npm - @strapi/content-manager - Versions diffs - 5.0.0-beta.7 → 5.0.0-beta.9 - Mend

@strapi/content-manager 5.0.0-beta.7 → 5.0.0-beta.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (146) hide show

package/dist/server/index.js CHANGED Viewed

@@ -507,7 +507,7 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
         if (!strapi2.requestContext.get()?.request.url.startsWith("/content-manager")) {
           return next();
         }
-        if (context.action !== "create" && context.action !== "update" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
+        if (context.action !== "create" && context.action !== "update" && context.action !== "clone" && context.action !== "publish" && context.action !== "unpublish" && context.action !== "discardDraft") {
           return next();
         }
         const contentTypeUid = context.contentType.uid;
@@ -515,9 +515,18 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
           return next();
         }
         const result = await next();
-        const documentContext = context.action === "create" ? { documentId: result.documentId, locale: context.params?.locale } : { documentId: context.params.documentId, locale: context.params?.locale };
+        const documentContext = {
+          documentId: context.action === "create" || context.action === "clone" ? result.documentId : context.params.documentId,
+          locale: context.params?.locale
+        };
         const defaultLocale = await serviceUtils.getDefaultLocale();
         const locale = documentContext.locale || defaultLocale;
+        if (Array.isArray(locale)) {
+          strapi2.log.warn(
+            "[Content manager history middleware]: An array of locales was provided, but only a single locale is supported for the findOne operation."
+          );
+          return next();
+        }
         const document = await strapi2.documents(contentTypeUid).findOne({
           documentId: documentContext.documentId,
           locale,
@@ -553,9 +562,8 @@ const createLifecyclesService = ({ strapi: strapi2 }) => {
         });
         return result;
       });
-      const retentionDays = serviceUtils.getRetentionDays();
       state.deleteExpiredJob = nodeSchedule.scheduleJob("0 0 * * *", () => {
-        const retentionDaysInMilliseconds = retentionDays * 24 * 60 * 60 * 1e3;
+        const retentionDaysInMilliseconds = serviceUtils.getRetentionDays() * 24 * 60 * 60 * 1e3;
         const expirationDate = new Date(Date.now() - retentionDaysInMilliseconds);
         query.deleteMany({
           where: {
@@ -1577,15 +1585,47 @@ const excludeNotCreatableFields = (uid2, permissionChecker2) => (body, path = []
     }
   }, body);
 };
-const getDocumentLocaleAndStatus = (request) => {
+const singleLocaleSchema = strapiUtils.yup.string().nullable();
+const multipleLocaleSchema = strapiUtils.yup.lazy(
+  (value) => Array.isArray(value) ? strapiUtils.yup.array().of(singleLocaleSchema.required()) : singleLocaleSchema
+);
+const statusSchema = strapiUtils.yup.mixed().oneOf(["draft", "published"], "Invalid status");
+const getDocumentLocaleAndStatus = async (request, opts = { allowMultipleLocales: false }) => {
+  const { allowMultipleLocales } = opts;
   const { locale, status, ...rest } = request || {};
-  if (!fp.isNil(locale) && typeof locale !== "string") {
-    throw new strapiUtils.errors.ValidationError(`Invalid locale: ${locale}`);
-  }
-  if (!fp.isNil(status) && !["draft", "published"].includes(status)) {
-    throw new strapiUtils.errors.ValidationError(`Invalid status: ${status}`);
+  const schema = strapiUtils.yup.object().shape({
+    locale: allowMultipleLocales ? multipleLocaleSchema : singleLocaleSchema,
+    status: statusSchema
+  });
+  try {
+    await strapiUtils.validateYupSchema(schema, { strict: true, abortEarly: false })(request);
+    return { locale, status, ...rest };
+  } catch (error) {
+    throw new strapiUtils.errors.ValidationError(`Validation error: ${error.message}`);
   }
-  return { locale, status, ...rest };
+};
+const formatDocumentWithMetadata = async (permissionChecker2, uid2, document, opts = {}) => {
+  const documentMetadata2 = getService$1("document-metadata");
+  const serviceOutput = await documentMetadata2.formatDocumentWithMetadata(uid2, document, opts);
+  let {
+    meta: { availableLocales, availableStatus }
+  } = serviceOutput;
+  const metadataSanitizer = permissionChecker2.sanitizeOutput;
+  availableLocales = await strapiUtils.async.map(
+    availableLocales,
