@strapi/plugin-users-permissions 0.0.0-next.e9b6852d1c05518ff6e37d599321f7aa7aa0683b → 0.0.0-next.ea6e3b80ab37f554da4f8bde08dbfe9b57400d31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (244) hide show
  1. package/admin/src/components/BoundRoute/index.jsx +2 -2
  2. package/admin/src/components/FormModal/Input/index.jsx +32 -31
  3. package/admin/src/components/FormModal/index.jsx +57 -68
  4. package/admin/src/components/Permissions/PermissionRow/CheckboxWrapper.jsx +4 -3
  5. package/admin/src/components/Permissions/PermissionRow/SubCategory.jsx +13 -22
  6. package/admin/src/components/Permissions/index.jsx +27 -35
  7. package/admin/src/components/Permissions/reducer.js +1 -1
  8. package/admin/src/components/Policies/index.jsx +7 -5
  9. package/admin/src/components/UsersPermissions/index.jsx +15 -7
  10. package/admin/src/components/UsersPermissions/reducer.js +1 -1
  11. package/admin/src/index.js +15 -32
  12. package/admin/src/pages/AdvancedSettings/index.jsx +83 -128
  13. package/admin/src/pages/AdvancedSettings/utils/layout.js +20 -35
  14. package/admin/src/pages/AdvancedSettings/utils/schema.js +5 -2
  15. package/admin/src/pages/EmailTemplates/components/EmailForm.jsx +119 -139
  16. package/admin/src/pages/EmailTemplates/components/EmailTable.jsx +20 -17
  17. package/admin/src/pages/EmailTemplates/index.jsx +36 -62
  18. package/admin/src/pages/EmailTemplates/utils/schema.js +18 -6
  19. package/admin/src/pages/Providers/index.jsx +97 -112
  20. package/admin/src/pages/Providers/utils/forms.js +23 -11
  21. package/admin/src/pages/Roles/constants.js +3 -3
  22. package/admin/src/pages/Roles/hooks/usePlugins.js +4 -4
  23. package/admin/src/pages/Roles/index.jsx +9 -18
  24. package/admin/src/pages/Roles/pages/CreatePage.jsx +53 -58
  25. package/admin/src/pages/Roles/pages/EditPage.jsx +63 -68
  26. package/admin/src/pages/Roles/pages/ListPage/components/TableBody.jsx +27 -31
  27. package/admin/src/pages/Roles/pages/ListPage/index.jsx +79 -55
  28. package/admin/src/translations/en.json +1 -1
  29. package/admin/src/utils/prefixPluginTranslations.js +13 -0
  30. package/dist/_chunks/{ar-t5qTFaAD.js → ar-BguGUqwK.js} +1 -1
  31. package/dist/_chunks/ar-BguGUqwK.js.map +1 -0
  32. package/dist/_chunks/{ar-MvD8Ghac.mjs → ar-CK8BRRXB.mjs} +1 -1
  33. package/dist/_chunks/ar-CK8BRRXB.mjs.map +1 -0
  34. package/dist/_chunks/{cs-BMuXwxA1.mjs → cs-BVigMk0l.mjs} +1 -1
  35. package/dist/_chunks/cs-BVigMk0l.mjs.map +1 -0
  36. package/dist/_chunks/{cs-I8N4u-Sd.js → cs-BW8-K_GY.js} +1 -1
  37. package/dist/_chunks/cs-BW8-K_GY.js.map +1 -0
  38. package/dist/_chunks/{de-zs2qqc0W.mjs → de-BKUdRFI4.mjs} +1 -1
  39. package/dist/_chunks/de-BKUdRFI4.mjs.map +1 -0
  40. package/dist/_chunks/{de-YTjtq89K.js → de-owXpVluI.js} +1 -1
  41. package/dist/_chunks/de-owXpVluI.js.map +1 -0
  42. package/dist/_chunks/{dk-HctVBMsG.mjs → dk-BQiTK50l.mjs} +1 -1
  43. package/dist/_chunks/dk-BQiTK50l.mjs.map +1 -0
