@strapi/plugin-users-permissions 4.0.0-next.9 → 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin/src/components/BoundRoute/getMethodColor.js +41 -0
- package/admin/src/components/BoundRoute/index.js +40 -24
- package/admin/src/components/FormModal/Input/index.js +121 -0
- package/admin/src/components/FormModal/index.js +123 -0
- package/admin/src/components/Permissions/PermissionRow/CheckboxWrapper.js +19 -26
- package/admin/src/components/Permissions/PermissionRow/SubCategory.js +118 -0
- package/admin/src/components/Permissions/PermissionRow/index.js +9 -48
- package/admin/src/components/Permissions/index.js +36 -24
- package/admin/src/components/Permissions/init.js +1 -6
- package/admin/src/components/Policies/index.js +46 -47
- package/admin/src/components/UsersPermissions/index.js +29 -26
- package/admin/src/components/UsersPermissions/init.js +1 -2
- package/admin/src/hooks/useFetchRole/index.js +17 -7
- package/admin/src/hooks/useForm/index.js +3 -29
- package/admin/src/hooks/useForm/reducer.js +2 -21
- package/admin/src/hooks/usePlugins/index.js +12 -21
- package/admin/src/hooks/usePlugins/reducer.js +0 -3
- package/admin/src/index.js +0 -8
- package/admin/src/pages/AdvancedSettings/index.js +203 -193
- package/admin/src/pages/AdvancedSettings/utils/api.js +13 -0
- package/admin/src/pages/AdvancedSettings/utils/layout.js +96 -0
- package/admin/src/pages/AdvancedSettings/utils/schema.js +22 -0
- package/admin/src/pages/EmailTemplates/components/EmailForm.js +173 -0
- package/admin/src/pages/EmailTemplates/components/EmailTable.js +116 -0
- package/admin/src/pages/EmailTemplates/index.js +117 -197
- package/admin/src/pages/EmailTemplates/utils/api.js +13 -0
- package/admin/src/pages/Providers/index.js +206 -221
- package/admin/src/pages/Providers/utils/api.js +21 -0
- package/admin/src/pages/Providers/utils/forms.js +168 -126
- package/admin/src/pages/Roles/CreatePage/index.js +155 -147
- package/admin/src/pages/Roles/EditPage/index.js +162 -134
- package/admin/src/pages/Roles/ListPage/components/TableBody.js +96 -0
- package/admin/src/pages/Roles/ListPage/index.js +176 -156
- package/admin/src/pages/Roles/ListPage/utils/api.js +28 -0
- package/admin/src/translations/ar.json +0 -8
- package/admin/src/translations/cs.json +0 -8
- package/admin/src/translations/de.json +0 -8
- package/admin/src/translations/dk.json +0 -8
- package/admin/src/translations/en.json +33 -12
- package/admin/src/translations/es.json +0 -8
- package/admin/src/translations/fr.json +0 -8
- package/admin/src/translations/id.json +0 -8
- package/admin/src/translations/it.json +0 -8
- package/admin/src/translations/ja.json +0 -8
- package/admin/src/translations/ko.json +0 -8
- package/admin/src/translations/ms.json +0 -8
- package/admin/src/translations/nl.json +0 -8
- package/admin/src/translations/pl.json +0 -8
- package/admin/src/translations/pt-BR.json +0 -8
- package/admin/src/translations/pt.json +0 -8
- package/admin/src/translations/ru.json +0 -8
- package/admin/src/translations/sk.json +0 -8
- package/admin/src/translations/sv.json +0 -8
- package/admin/src/translations/th.json +0 -8
- package/admin/src/translations/tr.json +0 -8
- package/admin/src/translations/uk.json +0 -8
- package/admin/src/translations/vi.json +0 -8
- package/admin/src/translations/zh-Hans.json +5 -14
- package/admin/src/translations/zh.json +0 -8
- package/admin/src/utils/axiosInstance.js +36 -0
- package/admin/src/utils/formatPluginName.js +26 -0
- package/admin/src/utils/index.js +1 -0
- package/documentation/1.0.0/overrides/users-permissions-Role.json +6 -6
- package/documentation/1.0.0/overrides/users-permissions-User.json +7 -7
