@strapi/plugin-users-permissions 0.0.0-next.f6dca5adf05ef6bed9605a1535999ab0bbbf063e → 0.0.0-next.f86041c89a8c1545c6437a881dc613e98bc52bd7

package/dist/server/controllers/validation/auth.mjs

@@ -0,0 +1,129 @@
+import require$$1 from '@strapi/utils';
+
+var auth;
+var hasRequiredAuth;
+function requireAuth() {
+    if (hasRequiredAuth) return auth;
+    hasRequiredAuth = 1;
+    const { yup, validateYupSchema } = require$$1;
+    const callbackSchema = yup.object({
+        identifier: yup.string().required(),
+        password: yup.string().required()
+    });
+    const createRegisterSchema = (config)=>yup.object({
+            email: yup.string().email().required(),
+            username: yup.string().required(),
+            password: yup.string().required().test(function(value) {
+                if (!value) return true;
+                const isValid = new TextEncoder().encode(value).length <= 72;
+                if (!isValid) {
+                    return this.createError({
+                        message: 'Password must be less than 73 bytes'
+                    });
+                }
+                return true;
+            }).test(async function(value) {
+                if (typeof config?.validatePassword === 'function') {
+                    try {
+                        const isValid = await config.validatePassword(value);
+                        if (!isValid) {
+                            return this.createError({
+                                message: 'Password validation failed.'
+                            });
+                        }
+                    } catch (error) {
+                        return this.createError({
+                            message: error.message || 'An error occurred.'
+                        });
+                    }
+                }
+                return true;
+            })
+        });
+    const sendEmailConfirmationSchema = yup.object({
+        email: yup.string().email().required()
+    });
+    const validateEmailConfirmationSchema = yup.object({
+        confirmation: yup.string().required()
+    });
+    const forgotPasswordSchema = yup.object({
+        email: yup.string().email().required()
+    }).noUnknown();
+    const createResetPasswordSchema = (config)=>yup.object({
+            password: yup.string().required().test(function(value) {
+                if (!value) return true;
+                const isValid = new TextEncoder().encode(value).length <= 72;
+                if (!isValid) {
+                    return this.createError({
+                        message: 'Password must be less than 73 bytes'
+                    });
+                }
+                return true;
+            }).test(async function(value) {
+                if (typeof config?.validatePassword === 'function') {
+                    try {
+                        const isValid = await config.validatePassword(value);
+                        if (!isValid) {
+                            return this.createError({
+                                message: 'Password validation failed.'
+                            });
+                        }
+                    } catch (error) {
+                        return this.createError({
+                            message: error.message || 'An error occurred.'
+                        });
+                    }
+                }
+                return true;
+            }),
+            passwordConfirmation: yup.string().required().oneOf([
+                yup.ref('password')
+            ], 'Passwords do not match'),
+            code: yup.string().required()
+        }).noUnknown();
+    const createChangePasswordSchema = (config)=>yup.object({
+            password: yup.string().required().test(function(value) {
+                if (!value) return true;
+                const isValid = new TextEncoder().encode(value).length <= 72;
+                if (!isValid) {
+                    return this.createError({
+                        message: 'Password must be less than 73 bytes'
+                    });
+                }
+                return true;
+            }).test(async function(value) {
+                if (typeof config?.validatePassword === 'function') {
+                    try {
+                        const isValid = await config.validatePassword(value);
+                        if (!isValid) {
+                            return this.createError({
+                                message: 'Password validation failed.'
+                            });
+                        }
+                    } catch (error) {
+                        return this.createError({
+                            message: error.message || 'An error occurred.'
+                        });
+                    }
+                }
+                return true;
+            }),
+            passwordConfirmation: yup.string().required().oneOf([
+                yup.ref('password')
+            ], 'Passwords do not match'),
+            currentPassword: yup.string().required()
+        }).noUnknown();
+    auth = {
+        validateCallbackBody: validateYupSchema(callbackSchema),
+        validateRegisterBody: (payload, config)=>validateYupSchema(createRegisterSchema(config))(payload),
+        validateSendEmailConfirmationBody: validateYupSchema(sendEmailConfirmationSchema),
+        validateEmailConfirmationBody: validateYupSchema(validateEmailConfirmationSchema),
+        validateForgotPasswordBody: validateYupSchema(forgotPasswordSchema),
+        validateResetPasswordBody: (payload, config)=>validateYupSchema(createResetPasswordSchema(config))(payload),
+        validateChangePasswordBody: (payload, config)=>validateYupSchema(createChangePasswordSchema(config))(payload)
+    };
+    return auth;
+}
+
+export { requireAuth as __require };
+//# sourceMappingURL=auth.mjs.map

