@strapi/content-manager 0.0.0-experimental.a53a4b1c8f7981a689823cdd719105671e1c6392 → 0.0.0-experimental.a6728ad43ac70ae19dabb624dbfca1f2d9610a86

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (130) hide show
  1. package/LICENSE +18 -3
  2. package/dist/_chunks/{ComponentConfigurationPage-DmwmiFQy.mjs → ComponentConfigurationPage-DJ5voqEK.mjs} +3 -3
  3. package/dist/_chunks/{ComponentConfigurationPage-DmwmiFQy.mjs.map → ComponentConfigurationPage-DJ5voqEK.mjs.map} +1 -1
  4. package/dist/_chunks/{ComponentConfigurationPage-C-49MccQ.js → ComponentConfigurationPage-_6osrv39.js} +3 -3
  5. package/dist/_chunks/{ComponentConfigurationPage-C-49MccQ.js.map → ComponentConfigurationPage-_6osrv39.js.map} +1 -1
  6. package/dist/_chunks/{EditConfigurationPage-JT3E7NZy.mjs → EditConfigurationPage-CZofxSLy.mjs} +3 -3
  7. package/dist/_chunks/{EditConfigurationPage-JT3E7NZy.mjs.map → EditConfigurationPage-CZofxSLy.mjs.map} +1 -1
  8. package/dist/_chunks/{EditConfigurationPage-DjFJw56M.js → EditConfigurationPage-ZN3s568V.js} +3 -3
  9. package/dist/_chunks/{EditConfigurationPage-DjFJw56M.js.map → EditConfigurationPage-ZN3s568V.js.map} +1 -1
  10. package/dist/_chunks/{EditViewPage-zT3fBr4Y.js → EditViewPage-Co2IKQZH.js} +19 -8
  11. package/dist/_chunks/EditViewPage-Co2IKQZH.js.map +1 -0
  12. package/dist/_chunks/{EditViewPage-CPj61RMh.mjs → EditViewPage-HYljoEY7.mjs} +19 -8
  13. package/dist/_chunks/EditViewPage-HYljoEY7.mjs.map +1 -0
  14. package/dist/_chunks/{Field-dha5VnIQ.mjs → Field-BOPUMZ1u.mjs} +194 -141
  15. package/dist/_chunks/Field-BOPUMZ1u.mjs.map +1 -0
  16. package/dist/_chunks/{Field-Boxf9Ajp.js → Field-G9CkFUtP.js} +196 -143
  17. package/dist/_chunks/Field-G9CkFUtP.js.map +1 -0
  18. package/dist/_chunks/{Form-DHrru2AV.mjs → Form-CDwNp7pU.mjs} +35 -16
  19. package/dist/_chunks/Form-CDwNp7pU.mjs.map +1 -0
  20. package/dist/_chunks/{Form-y5g1SRsh.js → Form-crsbkGxI.js} +35 -16
  21. package/dist/_chunks/Form-crsbkGxI.js.map +1 -0
  22. package/dist/_chunks/{History-Bru_KoeP.mjs → History-BDZrgfZ3.mjs} +44 -19
  23. package/dist/_chunks/History-BDZrgfZ3.mjs.map +1 -0
  24. package/dist/_chunks/{History-CqN6K7SX.js → History-CWcM9HnW.js} +44 -19
  25. package/dist/_chunks/History-CWcM9HnW.js.map +1 -0
  26. package/dist/_chunks/{ListConfigurationPage-D8wGABj0.mjs → ListConfigurationPage-BZ3ScUna.mjs} +20 -8
  27. package/dist/_chunks/ListConfigurationPage-BZ3ScUna.mjs.map +1 -0
  28. package/dist/_chunks/{ListConfigurationPage-R_p-SbHZ.js → ListConfigurationPage-DGzoQD_I.js} +20 -8
  29. package/dist/_chunks/ListConfigurationPage-DGzoQD_I.js.map +1 -0
  30. package/dist/_chunks/{ListViewPage-pEw_zug9.js → ListViewPage-BBAC9aPu.js} +60 -42
  31. package/dist/_chunks/ListViewPage-BBAC9aPu.js.map +1 -0
  32. package/dist/_chunks/{ListViewPage-SID6TRb9.mjs → ListViewPage-CsX7tWx-.mjs} +58 -40
  33. package/dist/_chunks/ListViewPage-CsX7tWx-.mjs.map +1 -0
  34. package/dist/_chunks/{NoContentTypePage-C5dcQojD.js → NoContentTypePage-CwVDx_YC.js} +2 -2
  35. package/dist/_chunks/{NoContentTypePage-C5dcQojD.js.map → NoContentTypePage-CwVDx_YC.js.map} +1 -1
  36. package/dist/_chunks/{NoContentTypePage-CJ7UXwrQ.mjs → NoContentTypePage-LClTUPWs.mjs} +2 -2
  37. package/dist/_chunks/{NoContentTypePage-CJ7UXwrQ.mjs.map → NoContentTypePage-LClTUPWs.mjs.map} +1 -1
  38. package/dist/_chunks/{NoPermissionsPage-BtPrImPP.js → NoPermissionsPage-D2iWw-sn.js} +2 -2
  39. package/dist/_chunks/{NoPermissionsPage-BtPrImPP.js.map → NoPermissionsPage-D2iWw-sn.js.map} +1 -1
  40. package/dist/_chunks/{NoPermissionsPage-B7syEq5E.mjs → NoPermissionsPage-S4Re3FwO.mjs} +2 -2
  41. package/dist/_chunks/{NoPermissionsPage-B7syEq5E.mjs.map → NoPermissionsPage-S4Re3FwO.mjs.map} +1 -1
  42. package/dist/_chunks/{Relations-B9Crnhnn.mjs → Relations-Dmv0Tpe5.mjs} +4 -4
  43. package/dist/_chunks/Relations-Dmv0Tpe5.mjs.map +1 -0
  44. package/dist/_chunks/{Relations-DjTQ5kGB.js → Relations-jwuTFGOV.js} +4 -4
  45. package/dist/_chunks/Relations-jwuTFGOV.js.map +1 -0
  46. package/dist/_chunks/{en-fbKQxLGn.js → en-BlhnxQfj.js} +11 -9
  47. package/dist/_chunks/{en-fbKQxLGn.js.map → en-BlhnxQfj.js.map} +1 -1
  48. package/dist/_chunks/{en-Ux26r5pl.mjs → en-C8YBvRrK.mjs} +11 -9
  49. package/dist/_chunks/{en-Ux26r5pl.mjs.map → en-C8YBvRrK.mjs.map} +1 -1
  50. package/dist/_chunks/{index-DJXJw9V5.mjs → index-BmUAydCA.mjs} +977 -680
  51. package/dist/_chunks/index-BmUAydCA.mjs.map +1 -0
  52. package/dist/_chunks/{index-DVPWZkbS.js → index-CBX6KyXv.js} +958 -661
  53. package/dist/_chunks/index-CBX6KyXv.js.map +1 -0