  44. package/dist/_chunks/{dk-TF-dWjzl.js → dk-LXAnbuBk.js} +1 -1
  45. package/dist/_chunks/dk-LXAnbuBk.js.map +1 -0
  46. package/dist/_chunks/{en-CE3wEy_c.mjs → en-DOHtPf-2.mjs} +2 -2
  47. package/dist/_chunks/en-DOHtPf-2.mjs.map +1 -0
  48. package/dist/_chunks/{en-m608rMZx.js → en-MHo5mcsU.js} +2 -2
  49. package/dist/_chunks/en-MHo5mcsU.js.map +1 -0
  50. package/dist/_chunks/{es-XBQsB8_9.js → es-BwLCLXAQ.js} +1 -1
  51. package/dist/_chunks/es-BwLCLXAQ.js.map +1 -0
  52. package/dist/_chunks/{es-9381tih_.mjs → es-DNgOVMjD.mjs} +1 -1
  53. package/dist/_chunks/es-DNgOVMjD.mjs.map +1 -0
  54. package/dist/_chunks/{fr-CMSc77If.mjs → fr-DkgRugiU.mjs} +1 -1
  55. package/dist/_chunks/fr-DkgRugiU.mjs.map +1 -0
  56. package/dist/_chunks/{fr-6cz3U-IF.js → fr-DkhpSjjm.js} +1 -1
  57. package/dist/_chunks/fr-DkhpSjjm.js.map +1 -0
  58. package/dist/_chunks/{id-RJ934rq-.js → id-BTemOeTZ.js} +1 -1
  59. package/dist/_chunks/id-BTemOeTZ.js.map +1 -0
  60. package/dist/_chunks/{id-SDuyIkZa.mjs → id-BdEsvnaF.mjs} +1 -1
  61. package/dist/_chunks/id-BdEsvnaF.mjs.map +1 -0
  62. package/dist/_chunks/index-BEjCN543-C1E7ADbJ.mjs +11984 -0
  63. package/dist/_chunks/index-BEjCN543-C1E7ADbJ.mjs.map +1 -0
  64. package/dist/_chunks/index-BEjCN543-fMZ4nmrb.js +12008 -0
  65. package/dist/_chunks/index-BEjCN543-fMZ4nmrb.js.map +1 -0
  66. package/dist/_chunks/index-BHbow3DP.js +281 -0
  67. package/dist/_chunks/index-BHbow3DP.js.map +1 -0
  68. package/dist/_chunks/index-BWP-UyKQ.mjs +344 -0
  69. package/dist/_chunks/index-BWP-UyKQ.mjs.map +1 -0
  70. package/dist/_chunks/{index-PIkWT4fR.js → index-CJPwJ4vq.js} +255 -274
  71. package/dist/_chunks/index-CJPwJ4vq.js.map +1 -0
  72. package/dist/_chunks/{index-V3CiTkmR.mjs → index-CKeAk04T.mjs} +239 -256
  73. package/dist/_chunks/index-CKeAk04T.mjs.map +1 -0
  74. package/dist/_chunks/{index-j8_HHqx2.js → index-CWG-Md7l.js} +107 -105
  75. package/dist/_chunks/index-CWG-Md7l.js.map +1 -0
  76. package/dist/_chunks/{index-f7pS9YU1.js → index-CwilIFCz.js} +47 -51
  77. package/dist/_chunks/index-CwilIFCz.js.map +1 -0
  78. package/dist/_chunks/{index-RINRWbs5.mjs → index-DPgyhRuN.mjs} +104 -102
  79. package/dist/_chunks/index-DPgyhRuN.mjs.map +1 -0
  80. package/dist/_chunks/index-DnPMwDrT.js +366 -0
  81. package/dist/_chunks/index-DnPMwDrT.js.map +1 -0
  82. package/dist/_chunks/{index-M6VUX9Xe.mjs → index-N8czFM4v.mjs} +46 -50
  83. package/dist/_chunks/index-N8czFM4v.mjs.map +1 -0
  84. package/dist/_chunks/index-WoqT4Vkv.mjs +262 -0
  85. package/dist/_chunks/index-WoqT4Vkv.mjs.map +1 -0
  86. package/dist/_chunks/{it-bvH7DgQo.mjs → it-B-rv0E24.mjs} +1 -1
  87. package/dist/_chunks/it-B-rv0E24.mjs.map +1 -0
  88. package/dist/_chunks/{it-YhZOlM2X.js → it-D1rH6V6_.js} +1 -1
  89. package/dist/_chunks/it-D1rH6V6_.js.map +1 -0
  90. package/dist/_chunks/{ja-o_-JPvQv.mjs → ja-C8K-VBPD.mjs} +1 -1
  91. package/dist/_chunks/ja-C8K-VBPD.mjs.map +1 -0