- package/package.json +30 -31
- package/server/bootstrap/index.js +19 -21
- package/server/config.js +3 -3
- package/server/content-types/index.js +3 -3
- package/server/content-types/permission/index.js +30 -3
- package/server/content-types/role/index.js +47 -3
- package/server/content-types/user/index.js +65 -4
- package/server/controllers/auth.js +81 -244
- package/server/controllers/content-manager-user.js +183 -0
- package/server/controllers/index.js +12 -6
- package/server/controllers/permissions.js +26 -0
- package/server/controllers/role.js +77 -0
- package/server/controllers/settings.js +85 -0
- package/server/controllers/user.js +118 -44
- package/server/controllers/validation/auth.js +29 -0
- package/server/controllers/validation/user.js +38 -0
- package/server/graphql/index.js +44 -0
- package/server/graphql/mutations/auth/email-confirmation.js +39 -0
- package/server/graphql/mutations/auth/forgot-password.js +38 -0
- package/server/graphql/mutations/auth/login.js +38 -0
- package/server/graphql/mutations/auth/register.js +39 -0
- package/server/graphql/mutations/auth/reset-password.js +41 -0
- package/server/graphql/mutations/crud/role/create-role.js +37 -0
- package/server/graphql/mutations/crud/role/delete-role.js +28 -0
- package/server/graphql/mutations/crud/role/update-role.js +38 -0
- package/server/graphql/mutations/crud/user/create-user.js +48 -0
- package/server/graphql/mutations/crud/user/delete-user.js +42 -0
- package/server/graphql/mutations/crud/user/update-user.js +49 -0
- package/server/graphql/mutations/index.js +42 -0
- package/server/graphql/queries/index.js +13 -0
- package/server/graphql/queries/me.js +17 -0
- package/server/graphql/resolvers-configs.js +37 -0
- package/server/graphql/types/create-role-payload.js +11 -0
- package/server/graphql/types/delete-role-payload.js +11 -0
- package/server/graphql/types/index.js +21 -0
- package/server/graphql/types/login-input.js +13 -0
- package/server/graphql/types/login-payload.js +12 -0
- package/server/graphql/types/me-role.js +14 -0
- package/server/graphql/types/me.js +16 -0
- package/server/graphql/types/password-payload.js +11 -0
- package/server/graphql/types/register-input.js +13 -0
- package/server/graphql/types/update-role-payload.js +11 -0
- package/server/graphql/utils.js +27 -0
- package/server/index.js +21 -0
- package/server/middlewares/index.js +2 -2
- package/server/{policies → middlewares}/rateLimit.js +3 -7
- package/server/register.js +11 -0
- package/server/routes/admin/index.js +10 -0
- package/server/routes/admin/permissions.js +20 -0
- package/server/routes/admin/role.js +79 -0
- package/server/routes/admin/settings.js +95 -0
- package/server/routes/content-api/auth.js +73 -0
- package/server/routes/content-api/index.js +11 -0
- package/server/routes/content-api/permissions.js +9 -0
- package/server/routes/content-api/role.js +29 -0
- package/server/routes/content-api/user.js +61 -0
- package/server/routes/index.js +4 -428
- package/server/services/index.js +10 -8
- package/server/services/jwt.js +9 -17
- package/server/services/providers.js +32 -33
- package/server/services/role.js +177 -0
- package/server/services/user.js +9 -15
- package/server/services/users-permissions.js +140 -338
- package/server/strategies/users-permissions.js +123 -0
- package/server/utils/index.d.ts +2 -0
- package/strapi-admin.js +3 -0
- package/strapi-server.js +1 -19
- package/admin/src/assets/images/logo.svg +0 -1
- package/admin/src/components/BaselineAlignement/index.js +0 -33
- package/admin/src/components/Bloc/index.js +0 -10