package/dist/server/controllers/validation/auth.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.mjs","sources":["../../../../server/controllers/validation/auth.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst callbackSchema = yup.object({\n  identifier: yup.string().required(),\n  password: yup.string().required(),\n});\n\nconst createRegisterSchema = (config) =>\n  yup.object({\n    email: yup.string().email().required(),\n    username: yup.string().required(),\n    password: yup\n      .string()\n      .required()\n      .test(function (value) {\n        if (!value) return true;\n        const isValid = new TextEncoder().encode(value).length <= 72;\n        if (!isValid) {\n          return this.createError({ message: 'Password must be less than 73 bytes' });\n        }\n        return true;\n      })\n      .test(async function (value) {\n        if (typeof config?.validatePassword === 'function') {\n          try {\n            const isValid = await config.validatePassword(value);\n            if (!isValid) {\n              return this.createError({ message: 'Password validation failed.' });\n            }\n          } catch (error) {\n            return this.createError({ message: error.message || 'An error occurred.' });\n          }\n        }\n        return true;\n      }),\n  });\n\nconst sendEmailConfirmationSchema = yup.object({\n  email: yup.string().email().required(),\n});\n\nconst validateEmailConfirmationSchema = yup.object({\n  confirmation: yup.string().required(),\n});\n\nconst forgotPasswordSchema = yup\n  .object({\n    email: yup.string().email().required(),\n  })\n  .noUnknown();\n\nconst createResetPasswordSchema = (config) =>\n  yup\n    .object({\n      password: yup\n        .string()\n        .required()\n        .test(function (value) {\n          if (!value) return true;\n          const isValid = new TextEncoder().encode(value).length <= 72;\n          if (!isValid) {\n            return this.createError({ message: 'Password must be less than 73 bytes' });\n          }\n          return true;\n        })\n        .test(async function (value) {\n          if (typeof config?.validatePassword === 'function') {\n            try {\n              const isValid = await config.validatePassword(value);\n              if (!isValid) {\n                return this.createError({ message: 'Password validation failed.' });\n              }\n            } catch (error) {\n              return this.createError({ message: error.message || 'An error occurred.' });\n            }\n          }\n          return true;\n        }),\n      passwordConfirmation: yup\n        .string()\n        .required()\n        .oneOf([yup.ref('password')], 'Passwords do not match'),\n\n      code: yup.string().required(),\n    })\n    .noUnknown();\n\nconst createChangePasswordSchema = (config) =>\n  yup\n    .object({\n      password: yup\n        .string()\n        .required()\n        .test(function (value) {\n          if (!value) return true;\n          const isValid = new TextEncoder().encode(value).length <= 72;\n          if (!isValid) {\n            return this.createError({ message: 'Password must be less than 73 bytes' });\n          }\n          return true;\n        })\n        .test(async function (value) {\n          if (typeof config?.validatePassword === 'function') {\n            try {\n              const isValid = await config.validatePassword(value);\n              if (!isValid) {\n                return this.createError({ message: 'Password validation failed.' });\n              }\n            } catch (error) {\n              return this.createError({ message: error.message || 'An error occurred.' });\n            }\n          }\n          return true;\n        }),\n      passwordConfirmation: yup\n        .string()\n        .required()\n        .oneOf([yup.ref('password')], 'Passwords do not match'),\n      currentPassword: yup.string().required(),\n    })\n    .noUnknown();\n\nmodule.exports = {\n  validateCallbackBody: validateYupSchema(callbackSchema),\n  validateRegisterBody: (payload, config) =>\n    validateYupSchema(createRegisterSchema(config))(payload),\n  validateSendEmailConfirmationBody: validateYupSchema(sendEmailConfirmationSchema),\n  validateEmailConfirmationBody: validateYupSchema(validateEmailConfirmationSchema),\n  validateForgotPasswordBody: validateYupSchema(forgotPasswordSchema),\n  validateResetPasswordBody: (payload, config) =>\n    validateYupSchema(createResetPasswordSchema(config))(payload),\n  validateChangePasswordBody: (payload, config) =>\n    validateYupSchema(createChangePasswordSchema(config))(payload),\n};\n"],"names":["yup","validateYupSchema","require$$0","callbackSchema","object","identifier","string","required","password","createRegisterSchema","config","email","username","test","value","isValid","TextEncoder","encode","length","createError","message","validatePassword","error","sendEmailConfirmationSchema","validateEmailConfirmationSchema","confirmation","forgotPasswordSchema","noUnknown","createResetPasswordSchema","passwordConfirmation","oneOf","ref","code","createChangePasswordSchema","currentPassword","auth","validateCallbackBody","validateRegisterBody","payload","validateSendEmailConfirmationBody","validateEmailConfirmationBody","validateForgotPasswordBody","validateResetPasswordBody","validateChangePasswordBody"],"mappings":";;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;IAEnC,MAAMC,cAAAA,GAAiBH,GAAII,CAAAA,MAAM,CAAC;QAChCC,UAAYL,EAAAA,GAAAA,CAAIM,MAAM,EAAA,CAAGC,QAAQ,EAAA;QACjCC,QAAUR,EAAAA,GAAAA,CAAIM,MAAM,EAAA,CAAGC,QAAQ;AACjC,KAAA,CAAA;AAEA,IAAA,MAAME,oBAAuB,GAAA,CAACC,MAC5BV,GAAAA,GAAAA,CAAII,MAAM,CAAC;AACTO,YAAAA,KAAAA,EAAOX,GAAIM,CAAAA,MAAM,EAAGK,CAAAA,KAAK,GAAGJ,QAAQ,EAAA;YACpCK,QAAUZ,EAAAA,GAAAA,CAAIM,MAAM,EAAA,CAAGC,QAAQ,EAAA;YAC/BC,QAAUR,EAAAA,GAAAA,CACPM,MAAM,EACNC,CAAAA,QAAQ,GACRM,IAAI,CAAC,SAAUC,KAAK,EAAA;gBACnB,IAAI,CAACA,OAAO,OAAO,IAAA;AACnB,gBAAA,MAAMC,UAAU,IAAIC,WAAAA,EAAAA,CAAcC,MAAM,CAACH,KAAAA,CAAAA,CAAOI,MAAM,IAAI,EAAA;AAC1D,gBAAA,IAAI,CAACH,OAAS,EAAA;oBACZ,OAAO,IAAI,CAACI,WAAW,CAAC;wBAAEC,OAAS,EAAA;AAAuC,qBAAA,CAAA;AAC3E;gBACD,OAAO,IAAA;aAERP,CAAAA,CAAAA,IAAI,CAAC,eAAgBC,KAAK,EAAA;gBACzB,IAAI,OAAOJ,MAAQW,EAAAA,gBAAAA,KAAqB,UAAY,EAAA;oBAClD,IAAI;AACF,wBAAA,MAAMN,OAAU,GAAA,MAAML,MAAOW,CAAAA,gBAAgB,CAACP,KAAAA,CAAAA;AAC9C,wBAAA,IAAI,CAACC,OAAS,EAAA;4BACZ,OAAO,IAAI,CAACI,WAAW,CAAC;gCAAEC,OAAS,EAAA;AAA+B,6BAAA,CAAA;AACnE;AACF,qBAAA,CAAC,OAAOE,KAAO,EAAA;wBACd,OAAO,IAAI,CAACH,WAAW,CAAC;4BAAEC,OAASE,EAAAA,KAAAA,CAAMF,OAAO,IAAI;AAAoB,yBAAA,CAAA;AACzE;AACF;gBACD,OAAO,IAAA;AACf,aAAA;AACA,SAAA,CAAA;IAEA,MAAMG,2BAAAA,GAA8BvB,GAAII,CAAAA,MAAM,CAAC;AAC7CO,QAAAA,KAAAA,EAAOX,GAAIM,CAAAA,MAAM,EAAGK,CAAAA,KAAK,GAAGJ,QAAQ;AACtC,KAAA,CAAA;IAEA,MAAMiB,+BAAAA,GAAkCxB,GAAII,CAAAA,MAAM,CAAC;QACjDqB,YAAczB,EAAAA,GAAAA,CAAIM,MAAM,EAAA,CAAGC,QAAQ;AACrC,KAAA,CAAA;IAEA,MAAMmB,oBAAAA,GAAuB1B,GAC1BI,CAAAA,MAAM,CAAC;AACNO,QAAAA,KAAAA,EAAOX,GAAIM,CAAAA,MAAM,EAAGK,CAAAA,KAAK,GAAGJ,QAAQ;AACxC,KAAA,CAAA,CACGoB,SAAS,EAAA;AAEZ,IAAA,MAAMC,yBAA4B,GAAA,CAAClB,MACjCV,GAAAA,GAAAA,CACGI,MAAM,CAAC;YACNI,QAAUR,EAAAA,GAAAA,CACPM,MAAM,EACNC,CAAAA,QAAQ,GACRM,IAAI,CAAC,SAAUC,KAAK,EAAA;gBACnB,IAAI,CAACA,OAAO,OAAO,IAAA;AACnB,gBAAA,MAAMC,UAAU,IAAIC,WAAAA,EAAAA,CAAcC,MAAM,CAACH,KAAAA,CAAAA,CAAOI,MAAM,IAAI,EAAA;AAC1D,gBAAA,IAAI,CAACH,OAAS,EAAA;oBACZ,OAAO,IAAI,CAACI,WAAW,CAAC;wBAAEC,OAAS,EAAA;AAAuC,qBAAA,CAAA;AAC3E;gBACD,OAAO,IAAA;aAERP,CAAAA,CAAAA,IAAI,CAAC,eAAgBC,KAAK,EAAA;gBACzB,IAAI,OAAOJ,MAAQW,EAAAA,gBAAAA,KAAqB,UAAY,EAAA;oBAClD,IAAI;AACF,wBAAA,MAAMN,OAAU,GAAA,MAAML,MAAOW,CAAAA,gBAAgB,CAACP,KAAAA,CAAAA;AAC9C,wBAAA,IAAI,CAACC,OAAS,EAAA;4BACZ,OAAO,IAAI,CAACI,WAAW,CAAC;gCAAEC,OAAS,EAAA;AAA+B,6BAAA,CAAA;AACnE;AACF,qBAAA,CAAC,OAAOE,KAAO,EAAA;wBACd,OAAO,IAAI,CAACH,WAAW,CAAC;4BAAEC,OAASE,EAAAA,KAAAA,CAAMF,OAAO,IAAI;AAAoB,yBAAA,CAAA;AACzE;AACF;gBACD,OAAO,IAAA;AACjB,aAAA,CAAA;AACMS,YAAAA,oBAAAA,EAAsB7B,IACnBM,MAAM,EAAA,CACNC,QAAQ,EAAA,CACRuB,KAAK,CAAC;AAAC9B,gBAAAA,GAAAA,CAAI+B,GAAG,CAAC,UAAA;aAAY,EAAE,wBAAA,CAAA;YAEhCC,IAAMhC,EAAAA,GAAAA,CAAIM,MAAM,EAAA,CAAGC,QAAQ;AACjC,SAAA,CAAA,CACKoB,SAAS,EAAA;AAEd,IAAA,MAAMM,0BAA6B,GAAA,CAACvB,MAClCV,GAAAA,GAAAA,CACGI,MAAM,CAAC;YACNI,QAAUR,EAAAA,GAAAA,CACPM,MAAM,EACNC,CAAAA,QAAQ,GACRM,IAAI,CAAC,SAAUC,KAAK,EAAA;gBACnB,IAAI,CAACA,OAAO,OAAO,IAAA;AACnB,gBAAA,MAAMC,UAAU,IAAIC,WAAAA,EAAAA,CAAcC,MAAM,CAACH,KAAAA,CAAAA,CAAOI,MAAM,IAAI,EAAA;AAC1D,gBAAA,IAAI,CAACH,OAAS,EAAA;oBACZ,OAAO,IAAI,CAACI,WAAW,CAAC;wBAAEC,OAAS,EAAA;AAAuC,qBAAA,CAAA;AAC3E;gBACD,OAAO,IAAA;aAERP,CAAAA,CAAAA,IAAI,CAAC,eAAgBC,KAAK,EAAA;gBACzB,IAAI,OAAOJ,MAAQW,EAAAA,gBAAAA,KAAqB,UAAY,EAAA;oBAClD,IAAI;AACF,wBAAA,MAAMN,OAAU,GAAA,MAAML,MAAOW,CAAAA,gBAAgB,CAACP,KAAAA,CAAAA;AAC9C,wBAAA,IAAI,CAACC,OAAS,EAAA;4BACZ,OAAO,IAAI,CAACI,WAAW,CAAC;gCAAEC,OAAS,EAAA;AAA+B,6BAAA,CAAA;AACnE;AACF,qBAAA,CAAC,OAAOE,KAAO,EAAA;wBACd,OAAO,IAAI,CAACH,WAAW,CAAC;4BAAEC,OAASE,EAAAA,KAAAA,CAAMF,OAAO,IAAI;AAAoB,yBAAA,CAAA;AACzE;AACF;gBACD,OAAO,IAAA;AACjB,aAAA,CAAA;AACMS,YAAAA,oBAAAA,EAAsB7B,IACnBM,MAAM,EAAA,CACNC,QAAQ,EAAA,CACRuB,KAAK,CAAC;AAAC9B,gBAAAA,GAAAA,CAAI+B,GAAG,CAAC,UAAA;aAAY,EAAE,wBAAA,CAAA;YAChCG,eAAiBlC,EAAAA,GAAAA,CAAIM,MAAM,EAAA,CAAGC,QAAQ;AAC5C,SAAA,CAAA,CACKoB,SAAS,EAAA;IAEdQ,IAAiB,GAAA;AACfC,QAAAA,oBAAAA,EAAsBnC,iBAAkBE,CAAAA,cAAAA,CAAAA;AACxCkC,QAAAA,oBAAAA,EAAsB,CAACC,OAAAA,EAAS5B,MAC9BT,GAAAA,iBAAAA,CAAkBQ,qBAAqBC,MAAS4B,CAAAA,CAAAA,CAAAA,OAAAA,CAAAA;AAClDC,QAAAA,iCAAAA,EAAmCtC,iBAAkBsB,CAAAA,2BAAAA,CAAAA;AACrDiB,QAAAA,6BAAAA,EAA+BvC,iBAAkBuB,CAAAA,+BAAAA,CAAAA;AACjDiB,QAAAA,0BAAAA,EAA4BxC,iBAAkByB,CAAAA,oBAAAA,CAAAA;AAC9CgB,QAAAA,yBAAAA,EAA2B,CAACJ,OAAAA,EAAS5B,MACnCT,GAAAA,iBAAAA,CAAkB2B,0BAA0BlB,MAAS4B,CAAAA,CAAAA,CAAAA,OAAAA,CAAAA;AACvDK,QAAAA,0BAAAA,EAA4B,CAACL,OAAAA,EAAS5B,MACpCT,GAAAA,iBAAAA,CAAkBgC,2BAA2BvB,MAAS4B,CAAAA,CAAAA,CAAAA,OAAAA;AAC1D,KAAA;;;;;;"}

