@strapi/plugin-users-permissions 4.3.4 → 4.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin/src/components/BoundRoute/getMethodColor.js +1 -1
- package/admin/src/components/BoundRoute/index.js +1 -1
- package/admin/src/components/FormModal/Input/index.js +1 -1
- package/admin/src/components/FormModal/index.js +7 -9
- package/admin/src/components/Permissions/PermissionRow/CheckboxWrapper.js +3 -3
- package/admin/src/components/Permissions/PermissionRow/SubCategory.js +10 -14
- package/admin/src/components/Permissions/PermissionRow/index.js +1 -1
- package/admin/src/components/Permissions/index.js +2 -2
- package/admin/src/components/Permissions/init.js +1 -1
- package/admin/src/components/Permissions/reducer.js +1 -1
- package/admin/src/components/Policies/index.js +1 -1
- package/admin/src/components/UsersPermissions/index.js +5 -5
- package/admin/src/components/UsersPermissions/reducer.js +1 -1
- package/admin/src/hooks/useFetchRole/index.js +3 -3
- package/admin/src/hooks/useFetchRole/reducer.js +1 -1
- package/admin/src/hooks/useForm/index.js +1 -1
- package/admin/src/hooks/useForm/reducer.js +1 -1
- package/admin/src/hooks/usePlugins/index.js +1 -1
- package/admin/src/hooks/usePlugins/reducer.js +1 -1
- package/admin/src/hooks/useRolesList/reducer.js +1 -1
- package/admin/src/index.js +5 -5
- package/admin/src/pages/AdvancedSettings/index.js +11 -10
- package/admin/src/pages/AdvancedSettings/utils/api.js +1 -1
- package/admin/src/pages/AdvancedSettings/utils/schema.js +2 -4
- package/admin/src/pages/EmailTemplates/index.js +8 -8
- package/admin/src/pages/EmailTemplates/utils/api.js +1 -1
- package/admin/src/pages/EmailTemplates/utils/schema.js +1 -4
- package/admin/src/pages/Providers/index.js +22 -22
- package/admin/src/pages/Providers/reducer.js +1 -1
- package/admin/src/pages/Providers/utils/api.js +2 -2
- package/admin/src/pages/Providers/utils/createProvidersArray.js +1 -1
- package/admin/src/pages/Roles/CreatePage/index.js +1 -1
- package/admin/src/pages/Roles/EditPage/index.js +1 -1
- package/admin/src/pages/Roles/ListPage/components/TableBody.js +5 -4
- package/admin/src/pages/Roles/ListPage/index.js +2 -2
- package/admin/src/utils/axiosInstance.js +4 -4
- package/admin/src/utils/cleanPermissions.js +1 -1
- package/admin/src/utils/formatPolicies.js +1 -1
- package/admin/src/utils/getRequestURL.js +1 -1
- package/admin/src/utils/getTrad.js +1 -1
- package/documentation/content-api.yaml +1 -1
- package/jest.config.front.js +1 -1
- package/package.json +12 -7
- package/server/bootstrap/grant-config.js +1 -1
- package/server/bootstrap/index.js +39 -39
- package/server/controllers/auth.js +2 -5
- package/server/controllers/content-manager-user.js +4 -12
- package/server/controllers/settings.js +1 -1
- package/server/controllers/user.js +2 -2
- package/server/controllers/validation/auth.js +3 -12
- package/server/controllers/validation/email-template.js +3 -2
- package/server/controllers/validation/user.js +4 -16
- package/server/graphql/mutations/auth/change-password.js +1 -4
- package/server/graphql/mutations/auth/forgot-password.js +1 -4
- package/server/graphql/mutations/auth/login.js +1 -4
- package/server/graphql/mutations/auth/register.js +1 -4
- package/server/graphql/mutations/auth/reset-password.js +1 -4
- package/server/graphql/mutations/crud/role/create-role.js +1 -4
- package/server/graphql/mutations/crud/role/delete-role.js +1 -4
- package/server/graphql/mutations/crud/role/update-role.js +1 -4
- package/server/graphql/mutations/crud/user/create-user.js +1 -4
