@strapi/plugin-users-permissions 4.3.4 → 4.3.7

package/admin/src/pages/Providers/index.js

@@ -53,26 +53,26 @@ export const ProvidersPage = () => {
     allowedActions: { canUpdate },
   } = useRBAC(updatePermissions);
 
-  const { isLoading: isLoadingForData, data: modifiedData, isFetching } = useQuery(
-    'get-providers',
-    () => fetchData(toggleNotification),
-    {
-      onSuccess: () => {
-        notifyStatus(
-          formatMessage({
-            id: getTrad('Providers.data.loaded'),
-            defaultMessage: 'Providers have been loaded',
-          })
-        );
-      },
-      initialData: {},
-    }
-  );
+  const {
+    isLoading: isLoadingForData,
+    data: modifiedData,
+    isFetching,
+  } = useQuery('get-providers', () => fetchData(toggleNotification), {
+    onSuccess() {
+      notifyStatus(
+        formatMessage({
+          id: getTrad('Providers.data.loaded'),
+          defaultMessage: 'Providers have been loaded',
+        })
+      );
+    },
+    initialData: {},
+  });
 
   const isLoading = isLoadingForData || isFetching;
 
   const submitMutation = useMutation(putProvider, {
-    onSuccess: async () => {
+    async onSuccess() {
       await queryClient.invalidateQueries('get-providers');
       toggleNotification({
         type: 'info',
@@ -84,7 +84,7 @@ export const ProvidersPage = () => {
       handleToggleModal();
       unlockApp();
     },
-    onError: () => {
+    onError() {
       toggleNotification({
         type: 'warning',
         message: { id: 'notification.error' },
@@ -104,7 +104,7 @@ export const ProvidersPage = () => {
       return false;
     }
 
-    const providerToEdit = providers.find(obj => obj.name === providerToEditName);
+    const providerToEdit = providers.find((obj) => obj.name === providerToEditName);
 
     return has(providerToEdit, 'subdomain');
   }, [providers, providerToEditName]);
@@ -127,17 +127,17 @@ export const ProvidersPage = () => {
   }, [providerToEditName, isProviderWithSubdomain]);
 
   const handleToggleModal = () => {
-    setIsOpen(prev => !prev);
+    setIsOpen((prev) => !prev);
   };
 
-  const handleClickEdit = provider => {
+  const handleClickEdit = (provider) => {
     if (canUpdate) {
       setProviderToEditName(provider.name);
       handleToggleModal();
     }
   };
 
-  const handleSubmit = async values => {
+  const handleSubmit = async (values) => {
     setIsSubmiting(true);
 
     lockApp();
@@ -196,7 +196,7 @@ export const ProvidersPage = () => {
                 </Tr>
               </Thead>
               <Tbody>
-                {providers.map(provider => (
+                {providers.map((provider) => (
                   <Tr
                     key={provider.name}
                     {...onRowClick({

package/admin/src/pages/Providers/reducer.js

@@ -10,7 +10,7 @@ const initialState = {
 
 const reducer = (state, action) =>
   // eslint-disable-next-line consistent-return
-  produce(state, draftState => {
+  produce(state, (draftState) => {
     switch (action.type) {
       case 'GET_DATA': {
         draftState.isLoading = true;

package/admin/src/pages/Providers/utils/api.js

@@ -1,7 +1,7 @@
 import { getRequestURL, axiosInstance } from '../../../utils';
 
 // eslint-disable-next-line import/prefer-default-export
-export const fetchData = async toggleNotification => {
+export const fetchData = async (toggleNotification) => {
   try {
     const { data } = await axiosInstance.get(getRequestURL('providers'));
 
@@ -16,6 +16,6 @@ export const fetchData = async toggleNotification => {
   }
 };
 
-export const putProvider = body => {
+export const putProvider = (body) => {
   return axiosInstance.put(getRequestURL('providers'), body);
 };

package/admin/src/pages/Providers/utils/createProvidersArray.js

@@ -1,6 +1,6 @@
 import { sortBy } from 'lodash';
 
