npm - @strapi/content-manager - Versions diffs - 5.0.0-beta.7 → 5.0.0-beta.8 - Mend

@strapi/content-manager 5.0.0-beta.7 → 5.0.0-beta.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (143) hide show

package/dist/server/index.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import strapiUtils, { validateYupSchema, errors, async, contentTypes as contentTypes$1, yup as yup$1, validateYupSchemaSync, policy, traverse, setCreatorFields, isOperatorOfType, relations as relations$1, pagination } from "@strapi/utils";
-import { pick, omit, difference, intersection, pipe, propOr, isEqual, isEmpty, set, isNil as isNil$1, has, prop, assoc, mapValues, flow, uniq, uniqBy, concat, getOr, propEq, merge, groupBy, castArray } from "lodash/fp";
+import strapiUtils, { validateYupSchema, errors, async, contentTypes as contentTypes$1, yup as yup$1, validateYupSchemaSync, policy, traverse, setCreatorFields, isOperatorOfType, relations as relations$1, traverseEntity, pagination } from "@strapi/utils";
+import { pick, omit, difference, intersection, pipe, propOr, isEqual, isEmpty, set, has, prop, assoc, mapValues, flow, uniq, uniqBy, concat, isNil as isNil$1, getOr, propEq, merge, groupBy, castArray } from "lodash/fp";
 import "@strapi/types";
 import * as yup from "yup";
 import { scheduleJob } from "node-schedule";
@@ -492,6 +492,12 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
         const documentContext = context.action === "create" ? { documentId: result.documentId, locale: context.params?.locale } : { documentId: context.params.documentId, locale: context.params?.locale };
         const defaultLocale = await serviceUtils.getDefaultLocale();
         const locale = documentContext.locale || defaultLocale;
+        if (Array.isArray(locale)) {
+          strapi2.log.warn(
+            "[Content manager history middleware]: An array of locales was provided, but only a single locale is supported for the findOne operation."
+          );
+          return next();
+        }
         const document = await strapi2.documents(contentTypeUid).findOne({
           documentId: documentContext.documentId,
           locale,
@@ -1551,15 +1557,47 @@ const excludeNotCreatableFields = (uid2, permissionChecker2) => (body, path = []
     }
   }, body);
 };
-const getDocumentLocaleAndStatus = (request) => {
+const singleLocaleSchema = yup$1.string().nullable();
+const multipleLocaleSchema = yup$1.lazy(
+  (value) => Array.isArray(value) ? yup$1.array().of(singleLocaleSchema.required()) : singleLocaleSchema
+);
+const statusSchema = yup$1.mixed().oneOf(["draft", "published"], "Invalid status");
+const getDocumentLocaleAndStatus = async (request, opts = { allowMultipleLocales: false }) => {
+  const { allowMultipleLocales } = opts;
   const { locale, status, ...rest } = request || {};
-  if (!isNil$1(locale) && typeof locale !== "string") {
-    throw new errors.ValidationError(`Invalid locale: ${locale}`);
-  }
-  if (!isNil$1(status) && !["draft", "published"].includes(status)) {
-    throw new errors.ValidationError(`Invalid status: ${status}`);
+  const schema = yup$1.object().shape({
+    locale: allowMultipleLocales ? multipleLocaleSchema : singleLocaleSchema,
+    status: statusSchema
+  });
+  try {
+    await validateYupSchema(schema, { strict: true, abortEarly: false })(request);
+    return { locale, status, ...rest };
+  } catch (error) {
+    throw new errors.ValidationError(`Validation error: ${error.message}`);
   }
-  return { locale, status, ...rest };
+};
+const formatDocumentWithMetadata = async (permissionChecker2, uid2, document, opts = {}) => {
+  const documentMetadata2 = getService$1("document-metadata");
+  const serviceOutput = await documentMetadata2.formatDocumentWithMetadata(uid2, document, opts);
+  let {
+    meta: { availableLocales, availableStatus }
+  } = serviceOutput;
+  const metadataSanitizer = permissionChecker2.sanitizeOutput;
+  availableLocales = await async.map(
+    availableLocales,
+    async (localeDocument) => metadataSanitizer(localeDocument)
+  );
+  availableStatus = await async.map(
+    availableStatus,
