@strapi/plugin-users-permissions 0.0.0-next.f5b09a8e61e059f02784478e27c310c6290be088 → 0.0.0-next.f5d21551ed005f524bfc4760b274f1be154e26a8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (647) hide show
  1. package/.eslintignore +2 -1
  2. package/.eslintrc +4 -1
  3. package/LICENSE +18 -3
  4. package/admin/src/components/BoundRoute/{index.js → index.jsx} +3 -3
  5. package/admin/src/components/FormModal/Input/{index.js → index.jsx} +33 -32
  6. package/admin/src/components/FormModal/index.jsx +115 -0
  7. package/admin/src/components/Permissions/PermissionRow/{CheckboxWrapper.js → CheckboxWrapper.jsx} +4 -3
  8. package/admin/src/components/Permissions/PermissionRow/{SubCategory.js → SubCategory.jsx} +13 -22
  9. package/admin/src/components/Permissions/index.jsx +47 -0
  10. package/admin/src/components/Permissions/reducer.js +1 -1
  11. package/admin/src/components/Policies/{index.js → index.jsx} +8 -6
  12. package/admin/src/components/UsersPermissions/{index.js → index.jsx} +15 -7
  13. package/admin/src/components/UsersPermissions/reducer.js +1 -1
  14. package/admin/src/index.js +17 -34
  15. package/admin/src/pages/AdvancedSettings/index.jsx +214 -0
  16. package/admin/src/pages/AdvancedSettings/utils/layout.js +20 -35
  17. package/admin/src/pages/AdvancedSettings/utils/schema.js +5 -2
  18. package/admin/src/pages/EmailTemplates/components/EmailForm.jsx +156 -0
  19. package/admin/src/pages/EmailTemplates/components/{EmailTable.js → EmailTable.jsx} +21 -18
  20. package/admin/src/pages/EmailTemplates/{index.js → index.jsx} +36 -62
  21. package/admin/src/pages/EmailTemplates/utils/schema.js +18 -6
  22. package/admin/src/pages/Providers/{index.js → index.jsx} +98 -113
  23. package/admin/src/pages/Providers/utils/forms.js +23 -11
  24. package/admin/src/pages/Roles/constants.js +3 -3
  25. package/admin/src/pages/Roles/hooks/usePlugins.js +4 -4
  26. package/admin/src/pages/Roles/index.jsx +24 -0
  27. package/admin/src/pages/Roles/pages/{CreatePage.js → CreatePage.jsx} +53 -58
  28. package/admin/src/pages/Roles/pages/{EditPage.js → EditPage.jsx} +63 -68
  29. package/admin/src/pages/Roles/pages/ListPage/components/{TableBody.js → TableBody.jsx} +28 -32
  30. package/admin/src/pages/Roles/pages/ListPage/{index.js → index.jsx} +79 -55
  31. package/admin/src/pluginId.js +2 -2
  32. package/admin/src/translations/en.json +1 -1
  33. package/admin/src/translations/uk.json +41 -4
  34. package/admin/src/utils/formatPluginName.js +1 -1
  35. package/admin/src/utils/prefixPluginTranslations.js +13 -0
  36. package/dist/admin/components/BoundRoute/getMethodColor.js +49 -0
  37. package/dist/admin/components/BoundRoute/getMethodColor.js.map +1 -0
  38. package/dist/admin/components/BoundRoute/getMethodColor.mjs +47 -0
  39. package/dist/admin/components/BoundRoute/getMethodColor.mjs.map +1 -0
  40. package/dist/admin/components/BoundRoute/index.js +98 -0
  41. package/dist/admin/components/BoundRoute/index.js.map +1 -0
  42. package/dist/admin/components/BoundRoute/index.mjs +96 -0
  43. package/dist/admin/components/BoundRoute/index.mjs.map +1 -0
  44. package/dist/admin/components/FormModal/Input/index.js +123 -0
  45. package/dist/admin/components/FormModal/Input/index.js.map +1 -0
  46. package/dist/admin/components/FormModal/Input/index.mjs +121 -0
  47. package/dist/admin/components/FormModal/Input/index.mjs.map +1 -0
  48. package/dist/admin/components/FormModal/index.js +110 -0
  49. package/dist/admin/components/FormModal/index.js.map +1 -0
  50. package/dist/admin/components/FormModal/index.mjs +108 -0
  51. package/dist/admin/components/FormModal/index.mjs.map +1 -0
  52. package/dist/admin/components/Permissions/PermissionRow/CheckboxWrapper.js +33 -0
  53. package/dist/admin/components/Permissions/PermissionRow/CheckboxWrapper.js.map +1 -0
  54. package/dist/admin/components/Permissions/PermissionRow/CheckboxWrapper.mjs +31 -0
  55. package/dist/admin/components/Permissions/PermissionRow/CheckboxWrapper.mjs.map +1 -0
  56. package/dist/admin/components/Permissions/PermissionRow/SubCategory.js +156 -0
  57. package/dist/admin/components/Permissions/PermissionRow/SubCategory.js.map +1 -0
  58. package/dist/admin/components/Permissions/PermissionRow/SubCategory.mjs +154 -0
  59. package/dist/admin/components/Permissions/PermissionRow/SubCategory.mjs.map +1 -0
  60. package/dist/admin/components/Permissions/PermissionRow/index.js +50 -0
  61. package/dist/admin/components/Permissions/PermissionRow/index.js.map +1 -0
  62. package/dist/admin/components/Permissions/PermissionRow/index.mjs +48 -0
  63. package/dist/admin/components/Permissions/PermissionRow/index.mjs.map +1 -0
  64. package/dist/admin/components/Permissions/index.js +52 -0
  65. package/dist/admin/components/Permissions/index.js.map +1 -0
  66. package/dist/admin/components/Permissions/index.mjs +50 -0
  67. package/dist/admin/components/Permissions/index.mjs.map +1 -0
  68. package/dist/admin/components/Permissions/init.js +15 -0
  69. package/dist/admin/components/Permissions/init.js.map +1 -0
  70. package/dist/admin/components/Permissions/init.mjs +13 -0
  71. package/dist/admin/components/Permissions/init.mjs.map +1 -0
  72. package/dist/admin/components/Permissions/reducer.js +34 -0
  73. package/dist/admin/components/Permissions/reducer.js.map +1 -0
  74. package/dist/admin/components/Permissions/reducer.mjs +31 -0
  75. package/dist/admin/components/Permissions/reducer.mjs.map +1 -0
  76. package/dist/admin/components/Policies/index.js +67 -0
  77. package/dist/admin/components/Policies/index.js.map +1 -0
  78. package/dist/admin/components/Policies/index.mjs +65 -0
  79. package/dist/admin/components/Policies/index.mjs.map +1 -0
  80. package/dist/admin/components/UsersPermissions/index.js +115 -0
  81. package/dist/admin/components/UsersPermissions/index.js.map +1 -0
  82. package/dist/admin/components/UsersPermissions/index.mjs +113 -0
  83. package/dist/admin/components/UsersPermissions/index.mjs.map +1 -0
  84. package/dist/admin/components/UsersPermissions/init.js +13 -0
  85. package/dist/admin/components/UsersPermissions/init.js.map +1 -0
  86. package/dist/admin/components/UsersPermissions/init.mjs +11 -0
  87. package/dist/admin/components/UsersPermissions/init.mjs.map +1 -0
  88. package/dist/admin/components/UsersPermissions/reducer.js +73 -0
  89. package/dist/admin/components/UsersPermissions/reducer.js.map +1 -0
  90. package/dist/admin/components/UsersPermissions/reducer.mjs +68 -0
  91. package/dist/admin/components/UsersPermissions/reducer.mjs.map +1 -0
  92. package/dist/admin/constants.js +81 -0
  93. package/dist/admin/constants.js.map +1 -0
  94. package/dist/admin/constants.mjs +79 -0
  95. package/dist/admin/constants.mjs.map +1 -0
  96. package/dist/admin/contexts/UsersPermissionsContext/index.js +23 -0
  97. package/dist/admin/contexts/UsersPermissionsContext/index.js.map +1 -0
  98. package/dist/admin/contexts/UsersPermissionsContext/index.mjs +19 -0
  99. package/dist/admin/contexts/UsersPermissionsContext/index.mjs.map +1 -0
  100. package/dist/admin/index.js +125 -0
  101. package/dist/admin/index.js.map +1 -0
  102. package/dist/admin/index.mjs +121 -0
  103. package/dist/admin/index.mjs.map +1 -0
  104. package/dist/admin/package.json.js +14 -0
  105. package/dist/admin/package.json.js.map +1 -0
  106. package/dist/admin/package.json.mjs +11 -0
  107. package/dist/admin/package.json.mjs.map +1 -0
  108. package/dist/admin/pages/AdvancedSettings/index.js +194 -0
  109. package/dist/admin/pages/AdvancedSettings/index.js.map +1 -0
  110. package/dist/admin/pages/AdvancedSettings/index.mjs +191 -0
  111. package/dist/admin/pages/AdvancedSettings/index.mjs.map +1 -0
  112. package/dist/admin/pages/AdvancedSettings/utils/layout.js +83 -0
  113. package/dist/admin/pages/AdvancedSettings/utils/layout.js.map +1 -0
  114. package/dist/admin/pages/AdvancedSettings/utils/layout.mjs +81 -0
  115. package/dist/admin/pages/AdvancedSettings/utils/layout.mjs.map +1 -0
  116. package/dist/admin/pages/AdvancedSettings/utils/schema.js +40 -0
  117. package/dist/admin/pages/AdvancedSettings/utils/schema.js.map +1 -0
  118. package/dist/admin/pages/AdvancedSettings/utils/schema.mjs +19 -0
  119. package/dist/admin/pages/AdvancedSettings/utils/schema.mjs.map +1 -0
  120. package/dist/admin/pages/EmailTemplates/components/EmailForm.js +171 -0
  121. package/dist/admin/pages/EmailTemplates/components/EmailForm.js.map +1 -0
  122. package/dist/admin/pages/EmailTemplates/components/EmailForm.mjs +169 -0
  123. package/dist/admin/pages/EmailTemplates/components/EmailForm.mjs.map +1 -0
  124. package/dist/admin/pages/EmailTemplates/components/EmailTable.js +145 -0
  125. package/dist/admin/pages/EmailTemplates/components/EmailTable.js.map +1 -0
  126. package/dist/admin/pages/EmailTemplates/components/EmailTable.mjs +143 -0
  127. package/dist/admin/pages/EmailTemplates/components/EmailTable.mjs.map +1 -0
  128. package/dist/admin/pages/EmailTemplates/index.js +157 -0
  129. package/dist/admin/pages/EmailTemplates/index.js.map +1 -0
  130. package/dist/admin/pages/EmailTemplates/index.mjs +135 -0
  131. package/dist/admin/pages/EmailTemplates/index.mjs.map +1 -0
  132. package/dist/admin/pages/EmailTemplates/utils/schema.js +50 -0
  133. package/dist/admin/pages/EmailTemplates/utils/schema.js.map +1 -0
  134. package/dist/admin/pages/EmailTemplates/utils/schema.mjs +29 -0
  135. package/dist/admin/pages/EmailTemplates/utils/schema.mjs.map +1 -0
  136. package/dist/admin/pages/Providers/index.js +278 -0
  137. package/dist/admin/pages/Providers/index.js.map +1 -0
  138. package/dist/admin/pages/Providers/index.mjs +254 -0
  139. package/dist/admin/pages/Providers/index.mjs.map +1 -0
  140. package/dist/admin/pages/Providers/utils/forms.js +281 -0
  141. package/dist/admin/pages/Providers/utils/forms.js.map +1 -0
  142. package/dist/admin/pages/Providers/utils/forms.mjs +260 -0
  143. package/dist/admin/pages/Providers/utils/forms.mjs.map +1 -0
  144. package/dist/admin/pages/Roles/constants.js +31 -0
  145. package/dist/admin/pages/Roles/constants.js.map +1 -0
  146. package/dist/admin/pages/Roles/constants.mjs +10 -0
  147. package/dist/admin/pages/Roles/constants.mjs.map +1 -0
  148. package/dist/admin/pages/Roles/hooks/usePlugins.js +78 -0
  149. package/dist/admin/pages/Roles/hooks/usePlugins.js.map +1 -0
  150. package/dist/admin/pages/Roles/hooks/usePlugins.mjs +76 -0
  151. package/dist/admin/pages/Roles/hooks/usePlugins.mjs.map +1 -0
  152. package/dist/admin/pages/Roles/index.js +35 -0
  153. package/dist/admin/pages/Roles/index.js.map +1 -0