-const createProvidersArray = data => {
+const createProvidersArray = (data) => {
   return sortBy(
     Object.keys(data).reduce((acc, current) => {
       const { icon: iconName, enabled, subdomain } = data[current];

package/admin/src/pages/Roles/CreatePage/index.js

@@ -36,7 +36,7 @@ const EditPage = () => {
   const { trackUsage } = useTracking();
   const permissionsRef = useRef();
 
-  const handleCreateRoleSubmit = async data => {
+  const handleCreateRoleSubmit = async (data) => {
     // Set loading state
     lockApp();
     setIsSubmitting(true);

package/admin/src/pages/Roles/EditPage/index.js

@@ -40,7 +40,7 @@ const EditPage = () => {
   const { role, onSubmitSucceeded, isLoading: isLoadingRole } = useFetchRole(id);
   const permissionsRef = useRef();
 
-  const handleEditRoleSubmit = async data => {
+  const handleEditRoleSubmit = async (data) => {
     // Set loading state
     lockApp();
     setIsSubmitting(true);

package/admin/src/pages/Roles/ListPage/components/TableBody.js

@@ -17,20 +17,21 @@ const TableBody = ({ sortedRoles, canDelete, permissions, setRoleToDelete, onDel
   const { push } = useHistory();
   const [showConfirmDelete, setShowConfirmDelete] = onDelete;
 
-  const checkCanDeleteRole = role => canDelete && !['public', 'authenticated'].includes(role.type);
+  const checkCanDeleteRole = (role) =>
+    canDelete && !['public', 'authenticated'].includes(role.type);
 
-  const handleClickDelete = id => {
+  const handleClickDelete = (id) => {
     setRoleToDelete(id);
     setShowConfirmDelete(!showConfirmDelete);
   };
 
-  const handleClickEdit = id => {
+  const handleClickEdit = (id) => {
     push(`/settings/${pluginId}/roles/${id}`);
   };
 
   return (
     <Tbody>
-      {sortedRoles?.map(role => (
+      {sortedRoles?.map((role) => (
         <Tr key={role.name} {...onRowClick({ fn: () => handleClickEdit(role.id) })}>
           <Td width="20%">
             <Typography>{role.name}</Typography>

package/admin/src/pages/Roles/ListPage/index.js

@@ -97,8 +97,8 @@ const RoleListPage = () => {
     defaultMessage: 'Roles',
   });
 
-  const deleteMutation = useMutation(id => deleteData(id, toggleNotification), {
-    onSuccess: async () => {
+  const deleteMutation = useMutation((id) => deleteData(id, toggleNotification), {
+    async onSuccess() {
       await queryClient.invalidateQueries('get-roles');
     },
   });
@@ -131,7 +131,7 @@ const RoleListPage = () => {
           })}
           primaryAction={
             <CheckPermissions permissions={permissions.createRole}>
-              <Button onClick={handleNewRoleClick} startIcon={<Plus />} size="L">
+              <Button onClick={handleNewRoleClick} startIcon={<Plus />} size="S">
                 {formatMessage({
                   id: getTrad('List.button.roles'),
                   defaultMessage: 'Add new role',

package/admin/src/utils/axiosInstance.js

@@ -6,7 +6,7 @@ const instance = axios.create({
 });
 
 instance.interceptors.request.use(
-  async config => {
+  async (config) => {
     config.headers = {
       Authorization: `Bearer ${auth.getToken()}`,
       Accept: 'application/json',
@@ -15,14 +15,14 @@ instance.interceptors.request.use(
 
     return config;
   },
-  error => {
+  (error) => {
     Promise.reject(error);
   }
 );
 
 instance.interceptors.response.use(
-  response => response,
-  error => {
+  (response) => response,
+  (error) => {
     // whatever you want to do with the error
     if (error.response?.status === 401) {
       auth.clearAppStorage();

package/admin/src/utils/cleanPermissions.js

@@ -1,6 +1,6 @@
 import { isEmpty } from 'lodash';
 
-const cleanPermissions = permissions =>
+const cleanPermissions = (permissions) =>
   Object.keys(permissions).reduce((acc, current) => {
     const currentPermission = permissions[current].controllers;
     const cleanedControllers = Object.keys(currentPermission).reduce((acc2, curr) => {

package/admin/src/utils/formatPolicies.js

@@ -1,4 +1,4 @@
-const formatPolicies = policies =>
+const formatPolicies = (policies) =>
   policies.reduce((acc, current) => {
     acc.push({ label: current, value: current });
 

package/admin/src/utils/getRequestURL.js

@@ -1,5 +1,5 @@
 import pluginId from '../pluginId';
 
