@strapi/content-manager 0.0.0-experimental.f75e3c6d67cc47c64ab37479efdbb7b43be50b78 → 0.0.0-next.ce84fada19d58a7dfbdd553035e6558f8befcba4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (137) hide show
  1. package/LICENSE +18 -3
  2. package/dist/_chunks/{ComponentConfigurationPage-CuWgXugY.mjs → ComponentConfigurationPage-DfFSZQxe.mjs} +3 -3
  3. package/dist/_chunks/{ComponentConfigurationPage-CuWgXugY.mjs.map → ComponentConfigurationPage-DfFSZQxe.mjs.map} +1 -1
  4. package/dist/_chunks/{ComponentConfigurationPage-by0e_kNd.js → ComponentConfigurationPage-FqfsxQ1j.js} +3 -3
  5. package/dist/_chunks/{ComponentConfigurationPage-by0e_kNd.js.map → ComponentConfigurationPage-FqfsxQ1j.js.map} +1 -1
  6. package/dist/_chunks/{EditConfigurationPage-CqBeCPGH.js → EditConfigurationPage-Cn0e8t3I.js} +3 -3
  7. package/dist/_chunks/{EditConfigurationPage-CqBeCPGH.js.map → EditConfigurationPage-Cn0e8t3I.js.map} +1 -1
  8. package/dist/_chunks/{EditConfigurationPage-DbI4KMyz.mjs → EditConfigurationPage-DdPNAbl3.mjs} +3 -3
  9. package/dist/_chunks/{EditConfigurationPage-DbI4KMyz.mjs.map → EditConfigurationPage-DdPNAbl3.mjs.map} +1 -1
  10. package/dist/_chunks/{EditViewPage-dFPBya9U.mjs → EditViewPage-B82x_x1b.mjs} +69 -48
  11. package/dist/_chunks/EditViewPage-B82x_x1b.mjs.map +1 -0
  12. package/dist/_chunks/{EditViewPage-ChgloMyO.js → EditViewPage-DlxEHhUt.js} +68 -47
  13. package/dist/_chunks/EditViewPage-DlxEHhUt.js.map +1 -0
  14. package/dist/_chunks/{Field-dLk-vgLL.js → Field-COL25JiC.js} +581 -229
  15. package/dist/_chunks/Field-COL25JiC.js.map +1 -0
  16. package/dist/_chunks/{Field-C1nUKcdS.mjs → Field-DufHXW17.mjs} +579 -227
  17. package/dist/_chunks/Field-DufHXW17.mjs.map +1 -0
  18. package/dist/_chunks/{Form-CbXtmHC_.js → Form-BssUwrTO.js} +52 -34
  19. package/dist/_chunks/Form-BssUwrTO.js.map +1 -0
  20. package/dist/_chunks/{Form-DOlpi7Js.mjs → Form-u_kAOhwB.mjs} +54 -36
  21. package/dist/_chunks/Form-u_kAOhwB.mjs.map +1 -0
  22. package/dist/_chunks/{History-BjDfohBr.js → History-C9t9UqpO.js} +158 -40
  23. package/dist/_chunks/History-C9t9UqpO.js.map +1 -0
  24. package/dist/_chunks/{History-BFNUAiGc.mjs → History-DRwA3oMM.mjs} +159 -41
  25. package/dist/_chunks/History-DRwA3oMM.mjs.map +1 -0
  26. package/dist/_chunks/{ListConfigurationPage-IQBgWTaa.js → ListConfigurationPage-BXYPohh-.js} +57 -46
  27. package/dist/_chunks/ListConfigurationPage-BXYPohh-.js.map +1 -0
  28. package/dist/_chunks/{ListConfigurationPage-DDi0KqFm.mjs → ListConfigurationPage-BxfQJzPk.mjs} +58 -48
  29. package/dist/_chunks/ListConfigurationPage-BxfQJzPk.mjs.map +1 -0
  30. package/dist/_chunks/{ListViewPage-BPjljUsH.mjs → ListViewPage-CELx2ysp.mjs} +116 -103
  31. package/dist/_chunks/ListViewPage-CELx2ysp.mjs.map +1 -0
  32. package/dist/_chunks/{ListViewPage-CZYGqlvF.js → ListViewPage-D2VD8Szg.js} +117 -104
  33. package/dist/_chunks/ListViewPage-D2VD8Szg.js.map +1 -0
  34. package/dist/_chunks/{NoContentTypePage-BOAI6VZ1.js → NoContentTypePage-BV9IjJSM.js} +2 -2
  35. package/dist/_chunks/{NoContentTypePage-BOAI6VZ1.js.map → NoContentTypePage-BV9IjJSM.js.map} +1 -1
  36. package/dist/_chunks/{NoContentTypePage-DaWw67K-.mjs → NoContentTypePage-DtJ9jcfk.mjs} +2 -2
  37. package/dist/_chunks/{NoContentTypePage-DaWw67K-.mjs.map → NoContentTypePage-DtJ9jcfk.mjs.map} +1 -1
  38. package/dist/_chunks/{NoPermissionsPage-CZrJH00p.mjs → NoPermissionsPage-DWleVYK7.mjs} +2 -2
  39. package/dist/_chunks/{NoPermissionsPage-CZrJH00p.mjs.map → NoPermissionsPage-DWleVYK7.mjs.map} +1 -1
  40. package/dist/_chunks/{NoPermissionsPage-cYEtLc_e.js → NoPermissionsPage-Dp8NpF9I.js} +2 -2
  41. package/dist/_chunks/{NoPermissionsPage-cYEtLc_e.js.map → NoPermissionsPage-Dp8NpF9I.js.map} +1 -1
  42. package/dist/_chunks/{Relations-DTowyge2.mjs → Relations-BTcf5xaw.mjs} +34 -25
  43. package/dist/_chunks/Relations-BTcf5xaw.mjs.map +1 -0
  44. package/dist/_chunks/{Relations-DU6B7irU.js → Relations-DR7EUgyC.js} +34 -25
  45. package/dist/_chunks/Relations-DR7EUgyC.js.map +1 -0
  46. package/dist/_chunks/{en-DTULi5-d.js → en-Bm0D0IWz.js} +21 -15
  47. package/dist/_chunks/{en-DTULi5-d.js.map → en-Bm0D0IWz.js.map} +1 -1
  48. package/dist/_chunks/{en-GCOTL6jR.mjs → en-DKV44jRb.mjs} +21 -15
  49. package/dist/_chunks/{en-GCOTL6jR.mjs.map → en-DKV44jRb.mjs.map} +1 -1
  50. package/dist/_chunks/{index-CCJeB7Rw.js → index-BdMf2lfT.js} +1357 -747
  51. package/dist/_chunks/index-BdMf2lfT.js.map +1 -0
  52. package/dist/_chunks/{index-BaGHmIir.mjs → index-wnqzm4Q8.mjs} +1390 -780
  53. package/dist/_chunks/index-wnqzm4Q8.mjs.map +1 -0
  54. package/dist/_chunks/{layout-BinjszSQ.mjs → layout-2CfjL0T9.mjs} +41 -23
  55. package/dist/_chunks/layout-2CfjL0T9.mjs.map +1 -0
  56. package/dist/_chunks/{layout-ni_L9kT1.js → layout-B2MyZU-_.js} +39 -21
  57. package/dist/_chunks/layout-B2MyZU-_.js.map +1 -0
  58. package/dist/_chunks/{relations-CeJAJc5I.js → relations-BH7JJGGe.js} +2 -2
  59. package/dist/_chunks/{relations-CeJAJc5I.js.map → relations-BH7JJGGe.js.map} +1 -1
  60. package/dist/_chunks/{relations-c91ji5eR.mjs → relations-C0w0GcXi.mjs} +2 -2
  61. package/dist/_chunks/{relations-c91ji5eR.mjs.map → relations-C0w0GcXi.mjs.map} +1 -1
  62. package/dist/_chunks/{usePrev-B9w_-eYc.js → useDebounce-CtcjDB3L.js} +14 -1