- package/server/graphql/mutations/crud/user/delete-user.js +1 -4
- package/server/graphql/mutations/crud/user/update-user.js +1 -4
- package/server/graphql/mutations/index.js +1 -1
- package/server/graphql/types/index.js +1 -1
- package/server/middlewares/rateLimit.js +22 -25
- package/server/register.js +2 -4
- package/server/services/jwt.js +11 -9
- package/server/services/providers-registry.js +33 -42
- package/server/services/providers.js +6 -6
- package/server/services/role.js +7 -7
- package/server/services/user.js +1 -1
- package/server/services/users-permissions.js +12 -12
- package/server/strategies/users-permissions.js +3 -3
- package/server/utils/index.js +1 -1
|
@@ -23,10 +23,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
23
23
|
|
|
24
24
|
koaContext.request.body = toPlainObject(args);
|
|
25
25
|
|
|
26
|
-
await strapi
|
|
27
|
-
.plugin('users-permissions')
|
|
28
|
-
.controller('auth')
|
|
29
|
-
.resetPassword(koaContext);
|
|
26
|
+
await strapi.plugin('users-permissions').controller('auth').resetPassword(koaContext);
|
|
30
27
|
|
|
31
28
|
const output = koaContext.body;
|
|
32
29
|
|
|
@@ -26,10 +26,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
26
26
|
|
|
27
27
|
koaContext.request.body = toPlainObject(args.data);
|
|
28
28
|
|
|
29
|
-
await strapi
|
|
30
|
-
.plugin('users-permissions')
|
|
31
|
-
.controller('role')
|
|
32
|
-
.createRole(koaContext);
|
|
29
|
+
await strapi.plugin('users-permissions').controller('role').createRole(koaContext);
|
|
33
30
|
|
|
34
31
|
return { ok: true };
|
|
35
32
|
},
|
|
@@ -17,10 +17,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
17
17
|
|
|
18
18
|
koaContext.params = { role: args.id };
|
|
19
19
|
|
|
20
|
-
await strapi
|
|
21
|
-
.plugin('users-permissions')
|
|
22
|
-
.controller('role')
|
|
23
|
-
.deleteRole(koaContext);
|
|
20
|
+
await strapi.plugin('users-permissions').controller('role').deleteRole(koaContext);
|
|
24
21
|
|
|
25
22
|
return { ok: true };
|
|
26
23
|
},
|
|
@@ -27,10 +27,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
27
27
|
koaContext.request.body = args.data;
|
|
28
28
|
koaContext.request.body.role = args.id;
|
|
29
29
|
|
|
30
|
-
await strapi
|
|
31
|
-
.plugin('users-permissions')
|
|
32
|
-
.controller('role')
|
|
33
|
-
.updateRole(koaContext);
|
|
30
|
+
await strapi.plugin('users-permissions').controller('role').updateRole(koaContext);
|
|
34
31
|
|
|
35
32
|
return { ok: true };
|
|
36
33
|
},
|
|
@@ -32,10 +32,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
32
32
|
koaContext.params = {};
|
|
33
33
|
koaContext.request.body = toPlainObject(args.data);
|
|
34
34
|
|
|
35
|
-
await strapi
|
|
36
|
-
.plugin('users-permissions')
|
|
37
|
-
.controller('user')
|
|
38
|
-
.create(koaContext);
|
|
35
|
+
await strapi.plugin('users-permissions').controller('user').create(koaContext);
|
|
39
36
|
|
|
40
37
|
checkBadRequest(koaContext.body);
|
|
41
38
|
|
|
@@ -26,10 +26,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
26
26
|
|
|
27
27
|
koaContext.params = { id: args.id };
|
|
28
28
|
|
|
29
|
-
await strapi
|
|
30
|
-
.plugin('users-permissions')
|
|
31
|
-
.controller('user')
|
|
32
|
-
.destroy(koaContext);
|
|
29
|
+
await strapi.plugin('users-permissions').controller('user').destroy(koaContext);
|
|
33
30
|
|
|
34
31
|
checkBadRequest(koaContext.body);
|
|
35
32
|
|
|
@@ -33,10 +33,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
33
33
|
koaContext.params = { id: args.id };
|
|
34
34
|
koaContext.request.body = toPlainObject(args.data);
