@strapi/plugin-users-permissions 5.12.1 → 5.12.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/components/BoundRoute/getMethodColor.js +49 -0
- package/dist/admin/components/BoundRoute/getMethodColor.js.map +1 -0
- package/dist/admin/components/BoundRoute/getMethodColor.mjs +47 -0
- package/dist/admin/components/BoundRoute/getMethodColor.mjs.map +1 -0
- package/dist/admin/components/BoundRoute/index.js +98 -0
- package/dist/admin/components/BoundRoute/index.js.map +1 -0
- package/dist/admin/components/BoundRoute/index.mjs +96 -0
- package/dist/admin/components/BoundRoute/index.mjs.map +1 -0
- package/dist/admin/components/FormModal/Input/index.js +123 -0
- package/dist/admin/components/FormModal/Input/index.js.map +1 -0
- package/dist/admin/components/FormModal/Input/index.mjs +121 -0
- package/dist/admin/components/FormModal/Input/index.mjs.map +1 -0
- package/dist/admin/components/FormModal/index.js +110 -0
- package/dist/admin/components/FormModal/index.js.map +1 -0
- package/dist/admin/components/FormModal/index.mjs +108 -0
- package/dist/admin/components/FormModal/index.mjs.map +1 -0
- package/dist/admin/components/Permissions/PermissionRow/CheckboxWrapper.js +33 -0
- package/dist/admin/components/Permissions/PermissionRow/CheckboxWrapper.js.map +1 -0
- package/dist/admin/components/Permissions/PermissionRow/CheckboxWrapper.mjs +31 -0
- package/dist/admin/components/Permissions/PermissionRow/CheckboxWrapper.mjs.map +1 -0
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.js +156 -0
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.js.map +1 -0
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.mjs +154 -0
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.mjs.map +1 -0
- package/dist/admin/components/Permissions/PermissionRow/index.js +50 -0
- package/dist/admin/components/Permissions/PermissionRow/index.js.map +1 -0
- package/dist/admin/components/Permissions/PermissionRow/index.mjs +48 -0
- package/dist/admin/components/Permissions/PermissionRow/index.mjs.map +1 -0
- package/dist/admin/components/Permissions/index.js +52 -0
- package/dist/admin/components/Permissions/index.js.map +1 -0
- package/dist/admin/components/Permissions/index.mjs +50 -0
- package/dist/admin/components/Permissions/index.mjs.map +1 -0
- package/dist/admin/components/Permissions/init.js +15 -0
- package/dist/admin/components/Permissions/init.js.map +1 -0
- package/dist/admin/components/Permissions/init.mjs +13 -0
- package/dist/admin/components/Permissions/init.mjs.map +1 -0
- package/dist/admin/components/Permissions/reducer.js +34 -0
- package/dist/admin/components/Permissions/reducer.js.map +1 -0
- package/dist/admin/components/Permissions/reducer.mjs +31 -0
- package/dist/admin/components/Permissions/reducer.mjs.map +1 -0
- package/dist/admin/components/Policies/index.js +67 -0
- package/dist/admin/components/Policies/index.js.map +1 -0
- package/dist/admin/components/Policies/index.mjs +65 -0
- package/dist/admin/components/Policies/index.mjs.map +1 -0
- package/dist/admin/components/UsersPermissions/index.js +115 -0
- package/dist/admin/components/UsersPermissions/index.js.map +1 -0
- package/dist/admin/components/UsersPermissions/index.mjs +113 -0
- package/dist/admin/components/UsersPermissions/index.mjs.map +1 -0
- package/dist/admin/components/UsersPermissions/init.js +13 -0
- package/dist/admin/components/UsersPermissions/init.js.map +1 -0
- package/dist/admin/components/UsersPermissions/init.mjs +11 -0
- package/dist/admin/components/UsersPermissions/init.mjs.map +1 -0
- package/dist/admin/components/UsersPermissions/reducer.js +73 -0
- package/dist/admin/components/UsersPermissions/reducer.js.map +1 -0
- package/dist/admin/components/UsersPermissions/reducer.mjs +68 -0
