@strapi/plugin-users-permissions 0.0.0-next.e21fe90bf2ab9906267ea6e6ca620bdcc729906c → 0.0.0-next.e2e3ca14971ee768e1a227a209362264fd0132d4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin/src/components/Permissions/PermissionRow/SubCategory.jsx +8 -1
- package/admin/src/components/Policies/index.jsx +1 -0
- package/admin/src/components/UsersPermissions/index.jsx +1 -0
- package/admin/src/pages/EmailTemplates/components/EmailForm.jsx +2 -1
- package/admin/src/pages/Providers/index.jsx +74 -76
- package/admin/src/pages/Roles/pages/CreatePage.jsx +20 -7
- package/admin/src/pages/Roles/pages/EditPage.jsx +12 -7
- package/admin/src/pages/Roles/pages/ListPage/index.jsx +91 -93
- package/admin/src/translations/en.json +1 -0
- package/admin/src/utils/formatPluginName.js +1 -1
- package/dist/admin/components/FormModal/Input/index.js.map +1 -1
- package/dist/admin/components/FormModal/Input/index.mjs.map +1 -1
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.js +3 -1
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.js.map +1 -1
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.mjs +3 -1
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.mjs.map +1 -1
- package/dist/admin/components/Permissions/PermissionRow/index.js.map +1 -1
- package/dist/admin/components/Permissions/PermissionRow/index.mjs.map +1 -1
- package/dist/admin/components/Policies/index.js +1 -0
- package/dist/admin/components/Policies/index.js.map +1 -1
- package/dist/admin/components/Policies/index.mjs +1 -0
- package/dist/admin/components/Policies/index.mjs.map +1 -1
- package/dist/admin/components/UsersPermissions/index.js +1 -0
- package/dist/admin/components/UsersPermissions/index.js.map +1 -1
- package/dist/admin/components/UsersPermissions/index.mjs +1 -0
- package/dist/admin/components/UsersPermissions/index.mjs.map +1 -1
- package/dist/admin/pages/EmailTemplates/components/EmailForm.js +2 -1
- package/dist/admin/pages/EmailTemplates/components/EmailForm.js.map +1 -1
- package/dist/admin/pages/EmailTemplates/components/EmailForm.mjs +2 -1
- package/dist/admin/pages/EmailTemplates/components/EmailForm.mjs.map +1 -1
- package/dist/admin/pages/Providers/index.js +84 -88
- package/dist/admin/pages/Providers/index.js.map +1 -1
- package/dist/admin/pages/Providers/index.mjs +84 -88
- package/dist/admin/pages/Providers/index.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/CreatePage.js +14 -1
- package/dist/admin/pages/Roles/pages/CreatePage.js.map +1 -1
- package/dist/admin/pages/Roles/pages/CreatePage.mjs +16 -3
- package/dist/admin/pages/Roles/pages/CreatePage.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/EditPage.js +13 -3
- package/dist/admin/pages/Roles/pages/EditPage.js.map +1 -1
- package/dist/admin/pages/Roles/pages/EditPage.mjs +14 -4
- package/dist/admin/pages/Roles/pages/EditPage.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.js +95 -99
- package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs +95 -99
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -1
- package/dist/admin/translations/en.json.js +1 -0
- package/dist/admin/translations/en.json.js.map +1 -1
- package/dist/admin/translations/en.json.mjs +1 -0
- package/dist/admin/translations/en.json.mjs.map +1 -1
- package/dist/admin/utils/formatPluginName.js +1 -1
- package/dist/admin/utils/formatPluginName.js.map +1 -1
- package/dist/admin/utils/formatPluginName.mjs +1 -1
