@strapi/content-manager 0.0.0-experimental.d53e940834bf72ddc725f1d2fd36dac9abec30cb → 0.0.0-experimental.d834c9e658d1fb037e6da1105150593521c667cc
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +18 -3
- package/dist/_chunks/{ComponentConfigurationPage-C-49MccQ.js → ComponentConfigurationPage-D_M8iBw5.js} +3 -3
- package/dist/_chunks/{ComponentConfigurationPage-C-49MccQ.js.map → ComponentConfigurationPage-D_M8iBw5.js.map} +1 -1
- package/dist/_chunks/{ComponentConfigurationPage-DmwmiFQy.mjs → ComponentConfigurationPage-qemkOlnj.mjs} +3 -3
- package/dist/_chunks/{ComponentConfigurationPage-DmwmiFQy.mjs.map → ComponentConfigurationPage-qemkOlnj.mjs.map} +1 -1
- package/dist/_chunks/{EditConfigurationPage-DjFJw56M.js → EditConfigurationPage-BePwPuHy.js} +3 -3
- package/dist/_chunks/{EditConfigurationPage-DjFJw56M.js.map → EditConfigurationPage-BePwPuHy.js.map} +1 -1
- package/dist/_chunks/{EditConfigurationPage-JT3E7NZy.mjs → EditConfigurationPage-CjUrEewK.mjs} +3 -3
- package/dist/_chunks/{EditConfigurationPage-JT3E7NZy.mjs.map → EditConfigurationPage-CjUrEewK.mjs.map} +1 -1
- package/dist/_chunks/{EditViewPage-zT3fBr4Y.js → EditViewPage-B-RJeiJD.js} +19 -8
- package/dist/_chunks/EditViewPage-B-RJeiJD.js.map +1 -0
- package/dist/_chunks/{EditViewPage-CPj61RMh.mjs → EditViewPage-De8GyU8P.mjs} +19 -8
- package/dist/_chunks/EditViewPage-De8GyU8P.mjs.map +1 -0
- package/dist/_chunks/{Field-Boxf9Ajp.js → Field-dq8Tg1M_.js} +175 -84
- package/dist/_chunks/Field-dq8Tg1M_.js.map +1 -0
- package/dist/_chunks/{Field-dha5VnIQ.mjs → Field-pb2o8uBe.mjs} +177 -86
- package/dist/_chunks/Field-pb2o8uBe.mjs.map +1 -0
- package/dist/_chunks/{Form-y5g1SRsh.js → Form-DGIf4jQU.js} +22 -11
- package/dist/_chunks/Form-DGIf4jQU.js.map +1 -0
- package/dist/_chunks/{Form-DHrru2AV.mjs → Form-DJn0Dxha.mjs} +22 -11
- package/dist/_chunks/Form-DJn0Dxha.mjs.map +1 -0
- package/dist/_chunks/{History-Bru_KoeP.mjs → History-BowL3JKP.mjs} +44 -19
- package/dist/_chunks/History-BowL3JKP.mjs.map +1 -0
- package/dist/_chunks/{History-CqN6K7SX.js → History-Dh2NEHnR.js} +44 -19
- package/dist/_chunks/History-Dh2NEHnR.js.map +1 -0
- package/dist/_chunks/{ListConfigurationPage-D8wGABj0.mjs → ListConfigurationPage-BpVOB-hn.mjs} +20 -8
- package/dist/_chunks/ListConfigurationPage-BpVOB-hn.mjs.map +1 -0
- package/dist/_chunks/{ListConfigurationPage-R_p-SbHZ.js → ListConfigurationPage-BxYCWz9e.js} +20 -8
- package/dist/_chunks/ListConfigurationPage-BxYCWz9e.js.map +1 -0
- package/dist/_chunks/{ListViewPage-pEw_zug9.js → ListViewPage-4XsciqHZ.js} +21 -7
- package/dist/_chunks/ListViewPage-4XsciqHZ.js.map +1 -0
- package/dist/_chunks/{ListViewPage-SID6TRb9.mjs → ListViewPage-CXFUjZQC.mjs} +22 -8
- package/dist/_chunks/ListViewPage-CXFUjZQC.mjs.map +1 -0
- package/dist/_chunks/{NoContentTypePage-C5dcQojD.js → NoContentTypePage-C8OpoHeU.js} +2 -2
- package/dist/_chunks/{NoContentTypePage-C5dcQojD.js.map → NoContentTypePage-C8OpoHeU.js.map} +1 -1
- package/dist/_chunks/{NoContentTypePage-CJ7UXwrQ.mjs → NoContentTypePage-DuhOTp3x.mjs} +2 -2
- package/dist/_chunks/{NoContentTypePage-CJ7UXwrQ.mjs.map → NoContentTypePage-DuhOTp3x.mjs.map} +1 -1
- package/dist/_chunks/{NoPermissionsPage-B7syEq5E.mjs → NoPermissionsPage-DVz3mzDz.mjs} +2 -2
- package/dist/_chunks/{NoPermissionsPage-B7syEq5E.mjs.map → NoPermissionsPage-DVz3mzDz.mjs.map} +1 -1
- package/dist/_chunks/{NoPermissionsPage-BtPrImPP.js → NoPermissionsPage-y_r7DVA2.js} +2 -2
- package/dist/_chunks/{NoPermissionsPage-BtPrImPP.js.map → NoPermissionsPage-y_r7DVA2.js.map} +1 -1
- package/dist/_chunks/{Relations-B9Crnhnn.mjs → Relations-CVNLrn1Y.mjs} +4 -4
- package/dist/_chunks/Relations-CVNLrn1Y.mjs.map +1 -0
- package/dist/_chunks/{Relations-DjTQ5kGB.js → Relations-DPFCAa7b.js} +4 -4
- package/dist/_chunks/Relations-DPFCAa7b.js.map +1 -0
- package/dist/_chunks/{en-Ux26r5pl.mjs → en-BrCTWlZv.mjs} +5 -4
- package/dist/_chunks/{en-Ux26r5pl.mjs.map → en-BrCTWlZv.mjs.map} +1 -1
- package/dist/_chunks/{en-fbKQxLGn.js → en-uOUIxfcQ.js} +5 -4
- package/dist/_chunks/{en-fbKQxLGn.js.map → en-uOUIxfcQ.js.map} +1 -1
- package/dist/_chunks/{index-DVPWZkbS.js → index-C3fJE-1-.js} +368 -168
- package/dist/_chunks/index-C3fJE-1-.js.map +1 -0
- package/dist/_chunks/{index-DJXJw9V5.mjs → index-DiMrfcfy.mjs} +387 -187
- package/dist/_chunks/index-DiMrfcfy.mjs.map +1 -0
- package/dist/_chunks/{layout-Dm6fbiQj.js → layout-C788OmNr.js} +22 -10
- package/dist/_chunks/layout-C788OmNr.js.map +1 -0
- package/dist/_chunks/{layout-Bau7ZfLV.mjs → layout-ls3gxfpH.mjs} +23 -11