+    async (localeDocument) => metadataSanitizer(localeDocument)
+  );
+  availableStatus = await strapiUtils.async.map(
+    availableStatus,
+    async (statusDocument) => metadataSanitizer(statusDocument)
+  );
+  return {
+    ...serviceOutput,
+    meta: {
+      availableLocales,
+      availableStatus
+    }
+  };
 };
 const createDocument = async (ctx, opts) => {
   const { userAbility, user } = ctx.state;
@@ -1600,7 +1640,7 @@ const createDocument = async (ctx, opts) => {
   const setCreator = strapiUtils.setCreatorFields({ user });
   const sanitizeFn = strapiUtils.async.pipe(pickPermittedFields, setCreator);
   const sanitizedBody = await sanitizeFn(body);
-  const { locale, status = "draft" } = getDocumentLocaleAndStatus(body);
+  const { locale, status = "draft" } = await getDocumentLocaleAndStatus(body);
   return documentManager2.create(model, {
     data: sanitizedBody,
     locale,
@@ -1619,7 +1659,7 @@ const updateDocument = async (ctx, opts) => {
   }
   const permissionQuery = await permissionChecker2.sanitizedQuery.update(ctx.query);
   const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-  const { locale } = getDocumentLocaleAndStatus(body);
+  const { locale } = await getDocumentLocaleAndStatus(body);
   const [documentVersion, documentExists] = await Promise.all([
     documentManager2.findOne(id, model, { populate, locale, status: "draft" }),
     documentManager2.exists(model, id)
@@ -1657,7 +1697,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(1).countRelations({ toOne: false, toMany: true }).build();
-    const { locale, status } = getDocumentLocaleAndStatus(query);
+    const { locale, status } = await getDocumentLocaleAndStatus(query);
     const { results: documents, pagination } = await documentManager2.findPage(
       { ...permissionQuery, populate, locale, status },
       model
@@ -1686,14 +1726,13 @@ const collectionTypes = {
     const { userAbility } = ctx.state;
     const { model, id } = ctx.params;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.read()) {
       return ctx.forbidden();
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
-    const { locale, status = "draft" } = getDocumentLocaleAndStatus(ctx.query);
+    const { locale, status = "draft" } = await getDocumentLocaleAndStatus(ctx.query);
     const version = await documentManager2.findOne(id, model, {
       populate,
       locale,
@@ -1704,8 +1743,10 @@ const collectionTypes = {
       if (!exists) {
         return ctx.notFound();
       }
-      const { meta } = await documentMetadata2.formatDocumentWithMetadata(
+      const { meta } = await formatDocumentWithMetadata(
+        permissionChecker2,
         model,
+        // @ts-expect-error TODO: fix
         { id, locale, publishedAt: null },
         { availableLocales: true, availableStatus: false }
       );
@@ -1716,12 +1757,11 @@ const collectionTypes = {
       return ctx.forbidden();
     }
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(version);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async create(ctx) {
     const { userAbility } = ctx.state;
     const { model } = ctx.params;
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     const [totalEntries, document] = await Promise.all([
       strapi.db.query(model).count(),
@@ -1729,7 +1769,7 @@ const collectionTypes = {
     ]);
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(document);
     ctx.status = 201;
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument, {
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument, {
       // Empty metadata as it's not relevant for a new document
       availableLocales: false,
       availableStatus: false
@@ -1743,25 +1783,23 @@ const collectionTypes = {
   async update(ctx) {
     const { userAbility } = ctx.state;
     const { model } = ctx.params;
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     const updatedVersion = await updateDocument(ctx);
     const sanitizedVersion = await permissionChecker2.sanitizeOutput(updatedVersion);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedVersion);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedVersion);
   },
   async clone(ctx) {
     const { userAbility, user } = ctx.state;
     const { model, sourceId: id } = ctx.params;
     const { body } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.create()) {
       return ctx.forbidden();
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.create(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await documentManager2.findOne(id, model, {
       populate,