|
|
35
35
|
|
|
36
|
-
await strapi
|
|
37
|
-
.plugin('users-permissions')
|
|
38
|
-
.controller('user')
|
|
39
|
-
.update(koaContext);
|
|
36
|
+
await strapi.plugin('users-permissions').controller('user').update(koaContext);
|
|
40
37
|
|
|
41
38
|
checkBadRequest(koaContext.body);
|
|
42
39
|
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
const userUID = 'plugin::users-permissions.user';
|
|
4
4
|
const roleUID = 'plugin::users-permissions.role';
|
|
5
5
|
|
|
6
|
-
module.exports = context => {
|
|
6
|
+
module.exports = (context) => {
|
|
7
7
|
const { nexus, strapi } = context;
|
|
8
8
|
|
|
9
9
|
const { naming } = strapi.plugin('graphql').service('utils');
|
|
@@ -1,30 +1,27 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
module.exports =
|
|
4
|
-
|
|
3
|
+
module.exports =
|
|
4
|
+
(config, { strapi }) =>
|
|
5
|
+
async (ctx, next) => {
|
|
6
|
+
const ratelimit = require('koa2-ratelimit').RateLimit;
|
|
5
7
|
|
|
6
|
-
|
|
7
|
-
{
|
|
8
|
-
messages: [
|
|
9
|
-
{
|
|
10
|
-
id: 'Auth.form.error.ratelimit',
|
|
11
|
-
message: 'Too many attempts, please try again in a minute.',
|
|
12
|
-
},
|
|
13
|
-
],
|
|
14
|
-
},
|
|
15
|
-
];
|
|
16
|
-
|
|
17
|
-
return ratelimit.middleware(
|
|
18
|
-
Object.assign(
|
|
19
|
-
{},
|
|
8
|
+
const message = [
|
|
20
9
|
{
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
10
|
+
messages: [
|
|
11
|
+
{
|
|
12
|
+
id: 'Auth.form.error.ratelimit',
|
|
13
|
+
message: 'Too many attempts, please try again in a minute.',
|
|
14
|
+
},
|
|
15
|
+
],
|
|
25
16
|
},
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
17
|
+
];
|
|
18
|
+
|
|
19
|
+
return ratelimit.middleware({
|
|
20
|
+
interval: 1 * 60 * 1000,
|
|
21
|
+
max: 5,
|
|
22
|
+
prefixKey: `${ctx.request.path}:${ctx.request.ip}`,
|
|
23
|
+
message,
|
|
24
|
+
...strapi.config.get('plugin.users-permissions.ratelimit'),
|
|
25
|
+
...config,
|
|
26
|
+
})(ctx, next);
|
|
27
|
+
};
|
package/server/register.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
'use strict';
|
|
2
|
+
|
|
2
3
|
const fs = require('fs');
|
|
3
4
|
const path = require('path');
|
|
4
5
|
|
|
@@ -17,9 +18,6 @@ module.exports = ({ strapi }) => {
|
|
|
17
18
|
const specPath = path.join(__dirname, '../documentation/content-api.yaml');
|
|
18
19
|
const spec = fs.readFileSync(specPath, 'utf8');
|
|
19
20
|
|
|
20
|
-
strapi
|
|
21
|
-
.plugin('documentation')
|
|
22
|
-
.service('documentation')
|
|
23
|
-
.registerDoc(spec);
|
|
21
|
+
strapi.plugin('documentation').service('documentation').registerDoc(spec);
|
|
24
22
|
}
|
|
25
23
|
};
|
package/server/services/jwt.js
CHANGED
|
@@ -38,16 +38,18 @@ module.exports = ({ strapi }) => ({
|
|
|
38
38
|
},
|
|
39
39
|
|
|
40
40
|
verify(token) {
|
|
41
|
-
return new Promise(
|
|
42
|
-
jwt.verify(
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
41
|
+
return new Promise((resolve, reject) => {
|
|
42
|
+
jwt.verify(
|
|
43
|
+
token,
|
|
44
|
+
strapi.config.get('plugin.users-permissions.jwtSecret'),
|
|
45
|
+
{},
|
|
46
|
+
(err, tokenPayload = {}) => {
|
|
47
|
+
if (err) {
|
|
48
|
+
return reject(new Error('Invalid token.'));
|
|
49
|
+
}
|
|
50
|
+
resolve(tokenPayload);
|
|
48
51
|
}
|
|
49
|
-
|
|
50
|
-
});
|
|
52
|
+
);
|
|
51
53
|
});
|
|
52
54
|
},
|
|
53
55
|
});
|
|
@@ -4,15 +4,15 @@ const { strict: assert } = require('assert');
|
|
|
4
4
|
const jwt = require('jsonwebtoken');
|
|
5
5
|
|
|
6
6
|
const getInitialProviders = ({ purest }) => ({
|
|
7
|
-
async discord({
|
|
7
|
+