- package/dist/admin/components/UsersPermissions/reducer.mjs.map +1 -0
- package/dist/admin/constants.js +81 -0
- package/dist/admin/constants.js.map +1 -0
- package/dist/admin/constants.mjs +79 -0
- package/dist/admin/constants.mjs.map +1 -0
- package/dist/admin/contexts/UsersPermissionsContext/index.js +23 -0
- package/dist/admin/contexts/UsersPermissionsContext/index.js.map +1 -0
- package/dist/admin/contexts/UsersPermissionsContext/index.mjs +19 -0
- package/dist/admin/contexts/UsersPermissionsContext/index.mjs.map +1 -0
- package/dist/admin/index.js +119 -2
- package/dist/admin/index.js.map +1 -1
- package/dist/admin/index.mjs +120 -1
- package/dist/admin/index.mjs.map +1 -1
- package/dist/admin/package.json.js +14 -0
- package/dist/admin/package.json.js.map +1 -0
- package/dist/admin/package.json.mjs +11 -0
- package/dist/admin/package.json.mjs.map +1 -0
- package/dist/admin/{chunks/index-DFnYIqrB.js → pages/AdvancedSettings/index.js} +14 -121
- package/dist/admin/pages/AdvancedSettings/index.js.map +1 -0
- package/dist/admin/{chunks/index-Cy-tPfRk.mjs → pages/AdvancedSettings/index.mjs} +6 -94
- package/dist/admin/pages/AdvancedSettings/index.mjs.map +1 -0
- package/dist/admin/pages/AdvancedSettings/utils/layout.js +83 -0
- package/dist/admin/pages/AdvancedSettings/utils/layout.js.map +1 -0
- package/dist/admin/pages/AdvancedSettings/utils/layout.mjs +81 -0
- package/dist/admin/pages/AdvancedSettings/utils/layout.mjs.map +1 -0
- package/dist/admin/pages/AdvancedSettings/utils/schema.js +40 -0
- package/dist/admin/pages/AdvancedSettings/utils/schema.js.map +1 -0
- package/dist/admin/pages/AdvancedSettings/utils/schema.mjs +19 -0
- package/dist/admin/pages/AdvancedSettings/utils/schema.mjs.map +1 -0
- package/dist/admin/pages/EmailTemplates/components/EmailForm.js +171 -0
- package/dist/admin/pages/EmailTemplates/components/EmailForm.js.map +1 -0
- package/dist/admin/pages/EmailTemplates/components/EmailForm.mjs +169 -0
- package/dist/admin/pages/EmailTemplates/components/EmailForm.mjs.map +1 -0
- package/dist/admin/pages/EmailTemplates/components/EmailTable.js +145 -0
- package/dist/admin/pages/EmailTemplates/components/EmailTable.js.map +1 -0
- package/dist/admin/pages/EmailTemplates/components/EmailTable.mjs +143 -0
- package/dist/admin/pages/EmailTemplates/components/EmailTable.mjs.map +1 -0
- package/dist/admin/pages/EmailTemplates/index.js +157 -0
- package/dist/admin/pages/EmailTemplates/index.js.map +1 -0
- package/dist/admin/pages/EmailTemplates/index.mjs +135 -0
- package/dist/admin/pages/EmailTemplates/index.mjs.map +1 -0
- package/dist/admin/pages/EmailTemplates/utils/schema.js +50 -0
- package/dist/admin/pages/EmailTemplates/utils/schema.js.map +1 -0
- package/dist/admin/pages/EmailTemplates/utils/schema.mjs +29 -0
- package/dist/admin/pages/EmailTemplates/utils/schema.mjs.map +1 -0
- package/dist/admin/pages/Providers/index.js +278 -0
- package/dist/admin/pages/Providers/index.js.map +1 -0
- package/dist/admin/pages/Providers/index.mjs +254 -0
- package/dist/admin/pages/Providers/index.mjs.map +1 -0
- package/dist/admin/pages/Providers/utils/forms.js +281 -0
- package/dist/admin/pages/Providers/utils/forms.js.map +1 -0
- package/dist/admin/pages/Providers/utils/forms.mjs +260 -0
- package/dist/admin/pages/Providers/utils/forms.mjs.map +1 -0
- package/dist/admin/pages/Roles/constants.js +31 -0
- package/dist/admin/pages/Roles/constants.js.map +1 -0
- package/dist/admin/pages/Roles/constants.mjs +10 -0
- package/dist/admin/pages/Roles/constants.mjs.map +1 -0
- package/dist/admin/pages/Roles/hooks/usePlugins.js +78 -0
- package/dist/admin/pages/Roles/hooks/usePlugins.js.map +1 -0
- package/dist/admin/pages/Roles/hooks/usePlugins.mjs +76 -0