       locale,
@@ -1777,7 +1815,7 @@ const collectionTypes = {
     const sanitizedBody = await sanitizeFn(body);
     const clonedDocument = await documentManager2.clone(document.documentId, sanitizedBody, model);
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(clonedDocument);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument, {
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument, {
       // Empty metadata as it's not relevant for a new document
       availableLocales: false,
       availableStatus: false
@@ -1806,7 +1844,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.delete(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(ctx.query);
+    const { locale } = await getDocumentLocaleAndStatus(ctx.query);
     const documentLocales = await documentManager2.findLocales(id, model, { populate, locale });
     if (documentLocales.length === 0) {
       return ctx.notFound();
@@ -1828,7 +1866,6 @@ const collectionTypes = {
     const { id, model } = ctx.params;
     const { body } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.publish()) {
       return ctx.forbidden();
@@ -1840,15 +1877,19 @@ const collectionTypes = {
       if (permissionChecker2.cannot.publish(document)) {
         throw new strapiUtils.errors.ForbiddenError();
       }
-      const { locale } = getDocumentLocaleAndStatus(body);
-      return documentManager2.publish(document.documentId, model, {
+      const { locale } = await getDocumentLocaleAndStatus(body);
+      const publishResult = await documentManager2.publish(document.documentId, model, {
         locale
         // TODO: Allow setting creator fields on publish
         // data: setCreatorFields({ user, isEdition: true })({}),
       });
+      if (!publishResult || publishResult.length === 0) {
+        throw new strapiUtils.errors.NotFoundError("Document not found or already published.");
+      }
+      return publishResult[0];
     });
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(publishedDocument);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async bulkPublish(ctx) {
     const { userAbility } = ctx.state;
@@ -1861,9 +1902,11 @@ const collectionTypes = {
     if (permissionChecker2.cannot.publish()) {
       return ctx.forbidden();
     }
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const permissionQuery = await permissionChecker2.sanitizedQuery.publish(ctx.query);
+    const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).populateDeep(Infinity).countRelations().build();
+    const { locale } = await getDocumentLocaleAndStatus(body, { allowMultipleLocales: true });
     const entityPromises = documentIds.map(
-      (documentId) => documentManager2.findLocales(documentId, model, { locale, isPublished: false })
+      (documentId) => documentManager2.findLocales(documentId, model, { populate, locale, isPublished: false })
     );
     const entities = (await Promise.all(entityPromises)).flat();
     for (const entity of entities) {
@@ -1874,8 +1917,7 @@ const collectionTypes = {
         return ctx.forbidden();
       }
     }
-    const entitiesIds = entities.map((document) => document.documentId);
-    const { count } = await documentManager2.publishMany(entitiesIds, model, { locale });
+    const count = await documentManager2.publishMany(model, documentIds, locale);
     ctx.body = { count };
   },
   async bulkUnpublish(ctx) {
@@ -1889,7 +1931,7 @@ const collectionTypes = {
     if (permissionChecker2.cannot.unpublish()) {
       return ctx.forbidden();
     }
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const entityPromises = documentIds.map(
       (documentId) => documentManager2.findLocales(documentId, model, { locale, isPublished: true })
     );
@@ -1913,7 +1955,6 @@ const collectionTypes = {
       body: { discardDraft, ...body }
     } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.unpublish()) {
       return ctx.forbidden();
@@ -1923,7 +1964,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.unpublish(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await documentManager2.findOne(id, model, {
       populate,
       locale,
@@ -1945,7 +1986,7 @@ const collectionTypes = {
       ctx.body = await strapiUtils.async.pipe(
         (document2) => documentManager2.unpublish(document2.documentId, model, { locale }),
         permissionChecker2.sanitizeOutput,
-        (document2) => documentMetadata2.formatDocumentWithMetadata(model, document2)
+        (document2) => formatDocumentWithMetadata(permissionChecker2, model, document2)
       )(document);
