@strapi/content-manager 0.0.0-experimental.d954d57341a6623992a0d211daaec8e245c3517d → 0.0.0-experimental.e14656d3b8681880212c13260b9a2b340c182f2d
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +18 -3
- package/dist/_chunks/{ComponentConfigurationPage-WRPUXGd6.js → ComponentConfigurationPage-D_M8iBw5.js} +3 -3
- package/dist/_chunks/{ComponentConfigurationPage-WRPUXGd6.js.map → ComponentConfigurationPage-D_M8iBw5.js.map} +1 -1
- package/dist/_chunks/{ComponentConfigurationPage-gdUj_t-O.mjs → ComponentConfigurationPage-qemkOlnj.mjs} +3 -3
- package/dist/_chunks/{ComponentConfigurationPage-gdUj_t-O.mjs.map → ComponentConfigurationPage-qemkOlnj.mjs.map} +1 -1
- package/dist/_chunks/{EditConfigurationPage-C1vjMBgy.js → EditConfigurationPage-BePwPuHy.js} +3 -3
- package/dist/_chunks/{EditConfigurationPage-C1vjMBgy.js.map → EditConfigurationPage-BePwPuHy.js.map} +1 -1
- package/dist/_chunks/{EditConfigurationPage-BwuIPOJG.mjs → EditConfigurationPage-CjUrEewK.mjs} +3 -3
- package/dist/_chunks/{EditConfigurationPage-BwuIPOJG.mjs.map → EditConfigurationPage-CjUrEewK.mjs.map} +1 -1
- package/dist/_chunks/{EditViewPage-DbcGfyqK.js → EditViewPage-B-RJeiJD.js} +19 -8
- package/dist/_chunks/EditViewPage-B-RJeiJD.js.map +1 -0
- package/dist/_chunks/{EditViewPage-0MiFkXa8.mjs → EditViewPage-De8GyU8P.mjs} +19 -8
- package/dist/_chunks/EditViewPage-De8GyU8P.mjs.map +1 -0
- package/dist/_chunks/{Field-BG1xu38N.js → Field-dq8Tg1M_.js} +444 -86
- package/dist/_chunks/Field-dq8Tg1M_.js.map +1 -0
- package/dist/_chunks/{Field-BDMSCcy5.mjs → Field-pb2o8uBe.mjs} +446 -88
- package/dist/_chunks/Field-pb2o8uBe.mjs.map +1 -0
- package/dist/_chunks/{Form-9BnFyUjy.js → Form-DGIf4jQU.js} +26 -12
- package/dist/_chunks/Form-DGIf4jQU.js.map +1 -0
- package/dist/_chunks/{Form-CPVWavB8.mjs → Form-DJn0Dxha.mjs} +26 -12
- package/dist/_chunks/Form-DJn0Dxha.mjs.map +1 -0
- package/dist/_chunks/{History-BVpd8LP3.mjs → History-BowL3JKP.mjs} +44 -19
- package/dist/_chunks/History-BowL3JKP.mjs.map +1 -0
- package/dist/_chunks/{History-BWWxLt2Z.js → History-Dh2NEHnR.js} +44 -19
- package/dist/_chunks/History-Dh2NEHnR.js.map +1 -0
- package/dist/_chunks/{ListConfigurationPage-DozVMKcR.mjs → ListConfigurationPage-BpVOB-hn.mjs} +20 -8
- package/dist/_chunks/ListConfigurationPage-BpVOB-hn.mjs.map +1 -0
- package/dist/_chunks/{ListConfigurationPage-6swzjdAZ.js → ListConfigurationPage-BxYCWz9e.js} +20 -8
- package/dist/_chunks/ListConfigurationPage-BxYCWz9e.js.map +1 -0
- package/dist/_chunks/{ListViewPage-BlzfjS2Q.js → ListViewPage-4XsciqHZ.js} +21 -7
- package/dist/_chunks/ListViewPage-4XsciqHZ.js.map +1 -0
- package/dist/_chunks/{ListViewPage-Ds0ulgfG.mjs → ListViewPage-CXFUjZQC.mjs} +22 -8
- package/dist/_chunks/ListViewPage-CXFUjZQC.mjs.map +1 -0
- package/dist/_chunks/{NoContentTypePage-D2nCCWEl.js → NoContentTypePage-C8OpoHeU.js} +2 -2
- package/dist/_chunks/{NoContentTypePage-D2nCCWEl.js.map → NoContentTypePage-C8OpoHeU.js.map} +1 -1
- package/dist/_chunks/{NoContentTypePage-BH11kaKt.mjs → NoContentTypePage-DuhOTp3x.mjs} +2 -2
- package/dist/_chunks/{NoContentTypePage-BH11kaKt.mjs.map → NoContentTypePage-DuhOTp3x.mjs.map} +1 -1
- package/dist/_chunks/{NoPermissionsPage-BT2Tn0D_.mjs → NoPermissionsPage-DVz3mzDz.mjs} +2 -2
- package/dist/_chunks/{NoPermissionsPage-BT2Tn0D_.mjs.map → NoPermissionsPage-DVz3mzDz.mjs.map} +1 -1
- package/dist/_chunks/{NoPermissionsPage-DN_JlsU2.js → NoPermissionsPage-y_r7DVA2.js} +2 -2
- package/dist/_chunks/{NoPermissionsPage-DN_JlsU2.js.map → NoPermissionsPage-y_r7DVA2.js.map} +1 -1
- package/dist/_chunks/{Relations-Dnag3fhV.mjs → Relations-CVNLrn1Y.mjs} +4 -4
- package/dist/_chunks/Relations-CVNLrn1Y.mjs.map +1 -0
- package/dist/_chunks/{Relations-CcgFTcWo.js → Relations-DPFCAa7b.js} +4 -4
- package/dist/_chunks/Relations-DPFCAa7b.js.map +1 -0
- package/dist/_chunks/{en-Ux26r5pl.mjs → en-BrCTWlZv.mjs} +5 -4
- package/dist/_chunks/{en-Ux26r5pl.mjs.map → en-BrCTWlZv.mjs.map} +1 -1
- package/dist/_chunks/{en-fbKQxLGn.js → en-uOUIxfcQ.js} +5 -4
- package/dist/_chunks/{en-fbKQxLGn.js.map → en-uOUIxfcQ.js.map} +1 -1
- package/dist/_chunks/{index-CWpLBSt0.js → index-C3fJE-1-.js} +390 -169
- package/dist/_chunks/index-C3fJE-1-.js.map +1 -0
- package/dist/_chunks/{index-JNNNKUHs.mjs → index-DiMrfcfy.mjs} +397 -176
- package/dist/_chunks/index-DiMrfcfy.mjs.map +1 -0
- package/dist/_chunks/{layout--iHdZzRk.js → layout-C788OmNr.js} +23 -11