  54. package/dist/_chunks/{layout-Bau7ZfLV.mjs → layout-ClP-DC72.mjs} +25 -12
  55. package/dist/_chunks/layout-ClP-DC72.mjs.map +1 -0
  56. package/dist/_chunks/{layout-Dm6fbiQj.js → layout-CxxkX9jY.js} +24 -11
  57. package/dist/_chunks/layout-CxxkX9jY.js.map +1 -0
  58. package/dist/_chunks/{relations-CKnpRgrN.js → relations-DIjTADIu.js} +2 -2
  59. package/dist/_chunks/{relations-CKnpRgrN.js.map → relations-DIjTADIu.js.map} +1 -1
  60. package/dist/_chunks/{relations-BH_kBSJ0.mjs → relations-op89RClB.mjs} +2 -2
  61. package/dist/_chunks/{relations-BH_kBSJ0.mjs.map → relations-op89RClB.mjs.map} +1 -1
  62. package/dist/_chunks/{usePrev-B9w_-eYc.js → useDebounce-CtcjDB3L.js} +14 -1
  63. package/dist/_chunks/useDebounce-CtcjDB3L.js.map +1 -0
  64. package/dist/_chunks/useDebounce-DmuSJIF3.mjs +29 -0
  65. package/dist/_chunks/useDebounce-DmuSJIF3.mjs.map +1 -0
  66. package/dist/admin/index.js +2 -1
  67. package/dist/admin/index.js.map +1 -1
  68. package/dist/admin/index.mjs +5 -4
  69. package/dist/admin/src/exports.d.ts +1 -1
  70. package/dist/admin/src/history/index.d.ts +3 -0
  71. package/dist/admin/src/history/services/historyVersion.d.ts +1 -1
  72. package/dist/admin/src/hooks/useDocument.d.ts +30 -1
  73. package/dist/admin/src/index.d.ts +1 -0
  74. package/dist/admin/src/pages/EditView/components/DocumentActions.d.ts +1 -0
  75. package/dist/admin/src/pages/EditView/components/FormInputs/Relations.d.ts +20 -0
  76. package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/EditorLayout.d.ts +2 -2
  77. package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/WysiwygFooter.d.ts +2 -2
  78. package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/WysiwygStyles.d.ts +4 -48
  79. package/dist/admin/src/pages/EditView/components/Header.d.ts +10 -11
  80. package/dist/admin/src/services/api.d.ts +1 -1
  81. package/dist/admin/src/services/components.d.ts +2 -2
  82. package/dist/admin/src/services/contentTypes.d.ts +3 -3
  83. package/dist/admin/src/services/documents.d.ts +19 -17
  84. package/dist/admin/src/services/init.d.ts +1 -1
  85. package/dist/admin/src/services/relations.d.ts +2 -2
  86. package/dist/admin/src/services/uid.d.ts +3 -3
  87. package/dist/admin/src/utils/validation.d.ts +4 -1
  88. package/dist/server/index.js +181 -107
  89. package/dist/server/index.js.map +1 -1
  90. package/dist/server/index.mjs +182 -108
  91. package/dist/server/index.mjs.map +1 -1
  92. package/dist/server/src/controllers/collection-types.d.ts.map +1 -1
  93. package/dist/server/src/controllers/relations.d.ts.map +1 -1
  94. package/dist/server/src/controllers/uid.d.ts.map +1 -1
  95. package/dist/server/src/controllers/validation/dimensions.d.ts +4 -2
  96. package/dist/server/src/controllers/validation/dimensions.d.ts.map +1 -1
  97. package/dist/server/src/history/services/history.d.ts.map +1 -1
  98. package/dist/server/src/history/services/lifecycles.d.ts.map +1 -1
  99. package/dist/server/src/history/services/utils.d.ts +2 -1
  100. package/dist/server/src/history/services/utils.d.ts.map +1 -1
  101. package/dist/server/src/policies/hasPermissions.d.ts.map +1 -1
  102. package/dist/server/src/services/document-manager.d.ts.map +1 -1
  103. package/dist/server/src/services/document-metadata.d.ts.map +1 -1
  104. package/dist/server/src/services/permission-checker.d.ts.map +1 -1
  105. package/dist/server/src/services/utils/populate.d.ts.map +1 -1
  106. package/dist/shared/contracts/collection-types.d.ts +3 -1
  107. package/dist/shared/contracts/collection-types.d.ts.map +1 -1
  108. package/package.json +11 -11
  109. package/dist/_chunks/EditViewPage-CPj61RMh.mjs.map +0 -1
  110. package/dist/_chunks/EditViewPage-zT3fBr4Y.js.map +0 -1
  111. package/dist/_chunks/Field-Boxf9Ajp.js.map +0 -1
  112. package/dist/_chunks/Field-dha5VnIQ.mjs.map +0 -1
  113. package/dist/_chunks/Form-DHrru2AV.mjs.map +0 -1
  114. package/dist/_chunks/Form-y5g1SRsh.js.map +0 -1
  115. package/dist/_chunks/History-Bru_KoeP.mjs.map +0 -1
  116. package/dist/_chunks/History-CqN6K7SX.js.map +0 -1
  117. package/dist/_chunks/ListConfigurationPage-D8wGABj0.mjs.map +0 -1
  118. package/dist/_chunks/ListConfigurationPage-R_p-SbHZ.js.map +0 -1
  119. package/dist/_chunks/ListViewPage-SID6TRb9.mjs.map +0 -1
  120. package/dist/_chunks/ListViewPage-pEw_zug9.js.map +0 -1
  121. package/dist/_chunks/Relations-B9Crnhnn.mjs.map +0 -1
  122. package/dist/_chunks/Relations-DjTQ5kGB.js.map +0 -1
  123. package/dist/_chunks/index-DJXJw9V5.mjs.map +0 -1
  124. package/dist/_chunks/index-DVPWZkbS.js.map +0 -1