-const getRequestURL = endPoint => `/${pluginId}/${endPoint}`;
+const getRequestURL = (endPoint) => `/${pluginId}/${endPoint}`;
 
 export default getRequestURL;

package/admin/src/utils/getTrad.js

@@ -1,5 +1,5 @@
 import pluginId from '../pluginId';
 
-const getTrad = id => `${pluginId}.${id}`;
+const getTrad = (id) => `${pluginId}.${id}`;
 
 export default getTrad;

package/documentation/content-api.yaml

@@ -44,7 +44,7 @@ paths:
                 password:
                   type: string
             example:
-              identier: foobar
+              identifier: foobar
               password: Test1234
         required: true
       responses:
@@ -102,6 +102,13 @@ paths:
       tags:
         - Users-Permissions - Auth
       summary: Default Callback from provider auth
+      parameters:
+        - name: provider
+          in: path
+          required: true
+          description: Provider name
+          schema:
+            type: string
       responses:
         200:
           description: Returns a jwt token and user info
@@ -196,15 +203,16 @@ paths:
           application/json:
             schema:
               type: object
+              required:
+                - password
+                - currentPassword
+                - passwordConfirmation
               properties:
                 password:
-                  required: true
                   type: string
                 currentPassword:
-                  required: true
                   type: string
                 passwordConfirmation:
-                  required: true
                   type: string
       responses:
         200:
@@ -219,7 +227,6 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/Error'
-
   /auth/email-confirmation:
     get:
       tags:
@@ -228,7 +235,8 @@ paths:
       parameters:
         - in: query
           name: confirmation
-          type: string
+          schema:
+            type: string
           description: confirmation token received by email
       responses:
         301:
@@ -319,7 +327,6 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/Error'
-
   /users-permissions/roles:
     get:
       tags:
@@ -364,7 +371,7 @@ paths:
         - Users-Permissions - Users & Roles
       summary: Create a role
       requestBody:
-        $ref: '#/components/schemas/Users-Permissions-RoleRequest'
+        $ref: '#/components/requestBodies/Users-Permissions-RoleRequest'
       responses:
         200:
           description: Returns ok if the role was create
@@ -391,10 +398,13 @@ paths:
       parameters:
         - in: path
           name: id
-          type: string
+          required: true
+          schema:
+            type: string
           description: role Id
       responses:
         200:
+          description: Returns the role
           content:
             application/json:
               schema:
@@ -431,10 +441,12 @@ paths:
       parameters:
         - in: path
           name: role
-          type: string
+          required: true
+          schema:
+            type: string
           description: role Id
       requestBody:
-        $ref: '#/components/schemas/Users-Permissions-RoleRequest'
+        $ref: '#/components/requestBodies/Users-Permissions-RoleRequest'
       responses:
         200:
           description: Returns ok if the role was udpated
@@ -460,7 +472,9 @@ paths:
       parameters:
         - in: path
           name: role
-          type: string
+          required: true
+          schema:
+            type: string
           description: role Id
       responses:
         200:
@@ -487,7 +501,7 @@ paths:
       summary: Get list of users
       responses:
         200:
-          summary: Returns an array of users
+          description: Returns an array of users
           content:
             application/json:
               schema:
@@ -520,17 +534,17 @@ paths:
           application/json:
             schema:
               type: object
+              required:
+                - username
+                - email
+                - password
               properties:
                 email:
                   type: string
-                  required: true
                 username:
                   type: string
-                  required: true
                 password:
                   type: string
-                  required: true
-
             example:
               username: foo
               email: foo@strapi.io
@@ -569,7 +583,6 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/Error'
-
   /users/{id}:
     get:
       tags:
@@ -578,10 +591,13 @@ paths:
       parameters:
         - in: path
           name: id
-          type: string
+          required: true
+          schema:
+            type: string
           description: user Id
       responses:
         200:
+          description: Returns a user
           content:
             application/json:
               schema:
@@ -601,7 +617,6 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/Error'
-
     put:
       tags:
         - Users-Permissions - Users & Roles
@@ -609,7 +624,9 @@ paths:
       parameters:
         - in: path
           name: id
-          type: string
+          required: true
+          schema:
+            type: string
           description: user Id
       requestBody:
         required: true
@@ -617,17 +634,17 @@ paths:
           application/json:
             schema:
               type: object
+              required:
+                - username
+                - email
+                - password
               properties:
                 email:
                   type: string
-                  required: true
                 username:
                   type: string
-                  required: true
                 password:
                   type: string
-                  required: true
-
             example:
               username: foo
               email: foo@strapi.io
@@ -666,13 +683,19 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/Error'
-
     delete:
       tags:
         - Users-Permissions - Users & Roles
       summary: Delete a user
+      parameters:
+        - in: path
+          name: id
+          required: true
+          schema:
+            type: string
+          description: user Id
       responses:
-        200:
+        "200":
           description: Returns deleted user info
           content:
             application/json:
@@ -817,6 +840,10 @@ components:
                   policy:
                     type: string
 