- package/dist/_chunks/layout-C788OmNr.js.map +1 -0
- package/dist/_chunks/{layout-DC503LnF.mjs → layout-ls3gxfpH.mjs} +25 -13
- package/dist/_chunks/layout-ls3gxfpH.mjs.map +1 -0
- package/dist/_chunks/{relations-CTje5t-a.mjs → relations-CLcOmGO0.mjs} +2 -2
- package/dist/_chunks/{relations-CTje5t-a.mjs.map → relations-CLcOmGO0.mjs.map} +1 -1
- package/dist/_chunks/{relations-BbHizA5K.js → relations-DYeotliT.js} +2 -2
- package/dist/_chunks/{relations-BbHizA5K.js.map → relations-DYeotliT.js.map} +1 -1
- package/dist/admin/index.js +1 -1
- package/dist/admin/index.mjs +1 -1
- package/dist/admin/src/history/index.d.ts +3 -0
- package/dist/admin/src/history/services/historyVersion.d.ts +1 -1
- package/dist/admin/src/index.d.ts +1 -0
- package/dist/admin/src/pages/EditView/components/DocumentActions.d.ts +1 -0
- package/dist/admin/src/pages/EditView/components/FormInputs/BlocksInput/utils/constants.d.ts +4 -0
- package/dist/admin/src/pages/EditView/components/FormInputs/Relations.d.ts +20 -0
- package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/EditorLayout.d.ts +2 -2
- package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/WysiwygFooter.d.ts +2 -2
- package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/WysiwygStyles.d.ts +10 -22
- package/dist/admin/src/services/api.d.ts +1 -1
- package/dist/admin/src/services/components.d.ts +2 -2
- package/dist/admin/src/services/contentTypes.d.ts +3 -3
- package/dist/admin/src/services/documents.d.ts +16 -16
- package/dist/admin/src/services/init.d.ts +1 -1
- package/dist/admin/src/services/relations.d.ts +2 -2
- package/dist/admin/src/services/uid.d.ts +3 -3
- package/dist/admin/src/utils/validation.d.ts +4 -1
- package/dist/server/index.js +166 -108
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +167 -109
- package/dist/server/index.mjs.map +1 -1
- package/dist/server/src/controllers/collection-types.d.ts.map +1 -1
- package/dist/server/src/controllers/relations.d.ts.map +1 -1
- package/dist/server/src/controllers/uid.d.ts.map +1 -1
- package/dist/server/src/controllers/validation/dimensions.d.ts +4 -2
- package/dist/server/src/controllers/validation/dimensions.d.ts.map +1 -1
- package/dist/server/src/history/services/lifecycles.d.ts.map +1 -1
- package/dist/server/src/history/services/utils.d.ts +1 -1
- package/dist/server/src/history/services/utils.d.ts.map +1 -1
- package/dist/server/src/policies/hasPermissions.d.ts.map +1 -1
- package/dist/server/src/services/document-manager.d.ts.map +1 -1
- package/dist/server/src/services/document-metadata.d.ts.map +1 -1
- package/dist/server/src/services/permission-checker.d.ts.map +1 -1
- package/dist/server/src/services/utils/populate.d.ts.map +1 -1
- package/package.json +8 -8
- package/dist/_chunks/EditViewPage-0MiFkXa8.mjs.map +0 -1
- package/dist/_chunks/EditViewPage-DbcGfyqK.js.map +0 -1
- package/dist/_chunks/Field-BDMSCcy5.mjs.map +0 -1
- package/dist/_chunks/Field-BG1xu38N.js.map +0 -1
- package/dist/_chunks/Form-9BnFyUjy.js.map +0 -1
- package/dist/_chunks/Form-CPVWavB8.mjs.map +0 -1
- package/dist/_chunks/History-BVpd8LP3.mjs.map +0 -1
- package/dist/_chunks/History-BWWxLt2Z.js.map +0 -1
- package/dist/_chunks/ListConfigurationPage-6swzjdAZ.js.map +0 -1
- package/dist/_chunks/ListConfigurationPage-DozVMKcR.mjs.map +0 -1
- package/dist/_chunks/ListViewPage-BlzfjS2Q.js.map +0 -1
- package/dist/_chunks/ListViewPage-Ds0ulgfG.mjs.map +0 -1
- package/dist/_chunks/Relations-CcgFTcWo.js.map +0 -1
- package/dist/_chunks/Relations-Dnag3fhV.mjs.map +0 -1
- package/dist/_chunks/index-CWpLBSt0.js.map +0 -1
- package/dist/_chunks/index-JNNNKUHs.mjs.map +0 -1
- package/dist/_chunks/layout--iHdZzRk.js.map +0 -1
- package/dist/_chunks/layout-DC503LnF.mjs.map +0 -1
package/dist/server/index.js
CHANGED
|
@@ -226,20 +226,25 @@ const createServiceUtils = ({ strapi: strapi2 }) => {
|
|
|
226
226
|
const meta = await documentMetadataService.getMetadata(contentTypeUid, document);
|
|
227
227
|
return documentMetadataService.getStatus(document, meta.availableStatus);
|
|
228
228
|
};
|
|
229
|
-
const getDeepPopulate2 = (uid2) => {
|
|
229
|
+
const getDeepPopulate2 = (uid2, useDatabaseSyntax = false) => {
|
|
230
230
|
const model = strapi2.getModel(uid2);
|
|
231
231
|
const attributes = Object.entries(model.attributes);
|
|
232
|
+
