npm - @strapi/plugin-users-permissions - Versions diffs - 4.1.8 → 4.1.10 - Mend

@strapi/plugin-users-permissions 4.1.8 → 4.1.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/admin/src/pages/Roles/EditPage/index.js +11 -11
package/package.json +4 -4
package/server/controllers/role.js +4 -4
package/server/controllers/settings.js +1 -1
package/server/controllers/user.js +6 -4
package/server/register.js +2 -0
package/server/routes/admin/role.js +2 -2
package/server/routes/content-api/role.js +2 -2
package/server/services/role.js +2 -2
package/server/services/user.js +4 -4
package/server/utils/index.js +3 -0
package/server/utils/sanitize/index.js +9 -0
package/server/utils/sanitize/sanitizers.js +19 -0
package/server/utils/sanitize/visitors/index.js +5 -0
package/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js +11 -0

package/admin/src/pages/Roles/EditPage/index.js CHANGED Viewed

@@ -1,4 +1,15 @@
 import React, { useState, useRef } from 'react';
+import { Formik } from 'formik';
+import { useIntl } from 'react-intl';
+import { useRouteMatch } from 'react-router-dom';
+import {
+  useOverlayBlocker,
+  SettingsPageTitle,
+  LoadingIndicatorPage,
+  Form,
+  useNotification,
+  Link,
+} from '@strapi/helper-plugin';
 import { ContentLayout, HeaderLayout } from '@strapi/design-system/Layout';
 import { Main } from '@strapi/design-system/Main';
 import { Button } from '@strapi/design-system/Button';
@@ -9,18 +20,7 @@ import { Textarea } from '@strapi/design-system/Textarea';
 import { Typography } from '@strapi/design-system/Typography';
 import ArrowLeft from '@strapi/icons/ArrowLeft';
 import Check from '@strapi/icons/Check';
-import { Link } from '@strapi/design-system/Link';
 import { GridItem, Grid } from '@strapi/design-system/Grid';
-import { Formik } from 'formik';
-import { useIntl } from 'react-intl';
-import { useRouteMatch } from 'react-router-dom';
-import {
-  useOverlayBlocker,
-  SettingsPageTitle,
-  LoadingIndicatorPage,
-  Form,
-  useNotification,
-} from '@strapi/helper-plugin';
 import UsersPermissions from '../../../components/UsersPermissions';
 import getTrad from '../../../utils/getTrad';
 import pluginId from '../../../pluginId';

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/plugin-users-permissions",
-  "version": "4.1.8",
+  "version": "4.1.10",
   "description": "Protect your API with a full-authentication process based on JWT",
   "repository": {
     "type": "git",
@@ -27,8 +27,8 @@
     "test:front:watch:ce": "cross-env IS_EE=false jest --config ./jest.config.front.js --watchAll"
   },
   "dependencies": {
-    "@strapi/helper-plugin": "4.1.8",
-    "@strapi/utils": "4.1.8",
+    "@strapi/helper-plugin": "4.1.10",
+    "@strapi/utils": "4.1.10",
     "bcryptjs": "2.4.3",
     "grant-koa": "5.4.8",
     "jsonwebtoken": "^8.1.0",
@@ -59,5 +59,5 @@
     "required": true,
     "kind": "plugin"
   },
-  "gitHead": "3f204a0a48d4e1f6dca21683eb6c63041b2f6626"
+  "gitHead": "06abcda86ab96fc560b3ff5e3d72c4d5c1c5d42c"
 }

package/server/controllers/role.js CHANGED Viewed

@@ -21,10 +21,10 @@ module.exports = {
     ctx.send({ ok: true });
   },
-  async getRole(ctx) {
+  async findOne(ctx) {
     const { id } = ctx.params;
-    const role = await getService('role').getRole(id);
+    const role = await getService('role').findOne(id);
     if (!role) {
       return ctx.notFound();
@@ -33,8 +33,8 @@ module.exports = {
     ctx.send({ role });
   },
-  async getRoles(ctx) {
-    const roles = await getService('role').getRoles();
+  async find(ctx) {
+    const roles = await getService('role').find();
     ctx.send({ roles });
   },

package/server/controllers/settings.js CHANGED Viewed

@@ -37,7 +37,7 @@ module.exports = {
       .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })
       .get();
-    const roles = await getService('role').getRoles();
+    const roles = await getService('role').find();
     ctx.send({ settings, roles });
   },

package/server/controllers/user.js CHANGED Viewed

@@ -90,7 +90,7 @@ module.exports = {
     const { id } = ctx.params;
     const { email, username, password } = ctx.request.body;
-    const user = await getService('user').fetch({ id });
+    const user = await getService('user').fetch(id);
     await validateUpdateUserBody(ctx.request.body);
@@ -133,8 +133,8 @@ module.exports = {
    * Retrieve user records.
    * @return {Object|Array}
    */
-  async find(ctx, next, { populate } = {}) {
-    const users = await getService('user').fetchAll(ctx.query.filters, populate);
+  async find(ctx) {
+    const users = await getService('user').fetchAll(ctx.query);
     ctx.body = await Promise.all(users.map(user => sanitizeOutput(user, ctx)));
   },
@@ -145,7 +145,9 @@ module.exports = {
    */
   async findOne(ctx) {
     const { id } = ctx.params;
-    let data = await getService('user').fetch({ id });
+    const { query } = ctx;
+    let data = await getService('user').fetch(id, query);
     if (data) {
       data = await sanitizeOutput(data, ctx);