+    async (statusDocument) => metadataSanitizer(statusDocument)
+  );
+  return {
+    ...serviceOutput,
+    meta: {
+      availableLocales,
+      availableStatus
+    }
+  };
 };
 const createDocument = async (ctx, opts) => {
   const { userAbility, user } = ctx.state;
@@ -1574,7 +1612,7 @@ const createDocument = async (ctx, opts) => {
   const setCreator = setCreatorFields({ user });
   const sanitizeFn = async.pipe(pickPermittedFields, setCreator);
   const sanitizedBody = await sanitizeFn(body);
-  const { locale, status = "draft" } = getDocumentLocaleAndStatus(body);
+  const { locale, status = "draft" } = await getDocumentLocaleAndStatus(body);
   return documentManager2.create(model, {
     data: sanitizedBody,
     locale,
@@ -1593,7 +1631,7 @@ const updateDocument = async (ctx, opts) => {
   }
   const permissionQuery = await permissionChecker2.sanitizedQuery.update(ctx.query);
   const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-  const { locale } = getDocumentLocaleAndStatus(body);
+  const { locale } = await getDocumentLocaleAndStatus(body);
   const [documentVersion, documentExists] = await Promise.all([
     documentManager2.findOne(id, model, { populate, locale, status: "draft" }),
     documentManager2.exists(model, id)
@@ -1631,7 +1669,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(1).countRelations({ toOne: false, toMany: true }).build();
-    const { locale, status } = getDocumentLocaleAndStatus(query);
+    const { locale, status } = await getDocumentLocaleAndStatus(query);
     const { results: documents, pagination: pagination2 } = await documentManager2.findPage(
       { ...permissionQuery, populate, locale, status },
       model
@@ -1660,14 +1698,13 @@ const collectionTypes = {
     const { userAbility } = ctx.state;
     const { model, id } = ctx.params;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.read()) {
       return ctx.forbidden();
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
-    const { locale, status = "draft" } = getDocumentLocaleAndStatus(ctx.query);
+    const { locale, status = "draft" } = await getDocumentLocaleAndStatus(ctx.query);
     const version = await documentManager2.findOne(id, model, {
       populate,
       locale,
@@ -1678,8 +1715,10 @@ const collectionTypes = {
       if (!exists) {
         return ctx.notFound();
       }
-      const { meta } = await documentMetadata2.formatDocumentWithMetadata(
+      const { meta } = await formatDocumentWithMetadata(
+        permissionChecker2,
         model,
+        // @ts-expect-error TODO: fix
         { id, locale, publishedAt: null },
         { availableLocales: true, availableStatus: false }
       );
@@ -1690,12 +1729,11 @@ const collectionTypes = {
       return ctx.forbidden();
     }
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(version);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async create(ctx) {
     const { userAbility } = ctx.state;
     const { model } = ctx.params;
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     const [totalEntries, document] = await Promise.all([
       strapi.db.query(model).count(),
@@ -1703,7 +1741,7 @@ const collectionTypes = {
     ]);
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(document);
     ctx.status = 201;
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument, {
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument, {
       // Empty metadata as it's not relevant for a new document
       availableLocales: false,
       availableStatus: false
@@ -1717,25 +1755,23 @@ const collectionTypes = {
   async update(ctx) {
     const { userAbility } = ctx.state;
     const { model } = ctx.params;
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     const updatedVersion = await updateDocument(ctx);
     const sanitizedVersion = await permissionChecker2.sanitizeOutput(updatedVersion);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedVersion);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedVersion);
   },
   async clone(ctx) {
     const { userAbility, user } = ctx.state;
     const { model, sourceId: id } = ctx.params;