const fieldSelector = useDatabaseSyntax ? "select" : "fields";
|
|
232
233
|
return attributes.reduce((acc, [attributeName, attribute]) => {
|
|
233
234
|
switch (attribute.type) {
|
|
234
235
|
case "relation": {
|
|
236
|
+
const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
|
|
237
|
+
if (isMorphRelation) {
|
|
238
|
+
break;
|
|
239
|
+
}
|
|
235
240
|
const isVisible2 = strapiUtils.contentTypes.isVisibleAttribute(model, attributeName);
|
|
236
241
|
if (isVisible2) {
|
|
237
|
-
acc[attributeName] = {
|
|
242
|
+
acc[attributeName] = { [fieldSelector]: ["documentId", "locale", "publishedAt"] };
|
|
238
243
|
}
|
|
239
244
|
break;
|
|
240
245
|
}
|
|
241
246
|
case "media": {
|
|
242
|
-
acc[attributeName] = {
|
|
247
|
+
acc[attributeName] = { [fieldSelector]: ["id"] };
|
|
243
248
|
break;
|
|
244
249
|
}
|
|
245
250
|
case "component": {
|
|
@@ -490,13 +495,47 @@ const createHistoryService = ({ strapi: strapi2 }) => {
|
|
|
490
495
|
}
|
|
491
496
|
};
|
|
492
497
|
};
|
|
498
|
+
const shouldCreateHistoryVersion = (context) => {
|
|
499
|
+
if (!strapi.requestContext.get()?.request.url.startsWith("/content-manager")) {
|
|
500
|
+
return false;
|
|
501
|
+
}
|
|
502
|
+
if (context.action !== "create" && context.action !== "update" && context.action !== "clone" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
|
|
503
|
+
return false;
|
|
504
|
+
}
|
|
505
|
+
if (context.action === "update" && strapi.requestContext.get()?.request.url.endsWith("/actions/publish")) {
|
|
506
|
+
return false;
|
|
507
|
+
}
|
|
508
|
+
if (!context.contentType.uid.startsWith("api::")) {
|
|
509
|
+
return false;
|
|
510
|
+
}
|
|
511
|
+
return true;
|
|
512
|
+
};
|
|
513
|
+
const getSchemas = (uid2) => {
|
|
514
|
+
const attributesSchema = strapi.getModel(uid2).attributes;
|
|
515
|
+
const componentsSchemas = Object.keys(attributesSchema).reduce(
|
|
516
|
+
(currentComponentSchemas, key) => {
|
|
517
|
+
const fieldSchema = attributesSchema[key];
|
|
518
|
+
if (fieldSchema.type === "component") {
|
|
519
|
+
const componentSchema = strapi.getModel(fieldSchema.component).attributes;
|
|
520
|
+
return {
|
|
521
|
+
...currentComponentSchemas,
|
|
522
|
+
[fieldSchema.component]: componentSchema
|
|
523
|
+
};
|
|
524
|
+
}
|
|
525
|
+
return currentComponentSchemas;
|
|
526
|
+
},
|
|
527
|
+
{}
|
|
528
|
+
);
|
|
529
|
+
return {
|
|
530
|
+
schema: fp.omit(FIELDS_TO_IGNORE, attributesSchema),
|
|
531
|
+
componentsSchemas
|
|
532
|
+
};
|
|
533
|
+
};
|
|
493
534
|
const createLifecyclesService = ({ strapi: strapi2 }) => {
|
|
494
535
|
const state = {
|
|
495
536
|
deleteExpiredJob: null,
|
|
496
537
|
isInitialized: false
|
|
497
538
|
};
|
|
498
|
-
const query = strapi2.db.query(HISTORY_VERSION_UID);
|
|
499
|
-
const historyService = getService(strapi2, "history");
|
|
500
539
|
const serviceUtils = createServiceUtils({ strapi: strapi2 });
|
|
501
540
|
return {
|
|
502
541
|
async bootstrap() {
|
|
@@ -504,63 +543,43 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
|
|
|
504
543
|
return;
|
|
505
544
|
}
|
|
506
545
|
strapi2.documents.use(async (context, next) => {
|
|
507
|
-
if (!strapi2.requestContext.get()?.request.url.startsWith("/content-manager")) {
|
|
508
|
-
return next();
|
|
509
|
-
}
|
|
510
|
-
if (context.action !== "create" && context.action !== "update" && context.action !== "clone" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
|
|
511
|
-
return next();
|
|
512
|
-
}
|
|
513
|
-
if (context.action === "update" && strapi2.requestContext.get()?.request.url.endsWith("/actions/publish")) {
|
|
514
|
-
return next();
|
|
515
|
-
}
|
|
516
|
-
const contentTypeUid = context.contentType.uid;
|
|
517
|
-
if (!contentTypeUid.startsWith("api::")) {
|
|
518
|
-
return next();
|
|
519
|
-
}
|
|
520
546
|
const result = await next();
|
|
521
|
-
|
|
522
|
-
|
|
523
|
-
|
|
524
|
-
|
|
547
|
+
if (!shouldCreateHistoryVersion(context)) {
|
|
548
|
+
return result;
|
|
549
|
+
}
|
|
550
|
+
const documentId = context.action === "create" || context.action === "clone" ? result.documentId : context.params.documentId;
|
|
525
551
|
const defaultLocale = await serviceUtils.getDefaultLocale();
|
|
526
|
-
const
|
|
527
|
-
if (
|
|
528
|
-
|
|
529
|
-
"[Content manager history middleware]: An array of locales was provided, but only a single locale is supported for the findOne operation."
