@strapi/plugin-users-permissions 4.20.4 → 5.0.0-alpha.0

package/dist/_chunks/index-vXywiVeM.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index-vXywiVeM.mjs","sources":["../../admin/src/pages/EmailTemplates/utils/schema.js","../../admin/src/pages/EmailTemplates/components/EmailForm.jsx","../../admin/src/pages/EmailTemplates/components/EmailTable.jsx","../../admin/src/pages/EmailTemplates/index.jsx"],"sourcesContent":["import { translatedErrors } from '@strapi/strapi/admin';\nimport * as yup from 'yup';\n\nconst schema = yup.object().shape({\n  options: yup\n    .object()\n    .shape({\n      from: yup\n        .object()\n        .shape({\n          name: yup.string().required({\n            id: translatedErrors.required.id,\n            defaultMessage: 'This field is required',\n          }),\n          email: yup.string().email(translatedErrors.email).required({\n            id: translatedErrors.required.id,\n            defaultMessage: 'This field is required',\n          }),\n        })\n        .required(),\n      response_email: yup.string().email(translatedErrors.email),\n      object: yup.string().required({\n        id: translatedErrors.required.id,\n        defaultMessage: 'This field is required',\n      }),\n      message: yup.string().required({\n        id: translatedErrors.required.id,\n        defaultMessage: 'This field is required',\n      }),\n    })\n    .required(translatedErrors.required.id),\n});\n\nexport default schema;\n","import React from 'react';\n\nimport {\n  Button,\n  Grid,\n  GridItem,\n  ModalBody,\n  ModalFooter,\n  ModalHeader,\n  ModalLayout,\n} from '@strapi/design-system';\nimport { Breadcrumbs, Crumb } from '@strapi/design-system/v2';\nimport { Form, InputRenderer } from '@strapi/strapi/admin';\nimport PropTypes from 'prop-types';\nimport { useIntl } from 'react-intl';\n\nimport { getTrad } from '../../../utils';\nimport schema from '../utils/schema';\n\nconst EmailForm = ({ template, onToggle, onSubmit }) => {\n  const { formatMessage } = useIntl();\n\n  return (\n    <ModalLayout\n      onClose={onToggle}\n      labelledBy={`${formatMessage({\n        id: getTrad('PopUpForm.header.edit.email-templates'),\n        defaultMessage: 'Edit email template',\n      })}, ${formatMessage({ id: getTrad(template.display), defaultMessage: template.display })}`}\n    >\n      <ModalHeader>\n        <Breadcrumbs\n          label={`${formatMessage({\n            id: getTrad('PopUpForm.header.edit.email-templates'),\n            defaultMessage: 'Edit email template',\n          })}, ${formatMessage({\n            id: getTrad(template.display),\n            defaultMessage: template.display,\n          })}`}\n        >\n          <Crumb>\n            {formatMessage({\n              id: getTrad('PopUpForm.header.edit.email-templates'),\n              defaultMessage: 'Edit email template',\n            })}\n          </Crumb>\n          <Crumb isCurrent>\n            {formatMessage({ id: getTrad(template.display), defaultMessage: template.display })}\n          </Crumb>\n        </Breadcrumbs>\n      </ModalHeader>\n      <Form onSubmit={onSubmit} initialValues={template} validationSchema={schema}>\n        {({ isSubmitting }) => {\n          return (\n            <>\n              <ModalBody>\n                <Grid gap={5}>\n                  {[\n                    {\n                      label: formatMessage({\n                        id: getTrad('PopUpForm.Email.options.from.name.label'),\n                        defaultMessage: 'Shipper name',\n                      }),\n                      name: 'options.from.name',\n                      size: 6,\n                      type: 'string',\n                    },\n                    {\n                      label: formatMessage({\n                        id: getTrad('PopUpForm.Email.options.from.email.label'),\n                        defaultMessage: 'Shipper email',\n                      }),\n                      name: 'options.from.email',\n                      size: 6,\n                      type: 'string',\n                    },\n                    {\n                      label: formatMessage({\n                        id: getTrad('PopUpForm.Email.options.response_email.label'),\n                        defaultMessage: 'Response email',\n                      }),\n                      name: 'options.response_email',\n                      size: 6,\n                      type: 'string',\n                    },\n                    {\n                      label: formatMessage({\n                        id: getTrad('PopUpForm.Email.options.object.label'),\n                        defaultMessage: 'Subject',\n                      }),\n                      name: 'options.object',\n                      size: 6,\n                      type: 'string',\n                    },\n                    {\n                      label: formatMessage({\n                        id: getTrad('PopUpForm.Email.options.message.label'),\n                        defaultMessage: 'Message',\n                      }),\n                      name: 'options.message',\n                      size: 12,\n                      type: 'text',\n                    },\n                  ].map(({ size, ...field }) => (\n                    <GridItem key={field.name} col={size}>\n                      <InputRenderer {...field} />\n                    </GridItem>\n                  ))}\n                </Grid>\n              </ModalBody>\n              <ModalFooter\n                startActions={\n                  <Button onClick={onToggle} variant=\"tertiary\">\n                    Cancel\n                  </Button>\n                }\n                endActions={\n                  <Button loading={isSubmitting} type=\"submit\">\n                    Finish\n                  </Button>\n                }\n              />\n            </>\n          );\n        }}\n      </Form>\n    </ModalLayout>\n  );\n};\n\nEmailForm.propTypes = {\n  template: PropTypes.shape({\n    display: PropTypes.string,\n    icon: PropTypes.string,\n    options: PropTypes.shape({\n      from: PropTypes.shape({\n        name: PropTypes.string,\n        email: PropTypes.string,\n      }),\n      message: PropTypes.string,\n      object: PropTypes.string,\n      response_email: PropTypes.string,\n    }),\n  }).isRequired,\n  onSubmit: PropTypes.func.isRequired,\n  onToggle: PropTypes.func.isRequired,\n};\n\nexport default EmailForm;\n","import React from 'react';\n\nimport {\n  Icon,\n  IconButton,\n  Table,\n  Tbody,\n  Td,\n  Th,\n  Thead,\n  Tr,\n  Typography,\n  VisuallyHidden,\n} from '@strapi/design-system';\nimport { onRowClick, stopPropagation } from '@strapi/helper-plugin';\nimport { Check, Pencil, Refresh } from '@strapi/icons';\nimport PropTypes from 'prop-types';\nimport { useIntl } from 'react-intl';\n\nimport { getTrad } from '../../../utils';\n\nconst EmailTable = ({ canUpdate, onEditClick }) => {\n  const { formatMessage } = useIntl();\n\n  return (\n    <Table colCount={3} rowCount={3}>\n      <Thead>\n        <Tr>\n          <Th width=\"1%\">\n            <VisuallyHidden>\n              {formatMessage({\n                id: getTrad('Email.template.table.icon.label'),\n                defaultMessage: 'icon',\n              })}\n            </VisuallyHidden>\n          </Th>\n          <Th>\n            <Typography variant=\"sigma\" textColor=\"neutral600\">\n              {formatMessage({\n                id: getTrad('Email.template.table.name.label'),\n                defaultMessage: 'name',\n              })}\n            </Typography>\n          </Th>\n          <Th width=\"1%\">\n            <VisuallyHidden>\n              {formatMessage({\n                id: getTrad('Email.template.table.action.label'),\n                defaultMessage: 'action',\n              })}\n            </VisuallyHidden>\n          </Th>\n        </Tr>\n      </Thead>\n      <Tbody>\n        <Tr {...onRowClick({ fn: () => onEditClick('reset_password') })}>\n          <Td>\n            <Icon>\n              <Refresh\n                aria-label={formatMessage({\n                  id: 'global.reset-password',\n                  defaultMessage: 'Reset password',\n                })}\n              />\n            </Icon>\n          </Td>\n          <Td>\n            <Typography>\n              {formatMessage({\n                id: 'global.reset-password',\n                defaultMessage: 'Reset password',\n              })}\n            </Typography>\n          </Td>\n          <Td {...stopPropagation}>\n            <IconButton\n              onClick={() => onEditClick('reset_password')}\n              label={formatMessage({\n                id: getTrad('Email.template.form.edit.label'),\n                defaultMessage: 'Edit a template',\n              })}\n              noBorder\n              icon={canUpdate && <Pencil />}\n            />\n          </Td>\n        </Tr>\n        <Tr {...onRowClick({ fn: () => onEditClick('email_confirmation') })}>\n          <Td>\n            <Icon>\n              <Check\n                aria-label={formatMessage({\n                  id: getTrad('Email.template.email_confirmation'),\n                  defaultMessage: 'Email address confirmation',\n                })}\n              />\n            </Icon>\n          </Td>\n          <Td>\n            <Typography>\n              {formatMessage({\n                id: getTrad('Email.template.email_confirmation'),\n                defaultMessage: 'Email address confirmation',\n              })}\n            </Typography>\n          </Td>\n          <Td {...stopPropagation}>\n            <IconButton\n              onClick={() => onEditClick('email_confirmation')}\n              label={formatMessage({\n                id: getTrad('Email.template.form.edit.label'),\n                defaultMessage: 'Edit a template',\n              })}\n              noBorder\n              icon={canUpdate && <Pencil />}\n            />\n          </Td>\n        </Tr>\n      </Tbody>\n    </Table>\n  );\n};\n\nEmailTable.propTypes = {\n  canUpdate: PropTypes.bool.isRequired,\n  onEditClick: PropTypes.func.isRequired,\n};\n\nexport default EmailTable;\n","import * as React from 'react';\n\nimport { useTracking } from '@strapi/admin/strapi-admin';\nimport { ContentLayout, HeaderLayout, Main, useNotifyAT } from '@strapi/design-system';\nimport { useFetchClient, useFocusWhenNavigate, useRBAC } from '@strapi/helper-plugin';\nimport { Page, useAPIErrorHandler, useNotification } from '@strapi/strapi/admin';\nimport { Helmet } from 'react-helmet';\nimport { useIntl } from 'react-intl';\nimport { useMutation, useQuery, useQueryClient } from 'react-query';\n\nimport { PERMISSIONS } from '../../constants';\nimport { getTrad } from '../../utils';\n\nimport EmailForm from './components/EmailForm';\nimport EmailTable from './components/EmailTable';\n\nconst ProtectedEmailTemplatesPage = () => (\n  <Page.Protect