package/server/register.js CHANGED Viewed

@@ -1,9 +1,11 @@
 'use strict';
 const authStrategy = require('./strategies/users-permissions');
+const sanitizers = require('./utils/sanitize/sanitizers');
 module.exports = ({ strapi }) => {
   strapi.container.get('auth').register('content-api', authStrategy);
+  strapi.sanitizers.add('content-api.output', sanitizers.defaultSanitizeOutput);
   if (strapi.plugin('graphql')) {
     require('./graphql')({ strapi });

package/server/routes/admin/role.js CHANGED Viewed

@@ -4,7 +4,7 @@ module.exports = [
   {
     method: 'GET',
     path: '/roles/:id',
-    handler: 'role.getRole',
+    handler: 'role.findOne',
     config: {
       policies: [
         {
@@ -19,7 +19,7 @@ module.exports = [
   {
     method: 'GET',
     path: '/roles',
-    handler: 'role.getRoles',
+    handler: 'role.find',
     config: {
       policies: [
         {

package/server/routes/content-api/role.js CHANGED Viewed

@@ -4,12 +4,12 @@ module.exports = [
   {
     method: 'GET',
     path: '/roles/:id',
-    handler: 'role.getRole',
+    handler: 'role.findOne',
   },
   {
     method: 'GET',
     path: '/roles',
-    handler: 'role.getRoles',
+    handler: 'role.find',
   },
   {
     method: 'POST',

package/server/services/role.js CHANGED Viewed

@@ -41,7 +41,7 @@ module.exports = ({ strapi }) => ({
     await Promise.all(createPromises);
   },
-  async getRole(roleID) {
+  async findOne(roleID) {
     const role = await strapi
       .query('plugin::users-permissions.role')
       .findOne({ where: { id: roleID }, populate: ['permissions'] });
@@ -68,7 +68,7 @@ module.exports = ({ strapi }) => ({
     };
   },
-  async getRoles() {
+  async find() {
     const roles = await strapi.query('plugin::users-permissions.role').findMany({ sort: ['name'] });
     for (const role of roles) {

package/server/services/user.js CHANGED Viewed

@@ -58,8 +58,8 @@ module.exports = ({ strapi }) => ({
    * Promise to fetch a/an user.
    * @return {Promise}
    */
-  fetch(params, populate) {
-    return strapi.query('plugin::users-permissions.user').findOne({ where: params, populate });
+  fetch(id, params) {
+    return strapi.entityService.findOne('plugin::users-permissions.user', id, params);
   },
   /**
@@ -76,8 +76,8 @@ module.exports = ({ strapi }) => ({
    * Promise to fetch all users.
    * @return {Promise}
    */
-  fetchAll(params, populate) {
-    return strapi.query('plugin::users-permissions.user').findMany({ where: params, populate });
+  fetchAll(params) {
+    return strapi.entityService.findMany('plugin::users-permissions.user', params);
   },
   /**

package/server/utils/index.js CHANGED Viewed

@@ -1,9 +1,12 @@
 'use strict';
+const sanitize = require('./sanitize');
 const getService = name => {
   return strapi.plugin('users-permissions').service(name);
 };
 module.exports = {
   getService,
+  sanitize,
 };

package/server/utils/sanitize/index.js ADDED Viewed

@@ -0,0 +1,9 @@
+'use strict';
+const visitors = require('./visitors');
+const sanitizers = require('./sanitizers');
+module.exports = {
+  sanitizers,
+  visitors,
+};

package/server/utils/sanitize/sanitizers.js ADDED Viewed

@@ -0,0 +1,19 @@
+'use strict';
+const { curry } = require('lodash/fp');
+const { traverseEntity, pipeAsync } = require('@strapi/utils');
+const { removeUserRelationFromRoleEntities } = require('./visitors');
+const sanitizeUserRelationFromRoleEntities = curry((schema, entity) => {
+  return traverseEntity(removeUserRelationFromRoleEntities, { schema }, entity);
+});
+const defaultSanitizeOutput = curry((schema, entity) => {
+  return pipeAsync(sanitizeUserRelationFromRoleEntities(schema))(entity);
+});
+module.exports = {
+  sanitizeUserRelationFromRoleEntities,
+  defaultSanitizeOutput,
+};

package/server/utils/sanitize/visitors/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+'use strict';
+module.exports = {
+  removeUserRelationFromRoleEntities: require('./remove-user-relation-from-role-entities'),
+};

package/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js ADDED Viewed

@@ -0,0 +1,11 @@
+'use strict';
+module.exports = ({ schema, key, attribute }, { remove }) => {
+  if (
+    attribute.type === 'relation' &&
+    attribute.target === 'plugin::users-permissions.user' &&
+    schema.uid === 'plugin::users-permissions.role'
+  ) {
+    remove(key);
+  }
+};