|
|
530
|
-
);
|
|
531
|
-
return next();
|
|
552
|
+
const locales = fp.castArray(context.params?.locale || defaultLocale);
|
|
553
|
+
if (!locales.length) {
|
|
554
|
+
return result;
|
|
532
555
|
}
|
|
533
|
-
const
|
|
534
|
-
|
|
535
|
-
|
|
536
|
-
|
|
556
|
+
const uid2 = context.contentType.uid;
|
|
557
|
+
const schemas = getSchemas(uid2);
|
|
558
|
+
const localeEntries = await strapi2.db.query(uid2).findMany({
|
|
559
|
+
where: {
|
|
560
|
+
documentId,
|
|
561
|
+
locale: { $in: locales },
|
|
562
|
+
publishedAt: null
|
|
563
|
+
},
|
|
564
|
+
populate: serviceUtils.getDeepPopulate(
|
|
565
|
+
uid2,
|
|
566
|
+
true
|
|
567
|
+
/* use database syntax */
|
|
568
|
+
)
|
|
537
569
|
});
|
|
538
|
-
const status = await serviceUtils.getVersionStatus(contentTypeUid, document);
|
|
539
|
-
const attributesSchema = strapi2.getModel(contentTypeUid).attributes;
|
|
540
|
-
const componentsSchemas = Object.keys(
|
|
541
|
-
attributesSchema
|
|
542
|
-
).reduce((currentComponentSchemas, key) => {
|
|
543
|
-
const fieldSchema = attributesSchema[key];
|
|
544
|
-
if (fieldSchema.type === "component") {
|
|
545
|
-
const componentSchema = strapi2.getModel(fieldSchema.component).attributes;
|
|
546
|
-
return {
|
|
547
|
-
...currentComponentSchemas,
|
|
548
|
-
[fieldSchema.component]: componentSchema
|
|
549
|
-
};
|
|
550
|
-
}
|
|
551
|
-
return currentComponentSchemas;
|
|
552
|
-
}, {});
|
|
553
570
|
await strapi2.db.transaction(async ({ onCommit }) => {
|
|
554
|
-
onCommit(() => {
|
|
555
|
-
|
|
556
|
-
|
|
557
|
-
|
|
558
|
-
|
|
559
|
-
|
|
560
|
-
|
|
561
|
-
|
|
562
|
-
|
|
563
|
-
|
|
571
|
+
onCommit(async () => {
|
|
572
|
+
for (const entry of localeEntries) {
|
|
573
|
+
const status = await serviceUtils.getVersionStatus(uid2, entry);
|
|
574
|
+
await getService(strapi2, "history").createVersion({
|
|
575
|
+
contentType: uid2,
|
|
576
|
+
data: fp.omit(FIELDS_TO_IGNORE, entry),
|
|
577
|
+
relatedDocumentId: documentId,
|
|
578
|
+
locale: entry.locale,
|
|
579
|
+
status,
|
|
580
|
+
...schemas
|
|
581
|
+
});
|
|
582
|
+
}
|
|
564
583
|
});
|
|
565
584
|
});
|
|
566
585
|
return result;
|
|
@@ -568,7 +587,7 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
|
|
|
568
587
|
state.deleteExpiredJob = nodeSchedule.scheduleJob("0 0 * * *", () => {
|
|
569
588
|
const retentionDaysInMilliseconds = serviceUtils.getRetentionDays() * 24 * 60 * 60 * 1e3;
|
|
570
589
|
const expirationDate = new Date(Date.now() - retentionDaysInMilliseconds);
|
|
571
|
-
query.deleteMany({
|
|
590
|
+
strapi2.db.query(HISTORY_VERSION_UID).deleteMany({
|
|
572
591
|
where: {
|
|
573
592
|
created_at: {
|
|
574
593
|
$lt: expirationDate.toISOString()
|
|
@@ -1200,6 +1219,11 @@ const { createPolicy } = strapiUtils.policy;
|
|
|
1200
1219
|
const hasPermissions = createPolicy({
|
|
1201
1220
|
name: "plugin::content-manager.hasPermissions",
|
|
1202
1221
|
validator: validateHasPermissionsInput,
|
|
1222
|
+
/**
|
|
1223
|
+
* NOTE: Action aliases are currently not checked at this level (policy).
|
|
1224
|
+
* This is currently the intended behavior to avoid changing the behavior of API related permissions.
|
|
1225
|
+
* If you want to add support for it, please create a dedicated RFC with a list of potential side effect this could have.