permissions={PERMISSIONS.readEmailTemplates}>\n    <EmailTemplatesPage />\n  </Page.Protect>\n);\nconst EmailTemplatesPage = () => {\n  const { formatMessage } = useIntl();\n  const { trackUsage } = useTracking();\n  const { notifyStatus } = useNotifyAT();\n  const { toggleNotification } = useNotification();\n  const queryClient = useQueryClient();\n  const { get, put } = useFetchClient();\n  const { formatAPIError } = useAPIErrorHandler();\n\n  useFocusWhenNavigate();\n\n  const [isModalOpen, setIsModalOpen] = React.useState(false);\n  const [templateToEdit, setTemplateToEdit] = React.useState(null);\n\n  const {\n    isLoading: isLoadingForPermissions,\n    allowedActions: { canUpdate },\n  } = useRBAC({ update: PERMISSIONS.updateEmailTemplates });\n\n  const { isLoading: isLoadingData, data } = useQuery(\n    ['users-permissions', 'email-templates'],\n    async () => {\n      const { data } = await get('/users-permissions/email-templates');\n\n      return data;\n    },\n    {\n      onSuccess() {\n        notifyStatus(\n          formatMessage({\n            id: getTrad('Email.template.data.loaded'),\n            defaultMessage: 'Email templates has been loaded',\n          })\n        );\n      },\n      onError(error) {\n        toggleNotification({\n          type: 'danger',\n          message: formatAPIError(error),\n        });\n      },\n    }\n  );\n\n  const isLoading = isLoadingForPermissions || isLoadingData;\n\n  const handleToggle = () => {\n    setIsModalOpen((prev) => !prev);\n  };\n\n  const handleEditClick = (template) => {\n    setTemplateToEdit(template);\n    handleToggle();\n  };\n\n  const submitMutation = useMutation(\n    (body) => put('/users-permissions/email-templates', { 'email-templates': body }),\n    {\n      async onSuccess() {\n        await queryClient.invalidateQueries(['users-permissions', 'email-templates']);\n\n        toggleNotification({\n          type: 'success',\n          message: formatMessage({ id: 'notification.success.saved', defaultMessage: 'Saved' }),\n        });\n\n        trackUsage('didEditEmailTemplates');\n\n        handleToggle();\n      },\n      onError(error) {\n        toggleNotification({\n          type: 'danger',\n          message: formatAPIError(error),\n        });\n      },\n      refetchActive: true,\n    }\n  );\n\n  const handleSubmit = (body) => {\n    trackUsage('willEditEmailTemplates');\n\n    const editedTemplates = { ...data, [templateToEdit]: body };\n    submitMutation.mutate(editedTemplates);\n  };\n\n  if (isLoading) {\n    return <Page.Loading />;\n  }\n\n  return (\n    <Main aria-busy={submitMutation.isLoading}>\n      <Helmet\n        title={formatMessage(\n          { id: 'Settings.PageTitle', defaultMessage: 'Settings - {name}' },\n          {\n            name: formatMessage({\n              id: getTrad('HeaderNav.link.emailTemplates'),\n              defaultMessage: 'Email templates',\n            }),\n          }\n        )}\n      />\n      <HeaderLayout\n        title={formatMessage({\n          id: getTrad('HeaderNav.link.emailTemplates'),\n          defaultMessage: 'Email templates',\n        })}\n      />\n      <ContentLayout>\n        <EmailTable onEditClick={handleEditClick} canUpdate={canUpdate} />\n        {isModalOpen && (\n          <EmailForm\n            template={data[templateToEdit]}\n            onToggle={handleToggle}\n            onSubmit={handleSubmit}\n          />\n        )}\n      </ContentLayout>\n    </Main>\n  );\n};\n\nexport { ProtectedEmailTemplatesPage, EmailTemplatesPage };\n"],"names":["data","Helmet"],"mappings":";;;;;;;;;;;;;;;AAGA,MAAM,SAAS,IAAI,OAAQ,EAAC,MAAM;AAAA,EAChC,SAAS,IACN,OAAQ,EACR,MAAM;AAAA,IACL,MAAM,IACH,OAAQ,EACR,MAAM;AAAA,MACL,MAAM,IAAI,OAAQ,EAAC,SAAS;AAAA,QAC1B,IAAI,iBAAiB,SAAS;AAAA,QAC9B,gBAAgB;AAAA,MAC5B,CAAW;AAAA,MACD,OAAO,IAAI,OAAQ,EAAC,MAAM,iBAAiB,KAAK,EAAE,SAAS;AAAA,QACzD,IAAI,iBAAiB,SAAS;AAAA,QAC9B,gBAAgB;AAAA,MAC5B,CAAW;AAAA,IACX,CAAS,EACA,SAAU;AAAA,IACb,gBAAgB,IAAI,OAAM,EAAG,MAAM,iBAAiB,KAAK;AAAA,IACzD,QAAQ,IAAI,OAAQ,EAAC,SAAS;AAAA,MAC5B,IAAI,iBAAiB,SAAS;AAAA,MAC9B,gBAAgB;AAAA,IACxB,CAAO;AAAA,IACD,SAAS,IAAI,OAAQ,EAAC,SAAS;AAAA,MAC7B,IAAI,iBAAiB,SAAS;AAAA,MAC9B,gBAAgB;AAAA,IACxB,CAAO;AAAA,EACP,CAAK,EACA,SAAS,iBAAiB,SAAS,EAAE;AAC1C,CAAC;ACZD,MAAM,YAAY,CAAC,EAAE,UAAU,UAAU,eAAe;AAChD,QAAA,EAAE,kBAAkB;AAGxB,SAAA;AAAA,IAAC;AAAA,IAAA;AAAA,MACC,SAAS;AAAA,MACT,YAAY,GAAG,cAAc;AAAA,QAC3B,IAAI,QAAQ,uCAAuC;AAAA,QACnD,gBAAgB;AAAA,MACjB,CAAA,CAAC,KAAK,cAAc,EAAE,IAAI,QAAQ,SAAS,OAAO,GAAG,gBAAgB,SAAS,QAAA,CAAS,CAAC;AAAA,MAEzF,UAAA;AAAA,QAAA,oBAAC,aACC,EAAA,UAAA;AAAA,UAAC;AAAA,UAAA;AAAA,YACC,OAAO,GAAG,cAAc;AAAA,cACtB,IAAI,QAAQ,uCAAuC;AAAA,cACnD,gBAAgB;AAAA,YAAA,CACjB,CAAC,KAAK,cAAc;AAAA,cACnB,IAAI,QAAQ,SAAS,OAAO;AAAA,cAC5B,gBAAgB,SAAS;AAAA,YAC1B,CAAA,CAAC;AAAA,YAEF,UAAA;AAAA,cAAA,oBAAC,SACE,UAAc,cAAA;AAAA,gBACb,IAAI,QAAQ,uCAAuC;AAAA,gBACnD,gBAAgB;AAAA,cACjB,CAAA,GACH;AAAA,cACC,oBAAA,OAAA,EAAM,WAAS,MACb,wBAAc,EAAE,IAAI,QAAQ,SAAS,OAAO,GAAG,gBAAgB,SAAS,QAAS,CAAA,GACpF;AAAA,YAAA;AAAA,UAAA;AAAA,QAAA,GAEJ;AAAA,QACA,oBAAC,MAAK,EAAA,UAAoB,eAAe,UAAU,kBAAkB,QAClE,UAAA,CAAC,EAAE,aAAA,MAAmB;AACrB,iBAEI,qBAAA,UAAA,EAAA,UAAA;AAAA,YAAA,oBAAC,WACC,EAAA,UAAA,oBAAC,MAAK,EAAA,KAAK,GACR,UAAA;AAAA,cACC;AAAA,gBACE,OAAO,cAAc;AAAA,kBACnB,IAAI,QAAQ,yCAAyC;AAAA,kBACrD,gBAAgB;AAAA,gBAAA,CACjB;AAAA,gBACD,MAAM;AAAA,gBACN,MAAM;AAAA,gBACN,MAAM;AAAA,cACR;AAAA,cACA;AAAA,gBACE,OAAO,cAAc;AAAA,kBACnB,IAAI,QAAQ,0CAA0C;AAAA,kBACtD,gBAAgB;AAAA,gBAAA,CACjB;AAAA,gBACD,MAAM;AAAA,gBACN,MAAM;AAAA,gBACN,MAAM;AAAA,cACR;