  92. package/dist/_chunks/{ja-xssHUXFv.js → ja-DqShgTMf.js} +1 -1
  93. package/dist/_chunks/ja-DqShgTMf.js.map +1 -0
  94. package/dist/_chunks/{ko-C3mHUSJa.js → ko-B9DGEPWH.js} +1 -1
  95. package/dist/_chunks/ko-B9DGEPWH.js.map +1 -0
  96. package/dist/_chunks/{ko-XJbPSez_.mjs → ko-Busb0wIY.mjs} +1 -1
  97. package/dist/_chunks/ko-Busb0wIY.mjs.map +1 -0
  98. package/dist/_chunks/{ms-II5Ea73J.mjs → ms-ByvsQjRt.mjs} +1 -1
  99. package/dist/_chunks/ms-ByvsQjRt.mjs.map +1 -0
  100. package/dist/_chunks/{ms-d0hfg65Z.js → ms-CPBU3LWf.js} +1 -1
  101. package/dist/_chunks/ms-CPBU3LWf.js.map +1 -0
  102. package/dist/_chunks/{nl-vEy6TN0K.mjs → nl-5qO8Rpcy.mjs} +1 -1
  103. package/dist/_chunks/nl-5qO8Rpcy.mjs.map +1 -0
  104. package/dist/_chunks/{nl-TA7TfK_5.js → nl-CwNB6YoO.js} +1 -1
  105. package/dist/_chunks/nl-CwNB6YoO.js.map +1 -0
  106. package/dist/_chunks/{pl-2VowaFGt.mjs → pl-BdIzifBE.mjs} +1 -1
  107. package/dist/_chunks/pl-BdIzifBE.mjs.map +1 -0
  108. package/dist/_chunks/{pl-0pUL9hdA.js → pl-Do9UD69f.js} +1 -1
  109. package/dist/_chunks/pl-Do9UD69f.js.map +1 -0
  110. package/dist/_chunks/{pt-Rf9W51IO.mjs → pt-BIO24ioG.mjs} +1 -1
  111. package/dist/_chunks/pt-BIO24ioG.mjs.map +1 -0
  112. package/dist/_chunks/{pt-BR-WNOhafR4.js → pt-BR-D7dZhxuP.js} +1 -1
  113. package/dist/_chunks/pt-BR-D7dZhxuP.js.map +1 -0
  114. package/dist/_chunks/{pt-BR-sS1Xp3Jt.mjs → pt-BR-f0p23AQZ.mjs} +1 -1
  115. package/dist/_chunks/pt-BR-f0p23AQZ.mjs.map +1 -0
  116. package/dist/_chunks/{pt-guNR9Gax.js → pt-fdvyOnUp.js} +1 -1
  117. package/dist/_chunks/pt-fdvyOnUp.js.map +1 -0
  118. package/dist/_chunks/{ru-X3BMXDds.js → ru-C94rjPGA.js} +1 -1
  119. package/dist/_chunks/ru-C94rjPGA.js.map +1 -0
  120. package/dist/_chunks/{ru-qKHnd5or.mjs → ru-VWy-IB7K.mjs} +1 -1
  121. package/dist/_chunks/ru-VWy-IB7K.mjs.map +1 -0
  122. package/dist/_chunks/{sk-NWPw1oTN.js → sk-BABEhykl.js} +1 -1
  123. package/dist/_chunks/sk-BABEhykl.js.map +1 -0
  124. package/dist/_chunks/{sk-_Ryr-eTT.mjs → sk-B_LIcepm.mjs} +1 -1
  125. package/dist/_chunks/sk-B_LIcepm.mjs.map +1 -0
  126. package/dist/_chunks/{sv-BqzScFXS.mjs → sv-ABLKOokl.mjs} +1 -1
  127. package/dist/_chunks/sv-ABLKOokl.mjs.map +1 -0
  128. package/dist/_chunks/{sv-76NnbB__.js → sv-Be43LhA9.js} +1 -1
  129. package/dist/_chunks/sv-Be43LhA9.js.map +1 -0
  130. package/dist/_chunks/{th-WsknMEpq.mjs → th-DKyP7ueR.mjs} +1 -1
  131. package/dist/_chunks/th-DKyP7ueR.mjs.map +1 -0
  132. package/dist/_chunks/{th-cbppX21D.js → th-DgVhVLhL.js} +1 -1
  133. package/dist/_chunks/th-DgVhVLhL.js.map +1 -0
  134. package/dist/_chunks/{tr-6mm_Fmz7.js → tr-B_idhkEs.js} +1 -1
  135. package/dist/_chunks/tr-B_idhkEs.js.map +1 -0
  136. package/dist/_chunks/{tr-_DB1F1GW.mjs → tr-qa1Q5UjC.mjs} +1 -1
  137. package/dist/_chunks/tr-qa1Q5UjC.mjs.map +1 -0
  138. package/dist/_chunks/{uk-yxMSQAwI.mjs → uk-BmRqbeQc.mjs} +1 -1