package/dist/server/controllers/validation/email-template.js

@@ -0,0 +1,72 @@
+'use strict';
+
+var require$$0 = require('lodash/fp');
+var require$$1 = require('@strapi/utils');
+
+var emailTemplate;
+var hasRequiredEmailTemplate;
+function requireEmailTemplate() {
+    if (hasRequiredEmailTemplate) return emailTemplate;
+    hasRequiredEmailTemplate = 1;
+    const { trim } = require$$0;
+    const { template: { createLooseInterpolationRegExp, createStrictInterpolationRegExp } } = require$$1;
+    const invalidPatternsRegexes = [
+        // Ignore "evaluation" patterns: <% ... %>
+        /<%[^=]([\s\S]*?)%>/m,
+        // Ignore basic string interpolations
+        /\${([^{}]*)}/m
+    ];
+    const authorizedKeys = [
+        'URL',
+        'ADMIN_URL',
+        'SERVER_URL',
+        'CODE',
+        'USER',
+        'USER.email',
+        'USER.username',
+        'TOKEN'
+    ];
+    const matchAll = (pattern, src)=>{
+        const matches = [];
+        let match;
+        const regexPatternWithGlobal = RegExp(pattern, 'g');
+        // eslint-disable-next-line no-cond-assign
+        while(match = regexPatternWithGlobal.exec(src)){
+            const [, group] = match;
+            matches.push(trim(group));
+        }
+        return matches;
+    };
+    const isValidEmailTemplate = (template)=>{
+        // Check for known invalid patterns
+        for (const reg of invalidPatternsRegexes){
+            if (reg.test(template)) {
+                return false;
+            }
+        }
+        const interpolation = {
+            // Strict interpolation pattern to match only valid groups
+            strict: createStrictInterpolationRegExp(authorizedKeys),
+            // Weak interpolation pattern to match as many group as possible.
+            loose: createLooseInterpolationRegExp()
+        };
+        // Compute both strict & loose matches
+        const strictMatches = matchAll(interpolation.strict, template);
+        const looseMatches = matchAll(interpolation.loose, template);
+        // If we have more matches with the loose RegExp than with the strict one,
+        // then it means that at least one of the interpolation group is invalid
+        // Note: In the future, if we wanted to give more details for error formatting
+        // purposes, we could return the difference between the two arrays
+        if (looseMatches.length > strictMatches.length) {
+            return false;
+        }
+        return true;
+    };
+    emailTemplate = {
+        isValidEmailTemplate
+    };
+    return emailTemplate;
+}
+
+exports.__require = requireEmailTemplate;
+//# sourceMappingURL=email-template.js.map

