@strapi/plugin-users-permissions 4.7.2-exp.24dd7d95972fa822bf43e9b095b51027402c229e → 4.8.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +6 -6
- package/server/controllers/user.js +10 -10
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@strapi/plugin-users-permissions",
|
|
3
|
-
"version": "4.
|
|
3
|
+
"version": "4.8.1",
|
|
4
4
|
"description": "Protect your API with a full-authentication process based on JWT",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -27,10 +27,10 @@
|
|
|
27
27
|
"test:front:watch:ce": "cross-env IS_EE=false jest --config ./jest.config.front.js --watchAll"
|
|
28
28
|
},
|
|
29
29
|
"dependencies": {
|
|
30
|
-
"@strapi/design-system": "1.6.
|
|
31
|
-
"@strapi/helper-plugin": "4.
|
|
32
|
-
"@strapi/icons": "1.6.
|
|
33
|
-
"@strapi/utils": "4.
|
|
30
|
+
"@strapi/design-system": "1.6.5",
|
|
31
|
+
"@strapi/helper-plugin": "4.8.1",
|
|
32
|
+
"@strapi/icons": "1.6.5",
|
|
33
|
+
"@strapi/utils": "4.8.1",
|
|
34
34
|
"bcryptjs": "2.4.3",
|
|
35
35
|
"formik": "2.2.9",
|
|
36
36
|
"grant-koa": "5.4.8",
|
|
@@ -79,5 +79,5 @@
|
|
|
79
79
|
"required": true,
|
|
80
80
|
"kind": "plugin"
|
|
81
81
|
},
|
|
82
|
-
"gitHead": "
|
|
82
|
+
"gitHead": "b3cb13cb14302ba2ccf2ab6fab774f08efe9f1b7"
|
|
83
83
|
}
|
|
@@ -21,11 +21,11 @@ const sanitizeOutput = async (user, ctx) => {
|
|
|
21
21
|
return sanitize.contentAPI.output(user, schema, { auth });
|
|
22
22
|
};
|
|
23
23
|
|
|
24
|
-
const
|
|
24
|
+
const sanitizeQuery = async (query, ctx) => {
|
|
25
25
|
const schema = strapi.getModel('plugin::users-permissions.user');
|
|
26
26
|
const { auth } = ctx.state;
|
|
27
27
|
|
|
28
|
-
return sanitize.contentAPI.
|
|
28
|
+
return sanitize.contentAPI.query(query, schema, { auth });
|
|
29
29
|
};
|
|
30
30
|
|
|
31
31
|
module.exports = {
|
|
@@ -143,8 +143,8 @@ module.exports = {
|
|
|
143
143
|
* @return {Object|Array}
|
|
144
144
|
*/
|
|
145
145
|
async find(ctx) {
|
|
146
|
-
const
|
|
147
|
-
const users = await getService('user').fetchAll(
|
|
146
|
+
const sanitizedQuery = await sanitizeQuery(ctx.query, ctx);
|
|
147
|
+
const users = await getService('user').fetchAll(sanitizedQuery);
|
|
148
148
|
|
|
149
149
|
ctx.body = await Promise.all(users.map((user) => sanitizeOutput(user, ctx)));
|
|
150
150
|
},
|
|
@@ -155,9 +155,9 @@ module.exports = {
|
|
|
155
155
|
*/
|
|
156
156
|
async findOne(ctx) {
|
|
157
157
|
const { id } = ctx.params;
|
|
158
|
-
const
|
|
158
|
+
const sanitizedQuery = await sanitizeQuery(ctx.query, ctx);
|
|
159
159
|
|
|
160
|
-
let data = await getService('user').fetch(id,
|
|
160
|
+
let data = await getService('user').fetch(id, sanitizedQuery);
|
|
161
161
|
|
|
162
162
|
if (data) {
|
|
163
163
|
data = await sanitizeOutput(data, ctx);
|
|
@@ -171,9 +171,9 @@ module.exports = {
|
|
|
171
171
|
* @return {Number}
|
|
172
172
|
*/
|
|
173
173
|
async count(ctx) {
|
|
174
|
-
const
|
|
174
|
+
const sanitizedQuery = await sanitizeQuery(ctx.query, ctx);
|
|
175
175
|
|
|
176
|
-
ctx.body = await getService('user').count(
|
|
176
|
+
ctx.body = await getService('user').count(sanitizedQuery);
|
|
177
177
|
},
|
|
178
178
|
|
|
179
179
|
/**
|
|
@@ -201,8 +201,8 @@ module.exports = {
|
|
|
201
201
|
return ctx.unauthorized();
|
|
202
202
|
}
|
|
203
203
|
|
|
204
|
-
const
|
|
205
|
-
const user = await getService('user').fetch(authUser.id,
|
|
204
|
+
const sanitizedQuery = await sanitizeQuery(query, ctx);
|
|
205
|
+
const user = await getService('user').fetch(authUser.id, sanitizedQuery);
|
|
206
206
|
|
|
207
207
|
ctx.body = await sanitizeOutput(user, ctx);
|
|
208
208
|
},
|