|
|
1226
|
+
*/
|
|
1203
1227
|
handler(ctx, config = {}) {
|
|
1204
1228
|
const { actions = [], hasAtLeastOne = false } = config;
|
|
1205
1229
|
const { userAbility } = ctx.state;
|
|
@@ -1593,9 +1617,11 @@ const multipleLocaleSchema = strapiUtils.yup.lazy(
|
|
|
1593
1617
|
(value) => Array.isArray(value) ? strapiUtils.yup.array().of(singleLocaleSchema.required()) : singleLocaleSchema
|
|
1594
1618
|
);
|
|
1595
1619
|
const statusSchema = strapiUtils.yup.mixed().oneOf(["draft", "published"], "Invalid status");
|
|
1596
|
-
const getDocumentLocaleAndStatus = async (request, opts = { allowMultipleLocales: false }) => {
|
|
1620
|
+
const getDocumentLocaleAndStatus = async (request, model, opts = { allowMultipleLocales: false }) => {
|
|
1597
1621
|
const { allowMultipleLocales } = opts;
|
|
1598
|
-
const { locale, status, ...rest } = request || {};
|
|
1622
|
+
const { locale, status: providedStatus, ...rest } = request || {};
|
|
1623
|
+
const defaultStatus = strapiUtils.contentTypes.hasDraftAndPublish(strapi.getModel(model)) ? void 0 : "published";
|
|
1624
|
+
const status = providedStatus !== void 0 ? providedStatus : defaultStatus;
|
|
1599
1625
|
const schema = strapiUtils.yup.object().shape({
|
|
1600
1626
|
locale: allowMultipleLocales ? multipleLocaleSchema : singleLocaleSchema,
|
|
1601
1627
|
status: statusSchema
|
|
@@ -1643,7 +1669,7 @@ const createDocument = async (ctx, opts) => {
|
|
|
1643
1669
|
const setCreator = strapiUtils.setCreatorFields({ user });
|
|
1644
1670
|
const sanitizeFn = strapiUtils.async.pipe(pickPermittedFields, setCreator);
|
|
1645
1671
|
const sanitizedBody = await sanitizeFn(body);
|
|
1646
|
-
const { locale, status
|
|
1672
|
+
const { locale, status } = await getDocumentLocaleAndStatus(body, model);
|
|
1647
1673
|
return documentManager2.create(model, {
|
|
1648
1674
|
data: sanitizedBody,
|
|
1649
1675
|
locale,
|
|
@@ -1662,7 +1688,7 @@ const updateDocument = async (ctx, opts) => {
|
|
|
1662
1688
|
}
|
|
1663
1689
|
const permissionQuery = await permissionChecker2.sanitizedQuery.update(ctx.query);
|
|
1664
1690
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1665
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1691
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1666
1692
|
const [documentVersion, documentExists] = await Promise.all([
|
|
1667
1693
|
documentManager2.findOne(id, model, { populate, locale, status: "draft" }),
|
|
1668
1694
|
documentManager2.exists(model, id)
|
|
@@ -1700,7 +1726,7 @@ const collectionTypes = {
|
|
|
1700
1726
|
}
|
|
1701
1727
|
const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
|
|
1702
1728
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(1).countRelations({ toOne: false, toMany: true }).build();
|
|
1703
|
-
const { locale, status } = await getDocumentLocaleAndStatus(query);
|
|
1729
|
+
const { locale, status } = await getDocumentLocaleAndStatus(query, model);
|
|
1704
1730
|
const { results: documents, pagination } = await documentManager2.findPage(
|
|
1705
1731
|
{ ...permissionQuery, populate, locale, status },
|
|
1706
1732
|
model
|
|
@@ -1735,7 +1761,7 @@ const collectionTypes = {
|
|
|
1735
1761
|
}
|
|
1736
1762
|
const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
|
|
1737
1763
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
|
|
1738
|
-
const { locale, status
|
|
1764
|
+
const { locale, status } = await getDocumentLocaleAndStatus(ctx.query, model);
|
|
1739
1765
|
const version = await documentManager2.findOne(id, model, {
|
|
1740
1766
|
populate,
|
|
1741
1767
|
locale,
|
|
@@ -1802,7 +1828,7 @@ const collectionTypes = {
|
|
|
1802
1828
|
}
|
|
1803
1829
|
const permissionQuery = await permissionChecker2.sanitizedQuery.create(ctx.query);
|
|
1804
1830
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1805
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1831
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1806
1832
|
const document = await documentManager2.findOne(id, model, {
|
|
1807
1833
|
populate,
|
|
1808
1834
|
locale,
|
|
@@ -1847,7 +1873,7 @@ const collectionTypes = {
|
|
|
1847
1873
|
}
|
|
1848
1874
|
const permissionQuery = await permissionChecker2.sanitizedQuery.delete(ctx.query);
|
|
1849
1875
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1850
|
-
const { locale } = await getDocumentLocaleAndStatus(ctx.query);
|
|
1876
|
+
const { locale } = await getDocumentLocaleAndStatus(ctx.query, model);
|
|
1851
1877
|
const documentLocales = await documentManager2.findLocales(id, model, { populate, locale });
|
|
1852
1878
|
if (documentLocales.length === 0) {
|
|
1853
1879
|
return ctx.notFound();
|
|
@@ -1876,11 +1902,28 @@ const collectionTypes = {
|
|
|
1876
1902
|
const publishedDocument = await strapi.db.transaction(async () => {
|
|
1877
1903
|