- package/dist/_chunks/layout-ls3gxfpH.mjs.map +1 -0
- package/dist/_chunks/{relations-BH_kBSJ0.mjs → relations-CLcOmGO0.mjs} +2 -2
- package/dist/_chunks/{relations-BH_kBSJ0.mjs.map → relations-CLcOmGO0.mjs.map} +1 -1
- package/dist/_chunks/{relations-CKnpRgrN.js → relations-DYeotliT.js} +2 -2
- package/dist/_chunks/{relations-CKnpRgrN.js.map → relations-DYeotliT.js.map} +1 -1
- package/dist/admin/index.js +1 -1
- package/dist/admin/index.mjs +4 -4
- package/dist/admin/src/history/index.d.ts +3 -0
- package/dist/admin/src/history/services/historyVersion.d.ts +1 -1
- package/dist/admin/src/index.d.ts +1 -0
- package/dist/admin/src/pages/EditView/components/DocumentActions.d.ts +1 -0
- package/dist/admin/src/pages/EditView/components/FormInputs/Relations.d.ts +20 -0
- package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/EditorLayout.d.ts +2 -2
- package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/WysiwygFooter.d.ts +2 -2
- package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/WysiwygStyles.d.ts +10 -22
- package/dist/admin/src/services/api.d.ts +1 -1
- package/dist/admin/src/services/components.d.ts +2 -2
- package/dist/admin/src/services/contentTypes.d.ts +3 -3
- package/dist/admin/src/services/documents.d.ts +16 -16
- package/dist/admin/src/services/init.d.ts +1 -1
- package/dist/admin/src/services/relations.d.ts +2 -2
- package/dist/admin/src/services/uid.d.ts +3 -3
- package/dist/admin/src/utils/validation.d.ts +4 -1
- package/dist/server/index.js +165 -105
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +166 -106
- package/dist/server/index.mjs.map +1 -1
- package/dist/server/src/controllers/collection-types.d.ts.map +1 -1
- package/dist/server/src/controllers/relations.d.ts.map +1 -1
- package/dist/server/src/controllers/uid.d.ts.map +1 -1
- package/dist/server/src/controllers/validation/dimensions.d.ts +4 -2
- package/dist/server/src/controllers/validation/dimensions.d.ts.map +1 -1
- package/dist/server/src/history/services/lifecycles.d.ts.map +1 -1
- package/dist/server/src/history/services/utils.d.ts +1 -1
- package/dist/server/src/history/services/utils.d.ts.map +1 -1
- package/dist/server/src/policies/hasPermissions.d.ts.map +1 -1
- package/dist/server/src/services/document-manager.d.ts.map +1 -1
- package/dist/server/src/services/document-metadata.d.ts.map +1 -1
- package/dist/server/src/services/permission-checker.d.ts.map +1 -1
- package/dist/server/src/services/utils/populate.d.ts.map +1 -1
- package/package.json +8 -8
- package/dist/_chunks/EditViewPage-CPj61RMh.mjs.map +0 -1
- package/dist/_chunks/EditViewPage-zT3fBr4Y.js.map +0 -1
- package/dist/_chunks/Field-Boxf9Ajp.js.map +0 -1
- package/dist/_chunks/Field-dha5VnIQ.mjs.map +0 -1
- package/dist/_chunks/Form-DHrru2AV.mjs.map +0 -1
- package/dist/_chunks/Form-y5g1SRsh.js.map +0 -1
- package/dist/_chunks/History-Bru_KoeP.mjs.map +0 -1
- package/dist/_chunks/History-CqN6K7SX.js.map +0 -1
- package/dist/_chunks/ListConfigurationPage-D8wGABj0.mjs.map +0 -1
- package/dist/_chunks/ListConfigurationPage-R_p-SbHZ.js.map +0 -1
- package/dist/_chunks/ListViewPage-SID6TRb9.mjs.map +0 -1
- package/dist/_chunks/ListViewPage-pEw_zug9.js.map +0 -1
- package/dist/_chunks/Relations-B9Crnhnn.mjs.map +0 -1
- package/dist/_chunks/Relations-DjTQ5kGB.js.map +0 -1
- package/dist/_chunks/index-DJXJw9V5.mjs.map +0 -1
- package/dist/_chunks/index-DVPWZkbS.js.map +0 -1
- package/dist/_chunks/layout-Bau7ZfLV.mjs.map +0 -1
- package/dist/_chunks/layout-Dm6fbiQj.js.map +0 -1
package/dist/server/index.mjs
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import strapiUtils, { validateYupSchema, errors, async, contentTypes as contentTypes$1, yup as yup$1, validateYupSchemaSync, policy, traverse, setCreatorFields, isOperatorOfType, relations as relations$1, traverseEntity, pagination } from "@strapi/utils";
|
|
2
|
-
import { pick, omit, difference, intersection, pipe, propOr, isEqual, isEmpty, set, has, prop, assoc, mapValues, flow, uniq, uniqBy, concat,
|
|
2
|
+
import { pick, omit, difference, castArray, intersection, pipe, propOr, isEqual, isEmpty, set, isNil as isNil$1, has, prop, assoc, mapValues, flow, uniq, uniqBy, concat, getOr, propEq, merge, groupBy } from "lodash/fp";
|
|
3
3
|
import "@strapi/types";
|
|
4
4
|
import * as yup from "yup";
|
|
5
5
|
import { scheduleJob } from "node-schedule";
|
|
@@ -200,20 +200,25 @@ const createServiceUtils = ({ strapi: strapi2 }) => {
|
|
|
200
200
|