- package/dist/admin/pages/Roles/hooks/usePlugins.mjs.map +1 -0
- package/dist/admin/pages/Roles/index.js +35 -0
- package/dist/admin/pages/Roles/index.js.map +1 -0
- package/dist/admin/pages/Roles/index.mjs +33 -0
- package/dist/admin/pages/Roles/index.mjs.map +1 -0
- package/dist/admin/pages/Roles/pages/CreatePage.js +225 -0
- package/dist/admin/pages/Roles/pages/CreatePage.js.map +1 -0
- package/dist/admin/pages/Roles/pages/CreatePage.mjs +203 -0
- package/dist/admin/pages/Roles/pages/CreatePage.mjs.map +1 -0
- package/dist/admin/pages/Roles/pages/EditPage.js +229 -0
- package/dist/admin/pages/Roles/pages/EditPage.js.map +1 -0
- package/dist/admin/pages/Roles/pages/EditPage.mjs +207 -0
- package/dist/admin/pages/Roles/pages/EditPage.mjs.map +1 -0
- package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js +125 -0
- package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js.map +1 -0
- package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.mjs +123 -0
- package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.mjs.map +1 -0
- package/dist/admin/pages/Roles/pages/ListPage/index.js +237 -0
- package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -0
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs +234 -0
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -0
- package/dist/admin/pluginId.js +8 -0
- package/dist/admin/pluginId.js.map +1 -0
- package/dist/admin/pluginId.mjs +6 -0
- package/dist/admin/pluginId.mjs.map +1 -0
- package/dist/admin/{chunks/ar-BJwjobLp.js → translations/ar.json.js} +2 -2
- package/dist/admin/translations/ar.json.js.map +1 -0
- package/dist/admin/{chunks/ar-G6bUGuUb.mjs → translations/ar.json.mjs} +1 -1
- package/dist/admin/translations/ar.json.mjs.map +1 -0
- package/dist/admin/{chunks/cs-uS_SIEo8.js → translations/cs.json.js} +2 -2
- package/dist/admin/translations/cs.json.js.map +1 -0
- package/dist/admin/{chunks/cs-Bu59JqhG.mjs → translations/cs.json.mjs} +1 -1
- package/dist/admin/translations/cs.json.mjs.map +1 -0
- package/dist/admin/{chunks/de-7MVMrqqI.js → translations/de.json.js} +2 -2
- package/dist/admin/translations/de.json.js.map +1 -0
- package/dist/admin/{chunks/de-B81A69_5.mjs → translations/de.json.mjs} +1 -1
- package/dist/admin/translations/de.json.mjs.map +1 -0
- package/dist/admin/{chunks/dk-DwCLGmy9.js → translations/dk.json.js} +2 -2
- package/dist/admin/translations/dk.json.js.map +1 -0
- package/dist/admin/{chunks/dk-BaelzvBE.mjs → translations/dk.json.mjs} +1 -1
- package/dist/admin/translations/dk.json.mjs.map +1 -0
- package/dist/admin/{chunks/en-DwQjkHi_.js → translations/en.json.js} +2 -2
- package/dist/admin/translations/en.json.js.map +1 -0
- package/dist/admin/{chunks/en-BhgCBe7M.mjs → translations/en.json.mjs} +1 -1
- package/dist/admin/translations/en.json.mjs.map +1 -0
- package/dist/admin/{chunks/es-BOJOedG5.js → translations/es.json.js} +2 -2
- package/dist/admin/translations/es.json.js.map +1 -0
- package/dist/admin/{chunks/es-B0wXmvRj.mjs → translations/es.json.mjs} +1 -1
- package/dist/admin/translations/es.json.mjs.map +1 -0
- package/dist/admin/{chunks/fr-BDNWCNs0.js → translations/fr.json.js} +2 -2
- package/dist/admin/translations/fr.json.js.map +1 -0
- package/dist/admin/{chunks/fr-CGYvGUXg.mjs → translations/fr.json.mjs} +1 -1
- package/dist/admin/translations/fr.json.mjs.map +1 -0
- package/dist/admin/{chunks/id-UqUPykHZ.js → translations/id.json.js} +2 -2
- package/dist/admin/translations/id.json.js.map +1 -0
- package/dist/admin/{chunks/id-CNzbwFjA.mjs → translations/id.json.mjs} +1 -1
- package/dist/admin/translations/id.json.mjs.map +1 -0
- package/dist/admin/{chunks/it-D5VuyoLU.js → translations/it.json.js} +2 -2
- package/dist/admin/translations/it.json.js.map +1 -0