package/dist/server/controllers/validation/email-template.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"email-template.js","sources":["../../../../server/controllers/validation/email-template.js"],"sourcesContent":["'use strict';\n\nconst { trim } = require('lodash/fp');\nconst {\n  template: { createLooseInterpolationRegExp, createStrictInterpolationRegExp },\n} = require('@strapi/utils');\n\nconst invalidPatternsRegexes = [\n  // Ignore \"evaluation\" patterns: <% ... %>\n  /<%[^=]([\\s\\S]*?)%>/m,\n  // Ignore basic string interpolations\n  /\\${([^{}]*)}/m,\n];\n\nconst authorizedKeys = [\n  'URL',\n  'ADMIN_URL',\n  'SERVER_URL',\n  'CODE',\n  'USER',\n  'USER.email',\n  'USER.username',\n  'TOKEN',\n];\n\nconst matchAll = (pattern, src) => {\n  const matches = [];\n  let match;\n\n  const regexPatternWithGlobal = RegExp(pattern, 'g');\n\n  // eslint-disable-next-line no-cond-assign\n  while ((match = regexPatternWithGlobal.exec(src))) {\n    const [, group] = match;\n\n    matches.push(trim(group));\n  }\n\n  return matches;\n};\n\nconst isValidEmailTemplate = (template) => {\n  // Check for known invalid patterns\n  for (const reg of invalidPatternsRegexes) {\n    if (reg.test(template)) {\n      return false;\n    }\n  }\n\n  const interpolation = {\n    // Strict interpolation pattern to match only valid groups\n    strict: createStrictInterpolationRegExp(authorizedKeys),\n    // Weak interpolation pattern to match as many group as possible.\n    loose: createLooseInterpolationRegExp(),\n  };\n\n  // Compute both strict & loose matches\n  const strictMatches = matchAll(interpolation.strict, template);\n  const looseMatches = matchAll(interpolation.loose, template);\n\n  // If we have more matches with the loose RegExp than with the strict one,\n  // then it means that at least one of the interpolation group is invalid\n  // Note: In the future, if we wanted to give more details for error formatting\n  // purposes, we could return the difference between the two arrays\n  if (looseMatches.length > strictMatches.length) {\n    return false;\n  }\n\n  return true;\n};\n\nmodule.exports = {\n  isValidEmailTemplate,\n};\n"],"names":["trim","require$$0","template","createLooseInterpolationRegExp","createStrictInterpolationRegExp","require$$1","invalidPatternsRegexes","authorizedKeys","matchAll","pattern","src","matches","match","regexPatternWithGlobal","RegExp","exec","group","push","isValidEmailTemplate","reg","test","interpolation","strict","loose","strictMatches","looseMatches","length","emailTemplate"],"mappings":";;;;;;;;;;IAEA,MAAM,EAAEA,IAAI,EAAE,GAAGC,UAAAA;IACjB,MAAM,EACJC,UAAU,EAAEC,8BAA8B,EAAEC,+BAA+B,EAAE,EAC9E,GAAGC,UAAAA;AAEJ,IAAA,MAAMC,sBAAyB,GAAA;;AAE7B,QAAA,qBAAA;;AAEA,QAAA;AACD,KAAA;AAED,IAAA,MAAMC,cAAiB,GAAA;AACrB,QAAA,KAAA;AACA,QAAA,WAAA;AACA,QAAA,YAAA;AACA,QAAA,MAAA;AACA,QAAA,MAAA;AACA,QAAA,YAAA;AACA,QAAA,eAAA;AACA,QAAA;AACD,KAAA;IAED,MAAMC,QAAAA,GAAW,CAACC,OAASC,EAAAA,GAAAA,GAAAA;AACzB,QAAA,MAAMC,UAAU,EAAE;QAClB,IAAIC,KAAAA;QAEJ,MAAMC,sBAAAA,GAAyBC,OAAOL,OAAS,EAAA,GAAA,CAAA;;AAG/C,QAAA,MAAQG,KAAQC,GAAAA,sBAAAA,CAAuBE,IAAI,CAACL,GAAO,CAAA,CAAA;YACjD,MAAM,GAAGM,MAAM,GAAGJ,KAAAA;YAElBD,OAAQM,CAAAA,IAAI,CAACjB,IAAKgB,CAAAA,KAAAA,CAAAA,CAAAA;AACnB;QAED,OAAOL,OAAAA;AACT,KAAA;AAEA,IAAA,MAAMO,uBAAuB,CAAChB,QAAAA,GAAAA;;QAE5B,KAAK,MAAMiB,OAAOb,sBAAwB,CAAA;YACxC,IAAIa,GAAAA,CAAIC,IAAI,CAAClB,QAAW,CAAA,EAAA;gBACtB,OAAO,KAAA;AACR;AACF;AAED,QAAA,MAAMmB,aAAgB,GAAA;;AAEpBC,YAAAA,MAAAA,EAAQlB,+BAAgCG,CAAAA,cAAAA,CAAAA;;YAExCgB,KAAOpB,EAAAA,8BAAAA;AACX,SAAA;;AAGE,QAAA,MAAMqB,aAAgBhB,GAAAA,QAAAA,CAASa,aAAcC,CAAAA,MAAM,EAAEpB,QAAAA,CAAAA;AACrD,QAAA,MAAMuB,YAAejB,GAAAA,QAAAA,CAASa,aAAcE,CAAAA,KAAK,EAAErB,QAAAA,CAAAA;;;;;AAMnD,QAAA,IAAIuB,YAAaC,CAAAA,MAAM,GAAGF,aAAAA,CAAcE,MAAM,EAAE;YAC9C,OAAO,KAAA;AACR;QAED,OAAO,IAAA;AACT,KAAA;IAEAC,aAAiB,GAAA;AACfT,QAAAA;AACF,KAAA;;;;;;"}

package/dist/server/controllers/validation/email-template.mjs

@@ -0,0 +1,70 @@
+import require$$0 from 'lodash/fp';
+import require$$1 from '@strapi/utils';
+
+var emailTemplate;
+var hasRequiredEmailTemplate;
+function requireEmailTemplate() {
+    if (hasRequiredEmailTemplate) return emailTemplate;
+    hasRequiredEmailTemplate = 1;
+    const { trim } = require$$0;
+    const { template: { createLooseInterpolationRegExp, createStrictInterpolationRegExp } } = require$$1;
+    const invalidPatternsRegexes = [
+        // Ignore "evaluation" patterns: <% ... %>
+        /<%[^=]([\s\S]*?)%>/m,
+        // Ignore basic string interpolations
+        /\${([^{}]*)}/m
+    ];
+    const authorizedKeys = [
+        'URL',
+        'ADMIN_URL',
+        'SERVER_URL',
+        'CODE',
+        'USER',
+        'USER.email',
+        'USER.username',
+        'TOKEN'
+    ];
+    const matchAll = (pattern, src)=>{
+        const matches = [];
+        let match;
+        const regexPatternWithGlobal = RegExp(pattern, 'g');
+        // eslint-disable-next-line no-cond-assign
+        while(match = regexPatternWithGlobal.exec(src)){
+            const [, group] = match;
+            matches.push(trim(group));
+        }
+        return matches;
+    };
+    const isValidEmailTemplate = (template)=>{
+        // Check for known invalid patterns
+        for (const reg of invalidPatternsRegexes){
+            if (reg.test(template)) {
+                return false;
+            }
+        }
+        const interpolation = {
+            // Strict interpolation pattern to match only valid groups
+            strict: createStrictInterpolationRegExp(authorizedKeys),
+            // Weak interpolation pattern to match as many group as possible.
+            loose: createLooseInterpolationRegExp()
+        };
+        // Compute both strict & loose matches
+        const strictMatches = matchAll(interpolation.strict, template);
+        const looseMatches = matchAll(interpolation.loose, template);
+        // If we have more matches with the loose RegExp than with the strict one,
+        // then it means that at least one of the interpolation group is invalid
+        // Note: In the future, if we wanted to give more details for error formatting
+        // purposes, we could return the difference between the two arrays
+        if (looseMatches.length > strictMatches.length) {
+            return false;
+        }
+        return true;
+    };
+    emailTemplate = {
+        isValidEmailTemplate
+    };
+    return emailTemplate;
+}
+
+export { requireEmailTemplate as __require };
+//# sourceMappingURL=email-template.mjs.map