const meta = await documentMetadataService.getMetadata(contentTypeUid, document);
|
|
201
201
|
return documentMetadataService.getStatus(document, meta.availableStatus);
|
|
202
202
|
};
|
|
203
|
-
const getDeepPopulate2 = (uid2) => {
|
|
203
|
+
const getDeepPopulate2 = (uid2, useDatabaseSyntax = false) => {
|
|
204
204
|
const model = strapi2.getModel(uid2);
|
|
205
205
|
const attributes = Object.entries(model.attributes);
|
|
206
|
+
const fieldSelector = useDatabaseSyntax ? "select" : "fields";
|
|
206
207
|
return attributes.reduce((acc, [attributeName, attribute]) => {
|
|
207
208
|
switch (attribute.type) {
|
|
208
209
|
case "relation": {
|
|
210
|
+
const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
|
|
211
|
+
if (isMorphRelation) {
|
|
212
|
+
break;
|
|
213
|
+
}
|
|
209
214
|
const isVisible2 = contentTypes$1.isVisibleAttribute(model, attributeName);
|
|
210
215
|
if (isVisible2) {
|
|
211
|
-
acc[attributeName] = {
|
|
216
|
+
acc[attributeName] = { [fieldSelector]: ["documentId", "locale", "publishedAt"] };
|
|
212
217
|
}
|
|
213
218
|
break;
|
|
214
219
|
}
|
|
215
220
|
case "media": {
|
|
216
|
-
acc[attributeName] = {
|
|
221
|
+
acc[attributeName] = { [fieldSelector]: ["id"] };
|
|
217
222
|
break;
|
|
218
223
|
}
|
|
219
224
|
case "component": {
|
|
@@ -464,6 +469,42 @@ const createHistoryService = ({ strapi: strapi2 }) => {
|
|
|
464
469
|
}
|
|
465
470
|
};
|
|
466
471
|
};
|
|
472
|
+
const shouldCreateHistoryVersion = (context) => {
|
|
473
|
+
if (!strapi.requestContext.get()?.request.url.startsWith("/content-manager")) {
|
|
474
|
+
return false;
|
|
475
|
+
}
|
|
476
|
+
if (context.action !== "create" && context.action !== "update" && context.action !== "clone" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
|
|
477
|
+
return false;
|
|
478
|
+
}
|
|
479
|
+
if (context.action === "update" && strapi.requestContext.get()?.request.url.endsWith("/actions/publish")) {
|
|
480
|
+
return false;
|
|
481
|
+
}
|
|
482
|
+
if (!context.contentType.uid.startsWith("api::")) {
|
|
483
|
+
return false;
|
|
484
|
+
}
|
|
485
|
+
return true;
|
|
486
|
+
};
|
|
487
|
+
const getSchemas = (uid2) => {
|
|
488
|
+
const attributesSchema = strapi.getModel(uid2).attributes;
|
|
489
|
+
const componentsSchemas = Object.keys(attributesSchema).reduce(
|
|
490
|
+
(currentComponentSchemas, key) => {
|
|
491
|
+
const fieldSchema = attributesSchema[key];
|
|
492
|
+
if (fieldSchema.type === "component") {
|
|
493
|
+
const componentSchema = strapi.getModel(fieldSchema.component).attributes;
|
|
494
|
+
return {
|
|
495
|
+
...currentComponentSchemas,
|
|
496
|
+
[fieldSchema.component]: componentSchema
|
|
497
|
+
};
|
|
498
|
+
}
|
|
499
|
+
return currentComponentSchemas;
|
|
500
|
+
},
|
|
501
|
+
{}
|
|
502
|
+
);
|
|
503
|
+
return {
|
|
504
|
+
schema: omit(FIELDS_TO_IGNORE, attributesSchema),
|
|
505
|
+
componentsSchemas
|
|
506
|
+
};
|
|
507
|
+
};
|
|
467
508
|
const createLifecyclesService = ({ strapi: strapi2 }) => {
|
|
468
509
|
const state = {
|
|
469
510
|
deleteExpiredJob: null,
|
|
@@ -476,63 +517,43 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
|
|
|
476
517
|
return;
|
|
477
518
|
}
|
|
478
519
|
strapi2.documents.use(async (context, next) => {
|
|
479
|
-
if (!strapi2.requestContext.get()?.request.url.startsWith("/content-manager")) {
|
|
480
|
-
return next();
|
|
481
|
-
}
|
|
482
|
-
if (context.action !== "create" && context.action !== "update" && context.action !== "clone" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
|
|
483
|
-
return next();
|
|
484
|
-
}
|
|
485
|
-
if (context.action === "update" && strapi2.requestContext.get()?.request.url.endsWith("/actions/publish")) {
|
|
486
|
-
return next();
|
|
487
|
-
}
|
|
488
|
-
const contentTypeUid = context.contentType.uid;
|
|
489
|
-
if (!contentTypeUid.startsWith("api::")) {
|
|
490
|
-
return next();
|
|
491
|
-
}
|
|
492
520
|
const result = await next();
|
|
493
|
-
|
|
494
|
-
|
|
495
|
-
|
|
496
|
-
|
|
521
|
+
if (!shouldCreateHistoryVersion(context)) {
|
|
522
|
+
return result;
|
|
523
|
+
}
|
|
524
|
+
const documentId = context.action === "create" || context.action === "clone" ? result.documentId : context.params.documentId;
|
|
497
525
|
const defaultLocale = await serviceUtils.getDefaultLocale();
|
|
498
|
-
const
|
|
499
|
-
if (
|
|
500
|
-
|
|
501
|
-
"[Content manager history middleware]: An array of locales was provided, but only a single locale is supported for the findOne operation."
