,QAAA,IAAIxB,aAAAA,EAAe;YACjB,MAAM,IAAIvB,iBACR,CAAC,+CAA+C,EAAEuD,mBAAAA,CAAoB9B,IAAI,CAAC,kBAAkB,CAAC,CAAA;AAElG,QAAA;AACF,IAAA;IAEA,MAAMQ,MAAAA,GAAS,MAAMC,MAAAA,CAAOC,EAAE,CAC3BC,KAAK,CAAC,aAAA,CAAA,CACNkB,MAAM,CAAC;QAAEX,KAAAA,EAAOF,MAAAA;QAAQ7B,IAAAA,EAAM2C;AAAoB,KAAA,CAAA;AAErDrB,IAAAA,MAAAA,CAAOG,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEC,QAAAA,IAAAA,EAAMjC,YAAAA,CAAa2B,MAAAA;AAAQ,KAAA,CAAA;IAEjE,OAAOA,MAAAA;AACT,CAAA;AAEA;;;AAGC,IACD,MAAMT,MAAAA,GAAS,OAAOiB,MAAAA,GAAS,EAAa,GAAA;IAC1C,MAAMiB,KAAAA,GAAQ,MAAMxB,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,KAAK,CAAC;QAAEf,KAAAA,EAAOF;AAAO,KAAA,CAAA;AACzE,IAAA,OAAOiB,KAAAA,GAAQ,CAAA;AACjB,CAAA;AAEA;;;AAGC,IACD,MAAMA,KAAAA,GAAQ,OAAOjB,MAAAA,GAAS,EAAS,GAAA;AACrC,IAAA,OAAOP,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,KAAK,CAACjB,MAAAA,CAAAA;AAC9C,CAAA;AAEA;;;AAGC,IACD,MAAMkB,uBAAAA,GAA0B,OAAOC,GAAAA,GAAM,EAAE,GAAa;AAC1D,IAAA,MAAMC,iBAAiB,MAAMC,aAAAA,EAAAA;AAE7B,IAAA,IAAID,kBAAkBE,YAAAA,CAAOC,cAAc,CAACJ,GAAAA,EAAKC,cAAAA,CAAed,EAAE,CAAA,EAAG;AACnE,QAAA,MAAM,IAAI/C,gBAAAA,CAAiB,wCAAA,CAAA;AAC7B,IAAA;IAEA,KAAK,MAAMiE,UAAUL,GAAAA,CAAK;QACxB,MAAMf,UAAAA,GAAa,MAAMC,aAAAA,CAAcmB,MAAAA,CAAAA;AACvC,QAAA,IAAIpB,eAAe,CAAA,EAAG;AACpB,YAAA,MAAM,IAAI7C,gBAAAA,CAAiB,6CAAA,CAAA;AAC7B,QAAA;AACF,IAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAMkE,WAAAA,GAAc,OAAON,GAAAA,GAAM,EAAE,GAAa;AAC9C,IAAA,MAAMD,uBAAAA,CAAwBC,GAAAA,CAAAA;IAE9B,MAAMO,gBAAAA,CAAW,YAAA,CAAA,CAAcC,gBAAgB,CAACR,GAAAA,CAAAA;AAEhD,IAAA,MAAMS,eAA4B,EAAE;IACpC,KAAK,MAAMtB,MAAMa,GAAAA,CAAK;QACpB,MAAMU,WAAAA,GAAc,MAAMpC,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAemC,MAAM,CAAC;YAAE5B,KAAAA,EAAO;AAAEI,gBAAAA;AAAG;AAAE,SAAA,CAAA;AAEhF,QAAA,IAAIuB,WAAAA,EAAa;AACfpC,YAAAA,MAAAA,CAAOG,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;gBAAEC,IAAAA,EAAM+B;AAAY,aAAA,CAAA;AACxDD,YAAAA,YAAAA,CAAaG,IAAI,CAACF,WAAAA,CAAAA;AACpB,QAAA;AACF,IAAA;IAEA,OAAOD,YAAAA;AACT,CAAA;AAEA;IAEA,MAAMvB,gBAAgB,OAAOmB,MAAAA,GAAAA;AAC3B,IAAA,OAAO/B,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,KAAK,CAAC;QAAEf,KAAAA,EAAO;YAAEQ,KAAAA,EAAO;gBAAEJ,EAAAA,EAAIkB;AAAO;AAAE;AAAE,KAAA,CAAA;AACjF,CAAA;AAEA;IAEA,MAAMH,aAAAA,GAAgB,IAAsCtB,OAAAA,CAAQ;QAAER,IAAAA,EAAMrC;AAAiB,KAAA,CAAA;AAE7F;;IAGA,MAAM8E,2BAAAA,GAA8B,IAAM7B,qBAAAA,CAAsB;QAAEZ,IAAAA,EAAMrC;AAAiB,KAAA,CAAA;AAEzF;AACC,IACD,MAAM+E,sBAAAA,GAAyB,UAAA;AAC7B,IAAA,MAAMC,iBAAiB,MAAMnD,MAAAA,EAAAA;AAC7B,IAAA,IAAImD,cAAAA,EAAgB;AAClB,QAAA;AACF,IAAA;AAEA,IAAA,MAAM,EAAEC,cAAc,EAAE,GAAGT,gBAAAA,CAAW,YAAA,CAAA;IAEtC,MAAMU,UAAAA,GAAaD,eAAeE,MAAM,EAAA;IACxC,MAAMC,mBAAAA,GAAsBF,WAAWG,MAAM,CAAC,CAACC,CAAAA,GAAMA,CAAAA,CAAEC,OAAO,KAAK,cAAA,CAAA;;IAGnE,MAAMrB,cAAAA,GAAiB,MAAMxC,MAAAA,CAAO;QAClCI,IAAAA,EAAM,aAAA;QACNO,IAAAA,EAAM,oBAAA;QACNmD,WAAAA,EAAa;AACf,KAAA,CAAA;AAEA,IAAA,MAAMhB,gBAAAA,CAAW,MAAA,CAAA,CAAQiB,gBAAgB,CAACvB,eAAed,EAAE,CAAA;IAE3D,MAAMsC,UAAAA,GAAa,MAAMhE,MAAAA,CAAO;QAC9BI,IAAAA,EAAM,QAAA;QACNO,IAAAA,EAAM,eAAA;QACNmD,WAAAA,EAAa;AACf,KAAA,CAAA;IAEA,MAAMG,UAAAA,GAAa,MAAMjE,MAAAA,CAAO;QAC9BI,IAAAA,EAAM,QAAA;QACNO,IAAAA,EAAM,eAAA;QACNmD,WAAAA,EAAa;AACf,KAAA,CAAA;;AAGA,IAAA,MAAMI,iBAAAA,GAAoBpB,gBAAAA,CAAW,cAAA,CAAA,CAAgBqB,8BAA8B,CACjFT,mBAAAA,EACA;QACEU,kBAAAA,EAAoB;AAAC,YAAA;AAAiC;AACxD,KAAA,CAAA;AAGF,IAAA,MAAMC,oBAAoBH,iBAAAA,CACvBP,MAAM,CAAC,CAAC,EAAE7D,MAAM,EAAO,GAAKA,WAAWf,OAAAA,CAAQC,OAAO,EACtDsF,GAAG,CAAC,CAACC,UAAAA,GACJC,eAAAA,CAAiBxE,MAAM,CAAC;AAAE,YAAA,GAAGuE,UAAU;YAAEE,UAAAA,EAAY;AAAC,gBAAA;AAAoB;AAAC,SAAA,CAAA,CAAA;AAG/EP,IAAAA,iBAAAA,CAAkBf,IAAI,CAAA,GAAIuB,2BAAAA,EAAAA,CAAAA;IAC1BL,iBAAAA,CAAkBlB,IAAI,IAAIuB,2BAAAA,CAA4B;QAAEC,QAAAA,EAAU;AAAK,KAAA,CAAA,CAAA;;IAGvE,MAAMC,cAAAA,CAAeZ,UAAAA,CAAWtC,EAAE,EAAEwC,iBAAAA,CAAAA;IACpC,MAAMU,cAAAA,CAAeX,UAAAA,CAAWvC,EAAE,EAAE2C,iBAAAA,CAAAA;AACtC,CAAA;AAEA,MAAMK,2BAAAA,GAA8B,CAAC,EAAEC,QAAAA,GAAW,KAAK,EAAE,GAAG,EAAE,GAAA;AAC5D,IAAA,MAAMF,aAAaE,QAAAA,GAAW;AAAC,QAAA;AAAoB,KAAA,GAAG,EAAE;;IAGxD,OAAO;AACL,QAAA;YAAE7E,MAAAA,EAAQ,qBAAA;AAAuB2E,YAAAA;AAAW,SAAA;AAC5C,QAAA;YAAE3E,MAAAA,EAAQ;AAAgC,SAAA;AAC1C,QAAA;YAAEA,MAAAA,EAAQ;AAA+B,SAAA;AACzC,QAAA;YAAEA,MAAAA,EAAQ,8BAAA;AAAgC2E,YAAAA;AAAW,SAAA;AACrD,QAAA;YAAE3E,MAAAA,EAAQ;AAAiC,SAAA;AAC3C,QAAA;YAAEA,MAAAA,EAAQ;AAAkC;KAC7C,CAACwE,GAAG,CAACE,eAAAA,CAAiBxE,MAAM,CAAA;AAC/B,CAAA;AAEA;;AAEC,IACD,MAAM6E,4BAAAA,GAA+B,UAAA;AACnC,IAAA,MAAMrC,iBAAiB,MAAMY,2BAAAA,EAAAA;AAC7B,IAAA,MAAM0B,eAAAA,GAAkB,MAAMhC,gBAAAA,CAAW,MAAA,CAAA,CAAQ3C,MAAM,EAAA;AAEvD,IAAA,IAAI,CAACqC,cAAAA,EAAgB;QACnB3B,MAAAA,CAAOkE,GAAG,CAACC,IAAI,CAAC,mDAAA,CAAA;AAClB,IAAA,CAAA,MAAO,IAAIF,eAAAA,IAAmBtC,cAAAA,CAAehB,UAAU,KAAK,CAAA,EAAG;QAC7DX,MAAAA,CAAOkE,GAAG,CAACC,IAAI,CAAC,mDAAA,CAAA;AAClB,IAAA;AACF,CAAA;AAEA;;;;AAIC,IACD,MAAMC,iBAAAA,GAAoB,OACxBrC,MAAAA,EACAsC,cAA4E,EAAE,GAAA;AAE9E,IAAA,MAAMC,mCAAAA,CAAyBD,WAAAA,CAAAA;;;IAI/B,MAAME,eAAAA,GAAkBtC,iBAAW,YAAA,CAAA,CAChCS,cAAc,CAACE,MAAM,EAAA,CACrBE,MAAM,CAAC,CAAC7D,SAAWA,MAAAA,CAAO+D,OAAO,KAAK,UAAA,CAAA,CACtCS,GAAG,CAAC,CAACxE,MAAAA,GAAWA,OAAOuF,QAAQ,CAAA;AAElC,IAAA,MAAMC,UAAAA,GAAa,MAAMxC,gBAAAA,CAAW,MAAA,CAAA,CAAQL,aAAa,EAAA;AACzD,IAAA,MAAM8C,YAAAA,GAAeD,UAAAA,IAAcA,UAAAA,CAAW5D,EAAE,KAAKkB,MAAAA;IACrD,MAAM4C,UAAAA,GAAaC,OAAI,MAAA,EAAQ7C,MAAAA,CAAAA;IAE/B,MAAM8C,mBAAAA,GAAsBR,WAC1B;KACCZ,GAAG,CAACkB,WACL;;KAEClB,GAAG,CAACE,gBAAiBxE,MAAM,CAAA;AAE9B,IAAA,MAAM2F,mBAAAA,GAAsB,MAAM7C,gBAAAA,CAAW,YAAA,CAAA,CAAclB,QAAQ,CAAC;QAClEN,KAAAA,EAAO;YAAEJ,IAAAA,EAAM;gBAAEQ,EAAAA,EAAIkB;AAAO;AAAE,SAAA;QAC9BvB,QAAAA,EAAU;AAAC,YAAA;AAAO;AACpB,KAAA,CAAA;AAEA,IAAA,MAAMuE,gBAAAA,GAAmBC,iBAAAA,CACvBlG,mBAAAA,EACA+F,mBAAAA,EACAC,qBACAhC,MAAM,CAAC,CAACY,UAAAA,GAA2B,CAACa,eAAAA,CAAgBU,QAAQ,CAACvB,WAAWzE,MAAM,CAAA,CAAA;AAEhF,IAAA,MAAMiG,mBAAAA,GAAsBF,iBAAAA,CAC1BlG,mBAAAA,EACAgG,mBAAAA,EACAD,qBACA/B,MAAM,CAAC,CAACY,UAAAA,GAA2B,CAACa,eAAAA,CAAgBU,QAAQ,CAACvB,WAAWzE,MAAM,CAAA,CAAA;IAEhF,MAAMkG,mBAAAA,GAAsBC,eAAAA,CAAa,IAAA,EAAMF,mBAAAA,EAAqBJ,mBAAAA,CAAAA;IAEpE,IAAII,mBAAAA,CAAoBG,MAAM,GAAG,CAAA,EAAG;;AAElC,QAAA,MAAMpD,iBAAW,YAAA,CAAA,CAAcD,WAAW,CAACkD,mBAAAA,CAAoBzB,GAAG,CAAC6B,OAAAA,CAAK,IAAA,CAAA,CAAA,CAAA;AAC1E,IAAA;IAEA,IAAIP,gBAAAA,CAAiBM,MAAM,GAAG,CAAA,EAAG;QAC/B,MAAME,cAAAA,GAAiB,MAAMxB,cAAAA,CAAehC,MAAAA,EAAQgD,gBAAAA,CAAAA;AACpDI,QAAAA,mBAAAA,CAAoB7C,IAAI,CAAA,GAAIiD,cAAAA,CAAAA;AAC9B,IAAA;IAEA,IAAI,CAACb,iBAAiBK,gBAAAA,CAAiBM,MAAM,IAAIH,mBAAAA,CAAoBG,MAAK,CAAA,EAAI;QAC5E,MAAMpD,gBAAAA,CAAW,WAAWuD,4BAA4B,EAAA;AAC1D,IAAA;AAEA,IAAA,IAAIT,iBAAiBM,MAAM,GAAG,KAAKH,mBAAAA,CAAoBG,MAAM,GAAG,CAAA,EAAG;QACjE,MAAMpD,gBAAAA,CAAW,iBAAA,CAAA,CAAmBwD,sBAAsB,CAAC1D,MAAAA,CAAAA;AAC7D,IAAA;IAEA,OAAOoD,mBAAAA;AACT,CAAA;AAEA,MAAMpB,cAAAA,GAAiB,OAAOhC,MAAAA,EAAiBsC,WAAAA,GAAAA;AAC7C,IAAA,MAAM,EAAEqB,iBAAiB,EAAEC,UAAU,EAAE,GAAG1D,gBAAAA,CAAW,YAAA,CAAA;IACrD,MAAM,EAAE2D,kBAAkB,EAAE,GAAGjC,eAAAA;AAE/B,IAAA,MAAMkB,sBAAsBR,WAAAA,CACzBZ,GAAG,CAACmB,MAAAA,CAAI,MAAA,EAAQ7C,QACjB;;AAEC0B,KAAAA,GAAG,CAACmC,kBAAAA,CAAmBF,iBAAAA,CAAAA,CAAAA,CACvBjC,GAAG,CAACE,gBAAiBxE,MAAM,CAAA;AAE9B,IAAA,OAAOwG,UAAAA,CAAWd,mBAAAA,CAAAA;AACpB,CAAA;AAEA,MAAMgB,mBAAAA,GAAsB,CAAC5G,MAAAA,GAAmBA,MAAAA,CAAO+D,OAAO,KAAKtF,oBAAAA;AAEnE;;AAEC,IACD,MAAMoI,0BAAAA,GAA6B,UAAA;AACjC,IAAA,MAAMnE,cAAAA,GAAiB,MAAMM,gBAAAA,CAAW,MAAA,CAAA,CAAQL,aAAa,EAAA;AAC7D,IAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,QAAA;AACF,IAAA;AAEA,IAAA,MAAMoE,oBAAoB9D,gBAAAA,CAAW,YAAA,CAAA;AACrC,IAAA,MAAM+D,qBAAqB/D,gBAAAA,CAAW,cAAA,CAAA;AAEtC,IAAA,MAAMU,UAAAA,GAAaoD,iBAAAA,CAAkBrD,cAAc,CAACE,MAAM,EAAA;AAE1D,IAAA,MAAMC,sBAAsBF,UAAAA,CAAWG,MAAM,CAAC,CAAC7D,SAAW4G,mBAAAA,CAAoB5G,MAAAA,CAAAA,CAAAA;AAC9E,IAAA,MAAMgH,eAAetD,UAAAA,CAAWG,MAAM,CAAC,CAAC7D,MAAAA,GAAW,CAAC4G,mBAAAA,CAAoB5G,MAAAA,CAAAA,CAAAA;;IAGxE,MAAMoF,WAAAA,GAAc2B,kBAAAA,CAAmB1C,8BAA8B,CACnET,mBAAAA,CAAAA;;AAIF,IAAA,MAAMqD,gBAAAA,GAAmBD,YAAAA,CAAaE,MAAM,CAAC,CAACC,GAAAA,EAAKnH,MAAAA,GAAAA;AACjD,QAAA,MAAM,EAAEuF,QAAQ,EAAE6B,QAAQ,EAAE,GAAGpH,MAAAA;AAE/B,QAAA,IAAIqH,WAAQD,QAAAA,CAAAA,EAAW;YACrBD,GAAAA,CAAI9D,IAAI,IACH+D,QAAAA,CAAS5C,GAAG,CAAC,CAAC8C,OAAAA,GAAY5C,eAAAA,CAAiBxE,MAAM,CAAC;oBAAEF,MAAAA,EAAQuF,QAAAA;AAAU+B,oBAAAA;AAAQ,iBAAA,CAAA,CAAA,CAAA;QAErF,CAAA,MAAO;AACLH,YAAAA,GAAAA,CAAI9D,IAAI,CAACqB,eAAAA,CAAiBxE,MAAM,CAAC;gBAAEF,MAAAA,EAAQuF;AAAS,aAAA,CAAA,CAAA;AACtD,QAAA;QAEA,OAAO4B,GAAAA;AACT,IAAA,CAAA,EAAG,EAAE,CAAA;AAEL/B,IAAAA,WAAAA,CAAY/B,IAAI,CAAA,GAAI4D,gBAAAA,CAAAA;AAEpB,IAAA,MAAMM,yBAA0B,MAAMxI,KAAAA,CAAMC,8BAA8B,CAACwI,IAAI,CAC7EpC,WAAAA,CAAAA;IAGF,MAAMD,iBAAAA,CAAkBzC,cAAAA,CAAed,EAAE,EAAE2F,sBAAAA,CAAAA;AAC7C,CAAA;AAEA;;IAGA,MAAME,oBAAoB,CAACC,IAAAA,GAAAA;AACzB,IAAA,MAAM1F,QAAQxB,kBAAAA,CAAEyB,GAAG,CAACyF,IAAAA,EAAM,SAAS,EAAE,CAAA;AAErC,IAAA,OAAO1F,MAAMwC,GAAG,CAAC6B,OAAAA,CAAK,MAAA,CAAA,CAAA,CAASL,QAAQ,CAACxH,gBAAAA,CAAAA;AAC1C,CAAA;AAEA,MAAMmJ,SAAAA,GAAY;IAChBC,cAAAA,EAAgBpJ;AAClB,CAAA;AAEA,WAAe;AACbO,IAAAA,KAAAA;AACAI,IAAAA,YAAAA;AACAe,IAAAA,MAAAA;AACAmB,IAAAA,OAAAA;AACAI,IAAAA,qBAAAA;AACAI,IAAAA,IAAAA;AACAE,IAAAA,qBAAAA;AACAI,IAAAA,MAAAA;AACA9B,IAAAA,MAAAA;AACAkC,IAAAA,KAAAA;AACAQ,IAAAA,WAAAA;AACApB,IAAAA,aAAAA;AACAgB,IAAAA,aAAAA;AACAW,IAAAA,2BAAAA;AACAC,IAAAA,sBAAAA;AACAwB,IAAAA,4BAAAA;AACAD,IAAAA,cAAAA;AACA2C,IAAAA,iBAAAA;AACAtC,IAAAA,iBAAAA;AACA0B,IAAAA,0BAAAA;AACArE,IAAAA,uBAAAA;AACAmF,IAAAA;AACF,CAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"role.js","sources":["../../../../../server/src/services/role.