AAAA,cACA;AAAA,gBACE,OAAO,cAAc;AAAA,kBACnB,IAAI,QAAQ,8CAA8C;AAAA,kBAC1D,gBAAgB;AAAA,gBAAA,CACjB;AAAA,gBACD,MAAM;AAAA,gBACN,MAAM;AAAA,gBACN,MAAM;AAAA,cACR;AAAA,cACA;AAAA,gBACE,OAAO,cAAc;AAAA,kBACnB,IAAI,QAAQ,sCAAsC;AAAA,kBAClD,gBAAgB;AAAA,gBAAA,CACjB;AAAA,gBACD,MAAM;AAAA,gBACN,MAAM;AAAA,gBACN,MAAM;AAAA,cACR;AAAA,cACA;AAAA,gBACE,OAAO,cAAc;AAAA,kBACnB,IAAI,QAAQ,uCAAuC;AAAA,kBACnD,gBAAgB;AAAA,gBAAA,CACjB;AAAA,gBACD,MAAM;AAAA,gBACN,MAAM;AAAA,gBACN,MAAM;AAAA,cACR;AAAA,YAAA,EACA,IAAI,CAAC,EAAE,MAAM,GAAG,YACf,oBAAA,UAAA,EAA0B,KAAK,MAC9B,UAAA,oBAAC,iBAAe,GAAG,MAAO,CAAA,KADb,MAAM,IAErB,CACD,EACH,CAAA,GACF;AAAA,YACA;AAAA,cAAC;AAAA,cAAA;AAAA,gBACC,cACG,oBAAA,QAAA,EAAO,SAAS,UAAU,SAAQ,YAAW,UAE9C,UAAA;AAAA,gBAEF,YACG,oBAAA,QAAA,EAAO,SAAS,cAAc,MAAK,UAAS,UAE7C,UAAA;AAAA,cAAA;AAAA,YAEJ;AAAA,UACF,EAAA,CAAA;AAAA,QAAA,GAGN;AAAA,MAAA;AAAA,IAAA;AAAA,EAAA;AAGN;AAEA,UAAU,YAAY;AAAA,EACpB,UAAU,UAAU,MAAM;AAAA,IACxB,SAAS,UAAU;AAAA,IACnB,MAAM,UAAU;AAAA,IAChB,SAAS,UAAU,MAAM;AAAA,MACvB,MAAM,UAAU,MAAM;AAAA,QACpB,MAAM,UAAU;AAAA,QAChB,OAAO,UAAU;AAAA,MAAA,CAClB;AAAA,MACD,SAAS,UAAU;AAAA,MACnB,QAAQ,UAAU;AAAA,MAClB,gBAAgB,UAAU;AAAA,IAAA,CAC3B;AAAA,EACF,CAAA,EAAE;AAAA,EACH,UAAU,UAAU,KAAK;AAAA,EACzB,UAAU,UAAU,KAAK;AAC3B;AC7HA,MAAM,aAAa,CAAC,EAAE,WAAW,kBAAkB;AAC3C,QAAA,EAAE,kBAAkB;AAE1B,SACG,qBAAA,OAAA,EAAM,UAAU,GAAG,UAAU,GAC5B,UAAA;AAAA,IAAC,oBAAA,OAAA,EACC,+BAAC,IACC,EAAA,UAAA;AAAA,MAAA,oBAAC,IAAG,EAAA,OAAM,MACR,UAAA,oBAAC,kBACE,UAAc,cAAA;AAAA,QACb,IAAI,QAAQ,iCAAiC;AAAA,QAC7C,gBAAgB;AAAA,MAAA,CACjB,GACH,EACF,CAAA;AAAA,MACA,oBAAC,MACC,UAAC,oBAAA,YAAA,EAAW,SAAQ,SAAQ,WAAU,cACnC,UAAc,cAAA;AAAA,QACb,IAAI,QAAQ,iCAAiC;AAAA,QAC7C,gBAAgB;AAAA,MAAA,CACjB,GACH,EACF,CAAA;AAAA,0BACC,IAAG,EAAA,OAAM,MACR,UAAA,oBAAC,kBACE,UAAc,cAAA;AAAA,QACb,IAAI,QAAQ,mCAAmC;AAAA,QAC/C,gBAAgB;AAAA,MAAA,CACjB,GACH,EACF,CAAA;AAAA,IAAA,EAAA,CACF,EACF,CAAA;AAAA,yBACC,OACC,EAAA,UAAA;AAAA,MAAC,qBAAA,IAAA,EAAI,GAAG,WAAW,EAAE,IAAI,MAAM,YAAY,gBAAgB,GAAG,GAC5D,UAAA;AAAA,QAAC,oBAAA,IAAA,EACC,8BAAC,MACC,EAAA,UAAA;AAAA,UAAC;AAAA,UAAA;AAAA,YACC,cAAY,cAAc;AAAA,cACxB,IAAI;AAAA,cACJ,gBAAgB;AAAA,YAAA,CACjB;AAAA,UAAA;AAAA,WAEL,EACF,CAAA;AAAA,QACC,oBAAA,IAAA,EACC,UAAC,oBAAA,YAAA,EACE,UAAc,cAAA;AAAA,UACb,IAAI;AAAA,UACJ,gBAAgB;AAAA,QAAA,CACjB,GACH,EACF,CAAA;AAAA,QACA,oBAAC,IAAI,EAAA,GAAG,iBACN,UAAA;AAAA,UAAC;AAAA,UAAA;AAAA,YACC,SAAS,MAAM,YAAY,gBAAgB;AAAA,YAC3C,OAAO,cAAc;AAAA,cACnB,IAAI,QAAQ,gCAAgC;AAAA,cAC5C,gBAAgB;AAAA,YAAA,CACjB;AAAA,YACD,UAAQ;AAAA,YACR,MAAM,aAAa,oBAAC,QAAO,CAAA,CAAA;AAAA,UAAA;AAAA,QAAA,GAE/B;AAAA,MAAA,GACF;AAAA,MACA,qBAAC,IAAI,EAAA,GAAG,WAAW,EAAE,IAAI,MAAM,YAAY,oBAAoB,GAAG,GAChE,UAAA;AAAA,QAAC,oBAAA,IAAA,EACC,8BAAC,MACC,EAAA,UAAA;AAAA,UAAC;AAAA,UAAA;AAAA,YACC,cAAY,cAAc;AAAA,cACxB,IAAI,QAAQ,mCAAmC;AAAA,cAC/C,gBAAgB;AAAA,YAAA,CACjB;AAAA,UAAA;AAAA,WAEL,EACF,CAAA;AAAA,QACC,oBAAA,IAAA,EACC,UAAC,oBAAA,YAAA,EACE,UAAc,cAAA;AAAA,UACb,IAAI,QAAQ,mCAAmC;AAAA,UAC/C,gBAAgB;AAAA,QAAA,CACjB,GACH,EACF,CAAA;AAAA,QACA,oBAAC,IAAI,EAAA,GAAG,iBACN,UAAA;AAAA,UAAC;AAAA,UAAA;AAAA,YACC,SAAS,MAAM,YAAY,oBAAoB;AAAA,YAC/C,OAAO,cAAc;AAAA,cACnB,IAAI,QAAQ,gCAAgC;AAAA,cAC5C,gBAAgB;AAAA,YAAA,CACjB;AAAA,YACD,UAAQ;AAAA,YACR,MAAM,aAAa,oBAAC,QAAO,CAAA,CAAA;AAAA,UAAA;AAAA,QAAA,GAE/B;AAAA,MAAA,GACF;AAAA,IAAA,GACF;AAAA,EACF,EAAA,CAAA;AAEJ;AAEA,WAAW,YAAY;AAAA,EACrB,WAAW,UAAU,KAAK;AAAA,EAC1B,aAAa,UAAU,KAAK;AAC9B;AC7GM,MAAA,8BAA8B,MAClC,oBAAC,KAAK,SAAL,EAAa,aAAa,YAAY,oBACrC,UAAC,oBAAA,oBAAA,CAAA,CAAmB,EACtB,CAAA;AAEF,MAAM,qBAAqB,MAAM;AACzB,QAAA,EAAE,kBAAkB;AACpB,QAAA,EAAE,eAAe;AACjB,QAAA,EAAE,iBAAiB;AACnB,QAAA,EAAE,uBAAuB;AAC/B,QAAM,cAAc;AACpB,QAAM,EAAE,KAAK,IAAI,IAAI,eAAe;AAC9B,QAAA,EAAE,mBAAmB;AAEN;AAErB,QAAM,CAAC,aAAa,cAAc,IAAI,MAAM,SAAS,KAAK;AAC1D,QAAM,CAAC,gBAAgB,iBAAiB,IAAI,MAAM,SAAS,IAAI;AAEzD,QAAA;AAAA,IACJ,WAAW;AAAA,IACX,gBAAgB,EAAE,UAAU;AAAA,MAC1B,QAAQ,EAAE,QAAQ,YAAY,qBAAsB,CAAA;AAExD,QAAM,EAAE,WAAW,eAAe,KAAS,IAAA;AAAA,IACzC,CAAC,qBAAqB,iBAAiB;AAAA,IACvC,YAAY;AACV,YAAM,EAAE,MAAAA,MAAAA,IAAS,MAAM,IAAI,oCAAoC;AAExDA,aAAAA;AAAAA,IACT;AAAA,IACA;AAAA,MACE,YAAY;AACV;AAAA,UACE,cAAc;AAAA,YACZ,IAAI,QAAQ,4BAA4B;AAAA,YACxC,gBAAgB;AAAA,UAAA,CACjB;AAAA,QAAA;AAAA,MAEL;AAAA,MACA,QAAQ,OAAO;AACM,2BAAA;AAAA,UACjB,MAAM;AAAA,UACN,SAAS,eAAe,KAAK;AAAA,QAAA,CAC9B;AAAA,MACH;AAAA,IACF;AAAA,EAAA;AAGF,QAAM,YAAY,2BAA2B;AAE7C,QAAM,eAAe,MAAM;AACV,mBAAA,CAAC,SAAS,CAAC,IAAI;AAAA,EAAA;AAG1B,QAAA,kBAAkB,CAAC,aAAa;AACpC,sBAAkB,QAAQ;AACb;EAAA;AAGf,QAAM,iBAAiB;AAAA,IACrB,CAAC,SAAS,IAAI,sCAAsC,EAAE,mBAAmB,MAAM;AAAA,IAC/E;AAAA,MACE,MAAM,YAAY;AAChB,cAAM,YAAY,kBAAkB,CAAC,qBAAqB,iBAAiB,CAAC;AAEzD,2BAAA;AAAA,UACjB,MAAM;AAAA,UACN,SAAS,cAAc,EAAE,IAAI,8BAA8B,gBAAgB,SAAS;AAAA,QAAA,CACrF;AAED,mBAAW,uBAAuB;AAErB;MACf;AAAA,MACA,QAAQ,OAAO;AACM,2BAAA;AAAA,UACjB,MAAM;AAAA,UACN,SAAS,eAAe,KAAK;AAAA,QAAA,CAC9B;AAAA,MACH;AAAA,MACA,eAAe;AAAA,IACjB;AAAA,EAAA;AAGI,QAAA,eAAe,CAAC,SAAS;AAC7B,eAAW,wBAAwB;AAEnC,UAAM,kBAAkB,EAAE,GAAG,MAAM,CAAC,cAAc,GAAG,KAAK;AAC1D,mBAAe,OAAO,eAAe;AAAA,EAAA;AAGvC,MAAI,WAAW;AACN,WAAA,oBAAC,KAAK,SAAL,CAAa,CAAA;AAAA,EACvB;AAEA,SACG,qBAAA,MAAA,EAAK,aAAW,eAAe,WAC9B,UAAA;AAAA,IAAA;AAAA,MAACC;AAAAA,MAAA;AAAA,QACC,OAAO;AAAA,UACL,EAAE,IAAI,sBAAsB,gBAAgB,oBAAoB;AAAA,UAChE;AAAA,YACE,MAAM,cAAc;AAAA,cAClB,IAAI,QAAQ,+BAA+B;AAAA,cAC3C,gBAAgB;AAAA,YAAA,CACjB;AAAA,UACH;AAAA,QACF;AAAA,MAAA;AAAA,IACF;AAAA,IACA;AAAA,MAAC;AAAA,MAAA;AAAA,QACC,OAAO,cAAc;AAAA,UACnB,IAAI,QAAQ,+BAA+B;AAAA,UAC3C,gBAAgB;AAAA,QAAA,CACjB;AAAA,MAAA;AAAA,IACH;AAAA,yBACC,eACC,EAAA,UAAA;AAAA,MAAC,oBAAA,YAAA,EAAW,aAAa,iBAAiB,UAAsB,CAAA;AAAA,MAC/D,eACC;AAAA,QAAC;AAAA,QAAA;AAAA,UACC,UAAU,KAAK,cAAc;AAAA,UAC7B,UAAU;AAAA,UACV,UAAU;AAAA,QAAA;AAAA,MACZ;AAAA,IAAA,GAEJ;AAAA,EACF,EAAA,CAAA;AAEJ;"}