+  parameters:
+  responses:
+  examples:
+  requestBodies:
     Users-Permissions-RoleRequest:
       required: true
       content:
@@ -842,7 +869,3 @@ components:
                     find:
                       enabled: true
 
-  parameters:
-  responses:
-  examples:
-  requestBodies:

package/jest.config.front.js

@@ -1,7 +1,7 @@
 'use strict';
 
 const baseConfig = require('../../../jest.base-config.front');
-const pkg = require('./package');
+const pkg = require('./package.json');
 
 module.exports = {
   ...baseConfig,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/plugin-users-permissions",
-  "version": "4.3.4",
+  "version": "4.3.7",
   "description": "Protect your API with a full-authentication process based on JWT",
   "repository": {
     "type": "git",
@@ -27,26 +27,31 @@
     "test:front:watch:ce": "cross-env IS_EE=false jest --config ./jest.config.front.js --watchAll"
   },
   "dependencies": {
-    "@strapi/helper-plugin": "4.3.4",
-    "@strapi/utils": "4.3.4",
+    "@strapi/helper-plugin": "4.3.7",
+    "@strapi/utils": "4.3.7",
     "bcryptjs": "2.4.3",
     "grant-koa": "5.4.8",
     "jsonwebtoken": "^8.1.0",
+    "koa": "^2.13.4",
     "koa2-ratelimit": "^1.1.1",
     "lodash": "4.17.21",
     "purest": "4.0.2",
     "react": "^17.0.2",
     "react-dom": "^17.0.2",
-    "react-intl": "5.20.2",
+    "react-intl": "5.25.1",
     "react-redux": "7.2.8",
     "react-router": "^5.2.0",
     "react-router-dom": "5.2.0",
-    "redux-saga": "^0.16.0",
     "request": "^2.83.0",
     "url-join": "4.0.1"
   },
   "devDependencies": {
-    "koa": "^2.13.4"
+    "@testing-library/dom": "8.17.1",
+    "@testing-library/react": "12.1.4",
+    "@testing-library/react-hooks": "8.0.1",
+    "@testing-library/user-event": "14.4.2",
+    "msw": "0.42.3",
+    "react-test-renderer": "^17.0.2"
   },
   "engines": {
     "node": ">=14.19.1 <=16.x.x",
@@ -59,5 +64,5 @@
     "required": true,
     "kind": "plugin"
   },
-  "gitHead": "28a2a00db8234ffcf644661c4c8092aa82f8c119"
+  "gitHead": "73f523b98322cea8992c72977b94a73a624d2e79"
 }

package/server/bootstrap/grant-config.js

@@ -1,6 +1,6 @@
 'use strict';
 
-module.exports = baseURL => ({
+module.exports = (baseURL) => ({
   email: {
     enabled: true,
     icon: 'envelope',

package/server/bootstrap/index.js

@@ -15,42 +15,7 @@ const getGrantConfig = require('./grant-config');
 
 const usersPermissionsActions = require('./users-permissions-actions');
 
