@strapi/plugin-documentation 4.0.0-next.8 → 4.0.2

package/server/config/default-config.js

@@ -21,28 +21,25 @@ module.exports = {
     path: '/documentation',
     showGeneratedFiles: true,
     generateDefaultResponse: true,
+    plugins: ['email', 'upload'],
   },
-  servers: [
-    {
-      url: 'http://localhost:1337',
-      description: 'Development server',
-    },
-    {
-      url: 'YOUR_STAGING_SERVER',
-      description: 'Staging server',
-    },
-    {
-      url: 'YOUR_PRODUCTION_SERVER',
-      description: 'Production server',
-    },
-  ],
+  servers: [],
   externalDocs: {
     description: 'Find out more',
-    url: 'https://strapi.io/documentation/developer-docs/latest/getting-started/introduction.html',
+    url: 'https://docs.strapi.io/developer-docs/latest/getting-started/introduction.html',
   },
   security: [
     {
       bearerAuth: [],
     },
   ],
+  components: {
+    securitySchemes: {
+      bearerAuth: {
+        type: 'http',
+        scheme: 'bearer',
+        bearerFormat: 'JWT',
+      },
+    },
+  },
 };

package/server/config/index.js

@@ -1,8 +1,16 @@
 'use strict';
 
-const defaultConfig = require('./default-config');
+const defaultDocumentationConfig = require('./default-config');
+
+const defaultConfig = {
+  ...defaultDocumentationConfig,
+  session: {
+    key: 'plugin::documentation.sess',
+    maxAge: 'session',
+    secretKeys: ['mySecret'],
+  },
+};
 
 module.exports = {
   default: defaultConfig,
-  validator: () => {},
 };

package/server/controllers/documentation.js

@@ -8,25 +8,25 @@
 
 // Core dependencies.
 const path = require('path');
+const bcrypt = require('bcryptjs');
 
 // Public dependencies.
 const fs = require('fs-extra');
-const cheerio = require('cheerio');
 const _ = require('lodash');
 const koaStatic = require('koa-static');
 
 module.exports = {
-  getInfos: async ctx => {
+  async getInfos(ctx) {
     try {
-      const service = strapi.plugins.documentation.services.documentation;
-      const docVersions = service.retrieveDocumentationVersions();
-      const form = await service.retrieveFrontForm();
+      const docService = strapi.plugin('documentation').service('documentation');
+      const docVersions = docService.getDocumentationVersions();
+      const documentationAccess = await docService.getDocumentationAccess();
 
       ctx.send({
         docVersions,
-        currentVersion: service.getDocumentationVersion(),
-        prefix: strapi.config.get('plugin.documentation.x-strapi-config').path,
-        form,
+        currentVersion: docService.getDocumentationVersion(),
+        prefix: strapi.plugin('documentation').config('x-strapi-config').path,
+        documentationAccess,
       });
     } catch (err) {
       ctx.badRequest(null, err.message);
@@ -43,10 +43,13 @@ module.exports = {
       const version =
         major && minor && patch
           ? `${major}.${minor}.${patch}`
-          : strapi.plugins.documentation.config.info.version;
+          : strapi
+              .plugin('documentation')
+              .service('documentation')
+              .getDocumentationVersion();
+
       const openAPISpecsPath = path.join(
-        strapi.config.appPath,
-        'extensions',
+        strapi.dirs.extensions,
         'documentation',
         'documentation',
         version,
@@ -66,8 +69,7 @@ module.exports = {
 
         try {
           const layoutPath = path.resolve(
-            strapi.config.appPath,
-            'extensions',
+            strapi.dirs.extensions,
             'documentation',
             'public',
             'index.html'
@@ -79,13 +81,8 @@ module.exports = {
           ctx.url = path.basename(`${ctx.url}/index.html`);
 
           try {
-            const staticFolder = path.resolve(
-              strapi.config.appPath,
-              'extensions',
-              'documentation',
-              'public'
-            );
-            return await koaStatic(staticFolder)(ctx, next);
+            const staticFolder = path.resolve(strapi.dirs.extensions, 'documentation', 'public');
+            return koaStatic(staticFolder)(ctx, next);
           } catch (e) {
             strapi.log.error(e);
           }
@@ -101,6 +98,9 @@ module.exports = {
   },
 
   async loginView(ctx, next) {
+    // lazy require cheerio
+    const cheerio = require('cheerio');
+
     const { error } = ctx.query;
 