|
|
502
|
-
);
|
|
503
|
-
return next();
|
|
526
|
+
const locales = castArray(context.params?.locale || defaultLocale);
|
|
527
|
+
if (!locales.length) {
|
|
528
|
+
return result;
|
|
504
529
|
}
|
|
505
|
-
const
|
|
506
|
-
|
|
507
|
-
|
|
508
|
-
|
|
530
|
+
const uid2 = context.contentType.uid;
|
|
531
|
+
const schemas = getSchemas(uid2);
|
|
532
|
+
const localeEntries = await strapi2.db.query(uid2).findMany({
|
|
533
|
+
where: {
|
|
534
|
+
documentId,
|
|
535
|
+
locale: { $in: locales },
|
|
536
|
+
publishedAt: null
|
|
537
|
+
},
|
|
538
|
+
populate: serviceUtils.getDeepPopulate(
|
|
539
|
+
uid2,
|
|
540
|
+
true
|
|
541
|
+
/* use database syntax */
|
|
542
|
+
)
|
|
509
543
|
});
|
|
510
|
-
const status = await serviceUtils.getVersionStatus(contentTypeUid, document);
|
|
511
|
-
const attributesSchema = strapi2.getModel(contentTypeUid).attributes;
|
|
512
|
-
const componentsSchemas = Object.keys(
|
|
513
|
-
attributesSchema
|
|
514
|
-
).reduce((currentComponentSchemas, key) => {
|
|
515
|
-
const fieldSchema = attributesSchema[key];
|
|
516
|
-
if (fieldSchema.type === "component") {
|
|
517
|
-
const componentSchema = strapi2.getModel(fieldSchema.component).attributes;
|
|
518
|
-
return {
|
|
519
|
-
...currentComponentSchemas,
|
|
520
|
-
[fieldSchema.component]: componentSchema
|
|
521
|
-
};
|
|
522
|
-
}
|
|
523
|
-
return currentComponentSchemas;
|
|
524
|
-
}, {});
|
|
525
544
|
await strapi2.db.transaction(async ({ onCommit }) => {
|
|
526
|
-
onCommit(() => {
|
|
527
|
-
|
|
528
|
-
|
|
529
|
-
|
|
530
|
-
|
|
531
|
-
|
|
532
|
-
|
|
533
|
-
|
|
534
|
-
|
|
535
|
-
|
|
545
|
+
onCommit(async () => {
|
|
546
|
+
for (const entry of localeEntries) {
|
|
547
|
+
const status = await serviceUtils.getVersionStatus(uid2, entry);
|
|
548
|
+
await getService(strapi2, "history").createVersion({
|
|
549
|
+
contentType: uid2,
|
|
550
|
+
data: omit(FIELDS_TO_IGNORE, entry),
|
|
551
|
+
relatedDocumentId: documentId,
|
|
552
|
+
locale: entry.locale,
|
|
553
|
+
status,
|
|
554
|
+
...schemas
|
|
555
|
+
});
|
|
556
|
+
}
|
|
536
557
|
});
|
|
537
558
|
});
|
|
538
559
|
return result;
|
|
@@ -1172,6 +1193,11 @@ const { createPolicy } = policy;
|
|
|
1172
1193
|
const hasPermissions = createPolicy({
|
|
1173
1194
|
name: "plugin::content-manager.hasPermissions",
|
|
1174
1195
|
validator: validateHasPermissionsInput,
|
|
1196
|
+
/**
|
|
1197
|
+
* NOTE: Action aliases are currently not checked at this level (policy).
|
|
1198
|
+
* This is currently the intended behavior to avoid changing the behavior of API related permissions.
|
|
1199
|
+
* If you want to add support for it, please create a dedicated RFC with a list of potential side effect this could have.
