npm - @strapi/plugin-users-permissions - Versions diffs - 5.12.1 → 5.12.2 - Mend

@strapi/plugin-users-permissions 5.12.1 → 5.12.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (634) hide show

package/dist/server/services/role.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"role.mjs","sources":["../../../server/services/role.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { NotFoundError } = require('@strapi/utils').errors;\nconst { getService } = require('../utils');\n\nmodule.exports = ({ strapi }) => ({\n async createRole(params) {\n if (!params.type) {\n params.type = _.snakeCase(_.deburr(_.toLower(params.name)));\n }\n\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .create({ data: _.omit(params, ['users', 'permissions']) });\n\n const createPromises = _.flatMap(params.permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n const actionID = `${typeName}.${controllerName}.${actionName}`;\n\n acc.push(\n strapi.db\n .query('plugin::users-permissions.permission')\n .create({ data: { action: actionID, role: role.id } })\n );\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n await Promise.all(createPromises);\n },\n\n async findOne(roleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n const allActions = getService('users-permissions').getActions();\n\n // Group by `type`.\n role.permissions.forEach((permission) => {\n const [type, controller, action] = permission.action.split('.');\n\n _.set(allActions, `${type}.controllers.${controller}.${action}`, {\n enabled: true,\n policy: '',\n });\n });\n\n return {\n ...role,\n permissions: allActions,\n };\n },\n\n async find() {\n const roles = await strapi.db\n .query('plugin::users-permissions.role')\n .findMany({ sort: ['name'] });\n\n for (const role of roles) {\n role.nb_users = await strapi.db\n .query('plugin::users-permissions.user')\n .count({ where: { role: { id: role.id } } });\n }\n\n return roles;\n },\n\n async updateRole(roleID, data) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n await strapi.db.query('plugin::users-permissions.role').update({\n where: { id: roleID },\n data: _.pick(data, ['name', 'description']),\n });\n\n const { permissions } = data;\n\n const newActions = _.flatMap(permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n acc.push(`${typeName}.${controllerName}.${actionName}`);\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n const oldActions = role.permissions.map(({ action }) => action);\n\n const toDelete = role.permissions.reduce((acc, permission) => {\n if (!newActions.includes(permission.action)) {\n acc.push(permission);\n }\n return acc;\n }, []);\n\n const toCreate = newActions\n .filter((action) => !oldActions.includes(action))\n .map((action) => ({ action, role: role.id }));\n\n await Promise.all(\n toDelete.map((permission) =>\n strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { id: permission.id } })\n )\n );\n\n await Promise.all(\n toCreate.map((permissionInfo) =>\n strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })\n )\n );\n },\n\n async deleteRole(roleID, publicRoleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n // Move users to guest role.\n await Promise.all(\n role.users.map((user) => {\n return strapi.db.query('plugin::users-permissions.user').update({\n where: { id: user.id },\n data: { role: publicRoleID },\n });\n })\n );\n\n // Remove permissions related to this role.\n // TODO: use delete many\n await Promise.all(\n role.permissions.map((permission) => {\n return strapi.db.query('plugin::users-permissions.permission').delete({\n where: { id: permission.id },\n });\n })\n );\n\n // Delete the role.\n await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });\n },\n});\n"],"names":["_","require$$0","NotFoundError","require$$1","errors","getService","require$$2","role","strapi","createRole","params","type","snakeCase","deburr","toLower","name","db","query","create","data","omit","createPromises","flatMap","permissions","typeName","controllers","controller","controllerName","reduce","acc","action","actionName","enabled","actionID","push","id","Promise","all","findOne","roleID","where","populate","allActions","getActions","forEach","permission","split","set","policy","find","roles","findMany","sort","nb_users","count","updateRole","update","pick","newActions","oldActions","map","toDelete","includes","toCreate","filter","delete","permissionInfo","deleteRole","publicRoleID","users","user"],"mappings