  125. package/dist/_chunks/layout-Bau7ZfLV.mjs.map +0 -1
  126. package/dist/_chunks/layout-Dm6fbiQj.js.map +0 -1
  127. package/dist/_chunks/usePrev-B9w_-eYc.js.map +0 -1
  128. package/dist/_chunks/usePrev-DH6iah0A.mjs +0 -16
  129. package/dist/_chunks/usePrev-DH6iah0A.mjs.map +0 -1
  130. package/strapi-server.js +0 -3
package/dist/server/index.js CHANGED
@@ -199,7 +199,9 @@ const createServiceUtils = ({ strapi: strapi2 }) => {
199
199
  return strapi2.db.query("plugin::upload.file").findOne({ where: { id: versionRelationData.id } });
200
200
  };
201
201
  const localesService = strapi2.plugin("i18n")?.service("locales");
202
+ const i18nContentTypeService = strapi2.plugin("i18n")?.service("content-types");
202
203
  const getDefaultLocale = async () => localesService ? localesService.getDefaultLocale() : null;
204
+ const isLocalizedContentType = (model) => i18nContentTypeService ? i18nContentTypeService.isLocalizedContentType(model) : false;
203
205
  const getLocaleDictionary = async () => {
204
206
  if (!localesService)
205
207
  return {};
@@ -226,20 +228,25 @@ const createServiceUtils = ({ strapi: strapi2 }) => {
226
228
  const meta = await documentMetadataService.getMetadata(contentTypeUid, document);
227
229
  return documentMetadataService.getStatus(document, meta.availableStatus);
228
230
  };
229
- const getDeepPopulate2 = (uid2) => {
231
+ const getDeepPopulate2 = (uid2, useDatabaseSyntax = false) => {
230
232
  const model = strapi2.getModel(uid2);
231
233
  const attributes = Object.entries(model.attributes);
234
+ const fieldSelector = useDatabaseSyntax ? "select" : "fields";
232
235
  return attributes.reduce((acc, [attributeName, attribute]) => {
233
236
  switch (attribute.type) {
234
237
  case "relation": {
238
+ const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
239
+ if (isMorphRelation) {
240
+ break;
241
+ }
235
242
  const isVisible2 = strapiUtils.contentTypes.isVisibleAttribute(model, attributeName);
236
243
  if (isVisible2) {
237
- acc[attributeName] = { fields: ["documentId", "locale", "publishedAt"] };
244
+ acc[attributeName] = { [fieldSelector]: ["documentId", "locale", "publishedAt"] };
238
245
  }
239
246
  break;
240
247
  }
241
248
  case "media": {
242
- acc[attributeName] = { fields: ["id"] };
249
+ acc[attributeName] = { [fieldSelector]: ["id"] };
243
250
  break;
244
251
  }
245
252
  case "component": {
@@ -312,6 +319,7 @@ const createServiceUtils = ({ strapi: strapi2 }) => {
312
319
  getRelationRestoreValue,
313
320
  getMediaRestoreValue,
314
321
  getDefaultLocale,
322
+ isLocalizedContentType,
315
323
  getLocaleDictionary,
316
324
  getRetentionDays,
317
325
  getVersionStatus,
@@ -334,7 +342,13 @@ const createHistoryService = ({ strapi: strapi2 }) => {
334
342
  });
335
343
  },
336
344
  async findVersionsPage(params) {
337
- const locale = params.query.locale || await serviceUtils.getDefaultLocale();
345
+ const model = strapi2.getModel(params.query.contentType);
346
+ const isLocalizedContentType = serviceUtils.isLocalizedContentType(model);
347
+ const defaultLocale = await serviceUtils.getDefaultLocale();
348
+ let locale = null;
349
+ if (isLocalizedContentType) {
350
+ locale = params.query.locale || defaultLocale;
351
+ }
338
352
  const [{ results, pagination }, localeDictionary] = await Promise.all([
339
353
  query.findPage({
340
354
  ...params.query,
@@ -490,6 +504,42 @@ const createHistoryService = ({ strapi: strapi2 }) => {
490
504
  }
491
505
  };
492
506
  };
507
+ const shouldCreateHistoryVersion = (context) => {
508
+ if (!strapi.requestContext.get()?.request.url.startsWith("/content-manager")) {
509
+ return false;
510
+ }
511
+ if (context.action !== "create" && context.action !== "update" && context.action !== "clone" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
512
+ return false;
513
+ }
514
+ if (context.action === "update" && strapi.requestContext.get()?.request.url.endsWith("/actions/publish")) {
515
+ return false;
516
+ }
517
+ if (!context.contentType.uid.startsWith("api::")) {
518
+ return false;
519
+ }
520
+ return true;
521
+ };
522
+ const getSchemas = (uid2) => {
523
+ const attributesSchema = strapi.getModel(uid2).attributes;
524
+ const componentsSchemas = Object.keys(attributesSchema).reduce(
525
+ (currentComponentSchemas, key) => {
526
+ const fieldSchema = attributesSchema[key];
527
+ if (fieldSchema.type === "component") {
528
+ const componentSchema = strapi.getModel(fieldSchema.component).attributes;
529
+ return {
530
+ ...currentComponentSchemas,
531
+ [fieldSchema.component]: componentSchema
532
+ };
533
+ }
534