-module.exports = async ({ strapi }) => {
-  const pluginStore = strapi.store({ type: 'plugin', name: 'users-permissions' });
-
-  await initGrant(pluginStore);
-  await initEmails(pluginStore);
-  await initAdvancedOptions(pluginStore);
-
-  await strapi.admin.services.permission.actionProvider.registerMany(
-    usersPermissionsActions.actions
-  );
-
-  await getService('users-permissions').initialize();
-
-  if (!strapi.config.get('plugin.users-permissions.jwtSecret')) {
-    if (process.env.NODE_ENV !== 'development') {
-      throw new Error(
-        `Missing jwtSecret. Please, set configuration variable "jwtSecret" for the users-permissions plugin in config/plugins.js (ex: you can generate one using Node with \`crypto.randomBytes(16).toString('base64')\`).
-For security reasons, prefer storing the secret in an environment variable and read it in config/plugins.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`
-      );
-    }
-
-    const jwtSecret = crypto.randomBytes(16).toString('base64');
-
-    strapi.config.set('plugin.users-permissions.jwtSecret', jwtSecret);
-
-    if (!process.env.JWT_SECRET) {
-      const envPath = process.env.ENV_PATH || '.env';
-      strapi.fs.appendFile(envPath, `JWT_SECRET=${jwtSecret}\n`);
-      strapi.log.info(
-        `The Users & Permissions plugin automatically generated a jwt secret and stored it in ${envPath} under the name JWT_SECRET.`
-      );
-    }
-  }
-};
-
-const initGrant = async pluginStore => {
+const initGrant = async (pluginStore) => {
   const apiPrefix = strapi.config.get('api.rest.prefix');
   const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');
 
@@ -62,7 +27,7 @@ const initGrant = async pluginStore => {
   // or we have added/deleted provider here.
   if (!prevGrantConfig || !_.isEqual(_.keys(prevGrantConfig), _.keys(grantConfig))) {
     // merge with the previous provider config.
-    _.keys(grantConfig).forEach(key => {
+    _.keys(grantConfig).forEach((key) => {
       if (key in prevGrantConfig) {
         grantConfig[key] = _.merge(grantConfig[key], prevGrantConfig[key]);
       }
@@ -71,7 +36,7 @@ const initGrant = async pluginStore => {
   }
 };
 
-const initEmails = async pluginStore => {
+const initEmails = async (pluginStore) => {
   if (!(await pluginStore.get({ key: 'email' }))) {
     const value = {
       reset_password: {
@@ -117,7 +82,7 @@ const initEmails = async pluginStore => {
   }
 };
 
-const initAdvancedOptions = async pluginStore => {
+const initAdvancedOptions = async (pluginStore) => {
   if (!(await pluginStore.get({ key: 'advanced' }))) {
     const value = {
       unique_email: true,
@@ -131,3 +96,38 @@ const initAdvancedOptions = async pluginStore => {
     await pluginStore.set({ key: 'advanced', value });
   }
 };
+
+module.exports = async ({ strapi }) => {
+  const pluginStore = strapi.store({ type: 'plugin', name: 'users-permissions' });
+
+  await initGrant(pluginStore);
+  await initEmails(pluginStore);
+  await initAdvancedOptions(pluginStore);
+
+  await strapi.admin.services.permission.actionProvider.registerMany(
+    usersPermissionsActions.actions
+  );
+
+  await getService('users-permissions').initialize();
+
+  if (!strapi.config.get('plugin.users-permissions.jwtSecret')) {
+    if (process.env.NODE_ENV !== 'development') {
+      throw new Error(
+        `Missing jwtSecret. Please, set configuration variable "jwtSecret" for the users-permissions plugin in config/plugins.js (ex: you can generate one using Node with \`crypto.randomBytes(16).toString('base64')\`).
+For security reasons, prefer storing the secret in an environment variable and read it in config/plugins.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`
+      );
+    }
+
+    const jwtSecret = crypto.randomBytes(16).toString('base64');
+
+    strapi.config.set('plugin.users-permissions.jwtSecret', jwtSecret);
+
+    if (!process.env.JWT_SECRET) {
+      const envPath = process.env.ENV_PATH || '.env';
+      strapi.fs.appendFile(envPath, `JWT_SECRET=${jwtSecret}\n`);
+      strapi.log.info(
+        `The Users & Permissions plugin automatically generated a jwt secret and stored it in ${envPath} under the name JWT_SECRET.`
+      );
+    }
+  }
+};