package/dist/server/controllers/validation/email-template.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"email-template.mjs","sources":["../../../../server/controllers/validation/email-template.js"],"sourcesContent":["'use strict';\n\nconst { trim } = require('lodash/fp');\nconst {\n  template: { createLooseInterpolationRegExp, createStrictInterpolationRegExp },\n} = require('@strapi/utils');\n\nconst invalidPatternsRegexes = [\n  // Ignore \"evaluation\" patterns: <% ... %>\n  /<%[^=]([\\s\\S]*?)%>/m,\n  // Ignore basic string interpolations\n  /\\${([^{}]*)}/m,\n];\n\nconst authorizedKeys = [\n  'URL',\n  'ADMIN_URL',\n  'SERVER_URL',\n  'CODE',\n  'USER',\n  'USER.email',\n  'USER.username',\n  'TOKEN',\n];\n\nconst matchAll = (pattern, src) => {\n  const matches = [];\n  let match;\n\n  const regexPatternWithGlobal = RegExp(pattern, 'g');\n\n  // eslint-disable-next-line no-cond-assign\n  while ((match = regexPatternWithGlobal.exec(src))) {\n    const [, group] = match;\n\n    matches.push(trim(group));\n  }\n\n  return matches;\n};\n\nconst isValidEmailTemplate = (template) => {\n  // Check for known invalid patterns\n  for (const reg of invalidPatternsRegexes) {\n    if (reg.test(template)) {\n      return false;\n    }\n  }\n\n  const interpolation = {\n    // Strict interpolation pattern to match only valid groups\n    strict: createStrictInterpolationRegExp(authorizedKeys),\n    // Weak interpolation pattern to match as many group as possible.\n    loose: createLooseInterpolationRegExp(),\n  };\n\n  // Compute both strict & loose matches\n  const strictMatches = matchAll(interpolation.strict, template);\n  const looseMatches = matchAll(interpolation.loose, template);\n\n  // If we have more matches with the loose RegExp than with the strict one,\n  // then it means that at least one of the interpolation group is invalid\n  // Note: In the future, if we wanted to give more details for error formatting\n  // purposes, we could return the difference between the two arrays\n  if (looseMatches.length > strictMatches.length) {\n    return false;\n  }\n\n  return true;\n};\n\nmodule.exports = {\n  isValidEmailTemplate,\n};\n"],"names":["trim","require$$0","template","createLooseInterpolationRegExp","createStrictInterpolationRegExp","require$$1","invalidPatternsRegexes","authorizedKeys","matchAll","pattern","src","matches","match","regexPatternWithGlobal","RegExp","exec","group","push","isValidEmailTemplate","reg","test","interpolation","strict","loose","strictMatches","looseMatches","length","emailTemplate"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,IAAI,EAAE,GAAGC,UAAAA;IACjB,MAAM,EACJC,UAAU,EAAEC,8BAA8B,EAAEC,+BAA+B,EAAE,EAC9E,GAAGC,UAAAA;AAEJ,IAAA,MAAMC,sBAAyB,GAAA;;AAE7B,QAAA,qBAAA;;AAEA,QAAA;AACD,KAAA;AAED,IAAA,MAAMC,cAAiB,GAAA;AACrB,QAAA,KAAA;AACA,QAAA,WAAA;AACA,QAAA,YAAA;AACA,QAAA,MAAA;AACA,QAAA,MAAA;AACA,QAAA,YAAA;AACA,QAAA,eAAA;AACA,QAAA;AACD,KAAA;IAED,MAAMC,QAAAA,GAAW,CAACC,OAASC,EAAAA,GAAAA,GAAAA;AACzB,QAAA,MAAMC,UAAU,EAAE;QAClB,IAAIC,KAAAA;QAEJ,MAAMC,sBAAAA,GAAyBC,OAAOL,OAAS,EAAA,GAAA,CAAA;;AAG/C,QAAA,MAAQG,KAAQC,GAAAA,sBAAAA,CAAuBE,IAAI,CAACL,GAAO,CAAA,CAAA;YACjD,MAAM,GAAGM,MAAM,GAAGJ,KAAAA;YAElBD,OAAQM,CAAAA,IAAI,CAACjB,IAAKgB,CAAAA,KAAAA,CAAAA,CAAAA;AACnB;QAED,OAAOL,OAAAA;AACT,KAAA;AAEA,IAAA,MAAMO,uBAAuB,CAAChB,QAAAA,GAAAA;;QAE5B,KAAK,MAAMiB,OAAOb,sBAAwB,CAAA;YACxC,IAAIa,GAAAA,CAAIC,IAAI,CAAClB,QAAW,CAAA,EAAA;gBACtB,OAAO,KAAA;AACR;AACF;AAED,QAAA,MAAMmB,aAAgB,GAAA;;AAEpBC,YAAAA,MAAAA,EAAQlB,+BAAgCG,CAAAA,cAAAA,CAAAA;;YAExCgB,KAAOpB,EAAAA,8BAAAA;AACX,SAAA;;AAGE,QAAA,MAAMqB,aAAgBhB,GAAAA,QAAAA,CAASa,aAAcC,CAAAA,MAAM,EAAEpB,QAAAA,CAAAA;AACrD,QAAA,MAAMuB,YAAejB,GAAAA,QAAAA,CAASa,aAAcE,CAAAA,KAAK,EAAErB,QAAAA,CAAAA;;;;;AAMnD,QAAA,IAAIuB,YAAaC,CAAAA,MAAM,GAAGF,aAAAA,CAAcE,MAAM,EAAE;YAC9C,OAAO,KAAA;AACR;QAED,OAAO,IAAA;AACT,KAAA;IAEAC,aAAiB,GAAA;AACfT,QAAAA;AACF,KAAA;;;;;;"}

package/dist/server/controllers/validation/user.js

@@ -0,0 +1,54 @@
+'use strict';
+
+var require$$1 = require('@strapi/utils');
+
+var user;
+var hasRequiredUser;
+function requireUser() {
+    if (hasRequiredUser) return user;
+    hasRequiredUser = 1;
+    const { yup, validateYupSchema } = require$$1;
+    const deleteRoleSchema = yup.object().shape({
+        role: yup.strapiID().required()
+    });
+    const createUserBodySchema = yup.object().shape({
+        email: yup.string().email().required(),
+        username: yup.string().min(1).required(),
+        password: yup.string().min(1).required(),
+        role: yup.lazy((value)=>typeof value === 'object' ? yup.object().shape({
+                connect: yup.array().of(yup.object().shape({
+                    id: yup.strapiID().required()
+                })).min(1, 'Users must have a role').required()
+            }).required() : yup.strapiID().required())
+    });
+    const updateUserBodySchema = yup.object().shape({
+        email: yup.string().email().min(1),
+        username: yup.string().min(1),
+        password: yup.mixed().test('password-validation', 'Password must be at least 1 character', function validatePassword(value) {
+            if (value == null || value === '') {
+                return true;
+            }
+            return typeof value === 'string' && value.length >= 1;
+        }),
+        role: yup.lazy((value)=>typeof value === 'object' ? yup.object().shape({
+                connect: yup.array().of(yup.object().shape({
+                    id: yup.strapiID().required()
+                })).required(),
+                disconnect: yup.array().test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {
+                    if (value.connect.length === 0 && disconnectValue.length > 0) {
+                        return false;
+                    }
+                    return true;
+                }).required()
+            }) : yup.strapiID())
+    });
+    user = {
+        validateCreateUserBody: validateYupSchema(createUserBodySchema),
+        validateUpdateUserBody: validateYupSchema(updateUserBodySchema),
+        validateDeleteRoleBody: validateYupSchema(deleteRoleSchema)
+    };
+    return user;
+}
+
+exports.__require = requireUser;
+//# sourceMappingURL=user.js.map

package/dist/server/controllers/validation/user.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.js","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n  role: yup.strapiID().required(),\n});\n\nconst createUserBodySchema = yup.object().shape({\n  email: yup.string().email().required(),\n  username: yup.string().min(1).required(),\n  password: yup.string().min(1).required(),\n  role: yup.lazy((value) =>\n    typeof value === 'object'\n      ? yup\n          .object()\n          .shape({\n            connect: yup\n              .array()\n              .of(yup.object().shape({ id: yup.strapiID().required() }))\n              .min(1, 'Users must have a role')\n              .required(),\n          })\n          .required()\n      : yup.strapiID().required()\n  ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n  email: yup.string().email().min(1),\n  username: yup.string().min(1),\n  password: yup\n    .mixed()\n    .test(\n      'password-validation',\n      'Password must be at least 1 character',\n      function validatePassword(value) {\n        if (value == null || value === '') {\n          return true;\n        }\n        return typeof value === 'string' && value.length >= 1;\n      }\n    ),\n  role: yup.lazy((value) =>\n    typeof value === 'object'\n      ? yup.object().shape({\n          connect: yup\n            .array()\n            .of(yup.object().shape({ id: yup.strapiID().required() }))\n            .required(),\n          disconnect: yup\n            .array()\n            .test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {\n              if (value.connect.length === 0 && disconnectValue.length > 0) {\n                return false;\n              }\n\n              return true;\n            })\n            .required(),\n        })\n      : yup.strapiID()\n  ),\n});\n\nmodule.exports = {\n  validateCreateUserBody: validateYupSchema(createUserBodySchema),\n  validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n  validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","id","updateUserBodySchema","mixed","test","validatePassword","length","disconnect","disconnectValue","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAmBH,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAMN,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;AAEA,IAAA,MAAMC,oBAAuBT,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,GAAIW,CAAAA,MAAM,EAAGD,CAAAA,KAAK,GAAGF,QAAQ,EAAA;AACpCI,QAAAA,QAAAA,EAAUZ,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCM,QAAAA,QAAAA,EAAUd,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GACGI,CAAAA,MAAM,EACNC,CAAAA,KAAK,CAAC;gBACLY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDK,GAAG,CAAC,CAAG,EAAA,wBAAA,CAAA,CACPL,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAIO,CAAAA,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMa,oBAAuBrB,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,IAAIW,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUZ,GAAIW,CAAAA,MAAM,EAAGE,CAAAA,GAAG,CAAC,CAAA,CAAA;QAC3BC,QAAUd,EAAAA,GAAAA,CACPsB,KAAK,EACLC,CAAAA,IAAI,CACH,qBACA,EAAA,uCAAA,EACA,SAASC,gBAAAA,CAAiBR,KAAK,EAAA;YAC7B,IAAIA,KAAAA,IAAS,IAAQA,IAAAA,KAAAA,KAAU,EAAI,EAAA;gBACjC,OAAO,IAAA;AACR;AACD,YAAA,OAAO,OAAOA,KAAAA,KAAU,QAAYA,IAAAA,KAAAA,CAAMS,MAAM,IAAI,CAAA;AACrD,SAAA,CAAA;AAELnB,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;gBACjBY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDA,QAAQ,EAAA;gBACXkB,UAAY1B,EAAAA,GAAAA,CACTkB,KAAK,EACLK,CAAAA,IAAI,CAAC,iBAAmB,EAAA,oBAAA,EAAsB,SAASA,IAAAA,CAAKI,eAAe,EAAA;oBAC1E,IAAIX,KAAAA,CAAMC,OAAO,CAACQ,MAAM,KAAK,CAAKE,IAAAA,eAAAA,CAAgBF,MAAM,GAAG,CAAG,EAAA;wBAC5D,OAAO,KAAA;AACR;oBAED,OAAO,IAAA;AACrB,iBAAA,CAAA,CACajB,QAAQ;AACrB,aAAA,CAAA,GACQR,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAqB,IAAiB,GAAA;AACfC,QAAAA,sBAAAA,EAAwB5B,iBAAkBQ,CAAAA,oBAAAA,CAAAA;AAC1CqB,QAAAA,sBAAAA,EAAwB7B,iBAAkBoB,CAAAA,oBAAAA,CAAAA;AAC1CU,QAAAA,sBAAAA,EAAwB9B,iBAAkBE,CAAAA,gBAAAA;AAC5C,KAAA;;;;;;"}