- package/admin/src/components/BoundRoute/Components.js +0 -78
- package/admin/src/components/ContainerFluid/index.js +0 -13
- package/admin/src/components/FormBloc/index.js +0 -61
- package/admin/src/components/IntlInput/index.js +0 -38
- package/admin/src/components/ListBaselineAlignment/index.js +0 -8
- package/admin/src/components/ListRow/Components.js +0 -74
- package/admin/src/components/ListRow/index.js +0 -35
- package/admin/src/components/ModalForm/Wrapper.js +0 -12
- package/admin/src/components/ModalForm/index.js +0 -59
- package/admin/src/components/Permissions/ListWrapper.js +0 -9
- package/admin/src/components/Permissions/PermissionRow/BaselineAlignment.js +0 -7
- package/admin/src/components/Permissions/PermissionRow/RowStyle.js +0 -28
- package/admin/src/components/Permissions/PermissionRow/SubCategory/ConditionsButtonWrapper.js +0 -13
- package/admin/src/components/Permissions/PermissionRow/SubCategory/PolicyWrapper.js +0 -8
- package/admin/src/components/Permissions/PermissionRow/SubCategory/SubCategoryWrapper.js +0 -26
- package/admin/src/components/Permissions/PermissionRow/SubCategory/index.js +0 -116
- package/admin/src/components/Policies/Components.js +0 -26
- package/admin/src/components/PrefixedIcon/index.js +0 -27
- package/admin/src/components/Roles/EmptyRole/BaselineAlignment.js +0 -7
- package/admin/src/components/Roles/EmptyRole/index.js +0 -27
- package/admin/src/components/Roles/RoleListWrapper/index.js +0 -17
- package/admin/src/components/Roles/RoleRow/RoleDescription.js +0 -9
- package/admin/src/components/Roles/RoleRow/index.js +0 -45
- package/admin/src/components/Roles/index.js +0 -3
- package/admin/src/components/SizedInput/index.js +0 -24
- package/admin/src/pages/AdvancedSettings/reducer.js +0 -65
- package/admin/src/pages/AdvancedSettings/utils/form.js +0 -52
- package/admin/src/pages/EmailTemplates/CustomTextInput.js +0 -105
- package/admin/src/pages/EmailTemplates/Wrapper.js +0 -36
- package/admin/src/pages/EmailTemplates/reducer.js +0 -58
- package/admin/src/pages/EmailTemplates/utils/forms.js +0 -81
- package/admin/src/pages/Roles/ListPage/BaselineAlignment.js +0 -8
- package/server/content-types/permission/schema.json +0 -48
- package/server/content-types/role/schema.json +0 -46
- package/server/content-types/user/schema.json +0 -66
- package/server/controllers/user/admin.js +0 -230
- package/server/controllers/user/api.js +0 -174
- package/server/controllers/users-permissions.js +0 -271
- package/server/middlewares/users-permissions.js +0 -44
- package/server/policies/index.js +0 -11
- package/server/policies/isAuthenticated.js +0 -9
- package/server/policies/permissions.js +0 -94
- package/server/schema.graphql.js +0 -317
|
@@ -1,271 +0,0 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
const _ = require('lodash');
|
|
4
|
-
const { getService } = require('../utils');
|
|
5
|
-
const { isValidEmailTemplate } = require('./validation/email-template');
|
|
6
|
-
|
|
7
|
-
module.exports = {
|
|
8
|
-
/**
|
|
9
|
-
* Default action.
|
|
10
|
-
*
|
|
11
|
-
* @return {Object}
|
|
12
|
-
*/
|
|
13
|
-
async createRole(ctx) {
|
|
14
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
15
|
-
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
|
|
16
|
-
}
|
|
17
|
-
|
|
18
|
-
try {
|
|
19
|
-
await getService('users-permissions').createRole(ctx.request.body);
|
|
20
|
-
|
|
21
|
-
ctx.send({ ok: true });
|
|
22
|
-
} catch (err) {
|
|
23
|
-
strapi.log.error(err);
|
|
24
|
-
ctx.badRequest(null, [{ messages: [{ id: 'An error occured' }] }]);
|
|
25
|
-
}
|
|
26
|
-
},
|
|
27
|
-
|
|
28
|
-
async deleteRole(ctx) {
|
|
29
|
-
// Fetch public role.