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-explicit-any */ // TODO: TS - Use database parameters interface when they are ready\n/* eslint-disable @typescript-eslint/default-param-last */\nimport _ from 'lodash';\nimport { set, omit, pick, prop, isArray, differenceWith, differenceBy, isEqual } from 'lodash/fp';\n\nimport { dates, arrays, hooks as hooksUtils, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\n\nimport permissionDomain from '../domain/permission';\nimport type { AdminUser, AdminRole, Permission } from '../../../shared/contracts/shared';\nimport type { Action } from '../domain/action';\n\nimport { validatePermissionsExist } from '../validation/permission';\nimport roleConstants from './constants';\nimport { getService } from '../utils';\n\nconst { SUPER_ADMIN_CODE, CONTENT_TYPE_SECTION } = roleConstants;\n\nconst { createAsyncSeriesWaterfallHook } = hooksUtils;\nconst { ApplicationError } = errors;\n\nconst hooks = {\n willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook(),\n willValidateUpdatePermissions: createAsyncSeriesWaterfallHook(),\n};\n\nconst ACTIONS = {\n publish: 'plugin::content-manager.explorer.publish',\n};\n\n// @ts-expect-error lodash types\nconst sanitizeRole: <T extends object>(obj: T) => Omit<T, 'users' | 'permissions'> = omit([\n 'users',\n 'permissions',\n] as const);\n\nexport type AdminRoleWithUsersCount = AdminRole & { usersCount: number };\n\nconst COMPARABLE_FIELDS = ['conditions', 'properties', 'subject', 'action', 'actionParameters'];\nconst pickComparableFields = pick(COMPARABLE_FIELDS);\n\nconst jsonClean = <T extends object>(data: T): T => JSON.parse(JSON.stringify(data));\n\n/**\n * Compare two permissions\n */\nconst arePermissionsEqual = (p1: Permission, p2: Permission): boolean => {\n if (p1.action === p2.action) {\n return isEqual(jsonClean(pickComparableFields(p1)), jsonClean(pickComparableFields(p2)));\n }\n\n return false;\n};\n\n/**\n * Create and save a role in database\n * @param attributes A partial role object\n */\nconst create = async (attributes: Partial<AdminRole>): Promise<AdminRole> => {\n const alreadyExists = await exists({ name: attributes.name });\n\n if (alreadyExists) {\n throw new ApplicationError(\n `The name must be unique and a role with name \\`${attributes.name}\\` already exists.`\n );\n }\n const autoGeneratedCode = `${_.kebabCase(attributes.name)}-${dates.timestampCode()}`;\n\n const rolesWithCode = {\n ...attributes,\n code: attributes.code || autoGeneratedCode,\n };\n\n const result = await strapi.db.query('admin::role').create({ data: rolesWithCode });\n strapi.eventHub.emit('role.create', { role: sanitizeRole(result) });\n\n return result;\n};\n\n/**\n * Find a role in database\n * @param params query params to find the role\n * @param populate\n */\nconst findOne = (params = {}, populate?: unknown): Promise<AdminRole> => {\n return strapi.db.query('admin::role').findOne({ where: params, populate });\n};\n\n/**\n * Find a role in database with usersCounts\n * @param params query params to find the role\n * @param populate\n */\nconst findOneWithUsersCount = async (\n params = {},\n populate?: unknown\n): Promise<AdminRoleWithUsersCount> => {\n const role = await strapi.db.query('admin::role').findOne({ where: params, populate });\n\n if (role) {\n role.usersCount = await getUsersCount(role.id);\n }\n\n return role;\n};\n\n/**\n * Find roles in database\n * @param params query params to find the roles\n * @param populate\n */\nconst find = (params = {}, populate: unknown): Promise<AdminRole[]> => {\n return strapi.db.query('admin::role').findMany({ where: params, populate });\n};\n\n/**\n * Find all roles in database\n */\nconst findAllWithUsersCount = async (params: any): Promise<AdminRoleWithUsersCount[]> => {\n const roles: AdminRoleWithUsersCount[] = await strapi.db\n .query('admin::role')\n .findMany(strapi.get('query-params').transform('admin::role', params));\n\n for (const role of roles) {\n role.usersCount = await getUsersCount(role.id);\n }\n\n return roles;\n};\n\n/**\n * Update a role in database\n * @param params query params to find the role to update\n * @param attributes A partial role object\n */\nconst update = async (params: any, attributes: Partial<AdminRole>): Promise<AdminRole> => {\n const sanitizedAttributes = _.omit(attributes, ['code']);\n\n if (_.has(params, 'id') && _.has(sanitizedAttributes, 'name')) {\n const alreadyExists = await exists({\n name: sanitizedAttributes.name,\n id: { $ne: params.id },\n });\n if (alreadyExists) {\n throw new ApplicationError(\n `The name must be unique and a role with name \\`${sanitizedAttributes.name}\\` already exists.`\n );\n }\n }\n\n const result = await strapi.db\n .query('admin::role')\n .update({ where: params, data: sanitizedAttributes });\n\n strapi.eventHub.emit('role.update', { role: sanitizeRole(result) });\n\n return result;\n};\n\n/**\n * Check if a role exists in database\n * @param params query params to find the role\n */\nconst exists = async (params = {} as unknown): Promise<boolean> => {\n const count = await strapi.db.query('admin::role').count({ where: params });\n return count > 0;\n};\n\n/**\n * Count the number of roles based on search params\n * @param params params used for the query\n */\nconst count = async (params = {} as any): Promise<number> => {\n return strapi.db.query('admin::role').count(params);\n};\n\n/**\n * Check if the given roles id can be deleted safely, throw otherwise\n * @param ids\n */\nconst checkRolesIdForDeletion = async (ids = [] as Data.ID[]) => {\n const superAdminRole = await getSuperAdmin();\n\n if (superAdminRole && arrays.includesString(ids, superAdminRole.id)) {\n throw new ApplicationError('You cannot delete the super admin role');\n }\n\n for (const roleId of ids) {\n const usersCount = await getUsersCount(roleId);\n if (usersCount !