@strapi/plugin-users-permissions 4.0.0-next.6 → 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin/src/components/BoundRoute/getMethodColor.js +41 -0
- package/admin/src/components/BoundRoute/index.js +40 -24
- package/admin/src/components/FormModal/Input/index.js +121 -0
- package/admin/src/components/FormModal/index.js +123 -0
- package/admin/src/components/Permissions/PermissionRow/CheckboxWrapper.js +19 -26
- package/admin/src/components/Permissions/PermissionRow/SubCategory.js +118 -0
- package/admin/src/components/Permissions/PermissionRow/index.js +9 -48
- package/admin/src/components/Permissions/index.js +36 -24
- package/admin/src/components/Permissions/init.js +1 -6
- package/admin/src/components/Policies/index.js +46 -47
- package/admin/src/components/UsersPermissions/index.js +29 -26
- package/admin/src/components/UsersPermissions/init.js +1 -2
- package/admin/src/hooks/useFetchRole/index.js +17 -7
- package/admin/src/hooks/useForm/index.js +3 -29
- package/admin/src/hooks/useForm/reducer.js +2 -21
- package/admin/src/hooks/usePlugins/index.js +12 -21
- package/admin/src/hooks/usePlugins/reducer.js +0 -3
- package/admin/src/index.js +29 -34
- package/admin/src/pages/AdvancedSettings/index.js +210 -193
- package/admin/src/pages/AdvancedSettings/utils/api.js +13 -0
- package/admin/src/pages/AdvancedSettings/utils/layout.js +96 -0
- package/admin/src/pages/AdvancedSettings/utils/schema.js +22 -0
- package/admin/src/pages/EmailTemplates/components/EmailForm.js +173 -0
- package/admin/src/pages/EmailTemplates/components/EmailTable.js +116 -0
- package/admin/src/pages/EmailTemplates/index.js +125 -198
- package/admin/src/pages/EmailTemplates/utils/api.js +13 -0
- package/admin/src/pages/Providers/index.js +208 -216
- package/admin/src/pages/Providers/utils/api.js +21 -0
- package/admin/src/pages/Providers/utils/forms.js +168 -126
- package/admin/src/pages/Roles/CreatePage/index.js +155 -147
- package/admin/src/pages/Roles/EditPage/index.js +162 -134
- package/admin/src/pages/Roles/ListPage/components/TableBody.js +96 -0
- package/admin/src/pages/Roles/ListPage/index.js +176 -156
- package/admin/src/pages/Roles/ListPage/utils/api.js +28 -0
- package/admin/src/pages/Roles/index.js +14 -8
- package/admin/src/permissions.js +12 -14
- package/admin/src/translations/ar.json +0 -8
- package/admin/src/translations/cs.json +0 -8
- package/admin/src/translations/de.json +0 -8
- package/admin/src/translations/dk.json +0 -8
- package/admin/src/translations/en.json +33 -12
- package/admin/src/translations/es.json +0 -8
- package/admin/src/translations/fr.json +0 -8
- package/admin/src/translations/id.json +0 -8
- package/admin/src/translations/it.json +0 -8
- package/admin/src/translations/ja.json +0 -8
- package/admin/src/translations/ko.json +0 -8
- package/admin/src/translations/ms.json +0 -8
- package/admin/src/translations/nl.json +0 -8
- package/admin/src/translations/pl.json +0 -8
- package/admin/src/translations/pt-BR.json +0 -8
- package/admin/src/translations/pt.json +0 -8
- package/admin/src/translations/ru.json +0 -8
- package/admin/src/translations/sk.json +0 -8
- package/admin/src/translations/sv.json +0 -8
- package/admin/src/translations/th.json +0 -8
- package/admin/src/translations/tr.json +0 -8
- package/admin/src/translations/uk.json +0 -8
- package/admin/src/translations/vi.json +0 -8