     });
   },
@@ -1954,14 +1995,13 @@ const collectionTypes = {
     const { id, model } = ctx.params;
     const { body } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.discard()) {
       return ctx.forbidden();
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.discard(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await documentManager2.findOne(id, model, {
       populate,
       locale,
@@ -1976,7 +2016,7 @@ const collectionTypes = {
     ctx.body = await strapiUtils.async.pipe(
       (document2) => documentManager2.discardDraft(document2.documentId, model, { locale }),
       permissionChecker2.sanitizeOutput,
-      (document2) => documentMetadata2.formatDocumentWithMetadata(model, document2)
+      (document2) => formatDocumentWithMetadata(permissionChecker2, model, document2)
     )(document);
   },
   async bulkDelete(ctx) {
@@ -1992,7 +2032,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.delete(query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const documentLocales = await documentManager2.findLocales(documentIds, model, {
       populate,
       locale
@@ -2019,7 +2059,7 @@ const collectionTypes = {
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.read(ctx.query);
     const populate = await getService$1("populate-builder")(model).populateFromQuery(permissionQuery).build();
-    const { locale, status = "draft" } = getDocumentLocaleAndStatus(ctx.query);
+    const { locale, status = "draft" } = await getDocumentLocaleAndStatus(ctx.query);
     const entity = await documentManager2.findOne(id, model, { populate, locale, status });
     if (!entity) {
       return ctx.notFound();
@@ -2034,26 +2074,27 @@ const collectionTypes = {
   },
   async countManyEntriesDraftRelations(ctx) {
     const { userAbility } = ctx.state;
-    const { documentIds, locale } = ctx.request.query;
+    const ids = ctx.request.query.documentIds;
+    const locale = ctx.request.query.locale;
     const { model } = ctx.params;
     const documentManager2 = getService$1("document-manager");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.read()) {
       return ctx.forbidden();
     }
-    const documents = await documentManager2.findMany(
+    const entities = await documentManager2.findMany(
       {
         filters: {
-          documentId: { $in: documentIds }
+          documentId: ids
         },
         locale
       },
       model
     );
-    if (!documents) {
+    if (!entities) {
       return ctx.notFound();
     }
-    const number = await documentManager2.countManyEntriesDraftRelations(documentIds, model, locale);
+    const number = await documentManager2.countManyEntriesDraftRelations(ids, model, locale);
     return {
       data: number
     };
@@ -2546,7 +2587,7 @@ const createOrUpdateDocument = async (ctx, opts) => {
     throw new strapiUtils.errors.ForbiddenError();
   }
   const sanitizedQuery = await permissionChecker2.sanitizedQuery.update(query);
-  const { locale } = getDocumentLocaleAndStatus(body);
+  const { locale } = await getDocumentLocaleAndStatus(body);
   const [documentVersion, otherDocumentVersion] = await Promise.all([
     findDocument(sanitizedQuery, model, { locale, status: "draft" }),
     // Find the first document to check if it exists
@@ -2583,12 +2624,11 @@ const singleTypes = {
     const { model } = ctx.params;
     const { query = {} } = ctx.request;
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
-    const documentMetadata2 = getService$1("document-metadata");
     if (permissionChecker2.cannot.read()) {
       return ctx.forbidden();
     }
     const permissionQuery = await permissionChecker2.sanitizedQuery.read(query);
-    const { locale, status } = getDocumentLocaleAndStatus(query);
+    const { locale, status } = await getDocumentLocaleAndStatus(query);
     const version = await findDocument(permissionQuery, model, { locale, status });
     if (!version) {
       if (permissionChecker2.cannot.create()) {
@@ -2598,8 +2638,10 @@ const singleTypes = {
       if (!document) {
         return ctx.notFound();
       }
-      const { meta } = await documentMetadata2.formatDocumentWithMetadata(
+      const { meta } = await formatDocumentWithMetadata(
+        permissionChecker2,
         model,
+        // @ts-expect-error - fix types
         { id: document.documentId, locale, publishedAt: null },
         { availableLocales: true, availableStatus: false }
       );
@@ -2610,16 +2652,15 @@ const singleTypes = {
       return ctx.forbidden();
     }