+ return currentComponentSchemas;
535
+ },
536
+ {}
537
+ );
538
+ return {
539
+ schema: fp.omit(FIELDS_TO_IGNORE, attributesSchema),
540
+ componentsSchemas
541
+ };
542
+ };
493
543
  const createLifecyclesService = ({ strapi: strapi2 }) => {
494
544
  const state = {
495
545
  deleteExpiredJob: null,
@@ -502,63 +552,45 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
502
552
  return;
503
553
  }
504
554
  strapi2.documents.use(async (context, next) => {
505
- if (!strapi2.requestContext.get()?.request.url.startsWith("/content-manager")) {
506
- return next();
507
- }
508
- if (context.action !== "create" && context.action !== "update" && context.action !== "clone" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
509
- return next();
510
- }
511
- if (context.action === "update" && strapi2.requestContext.get()?.request.url.endsWith("/actions/publish")) {
512
- return next();
513
- }
514
- const contentTypeUid = context.contentType.uid;
515
- if (!contentTypeUid.startsWith("api::")) {
516
- return next();
517
- }
518
555
  const result = await next();
519
- const documentContext = {
520
- documentId: context.action === "create" || context.action === "clone" ? result.documentId : context.params.documentId,
521
- locale: context.params?.locale
522
- };
556
+ if (!shouldCreateHistoryVersion(context)) {
557
+ return result;
558
+ }
559
+ const documentId = context.action === "create" || context.action === "clone" ? result.documentId : context.params.documentId;
523
560
  const defaultLocale = await serviceUtils.getDefaultLocale();
524
- const locale = documentContext.locale || defaultLocale;
525
- if (Array.isArray(locale)) {
526
- strapi2.log.warn(
527
- "[Content manager history middleware]: An array of locales was provided, but only a single locale is supported for the findOne operation."
528
- );
529
- return next();
561
+ const locales = fp.castArray(context.params?.locale || defaultLocale);
562
+ if (!locales.length) {
563
+ return result;
530
564
  }
531
- const document = await strapi2.documents(contentTypeUid).findOne({
532
- documentId: documentContext.documentId,
533
- locale,
534
- populate: serviceUtils.getDeepPopulate(contentTypeUid)
565
+ const uid2 = context.contentType.uid;
566
+ const schemas = getSchemas(uid2);
567
+ const model = strapi2.getModel(uid2);
568
+ const isLocalizedContentType = serviceUtils.isLocalizedContentType(model);
569
+ const localeEntries = await strapi2.db.query(uid2).findMany({
570
+ where: {
571
+ documentId,
572
+ ...isLocalizedContentType ? { locale: { $in: locales } } : {},
573
+ ...strapiUtils.contentTypes.hasDraftAndPublish(strapi2.contentTypes[uid2]) ? { publishedAt: null } : {}
574
+ },
575
+ populate: serviceUtils.getDeepPopulate(
576
+ uid2,
577
+ true
578
+ /* use database syntax */
579
+ )
535
580
  });
536
- const status = await serviceUtils.getVersionStatus(contentTypeUid, document);
537
- const attributesSchema = strapi2.getModel(contentTypeUid).attributes;
538
- const componentsSchemas = Object.keys(
539
- attributesSchema
540
- ).reduce((currentComponentSchemas, key) => {
541
- const fieldSchema = attributesSchema[key];
542
- if (fieldSchema.type === "component") {
543
- const componentSchema = strapi2.getModel(fieldSchema.component).attributes;
544
- return {
545
- ...currentComponentSchemas,
546
- [fieldSchema.component]: componentSchema
547
- };
548
- }
549
- return currentComponentSchemas;
550
- }, {});
551
581
  await strapi2.db.transaction(async ({ onCommit }) => {
552
- onCommit(() => {
553
- getService(strapi2, "history").createVersion({
554
- contentType: contentTypeUid,
555
- data: fp.omit(FIELDS_TO_IGNORE, document),
556
- schema: fp.omit(FIELDS_TO_IGNORE, attributesSchema),
557
- componentsSchemas,
558
- relatedDocumentId: documentContext.documentId,
559
- locale,
560
- status
561
- });
582
+ onCommit(async () => {
583
+ for (const entry of localeEntries) {
584
+ const status = await serviceUtils.getVersionStatus(uid2, entry);
585
+ await getService(strapi2, "history").createVersion({
586
+ contentType: uid2,
587
+ data: fp.omit(FIELDS_TO_IGNORE, entry),
588
+ relatedDocumentId: documentId,
589
+ locale: entry.locale,
590
+ status,
591
+ ...schemas
592
+ });
593
+ }
562
594
  });
563
595
  });
564
596
  return result;
@@ -1198,6 +1230,11 @@ const { createPolicy } = strapiUtils.policy;
1198
1230
  const hasPermissions = createPolicy({
1199
1231
  name: "plugin::content-manager.hasPermissions",
1200
1232
  validator: validateHasPermissionsInput,
1233
+ /**
1234
+ * NOTE: Action aliases are currently not checked at this level (policy).
