@strapi/plugin-users-permissions 4.0.0-next.1 → 4.0.0-next.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (74) hide show
  1. package/admin/src/index.js +31 -28
  2. package/admin/src/pages/AdvancedSettings/index.js +14 -2
  3. package/admin/src/pages/AdvancedSettings/utils/form.js +2 -2
  4. package/admin/src/pages/EmailTemplates/index.js +8 -1
  5. package/admin/src/pages/Providers/index.js +8 -1
  6. package/admin/src/pages/Roles/CreatePage/index.js +1 -1
  7. package/admin/src/pages/Roles/EditPage/index.js +2 -2
  8. package/admin/src/pages/Roles/ListPage/index.js +1 -1
  9. package/admin/src/pages/Roles/index.js +14 -8
  10. package/admin/src/permissions.js +12 -14
  11. package/admin/src/translations/en.json +4 -0
  12. package/admin/src/translations/zh-Hans.json +26 -7
  13. package/documentation/1.0.0/overrides/users-permissions-Role.json +6 -6
  14. package/package.json +8 -6
  15. package/{config/functions/bootstrap.js → server/bootstrap/index.js} +9 -18
  16. package/{config → server/bootstrap}/users-permissions-actions.js +0 -0
  17. package/server/config.js +23 -0
  18. package/server/content-types/index.js +11 -0
  19. package/server/content-types/permission/index.js +31 -0
  20. package/server/content-types/role/index.js +48 -0
  21. package/server/content-types/user/index.js +72 -0
  22. package/{models/User.config.js → server/content-types/user/schema-config.js} +0 -0
  23. package/{controllers → server/controllers}/auth.js +63 -77
  24. package/server/controllers/index.js +15 -0
  25. package/server/controllers/permissions.js +26 -0
  26. package/server/controllers/role.js +77 -0
  27. package/server/controllers/settings.js +84 -0
  28. package/{controllers → server/controllers}/user/admin.js +26 -42
  29. package/{controllers → server/controllers}/user/api.js +11 -27
  30. package/{controllers → server/controllers}/user.js +2 -18
  31. package/{controllers → server/controllers}/validation/email-template.js +0 -0
  32. package/server/index.js +21 -0
  33. package/server/policies/index.js +7 -0
  34. package/{config → server}/policies/rateLimit.js +4 -8
  35. package/server/register.js +7 -0
  36. package/server/routes/admin/index.js +10 -0
  37. package/server/routes/admin/permissions.js +20 -0
  38. package/server/routes/admin/role.js +79 -0
  39. package/server/routes/admin/settings.js +95 -0
  40. package/server/routes/content-api/auth.js +73 -0
  41. package/server/routes/content-api/index.js +11 -0
  42. package/server/routes/content-api/permissions.js +9 -0
  43. package/server/routes/content-api/role.js +29 -0
  44. package/server/routes/content-api/user.js +61 -0
  45. package/server/routes/index.js +6 -0
  46. package/{config → server}/schema.graphql.js +96 -63
  47. package/server/services/index.js +15 -0
  48. package/{services → server/services}/jwt.js +12 -14
  49. package/server/services/providers.js +592 -0
  50. package/server/services/role.js +182 -0
  51. package/{services → server/services}/user.js +31 -34
  52. package/server/services/users-permissions.js +222 -0
  53. package/server/strategies/users-permissions.js +122 -0
  54. package/{utils → server/utils}/index.d.ts +6 -1
  55. package/server/utils/index.js +9 -0
  56. package/strapi-server.js +3 -0
  57. package/config/layout.js +0 -10
  58. package/config/policies/isAuthenticated.js +0 -9
  59. package/config/policies/permissions.js +0 -94
  60. package/config/request.json +0 -6
  61. package/config/routes.json +0 -381
  62. package/config/security.json +0 -5
  63. package/controllers/users-permissions.js +0 -271
  64. package/middlewares/users-permissions/defaults.json +0 -5
  65. package/middlewares/users-permissions/index.js +0 -40
  66. package/models/Permission.js +0 -7
  67. package/models/Permission.settings.json +0 -45
  68. package/models/Role.js +0 -7
  69. package/models/Role.settings.json +0 -43
  70. package/models/User.js +0 -7
  71. package/models/User.settings.json +0 -63
  72. package/services/providers.js +0 -598
  73. package/services/users-permissions.js +0 -430
  74. package/utils/index.js +0 -11
package/controllers/users-permissions.js DELETED
@@ -1,271 +0,0 @@
1
- 'use strict';
2
-
3
- const _ = require('lodash');
4
- const { getService } = require('../utils');
5
- const { isValidEmailTemplate } = require('./validation/email-template');
6
-
7
- module.exports = {
8
- /**
9
- * Default action.