async discord({ accessToken }) {
|
|
8
8
|
const discord = purest({ provider: 'discord' });
|
|
9
9
|
return discord
|
|
10
10
|
.get('users/@me')
|
|
11
|
-
.auth(
|
|
11
|
+
.auth(accessToken)
|
|
12
12
|
.request()
|
|
13
13
|
.then(({ body }) => {
|
|
14
14
|
// Combine username and discriminator because discord username is not unique
|
|
15
|
-
|
|
15
|
+
const username = `${body.username}#${body.discriminator}`;
|
|
16
16
|
return {
|
|
17
17
|
username,
|
|
18
18
|
email: body.email,
|
|
@@ -33,12 +33,12 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
33
33
|
};
|
|
34
34
|
}
|
|
35
35
|
},
|
|
36
|
-
async facebook({
|
|
36
|
+
async facebook({ accessToken }) {
|
|
37
37
|
const facebook = purest({ provider: 'facebook' });
|
|
38
38
|
|
|
39
39
|
return facebook
|
|
40
40
|
.get('me')
|
|
41
|
-
.auth(
|
|
41
|
+
.auth(accessToken)
|
|
42
42
|
.qs({ fields: 'name,email' })
|
|
43
43
|
.request()
|
|
44
44
|
.then(({ body }) => ({
|
|
@@ -46,20 +46,20 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
46
46
|
email: body.email,
|
|
47
47
|
}));
|
|
48
48
|
},
|
|
49
|
-
async google({
|
|
49
|
+
async google({ accessToken }) {
|
|
50
50
|
const google = purest({ provider: 'google' });
|
|
51
51
|
|
|
52
52
|
return google
|
|
53
53
|
.query('oauth')
|
|
54
54
|
.get('tokeninfo')
|
|
55
|
-
.qs({
|
|
55
|
+
.qs({ accessToken })
|
|
56
56
|
.request()
|
|
57
57
|
.then(({ body }) => ({
|
|
58
58
|
username: body.email.split('@')[0],
|
|
59
59
|
email: body.email,
|
|
60
60
|
}));
|
|
61
61
|
},
|
|
62
|
-
async github({
|
|
62
|
+
async github({ accessToken }) {
|
|
63
63
|
const github = purest({
|
|
64
64
|
provider: 'github',
|
|
65
65
|
defaults: {
|
|
@@ -69,10 +69,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
69
69
|
},
|
|
70
70
|
});
|
|
71
71
|
|
|
72
|
-
const { body: userBody } = await github
|
|
73
|
-
.get('user')
|
|
74
|
-
.auth(access_token)
|
|
75
|
-
.request();
|
|
72
|
+
const { body: userBody } = await github.get('user').auth(accessToken).request();
|
|
76
73
|
|
|
77
74
|
// This is the public email on the github profile
|
|
78
75
|
if (userBody.email) {
|
|
@@ -82,31 +79,28 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
82
79
|
};
|
|
83
80
|
}
|
|
84
81
|
// Get the email with Github's user/emails API
|
|
85
|
-
const { body: emailBody } = await github
|
|
86
|
-
.get('user/emails')
|
|
87
|
-
.auth(access_token)
|
|
88
|
-
.request();
|
|
82
|
+
const { body: emailBody } = await github.get('user/emails').auth(accessToken).request();
|
|
89
83
|
|
|
90
84
|
return {
|
|
91
85
|
username: userBody.login,
|
|
92
86
|
email: Array.isArray(emailBody)
|
|
93
|
-
? emailBody.find(email => email.primary === true).email
|
|
87
|
+
? emailBody.find((email) => email.primary === true).email
|
|
94
88
|
: null,
|
|
95
89
|
};
|
|
96
90
|
},
|
|
97
|
-
async microsoft({
|
|
91
|
+
async microsoft({ accessToken }) {
|
|
98
92
|
const microsoft = purest({ provider: 'microsoft' });
|
|
99
93
|
|
|
100
94
|
return microsoft
|
|
101
95
|
.get('me')
|
|
102
|
-
.auth(
|
|
96
|
+
.auth(accessToken)
|
|
103
97
|
.request()
|
|
104
98
|
.then(({ body }) => ({
|
|
105
99
|
username: body.userPrincipalName,
|
|
106
100
|
email: body.userPrincipalName,
|
|
107
101
|
}));
|
|
108
102
|
},
|
|
109
|
-
async twitter({
|
|
103
|
+
async twitter({ accessToken, query, providers }) {
|
|
110
104
|
const twitter = purest({
|
|
111
105
|
provider: 'twitter',
|
|
112
106
|
defaults: {
|
|
@@ -119,7 +113,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
119
113