  154. package/dist/admin/pages/Roles/index.mjs +33 -0
  155. package/dist/admin/pages/Roles/index.mjs.map +1 -0
  156. package/dist/admin/pages/Roles/pages/CreatePage.js +225 -0
  157. package/dist/admin/pages/Roles/pages/CreatePage.js.map +1 -0
  158. package/dist/admin/pages/Roles/pages/CreatePage.mjs +203 -0
  159. package/dist/admin/pages/Roles/pages/CreatePage.mjs.map +1 -0
  160. package/dist/admin/pages/Roles/pages/EditPage.js +229 -0
  161. package/dist/admin/pages/Roles/pages/EditPage.js.map +1 -0
  162. package/dist/admin/pages/Roles/pages/EditPage.mjs +207 -0
  163. package/dist/admin/pages/Roles/pages/EditPage.mjs.map +1 -0
  164. package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js +125 -0
  165. package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js.map +1 -0
  166. package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.mjs +123 -0
  167. package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.mjs.map +1 -0
  168. package/dist/admin/pages/Roles/pages/ListPage/index.js +237 -0
  169. package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -0
  170. package/dist/admin/pages/Roles/pages/ListPage/index.mjs +234 -0
  171. package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -0
  172. package/dist/admin/pluginId.js +8 -0
  173. package/dist/admin/pluginId.js.map +1 -0
  174. package/dist/admin/pluginId.mjs +6 -0
  175. package/dist/admin/pluginId.mjs.map +1 -0
  176. package/dist/admin/translations/ar.json.js +45 -0
  177. package/dist/admin/translations/ar.json.js.map +1 -0
  178. package/dist/admin/translations/ar.json.mjs +43 -0
  179. package/dist/admin/translations/ar.json.mjs.map +1 -0
  180. package/dist/admin/translations/cs.json.js +51 -0
  181. package/dist/admin/translations/cs.json.js.map +1 -0
  182. package/dist/admin/translations/cs.json.mjs +49 -0
  183. package/dist/admin/translations/cs.json.mjs.map +1 -0
  184. package/dist/admin/translations/de.json.js +63 -0
  185. package/dist/admin/translations/de.json.js.map +1 -0
  186. package/dist/admin/translations/de.json.mjs +61 -0
  187. package/dist/admin/translations/de.json.mjs.map +1 -0
  188. package/dist/admin/translations/dk.json.js +87 -0
  189. package/dist/admin/translations/dk.json.js.map +1 -0
  190. package/dist/admin/translations/dk.json.mjs +85 -0
  191. package/dist/admin/translations/dk.json.mjs.map +1 -0
  192. package/dist/admin/translations/en.json.js +87 -0
  193. package/dist/admin/translations/en.json.js.map +1 -0
  194. package/dist/admin/translations/en.json.mjs +85 -0
  195. package/dist/admin/translations/en.json.mjs.map +1 -0
  196. package/dist/admin/translations/es.json.js +87 -0
  197. package/dist/admin/translations/es.json.js.map +1 -0
  198. package/dist/admin/translations/es.json.mjs +85 -0
  199. package/dist/admin/translations/es.json.mjs.map +1 -0
  200. package/dist/admin/translations/fr.json.js +51 -0
  201. package/dist/admin/translations/fr.json.js.map +1 -0
  202. package/dist/admin/translations/fr.json.mjs +49 -0
  203. package/dist/admin/translations/fr.json.mjs.map +1 -0
  204. package/dist/admin/translations/id.json.js +63 -0
  205. package/dist/admin/translations/id.json.js.map +1 -0
  206. package/dist/admin/translations/id.json.mjs +61 -0
  207. package/dist/admin/translations/id.json.mjs.map +1 -0
  208. package/dist/admin/translations/it.json.js +63 -0
  209. package/dist/admin/translations/it.json.js.map +1 -0
  210. package/dist/admin/translations/it.json.mjs +61 -0
  211. package/dist/admin/translations/it.json.mjs.map +1 -0
  212. package/dist/admin/translations/ja.json.js +49 -0
  213. package/dist/admin/translations/ja.json.js.map +1 -0
  214. package/dist/admin/translations/ja.json.mjs +47 -0
  215. package/dist/admin/translations/ja.json.mjs.map +1 -0
  216. package/dist/admin/translations/ko.json.js +87 -0
  217. package/dist/admin/translations/ko.json.js.map +1 -0
  218. package/dist/admin/translations/ko.json.mjs +85 -0
  219. package/dist/admin/translations/ko.json.mjs.map +1 -0
  220. package/dist/admin/translations/ms.json.js +50 -0
  221. package/dist/admin/translations/ms.json.js.map +1 -0
  222. package/dist/admin/translations/ms.json.mjs +48 -0
  223. package/dist/admin/translations/ms.json.mjs.map +1 -0
  224. package/dist/admin/translations/nl.json.js +49 -0
  225. package/dist/admin/translations/nl.json.js.map +1 -0
  226. package/dist/admin/translations/nl.json.mjs +47 -0
  227. package/dist/admin/translations/nl.json.mjs.map +1 -0
  228. package/dist/admin/translations/pl.json.js +87 -0
  229. package/dist/admin/translations/pl.json.js.map +1 -0
  230. package/dist/admin/translations/pl.json.mjs +85 -0
  231. package/dist/admin/translations/pl.json.mjs.map +1 -0
  232. package/dist/admin/translations/pt-BR.json.js +45 -0
  233. package/dist/admin/translations/pt-BR.json.js.map +1 -0
  234. package/dist/admin/translations/pt-BR.json.mjs +43 -0
  235. package/dist/admin/translations/pt-BR.json.mjs.map +1 -0
  236. package/dist/admin/translations/pt.json.js +49 -0
  237. package/dist/admin/translations/pt.json.js.map +1 -0
  238. package/dist/admin/translations/pt.json.mjs +47 -0
  239. package/dist/admin/translations/pt.json.mjs.map +1 -0
  240. package/dist/admin/translations/ru.json.js +87 -0
  241. package/dist/admin/translations/ru.json.js.map +1 -0
  242. package/dist/admin/translations/ru.json.mjs +85 -0
  243. package/dist/admin/translations/ru.json.mjs.map +1 -0
  244. package/dist/admin/translations/sk.json.js +51 -0
  245. package/dist/admin/translations/sk.json.js.map +1 -0
  246. package/dist/admin/translations/sk.json.mjs +49 -0
  247. package/dist/admin/translations/sk.json.mjs.map +1 -0
  248. package/dist/admin/translations/sv.json.js +87 -0
  249. package/dist/admin/translations/sv.json.js.map +1 -0
  250. package/dist/admin/translations/sv.json.mjs +85 -0
  251. package/dist/admin/translations/sv.json.mjs.map +1 -0
  252. package/dist/admin/translations/th.json.js +61 -0
  253. package/dist/admin/translations/th.json.js.map +1 -0
  254. package/dist/admin/translations/th.json.mjs +59 -0
  255. package/dist/admin/translations/th.json.mjs.map +1 -0
  256. package/dist/admin/translations/tr.json.js +86 -0
  257. package/dist/admin/translations/tr.json.js.map +1 -0
  258. package/dist/admin/translations/tr.json.mjs +84 -0
  259. package/dist/admin/translations/tr.json.mjs.map +1 -0
  260. package/dist/admin/translations/uk.json.js +87 -0
  261. package/dist/admin/translations/uk.json.js.map +1 -0
  262. package/dist/admin/translations/uk.json.mjs +85 -0
  263. package/dist/admin/translations/uk.json.mjs.map +1 -0
  264. package/dist/admin/translations/vi.json.js +51 -0
  265. package/dist/admin/translations/vi.json.js.map +1 -0
  266. package/dist/admin/translations/vi.json.mjs +49 -0
  267. package/dist/admin/translations/vi.json.mjs.map +1 -0
  268. package/dist/admin/translations/zh-Hans.json.js +87 -0
  269. package/dist/admin/translations/zh-Hans.json.js.map +1 -0
  270. package/dist/admin/translations/zh-Hans.json.mjs +85 -0
  271. package/dist/admin/translations/zh-Hans.json.mjs.map +1 -0
  272. package/dist/admin/translations/zh.json.js +87 -0
  273. package/dist/admin/translations/zh.json.js.map +1 -0
  274. package/dist/admin/translations/zh.json.mjs +85 -0
  275. package/dist/admin/translations/zh.json.mjs.map +1 -0
  276. package/dist/admin/utils/cleanPermissions.js +24 -0
  277. package/dist/admin/utils/cleanPermissions.js.map +1 -0
  278. package/dist/admin/utils/cleanPermissions.mjs +22 -0
  279. package/dist/admin/utils/cleanPermissions.mjs.map +1 -0
  280. package/dist/admin/utils/formatPluginName.js +29 -0
  281. package/dist/admin/utils/formatPluginName.js.map +1 -0
  282. package/dist/admin/utils/formatPluginName.mjs +27 -0
  283. package/dist/admin/utils/formatPluginName.mjs.map +1 -0
  284. package/dist/admin/utils/getTrad.js +8 -0
  285. package/dist/admin/utils/getTrad.js.map +1 -0
  286. package/dist/admin/utils/getTrad.mjs +6 -0
  287. package/dist/admin/utils/getTrad.mjs.map +1 -0
  288. package/dist/admin/utils/prefixPluginTranslations.js +11 -0
  289. package/dist/admin/utils/prefixPluginTranslations.js.map +1 -0
  290. package/dist/admin/utils/prefixPluginTranslations.mjs +9 -0
  291. package/dist/admin/utils/prefixPluginTranslations.mjs.map +1 -0
  292. package/dist/server/_virtual/_commonjsHelpers.js +8 -0
  293. package/dist/server/_virtual/_commonjsHelpers.js.map +1 -0
  294. package/dist/server/_virtual/_commonjsHelpers.mjs +6 -0
  295. package/dist/server/_virtual/_commonjsHelpers.mjs.map +1 -0
  296. package/dist/server/bootstrap/index.js +145 -0
  297. package/dist/server/bootstrap/index.js.map +1 -0
  298. package/dist/server/bootstrap/index.mjs +143 -0
  299. package/dist/server/bootstrap/index.mjs.map +1 -0
  300. package/dist/server/bootstrap/users-permissions-actions.js +98 -0
  301. package/dist/server/bootstrap/users-permissions-actions.js.map +1 -0
  302. package/dist/server/bootstrap/users-permissions-actions.mjs +96 -0
  303. package/dist/server/bootstrap/users-permissions-actions.mjs.map +1 -0
  304. package/dist/server/config.js +54 -0
  305. package/dist/server/config.js.map +1 -0
  306. package/dist/server/config.mjs +52 -0
  307. package/dist/server/config.mjs.map +1 -0
  308. package/dist/server/content-types/index.js +30 -0
  309. package/dist/server/content-types/index.js.map +1 -0
  310. package/dist/server/content-types/index.mjs +28 -0
  311. package/dist/server/content-types/index.mjs.map +1 -0
  312. package/dist/server/content-types/permission/index.js +44 -0
  313. package/dist/server/content-types/permission/index.js.map +1 -0
  314. package/dist/server/content-types/permission/index.mjs +42 -0
  315. package/dist/server/content-types/permission/index.mjs.map +1 -0
  316. package/dist/server/content-types/role/index.js +61 -0
  317. package/dist/server/content-types/role/index.js.map +1 -0
  318. package/dist/server/content-types/role/index.mjs +59 -0
  319. package/dist/server/content-types/role/index.mjs.map +1 -0
  320. package/dist/server/content-types/user/index.js +84 -0
  321. package/dist/server/content-types/user/index.js.map +1 -0
  322. package/dist/server/content-types/user/index.mjs +82 -0
  323. package/dist/server/content-types/user/index.mjs.map +1 -0
  324. package/dist/server/content-types/user/schema-config.js +25 -0
  325. package/dist/server/content-types/user/schema-config.js.map +1 -0
  326. package/dist/server/content-types/user/schema-config.mjs +23 -0
  327. package/dist/server/content-types/user/schema-config.mjs.map +1 -0
