npm - @strapi/plugin-users-permissions - Versions diffs - 0.0.0-4fc90398602f - Mend

@strapi/plugin-users-permissions 0.0.0-4fc90398602f

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (168) hide show

package/LICENSE +22 -0
package/README.md +1 -0
package/admin/src/components/BoundRoute/getMethodColor.js +41 -0
package/admin/src/components/BoundRoute/index.js +72 -0
package/admin/src/components/FormModal/Input/index.js +121 -0
package/admin/src/components/FormModal/index.js +121 -0
package/admin/src/components/Permissions/PermissionRow/CheckboxWrapper.js +30 -0
package/admin/src/components/Permissions/PermissionRow/SubCategory.js +114 -0
package/admin/src/components/Permissions/PermissionRow/index.js +53 -0
package/admin/src/components/Permissions/index.js +56 -0
package/admin/src/components/Permissions/init.js +9 -0
package/admin/src/components/Permissions/reducer.js +27 -0
package/admin/src/components/Policies/index.js +60 -0
package/admin/src/components/UsersPermissions/index.js +94 -0
package/admin/src/components/UsersPermissions/init.js +10 -0
package/admin/src/components/UsersPermissions/reducer.js +60 -0
package/admin/src/contexts/UsersPermissionsContext/index.js +17 -0
package/admin/src/hooks/index.js +5 -0
package/admin/src/hooks/useFetchRole/index.js +64 -0
package/admin/src/hooks/useFetchRole/reducer.js +31 -0
package/admin/src/hooks/useForm/index.js +70 -0
package/admin/src/hooks/useForm/reducer.js +40 -0
package/admin/src/hooks/usePlugins/index.js +65 -0
package/admin/src/hooks/usePlugins/init.js +5 -0
package/admin/src/hooks/usePlugins/reducer.js +34 -0
package/admin/src/hooks/useRolesList/index.js +63 -0
package/admin/src/hooks/useRolesList/init.js +5 -0
package/admin/src/hooks/useRolesList/reducer.js +31 -0
package/admin/src/index.js +123 -0
package/admin/src/pages/AdvancedSettings/index.js +238 -0
package/admin/src/pages/AdvancedSettings/utils/api.js +13 -0
package/admin/src/pages/AdvancedSettings/utils/layout.js +96 -0
package/admin/src/pages/AdvancedSettings/utils/schema.js +19 -0
package/admin/src/pages/EmailTemplates/components/EmailForm.js +173 -0
package/admin/src/pages/EmailTemplates/components/EmailTable.js +121 -0
package/admin/src/pages/EmailTemplates/index.js +162 -0
package/admin/src/pages/EmailTemplates/utils/api.js +13 -0
package/admin/src/pages/EmailTemplates/utils/schema.js +22 -0
package/admin/src/pages/Providers/index.js +274 -0
package/admin/src/pages/Providers/reducer.js +54 -0
package/admin/src/pages/Providers/utils/api.js +21 -0
package/admin/src/pages/Providers/utils/createProvidersArray.js +21 -0
package/admin/src/pages/Providers/utils/forms.js +244 -0
package/admin/src/pages/Roles/CreatePage/index.js +177 -0
package/admin/src/pages/Roles/CreatePage/utils/schema.js +9 -0
package/admin/src/pages/Roles/EditPage/index.js +190 -0
package/admin/src/pages/Roles/EditPage/utils/schema.js +9 -0
package/admin/src/pages/Roles/ListPage/components/TableBody.js +96 -0
package/admin/src/pages/Roles/ListPage/index.js +216 -0
package/admin/src/pages/Roles/ListPage/utils/api.js +28 -0
package/admin/src/pages/Roles/ProtectedCreatePage/index.js +12 -0
package/admin/src/pages/Roles/ProtectedEditPage/index.js +12 -0
package/admin/src/pages/Roles/ProtectedListPage/index.js +15 -0
package/admin/src/pages/Roles/index.js +27 -0
package/admin/src/permissions.js +31 -0
package/admin/src/pluginId.js +5 -0
package/admin/src/translations/ar.json +40 -0
package/admin/src/translations/cs.json +46 -0
package/admin/src/translations/de.json +58 -0
package/admin/src/translations/dk.json +83 -0
package/admin/src/translations/en.json +83 -0
package/admin/src/translations/es.json +83 -0
package/admin/src/translations/fr.json +46 -0
package/admin/src/translations/id.json +58 -0
package/admin/src/translations/it.json +58 -0
package/admin/src/translations/ja.json +44 -0
package/admin/src/translations/ko.json +83 -0
package/admin/src/translations/ms.json +45 -0
package/admin/src/translations/nl.json +44 -0
package/admin/src/translations/pl.json +83 -0
package/admin/src/translations/pt-BR.json +40 -0
package/admin/src/translations/pt.json +44 -0
package/admin/src/translations/ru.json +58 -0
package/admin/src/translations/sk.json +46 -0
package/admin/src/translations/sv.json +58 -0
package/admin/src/translations/th.json +56 -0
package/admin/src/translations/tr.json +44 -0
package/admin/src/translations/uk.json +45 -0