     const { body } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.create()) {
       return ctx.forbidden();
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.create(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await documentManager2.findOne(id, model, {
       populate,
       locale,
@@ -1751,7 +1787,7 @@ const collectionTypes = {
     const sanitizedBody = await sanitizeFn(body);
     const clonedDocument = await documentManager2.clone(document.documentId, sanitizedBody, model);
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(clonedDocument);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument, {
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument, {
       // Empty metadata as it's not relevant for a new document
       availableLocales: false,
       availableStatus: false
@@ -1780,7 +1816,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.delete(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(ctx.query);
+    const { locale } = await getDocumentLocaleAndStatus(ctx.query);
     const documentLocales = await documentManager2.findLocales(id, model, { populate, locale });
     if (documentLocales.length === 0) {
       return ctx.notFound();
@@ -1802,7 +1838,6 @@ const collectionTypes = {
     const { id, model } = ctx.params;
     const { body } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.publish()) {
       return ctx.forbidden();
@@ -1814,15 +1849,19 @@ const collectionTypes = {
       if (permissionChecker2.cannot.publish(document)) {
         throw new errors.ForbiddenError();
       }
-      const { locale } = getDocumentLocaleAndStatus(body);
-      return documentManager2.publish(document.documentId, model, {
+      const { locale } = await getDocumentLocaleAndStatus(body);
+      const publishResult = await documentManager2.publish(document.documentId, model, {
         locale
         // TODO: Allow setting creator fields on publish
         // data: setCreatorFields({ user, isEdition: true })({}),
       });
+      if (!publishResult || publishResult.length === 0) {
+        throw new errors.NotFoundError("Document not found or already published.");
+      }
+      return publishResult[0];
     });
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(publishedDocument);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async bulkPublish(ctx) {
     const { userAbility } = ctx.state;
@@ -1835,9 +1874,11 @@ const collectionTypes = {
     if (permissionChecker2.cannot.publish()) {
       return ctx.forbidden();
     }
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
+    const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
+    const { locale } = await getDocumentLocaleAndStatus(body, { allowMultipleLocales: true });
     const entityPromises = documentIds.map(
-      (documentId) => documentManager2.findLocales(documentId, model, { locale, isPublished: false })
+      (documentId) => documentManager2.findLocales(documentId, model, { populate, locale, isPublished: false })
     );
     const entities = (await Promise.all(entityPromises)).flat();
     for (const entity of entities) {
@@ -1848,8 +1889,7 @@ const collectionTypes = {
         return ctx.forbidden();
       }
     }
-    const entitiesIds = entities.map((document) => document.documentId);
-    const { count } = await documentManager2.publishMany(entitiesIds, model, { locale });
+    const count = await documentManager2.publishMany(model, documentIds, locale);
     ctx.body = { count };
   },
   async bulkUnpublish(ctx) {
@@ -1863,7 +1903,7 @@ const collectionTypes = {
     if (permissionChecker2.cannot.unpublish()) {
       return ctx.forbidden();
     }
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const entityPromises = documentIds.map(
       (documentId) => documentManager2.findLocales(documentId, model, { locale, isPublished: true })
     );
@@ -1887,7 +1927,6 @@ const collectionTypes = {
       body: { discardDraft, ...body }
     } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.unpublish()) {
       return ctx.forbidden();