|
|
|
120
114
|
return twitter
|
|
121
115
|
.get('account/verify_credentials')
|
|
122
|
-
.auth(
|
|
116
|
+
.auth(accessToken, query.access_secret)
|
|
123
117
|
.qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })
|
|
124
118
|
.request()
|
|
125
119
|
.then(({ body }) => ({
|
|
@@ -127,12 +121,12 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
127
121
|
email: body.email,
|
|
128
122
|
}));
|
|
129
123
|
},
|
|
130
|
-
async instagram({
|
|
124
|
+
async instagram({ accessToken }) {
|
|
131
125
|
const instagram = purest({ provider: 'instagram' });
|
|
132
126
|
|
|
133
127
|
return instagram
|
|
134
128
|
.get('me')
|
|
135
|
-
.auth(
|
|
129
|
+
.auth(accessToken)
|
|
136
130
|
.qs({ fields: 'id,username' })
|
|
137
131
|
.request()
|
|
138
132
|
.then(({ body }) => ({
|
|
@@ -140,12 +134,12 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
140
134
|
email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email
|
|
141
135
|
}));
|
|
142
136
|
},
|
|
143
|
-
async vk({
|
|
137
|
+
async vk({ accessToken, query }) {
|
|
144
138
|
const vk = purest({ provider: 'vk' });
|
|
145
139
|
|
|
146
140
|
return vk
|
|
147
141
|
.get('users.get')
|
|
148
|
-
.auth(
|
|
142
|
+
.auth(accessToken)
|
|
149
143
|
.qs({ id: query.raw.user_id, v: '5.122' })
|
|
150
144
|
.request()
|
|
151
145
|
.then(({ body }) => ({
|
|
@@ -153,7 +147,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
153
147
|
email: query.raw.email,
|
|
154
148
|
}));
|
|
155
149
|
},
|
|
156
|
-
async twitch({
|
|
150
|
+
async twitch({ accessToken, providers }) {
|
|
157
151
|
const twitch = purest({
|
|
158
152
|
provider: 'twitch',
|
|
159
153
|
config: {
|
|
@@ -172,26 +166,23 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
172
166
|
|
|
173
167
|
return twitch
|
|
174
168
|
.get('users')
|
|
175
|
-
.auth(
|
|
169
|
+
.auth(accessToken, providers.twitch.key)
|
|
176
170
|
.request()
|
|
177
171
|
.then(({ body }) => ({
|
|
178
172
|
username: body.data[0].login,
|
|
179
173
|
email: body.data[0].email,
|
|
180
174
|
}));
|
|
181
175
|
},
|
|
182
|
-
async linkedin({
|
|
176
|
+
async linkedin({ accessToken }) {
|
|
183
177
|
const linkedIn = purest({ provider: 'linkedin' });
|
|
184
178
|
const {
|
|
185
179
|
body: { localizedFirstName },
|
|
186
|
-
} = await linkedIn
|
|
187
|
-
.get('me')
|
|
188
|
-
.auth(access_token)
|
|
189
|
-
.request();
|
|
180
|
+
} = await linkedIn.get('me').auth(accessToken).request();
|
|
190
181
|
const {
|
|
191
182
|
body: { elements },
|
|
192
183
|
} = await linkedIn
|
|
193
184
|
.get('emailAddress?q=members&projection=(elements*(handle~))')
|
|
194
|
-
.auth(
|
|
185
|
+
.auth(accessToken)
|
|
195
186
|
.request();
|
|
196
187
|
|
|
197
188
|
const email = elements[0]['handle~'];
|
|
@@ -201,7 +192,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
201
192
|
email: email.emailAddress,
|
|
202
193
|
};
|
|
203
194
|
},
|
|
204
|
-
async reddit({
|
|
195
|
+
async reddit({ accessToken }) {
|
|
205
196
|
const reddit = purest({
|
|
206
197
|
provider: 'reddit',
|
|
207
198
|
config: {
|
|
@@ -221,20 +212,20 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
221
212
|
|
|
222
213
|
return reddit
|
|
223
214
|
.get('me')
|
|
224
|
-
.auth(
|
|
215
|
+
.auth(accessToken)
|
|
225
216
|
.request()
|
|
226
217
|
.then(({ body }) => ({
|
|
227
218
|
username: body.name,
|
|
228
219
|
email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email
|
|
229
220
|
}));
|
|
230
221
|
},
|
|
231
|
-
async auth0({
|
|
222
|
+
async auth0({ accessToken, providers }) {