":";;;;;;;;;AAEA,IAAA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGC,WAAyBC,MAAM;IACzD,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChC,YAAA,MAAMC,YAAWC,MAAM,EAAA;gBACrB,IAAI,CAACA,MAAOC,CAAAA,IAAI,EAAE;AAChBD,oBAAAA,MAAAA,CAAOC,IAAI,GAAGX,CAAEY,CAAAA,SAAS,CAACZ,CAAAA,CAAEa,MAAM,CAACb,CAAEc,CAAAA,OAAO,CAACJ,MAAAA,CAAOK,IAAI,CAAA,CAAA,CAAA;AACzD;gBAED,MAAMR,IAAAA,GAAO,MAAMC,MAAOQ,CAAAA,EAAE,CACzBC,KAAK,CAAC,gCACNC,CAAAA,CAAAA,MAAM,CAAC;oBAAEC,IAAMnB,EAAAA,CAAAA,CAAEoB,IAAI,CAACV,MAAQ,EAAA;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc,qBAAA;AAAC,iBAAA,CAAA;gBAE1D,MAAMW,cAAAA,GAAiBrB,EAAEsB,OAAO,CAACZ,OAAOa,WAAW,EAAE,CAACZ,IAAMa,EAAAA,QAAAA,GAAAA;AAC1D,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAYC,EAAAA,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UACA,EAAA,CAACG,KAAKC,MAAQC,EAAAA,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAS,EAAA;gCACX,MAAMC,QAAAA,GAAW,CAAC,EAAET,QAAS,CAAA,CAAC,EAAEG,cAAe,CAAA,CAAC,EAAEI,UAAAA,CAAW,CAAC;gCAE9DF,GAAIK,CAAAA,IAAI,CACN1B,MAAOQ,CAAAA,EAAE,CACNC,KAAK,CAAC,sCACNC,CAAAA,CAAAA,MAAM,CAAC;oCAAEC,IAAM,EAAA;wCAAEW,MAAQG,EAAAA,QAAAA;AAAU1B,wCAAAA,IAAAA,EAAMA,KAAK4B;AAAE;;AAEtD;4BAED,OAAON,GAAAA;AACR,yBAAA,EACD,EAAE,CAAA;AAEZ,qBAAA,CAAA;AACA,iBAAA,CAAA;gBAEI,MAAMO,OAAAA,CAAQC,GAAG,CAAChB,cAAAA,CAAAA;AACnB,aAAA;AAED,YAAA,MAAMiB,SAAQC,MAAM,EAAA;gBAClB,MAAMhC,IAAAA,GAAO,MAAMC,MAAOQ,CAAAA,EAAE,CACzBC,KAAK,CAAC,gCACNqB,CAAAA,CAAAA,OAAO,CAAC;oBAAEE,KAAO,EAAA;wBAAEL,EAAII,EAAAA;AAAQ,qBAAA;oBAAEE,QAAU,EAAA;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAM,EAAA;AACT,oBAAA,MAAM,IAAIL,aAAc,CAAA,gBAAA,CAAA;AACzB;gBAED,MAAMwC,UAAAA,GAAarC,UAAW,CAAA,mBAAA,CAAA,CAAqBsC,UAAU,EAAA;;AAG7DpC,gBAAAA,IAAAA,CAAKgB,WAAW,CAACqB,OAAO,CAAC,CAACC,UAAAA,GAAAA;oBACxB,MAAM,CAAClC,MAAMe,UAAYI,EAAAA,MAAAA,CAAO,GAAGe,UAAWf,CAAAA,MAAM,CAACgB,KAAK,CAAC,GAAA,CAAA;AAE3D9C,oBAAAA,CAAAA,CAAE+C,GAAG,CAACL,UAAY,EAAA,CAAC,EAAE/B,IAAAA,CAAK,aAAa,EAAEe,UAAW,CAAA,CAAC,EAAEI,MAAAA,CAAO,CAAC,EAAE;wBAC/DE,OAAS,EAAA,IAAA;wBACTgB,MAAQ,EAAA;AAChB,qBAAA,CAAA;AACA,iBAAA,CAAA;gBAEI,OAAO;AACL,oBAAA,GAAGzC,IAAI;oBACPgB,WAAamB,EAAAA;AACnB,iBAAA;AACG,aAAA;YAED,MAAMO,IAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAM1C,MAAOQ,CAAAA,EAAE,CAC1BC,KAAK,CAAC,gCACNkC,CAAAA,CAAAA,QAAQ,CAAC;oBAAEC,IAAM,EAAA;AAAC,wBAAA;AAAO;AAAE,iBAAA,CAAA;gBAE9B,KAAK,MAAM7C,QAAQ2C,KAAO,CAAA;oBACxB3C,IAAK8C,CAAAA,QAAQ,GAAG,MAAM7C,MAAOQ,CAAAA,EAAE,CAC5BC,KAAK,CAAC,gCACNqC,CAAAA,CAAAA,KAAK,CAAC;wBAAEd,KAAO,EAAA;4BAAEjC,IAAM,EAAA;AAAE4B,gCAAAA,EAAAA,EAAI5B,KAAK4B;;AAAM;AAAA,qBAAA,CAAA;AAC5C;gBAED,OAAOe,KAAAA;AACR,aAAA;YAED,MAAMK,UAAAA,CAAAA,CAAWhB,MAAM,EAAEpB,IAAI,EAAA;gBAC3B,MAAMZ,IAAAA,GAAO,MAAMC,MAAOQ,CAAAA,EAAE,CACzBC,KAAK,CAAC,gCACNqB,CAAAA,CAAAA,OAAO,CAAC;oBAAEE,KAAO,EAAA;wBAAEL,EAAII,EAAAA;AAAQ,qBAAA;oBAAEE,QAAU,EAAA;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAM,EAAA;AACT,oBAAA,MAAM,IAAIL,aAAc,CAAA,gBAAA,CAAA;AACzB;AAED,gBAAA,MAAMM,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;oBAC7DhB,KAAO,EAAA;wBAAEL,EAAII,EAAAA;AAAQ,qBAAA;oBACrBpB,IAAMnB,EAAAA,CAAAA,CAAEyD,IAAI,CAACtC,IAAM,EAAA;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAc,qBAAA;AAChD,iBAAA,CAAA;gBAEI,MAAM,EAAEI,WAAW,EAAE,GAAGJ,IAAAA;AAExB,gBAAA,MAAMuC,aAAa1D,CAAEsB,CAAAA,OAAO,CAACC,WAAAA,EAAa,CAACZ,IAAMa,EAAAA,QAAAA,GAAAA;AAC/C,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAYC,EAAAA,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UACA,EAAA,CAACG,KAAKC,MAAQC,EAAAA,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAS,EAAA;gCACXH,GAAIK,CAAAA,IAAI,CAAC,CAAC,EAAEV,QAAAA,CAAS,CAAC,EAAEG,cAAe,CAAA,CAAC,EAAEI,UAAAA,CAAW,CAAC,CAAA;AACvD;4BAED,OAAOF,GAAAA;AACR,yBAAA,EACD,EAAE,CAAA;AAEZ,qBAAA,CAAA;AACA,iBAAA,CAAA;gBAEI,MAAM8B,UAAAA,GAAapD,IAAKgB,CAAAA,WAAW,CAACqC,GAAG,CAAC,CAAC,EAAE9B,MAAM,EAAE,GAAKA,MAAAA,CAAAA;AAExD,gBAAA,MAAM+B,WAAWtD,IAAKgB,CAAAA,WAAW,CAACK,MAAM,CAAC,CAACC,GAAKgB,EAAAA,UAAAA,GAAAA;AAC7C,oBAAA,IAAI,CAACa,UAAWI,CAAAA,QAAQ,CAACjB,UAAAA,CAAWf,MAAM,CAAG,EAAA;AAC3CD,wBAAAA,GAAAA,CAAIK,IAAI,CAACW,UAAAA,CAAAA;AACV;oBACD,OAAOhB,GAAAA;AACR,iBAAA,EAAE,EAAE,CAAA;AAEL,gBAAA,MAAMkC,QAAWL,GAAAA,UAAAA,CACdM,MAAM,CAAC,CAAClC,MAAW,GAAA,CAAC6B,UAAWG,CAAAA,QAAQ,CAAChC,MACxC8B,CAAAA,CAAAA,CAAAA,GAAG,CAAC,CAAC9B,UAAY;AAAEA,wBAAAA,MAAAA;AAAQvB,wBAAAA,IAAAA,EAAMA,KAAK4B;qBAAI,CAAA,CAAA;AAE7C,gBAAA,MAAMC,OAAQC,CAAAA,GAAG,CACfwB,QAAAA,CAASD,GAAG,CAAC,CAACf,UACZrC,GAAAA,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNgD,MAAM,CAAC;wBAAEzB,KAAO,EAAA;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