@@ -1897,7 +1936,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.unpublish(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await documentManager2.findOne(id, model, {
       populate,
       locale,
@@ -1919,7 +1958,7 @@ const collectionTypes = {
       ctx.body = await async.pipe(
         (document2) => documentManager2.unpublish(document2.documentId, model, { locale }),
         permissionChecker2.sanitizeOutput,
-        (document2) => documentMetadata2.formatDocumentWithMetadata(model, document2)
+        (document2) => formatDocumentWithMetadata(permissionChecker2, model, document2)
       )(document);
     });
   },
@@ -1928,14 +1967,13 @@ const collectionTypes = {
     const { id, model } = ctx.params;
     const { body } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.discard()) {
       return ctx.forbidden();
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.discard(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await documentManager2.findOne(id, model, {
       populate,
       locale,
@@ -1950,7 +1988,7 @@ const collectionTypes = {
     ctx.body = await async.pipe(
       (document2) => documentManager2.discardDraft(document2.documentId, model, { locale }),
       permissionChecker2.sanitizeOutput,
-      (document2) => documentMetadata2.formatDocumentWithMetadata(model, document2)
+      (document2) => formatDocumentWithMetadata(permissionChecker2, model, document2)
     )(document);
   },
   async bulkDelete(ctx) {
@@ -1966,7 +2004,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.delete(query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const documentLocales = await documentManager2.findLocales(documentIds, model, {
       populate,
       locale
@@ -1993,7 +2031,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale, status = "draft" } = getDocumentLocaleAndStatus(ctx.query);
+    const { locale, status = "draft" } = await getDocumentLocaleAndStatus(ctx.query);
     const entity = await documentManager2.findOne(id, model, { populate, locale, status });
     if (!entity) {
       return ctx.notFound();
@@ -2008,26 +2046,27 @@ const collectionTypes = {
   },
   async countManyEntriesDraftRelations(ctx) {
     const { userAbility } = ctx.state;
-    const { documentIds, locale } = ctx.request.query;
+    const ids = ctx.request.query.documentIds;
+    const locale = ctx.request.query.locale;
     const { model } = ctx.params;
     const documentManager2 = getService$1("document-manager");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.read()) {
       return ctx.forbidden();
     }
-    const documents = await documentManager2.findMany(
+    const entities = await documentManager2.findMany(
       {
         filters: {
-          documentId: { $in: documentIds }
+          documentId: ids
         },
         locale
       },
       model
     );
-    if (!documents) {
+    if (!entities) {
       return ctx.notFound();
     }
-    const number = await documentManager2.countManyEntriesDraftRelations(documentIds, model, locale);
+    const number = await documentManager2.countManyEntriesDraftRelations(ids, model, locale);
     return {
       data: number
     };
@@ -2520,7 +2559,7 @@ const createOrUpdateDocument = async (ctx, opts) => {
     throw new errors.ForbiddenError();
   }
   const sanitizedQuery = await permissionChecker2.sanitizedQuery.update(query);
-  const { locale } = getDocumentLocaleAndStatus(body);
+  const { locale } = await getDocumentLocaleAndStatus(body);
   const [documentVersion, otherDocumentVersion] = await Promise.all([
     findDocument(sanitizedQuery, model, { locale, status: "draft" }),
     // Find the first document to check if it exists
@@ -2557,12 +2596,11 @@ const singleTypes = {
     const { model } = ctx.params;
     const { query = {} } = ctx.request;
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
-    const documentMetadata2 = getService$1("document-metadata");
     if (permissionChecker2.cannot.read()) {
       return ctx.forbidden();
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
-    const { locale, status } = getDocumentLocaleAndStatus(query);
+    const { locale, status } = await getDocumentLocaleAndStatus(query);