1235
+ * This is currently the intended behavior to avoid changing the behavior of API related permissions.
1236
+ * If you want to add support for it, please create a dedicated RFC with a list of potential side effect this could have.
1237
+ */
1201
1238
  handler(ctx, config = {}) {
1202
1239
  const { actions = [], hasAtLeastOne = false } = config;
1203
1240
  const { userAbility } = ctx.state;
@@ -1591,9 +1628,11 @@ const multipleLocaleSchema = strapiUtils.yup.lazy(
1591
1628
  (value) => Array.isArray(value) ? strapiUtils.yup.array().of(singleLocaleSchema.required()) : singleLocaleSchema
1592
1629
  );
1593
1630
  const statusSchema = strapiUtils.yup.mixed().oneOf(["draft", "published"], "Invalid status");
1594
- const getDocumentLocaleAndStatus = async (request, opts = { allowMultipleLocales: false }) => {
1631
+ const getDocumentLocaleAndStatus = async (request, model, opts = { allowMultipleLocales: false }) => {
1595
1632
  const { allowMultipleLocales } = opts;
1596
- const { locale, status, ...rest } = request || {};
1633
+ const { locale, status: providedStatus, ...rest } = request || {};
1634
+ const defaultStatus = strapiUtils.contentTypes.hasDraftAndPublish(strapi.getModel(model)) ? void 0 : "published";
1635
+ const status = providedStatus !== void 0 ? providedStatus : defaultStatus;
1597
1636
  const schema = strapiUtils.yup.object().shape({
1598
1637
  locale: allowMultipleLocales ? multipleLocaleSchema : singleLocaleSchema,
1599
1638
  status: statusSchema
@@ -1641,7 +1680,7 @@ const createDocument = async (ctx, opts) => {
1641
1680
  const setCreator = strapiUtils.setCreatorFields({ user });
1642
1681
  const sanitizeFn = strapiUtils.async.pipe(pickPermittedFields, setCreator);
1643
1682
  const sanitizedBody = await sanitizeFn(body);
1644
- const { locale, status = "draft" } = await getDocumentLocaleAndStatus(body);
1683
+ const { locale, status } = await getDocumentLocaleAndStatus(body, model);
1645
1684
  return documentManager2.create(model, {
1646
1685
  data: sanitizedBody,
1647
1686
  locale,
@@ -1660,7 +1699,7 @@ const updateDocument = async (ctx, opts) => {
1660
1699
  }
1661
1700
  const permissionQuery = await permissionChecker2.sanitizedQuery.update(ctx.query);
1662
1701
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1663
- const { locale } = await getDocumentLocaleAndStatus(body);
1702
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1664
1703
  const [documentVersion, documentExists] = await Promise.all([
1665
1704
  documentManager2.findOne(id, model, { populate, locale, status: "draft" }),
1666
1705
  documentManager2.exists(model, id)
@@ -1698,7 +1737,7 @@ const collectionTypes = {
1698
1737
  }
1699
1738
  const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
1700
1739
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(1).countRelations({ toOne: false, toMany: true }).build();
1701
- const { locale, status } = await getDocumentLocaleAndStatus(query);
1740
+ const { locale, status } = await getDocumentLocaleAndStatus(query, model);
1702
1741
  const { results: documents, pagination } = await documentManager2.findPage(
1703
1742
  { ...permissionQuery, populate, locale, status },
1704
1743
  model
@@ -1733,7 +1772,7 @@ const collectionTypes = {
1733
1772
  }
1734
1773
  const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
1735
1774
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
1736
- const { locale, status = "draft" } = await getDocumentLocaleAndStatus(ctx.query);
1775
+ const { locale, status } = await getDocumentLocaleAndStatus(ctx.query, model);
1737
1776
  const version = await documentManager2.findOne(id, model, {
1738
1777
  populate,
1739
1778
  locale,
@@ -1748,7 +1787,7 @@ const collectionTypes = {
1748
1787
  permissionChecker2,
1749
1788
  model,
1750
1789
  // @ts-expect-error TODO: fix
1751
- { id, locale, publishedAt: null },
1790
+ { documentId: id, locale, publishedAt: null },
1752
1791
  { availableLocales: true, availableStatus: false }
1753
1792
  );
1754
1793
  ctx.body = { data: {}, meta };
@@ -1800,7 +1839,7 @@ const collectionTypes = {
1800
1839
  }
1801
1840
  const permissionQuery = await permissionChecker2.sanitizedQuery.create(ctx.query);
1802
1841
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1803
- const { locale } = await getDocumentLocaleAndStatus(body);
1842
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1804
1843
  const document = await documentManager2.findOne(id, model, {
1805
1844
  populate,
1806
1845
  locale,
@@ -1845,7 +1884,7 @@ const collectionTypes = {
1845
1884
  }
1846
1885
  const permissionQuery = await permissionChecker2.sanitizedQuery.delete(ctx.query);
1847
1886
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1848
- const { locale } = await getDocumentLocaleAndStatus(ctx.query);