;;AAI1C,gBAAA,MAAMC,OAAQC,CAAAA,GAAG,CACf0B,QAAAA,CAASH,GAAG,CAAC,CAACM,cACZ1D,GAAAA,MAAAA,CAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCC,MAAM,CAAC;wBAAEC,IAAM+C,EAAAA;;AAG5E,aAAA;YAED,MAAMC,UAAAA,CAAAA,CAAW5B,MAAM,EAAE6B,YAAY,EAAA;gBACnC,MAAM7D,IAAAA,GAAO,MAAMC,MAAOQ,CAAAA,EAAE,CACzBC,KAAK,CAAC,gCACNqB,CAAAA,CAAAA,OAAO,CAAC;oBAAEE,KAAO,EAAA;wBAAEL,EAAII,EAAAA;AAAM,qBAAA;oBAAIE,QAAU,EAAA;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAEtE,gBAAA,IAAI,CAAClC,IAAM,EAAA;AACT,oBAAA,MAAM,IAAIL,aAAc,CAAA,gBAAA,CAAA;AACzB;;gBAGD,MAAMkC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAK8D,KAAK,CAACT,GAAG,CAAC,CAACU,IAAAA,GAAAA;AACd,oBAAA,OAAO9D,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;wBAC9DhB,KAAO,EAAA;AAAEL,4BAAAA,EAAAA,EAAImC,KAAKnC;AAAI,yBAAA;wBACtBhB,IAAM,EAAA;4BAAEZ,IAAM6D,EAAAA;AAAc;AACtC,qBAAA,CAAA;AACA,iBAAA,CAAA,CAAA;;;gBAKI,MAAMhC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAACf,UAAAA,GAAAA;AACpB,oBAAA,OAAOrC,OAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCgD,MAAM,CAAC;wBACpEzB,KAAO,EAAA;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAI;AACtC,qBAAA,CAAA;AACA,iBAAA,CAAA,CAAA;;AAII,gBAAA,MAAM3B,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCgD,MAAM,CAAC;oBAAEzB,KAAO,EAAA;wBAAEL,EAAII,EAAAA;AAAM;AAAI,iBAAA,CAAA;AACzF;SACH,CAAA;;;;;;"}

package/dist/server/services/user.js ADDED Viewed

@@ -0,0 +1,179 @@
+'use strict';
+var require$$0 = require('crypto');
+var require$$1 = require('bcryptjs');
+var require$$2 = require('url-join');
+var require$$1$1 = require('@strapi/utils');
+var require$$0$1 = require('lodash/fp');
+var index = require('../utils/index.js');
+var user;
+var hasRequiredUser;
+function requireUser() {
+    if (hasRequiredUser) return user;
+    hasRequiredUser = 1;
+    /**
+	 * User.js service
+	 *
+	 * @description: A set of functions similar to controller's actions to avoid code duplication.
+	 */ const crypto = require$$0;
+    const bcrypt = require$$1;
+    const urlJoin = require$$2;
+    const { sanitize } = require$$1$1;
+    const { toNumber, getOr } = require$$0$1;
+    const { getService } = index.__require();
+    const USER_MODEL_UID = 'plugin::users-permissions.user';
+    user = ({ strapi })=>({
+            /**
+	   * Promise to count users
+	   *
+	   * @return {Promise}
+	   */ count (params) {
+                return strapi.db.query(USER_MODEL_UID).count({
+                    where: params
+                });
+            },
+            /**
+	   * Hashes password fields in the provided values object if they are present.
+	   * It checks each key in the values object against the model's attributes and
+	   * hashes it if the attribute type is 'password',
+	   *
+	   * @param {object} values - The object containing the fields to be hashed.
+	   * @return {object} The values object with hashed password fields if they were present.
+	   */ async ensureHashedPasswords (values) {
+                const attributes = strapi.getModel(USER_MODEL_UID).attributes;
+                for(const key in values){
+                    if (attributes[key] && attributes[key].type === 'password') {
+                        // Check if a custom encryption.rounds has been set on the password attribute
+                        const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));
+                        values[key] = await bcrypt.hash(values[key], rounds);
+                    }
+                }
+                return values;
+            },
+            /**
+	   * Promise to add a/an user.
+	   * @return {Promise}
+	   */ async add (values) {
+                return strapi.db.query(USER_MODEL_UID).create({
+                    data: await this.ensureHashedPasswords(values),
+                    populate: [
+                        'role'
+                    ]
+                });
+            },
+            /**
+	   * Promise to edit a/an user.
+	   * @param {string} userId
+	   * @param {object} params
+	   * @return {Promise}
+	   */ async edit (userId, params = {}) {
+                return strapi.db.query(USER_MODEL_UID).update({
+                    where: {
+                        id: userId
+                    },
+                    data: await this.ensureHashedPasswords(params),
+                    populate: [
+                        'role'
+                    ]
+                });
+            },
+            /**
+	   * Promise to fetch a/an user.