|
|
30
|
-
const publicRole = await strapi
|
|
31
|
-
.query('plugin::users-permissions.role')
|
|
32
|
-
.findOne({ where: { type: 'public' } });
|
|
33
|
-
|
|
34
|
-
const publicRoleID = publicRole.id;
|
|
35
|
-
|
|
36
|
-
const roleID = ctx.params.role;
|
|
37
|
-
|
|
38
|
-
if (!roleID) {
|
|
39
|
-
return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
|
|
40
|
-
}
|
|
41
|
-
|
|
42
|
-
// Prevent from removing the public role.
|
|
43
|
-
if (roleID.toString() === publicRoleID.toString()) {
|
|
44
|
-
return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);
|
|
45
|
-
}
|
|
46
|
-
|
|
47
|
-
try {
|
|
48
|
-
await getService('users-permissions').deleteRole(roleID, publicRoleID);
|
|
49
|
-
|
|
50
|
-
ctx.send({ ok: true });
|
|
51
|
-
} catch (err) {
|
|
52
|
-
strapi.log.error(err);
|
|
53
|
-
ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
|
|
54
|
-
}
|
|
55
|
-
},
|
|
56
|
-
|
|
57
|
-
async getPermissions(ctx) {
|
|
58
|
-
try {
|
|
59
|
-
const permissions = await getService('users-permissions').getActions();
|
|
60
|
-
|
|
61
|
-
ctx.send({ permissions });
|
|
62
|
-
} catch (err) {
|
|
63
|
-
ctx.badRequest(null, [{ message: [{ id: 'Not Found' }] }]);
|
|
64
|
-
}
|
|
65
|
-
},
|
|
66
|
-
|
|
67
|
-
async getPolicies(ctx) {
|
|
68
|
-
const policies = _.keys(strapi.plugin('users-permissions').policies);
|
|
69
|
-
|
|
70
|
-
ctx.send({
|
|
71
|
-
policies: _.without(policies, 'permissions'),
|
|
72
|
-
});
|
|
73
|
-
},
|
|
74
|
-
|
|
75
|
-
async getRole(ctx) {
|
|
76
|
-
const { id } = ctx.params;
|
|
77
|
-
const { lang } = ctx.query;
|
|
78
|
-
const plugins = await getService('users-permissions').getPlugins(lang);
|
|
79
|
-
const role = await getService('users-permissions').getRole(id, plugins);
|
|
80
|
-
|
|
81
|
-
if (_.isEmpty(role)) {
|
|
82
|
-
return ctx.badRequest(null, [{ messages: [{ id: `Role don't exist` }] }]);
|
|
83
|
-
}
|
|
84
|
-
|
|
85
|
-
ctx.send({ role });
|
|
86
|
-
},
|
|
87
|
-
|
|
88
|
-
async getRoles(ctx) {
|
|
89
|
-
try {
|
|
90
|
-
const roles = await getService('users-permissions').getRoles();
|
|
91
|
-
|
|
92
|
-
ctx.send({ roles });
|
|
93
|
-
} catch (err) {
|
|
94
|
-
ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
|
|
95
|
-
}
|
|
96
|
-
},
|
|
97
|
-
|
|
98
|
-
async getRoutes(ctx) {
|
|
99
|
-
try {
|
|
100
|
-
const routes = await getService('users-permissions').getRoutes();
|
|
101
|
-
|
|
102
|
-
ctx.send({ routes });
|
|
103
|
-
} catch (err) {
|
|
104
|
-
ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
|
|
105
|
-
}
|
|
106
|
-
},
|
|
107
|
-
|
|
108
|
-
async index(ctx) {
|
|
109
|
-
// Send 200 `ok`
|
|
110
|
-
ctx.send({ message: 'ok' });
|
|
111
|
-
},
|
|
112
|
-
|
|
113
|
-
async searchUsers(ctx) {
|
|
114
|
-
const { id } = ctx.params;
|
|
115
|
-
|
|
116
|
-
const data = await strapi.query('plugin::users-permissions.user').custom(searchQueries)({
|
|
117
|
-
id,
|
|
118
|
-
});
|
|
119
|
-
|
|
120
|
-
ctx.send(data);
|
|
121
|
-
},
|
|
122
|
-
|
|