  63. package/dist/_chunks/useDebounce-CtcjDB3L.js.map +1 -0
  64. package/dist/_chunks/useDebounce-DmuSJIF3.mjs +29 -0
  65. package/dist/_chunks/useDebounce-DmuSJIF3.mjs.map +1 -0
  66. package/dist/admin/index.js +2 -1
  67. package/dist/admin/index.js.map +1 -1
  68. package/dist/admin/index.mjs +7 -6
  69. package/dist/admin/src/exports.d.ts +1 -1
  70. package/dist/admin/src/history/components/VersionInputRenderer.d.ts +1 -1
  71. package/dist/admin/src/history/index.d.ts +3 -0
  72. package/dist/admin/src/history/services/historyVersion.d.ts +1 -1
  73. package/dist/admin/src/hooks/useDocument.d.ts +32 -1
  74. package/dist/admin/src/hooks/useDocumentActions.d.ts +1 -1
  75. package/dist/admin/src/index.d.ts +1 -0
  76. package/dist/admin/src/pages/EditView/components/DocumentActions.d.ts +8 -3
  77. package/dist/admin/src/pages/EditView/components/FormInputs/BlocksInput/utils/constants.d.ts +4 -0
  78. package/dist/admin/src/pages/EditView/components/FormInputs/Relations.d.ts +20 -0
  79. package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/EditorLayout.d.ts +2 -2
  80. package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/WysiwygFooter.d.ts +2 -2
  81. package/dist/admin/src/pages/EditView/components/FormInputs/Wysiwyg/WysiwygStyles.d.ts +6 -58
  82. package/dist/admin/src/pages/EditView/components/Header.d.ts +11 -11
  83. package/dist/admin/src/pages/ListView/components/BulkActions/Actions.d.ts +3 -30
  84. package/dist/admin/src/pages/ListView/components/BulkActions/ConfirmBulkActionDialog.d.ts +2 -2
  85. package/dist/admin/src/pages/ListView/components/BulkActions/PublishAction.d.ts +14 -0
  86. package/dist/admin/src/services/api.d.ts +1 -1
  87. package/dist/admin/src/services/components.d.ts +2 -2
  88. package/dist/admin/src/services/contentTypes.d.ts +3 -3
  89. package/dist/admin/src/services/documents.d.ts +19 -17
  90. package/dist/admin/src/services/init.d.ts +1 -1
  91. package/dist/admin/src/services/relations.d.ts +2 -2
  92. package/dist/admin/src/services/uid.d.ts +3 -3
  93. package/dist/admin/src/utils/validation.d.ts +4 -1
  94. package/dist/server/index.js +218 -126
  95. package/dist/server/index.js.map +1 -1
  96. package/dist/server/index.mjs +219 -127
  97. package/dist/server/index.mjs.map +1 -1
  98. package/dist/server/src/controllers/collection-types.d.ts.map +1 -1
  99. package/dist/server/src/controllers/relations.d.ts.map +1 -1
  100. package/dist/server/src/controllers/single-types.d.ts.map +1 -1
  101. package/dist/server/src/controllers/uid.d.ts.map +1 -1
  102. package/dist/server/src/controllers/validation/dimensions.d.ts +4 -2
  103. package/dist/server/src/controllers/validation/dimensions.d.ts.map +1 -1
  104. package/dist/server/src/history/services/history.d.ts.map +1 -1
  105. package/dist/server/src/history/services/lifecycles.d.ts.map +1 -1
  106. package/dist/server/src/history/services/utils.d.ts +2 -1
  107. package/dist/server/src/history/services/utils.d.ts.map +1 -1
  108. package/dist/server/src/policies/hasPermissions.d.ts.map +1 -1
  109. package/dist/server/src/services/document-manager.d.ts.map +1 -1
  110. package/dist/server/src/services/document-metadata.d.ts.map +1 -1
  111. package/dist/server/src/services/permission-checker.d.ts.map +1 -1
  112. package/dist/server/src/services/utils/populate.d.ts.map +1 -1
  113. package/dist/shared/contracts/collection-types.d.ts +3 -1
  114. package/dist/shared/contracts/collection-types.d.ts.map +1 -1
  115. package/package.json +12 -12
  116. package/dist/_chunks/EditViewPage-ChgloMyO.js.map +0 -1
  117. package/dist/_chunks/EditViewPage-dFPBya9U.mjs.map +0 -1
  118. package/dist/_chunks/Field-C1nUKcdS.mjs.map +0 -1
  119. package/dist/_chunks/Field-dLk-vgLL.js.map +0 -1
  120. package/dist/_chunks/Form-CbXtmHC_.js.map +0 -1
  121. package/dist/_chunks/Form-DOlpi7Js.mjs.map +0 -1
  122. package/dist/_chunks/History-BFNUAiGc.mjs.map +0 -1
  123. package/dist/_chunks/History-BjDfohBr.js.map +0 -1
  124. package/dist/_chunks/ListConfigurationPage-DDi0KqFm.mjs.map +0 -1
  125. package/dist/_chunks/ListConfigurationPage-IQBgWTaa.js.map +0 -1
  126. package/dist/_chunks/ListViewPage-BPjljUsH.mjs.map +0 -1
  127. package/dist/_chunks/ListViewPage-CZYGqlvF.js.map +0 -1
  128. package/dist/_chunks/Relations-DTowyge2.mjs.map +0 -1
  129. package/dist/_chunks/Relations-DU6B7irU.js.map +0 -1
  130. package/dist/_chunks/index-BaGHmIir.mjs.map +0 -1
  131. package/dist/_chunks/index-CCJeB7Rw.js.map +0 -1
  132. package/dist/_chunks/layout-BinjszSQ.mjs.map +0 -1
  133. package/dist/_chunks/layout-ni_L9kT1.js.map +0 -1
  134. package/dist/_chunks/usePrev-B9w_-eYc.js.map +0 -1
  135. package/dist/_chunks/usePrev-DH6iah0A.mjs +0 -16
  136. package/dist/_chunks/usePrev-DH6iah0A.mjs.map +0 -1
  137. package/strapi-server.js +0 -3
@@ -1,5 +1,5 @@
1
1
  import strapiUtils, { validateYupSchema, errors, async, contentTypes as contentTypes$1, yup as yup$1, validateYupSchemaSync, policy, traverse, setCreatorFields, isOperatorOfType, relations as relations$1, traverseEntity, pagination } from "@strapi/utils";
2
- import { pick, omit, difference, intersection, pipe, propOr, isEqual, isEmpty, set, has, prop, assoc, mapValues, flow, uniq, uniqBy, concat, isNil as isNil$1, getOr, propEq, merge, groupBy, castArray } from "lodash/fp";