  328. package/dist/server/controllers/auth.js +429 -0
  329. package/dist/server/controllers/auth.js.map +1 -0
  330. package/dist/server/controllers/auth.mjs +427 -0
  331. package/dist/server/controllers/auth.mjs.map +1 -0
  332. package/dist/server/controllers/content-manager-user.js +168 -0
  333. package/dist/server/controllers/content-manager-user.js.map +1 -0
  334. package/dist/server/controllers/content-manager-user.mjs +166 -0
  335. package/dist/server/controllers/content-manager-user.mjs.map +1 -0
  336. package/dist/server/controllers/index.js +33 -0
  337. package/dist/server/controllers/index.js.map +1 -0
  338. package/dist/server/controllers/index.mjs +31 -0
  339. package/dist/server/controllers/index.mjs.map +1 -0
  340. package/dist/server/controllers/permissions.js +37 -0
  341. package/dist/server/controllers/permissions.js.map +1 -0
  342. package/dist/server/controllers/permissions.mjs +35 -0
  343. package/dist/server/controllers/permissions.mjs.map +1 -0
  344. package/dist/server/controllers/role.js +91 -0
  345. package/dist/server/controllers/role.js.map +1 -0
  346. package/dist/server/controllers/role.mjs +89 -0
  347. package/dist/server/controllers/role.mjs.map +1 -0
  348. package/dist/server/controllers/settings.js +107 -0
  349. package/dist/server/controllers/settings.js.map +1 -0
  350. package/dist/server/controllers/settings.mjs +105 -0
  351. package/dist/server/controllers/settings.mjs.map +1 -0
  352. package/dist/server/controllers/user.js +201 -0
  353. package/dist/server/controllers/user.js.map +1 -0
  354. package/dist/server/controllers/user.mjs +199 -0
  355. package/dist/server/controllers/user.mjs.map +1 -0
  356. package/dist/server/controllers/validation/auth.js +131 -0
  357. package/dist/server/controllers/validation/auth.js.map +1 -0
  358. package/dist/server/controllers/validation/auth.mjs +129 -0
  359. package/dist/server/controllers/validation/auth.mjs.map +1 -0
  360. package/dist/server/controllers/validation/email-template.js +72 -0
  361. package/dist/server/controllers/validation/email-template.js.map +1 -0
  362. package/dist/server/controllers/validation/email-template.mjs +70 -0
  363. package/dist/server/controllers/validation/email-template.mjs.map +1 -0
  364. package/dist/server/controllers/validation/user.js +54 -0
  365. package/dist/server/controllers/validation/user.js.map +1 -0
  366. package/dist/server/controllers/validation/user.mjs +52 -0
  367. package/dist/server/controllers/validation/user.mjs.map +1 -0
  368. package/dist/server/graphql/index.js +66 -0
  369. package/dist/server/graphql/index.js.map +1 -0
  370. package/dist/server/graphql/index.mjs +64 -0
  371. package/dist/server/graphql/index.mjs.map +1 -0
  372. package/dist/server/graphql/mutations/auth/change-password.js +40 -0
  373. package/dist/server/graphql/mutations/auth/change-password.js.map +1 -0
  374. package/dist/server/graphql/mutations/auth/change-password.mjs +38 -0
  375. package/dist/server/graphql/mutations/auth/change-password.mjs.map +1 -0
  376. package/dist/server/graphql/mutations/auth/email-confirmation.js +38 -0
  377. package/dist/server/graphql/mutations/auth/email-confirmation.js.map +1 -0
  378. package/dist/server/graphql/mutations/auth/email-confirmation.mjs +36 -0
  379. package/dist/server/graphql/mutations/auth/email-confirmation.mjs.map +1 -0
  380. package/dist/server/graphql/mutations/auth/forgot-password.js +37 -0
  381. package/dist/server/graphql/mutations/auth/forgot-password.js.map +1 -0
  382. package/dist/server/graphql/mutations/auth/forgot-password.mjs +35 -0
  383. package/dist/server/graphql/mutations/auth/forgot-password.mjs.map +1 -0
  384. package/dist/server/graphql/mutations/auth/login.js +40 -0
  385. package/dist/server/graphql/mutations/auth/login.js.map +1 -0
  386. package/dist/server/graphql/mutations/auth/login.mjs +38 -0
  387. package/dist/server/graphql/mutations/auth/login.mjs.map +1 -0
  388. package/dist/server/graphql/mutations/auth/register.js +38 -0
  389. package/dist/server/graphql/mutations/auth/register.js.map +1 -0
  390. package/dist/server/graphql/mutations/auth/register.mjs +36 -0
  391. package/dist/server/graphql/mutations/auth/register.mjs.map +1 -0
  392. package/dist/server/graphql/mutations/auth/reset-password.js +40 -0
  393. package/dist/server/graphql/mutations/auth/reset-password.js.map +1 -0
  394. package/dist/server/graphql/mutations/auth/reset-password.mjs +38 -0
  395. package/dist/server/graphql/mutations/auth/reset-password.mjs.map +1 -0
  396. package/dist/server/graphql/mutations/crud/role/create-role.js +37 -0
  397. package/dist/server/graphql/mutations/crud/role/create-role.js.map +1 -0
  398. package/dist/server/graphql/mutations/crud/role/create-role.mjs +35 -0
  399. package/dist/server/graphql/mutations/crud/role/create-role.mjs.map +1 -0
  400. package/dist/server/graphql/mutations/crud/role/delete-role.js +32 -0
  401. package/dist/server/graphql/mutations/crud/role/delete-role.js.map +1 -0
  402. package/dist/server/graphql/mutations/crud/role/delete-role.mjs +30 -0
  403. package/dist/server/graphql/mutations/crud/role/delete-role.mjs.map +1 -0
  404. package/dist/server/graphql/mutations/crud/role/update-role.js +39 -0
  405. package/dist/server/graphql/mutations/crud/role/update-role.js.map +1 -0
  406. package/dist/server/graphql/mutations/crud/role/update-role.mjs +37 -0
  407. package/dist/server/graphql/mutations/crud/role/update-role.mjs.map +1 -0
  408. package/dist/server/graphql/mutations/crud/user/create-user.js +46 -0
  409. package/dist/server/graphql/mutations/crud/user/create-user.js.map +1 -0
  410. package/dist/server/graphql/mutations/crud/user/create-user.mjs +44 -0
  411. package/dist/server/graphql/mutations/crud/user/create-user.mjs.map +1 -0
  412. package/dist/server/graphql/mutations/crud/user/delete-user.js +44 -0
  413. package/dist/server/graphql/mutations/crud/user/delete-user.js.map +1 -0
  414. package/dist/server/graphql/mutations/crud/user/delete-user.mjs +42 -0
  415. package/dist/server/graphql/mutations/crud/user/delete-user.mjs.map +1 -0
  416. package/dist/server/graphql/mutations/crud/user/update-user.js +49 -0
  417. package/dist/server/graphql/mutations/crud/user/update-user.js.map +1 -0
  418. package/dist/server/graphql/mutations/crud/user/update-user.mjs +47 -0
  419. package/dist/server/graphql/mutations/crud/user/update-user.mjs.map +1 -0
  420. package/dist/server/graphql/mutations/index.js +58 -0
  421. package/dist/server/graphql/mutations/index.js.map +1 -0
  422. package/dist/server/graphql/mutations/index.mjs +56 -0
  423. package/dist/server/graphql/mutations/index.mjs.map +1 -0
  424. package/dist/server/graphql/queries/index.js +25 -0
  425. package/dist/server/graphql/queries/index.js.map +1 -0
  426. package/dist/server/graphql/queries/index.mjs +23 -0
  427. package/dist/server/graphql/queries/index.mjs.map +1 -0
  428. package/dist/server/graphql/queries/me.js +23 -0
  429. package/dist/server/graphql/queries/me.js.map +1 -0
  430. package/dist/server/graphql/queries/me.mjs +21 -0
  431. package/dist/server/graphql/queries/me.mjs.map +1 -0
  432. package/dist/server/graphql/resolvers-configs.js +93 -0
  433. package/dist/server/graphql/resolvers-configs.js.map +1 -0
  434. package/dist/server/graphql/resolvers-configs.mjs +91 -0
  435. package/dist/server/graphql/resolvers-configs.mjs.map +1 -0
  436. package/dist/server/graphql/types/create-role-payload.js +20 -0
  437. package/dist/server/graphql/types/create-role-payload.js.map +1 -0
  438. package/dist/server/graphql/types/create-role-payload.mjs +18 -0
  439. package/dist/server/graphql/types/create-role-payload.mjs.map +1 -0
  440. package/dist/server/graphql/types/delete-role-payload.js +20 -0
  441. package/dist/server/graphql/types/delete-role-payload.js.map +1 -0
  442. package/dist/server/graphql/types/delete-role-payload.mjs +18 -0
  443. package/dist/server/graphql/types/delete-role-payload.mjs.map +1 -0
  444. package/dist/server/graphql/types/index.js +41 -0
  445. package/dist/server/graphql/types/index.js.map +1 -0
  446. package/dist/server/graphql/types/index.mjs +39 -0
  447. package/dist/server/graphql/types/index.mjs.map +1 -0
  448. package/dist/server/graphql/types/login-input.js +24 -0
  449. package/dist/server/graphql/types/login-input.js.map +1 -0
  450. package/dist/server/graphql/types/login-input.mjs +22 -0
  451. package/dist/server/graphql/types/login-input.mjs.map +1 -0
  452. package/dist/server/graphql/types/login-payload.js +23 -0
  453. package/dist/server/graphql/types/login-payload.js.map +1 -0
  454. package/dist/server/graphql/types/login-payload.mjs +21 -0
  455. package/dist/server/graphql/types/login-payload.mjs.map +1 -0
  456. package/dist/server/graphql/types/me-role.js +23 -0
  457. package/dist/server/graphql/types/me-role.js.map +1 -0
  458. package/dist/server/graphql/types/me-role.mjs +21 -0
  459. package/dist/server/graphql/types/me-role.mjs.map +1 -0
  460. package/dist/server/graphql/types/me.js +28 -0
  461. package/dist/server/graphql/types/me.js.map +1 -0
  462. package/dist/server/graphql/types/me.mjs +26 -0
  463. package/dist/server/graphql/types/me.mjs.map +1 -0
  464. package/dist/server/graphql/types/password-payload.js +20 -0
  465. package/dist/server/graphql/types/password-payload.js.map +1 -0
  466. package/dist/server/graphql/types/password-payload.mjs +18 -0
  467. package/dist/server/graphql/types/password-payload.mjs.map +1 -0
  468. package/dist/server/graphql/types/register-input.js +22 -0
  469. package/dist/server/graphql/types/register-input.js.map +1 -0
  470. package/dist/server/graphql/types/register-input.mjs +20 -0
  471. package/dist/server/graphql/types/register-input.mjs.map +1 -0
  472. package/dist/server/graphql/types/update-role-payload.js +20 -0
  473. package/dist/server/graphql/types/update-role-payload.js.map +1 -0
  474. package/dist/server/graphql/types/update-role-payload.mjs +18 -0
  475. package/dist/server/graphql/types/update-role-payload.mjs.map +1 -0
  476. package/dist/server/graphql/types/user-input.js +26 -0
  477. package/dist/server/graphql/types/user-input.js.map +1 -0
  478. package/dist/server/graphql/types/user-input.mjs +24 -0
  479. package/dist/server/graphql/types/user-input.mjs.map +1 -0
  480. package/dist/server/graphql/utils.js +32 -0
  481. package/dist/server/graphql/utils.js.map +1 -0
  482. package/dist/server/graphql/utils.mjs +30 -0
  483. package/dist/server/graphql/utils.mjs.map +1 -0
  484. package/dist/server/index.js +10 -0