package/dist/_chunks/useSyncRbac-Kt8Li0Yf-Z54sMEPM.mjs

@@ -0,0 +1,39 @@
+import * as React from "react";
+import { ab as useTypedDispatch, a5 as useTypedSelector, ac as setPermissions, ad as resetPermissions } from "./index-5ZvCaCyY-06DLg5eU.mjs";
+const useSyncRbac = (collectionTypeUID, query, containerName = "listView") => {
+  const [isLoading, setIsLoading] = React.useState(true);
+  const dispatch = useTypedDispatch();
+  const collectionTypesRelatedPermissions = useTypedSelector(
+    (state) => state.rbacProvider.collectionTypesRelatedPermissions
+  );
+  const relatedPermissions = collectionTypesRelatedPermissions[collectionTypeUID];
+  React.useEffect(() => {
+    setIsLoading(true);
+    if (relatedPermissions) {
+      dispatch(
+        setPermissions({
+          permissions: relatedPermissions,
+          __meta__: {
+            plugins: query ? query.plugins : void 0,
+            containerName
+          }
+        })
+      );
+    }
+    setIsLoading(false);
+    return () => {
+      dispatch(resetPermissions());
+    };
+  }, [relatedPermissions, dispatch, query, containerName]);
+  const permissions = useTypedSelector((state) => state["content-manager"].rbac.permissions);
+  const isPermissionMismatch = permissions && permissions.some((permission) => permission.subject !== collectionTypeUID) ? true : false;
+  return {
+    isLoading,
+    isError: !isLoading && isPermissionMismatch,
+    permissions
+  };
+};
+export {
+  useSyncRbac as u
+};
+//# sourceMappingURL=useSyncRbac-Kt8Li0Yf-Z54sMEPM.mjs.map

package/dist/_chunks/useSyncRbac-Kt8Li0Yf-Z54sMEPM.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"useSyncRbac-Kt8Li0Yf-Z54sMEPM.mjs","sources":["../../../../core/admin/dist/_chunks/useSyncRbac-Kt8Li0Yf.mjs"],"sourcesContent":["import * as React from \"react\";\nimport { r as useTypedDispatch, q as useTypedSelector, aG as setPermissions, aH as resetPermissions } from \"./index-5ZvCaCyY.mjs\";\nconst useSyncRbac = (collectionTypeUID, query, containerName = \"listView\") => {\n  const [isLoading, setIsLoading] = React.useState(true);\n  const dispatch = useTypedDispatch();\n  const collectionTypesRelatedPermissions = useTypedSelector(\n    (state) => state.rbacProvider.collectionTypesRelatedPermissions\n  );\n  const relatedPermissions = collectionTypesRelatedPermissions[collectionTypeUID];\n  React.useEffect(() => {\n    setIsLoading(true);\n    if (relatedPermissions) {\n      dispatch(\n        setPermissions({\n          permissions: relatedPermissions,\n          __meta__: {\n            plugins: query ? query.plugins : void 0,\n            containerName\n          }\n        })\n      );\n    }\n    setIsLoading(false);\n    return () => {\n      dispatch(resetPermissions());\n    };\n  }, [relatedPermissions, dispatch, query, containerName]);\n  const permissions = useTypedSelector((state) => state[\"content-manager\"].rbac.permissions);\n  const isPermissionMismatch = permissions && permissions.some((permission) => permission.subject !== collectionTypeUID) ? true : false;\n  return {\n    isLoading,\n    isError: !isLoading && isPermissionMismatch,\n    permissions\n  };\n};\nexport {\n  useSyncRbac as u\n};\n//# sourceMappingURL=useSyncRbac-Kt8Li0Yf.mjs.map\n"],"names":[],"mappings":";;AAEK,MAAC,cAAc,CAAC,mBAAmB,OAAO,gBAAgB,eAAe;AAC5E,QAAM,CAAC,WAAW,YAAY,IAAI,MAAM,SAAS,IAAI;AACrD,QAAM,WAAW;AACjB,QAAM,oCAAoC;AAAA,IACxC,CAAC,UAAU,MAAM,aAAa;AAAA,EAClC;AACE,QAAM,qBAAqB,kCAAkC,iBAAiB;AAC9E,QAAM,UAAU,MAAM;AACpB,iBAAa,IAAI;AACjB,QAAI,oBAAoB;AACtB;AAAA,QACE,eAAe;AAAA,UACb,aAAa;AAAA,UACb,UAAU;AAAA,YACR,SAAS,QAAQ,MAAM,UAAU;AAAA,YACjC;AAAA,UACD;AAAA,QACX,CAAS;AAAA,MACT;AAAA,IACK;AACD,iBAAa,KAAK;AAClB,WAAO,MAAM;AACX,eAAS,iBAAgB,CAAE;AAAA,IACjC;AAAA,EACG,GAAE,CAAC,oBAAoB,UAAU,OAAO,aAAa,CAAC;AACvD,QAAM,cAAc,iBAAiB,CAAC,UAAU,MAAM,iBAAiB,EAAE,KAAK,WAAW;AACzF,QAAM,uBAAuB,eAAe,YAAY,KAAK,CAAC,eAAe,WAAW,YAAY,iBAAiB,IAAI,OAAO;AAChI,SAAO;AAAA,IACL;AAAA,IACA,SAAS,CAAC,aAAa;AAAA,IACvB;AAAA,EACJ;AACA;"}