     const version = await findDocument(permissionQuery, model, { locale, status });
     if (!version) {
       if (permissionChecker2.cannot.create()) {
@@ -2572,8 +2610,10 @@ const singleTypes = {
       if (!document) {
         return ctx.notFound();
       }
-      const { meta } = await documentMetadata2.formatDocumentWithMetadata(
+      const { meta } = await formatDocumentWithMetadata(
+        permissionChecker2,
         model,
+        // @ts-expect-error - fix types
         { id: document.documentId, locale, publishedAt: null },
         { availableLocales: true, availableStatus: false }
       );
@@ -2584,16 +2624,15 @@ const singleTypes = {
       return ctx.forbidden();
     }
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(version);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async createOrUpdate(ctx) {
     const { userAbility } = ctx.state;
     const { model } = ctx.params;
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     const document = await createOrUpdateDocument(ctx);
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(document);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async delete(ctx) {
     const { userAbility } = ctx.state;
@@ -2606,7 +2645,7 @@ const singleTypes = {
     }
     const sanitizedQuery = await permissionChecker2.sanitizedQuery.delete(query);
     const populate = await buildPopulateFromQuery(sanitizedQuery, model);
-    const { locale } = getDocumentLocaleAndStatus(query);
+    const { locale } = await getDocumentLocaleAndStatus(query);
     const documentLocales = await documentManager2.findLocales(void 0, model, {
       populate,
       locale
@@ -2629,7 +2668,6 @@ const singleTypes = {
     const { model } = ctx.params;
     const { query = {} } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.publish()) {
       return ctx.forbidden();
@@ -2644,11 +2682,12 @@ const singleTypes = {
       if (permissionChecker2.cannot.publish(document)) {
         throw new errors.ForbiddenError();
       }
-      const { locale } = getDocumentLocaleAndStatus(document);
-      return documentManager2.publish(document.documentId, model, { locale });
+      const { locale } = await getDocumentLocaleAndStatus(document);
+      const publishResult = await documentManager2.publish(document.documentId, model, { locale });
+      return publishResult.at(0);
     });
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(publishedDocument);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async unpublish(ctx) {
     const { userAbility } = ctx.state;
@@ -2658,7 +2697,6 @@ const singleTypes = {
       query = {}
     } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.unpublish()) {
       return ctx.forbidden();
@@ -2667,7 +2705,7 @@ const singleTypes = {
       return ctx.forbidden();
     }
     const sanitizedQuery = await permissionChecker2.sanitizedQuery.unpublish(query);
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await findDocument(sanitizedQuery, model, { locale });
     if (!document) {
       return ctx.notFound();
@@ -2685,7 +2723,7 @@ const singleTypes = {
       ctx.body = await async.pipe(
         (document2) => documentManager2.unpublish(document2.documentId, model, { locale }),
         permissionChecker2.sanitizeOutput,
-        (document2) => documentMetadata2.formatDocumentWithMetadata(model, document2)
+        (document2) => formatDocumentWithMetadata(permissionChecker2, model, document2)
       )(document);
     });
   },
@@ -2694,13 +2732,12 @@ const singleTypes = {
     const { model } = ctx.params;
     const { body, query = {} } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.discard()) {
       return ctx.forbidden();
     }
     const sanitizedQuery = await permissionChecker2.sanitizedQuery.discard(query);
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await findDocument(sanitizedQuery, model, { locale, status: "published" });
     if (!document) {
       return ctx.notFound();
@@ -2711,7 +2748,7 @@ const singleTypes = {
     ctx.body = await async.pipe(
       (document2) => documentManager2.discardDraft(document2.documentId, model, { locale }),