  139. package/dist/_chunks/uk-BmRqbeQc.mjs.map +1 -0
  140. package/dist/_chunks/{uk-sI2I1ogF.js → uk-LHOivnhP.js} +1 -1
  141. package/dist/_chunks/uk-LHOivnhP.js.map +1 -0
  142. package/dist/_chunks/{vi-A3zJxaiI.js → vi-CdVRdKDw.js} +1 -1
  143. package/dist/_chunks/vi-CdVRdKDw.js.map +1 -0
  144. package/dist/_chunks/{vi-xY0zCW3d.mjs → vi-HW-EdMea.mjs} +1 -1
  145. package/dist/_chunks/vi-HW-EdMea.mjs.map +1 -0
  146. package/dist/_chunks/{zh-OFeldzbX.mjs → zh-5hKkVPA4.mjs} +1 -1
  147. package/dist/_chunks/zh-5hKkVPA4.mjs.map +1 -0
  148. package/dist/_chunks/{zh-72SpmFXa.js → zh-Cuq8gMnF.js} +1 -1
  149. package/dist/_chunks/zh-Cuq8gMnF.js.map +1 -0
  150. package/dist/_chunks/{zh-Hans-E84cu4kP.mjs → zh-Hans-BHilK-yc.mjs} +1 -1
  151. package/dist/_chunks/zh-Hans-BHilK-yc.mjs.map +1 -0
  152. package/dist/_chunks/{zh-Hans-ArWWtyP4.js → zh-Hans-GQDMKtY4.js} +1 -1
  153. package/dist/_chunks/zh-Hans-GQDMKtY4.js.map +1 -0
  154. package/dist/admin/index.js +1 -2
  155. package/dist/admin/index.js.map +1 -1
  156. package/dist/admin/index.mjs +1 -2
  157. package/dist/admin/index.mjs.map +1 -1
  158. package/package.json +27 -28
  159. package/server/bootstrap/index.js +18 -51
  160. package/server/content-types/user/index.js +0 -1
  161. package/server/controllers/auth.js +40 -59
  162. package/server/controllers/content-manager-user.js +28 -30
  163. package/server/controllers/role.js +17 -4
  164. package/server/controllers/user.js +8 -9
  165. package/server/controllers/validation/auth.js +81 -25
  166. package/server/middlewares/rateLimit.js +1 -1
  167. package/server/register.js +1 -1
  168. package/server/services/jwt.js +3 -3
  169. package/server/services/permission.js +3 -7
  170. package/server/services/providers-registry.js +468 -279
  171. package/server/services/providers.js +10 -5
  172. package/server/services/role.js +15 -13
  173. package/server/services/user.js +56 -19
  174. package/server/services/users-permissions.js +15 -13
  175. package/server/utils/index.d.ts +2 -1
  176. package/server/utils/sanitize/sanitizers.js +7 -3
  177. package/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js +2 -2
  178. package/admin/src/pages/Roles/pages/ListPage/utils/api.js +0 -30
  179. package/dist/_chunks/ar-MvD8Ghac.mjs.map +0 -1
  180. package/dist/_chunks/ar-t5qTFaAD.js.map +0 -1
  181. package/dist/_chunks/cs-BMuXwxA1.mjs.map +0 -1
  182. package/dist/_chunks/cs-I8N4u-Sd.js.map +0 -1
  183. package/dist/_chunks/de-YTjtq89K.js.map +0 -1
  184. package/dist/_chunks/de-zs2qqc0W.mjs.map +0 -1
  185. package/dist/_chunks/dk-HctVBMsG.mjs.map +0 -1
  186. package/dist/_chunks/dk-TF-dWjzl.js.map +0 -1
  187. package/dist/_chunks/en-CE3wEy_c.mjs.map +0 -1
  188. package/dist/_chunks/en-m608rMZx.js.map +0 -1
  189. package/dist/_chunks/es-9381tih_.mjs.map +0 -1
  190. package/dist/_chunks/es-XBQsB8_9.js.map +0 -1
  191. package/dist/_chunks/fr-6cz3U-IF.js.map +0 -1
