@strapi/plugin-users-permissions 4.0.0-beta.1 → 4.0.0-beta.5

package/admin/src/components/Permissions/PermissionRow/SubCategory.js

@@ -4,7 +4,7 @@ import styled from 'styled-components';
 import PropTypes from 'prop-types';
 import { Box } from '@strapi/parts/Box';
 import { Checkbox } from '@strapi/parts/Checkbox';
-import { Row } from '@strapi/parts/Row';
+import { Flex } from '@strapi/parts/Flex';
 import { TableLabel } from '@strapi/parts/Text';
 import { Grid, GridItem } from '@strapi/parts/Grid';
 import CogIcon from '@strapi/icons/Cog';
@@ -59,7 +59,7 @@ const SubCategory = ({ subCategory }) => {
 
   return (
     <Box>
-      <Row justifyContent="space-between" alignItems="center">
+      <Flex justifyContent="space-between" alignItems="center">
         <Box paddingRight={4}>
           <TableLabel textColor="neutral600">{subCategory.label}</TableLabel>
         </Box>
@@ -75,8 +75,8 @@ const SubCategory = ({ subCategory }) => {
             {formatMessage({ id: 'app.utils.select-all', defaultMessage: 'Select all' })}
           </Checkbox>
         </Box>
-      </Row>
-      <Row paddingTop={6} paddingBottom={6}>
+      </Flex>
+      <Flex paddingTop={6} paddingBottom={6}>
         <Grid gap={2} style={{ flex: 1 }}>
           {subCategory.actions.map(action => {
             const name = `${action.name}.enabled`;
@@ -104,7 +104,7 @@ const SubCategory = ({ subCategory }) => {
             );
           })}
         </Grid>
-      </Row>
+      </Flex>
     </Box>
   );
 };

package/admin/src/components/Permissions/index.js

@@ -1,6 +1,7 @@
 import React, { memo, useCallback, useReducer } from 'react';
 import { Accordion, AccordionToggle, AccordionContent } from '@strapi/parts/Accordion';
 import { useIntl } from 'react-intl';
+import { Box } from '@strapi/parts/Box';
 import { useUsersPermissions } from '../../contexts/UsersPermissionsContext';
 import formatPluginName from '../../utils/formatPluginName';
 import PermissionRow from './PermissionRow';
@@ -41,7 +42,9 @@ const Permissions = () => {
             variant={index % 2 ? 'primary' : 'secondary'}
           />
           <AccordionContent>
-            <PermissionRow permissions={modifiedData[collapse.name]} name={collapse.name} />
+            <Box background="neutral0">
+              <PermissionRow permissions={modifiedData[collapse.name]} name={collapse.name} />
+            </Box>
           </AccordionContent>
         </Accordion>
       ))}

package/admin/src/index.js

@@ -6,13 +6,10 @@
 // IF THE DOC IS NOT UPDATED THE PULL REQUEST WILL NOT BE MERGED
 import { prefixPluginTranslations } from '@strapi/helper-plugin';
 import pluginPkg from '../../package.json';
-import pluginLogo from './assets/images/logo.svg';
 import pluginPermissions from './permissions';
 import pluginId from './pluginId';
 import getTrad from './utils/getTrad';
 
-const pluginDescription = pluginPkg.strapi.description || pluginPkg.description;
-const icon = pluginPkg.strapi.icon;
 const name = pluginPkg.strapi.name;
 
 export default {
@@ -95,13 +92,8 @@ export default {
     );
 
     app.registerPlugin({
-      description: pluginDescription,
-      icon,
       id: pluginId,
-      isReady: true,
-      isRequired: pluginPkg.strapi.required || false,
       name,
-      pluginLogo,
     });
   },
   bootstrap() {},

package/admin/src/pages/Providers/utils/api.js

@@ -18,4 +18,4 @@ export const fetchData = async toggleNotification => {
 
 export const putProvider = body => {
   return axiosInstance.put(getRequestURL('providers'), body);
-}
+};