const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
|
|
1878
1904
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
|
|
1879
|
-
|
|
1905
|
+
let document;
|
|
1906
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1907
|
+
const isCreate = fp.isNil(id);
|
|
1908
|
+
if (isCreate) {
|
|
1909
|
+
if (permissionChecker2.cannot.create()) {
|
|
1910
|
+
throw new strapiUtils.errors.ForbiddenError();
|
|
1911
|
+
}
|
|
1912
|
+
document = await createDocument(ctx, { populate });
|
|
1913
|
+
}
|
|
1914
|
+
const isUpdate = !isCreate;
|
|
1915
|
+
if (isUpdate) {
|
|
1916
|
+
document = await documentManager2.findOne(id, model, { populate, locale });
|
|
1917
|
+
if (!document) {
|
|
1918
|
+
throw new strapiUtils.errors.NotFoundError("Document not found");
|
|
1919
|
+
}
|
|
1920
|
+
if (permissionChecker2.can.update(document)) {
|
|
1921
|
+
await updateDocument(ctx);
|
|
1922
|
+
}
|
|
1923
|
+
}
|
|
1880
1924
|
if (permissionChecker2.cannot.publish(document)) {
|
|
1881
1925
|
throw new strapiUtils.errors.ForbiddenError();
|
|
1882
1926
|
}
|
|
1883
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1884
1927
|
const publishResult = await documentManager2.publish(document.documentId, model, {
|
|
1885
1928
|
locale
|
|
1886
1929
|
// TODO: Allow setting creator fields on publish
|
|
@@ -1907,7 +1950,9 @@ const collectionTypes = {
|
|
|
1907
1950
|
}
|
|
1908
1951
|
const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
|
|
1909
1952
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
|
|
1910
|
-
const { locale } = await getDocumentLocaleAndStatus(body, {
|
|
1953
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model, {
|
|
1954
|
+
allowMultipleLocales: true
|
|
1955
|
+
});
|
|
1911
1956
|
const entityPromises = documentIds.map(
|
|
1912
1957
|
(documentId) => documentManager2.findLocales(documentId, model, { populate, locale, isPublished: false })
|
|
1913
1958
|
);
|
|
@@ -1934,7 +1979,7 @@ const collectionTypes = {
|
|
|
1934
1979
|
if (permissionChecker2.cannot.unpublish()) {
|
|
1935
1980
|
return ctx.forbidden();
|
|
1936
1981
|
}
|
|
1937
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
1982
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1938
1983
|
const entityPromises = documentIds.map(
|
|
1939
1984
|
(documentId) => documentManager2.findLocales(documentId, model, { locale, isPublished: true })
|
|
1940
1985
|
);
|
|
@@ -1967,7 +2012,7 @@ const collectionTypes = {
|
|
|
1967
2012
|
}
|
|
1968
2013
|
const permissionQuery = await permissionChecker2.sanitizedQuery.unpublish(ctx.query);
|
|
1969
2014
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
1970
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2015
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
1971
2016
|
const document = await documentManager2.findOne(id, model, {
|
|
1972
2017
|
populate,
|
|
1973
2018
|
locale,
|
|
@@ -2004,7 +2049,7 @@ const collectionTypes = {
|
|
|
2004
2049
|
}
|
|
2005
2050
|
const permissionQuery = await permissionChecker2.sanitizedQuery.discard(ctx.query);
|
|
2006
2051
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
2007
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2052
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2008
2053
|
const document = await documentManager2.findOne(id, model, {
|
|
2009
2054
|
populate,
|
|
2010
2055
|
locale,
|
|
@@ -2035,7 +2080,7 @@ const collectionTypes = {
|
|
|
2035
2080
|
}
|
|
2036
2081
|
const permissionQuery = await permissionChecker2.sanitizedQuery.delete(query);
|
|
2037
2082
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
2038
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2083
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2039
2084
|
const documentLocales = await documentManager2.findLocales(documentIds, model, {
|
|
2040
2085
|
populate,
|
|
2041
2086
|
locale
|
|
@@ -2062,7 +2107,7 @@ const collectionTypes = {
|
|
|
2062
2107
|
}
|
|
2063
2108
|
const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
|
|
2064
2109
|
const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
|
|
2065
|
-
const { locale, status
|
|
2110
|
+
const { locale, status } = await getDocumentLocaleAndStatus(ctx.query, model);
|
|
2066
2111
|
const entity = await documentManager2.findOne(id, model, { populate, locale, status });
|
|
2067
2112
|
if (!entity) {
|
|
2068
2113
|
return ctx.notFound();
|
|
@@ -2085,7 +2130,7 @@ const collectionTypes = {
|
|
|
2085
2130
|
if (permissionChecker2.cannot.read()) {
|
|
2086
2131
|
return ctx.forbidden();
|
|
2087
2132
|
}
|
|
2088
|
-
const
|
|
2133
|
+
const documents = await documentManager2.findMany(
|
|
2089
2134
|
{
|
|
2090
2135
|
filters: {
|
|
2091
2136
|
documentId: ids
|
|
@@ -2094,7 +2139,7 @@ const collectionTypes = {
|
|
|
2094
2139
|
},
|
|
2095
2140
|
model
|
|
2096
2141
|
);
|
|
2097
|
-
if (!