package/dist/server/controllers/validation/user.mjs

@@ -0,0 +1,52 @@
+import require$$1 from '@strapi/utils';
+
+var user;
+var hasRequiredUser;
+function requireUser() {
+    if (hasRequiredUser) return user;
+    hasRequiredUser = 1;
+    const { yup, validateYupSchema } = require$$1;
+    const deleteRoleSchema = yup.object().shape({
+        role: yup.strapiID().required()
+    });
+    const createUserBodySchema = yup.object().shape({
+        email: yup.string().email().required(),
+        username: yup.string().min(1).required(),
+        password: yup.string().min(1).required(),
+        role: yup.lazy((value)=>typeof value === 'object' ? yup.object().shape({
+                connect: yup.array().of(yup.object().shape({
+                    id: yup.strapiID().required()
+                })).min(1, 'Users must have a role').required()
+            }).required() : yup.strapiID().required())
+    });
+    const updateUserBodySchema = yup.object().shape({
+        email: yup.string().email().min(1),
+        username: yup.string().min(1),
+        password: yup.mixed().test('password-validation', 'Password must be at least 1 character', function validatePassword(value) {
+            if (value == null || value === '') {
+                return true;
+            }
+            return typeof value === 'string' && value.length >= 1;
+        }),
+        role: yup.lazy((value)=>typeof value === 'object' ? yup.object().shape({
+                connect: yup.array().of(yup.object().shape({
+                    id: yup.strapiID().required()
+                })).required(),
+                disconnect: yup.array().test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {
+                    if (value.connect.length === 0 && disconnectValue.length > 0) {
+                        return false;
+                    }
+                    return true;
+                }).required()
+            }) : yup.strapiID())
+    });
+    user = {
+        validateCreateUserBody: validateYupSchema(createUserBodySchema),
+        validateUpdateUserBody: validateYupSchema(updateUserBodySchema),
+        validateDeleteRoleBody: validateYupSchema(deleteRoleSchema)
+    };
+    return user;
+}
+
+export { requireUser as __require };
+//# sourceMappingURL=user.mjs.map

package/dist/server/controllers/validation/user.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.mjs","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n  role: yup.strapiID().required(),\n});\n\nconst createUserBodySchema = yup.object().shape({\n  email: yup.string().email().required(),\n  username: yup.string().min(1).required(),\n  password: yup.string().min(1).required(),\n  role: yup.lazy((value) =>\n    typeof value === 'object'\n      ? yup\n          .object()\n          .shape({\n            connect: yup\n              .array()\n              .of(yup.object().shape({ id: yup.strapiID().required() }))\n              .min(1, 'Users must have a role')\n              .required(),\n          })\n          .required()\n      : yup.strapiID().required()\n  ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n  email: yup.string().email().min(1),\n  username: yup.string().min(1),\n  password: yup\n    .mixed()\n    .test(\n      'password-validation',\n      'Password must be at least 1 character',\n      function validatePassword(value) {\n        if (value == null || value === '') {\n          return true;\n        }\n        return typeof value === 'string' && value.length >= 1;\n      }\n    ),\n  role: yup.lazy((value) =>\n    typeof value === 'object'\n      ? yup.object().shape({\n          connect: yup\n            .array()\n            .of(yup.object().shape({ id: yup.strapiID().required() }))\n            .required(),\n          disconnect: yup\n            .array()\n            .test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {\n              if (value.connect.length === 0 && disconnectValue.length > 0) {\n                return false;\n              }\n\n              return true;\n            })\n            .required(),\n        })\n      : yup.strapiID()\n  ),\n});\n\nmodule.exports = {\n  validateCreateUserBody: validateYupSchema(createUserBodySchema),\n  validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n  validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","id","updateUserBodySchema","mixed","test","validatePassword","length","disconnect","disconnectValue","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAmBH,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAMN,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;AAEA,IAAA,MAAMC,oBAAuBT,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,GAAIW,CAAAA,MAAM,EAAGD,CAAAA,KAAK,GAAGF,QAAQ,EAAA;AACpCI,QAAAA,QAAAA,EAAUZ,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCM,QAAAA,QAAAA,EAAUd,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GACGI,CAAAA,MAAM,EACNC,CAAAA,KAAK,CAAC;gBACLY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDK,GAAG,CAAC,CAAG,EAAA,wBAAA,CAAA,CACPL,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAIO,CAAAA,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMa,oBAAuBrB,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,IAAIW,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUZ,GAAIW,CAAAA,MAAM,EAAGE,CAAAA,GAAG,CAAC,CAAA,CAAA;QAC3BC,QAAUd,EAAAA,GAAAA,CACPsB,KAAK,EACLC,CAAAA,IAAI,CACH,qBACA,EAAA,uCAAA,EACA,SAASC,gBAAAA,CAAiBR,KAAK,EAAA;YAC7B,IAAIA,KAAAA,IAAS,IAAQA,IAAAA,KAAAA,KAAU,EAAI,EAAA;gBACjC,OAAO,IAAA;AACR;AACD,YAAA,OAAO,OAAOA,KAAAA,KAAU,QAAYA,IAAAA,KAAAA,CAAMS,MAAM,IAAI,CAAA;AACrD,SAAA,CAAA;AAELnB,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;gBACjBY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDA,QAAQ,EAAA;gBACXkB,UAAY1B,EAAAA,GAAAA,CACTkB,KAAK,EACLK,CAAAA,IAAI,CAAC,iBAAmB,EAAA,oBAAA,EAAsB,SAASA,IAAAA,CAAKI,eAAe,EAAA;oBAC1E,IAAIX,KAAAA,CAAMC,OAAO,CAACQ,MAAM,KAAK,CAAKE,IAAAA,eAAAA,CAAgBF,MAAM,GAAG,CAAG,EAAA;wBAC5D,OAAO,KAAA;AACR;oBAED,OAAO,IAAA;AACrB,iBAAA,CAAA,CACajB,QAAQ;AACrB,aAAA,CAAA,GACQR,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAqB,IAAiB,GAAA;AACfC,QAAAA,sBAAAA,EAAwB5B,iBAAkBQ,CAAAA,oBAAAA,CAAAA;AAC1CqB,QAAAA,sBAAAA,EAAwB7B,iBAAkBoB,CAAAA,oBAAAA,CAAAA;AAC1CU,QAAAA,sBAAAA,EAAwB9B,iBAAkBE,CAAAA,gBAAAA;AAC5C,KAAA;;;;;;"}