- package/dist/admin/utils/formatPluginName.mjs.map +1 -1
- package/dist/admin/utils/getTrad.js.map +1 -1
- package/dist/admin/utils/getTrad.mjs.map +1 -1
- package/dist/admin/utils/prefixPluginTranslations.js.map +1 -1
- package/dist/admin/utils/prefixPluginTranslations.mjs.map +1 -1
- package/dist/server/bootstrap/index.js +28 -7
- package/dist/server/bootstrap/index.js.map +1 -1
- package/dist/server/bootstrap/index.mjs +28 -7
- package/dist/server/bootstrap/index.mjs.map +1 -1
- package/dist/server/config.js +16 -0
- package/dist/server/config.js.map +1 -1
- package/dist/server/config.mjs +16 -0
- package/dist/server/config.mjs.map +1 -1
- package/dist/server/controllers/auth.js +204 -3
- package/dist/server/controllers/auth.js.map +1 -1
- package/dist/server/controllers/auth.mjs +204 -3
- package/dist/server/controllers/auth.mjs.map +1 -1
- package/dist/server/controllers/content-manager-user.js +3 -3
- package/dist/server/controllers/content-manager-user.js.map +1 -1
- package/dist/server/controllers/content-manager-user.mjs +3 -3
- package/dist/server/controllers/content-manager-user.mjs.map +1 -1
- package/dist/server/controllers/validation/user.js +6 -1
- package/dist/server/controllers/validation/user.js.map +1 -1
- package/dist/server/controllers/validation/user.mjs +6 -1
- package/dist/server/controllers/validation/user.mjs.map +1 -1
- package/dist/server/graphql/resolvers-configs.js.map +1 -1
- package/dist/server/graphql/resolvers-configs.mjs.map +1 -1
- package/dist/server/middlewares/rateLimit.js.map +1 -1
- package/dist/server/middlewares/rateLimit.mjs.map +1 -1
- package/dist/server/routes/content-api/auth.js +155 -91
- package/dist/server/routes/content-api/auth.js.map +1 -1
- package/dist/server/routes/content-api/auth.mjs +155 -91
- package/dist/server/routes/content-api/auth.mjs.map +1 -1
- package/dist/server/routes/content-api/index.js +11 -9
- package/dist/server/routes/content-api/index.js.map +1 -1
- package/dist/server/routes/content-api/index.mjs +11 -9
- package/dist/server/routes/content-api/index.mjs.map +1 -1
- package/dist/server/routes/content-api/permissions.js +14 -7
- package/dist/server/routes/content-api/permissions.js.map +1 -1
- package/dist/server/routes/content-api/permissions.mjs +14 -7
- package/dist/server/routes/content-api/permissions.mjs.map +1 -1
- package/dist/server/routes/content-api/role.js +61 -27
- package/dist/server/routes/content-api/role.js.map +1 -1
- package/dist/server/routes/content-api/role.mjs +61 -27
- package/dist/server/routes/content-api/role.mjs.map +1 -1
- package/dist/server/routes/content-api/user.js +119 -57
- package/dist/server/routes/content-api/user.js.map +1 -1
- package/dist/server/routes/content-api/user.mjs +119 -57
- package/dist/server/routes/content-api/user.mjs.map +1 -1
- package/dist/server/routes/content-api/validation.js +217 -0
- package/dist/server/routes/content-api/validation.js.map +1 -0
- package/dist/server/routes/content-api/validation.mjs +215 -0
- package/dist/server/routes/content-api/validation.mjs.map +1 -0
- package/dist/server/services/constants.js +19 -0
- package/dist/server/services/constants.js.map +1 -0
- package/dist/server/services/constants.mjs +17 -0
- package/dist/server/services/constants.mjs.map +1 -0
- package/dist/server/services/jwt.js +45 -2
- package/dist/server/services/jwt.js.map +1 -1