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(version);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async createOrUpdate(ctx) {
     const { userAbility } = ctx.state;
     const { model } = ctx.params;
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     const document = await createOrUpdateDocument(ctx);
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(document);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async delete(ctx) {
     const { userAbility } = ctx.state;
@@ -2632,7 +2673,7 @@ const singleTypes = {
     }
     const sanitizedQuery = await permissionChecker2.sanitizedQuery.delete(query);
     const populate = await buildPopulateFromQuery(sanitizedQuery, model);
-    const { locale } = getDocumentLocaleAndStatus(query);
+    const { locale } = await getDocumentLocaleAndStatus(query);
     const documentLocales = await documentManager2.findLocales(void 0, model, {
       populate,
       locale
@@ -2655,7 +2696,6 @@ const singleTypes = {
     const { model } = ctx.params;
     const { query = {} } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.publish()) {
       return ctx.forbidden();
@@ -2670,11 +2710,12 @@ const singleTypes = {
       if (permissionChecker2.cannot.publish(document)) {
         throw new strapiUtils.errors.ForbiddenError();
       }
-      const { locale } = getDocumentLocaleAndStatus(document);
-      return documentManager2.publish(document.documentId, model, { locale });
+      const { locale } = await getDocumentLocaleAndStatus(document);
+      const publishResult = await documentManager2.publish(document.documentId, model, { locale });
+      return publishResult.at(0);
     });
     const sanitizedDocument = await permissionChecker2.sanitizeOutput(publishedDocument);
-    ctx.body = await documentMetadata2.formatDocumentWithMetadata(model, sanitizedDocument);
+    ctx.body = await formatDocumentWithMetadata(permissionChecker2, model, sanitizedDocument);
   },
   async unpublish(ctx) {
     const { userAbility } = ctx.state;
@@ -2684,7 +2725,6 @@ const singleTypes = {
       query = {}
     } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.unpublish()) {
       return ctx.forbidden();
@@ -2693,7 +2733,7 @@ const singleTypes = {
       return ctx.forbidden();
     }
     const sanitizedQuery = await permissionChecker2.sanitizedQuery.unpublish(query);
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await findDocument(sanitizedQuery, model, { locale });
     if (!document) {
       return ctx.notFound();
@@ -2711,7 +2751,7 @@ const singleTypes = {
       ctx.body = await strapiUtils.async.pipe(
         (document2) => documentManager2.unpublish(document2.documentId, model, { locale }),
         permissionChecker2.sanitizeOutput,
-        (document2) => documentMetadata2.formatDocumentWithMetadata(model, document2)
+        (document2) => formatDocumentWithMetadata(permissionChecker2, model, document2)
       )(document);
     });
   },
@@ -2720,13 +2760,12 @@ const singleTypes = {
     const { model } = ctx.params;
     const { body, query = {} } = ctx.request;
     const documentManager2 = getService$1("document-manager");
-    const documentMetadata2 = getService$1("document-metadata");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
     if (permissionChecker2.cannot.discard()) {
       return ctx.forbidden();
     }
     const sanitizedQuery = await permissionChecker2.sanitizedQuery.discard(query);
-    const { locale } = getDocumentLocaleAndStatus(body);
+    const { locale } = await getDocumentLocaleAndStatus(body);
     const document = await findDocument(sanitizedQuery, model, { locale, status: "published" });
     if (!document) {
       return ctx.notFound();
@@ -2737,7 +2776,7 @@ const singleTypes = {
     ctx.body = await strapiUtils.async.pipe(
       (document2) => documentManager2.discardDraft(document2.documentId, model, { locale }),
       permissionChecker2.sanitizeOutput,
-      (document2) => documentMetadata2.formatDocumentWithMetadata(model, document2)
+      (document2) => formatDocumentWithMetadata(permissionChecker2, model, document2)
     )(document);
   },
   async countDraftRelations(ctx) {
@@ -2746,7 +2785,7 @@ const singleTypes = {
     const { query } = ctx.request;
     const documentManager2 = getService$1("document-manager");
     const permissionChecker2 = getService$1("permission-checker").create({ userAbility, model });
-    const { locale } = getDocumentLocaleAndStatus(query);
+    const { locale } = await getDocumentLocaleAndStatus(query);