package/admin/src/translations/vi.json +46 -0
package/admin/src/translations/zh-Hans.json +62 -0
package/admin/src/translations/zh.json +44 -0
package/admin/src/utils/axiosInstance.js +36 -0
package/admin/src/utils/cleanPermissions.js +25 -0
package/admin/src/utils/formatPluginName.js +26 -0
package/admin/src/utils/formatPolicies.js +8 -0
package/admin/src/utils/getRequestURL.js +5 -0
package/admin/src/utils/getTrad.js +5 -0
package/admin/src/utils/index.js +5 -0
package/documentation/content-api.yaml +848 -0
package/jest.config.front.js +10 -0
package/package.json +60 -0
package/server/bootstrap/grant-config.js +123 -0
package/server/bootstrap/index.js +133 -0
package/server/bootstrap/users-permissions-actions.js +80 -0
package/server/config.js +23 -0
package/server/content-types/index.js +11 -0
package/server/content-types/permission/index.js +34 -0
package/server/content-types/role/index.js +51 -0
package/server/content-types/user/index.js +72 -0
package/server/content-types/user/schema-config.js +15 -0
package/server/controllers/auth.js +398 -0
package/server/controllers/content-manager-user.js +175 -0
package/server/controllers/index.js +17 -0
package/server/controllers/permissions.js +26 -0
package/server/controllers/role.js +77 -0
package/server/controllers/settings.js +85 -0
package/server/controllers/user.js +198 -0
package/server/controllers/validation/auth.js +57 -0
package/server/controllers/validation/email-template.js +50 -0
package/server/controllers/validation/user.js +26 -0
package/server/graphql/index.js +44 -0
package/server/graphql/mutations/auth/change-password.js +38 -0
package/server/graphql/mutations/auth/email-confirmation.js +39 -0
package/server/graphql/mutations/auth/forgot-password.js +35 -0
package/server/graphql/mutations/auth/login.js +35 -0
package/server/graphql/mutations/auth/register.js +36 -0
package/server/graphql/mutations/auth/reset-password.js +38 -0
package/server/graphql/mutations/crud/role/create-role.js +34 -0
package/server/graphql/mutations/crud/role/delete-role.js +25 -0
package/server/graphql/mutations/crud/role/update-role.js +35 -0
package/server/graphql/mutations/crud/user/create-user.js +45 -0
package/server/graphql/mutations/crud/user/delete-user.js +39 -0
package/server/graphql/mutations/crud/user/update-user.js +46 -0
package/server/graphql/mutations/index.js +43 -0
package/server/graphql/queries/index.js +13 -0
package/server/graphql/queries/me.js +17 -0
package/server/graphql/resolvers-configs.js +42 -0
package/server/graphql/types/create-role-payload.js +11 -0
package/server/graphql/types/delete-role-payload.js +11 -0
package/server/graphql/types/index.js +21 -0
package/server/graphql/types/login-input.js +13 -0
package/server/graphql/types/login-payload.js +12 -0
package/server/graphql/types/me-role.js +14 -0
package/server/graphql/types/me.js +16 -0
package/server/graphql/types/password-payload.js +11 -0
package/server/graphql/types/register-input.js +13 -0
package/server/graphql/types/update-role-payload.js +11 -0
package/server/graphql/utils.js +27 -0
package/server/index.js +21 -0
package/server/middlewares/index.js +7 -0
package/server/middlewares/rateLimit.js +27 -0
package/server/register.js +23 -0
package/server/routes/admin/index.js +10 -0
package/server/routes/admin/permissions.js +20 -0
package/server/routes/admin/role.js +79 -0
package/server/routes/admin/settings.js +95 -0
package/server/routes/content-api/auth.js +82 -0
package/server/routes/content-api/index.js +11 -0
package/server/routes/content-api/permissions.js +9 -0
package/server/routes/content-api/role.js +29 -0
package/server/routes/content-api/user.js +60 -0
package/server/routes/index.js +6 -0
package/server/services/index.js +17 -0
package/server/services/jwt.js +55 -0
package/server/services/providers-registry.js +292 -0
package/server/services/providers.js +115 -0
package/server/services/role.js +177 -0
package/server/services/user.js +140 -0
package/server/services/users-permissions.js +236 -0
package/server/strategies/users-permissions.js +102 -0
package/server/utils/index.d.ts +16 -0
package/server/utils/index.js +12 -0
package/server/utils/sanitize/index.js +9 -0
package/server/utils/sanitize/sanitizers.js +19 -0
package/server/utils/sanitize/visitors/index.js +5 -0
package/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js +11 -0
package/strapi-admin.js +3 -0
package/strapi-server.js +3 -0