     try {
@@ -116,8 +116,7 @@ module.exports = {
 
       try {
         const layoutPath = path.resolve(
-          strapi.config.appPath,
-          'extensions',
+          strapi.dirs.extensions,
           'documentation',
           'public',
           'login.html'
@@ -128,13 +127,8 @@ module.exports = {
         ctx.url = path.basename(`${ctx.url}/login.html`);
 
         try {
-          const staticFolder = path.resolve(
-            strapi.config.appPath,
-            'extensions',
-            'documentation',
-            'public'
-          );
-          return await koaStatic(staticFolder)(ctx, next);
+          const staticFolder = path.resolve(strapi.dirs.extensions, 'documentation', 'public');
+          return koaStatic(staticFolder)(ctx, next);
         } catch (e) {
           strapi.log.error(e);
         }
@@ -151,23 +145,19 @@ module.exports = {
       body: { password },
     } = ctx.request;
 
-    const { password: storedPassword } = await strapi
-      .store({
-        environment: '',
-        type: 'plugin',
-        name: 'documentation',
-        key: 'config',
-      })
+    const { password: hash } = await strapi
+      .store({ type: 'plugin', name: 'documentation', key: 'config' })
       .get();
 
-    const isValid = await strapi.plugins['users-permissions'].services.user.validatePassword(
-      password,
-      storedPassword
-    );
+    const isValid = await bcrypt.compare(password, hash);
+
     let querystring = '?error=password';
 
     if (isValid) {
-      ctx.session.documentation = password;
+      ctx.session.documentation = {
+        logged: true,
+      };
+
       querystring = '';
     }
 
@@ -178,128 +168,72 @@ module.exports = {
     );
   },
 
-  regenerateDoc: async ctx => {
-    const service = strapi.plugins.documentation.services.documentation;
-    const documentationVersions = service.retrieveDocumentationVersions().map(el => el.version);
-    const {
-      request: {
-        body: { version },
-        admin,
-      },
-    } = ctx;
+  async regenerateDoc(ctx) {
+    const { version } = ctx.request.body;
+
+    const service = strapi.service('plugin::documentation.documentation');
+
+    const documentationVersions = service.getDocumentationVersions().map(el => el.version);
 
     if (_.isEmpty(version)) {
-      return ctx.badRequest(
-        null,
-        admin ? 'documentation.error.noVersion' : 'Please provide a version.'
-      );
+      return ctx.badRequest('Please provide a version.');
     }
 
     if (!documentationVersions.includes(version)) {
-      return ctx.badRequest(
-        null,
-        admin
-          ? 'documentation.error.regenerateDoc.versionMissing'
-          : 'The version you are trying to generate does not exist.'
-      );
+      return ctx.badRequest('The version you are trying to generate does not exist.');
     }
 
     try {
       strapi.reload.isWatching = false;
-      const fullDoc = service.generateFullDoc(version);
-      const documentationPath = service.getMergedDocumentationPath(version);
-      // Write the file
-      fs.writeFileSync(
-        path.resolve(documentationPath, 'full_documentation.json'),
-        JSON.stringify(fullDoc, null, 2),
-        'utf8'
-      );
+      await service.generateFullDoc(version);
       ctx.send({ ok: true });
-    } catch (err) {
-      ctx.badRequest(null, admin ? 'documentation.error.regenerateDoc' : 'An error occured');
     } finally {
       strapi.reload.isWatching = true;
     }
   },
 
-  deleteDoc: async ctx => {
-    strapi.reload.isWatching = false;
-    const service = strapi.plugins.documentation.services.documentation;
-    const documentationVersions = service.retrieveDocumentationVersions().map(el => el.version);
+  async deleteDoc(ctx) {
+    const { version } = ctx.params;
 
-    const {
-      params: { version },
-      request: { admin },
-    } = ctx;
+    const service = strapi.service('plugin::documentation.documentation');
+
+    const documentationVersions = service.getDocumentationVersions().map(el => el.version);
 
     if (_.isEmpty(version)) {
-      return ctx.badRequest(
-        null,
-        admin ? 'documentation.error.noVersion' : 'Please provide a version.'
-      );
+      return ctx.badRequest('Please provide a version.');
     }
 
     if (!documentationVersions.includes(version)) {
-      return ctx.badRequest(
-        null,
-        admin
-          ? 'documentation.error.deleteDoc.versionMissing'
-          : 'The version you are trying to delete does not exist.'
-      );
+      return ctx.badRequest('The version you are trying to delete does not exist.');
     }
 
     try {
+      strapi.reload.isWatching = false;
       await service.deleteDocumentation(version);
       ctx.send({ ok: true });
-    } catch (err) {
-      ctx.badRequest(null, admin ? 'notification.error' : err.message);
     } finally {
       strapi.reload.isWatching = true;
     }
   },
 