- package/admin/src/translations/zh-Hans.json +5 -14
- package/admin/src/translations/zh.json +0 -8
- package/admin/src/utils/axiosInstance.js +36 -0
- package/admin/src/utils/formatPluginName.js +26 -0
- package/admin/src/utils/index.js +1 -0
- package/documentation/1.0.0/overrides/users-permissions-Role.json +6 -6
- package/documentation/1.0.0/overrides/users-permissions-User.json +7 -7
- package/package.json +30 -29
- package/{config/functions/bootstrap.js → server/bootstrap/index.js} +26 -33
- package/{config → server/bootstrap}/users-permissions-actions.js +0 -0
- package/server/config.js +23 -0
- package/server/content-types/index.js +11 -0
- package/server/content-types/permission/index.js +34 -0
- package/server/content-types/role/index.js +51 -0
- package/server/content-types/user/index.js +72 -0
- package/{models/User.config.js → server/content-types/user/schema-config.js} +0 -0
- package/server/controllers/auth.js +440 -0
- package/server/controllers/content-manager-user.js +183 -0
- package/server/controllers/index.js +17 -0
- package/server/controllers/permissions.js +26 -0
- package/server/controllers/role.js +77 -0
- package/server/controllers/settings.js +85 -0
- package/server/controllers/user.js +191 -0
- package/server/controllers/validation/auth.js +29 -0
- package/{controllers → server/controllers}/validation/email-template.js +0 -0
- package/server/controllers/validation/user.js +38 -0
- package/server/graphql/index.js +44 -0
- package/server/graphql/mutations/auth/email-confirmation.js +39 -0
- package/server/graphql/mutations/auth/forgot-password.js +38 -0
- package/server/graphql/mutations/auth/login.js +38 -0
- package/server/graphql/mutations/auth/register.js +39 -0
- package/server/graphql/mutations/auth/reset-password.js +41 -0
- package/server/graphql/mutations/crud/role/create-role.js +37 -0
- package/server/graphql/mutations/crud/role/delete-role.js +28 -0
- package/server/graphql/mutations/crud/role/update-role.js +38 -0
- package/server/graphql/mutations/crud/user/create-user.js +48 -0
- package/server/graphql/mutations/crud/user/delete-user.js +42 -0
- package/server/graphql/mutations/crud/user/update-user.js +49 -0
- package/server/graphql/mutations/index.js +42 -0
- package/server/graphql/queries/index.js +13 -0
- package/server/graphql/queries/me.js +17 -0
- package/server/graphql/resolvers-configs.js +37 -0
- package/server/graphql/types/create-role-payload.js +11 -0
- package/server/graphql/types/delete-role-payload.js +11 -0
- package/server/graphql/types/index.js +21 -0
- package/server/graphql/types/login-input.js +13 -0
- package/server/graphql/types/login-payload.js +12 -0
- package/server/graphql/types/me-role.js +14 -0
- package/server/graphql/types/me.js +16 -0
- package/server/graphql/types/password-payload.js +11 -0
- package/server/graphql/types/register-input.js +13 -0
- package/server/graphql/types/update-role-payload.js +11 -0
- package/server/graphql/utils.js +27 -0
- package/server/index.js +21 -0
- package/server/middlewares/index.js +7 -0
- package/{config/policies → server/middlewares}/rateLimit.js +4 -8
- package/server/register.js +11 -0
- package/server/routes/admin/index.js +10 -0
- package/server/routes/admin/permissions.js +20 -0
- package/server/routes/admin/role.js +79 -0
- package/server/routes/admin/settings.js +95 -0
- package/server/routes/content-api/auth.js +73 -0