package/server/graphql/mutations/crud/role/create-role.js ADDED Viewed

@@ -0,0 +1,34 @@
+'use strict';
+const { toPlainObject } = require('lodash/fp');
+const usersPermissionsRoleUID = 'plugin::users-permissions.role';
+module.exports = ({ nexus, strapi }) => {
+  const { getContentTypeInputName } = strapi.plugin('graphql').service('utils').naming;
+  const { nonNull } = nexus;
+  const roleContentType = strapi.getModel(usersPermissionsRoleUID);
+  const roleInputName = getContentTypeInputName(roleContentType);
+  return {
+    type: 'UsersPermissionsCreateRolePayload',
+    args: {
+      data: nonNull(roleInputName),
+    },
+    description: 'Create a new role',
+    async resolve(parent, args, context) {
+      const { koaContext } = context;
+      koaContext.request.body = toPlainObject(args.data);
+      await strapi.plugin('users-permissions').controller('role').createRole(koaContext);
+      return { ok: true };
+    },
+  };
+};

package/server/graphql/mutations/crud/role/delete-role.js ADDED Viewed

@@ -0,0 +1,25 @@
+'use strict';
+module.exports = ({ nexus, strapi }) => {
+  const { nonNull } = nexus;
+  return {
+    type: 'UsersPermissionsDeleteRolePayload',
+    args: {
+      id: nonNull('ID'),
+    },
+    description: 'Delete an existing role',
+    async resolve(parent, args, context) {
+      const { koaContext } = context;
+      koaContext.params = { role: args.id };
+      await strapi.plugin('users-permissions').controller('role').deleteRole(koaContext);
+      return { ok: true };
+    },
+  };
+};

package/server/graphql/mutations/crud/role/update-role.js ADDED Viewed

@@ -0,0 +1,35 @@
+'use strict';
+const usersPermissionsRoleUID = 'plugin::users-permissions.role';
+module.exports = ({ nexus, strapi }) => {
+  const { getContentTypeInputName } = strapi.plugin('graphql').service('utils').naming;
+  const { nonNull } = nexus;
+  const roleContentType = strapi.getModel(usersPermissionsRoleUID);
+  const roleInputName = getContentTypeInputName(roleContentType);
+  return {
+    type: 'UsersPermissionsUpdateRolePayload',
+    args: {
+      id: nonNull('ID'),
+      data: nonNull(roleInputName),
+    },
+    description: 'Update an existing role',
+    async resolve(parent, args, context) {
+      const { koaContext } = context;
+      koaContext.params = { role: args.id };
+      koaContext.request.body = args.data;
+      koaContext.request.body.role = args.id;
+      await strapi.plugin('users-permissions').controller('role').updateRole(koaContext);
+      return { ok: true };
+    },
+  };
+};