10
- *
11
- * @return {Object}
12
- */
13
- async createRole(ctx) {
14
- if (_.isEmpty(ctx.request.body)) {
15
- return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
16
- }
17
-
18
- try {
19
- await getService('users-permissions').createRole(ctx.request.body);
20
-
21
- ctx.send({ ok: true });
22
- } catch (err) {
23
- strapi.log.error(err);
24
- ctx.badRequest(null, [{ messages: [{ id: 'An error occured' }] }]);
25
- }
26
- },
27
-
28
- async deleteRole(ctx) {
29
- // Fetch public role.
30
- const publicRole = await strapi
31
- .query('plugins::users-permissions.role')
32
- .findOne({ where: { type: 'public' } });
33
-
34
- const publicRoleID = publicRole.id;
35
-
36
- const roleID = ctx.params.role;
37
-
38
- if (!roleID) {
39
- return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
40
- }
41
-
42
- // Prevent from removing the public role.
43
- if (roleID.toString() === publicRoleID.toString()) {
44
- return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);
45
- }
46
-
47
- try {
48
- await getService('users-permissions').deleteRole(roleID, publicRoleID);
49
-
50
- ctx.send({ ok: true });
51
- } catch (err) {
52
- strapi.log.error(err);
53
- ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
54
- }
55
- },
56
-
57
- async getPermissions(ctx) {
58
- try {
59
- const permissions = await getService('users-permissions').getActions();
60
-
61
- ctx.send({ permissions });
62
- } catch (err) {
63
- ctx.badRequest(null, [{ message: [{ id: 'Not Found' }] }]);
64
- }
65
- },
66
-
67
- async getPolicies(ctx) {
68
- ctx.send({
69
- policies: _.without(
70
- _.keys(strapi.plugins['users-permissions'].config.policies),
71
- 'permissions'
72
- ),
73
- });
74
- },
75
-
76
- async getRole(ctx) {
77
- const { id } = ctx.params;
78
- const { lang } = ctx.query;
79
- const plugins = await getService('users-permissions').getPlugins(lang);
80
- const role = await getService('users-permissions').getRole(id, plugins);
81
-
82
- if (_.isEmpty(role)) {
83
- return ctx.badRequest(null, [{ messages: [{ id: `Role don't exist` }] }]);
84
- }
85
-
86
- ctx.send({ role });
87
- },
88
-
89
- async getRoles(ctx) {
90
- try {
91
- const roles = await getService('users-permissions').getRoles();
92
-
93
- ctx.send({ roles });
94
- } catch (err) {
95
- ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
96
- }
97
- },
98
-
99
- async getRoutes(ctx) {
100
- try {
101
- const routes = await getService('users-permissions').getRoutes();
102
-
103
- ctx.send({ routes });
104
- } catch (err) {
105
- ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
106
- }
107
- },
108
-
109
- async index(ctx) {
110
- // Send 200 `ok`
111
- ctx.send({ message: 'ok' });
112
- },
113
-
114
- async searchUsers(ctx) {
115
- const { id } = ctx.params;
116
-
117
- const data = await strapi.query('plugins::users-permissions.user').custom(searchQueries)({
118
- id,
119
- });
120
-
121
- ctx.send(data);
122
- },
123
-
124
- async updateRole(ctx) {
125
- const roleID = ctx.params.role;
126
-
127
- if (_.isEmpty(ctx.request.body)) {
128
- return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
129
- }
130
-
131
- try {
132
- await getService('users-permissions').updateRole(roleID, ctx.request.body);
133
-
134
- ctx.send({ ok: true });
135
- } catch (err) {
136
- strapi.log.error(err);
137
- ctx.badRequest(null, [{ messages: [{ id: 'An error occurred' }] }]);
138
- }
139
- },
140
-
141
- async getEmailTemplate(ctx) {
142
- ctx.send(
143
- await strapi
144
- .store({
145
- environment: '',
146
- type: 'plugin',
147
- name: 'users-permissions',
148
- key: 'email',
149
- })
150
- .get()
151
- );
152
- },
153
-
154
- async updateEmailTemplate(ctx) {
155
- if (_.isEmpty(ctx.request.body)) {
156
- return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
157
- }
158
-
159
- const emailTemplates = ctx.request.body['email-templates'];
160
-
161
- for (let key in emailTemplates) {