|
|
1200
|
+
*/
|
|
1175
1201
|
handler(ctx, config = {}) {
|
|
1176
1202
|
const { actions = [], hasAtLeastOne = false } = config;
|
|
1177
1203
|
const { userAbility } = ctx.state;
|
|
@@ -1565,9 +1591,11 @@ const multipleLocaleSchema = yup$1.lazy(
|
|
|
1565
1591
|
(value) => Array.isArray(value) ? yup$1.array().of(singleLocaleSchema.required()) : singleLocaleSchema
|
|
1566
1592
|
);
|
|
1567
1593
|
const statusSchema = yup$1.mixed().oneOf(["draft", "published"], "Invalid status");
|
|
1568
|
-
const getDocumentLocaleAndStatus = async (request, opts = { allowMultipleLocales: false }) => {
|
|
1594
|
+
const getDocumentLocaleAndStatus = async (request, model, opts = { allowMultipleLocales: false }) => {
|
|
1569
1595
|
const { allowMultipleLocales } = opts;
|
|
1570
|
-
const { locale, status, ...rest } = request || {};
|
|
1596
|
+
const { locale, status: providedStatus, ...rest } = request || {};
|
|
1597
|
+
const defaultStatus = contentTypes$1.hasDraftAndPublish(strapi.getModel(model)) ? void 0 : "published";
|
|
1598
|
+
const status = providedStatus !== void 0 ? providedStatus : defaultStatus;
|
|
1571
1599
|
const schema = yup$1.object().shape({
|
|
1572
1600
|
locale: allowMultipleLocales ? multipleLocaleSchema : singleLocaleSchema,
|
|
1573
1601
|
status: statusSchema
|
|
@@ -1615,7 +1643,7 @@ const createDocument = async (ctx, opts) => {
|
|
|
1615
1643
|
const setCreator = setCreatorFields({ user });
|
|
1616
1644
|
const sanitizeFn = async.pipe(pickPermittedFields, setCreator);
|
|
1617
1645
|
const sanitizedBody = await sanitizeFn(body);
|
|
1618
|
-
const { locale, status
|
|
1646
|
+
const { locale, status } = await getDocumentLocaleAndStatus(body, model);
|
|
1619
1647
|
return documentManager2.create(model, {
|
|
1620
1648
|
data: sanitizedBody,
|
|
1621
1649
|
locale,
|
|
@@ -1634,7 +1662,7 @@ const updateDocument = async (ctx, opts) => {
|
|
|
1634
1662
|
}
|
|
1635
1663
|
const permissionQuery = await permissionChecker2.sanitizedQuery.update(ctx.query);
|
|
1636
1664
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1637
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1665
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1638
1666
|
const [documentVersion, documentExists] = await Promise.all([
|
|
1639
1667
|
documentManager2.findOne(id, model, { populate, locale, status: "draft" }),
|
|
1640
1668
|
documentManager2.exists(model, id)
|
|
@@ -1672,7 +1700,7 @@ const collectionTypes = {
|
|
|
1672
1700
|
}
|
|
1673
1701
|
const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
|
|
1674
1702
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(1).countRelations({ toOne: false, toMany: true }).build();
|
|
1675
|
-
const { locale, status } = await getDocumentLocaleAndStatus(query);
|
|
1703
|
+
const { locale, status } = await getDocumentLocaleAndStatus(query, model);
|
|
1676
1704
|
const { results: documents, pagination: pagination2 } = await documentManager2.findPage(
|
|
1677
1705
|
{ ...permissionQuery, populate, locale, status },
|
|
1678
1706
|
model
|
|
@@ -1707,7 +1735,7 @@ const collectionTypes = {
|
|
|
1707
1735
|
}
|
|
1708
1736
|
const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
|
|
1709
1737
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
|
|
1710
|
-
const { locale, status
|
|
1738
|
+
const { locale, status } = await getDocumentLocaleAndStatus(ctx.query, model);
|
|
1711
1739
|
const version = await documentManager2.findOne(id, model, {
|
|
1712
1740
|
populate,
|
|
1713
1741
|
locale,
|
|
@@ -1774,7 +1802,7 @@ const collectionTypes = {
|
|
|
1774
1802
|
}
|
|
1775
1803
|
const permissionQuery = await permissionChecker2.sanitizedQuery.create(ctx.query);
|
|
1776
1804
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1777
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1805
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1778
1806
|
const document = await documentManager2.findOne(id, model, {
|
|
1779
1807
|
populate,
|
|
1780
1808
|
locale,
|
|
@@ -1819,7 +1847,7 @@ const collectionTypes = {
|
|
|
1819
1847
|
}
|
|
1820
1848
|
const permissionQuery = await permissionChecker2.sanitizedQuery.delete(ctx.query);
|
|
1821
1849
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1822
|
-
const { locale } = await getDocumentLocaleAndStatus(ctx.query);
|
|
1850
|
+
const { locale } = await getDocumentLocaleAndStatus(ctx.query, model);
|
|
1823
1851
|
const documentLocales = await documentManager2.findLocales(id, model, { populate, locale });
|
|
1824
1852
|
if (documentLocales.length === 0) {
|
|
1825
1853
|
return ctx.notFound();
|
|
@@ -1848,11 +1876,28 @@ const collectionTypes = {
|
|
|
1848
1876
|
const publishedDocument = await strapi.db.transaction(async () => {
|
|
1849
1877
|