1887
+ const { locale } = await getDocumentLocaleAndStatus(ctx.query, model);
1849
1888
  const documentLocales = await documentManager2.findLocales(id, model, { populate, locale });
1850
1889
  if (documentLocales.length === 0) {
1851
1890
  return ctx.notFound();
@@ -1874,11 +1913,28 @@ const collectionTypes = {
1874
1913
  const publishedDocument = await strapi.db.transaction(async () => {
1875
1914
  const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
1876
1915
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
1877
- const document = id ? await updateDocument(ctx, { populate }) : await createDocument(ctx, { populate });
1916
+ let document;
1917
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1918
+ const isCreate = fp.isNil(id);
1919
+ if (isCreate) {
1920
+ if (permissionChecker2.cannot.create()) {
1921
+ throw new strapiUtils.errors.ForbiddenError();
1922
+ }
1923
+ document = await createDocument(ctx, { populate });
1924
+ }
1925
+ const isUpdate = !isCreate;
1926
+ if (isUpdate) {
1927
+ document = await documentManager2.findOne(id, model, { populate, locale });
1928
+ if (!document) {
1929
+ throw new strapiUtils.errors.NotFoundError("Document not found");
1930
+ }
1931
+ if (permissionChecker2.can.update(document)) {
1932
+ await updateDocument(ctx);
1933
+ }
1934
+ }
1878
1935
  if (permissionChecker2.cannot.publish(document)) {
1879
1936
  throw new strapiUtils.errors.ForbiddenError();
1880
1937
  }
1881
- const { locale } = await getDocumentLocaleAndStatus(body);
1882
1938
  const publishResult = await documentManager2.publish(document.documentId, model, {
1883
1939
  locale
1884
1940
  // TODO: Allow setting creator fields on publish
@@ -1905,7 +1961,9 @@ const collectionTypes = {
1905
1961
  }
1906
1962
  const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
1907
1963
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
1908
- const { locale } = await getDocumentLocaleAndStatus(body, { allowMultipleLocales: true });
1964
+ const { locale } = await getDocumentLocaleAndStatus(body, model, {
1965
+ allowMultipleLocales: true
1966
+ });
1909
1967
  const entityPromises = documentIds.map(
1910
1968
  (documentId) => documentManager2.findLocales(documentId, model, { populate, locale, isPublished: false })
1911
1969
  );
@@ -1932,7 +1990,9 @@ const collectionTypes = {
1932
1990
  if (permissionChecker2.cannot.unpublish()) {
1933
1991
  return ctx.forbidden();
1934
1992
  }
1935
- const { locale } = await getDocumentLocaleAndStatus(body);
1993
+ const { locale } = await getDocumentLocaleAndStatus(body, model, {
1994
+ allowMultipleLocales: true
1995
+ });
1936
1996
  const entityPromises = documentIds.map(
1937
1997
  (documentId) => documentManager2.findLocales(documentId, model, { locale, isPublished: true })
1938
1998
  );
@@ -1965,7 +2025,7 @@ const collectionTypes = {
1965
2025
  }
1966
2026
  const permissionQuery = await permissionChecker2.sanitizedQuery.unpublish(ctx.query);
1967
2027
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1968
- const { locale } = await getDocumentLocaleAndStatus(body);
2028
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1969
2029
  const document = await documentManager2.findOne(id, model, {
1970
2030
  populate,
1971
2031
  locale,
@@ -2002,7 +2062,7 @@ const collectionTypes = {
2002
2062
  }
2003
2063
  const permissionQuery = await permissionChecker2.sanitizedQuery.discard(ctx.query);
2004
2064
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
2005
- const { locale } = await getDocumentLocaleAndStatus(body);
2065
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2006
2066
  const document = await documentManager2.findOne(id, model, {
2007
2067
  populate,
2008
2068
  locale,
@@ -2033,7 +2093,7 @@ const collectionTypes = {
2033
2093
  }
2034
2094
  const permissionQuery = await permissionChecker2.sanitizedQuery.delete(query);
2035
2095
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
2036
- const { locale } = await getDocumentLocaleAndStatus(body);
2096
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2037
2097
  const documentLocales = await documentManager2.findLocales(documentIds, model, {
2038
2098
  populate,
2039
2099
  locale
@@ -2060,7 +2120,7 @@ const collectionTypes = {
2060
2120
  }
2061
2121
  const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
2062
2122
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
2063
- const { locale, status = "draft" } = await getDocumentLocaleAndStatus(ctx.query);
2123
+ const { locale, status } = await getDocumentLocaleAndStatus(ctx.query, model);
2064
2124
  const entity = await documentManager2.findOne(id, model, { populate, locale, status });
2065
2125
  if (!entity) {
2066
2126
  return ctx.notFound();
