@strapi/plugin-documentation 4.0.0-beta.2 → 4.0.0-beta.20

package/server/controllers/documentation.js

@@ -8,6 +8,7 @@
 
 // Core dependencies.
 const path = require('path');
+const bcrypt = require('bcryptjs');
 
 // Public dependencies.
 const fs = require('fs-extra');
@@ -17,15 +18,15 @@ const koaStatic = require('koa-static');
 module.exports = {
   async getInfos(ctx) {
     try {
-      const service = strapi.plugins.documentation.services.documentation;
-      const docVersions = service.retrieveDocumentationVersions();
-      const form = await service.retrieveFrontForm();
+      const docService = strapi.plugin('documentation').service('documentation');
+      const docVersions = docService.getDocumentationVersions();
+      const documentationAccess = await docService.getDocumentationAccess();
 
       ctx.send({
         docVersions,
-        currentVersion: service.getDocumentationVersion(),
-        prefix: strapi.config.get('plugin.documentation.x-strapi-config').path,
-        form,
+        currentVersion: docService.getDocumentationVersion(),
+        prefix: strapi.plugin('documentation').config('x-strapi-config').path,
+        documentationAccess,
       });
     } catch (err) {
       ctx.badRequest(null, err.message);
@@ -42,10 +43,13 @@ module.exports = {
       const version =
         major && minor && patch
           ? `${major}.${minor}.${patch}`
-          : strapi.plugins.documentation.config.info.version;
+          : strapi
+              .plugin('documentation')
+              .service('documentation')
+              .getDocumentationVersion();
+
       const openAPISpecsPath = path.join(
-        strapi.config.appPath,
-        'extensions',
+        strapi.dirs.extensions,
         'documentation',
         'documentation',
         version,
@@ -65,8 +69,7 @@ module.exports = {
 
         try {
           const layoutPath = path.resolve(
-            strapi.config.appPath,
-            'extensions',
+            strapi.dirs.extensions,
             'documentation',
             'public',
             'index.html'
@@ -78,12 +81,7 @@ module.exports = {
           ctx.url = path.basename(`${ctx.url}/index.html`);
 
           try {
-            const staticFolder = path.resolve(
-              strapi.config.appPath,
-              'extensions',
-              'documentation',
-              'public'
-            );
+            const staticFolder = path.resolve(strapi.dirs.extensions, 'documentation', 'public');
             return koaStatic(staticFolder)(ctx, next);
           } catch (e) {
             strapi.log.error(e);
@@ -118,8 +116,7 @@ module.exports = {
 
       try {
         const layoutPath = path.resolve(
-          strapi.config.appPath,
-          'extensions',
+          strapi.dirs.extensions,
           'documentation',
           'public',
           'login.html'
@@ -130,12 +127,7 @@ module.exports = {
         ctx.url = path.basename(`${ctx.url}/login.html`);
 
         try {
-          const staticFolder = path.resolve(
-            strapi.config.appPath,
-            'extensions',
-            'documentation',
-            'public'
-          );
+          const staticFolder = path.resolve(strapi.dirs.extensions, 'documentation', 'public');
           return koaStatic(staticFolder)(ctx, next);
         } catch (e) {
           strapi.log.error(e);
@@ -153,18 +145,19 @@ module.exports = {
       body: { password },
     } = ctx.request;
 
-    const { password: storedPassword } = await strapi
+    const { password: hash } = await strapi
       .store({ type: 'plugin', name: 'documentation', key: 'config' })
       .get();
 
-    const isValid = await strapi.plugins['users-permissions'].services.user.validatePassword(
-      password,
-      storedPassword
-    );
+    const isValid = await bcrypt.compare(password, hash);
+
     let querystring = '?error=password';
 
     if (isValid) {
-      ctx.session.documentation = password;
+      ctx.session.documentation = {
+        logged: true,
+      };
+
       querystring = '';
     }
 
@@ -176,126 +169,71 @@ module.exports = {
   },
 
   async regenerateDoc(ctx) {
-    const service = strapi.plugins.documentation.services.documentation;
-    const documentationVersions = service.retrieveDocumentationVersions().map(el => el.version);
-    const {
-      request: {
-        body: { version },
-        admin,
-      },
-    } = ctx;
+    const { version } = ctx.request.body;
+
+    const service = strapi.service('plugin::documentation.documentation');
+
+    const documentationVersions = service.getDocumentationVersions().map(el => el.version);
 
     if (_.isEmpty(version)) {
-      return ctx.badRequest(
-        null,
-        admin ? 'documentation.error.noVersion' : 'Please provide a version.'
-      );
+      return ctx.badRequest('Please provide a version.');
     }
 
     if (!documentationVersions.includes(version)) {
-      return ctx.badRequest(
-        null,
-        admin
-          ? 'documentation.error.regenerateDoc.versionMissing'
-          : 'The version you are trying to generate does not exist.'
-      );
+      return ctx.badRequest('The version you are trying to generate does not exist.');
     }
 