123
|
-
async updateRole(ctx) {
|
|
124
|
-
const roleID = ctx.params.role;
|
|
125
|
-
|
|
126
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
127
|
-
return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
|
|
128
|
-
}
|
|
129
|
-
|
|
130
|
-
try {
|
|
131
|
-
await getService('users-permissions').updateRole(roleID, ctx.request.body);
|
|
132
|
-
|
|
133
|
-
ctx.send({ ok: true });
|
|
134
|
-
} catch (err) {
|
|
135
|
-
strapi.log.error(err);
|
|
136
|
-
ctx.badRequest(null, [{ messages: [{ id: 'An error occurred' }] }]);
|
|
137
|
-
}
|
|
138
|
-
},
|
|
139
|
-
|
|
140
|
-
async getEmailTemplate(ctx) {
|
|
141
|
-
ctx.send(
|
|
142
|
-
await strapi
|
|
143
|
-
.store({
|
|
144
|
-
environment: '',
|
|
145
|
-
type: 'plugin',
|
|
146
|
-
name: 'users-permissions',
|
|
147
|
-
key: 'email',
|
|
148
|
-
})
|
|
149
|
-
.get()
|
|
150
|
-
);
|
|
151
|
-
},
|
|
152
|
-
|
|
153
|
-
async updateEmailTemplate(ctx) {
|
|
154
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
155
|
-
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
|
|
156
|
-
}
|
|
157
|
-
|
|
158
|
-
const emailTemplates = ctx.request.body['email-templates'];
|
|
159
|
-
|
|
160
|
-
for (let key in emailTemplates) {
|
|
161
|
-
const template = emailTemplates[key].options.message;
|
|
162
|
-
|
|
163
|
-
if (!isValidEmailTemplate(template)) {
|
|
164
|
-
return ctx.badRequest(null, [{ messages: [{ id: 'Invalid template' }] }]);
|
|
165
|
-
}
|
|
166
|
-
}
|
|
167
|
-
|
|
168
|
-
await strapi
|
|
169
|
-
.store({
|
|
170
|
-
environment: '',
|
|
171
|
-
type: 'plugin',
|
|
172
|
-
name: 'users-permissions',
|
|
173
|
-
key: 'email',
|
|
174
|
-
})
|
|
175
|
-
.set({ value: emailTemplates });
|
|
176
|
-
|
|
177
|
-
ctx.send({ ok: true });
|
|
178
|
-
},
|
|
179
|
-
|
|
180
|
-
async getAdvancedSettings(ctx) {
|
|
181
|
-
ctx.send({
|
|
182
|
-
settings: await strapi
|
|
183
|
-
.store({
|
|
184
|
-
environment: '',
|
|
185
|
-
type: 'plugin',
|
|
186
|
-
name: 'users-permissions',
|
|
187
|
-
key: 'advanced',
|
|
188
|
-
})
|
|
189
|
-
.get(),
|
|
190
|
-
roles: await getService('users-permissions').getRoles(),
|
|
191
|
-
});
|
|
192
|
-
},
|
|
193
|
-
|
|
194
|
-
async updateAdvancedSettings(ctx) {
|
|
195
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
196
|
-
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
|
|
197
|
-
}
|
|
198
|
-
|
|
199
|
-
await strapi
|
|
200
|
-
.store({
|
|
201
|
-
environment: '',
|
|
202
|
-
type: 'plugin',
|
|
203
|
-
name: 'users-permissions',
|
|
204
|
-
key: 'advanced',
|
|
205
|
-
})
|
|
206
|
-
.set({ value: ctx.request.body });
|
|
207
|
-
|
|
208
|
-
ctx.send({ ok: true });
|
|
209
|
-
},
|
|
210
|
-
|
|
211
|
-
async getProviders(ctx) {
|
|
212
|
-
const providers = await strapi
|
|
213
|
-
.store({
|
|
214
|
-
environment: '',
|
|
215
|
-
type: 'plugin',
|
|
216
|
-
name: 'users-permissions',
|
|
217
|
-
key: 'grant',
|
|
218
|
-
})
|
|
219
|
-
.get();
|
|
220
|
-
|
|
221
|
-
for (const provider in providers) {
|
|
222