|
|
232
223
|
const auth0 = purest({ provider: 'auth0' });
|
|
233
224
|
|
|
234
225
|
return auth0
|
|
235
226
|
.get('userinfo')
|
|
236
227
|
.subdomain(providers.auth0.subdomain)
|
|
237
|
-
.auth(
|
|
228
|
+
.auth(accessToken)
|
|
238
229
|
.request()
|
|
239
230
|
.then(({ body }) => {
|
|
240
231
|
const username = body.username || body.nickname || body.name || body.email.split('@')[0];
|
|
@@ -246,13 +237,13 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
246
237
|
};
|
|
247
238
|
});
|
|
248
239
|
},
|
|
249
|
-
async cas({
|
|
240
|
+
async cas({ accessToken, providers }) {
|
|
250
241
|
const cas = purest({ provider: 'cas' });
|
|
251
242
|
|
|
252
243
|
return cas
|
|
253
244
|
.get('oidc/profile')
|
|
254
245
|
.subdomain(providers.cas.subdomain)
|
|
255
|
-
.auth(
|
|
246
|
+
.auth(accessToken)
|
|
256
247
|
.request()
|
|
257
248
|
.then(({ body }) => {
|
|
258
249
|
// CAS attribute may be in body.attributes or "FLAT", depending on CAS config
|
|
@@ -264,7 +255,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
264
255
|
: body.strapiemail || body.email;
|
|
265
256
|
if (!username || !email) {
|
|
266
257
|
strapi.log.warn(
|
|
267
|
-
|
|
258
|
+
`CAS Response Body did not contain required attributes: ${JSON.stringify(body)}`
|
|
268
259
|
);
|
|
269
260
|
}
|
|
270
261
|
return {
|
|
@@ -288,14 +279,14 @@ module.exports = () => {
|
|
|
288
279
|
providersCallbacks[providerName] = provider({ purest });
|
|
289
280
|
},
|
|
290
281
|
|
|
291
|
-
async run({ provider,
|
|
282
|
+
async run({ provider, accessToken, query, providers }) {
|
|
292
283
|
if (!providersCallbacks[provider]) {
|
|
293
284
|
throw new Error('Unknown provider.');
|
|
294
285
|
}
|
|
295
286
|
|
|
296
287
|
const providerCb = providersCallbacks[provider];
|
|
297
288
|
|
|
298
|
-
return providerCb({
|
|
289
|
+
return providerCb({ accessToken, query, providers });
|
|
299
290
|
},
|
|
300
291
|
};
|
|
301
292
|
};
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
|
-
* Module dependencies
|
|
4
|
+
* Module dependencies
|
|
5
5
|
*/
|
|
6
6
|
|
|
7
7
|
// Public node modules.
|
|
@@ -19,7 +19,7 @@ module.exports = ({ strapi }) => {
|
|
|
19
19
|
*/
|
|
20
20
|
|
|
21
21
|
const getProfile = async (provider, query) => {
|
|
22
|
-
const
|
|
22
|
+
const accessToken = query.access_token || query.code || query.oauth_token;
|
|
23
23
|
|
|
24
24
|
const providers = await strapi
|
|
25
25
|
.store({ type: 'plugin', name: 'users-permissions', key: 'grant' })
|
|
@@ -28,7 +28,7 @@ module.exports = ({ strapi }) => {
|
|
|
28
28
|
return getService('providers-registry').run({
|
|
29
29
|
provider,
|
|
30
30
|
query,
|
|
31
|
-
|
|
31
|
+
accessToken,
|
|
32
32
|
providers,
|
|
33
33
|
});
|
|
34
34
|
};
|
|
@@ -38,15 +38,15 @@ module.exports = ({ strapi }) => {
|
|
|
38
38
|
*
|
|
39
39
|
*
|
|
40
40
|
* @param {String} provider
|
|
41
|
-
* @param {String}
|
|
41
|
+
* @param {String} accessToken
|
|
42
42
|
*
|
|
43
43
|
* @return {*}
|
|
44
44
|
*/
|
|
45
45
|
|
|
46
46
|
const connect = async (provider, query) => {
|
|
47
|
-
const
|
|
47
|
+
const accessToken = query.access_token || query.code || query.oauth_token;
|
|
48
48
|
|
|
49
|
-
if (!
|
|
49
|
+
if (!accessToken) {
|
|
50
50
|
throw new Error('No access_token.');
|
|
51
51
|
}
|
|
52
52
|
|
package/server/services/role.js
CHANGED
|
@@ -53,7 +53,7 @@ module.exports = ({ strapi }) => ({
|
|
|
53
53
|
const allActions = getService('users-permissions').getActions();
|
|
54
54
|
|
|
55
55
|
// Group by `type`.