package/dist/server/graphql/index.js

@@ -0,0 +1,66 @@
+'use strict';
+
+var index = require('./types/index.js');
+var index$1 = require('./queries/index.js');
+var index$2 = require('./mutations/index.js');
+var resolversConfigs = require('./resolvers-configs.js');
+
+var graphql;
+var hasRequiredGraphql;
+function requireGraphql() {
+    if (hasRequiredGraphql) return graphql;
+    hasRequiredGraphql = 1;
+    const getTypes = index.__require();
+    const getQueries = index$1.__require();
+    const getMutations = index$2.__require();
+    const getResolversConfig = resolversConfigs.__require();
+    graphql = ({ strapi })=>{
+        const { config: graphQLConfig } = strapi.plugin('graphql');
+        const extensionService = strapi.plugin('graphql').service('extension');
+        const isShadowCRUDEnabled = graphQLConfig('shadowCRUD', true);
+        if (!isShadowCRUDEnabled) {
+            return;
+        }
+        // Disable Permissions queries & mutations but allow the
+        // type to be used/selected in filters or nested resolvers
+        extensionService.shadowCRUD('plugin::users-permissions.permission').disableQueries().disableMutations();
+        // Disable User & Role's Create/Update/Delete actions so they can be replaced
+        const actionsToDisable = [
+            'create',
+            'update',
+            'delete'
+        ];
+        extensionService.shadowCRUD('plugin::users-permissions.user').disableActions(actionsToDisable);
+        extensionService.shadowCRUD('plugin::users-permissions.role').disableActions(actionsToDisable);
+        // Register new types & resolvers config
+        extensionService.use(({ nexus })=>{
+            const types = getTypes({
+                strapi,
+                nexus
+            });
+            const queries = getQueries({
+                strapi,
+                nexus
+            });
+            const mutations = getMutations({
+                strapi,
+                nexus
+            });
+            const resolversConfig = getResolversConfig({
+                strapi
+            });
+            return {
+                types: [
+                    types,
+                    queries,
+                    mutations
+                ],
+                resolversConfig
+            };
+        });
+    };
+    return graphql;
+}
+
+exports.__require = requireGraphql;
+//# sourceMappingURL=index.js.map

package/dist/server/graphql/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":["../../../server/graphql/index.js"],"sourcesContent":["'use strict';\n\nconst getTypes = require('./types');\nconst getQueries = require('./queries');\nconst getMutations = require('./mutations');\nconst getResolversConfig = require('./resolvers-configs');\n\nmodule.exports = ({ strapi }) => {\n  const { config: graphQLConfig } = strapi.plugin('graphql');\n  const extensionService = strapi.plugin('graphql').service('extension');\n\n  const isShadowCRUDEnabled = graphQLConfig('shadowCRUD', true);\n\n  if (!isShadowCRUDEnabled) {\n    return;\n  }\n\n  // Disable Permissions queries & mutations but allow the\n  // type to be used/selected in filters or nested resolvers\n  extensionService\n    .shadowCRUD('plugin::users-permissions.permission')\n    .disableQueries()\n    .disableMutations();\n\n  // Disable User & Role's Create/Update/Delete actions so they can be replaced\n  const actionsToDisable = ['create', 'update', 'delete'];\n\n  extensionService.shadowCRUD('plugin::users-permissions.user').disableActions(actionsToDisable);\n  extensionService.shadowCRUD('plugin::users-permissions.role').disableActions(actionsToDisable);\n\n  // Register new types & resolvers config\n  extensionService.use(({ nexus }) => {\n    const types = getTypes({ strapi, nexus });\n    const queries = getQueries({ strapi, nexus });\n    const mutations = getMutations({ strapi, nexus });\n    const resolversConfig = getResolversConfig({ strapi });\n\n    return {\n      types: [types, queries, mutations],\n\n      resolversConfig,\n    };\n  });\n};\n"],"names":["getTypes","require$$0","getQueries","require$$1","getMutations","require$$2","getResolversConfig","require$$3","graphql","strapi","config","graphQLConfig","plugin","extensionService","service","isShadowCRUDEnabled","shadowCRUD","disableQueries","disableMutations","actionsToDisable","disableActions","use","nexus","types","queries","mutations","resolversConfig"],"mappings":";;;;;;;;;;;;AAEA,IAAA,MAAMA,QAAWC,GAAAA,eAAAA,EAAAA;AACjB,IAAA,MAAMC,UAAaC,GAAAA,iBAAAA,EAAAA;AACnB,IAAA,MAAMC,YAAeC,GAAAA,iBAAAA,EAAAA;AACrB,IAAA,MAAMC,kBAAqBC,GAAAA,0BAAAA,EAAAA;IAE3BC,OAAiB,GAAA,CAAC,EAAEC,MAAM,EAAE,GAAA;AAC1B,QAAA,MAAM,EAAEC,MAAQC,EAAAA,aAAa,EAAE,GAAGF,MAAAA,CAAOG,MAAM,CAAC,SAAA,CAAA;AAChD,QAAA,MAAMC,mBAAmBJ,MAAOG,CAAAA,MAAM,CAAC,SAAA,CAAA,CAAWE,OAAO,CAAC,WAAA,CAAA;QAE1D,MAAMC,mBAAAA,GAAsBJ,cAAc,YAAc,EAAA,IAAA,CAAA;AAExD,QAAA,IAAI,CAACI,mBAAqB,EAAA;AACxB,YAAA;AACD;;;AAIDF,QAAAA,gBAAAA,CACGG,UAAU,CAAC,sCACXC,CAAAA,CAAAA,cAAc,GACdC,gBAAgB,EAAA;;AAGnB,QAAA,MAAMC,gBAAmB,GAAA;AAAC,YAAA,QAAA;AAAU,YAAA,QAAA;AAAU,YAAA;AAAS,SAAA;AAEvDN,QAAAA,gBAAAA,CAAiBG,UAAU,CAAC,gCAAkCI,CAAAA,CAAAA,cAAc,CAACD,gBAAAA,CAAAA;AAC7EN,QAAAA,gBAAAA,CAAiBG,UAAU,CAAC,gCAAkCI,CAAAA,CAAAA,cAAc,CAACD,gBAAAA,CAAAA;;AAG7EN,QAAAA,gBAAAA,CAAiBQ,GAAG,CAAC,CAAC,EAAEC,KAAK,EAAE,GAAA;AAC7B,YAAA,MAAMC,QAAQvB,QAAS,CAAA;AAAES,gBAAAA,MAAAA;AAAQa,gBAAAA;AAAO,aAAA,CAAA;AACxC,YAAA,MAAME,UAAUtB,UAAW,CAAA;AAAEO,gBAAAA,MAAAA;AAAQa,gBAAAA;AAAO,aAAA,CAAA;AAC5C,YAAA,MAAMG,YAAYrB,YAAa,CAAA;AAAEK,gBAAAA,MAAAA;AAAQa,gBAAAA;AAAO,aAAA,CAAA;AAChD,YAAA,MAAMI,kBAAkBpB,kBAAmB,CAAA;AAAEG,gBAAAA;AAAQ,aAAA,CAAA;YAErD,OAAO;gBACLc,KAAO,EAAA;AAACA,oBAAAA,KAAAA;AAAOC,oBAAAA,OAAAA;AAASC,oBAAAA;AAAU,iBAAA;AAElCC,gBAAAA;AACN,aAAA;AACA,SAAA,CAAA;AACA,KAAA;;;;;;"}