|
-
if (provider !== 'email') {
|
|
223
|
-
providers[provider].redirectUri = strapi
|
|
224
|
-
.plugin('users-permissions')
|
|
225
|
-
.service('providers')
|
|
226
|
-
.buildRedirectUri(provider);
|
|
227
|
-
}
|
|
228
|
-
}
|
|
229
|
-
|
|
230
|
-
ctx.send(providers);
|
|
231
|
-
},
|
|
232
|
-
|
|
233
|
-
async updateProviders(ctx) {
|
|
234
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
235
|
-
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
|
|
236
|
-
}
|
|
237
|
-
|
|
238
|
-
await strapi
|
|
239
|
-
.store({
|
|
240
|
-
environment: '',
|
|
241
|
-
type: 'plugin',
|
|
242
|
-
name: 'users-permissions',
|
|
243
|
-
key: 'grant',
|
|
244
|
-
})
|
|
245
|
-
.set({ value: ctx.request.body.providers });
|
|
246
|
-
|
|
247
|
-
ctx.send({ ok: true });
|
|
248
|
-
},
|
|
249
|
-
};
|
|
250
|
-
|
|
251
|
-
const searchQueries = {
|
|
252
|
-
bookshelf({ model }) {
|
|
253
|
-
return ({ id }) => {
|
|
254
|
-
return model
|
|
255
|
-
.query(function(qb) {
|
|
256
|
-
qb.where('username', 'LIKE', `%${id}%`).orWhere('email', 'LIKE', `%${id}%`);
|
|
257
|
-
})
|
|
258
|
-
.fetchAll()
|
|
259
|
-
.then(results => results.toJSON());
|
|
260
|
-
};
|
|
261
|
-
},
|
|
262
|
-
mongoose({ model }) {
|
|
263
|
-
return ({ id }) => {
|
|
264
|
-
const re = new RegExp(id);
|
|
265
|
-
|
|
266
|
-
return model.find({
|
|
267
|
-
$or: [{ username: re }, { email: re }],
|
|
268
|
-
});
|
|
269
|
-
};
|
|
270
|
-
},
|
|
271
|
-
};
|
|
@@ -1,44 +0,0 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
const _ = require('lodash');
|
|
4
|
-
|
|
5
|
-
module.exports = {
|
|
6
|
-
defaults: { 'users-permissions': { enabled: true } },
|
|
7
|
-
load: {
|
|
8
|
-
beforeInitialize() {
|
|
9
|
-
strapi.config.middleware.load.before.unshift('users-permissions');
|
|
10
|
-
},
|
|
11
|
-
|
|
12
|
-
initialize() {
|
|
13
|
-
_.forEach(strapi.admin.routes, value => {
|
|
14
|
-
if (_.get(value.config, 'policies')) {
|
|
15
|
-
value.config.policies.unshift('plugin::users-permissions.permissions');
|
|
16
|
-
}
|
|
17
|
-
});
|
|
18
|
-
|
|
19
|
-
_.forEach(strapi.api, api => {
|
|
20
|
-
_.forEach(api.routes, route => {
|
|
21
|
-
if (_.has(route, 'routes')) {
|
|
22
|
-
_.forEach(route.routes || [], route => {
|
|
23
|
-
if (_.get(route.config, 'policies')) {
|
|
24
|
-
route.config.policies.unshift('plugin::users-permissions.permissions');
|
|
25
|
-
}
|
|
26
|
-
});
|
|
27
|
-
} else if (_.get(route.config, 'policies')) {
|
|
28
|
-
route.config.policies.unshift('plugin::users-permissions.permissions');
|
|
29
|
-
}
|
|
30
|
-
});
|
|
31
|
-
});
|
|
32
|
-
|
|
33
|
-
if (strapi.plugins) {
|
|
34
|
-
_.forEach(strapi.plugins, plugin => {
|
|
35
|
-
_.forEach(plugin.routes, route => {
|
|
36
|
-
if (_.get(route.config, 'policies')) {
|
|
37
|
-
route.config.policies.unshift('plugin::users-permissions.permissions');
|
|
38
|
-
}
|
|
39
|
-
});
|
|
40
|
-
});
|
|
41
|
-
}
|
|
42
|
-
},
|
|
43
|
-
},
|
|
44
|
-
};
|
package/server/policies/index.js
DELETED
|