|
|
56
|
-
role.permissions.forEach(permission => {
|
|
56
|
+
role.permissions.forEach((permission) => {
|
|
57
57
|
const [type, controller, action] = permission.action.split('.');
|
|
58
58
|
|
|
59
59
|
_.set(allActions, `${type}.controllers.${controller}.${action}`, {
|
|
@@ -124,11 +124,11 @@ module.exports = ({ strapi }) => ({
|
|
|
124
124
|
}, []);
|
|
125
125
|
|
|
126
126
|
const toCreate = newActions
|
|
127
|
-
.filter(action => !oldActions.includes(action))
|
|
128
|
-
.map(action => ({ action, role: role.id }));
|
|
127
|
+
.filter((action) => !oldActions.includes(action))
|
|
128
|
+
.map((action) => ({ action, role: role.id }));
|
|
129
129
|
|
|
130
130
|
await Promise.all(
|
|
131
|
-
toDelete.map(permission =>
|
|
131
|
+
toDelete.map((permission) =>
|
|
132
132
|
strapi
|
|
133
133
|
.query('plugin::users-permissions.permission')
|
|
134
134
|
.delete({ where: { id: permission.id } })
|
|
@@ -136,7 +136,7 @@ module.exports = ({ strapi }) => ({
|
|
|
136
136
|
);
|
|
137
137
|
|
|
138
138
|
await Promise.all(
|
|
139
|
-
toCreate.map(permissionInfo =>
|
|
139
|
+
toCreate.map((permissionInfo) =>
|
|
140
140
|
strapi.query('plugin::users-permissions.permission').create({ data: permissionInfo })
|
|
141
141
|
)
|
|
142
142
|
);
|
|
@@ -153,7 +153,7 @@ module.exports = ({ strapi }) => ({
|
|
|
153
153
|
|
|
154
154
|
// Move users to guest role.
|
|
155
155
|
await Promise.all(
|
|
156
|
-
role.users.map(user => {
|
|
156
|
+
role.users.map((user) => {
|
|
157
157
|
return strapi.query('plugin::users-permissions.user').update({
|
|
158
158
|
where: { id: user.id },
|
|
159
159
|
data: { role: publicRoleID },
|
|
@@ -164,7 +164,7 @@ module.exports = ({ strapi }) => ({
|
|
|
164
164
|
// Remove permissions related to this role.
|
|
165
165
|
// TODO: use delete many
|
|
166
166
|
await Promise.all(
|
|
167
|
-
role.permissions.map(permission => {
|
|
167
|
+
role.permissions.map((permission) => {
|
|
168
168
|
return strapi.query('plugin::users-permissions.permission').delete({
|
|
169
169
|
where: { id: permission.id },
|
|
170
170
|
});
|
package/server/services/user.js
CHANGED
|
@@ -99,7 +99,7 @@ module.exports = ({ strapi }) => ({
|
|
|
99
99
|
|
|
100
100
|
const settings = await pluginStore
|
|
101
101
|
.get({ key: 'email' })
|
|
102
|
-
.then(storeEmail => storeEmail
|
|
102
|
+
.then((storeEmail) => storeEmail.email_confirmation.options);
|
|
103
103
|
|
|
104
104
|
// Sanitize the template's user information
|
|
105
105
|
const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(userSchema, user);
|
|
@@ -18,7 +18,7 @@ const DEFAULT_PERMISSIONS = [
|
|
|
18
18
|
{ action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },
|
|
19
19
|
];
|
|
20
20
|
|
|
21
|
-
const transformRoutePrefixFor = pluginName => route => {
|
|
21
|
+
const transformRoutePrefixFor = (pluginName) => (route) => {
|
|
22
22
|
const prefix = route.config && route.config.prefix;
|
|
23
23
|
const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;
|
|
24
24
|
|
|
@@ -32,7 +32,7 @@ module.exports = ({ strapi }) => ({
|
|
|
32
32
|
getActions({ defaultEnable = false } = {}) {
|
|
33
33
|
const actionMap = {};
|
|
34
34
|
|
|
35
|
-
const isContentApi = action => {
|
|
35
|
+
const isContentApi = (action) => {
|
|
36
36
|
if (!_.has(action, Symbol.for('__type__'))) {
|
|
37
37
|
return false;
|
|
38
38
|
}
|
|
@@ -101,20 +101,20 @@ module.exports = ({ strapi }) => ({
|
|
|
101
101
|
const routesMap = {};
|
|
102
102
|
|
|
103
103
|
_.forEach(strapi.api, (api, apiName) => {
|
|
104
|