  192. package/dist/_chunks/fr-CMSc77If.mjs.map +0 -1
  193. package/dist/_chunks/id-RJ934rq-.js.map +0 -1
  194. package/dist/_chunks/id-SDuyIkZa.mjs.map +0 -1
  195. package/dist/_chunks/index--NjZI15Z.mjs +0 -301
  196. package/dist/_chunks/index--NjZI15Z.mjs.map +0 -1
  197. package/dist/_chunks/index-EFtzpYTe.mjs +0 -385
  198. package/dist/_chunks/index-EFtzpYTe.mjs.map +0 -1
  199. package/dist/_chunks/index-M6VUX9Xe.mjs.map +0 -1
  200. package/dist/_chunks/index-PIkWT4fR.js.map +0 -1
  201. package/dist/_chunks/index-RINRWbs5.mjs.map +0 -1
  202. package/dist/_chunks/index-V3CiTkmR.mjs.map +0 -1
  203. package/dist/_chunks/index-d2k7RBd6.js +0 -407
  204. package/dist/_chunks/index-d2k7RBd6.js.map +0 -1
  205. package/dist/_chunks/index-f7pS9YU1.js.map +0 -1
  206. package/dist/_chunks/index-j8_HHqx2.js.map +0 -1
  207. package/dist/_chunks/index-zhL5rDjK.js +0 -320
  208. package/dist/_chunks/index-zhL5rDjK.js.map +0 -1
  209. package/dist/_chunks/it-YhZOlM2X.js.map +0 -1
  210. package/dist/_chunks/it-bvH7DgQo.mjs.map +0 -1
  211. package/dist/_chunks/ja-o_-JPvQv.mjs.map +0 -1
  212. package/dist/_chunks/ja-xssHUXFv.js.map +0 -1
  213. package/dist/_chunks/ko-C3mHUSJa.js.map +0 -1
  214. package/dist/_chunks/ko-XJbPSez_.mjs.map +0 -1
  215. package/dist/_chunks/ms-II5Ea73J.mjs.map +0 -1
  216. package/dist/_chunks/ms-d0hfg65Z.js.map +0 -1
  217. package/dist/_chunks/nl-TA7TfK_5.js.map +0 -1
  218. package/dist/_chunks/nl-vEy6TN0K.mjs.map +0 -1
  219. package/dist/_chunks/pl-0pUL9hdA.js.map +0 -1
  220. package/dist/_chunks/pl-2VowaFGt.mjs.map +0 -1
  221. package/dist/_chunks/pt-BR-WNOhafR4.js.map +0 -1
  222. package/dist/_chunks/pt-BR-sS1Xp3Jt.mjs.map +0 -1
  223. package/dist/_chunks/pt-Rf9W51IO.mjs.map +0 -1
  224. package/dist/_chunks/pt-guNR9Gax.js.map +0 -1
  225. package/dist/_chunks/ru-X3BMXDds.js.map +0 -1
  226. package/dist/_chunks/ru-qKHnd5or.mjs.map +0 -1
  227. package/dist/_chunks/sk-NWPw1oTN.js.map +0 -1
  228. package/dist/_chunks/sk-_Ryr-eTT.mjs.map +0 -1
  229. package/dist/_chunks/sv-76NnbB__.js.map +0 -1
  230. package/dist/_chunks/sv-BqzScFXS.mjs.map +0 -1
  231. package/dist/_chunks/th-WsknMEpq.mjs.map +0 -1
  232. package/dist/_chunks/th-cbppX21D.js.map +0 -1
  233. package/dist/_chunks/tr-6mm_Fmz7.js.map +0 -1
  234. package/dist/_chunks/tr-_DB1F1GW.mjs.map +0 -1
  235. package/dist/_chunks/uk-sI2I1ogF.js.map +0 -1
  236. package/dist/_chunks/uk-yxMSQAwI.mjs.map +0 -1
  237. package/dist/_chunks/vi-A3zJxaiI.js.map +0 -1
  238. package/dist/_chunks/vi-xY0zCW3d.mjs.map +0 -1
  239. package/dist/_chunks/zh-72SpmFXa.js.map +0 -1
  240. package/dist/_chunks/zh-Hans-ArWWtyP4.js.map +0 -1
  241. package/dist/_chunks/zh-Hans-E84cu4kP.mjs.map +0 -1
  242. package/dist/_chunks/zh-OFeldzbX.mjs.map +0 -1
  243. package/server/bootstrap/grant-config.js +0 -140
  244. package/strapi-server.js +0 -3
package/server/controllers/role.js CHANGED
@@ -1,10 +1,19 @@
1
1
  'use strict';
2
2
 