- package/server/routes/content-api/index.js +11 -0
- package/server/routes/content-api/permissions.js +9 -0
- package/server/routes/content-api/role.js +29 -0
- package/server/routes/content-api/user.js +61 -0
- package/server/routes/index.js +6 -0
- package/server/services/index.js +15 -0
- package/server/services/jwt.js +55 -0
- package/server/services/providers.js +599 -0
- package/server/services/role.js +177 -0
- package/{services → server/services}/user.js +32 -35
- package/server/services/users-permissions.js +233 -0
- package/server/strategies/users-permissions.js +123 -0
- package/{utils → server/utils}/index.d.ts +6 -1
- package/server/utils/index.js +9 -0
- package/strapi-admin.js +3 -0
- package/strapi-server.js +3 -0
- package/admin/src/assets/images/logo.svg +0 -1
- package/admin/src/components/BaselineAlignement/index.js +0 -33
- package/admin/src/components/Bloc/index.js +0 -10
- package/admin/src/components/BoundRoute/Components.js +0 -78
- package/admin/src/components/ContainerFluid/index.js +0 -13
- package/admin/src/components/FormBloc/index.js +0 -61
- package/admin/src/components/IntlInput/index.js +0 -38
- package/admin/src/components/ListBaselineAlignment/index.js +0 -8
- package/admin/src/components/ListRow/Components.js +0 -74
- package/admin/src/components/ListRow/index.js +0 -35
- package/admin/src/components/ModalForm/Wrapper.js +0 -12
- package/admin/src/components/ModalForm/index.js +0 -59
- package/admin/src/components/Permissions/ListWrapper.js +0 -9
- package/admin/src/components/Permissions/PermissionRow/BaselineAlignment.js +0 -7
- package/admin/src/components/Permissions/PermissionRow/RowStyle.js +0 -28
- package/admin/src/components/Permissions/PermissionRow/SubCategory/ConditionsButtonWrapper.js +0 -13
- package/admin/src/components/Permissions/PermissionRow/SubCategory/PolicyWrapper.js +0 -8
- package/admin/src/components/Permissions/PermissionRow/SubCategory/SubCategoryWrapper.js +0 -26
- package/admin/src/components/Permissions/PermissionRow/SubCategory/index.js +0 -116
- package/admin/src/components/Policies/Components.js +0 -26
- package/admin/src/components/PrefixedIcon/index.js +0 -27
- package/admin/src/components/Roles/EmptyRole/BaselineAlignment.js +0 -7
- package/admin/src/components/Roles/EmptyRole/index.js +0 -27
- package/admin/src/components/Roles/RoleListWrapper/index.js +0 -17
- package/admin/src/components/Roles/RoleRow/RoleDescription.js +0 -9
- package/admin/src/components/Roles/RoleRow/index.js +0 -45
- package/admin/src/components/Roles/index.js +0 -3
- package/admin/src/components/SizedInput/index.js +0 -24
- package/admin/src/pages/AdvancedSettings/reducer.js +0 -65
- package/admin/src/pages/AdvancedSettings/utils/form.js +0 -52
- package/admin/src/pages/EmailTemplates/CustomTextInput.js +0 -105
- package/admin/src/pages/EmailTemplates/Wrapper.js +0 -36
- package/admin/src/pages/EmailTemplates/reducer.js +0 -58
- package/admin/src/pages/EmailTemplates/utils/forms.js +0 -81
- package/admin/src/pages/Roles/ListPage/BaselineAlignment.js +0 -8
- package/config/layout.js +0 -10
- package/config/policies/isAuthenticated.js +0 -9
- package/config/policies/permissions.js +0 -94
- package/config/request.json +0 -6
- package/config/routes.json +0 -381
- package/config/schema.graphql.js +0 -284
- package/config/security.json +0 -5