@@ -2283,20 +2343,13 @@ const sanitizeMainField = (model, mainField, userAbility) => {
2283
2343
  userAbility,
2284
2344
  model: model.uid
2285
2345
  });
2286
- if (!isListable(model, mainField)) {
2346
+ const isMainFieldListable = isListable(model, mainField);
2347
+ const canReadMainField = permissionChecker2.can.read(null, mainField);
2348
+ if (!isMainFieldListable || !canReadMainField) {
2287
2349
  return "id";
2288
2350
  }
2289
- if (permissionChecker2.cannot.read(null, mainField)) {
2290
- if (model.uid === "plugin::users-permissions.role") {
2291
- const userPermissionChecker = getService$1("permission-checker").create({
2292
- userAbility,
2293
- model: "plugin::users-permissions.user"
2294
- });
2295
- if (userPermissionChecker.can.read()) {
2296
- return "name";
2297
- }
2298
- }
2299
- return "id";
2351
+ if (model.uid === "plugin::users-permissions.role") {
2352
+ return "name";
2300
2353
  }
2301
2354
  return mainField;
2302
2355
  };
@@ -2496,8 +2549,9 @@ const relations = {
2496
2549
  } else {
2497
2550
  where.id = id;
2498
2551
  }
2499
- if (status) {
2500
- where[`${alias}.published_at`] = getPublishedAtClause(status, targetUid);
2552
+ const publishedAt = getPublishedAtClause(status, targetUid);
2553
+ if (!fp.isEmpty(publishedAt)) {
2554
+ where[`${alias}.published_at`] = publishedAt;
2501
2555
  }
2502
2556
  if (filterByLocale) {
2503
2557
  where[`${alias}.locale`] = locale;
@@ -2554,9 +2608,7 @@ const relations = {
2554
2608
  addFiltersClause(permissionQuery, { id: { $in: loadedIds } });
2555
2609
  const sanitizedRes = await loadRelations({ id: entryId }, targetField, {
2556
2610
  ...strapi.get("query-params").transform(targetUid, permissionQuery),
2557
- ordering: "desc",
2558
- page: ctx.request.query.page,
2559
- pageSize: ctx.request.query.pageSize
2611
+ ordering: "desc"
2560
2612
  });
2561
2613
  const relationsUnion = fp.uniqBy("id", fp.concat(sanitizedRes.results, res.results));
2562
2614
  ctx.body = {
@@ -2588,7 +2640,7 @@ const createOrUpdateDocument = async (ctx, opts) => {
2588
2640
  throw new strapiUtils.errors.ForbiddenError();
2589
2641
  }
2590
2642
  const sanitizedQuery = await permissionChecker2.sanitizedQuery.update(query);
2591
- const { locale } = await getDocumentLocaleAndStatus(body);
2643
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2592
2644
  const [documentVersion, otherDocumentVersion] = await Promise.all([
2593
2645
  findDocument(sanitizedQuery, model, { locale, status: "draft" }),
2594
2646
  // Find the first document to check if it exists
@@ -2629,7 +2681,7 @@ const singleTypes = {
2629
2681
  return ctx.forbidden();
2630
2682
  }
2631
2683
  const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
2632
- const { locale, status } = await getDocumentLocaleAndStatus(query);
2684
+ const { locale, status } = await getDocumentLocaleAndStatus(query, model);
2633
2685
  const version = await findDocument(permissionQuery, model, { locale, status });
2634
2686
  if (!version) {
2635
2687
  if (permissionChecker2.cannot.create()) {
@@ -2674,7 +2726,7 @@ const singleTypes = {
2674
2726
  }
2675
2727
  const sanitizedQuery = await permissionChecker2.sanitizedQuery.delete(query);
2676
2728
  const populate = await buildPopulateFromQuery(sanitizedQuery, model);
2677
- const { locale } = await getDocumentLocaleAndStatus(query);
2729
+ const { locale } = await getDocumentLocaleAndStatus(query, model);
2678
2730
  const documentLocales = await documentManager2.findLocales(void 0, model, {
2679
2731
  populate,
2680
2732
  locale
@@ -2711,7 +2763,7 @@ const singleTypes = {
2711
2763
  if (permissionChecker2.cannot.publish(document)) {
2712
2764
  throw new strapiUtils.errors.ForbiddenError();
2713
2765
  }
2714
- const { locale } = await getDocumentLocaleAndStatus(document);
2766
+ const { locale } = await getDocumentLocaleAndStatus(document, model);
2715
2767
  const publishResult = await documentManager2.publish(document.documentId, model, { locale });
2716
2768
  return publishResult.at(0);
2717
2769
  });
@@ -2734,7 +2786,7 @@ const singleTypes = {
2734
2786
  return ctx.forbidden();
2735
2787
  }
2736
2788
  const sanitizedQuery = await permissionChecker2.sanitizedQuery.unpublish(query);
2737
- const { locale } = await getDocumentLocaleAndStatus(body);
2789
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2738
2790
  const document = await findDocument(sanitizedQuery, model, { locale });
2739
2791
  if (!document) {
2740
2792
  return ctx.notFound();
@@ -2766,7 +2818,7 @@ const singleTypes = {
2766
2818
  return ctx.forbidden();
2767
2819
  }
2768
2820
  const sanitizedQuery = await permissionChecker2.sanitizedQuery.discard(query);
2769
- const { locale } = await getDocumentLocaleAndStatus(body);
2821
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2770