2
+ import { pick, omit, difference, castArray, intersection, pipe, propOr, isEqual, isEmpty, set, isNil as isNil$1, has, prop, assoc, mapValues, flow, uniq, uniqBy, concat, getOr, propEq, merge, groupBy } from "lodash/fp";
3
3
  import "@strapi/types";
4
4
  import * as yup from "yup";
5
5
  import { scheduleJob } from "node-schedule";
@@ -173,7 +173,9 @@ const createServiceUtils = ({ strapi: strapi2 }) => {
173
173
  return strapi2.db.query("plugin::upload.file").findOne({ where: { id: versionRelationData.id } });
174
174
  };
175
175
  const localesService = strapi2.plugin("i18n")?.service("locales");
176
+ const i18nContentTypeService = strapi2.plugin("i18n")?.service("content-types");
176
177
  const getDefaultLocale = async () => localesService ? localesService.getDefaultLocale() : null;
178
+ const isLocalizedContentType = (model) => i18nContentTypeService ? i18nContentTypeService.isLocalizedContentType(model) : false;
177
179
  const getLocaleDictionary = async () => {
178
180
  if (!localesService)
179
181
  return {};
@@ -200,20 +202,25 @@ const createServiceUtils = ({ strapi: strapi2 }) => {
200
202
  const meta = await documentMetadataService.getMetadata(contentTypeUid, document);
201
203
  return documentMetadataService.getStatus(document, meta.availableStatus);
202
204
  };
203
- const getDeepPopulate2 = (uid2) => {
205
+ const getDeepPopulate2 = (uid2, useDatabaseSyntax = false) => {
204
206
  const model = strapi2.getModel(uid2);
205
207
  const attributes = Object.entries(model.attributes);
208
+ const fieldSelector = useDatabaseSyntax ? "select" : "fields";
206
209
  return attributes.reduce((acc, [attributeName, attribute]) => {
207
210
  switch (attribute.type) {
208
211
  case "relation": {
212
+ const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
213
+ if (isMorphRelation) {
214
+ break;
215
+ }
209
216
  const isVisible2 = contentTypes$1.isVisibleAttribute(model, attributeName);
210
217
  if (isVisible2) {
211
- acc[attributeName] = { fields: ["documentId", "locale", "publishedAt"] };
218
+ acc[attributeName] = { [fieldSelector]: ["documentId", "locale", "publishedAt"] };
212
219
  }
213
220
  break;
214
221
  }
215
222
  case "media": {
216
- acc[attributeName] = { fields: ["id"] };
223
+ acc[attributeName] = { [fieldSelector]: ["id"] };
217
224
  break;
218
225
  }
219
226
  case "component": {
@@ -286,6 +293,7 @@ const createServiceUtils = ({ strapi: strapi2 }) => {
286
293
  getRelationRestoreValue,
287
294
  getMediaRestoreValue,
288
295
  getDefaultLocale,
296
+ isLocalizedContentType,
289
297
  getLocaleDictionary,
290
298
  getRetentionDays,
291
299
  getVersionStatus,
@@ -308,7 +316,13 @@ const createHistoryService = ({ strapi: strapi2 }) => {
308
316
  });
309
317
  },
310
318
  async findVersionsPage(params) {
311
- const locale = params.query.locale || await serviceUtils.getDefaultLocale();
319
+ const model = strapi2.getModel(params.query.contentType);
320
+ const isLocalizedContentType = serviceUtils.isLocalizedContentType(model);
321
+ const defaultLocale = await serviceUtils.getDefaultLocale();
322
+ let locale = null;
323
+ if (isLocalizedContentType) {
324
+ locale = params.query.locale || defaultLocale;
325
+ }
312
326
  const [{ results, pagination: pagination2 }, localeDictionary] = await Promise.all([
313
327
  query.findPage({
314
328
  ...params.query,
@@ -353,7 +367,12 @@ const createHistoryService = ({ strapi: strapi2 }) => {
353
367
  if (userToPopulate == null) {
354
368
  return null;
355
369
  }
356
- return strapi2.query("admin::user").findOne({ where: { id: userToPopulate.id } });
370
+ return strapi2.query("admin::user").findOne({
371
+ where: {
372
+ ...userToPopulate.id ? { id: userToPopulate.id } : {},
373
+ ...userToPopulate.documentId ? { documentId: userToPopulate.documentId } : {}
374
+ }
375
+ });
357
376
  })
358
377
  );
359
378
  return {
@@ -464,13 +483,47 @@ const createHistoryService = ({ strapi: strapi2 }) => {
464
483
  }
465
484
  };
466
485
  };
486
+ const shouldCreateHistoryVersion = (context) => {
487
+ if (!strapi.requestContext.get()?.request.url.startsWith("/content-manager")) {
488
+ return false;
489
+ }
490
+ if (context.action !== "create" && context.action !== "update" && context.action !== "clone" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
491
+ return false;
492
+ }
493
+ if (context.action === "update" && strapi.requestContext.get()?.request.url.endsWith("/actions/publish")) {
494
+ return false;
495
+ }
496
+ if (!context.contentType.uid.startsWith("api::")) {
497
+ return false;
498
+ }
499
+ return true;
500
+ };
501
+ const getSchemas = (uid2) => {
502
+ const attributesSchema = strapi.getModel(uid2).attributes;
503
+ const componentsSchemas = Object.keys(attributesSchema).reduce(
504
+ (currentComponentSchemas, key) => {
505
+ const fieldSchema = attributesSchema[key];
506
+ if (fieldSchema.type === "component") {
507
+ const componentSchema = strapi.getModel(fieldSchema.component).attributes;
508
+ return {
509
+ ...currentComponentSchemas,
510
+ [fieldSchema.component]: componentSchema
511
+ };
512
+ }
513
+ return currentComponentSchemas;
514
+ },
515
+ {}
516
+ );
517
+ return {
518
+ schema: omit(FIELDS_TO_IGNORE, attributesSchema),
519
+ componentsSchemas
520
+ };