- package/controllers/auth.js +0 -596
- package/controllers/user/admin.js +0 -230
- package/controllers/user/api.js +0 -174
- package/controllers/user.js +0 -117
- package/controllers/users-permissions.js +0 -271
- package/middlewares/users-permissions/defaults.json +0 -5
- package/middlewares/users-permissions/index.js +0 -40
- package/models/Permission.js +0 -7
- package/models/Permission.settings.json +0 -45
- package/models/Role.js +0 -7
- package/models/Role.settings.json +0 -43
- package/models/User.js +0 -7
- package/models/User.settings.json +0 -63
- package/services/jwt.js +0 -65
- package/services/providers.js +0 -598
- package/services/users-permissions.js +0 -429
- package/utils/index.js +0 -11
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
module.exports = ({ nexus, strapi }) => {
|
|
4
|
+
const { nonNull } = nexus;
|
|
5
|
+
|
|
6
|
+
return {
|
|
7
|
+
type: 'UsersPermissionsDeleteRolePayload',
|
|
8
|
+
|
|
9
|
+
args: {
|
|
10
|
+
id: nonNull('ID'),
|
|
11
|
+
},
|
|
12
|
+
|
|
13
|
+
description: 'Delete an existing role',
|
|
14
|
+
|
|
15
|
+
async resolve(parent, args, context) {
|
|
16
|
+
const { koaContext } = context;
|
|
17
|
+
|
|
18
|
+
koaContext.params = { role: args.id };
|
|
19
|
+
|
|
20
|
+
await strapi
|
|
21
|
+
.plugin('users-permissions')
|
|
22
|
+
.controller('role')
|
|
23
|
+
.deleteRole(koaContext);
|
|
24
|
+
|
|
25
|
+
return { ok: true };
|
|
26
|
+
},
|
|
27
|
+
};
|
|
28
|
+
};
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const usersPermissionsRoleUID = 'plugin::users-permissions.role';
|
|
4
|
+
|
|
5
|
+
module.exports = ({ nexus, strapi }) => {
|
|
6
|
+
const { getContentTypeInputName } = strapi.plugin('graphql').service('utils').naming;
|
|
7
|
+
const { nonNull } = nexus;
|
|
8
|
+
|
|
9
|
+
const roleContentType = strapi.getModel(usersPermissionsRoleUID);
|
|
10
|
+
|
|
11
|
+
const roleInputName = getContentTypeInputName(roleContentType);
|
|
12
|
+
|
|
13
|
+
return {
|
|
14
|
+
type: 'UsersPermissionsUpdateRolePayload',
|
|
15
|
+
|
|
16
|
+
args: {
|
|
17
|
+
id: nonNull('ID'),
|
|
18
|
+
data: nonNull(roleInputName),
|
|
19
|
+
},
|
|
20
|
+
|
|
21
|
+
description: 'Update an existing role',
|
|
22
|
+
|
|
23
|
+
async resolve(parent, args, context) {
|
|
24
|
+
const { koaContext } = context;
|
|
25
|
+
|
|
26
|
+
koaContext.params = { role: args.id };
|
|
27
|
+
koaContext.request.body = args.data;
|
|
28
|
+
koaContext.request.body.role = args.id;
|
|
29
|
+
|
|
30
|
+
await strapi
|
|
31
|
+
.plugin('users-permissions')
|
|
32
|
+
.controller('role')
|
|
33
|
+
.updateRole(koaContext);
|
|
34
|
+
|
|
35
|
+
return { ok: true };
|
|
36
|
+
},
|
|
37
|
+
};
|
|
38
|
+
};
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { toPlainObject } = require('lodash/fp');
|
|
4
|
+
|
|
5
|
+
const { checkBadRequest } = require('../../../utils');
|
|
6
|
+
|
|
7
|
+
const usersPermissionsUserUID = 'plugin::users-permissions.user';
|
|
8
|
+
|
|
9
|
+
module.exports = ({ nexus, strapi }) => {
|
|
10
|
+
const { nonNull } = nexus;
|
|
11
|
+
const { getContentTypeInputName, getEntityResponseName } = strapi
|
|
12
|
+
.plugin('graphql')
|
|
13
|
+
.service('utils').naming;
|
|
14
|
+
|
|
15
|
+
const userContentType = strapi.getModel(usersPermissionsUserUID);
|
|
16
|
+
|
|
17
|
+
const userInputName = getContentTypeInputName(userContentType);
|
|
18
|
+