  485. package/dist/server/index.js.map +1 -0
  486. package/dist/server/index.mjs +8 -0
  487. package/dist/server/index.mjs.map +1 -0
  488. package/dist/server/index2.js +39 -0
  489. package/dist/server/index2.js.map +1 -0
  490. package/dist/server/index2.mjs +37 -0
  491. package/dist/server/index2.mjs.map +1 -0
  492. package/dist/server/middlewares/index.js +18 -0
  493. package/dist/server/middlewares/index.js.map +1 -0
  494. package/dist/server/middlewares/index.mjs +16 -0
  495. package/dist/server/middlewares/index.mjs.map +1 -0
  496. package/dist/server/middlewares/rateLimit.js +51 -0
  497. package/dist/server/middlewares/rateLimit.js.map +1 -0
  498. package/dist/server/middlewares/rateLimit.mjs +49 -0
  499. package/dist/server/middlewares/rateLimit.mjs.map +1 -0
  500. package/dist/server/register.js +41 -0
  501. package/dist/server/register.js.map +1 -0
  502. package/dist/server/register.mjs +39 -0
  503. package/dist/server/register.mjs.map +1 -0
  504. package/dist/server/routes/admin/index.js +27 -0
  505. package/dist/server/routes/admin/index.js.map +1 -0
  506. package/dist/server/routes/admin/index.mjs +25 -0
  507. package/dist/server/routes/admin/index.mjs.map +1 -0
  508. package/dist/server/routes/admin/permissions.js +29 -0
  509. package/dist/server/routes/admin/permissions.js.map +1 -0
  510. package/dist/server/routes/admin/permissions.mjs +27 -0
  511. package/dist/server/routes/admin/permissions.mjs.map +1 -0
  512. package/dist/server/routes/admin/role.js +99 -0
  513. package/dist/server/routes/admin/role.js.map +1 -0
  514. package/dist/server/routes/admin/role.mjs +97 -0
  515. package/dist/server/routes/admin/role.mjs.map +1 -0
  516. package/dist/server/routes/admin/settings.js +116 -0
  517. package/dist/server/routes/admin/settings.js.map +1 -0
  518. package/dist/server/routes/admin/settings.mjs +114 -0
  519. package/dist/server/routes/admin/settings.mjs.map +1 -0
  520. package/dist/server/routes/content-api/auth.js +152 -0
  521. package/dist/server/routes/content-api/auth.js.map +1 -0
  522. package/dist/server/routes/content-api/auth.mjs +150 -0
  523. package/dist/server/routes/content-api/auth.mjs.map +1 -0
  524. package/dist/server/routes/content-api/index.js +32 -0
  525. package/dist/server/routes/content-api/index.js.map +1 -0
  526. package/dist/server/routes/content-api/index.mjs +30 -0
  527. package/dist/server/routes/content-api/index.mjs.map +1 -0
  528. package/dist/server/routes/content-api/permissions.js +26 -0
  529. package/dist/server/routes/content-api/permissions.js.map +1 -0
  530. package/dist/server/routes/content-api/permissions.mjs +24 -0
  531. package/dist/server/routes/content-api/permissions.mjs.map +1 -0
  532. package/dist/server/routes/content-api/role.js +73 -0
  533. package/dist/server/routes/content-api/role.js.map +1 -0
  534. package/dist/server/routes/content-api/role.mjs +71 -0
  535. package/dist/server/routes/content-api/role.mjs.map +1 -0
  536. package/dist/server/routes/content-api/user.js +132 -0
  537. package/dist/server/routes/content-api/user.js.map +1 -0
  538. package/dist/server/routes/content-api/user.mjs +130 -0
  539. package/dist/server/routes/content-api/user.mjs.map +1 -0
  540. package/dist/server/routes/content-api/validation.js +216 -0
  541. package/dist/server/routes/content-api/validation.js.map +1 -0
  542. package/dist/server/routes/content-api/validation.mjs +214 -0
  543. package/dist/server/routes/content-api/validation.mjs.map +1 -0
  544. package/dist/server/routes/index.js +19 -0
  545. package/dist/server/routes/index.js.map +1 -0
  546. package/dist/server/routes/index.mjs +17 -0
  547. package/dist/server/routes/index.mjs.map +1 -0
  548. package/dist/server/services/index.js +36 -0
  549. package/dist/server/services/index.js.map +1 -0
  550. package/dist/server/services/index.mjs +34 -0
  551. package/dist/server/services/index.mjs.map +1 -0
  552. package/dist/server/services/jwt.js +50 -0
  553. package/dist/server/services/jwt.js.map +1 -0
  554. package/dist/server/services/jwt.mjs +48 -0
  555. package/dist/server/services/jwt.mjs.map +1 -0
  556. package/dist/server/services/permission.js +52 -0
  557. package/dist/server/services/permission.js.map +1 -0
  558. package/dist/server/services/permission.mjs +50 -0
  559. package/dist/server/services/permission.mjs.map +1 -0
  560. package/dist/server/services/providers-registry.js +555 -0
  561. package/dist/server/services/providers-registry.js.map +1 -0
  562. package/dist/server/services/providers-registry.mjs +553 -0
  563. package/dist/server/services/providers-registry.mjs.map +1 -0
  564. package/dist/server/services/providers.js +111 -0
  565. package/dist/server/services/providers.js.map +1 -0
  566. package/dist/server/services/providers.mjs +109 -0
  567. package/dist/server/services/providers.mjs.map +1 -0
  568. package/dist/server/services/role.js +186 -0
  569. package/dist/server/services/role.js.map +1 -0
  570. package/dist/server/services/role.mjs +184 -0
  571. package/dist/server/services/role.mjs.map +1 -0
  572. package/dist/server/services/user.js +179 -0
  573. package/dist/server/services/user.js.map +1 -0
  574. package/dist/server/services/user.mjs +177 -0
  575. package/dist/server/services/user.mjs.map +1 -0
  576. package/dist/server/services/users-permissions.js +247 -0
  577. package/dist/server/services/users-permissions.js.map +1 -0
  578. package/dist/server/services/users-permissions.mjs +245 -0
  579. package/dist/server/services/users-permissions.mjs.map +1 -0
  580. package/dist/server/strategies/users-permissions.js +114 -0
  581. package/dist/server/strategies/users-permissions.js.map +1 -0
  582. package/dist/server/strategies/users-permissions.mjs +112 -0
  583. package/dist/server/strategies/users-permissions.mjs.map +1 -0
  584. package/dist/server/utils/index.js +22 -0
  585. package/dist/server/utils/index.js.map +1 -0
  586. package/dist/server/utils/index.mjs +20 -0
  587. package/dist/server/utils/index.mjs.map +1 -0
  588. package/dist/server/utils/sanitize/index.js +21 -0
  589. package/dist/server/utils/sanitize/index.js.map +1 -0
  590. package/dist/server/utils/sanitize/index.mjs +19 -0
  591. package/dist/server/utils/sanitize/index.mjs.map +1 -0
  592. package/dist/server/utils/sanitize/sanitizers.js +32 -0
  593. package/dist/server/utils/sanitize/sanitizers.js.map +1 -0
  594. package/dist/server/utils/sanitize/sanitizers.mjs +30 -0
  595. package/dist/server/utils/sanitize/sanitizers.mjs.map +1 -0
  596. package/dist/server/utils/sanitize/visitors/index.js +17 -0
  597. package/dist/server/utils/sanitize/visitors/index.js.map +1 -0
  598. package/dist/server/utils/sanitize/visitors/index.mjs +15 -0
  599. package/dist/server/utils/sanitize/visitors/index.mjs.map +1 -0
  600. package/dist/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js +17 -0
  601. package/dist/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js.map +1 -0
  602. package/dist/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.mjs +15 -0
  603. package/dist/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.mjs.map +1 -0
  604. package/package.json +33 -33
  605. package/rollup.config.mjs +19 -0
  606. package/server/bootstrap/index.js +18 -51
  607. package/server/bootstrap/users-permissions-actions.js +6 -0
  608. package/server/config.js +29 -0
  609. package/server/content-types/user/index.js +0 -1
  610. package/server/controllers/auth.js +63 -64
  611. package/server/controllers/content-manager-user.js +31 -34
  612. package/server/controllers/role.js +17 -4
  613. package/server/controllers/user.js +8 -9
  614. package/server/controllers/validation/auth.js +104 -25
  615. package/server/controllers/validation/user.js +12 -1
  616. package/server/graphql/types/index.js +1 -0
  617. package/server/graphql/types/me.js +1 -0
  618. package/server/graphql/types/user-input.js +20 -0
  619. package/server/middlewares/rateLimit.js +1 -1
  620. package/server/register.js +2 -2
  621. package/server/routes/content-api/auth.js +107 -71
  622. package/server/routes/content-api/index.js +10 -3
  623. package/server/routes/content-api/permissions.js +14 -7
  624. package/server/routes/content-api/role.js +57 -27
  625. package/server/routes/content-api/user.js +108 -51
  626. package/server/routes/content-api/validation.js +249 -0
  627. package/server/services/jwt.js +3 -3
  628. package/server/services/permission.js +3 -7
  629. package/server/services/providers-registry.js +469 -261
  630. package/server/services/providers.js +10 -5
  631. package/server/services/role.js +15 -13
  632. package/server/services/user.js +56 -19
  633. package/server/services/users-permissions.js +15 -13
  634. package/server/utils/index.d.ts +2 -1
  635. package/server/utils/sanitize/sanitizers.js +7 -3
  636. package/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js +2 -2
  637. package/admin/src/components/FormModal/index.js +0 -126
  638. package/admin/src/components/Permissions/index.js +0 -55
  639. package/admin/src/pages/AdvancedSettings/index.js +0 -259
  640. package/admin/src/pages/EmailTemplates/components/EmailForm.js +0 -176
  641. package/admin/src/pages/Roles/index.js +0 -33
  642. package/admin/src/pages/Roles/pages/ListPage/utils/api.js +0 -30
  643. package/packup.config.ts +0 -42
  644. package/server/bootstrap/grant-config.js +0 -131
  645. package/strapi-server.js +0 -3
  646. /package/admin/src/components/Permissions/PermissionRow/{index.js → index.jsx} +0 -0
  647. /package/admin/src/contexts/UsersPermissionsContext/{index.js → index.jsx} +0 -0
package/rollup.config.mjs ADDED
@@ -0,0 +1,19 @@
1
+ import { defineConfig } from 'rollup';
2
+ import { baseConfig } from '../../../rollup.utils.mjs';
3
+
4
+ export default defineConfig([
5
+ baseConfig({
6
+ input: {
7
+ index: './admin/src/index.js',
8
+ },
9
+ rootDir: './admin/src',
10
+ outDir: './dist/admin',
11
+ }),
12
+ baseConfig({
13
+ input: {
14
+ index: './server/index.js'
15
+ },
16
+ rootDir: './server',
17
+ outDir: './dist/server',
18
+ })
19
+ ]);
package/server/bootstrap/index.js CHANGED
@@ -9,25 +9,26 @@
9
9
  */
10
10
  const crypto = require('crypto');
11
11
  const _ = require('lodash');
12
- const urljoin = require('url-join');
13
- const { isArray } = require('lodash/fp');
14
12
  const { getService } = require('../utils');
15
- const getGrantConfig = require('./grant-config');
16
-
17
13
  const usersPermissionsActions = require('./users-permissions-actions');
18
- const userSchema = require('../content-types/user');
19
14
 