3
3
  const _ = require('lodash');
4
- const { ApplicationError, ValidationError } = require('@strapi/utils').errors;
4
+ const { async, errors } = require('@strapi/utils');
5
5
  const { getService } = require('../utils');
6
6
  const { validateDeleteRoleBody } = require('./validation/user');
7
7
 
8
+ const { ApplicationError, ValidationError } = errors;
9
+
10
+ const sanitizeOutput = async (role) => {
11
+ const { sanitizeLocalizationFields } = strapi.plugin('i18n').service('sanitize');
12
+ const schema = strapi.getModel('plugin::users-permissions.role');
13
+
14
+ return async.pipe(sanitizeLocalizationFields(schema))(role);
15
+ };
16
+
8
17
  module.exports = {
9
18
  /**
10
19
  * Default action.
@@ -30,13 +39,17 @@ module.exports = {
30
39
  return ctx.notFound();
31
40
  }
32
41
 
33
- ctx.send({ role });
42
+ const safeRole = await sanitizeOutput(role);
43
+
44
+ ctx.send({ role: safeRole });
34
45
  },
35
46
 
36
47
  async find(ctx) {
37
48
  const roles = await getService('role').find();
38
49
 
39
- ctx.send({ roles });
50
+ const safeRoles = await Promise.all(roles.map(sanitizeOutput));
51
+
52
+ ctx.send({ roles: safeRoles });
40
53
  },
41
54
 
42
55
  async updateRole(ctx) {
@@ -59,7 +72,7 @@ module.exports = {
59
72
  }
60
73
 
61
74
  // Fetch public role.
62
- const publicRole = await strapi
75
+ const publicRole = await strapi.db
63
76
  .query('plugin::users-permissions.role')
64
77
  .findOne({ where: { type: 'public' } });
65
78
 
package/server/controllers/user.js CHANGED
@@ -11,28 +11,27 @@ const utils = require('@strapi/utils');
11
11
  const { getService } = require('../utils');
12
12
  const { validateCreateUserBody, validateUpdateUserBody } = require('./validation/user');
13
13
 
14
- const { sanitize, validate } = utils;
15
14
  const { ApplicationError, ValidationError, NotFoundError } = utils.errors;
16
15
 
17
16
  const sanitizeOutput = async (user, ctx) => {
18
17
  const schema = strapi.getModel('plugin::users-permissions.user');
19
18
  const { auth } = ctx.state;
20
19
 
21
- return sanitize.contentAPI.output(user, schema, { auth });
20
+ return strapi.contentAPI.sanitize.output(user, schema, { auth });
22
21
  };
23
22
 
24
23
  const validateQuery = async (query, ctx) => {
25
24
  const schema = strapi.getModel('plugin::users-permissions.user');
26
25
  const { auth } = ctx.state;
27
26
 
28
- return validate.contentAPI.query(query, schema, { auth });
27
+ return strapi.contentAPI.validate.query(query, schema, { auth });
29
28
  };
30
29
 
31
30
  const sanitizeQuery = async (query, ctx) => {
32
31
  const schema = strapi.getModel('plugin::users-permissions.user');
33
32
  const { auth } = ctx.state;
34
33
 
35
- return sanitize.contentAPI.query(query, schema, { auth });
34
+ return strapi.contentAPI.sanitize.query(query, schema, { auth });
36
35
  };
37
36
 
38
37
  module.exports = {
@@ -49,7 +48,7 @@ module.exports = {
49
48
 
50
49
  const { email, username, role } = ctx.request.body;
51
50
 
52
- const userWithSameUsername = await strapi
51
+ const userWithSameUsername = await strapi.db
53
52
  .query('plugin::users-permissions.user')
54
53
  .findOne({ where: { username } });
55
54
 
@@ -58,7 +57,7 @@ module.exports = {
58
57
  }
59
58
 
60
59
  if (advanced.unique_email) {
61
- const userWithSameEmail = await strapi
60
+ const userWithSameEmail = await strapi.db
62
61
  .query('plugin::users-permissions.user')
63
62
  .findOne({ where: { email: email.toLowerCase() } });
64
63
 