     if (permissionChecker2.cannot.read()) {
       return ctx.forbidden();
     }
@@ -2767,7 +2806,7 @@ const uid$1 = {
   async generateUID(ctx) {
     const { contentTypeUID, field, data } = await validateGenerateUIDInput(ctx.request.body);
     const { query = {} } = ctx.request;
-    const { locale } = getDocumentLocaleAndStatus(query);
+    const { locale } = await getDocumentLocaleAndStatus(query);
     await validateUIDField(contentTypeUID, field);
     const uidService = getService$1("uid");
     ctx.body = {
@@ -2779,7 +2818,7 @@ const uid$1 = {
       ctx.request.body
     );
     const { query = {} } = ctx.request;
-    const { locale } = getDocumentLocaleAndStatus(query);
+    const { locale } = await getDocumentLocaleAndStatus(query);
     await validateUIDField(contentTypeUID, field);
     const uidService = getService$1("uid");
     const isAvailable = await uidService.checkUIDAvailability({
@@ -3570,7 +3609,7 @@ const permission = ({ strapi: strapi2 }) => ({
     await strapi2.service("admin::permission").actionProvider.registerMany(actions);
   }
 });
-const { isVisibleAttribute: isVisibleAttribute$1 } = strapiUtils__default.default.contentTypes;
+const { isVisibleAttribute: isVisibleAttribute$1, isScalarAttribute, getDoesAttributeRequireValidation } = strapiUtils__default.default.contentTypes;
 const { isAnyToMany } = strapiUtils__default.default.relations;
 const { PUBLISHED_AT_ATTRIBUTE: PUBLISHED_AT_ATTRIBUTE$1 } = strapiUtils__default.default.contentTypes.constants;
 const isMorphToRelation = (attribute) => isRelation(attribute) && attribute.relation.includes("morphTo");
@@ -3661,6 +3700,42 @@ const getDeepPopulate = (uid2, {
     {}
   );
 };
+const getValidatableFieldsPopulate = (uid2, {
+  initialPopulate = {},
+  countMany = false,
+  countOne = false,
+  maxLevel = Infinity
+} = {}, level = 1) => {
+  if (level > maxLevel) {
+    return {};
+  }
+  const model = strapi.getModel(uid2);
+  return Object.entries(model.attributes).reduce((populateAcc, [attributeName, attribute]) => {
+    if (!getDoesAttributeRequireValidation(attribute)) {
+      return populateAcc;
+    }
+    if (isScalarAttribute(attribute)) {
+      return fp.merge(populateAcc, {
+        [attributeName]: true
+      });
+    }
+    return fp.merge(
+      populateAcc,
+      getPopulateFor(
+        attributeName,
+        model,
+        {
+          // @ts-expect-error - improve types
+          initialPopulate: initialPopulate?.[attributeName],
+          countMany,
+          countOne,
+          maxLevel
+        },
+        level
+      )
+    );
+  }, {});
+};
 const getDeepPopulateDraftCount = (uid2) => {
   const model = strapi.getModel(uid2);
   let hasRelations = false;
@@ -3682,22 +3757,24 @@ const getDeepPopulateDraftCount = (uid2) => {
           attribute.component
         );
         if (childHasRelations) {
-          populateAcc[attributeName] = { populate: populate2 };
+          populateAcc[attributeName] = {
+            populate: populate2
+          };
           hasRelations = true;
         }
         break;
       }
       case "dynamiczone": {
-        const dzPopulate = (attribute.components || []).reduce((acc, componentUID) => {
-          const { populate: populate2, hasRelations: childHasRelations } = getDeepPopulateDraftCount(componentUID);
-          if (childHasRelations) {
+        const dzPopulateFragment = attribute.components?.reduce((acc, componentUID) => {
+          const { populate: componentPopulate, hasRelations: componentHasRelations } = getDeepPopulateDraftCount(componentUID);
+          if (componentHasRelations) {
             hasRelations = true;
-            return fp.merge(acc, populate2);
+            return { ...acc, [componentUID]: { populate: componentPopulate } };
           }
           return acc;
         }, {});
-        if (!fp.isEmpty(dzPopulate)) {
-          populateAcc[attributeName] = { populate: dzPopulate };
+        if (!fp.isEmpty(dzPopulateFragment)) {
+          populateAcc[attributeName] = { on: dzPopulateFragment };
         }
         break;
       }
@@ -3889,41 +3966,70 @@ const AVAILABLE_STATUS_FIELDS = [
   "updatedBy",
   "status"
 ];
-const AVAILABLE_LOCALES_FIELDS = ["id", "locale", "updatedAt", "createdAt", "status"];
+const AVAILABLE_LOCALES_FIELDS = [
+  "id",
+  "locale",
+  "updatedAt",
+  "createdAt",
+  "status",
+  "publishedAt",
+  "documentId"
+];
 const CONTENT_MANAGER_STATUS = {
   PUBLISHED: "published",
   DRAFT: "draft",
   MODIFIED: "modified"
 };
-const areDatesEqual = (date1, date2, threshold) => {