+	   * @return {Promise}
+	   */ fetch (id, params) {
+                const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});
+                return strapi.db.query(USER_MODEL_UID).findOne({
+                    ...query,
+                    where: {
+                        $and: [
+                            {
+                                id
+                            },
+                            query.where || {}
+                        ]
+                    }
+                });
+            },
+            /**
+	   * Promise to fetch authenticated user.
+	   * @return {Promise}
+	   */ fetchAuthenticatedUser (id) {
+                return strapi.db.query(USER_MODEL_UID).findOne({
+                    where: {
+                        id
+                    },
+                    populate: [
+                        'role'
+                    ]
+                });
+            },
+            /**
+	   * Promise to fetch all users.
+	   * @return {Promise}
+	   */ fetchAll (params) {
+                const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});
+                return strapi.db.query(USER_MODEL_UID).findMany(query);
+            },
+            /**
+	   * Promise to remove a/an user.
+	   * @return {Promise}
+	   */ async remove (params) {
+                return strapi.db.query(USER_MODEL_UID).delete({
+                    where: params
+                });
+            },
+            validatePassword (password, hash) {
+                return bcrypt.compare(password, hash);
+            },
+            async sendConfirmationEmail (user) {
+                const userPermissionService = getService('users-permissions');
+                const pluginStore = await strapi.store({
+                    type: 'plugin',
+                    name: 'users-permissions'
+                });
+                const userSchema = strapi.getModel(USER_MODEL_UID);
+                const settings = await pluginStore.get({
+                    key: 'email'
+                }).then((storeEmail)=>storeEmail.email_confirmation.options);
+                // Sanitize the template's user information
+                const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput({
+                    schema: userSchema,
+                    getModel: strapi.getModel.bind(strapi)
+                }, user);
+                const confirmationToken = crypto.randomBytes(20).toString('hex');
+                await this.edit(user.id, {
+                    confirmationToken
+                });
+                const apiPrefix = strapi.config.get('api.rest.prefix');
+                try {
+                    settings.message = await userPermissionService.template(settings.message, {
+                        URL: urlJoin(strapi.config.get('server.absoluteUrl'), apiPrefix, '/auth/email-confirmation'),
+                        SERVER_URL: strapi.config.get('server.absoluteUrl'),
+                        ADMIN_URL: strapi.config.get('admin.absoluteUrl'),
+                        USER: sanitizedUserInfo,
+                        CODE: confirmationToken
+                    });
+                    settings.object = await userPermissionService.template(settings.object, {
+                        USER: sanitizedUserInfo
+                    });
+                } catch  {
+                    strapi.log.error('[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for "user confirmation email". Please make sure your email template is valid and does not contain invalid characters or patterns');
+                    return;
+                }
+                // Send an email to the user.
+                await strapi.plugin('email').service('email').send({
+                    to: user.email,
+                    from: settings.from.email && settings.from.name ? `${settings.from.name} <${settings.from.email}>` : undefined,
+                    replyTo: settings.response_email,
+                    subject: settings.object,
+                    text: settings.message,
+                    html: settings.message
+                });
+            }
+        });
+    return user;
+}
+exports.__require = requireUser;
+//# sourceMappingURL=user.js.map

package/dist/server/services/user.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user.js","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nmodule.exports = ({ strapi }) => ({\n /**\n * Promise to count users\n *\n * @return {Promise}\n */\n\n count(params) {\n return strapi.db.query(USER_MODEL_UID).count({ where: params });\n },\n\n /**\n * Hashes password fields in the provided values object if they are present.\n * It checks each key in the values object against the model's attributes and\n * hashes it if the attribute type is 'password',\n *\n * @param {object} values - The object containing the fields to be hashed.\n * @return {object} The values object with hashed password fields if they were present.\n */\n async ensureHashedPasswords(values) {\n const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n for (const key in values) {\n if (attributes[key] && attributes[key].type === 'password') {\n // Check if a custom encryption.rounds has been set on the password attribute\n const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n values[key] = await bcrypt.hash(values[key], rounds);\n }\n }\n\n return values;\n },\n\n /**\n * Promise to add a/an user.\n * @return {Promise}\n */\n async add(values) {\n return strapi.db.query(USER_MODEL_UID).create({\n data: await this.ensureHashedPasswords(values),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to edit a/an user.\n * @param {string} userId\n * @param {object} params\n * @return {Promise}\n */\n async edit(userId, params = {}) {\n return strapi.db.query(USER_MODEL_UID).update({\n where: { id: userId },\n data: await this.ensureHashedPasswords(params),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to fetch a/an user.