- package/dist/server/services/jwt.mjs +45 -2
- package/dist/server/services/jwt.mjs.map +1 -1
- package/dist/server/services/providers-registry.js.map +1 -1
- package/dist/server/services/providers-registry.mjs.map +1 -1
- package/dist/server/services/role.js.map +1 -1
- package/dist/server/services/role.mjs.map +1 -1
- package/dist/server/services/user.js +29 -20
- package/dist/server/services/user.js.map +1 -1
- package/dist/server/services/user.mjs +29 -20
- package/dist/server/services/user.mjs.map +1 -1
- package/dist/server/services/users-permissions.js +4 -3
- package/dist/server/services/users-permissions.js.map +1 -1
- package/dist/server/services/users-permissions.mjs +4 -3
- package/dist/server/services/users-permissions.mjs.map +1 -1
- package/package.json +9 -8
- package/server/bootstrap/index.js +31 -0
- package/server/config.js +22 -0
- package/server/controllers/auth.js +248 -8
- package/server/controllers/content-manager-user.js +3 -4
- package/server/controllers/validation/user.js +12 -1
- package/server/routes/content-api/auth.js +119 -71
- package/server/routes/content-api/index.js +11 -4
- package/server/routes/content-api/permissions.js +14 -7
- package/server/routes/content-api/role.js +57 -27
- package/server/routes/content-api/user.js +108 -51
- package/server/routes/content-api/validation.js +250 -0
- package/server/services/constants.js +9 -0
- package/server/services/jwt.js +50 -2
- package/server/services/user.js +11 -0
- package/server/services/users-permissions.js +4 -2
|
@@ -0,0 +1,250 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { AbstractRouteValidator } = require('@strapi/utils');
|
|
4
|
+
const z = require('zod/v4');
|
|
5
|
+
|
|
6
|
+
class UsersPermissionsRouteValidator extends AbstractRouteValidator {
|
|
7
|
+
constructor(strapi) {
|
|
8
|
+
super();
|
|
9
|
+
this._strapi = strapi;
|
|
10
|
+
}
|
|
11
|
+
|
|
12
|
+
get userSchema() {
|
|
13
|
+
return z.object({
|
|
14
|
+
id: z.number(),
|
|
15
|
+
documentId: z.string(),
|
|
16
|
+
username: z.string(),
|
|
17
|
+
email: z.string(),
|
|
18
|
+
provider: z.string(),
|
|
19
|
+
confirmed: z.boolean(),
|
|
20
|
+
blocked: z.boolean(),
|
|
21
|
+
role: z
|
|
22
|
+
.union([
|
|
23
|
+
z.number(),
|
|
24
|
+
z.object({
|
|
25
|
+
id: z.number(),
|
|
26
|
+
name: z.string(),
|
|
27
|
+
description: z.string().nullable(),
|
|
28
|
+
type: z.string(),
|
|
29
|
+
createdAt: z.string(),
|
|
30
|
+
updatedAt: z.string(),
|
|
31
|
+
}),
|
|
32
|
+
])
|
|
33
|
+
.optional(),
|
|
34
|
+
createdAt: z.string(),
|
|
35
|
+
updatedAt: z.string(),
|
|
36
|
+
publishedAt: z.string(),
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
get roleSchema() {
|
|
41
|
+
return z.object({
|
|
42
|
+
id: z.number(),
|
|
43
|
+
documentId: z.string(),
|
|
44
|
+
name: z.string(),
|
|
45
|
+
description: z.string().nullable(),
|
|
46
|
+
type: z.string(),
|
|
47
|
+
createdAt: z.string(),
|
|
48
|
+
updatedAt: z.string(),
|
|
49
|
+
publishedAt: z.string(),
|
|
50
|
+
nb_users: z.number().optional(),
|
|
51
|
+
permissions: z
|
|
52
|
+
.record(
|
|
53
|
+
z.string(), // plugin name
|
|
54
|
+
z.object({
|
|
55
|
+
controllers: z.record(
|
|
56
|
+
z.string(), // controller name
|
|
57
|
+
z.record(
|
|
58
|
+
z.string(), // action name
|
|
59
|
+
z.object({
|
|
60
|
+
enabled: z.boolean(),
|
|
61
|
+
policy: z.string(),
|
|
62
|
+
})
|
|
63
|
+