20
15
  const initGrant = async (pluginStore) => {
21
- const apiPrefix = strapi.config.get('api.rest.prefix');
22
- const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');
16
+ const allProviders = getService('providers-registry').getAll();
17
+
18
+ const grantConfig = Object.entries(allProviders).reduce((acc, [name, provider]) => {
19
+ const { icon, enabled, grantConfig } = provider;
23
20
 
24
- const grantConfig = getGrantConfig(baseURL);
21
+ acc[name] = {
22
+ icon,
23
+ enabled,
24
+ ...grantConfig,
25
+ };
26
+ return acc;
27
+ }, {});
25
28
 
26
29
  const prevGrantConfig = (await pluginStore.get({ key: 'grant' })) || {};
27
- // store grant auth config to db
28
- // when plugin_users-permissions_grant is not existed in db
29
- // or we have added/deleted provider here.
30
- if (!prevGrantConfig || !_.isEqual(_.keys(prevGrantConfig), _.keys(grantConfig))) {
30
+
31
+ if (!prevGrantConfig || !_.isEqual(prevGrantConfig, grantConfig)) {
31
32
  // merge with the previous provider config.
32
33
  _.keys(grantConfig).forEach((key) => {
33
34
  if (key in prevGrantConfig) {
@@ -99,27 +100,6 @@ const initAdvancedOptions = async (pluginStore) => {
99
100
  }
100
101
  };
101
102
 