const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
|
|
1850
1878
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
|
|
1851
|
-
|
|
1879
|
+
let document;
|
|
1880
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1881
|
+
const isCreate = isNil$1(id);
|
|
1882
|
+
if (isCreate) {
|
|
1883
|
+
if (permissionChecker2.cannot.create()) {
|
|
1884
|
+
throw new errors.ForbiddenError();
|
|
1885
|
+
}
|
|
1886
|
+
document = await createDocument(ctx, { populate });
|
|
1887
|
+
}
|
|
1888
|
+
const isUpdate = !isCreate;
|
|
1889
|
+
if (isUpdate) {
|
|
1890
|
+
document = await documentManager2.findOne(id, model, { populate, locale });
|
|
1891
|
+
if (!document) {
|
|
1892
|
+
throw new errors.NotFoundError("Document not found");
|
|
1893
|
+
}
|
|
1894
|
+
if (permissionChecker2.can.update(document)) {
|
|
1895
|
+
await updateDocument(ctx);
|
|
1896
|
+
}
|
|
1897
|
+
}
|
|
1852
1898
|
if (permissionChecker2.cannot.publish(document)) {
|
|
1853
1899
|
throw new errors.ForbiddenError();
|
|
1854
1900
|
}
|
|
1855
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1856
1901
|
const publishResult = await documentManager2.publish(document.documentId, model, {
|
|
1857
1902
|
locale
|
|
1858
1903
|
// TODO: Allow setting creator fields on publish
|
|
@@ -1879,7 +1924,9 @@ const collectionTypes = {
|
|
|
1879
1924
|
}
|
|
1880
1925
|
const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
|
|
1881
1926
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
|
|
1882
|
-
const { locale } = await getDocumentLocaleAndStatus(body, {
|
|
1927
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model, {
|
|
1928
|
+
allowMultipleLocales: true
|
|
1929
|
+
});
|
|
1883
1930
|
const entityPromises = documentIds.map(
|
|
1884
1931
|
(documentId) => documentManager2.findLocales(documentId, model, { populate, locale, isPublished: false })
|
|
1885
1932
|
);
|
|
@@ -1906,7 +1953,7 @@ const collectionTypes = {
|
|
|
1906
1953
|
if (permissionChecker2.cannot.unpublish()) {
|
|
1907
1954
|
return ctx.forbidden();
|
|
1908
1955
|
}
|
|
1909
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1956
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1910
1957
|
const entityPromises = documentIds.map(
|
|
1911
1958
|
(documentId) => documentManager2.findLocales(documentId, model, { locale, isPublished: true })
|
|
1912
1959
|
);
|
|
@@ -1939,7 +1986,7 @@ const collectionTypes = {
|
|
|
1939
1986
|
}
|
|
1940
1987
|
const permissionQuery = await permissionChecker2.sanitizedQuery.unpublish(ctx.query);
|
|
1941
1988
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1942
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1989
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1943
1990
|
const document = await documentManager2.findOne(id, model, {
|
|
1944
1991
|
populate,
|
|
1945
1992
|
locale,
|
|
@@ -1976,7 +2023,7 @@ const collectionTypes = {
|
|
|
1976
2023
|
}
|
|
1977
2024
|
const permissionQuery = await permissionChecker2.sanitizedQuery.discard(ctx.query);
|
|
1978
2025
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1979
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2026
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1980
2027
|
const document = await documentManager2.findOne(id, model, {
|
|
1981
2028
|
populate,
|
|
1982
2029
|
locale,
|
|
@@ -2007,7 +2054,7 @@ const collectionTypes = {
|
|
|
2007
2054
|
}
|
|
2008
2055
|
const permissionQuery = await permissionChecker2.sanitizedQuery.delete(query);
|
|
2009
2056
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
2010
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2057
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2011
2058
|
const documentLocales = await documentManager2.findLocales(documentIds, model, {
|
|
2012
2059
|
populate,
|
|
2013
2060
|
locale
|
|
@@ -2034,7 +2081,7 @@ const collectionTypes = {
|
|
|
2034
2081
|
}
|
|
2035
2082
|
const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
|
|
2036
2083
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
2037
|
-
const { locale, status
|
|
2084
|
+
const { locale, status } = await getDocumentLocaleAndStatus(ctx.query, model);
|
|
2038
2085
|
const entity = await documentManager2.findOne(id, model, { populate, locale, status });
|
|
2039
2086
|
if (!entity) {
|
|
2040
2087
|
return ctx.notFound();
|
|
@@ -2057,7 +2104,7 @@ const collectionTypes = {
|
|
|
2057
2104
|
if (permissionChecker2.cannot.read()) {
|
|
2058
2105
|
return ctx.forbidden();
|
|
2059
2106
|
}
|
|
2060
|
-
const
|
|
2107
|
+
const documents = await documentManager2.findMany(
|
|
2061
2108
|
{
|
|
2062
2109
|
filters: {
|
|
2063
2110
|
documentId: ids
|
|
@@ -2066,7 +2113,7 @@ const collectionTypes = {
|
|
|
2066
2113
|
},
|
|
2067
2114
|
model
|
|
2068
2115
|
);
|
|
2069
|
-
if (!