)
|
|
64
|
+
),
|
|
65
|
+
})
|
|
66
|
+
)
|
|
67
|
+
.optional(),
|
|
68
|
+
users: z.array(z.unknown()).optional(),
|
|
69
|
+
});
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
get permissionSchema() {
|
|
73
|
+
return z.object({
|
|
74
|
+
id: z.number(),
|
|
75
|
+
action: z.string(),
|
|
76
|
+
role: z.object({
|
|
77
|
+
id: z.number(),
|
|
78
|
+
name: z.string(),
|
|
79
|
+
description: z.string().nullable(),
|
|
80
|
+
type: z.string(),
|
|
81
|
+
}),
|
|
82
|
+
createdAt: z.string(),
|
|
83
|
+
updatedAt: z.string(),
|
|
84
|
+
});
|
|
85
|
+
}
|
|
86
|
+
|
|
87
|
+
get authResponseSchema() {
|
|
88
|
+
return z.object({
|
|
89
|
+
jwt: z.string(),
|
|
90
|
+
refreshToken: z.string().optional(),
|
|
91
|
+
user: this.userSchema,
|
|
92
|
+
});
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
get authResponseWithoutJwtSchema() {
|
|
96
|
+
return z.object({
|
|
97
|
+
user: this.userSchema,
|
|
98
|
+
});
|
|
99
|
+
}
|
|
100
|
+
|
|
101
|
+
get authRegisterResponseSchema() {
|
|
102
|
+
return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
get forgotPasswordResponseSchema() {
|
|
106
|
+
return z.object({
|
|
107
|
+
ok: z.boolean(),
|
|
108
|
+
});
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
get sendEmailConfirmationResponseSchema() {
|
|
112
|
+
return z.object({
|
|
113
|
+
email: z.string(),
|
|
114
|
+
sent: z.boolean(),
|
|
115
|
+
});
|
|
116
|
+
}
|
|
117
|
+
|
|
118
|
+
get rolesResponseSchema() {
|
|
119
|
+
return z.object({
|
|
120
|
+
roles: z.array(this.roleSchema),
|
|
121
|
+
});
|
|
122
|
+
}
|
|
123
|
+
|
|
124
|
+
get roleResponseSchema() {
|
|
125
|
+
return z.object({
|
|
126
|
+
role: this.roleSchema,
|
|
127
|
+
});
|
|
128
|
+
}
|
|
129
|
+
|
|
130
|
+
get roleSuccessResponseSchema() {
|
|
131
|
+
return z.object({
|
|
132
|
+
ok: z.boolean(),
|
|
133
|
+
});
|
|
134
|
+
}
|
|
135
|
+
|
|
136
|
+
get permissionsResponseSchema() {
|
|
137
|
+
return z.object({
|
|
138
|
+
permissions: z.record(
|
|
139
|
+
z.string(), // plugin name
|
|
140
|
+
z.object({
|
|
141
|
+
controllers: z.record(
|
|
142
|
+
z.string(), // controller name
|
|
143
|
+
z.record(
|
|
144
|
+
z.string(), // action name
|
|
145
|
+
z.object({
|
|
146
|
+
enabled: z.boolean(),
|
|
147
|
+
policy: z.string(),
|
|
148
|
+
})
|
|
149
|
+
)
|
|
150
|
+
),
|
|
151
|
+
})
|
|
152
|
+
),
|
|
153
|
+
});
|
|
154
|
+
}
|
|
155
|
+
|
|
156
|
+
get loginBodySchema() {
|
|
157
|
+
return z.object({
|
|
158
|
+
identifier: z.string(),
|
|
159
|
+
password: z.string(),
|
|
160
|
+
});
|
|
161
|
+
}
|
|
162
|
+
|
|
163
|
+
get registerBodySchema() {
|
|
164
|
+
return z.object({
|
|
165
|
+
username: z.string(),
|
|
166
|
+
email: z.email(),
|
|
167
|
+
password: z.string(),
|
|
168
|
+
});
|
|
169
|
+
}
|
|
170
|
+
|
|
171
|
+
get forgotPasswordBodySchema() {
|
|
172
|
+
return z.object({
|
|
173
|
+
email: z.email(),
|
|
174
|
+
});
|
|
175
|
+
}
|
|
176
|
+
|
|
177
|
+
get resetPasswordBodySchema() {
|
|
178
|
+
return z.object({
|
|
179
|
+
code: z.string(),
|
|
180
|
+
password: z.string(),
|
|
181
|
+
passwordConfirmation: z.string(),
|
|
182
|
+
});
|
|
183
|
+
}
|
|
184
|
+
|
|
185
|
+
get changePasswordBodySchema() {
|
|
186
|
+
return z.object({
|
|
187
|
+
currentPassword: z.string(),
|
|
188
|
+
password: z.string(),
|
|
189
|
+
passwordConfirmation: z.string(),
|
|
190
|
+
});
|
|
191
|
+
}
|