@@ -74,7 +73,7 @@ module.exports = {
74
73
  };
75
74
 
76
75
  if (!role) {
77
- const defaultRole = await strapi
76
+ const defaultRole = await strapi.db
78
77
  .query('plugin::users-permissions.role')
79
78
  .findOne({ where: { type: advanced.default_role } });
80
79
 
@@ -115,7 +114,7 @@ module.exports = {
115
114
  }
116
115
 
117
116
  if (_.has(ctx.request.body, 'username')) {
118
- const userWithSameUsername = await strapi
117
+ const userWithSameUsername = await strapi.db
119
118
  .query('plugin::users-permissions.user')
120
119
  .findOne({ where: { username } });
121
120
 
@@ -125,7 +124,7 @@ module.exports = {
125
124
  }
126
125
 
127
126
  if (_.has(ctx.request.body, 'email') && advancedConfigs.unique_email) {
128
- const userWithSameEmail = await strapi
127
+ const userWithSameEmail = await strapi.db
129
128
  .query('plugin::users-permissions.user')
130
129
  .findOne({ where: { email: email.toLowerCase() } });
131
130
 
package/server/controllers/validation/auth.js CHANGED
@@ -7,11 +7,27 @@ const callbackSchema = yup.object({
7
7
  password: yup.string().required(),
8
8
  });
9
9
 
10
- const registerSchema = yup.object({
11
- email: yup.string().email().required(),
12
- username: yup.string().required(),
13
- password: yup.string().required(),
14
- });
10
+ const createRegisterSchema = (config) =>
11
+ yup.object({
12
+ email: yup.string().email().required(),
13
+ username: yup.string().required(),
14
+ password: yup
15
+ .string()
16
+ .required()
17
+ .test(async function (value) {
18
+ if (typeof config?.validatePassword === 'function') {
19
+ try {
20
+ const isValid = await config.validatePassword(value);
21
+ if (!isValid) {
22
+ return this.createError({ message: 'Password validation failed.' });
23
+ }
24
+ } catch (error) {
25
+ return this.createError({ message: error.message || 'An error occurred.' });
26
+ }
27
+ }
28
+ return true;
29
+ }),
30
+ });
15
31
 
16
32
  const sendEmailConfirmationSchema = yup.object({
17
33
  email: yup.string().email().required(),
@@ -27,31 +43,71 @@ const forgotPasswordSchema = yup
27
43
  })
28
44
  .noUnknown();
29
45
 
30
- const resetPasswordSchema = yup
31
- .object({
32
- password: yup.string().required(),
33
- passwordConfirmation: yup.string().required(),
34
- code: yup.string().required(),
35
- })
36
- .noUnknown();
46
+ const createResetPasswordSchema = (config) =>
47
+ yup
48
+ .object({
49
+ password: yup
50
+ .string()
51
+ .required()
52
+ .test(async function (value) {
53
+ if (typeof config?.validatePassword === 'function') {
54
+ try {
55
+ const isValid = await config.validatePassword(value);
56
+ if (!isValid) {
57
+ return this.createError({ message: 'Password validation failed.' });
58
+ }
59
+ } catch (error) {
60
+ return this.createError({ message: error.message || 'An error occurred.' });
61
+ }
62
+ }
63
+ return true;
64
+ }),
37
65
 
38
- const changePasswordSchema = yup
39
- .object({
40
- password: yup.string().required(),
41
- passwordConfirmation: yup
42
- .string()
43
- .required()
44
- .oneOf([yup.ref('password')], 'Passwords do not match'),
45
- currentPassword: yup.string().required(),
46
- })
47
- .noUnknown();
66
+ passwordConfirmation: yup
67
+ .string()
68
+ .required()
69
+ .oneOf([yup.ref('password')], 'Passwords do not match'),
70
+
71
+ code: yup.string().required(),
72
+ })
73
+ .noUnknown();
74
+
75
+ const createChangePasswordSchema = (config) =>
76
+ yup
77
+ .object({
78
+ password: yup
79
+ .string()
80
+ .required()
81
+ .test(async function (value) {
82
+ if (typeof config?.validatePassword === 'function') {
83
+ try {
84
+ const isValid = await config.validatePassword(value);
85
+ if (!isValid) {
86
+ return this.createError({ message: 'Password validation failed.' });
87
+ }
88
+ } catch (error) {
89
+ return this.createError({ message: error.message || 'An error occurred.' });
90
+ }
91
+ }
92
+ return true;
93
+ }),
94
+ passwordConfirmation: yup
95
+ .string()
96
+ .required()
97
+ .oneOf([yup.ref('password')], 'Passwords do not match'),
98
+ currentPassword: yup.string().required(),
99
+ })
100
+ .noUnknown();
48
101
 