162
- const template = emailTemplates[key].options.message;
163
-
164
- if (!isValidEmailTemplate(template)) {
165
- return ctx.badRequest(null, [{ messages: [{ id: 'Invalid template' }] }]);
166
- }
167
- }
168
-
169
- await strapi
170
- .store({
171
- environment: '',
172
- type: 'plugin',
173
- name: 'users-permissions',
174
- key: 'email',
175
- })
176
- .set({ value: emailTemplates });
177
-
178
- ctx.send({ ok: true });
179
- },
180
-
181
- async getAdvancedSettings(ctx) {
182
- ctx.send({
183
- settings: await strapi
184
- .store({
185
- environment: '',
186
- type: 'plugin',
187
- name: 'users-permissions',
188
- key: 'advanced',
189
- })
190
- .get(),
191
- roles: await getService('users-permissions').getRoles(),
192
- });
193
- },
194
-
195
- async updateAdvancedSettings(ctx) {
196
- if (_.isEmpty(ctx.request.body)) {
197
- return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
198
- }
199
-
200
- await strapi
201
- .store({
202
- environment: '',
203
- type: 'plugin',
204
- name: 'users-permissions',
205
- key: 'advanced',
206
- })
207
- .set({ value: ctx.request.body });
208
-
209
- ctx.send({ ok: true });
210
- },
211
-
212
- async getProviders(ctx) {
213
- const providers = await strapi
214
- .store({
215
- environment: '',
216
- type: 'plugin',
217
- name: 'users-permissions',
218
- key: 'grant',
219
- })
220
- .get();
221
-
222
- for (const provider in providers) {
223
- if (provider !== 'email') {
224
- providers[provider].redirectUri = strapi.plugins[
225
- 'users-permissions'
226
- ].services.providers.buildRedirectUri(provider);
227
- }
228
- }
229
-
230
- ctx.send(providers);
231
- },
232
-
233
- async updateProviders(ctx) {
234
- if (_.isEmpty(ctx.request.body)) {
235
- return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
236
- }
237
-
238
- await strapi
239
- .store({
240
- environment: '',
241
- type: 'plugin',
242
- name: 'users-permissions',
243
- key: 'grant',
244
- })
245
- .set({ value: ctx.request.body.providers });
246
-
247
- ctx.send({ ok: true });
248
- },
249
- };
250
-
251
- const searchQueries = {
252
- bookshelf({ model }) {
253
- return ({ id }) => {
254
- return model
255
- .query(function(qb) {
256
- qb.where('username', 'LIKE', `%${id}%`).orWhere('email', 'LIKE', `%${id}%`);
257
- })
258
- .fetchAll()
259
- .then(results => results.toJSON());
260
- };
261
- },
262
- mongoose({ model }) {
263
- return ({ id }) => {
264
- const re = new RegExp(id);
265
-
266
- return model.find({
267
- $or: [{ username: re }, { email: re }],
268
- });
269
- };
270
- },
271
- };
package/middlewares/users-permissions/defaults.json DELETED
@@ -1,5 +0,0 @@
1
- {
2
- "users-permissions": {
3
- "enabled": true
4
- }
5
- }
package/middlewares/users-permissions/index.js DELETED
@@ -1,40 +0,0 @@
1
- 'use strict';
2
-
3
- /**
4
- * Module dependencies
5
- */
6
-
7
- // Public node modules.
8
- const _ = require('lodash');
9
-
10
- module.exports = strapi => {
11
- return {
12
- beforeInitialize() {
13
- strapi.config.middleware.load.before.unshift('users-permissions');
14
- },
15
-
16
- initialize() {
17
- _.forEach(strapi.admin.config.routes, value => {
18
- if (_.get(value.config, 'policies')) {
19
- value.config.policies.unshift('plugins::users-permissions.permissions');
20
- }
21
- });
22
-
23
- _.forEach(strapi.config.routes, value => {
24
- if (_.get(value.config, 'policies')) {
25
- value.config.policies.unshift('plugins::users-permissions.permissions');
26
- }
27
- });
28
-
29
- if (strapi.plugins) {
30
- _.forEach(strapi.plugins, plugin => {
31
- _.forEach(plugin.config.routes, value => {
32
- if (_.get(value.config, 'policies')) {
33
- value.config.policies.unshift('plugins::users-permissions.permissions');
34
- }
35
- });
36
- });
37
- }
38
- },
39
- };
40
- };
package/models/Permission.js DELETED
@@ -1,7 +0,0 @@
1
- 'use strict';
2
-
3
- /**
4
- * Lifecycle callbacks for the `Permission` model.