const responseName = getEntityResponseName(userContentType);
|
|
19
|
+
|
|
20
|
+
return {
|
|
21
|
+
type: nonNull(responseName),
|
|
22
|
+
|
|
23
|
+
args: {
|
|
24
|
+
data: nonNull(userInputName),
|
|
25
|
+
},
|
|
26
|
+
|
|
27
|
+
description: 'Create a new user',
|
|
28
|
+
|
|
29
|
+
async resolve(parent, args, context) {
|
|
30
|
+
const { koaContext } = context;
|
|
31
|
+
|
|
32
|
+
koaContext.params = {};
|
|
33
|
+
koaContext.request.body = toPlainObject(args.data);
|
|
34
|
+
|
|
35
|
+
await strapi
|
|
36
|
+
.plugin('users-permissions')
|
|
37
|
+
.controller('user')
|
|
38
|
+
.create(koaContext);
|
|
39
|
+
|
|
40
|
+
checkBadRequest(koaContext.body);
|
|
41
|
+
|
|
42
|
+
return {
|
|
43
|
+
value: koaContext.body,
|
|
44
|
+
info: { args, resourceUID: 'plugin::users-permissions.user' },
|
|
45
|
+
};
|
|
46
|
+
},
|
|
47
|
+
};
|
|
48
|
+
};
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { checkBadRequest } = require('../../../utils');
|
|
4
|
+
|
|
5
|
+
const usersPermissionsUserUID = 'plugin::users-permissions.user';
|
|
6
|
+
|
|
7
|
+
module.exports = ({ nexus, strapi }) => {
|
|
8
|
+
const { nonNull } = nexus;
|
|
9
|
+
const { getEntityResponseName } = strapi.plugin('graphql').service('utils').naming;
|
|
10
|
+
|
|
11
|
+
const userContentType = strapi.getModel(usersPermissionsUserUID);
|
|
12
|
+
|
|
13
|
+
const responseName = getEntityResponseName(userContentType);
|
|
14
|
+
|
|
15
|
+
return {
|
|
16
|
+
type: nonNull(responseName),
|
|
17
|
+
|
|
18
|
+
args: {
|
|
19
|
+
id: nonNull('ID'),
|
|
20
|
+
},
|
|
21
|
+
|
|
22
|
+
description: 'Update an existing user',
|
|
23
|
+
|
|
24
|
+
async resolve(parent, args, context) {
|
|
25
|
+
const { koaContext } = context;
|
|
26
|
+
|
|
27
|
+
koaContext.params = { id: args.id };
|
|
28
|
+
|
|
29
|
+
await strapi
|
|
30
|
+
.plugin('users-permissions')
|
|
31
|
+
.controller('user')
|
|
32
|
+
.destroy(koaContext);
|
|
33
|
+
|
|
34
|
+
checkBadRequest(koaContext.body);
|
|
35
|
+
|
|
36
|
+
return {
|
|
37
|
+
value: koaContext.body,
|
|
38
|
+
info: { args, resourceUID: 'plugin::users-permissions.user' },
|
|
39
|
+
};
|
|
40
|
+
},
|
|
41
|
+
};
|
|
42
|
+
};
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { toPlainObject } = require('lodash/fp');
|
|
4
|
+
|
|
5
|
+
const { checkBadRequest } = require('../../../utils');
|
|
6
|
+
|
|
7
|
+
const usersPermissionsUserUID = 'plugin::users-permissions.user';
|
|
8
|
+
|
|
9
|
+
module.exports = ({ nexus, strapi }) => {
|
|
10
|
+
const { nonNull } = nexus;
|
|
11
|
+
const { getContentTypeInputName, getEntityResponseName } = strapi
|
|
12
|
+
.plugin('graphql')
|
|
13
|
+
.service('utils').naming;
|
|
14
|
+
|
|
15
|
+
const userContentType = strapi.getModel(usersPermissionsUserUID);
|
|
16
|
+
|
|
17
|
+
const userInputName = getContentTypeInputName(userContentType);
|
|
18
|
+
const responseName = getEntityResponseName(userContentType);
|
|
19
|
+
|
|
20
|
+
return {
|
|
21
|
+
type: nonNull(responseName),
|
|
22
|
+
|
|
23
|
+
args: {
|
|
24
|
+
id: nonNull('ID'),
|
|
25
|
+
data: nonNull(userInputName),
|
|
26
|
+
},
|
|
27
|
+
|
|
28
|
+
description: 'Update an existing user',
|
|
29
|
+
|
|
30
|
+
async resolve(parent, args, context) {
|
|
31
|
+
const { koaContext } = context;
|
|
32
|
+
|
|
33
|
+
koaContext.params = { id: args.id };
|
|
34
|
+
koaContext.request.body = toPlainObject(args.data);