package/dist/_chunks/useSyncRbac-Kt8Li0Yf-h8HqtZ6y.js

@@ -0,0 +1,57 @@
+"use strict";
+const React = require("react");
+const index5ZvCaCyY = require("./index-5ZvCaCyY-JgYo3Jws.js");
+function _interopNamespace(e) {
+  if (e && e.__esModule)
+    return e;
+  const n = Object.create(null, { [Symbol.toStringTag]: { value: "Module" } });
+  if (e) {
+    for (const k in e) {
+      if (k !== "default") {
+        const d = Object.getOwnPropertyDescriptor(e, k);
+        Object.defineProperty(n, k, d.get ? d : {
+          enumerable: true,
+          get: () => e[k]
+        });
+      }
+    }
+  }
+  n.default = e;
+  return Object.freeze(n);
+}
+const React__namespace = /* @__PURE__ */ _interopNamespace(React);
+const useSyncRbac = (collectionTypeUID, query, containerName = "listView") => {
+  const [isLoading, setIsLoading] = React__namespace.useState(true);
+  const dispatch = index5ZvCaCyY.useTypedDispatch();
+  const collectionTypesRelatedPermissions = index5ZvCaCyY.useTypedSelector(
+    (state) => state.rbacProvider.collectionTypesRelatedPermissions
+  );
+  const relatedPermissions = collectionTypesRelatedPermissions[collectionTypeUID];
+  React__namespace.useEffect(() => {
+    setIsLoading(true);
+    if (relatedPermissions) {
+      dispatch(
+        index5ZvCaCyY.setPermissions({
+          permissions: relatedPermissions,
+          __meta__: {
+            plugins: query ? query.plugins : void 0,
+            containerName
+          }
+        })
+      );
+    }
+    setIsLoading(false);
+    return () => {
+      dispatch(index5ZvCaCyY.resetPermissions());
+    };
+  }, [relatedPermissions, dispatch, query, containerName]);
+  const permissions = index5ZvCaCyY.useTypedSelector((state) => state["content-manager"].rbac.permissions);
+  const isPermissionMismatch = permissions && permissions.some((permission) => permission.subject !== collectionTypeUID) ? true : false;
+  return {
+    isLoading,
+    isError: !isLoading && isPermissionMismatch,
+    permissions
+  };
+};
+exports.useSyncRbac = useSyncRbac;
+//# sourceMappingURL=useSyncRbac-Kt8Li0Yf-h8HqtZ6y.js.map

package/dist/_chunks/useSyncRbac-Kt8Li0Yf-h8HqtZ6y.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useSyncRbac-Kt8Li0Yf-h8HqtZ6y.js","sources":["../../../../core/admin/dist/_chunks/useSyncRbac-Kt8Li0Yf.mjs"],"sourcesContent":["import * as React from \"react\";\nimport { r as useTypedDispatch, q as useTypedSelector, aG as setPermissions, aH as resetPermissions } from \"./index-5ZvCaCyY.mjs\";\nconst useSyncRbac = (collectionTypeUID, query, containerName = \"listView\") => {\n  const [isLoading, setIsLoading] = React.useState(true);\n  const dispatch = useTypedDispatch();\n  const collectionTypesRelatedPermissions = useTypedSelector(\n    (state) => state.rbacProvider.collectionTypesRelatedPermissions\n  );\n  const relatedPermissions = collectionTypesRelatedPermissions[collectionTypeUID];\n  React.useEffect(() => {\n    setIsLoading(true);\n    if (relatedPermissions) {\n      dispatch(\n        setPermissions({\n          permissions: relatedPermissions,\n          __meta__: {\n            plugins: query ? query.plugins : void 0,\n            containerName\n          }\n        })\n      );\n    }\n    setIsLoading(false);\n    return () => {\n      dispatch(resetPermissions());\n    };\n  }, [relatedPermissions, dispatch, query, containerName]);\n  const permissions = useTypedSelector((state) => state[\"content-manager\"].rbac.permissions);\n  const isPermissionMismatch = permissions && permissions.some((permission) => permission.subject !== collectionTypeUID) ? true : false;\n  return {\n    isLoading,\n    isError: !isLoading && isPermissionMismatch,\n    permissions\n  };\n};\nexport {\n  useSyncRbac as u\n};\n//# sourceMappingURL=useSyncRbac-Kt8Li0Yf.mjs.map\n"],"names":["React","useTypedDispatch","useTypedSelector","setPermissions","resetPermissions"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAEK,MAAC,cAAc,CAAC,mBAAmB,OAAO,gBAAgB,eAAe;AAC5E,QAAM,CAAC,WAAW,YAAY,IAAIA,iBAAM,SAAS,IAAI;AACrD,QAAM,WAAWC,cAAAA;AACjB,QAAM,oCAAoCC,cAAgB;AAAA,IACxD,CAAC,UAAU,MAAM,aAAa;AAAA,EAClC;AACE,QAAM,qBAAqB,kCAAkC,iBAAiB;AAC9EF,mBAAM,UAAU,MAAM;AACpB,iBAAa,IAAI;AACjB,QAAI,oBAAoB;AACtB;AAAA,QACEG,6BAAe;AAAA,UACb,aAAa;AAAA,UACb,UAAU;AAAA,YACR,SAAS,QAAQ,MAAM,UAAU;AAAA,YACjC;AAAA,UACD;AAAA,QACX,CAAS;AAAA,MACT;AAAA,IACK;AACD,iBAAa,KAAK;AAClB,WAAO,MAAM;AACX,eAASC,cAAgB,iBAAA,CAAE;AAAA,IACjC;AAAA,EACG,GAAE,CAAC,oBAAoB,UAAU,OAAO,aAAa,CAAC;AACvD,QAAM,cAAcF,cAAgB,iBAAC,CAAC,UAAU,MAAM,iBAAiB,EAAE,KAAK,WAAW;AACzF,QAAM,uBAAuB,eAAe,YAAY,KAAK,CAAC,eAAe,WAAW,YAAY,iBAAiB,IAAI,OAAO;AAChI,SAAO;AAAA,IACL;AAAA,IACA,SAAS,CAAC,aAAa;AAAA,IACvB;AAAA,EACJ;AACA;;"}

package/dist/admin/index.js

@@ -1,5 +1,5 @@
 "use strict";
-const index = require("../_chunks/index-tUo88Kqt.js");
+const index = require("../_chunks/index-TJUxOCtJ.js");
 require("@strapi/helper-plugin");
 module.exports = index.index;
 //# sourceMappingURL=index.js.map

package/dist/admin/index.mjs

@@ -1,4 +1,4 @@
-import { i } from "../_chunks/index-BWyhWRPa.mjs";
+import { i } from "../_chunks/index-53jX2hhF.mjs";
 import "@strapi/helper-plugin";
 export {
   i as default