-
const routes = _.flatMap(api.routes, route => {
|
|
104
|
+
const routes = _.flatMap(api.routes, (route) => {
|
|
105
105
|
if (_.has(route, 'routes')) {
|
|
106
106
|
return route.routes;
|
|
107
107
|
}
|
|
108
108
|
|
|
109
109
|
return route;
|
|
110
|
-
}).filter(route => route.info.type === 'content-api');
|
|
110
|
+
}).filter((route) => route.info.type === 'content-api');
|
|
111
111
|
|
|
112
112
|
if (routes.length === 0) {
|
|
113
113
|
return;
|
|
114
114
|
}
|
|
115
115
|
|
|
116
116
|
const apiPrefix = strapi.config.get('api.rest.prefix');
|
|
117
|
-
routesMap[`api::${apiName}`] = routes.map(route => ({
|
|
117
|
+
routesMap[`api::${apiName}`] = routes.map((route) => ({
|
|
118
118
|
...route,
|
|
119
119
|
path: urlJoin(apiPrefix, route.path),
|
|
120
120
|
}));
|
|
@@ -123,20 +123,20 @@ module.exports = ({ strapi }) => ({
|
|
|
123
123
|
_.forEach(strapi.plugins, (plugin, pluginName) => {
|
|
124
124
|
const transformPrefix = transformRoutePrefixFor(pluginName);
|
|
125
125
|
|
|
126
|
-
const routes = _.flatMap(plugin.routes, route => {
|
|
126
|
+
const routes = _.flatMap(plugin.routes, (route) => {
|
|
127
127
|
if (_.has(route, 'routes')) {
|
|
128
128
|
return route.routes.map(transformPrefix);
|
|
129
129
|
}
|
|
130
130
|
|
|
131
131
|
return transformPrefix(route);
|
|
132
|
-
}).filter(route => route.info.type === 'content-api');
|
|
132
|
+
}).filter((route) => route.info.type === 'content-api');
|
|
133
133
|
|
|
134
134
|
if (routes.length === 0) {
|
|
135
135
|
return;
|
|
136
136
|
}
|
|
137
137
|
|
|
138
138
|
const apiPrefix = strapi.config.get('api.rest.prefix');
|
|
139
|
-
routesMap[`plugin::${pluginName}`] = routes.map(route => ({
|
|
139
|
+
routesMap[`plugin::${pluginName}`] = routes.map((route) => ({
|
|
140
140
|
...route,
|
|
141
141
|
path: urlJoin(apiPrefix, route.path),
|
|
142
142
|
}));
|
|
@@ -153,7 +153,7 @@ module.exports = ({ strapi }) => ({
|
|
|
153
153
|
|
|
154
154
|
const appActions = _.flatMap(strapi.api, (api, apiName) => {
|
|
155
155
|
return _.flatMap(api.controllers, (controller, controllerName) => {
|
|
156
|
-
return _.keys(controller).map(actionName => {
|
|
156
|
+
return _.keys(controller).map((actionName) => {
|
|
157
157
|
return `api::${apiName}.${controllerName}.${actionName}`;
|
|
158
158
|
});
|
|
159
159
|
});
|
|
@@ -161,7 +161,7 @@ module.exports = ({ strapi }) => ({
|
|
|
161
161
|
|
|
162
162
|
const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {
|
|
163
163
|
return _.flatMap(plugin.controllers, (controller, controllerName) => {
|
|
164
|
-
return _.keys(controller).map(actionName => {
|
|
164
|
+
return _.keys(controller).map((actionName) => {
|
|
165
165
|
return `plugin::${pluginName}.${controllerName}.${actionName}`;
|
|
166
166
|
});
|
|
167
167
|
});
|
|
@@ -172,7 +172,7 @@ module.exports = ({ strapi }) => ({
|
|
|
172
172
|
const toDelete = _.difference(permissionsFoundInDB, allActions);
|
|
173
173
|
|
|
174
174
|
await Promise.all(
|
|
175
|
-
toDelete.map(action => {
|
|
175
|
+
toDelete.map((action) => {
|
|
176
176
|
return strapi.query('plugin::users-permissions.permission').delete({ where: { action } });
|
|
177
177
|
})
|
|
178
178
|
);
|
|
@@ -186,7 +186,7 @@ module.exports = ({ strapi }) => ({
|
|
|
186
186
|
)(DEFAULT_PERMISSIONS);
|
|
187
187
|
|
|
188
188
|
await Promise.all(
|
|
189
|
-
toCreate.map(action => {
|
|
189
|
+
toCreate.map((action) => {
|
|
190
190
|
return strapi.query('plugin::users-permissions.permission').create({
|
|
191
191
|
data: {
|
|
192
192
|
action,
|