package/admin/src/pages/Roles/EditPage/index.js

@@ -7,7 +7,9 @@ import { Box } from '@strapi/parts/Box';
 import { TextInput } from '@strapi/parts/TextInput';
 import { Textarea } from '@strapi/parts/Textarea';
 import { H3 } from '@strapi/parts/Text';
+import BackIcon from '@strapi/icons/BackIcon';
 import CheckIcon from '@strapi/icons/CheckIcon';
+import { Link } from '@strapi/parts/Link';
 import { GridItem, Grid } from '@strapi/parts/Grid';
 import { Formik } from 'formik';
 import { useIntl } from 'react-intl';
@@ -103,6 +105,14 @@ const EditPage = () => {
               }
               title={role.name}
               subtitle={role.description}
+              navigationAction={
+                <Link startIcon={<BackIcon />} to="/settings/users-permissions/roles">
+                  {formatMessage({
+                    id: 'app.components.go-back',
+                    defaultMessage: 'Go back',
+                  })}
+                </Link>
+              }
             />
             <ContentLayout>
               <Stack size={7}>

package/admin/src/pages/Roles/ListPage/components/TableBody.js

@@ -1,6 +1,9 @@
 import React from 'react';
 import PropTypes from 'prop-types';
-import { IconButton, Tbody, Text, Tr, Td, Row } from '@strapi/parts';
+import { IconButton } from '@strapi/parts/IconButton';
+import { Text } from '@strapi/parts/Text';
+import { Flex } from '@strapi/parts/Flex';
+import { Tbody, Tr, Td } from '@strapi/parts/Table';
 import { EditIcon, DeleteIcon } from '@strapi/icons';
 import { CheckPermissions, onRowClick, stopPropagation } from '@strapi/helper-plugin';
 import { useIntl } from 'react-intl';
@@ -44,7 +47,7 @@ const TableBody = ({ sortedRoles, canDelete, permissions, setRoleToDelete, onDel
             </Text>
           </Td>
           <Td>
-            <Row justifyContent="end" {...stopPropagation}>
+            <Flex justifyContent="end" {...stopPropagation}>
               <CheckPermissions permissions={permissions.updateRole}>
                 <IconButton
                   onClick={() => handleClickEdit(role.id)}
@@ -69,7 +72,7 @@ const TableBody = ({ sortedRoles, canDelete, permissions, setRoleToDelete, onDel
                   />
                 </CheckPermissions>
               )}
-            </Row>
+            </Flex>
           </Td>
         </Tr>
       ))}

package/package.json

@@ -1,11 +1,10 @@
 {
   "name": "@strapi/plugin-users-permissions",
-  "version": "4.0.0-beta.1",
+  "version": "4.0.0-beta.5",
   "description": "Protect your API with a full-authentication process based on JWT",
   "strapi": {
     "displayName": "Roles & Permissions",
     "name": "users-permissions",
-    "icon": "users",
     "description": "users-permissions.plugin.description",
     "required": true,
     "kind": "plugin"
@@ -15,9 +14,9 @@
   },
   "dependencies": {
     "@purest/providers": "^1.0.2",
-    "@strapi/helper-plugin": "4.0.0-beta.1",
-    "@strapi/utils": "4.0.0-beta.1",
-    "bcryptjs": "^2.4.3",
+    "@strapi/helper-plugin": "4.0.0-beta.5",
+    "@strapi/utils": "4.0.0-beta.5",
+    "bcryptjs": "2.4.3",
     "grant-koa": "5.4.8",
     "jsonwebtoken": "^8.1.0",
     "koa2-ratelimit": "^0.9.0",
@@ -58,5 +57,5 @@
     "npm": ">=6.0.0"
   },
   "license": "SEE LICENSE IN LICENSE",
-  "gitHead": "5e341674da4f2ef1b99a910e92128674658a80de"
+  "gitHead": "7e7365d347e181b34496a2ff09d810b8c43a2dcf"
 }

package/server/bootstrap/index.js

@@ -37,9 +37,12 @@ module.exports = async ({ strapi }) => {
 };
 