|
|
2116
|
+
if (!documents) {
|
|
2070
2117
|
return ctx.notFound();
|
|
2071
2118
|
}
|
|
2072
2119
|
const number = await documentManager2.countManyEntriesDraftRelations(ids, model, locale);
|
|
@@ -2257,20 +2304,13 @@ const sanitizeMainField = (model, mainField, userAbility) => {
|
|
|
2257
2304
|
userAbility,
|
|
2258
2305
|
model: model.uid
|
|
2259
2306
|
});
|
|
2260
|
-
|
|
2307
|
+
const isMainFieldListable = isListable(model, mainField);
|
|
2308
|
+
const canReadMainField = permissionChecker2.can.read(null, mainField);
|
|
2309
|
+
if (!isMainFieldListable || !canReadMainField) {
|
|
2261
2310
|
return "id";
|
|
2262
2311
|
}
|
|
2263
|
-
if (
|
|
2264
|
-
|
|
2265
|
-
const userPermissionChecker = getService$1("permission-checker").create({
|
|
2266
|
-
userAbility,
|
|
2267
|
-
model: "plugin::users-permissions.user"
|
|
2268
|
-
});
|
|
2269
|
-
if (userPermissionChecker.can.read()) {
|
|
2270
|
-
return "name";
|
|
2271
|
-
}
|
|
2272
|
-
}
|
|
2273
|
-
return "id";
|
|
2312
|
+
if (model.uid === "plugin::users-permissions.role") {
|
|
2313
|
+
return "name";
|
|
2274
2314
|
}
|
|
2275
2315
|
return mainField;
|
|
2276
2316
|
};
|
|
@@ -2528,9 +2568,7 @@ const relations = {
|
|
|
2528
2568
|
addFiltersClause(permissionQuery, { id: { $in: loadedIds } });
|
|
2529
2569
|
const sanitizedRes = await loadRelations({ id: entryId }, targetField, {
|
|
2530
2570
|
...strapi.get("query-params").transform(targetUid, permissionQuery),
|
|
2531
|
-
ordering: "desc"
|
|
2532
|
-
page: ctx.request.query.page,
|
|
2533
|
-
pageSize: ctx.request.query.pageSize
|
|
2571
|
+
ordering: "desc"
|
|
2534
2572
|
});
|
|
2535
2573
|
const relationsUnion = uniqBy("id", concat(sanitizedRes.results, res.results));
|
|
2536
2574
|
ctx.body = {
|
|
@@ -2562,7 +2600,7 @@ const createOrUpdateDocument = async (ctx, opts) => {
|
|
|
2562
2600
|
throw new errors.ForbiddenError();
|
|
2563
2601
|
}
|
|
2564
2602
|
const sanitizedQuery = await permissionChecker2.sanitizedQuery.update(query);
|
|
2565
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2603
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2566
2604
|
const [documentVersion, otherDocumentVersion] = await Promise.all([
|
|
2567
2605
|
findDocument(sanitizedQuery, model, { locale, status: "draft" }),
|
|
2568
2606
|
// Find the first document to check if it exists
|
|
@@ -2603,7 +2641,7 @@ const singleTypes = {
|
|
|
2603
2641
|
return ctx.forbidden();
|
|
2604
2642
|
}
|
|
2605
2643
|
const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
|
|
2606
|
-
const { locale, status } = await getDocumentLocaleAndStatus(query);
|
|
2644
|
+
const { locale, status } = await getDocumentLocaleAndStatus(query, model);
|
|
2607
2645
|
const version = await findDocument(permissionQuery, model, { locale, status });
|
|
2608
2646
|
if (!version) {
|
|
2609
2647
|
if (permissionChecker2.cannot.create()) {
|
|
@@ -2648,7 +2686,7 @@ const singleTypes = {
|
|
|
2648
2686
|
}
|
|
2649
2687
|
const sanitizedQuery = await permissionChecker2.sanitizedQuery.delete(query);
|
|
2650
2688
|
const populate = await buildPopulateFromQuery(sanitizedQuery, model);
|
|
2651
|
-
const { locale } = await getDocumentLocaleAndStatus(query);
|
|
2689
|
+
const { locale } = await getDocumentLocaleAndStatus(query, model);
|
|
2652
2690
|
const documentLocales = await documentManager2.findLocales(void 0, model, {
|
|
2653
2691
|
populate,
|
|
2654
2692
|
locale
|
|
@@ -2685,7 +2723,7 @@ const singleTypes = {
|
|
|
2685
2723
|
if (permissionChecker2.cannot.publish(document)) {
|
|
2686
2724
|
throw new errors.ForbiddenError();
|
|
2687
2725
|
}
|
|
2688
|
-
const { locale } = await getDocumentLocaleAndStatus(document);
|
|
2726
|
+
const { locale } = await getDocumentLocaleAndStatus(document, model);
|
|
2689
2727
|
const publishResult = await documentManager2.publish(document.documentId, model, { locale });
|
|
2690
2728
|
return publishResult.at(0);
|
|
2691
2729
|
});
|
|
@@ -2708,7 +2746,7 @@ const singleTypes = {
|
|
|
2708
2746
|
return ctx.forbidden();
|
|
2709
2747
|
}
|
|
2710
2748
|
const sanitizedQuery = await permissionChecker2.sanitizedQuery.unpublish(query);
|
|
2711
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2749
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2712
2750
|
const document = await findDocument(sanitizedQuery, model, { locale });
|
|
2713
2751
|
if (!document) {
|
|
2714
2752
|
return ctx.notFound();
|
|
@@ -2740,7 +2778,7 @@ const singleTypes = {
|
|
|
2740
2778
|
return ctx.forbidden();
|
|
2741
2779
|
}
|
|
2742
2780
|
const sanitizedQuery = await permissionChecker2.sanitizedQuery.discard(query);
|
|
2743
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2781
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2744
2782
|
const document = await findDocument(sanitizedQuery, model, { locale, status: "published" });
|
|
2745
2783
|
if (!document) {