\n * @return {Promise}\n */\n fetch(id, params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findOne({\n ...query,\n where: {\n $and: [{ id }, query.where || {}],\n },\n });\n },\n\n /**\n * Promise to fetch authenticated user.\n * @return {Promise}\n */\n fetchAuthenticatedUser(id) {\n return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n },\n\n /**\n * Promise to fetch all users.\n * @return {Promise}\n */\n fetchAll(params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findMany(query);\n },\n\n /**\n * Promise to remove a/an user.\n * @return {Promise}\n */\n async remove(params) {\n return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n },\n\n validatePassword(password, hash) {\n return bcrypt.compare(password, hash);\n },\n\n async sendConfirmationEmail(user) {\n const userPermissionService = getService('users-permissions');\n const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n const userSchema = strapi.getModel(USER_MODEL_UID);\n\n const settings = await pluginStore\n .get({ key: 'email' })\n .then((storeEmail) => storeEmail.email_confirmation.options);\n\n // Sanitize the template's user information\n const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n {\n schema: userSchema,\n getModel: strapi.getModel.bind(strapi),\n },\n user\n );\n\n const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n await this.edit(user.id, { confirmationToken });\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n\n try {\n settings.message = await userPermissionService.template(settings.message, {\n URL: urlJoin(\n strapi.config.get('server.absoluteUrl'),\n apiPrefix,\n '/auth/email-confirmation'\n ),\n SERVER_URL: strapi.config.get('server.absoluteUrl'),\n ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n USER: sanitizedUserInfo,\n CODE: confirmationToken,\n });\n\n settings.object = await userPermissionService.template(settings.object, {\n USER: sanitizedUserInfo,\n });\n } catch {\n strapi.log.error(\n '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n );\n return;\n }\n\n // Send an email to the user.\n await strapi\n .plugin('email')\n .service('email')\n .send({\n to: user.email,\n from:\n settings.from.email && settings.from.name\n ? `${settings.from.name} <${settings.from.email}>`\n : undefined,\n replyTo: settings.response_email,\n subject: settings.object,\n text: settings.message,\n html: settings.message,\n });\n },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","user","strapi","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","create","data","populate","edit","userId","update","id","fetch","get","transform","findOne","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAASC,GAAAA,UAAAA;AACf,IAAA,MAAMC,MAASC,GAAAA,UAAAA;AACf,IAAA,MAAMC,OAAUC,GAAAA,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,YAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,YAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAiB,GAAA,gCAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEC,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgBG,KAAK,CAAC;oBAAEI,KAAOH,EAAAA;AAAM,iBAAA,CAAA;AAC7D,aAAA;AAEH;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAaR,GAAAA,MAAAA,CAAOS,QAAQ,CAACX,gBAAgBU,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAQ,CAAA;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAI,CAAA,CAACC,IAAI,KAAK,UAAY,EAAA;;AAE1D,wBAAA,MAAMC,SAASnB,QAASC,CAAAA,KAAAA,CAAM,IAAI,mBAAqBc,EAAAA,UAAU,CAACE,GAAI,CAAA,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAI,CAAA,GAAG,MAAMvB,MAAAA,CAAO0B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AAC9C;AACF;gBAED,OAAOL,MAAAA;AACR,aAAA;AAEH;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;AACd,gBAAA,OAAOP,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgBiB,MAAM,CAAC;AAC5CC,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACC,MAAAA,CAAAA;oBACvCU,QAAU,EAAA;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACG,aAAA;AAEH;;;;;AAKA,OACE,MAAMC,IAAKC,CAAAA,CAAAA,MAAM,EAAEjB,MAAAA,GAAS,EAAE,EAAA;AAC5B,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgBsB,MAAM,CAAC;oBAC5Cf,KAAO,EAAA;wBAAEgB,EAAIF,EAAAA;AAAQ,qBAAA;AACrBH,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACJ,MAAAA,CAAAA;oBACvCe,QAAU,EAAA;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACG,aAAA;AAEH;;;OAIEK,KAAAA,CAAAA,CAAMD,EAAE,EAAEnB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQJ,OAAOuB,GAAG,CAAC,gBAAgBC,SAAS,CAAC1B,cAAgBI,EAAAA,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgB2B,OAAO,CAAC;AAC7C,oBAAA,GAAGrB,KAAK;oBACRC,KAAO,EAAA;wBACLqB,IAAM,EAAA;AAAC,4BAAA;AAAEL,gCAAAA;AAAE,6BAAA;4BAAIjB,KAAMC,CAAAA,KAAK,IAAI;AAAG;AAClC;AACP,iBAAA,CAAA;AACG,aAAA;AAEH;;;AAGA,OACEsB,wBAAuBN,EAAE,EAAA;AACvB,gBAAA,OAAOrB,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgB2B,OAAO,CAAC;oBAAEpB,KAAO,EAAA;AAAEgB,wBAAAA;AAAE,qBAAA;oBAAIJ,QAAU,EAAA;AAAC,wBAAA;AAAO;AAAE,iBAAA,CAAA;AACrF,aAAA;AAEH;;;AAGA,OACEW,UAAS1B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQJ,OAAOuB,GAAG,CAAC,gBAAgBC,SAAS,CAAC1B,cAAgBI,EAAAA,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgB+B,QAAQ,CAACzB,KAAAA,CAAAA;AACjD,aAAA;AAEH;;;OAIE,MAAM0B,QAAO5B,MAAM,EAAA;AACjB,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgBiC,MAAM,CAAC;oBAAE1B,KAAOH,EAAAA;AAAM,iBAAA,CAAA;AAC9D,aAAA;YAED8B,gBAAiBC,CAAAA,CAAAA,QAAQ,EAAEpB,IAAI,EAAA;gBAC7B,OAAO1B,MAAAA,CAAO+C,OAAO,CAACD,QAAUpB,EAAAA,IAAAA,CAAAA;AACjC,aAAA;AAED,YAAA,MAAMsB,uBAAsBpC,IAAI,EAAA;AAC9B,gBAAA,MAAMqC,wBAAwBxC,UAAW,CAAA,mBAAA,CAAA;AACzC,gBAAA,MAAMyC,WAAc,GAAA,MAAMrC,MAAOsC,CAAAA,KAAK,CAAC;oBAAE3B,IAAM,EAAA,QAAA;oBAAU4B,IAAM,EAAA;AAAmB,iBAAA,CAAA;gBAClF,MAAMC,UAAAA,GAAaxC,MAAOS,CAAAA,QAAQ,CAACX,cAAAA,CAAAA;AAEnC,gBAAA,MAAM2C,QAAW,GAAA,MAAMJ,WACpBd,CAAAA,GAAG,CAAC;oBAAEb,GAAK,EAAA;mBACXgC,IAAI,CAAC,CAACC,aAAeA,UAAWC,CAAAA,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAMvD,QAAAA,CAASwD,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAQT,EAAAA,UAAAA;AACR/B,oBAAAA,QAAAA,EAAUT,MAAOS,CAAAA,QAAQ,CAACyC,IAAI,CAAClD,MAAAA;iBAEjCD,EAAAA,IAAAA,CAAAA;AAGF,gBAAA,MAAMoD,oBAAoBlE,MAAOmE,CAAAA,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACnC,IAAI,CAACnB,IAAAA,CAAKsB,EAAE,EAAE;AAAE8B,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAYtD,GAAAA,MAAAA,CAAOuD,MAAM,CAAChC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFkB,QAASe,CAAAA,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAKrE,QACHW,MAAOuD,CAAAA,MAAM,CAAChC,GAAG,CAAC,uBAClB+B,SACA,EAAA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAY3D,MAAOuD,CAAAA,MAAM,CAAChC,GAAG,CAAC,oBAAA,CAAA;AAC9BqC,wBAAAA,SAAAA,EAAW5D,MAAOuD,CAAAA,MAAM,CAAChC,GAAG,CAAC,mBAAA,CAAA;wBAC7BsC,IAAMf,EAAAA,iBAAAA;wBACNgB,IAAMX,EAAAA;AACd,qBAAA,CAAA;oBAEMV,QAASsB,CAAAA,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAMf,EAAAA;AACd,qBAAA,CAAA;AACA,iBAAA,CAAM,OAAM;oBACN9C,MAAOgE,CAAAA,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACD;;gBAGD,MAAMjE,MAAAA,CACHkE,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAItE,KAAKuE,KAAK;oBACdC,IACE9B,EAAAA,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,QAAS8B,CAAAA,IAAI,CAAChC,IAAI,GACrC,CAAC,EAAEE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAC,GAChDE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}

package/dist/server/services/user.mjs ADDED Viewed

@@ -0,0 +1,177 @@
+import require$$0 from 'crypto';
+import require$$1 from 'bcryptjs';
+import require$$2 from 'url-join';
+import require$$1$1 from '@strapi/utils';
+import require$$0$1 from 'lodash/fp';
+import { __require as requireUtils } from '../utils/index.mjs';
+var user;
+var hasRequiredUser;
+function requireUser() {
+    if (hasRequiredUser) return user;
+    hasRequiredUser = 1;
+    /**
+	 * User.js service
+	 *
+	 * @description: A set of functions similar to controller's actions to avoid code duplication.
+	 */ const crypto = require$$0;
+    const bcrypt = require$$1;
+    const urlJoin = require$$2;
+    const { sanitize } = require$$1$1;
+    const { toNumber, getOr } = require$$0$1;
+    const { getService } = requireUtils();
+    const USER_MODEL_UID = 'plugin::users-permissions.user';
+    user = ({ strapi })=>({
+            /**
+	   * Promise to count users
+	   *
+	   * @return {Promise}
+	   */ count (params) {
+                return strapi.db.query(USER_MODEL_UID).count({
+                    where: params
+                });
+            },
+            /**
+	   * Hashes password fields in the provided values object if they are present.
+	   * It checks each key in the values object against the model's attributes and
+	   * hashes it if the attribute type is 'password',
+	   *
+	   * @param {object} values - The object containing the fields to be hashed.
+	   * @return {object} The values object with hashed password fields if they were present.
+	   */ async ensureHashedPasswords (values) {
+                const attributes = strapi.getModel(USER_MODEL_UID).attributes;
+                for(const key in values){
+                    if (attributes[key] && attributes[key].type === 'password') {
+                        // Check if a custom encryption.rounds has been set on the password attribute
+                        const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));
+                        values[key] = await bcrypt.hash(values[key], rounds);
+                    }
+                }
+                return values;
+            },
+            /**
+	   * Promise to add a/an user.
+	   * @return {Promise}
+	   */ async add (values) {
+                return strapi.db.query(USER_MODEL_UID).create({
+                    data: await this.ensureHashedPasswords(values),
+                    populate: [
+                        'role'
+                    ]
+                });
+            },
+            /**
+	   * Promise to edit a/an user.
+	   * @param {string} userId
+	   * @param {object} params
+	   * @return {Promise}
+	   */ async edit (userId, params = {}) {
+                return strapi.db.query(USER_MODEL_UID).update({
+                    where: {
+                        id: userId
+                    },
+                    data: await this.ensureHashedPasswords(params),
+                    populate: [
+                        'role'
+                    ]
+                });
+            },
+            /**
+	   * Promise to fetch a/an user.
+	   * @return {Promise}
+	   */ fetch (id, params) {
+                const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});
+                return strapi.db.query(USER_MODEL_UID).findOne({
+                    ...query,
+                    where: {
+                        $and: [
+                            {
+                                id
+                            },
+                            query.where || {}
+                        ]
+                    }
+                });
+            },
+            /**
+	   * Promise to fetch authenticated user.
+	   * @return {Promise}
+	   */ fetchAuthenticatedUser (id) {
+                return strapi.db.query(USER_MODEL_UID).findOne({
+                    where: {
+                        id
+                    },
+                    populate: [
+                        'role'
+                    ]
+                });
+            },
+            /**
+	   * Promise to fetch all users.
+	   * @return {Promise}
+	   */ fetchAll (params) {
+                const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});
+                return strapi.db.query(USER_MODEL_UID).findMany(query);
+            },
+            /**
+	   * Promise to remove a/an user.