package/server/graphql/mutations/crud/user/create-user.js ADDED Viewed

@@ -0,0 +1,45 @@
+'use strict';
+const { toPlainObject } = require('lodash/fp');
+const { checkBadRequest } = require('../../../utils');
+const usersPermissionsUserUID = 'plugin::users-permissions.user';
+module.exports = ({ nexus, strapi }) => {
+  const { nonNull } = nexus;
+  const { getContentTypeInputName, getEntityResponseName } = strapi
+    .plugin('graphql')
+    .service('utils').naming;
+  const userContentType = strapi.getModel(usersPermissionsUserUID);
+  const userInputName = getContentTypeInputName(userContentType);
+  const responseName = getEntityResponseName(userContentType);
+  return {
+    type: nonNull(responseName),
+    args: {
+      data: nonNull(userInputName),
+    },
+    description: 'Create a new user',
+    async resolve(parent, args, context) {
+      const { koaContext } = context;
+      koaContext.params = {};
+      koaContext.request.body = toPlainObject(args.data);
+      await strapi.plugin('users-permissions').controller('user').create(koaContext);
+      checkBadRequest(koaContext.body);
+      return {
+        value: koaContext.body,
+        info: { args, resourceUID: 'plugin::users-permissions.user' },
+      };
+    },
+  };
+};

package/server/graphql/mutations/crud/user/delete-user.js ADDED Viewed

@@ -0,0 +1,39 @@
+'use strict';
+const { checkBadRequest } = require('../../../utils');
+const usersPermissionsUserUID = 'plugin::users-permissions.user';
+module.exports = ({ nexus, strapi }) => {
+  const { nonNull } = nexus;
+  const { getEntityResponseName } = strapi.plugin('graphql').service('utils').naming;
+  const userContentType = strapi.getModel(usersPermissionsUserUID);
+  const responseName = getEntityResponseName(userContentType);
+  return {
+    type: nonNull(responseName),
+    args: {
+      id: nonNull('ID'),
+    },
+    description: 'Delete an existing user',
+    async resolve(parent, args, context) {
+      const { koaContext } = context;
+      koaContext.params = { id: args.id };
+      await strapi.plugin('users-permissions').controller('user').destroy(koaContext);
+      checkBadRequest(koaContext.body);
+      return {
+        value: koaContext.body,
+        info: { args, resourceUID: 'plugin::users-permissions.user' },
+      };
+    },
+  };
+};

package/server/graphql/mutations/crud/user/update-user.js ADDED Viewed

@@ -0,0 +1,46 @@
+'use strict';
+const { toPlainObject } = require('lodash/fp');
+const { checkBadRequest } = require('../../../utils');
+const usersPermissionsUserUID = 'plugin::users-permissions.user';
+module.exports = ({ nexus, strapi }) => {
+  const { nonNull } = nexus;
+  const { getContentTypeInputName, getEntityResponseName } = strapi
+    .plugin('graphql')
+    .service('utils').naming;
+  const userContentType = strapi.getModel(usersPermissionsUserUID);
+  const userInputName = getContentTypeInputName(userContentType);
+  const responseName = getEntityResponseName(userContentType);
+  return {
+    type: nonNull(responseName),
+    args: {
+      id: nonNull('ID'),
+      data: nonNull(userInputName),
+    },
+    description: 'Update an existing user',
+    async resolve(parent, args, context) {
+      const { koaContext } = context;
+      koaContext.params = { id: args.id };
+      koaContext.request.body = toPlainObject(args.data);
+      await strapi.plugin('users-permissions').controller('user').update(koaContext);
+      checkBadRequest(koaContext.body);
+      return {
+        value: koaContext.body,
+        info: { args, resourceUID: 'plugin::users-permissions.user' },
+      };
+    },
+  };
+};