== 0) {\n throw new ApplicationError('Some roles are still assigned to some users');\n }\n }\n};\n\n/**\n * Delete roles in database if they have no user assigned\n * @param ids query params to find the roles\n */\nconst deleteByIds = async (ids = [] as Data.ID[]): Promise<AdminRole[]> => {\n await checkRolesIdForDeletion(ids);\n\n await getService('permission').deleteByRolesIds(ids);\n\n const deletedRoles: AdminRole[] = [];\n for (const id of ids) {\n const deletedRole = await strapi.db.query('admin::role').delete({ where: { id } });\n\n if (deletedRole) {\n strapi.eventHub.emit('role.delete', { role: deletedRole });\n deletedRoles.push(deletedRole);\n }\n }\n\n return deletedRoles;\n};\n\n/** Count the number of users for some roles\n */\nconst getUsersCount = async (roleId: Data.ID): Promise<number> => {\n return strapi.db.query('admin::user').count({ where: { roles: { id: roleId } } });\n};\n\n/** Returns admin role\n */\nconst getSuperAdmin = (): Promise<AdminRole | undefined> => findOne({ code: SUPER_ADMIN_CODE });\n\n/** Returns admin role with userCount\n * @returns {Promise<role>}\n */\nconst getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE });\n\n/** Create superAdmin, Author and Editor role is no role already exist\n */\nconst createRolesIfNoneExist = async () => {\n const someRolesExist = await exists();\n if (someRolesExist) {\n return;\n }\n\n const { actionProvider } = getService('permission');\n\n const allActions = actionProvider.values();\n const contentTypesActions = allActions.filter((a) => a.section === 'contentTypes');\n\n // create 3 roles\n const superAdminRole = await create({\n name: 'Super Admin',\n code: 'strapi-super-admin',\n description: 'Super Admins can access and manage all features and settings.',\n });\n\n await getService('user').assignARoleToAll(superAdminRole.id);\n\n const editorRole = await create({\n name: 'Editor',\n code: 'strapi-editor',\n description: 'Editors can manage and publish contents including those of other users.',\n });\n\n const authorRole = await create({\n name: 'Author',\n code: 'strapi-author',\n description: 'Authors can manage the content they have created.',\n });\n\n // create content-type permissions for each role\n // Exclude non-displayed content types (e.g. plugin::users-permissions.role) from Editor/Author\n // since those types are in explorer.read subjects only for super admin relation reads.\n const nonDisplayedUids = Object.values(strapi.contentTypes as Record<string, any>)\n .filter((ct) => ct?.pluginOptions?.['content-manager']?.visible === false)\n .map((ct) => ct.uid as string);\n\n const editorPermissions = getService('content-type').getPermissionsWithNestedFields(\n contentTypesActions,\n {\n restrictedSubjects: ['plugin::users-permissions.user', ...nonDisplayedUids],\n }\n );\n\n const authorPermissions = editorPermissions\n .filter(({ action }: any) => action !== ACTIONS.publish)\n .map((permission: any) =>\n permissionDomain.create({ ...permission, conditions: ['admin::is-creator'] })\n );\n\n editorPermissions.push(...getDefaultPluginPermissions());\n authorPermissions.push(...getDefaultPluginPermissions({ isAuthor: true }));\n\n // assign permissions to roles\n await addPermissions(editorRole.id, editorPermissions);\n await addPermissions(authorRole.id, authorPermissions);\n};\n\nconst getDefaultPluginPermissions = ({ isAuthor = false } = {}) => {\n const conditions = isAuthor ? ['admin::is-creator'] : [];\n\n // add plugin permissions for each role\n return [\n { action: 'plugin::upload.read', conditions },\n { action: 'plugin::upload.configure-view' },\n { action: 'plugin::upload.assets.create' },\n { action: 'plugin::upload.assets.update', conditions },\n { action: 'plugin::upload.assets.download' },\n { action: 'plugin::upload.assets.copy-link' },\n ].map(permissionDomain.create);\n};\n\n/** Display a warning if the role superAdmin doesn't exist\n * or if the role is not assigned to at least one user\n */\nconst displayWarningIfNoSuperAdmin = async () => {\n const superAdminRole = await getSuperAdminWithUsersCount();\n const someUsersExists = await getService('user').exists();\n\n if (!superAdminRole) {\n strapi.log.warn(\"Your application doesn't have a super admin role.\");\n } else if (someUsersExists && superAdminRole.usersCount === 0) {\n strapi.log.warn(\"Your application doesn't have a super admin user.