|
|
35
|
+
|
|
36
|
+
await strapi
|
|
37
|
+
.plugin('users-permissions')
|
|
38
|
+
.controller('user')
|
|
39
|
+
.update(koaContext);
|
|
40
|
+
|
|
41
|
+
checkBadRequest(koaContext.body);
|
|
42
|
+
|
|
43
|
+
return {
|
|
44
|
+
value: koaContext.body,
|
|
45
|
+
info: { args, resourceUID: 'plugin::users-permissions.user' },
|
|
46
|
+
};
|
|
47
|
+
},
|
|
48
|
+
};
|
|
49
|
+
};
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const userUID = 'plugin::users-permissions.user';
|
|
4
|
+
const roleUID = 'plugin::users-permissions.role';
|
|
5
|
+
|
|
6
|
+
module.exports = context => {
|
|
7
|
+
const { nexus, strapi } = context;
|
|
8
|
+
|
|
9
|
+
const { naming } = strapi.plugin('graphql').service('utils');
|
|
10
|
+
|
|
11
|
+
const user = strapi.getModel(userUID);
|
|
12
|
+
const role = strapi.getModel(roleUID);
|
|
13
|
+
|
|
14
|
+
const mutations = {
|
|
15
|
+
// CRUD (user & role)
|
|
16
|
+
[naming.getCreateMutationTypeName(role)]: require('./crud/role/create-role'),
|
|
17
|
+
[naming.getUpdateMutationTypeName(role)]: require('./crud/role/update-role'),
|
|
18
|
+
[naming.getDeleteMutationTypeName(role)]: require('./crud/role/delete-role'),
|
|
19
|
+
[naming.getCreateMutationTypeName(user)]: require('./crud/user/create-user'),
|
|
20
|
+
[naming.getUpdateMutationTypeName(user)]: require('./crud/user/update-user'),
|
|
21
|
+
[naming.getDeleteMutationTypeName(user)]: require('./crud/user/delete-user'),
|
|
22
|
+
|
|
23
|
+
// Other mutations
|
|
24
|
+
login: require('./auth/login'),
|
|
25
|
+
register: require('./auth/register'),
|
|
26
|
+
forgotPassword: require('./auth/forgot-password'),
|
|
27
|
+
resetPassword: require('./auth/reset-password'),
|
|
28
|
+
emailConfirmation: require('./auth/email-confirmation'),
|
|
29
|
+
};
|
|
30
|
+
|
|
31
|
+
return nexus.extendType({
|
|
32
|
+
type: 'Mutation',
|
|
33
|
+
|
|
34
|
+
definition(t) {
|
|
35
|
+
for (const [name, getConfig] of Object.entries(mutations)) {
|
|
36
|
+
const config = getConfig(context);
|
|
37
|
+
|
|
38
|
+
t.field(name, config);
|
|
39
|
+
}
|
|
40
|
+
},
|
|
41
|
+
});
|
|
42
|
+
};
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
module.exports = () => ({
|
|
4
|
+
type: 'UsersPermissionsMe',
|
|
5
|
+
|
|
6
|
+
args: {},
|
|
7
|
+
|
|
8
|
+
resolve(parent, args, context) {
|
|
9
|
+
const { user } = context.state;
|
|
10
|
+
|
|
11
|
+
if (!user) {
|
|
12
|
+
throw new Error('Authentication requested');
|
|
13
|
+
}
|
|
14
|
+
|
|
15
|
+
return user;
|
|
16
|
+
},
|
|
17
|
+
});
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const userUID = 'plugin::users-permissions.user';
|
|
4
|
+
const roleUID = 'plugin::users-permissions.role';
|
|
5
|
+
|
|
6
|
+
module.exports = ({ strapi }) => {
|
|
7
|
+
const { naming } = strapi.plugin('graphql').service('utils');
|
|
8
|
+
|
|
9
|
+
const user = strapi.getModel(userUID);
|
|
10
|
+
const role = strapi.getModel(roleUID);
|
|
11
|
+
|
|
12
|
+
const createRole = naming.getCreateMutationTypeName(role);
|
|
13
|
+
const updateRole = naming.getUpdateMutationTypeName(role);
|
|
14
|
+
const deleteRole = naming.getDeleteMutationTypeName(role);
|
|
15
|
+
const createUser = naming.getCreateMutationTypeName(user);
|
|
16
|
+
const updateUser = naming.getUpdateMutationTypeName(user);
|
|
17
|
+
const deleteUser = naming.getDeleteMutationTypeName(user);