49
102
  module.exports = {
50
103
  validateCallbackBody: validateYupSchema(callbackSchema),
51
- validateRegisterBody: validateYupSchema(registerSchema),
104
+ validateRegisterBody: (payload, config) =>
105
+ validateYupSchema(createRegisterSchema(config))(payload),
52
106
  validateSendEmailConfirmationBody: validateYupSchema(sendEmailConfirmationSchema),
53
107
  validateEmailConfirmationBody: validateYupSchema(validateEmailConfirmationSchema),
54
108
  validateForgotPasswordBody: validateYupSchema(forgotPasswordSchema),
55
- validateResetPasswordBody: validateYupSchema(resetPasswordSchema),
56
- validateChangePasswordBody: validateYupSchema(changePasswordSchema),
109
+ validateResetPasswordBody: (payload, config) =>
110
+ validateYupSchema(createResetPasswordSchema(config))(payload),
111
+ validateChangePasswordBody: (payload, config) =>
112
+ validateYupSchema(createChangePasswordSchema(config))(payload),
57
113
  };
package/server/middlewares/rateLimit.js CHANGED
@@ -9,7 +9,7 @@ const { RateLimitError } = utils.errors;
9
9
  module.exports =
10
10
  (config, { strapi }) =>
11
11
  async (ctx, next) => {
12
- let rateLimitConfig = strapi.config.get('plugin.users-permissions.ratelimit');
12
+ let rateLimitConfig = strapi.config.get('plugin::users-permissions.ratelimit');
13
13
 
14
14
  if (!rateLimitConfig) {
15
15
  rateLimitConfig = {
package/server/register.js CHANGED
@@ -7,7 +7,7 @@ const authStrategy = require('./strategies/users-permissions');
7
7
  const sanitizers = require('./utils/sanitize/sanitizers');
8
8
 
9
9
  module.exports = ({ strapi }) => {
10
- strapi.container.get('auth').register('content-api', authStrategy);
10
+ strapi.get('auth').register('content-api', authStrategy);
11
11
  strapi.sanitizers.add('content-api.output', sanitizers.defaultSanitizeOutput);
12
12
 
13
13
  if (strapi.plugin('graphql')) {
package/server/services/jwt.js CHANGED
@@ -29,10 +29,10 @@ module.exports = ({ strapi }) => ({
29
29
  },
30
30
 
31
31
  issue(payload, jwtOptions = {}) {
32
- _.defaults(jwtOptions, strapi.config.get('plugin.users-permissions.jwt'));
32
+ _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));
33
33
  return jwt.sign(
34
34
  _.clone(payload.toJSON ? payload.toJSON() : payload),
35
- strapi.config.get('plugin.users-permissions.jwtSecret'),
35
+ strapi.config.get('plugin::users-permissions.jwtSecret'),
36
36
  jwtOptions
37
37
  );
38
38
  },
@@ -41,7 +41,7 @@ module.exports = ({ strapi }) => ({
41
41
  return new Promise((resolve, reject) => {
42
42
  jwt.verify(
43
43
  token,
44
- strapi.config.get('plugin.users-permissions.jwtSecret'),
44
+ strapi.config.get('plugin::users-permissions.jwtSecret'),
45
45
  {},
46
46
  (err, tokenPayload = {}) => {
47
47
  if (err) {
package/server/services/permission.js CHANGED
@@ -11,11 +11,7 @@ module.exports = ({ strapi }) => ({
11
11
  * @return {object[]}
12
12
  */
13
13
  async findRolePermissions(roleID) {
14
- return strapi.entityService.load(
15
- 'plugin::users-permissions.role',
16
- { id: roleID },
17
- 'permissions'
18
- );
14
+ return strapi.db.query('plugin::users-permissions.role').load({ id: roleID }, 'permissions');
19
15
  },
20
16
 
21
17
  /**
@@ -24,8 +20,8 @@ module.exports = ({ strapi }) => ({
24
20
  * @return {object[]}
25
21
  */
26
22
  async findPublicPermissions() {
27
- return strapi.entityService.findMany('plugin::users-permissions.permission', {
28
- filters: PUBLIC_ROLE_FILTER,
23
+ return strapi.db.query('plugin::users-permissions.permission').findMany({
24
+ where: PUBLIC_ROLE_FILTER,
29
25
  });
30
26
  },
31
27