@@ -1,94 +0,0 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
const _ = require('lodash');
|
|
4
|
-
const { getService } = require('../utils');
|
|
5
|
-
|
|
6
|
-
module.exports = async (ctx, next) => {
|
|
7
|
-
let role;
|
|
8
|
-
|
|
9
|
-
if (ctx.state.user) {
|
|
10
|
-
// request is already authenticated in a different way
|
|
11
|
-
return next();
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
15
|
-
try {
|
|
16
|
-
const { id } = await getService('jwt').getToken(ctx);
|
|
17
|
-
|
|
18
|
-
if (id === undefined) {
|
|
19
|
-
throw new Error('Invalid token: Token did not contain required fields');
|
|
20
|
-
}
|
|
21
|
-
|
|
22
|
-
// fetch authenticated user
|
|
23
|
-
ctx.state.user = await getService('user').fetchAuthenticatedUser(id);
|
|
24
|
-
} catch (err) {
|
|
25
|
-
return handleErrors(ctx, err, 'unauthorized');
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
if (!ctx.state.user) {
|
|
29
|
-
return handleErrors(ctx, 'User Not Found', 'unauthorized');
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
role = ctx.state.user.role;
|
|
33
|
-
|
|
34
|
-
if (role.type === 'root') {
|
|
35
|
-
return await next();
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
const store = await strapi.store({
|
|
39
|
-
environment: '',
|
|
40
|
-
type: 'plugin',
|
|
41
|
-
name: 'users-permissions',
|
|
42
|
-
});
|
|
43
|
-
|
|
44
|
-
if (
|
|
45
|
-
_.get(await store.get({ key: 'advanced' }), 'email_confirmation') &&
|
|
46
|
-
!ctx.state.user.confirmed
|
|
47
|
-
) {
|
|
48
|
-
return handleErrors(ctx, 'Your account email is not confirmed.', 'unauthorized');
|
|
49
|
-
}
|
|
50
|
-
|
|
51
|
-
if (ctx.state.user.blocked) {
|
|
52
|
-
return handleErrors(
|
|
53
|
-
ctx,
|
|
54
|
-
'Your account has been blocked by the administrator.',
|
|
55
|
-
'unauthorized'
|
|
56
|
-
);
|
|
57
|
-
}
|
|
58
|
-
}
|
|
59
|
-
|
|
60
|
-
// Retrieve `public` role.
|
|
61
|
-
if (!role) {
|
|
62
|
-
role = await strapi
|
|
63
|
-
.query('plugin::users-permissions.role')
|
|
64
|
-
.findOne({ where: { type: 'public' } });
|
|
65
|
-
}
|
|
66
|
-
|
|
67
|
-
const route = ctx.request.route;
|
|
68
|
-
|
|
69
|
-
const permission = await strapi.query('plugin::users-permissions.permission').findOne({
|
|
70
|
-
where: {
|
|
71
|
-
role: { id: role.id },
|
|
72
|
-
type: route.plugin || 'application',
|
|
73
|
-
controller: route.controller,
|
|
74
|
-
action: route.action,
|
|
75
|
-
enabled: true,
|
|
76
|
-
},
|
|
77
|
-
});
|
|
78
|
-
|
|
79
|
-
if (!permission) {
|
|
80
|
-
return handleErrors(ctx, undefined, 'forbidden');
|
|
81
|
-
}
|
|
82
|
-
|
|
83
|
-
// Execute the policies.
|
|
84
|
-
if (permission.policy) {
|
|
85
|
-
return await strapi.plugin('users-permissions').policy(permission.policy)(ctx, next);
|
|
86
|
-
}
|
|
87
|
-
|
|
88
|
-
// Execute the action.
|
|
89
|
-
await next();
|
|
90
|
-
};
|
|
91
|
-
|
|
92
|
-
const handleErrors = (ctx, err = undefined, type) => {
|
|
93
|
-
throw strapi.errors[type](err);
|
|
94
|
-
};
|