\");\n }\n};\n\n/**\n * Assign permissions to a role\n * @param roleId - role Data.ID\n * @param {Array<Permission{action,subject,fields,conditions}>} permissions - permissions to assign to the role\n */\nconst assignPermissions = async (\n roleId: Data.ID,\n permissions: Array<Pick<Permission, 'action' | 'subject' | 'conditions'>> = []\n) => {\n await validatePermissionsExist(permissions);\n\n // Internal actions are not handled by the role service, so any permission\n // with an internal action is filtered out\n const internalActions = getService('permission')\n .actionProvider.values()\n .filter((action) => action.section === 'internal')\n .map((action) => action.actionId);\n\n const superAdmin = await getService('role').getSuperAdmin();\n const isSuperAdmin = superAdmin && superAdmin.id === roleId;\n const assignRole = set('role', roleId);\n\n const permissionsWithRole = permissions\n // Add the role attribute to every permission\n .map(assignRole)\n // Transform each permission into a Permission instance\n // @ts-expect-error - lodash set doesn't resolve the type appropriately\n .map(permissionDomain.create);\n\n const existingPermissions = await getService('permission').findMany({\n where: { role: { id: roleId } },\n populate: ['role'],\n });\n\n const permissionsToAdd = differenceWith(\n arePermissionsEqual,\n permissionsWithRole,\n existingPermissions\n ).filter((permission: Permission) => !internalActions.includes(permission.action));\n\n const permissionsToDelete = differenceWith(\n arePermissionsEqual,\n existingPermissions,\n permissionsWithRole\n ).filter((permission: Permission) => !internalActions.includes(permission.action));\n\n const permissionsToReturn = differenceBy('id', permissionsToDelete, existingPermissions);\n\n if (permissionsToDelete.length > 0) {\n // @ts-expect-error - lodash prop doesn't resolve the type appropriately\n await getService('permission').deleteByIds(permissionsToDelete.map(prop('id')));\n }\n\n if (permissionsToAdd.length > 0) {\n const newPermissions = await addPermissions(roleId, permissionsToAdd);\n permissionsToReturn.push(...newPermissions);\n }\n\n if (!isSuperAdmin && (permissionsToAdd.length || permissionsToDelete.length)) {\n await getService('metrics').sendDidUpdateRolePermissions();\n }\n\n if (permissionsToAdd.length > 0 || permissionsToDelete.length > 0) {\n await getService('api-token-admin').syncPermissionsForRole(roleId);\n }\n\n return permissionsToReturn;\n};\n\nconst addPermissions = async (roleId: Data.ID, permissions: any) => {\n const { conditionProvider, createMany } = getService('permission');\n const { sanitizeConditions } = permissionDomain;\n\n const permissionsWithRole = permissions\n .map(set('role', roleId))\n // @ts-expect-error - refactor domain/permission Condition type, as it's now expecting\n // a string but it should be a Condition interface\n .map(sanitizeConditions(conditionProvider))\n .map(permissionDomain.create);\n\n return createMany(permissionsWithRole);\n};\n\nconst isContentTypeAction = (action: Action) => action.section === CONTENT_TYPE_SECTION;\n\n/**\n * Reset super admin permissions (giving it all permissions)\n */\nconst resetSuperAdminPermissions = async () => {\n const superAdminRole = await getService('role').getSuperAdmin();\n if (!superAdminRole) {\n return;\n }\n\n const permissionService = getService('permission');\n const contentTypeService = getService('content-type');\n\n const allActions = permissionService.actionProvider.values() as Action[];\n\n const contentTypesActions = allActions.filter((action) => isContentTypeAction(action));\n const otherActions = allActions.filter((action) => !isContentTypeAction(action));\n\n // First, get the content-types permissions\n const permissions = contentTypeService.getPermissionsWithNestedFields(\n contentTypesActions\n ) as Permission[];\n\n // Then add every other permission\n const otherPermissions = otherActions.reduce((acc, action) => {\n const { actionId, subjects } = action;\n\n if (isArray(subjects)) {\n acc.push(\n ...subjects.map((subject) => permissionDomain.create({ action: actionId, subject }))\n );\n } else {\n acc.push(permissionDomain.create({ action: actionId }));\n }\n\n return acc;\n }, [] as Permission[]);\n\n permissions.push(...otherPermissions);\n\n const transformedPermissions = (await hooks.willResetSuperAdminPermissions.call(\n permissions\n )) as Permission[];\n\n await assignPermissions(superAdminRole.id, transformedPermissions);\n};\n\n/**\n * Check if a user object includes the super admin role\n */\nconst hasSuperAdminRole = (user: AdminUser): boolean => {\n const roles = _.get(user, 'roles', []) as AdminRole[];\n\n return roles.map(prop('code')).includes(SUPER_ADMIN_CODE);\n};\n\nconst constants = {\n superAdminCode: SUPER_ADMIN_CODE,\n};\n\nexport default {\n hooks,\n sanitizeRole,\n create,\n findOne,\n findOneWithUsersCount,\n find,\n findAllWithUsersCount,\n update,\n exists,\n count,\n deleteByIds,\n getUsersCount,\n getSuperAdmin,\n getSuperAdminWithUsersCount,\n createRolesIfNoneExist,\n displayWarningIfNoSuperAdmin,\n addPermissions,\n hasSuperAdminRole,\n assignPermissions,\n resetSuperAdminPermissions,\n checkRolesIdForDeletion,\n