102
- const userSchemaAdditions = () => {
103
- const defaultSchema = Object.keys(userSchema.attributes);
104
- const currentSchema = Object.keys(
105
- strapi.contentTypes['plugin::users-permissions.user'].attributes
106
- );
107
-
108
- // Some dynamic fields may not have been initialized yet, so we need to ignore them
109
- // TODO: we should have a global method for finding these
110
- const ignoreDiffs = [
111
- 'createdBy',
112
- 'createdAt',
113
- 'updatedBy',
114
- 'updatedAt',
115
- 'publishedAt',
116
- 'strapi_stage',
117
- 'strapi_assignee',
118
- ];
119
-
120
- return currentSchema.filter((key) => !(ignoreDiffs.includes(key) || defaultSchema.includes(key)));
121
- };
122
-
123
103
  module.exports = async ({ strapi }) => {
124
104
  const pluginStore = strapi.store({ type: 'plugin', name: 'users-permissions' });
125
105
 
@@ -127,13 +107,13 @@ module.exports = async ({ strapi }) => {
127
107
  await initEmails(pluginStore);
128
108
  await initAdvancedOptions(pluginStore);
129
109
 
130
- await strapi.admin.services.permission.actionProvider.registerMany(
131
- usersPermissionsActions.actions
132
- );
110
+ await strapi
111
+ .service('admin::permission')
112
+ .actionProvider.registerMany(usersPermissionsActions.actions);
133
113
 
134
114
  await getService('users-permissions').initialize();
135
115
 
136
- if (!strapi.config.get('plugin.users-permissions.jwtSecret')) {
116
+ if (!strapi.config.get('plugin::users-permissions.jwtSecret')) {
137
117
  if (process.env.NODE_ENV !== 'development') {
138
118
  throw new Error(
139
119
  `Missing jwtSecret. Please, set configuration variable "jwtSecret" for the users-permissions plugin in config/plugins.js (ex: you can generate one using Node with \`crypto.randomBytes(16).toString('base64')\`).
@@ -143,7 +123,7 @@ For security reasons, prefer storing the secret in an environment variable and r
143
123
 
144
124
  const jwtSecret = crypto.randomBytes(16).toString('base64');
145
125
 
146
- strapi.config.set('plugin.users-permissions.jwtSecret', jwtSecret);
126
+ strapi.config.set('plugin::users-permissions.jwtSecret', jwtSecret);
147
127
 
148
128
  if (!process.env.JWT_SECRET) {
149
129
  const envPath = process.env.ENV_PATH || '.env';
@@ -153,17 +133,4 @@ For security reasons, prefer storing the secret in an environment variable and r
153
133
  );
154
134
  }
155
135
  }
156
-
157
- // TODO v5: Remove this block of code and default allowedFields to empty array
158
- if (!isArray(strapi.config.get('plugin.users-permissions.register.allowedFields'))) {
159
- const modifications = userSchemaAdditions();
160
- if (modifications.length > 0) {
161
- // if there is a potential vulnerability, show a warning
162
- strapi.log.warn(
163
- `Users-permissions registration has defaulted to accepting the following additional user fields during registration: ${modifications.join(
164
- ','
165
- )}`
166
- );
167
- }
168
- }
169
136
  };
package/server/bootstrap/users-permissions-actions.js CHANGED
@@ -16,6 +16,12 @@ module.exports = {
16
16
  uid: 'roles.read',
17
17
  subCategory: 'roles',
18
18
  pluginName: 'users-permissions',
19
+ aliases: [
20
+ {
21
+ actionId: 'plugin::content-manager.explorer.read',
22
+ subjects: ['plugin::users-permissions.role'],
23
+ },
24
+ ],
19
25
  },
20
26
  {
21
27
  section: 'plugins',
package/server/config.js CHANGED
@@ -18,6 +18,35 @@ module.exports = {
18
18
  },
19
19
  },
20
20
  },
21
+ callback: {
22
+ validate(callback, provider) {
23
+ let uCallback;
24
+ let uProviderCallback;
25
+
26
+ try {
27
+ uCallback = new URL(callback);
28
+ uProviderCallback = new URL(provider.callback);
29
+ } catch {
30
+ throw new Error('The callback is not a valid URL');
31
+ }
32
+
33
+ // Make sure the different origin matches
34
+ if (uCallback.origin !== uProviderCallback.origin) {
35
+ throw new Error(
36
+ `Forbidden callback provided: origins don't match. Please verify your config.`
37
+ );
38
+ }
39
+
40
+ // Make sure the different pathname matches
41
+ if (uCallback.pathname !== uProviderCallback.pathname) {
42
+ throw new Error(
43
+ `Forbidden callback provided: pathname don't match. Please verify your config.`
44
+ );
45
+ }
46
+
47
+ // NOTE: We're not checking the search parameters on purpose to allow passing different states
48
+ },
49
+ },
21
50
  }),
22
51
  validator() {},
23
52
  };
package/server/content-types/user/index.js CHANGED
@@ -12,7 +12,6 @@ module.exports = {
12
12
  displayName: 'User',
13
13
  },
14
14
  options: {
15
- draftAndPublish: false,
16
15
  timestamps: true,
17
16
  },
18
17
  attributes: {
package/server/controllers/auth.js CHANGED
@@ -11,9 +11,6 @@ const crypto = require('crypto');
11
11
  const _ = require('lodash');
12
12
  const { concat, compact, isArray } = require('lodash/fp');
13
13
  const utils = require('@strapi/utils');
14
- const {
15
- contentTypes: { getNonWritableAttributes },
16
- } = require('@strapi/utils');
17
14
  const { getService } = require('../utils');
18
15
  const {
19
16
  validateCallbackBody,
@@ -25,17 +22,16 @@ const {
25
22
  validateChangePasswordBody,
26
23
  } = require('./validation/auth');
27
24
 
28
- const { getAbsoluteAdminUrl, getAbsoluteServerUrl, sanitize } = utils;
29
25
  const { ApplicationError, ValidationError, ForbiddenError } = utils.errors;
30
26
 
31
27
  const sanitizeUser = (user, ctx) => {
32
28
  const { auth } = ctx.state;
33
29
  const userSchema = strapi.getModel('plugin::users-permissions.user');
34
30
 