package/server/graphql/mutations/index.js ADDED Viewed

@@ -0,0 +1,43 @@
+'use strict';
+const userUID = 'plugin::users-permissions.user';
+const roleUID = 'plugin::users-permissions.role';
+module.exports = (context) => {
+  const { nexus, strapi } = context;
+  const { naming } = strapi.plugin('graphql').service('utils');
+  const user = strapi.getModel(userUID);
+  const role = strapi.getModel(roleUID);
+  const mutations = {
+    // CRUD (user & role)
+    [naming.getCreateMutationTypeName(role)]: require('./crud/role/create-role'),
+    [naming.getUpdateMutationTypeName(role)]: require('./crud/role/update-role'),
+    [naming.getDeleteMutationTypeName(role)]: require('./crud/role/delete-role'),
+    [naming.getCreateMutationTypeName(user)]: require('./crud/user/create-user'),
+    [naming.getUpdateMutationTypeName(user)]: require('./crud/user/update-user'),
+    [naming.getDeleteMutationTypeName(user)]: require('./crud/user/delete-user'),
+    // Other mutations
+    login: require('./auth/login'),
+    register: require('./auth/register'),
+    forgotPassword: require('./auth/forgot-password'),
+    resetPassword: require('./auth/reset-password'),
+    changePassword: require('./auth/change-password'),
+    emailConfirmation: require('./auth/email-confirmation'),
+  };
+  return nexus.extendType({
+    type: 'Mutation',
+    definition(t) {
+      for (const [name, getConfig] of Object.entries(mutations)) {
+        const config = getConfig(context);
+        t.field(name, config);
+      }
+    },
+  });
+};

package/server/graphql/queries/index.js ADDED Viewed

@@ -0,0 +1,13 @@
+'use strict';
+const me = require('./me');
+module.exports = ({ nexus }) => {
+  return nexus.extendType({
+    type: 'Query',
+    definition(t) {
+      t.field('me', me({ nexus }));
+    },
+  });
+};

package/server/graphql/queries/me.js ADDED Viewed

@@ -0,0 +1,17 @@
+'use strict';
+module.exports = () => ({
+  type: 'UsersPermissionsMe',
+  args: {},
+  resolve(parent, args, context) {
+    const { user } = context.state;
+    if (!user) {
+      throw new Error('Authentication requested');
+    }
+    return user;
+  },
+});

package/server/graphql/resolvers-configs.js ADDED Viewed

@@ -0,0 +1,42 @@
+'use strict';
+const userUID = 'plugin::users-permissions.user';
+const roleUID = 'plugin::users-permissions.role';
+module.exports = ({ strapi }) => {
+  const { naming } = strapi.plugin('graphql').service('utils');
+  const user = strapi.getModel(userUID);
+  const role = strapi.getModel(roleUID);
+  const createRole = naming.getCreateMutationTypeName(role);
+  const updateRole = naming.getUpdateMutationTypeName(role);
+  const deleteRole = naming.getDeleteMutationTypeName(role);
+  const createUser = naming.getCreateMutationTypeName(user);
+  const updateUser = naming.getUpdateMutationTypeName(user);
+  const deleteUser = naming.getDeleteMutationTypeName(user);
+  return {
+    // Disabled auth for some operations
+    'Mutation.login': { auth: false },
+    'Mutation.register': { auth: false },
+    'Mutation.forgotPassword': { auth: false },
+    'Mutation.resetPassword': { auth: false },
+    'Mutation.emailConfirmation': { auth: false },
+    'Mutation.changePassword': {
+      auth: {
+        scope: 'plugin::users-permissions.auth.changePassword',
+      },
+    },
+    // Scoped auth for replaced CRUD operations
+    // Role
+    [`Mutation.${createRole}`]: { auth: { scope: [`${roleUID}.createRole`] } },
+    [`Mutation.${updateRole}`]: { auth: { scope: [`${roleUID}.updateRole`] } },
+    [`Mutation.${deleteRole}`]: { auth: { scope: [`${roleUID}.deleteRole`] } },
+    // User
+    [`Mutation.${createUser}`]: { auth: { scope: [`${userUID}.create`] } },
+    [`Mutation.${updateUser}`]: { auth: { scope: [`${userUID}.update`] } },
+    [`Mutation.${deleteUser}`]: { auth: { scope: [`${userUID}.destroy`] } },
+  };
+};