     try {
       strapi.reload.isWatching = false;
-      const fullDoc = service.generateFullDoc(version);
-      const documentationPath = service.getMergedDocumentationPath(version);
-      // Write the file
-      fs.writeFileSync(
-        path.resolve(documentationPath, 'full_documentation.json'),
-        JSON.stringify(fullDoc, null, 2),
-        'utf8'
-      );
+      await service.generateFullDoc(version);
       ctx.send({ ok: true });
-    } catch (err) {
-      ctx.badRequest(null, admin ? 'documentation.error.regenerateDoc' : 'An error occured');
     } finally {
       strapi.reload.isWatching = true;
     }
   },
 
   async deleteDoc(ctx) {
-    strapi.reload.isWatching = false;
-    const service = strapi.plugins.documentation.services.documentation;
-    const documentationVersions = service.retrieveDocumentationVersions().map(el => el.version);
+    const { version } = ctx.params;
 
-    const {
-      params: { version },
-      request: { admin },
-    } = ctx;
+    const service = strapi.service('plugin::documentation.documentation');
+
+    const documentationVersions = service.getDocumentationVersions().map(el => el.version);
 
     if (_.isEmpty(version)) {
-      return ctx.badRequest(
-        null,
-        admin ? 'documentation.error.noVersion' : 'Please provide a version.'
-      );
+      return ctx.badRequest('Please provide a version.');
     }
 
     if (!documentationVersions.includes(version)) {
-      return ctx.badRequest(
-        null,
-        admin
-          ? 'documentation.error.deleteDoc.versionMissing'
-          : 'The version you are trying to delete does not exist.'
-      );
+      return ctx.badRequest('The version you are trying to delete does not exist.');
     }
 
     try {
+      strapi.reload.isWatching = false;
       await service.deleteDocumentation(version);
       ctx.send({ ok: true });
-    } catch (err) {
-      ctx.badRequest(null, admin ? 'notification.error' : err.message);
     } finally {
       strapi.reload.isWatching = true;
     }
   },
 
   async updateSettings(ctx) {
-    const {
-      admin,
-      body: { restrictedAccess, password },
-    } = ctx.request;
-
-    const usersPermService = strapi.plugins['users-permissions'].services;
+    const { restrictedAccess, password } = ctx.request.body;
 
     const pluginStore = strapi.store({ type: 'plugin', name: 'documentation' });
 
-    const prevConfig = await pluginStore.get({ key: 'config' });
+    const config = {
+      restrictedAccess: Boolean(restrictedAccess),
+    };
 
-    if (restrictedAccess && _.isEmpty(password)) {
-      return ctx.badRequest(
-        null,
-        admin ? 'users-permissions.Auth.form.error.password.provide' : 'Please provide a password'
-      );
-    }
-
-    const isNewPassword = !_.isEmpty(password) && password !== prevConfig.password;
-
-    if (isNewPassword && usersPermService.user.isHashed(password)) {
-      // Throw an error if the password selected by the user
-      // contains more than two times the symbol '$'.
-      return ctx.badRequest(
-        null,
-        admin
-          ? 'users-permissions.Auth.form.error.password.format'
-          : 'our password cannot contain more than three times the symbol `$`.'
-      );
-    }
+    if (restrictedAccess) {
+      if (_.isEmpty(password)) {
+        return ctx.badRequest('Please provide a password');
+      }
 
-    if (isNewPassword) {
-      prevConfig.password = await usersPermService.user.hashPassword({
-        password,
-      });
+      config.password = await bcrypt.hash(password, 10);
     }
 
-    _.set(prevConfig, 'restrictedAccess', restrictedAccess);
-
-    await pluginStore.set({ key: 'config', value: prevConfig });
+    await pluginStore.set({ key: 'config', value: config });
 
     return ctx.send({ ok: true });
   },

package/server/index.js

@@ -0,0 +1,17 @@
+'use strict';
+
+const bootstrap = require('./bootstrap');
+const services = require('./services');
+const routes = require('./routes');
+const controllers = require('./controllers');
+const register = require('./register');
+const config = require('./config');
+
+module.exports = () => ({
+  bootstrap,
+  config,
+  routes,
+  controllers,
+  register,
+  services,
+});

package/server/middlewares/documentation.js

@@ -1,61 +1,30 @@
 'use strict';
 