|
|
18
|
+
|
|
19
|
+
return {
|
|
20
|
+
// Disabled auth for some operations
|
|
21
|
+
'Mutation.login': { auth: false },
|
|
22
|
+
'Mutation.register': { auth: false },
|
|
23
|
+
'Mutation.forgotPassword': { auth: false },
|
|
24
|
+
'Mutation.resetPassword': { auth: false },
|
|
25
|
+
'Mutation.emailConfirmation': { auth: false },
|
|
26
|
+
|
|
27
|
+
// Scoped auth for replaced CRUD operations
|
|
28
|
+
// Role
|
|
29
|
+
[`Mutation.${createRole}`]: { auth: { scope: [`${roleUID}.create`] } },
|
|
30
|
+
[`Mutation.${updateRole}`]: { auth: { scope: [`${roleUID}.update`] } },
|
|
31
|
+
[`Mutation.${deleteRole}`]: { auth: { scope: [`${roleUID}.delete`] } },
|
|
32
|
+
// User
|
|
33
|
+
[`Mutation.${createUser}`]: { auth: { scope: [`${userUID}.create`] } },
|
|
34
|
+
[`Mutation.${updateUser}`]: { auth: { scope: [`${userUID}.update`] } },
|
|
35
|
+
[`Mutation.${deleteUser}`]: { auth: { scope: [`${userUID}.delete`] } },
|
|
36
|
+
};
|
|
37
|
+
};
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const typesFactories = [
|
|
4
|
+
require('./me'),
|
|
5
|
+
require('./me-role'),
|
|
6
|
+
require('./register-input'),
|
|
7
|
+
require('./login-input'),
|
|
8
|
+
require('./password-payload'),
|
|
9
|
+
require('./login-payload'),
|
|
10
|
+
require('./create-role-payload'),
|
|
11
|
+
require('./update-role-payload'),
|
|
12
|
+
require('./delete-role-payload'),
|
|
13
|
+
];
|
|
14
|
+
|
|
15
|
+
/**
|
|
16
|
+
* @param {object} context
|
|
17
|
+
* @param {object} context.nexus
|
|
18
|
+
* @param {object} context.strapi
|
|
19
|
+
* @return {any[]}
|
|
20
|
+
*/
|
|
21
|
+
module.exports = context => typesFactories.map(factory => factory(context));
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
module.exports = ({ nexus }) => {
|
|
4
|
+
return nexus.inputObjectType({
|
|
5
|
+
name: 'UsersPermissionsLoginInput',
|
|
6
|
+
|
|
7
|
+
definition(t) {
|
|
8
|
+
t.nonNull.string('identifier');
|
|
9
|
+
t.nonNull.string('password');
|
|
10
|
+
t.nonNull.string('provider', { default: 'local' });
|
|
11
|
+
},
|
|
12
|
+
});
|
|
13
|
+
};
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
module.exports = ({ nexus }) => {
|
|
4
|
+
return nexus.objectType({
|
|
5
|
+
name: 'UsersPermissionsMe',
|
|
6
|
+
|
|
7
|
+
definition(t) {
|
|
8
|
+
t.nonNull.id('id');
|
|
9
|
+
t.nonNull.string('username');
|
|
10
|
+
t.string('email');
|
|
11
|
+
t.boolean('confirmed');
|
|
12
|
+
t.boolean('blocked');
|
|
13
|
+
t.field('role', { type: 'UsersPermissionsMeRole' });
|
|
14
|
+
},
|
|
15
|
+
});
|
|
16
|
+
};
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
module.exports = ({ nexus }) => {
|
|
4
|
+
return nexus.inputObjectType({
|
|
5
|
+
name: 'UsersPermissionsRegisterInput',
|
|
6
|
+
|
|
7
|
+
definition(t) {
|
|
8
|
+
t.nonNull.string('username');
|
|
9
|
+
t.nonNull.string('email');
|
|
10
|
+
t.nonNull.string('password');
|
|
11
|
+
},
|
|
12
|
+
});
|
|
13
|
+
};
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { getOr } = require('lodash/fp');
|
|
4
|
+
|
|
5
|
+
/**
|
|
6
|
+
* Throws an ApolloError if context body contains a bad request
|
|
7
|
+
* @param contextBody - body of the context object given to the resolver
|
|
8
|
+
* @throws ApolloError if the body is a bad request
|
|
9
|
+
*/
|
|
10
|
+
function checkBadRequest(contextBody) {
|
|
11
|
+