package/server/graphql/types/create-role-payload.js ADDED Viewed

@@ -0,0 +1,11 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.objectType({
+    name: 'UsersPermissionsCreateRolePayload',
+    definition(t) {
+      t.nonNull.boolean('ok');
+    },
+  });
+};

package/server/graphql/types/delete-role-payload.js ADDED Viewed

@@ -0,0 +1,11 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.objectType({
+    name: 'UsersPermissionsDeleteRolePayload',
+    definition(t) {
+      t.nonNull.boolean('ok');
+    },
+  });
+};

package/server/graphql/types/index.js ADDED Viewed

@@ -0,0 +1,21 @@
+'use strict';
+const typesFactories = [
+  require('./me'),
+  require('./me-role'),
+  require('./register-input'),
+  require('./login-input'),
+  require('./password-payload'),
+  require('./login-payload'),
+  require('./create-role-payload'),
+  require('./update-role-payload'),
+  require('./delete-role-payload'),
+];
+/**
+ * @param {object} context
+ * @param {object} context.nexus
+ * @param {object} context.strapi
+ * @return {any[]}
+ */
+module.exports = (context) => typesFactories.map((factory) => factory(context));

package/server/graphql/types/login-input.js ADDED Viewed

@@ -0,0 +1,13 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.inputObjectType({
+    name: 'UsersPermissionsLoginInput',
+    definition(t) {
+      t.nonNull.string('identifier');
+      t.nonNull.string('password');
+      t.nonNull.string('provider', { default: 'local' });
+    },
+  });
+};

package/server/graphql/types/login-payload.js ADDED Viewed

@@ -0,0 +1,12 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.objectType({
+    name: 'UsersPermissionsLoginPayload',
+    definition(t) {
+      t.string('jwt');
+      t.nonNull.field('user', { type: 'UsersPermissionsMe' });
+    },
+  });
+};

package/server/graphql/types/me-role.js ADDED Viewed

@@ -0,0 +1,14 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.objectType({
+    name: 'UsersPermissionsMeRole',
+    definition(t) {
+      t.nonNull.id('id');
+      t.nonNull.string('name');
+      t.string('description');
+      t.string('type');
+    },
+  });
+};

package/server/graphql/types/me.js ADDED Viewed

@@ -0,0 +1,16 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.objectType({
+    name: 'UsersPermissionsMe',
+    definition(t) {
+      t.nonNull.id('id');
+      t.nonNull.string('username');
+      t.string('email');
+      t.boolean('confirmed');
+      t.boolean('blocked');
+      t.field('role', { type: 'UsersPermissionsMeRole' });
+    },
+  });
+};

package/server/graphql/types/password-payload.js ADDED Viewed

@@ -0,0 +1,11 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.objectType({
+    name: 'UsersPermissionsPasswordPayload',
+    definition(t) {
+      t.nonNull.boolean('ok');
+    },
+  });
+};

package/server/graphql/types/register-input.js ADDED Viewed

@@ -0,0 +1,13 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.inputObjectType({
+    name: 'UsersPermissionsRegisterInput',
+    definition(t) {
+      t.nonNull.string('username');
+      t.nonNull.string('email');
+      t.nonNull.string('password');
+    },
+  });
+};

package/server/graphql/types/update-role-payload.js ADDED Viewed

@@ -0,0 +1,11 @@
+'use strict';
+module.exports = ({ nexus }) => {
+  return nexus.objectType({
+    name: 'UsersPermissionsUpdateRolePayload',
+    definition(t) {
+      t.nonNull.boolean('ok');
+    },
+  });
+};