package/dist/style.css

@@ -0,0 +1,84 @@
+/*
+
+Orginal Style from ethanschoonover.com/solarized (c) Jeremy Hull <sourdrums@gmail.com>
+
+*/
+
+.hljs {
+  display: block;
+  overflow-x: auto;
+  padding: 0.5em;
+  background: #002b36;
+  color: #839496;
+}
+
+.hljs-comment,
+.hljs-quote {
+  color: #586e75;
+}
+
+/* Solarized Green */
+.hljs-keyword,
+.hljs-selector-tag,
+.hljs-addition {
+  color: #859900;
+}
+
+/* Solarized Cyan */
+.hljs-number,
+.hljs-string,
+.hljs-meta .hljs-meta-string,
+.hljs-literal,
+.hljs-doctag,
+.hljs-regexp {
+  color: #2aa198;
+}
+
+/* Solarized Blue */
+.hljs-title,
+.hljs-section,
+.hljs-name,
+.hljs-selector-id,
+.hljs-selector-class {
+  color: #268bd2;
+}
+
+/* Solarized Yellow */
+.hljs-attribute,
+.hljs-attr,
+.hljs-variable,
+.hljs-template-variable,
+.hljs-class .hljs-title,
+.hljs-type {
+  color: #b58900;
+}
+
+/* Solarized Orange */
+.hljs-symbol,
+.hljs-bullet,
+.hljs-subst,
+.hljs-meta,
+.hljs-meta .hljs-keyword,
+.hljs-selector-attr,
+.hljs-selector-pseudo,
+.hljs-link {
+  color: #cb4b16;
+}
+
+/* Solarized Red */
+.hljs-built_in,
+.hljs-deletion {
+  color: #dc322f;
+}
+
+.hljs-formula {
+  background: #073642;
+}
+
+.hljs-emphasis {
+  font-style: italic;
+}
+
+.hljs-strong {
+  font-weight: bold;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/plugin-users-permissions",
-  "version": "4.20.4",
+  "version": "5.0.0-alpha.0",
   "description": "Protect your API with a full-authentication process based on JWT",
   "repository": {
     "type": "git",
@@ -46,14 +46,14 @@
     "watch": "pack-up watch"
   },
   "dependencies": {
-    "@strapi/design-system": "1.15.0",
-    "@strapi/helper-plugin": "4.20.4",
-    "@strapi/icons": "1.15.0",
-    "@strapi/utils": "4.20.4",
+    "@strapi/design-system": "1.16.0",
+    "@strapi/helper-plugin": "5.0.0-alpha.0",
+    "@strapi/icons": "1.16.0",
+    "@strapi/utils": "5.0.0-alpha.0",
     "bcryptjs": "2.4.3",
-    "formik": "2.4.0",
+    "formik": "2.4.5",
     "grant-koa": "5.4.8",
-    "immer": "9.0.19",
+    "immer": "9.0.21",
     "jsonwebtoken": "9.0.0",
     "jwk-to-pem": "2.0.5",
     "koa": "2.13.4",
@@ -61,29 +61,29 @@
     "lodash": "4.17.21",
     "prop-types": "^15.8.1",
     "purest": "4.0.2",
-    "react-intl": "6.4.1",
+    "react-intl": "6.6.2",
     "react-query": "3.39.3",
-    "react-redux": "8.1.1",
+    "react-redux": "8.1.3",
     "url-join": "4.0.1",
     "yup": "0.32.9"
   },
   "devDependencies": {
-    "@strapi/pack-up": "4.20.4",
-    "@strapi/strapi": "4.20.4",
+    "@strapi/pack-up": "5.0.0-alpha.0",
+    "@strapi/strapi": "5.0.0-alpha.0",
     "@testing-library/dom": "9.2.0",
     "@testing-library/react": "14.0.0",
     "@testing-library/user-event": "14.4.3",
     "msw": "1.3.0",
     "react": "^18.2.0",
     "react-dom": "^18.2.0",
-    "react-router-dom": "5.3.4",
-    "styled-components": "5.3.3"
+    "react-router-dom": "6.22.3",
+    "styled-components": "5.3.11"
   },
   "peerDependencies": {
     "@strapi/strapi": "^4.0.0",
     "react": "^17.0.0 || ^18.0.0",
     "react-dom": "^17.0.0 || ^18.0.0",
-    "react-router-dom": "^5.2.0",
+    "react-router-dom": "^6.0.0",
     "styled-components": "^5.2.1"
   },
   "engines": {
@@ -97,5 +97,5 @@
     "required": true,
     "kind": "plugin"
   },
-  "gitHead": "f37fdb46ce2d5275ef44892d3cea2ce836b745da"
+  "gitHead": "ceeb3f383cbaf51eeaa373750a27a2880a10f727"
 }

package/server/bootstrap/grant-config.js

@@ -128,4 +128,13 @@ module.exports = (baseURL) => ({
     callback: `${baseURL}/patreon/callback`,
     scope: ['identity', 'identity[email]'],
   },
+  keycloak: {
+    enabled: false,
+    icon: '',
+    key: '',
+    secret: '',
+    subdomain: 'myKeycloakProvider.com/realms/myrealm',
+    callback: `${baseURL}/keycloak/callback`,
+    scope: ['openid', 'email', 'profile'],
+  },
 });

package/server/bootstrap/index.js

@@ -10,12 +10,9 @@
 const crypto = require('crypto');
 const _ = require('lodash');
 const urljoin = require('url-join');
-const { isArray } = require('lodash/fp');
 const { getService } = require('../utils');
 const getGrantConfig = require('./grant-config');
-
 const usersPermissionsActions = require('./users-permissions-actions');
-const userSchema = require('../content-types/user');
 
 const initGrant = async (pluginStore) => {
   const apiPrefix = strapi.config.get('api.rest.prefix');
@@ -99,27 +96,6 @@ const initAdvancedOptions = async (pluginStore) => {
   }
 };
 
-const userSchemaAdditions = () => {
-  const defaultSchema = Object.keys(userSchema.attributes);
-  const currentSchema = Object.keys(
-    strapi.contentTypes['plugin::users-permissions.user'].attributes
-  );
-
-  // Some dynamic fields may not have been initialized yet, so we need to ignore them
-  // TODO: we should have a global method for finding these
-  const ignoreDiffs = [
-    'createdBy',
-    'createdAt',
-    'updatedBy',
-    'updatedAt',
-    'publishedAt',
-    'strapi_stage',
-    'strapi_assignee',
-  ];
-
-  return currentSchema.filter((key) => !(ignoreDiffs.includes(key) || defaultSchema.includes(key)));
-};
-
 module.exports = async ({ strapi }) => {
   const pluginStore = strapi.store({ type: 'plugin', name: 'users-permissions' });
 
@@ -133,7 +109,7 @@ module.exports = async ({ strapi }) => {
 
   await getService('users-permissions').initialize();
 
-  if (!strapi.config.get('plugin.users-permissions.jwtSecret')) {
+  if (!strapi.config.get('plugin::users-permissions.jwtSecret')) {
     if (process.env.NODE_ENV !== 'development') {
       throw new Error(
         `Missing jwtSecret. Please, set configuration variable "jwtSecret" for the users-permissions plugin in config/plugins.js (ex: you can generate one using Node with \`crypto.randomBytes(16).toString('base64')\`).
@@ -143,7 +119,7 @@ For security reasons, prefer storing the secret in an environment variable and r
 
     const jwtSecret = crypto.randomBytes(16).toString('base64');
 