521
+ };
467
522
  const createLifecyclesService = ({ strapi: strapi2 }) => {
468
523
  const state = {
469
524
  deleteExpiredJob: null,
470
525
  isInitialized: false
471
526
  };
472
- const query = strapi2.db.query(HISTORY_VERSION_UID);
473
- const historyService = getService(strapi2, "history");
474
527
  const serviceUtils = createServiceUtils({ strapi: strapi2 });
475
528
  return {
476
529
  async bootstrap() {
@@ -478,66 +531,53 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
478
531
  return;
479
532
  }
480
533
  strapi2.documents.use(async (context, next) => {
481
- if (!strapi2.requestContext.get()?.request.url.startsWith("/content-manager")) {
482
- return next();
483
- }
484
- if (context.action !== "create" && context.action !== "update" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
485
- return next();
486
- }
487
- const contentTypeUid = context.contentType.uid;
488
- if (!contentTypeUid.startsWith("api::")) {
489
- return next();
490
- }
491
534
  const result = await next();
492
- const documentContext = context.action === "create" ? { documentId: result.documentId, locale: context.params?.locale } : { documentId: context.params.documentId, locale: context.params?.locale };
535
+ if (!shouldCreateHistoryVersion(context)) {
536
+ return result;
537
+ }
538
+ const documentId = context.action === "create" || context.action === "clone" ? result.documentId : context.params.documentId;
493
539
  const defaultLocale = await serviceUtils.getDefaultLocale();
494
- const locale = documentContext.locale || defaultLocale;
495
- if (Array.isArray(locale)) {
496
- strapi2.log.warn(
497
- "[Content manager history middleware]: An array of locales was provided, but only a single locale is supported for the findOne operation."
498
- );
499
- return next();
540
+ const locales = castArray(context.params?.locale || defaultLocale);
541
+ if (!locales.length) {
542
+ return result;
500
543
  }
501
- const document = await strapi2.documents(contentTypeUid).findOne({
502
- documentId: documentContext.documentId,
503
- locale,
504
- populate: serviceUtils.getDeepPopulate(contentTypeUid)
544
+ const uid2 = context.contentType.uid;
545
+ const schemas = getSchemas(uid2);
546
+ const model = strapi2.getModel(uid2);
547
+ const isLocalizedContentType = serviceUtils.isLocalizedContentType(model);
548
+ const localeEntries = await strapi2.db.query(uid2).findMany({
549
+ where: {
550
+ documentId,
551
+ ...isLocalizedContentType ? { locale: { $in: locales } } : {},
552
+ ...contentTypes$1.hasDraftAndPublish(strapi2.contentTypes[uid2]) ? { publishedAt: null } : {}
553
+ },
554
+ populate: serviceUtils.getDeepPopulate(
555
+ uid2,
556
+ true
557
+ /* use database syntax */
558
+ )
505
559
  });
506
- const status = await serviceUtils.getVersionStatus(contentTypeUid, document);
507
- const attributesSchema = strapi2.getModel(contentTypeUid).attributes;
508
- const componentsSchemas = Object.keys(
509
- attributesSchema
510
- ).reduce((currentComponentSchemas, key) => {
511
- const fieldSchema = attributesSchema[key];
512
- if (fieldSchema.type === "component") {
513
- const componentSchema = strapi2.getModel(fieldSchema.component).attributes;
514
- return {
515
- ...currentComponentSchemas,
516
- [fieldSchema.component]: componentSchema
517
- };
518
- }
519
- return currentComponentSchemas;
520
- }, {});
521
560
  await strapi2.db.transaction(async ({ onCommit }) => {
522
- onCommit(() => {
523
- historyService.createVersion({
524
- contentType: contentTypeUid,
525
- data: omit(FIELDS_TO_IGNORE, document),
526
- schema: omit(FIELDS_TO_IGNORE, attributesSchema),
527
- componentsSchemas,
528
- relatedDocumentId: documentContext.documentId,
529
- locale,
530
- status
531
- });
561
+ onCommit(async () => {
562
+ for (const entry of localeEntries) {
563
+ const status = await serviceUtils.getVersionStatus(uid2, entry);
564
+ await getService(strapi2, "history").createVersion({
565
+ contentType: uid2,
566
+ data: omit(FIELDS_TO_IGNORE, entry),
567
+ relatedDocumentId: documentId,
568
+ locale: entry.locale,
569
+ status,
570
+ ...schemas
571
+ });
572
+ }
532
573
  });
533
574
  });
534
575
  return result;
535
576
  });
536
- const retentionDays = serviceUtils.getRetentionDays();
537
577
  state.deleteExpiredJob = scheduleJob("0 0 * * *", () => {
538
- const retentionDaysInMilliseconds = retentionDays * 24 * 60 * 60 * 1e3;
578
+ const retentionDaysInMilliseconds = serviceUtils.getRetentionDays() * 24 * 60 * 60 * 1e3;
539
579
  const expirationDate = new Date(Date.now() - retentionDaysInMilliseconds);
540
- query.deleteMany({
580
+ strapi2.db.query(HISTORY_VERSION_UID).deleteMany({
541
581
  where: {
542
582
  created_at: {
543
583
  $lt: expirationDate.toISOString()
@@ -1169,6 +1209,11 @@ const { createPolicy } = policy;
1169
1209
  const hasPermissions = createPolicy({
1170
1210
  name: "plugin::content-manager.hasPermissions",
1171
1211
  validator: validateHasPermissionsInput,
1212
+ /**
1213
+ * NOTE: Action aliases are currently not checked at this level (policy).
1214
+ * This is currently the intended behavior to avoid changing the behavior of API related permissions.
1215
+ * If you want to add support for it, please create a dedicated RFC with a list of potential side effect this could have.