+	   * @return {Promise}
+	   */ async remove (params) {
+                return strapi.db.query(USER_MODEL_UID).delete({
+                    where: params
+                });
+            },
+            validatePassword (password, hash) {
+                return bcrypt.compare(password, hash);
+            },
+            async sendConfirmationEmail (user) {
+                const userPermissionService = getService('users-permissions');
+                const pluginStore = await strapi.store({
+                    type: 'plugin',
+                    name: 'users-permissions'
+                });
+                const userSchema = strapi.getModel(USER_MODEL_UID);
+                const settings = await pluginStore.get({
+                    key: 'email'
+                }).then((storeEmail)=>storeEmail.email_confirmation.options);
+                // Sanitize the template's user information
+                const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput({
+                    schema: userSchema,
+                    getModel: strapi.getModel.bind(strapi)
+                }, user);
+                const confirmationToken = crypto.randomBytes(20).toString('hex');
+                await this.edit(user.id, {
+                    confirmationToken
+                });
+                const apiPrefix = strapi.config.get('api.rest.prefix');
+                try {
+                    settings.message = await userPermissionService.template(settings.message, {
+                        URL: urlJoin(strapi.config.get('server.absoluteUrl'), apiPrefix, '/auth/email-confirmation'),
+                        SERVER_URL: strapi.config.get('server.absoluteUrl'),
+                        ADMIN_URL: strapi.config.get('admin.absoluteUrl'),
+                        USER: sanitizedUserInfo,
+                        CODE: confirmationToken
+                    });
+                    settings.object = await userPermissionService.template(settings.object, {
+                        USER: sanitizedUserInfo
+                    });
+                } catch  {
+                    strapi.log.error('[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for "user confirmation email". Please make sure your email template is valid and does not contain invalid characters or patterns');
+                    return;
+                }
+                // Send an email to the user.
+                await strapi.plugin('email').service('email').send({
+                    to: user.email,
+                    from: settings.from.email && settings.from.name ? `${settings.from.name} <${settings.from.email}>` : undefined,
+                    replyTo: settings.response_email,
+                    subject: settings.object,
+                    text: settings.message,
+                    html: settings.message
+                });
+            }
+        });
+    return user;
+}
+export { requireUser as __require };
+//# sourceMappingURL=user.mjs.map

package/dist/server/services/user.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user.mjs","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nmodule.exports = ({ strapi }) => ({\n /**\n * Promise to count users\n *\n * @return {Promise}\n */\n\n count(params) {\n return strapi.db.query(USER_MODEL_UID).count({ where: params });\n },\n\n /**\n * Hashes password fields in the provided values object if they are present.\n * It checks each key in the values object against the model's attributes and\n * hashes it if the attribute type is 'password',\n *\n * @param {object} values - The object containing the fields to be hashed.\n * @return {object} The values object with hashed password fields if they were present.\n */\n async ensureHashedPasswords(values) {\n const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n for (const key in values) {\n if (attributes[key] && attributes[key].type === 'password') {\n // Check if a custom encryption.rounds has been set on the password attribute\n const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n values[key] = await bcrypt.hash(values[key], rounds);\n }\n }\n\n return values;\n },\n\n /**\n * Promise to add a/an user.\n * @return {Promise}\n */\n async add(values) {\n return strapi.db.query(USER_MODEL_UID).create({\n data: await this.ensureHashedPasswords(values),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to edit a/an user.\n * @param {string} userId\n * @param {object} params\n * @return {Promise}\n */\n async edit(userId, params = {}) {\n return strapi.db.query(USER_MODEL_UID).update({\n where: { id: userId },\n data: await this.ensureHashedPasswords(params),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to fetch a/an user.\n * @return {Promise}\n */\n fetch(id, params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findOne({\n ...query,\n where: {\n $and: [{ id }, query.where || {}],\n },\n });\n },\n\n /**\n * Promise to fetch authenticated user.\n * @return {Promise}\n */\n fetchAuthenticatedUser(id) {\n return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n },\n\n /**\n * Promise to fetch all users.\n * @return {Promise}\n */\n fetchAll(params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findMany(query);\n },\n\n /**\n * Promise to remove a/an user.