|
|
2142
|
+
if (!documents) {
|
|
2098
2143
|
return ctx.notFound();
|
|
2099
2144
|
}
|
|
2100
2145
|
const number = await documentManager2.countManyEntriesDraftRelations(ids, model, locale);
|
|
@@ -2285,20 +2330,13 @@ const sanitizeMainField = (model, mainField, userAbility) => {
|
|
|
2285
2330
|
userAbility,
|
|
2286
2331
|
model: model.uid
|
|
2287
2332
|
});
|
|
2288
|
-
|
|
2333
|
+
const isMainFieldListable = isListable(model, mainField);
|
|
2334
|
+
const canReadMainField = permissionChecker2.can.read(null, mainField);
|
|
2335
|
+
if (!isMainFieldListable || !canReadMainField) {
|
|
2289
2336
|
return "id";
|
|
2290
2337
|
}
|
|
2291
|
-
if (
|
|
2292
|
-
|
|
2293
|
-
const userPermissionChecker = getService$1("permission-checker").create({
|
|
2294
|
-
userAbility,
|
|
2295
|
-
model: "plugin::users-permissions.user"
|
|
2296
|
-
});
|
|
2297
|
-
if (userPermissionChecker.can.read()) {
|
|
2298
|
-
return "name";
|
|
2299
|
-
}
|
|
2300
|
-
}
|
|
2301
|
-
return "id";
|
|
2338
|
+
if (model.uid === "plugin::users-permissions.role") {
|
|
2339
|
+
return "name";
|
|
2302
2340
|
}
|
|
2303
2341
|
return mainField;
|
|
2304
2342
|
};
|
|
@@ -2556,9 +2594,7 @@ const relations = {
|
|
|
2556
2594
|
addFiltersClause(permissionQuery, { id: { $in: loadedIds } });
|
|
2557
2595
|
const sanitizedRes = await loadRelations({ id: entryId }, targetField, {
|
|
2558
2596
|
...strapi.get("query-params").transform(targetUid, permissionQuery),
|
|
2559
|
-
ordering: "desc"
|
|
2560
|
-
page: ctx.request.query.page,
|
|
2561
|
-
pageSize: ctx.request.query.pageSize
|
|
2597
|
+
ordering: "desc"
|
|
2562
2598
|
});
|
|
2563
2599
|
const relationsUnion = fp.uniqBy("id", fp.concat(sanitizedRes.results, res.results));
|
|
2564
2600
|
ctx.body = {
|
|
@@ -2590,7 +2626,7 @@ const createOrUpdateDocument = async (ctx, opts) => {
|
|
|
2590
2626
|
throw new strapiUtils.errors.ForbiddenError();
|
|
2591
2627
|
}
|
|
2592
2628
|
const sanitizedQuery = await permissionChecker2.sanitizedQuery.update(query);
|
|
2593
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2629
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2594
2630
|
const [documentVersion, otherDocumentVersion] = await Promise.all([
|
|
2595
2631
|
findDocument(sanitizedQuery, model, { locale, status: "draft" }),
|
|
2596
2632
|
// Find the first document to check if it exists
|
|
@@ -2631,7 +2667,7 @@ const singleTypes = {
|
|
|
2631
2667
|
return ctx.forbidden();
|
|
2632
2668
|
}
|
|
2633
2669
|
const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
|
|
2634
|
-
const { locale, status } = await getDocumentLocaleAndStatus(query);
|
|
2670
|
+
const { locale, status } = await getDocumentLocaleAndStatus(query, model);
|
|
2635
2671
|
const version = await findDocument(permissionQuery, model, { locale, status });
|
|
2636
2672
|
if (!version) {
|
|
2637
2673
|
if (permissionChecker2.cannot.create()) {
|
|
@@ -2676,7 +2712,7 @@ const singleTypes = {
|
|
|
2676
2712
|
}
|
|
2677
2713
|
const sanitizedQuery = await permissionChecker2.sanitizedQuery.delete(query);
|
|
2678
2714
|
const populate = await buildPopulateFromQuery(sanitizedQuery, model);
|
|
2679
|
-
const { locale } = await getDocumentLocaleAndStatus(query);
|
|
2715
|
+
const { locale } = await getDocumentLocaleAndStatus(query, model);
|
|
2680
2716
|
const documentLocales = await documentManager2.findLocales(void 0, model, {
|
|
2681
2717
|
populate,
|
|
2682
2718
|
locale
|
|
@@ -2713,7 +2749,7 @@ const singleTypes = {
|
|
|
2713
2749
|
if (permissionChecker2.cannot.publish(document)) {
|
|
2714
2750
|
throw new strapiUtils.errors.ForbiddenError();
|
|
2715
2751
|
}
|
|
2716
|
-
const { locale } = await getDocumentLocaleAndStatus(document);
|
|
2752
|
+
const { locale } = await getDocumentLocaleAndStatus(document, model);
|
|
2717
2753
|
const publishResult = await documentManager2.publish(document.documentId, model, { locale });
|
|
2718
2754
|
return publishResult.at(0);
|
|
2719
2755
|
});
|
|
@@ -2736,7 +2772,7 @@ const singleTypes = {
|
|
|
2736
2772
|
return ctx.forbidden();
|
|
2737
2773
|
}
|
|
2738
2774
|
const sanitizedQuery = await permissionChecker2.sanitizedQuery.unpublish(query);
|
|
2739
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2775
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2740
2776
|
const document = await findDocument(sanitizedQuery, model, { locale });
|
|
2741
2777
|
if (!document) {
|
|
2742
2778
|
return ctx.notFound();
|
|
@@ -2768,7 +2804,7 @@ const singleTypes = {
|
|
|
2768
2804
|
return ctx.forbidden();
|
|
2769
2805
|
}
|
|
2770
2806
|
const sanitizedQuery = await permissionChecker2.sanitizedQuery.discard(query);
|
|
2771
|
-
const { locale } = await getDocumentLocaleAndStatus(body);
|
|
2807
|
+
const { locale } = await getDocumentLocaleAndStatus(body, model);
|
|
2772
2808
|
const document = await findDocument(sanitizedQuery, model, { locale, status: "published" });
|