1216
+ */
1172
1217
  handler(ctx, config = {}) {
1173
1218
  const { actions = [], hasAtLeastOne = false } = config;
1174
1219
  const { userAbility } = ctx.state;
@@ -1562,9 +1607,11 @@ const multipleLocaleSchema = yup$1.lazy(
1562
1607
  (value) => Array.isArray(value) ? yup$1.array().of(singleLocaleSchema.required()) : singleLocaleSchema
1563
1608
  );
1564
1609
  const statusSchema = yup$1.mixed().oneOf(["draft", "published"], "Invalid status");
1565
- const getDocumentLocaleAndStatus = async (request, opts = { allowMultipleLocales: false }) => {
1610
+ const getDocumentLocaleAndStatus = async (request, model, opts = { allowMultipleLocales: false }) => {
1566
1611
  const { allowMultipleLocales } = opts;
1567
- const { locale, status, ...rest } = request || {};
1612
+ const { locale, status: providedStatus, ...rest } = request || {};
1613
+ const defaultStatus = contentTypes$1.hasDraftAndPublish(strapi.getModel(model)) ? void 0 : "published";
1614
+ const status = providedStatus !== void 0 ? providedStatus : defaultStatus;
1568
1615
  const schema = yup$1.object().shape({
1569
1616
  locale: allowMultipleLocales ? multipleLocaleSchema : singleLocaleSchema,
1570
1617
  status: statusSchema
@@ -1612,7 +1659,7 @@ const createDocument = async (ctx, opts) => {
1612
1659
  const setCreator = setCreatorFields({ user });
1613
1660
  const sanitizeFn = async.pipe(pickPermittedFields, setCreator);
1614
1661
  const sanitizedBody = await sanitizeFn(body);
1615
- const { locale, status = "draft" } = await getDocumentLocaleAndStatus(body);
1662
+ const { locale, status } = await getDocumentLocaleAndStatus(body, model);
1616
1663
  return documentManager2.create(model, {
1617
1664
  data: sanitizedBody,
1618
1665
  locale,
@@ -1631,7 +1678,7 @@ const updateDocument = async (ctx, opts) => {
1631
1678
  }
1632
1679
  const permissionQuery = await permissionChecker2.sanitizedQuery.update(ctx.query);
1633
1680
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1634
- const { locale } = await getDocumentLocaleAndStatus(body);
1681
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1635
1682
  const [documentVersion, documentExists] = await Promise.all([
1636
1683
  documentManager2.findOne(id, model, { populate, locale, status: "draft" }),
1637
1684
  documentManager2.exists(model, id)
@@ -1647,7 +1694,7 @@ const updateDocument = async (ctx, opts) => {
1647
1694
  throw new errors.ForbiddenError();
1648
1695
  }
1649
1696
  const pickPermittedFields = documentVersion ? permissionChecker2.sanitizeUpdateInput(documentVersion) : permissionChecker2.sanitizeCreateInput;
1650
- const setCreator = setCreatorFields({ user, isEdition: true });
1697
+ const setCreator = documentVersion ? setCreatorFields({ user, isEdition: true }) : setCreatorFields({ user });
1651
1698
  const sanitizeFn = async.pipe(pickPermittedFields, setCreator);
1652
1699
  const sanitizedBody = await sanitizeFn(body);
1653
1700
  return documentManager2.update(documentVersion?.documentId || id, model, {
@@ -1669,7 +1716,7 @@ const collectionTypes = {
1669
1716
  }
1670
1717
  const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
1671
1718
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(1).countRelations({ toOne: false, toMany: true }).build();
1672
- const { locale, status } = await getDocumentLocaleAndStatus(query);
1719
+ const { locale, status } = await getDocumentLocaleAndStatus(query, model);
1673
1720
  const { results: documents, pagination: pagination2 } = await documentManager2.findPage(
1674
1721
  { ...permissionQuery, populate, locale, status },
1675
1722
  model
@@ -1704,7 +1751,7 @@ const collectionTypes = {
1704
1751
  }
1705
1752
  const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
1706
1753
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
1707
- const { locale, status = "draft" } = await getDocumentLocaleAndStatus(ctx.query);
1754
+ const { locale, status } = await getDocumentLocaleAndStatus(ctx.query, model);
1708
1755
  const version = await documentManager2.findOne(id, model, {
1709
1756
  populate,
1710
1757
  locale,
@@ -1719,7 +1766,7 @@ const collectionTypes = {
1719
1766
  permissionChecker2,
1720
1767
  model,
1721
1768
  // @ts-expect-error TODO: fix
1722
- { id, locale, publishedAt: null },
1769
+ { documentId: id, locale, publishedAt: null },
1723
1770
  { availableLocales: true, availableStatus: false }
1724
1771
  );
1725
1772
  ctx.body = { data: {}, meta };
@@ -1771,7 +1818,7 @@ const collectionTypes = {
1771
1818
  }
1772
1819
  const permissionQuery = await permissionChecker2.sanitizedQuery.create(ctx.query);
1773
1820
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1774
- const { locale } = await getDocumentLocaleAndStatus(body);
1821
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1775
1822
  const document = await documentManager2.findOne(id, model, {
1776
1823
  populate,
1777
1824
  locale,
@@ -1816,7 +1863,7 @@ const collectionTypes = {
1816
1863
  }
1817
1864
  const permissionQuery = await permissionChecker2.sanitizedQuery.delete(ctx.query);
1818
1865
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1819
- const { locale } = await getDocumentLocaleAndStatus(ctx.query);
1866
+ const { locale } = await getDocumentLocaleAndStatus(ctx.query, model);
1820
1867
  const documentLocales = await documentManager2.findLocales(id, model, { populate, locale });
1821
1868
  if (documentLocales.length === 0) {
1822
1869
  return ctx.notFound();
@@ -1845,11 +1892,34 @@ const collectionTypes = {
1845
1892
  const publishedDocument = await strapi.db.transaction(async () => {
1846
1893
  const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
1847
1894
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
1848
- const document = id ? await updateDocument(ctx, { populate }) : await createDocument(ctx, { populate });
1895
+ let document;
1896
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1897
+ const isCreate = isNil$1(id);
1898
+ if (isCreate) {
1899
+ if (permissionChecker2.cannot.create()) {
1900