 const path = require('path');
-const _ = require('lodash');
 const koaStatic = require('koa-static');
-
-const initialRoutes = [];
-
-// TODO: delete when refactoring documentation plugin for v4
-module.exports = {
-  defaults: { documentation: { enabled: true } },
-  load: {
-    beforeInitialize() {
-      strapi.config.middleware.load.before.push('documentation');
-
-      initialRoutes.push(..._.cloneDeep(strapi.plugins.documentation.routes));
-    },
-
-    initialize() {
-      const swaggerUi = require('swagger-ui-dist');
-
-      // Find the plugins routes.
-      strapi.plugins.documentation.routes = strapi.plugins.documentation.routes.map(
-        (route, index) => {
-          if (route.handler === 'Documentation.getInfos') {
-            return route;
-          }
-
-          if (route.handler === 'Documentation.index' || route.path === '/login') {
-            route.config.policies = initialRoutes[index].config.policies;
-          }
-
-          // Set prefix to empty to be able to customise it.
-          if (strapi.config.has('plugins.documentation.x-strapi-config.path')) {
-            route.config.prefix = '';
-            route.path = `/${strapi.config.get('plugin.documentation.x-strapi-config').path}${
-              route.path
-            }`.replace('//', '/');
-          }
-
-          return route;
-        }
-      );
-
-      strapi.server.routes([
-        {
-          method: 'GET',
-          path: '/plugins/documentation/(.*)',
-          async handler(ctx, next) {
-            ctx.url = path.basename(ctx.url);
-
-            return koaStatic(swaggerUi.getAbsoluteFSPath(), {
-              maxage: strapi.config.middleware.settings.public.maxAge,
-              defer: true,
-            })(ctx, next);
-          },
-        },
-      ]);
+const session = require('koa-session');
+const swaggerUi = require('swagger-ui-dist');
+
+module.exports = async ({ strapi }) => {
+  const sessionConfig = strapi.config.get('plugin.documentation').session;
+  strapi.server.app.keys = sessionConfig.secretKeys;
+  strapi.server.app.use(session(sessionConfig, strapi.server.app));
+
+  strapi.server.routes([
+    {
+      method: 'GET',
+      path: '/plugins/documentation/(.*)',
+      async handler(ctx, next) {
+        ctx.url = path.basename(ctx.url);
+
+        return koaStatic(swaggerUi.getAbsoluteFSPath(), {
+          maxage: 86400000,
+          defer: true,
+        })(ctx, next);
+      },
+      config: {
+        auth: false,
+      },
     },
-  },
+  ]);
 };

package/server/{policies/index-policy.js → middlewares/restrict-access.js}

@@ -9,7 +9,7 @@ module.exports = async (ctx, next) => {
     return next();
   }
 
-  if (!ctx.session.documentation) {
+  if (!ctx.session.documentation || !ctx.session.documentation.logged) {
     const querystring = ctx.querystring ? `?${ctx.querystring}` : '';
 
     return ctx.redirect(
@@ -18,15 +18,7 @@ module.exports = async (ctx, next) => {
       }/login${querystring}`
     );
   }
-  const isValid = await strapi.plugins['users-permissions'].services.user.validatePassword(
-    ctx.session.documentation,
-    config.password
-  );
-
-  if (!isValid) {
-    ctx.session.documentation = null;
-  }
 
   // Execute the action.
-  await next();
+  return next();
 };

package/server/register.js

@@ -0,0 +1,11 @@
+'use strict';
+
+const registerDocumentationMiddleWare = require('./middlewares/documentation');
+
+/**
+ * Register upload plugin
+ * @param {{ strapi: import('@strapi/strapi').Strapi }}
+ */
+module.exports = async ({ strapi }) => {
+  await registerDocumentationMiddleWare({ strapi });
+};

package/server/routes/index.js

@@ -1,4 +1,5 @@
 'use strict';
+const restrictAccess = require('../middlewares/restrict-access');
 
 module.exports = [
   {
@@ -6,10 +7,8 @@ module.exports = [
     path: '/',
     handler: 'documentation.index',
     config: {
-      policies: [
-        'plugin::documentation.index',
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
-      ],
+      auth: false,
+      middlewares: [restrictAccess],
     },
   },
   {
@@ -17,10 +16,8 @@ module.exports = [
     path: '/v:major(\\d+).:minor(\\d+).:patch(\\d+)',
     handler: 'documentation.index',
     config: {
-      policies: [
-        'plugin::documentation.index',
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
-      ],
+      auth: false,
+      middlewares: [restrictAccess],
     },
   },
   {
@@ -28,9 +25,7 @@ module.exports = [
     path: '/login',
     handler: 'documentation.loginView',
     config: {
-      policies: [
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
-      ],
+      auth: false,
     },
   },
   {
@@ -38,9 +33,7 @@ module.exports = [
     path: '/login',
     handler: 'documentation.login',
     config: {
-      policies: [
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
-      ],
+      auth: false,
     },
   },
   {
@@ -49,7 +42,7 @@ module.exports = [
     handler: 'documentation.getInfos',
     config: {
       policies: [
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
+        { name: 'admin::hasPermissions', config: { actions: ['plugin::documentation.read'] } },
       ],
     },
   },
@@ -61,7 +54,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: { actions: ['plugin::documentation.settings.regenerate'] },
+          config: { actions: ['plugin::documentation.settings.regenerate'] },
         },
       ],
     },
@@ -74,7 +67,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: { actions: ['plugin::documentation.settings.update'] },
+          config: { actions: ['plugin::documentation.settings.update'] },
         },
       ],
     },