 const initGrant = async pluginStore => {
+  const apiPrefix = strapi.config.get('api.rest.prefix');
+  const baseURL = `${strapi.config.server.url}/${apiPrefix}/auth`;
+
   const grantConfig = {
     defaults: {
-      prefix: '/api/connect',
+      prefix: `${apiPrefix}/connect`,
     },
     email: {
       enabled: true,
@@ -50,7 +53,7 @@ const initGrant = async pluginStore => {
       icon: 'discord',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/discord/callback`,
+      callback: `${baseURL}/discord/callback`,
       scope: ['identify', 'email'],
     },
     facebook: {
@@ -58,7 +61,7 @@ const initGrant = async pluginStore => {
       icon: 'facebook-square',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/facebook/callback`,
+      callback: `${baseURL}/facebook/callback`,
       scope: ['email'],
     },
     google: {
@@ -66,7 +69,7 @@ const initGrant = async pluginStore => {
       icon: 'google',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/google/callback`,
+      callback: `${baseURL}/google/callback`,
       scope: ['email'],
     },
     github: {
@@ -74,7 +77,7 @@ const initGrant = async pluginStore => {
       icon: 'github',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/github/callback`,
+      callback: `${baseURL}/github/callback`,
       scope: ['user', 'user:email'],
     },
     microsoft: {
@@ -82,7 +85,7 @@ const initGrant = async pluginStore => {
       icon: 'windows',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/microsoft/callback`,
+      callback: `${baseURL}/microsoft/callback`,
       scope: ['user.read'],
     },
     twitter: {
@@ -90,14 +93,14 @@ const initGrant = async pluginStore => {
       icon: 'twitter',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/twitter/callback`,
+      callback: `${baseURL}/twitter/callback`,
     },
     instagram: {
       enabled: false,
       icon: 'instagram',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/instagram/callback`,
+      callback: `${baseURL}/instagram/callback`,
       scope: ['user_profile'],
     },
     vk: {
@@ -105,7 +108,7 @@ const initGrant = async pluginStore => {
       icon: 'vk',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/vk/callback`,
+      callback: `${baseURL}/vk/callback`,
       scope: ['email'],
     },
     twitch: {
@@ -113,7 +116,7 @@ const initGrant = async pluginStore => {
       icon: 'twitch',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/twitch/callback`,
+      callback: `${baseURL}/twitch/callback`,
       scope: ['user:read:email'],
     },
     linkedin: {
@@ -121,7 +124,7 @@ const initGrant = async pluginStore => {
       icon: 'linkedin',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/linkedin/callback`,
+      callback: `${baseURL}/linkedin/callback`,
       scope: ['r_liteprofile', 'r_emailaddress'],
     },
     cognito: {
@@ -130,7 +133,7 @@ const initGrant = async pluginStore => {
       key: '',
       secret: '',
       subdomain: 'my.subdomain.com',
-      callback: `${strapi.config.server.url}/api/auth/cognito/callback`,
+      callback: `${baseURL}/cognito/callback`,
       scope: ['email', 'openid', 'profile'],
     },
     reddit: {
@@ -139,7 +142,7 @@ const initGrant = async pluginStore => {
       key: '',
       secret: '',
       state: true,
-      callback: `${strapi.config.server.url}/api/auth/reddit/callback`,
+      callback: `${baseURL}/reddit/callback`,
       scope: ['identity'],
     },
     auth0: {
@@ -148,7 +151,7 @@ const initGrant = async pluginStore => {
       key: '',
       secret: '',
       subdomain: 'my-tenant.eu',
-      callback: `${strapi.config.server.url}/api/auth/auth0/callback`,
+      callback: `${baseURL}/auth0/callback`,
       scope: ['openid', 'email', 'profile'],
     },
     cas: {
@@ -156,7 +159,7 @@ const initGrant = async pluginStore => {
       icon: 'book',
       key: '',
       secret: '',
-      callback: `${strapi.config.server.url}/api/auth/cas/callback`,
+      callback: `${baseURL}/cas/callback`,
       scope: ['openid email'], // scopes should be space delimited
       subdomain: 'my.subdomain.com/cas',
     },

package/server/controllers/role.js

@@ -21,10 +21,8 @@ module.exports = {
 
   async getRole(ctx) {
     const { id } = ctx.params;
-    const { lang } = ctx.query;
 