-  updateSettings: async ctx => {
-    const {
-      admin,
-      body: { restrictedAccess, password },
-    } = ctx.request;
-    const usersPermService = strapi.plugins['users-permissions'].services;
-    const pluginStore = strapi.store({
-      environment: '',
-      type: 'plugin',
-      name: 'documentation',
-    });
-    const prevConfig = await pluginStore.get({ key: 'config' });
-
-    if (restrictedAccess && _.isEmpty(password)) {
-      return ctx.badRequest(
-        null,
-        admin ? 'users-permissions.Auth.form.error.password.provide' : 'Please provide a password'
-      );
-    }
+  async updateSettings(ctx) {
+    const { restrictedAccess, password } = ctx.request.body;
 
-    const isNewPassword = !_.isEmpty(password) && password !== prevConfig.password;
+    const pluginStore = strapi.store({ type: 'plugin', name: 'documentation' });
 
-    if (isNewPassword && usersPermService.user.isHashed(password)) {
-      // Throw an error if the password selected by the user
-      // contains more than two times the symbol '$'.
-      return ctx.badRequest(
-        null,
-        admin
-          ? 'users-permissions.Auth.form.error.password.format'
-          : 'our password cannot contain more than three times the symbol `$`.'
-      );
-    }
+    const config = {
+      restrictedAccess: Boolean(restrictedAccess),
+    };
 
-    if (isNewPassword) {
-      prevConfig.password = await usersPermService.user.hashPassword({
-        password,
-      });
-    }
+    if (restrictedAccess) {
+      if (_.isEmpty(password)) {
+        return ctx.badRequest('Please provide a password');
+      }
 
-    _.set(prevConfig, 'restrictedAccess', restrictedAccess);
+      config.password = await bcrypt.hash(password, 10);
+    }
 
-    await pluginStore.set({ key: 'config', value: prevConfig });
+    await pluginStore.set({ key: 'config', value: config });
 
     return ctx.send({ ok: true });
   },

package/server/index.js

@@ -0,0 +1,17 @@
+'use strict';
+
+const bootstrap = require('./bootstrap');
+const services = require('./services');
+const routes = require('./routes');
+const controllers = require('./controllers');
+const register = require('./register');
+const config = require('./config');
+
+module.exports = () => ({
+  bootstrap,
+  config,
+  routes,
+  controllers,
+  register,
+  services,
+});

package/server/middlewares/documentation.js

@@ -1,53 +1,30 @@
 'use strict';
 
 const path = require('path');
-const _ = require('lodash');
-const swaggerUi = require('swagger-ui-dist');
 const koaStatic = require('koa-static');
+const session = require('koa-session');
+const swaggerUi = require('swagger-ui-dist');
 
-const initialRoutes = [];
-
-module.exports = {
-  defaults: { documentation: { enabled: true } },
-  load: {
-    beforeInitialize() {
-      strapi.config.middleware.load.before.push('documentation');
-
-      initialRoutes.push(..._.cloneDeep(strapi.plugins.documentation.routes));
-    },
-
-    initialize() {
-      // Find the plugins routes.
-      strapi.plugins.documentation.routes = strapi.plugins.documentation.routes.map(
-        (route, index) => {
-          if (route.handler === 'Documentation.getInfos') {
-            return route;
-          }
-
-          if (route.handler === 'Documentation.index' || route.path === '/login') {
-            route.config.policies = initialRoutes[index].config.policies;
-          }
-
-          // Set prefix to empty to be able to customise it.
-          if (strapi.config.has('plugins.documentation.x-strapi-config.path')) {
-            route.config.prefix = '';
-            route.path = `/${strapi.config.get('plugin.documentation.x-strapi-config').path}${
-              route.path
-            }`.replace('//', '/');
-          }
-
-          return route;
-        }
-      );
+module.exports = async ({ strapi }) => {
+  const sessionConfig = strapi.config.get('plugin.documentation').session;
+  strapi.server.app.keys = sessionConfig.secretKeys;
+  strapi.server.app.use(session(sessionConfig, strapi.server.app));
 
-      strapi.router.get('/plugins/documentation/*', async (ctx, next) => {
+  strapi.server.routes([
+    {
+      method: 'GET',
+      path: '/plugins/documentation/(.*)',
+      async handler(ctx, next) {
         ctx.url = path.basename(ctx.url);
 