       permissionChecker2.sanitizeOutput,
-      (document2) => documentMetadata2.formatDocumentWithMetadata(model, document2)
+      (document2) => formatDocumentWithMetadata(permissionChecker2, model, document2)
     )(document);
   },
   async countDraftRelations(ctx) {
@@ -2720,7 +2757,7 @@ const singleTypes = {
     const { query } = ctx.request;
     const documentManager2 = getService$1("document-manager");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
-    const { locale } = getDocumentLocaleAndStatus(query);
+    const { locale } = await getDocumentLocaleAndStatus(query);
     if (permissionChecker2.cannot.read()) {
       return ctx.forbidden();
     }
@@ -2741,7 +2778,7 @@ const uid$1 = {
   async generateUID(ctx) {
     const { contentTypeUID, field, data } = await validateGenerateUIDInput(ctx.request.body);
     const { query = {} } = ctx.request;
-    const { locale } = getDocumentLocaleAndStatus(query);
+    const { locale } = await getDocumentLocaleAndStatus(query);
     await validateUIDField(contentTypeUID, field);
     const uidService = getService$1("uid");
     ctx.body = {
@@ -2753,7 +2790,7 @@ const uid$1 = {
       ctx.request.body
     );
     const { query = {} } = ctx.request;
-    const { locale } = getDocumentLocaleAndStatus(query);
+    const { locale } = await getDocumentLocaleAndStatus(query);
     await validateUIDField(contentTypeUID, field);
     const uidService = getService$1("uid");
     const isAvailable = await uidService.checkUIDAvailability({
@@ -3544,7 +3581,7 @@ const permission = ({ strapi: strapi2 }) => ({
     await strapi2.service("admin::permission").actionProvider.registerMany(actions);
   }
 });
-const { isVisibleAttribute: isVisibleAttribute$1 } = strapiUtils.contentTypes;
+const { isVisibleAttribute: isVisibleAttribute$1, isScalarAttribute, getDoesAttributeRequireValidation } = strapiUtils.contentTypes;
 const { isAnyToMany } = strapiUtils.relations;
 const { PUBLISHED_AT_ATTRIBUTE: PUBLISHED_AT_ATTRIBUTE$1 } = strapiUtils.contentTypes.constants;
 const isMorphToRelation = (attribute) => isRelation(attribute) && attribute.relation.includes("morphTo");
@@ -3635,6 +3672,42 @@ const getDeepPopulate = (uid2, {
     {}
   );
 };
+const getValidatableFieldsPopulate = (uid2, {
+  initialPopulate = {},
+  countMany = false,
+  countOne = false,
+  maxLevel = Infinity
+} = {}, level = 1) => {
+  if (level > maxLevel) {
+    return {};
+  }
+  const model = strapi.getModel(uid2);
+  return Object.entries(model.attributes).reduce((populateAcc, [attributeName, attribute]) => {
+    if (!getDoesAttributeRequireValidation(attribute)) {
+      return populateAcc;
+    }
+    if (isScalarAttribute(attribute)) {
+      return merge(populateAcc, {
+        [attributeName]: true
+      });
+    }
+    return merge(
+      populateAcc,
+      getPopulateFor(
+        attributeName,
+        model,
+        {
+          // @ts-expect-error - improve types
+          initialPopulate: initialPopulate?.[attributeName],
+          countMany,
+          countOne,
+          maxLevel
+        },
+        level
+      )
+    );
+  }, {});
+};
 const getDeepPopulateDraftCount = (uid2) => {
   const model = strapi.getModel(uid2);
   let hasRelations = false;
@@ -3863,41 +3936,70 @@ const AVAILABLE_STATUS_FIELDS = [
   "updatedBy",
   "status"
 ];
-const AVAILABLE_LOCALES_FIELDS = ["id", "locale", "updatedAt", "createdAt", "status"];
+const AVAILABLE_LOCALES_FIELDS = [
+  "id",
+  "locale",
+  "updatedAt",
+  "createdAt",
+  "status",
+  "publishedAt",
+  "documentId"
+];
 const CONTENT_MANAGER_STATUS = {
   PUBLISHED: "published",
   DRAFT: "draft",
   MODIFIED: "modified"
 };
-const areDatesEqual = (date1, date2, threshold) => {
-  if (!date1 || !date2) {
+const getIsVersionLatestModification = (version, otherVersion) => {
+  if (!version || !version.updatedAt) {
     return false;
   }
-  const time1 = new Date(date1).getTime();
-  const time2 = new Date(date2).getTime();
-  const difference2 = Math.abs(time1 - time2);
-  return difference2 <= threshold;