35
- return sanitize.contentAPI.output(user, userSchema, { auth });
31
+ return strapi.contentAPI.sanitize.output(user, userSchema, { auth });
36
32
  };
37
33
 
38
- module.exports = {
34
+ module.exports = ({ strapi }) => ({
39
35
  async callback(ctx) {
40
36
  const provider = ctx.params.provider || 'local';
41
37
  const params = ctx.request.body;
@@ -55,7 +51,7 @@ module.exports = {
55
51
  const { identifier } = params;
56
52
 
57
53
  // Check if the user exists.
58
- const user = await strapi.query('plugin::users-permissions.user').findOne({
54
+ const user = await strapi.db.query('plugin::users-permissions.user').findOne({
59
55
  where: {
60
56
  provider,
61
57
  $or: [{ email: identifier.toLowerCase() }, { username: identifier }],
@@ -118,13 +114,17 @@ module.exports = {
118
114
  throw new ApplicationError('You must be authenticated to reset your password');
119
115
  }
120
116
 
121
- const { currentPassword, password } = await validateChangePasswordBody(ctx.request.body);
117
+ const validations = strapi.config.get('plugin::users-permissions.validationRules');
122
118
 
123
- const user = await strapi.entityService.findOne(
124
- 'plugin::users-permissions.user',
125
- ctx.state.user.id
119
+ const { currentPassword, password } = await validateChangePasswordBody(
120
+ ctx.request.body,
121
+ validations
126
122
  );
127
123
 
124
+ const user = await strapi.db
125
+ .query('plugin::users-permissions.user')
126
+ .findOne({ where: { id: ctx.state.user.id } });
127
+
128
128
  const validPassword = await getService('user').validatePassword(currentPassword, user.password);
129
129
 
130
130
  if (!validPassword) {
@@ -144,15 +144,18 @@ module.exports = {
144
144
  },
145
145
 
146
146
  async resetPassword(ctx) {
147
+ const validations = strapi.config.get('plugin::users-permissions.validationRules');
148
+
147
149
  const { password, passwordConfirmation, code } = await validateResetPasswordBody(
148
- ctx.request.body
150
+ ctx.request.body,
151
+ validations
149
152
  );
150
153
 
151
154
  if (password !== passwordConfirmation) {
152
155
  throw new ValidationError('Passwords do not match');
153
156
  }
154
157
 
155
- const user = await strapi
158
+ const user = await strapi.db
156
159
  .query('plugin::users-permissions.user')
157
160
  .findOne({ where: { resetPasswordToken: code } });
158
161
 
@@ -173,7 +176,7 @@ module.exports = {
173
176
  },
174
177
 
175
178
  async connect(ctx, next) {
176
- const grant = require('grant-koa');
179
+ const grant = require('grant').koa();
177
180
 
178
181
  const providers = await strapi
179
182
  .store({ type: 'plugin', name: 'users-permissions', key: 'grant' })
@@ -201,10 +204,28 @@ module.exports = {
201
204
  }
202
205
 
203
206
  // Ability to pass OAuth callback dynamically
204
- grantConfig[provider].callback =
205
- _.get(ctx, 'query.callback') ||
206
- _.get(ctx, 'session.grant.dynamic.callback') ||
207
- grantConfig[provider].callback;
207
+ const queryCustomCallback = _.get(ctx, 'query.callback');
208
+ const dynamicSessionCallback = _.get(ctx, 'session.grant.dynamic.callback');
209
+
210
+ const customCallback = queryCustomCallback ?? dynamicSessionCallback;
211
+
212
+ // The custom callback is validated to make sure it's not redirecting to an unwanted actor.
213
+ if (customCallback !== undefined) {
214
+ try {
215
+ // We're extracting the callback validator from the plugin config since it can be user-customized
216
+ const { validate: validateCallback } = strapi
217
+ .plugin('users-permissions')
218
+ .config('callback');
219
+
220
+ await validateCallback(customCallback, grantConfig[provider]);
221
+
222
+ grantConfig[provider].callback = customCallback;
223
+ } catch (e) {
224
+ throw new ValidationError('Invalid callback URL provided', { callback: customCallback });
225
+ }
226
+ }
227
+
228
+ // Build a valid redirect URI for the current provider
208
229
  grantConfig[provider].redirect_uri = getService('providers').buildRedirectUri(provider);
209
230
 
210
231
  return grant(grantConfig)(ctx, next);
@@ -219,7 +240,7 @@ module.exports = {
219
240
  const advancedSettings = await pluginStore.get({ key: 'advanced' });
220
241
 
221
242
  // Find the user by email.
222
- const user = await strapi
243
+ const user = await strapi.db
223
244
  .query('plugin::users-permissions.user')
224
245
  .findOne({ where: { email: email.toLowerCase() } });
225
246
 
@@ -237,8 +258,8 @@ module.exports = {
237
258
  resetPasswordSettings.message,
238
259
  {
239
260
  URL: advancedSettings.email_reset_password,
240
- SERVER_URL: getAbsoluteServerUrl(strapi.config),
241
- ADMIN_URL: getAbsoluteAdminUrl(strapi.config),
261
+ SERVER_URL: strapi.config.get('server.absoluteUrl'),
262
+ ADMIN_URL: strapi.config.get('admin.absoluteUrl'),
242
263
  USER: userInfo,
243
264
  TOKEN: resetPasswordToken,
244
265
  }
@@ -281,55 +302,32 @@ module.exports = {
281
302
  throw new ApplicationError('Register action is currently disabled');
282
303
  }
283
304
 
284
- const { register } = strapi.config.get('plugin.users-permissions');
305
+ const { register } = strapi.config.get('plugin::users-permissions');
285
306
  const alwaysAllowedKeys = ['username', 'password', 'email'];
286
- const userModel = strapi.contentTypes['plugin::users-permissions.user'];
287
- const { attributes } = userModel;
288
-
289
- const nonWritable = getNonWritableAttributes(userModel);
290
307
 
308
+ // Note that we intentionally do not filter allowedFields to allow a project to explicitly accept private or other Strapi field on registration
291
309
  const allowedKeys = compact(
292
- concat(
293
- alwaysAllowedKeys,
294
- isArray(register?.allowedFields)
295
- ? // Note that we do not filter allowedFields in case a user explicitly chooses to allow a private or otherwise omitted field on registration
296
- register.allowedFields // if null or undefined, compact will remove it
297
- : // to prevent breaking changes, if allowedFields is not set in config, we only remove private and known dangerous user schema fields
298
- // TODO V5: allowedFields defaults to [] when undefined and remove this case
299
- Object.keys(attributes).filter(
300
- (key) =>
301
- !nonWritable.includes(key) &&
302
- !attributes[key].private &&
303
- ![
304
- // many of these are included in nonWritable, but we'll list them again to be safe and since we're removing this code in v5 anyway
305
- // Strapi user schema fields
306
- 'confirmed',
307
- 'blocked',
308
- 'confirmationToken',
309
- 'resetPasswordToken',
310
- 'provider',
311
- 'id',
312
- 'role',
313
- // other Strapi fields that might be added
314
- 'createdAt',
315
- 'updatedAt',
316
- 'createdBy',
317
- 'updatedBy',
318
- 'publishedAt', // d&p
319
- 'strapi_reviewWorkflows_stage', // review workflows
320
- ].includes(key)
321
- )
322
- )
310
+ concat(alwaysAllowedKeys, isArray(register?.allowedFields) ? register.allowedFields : [])
323
311
  );
324
312
 
313
+ // Check if there are any keys in requestBody that are not in allowedKeys
314
+ const invalidKeys = Object.keys(ctx.request.body).filter((key) => !allowedKeys.includes(key));
315
+
316
+ if (invalidKeys.length > 0) {
317
+ // If there are invalid keys, throw an error
318
+ throw new ValidationError(`Invalid parameters: ${invalidKeys.join(', ')}`);
319
+ }
320
+
325
321
  const params = {
326
322
  ..._.pick(ctx.request.body, allowedKeys),
327
323
  provider: 'local',
328
324
  };
329
325
 
330
- await validateRegisterBody(params);
326
+ const validations = strapi.config.get('plugin::users-permissions.validationRules');
331
327
 
332
- const role = await strapi
328
+ await validateRegisterBody(params, validations);
329
+
330
+ const role = await strapi.db
333
331
  .query('plugin::users-permissions.role')
334
332
  .findOne({ where: { type: settings.default_role } });
335
333
 
@@ -348,7 +346,7 @@ module.exports = {
348
346
  ],
349
347
  };
350
348
 
351
- const conflictingUserCount = await strapi.query('plugin::users-permissions.user').count({
349
+ const conflictingUserCount = await strapi.db.query('plugin::users-permissions.user').count({
352
350
  where: { ...identifierFilter, provider },
353
351
  });
354
352
 
@@ -357,7 +355,7 @@ module.exports = {
357
355
  }
358
356
 
359
357
  if (settings.unique_email) {
360
- const conflictingUserCount = await strapi.query('plugin::users-permissions.user').count({
358
+ const conflictingUserCount = await strapi.db.query('plugin::users-permissions.user').count({
361
359
  where: { ...identifierFilter },
362
360
  });
363
361
 