-        return await koaStatic(swaggerUi.getAbsoluteFSPath(), {
-          maxage: strapi.config.middleware.settings.public.maxAge,
+        return koaStatic(swaggerUi.getAbsoluteFSPath(), {
+          maxage: 86400000,
           defer: true,
         })(ctx, next);
-      });
+      },
+      config: {
+        auth: false,
+      },
     },
-  },
+  ]);
 };

package/server/{policies/index-policy.js → middlewares/restrict-access.js}

@@ -1,18 +1,15 @@
 'use strict';
 
 module.exports = async (ctx, next) => {
-  const pluginStore = strapi.store({
-    environment: '',
-    type: 'plugin',
-    name: 'documentation',
-  });
+  const pluginStore = strapi.store({ type: 'plugin', name: 'documentation' });
+
   const config = await pluginStore.get({ key: 'config' });
 
   if (!config.restrictedAccess) {
-    return await next();
+    return next();
   }
 
-  if (!ctx.session.documentation) {
+  if (!ctx.session.documentation || !ctx.session.documentation.logged) {
     const querystring = ctx.querystring ? `?${ctx.querystring}` : '';
 
     return ctx.redirect(
@@ -21,15 +18,7 @@ module.exports = async (ctx, next) => {
       }/login${querystring}`
     );
   }
-  const isValid = await strapi.plugins['users-permissions'].services.user.validatePassword(
-    ctx.session.documentation,
-    config.password
-  );
-
-  if (!isValid) {
-    ctx.session.documentation = null;
-  }
 
   // Execute the action.
-  await next();
+  return next();
 };

package/server/register.js

@@ -0,0 +1,11 @@
+'use strict';
+
+const registerDocumentationMiddleWare = require('./middlewares/documentation');
+
+/**
+ * Register upload plugin
+ * @param {{ strapi: import('@strapi/strapi').Strapi }}
+ */
+module.exports = async ({ strapi }) => {
+  await registerDocumentationMiddleWare({ strapi });
+};

package/server/routes/index.js

@@ -1,67 +1,60 @@
 'use strict';
+const restrictAccess = require('../middlewares/restrict-access');
 
 module.exports = [
   {
     method: 'GET',
     path: '/',
-    handler: 'Documentation.index',
+    handler: 'documentation.index',
     config: {
-      policies: [
-        'plugin::documentation.index',
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
-      ],
+      auth: false,
+      middlewares: [restrictAccess],
     },
   },
   {
     method: 'GET',
     path: '/v:major(\\d+).:minor(\\d+).:patch(\\d+)',
-    handler: 'Documentation.index',
+    handler: 'documentation.index',
     config: {
-      policies: [
-        'plugin::documentation.index',
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
-      ],
+      auth: false,
+      middlewares: [restrictAccess],
     },
   },
   {
     method: 'GET',
     path: '/login',
-    handler: 'Documentation.loginView',
+    handler: 'documentation.loginView',
     config: {
-      policies: [
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
-      ],
+      auth: false,
     },
   },
   {
     method: 'POST',
     path: '/login',
-    handler: 'Documentation.login',
+    handler: 'documentation.login',
     config: {
-      policies: [
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
-      ],
+      auth: false,
     },
   },
   {
     method: 'GET',
     path: '/getInfos',
-    handler: 'Documentation.getInfos',
+    handler: 'documentation.getInfos',
     config: {
       policies: [
-        { name: 'admin::hasPermissions', options: { actions: ['plugin::documentation.read'] } },
+        { name: 'admin::hasPermissions', config: { actions: ['plugin::documentation.read'] } },
       ],
     },
   },
   {
     method: 'POST',
     path: '/regenerateDoc',
-    handler: 'Documentation.regenerateDoc',
+    handler: 'documentation.regenerateDoc',
     config: {
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: { actions: ['plugin::documentation.settings.regenerate'] },
+          config: { actions: ['plugin::documentation.settings.regenerate'] },
         },
       ],
     },
@@ -69,12 +62,12 @@ module.exports = [
   {
     method: 'PUT',
     path: '/updateSettings',
-    handler: 'Documentation.updateSettings',
+    handler: 'documentation.updateSettings',
     config: {
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: { actions: ['plugin::documentation.settings.update'] },
+          config: { actions: ['plugin::documentation.settings.update'] },
         },
       ],
     },
@@ -82,7 +75,7 @@ module.exports = [
   {
     method: 'DELETE',
     path: '/deleteDoc/:version',
-    handler: 'Documentation.deleteDoc',
+    handler: 'documentation.deleteDoc',
     config: {
       policies: [],
     },