-    const plugins = await getService('users-permissions').getPlugins(lang);
-    const role = await getService('role').getRole(id, plugins);
+    const role = await getService('role').getRole(id);
 
     if (!role) {
       return ctx.notFound();

package/server/middlewares/rateLimit.js

@@ -1,6 +1,6 @@
 'use strict';
 
-module.exports = async (ctx, next) => {
+module.exports = (config, { strapi }) => async (ctx, next) => {
   const ratelimit = require('koa2-ratelimit').RateLimit;
 
   const message = [

package/server/routes/admin/role.js

@@ -9,7 +9,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.roles.read'],
           },
         },
@@ -24,7 +24,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.roles.read'],
           },
         },
@@ -39,7 +39,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.roles.create'],
           },
         },
@@ -54,7 +54,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.roles.update'],
           },
         },
@@ -69,7 +69,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.roles.delete'],
           },
         },

package/server/routes/admin/settings.js

@@ -9,7 +9,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.email-templates.read'],
           },
         },
@@ -24,7 +24,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.email-templates.update'],
           },
         },
@@ -39,7 +39,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.advanced-settings.read'],
           },
         },
@@ -54,7 +54,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.advanced-settings.update'],
           },
         },
@@ -69,7 +69,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.providers.read'],
           },
         },
@@ -85,7 +85,7 @@ module.exports = [
       policies: [
         {
           name: 'admin::hasPermissions',
-          options: {
+          config: {
             actions: ['plugin::users-permissions.providers.update'],
           },
         },

package/server/routes/content-api/auth.js

@@ -1,14 +1,12 @@
 'use strict';
 
-const { rateLimit } = require('../../middlewares');
-
 module.exports = [
   {
     method: 'GET',
     path: '/connect/(.*)',
     handler: 'auth.connect',
     config: {
-      middlewares: [rateLimit],
+      middlewares: ['plugin::users-permissions.rateLimit'],
       prefix: '',
     },
   },
@@ -17,7 +15,7 @@ module.exports = [
     path: '/auth/local',
     handler: 'auth.callback',
     config: {
-      middlewares: [rateLimit],
+      middlewares: ['plugin::users-permissions.rateLimit'],
       prefix: '',
     },
   },
@@ -26,7 +24,7 @@ module.exports = [
     path: '/auth/local/register',
     handler: 'auth.register',
     config: {
-      middlewares: [rateLimit],
+      middlewares: ['plugin::users-permissions.rateLimit'],
       prefix: '',
     },
   },
@@ -43,7 +41,7 @@ module.exports = [
     path: '/auth/forgot-password',
     handler: 'auth.forgotPassword',
     config: {
-      middlewares: [rateLimit],
+      middlewares: ['plugin::users-permissions.rateLimit'],
       prefix: '',
     },
   },
@@ -52,7 +50,7 @@ module.exports = [
     path: '/auth/reset-password',
     handler: 'auth.resetPassword',
     config: {
-      middlewares: [rateLimit],
+      middlewares: ['plugin::users-permissions.rateLimit'],
       prefix: '',
     },
   },

package/server/services/providers.js

@@ -586,8 +586,10 @@ module.exports = ({ strapi }) => {
     });
   };
 
-  const buildRedirectUri = (provider = '') =>
-    `${getAbsoluteServerUrl(strapi.config)}/api/connect/${provider}/callback`;
+  const buildRedirectUri = (provider = '') => {
+    const apiPrefix = strapi.config.get('api.rest.prefix');
+    return `${getAbsoluteServerUrl(strapi.config)}/${apiPrefix}/connect/${provider}/callback`;
+  };
 
   return {
     connect,

package/server/services/role.js

@@ -40,7 +40,7 @@ module.exports = ({ strapi }) => ({
     await Promise.all(createPromises);
   },
 