|
2773
2809
|
if (!document) {
|
|
2774
2810
|
return ctx.notFound();
|
|
@@ -2788,7 +2824,7 @@ const singleTypes = {
|
|
|
2788
2824
|
const { query } = ctx.request;
|
|
2789
2825
|
const documentManager2 = getService$1("document-manager");
|
|
2790
2826
|
const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
|
|
2791
|
-
const { locale } = await getDocumentLocaleAndStatus(query);
|
|
2827
|
+
const { locale } = await getDocumentLocaleAndStatus(query, model);
|
|
2792
2828
|
if (permissionChecker2.cannot.read()) {
|
|
2793
2829
|
return ctx.forbidden();
|
|
2794
2830
|
}
|
|
@@ -2809,7 +2845,7 @@ const uid$1 = {
|
|
|
2809
2845
|
async generateUID(ctx) {
|
|
2810
2846
|
const { contentTypeUID, field, data } = await validateGenerateUIDInput(ctx.request.body);
|
|
2811
2847
|
const { query = {} } = ctx.request;
|
|
2812
|
-
const { locale } = await getDocumentLocaleAndStatus(query);
|
|
2848
|
+
const { locale } = await getDocumentLocaleAndStatus(query, contentTypeUID);
|
|
2813
2849
|
await validateUIDField(contentTypeUID, field);
|
|
2814
2850
|
const uidService = getService$1("uid");
|
|
2815
2851
|
ctx.body = {
|
|
@@ -2821,7 +2857,7 @@ const uid$1 = {
|
|
|
2821
2857
|
ctx.request.body
|
|
2822
2858
|
);
|
|
2823
2859
|
const { query = {} } = ctx.request;
|
|
2824
|
-
const { locale } = await getDocumentLocaleAndStatus(query);
|
|
2860
|
+
const { locale } = await getDocumentLocaleAndStatus(query, contentTypeUID);
|
|
2825
2861
|
await validateUIDField(contentTypeUID, field);
|
|
2826
2862
|
const uidService = getService$1("uid");
|
|
2827
2863
|
const isAvailable = await uidService.checkUIDAvailability({
|
|
@@ -3464,12 +3500,27 @@ const createPermissionChecker = (strapi2) => ({ userAbility, model }) => {
|
|
|
3464
3500
|
ability: userAbility,
|
|
3465
3501
|
model
|
|
3466
3502
|
});
|
|
3467
|
-
const
|
|
3503
|
+
const { actionProvider } = strapi2.service("admin::permission");
|
|
3504
|
+
const toSubject = (entity) => {
|
|
3505
|
+
return entity ? permissionsManager.toSubject(entity, model) : model;
|
|
3506
|
+
};
|
|
3468
3507
|
const can = (action, entity, field) => {
|
|
3469
|
-
|
|
3508
|
+
const subject = toSubject(entity);
|
|
3509
|
+
const aliases = actionProvider.unstable_aliases(action, model);
|
|
3510
|
+
return (
|
|
3511
|
+
// Test the original action to see if it passes
|
|
3512
|
+
userAbility.can(action, subject, field) || // Else try every known alias if at least one of them succeed, then the user "can"
|
|
3513
|
+
aliases.some((alias) => userAbility.can(alias, subject, field))
|
|
3514
|
+
);
|
|
3470
3515
|
};
|
|
3471
3516
|
const cannot = (action, entity, field) => {
|
|
3472
|
-
|
|
3517
|
+
const subject = toSubject(entity);
|
|
3518
|
+
const aliases = actionProvider.unstable_aliases(action, model);
|
|
3519
|
+
return (
|
|
3520
|
+
// Test both the original action
|
|
3521
|
+
userAbility.cannot(action, subject, field) && // and every known alias, if all of them fail (cannot), then the user truly "cannot"
|
|
3522
|
+
aliases.every((alias) => userAbility.cannot(alias, subject, field))
|
|
3523
|
+
);
|
|
3473
3524
|
};
|
|
3474
3525
|
const sanitizeOutput = (data, { action = ACTIONS.read } = {}) => {
|
|
3475
3526
|
return permissionsManager.sanitizeOutput(data, { subject: toSubject(data), action });
|
|
@@ -3746,6 +3797,10 @@ const getDeepPopulateDraftCount = (uid2) => {
|
|
|
3746
3797
|
const attribute = model.attributes[attributeName];
|
|
3747
3798
|
switch (attribute.type) {
|
|
3748
3799
|
case "relation": {
|
|
3800
|
+
const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
|
|
3801
|
+
if (isMorphRelation) {
|
|
3802
|
+
break;
|
|
3803
|
+
}
|
|
3749
3804
|
if (isVisibleAttribute$1(model, attributeName)) {
|
|
3750
3805
|
populateAcc[attributeName] = {
|
|
3751
3806
|
count: true,
|
|
@@ -4123,7 +4178,13 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
|
|
|
4123
4178
|
*/
|
|
4124
4179
|
async formatDocumentWithMetadata(uid2, document, opts = {}) {
|
|
4125
4180
|
if (!document) {
|
|
4126
|
-
return
|
|
4181
|
+
return {
|
|
4182
|
+
data: document,
|
|
4183
|
+
meta: {
|
|
4184
|
+
availableLocales: [],
|
|
4185
|
+
availableStatus: []
|
|
4186
|
+
}
|
|
4187
|
+
};
|
|
4127
4188
|
}
|
|
4128
4189
|
const hasDraftAndPublish = strapiUtils.contentTypes.hasDraftAndPublish(strapi2.getModel(uid2));
|
|
4129
4190
|
if (!hasDraftAndPublish) {
|
|
@@ -4231,10 +4292,7 @@ const documentManager = ({ strapi: strapi2 }) => {
|
|
|
4231
4292
|
async clone(id, body, uid2) {
|
|
4232
4293
|
const populate = await buildDeepPopulate(uid2);
|
|
4233
4294
|
const params = {
|
|
4234
|
-
data:
|
|
4235
|
-
...omitIdField(body),
|
|
4236
|
-
[PUBLISHED_AT_ATTRIBUTE]: null
|
|
4237
|
-
},
|
|
4295
|
+
data: omitIdField(body),
|
|
4238
4296
|
populate
|
|
4239
4297
|
};
|
|
4240
4298
|
return strapi2.documents(uid2).clone({ ...params, documentId: id }).then((result) => result?.entries.at(0));
|