-  if (!date1 || !date2) {
+const getIsVersionLatestModification = (version, otherVersion) => {
+  if (!version || !version.updatedAt) {
     return false;
   }
-  const time1 = new Date(date1).getTime();
-  const time2 = new Date(date2).getTime();
-  const difference = Math.abs(time1 - time2);
-  return difference <= threshold;
+  const versionUpdatedAt = version?.updatedAt ? new Date(version.updatedAt).getTime() : 0;
+  const otherUpdatedAt = otherVersion?.updatedAt ? new Date(otherVersion.updatedAt).getTime() : 0;
+  return versionUpdatedAt > otherUpdatedAt;
 };
 const documentMetadata = ({ strapi: strapi2 }) => ({
   /**
    * Returns available locales of a document for the current status
    */
-  getAvailableLocales(uid2, version, allVersions) {
+  async getAvailableLocales(uid2, version, allVersions, validatableFields = []) {
     const versionsByLocale = fp.groupBy("locale", allVersions);
     delete versionsByLocale[version.locale];
-    return Object.values(versionsByLocale).map((localeVersions) => {
-      if (!strapiUtils.contentTypes.hasDraftAndPublish(strapi2.getModel(uid2))) {
-        return fp.pick(AVAILABLE_LOCALES_FIELDS, localeVersions[0]);
+    const model = strapi2.getModel(uid2);
+    const keysToKeep = [...AVAILABLE_LOCALES_FIELDS, ...validatableFields];
+    const traversalFunction = async (localeVersion) => strapiUtils.traverseEntity(
+      ({ key }, { remove }) => {
+        if (keysToKeep.includes(key)) {
+          return;
+        }
+        remove(key);
+      },
+      { schema: model, getModel: strapi2.getModel.bind(strapi2) },
+      // @ts-expect-error fix types DocumentVersion incompatible with Data
+      localeVersion
+    );
+    const mappingResult = await strapiUtils.async.map(
+      Object.values(versionsByLocale),
+      async (localeVersions) => {
+        const mappedLocaleVersions = await strapiUtils.async.map(
+          localeVersions,
+          traversalFunction
+        );
+        if (!strapiUtils.contentTypes.hasDraftAndPublish(model)) {
+          return mappedLocaleVersions[0];
+        }
+        const draftVersion = mappedLocaleVersions.find((v) => v.publishedAt === null);
+        const otherVersions = mappedLocaleVersions.filter((v) => v.id !== draftVersion?.id);
+        if (!draftVersion) {
+          return;
+        }
+        return {
+          ...draftVersion,
+          status: this.getStatus(draftVersion, otherVersions)
+        };
       }
-      const draftVersion = localeVersions.find((v) => v.publishedAt === null);
-      const otherVersions = localeVersions.filter((v) => v.id !== draftVersion?.id);
-      if (!draftVersion)
-        return;
-      return {
-        ...fp.pick(AVAILABLE_LOCALES_FIELDS, draftVersion),
-        status: this.getStatus(draftVersion, otherVersions)
-      };
-    }).filter(Boolean);
+    );
+    return mappingResult.filter(Boolean);
   },
   /**
    * Returns available status of a document for the current locale
@@ -3961,26 +4067,37 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
     });
   },
   getStatus(version, otherDocumentStatuses) {
-    const isDraft = version.publishedAt === null;
-    if (!otherDocumentStatuses?.length) {
-      return isDraft ? CONTENT_MANAGER_STATUS.DRAFT : CONTENT_MANAGER_STATUS.PUBLISHED;
+    let draftVersion;
+    let publishedVersion;
+    if (version.publishedAt) {
+      publishedVersion = version;
+    } else {
+      draftVersion = version;
     }
-    if (isDraft) {
-      const publishedVersion = otherDocumentStatuses?.find((d) => d.publishedAt !== null);
-      if (!publishedVersion) {
-        return CONTENT_MANAGER_STATUS.DRAFT;
-      }
+    const otherVersion = otherDocumentStatuses?.at(0);
+    if (otherVersion?.publishedAt) {
+      publishedVersion = otherVersion;
+    } else if (otherVersion) {
+      draftVersion = otherVersion;
     }
-    if (areDatesEqual(version.updatedAt, otherDocumentStatuses.at(0)?.updatedAt, 500)) {
+    if (!draftVersion)
       return CONTENT_MANAGER_STATUS.PUBLISHED;
-    }
-    return CONTENT_MANAGER_STATUS.MODIFIED;
+    if (!publishedVersion)
+      return CONTENT_MANAGER_STATUS.DRAFT;
+    const isDraftModified = getIsVersionLatestModification(draftVersion, publishedVersion);
+    return isDraftModified ? CONTENT_MANAGER_STATUS.MODIFIED : CONTENT_MANAGER_STATUS.PUBLISHED;
   },
+  // TODO is it necessary to return metadata on every page of the CM
+  // We could refactor this so the locales are only loaded when they're
+  // needed. e.g. in the bulk locale action modal.
