npm - @strapi/plugin-users-permissions - Versions diffs - 4.2.0-beta.0 → 4.2.0-beta.3 - Mend

@strapi/plugin-users-permissions 4.2.0-beta.0 → 4.2.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (56) hide show

package/admin/src/components/FormModal/index.js +1 -1
package/admin/src/index.js +1 -1
package/admin/src/pages/AdvancedSettings/index.js +2 -2
package/admin/src/pages/EmailTemplates/components/EmailTable.js +2 -2
package/admin/src/pages/Providers/index.js +4 -4
package/admin/src/pages/Roles/CreatePage/index.js +3 -3
package/admin/src/pages/Roles/EditPage/index.js +15 -15
package/admin/src/pages/Roles/ListPage/components/TableBody.js +2 -3
package/admin/src/pages/Roles/ListPage/index.js +6 -6
package/admin/src/translations/ar.json +0 -1
package/admin/src/translations/cs.json +0 -1
package/admin/src/translations/de.json +0 -2
package/admin/src/translations/dk.json +0 -11
package/admin/src/translations/en.json +0 -11
package/admin/src/translations/es.json +0 -11
package/admin/src/translations/fr.json +0 -1
package/admin/src/translations/id.json +0 -2
package/admin/src/translations/it.json +0 -2
package/admin/src/translations/ja.json +0 -1
package/admin/src/translations/ko.json +0 -11
package/admin/src/translations/ms.json +0 -1
package/admin/src/translations/nl.json +0 -1
package/admin/src/translations/pl.json +0 -1
package/admin/src/translations/pt-BR.json +0 -1
package/admin/src/translations/pt.json +0 -1
package/admin/src/translations/ru.json +0 -2
package/admin/src/translations/sk.json +0 -1
package/admin/src/translations/sv.json +0 -2
package/admin/src/translations/th.json +0 -2
package/admin/src/translations/tr.json +0 -1
package/admin/src/translations/uk.json +0 -1
package/admin/src/translations/vi.json +0 -1
package/admin/src/translations/zh-Hans.json +0 -3
package/admin/src/translations/zh.json +0 -1
package/package.json +6 -8
package/server/bootstrap/index.js +13 -4
package/server/controllers/auth.js +11 -16
package/server/controllers/role.js +4 -4
package/server/controllers/settings.js +1 -1
package/server/controllers/user.js +10 -5
package/server/controllers/validation/email-template.js +10 -1
package/server/graphql/mutations/auth/email-confirmation.js +1 -1
package/server/graphql/mutations/crud/user/delete-user.js +1 -1
package/server/graphql/resolvers-configs.js +4 -4
package/server/register.js +2 -0
package/server/routes/admin/role.js +2 -2
package/server/routes/content-api/role.js +2 -2
package/server/services/providers-list.js +152 -348
package/server/services/providers.js +58 -69
package/server/services/role.js +2 -2
package/server/services/user.js +7 -5
package/server/utils/index.js +3 -0
package/server/utils/sanitize/index.js +9 -0
package/server/utils/sanitize/sanitizers.js +19 -0
package/server/utils/sanitize/visitors/index.js +5 -0
package/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js +11 -0