-  async getRole(roleID, plugins) {
+  async getRole(roleID) {
     const role = await strapi
       .query('plugin::users-permissions.role')
       .findOne({ where: { id: roleID }, populate: ['permissions'] });
@@ -59,12 +59,6 @@ module.exports = ({ strapi }) => ({
         enabled: true,
         policy: '',
       });
-
-      if (permission.action.startsWith('plugin')) {
-        const [, pluginName] = type.split('::');
-
-        allActions[type].information = plugins.find(plugin => plugin.id === pluginName) || {};
-      }
     });
 
     return {

package/server/services/users-permissions.js

@@ -28,63 +28,74 @@ const transformRoutePrefixFor = pluginName => route => {
 };
 
 module.exports = ({ strapi }) => ({
-  getPlugins(lang = 'en') {
-    const request = require('request');
-    return new Promise(resolve => {
-      request(
-        {
-          uri: `https://marketplace.strapi.io/plugins?lang=${lang}`,
-          json: true,
-          timeout: 3000,
-          headers: {
-            'cache-control': 'max-age=3600',
-          },
-        },
-        (err, response, body) => {
-          if (err || response.statusCode !== 200) {
-            return resolve([]);
-          }
-
-          resolve(body);
-        }
-      );
-    });
-  },
-
-  // TODO: Filter on content-api only
   getActions({ defaultEnable = false } = {}) {
     const actionMap = {};
 
+    const isContentApi = action => {
+      if (!_.has(action, Symbol.for('__type__'))) {
+        return false;
+      }
+
+      return action[Symbol.for('__type__')].includes('content-api');
+    };
+
     _.forEach(strapi.api, (api, apiName) => {
-      const controllers = _.mapValues(api.controllers, controller => {
-        return _.mapValues(controller, () => {
-          return {
-            enabled: defaultEnable,
-            policy: '',
-          };
-        });
-      });
+      const controllers = _.reduce(
+        api.controllers,
+        (acc, controller, controllerName) => {
+          const contentApiActions = _.pickBy(controller, isContentApi);
+
+          if (_.isEmpty(contentApiActions)) {
+            return acc;
+          }
+
+          acc[controllerName] = _.mapValues(contentApiActions, () => {
+            return {
+              enabled: defaultEnable,
+              policy: '',
+            };
+          });
 
-      actionMap[`api::${apiName}`] = { controllers };
+          return acc;
+        },
+        {}
+      );
+
+      if (!_.isEmpty(controllers)) {
+        actionMap[`api::${apiName}`] = { controllers };
+      }
     });
 
     _.forEach(strapi.plugins, (plugin, pluginName) => {
-      const controllers = _.mapValues(plugin.controllers, controller => {
-        return _.mapValues(controller, () => {
-          return {
-            enabled: defaultEnable,
-            policy: '',
-          };
-        });
-      });
+      const controllers = _.reduce(
+        plugin.controllers,
+        (acc, controller, controllerName) => {
+          const contentApiActions = _.pickBy(controller, isContentApi);
+
+          if (_.isEmpty(contentApiActions)) {
+            return acc;
+          }
 
-      actionMap[`plugin::${pluginName}`] = { controllers };
+          acc[controllerName] = _.mapValues(contentApiActions, () => {
+            return {
+              enabled: defaultEnable,
+              policy: '',
+            };
+          });
+
+          return acc;
+        },
+        {}
+      );
+
+      if (!_.isEmpty(controllers)) {
+        actionMap[`plugin::${pluginName}`] = { controllers };
+      }
     });
 
     return actionMap;
   },
 
-  // TODO: Filter on content-api only
   async getRoutes() {
     const routesMap = {};
 
@@ -95,7 +106,7 @@ module.exports = ({ strapi }) => ({
         }
 
         return route;
-      });
+      }).filter(route => route.info.type === 'content-api');
 
       if (routes.length === 0) {
         return;
@@ -116,7 +127,7 @@ module.exports = ({ strapi }) => ({
         }
 
         return transformPrefix(route);
-      });
+      }).filter(route => route.info.type === 'content-api');
 
       if (routes.length === 0) {
         return;

package/admin/src/assets/images/logo.svg

@@ -1 +0,0 @@
-<svg width="24" height="24" xmlns="http://www.w3.org/2000/svg"><text transform="translate(-24 -6)" fill="#4B515A" fill-rule="evenodd" font-size="24" font-family="AppleColorEmoji, Apple Color Emoji"><tspan x="24" y="28">🔐</tspan></text></svg>