   async getMetadata(uid2, version, { availableLocales = true, availableStatus = true } = {}) {
+    const populate = getValidatableFieldsPopulate(uid2);
     const versions = await strapi2.db.query(uid2).findMany({
       where: { documentId: version.documentId },
-      select: ["createdAt", "updatedAt", "locale", "publishedAt", "documentId"],
       populate: {
+        // Populate only fields that require validation for bulk locale actions
+        ...populate,
+        // NOTE: creator fields are selected in this way to avoid exposing sensitive data
         createdBy: {
           select: ["id", "firstname", "lastname", "email"]
         },
@@ -3989,7 +4106,7 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
         }
       }
     });
-    const availableLocalesResult = availableLocales ? this.getAvailableLocales(uid2, version, versions) : [];
+    const availableLocalesResult = availableLocales ? await this.getAvailableLocales(uid2, version, versions, Object.keys(populate)) : [];
     const availableStatusResult = availableStatus ? this.getAvailableStatus(version, versions) : null;
     return {
       availableLocales: availableLocalesResult,
@@ -4002,8 +4119,9 @@ const documentMetadata = ({ strapi: strapi2 }) => ({
    * - Available status of the document for the current locale
    */
   async formatDocumentWithMetadata(uid2, document, opts = {}) {
-    if (!document)
+    if (!document) {
       return document;
+    }
     const hasDraftAndPublish = strapiUtils.contentTypes.hasDraftAndPublish(strapi2.getModel(uid2));
     if (!hasDraftAndPublish) {
       opts.availableStatus = false;
@@ -4139,7 +4257,7 @@ const documentManager = ({ strapi: strapi2 }) => {
       return {};
     },
     // FIXME: handle relations
-    async deleteMany(documentIds, uid2, opts) {
+    async deleteMany(documentIds, uid2, opts = {}) {
       const deletedEntries = await strapi2.db.transaction(async () => {
         return Promise.all(documentIds.map(async (id) => this.delete(id, uid2, opts)));
       });
@@ -4148,18 +4266,16 @@ const documentManager = ({ strapi: strapi2 }) => {
     async publish(id, uid2, opts = {}) {
       const populate = await buildDeepPopulate(uid2);
       const params = { ...opts, populate };
-      return strapi2.documents(uid2).publish({ ...params, documentId: id }).then((result) => result?.entries.at(0));
+      return strapi2.documents(uid2).publish({ ...params, documentId: id }).then((result) => result?.entries);
     },
-    async publishMany(documentIds, uid2, opts = {}) {
-      const publishedEntries = await strapi2.db.transaction(async () => {
-        return Promise.all(
-          documentIds.map(
-            (id) => strapi2.documents(uid2).publish({ ...opts, documentId: id }).then((result) => result?.entries)
-          )
+    async publishMany(uid2, documentIds, locale) {
+      return strapi2.db.transaction(async () => {
+        const results = await Promise.all(
+          documentIds.map((documentId) => this.publish(documentId, uid2, { locale }))
         );
+        const publishedEntitiesCount = results.flat().filter(Boolean).length;
+        return publishedEntitiesCount;
       });
-      const publishedEntitiesCount = publishedEntries.flat().filter(Boolean).length;
-      return { count: publishedEntitiesCount };
     },
     async unpublishMany(documentIds, uid2, opts = {}) {
       const unpublishedEntries = await strapi2.db.transaction(async () => {
@@ -4200,14 +4316,18 @@ const documentManager = ({ strapi: strapi2 }) => {
       if (!hasRelations) {
         return 0;
       }
-      const documents = await strapi2.documents(uid2).findMany({
+      let localeFilter = {};
+      if (locale) {
+        localeFilter = Array.isArray(locale) ? { locale: { $in: locale } } : { locale };
+      }
+      const entities = await strapi2.db.query(uid2).findMany({
         populate,
-        filters: {
-          documentId: documentIds
-        },
-        locale
+        where: {
+          documentId: { $in: documentIds },
+          ...localeFilter
+        }
       });
-      const totalNumberDraftRelations = documents.reduce(
+      const totalNumberDraftRelations = entities.reduce(
         (count, entity) => sumDraftCounts(entity, uid2) + count,
         0
       );