+ throw new errors.ForbiddenError();
1901
+ }
1902
+ document = await createDocument(ctx, { populate });
1903
+ }
1904
+ const isUpdate = !isCreate;
1905
+ if (isUpdate) {
1906
+ const documentExists = documentManager2.exists(model, id);
1907
+ if (!documentExists) {
1908
+ throw new errors.NotFoundError("Document not found");
1909
+ }
1910
+ document = await documentManager2.findOne(id, model, { populate, locale });
1911
+ if (!document) {
1912
+ if (permissionChecker2.cannot.create({ locale }) || permissionChecker2.cannot.publish({ locale })) {
1913
+ throw new errors.ForbiddenError();
1914
+ }
1915
+ document = await updateDocument(ctx);
1916
+ } else if (permissionChecker2.can.update(document)) {
1917
+ await updateDocument(ctx);
1918
+ }
1919
+ }
1849
1920
  if (permissionChecker2.cannot.publish(document)) {
1850
1921
  throw new errors.ForbiddenError();
1851
1922
  }
1852
- const { locale } = await getDocumentLocaleAndStatus(body);
1853
1923
  const publishResult = await documentManager2.publish(document.documentId, model, {
1854
1924
  locale
1855
1925
  // TODO: Allow setting creator fields on publish
@@ -1876,7 +1946,9 @@ const collectionTypes = {
1876
1946
  }
1877
1947
  const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
1878
1948
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
1879
- const { locale } = await getDocumentLocaleAndStatus(body, { allowMultipleLocales: true });
1949
+ const { locale } = await getDocumentLocaleAndStatus(body, model, {
1950
+ allowMultipleLocales: true
1951
+ });
1880
1952
  const entityPromises = documentIds.map(
1881
1953
  (documentId) => documentManager2.findLocales(documentId, model, { populate, locale, isPublished: false })
1882
1954
  );
@@ -1903,7 +1975,9 @@ const collectionTypes = {
1903
1975
  if (permissionChecker2.cannot.unpublish()) {
1904
1976
  return ctx.forbidden();
1905
1977
  }
1906
- const { locale } = await getDocumentLocaleAndStatus(body);
1978
+ const { locale } = await getDocumentLocaleAndStatus(body, model, {
1979
+ allowMultipleLocales: true
1980
+ });
1907
1981
  const entityPromises = documentIds.map(
1908
1982
  (documentId) => documentManager2.findLocales(documentId, model, { locale, isPublished: true })
1909
1983
  );
@@ -1936,7 +2010,7 @@ const collectionTypes = {
1936
2010
  }
1937
2011
  const permissionQuery = await permissionChecker2.sanitizedQuery.unpublish(ctx.query);
1938
2012
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1939
- const { locale } = await getDocumentLocaleAndStatus(body);
2013
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1940
2014
  const document = await documentManager2.findOne(id, model, {
1941
2015
  populate,
1942
2016
  locale,
@@ -1973,7 +2047,7 @@ const collectionTypes = {
1973
2047
  }
1974
2048
  const permissionQuery = await permissionChecker2.sanitizedQuery.discard(ctx.query);
1975
2049
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
1976
- const { locale } = await getDocumentLocaleAndStatus(body);
2050
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
1977
2051
  const document = await documentManager2.findOne(id, model, {
1978
2052
  populate,
1979
2053
  locale,
@@ -2004,7 +2078,7 @@ const collectionTypes = {
2004
2078
  }
2005
2079
  const permissionQuery = await permissionChecker2.sanitizedQuery.delete(query);
2006
2080
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
2007
- const { locale } = await getDocumentLocaleAndStatus(body);
2081
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2008
2082
  const documentLocales = await documentManager2.findLocales(documentIds, model, {
2009
2083
  populate,
2010
2084
  locale
@@ -2031,7 +2105,7 @@ const collectionTypes = {
2031
2105
  }
2032
2106
  const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
2033
2107
  const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
2034
- const { locale, status = "draft" } = await getDocumentLocaleAndStatus(ctx.query);
2108
+ const { locale, status } = await getDocumentLocaleAndStatus(ctx.query, model);
2035
2109
  const entity = await documentManager2.findOne(id, model, { populate, locale, status });
2036
2110
  if (!entity) {
2037
2111
  return ctx.notFound();
@@ -2054,7 +2128,7 @@ const collectionTypes = {
2054
2128
  if (permissionChecker2.cannot.read()) {
2055
2129
  return ctx.forbidden();
2056
2130
  }
2057
- const entities = await documentManager2.findMany(
2131
+ const documents = await documentManager2.findMany(
2058
2132
  {
2059
2133
  filters: {
2060
2134
  documentId: ids
@@ -2063,7 +2137,7 @@ const collectionTypes = {
2063
2137
  },
2064
2138
  model
2065
2139
  );
2066
- if (!entities) {
2140
+ if (!documents) {
2067
2141
  return ctx.notFound();
2068
2142
  }
2069
2143
  const number = await documentManager2.countManyEntriesDraftRelations(ids, model, locale);
@@ -2254,20 +2328,13 @@ const sanitizeMainField = (model, mainField, userAbility) => {
2254
2328
  userAbility,
2255
2329
  model: model.uid
2256
2330
  });
2257
- if (!isListable(model, mainField)) {
2331
+ const isMainFieldListable = isListable(model, mainField);
2332
+ const canReadMainField = permissionChecker2.can.read(null, mainField);
2333
+ if (!isMainFieldListable || !canReadMainField) {
2258
2334
  return "id";
2259
2335
  }
2260
- if (permissionChecker2.cannot.read(null, mainField)) {
2261
- if (model.uid === "plugin::users-permissions.role") {
2262
- const userPermissionChecker = getService$1("permission-checker").create({
2263
- userAbility,
2264
- model: "plugin::users-permissions.user"
2265
- });
2266
- if (userPermissionChecker.can.read()) {
2267
- return "name";
2268
- }
2269
- }
2270
- return "id";
2336
+ if (model.uid === "plugin::users-permissions.role") {
2337
+ return "name";
2271
2338
  }
2272
2339
  return mainField;
2273
2340
  };
@@ -2300,11 +2367,8 @@ const validateLocale = (sourceUid, targetUid, locale) => {
2300
2367
  const isLocalized = strapi.plugin("i18n").service("content-types").isLocalizedContentType;
2301
2368
  const isSourceLocalized = isLocalized(sourceModel);
2302
2369