|
192
|
+
|
|
193
|
+
get sendEmailConfirmationBodySchema() {
|
|
194
|
+
return z.object({
|
|
195
|
+
email: z.email(),
|
|
196
|
+
});
|
|
197
|
+
}
|
|
198
|
+
|
|
199
|
+
get createUserBodySchema() {
|
|
200
|
+
return z.object({
|
|
201
|
+
username: z.string(),
|
|
202
|
+
email: z.email(),
|
|
203
|
+
password: z.string(),
|
|
204
|
+
role: z.number().optional(),
|
|
205
|
+
});
|
|
206
|
+
}
|
|
207
|
+
|
|
208
|
+
get updateUserBodySchema() {
|
|
209
|
+
return z.object({
|
|
210
|
+
username: z.string().optional(),
|
|
211
|
+
email: z.email().optional(),
|
|
212
|
+
password: z.string().optional(),
|
|
213
|
+
role: z.number().optional(),
|
|
214
|
+
});
|
|
215
|
+
}
|
|
216
|
+
|
|
217
|
+
get createRoleBodySchema() {
|
|
218
|
+
return z.object({
|
|
219
|
+
name: z.string(),
|
|
220
|
+
description: z.string().optional(),
|
|
221
|
+
type: z.string(),
|
|
222
|
+
permissions: z.record(z.string(), z.unknown()).optional(),
|
|
223
|
+
});
|
|
224
|
+
}
|
|
225
|
+
|
|
226
|
+
get updateRoleBodySchema() {
|
|
227
|
+
return z.object({
|
|
228
|
+
name: z.string().optional(),
|
|
229
|
+
description: z.string().optional(),
|
|
230
|
+
type: z.string().optional(),
|
|
231
|
+
permissions: z.record(z.string(), z.unknown()).optional(),
|
|
232
|
+
});
|
|
233
|
+
}
|
|
234
|
+
|
|
235
|
+
get userIdParam() {
|
|
236
|
+
return z.string();
|
|
237
|
+
}
|
|
238
|
+
|
|
239
|
+
get roleIdParam() {
|
|
240
|
+
return z.string();
|
|
241
|
+
}
|
|
242
|
+
|
|
243
|
+
get providerParam() {
|
|
244
|
+
return z.string();
|
|
245
|
+
}
|
|
246
|
+
}
|
|
247
|
+
|
|
248
|
+
module.exports = {
|
|
249
|
+
UsersPermissionsRouteValidator,
|
|
250
|
+
};
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
module.exports = {
|
|
4
|
+
DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60, // 10 minutes
|
|
5
|
+
DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60, // 30 days
|
|
6
|
+
DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60, // 14 days
|
|
7
|
+
DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60, // 1 day
|
|
8
|
+
DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60, // 2 hours
|
|
9
|
+
};
|
package/server/services/jwt.js
CHANGED
|
@@ -29,6 +29,32 @@ module.exports = ({ strapi }) => ({
|
|
|
29
29
|
},
|
|
30
30
|
|
|
31
31
|
issue(payload, jwtOptions = {}) {
|
|
32
|
+
const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
|
|
33
|
+
|
|
34
|
+
if (mode === 'refresh') {
|
|
35
|
+
const userId = String(payload.id ?? payload.userId ?? '');
|
|
36
|
+
if (!userId) {
|
|
37
|
+
throw new Error('Cannot issue token: missing user id');
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
const issueRefreshToken = async () => {
|
|
41
|
+
const refresh = await strapi
|
|
42
|
+
.sessionManager('users-permissions')
|
|
43
|
+
.generateRefreshToken(userId, undefined, { type: 'refresh' });
|
|
44
|
+
|
|
45
|
+
const access = await strapi
|
|
46
|
+
.sessionManager('users-permissions')
|
|
47
|
+
.generateAccessToken(refresh.token);
|
|
48
|
+
if ('error' in access) {
|
|
49
|
+
throw new Error('Failed to generate access token');
|
|
50
|
+
}
|
|
51
|
+
|
|
52
|
+
return access.token;
|
|
53
|
+
};
|
|
54
|
+
|
|
55
|
+
return issueRefreshToken();
|
|
56
|
+
}
|
|
57
|
+
|
|
32
58
|
_.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));
|
|
33
59
|
return jwt.sign(
|
|
34
60
|