package/dist/server/graphql/index.mjs

@@ -0,0 +1,64 @@
+import { __require as requireTypes } from './types/index.mjs';
+import { __require as requireQueries } from './queries/index.mjs';
+import { __require as requireMutations } from './mutations/index.mjs';
+import { __require as requireResolversConfigs } from './resolvers-configs.mjs';
+
+var graphql;
+var hasRequiredGraphql;
+function requireGraphql() {
+    if (hasRequiredGraphql) return graphql;
+    hasRequiredGraphql = 1;
+    const getTypes = requireTypes();
+    const getQueries = requireQueries();
+    const getMutations = requireMutations();
+    const getResolversConfig = requireResolversConfigs();
+    graphql = ({ strapi })=>{
+        const { config: graphQLConfig } = strapi.plugin('graphql');
+        const extensionService = strapi.plugin('graphql').service('extension');
+        const isShadowCRUDEnabled = graphQLConfig('shadowCRUD', true);
+        if (!isShadowCRUDEnabled) {
+            return;
+        }
+        // Disable Permissions queries & mutations but allow the
+        // type to be used/selected in filters or nested resolvers
+        extensionService.shadowCRUD('plugin::users-permissions.permission').disableQueries().disableMutations();
+        // Disable User & Role's Create/Update/Delete actions so they can be replaced
+        const actionsToDisable = [
+            'create',
+            'update',
+            'delete'
+        ];
+        extensionService.shadowCRUD('plugin::users-permissions.user').disableActions(actionsToDisable);
+        extensionService.shadowCRUD('plugin::users-permissions.role').disableActions(actionsToDisable);
+        // Register new types & resolvers config
+        extensionService.use(({ nexus })=>{
+            const types = getTypes({
+                strapi,
+                nexus
+            });
+            const queries = getQueries({
+                strapi,
+                nexus
+            });
+            const mutations = getMutations({
+                strapi,
+                nexus
+            });
+            const resolversConfig = getResolversConfig({
+                strapi
+            });
+            return {
+                types: [
+                    types,
+                    queries,
+                    mutations
+                ],
+                resolversConfig
+            };
+        });
+    };
+    return graphql;
+}
+
+export { requireGraphql as __require };
+//# sourceMappingURL=index.mjs.map

package/dist/server/graphql/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.mjs","sources":["../../../server/graphql/index.js"],"sourcesContent":["'use strict';\n\nconst getTypes = require('./types');\nconst getQueries = require('./queries');\nconst getMutations = require('./mutations');\nconst getResolversConfig = require('./resolvers-configs');\n\nmodule.exports = ({ strapi }) => {\n  const { config: graphQLConfig } = strapi.plugin('graphql');\n  const extensionService = strapi.plugin('graphql').service('extension');\n\n  const isShadowCRUDEnabled = graphQLConfig('shadowCRUD', true);\n\n  if (!isShadowCRUDEnabled) {\n    return;\n  }\n\n  // Disable Permissions queries & mutations but allow the\n  // type to be used/selected in filters or nested resolvers\n  extensionService\n    .shadowCRUD('plugin::users-permissions.permission')\n    .disableQueries()\n    .disableMutations();\n\n  // Disable User & Role's Create/Update/Delete actions so they can be replaced\n  const actionsToDisable = ['create', 'update', 'delete'];\n\n  extensionService.shadowCRUD('plugin::users-permissions.user').disableActions(actionsToDisable);\n  extensionService.shadowCRUD('plugin::users-permissions.role').disableActions(actionsToDisable);\n\n  // Register new types & resolvers config\n  extensionService.use(({ nexus }) => {\n    const types = getTypes({ strapi, nexus });\n    const queries = getQueries({ strapi, nexus });\n    const mutations = getMutations({ strapi, nexus });\n    const resolversConfig = getResolversConfig({ strapi });\n\n    return {\n      types: [types, queries, mutations],\n\n      resolversConfig,\n    };\n  });\n};\n"],"names":["getTypes","require$$0","getQueries","require$$1","getMutations","require$$2","getResolversConfig","require$$3","graphql","strapi","config","graphQLConfig","plugin","extensionService","service","isShadowCRUDEnabled","shadowCRUD","disableQueries","disableMutations","actionsToDisable","disableActions","use","nexus","types","queries","mutations","resolversConfig"],"mappings":";;;;;;;;;;AAEA,IAAA,MAAMA,QAAWC,GAAAA,YAAAA,EAAAA;AACjB,IAAA,MAAMC,UAAaC,GAAAA,cAAAA,EAAAA;AACnB,IAAA,MAAMC,YAAeC,GAAAA,gBAAAA,EAAAA;AACrB,IAAA,MAAMC,kBAAqBC,GAAAA,uBAAAA,EAAAA;IAE3BC,OAAiB,GAAA,CAAC,EAAEC,MAAM,EAAE,GAAA;AAC1B,QAAA,MAAM,EAAEC,MAAQC,EAAAA,aAAa,EAAE,GAAGF,MAAAA,CAAOG,MAAM,CAAC,SAAA,CAAA;AAChD,QAAA,MAAMC,mBAAmBJ,MAAOG,CAAAA,MAAM,CAAC,SAAA,CAAA,CAAWE,OAAO,CAAC,WAAA,CAAA;QAE1D,MAAMC,mBAAAA,GAAsBJ,cAAc,YAAc,EAAA,IAAA,CAAA;AAExD,QAAA,IAAI,CAACI,mBAAqB,EAAA;AACxB,YAAA;AACD;;;AAIDF,QAAAA,gBAAAA,CACGG,UAAU,CAAC,sCACXC,CAAAA,CAAAA,cAAc,GACdC,gBAAgB,EAAA;;AAGnB,QAAA,MAAMC,gBAAmB,GAAA;AAAC,YAAA,QAAA;AAAU,YAAA,QAAA;AAAU,YAAA;AAAS,SAAA;AAEvDN,QAAAA,gBAAAA,CAAiBG,UAAU,CAAC,gCAAkCI,CAAAA,CAAAA,cAAc,CAACD,gBAAAA,CAAAA;AAC7EN,QAAAA,gBAAAA,CAAiBG,UAAU,CAAC,gCAAkCI,CAAAA,CAAAA,cAAc,CAACD,gBAAAA,CAAAA;;AAG7EN,QAAAA,gBAAAA,CAAiBQ,GAAG,CAAC,CAAC,EAAEC,KAAK,EAAE,GAAA;AAC7B,YAAA,MAAMC,QAAQvB,QAAS,CAAA;AAAES,gBAAAA,MAAAA;AAAQa,gBAAAA;AAAO,aAAA,CAAA;AACxC,YAAA,MAAME,UAAUtB,UAAW,CAAA;AAAEO,gBAAAA,MAAAA;AAAQa,gBAAAA;AAAO,aAAA,CAAA;AAC5C,YAAA,MAAMG,YAAYrB,YAAa,CAAA;AAAEK,gBAAAA,MAAAA;AAAQa,gBAAAA;AAAO,aAAA,CAAA;AAChD,YAAA,MAAMI,kBAAkBpB,kBAAmB,CAAA;AAAEG,gBAAAA;AAAQ,aAAA,CAAA;YAErD,OAAO;gBACLc,KAAO,EAAA;AAACA,oBAAAA,KAAAA;AAAOC,oBAAAA,OAAAA;AAASC,oBAAAA;AAAU,iBAAA;AAElCC,gBAAAA;AACN,aAAA;AACA,SAAA,CAAA;AACA,KAAA;;;;;;"}

package/dist/server/graphql/mutations/auth/change-password.js

@@ -0,0 +1,40 @@
+'use strict';
+
+var require$$0 = require('lodash/fp');
+var utils = require('../../utils.js');
+
+var changePassword;
+var hasRequiredChangePassword;
+function requireChangePassword() {
+    if (hasRequiredChangePassword) return changePassword;
+    hasRequiredChangePassword = 1;
+    const { toPlainObject } = require$$0;
+    const { checkBadRequest } = utils.__require();
+    changePassword = ({ nexus, strapi })=>{
+        const { nonNull } = nexus;
+        return {
+            type: 'UsersPermissionsLoginPayload',
+            args: {
+                currentPassword: nonNull('String'),
+                password: nonNull('String'),
+                passwordConfirmation: nonNull('String')
+            },
+            description: 'Change user password. Confirm with the current password.',
+            async resolve (parent, args, context) {
+                const { koaContext } = context;
+                koaContext.request.body = toPlainObject(args);
+                await strapi.plugin('users-permissions').controller('auth').changePassword(koaContext);
+                const output = koaContext.body;
+                checkBadRequest(output);
+                return {
+                    user: output.user || output,
+                    jwt: output.jwt
+                };
+            }
+        };
+    };
+    return changePassword;
+}
+
+exports.__require = requireChangePassword;
+//# sourceMappingURL=change-password.js.map