  const isTargetLocalized = isLocalized(targetModel);
2303
- let validatedLocale = locale;
2304
- if (!targetModel || !isTargetLocalized)
2305
- validatedLocale = void 0;
2306
2370
  return {
2307
- locale: validatedLocale,
2371
+ locale,
2308
2372
  isSourceLocalized,
2309
2373
  isTargetLocalized
2310
2374
  };
@@ -2407,7 +2471,7 @@ const relations = {
2407
2471
  attribute,
2408
2472
  fieldsToSelect,
2409
2473
  mainField,
2410
- source: { schema: sourceSchema },
2474
+ source: { schema: sourceSchema, isLocalized: isSourceLocalized },
2411
2475
  target: { schema: targetSchema, isLocalized: isTargetLocalized },
2412
2476
  sourceSchema,
2413
2477
  targetSchema,
@@ -2429,7 +2493,8 @@ const relations = {
2429
2493
  fieldsToSelect,
2430
2494
  mainField,
2431
2495
  source: {
2432
- schema: { uid: sourceUid, modelType: sourceModelType }
2496
+ schema: { uid: sourceUid, modelType: sourceModelType },
2497
+ isLocalized: isSourceLocalized
2433
2498
  },
2434
2499
  target: {
2435
2500
  schema: { uid: targetUid },
@@ -2467,12 +2532,16 @@ const relations = {
2467
2532
  } else {
2468
2533
  where.id = id;
2469
2534
  }
2470
- if (status) {
2471
- where[`${alias}.published_at`] = getPublishedAtClause(status, targetUid);
2535
+ const publishedAt = getPublishedAtClause(status, targetUid);
2536
+ if (!isEmpty(publishedAt)) {
2537
+ where[`${alias}.published_at`] = publishedAt;
2472
2538
  }
2473
- if (filterByLocale) {
2539
+ if (isTargetLocalized && locale) {
2474
2540
  where[`${alias}.locale`] = locale;
2475
2541
  }
2542
+ if (isSourceLocalized && locale) {
2543
+ where.locale = locale;
2544
+ }
2476
2545
  if ((idsToInclude?.length ?? 0) !== 0) {
2477
2546
  where[`${alias}.id`].$notIn = idsToInclude;
2478
2547
  }
@@ -2490,7 +2559,8 @@ const relations = {
2490
2559
  id: { $notIn: uniq(idsToOmit) }
2491
2560
  });
2492
2561
  }
2493
- const res = await strapi.db.query(targetUid).findPage(strapi.get("query-params").transform(targetUid, queryParams));
2562
+ const dbQuery = strapi.get("query-params").transform(targetUid, queryParams);
2563
+ const res = await strapi.db.query(targetUid).findPage(dbQuery);
2494
2564
  ctx.body = {
2495
2565
  ...res,
2496
2566
  results: await addStatusToRelations(targetUid, res.results)
@@ -2525,9 +2595,7 @@ const relations = {
2525
2595
  addFiltersClause(permissionQuery, { id: { $in: loadedIds } });
2526
2596
  const sanitizedRes = await loadRelations({ id: entryId }, targetField, {
2527
2597
  ...strapi.get("query-params").transform(targetUid, permissionQuery),
2528
- ordering: "desc",
2529
- page: ctx.request.query.page,
2530
- pageSize: ctx.request.query.pageSize
2598
+ ordering: "desc"
2531
2599
  });
2532
2600
  const relationsUnion = uniqBy("id", concat(sanitizedRes.results, res.results));
2533
2601
  ctx.body = {
@@ -2559,7 +2627,7 @@ const createOrUpdateDocument = async (ctx, opts) => {
2559
2627
  throw new errors.ForbiddenError();
2560
2628
  }
2561
2629
  const sanitizedQuery = await permissionChecker2.sanitizedQuery.update(query);
2562
- const { locale } = await getDocumentLocaleAndStatus(body);
2630
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2563
2631
  const [documentVersion, otherDocumentVersion] = await Promise.all([
2564
2632
  findDocument(sanitizedQuery, model, { locale, status: "draft" }),
2565
2633
  // Find the first document to check if it exists
@@ -2600,7 +2668,7 @@ const singleTypes = {
2600
2668
  return ctx.forbidden();
2601
2669
  }
2602
2670
  const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
2603
- const { locale, status } = await getDocumentLocaleAndStatus(query);
2671
+ const { locale, status } = await getDocumentLocaleAndStatus(query, model);
2604
2672
  const version = await findDocument(permissionQuery, model, { locale, status });
2605
2673
  if (!version) {
2606
2674
  if (permissionChecker2.cannot.create()) {
@@ -2614,7 +2682,7 @@ const singleTypes = {
2614
2682
  permissionChecker2,
2615
2683
  model,
2616
2684
  // @ts-expect-error - fix types
2617
- { id: document.documentId, locale, publishedAt: null },
2685
+ { documentId: document.documentId, locale, publishedAt: null },
2618
2686
  { availableLocales: true, availableStatus: false }
2619
2687
  );
2620
2688
  ctx.body = { data: {}, meta };
@@ -2645,7 +2713,7 @@ const singleTypes = {
2645
2713
  }
2646
2714
  const sanitizedQuery = await permissionChecker2.sanitizedQuery.delete(query);
2647
2715
  const populate = await buildPopulateFromQuery(sanitizedQuery, model);
2648
- const { locale } = await getDocumentLocaleAndStatus(query);
2716
+ const { locale } = await getDocumentLocaleAndStatus(query, model);
2649
2717
  const documentLocales = await documentManager2.findLocales(void 0, model, {
2650
2718
  populate,
2651
2719
  locale
@@ -2682,7 +2750,7 @@ const singleTypes = {
2682
2750
  if (permissionChecker2.cannot.publish(document)) {
2683
2751
  throw new errors.ForbiddenError();
2684
2752
  }
2685
- const { locale } = await getDocumentLocaleAndStatus(document);
2753
+ const { locale } = await getDocumentLocaleAndStatus(document, model);
2686
2754
  const publishResult = await documentManager2.publish(document.documentId, model, { locale });
2687
2755
  return publishResult.at(0);
2688
2756
  });
@@ -2705,7 +2773,7 @@ const singleTypes = {
2705
2773
  return ctx.forbidden();
2706
2774
  }
2707
2775
  const sanitizedQuery = await permissionChecker2.sanitizedQuery.unpublish(query);
2708
- const { locale } = await getDocumentLocaleAndStatus(body);
2776
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2709
2777
  const document = await findDocument(sanitizedQuery, model, { locale });
2710
2778
  if (!document) {
2711
2779
  return ctx.notFound();
@@ -2737,7 +2805,7 @@ const singleTypes = {
2737
2805
  return ctx.forbidden();
2738
2806
  }
2739
2807
  const sanitizedQuery = await permissionChecker2.sanitizedQuery.discard(query);
2740
- const { locale } = await getDocumentLocaleAndStatus(body);
2808
+ const { locale } = await getDocumentLocaleAndStatus(body, model);
2741
2809