_.clone(payload.toJSON ? payload.toJSON() : payload),
|
|
@@ -37,12 +63,34 @@ module.exports = ({ strapi }) => ({
|
|
|
37
63
|
);
|
|
38
64
|
},
|
|
39
65
|
|
|
40
|
-
verify(token) {
|
|
66
|
+
async verify(token) {
|
|
67
|
+
const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
|
|
68
|
+
|
|
69
|
+
if (mode === 'refresh') {
|
|
70
|
+
// Accept only access tokens minted by the SessionManager for UP
|
|
71
|
+
const result = strapi.sessionManager('users-permissions').validateAccessToken(token);
|
|
72
|
+
if (!result.isValid || result.payload.type !== 'access') {
|
|
73
|
+
throw new Error('Invalid token.');
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
const user = await strapi.db
|
|
77
|
+
.query('plugin::users-permissions.user')
|
|
78
|
+
.findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });
|
|
79
|
+
if (!user) {
|
|
80
|
+
throw new Error('Invalid token.');
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
return { id: user.id };
|
|
84
|
+
}
|
|
85
|
+
|
|
41
86
|
return new Promise((resolve, reject) => {
|
|
87
|
+
const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
|
|
88
|
+
const algorithms = jwtConfig && jwtConfig.algorithm ? [jwtConfig.algorithm] : undefined;
|
|
89
|
+
|
|
42
90
|
jwt.verify(
|
|
43
91
|
token,
|
|
44
92
|
strapi.config.get('plugin::users-permissions.jwtSecret'),
|
|
45
|
-
{},
|
|
93
|
+
algorithms ? { algorithms } : {},
|
|
46
94
|
(err, tokenPayload = {}) => {
|
|
47
95
|
if (err) {
|
|
48
96
|
return reject(new Error('Invalid token.'));
|
package/server/services/user.js
CHANGED
|
@@ -16,6 +16,11 @@ const { getService } = require('../utils');
|
|
|
16
16
|
|
|
17
17
|
const USER_MODEL_UID = 'plugin::users-permissions.user';
|
|
18
18
|
|
|
19
|
+
const getSessionManager = () => {
|
|
20
|
+
const manager = strapi.sessionManager;
|
|
21
|
+
return manager ?? null;
|
|
22
|
+
};
|
|
23
|
+
|
|
19
24
|
module.exports = ({ strapi }) => ({
|
|
20
25
|
/**
|
|
21
26
|
* Promise to count users
|
|
@@ -112,6 +117,12 @@ module.exports = ({ strapi }) => ({
|
|
|
112
117
|
* @return {Promise}
|
|
113
118
|
*/
|
|
114
119
|
async remove(params) {
|
|
120
|
+
// Invalidate sessions for all affected users
|
|
121
|
+
const sessionManager = getSessionManager();
|
|
122
|
+
if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {
|
|
123
|
+
await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));
|
|
124
|
+
}
|
|
125
|
+
|
|
115
126
|
return strapi.db.query(USER_MODEL_UID).delete({ where: params });
|
|
116
127
|
},
|
|
117
128
|
|
|
@@ -7,6 +7,7 @@ const {
|
|
|
7
7
|
template: { createStrictInterpolationRegExp },
|
|
8
8
|
errors,
|
|
9
9
|
objects,
|
|
10
|
+
sanitizeRoutesMapForSerialization,
|
|
10
11
|
} = require('@strapi/utils');
|
|
11
12
|
|
|
12
13
|
const { getService } = require('../utils');
|
|
@@ -99,7 +100,8 @@ module.exports = ({ strapi }) => ({
|
|
|
99
100
|
}
|
|
100
101
|
});
|
|
101
102
|
|
|
102
|
-
|
|
103
|
+
// Return a deeply cloned version to avoid circular references
|
|
104
|
+
return _.cloneDeep(actionMap);
|
|
103
105
|
},
|
|
104
106
|
|
|
105
107
|
async getRoutes() {
|
|
@@ -147,7 +149,7 @@ module.exports = ({ strapi }) => ({
|
|
|
147
149
|
}));
|
|
148
150
|
});
|
|
149
151
|
|
|
150
|
-
return routesMap;
|
|
152
|
+
return sanitizeRoutesMapForSerialization(routesMap);
|
|
151
153
|
},
|
|
152
154
|
|
|
153
155
|
async syncPermissions() {
|