2822
  const document = await findDocument(sanitizedQuery, model, { locale, status: "published" });
2771
2823
  if (!document) {
2772
2824
  return ctx.notFound();
@@ -2786,7 +2838,7 @@ const singleTypes = {
2786
2838
  const { query } = ctx.request;
2787
2839
  const documentManager2 = getService$1("document-manager");
2788
2840
  const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
2789
- const { locale } = await getDocumentLocaleAndStatus(query);
2841
+ const { locale } = await getDocumentLocaleAndStatus(query, model);
2790
2842
  if (permissionChecker2.cannot.read()) {
2791
2843
  return ctx.forbidden();
2792
2844
  }
@@ -2807,7 +2859,7 @@ const uid$1 = {
2807
2859
  async generateUID(ctx) {
2808
2860
  const { contentTypeUID, field, data } = await validateGenerateUIDInput(ctx.request.body);
2809
2861
  const { query = {} } = ctx.request;
2810
- const { locale } = await getDocumentLocaleAndStatus(query);
2862
+ const { locale } = await getDocumentLocaleAndStatus(query, contentTypeUID);
2811
2863
  await validateUIDField(contentTypeUID, field);
2812
2864
  const uidService = getService$1("uid");
2813
2865
  ctx.body = {
@@ -2819,7 +2871,7 @@ const uid$1 = {
2819
2871
  ctx.request.body
2820
2872
  );
2821
2873
  const { query = {} } = ctx.request;
2822
- const { locale } = await getDocumentLocaleAndStatus(query);
2874
+ const { locale } = await getDocumentLocaleAndStatus(query, contentTypeUID);
2823
2875
  await validateUIDField(contentTypeUID, field);
2824
2876
  const uidService = getService$1("uid");
2825
2877
  const isAvailable = await uidService.checkUIDAvailability({
@@ -3462,12 +3514,27 @@ const createPermissionChecker = (strapi2) => ({ userAbility, model }) => {
3462
3514
  ability: userAbility,
3463
3515
  model
3464
3516
  });
3465
- const toSubject = (entity) => entity ? permissionsManager.toSubject(entity, model) : model;
3517
+ const { actionProvider } = strapi2.service("admin::permission");
3518
+ const toSubject = (entity) => {
3519
+ return entity ? permissionsManager.toSubject(entity, model) : model;
3520
+ };
3466
3521
  const can = (action, entity, field) => {
3467
- return userAbility.can(action, toSubject(entity), field);
3522
+ const subject = toSubject(entity);
3523
+ const aliases = actionProvider.unstable_aliases(action, model);
3524
+ return (
3525
+ // Test the original action to see if it passes
3526
+ userAbility.can(action, subject, field) || // Else try every known alias if at least one of them succeed, then the user "can"
3527
+ aliases.some((alias) => userAbility.can(alias, subject, field))
3528
+ );
3468
3529
  };
3469
3530
  const cannot = (action, entity, field) => {
3470
- return userAbility.cannot(action, toSubject(entity), field);
3531
+ const subject = toSubject(entity);
3532
+ const aliases = actionProvider.unstable_aliases(action, model);
3533
+ return (
3534
+ // Test both the original action
3535
+ userAbility.cannot(action, subject, field) && // and every known alias, if all of them fail (cannot), then the user truly "cannot"
3536
+ aliases.every((alias) => userAbility.cannot(alias, subject, field))
3537
+ );
3471
3538
  };
3472
3539
  const sanitizeOutput = (data, { action = ACTIONS.read } = {}) => {
3473
3540
  return permissionsManager.sanitizeOutput(data, { subject: toSubject(data), action });
@@ -3744,6 +3811,10 @@ const getDeepPopulateDraftCount = (uid2) => {
3744
3811
  const attribute = model.attributes[attributeName];
3745
3812
  switch (attribute.type) {
3746
3813
  case "relation": {
3814
+ const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
3815
+ if (isMorphRelation) {
3816
+ break;
3817
+ }
3747
3818
  if (isVisibleAttribute$1(model, attributeName)) {
3748
3819
  populateAcc[attributeName] = {
3749
3820
  count: true,
@@ -4121,7 +4192,13 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
4121
4192
  */
4122
4193
  async formatDocumentWithMetadata(uid2, document, opts = {}) {
4123
4194
  if (!document) {
4124
- return document;
4195
+ return {
4196
+ data: document,
4197
+ meta: {
4198
+ availableLocales: [],
4199
+ availableStatus: []
4200
+ }
4201
+ };
4125
4202
  }
4126
4203
  const hasDraftAndPublish = strapiUtils.contentTypes.hasDraftAndPublish(strapi2.getModel(uid2));
4127
4204
  if (!hasDraftAndPublish) {
@@ -4229,10 +4306,7 @@ const documentManager = ({ strapi: strapi2 }) => {
4229
4306
  async clone(id, body, uid2) {
4230
4307
  const populate = await buildDeepPopulate(uid2);
4231
4308
  const params = {
4232
- data: {
4233
- ...omitIdField(body),
4234
- [PUBLISHED_AT_ATTRIBUTE]: null
4235
- },
4309
+ data: omitIdField(body),
4236
4310
  populate
4237
4311
  };
4238
4312
  return strapi2.documents(uid2).clone({ ...params, documentId: id }).then((result) => result?.entries.at(0));