+  const versionUpdatedAt = version?.updatedAt ? new Date(version.updatedAt).getTime() : 0;
+  const otherUpdatedAt = otherVersion?.updatedAt ? new Date(otherVersion.updatedAt).getTime() : 0;
+  return versionUpdatedAt > otherUpdatedAt;
 };
 const documentMetadata = ({ strapi: strapi2 }) => ({
   /**
    * Returns available locales of a document for the current status
    */
-  getAvailableLocales(uid2, version, allVersions) {
+  async getAvailableLocales(uid2, version, allVersions, validatableFields = []) {
     const versionsByLocale = groupBy("locale", allVersions);
     delete versionsByLocale[version.locale];
-    return Object.values(versionsByLocale).map((localeVersions) => {
-      if (!contentTypes$1.hasDraftAndPublish(strapi2.getModel(uid2))) {
-        return pick(AVAILABLE_LOCALES_FIELDS, localeVersions[0]);
+    const model = strapi2.getModel(uid2);
+    const keysToKeep = [...AVAILABLE_LOCALES_FIELDS, ...validatableFields];
+    const traversalFunction = async (localeVersion) => traverseEntity(
+      ({ key }, { remove }) => {
+        if (keysToKeep.includes(key)) {
+          return;
+        }
+        remove(key);
+      },
+      { schema: model, getModel: strapi2.getModel.bind(strapi2) },
+      // @ts-expect-error fix types DocumentVersion incompatible with Data
+      localeVersion
+    );
+    const mappingResult = await async.map(
+      Object.values(versionsByLocale),
+      async (localeVersions) => {
+        const mappedLocaleVersions = await async.map(
+          localeVersions,
+          traversalFunction
+        );
+        if (!contentTypes$1.hasDraftAndPublish(model)) {
+          return mappedLocaleVersions[0];
+        }
+        const draftVersion = mappedLocaleVersions.find((v) => v.publishedAt === null);
+        const otherVersions = mappedLocaleVersions.filter((v) => v.id !== draftVersion?.id);
+        if (!draftVersion) {
+          return;
+        }
+        return {
+          ...draftVersion,
+          status: this.getStatus(draftVersion, otherVersions)
+        };
       }
-      const draftVersion = localeVersions.find((v) => v.publishedAt === null);
-      const otherVersions = localeVersions.filter((v) => v.id !== draftVersion?.id);
-      if (!draftVersion)
-        return;
-      return {
-        ...pick(AVAILABLE_LOCALES_FIELDS, draftVersion),
-        status: this.getStatus(draftVersion, otherVersions)
-      };
-    }).filter(Boolean);
+    );
+    return mappingResult.filter(Boolean);
   },
   /**
    * Returns available status of a document for the current locale
@@ -3935,26 +4037,37 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
     });
   },
   getStatus(version, otherDocumentStatuses) {
-    const isDraft = version.publishedAt === null;
-    if (!otherDocumentStatuses?.length) {
-      return isDraft ? CONTENT_MANAGER_STATUS.DRAFT : CONTENT_MANAGER_STATUS.PUBLISHED;
+    let draftVersion;
+    let publishedVersion;
+    if (version.publishedAt) {
+      publishedVersion = version;
+    } else {
+      draftVersion = version;
     }
-    if (isDraft) {
-      const publishedVersion = otherDocumentStatuses?.find((d) => d.publishedAt !== null);
-      if (!publishedVersion) {
-        return CONTENT_MANAGER_STATUS.DRAFT;
-      }
+    const otherVersion = otherDocumentStatuses?.at(0);
+    if (otherVersion?.publishedAt) {
+      publishedVersion = otherVersion;
+    } else if (otherVersion) {
+      draftVersion = otherVersion;
     }
-    if (areDatesEqual(version.updatedAt, otherDocumentStatuses.at(0)?.updatedAt, 500)) {
+    if (!draftVersion)
       return CONTENT_MANAGER_STATUS.PUBLISHED;
-    }
-    return CONTENT_MANAGER_STATUS.MODIFIED;
+    if (!publishedVersion)
+      return CONTENT_MANAGER_STATUS.DRAFT;
+    const isDraftModified = getIsVersionLatestModification(draftVersion, publishedVersion);
+    return isDraftModified ? CONTENT_MANAGER_STATUS.MODIFIED : CONTENT_MANAGER_STATUS.PUBLISHED;
   },
+  // TODO is it necessary to return metadata on every page of the CM
+  // We could refactor this so the locales are only loaded when they're
+  // needed. e.g. in the bulk locale action modal.