const statusCode = getOr(200, 'statusCode', contextBody);
|
|
12
|
+
|
|
13
|
+
if (statusCode !== 200) {
|
|
14
|
+
const errorMessage = getOr('Bad Request', 'error', contextBody);
|
|
15
|
+
|
|
16
|
+
const exception = new Error(errorMessage);
|
|
17
|
+
|
|
18
|
+
exception.code = statusCode || 400;
|
|
19
|
+
exception.data = contextBody;
|
|
20
|
+
|
|
21
|
+
throw exception;
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
module.exports = {
|
|
26
|
+
checkBadRequest,
|
|
27
|
+
};
|
package/server/index.js
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const register = require('./register');
|
|
4
|
+
const bootstrap = require('./bootstrap');
|
|
5
|
+
const contentTypes = require('./content-types');
|
|
6
|
+
const middlewares = require('./middlewares');
|
|
7
|
+
const services = require('./services');
|
|
8
|
+
const routes = require('./routes');
|
|
9
|
+
const controllers = require('./controllers');
|
|
10
|
+
const config = require('./config');
|
|
11
|
+
|
|
12
|
+
module.exports = () => ({
|
|
13
|
+
register,
|
|
14
|
+
bootstrap,
|
|
15
|
+
config,
|
|
16
|
+
routes,
|
|
17
|
+
controllers,
|
|
18
|
+
contentTypes,
|
|
19
|
+
middlewares,
|
|
20
|
+
services,
|
|
21
|
+
});
|
|
@@ -1,12 +1,8 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
return require('koa2-ratelimit').RateLimit;
|
|
6
|
-
},
|
|
7
|
-
};
|
|
3
|
+
module.exports = (config, { strapi }) => async (ctx, next) => {
|
|
4
|
+
const ratelimit = require('koa2-ratelimit').RateLimit;
|
|
8
5
|
|
|
9
|
-
module.exports = async (ctx, next) => {
|
|
10
6
|
const message = [
|
|
11
7
|
{
|
|
12
8
|
messages: [
|
|
@@ -18,7 +14,7 @@ module.exports = async (ctx, next) => {
|
|
|
18
14
|
},
|
|
19
15
|
];
|
|
20
16
|
|
|
21
|
-
return
|
|
17
|
+
return ratelimit.middleware(
|
|
22
18
|
Object.assign(
|
|
23
19
|
{},
|
|
24
20
|
{
|
|
@@ -27,7 +23,7 @@ module.exports = async (ctx, next) => {
|
|
|
27
23
|
prefixKey: `${ctx.request.path}:${ctx.request.ip}`,
|
|
28
24
|
message,
|
|
29
25
|
},
|
|
30
|
-
strapi.
|
|
26
|
+
strapi.config.get('plugin.users-permissions.ratelimit')
|
|
31
27
|
)
|
|
32
28
|
)(ctx, next);
|
|
33
29
|
};
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const authStrategy = require('./strategies/users-permissions');
|
|
4
|
+
|
|
5
|
+
module.exports = ({ strapi }) => {
|
|
6
|
+
strapi.container.get('auth').register('content-api', authStrategy);
|
|
7
|
+
|
|
8
|
+
if (strapi.plugin('graphql')) {
|
|
9
|
+
require('./graphql')({ strapi });
|
|
10
|
+
}
|
|
11
|
+
};
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const permissionsRoutes = require('./permissions');
|
|
4
|
+
const settingsRoutes = require('./settings');
|
|
5
|
+
const roleRoutes = require('./role');
|
|
6
|
+
|
|
7
|
+
module.exports = {
|
|
8
|
+
type: 'admin',
|
|
9
|
+
routes: [...roleRoutes, ...settingsRoutes, ...permissionsRoutes],
|
|
10
|
+
};
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
module.exports = [
|
|
4
|
+
{
|
|
5
|
+
method: 'GET',
|
|
6
|
+
path: '/permissions',
|
|
7
|
+
handler: 'permissions.getPermissions',
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
method: 'GET',
|
|
11
|
+
path: '/policies',
|
|
12
|
+
handler: 'permissions.getPolicies',
|
|
13
|
+
},
|
|
14
|
+
|
|
15
|
+
{
|
|
16
|
+
method: 'GET',
|
|
17
|
+
path: '/routes',
|
|
18
|
+
handler: 'permissions.getRoutes',
|
|
19
|
+
},
|
|
20
|
+
];
|