package/server/services/providers.js CHANGED Viewed

@@ -18,17 +18,16 @@ module.exports = ({ strapi }) => {
    * Helper to get profiles
    *
    * @param {String}   provider
-   * @param {Function} callback
    */
-  const getProfile = async (provider, query, callback) => {
+  const getProfile = async (provider, query) => {
     const access_token = query.access_token || query.code || query.oauth_token;
     const providers = await strapi
       .store({ type: 'plugin', name: 'users-permissions', key: 'grant' })
       .get();
-    await providerRequest({ provider, query, callback, access_token, providers });
+    return providerRequest({ provider, query, access_token, providers });
   };
   /**
@@ -46,79 +45,69 @@ module.exports = ({ strapi }) => {
     return new Promise((resolve, reject) => {
       if (!access_token) {
-        return reject([null, { message: 'No access_token.' }]);
+        return reject({ message: 'No access_token.' });
       }
       // Get the profile.
-      getProfile(provider, query, async (err, profile) => {
-        if (err) {
-          return reject([null, err]);
-        }
-        const email = _.toLower(profile.email);
-        // We need at least the mail.
-        if (!email) {
-          return reject([null, { message: 'Email was not available.' }]);
-        }
-        try {
-          const users = await strapi.query('plugin::users-permissions.user').findMany({
-            where: { email },
-          });
-          const advanced = await strapi
-            .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })
-            .get();
-          const user = _.find(users, { provider });
-          if (_.isEmpty(user) && !advanced.allow_register) {
-            return resolve([
-              null,
-              [{ messages: [{ id: 'Auth.advanced.allow_register' }] }],
-              'Register action is actually not available.',
-            ]);
-          }
+      getProfile(provider, query)
+        .then(async profile => {
+          const email = _.toLower(profile.email);
-          if (!_.isEmpty(user)) {
-            return resolve([user, null]);
+          // We need at least the mail.
+          if (!email) {
+            return reject({ message: 'Email was not available.' });
           }
-          if (
-            !_.isEmpty(_.find(users, user => user.provider !== provider)) &&
-            advanced.unique_email
-          ) {
-            return resolve([
-              null,
-              [{ messages: [{ id: 'Auth.form.error.email.taken' }] }],
-              'Email is already taken.',
-            ]);
+          try {
+            const users = await strapi.query('plugin::users-permissions.user').findMany({
+              where: { email },
+            });
+            const advanced = await strapi
+              .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })
+              .get();
+            const user = _.find(users, { provider });
+            if (_.isEmpty(user) && !advanced.allow_register) {
+              return reject({ message: 'Register action is actually not available.' });
+            }
+            if (!_.isEmpty(user)) {
+              return resolve(user);
+            }
+            if (
+              !_.isEmpty(_.find(users, user => user.provider !== provider)) &&
+              advanced.unique_email
+            ) {
+              return reject({ message: 'Email is already taken.' });
+            }
+            // Retrieve default role.
+            const defaultRole = await strapi
+              .query('plugin::users-permissions.role')
+              .findOne({ where: { type: advanced.default_role } });
+            // Create the new user.
+            const params = {
+              ...profile,
+              email, // overwrite with lowercased email
+              provider,
+              role: defaultRole.id,
+              confirmed: true,
+            };
+            const createdUser = await strapi
+              .query('plugin::users-permissions.user')
+              .create({ data: params });
+            return resolve(createdUser);
+          } catch (err) {
+            reject(err);
           }
-          // Retrieve default role.
-          const defaultRole = await strapi
-            .query('plugin::users-permissions.role')
-            .findOne({ where: { type: advanced.default_role } });
-          // Create the new user.
-          const params = {
-            ...profile,
-            email, // overwrite with lowercased email
-            provider,
-            role: defaultRole.id,
-            confirmed: true,
-          };
-          const createdUser = await strapi
-            .query('plugin::users-permissions.user')
-            .create({ data: params });
-          return resolve([createdUser, null]);
-        } catch (err) {
-          reject([null, err]);
-        }
-      });
+        })
+        .catch(reject);
     });
   };

package/server/services/role.js CHANGED Viewed

@@ -41,7 +41,7 @@ module.exports = ({ strapi }) => ({
     await Promise.all(createPromises);
   },
-  async getRole(roleID) {
+  async findOne(roleID) {
     const role = await strapi
       .query('plugin::users-permissions.role')
       .findOne({ where: { id: roleID }, populate: ['permissions'] });
@@ -68,7 +68,7 @@ module.exports = ({ strapi }) => ({
     };
   },
-  async getRoles() {
+  async find() {
     const roles = await strapi.query('plugin::users-permissions.role').findMany({ sort: ['name'] });
     for (const role of roles) {