   async getMetadata(uid2, version, { availableLocales = true, availableStatus = true } = {}) {
+    const populate = getValidatableFieldsPopulate(uid2);
     const versions = await strapi2.db.query(uid2).findMany({
       where: { documentId: version.documentId },
-      select: ["createdAt", "updatedAt", "locale", "publishedAt", "documentId"],
       populate: {
+        // Populate only fields that require validation for bulk locale actions
+        ...populate,
+        // NOTE: creator fields are selected in this way to avoid exposing sensitive data
         createdBy: {
           select: ["id", "firstname", "lastname", "email"]
         },
@@ -3963,7 +4076,7 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
         }
       }
     });
-    const availableLocalesResult = availableLocales ? this.getAvailableLocales(uid2, version, versions) : [];
+    const availableLocalesResult = availableLocales ? await this.getAvailableLocales(uid2, version, versions, Object.keys(populate)) : [];
     const availableStatusResult = availableStatus ? this.getAvailableStatus(version, versions) : null;
     return {
       availableLocales: availableLocalesResult,
@@ -3976,8 +4089,9 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
    * - Available status of the document for the current locale
    */
   async formatDocumentWithMetadata(uid2, document, opts = {}) {
-    if (!document)
+    if (!document) {
       return document;
+    }
     const hasDraftAndPublish = contentTypes$1.hasDraftAndPublish(strapi2.getModel(uid2));
     if (!hasDraftAndPublish) {
       opts.availableStatus = false;
@@ -4113,7 +4227,7 @@ const documentManager = ({ strapi: strapi2 }) => {
       return {};
     },
     // FIXME: handle relations
-    async deleteMany(documentIds, uid2, opts) {
+    async deleteMany(documentIds, uid2, opts = {}) {
       const deletedEntries = await strapi2.db.transaction(async () => {
         return Promise.all(documentIds.map(async (id) => this.delete(id, uid2, opts)));
       });
@@ -4122,18 +4236,16 @@ const documentManager = ({ strapi: strapi2 }) => {
     async publish(id, uid2, opts = {}) {
       const populate = await buildDeepPopulate(uid2);
       const params = { ...opts, populate };
-      return strapi2.documents(uid2).publish({ ...params, documentId: id }).then((result) => result?.entries.at(0));
+      return strapi2.documents(uid2).publish({ ...params, documentId: id }).then((result) => result?.entries);
     },
-    async publishMany(documentIds, uid2, opts = {}) {
-      const publishedEntries = await strapi2.db.transaction(async () => {
-        return Promise.all(
-          documentIds.map(
-            (id) => strapi2.documents(uid2).publish({ ...opts, documentId: id }).then((result) => result?.entries)
-          )
+    async publishMany(uid2, documentIds, locale) {
+      return strapi2.db.transaction(async () => {
+        const results = await Promise.all(
+          documentIds.map((documentId) => this.publish(documentId, uid2, { locale }))
         );
+        const publishedEntitiesCount = results.flat().filter(Boolean).length;
+        return publishedEntitiesCount;
       });
-      const publishedEntitiesCount = publishedEntries.flat().filter(Boolean).length;
-      return { count: publishedEntitiesCount };
     },
     async unpublishMany(documentIds, uid2, opts = {}) {
       const unpublishedEntries = await strapi2.db.transaction(async () => {
@@ -4174,14 +4286,18 @@ const documentManager = ({ strapi: strapi2 }) => {
       if (!hasRelations) {
         return 0;
       }
-      const documents = await strapi2.documents(uid2).findMany({
+      let localeFilter = {};
+      if (locale) {
+        localeFilter = Array.isArray(locale) ? { locale: { $in: locale } } : { locale };
+      }
+      const entities = await strapi2.db.query(uid2).findMany({
         populate,
-        filters: {
-          documentId: documentIds
-        },
-        locale
+        where: {
+          documentId: { $in: documentIds },
+          ...localeFilter
+        }
       });
-      const totalNumberDraftRelations = documents.reduce(
+      const totalNumberDraftRelations = entities.reduce(
         (count, entity) => sumDraftCounts(entity, uid2) + count,
         0
       );