\n * @return {Promise}\n */\n async remove(params) {\n return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n },\n\n validatePassword(password, hash) {\n return bcrypt.compare(password, hash);\n },\n\n async sendConfirmationEmail(user) {\n const userPermissionService = getService('users-permissions');\n const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n const userSchema = strapi.getModel(USER_MODEL_UID);\n\n const settings = await pluginStore\n .get({ key: 'email' })\n .then((storeEmail) => storeEmail.email_confirmation.options);\n\n // Sanitize the template's user information\n const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n {\n schema: userSchema,\n getModel: strapi.getModel.bind(strapi),\n },\n user\n );\n\n const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n await this.edit(user.id, { confirmationToken });\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n\n try {\n settings.message = await userPermissionService.template(settings.message, {\n URL: urlJoin(\n strapi.config.get('server.absoluteUrl'),\n apiPrefix,\n '/auth/email-confirmation'\n ),\n SERVER_URL: strapi.config.get('server.absoluteUrl'),\n ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n USER: sanitizedUserInfo,\n CODE: confirmationToken,\n });\n\n settings.object = await userPermissionService.template(settings.object, {\n USER: sanitizedUserInfo,\n });\n } catch {\n strapi.log.error(\n '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n );\n return;\n }\n\n // Send an email to the user.\n await strapi\n .plugin('email')\n .service('email')\n .send({\n to: user.email,\n from:\n settings.from.email && settings.from.name\n ? `${settings.from.name} <${settings.from.email}>`\n : undefined,\n replyTo: settings.response_email,\n subject: settings.object,\n text: settings.message,\n html: settings.message,\n });\n },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","user","strapi","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","create","data","populate","edit","userId","update","id","fetch","get","transform","findOne","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAASC,GAAAA,UAAAA;AACf,IAAA,MAAMC,MAASC,GAAAA,UAAAA;AACf,IAAA,MAAMC,OAAUC,GAAAA,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,YAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,YAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAiB,GAAA,gCAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEC,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgBG,KAAK,CAAC;oBAAEI,KAAOH,EAAAA;AAAM,iBAAA,CAAA;AAC7D,aAAA;AAEH;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAaR,GAAAA,MAAAA,CAAOS,QAAQ,CAACX,gBAAgBU,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAQ,CAAA;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAI,CAAA,CAACC,IAAI,KAAK,UAAY,EAAA;;AAE1D,wBAAA,MAAMC,SAASnB,QAASC,CAAAA,KAAAA,CAAM,IAAI,mBAAqBc,EAAAA,UAAU,CAACE,GAAI,CAAA,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAI,CAAA,GAAG,MAAMvB,MAAAA,CAAO0B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AAC9C;AACF;gBAED,OAAOL,MAAAA;AACR,aAAA;AAEH;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;AACd,gBAAA,OAAOP,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgBiB,MAAM,CAAC;AAC5CC,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACC,MAAAA,CAAAA;oBACvCU,QAAU,EAAA;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACG,aAAA;AAEH;;;;;AAKA,OACE,MAAMC,IAAKC,CAAAA,CAAAA,MAAM,EAAEjB,MAAAA,GAAS,EAAE,EAAA;AAC5B,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgBsB,MAAM,CAAC;oBAC5Cf,KAAO,EAAA;wBAAEgB,EAAIF,EAAAA;AAAQ,qBAAA;AACrBH,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACJ,MAAAA,CAAAA;oBACvCe,QAAU,EAAA;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACG,aAAA;AAEH;;;OAIEK,KAAAA,CAAAA,CAAMD,EAAE,EAAEnB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQJ,OAAOuB,GAAG,CAAC,gBAAgBC,SAAS,CAAC1B,cAAgBI,EAAAA,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgB2B,OAAO,CAAC;AAC7C,oBAAA,GAAGrB,KAAK;oBACRC,KAAO,EAAA;wBACLqB,IAAM,EAAA;AAAC,4BAAA;AAAEL,gCAAAA;AAAE,6BAAA;4BAAIjB,KAAMC,CAAAA,KAAK,IAAI;AAAG;AAClC;AACP,iBAAA,CAAA;AACG,aAAA;AAEH;;;AAGA,OACEsB,wBAAuBN,EAAE,EAAA;AACvB,gBAAA,OAAOrB,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgB2B,OAAO,CAAC;oBAAEpB,KAAO,EAAA;AAAEgB,wBAAAA;AAAE,qBAAA;oBAAIJ,QAAU,EAAA;AAAC,wBAAA;AAAO;AAAE,iBAAA,CAAA;AACrF,aAAA;AAEH;;;AAGA,OACEW,UAAS1B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQJ,OAAOuB,GAAG,CAAC,gBAAgBC,SAAS,CAAC1B,cAAgBI,EAAAA,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgB+B,QAAQ,CAACzB,KAAAA,CAAAA;AACjD,aAAA;AAEH;;;OAIE,MAAM0B,QAAO5B,MAAM,EAAA;AACjB,gBAAA,OAAOF,OAAOG,EAAE,CAACC,KAAK,CAACN,cAAAA,CAAAA,CAAgBiC,MAAM,CAAC;oBAAE1B,KAAOH,EAAAA;AAAM,iBAAA,CAAA;AAC9D,aAAA;YAED8B,gBAAiBC,CAAAA,CAAAA,QAAQ,EAAEpB,IAAI,EAAA;gBAC7B,OAAO1B,MAAAA,CAAO+C,OAAO,CAACD,QAAUpB,EAAAA,IAAAA,CAAAA;AACjC,aAAA;AAED,YAAA,MAAMsB,uBAAsBpC,IAAI,EAAA;AAC9B,gBAAA,MAAMqC,wBAAwBxC,UAAW,CAAA,mBAAA,CAAA;AACzC,gBAAA,MAAMyC,WAAc,GAAA,MAAMrC,MAAOsC,CAAAA,KAAK,CAAC;oBAAE3B,IAAM,EAAA,QAAA;oBAAU4B,IAAM,EAAA;AAAmB,iBAAA,CAAA;gBAClF,MAAMC,UAAAA,GAAaxC,MAAOS,CAAAA,QAAQ,CAACX,cAAAA,CAAAA;AAEnC,gBAAA,MAAM2C,QAAW,GAAA,MAAMJ,WACpBd,CAAAA,GAAG,CAAC;oBAAEb,GAAK,EAAA;mBACXgC,IAAI,CAAC,CAACC,aAAeA,UAAWC,CAAAA,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAMvD,QAAAA,CAASwD,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAQT,EAAAA,UAAAA;AACR/B,oBAAAA,QAAAA,EAAUT,MAAOS,CAAAA,QAAQ,CAACyC,IAAI,CAAClD,MAAAA;iBAEjCD,EAAAA,IAAAA,CAAAA;AAGF,gBAAA,MAAMoD,oBAAoBlE,MAAOmE,CAAAA,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACnC,IAAI,CAACnB,IAAAA,CAAKsB,EAAE,EAAE;AAAE8B,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAYtD,GAAAA,MAAAA,CAAOuD,MAAM,CAAChC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFkB,QAASe,CAAAA,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAKrE,QACHW,MAAOuD,CAAAA,MAAM,CAAChC,GAAG,CAAC,uBAClB+B,SACA,EAAA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAY3D,MAAOuD,CAAAA,MAAM,CAAChC,GAAG,CAAC,oBAAA,CAAA;AAC9BqC,wBAAAA,SAAAA,EAAW5D,MAAOuD,CAAAA,MAAM,CAAChC,GAAG,CAAC,mBAAA,CAAA;wBAC7BsC,IAAMf,EAAAA,iBAAAA;wBACNgB,IAAMX,EAAAA;AACd,qBAAA,CAAA;oBAEMV,QAASsB,CAAAA,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAMf,EAAAA;AACd,qBAAA,CAAA;AACA,iBAAA,CAAM,OAAM;oBACN9C,MAAOgE,CAAAA,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACD;;gBAGD,MAAMjE,MAAAA,CACHkE,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAItE,KAAKuE,KAAK;oBACdC,IACE9B,EAAAA,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,QAAS8B,CAAAA,IAAI,CAAChC,IAAI,GACrC,CAAC,EAAEE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAC,GAChDE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}