package/server/services/user.js CHANGED Viewed

@@ -10,7 +10,7 @@ const crypto = require('crypto');
 const bcrypt = require('bcryptjs');
 const urlJoin = require('url-join');
-const { getAbsoluteServerUrl, sanitize } = require('@strapi/utils');
+const { getAbsoluteAdminUrl, getAbsoluteServerUrl, sanitize } = require('@strapi/utils');
 const { getService } = require('../utils');
 module.exports = ({ strapi }) => ({
@@ -58,8 +58,8 @@ module.exports = ({ strapi }) => ({
    * Promise to fetch a/an user.
    * @return {Promise}
    */
-  fetch(params, populate) {
-    return strapi.query('plugin::users-permissions.user').findOne({ where: params, populate });
+  fetch(id, params) {
+    return strapi.entityService.findOne('plugin::users-permissions.user', id, params);
   },
   /**
@@ -76,8 +76,8 @@ module.exports = ({ strapi }) => ({
    * Promise to fetch all users.
    * @return {Promise}
    */
-  fetchAll(params, populate) {
-    return strapi.query('plugin::users-permissions.user').findMany({ where: params, populate });
+  fetchAll(params) {
+    return strapi.entityService.findMany('plugin::users-permissions.user', params);
   },
   /**
@@ -118,6 +118,8 @@ module.exports = ({ strapi }) => ({
     const apiPrefix = strapi.config.get('api.rest.prefix');
     settings.message = await userPermissionService.template(settings.message, {
       URL: urlJoin(getAbsoluteServerUrl(strapi.config), apiPrefix, '/auth/email-confirmation'),
+      SERVER_URL: getAbsoluteServerUrl(strapi.config),
+      ADMIN_URL: getAbsoluteAdminUrl(strapi.config),
       USER: sanitizedUserInfo,
       CODE: confirmationToken,
     });

package/server/utils/index.js CHANGED Viewed

@@ -1,9 +1,12 @@
 'use strict';
+const sanitize = require('./sanitize');
 const getService = name => {
   return strapi.plugin('users-permissions').service(name);
 };
 module.exports = {
   getService,
+  sanitize,
 };

package/server/utils/sanitize/index.js ADDED Viewed

@@ -0,0 +1,9 @@
+'use strict';
+const visitors = require('./visitors');
+const sanitizers = require('./sanitizers');
+module.exports = {
+  sanitizers,
+  visitors,
+};

package/server/utils/sanitize/sanitizers.js ADDED Viewed

@@ -0,0 +1,19 @@
+'use strict';
+const { curry } = require('lodash/fp');
+const { traverseEntity, pipeAsync } = require('@strapi/utils');
+const { removeUserRelationFromRoleEntities } = require('./visitors');
+const sanitizeUserRelationFromRoleEntities = curry((schema, entity) => {
+  return traverseEntity(removeUserRelationFromRoleEntities, { schema }, entity);
+});
+const defaultSanitizeOutput = curry((schema, entity) => {
+  return pipeAsync(sanitizeUserRelationFromRoleEntities(schema))(entity);
+});
+module.exports = {
+  sanitizeUserRelationFromRoleEntities,
+  defaultSanitizeOutput,
+};

package/server/utils/sanitize/visitors/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+'use strict';
+module.exports = {
+  removeUserRelationFromRoleEntities: require('./remove-user-relation-from-role-entities'),
+};

package/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js ADDED Viewed

@@ -0,0 +1,11 @@
+'use strict';
+module.exports = ({ schema, key, attribute }, { remove }) => {
+  if (
+    attribute.type === 'relation' &&
+    attribute.target === 'plugin::users-permissions.user' &&
+    schema.uid === 'plugin::users-permissions.role'
+  ) {
+    remove(key);
+  }
+};