5
- */
6
-
7
- module.exports = {};
package/models/Permission.settings.json DELETED
@@ -1,45 +0,0 @@
1
- {
2
- "collectionName": "up_permissions",
3
- "info": {
4
- "name": "permission",
5
- "description": ""
6
- },
7
- "pluginOptions": {
8
- "content-manager": {
9
- "visible": false
10
- }
11
- },
12
- "attributes": {
13
- "type": {
14
- "type": "string",
15
- "required": true,
16
- "configurable": false
17
- },
18
- "controller": {
19
- "type": "string",
20
- "required": true,
21
- "configurable": false
22
- },
23
- "action": {
24
- "type": "string",
25
- "required": true,
26
- "configurable": false
27
- },
28
- "enabled": {
29
- "type": "boolean",
30
- "required": true,
31
- "configurable": false
32
- },
33
- "policy": {
34
- "type": "string",
35
- "configurable": false
36
- },
37
- "role": {
38
- "type": "relation",
39
- "relation": "manyToOne",
40
- "target": "plugins::users-permissions.role",
41
- "inversedBy": "permissions",
42
- "configurable": false
43
- }
44
- }
45
- }
package/models/Role.js DELETED
@@ -1,7 +0,0 @@
1
- 'use strict';
2
-
3
- /**
4
- * Lifecycle callbacks for the `Role` model.
5
- */
6
-
7
- module.exports = {};
package/models/Role.settings.json DELETED
@@ -1,43 +0,0 @@
1
- {
2
- "collectionName": "up_roles",
3
- "info": {
4
- "name": "role",
5
- "description": ""
6
- },
7
- "pluginOptions": {
8
- "content-manager": {
9
- "visible": false
10
- }
11
- },
12
- "attributes": {
13
- "name": {
14
- "type": "string",
15
- "minLength": 3,
16
- "required": true,
17
- "configurable": false
18
- },
19
- "description": {
20
- "type": "string",
21
- "configurable": false
22
- },
23
- "type": {
24
- "type": "string",
25
- "unique": true,
26
- "configurable": false
27
- },
28
- "permissions": {
29
- "type": "relation",
30
- "relation": "oneToMany",
31
- "target": "plugins::users-permissions.permission",
32
- "mappedBy": "role",
33
- "configurable": false
34
- },
35
- "users": {
36
- "type": "relation",
37
- "relation": "oneToMany",
38
- "target": "plugins::users-permissions.user",
39
- "mappedBy": "role",
40
- "configurable": false
41
- }
42
- }
43
- }
package/models/User.js DELETED
@@ -1,7 +0,0 @@
1
- 'use strict';
2
-
3
- /**
4
- * Lifecycle callbacks for the `User` model.
5
- */
6
-
7
- module.exports = {};
package/models/User.settings.json DELETED
@@ -1,63 +0,0 @@
1
- {
2
- "collectionName": "up_users",
3
- "info": {
4
- "name": "user",
5
- "description": ""
6
- },
7
- "options": {
8
- "draftAndPublish": false,
9
- "timestamps": true
10
- },
11
- "attributes": {
12
- "username": {
13
- "type": "string",
14
- "minLength": 3,
15
- "unique": true,
16
- "configurable": false,
17
- "required": true
18
- },
19
- "email": {
20
- "type": "email",
21
- "minLength": 6,
22
- "configurable": false,
23
- "required": true
24
- },
25
- "provider": {
26
- "type": "string",
27
- "configurable": false
28
- },
29
- "password": {
30
- "type": "password",
31
- "minLength": 6,
32
- "configurable": false,
33
- "private": true
34
- },
35
- "resetPasswordToken": {
36
- "type": "string",
37
- "configurable": false,
38
- "private": true
39
- },
40
- "confirmationToken": {
41
- "type": "string",
42
- "configurable": false,
43
- "private": true
44
- },
45
- "confirmed": {
46
- "type": "boolean",
47
- "default": false,
48
- "configurable": false
49
- },
50
- "blocked": {
51
- "type": "boolean",
52
- "default": false,
53
- "configurable": false
54
- },
55
- "role": {
56
- "type": "relation",
57
- "relation": "manyToOne",
58
- "target": "plugins::users-permissions.role",
59
- "inversedBy": "users",
60
- "configurable": false
61
- }
62
- }
63
- }