constants,\n};\n"],"names":["SUPER_ADMIN_CODE","CONTENT_TYPE_SECTION","roleConstants","createAsyncSeriesWaterfallHook","hooksUtils","ApplicationError","errors","hooks","willResetSuperAdminPermissions","willValidateUpdatePermissions","ACTIONS","publish","sanitizeRole","omit","COMPARABLE_FIELDS","pickComparableFields","pick","jsonClean","data","JSON","parse","stringify","arePermissionsEqual","p1","p2","action","isEqual","create","attributes","alreadyExists","exists","name","autoGeneratedCode","_","kebabCase","dates","timestampCode","rolesWithCode","code","result","strapi","db","query","eventHub","emit","role","findOne","params","populate","where","findOneWithUsersCount","usersCount","getUsersCount","id","find","findMany","findAllWithUsersCount","roles","get","transform","update","sanitizedAttributes","has","$ne","count","checkRolesIdForDeletion","ids","superAdminRole","getSuperAdmin","arrays","includesString","roleId","deleteByIds","getService","deleteByRolesIds","deletedRoles","deletedRole","delete","push","getSuperAdminWithUsersCount","createRolesIfNoneExist","someRolesExist","actionProvider","allActions","values","contentTypesActions","filter","a","section","description","assignARoleToAll","editorRole","authorRole","nonDisplayedUids","Object","contentTypes","ct","pluginOptions","visible","map","uid","editorPermissions","getPermissionsWithNestedFields","restrictedSubjects","authorPermissions","permission","permissionDomain","conditions","getDefaultPluginPermissions","isAuthor","addPermissions","displayWarningIfNoSuperAdmin","someUsersExists","log","warn","assignPermissions","permissions","validatePermissionsExist","internalActions","actionId","superAdmin","isSuperAdmin","assignRole","set","permissionsWithRole","existingPermissions","permissionsToAdd","differenceWith","includes","permissionsToDelete","permissionsToReturn","differenceBy","length","prop","newPermissions","sendDidUpdateRolePermissions","syncPermissionsForRole","conditionProvider","createMany","sanitizeConditions","isContentTypeAction","resetSuperAdminPermissions","permissionService","contentTypeService","otherActions","otherPermissions","reduce","acc","subjects","isArray","subject","transformedPermissions","call","hasSuperAdminRole","user","constants","superAdminCode"],"mappings":";;;;;;;;;;;;;;AAAA;AAgBA,MAAM,EAAEA,gBAAgB,EAAEC,oBAAoB,EAAE,GAAGC,WAAAA;AAEnD,MAAM,EAAEC,8BAA8B,EAAE,GAAGC,WAAAA;AAC3C,MAAM,EAAEC,gBAAgB,EAAE,GAAGC,YAAAA;AAE7B,MAAMC,KAAAA,GAAQ;IACZC,8BAAAA,EAAgCL,8BAAAA,EAAAA;IAChCM,6BAAAA,EAA+BN,8BAAAA;AACjC,CAAA;AAEA,MAAMO,OAAAA,GAAU;IACdC,OAAAA,EAAS;AACX,CAAA;AAEA;AACA,MAAMC,eAA+EC,OAAAA,CAAK;AACxF,IAAA,OAAA;AACA,IAAA;AACD,CAAA,CAAA;AAID,MAAMC,iBAAAA,GAAoB;AAAC,IAAA,YAAA;AAAc,IAAA,YAAA;AAAc,IAAA,SAAA;AAAW,IAAA,QAAA;AAAU,IAAA;AAAmB,CAAA;AAC/F,MAAMC,uBAAuBC,OAAAA,CAAKF,iBAAAA,CAAAA;AAElC,MAAMG,SAAAA,GAAY,CAAmBC,IAAAA,GAAeC,IAAAA,CAAKC,KAAK,CAACD,IAAAA,CAAKE,SAAS,CAACH,IAAAA,CAAAA,CAAAA;AAE9E;;IAGA,MAAMI,mBAAAA,GAAsB,CAACC,EAAAA,EAAgBC,EAAAA,GAAAA;AAC3C,IAAA,IAAID,EAAAA,CAAGE,MAAM,KAAKD,EAAAA,CAAGC,MAAM,EAAE;AAC3B,QAAA,OAAOC,UAAAA,CAAQT,SAAAA,CAAUF,oBAAAA,CAAqBQ,EAAAA,CAAAA,CAAAA,EAAMN,UAAUF,oBAAAA,CAAqBS,EAAAA,CAAAA,CAAAA,CAAAA;AACrF,IAAA;IAEA,OAAO,KAAA;AACT,CAAA;AAEA;;;IAIA,MAAMG,SAAS,OAAOC,UAAAA,GAAAA;IACpB,MAAMC,aAAAA,GAAgB,MAAMC,MAAAA,CAAO;AAAEC,QAAAA,IAAAA,EAAMH,WAAWG;AAAK,KAAA,CAAA;AAE3D,IAAA,IAAIF,aAAAA,EAAe;QACjB,MAAM,IAAIxB,iBACR,CAAC,+CAA+C,EAAEuB,UAAAA,CAAWG,IAAI,CAAC,kBAAkB,CAAC,CAAA;AAEzF,IAAA;AACA,IAAA,MAAMC,iBAAAA,GAAoB,CAAA,EAAGC,kBAAAA,CAAEC,SAAS,CAACN,UAAAA,CAAWG,IAAI,CAAA,CAAE,CAAC,EAAEI,WAAAA,CAAMC,aAAa,EAAA,CAAA,CAAI;AAEpF,IAAA,MAAMC,aAAAA,GAAgB;AACpB,QAAA,GAAGT,UAAU;QACbU,IAAAA,EAAMV,UAAAA,CAAWU,IAAI,IAAIN;AAC3B,KAAA;IAEA,MAAMO,MAAAA,GAAS,MAAMC,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAef,MAAM,CAAC;QAAET,IAAAA,EAAMmB;AAAc,KAAA,CAAA;AACjFG,IAAAA,MAAAA,CAAOG,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEC,QAAAA,IAAAA,EAAMjC,YAAAA,CAAa2B,MAAAA;AAAQ,KAAA,CAAA;IAEjE,OAAOA,MAAAA;AACT,CAAA;AAEA;;;;AAIC,IACD,MAAMO,OAAAA,GAAU,CAACC,MAAAA,GAAS,EAAE,EAAEC,QAAAA,GAAAA;AAC5B,IAAA,OAAOR,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeI,OAAO,CAAC;QAAEG,KAAAA,EAAOF,MAAAA;AAAQC,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;AAIC,IACD,MAAME,qBAAAA,GAAwB,OAC5BH,MAAAA,GAAS,EAAE,EACXC,QAAAA,GAAAA;IAEA,MAAMH,IAAAA,GAAO,MAAML,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeI,OAAO,CAAC;QAAEG,KAAAA,EAAOF,MAAAA;AAAQC,QAAAA;AAAS,KAAA,CAAA;AAEpF,IAAA,IAAIH,IAAAA,EAAM;AACRA,QAAAA,IAAAA,CAAKM,UAAU,GAAG,MAAMC,aAAAA,CAAcP,KAAKQ,EAAE,CAAA;AAC/C,IAAA;IAEA,OAAOR,IAAAA;AACT,CAAA;AAEA;;;;AAIC,IACD,MAAMS,IAAAA,GAAO,CAACP,MAAAA,GAAS,EAAE,EAAEC,QAAAA,GAAAA;AACzB,IAAA,OAAOR,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAea,QAAQ,CAAC;QAAEN,KAAAA,EAAOF,MAAAA;AAAQC,QAAAA;AAAS,KAAA,CAAA;AAC3E,CAAA;AAEA;;IAGA,MAAMQ,wBAAwB,OAAOT,MAAAA,GAAAA;AACnC,IAAA,MAAMU,QAAmC,MAAMjB,MAAAA,CAAOC,EAAE,CACrDC,KAAK,CAAC,aAAA,CAAA,CACNa,QAAQ,CAACf,OAAOkB,GAAG,CAAC,cAAA,CAAA,CAAgBC,SAAS,CAAC,aAAA,EAAeZ,MAAAA,CAAAA,CAAAA;IAEhE,KAAK,MAAMF,QAAQY,KAAAA,CAAO;AACxBZ,QAAAA,IAAAA,CAAKM,UAAU,GAAG,MAAMC,aAAAA,CAAcP,KAAKQ,EAAE,CAAA;AAC/C,IAAA;IAEA,OAAOI,KAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,MAAAA,GAAS,OAAOb,MAAAA,EAAanB,UAAAA,GAAAA;AACjC,IAAA,MAAMiC,mBAAAA,GAAsB5B,kBAAAA,CAAEpB,IAAI,CAACe,UAAAA,EAAY;AAAC,QAAA;AAAO,KAAA,CAAA;IAEvD,IAAIK,kBAAAA,CAAE6B,GAAG,CAACf,MAAAA,EAAQ,SAASd,kBAAAA,CAAE6B,GAAG,CAACD,mBAAAA,EAAqB,MAAA,CAAA,EAAS;QAC7D,MAAMhC,aAAAA,GAAgB,MAAMC,MAAAA,CAAO;AACjCC,YAAAA,IAAAA,EAAM8B,oBAAoB9B,IAAI;YAC9BsB,EAAAA,EAAI;AAAEU,gBAAAA,GAAAA,EAAKhB,OAAOM;AAAG;AACvB,SAAA,CAAA;AACA,QAAA,IAAIxB,aAAAA,EAAe;YACjB,MAAM,IAAIxB,iBACR,CAAC,+CAA+C,EAAEwD,mBAAAA,CAAoB9B,IAAI,CAAC,kBAAkB,CAAC,CAAA;AAElG,QAAA;AACF,IAAA;IAEA,MAAMQ,MAAAA,GAAS,MAAMC,MAAAA,CAAOC,EAAE,CAC3BC,KAAK,CAAC,aAAA,CAAA,CACNkB,MAAM,CAAC;QAAEX,KAAAA,EAAOF,MAAAA;QAAQ7B,IAAAA,EAAM2C;AAAoB,KAAA,CAAA;AAErDrB,IAAAA,MAAAA,CAAOG,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;AAAEC,QAAAA,IAAAA,EAAMjC,YAAAA,CAAa2B,MAAAA;AAAQ,KAAA,CAAA;IAEjE,OAAOA,MAAAA;AACT,CAAA;AAEA;;;AAGC,IACD,MAAMT,MAAAA,GAAS,OAAOiB,MAAAA,GAAS,EAAa,GAAA;IAC1C,MAAMiB,KAAAA,GAAQ,MAAMxB,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,KAAK,CAAC;QAAEf,KAAAA,EAAOF;AAAO,KAAA,CAAA;AACzE,IAAA,OAAOiB,KAAAA,GAAQ,CAAA;AACjB,CAAA;AAEA;;;AAGC,IACD,MAAMA,KAAAA,GAAQ,OAAOjB,MAAAA,GAAS,EAAS,GAAA;AACrC,IAAA,OAAOP,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,KAAK,CAACjB,MAAAA,CAAAA;AAC9C,CAAA;AAEA;;;AAGC,IACD,MAAMkB,uBAAAA,GAA0B,OAAOC,GAAAA,GAAM,EAAE,GAAa;AAC1D,IAAA,MAAMC,iBAAiB,MAAMC,aAAAA,EAAAA;AAE7B,IAAA,IAAID,kBAAkBE,YAAAA,CAAOC,cAAc,CAACJ,GAAAA,EAAKC,cAAAA,CAAed,EAAE,CAAA,EAAG;AACnE,QAAA,MAAM,IAAIhD,gBAAAA,CAAiB,wCAAA,CAAA;AAC7B,IAAA;IAEA,KAAK,MAAMkE,UAAUL,GAAAA,CAAK;QACxB,MAAMf,UAAAA,GAAa,MAAMC,aAAAA,CAAcmB,MAAAA,CAAAA;AACvC,QAAA,IAAIpB,eAAe,CAAA,EAAG;AACpB,YAAA,MAAM,IAAI9C,gBAAAA,CAAiB,6CAAA,CAAA;AAC7B,QAAA;AACF,IAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAMmE,WAAAA,GAAc,OAAON,GAAAA,GAAM,EAAE,GAAa;AAC9C,IAAA,MAAMD,uBAAAA,CAAwBC,GAAAA,CAAAA;IAE9B,MAAMO,gBAAAA,CAAW,YAAA,CAAA,CAAcC,gBAAgB,CAACR,GAAAA,CAAAA;AAEhD,IAAA,MAAMS,eAA4B,EAAE;IACpC,KAAK,MAAMtB,MAAMa,GAAAA,CAAK;QACpB,MAAMU,WAAAA,GAAc,MAAMpC,MAAAA,CAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAemC,MAAM,CAAC;YAAE5B,KAAAA,EAAO;AAAEI,gBAAAA;AAAG;AAAE,SAAA,CAAA;AAEhF,QAAA,IAAIuB,WAAAA,EAAa;AACfpC,YAAAA,MAAAA,CAAOG,QAAQ,CAACC,IAAI,CAAC,aAAA,EAAe;gBAAEC,IAAAA,EAAM+B;AAAY,aAAA,CAAA;AACxDD,YAAAA,YAAAA,CAAaG,IAAI,CAACF,WAAAA,CAAAA;AACpB,QAAA;AACF,IAAA;IAEA,OAAOD,YAAAA;AACT,CAAA;AAEA;IAEA,MAAMvB,gBAAgB,OAAOmB,MAAAA,GAAAA;AAC3B,IAAA,OAAO/B,OAAOC,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,KAAK,CAAC;QAAEf,KAAAA,EAAO;YAAEQ,KAAAA,EAAO;gBAAEJ,EAAAA,EAAIkB;AAAO;AAAE;AAAE,KAAA,CAAA;AACjF,CAAA;AAEA;IAEA,MAAMH,aAAAA,GAAgB,IAAsCtB,OAAAA,CAAQ;QAAER,IAAAA,EAAMtC;AAAiB,KAAA,CAAA;AAE7F;;IAGA,MAAM+E,2BAAAA,GAA8B,IAAM7B,qBAAAA,CAAsB;QAAEZ,IAAAA,EAAMtC;AAAiB,KAAA,CAAA;AAEzF;AACC,IACD,MAAMgF,sBAAAA,GAAyB,UAAA;AAC7B,IAAA,MAAMC,iBAAiB,MAAMnD,MAAAA,EAAAA;AAC7B,IAAA,IAAImD,cAAAA,EAAgB;AAClB,QAAA;AACF,IAAA;AAEA,IAAA,MAAM,EAAEC,cAAc,EAAE,GAAGT,gBAAAA,CAAW,YAAA,CAAA;IAEtC,MAAMU,UAAAA,GAAaD,eAAeE,MAAM,EAAA;IACxC,MAAMC,mBAAAA,GAAsBF,WAAWG,MAAM,CAAC,CAACC,CAAAA,GAAMA,CAAAA,CAAEC,OAAO,KAAK,cAAA,CAAA;;IAGnE,MAAMrB,cAAAA,GAAiB,MAAMxC,MAAAA,CAAO;QAClCI,IAAAA,EAAM,aAAA;QACNO,IAAAA,EAAM,oBAAA;QACNmD,WAAAA,EAAa;AACf,KAAA,CAAA;AAEA,IAAA,MAAMhB,gBAAAA,CAAW,MAAA,CAAA,CAAQiB,gBAAgB,CAACvB,eAAed,EAAE,CAAA;IAE3D,MAAMsC,UAAAA,GAAa,MAAMhE,MAAAA,CAAO;QAC9BI,IAAAA,EAAM,QAAA;QACNO,IAAAA,EAAM,eAAA;QACNmD,WAAAA,EAAa;AACf,KAAA,CAAA;IAEA,MAAMG,UAAAA,GAAa,MAAMjE,MAAAA,CAAO;QAC9BI,IAAAA,EAAM,QAAA;QACNO,IAAAA,EAAM,eAAA;QACNmD,WAAAA,EAAa;AACf,KAAA,CAAA;;;;IAKA,MAAMI,gBAAAA,GAAmBC,OAAOV,MAAM,CAAC5C,OAAOuD,YAAY,CAAA,CACvDT,MAAM,CAAC,CAACU,EAAAA,GAAOA,IAAIC,aAAAA,GAAgB,iBAAA,CAAkB,EAAEC,OAAAA,KAAY,KAAA,CAAA,CACnEC,GAAG,CAAC,CAACH,EAAAA,GAAOA,EAAAA,CAAGI,GAAG,CAAA;AAErB,IAAA,MAAMC,iBAAAA,GAAoB5B,gBAAAA,CAAW,cAAA,CAAA,CAAgB6B,8BAA8B,CACjFjB,mBAAAA,EACA;QACEkB,kBAAAA,EAAoB;AAAC,YAAA,gCAAA;AAAqCV,YAAAA,GAAAA;AAAiB;AAC7E,KAAA,CAAA;AAGF,IAAA,MAAMW,oBAAoBH,iBAAAA,CACvBf,MAAM,CAAC,CAAC,EAAE7D,MAAM,EAAO,GAAKA,WAAWf,OAAAA,CAAQC,OAAO,EACtDwF,GAAG,CAAC,CAACM,UAAAA,GACJC,eAAAA,CAAiB/E,MAAM,CAAC;AAAE,YAAA,GAAG8E,UAAU;YAAEE,UAAAA,EAAY;AAAC,gBAAA;AAAoB;AAAC,SAAA,CAAA,CAAA;AAG/EN,IAAAA,iBAAAA,CAAkBvB,IAAI,CAAA,GAAI8B,2BAAAA,EAAAA,CAAAA;IAC1BJ,iBAAAA,CAAkB1B,IAAI,IAAI8B,2BAAAA,CAA4B;QAAEC,QAAAA,EAAU;AAAK,KAAA,CAAA,CAAA;;IAGvE,MAAMC,cAAAA,CAAenB,UAAAA,CAAWtC,EAAE,EAAEgD,iBAAAA,CAAAA;IACpC,MAAMS,cAAAA,CAAelB,UAAAA,CAAWvC,EAAE,EAAEmD,iBAAAA,CAAAA;AACtC,CAAA;AAEA,MAAMI,2BAAAA,GAA8B,CAAC,EAAEC,QAAAA,GAAW,KAAK,EAAE,GAAG,EAAE,GAAA;AAC5D,IAAA,MAAMF,aAAaE,QAAAA,GAAW;AAAC,QAAA;AAAoB,KAAA,GAAG,EAAE;;IAGxD,OAAO;AACL,QAAA;YAAEpF,MAAAA,EAAQ,qBAAA;AAAuBkF,YAAAA;AAAW,SAAA;AAC5C,QAAA;YAAElF,MAAAA,EAAQ;AAAgC,SAAA;AAC1C,QAAA;YAAEA,MAAAA,EAAQ;AAA+B,SAAA;AACzC,QAAA;YAAEA,MAAAA,EAAQ,8BAAA;AAAgCkF,YAAAA;AAAW,SAAA;AACrD,QAAA;YAAElF,MAAAA,EAAQ;AAAiC,SAAA;AAC3C,QAAA;YAAEA,MAAAA,EAAQ;AAAkC;KAC7C,CAAC0E,GAAG,CAACO,eAAAA,CAAiB/E,MAAM,CAAA;AAC/B,CAAA;AAEA;;AAEC,IACD,MAAMoF,4BAAAA,GAA+B,UAAA;AACnC,IAAA,MAAM5C,iBAAiB,MAAMY,2BAAAA,EAAAA;AAC7B,IAAA,MAAMiC,eAAAA,GAAkB,MAAMvC,gBAAAA,CAAW,MAAA,CAAA,CAAQ3C,MAAM,EAAA;AAEvD,IAAA,IAAI,CAACqC,cAAAA,EAAgB;QACnB3B,MAAAA,CAAOyE,GAAG,CAACC,IAAI,CAAC,mDAAA,CAAA;AAClB,IAAA,CAAA,MAAO,IAAIF,eAAAA,IAAmB7C,cAAAA,CAAehB,UAAU,KAAK,CAAA,EAAG;QAC7DX,MAAAA,CAAOyE,GAAG,CAACC,IAAI,CAAC,mDAAA,CAAA;AAClB,IAAA;AACF,CAAA;AAEA;;;;AAIC,IACD,MAAMC,iBAAAA,GAAoB,OACxB5C,MAAAA,EACA6C,cAA4E,EAAE,GAAA;AAE9E,IAAA,MAAMC,mCAAAA,CAAyBD,WAAAA,CAAAA;;;IAI/B,MAAME,eAAAA,GAAkB7C,iBAAW,YAAA,CAAA,CAChCS,cAAc,CAACE,MAAM,EAAA,CACrBE,MAAM,CAAC,CAAC7D,SAAWA,MAAAA,CAAO+D,OAAO,KAAK,UAAA,CAAA,CACtCW,GAAG,CAAC,CAAC1E,MAAAA,GAAWA,OAAO8F,QAAQ,CAAA;AAElC,IAAA,MAAMC,UAAAA,GAAa,MAAM/C,gBAAAA,CAAW,MAAA,CAAA,CAAQL,aAAa,EAAA;AACzD,IAAA,MAAMqD,YAAAA,GAAeD,UAAAA,IAAcA,UAAAA,CAAWnE,EAAE,KAAKkB,MAAAA;IACrD,MAAMmD,UAAAA,GAAaC,OAAI,MAAA,EAAQpD,MAAAA,CAAAA;IAE/B,MAAMqD,mBAAAA,GAAsBR,WAC1B;KACCjB,GAAG,CAACuB,WACL;;KAECvB,GAAG,CAACO,gBAAiB/E,MAAM,CAAA;AAE9B,IAAA,MAAMkG,mBAAAA,GAAsB,MAAMpD,gBAAAA,CAAW,YAAA,CAAA,CAAclB,QAAQ,CAAC;QAClEN,KAAAA,EAAO;YAAEJ,IAAAA,EAAM;gBAAEQ,EAAAA,EAAIkB;AAAO;AAAE,SAAA;QAC9BvB,QAAAA,EAAU;AAAC,YAAA;AAAO;AACpB,KAAA,CAAA;AAEA,IAAA,MAAM8E,gBAAAA,GAAmBC,iBAAAA,CACvBzG,mBAAAA,EACAsG,mBAAAA,EACAC,qBACAvC,MAAM,CAAC,CAACmB,UAAAA,GAA2B,CAACa,eAAAA,CAAgBU,QAAQ,CAACvB,WAAWhF,MAAM,CAAA,CAAA;AAEhF,IAAA,MAAMwG,mBAAAA,GAAsBF,iBAAAA,CAC1BzG,mBAAAA,EACAuG,mBAAAA,EACAD,qBACAtC,MAAM,CAAC,CAACmB,UAAAA,GAA2B,CAACa,eAAAA,CAAgBU,QAAQ,CAACvB,WAAWhF,MAAM,CAAA,CAAA;IAEhF,MAAMyG,mBAAAA,GAAsBC,eAAAA,CAAa,IAAA,EAAMF,mBAAAA,EAAqBJ,mBAAAA,CAAAA;IAEpE,IAAII,mBAAAA,CAAoBG,MAAM,GAAG,CAAA,EAAG;;AAElC,QAAA,MAAM3D,iBAAW,YAAA,CAAA,CAAcD,WAAW,CAACyD,mBAAAA,CAAoB9B,GAAG,CAACkC,OAAAA,CAAK,IAAA,CAAA,CAAA,CAAA;AAC1E,IAAA;IAEA,IAAIP,gBAAAA,CAAiBM,MAAM,GAAG,CAAA,EAAG;QAC/B,MAAME,cAAAA,GAAiB,MAAMxB,cAAAA,CAAevC,MAAAA,EAAQuD,gBAAAA,CAAAA;AACpDI,QAAAA,mBAAAA,CAAoBpD,IAAI,CAAA,GAAIwD,cAAAA,CAAAA;AAC9B,IAAA;IAEA,IAAI,CAACb,iBAAiBK,gBAAAA,CAAiBM,MAAM,IAAIH,mBAAAA,CAAoBG,MAAK,CAAA,EAAI;QAC5E,MAAM3D,gBAAAA,CAAW,WAAW8D,4BAA4B,EAAA;AAC1D,IAAA;AAEA,IAAA,IAAIT,iBAAiBM,MAAM,GAAG,KAAKH,mBAAAA,CAAoBG,MAAM,GAAG,CAAA,EAAG;QACjE,MAAM3D,gBAAAA,CAAW,iBAAA,CAAA,CAAmB+D,sBAAsB,CAACjE,MAAAA,CAAAA;AAC7D,IAAA;IAEA,OAAO2D,mBAAAA;AACT,CAAA;AAEA,MAAMpB,cAAAA,GAAiB,OAAOvC,MAAAA,EAAiB6C,WAAAA,GAAAA;AAC7C,IAAA,MAAM,EAAEqB,iBAAiB,EAAEC,UAAU,EAAE,GAAGjE,gBAAAA,CAAW,YAAA,CAAA;IACrD,MAAM,EAAEkE,kBAAkB,EAAE,GAAGjC,eAAAA;AAE/B,IAAA,MAAMkB,sBAAsBR,WAAAA,CACzBjB,GAAG,CAACwB,MAAAA,CAAI,MAAA,EAAQpD,QACjB;;AAEC4B,KAAAA,GAAG,CAACwC,kBAAAA,CAAmBF,iBAAAA,CAAAA,CAAAA,CACvBtC,GAAG,CAACO,gBAAiB/E,MAAM,CAAA;AAE9B,IAAA,OAAO+G,UAAAA,CAAWd,mBAAAA,CAAAA;AACpB,CAAA;AAEA,MAAMgB,mBAAAA,GAAsB,CAACnH,MAAAA,GAAmBA,MAAAA,CAAO+D,OAAO,KAAKvF,oBAAAA;AAEnE;;AAEC,IACD,MAAM4I,0BAAAA,GAA6B,UAAA;AACjC,IAAA,MAAM1E,cAAAA,GAAiB,MAAMM,gBAAAA,CAAW,MAAA,CAAA,CAAQL,aAAa,EAAA;AAC7D,IAAA,IAAI,CAACD,cAAAA,EAAgB;AACnB,QAAA;AACF,IAAA;AAEA,IAAA,MAAM2E,oBAAoBrE,gBAAAA,CAAW,YAAA,CAAA;AACrC,IAAA,MAAMsE,qBAAqBtE,gBAAAA,CAAW,cAAA,CAAA;AAEtC,IAAA,MAAMU,UAAAA,GAAa2D,iBAAAA,CAAkB5D,cAAc,CAACE,MAAM,EAAA;AAE1D,IAAA,MAAMC,sBAAsBF,UAAAA,CAAWG,MAAM,CAAC,CAAC7D,SAAWmH,mBAAAA,CAAoBnH,MAAAA,CAAAA,CAAAA;AAC9E,IAAA,MAAMuH,eAAe7D,UAAAA,CAAWG,MAAM,CAAC,CAAC7D,MAAAA,GAAW,CAACmH,mBAAAA,CAAoBnH,MAAAA,CAAAA,CAAAA;;IAGxE,MAAM2F,WAAAA,GAAc2B,kBAAAA,CAAmBzC,8BAA8B,CACnEjB,mBAAAA,CAAAA;;AAIF,IAAA,MAAM4D,gBAAAA,GAAmBD,YAAAA,CAAaE,MAAM,CAAC,CAACC,GAAAA,EAAK1H,MAAAA,GAAAA;AACjD,QAAA,MAAM,EAAE8F,QAAQ,EAAE6B,QAAQ,EAAE,GAAG3H,MAAAA;AAE/B,QAAA,IAAI4H,WAAQD,QAAAA,CAAAA,EAAW;YACrBD,GAAAA,CAAIrE,IAAI,IACHsE,QAAAA,CAASjD,GAAG,CAAC,CAACmD,OAAAA,GAAY5C,eAAAA,CAAiB/E,MAAM,CAAC;oBAAEF,MAAAA,EAAQ8F,QAAAA;AAAU+B,oBAAAA;AAAQ,iBAAA,CAAA,CAAA,CAAA;QAErF,CAAA,MAAO;AACLH,YAAAA,GAAAA,CAAIrE,IAAI,CAAC4B,eAAAA,CAAiB/E,MAAM,CAAC;gBAAEF,MAAAA,EAAQ8F;AAAS,aAAA,CAAA,CAAA;AACtD,QAAA;QAEA,OAAO4B,GAAAA;AACT,IAAA,CAAA,EAAG,EAAE,CAAA;AAEL/B,IAAAA,WAAAA,CAAYtC,IAAI,CAAA,GAAImE,gBAAAA,CAAAA;AAEpB,IAAA,MAAMM,yBAA0B,MAAMhJ,KAAAA,CAAMC,8BAA8B,CAACgJ,IAAI,CAC7EpC,WAAAA,CAAAA;IAGF,MAAMD,iBAAAA,CAAkBhD,cAAAA,CAAed,EAAE,EAAEkG,sBAAAA,CAAAA;AAC7C,CAAA;AAEA;;IAGA,MAAME,oBAAoB,CAACC,IAAAA,GAAAA;AACzB,IAAA,MAAMjG,QAAQxB,kBAAAA,CAAEyB,GAAG,CAACgG,IAAAA,EAAM,SAAS,EAAE,CAAA;AAErC,IAAA,OAAOjG,MAAM0C,GAAG,CAACkC,OAAAA,CAAK,MAAA,CAAA,CAAA,CAASL,QAAQ,CAAChI,gBAAAA,CAAAA;AAC1C,CAAA;AAEA,MAAM2J,SAAAA,GAAY;IAChBC,cAAAA,EAAgB5J;AAClB,CAAA;AAEA,WAAe;AACbO,IAAAA,KAAAA;AACAK,IAAAA,YAAAA;AACAe,IAAAA,MAAAA;AACAmB,IAAAA,OAAAA;AACAI,IAAAA,qBAAAA;AACAI,IAAAA,IAAAA;AACAE,IAAAA,qBAAAA;AACAI,IAAAA,MAAAA;AACA9B,IAAAA,MAAAA;AACAkC,IAAAA,KAAAA;AACAQ,IAAAA,WAAAA;AACApB,IAAAA,aAAAA;AACAgB,IAAAA,aAAAA;AACAW,IAAAA,2BAAAA;AACAC,IAAAA,sBAAAA;AACA+B,IAAAA,4BAAAA;AACAD,IAAAA,cAAAA;AACA2C,IAAAA,iBAAAA;AACAtC,IAAAA,iBAAAA;AACA0B,IAAAA,0BAAAA;AACA5E,IAAAA,uBAAAA;AACA0F,IAAAA;AACF,CAAA;;;;"}
|