|
|
2746
2784
|
return ctx.notFound();
|
|
@@ -2760,7 +2798,7 @@ const singleTypes = {
|
|
|
2760
2798
|
const { query } = ctx.request;
|
|
2761
2799
|
const documentManager2 = getService$1("document-manager");
|
|
2762
2800
|
const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
|
|
2763
|
-
const { locale } = await getDocumentLocaleAndStatus(query);
|
|
2801
|
+
const { locale } = await getDocumentLocaleAndStatus(query, model);
|
|
2764
2802
|
if (permissionChecker2.cannot.read()) {
|
|
2765
2803
|
return ctx.forbidden();
|
|
2766
2804
|
}
|
|
@@ -2781,7 +2819,7 @@ const uid$1 = {
|
|
|
2781
2819
|
async generateUID(ctx) {
|
|
2782
2820
|
const { contentTypeUID, field, data } = await validateGenerateUIDInput(ctx.request.body);
|
|
2783
2821
|
const { query = {} } = ctx.request;
|
|
2784
|
-
const { locale } = await getDocumentLocaleAndStatus(query);
|
|
2822
|
+
const { locale } = await getDocumentLocaleAndStatus(query, contentTypeUID);
|
|
2785
2823
|
await validateUIDField(contentTypeUID, field);
|
|
2786
2824
|
const uidService = getService$1("uid");
|
|
2787
2825
|
ctx.body = {
|
|
@@ -2793,7 +2831,7 @@ const uid$1 = {
|
|
|
2793
2831
|
ctx.request.body
|
|
2794
2832
|
);
|
|
2795
2833
|
const { query = {} } = ctx.request;
|
|
2796
|
-
const { locale } = await getDocumentLocaleAndStatus(query);
|
|
2834
|
+
const { locale } = await getDocumentLocaleAndStatus(query, contentTypeUID);
|
|
2797
2835
|
await validateUIDField(contentTypeUID, field);
|
|
2798
2836
|
const uidService = getService$1("uid");
|
|
2799
2837
|
const isAvailable = await uidService.checkUIDAvailability({
|
|
@@ -3436,12 +3474,27 @@ const createPermissionChecker = (strapi2) => ({ userAbility, model }) => {
|
|
|
3436
3474
|
ability: userAbility,
|
|
3437
3475
|
model
|
|
3438
3476
|
});
|
|
3439
|
-
const
|
|
3477
|
+
const { actionProvider } = strapi2.service("admin::permission");
|
|
3478
|
+
const toSubject = (entity) => {
|
|
3479
|
+
return entity ? permissionsManager.toSubject(entity, model) : model;
|
|
3480
|
+
};
|
|
3440
3481
|
const can = (action, entity, field) => {
|
|
3441
|
-
|
|
3482
|
+
const subject = toSubject(entity);
|
|
3483
|
+
const aliases = actionProvider.unstable_aliases(action, model);
|
|
3484
|
+
return (
|
|
3485
|
+
// Test the original action to see if it passes
|
|
3486
|
+
userAbility.can(action, subject, field) || // Else try every known alias if at least one of them succeed, then the user "can"
|
|
3487
|
+
aliases.some((alias) => userAbility.can(alias, subject, field))
|
|
3488
|
+
);
|
|
3442
3489
|
};
|
|
3443
3490
|
const cannot = (action, entity, field) => {
|
|
3444
|
-
|
|
3491
|
+
const subject = toSubject(entity);
|
|
3492
|
+
const aliases = actionProvider.unstable_aliases(action, model);
|
|
3493
|
+
return (
|
|
3494
|
+
// Test both the original action
|
|
3495
|
+
userAbility.cannot(action, subject, field) && // and every known alias, if all of them fail (cannot), then the user truly "cannot"
|
|
3496
|
+
aliases.every((alias) => userAbility.cannot(alias, subject, field))
|
|
3497
|
+
);
|
|
3445
3498
|
};
|
|
3446
3499
|
const sanitizeOutput = (data, { action = ACTIONS.read } = {}) => {
|
|
3447
3500
|
return permissionsManager.sanitizeOutput(data, { subject: toSubject(data), action });
|
|
@@ -3718,6 +3771,10 @@ const getDeepPopulateDraftCount = (uid2) => {
|
|
|
3718
3771
|
const attribute = model.attributes[attributeName];
|
|
3719
3772
|
switch (attribute.type) {
|
|
3720
3773
|
case "relation": {
|
|
3774
|
+
const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
|
|
3775
|
+
if (isMorphRelation) {
|
|
3776
|
+
break;
|
|
3777
|
+
}
|
|
3721
3778
|
if (isVisibleAttribute$1(model, attributeName)) {
|
|
3722
3779
|
populateAcc[attributeName] = {
|
|
3723
3780
|
count: true,
|
|
@@ -4095,7 +4152,13 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
|
|
|
4095
4152
|
*/
|
|
4096
4153
|
async formatDocumentWithMetadata(uid2, document, opts = {}) {
|
|
4097
4154
|
if (!document) {
|
|
4098
|
-
return
|
|
4155
|
+
return {
|
|
4156
|
+
data: document,
|
|
4157
|
+
meta: {
|
|
4158
|
+
availableLocales: [],
|
|
4159
|
+
availableStatus: []
|
|
4160
|
+
}
|
|
4161
|
+
};
|
|
4099
4162
|
}
|
|
4100
4163
|
const hasDraftAndPublish = contentTypes$1.hasDraftAndPublish(strapi2.getModel(uid2));
|
|
4101
4164
|
if (!hasDraftAndPublish) {
|
|
@@ -4203,10 +4266,7 @@ const documentManager = ({ strapi: strapi2 }) => {
|
|
|
4203
4266
|
async clone(id, body, uid2) {
|
|
4204
4267
|
const populate = await buildDeepPopulate(uid2);
|
|
4205
4268
|
const params = {
|
|
4206
|
-
data:
|
|
4207
|
-
...omitIdField(body),
|
|
4208
|
-
[PUBLISHED_AT_ATTRIBUTE]: null
|
|
4209
|
-
},
|
|
4269
|
+
data: omitIdField(body),
|
|
4210
4270
|
populate
|
|
4211
4271
|
};
|
|
4212
4272
|
return strapi2.documents(uid2).clone({ ...params, documentId: id }).then((result) => result?.entries.at(0));
|