@@ -382,7 +380,8 @@ module.exports = {
382
380
  try {
383
381
  await getService('user').sendConfirmationEmail(sanitizedUser);
384
382
  } catch (err) {
385
- throw new ApplicationError(err.message);
383
+ strapi.log.error(err);
384
+ throw new ApplicationError('Error sending confirmation email');
386
385
  }
387
386
 
388
387
  return ctx.send({ user: sanitizedUser });
@@ -427,7 +426,7 @@ module.exports = {
427
426
  async sendEmailConfirmation(ctx) {
428
427
  const { email } = await validateSendEmailConfirmationBody(ctx.request.body);
429
428
 
430
- const user = await strapi.query('plugin::users-permissions.user').findOne({
429
+ const user = await strapi.db.query('plugin::users-permissions.user').findOne({
431
430
  where: { email: email.toLowerCase() },
432
431
  });
433
432
 
@@ -450,4 +449,4 @@ module.exports = {
450
449
  sent: true,
451
450
  });
452
451
  },
453
- };
452
+ });
package/server/controllers/content-manager-user.js CHANGED
@@ -2,8 +2,7 @@
2
2
 
3
3
  const _ = require('lodash');
4
4
  const { contentTypes: contentTypesUtils } = require('@strapi/utils');
5
- const { ApplicationError, ValidationError, NotFoundError, ForbiddenError } =
6
- require('@strapi/utils').errors;
5
+ const { ApplicationError, NotFoundError, ForbiddenError } = require('@strapi/utils').errors;
7
6
  const { validateCreateUserBody, validateUpdateUserBody } = require('./validation/user');
8
7
 
9
8
  const { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;
@@ -17,24 +16,25 @@ const ACTIONS = {
17
16
  };
18
17
 
19
18
  const findEntityAndCheckPermissions = async (ability, action, model, id) => {
20
- const entity = await strapi.query(userModel).findOne({
21
- where: { id },
19
+ const doc = await strapi.service('plugin::content-manager.document-manager').findOne(id, model, {
22
20
  populate: [`${CREATED_BY_ATTRIBUTE}.roles`],
23
21
  });
24
22
 
25
- if (_.isNil(entity)) {
23
+ if (_.isNil(doc)) {
26
24
  throw new NotFoundError();
27
25
  }
28
26
 
29
- const pm = strapi.admin.services.permission.createPermissionsManager({ ability, action, model });
27
+ const pm = strapi
28
+ .service('admin::permission')
29
+ .createPermissionsManager({ ability, action, model });
30
30
 
31
- if (pm.ability.cannot(pm.action, pm.toSubject(entity))) {
31
+ if (pm.ability.cannot(pm.action, pm.toSubject(doc))) {
32
32
  throw new ForbiddenError();
33
33
  }
34
34
 
35
- const entityWithoutCreatorRoles = _.omit(entity, `${CREATED_BY_ATTRIBUTE}.roles`);
35
+ const docWithoutCreatorRoles = _.omit(doc, `${CREATED_BY_ATTRIBUTE}.roles`);
36
36
 
37
- return { pm, entity: entityWithoutCreatorRoles };
37
+ return { pm, doc: docWithoutCreatorRoles };
38
38
  };
39
39
 
40
40
  module.exports = {
@@ -48,7 +48,7 @@ module.exports = {
48
48
 
49
49
  const { email, username } = body;
50
50
 
51
- const pm = strapi.admin.services.permission.createPermissionsManager({
51
+ const pm = strapi.service('admin::permission').createPermissionsManager({
52
52
  ability: userAbility,
53
53
  action: ACTIONS.create,
54
54
  model: userModel,
@@ -66,7 +66,7 @@ module.exports = {
66
66
 
67
67
  await validateCreateUserBody(ctx.request.body);
68
68
 
69
- const userWithSameUsername = await strapi
69
+ const userWithSameUsername = await strapi.db
70
70
  .query('plugin::users-permissions.user')
71
71
  .findOne({ where: { username } });
72
72
 
@@ -75,7 +75,7 @@ module.exports = {
75
75
  }
76
76
 
77
77
  if (advanced.unique_email) {
78
- const userWithSameEmail = await strapi
78
+ const userWithSameEmail = await strapi.db
79
79
  .query('plugin::users-permissions.user')
80
80
  .findOne({ where: { email: email.toLowerCase() } });
81
81
 
@@ -93,18 +93,11 @@ module.exports = {
93
93
 
94
94
  user.email = _.toLower(user.email);
95
95
 
96
- if (!user.role) {
97
- const defaultRole = await strapi
98
- .query('plugin::users-permissions.role')
99
- .findOne({ where: { type: advanced.default_role } });
100
-
101
- user.role = defaultRole.id;
102
- }
103
-
104
96
  try {
105
97
  const data = await strapi
106
- .service('plugin::content-manager.entity-manager')
107
- .create(user, userModel);
98
+ .service('plugin::content-manager.document-manager')
99
+ .create(userModel, { data: user });
100
+
108
101
  const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });
109
102
 
110
103
  ctx.created(sanitizedData);
@@ -118,7 +111,7 @@ module.exports = {
118
111
  */
119
112
 
120
113
  async update(ctx) {
121
- const { id } = ctx.params;
114
+ const { id: documentId } = ctx.params;
122
115
  const { body } = ctx.request;
123
116
  const { user: admin, userAbility } = ctx.state;
124
117
 
@@ -128,38 +121,40 @@ module.exports = {
128
121
 
129
122
  const { email, username, password } = body;
130
123
 
131
- const { pm, entity } = await findEntityAndCheckPermissions(
124
+ const { pm, doc } = await findEntityAndCheckPermissions(
132
125
  userAbility,
133
126
  ACTIONS.edit,
134
127
  userModel,
135
- id
128
+ documentId
136
129
  );
137
- const user = entity;
130
+
131
+ const user = doc;
138
132
 
139
133
  await validateUpdateUserBody(ctx.request.body);
140
134
 
141
- if (_.has(body, 'password') && !password && user.provider === 'local') {
142
- throw new ValidationError('password.notNull');
135
+ if (_.has(body, 'password') && (password == null || password === '')) {
136
+ delete body.password;
143
137
  }
144
138
 
145
139
  if (_.has(body, 'username')) {
146
- const userWithSameUsername = await strapi
140
+ const userWithSameUsername = await strapi.db
147
141
  .query('plugin::users-permissions.user')
148
142
  .findOne({ where: { username } });
149
143
 
150
- if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(id)) {
144
+ if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(user.id)) {
151
145
  throw new ApplicationError('Username already taken');
152
146
  }
153
147
  }
154
148
 
155
149
  if (_.has(body, 'email') && advancedConfigs.unique_email) {
156
- const userWithSameEmail = await strapi
150
+ const userWithSameEmail = await strapi.db
157
151
  .query('plugin::users-permissions.user')
158
152
  .findOne({ where: { email: _.toLower(email) } });
159
153
 
160
- if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(id)) {
154
+ if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(user.id)) {
161
155
  throw new ApplicationError('Email already taken');
162
156
  }
157
+
163
158
  body.email = _.toLower(body.email);
164
159
  }
165
160
 
@@ -167,8 +162,10 @@ module.exports = {
167
162
  const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');
168
163
 
169
164
  const data = await strapi
170
- .service('plugin::content-manager.entity-manager')
171
- .update({ id }, updateData, userModel);
165
+ .service('plugin::content-manager.document-manager')
166
+ .update(documentId, userModel, {
167
+ data: updateData,
168
+ });
172
169
 
173
170
  ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });
174
171
  },
package/server/controllers/role.js CHANGED
@@ -1,10 +1,19 @@
1
1
  'use strict';
2
2
 
3
3
  const _ = require('lodash');
4
- const { ApplicationError, ValidationError } = require('@strapi/utils').errors;
4
+ const { async, errors } = require('@strapi/utils');
5
5
  const { getService } = require('../utils');
6
6
  const { validateDeleteRoleBody } = require('./validation/user');
7
7
 
8
+ const { ApplicationError, ValidationError } = errors;
9
+
10
+ const sanitizeOutput = async (role) => {
11
+ const { sanitizeLocalizationFields } = strapi.plugin('i18n').service('sanitize');
12
+ const schema = strapi.getModel('plugin::users-permissions.role');
13
+
14
+ return async.pipe(sanitizeLocalizationFields(schema))(role);
15
+ };
16
+
8
17
  module.exports = {
9
18
  /**
10
19
  * Default action.
@@ -30,13 +39,17 @@ module.exports = {
30
39
  return ctx.notFound();
31
40
  }
32
41
 
33
- ctx.send({ role });
42
+ const safeRole = await sanitizeOutput(role);
43
+
44
+ ctx.send({ role: safeRole });
34
45
  },
35
46
 
36
47
  async find(ctx) {
37
48
  const roles = await getService('role').find();
38
49
 
39
- ctx.send({ roles });
50
+ const safeRoles = await Promise.all(roles.map(sanitizeOutput));
51
+
52
+ ctx.send({ roles: safeRoles });
40
53
  },
41
54
 
42
55
  async updateRole(ctx) {
@@ -59,7 +72,7 @@ module.exports = {
59
72
  }
60
73
 
61
74
  // Fetch public role.
62
- const publicRole = await strapi
75
+ const publicRole = await strapi.db
63
76
  .query('plugin::users-permissions.role')
64
77
  .findOne({ where: { type: 'public' } });
65
78