  const document = await findDocument(sanitizedQuery, model, { locale, status: "published" });
2742
2810
  if (!document) {
2743
2811
  return ctx.notFound();
@@ -2757,7 +2825,7 @@ const singleTypes = {
2757
2825
  const { query } = ctx.request;
2758
2826
  const documentManager2 = getService$1("document-manager");
2759
2827
  const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
2760
- const { locale } = await getDocumentLocaleAndStatus(query);
2828
+ const { locale } = await getDocumentLocaleAndStatus(query, model);
2761
2829
  if (permissionChecker2.cannot.read()) {
2762
2830
  return ctx.forbidden();
2763
2831
  }
@@ -2778,7 +2846,7 @@ const uid$1 = {
2778
2846
  async generateUID(ctx) {
2779
2847
  const { contentTypeUID, field, data } = await validateGenerateUIDInput(ctx.request.body);
2780
2848
  const { query = {} } = ctx.request;
2781
- const { locale } = await getDocumentLocaleAndStatus(query);
2849
+ const { locale } = await getDocumentLocaleAndStatus(query, contentTypeUID);
2782
2850
  await validateUIDField(contentTypeUID, field);
2783
2851
  const uidService = getService$1("uid");
2784
2852
  ctx.body = {
@@ -2790,7 +2858,7 @@ const uid$1 = {
2790
2858
  ctx.request.body
2791
2859
  );
2792
2860
  const { query = {} } = ctx.request;
2793
- const { locale } = await getDocumentLocaleAndStatus(query);
2861
+ const { locale } = await getDocumentLocaleAndStatus(query, contentTypeUID);
2794
2862
  await validateUIDField(contentTypeUID, field);
2795
2863
  const uidService = getService$1("uid");
2796
2864
  const isAvailable = await uidService.checkUIDAvailability({
@@ -3433,12 +3501,27 @@ const createPermissionChecker = (strapi2) => ({ userAbility, model }) => {
3433
3501
  ability: userAbility,
3434
3502
  model
3435
3503
  });
3436
- const toSubject = (entity) => entity ? permissionsManager.toSubject(entity, model) : model;
3504
+ const { actionProvider } = strapi2.service("admin::permission");
3505
+ const toSubject = (entity) => {
3506
+ return entity ? permissionsManager.toSubject(entity, model) : model;
3507
+ };
3437
3508
  const can = (action, entity, field) => {
3438
- return userAbility.can(action, toSubject(entity), field);
3509
+ const subject = toSubject(entity);
3510
+ const aliases = actionProvider.unstable_aliases(action, model);
3511
+ return (
3512
+ // Test the original action to see if it passes
3513
+ userAbility.can(action, subject, field) || // Else try every known alias if at least one of them succeed, then the user "can"
3514
+ aliases.some((alias) => userAbility.can(alias, subject, field))
3515
+ );
3439
3516
  };
3440
3517
  const cannot = (action, entity, field) => {
3441
- return userAbility.cannot(action, toSubject(entity), field);
3518
+ const subject = toSubject(entity);
3519
+ const aliases = actionProvider.unstable_aliases(action, model);
3520
+ return (
3521
+ // Test both the original action
3522
+ userAbility.cannot(action, subject, field) && // and every known alias, if all of them fail (cannot), then the user truly "cannot"
3523
+ aliases.every((alias) => userAbility.cannot(alias, subject, field))
3524
+ );
3442
3525
  };
3443
3526
  const sanitizeOutput = (data, { action = ACTIONS.read } = {}) => {
3444
3527
  return permissionsManager.sanitizeOutput(data, { subject: toSubject(data), action });
@@ -3715,6 +3798,10 @@ const getDeepPopulateDraftCount = (uid2) => {
3715
3798
  const attribute = model.attributes[attributeName];
3716
3799
  switch (attribute.type) {
3717
3800
  case "relation": {
3801
+ const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
3802
+ if (isMorphRelation) {
3803
+ break;
3804
+ }
3718
3805
  if (isVisibleAttribute$1(model, attributeName)) {
3719
3806
  populateAcc[attributeName] = {
3720
3807
  count: true,
@@ -3729,22 +3816,24 @@ const getDeepPopulateDraftCount = (uid2) => {
3729
3816
  attribute.component
3730
3817
  );
3731
3818
  if (childHasRelations) {
3732
- populateAcc[attributeName] = { populate: populate2 };
3819
+ populateAcc[attributeName] = {
3820
+ populate: populate2
3821
+ };
3733
3822
  hasRelations = true;
3734
3823
  }
3735
3824
  break;
3736
3825
  }
3737
3826
  case "dynamiczone": {
3738
- const dzPopulate = (attribute.components || []).reduce((acc, componentUID) => {
3739
- const { populate: populate2, hasRelations: childHasRelations } = getDeepPopulateDraftCount(componentUID);
3740
- if (childHasRelations) {
3827
+ const dzPopulateFragment = attribute.components?.reduce((acc, componentUID) => {
3828
+ const { populate: componentPopulate, hasRelations: componentHasRelations } = getDeepPopulateDraftCount(componentUID);
3829
+ if (componentHasRelations) {
3741
3830
  hasRelations = true;
3742
- return merge(acc, populate2);
3831
+ return { ...acc, [componentUID]: { populate: componentPopulate } };
3743
3832
  }
3744
3833
  return acc;
3745
3834
  }, {});
3746
- if (!isEmpty(dzPopulate)) {
3747
- populateAcc[attributeName] = { populate: dzPopulate };
3835
+ if (!isEmpty(dzPopulateFragment)) {
3836
+ populateAcc[attributeName] = { on: dzPopulateFragment };
3748
3837
  }
3749
3838
  break;
3750
3839
  }
@@ -4090,7 +4179,13 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
4090
4179
  */
4091
4180
  async formatDocumentWithMetadata(uid2, document, opts = {}) {
4092
4181
  if (!document) {
4093
- return document;
4182
+ return {
4183
+ data: document,
4184
+ meta: {
4185
+ availableLocales: [],
4186
+ availableStatus: []
4187
+ }
4188
+ };
4094
4189
  }
4095
4190
  const hasDraftAndPublish = contentTypes$1.hasDraftAndPublish(strapi2.getModel(uid2));
4096
4191
  if (!hasDraftAndPublish) {
@@ -4198,10 +4293,7 @@ const documentManager = ({ strapi: strapi2 }) => {
4198
4293
  async clone(id, body, uid2) {
4199
4294
  const populate = await buildDeepPopulate(uid2);
4200
4295
  const params = {
4201
- data: {
4202
- ...omitIdField(body),
4203
- [PUBLISHED_AT_ATTRIBUTE]: null
4204
- },
4296
+ data: omitIdField(body),
4205
4297
  populate
4206
4298
  };
4207
4299
  return strapi2.documents(uid2).clone({ ...params, documentId: id }).then((result) => result?.entries.at(0));