package/server/graphql/utils.js ADDED Viewed

@@ -0,0 +1,27 @@
+'use strict';
+const { getOr } = require('lodash/fp');
+/**
+ * Throws an ApolloError if context body contains a bad request
+ * @param contextBody - body of the context object given to the resolver
+ * @throws ApolloError if the body is a bad request
+ */
+function checkBadRequest(contextBody) {
+  const statusCode = getOr(200, 'statusCode', contextBody);
+  if (statusCode !== 200) {
+    const errorMessage = getOr('Bad Request', 'error', contextBody);
+    const exception = new Error(errorMessage);
+    exception.code = statusCode || 400;
+    exception.data = contextBody;
+    throw exception;
+  }
+}
+module.exports = {
+  checkBadRequest,
+};

package/server/index.js ADDED Viewed

@@ -0,0 +1,21 @@
+'use strict';
+const register = require('./register');
+const bootstrap = require('./bootstrap');
+const contentTypes = require('./content-types');
+const middlewares = require('./middlewares');
+const services = require('./services');
+const routes = require('./routes');
+const controllers = require('./controllers');
+const config = require('./config');
+module.exports = () => ({
+  register,
+  bootstrap,
+  config,
+  routes,
+  controllers,
+  contentTypes,
+  middlewares,
+  services,
+});

package/server/middlewares/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+'use strict';
+const rateLimit = require('./rateLimit');
+module.exports = {
+  rateLimit,
+};

package/server/middlewares/rateLimit.js ADDED Viewed

@@ -0,0 +1,27 @@
+'use strict';
+module.exports =
+  (config, { strapi }) =>
+  async (ctx, next) => {
+    const ratelimit = require('koa2-ratelimit').RateLimit;
+    const message = [
+      {
+        messages: [
+          {
+            id: 'Auth.form.error.ratelimit',
+            message: 'Too many attempts, please try again in a minute.',
+          },
+        ],
+      },
+    ];
+    return ratelimit.middleware({
+      interval: 1 * 60 * 1000,
+      max: 5,
+      prefixKey: `${ctx.request.path}:${ctx.request.ip}`,
+      message,
+      ...strapi.config.get('plugin.users-permissions.ratelimit'),
+      ...config,
+    })(ctx, next);
+  };

package/server/register.js ADDED Viewed

@@ -0,0 +1,23 @@
+'use strict';
+const fs = require('fs');
+const path = require('path');
+const authStrategy = require('./strategies/users-permissions');
+const sanitizers = require('./utils/sanitize/sanitizers');
+module.exports = ({ strapi }) => {
+  strapi.container.get('auth').register('content-api', authStrategy);
+  strapi.sanitizers.add('content-api.output', sanitizers.defaultSanitizeOutput);
+  if (strapi.plugin('graphql')) {
+    require('./graphql')({ strapi });
+  }
+  if (strapi.plugin('documentation')) {
+    const specPath = path.join(__dirname, '../documentation/content-api.yaml');
+    const spec = fs.readFileSync(specPath, 'utf8');
+    strapi.plugin('documentation').service('documentation').registerDoc(spec);
+  }
+};

package/server/routes/admin/index.js ADDED Viewed

@@ -0,0 +1,10 @@
+'use strict';
+const permissionsRoutes = require('./permissions');
+const settingsRoutes = require('./settings');
+const roleRoutes = require('./role');
+module.exports = {
+  type: 'admin',
+  routes: [...roleRoutes, ...settingsRoutes, ...permissionsRoutes],
+};

package/server/routes/admin/permissions.js ADDED Viewed

@@ -0,0 +1,20 @@
+'use strict';
+module.exports = [
+  {
+    method: 'GET',
+    path: '/permissions',
+    handler: 'permissions.getPermissions',
+  },
+  {
+    method: 'GET',
+    path: '/policies',
+    handler: 'permissions.getPolicies',
+  },
+  {
+    method: 'GET',
+    path: '/routes',
+    handler: 'permissions.getRoutes',
+  },
+];