-    strapi.config.set('plugin.users-permissions.jwtSecret', jwtSecret);
+    strapi.config.set('plugin::users-permissions.jwtSecret', jwtSecret);
 
     if (!process.env.JWT_SECRET) {
       const envPath = process.env.ENV_PATH || '.env';
@@ -153,17 +129,4 @@ For security reasons, prefer storing the secret in an environment variable and r
       );
     }
   }
-
-  // TODO v5: Remove this block of code and default allowedFields to empty array
-  if (!isArray(strapi.config.get('plugin.users-permissions.register.allowedFields'))) {
-    const modifications = userSchemaAdditions();
-    if (modifications.length > 0) {
-      // if there is a potential vulnerability, show a warning
-      strapi.log.warn(
-        `Users-permissions registration has defaulted to accepting the following additional user fields during registration: ${modifications.join(
-          ','
-        )}`
-      );
-    }
-  }
 };

package/server/content-types/user/index.js

@@ -12,7 +12,6 @@ module.exports = {
     displayName: 'User',
   },
   options: {
-    draftAndPublish: false,
     timestamps: true,
   },
   attributes: {

package/server/controllers/auth.js

@@ -11,9 +11,6 @@ const crypto = require('crypto');
 const _ = require('lodash');
 const { concat, compact, isArray } = require('lodash/fp');
 const utils = require('@strapi/utils');
-const {
-  contentTypes: { getNonWritableAttributes },
-} = require('@strapi/utils');
 const { getService } = require('../utils');
 const {
   validateCallbackBody,
@@ -25,7 +22,7 @@ const {
   validateChangePasswordBody,
 } = require('./validation/auth');
 
-const { getAbsoluteAdminUrl, getAbsoluteServerUrl, sanitize } = utils;
+const { sanitize } = utils;
 const { ApplicationError, ValidationError, ForbiddenError } = utils.errors;
 
 const sanitizeUser = (user, ctx) => {
@@ -55,7 +52,7 @@ module.exports = {
       const { identifier } = params;
 
       // Check if the user exists.
-      const user = await strapi.query('plugin::users-permissions.user').findOne({
+      const user = await strapi.db.query('plugin::users-permissions.user').findOne({
         where: {
           provider,
           $or: [{ email: identifier.toLowerCase() }, { username: identifier }],
@@ -120,10 +117,9 @@ module.exports = {
 
     const { currentPassword, password } = await validateChangePasswordBody(ctx.request.body);
 
-    const user = await strapi.entityService.findOne(
-      'plugin::users-permissions.user',
-      ctx.state.user.id
-    );
+    const user = await strapi.db
+      .query('plugin::users-permissions.user')
+      .findOne({ where: { id: ctx.state.user.id } });
 
     const validPassword = await getService('user').validatePassword(currentPassword, user.password);
 
@@ -152,7 +148,7 @@ module.exports = {
       throw new ValidationError('Passwords do not match');
     }
 
-    const user = await strapi
+    const user = await strapi.db
       .query('plugin::users-permissions.user')
       .findOne({ where: { resetPasswordToken: code } });
 
@@ -219,7 +215,7 @@ module.exports = {
     const advancedSettings = await pluginStore.get({ key: 'advanced' });
 
     // Find the user by email.
-    const user = await strapi
+    const user = await strapi.db
       .query('plugin::users-permissions.user')
       .findOne({ where: { email: email.toLowerCase() } });
 
@@ -237,8 +233,8 @@ module.exports = {
       resetPasswordSettings.message,
       {
         URL: advancedSettings.email_reset_password,
-        SERVER_URL: getAbsoluteServerUrl(strapi.config),
-        ADMIN_URL: getAbsoluteAdminUrl(strapi.config),
+        SERVER_URL: strapi.config.get('server.absoluteUrl'),
+        ADMIN_URL: strapi.config.get('admin.absoluteUrl'),
         USER: userInfo,
         TOKEN: resetPasswordToken,
       }
@@ -281,47 +277,22 @@ module.exports = {
       throw new ApplicationError('Register action is currently disabled');
     }
 
-    const { register } = strapi.config.get('plugin.users-permissions');
+    const { register } = strapi.config.get('plugin::users-permissions');
     const alwaysAllowedKeys = ['username', 'password', 'email'];
-    const userModel = strapi.contentTypes['plugin::users-permissions.user'];
-    const { attributes } = userModel;
-
-    const nonWritable = getNonWritableAttributes(userModel);
 
+    // Note that we intentionally do not filter allowedFields to allow a project to explicitly accept private or other Strapi field on registration
     const allowedKeys = compact(
-      concat(
-        alwaysAllowedKeys,
-        isArray(register?.allowedFields)
-          ? // Note that we do not filter allowedFields in case a user explicitly chooses to allow a private or otherwise omitted field on registration
-            register.allowedFields // if null or undefined, compact will remove it
-          : // to prevent breaking changes, if allowedFields is not set in config, we only remove private and known dangerous user schema fields
-            // TODO V5: allowedFields defaults to [] when undefined and remove this case
-            Object.keys(attributes).filter(
-              (key) =>
-                !nonWritable.includes(key) &&
-                !attributes[key].private &&
-                ![
-                  // many of these are included in nonWritable, but we'll list them again to be safe and since we're removing this code in v5 anyway
-                  // Strapi user schema fields
-                  'confirmed',
-                  'blocked',
-                  'confirmationToken',
-                  'resetPasswordToken',
-                  'provider',
-                  'id',
-                  'role',
-                  // other Strapi fields that might be added
-                  'createdAt',
-                  'updatedAt',
-                  'createdBy',
-                  'updatedBy',
-                  'publishedAt', // d&p
-                  'strapi_reviewWorkflows_stage', // review workflows
-                ].includes(key)
-            )
-      )
+      concat(alwaysAllowedKeys, isArray(register?.allowedFields) ? register.allowedFields : [])
     );
 
+    // Check if there are any keys in requestBody that are not in allowedKeys
+    const invalidKeys = Object.keys(ctx.request.body).filter((key) => !allowedKeys.includes(key));
+
+    if (invalidKeys.length > 0) {
+      // If there are invalid keys, throw an error
+      throw new ValidationError(`Invalid parameters: ${invalidKeys.join(', ')}`);
+    }
+
     const params = {
       ..._.pick(ctx.request.body, allowedKeys),
       provider: 'local',
@@ -329,7 +300,7 @@ module.exports = {
 
     await validateRegisterBody(params);
 
-    const role = await strapi
+    const role = await strapi.db
       .query('plugin::users-permissions.role')
       .findOne({ where: { type: settings.default_role } });
 
@@ -348,7 +319,7 @@ module.exports = {
       ],
     };
 
-    const conflictingUserCount = await strapi.query('plugin::users-permissions.user').count({
+    const conflictingUserCount = await strapi.db.query('plugin::users-permissions.user').count({
       where: { ...identifierFilter, provider },
     });
 
@@ -357,7 +328,7 @@ module.exports = {
     }
 
     if (settings.unique_email) {
-      const conflictingUserCount = await strapi.query('plugin::users-permissions.user').count({
+      const conflictingUserCount = await strapi.db.query('plugin::users-permissions.user').count({
         where: { ...identifierFilter },
       });
 
@@ -427,7 +398,7 @@ module.exports = {
   async sendEmailConfirmation(ctx) {
     const { email } = await validateSendEmailConfirmationBody(ctx.request.body);
 
-    const user = await strapi.query('plugin::users-permissions.user').findOne({
+    const user = await strapi.db.query('plugin::users-permissions.user').findOne({
       where: { email: email.toLowerCase() },
     });