- package/dist/admin/{chunks/it-B2H2foTf.mjs → translations/it.json.mjs} +1 -1
- package/dist/admin/translations/it.json.mjs.map +1 -0
- package/dist/admin/{chunks/ja-MpqVsCgs.js → translations/ja.json.js} +2 -2
- package/dist/admin/translations/ja.json.js.map +1 -0
- package/dist/admin/{chunks/ja-C0z9d7L9.mjs → translations/ja.json.mjs} +1 -1
- package/dist/admin/translations/ja.json.mjs.map +1 -0
- package/dist/admin/{chunks/ko-Bm-grPSc.js → translations/ko.json.js} +2 -2
- package/dist/admin/translations/ko.json.js.map +1 -0
- package/dist/admin/{chunks/ko-CzUgzpeS.mjs → translations/ko.json.mjs} +1 -1
- package/dist/admin/translations/ko.json.mjs.map +1 -0
- package/dist/admin/{chunks/ms-D7eyBD5H.js → translations/ms.json.js} +2 -2
- package/dist/admin/translations/ms.json.js.map +1 -0
- package/dist/admin/{chunks/ms-CCacxjim.mjs → translations/ms.json.mjs} +1 -1
- package/dist/admin/translations/ms.json.mjs.map +1 -0
- package/dist/admin/{chunks/nl-BIOwAQtI.js → translations/nl.json.js} +2 -2
- package/dist/admin/translations/nl.json.js.map +1 -0
- package/dist/admin/{chunks/nl-DDC3nZW-.mjs → translations/nl.json.mjs} +1 -1
- package/dist/admin/translations/nl.json.mjs.map +1 -0
- package/dist/admin/{chunks/pl-D5BeNrg_.js → translations/pl.json.js} +2 -2
- package/dist/admin/translations/pl.json.js.map +1 -0
- package/dist/admin/{chunks/pl-XkS463rN.mjs → translations/pl.json.mjs} +1 -1
- package/dist/admin/translations/pl.json.mjs.map +1 -0
- package/dist/admin/{chunks/pt-BR-DxPBzQGx.js → translations/pt-BR.json.js} +2 -2
- package/dist/admin/translations/pt-BR.json.js.map +1 -0
- package/dist/admin/{chunks/pt-BR-8cC7z8Km.mjs → translations/pt-BR.json.mjs} +1 -1
- package/dist/admin/translations/pt-BR.json.mjs.map +1 -0
- package/dist/admin/{chunks/pt-kkCwzNvH.js → translations/pt.json.js} +2 -2
- package/dist/admin/translations/pt.json.js.map +1 -0
- package/dist/admin/{chunks/pt-DQpEvio8.mjs → translations/pt.json.mjs} +1 -1
- package/dist/admin/translations/pt.json.mjs.map +1 -0
- package/dist/admin/{chunks/ru-BQ0gHmp3.js → translations/ru.json.js} +2 -2
- package/dist/admin/translations/ru.json.js.map +1 -0
- package/dist/admin/{chunks/ru-nzL_7Mhg.mjs → translations/ru.json.mjs} +1 -1
- package/dist/admin/translations/ru.json.mjs.map +1 -0
- package/dist/admin/{chunks/sk-nVwAPdYC.js → translations/sk.json.js} +2 -2
- package/dist/admin/translations/sk.json.js.map +1 -0
- package/dist/admin/{chunks/sk-Ddxc_tZA.mjs → translations/sk.json.mjs} +1 -1
- package/dist/admin/translations/sk.json.mjs.map +1 -0
- package/dist/admin/{chunks/sv-BDfk2A-F.js → translations/sv.json.js} +2 -2
- package/dist/admin/translations/sv.json.js.map +1 -0
- package/dist/admin/{chunks/sv-By3RYpMG.mjs → translations/sv.json.mjs} +1 -1
- package/dist/admin/translations/sv.json.mjs.map +1 -0
- package/dist/admin/{chunks/th-BtTtpHe2.js → translations/th.json.js} +2 -2
- package/dist/admin/translations/th.json.js.map +1 -0
- package/dist/admin/{chunks/th-COl50vqb.mjs → translations/th.json.mjs} +1 -1
- package/dist/admin/translations/th.json.mjs.map +1 -0
- package/dist/admin/{chunks/tr-Di-Nf7cT.js → translations/tr.json.js} +2 -2
- package/dist/admin/translations/tr.json.js.map +1 -0
- package/dist/admin/{chunks/tr-80SJU6jg.mjs → translations/tr.json.mjs} +1 -1
- package/dist/admin/translations/tr.json.mjs.map +1 -0
- package/dist/admin/{chunks/uk-r5zXTAS7.js → translations/uk.json.js} +2 -2
- package/dist/admin/translations/uk.json.js.map +1 -0
- package/dist/admin/{chunks/uk-DnrIlPwG.mjs → translations/uk.json.mjs} +1 -1
- package/dist/admin/translations/uk.json.mjs.map +1 -0
- package/dist/admin/{chunks/vi-D9cCsHsU.js → translations/vi.json.js} +2 -2
- package/dist/admin/translations/vi.json.js.map +1 -0
- package/dist/admin/{chunks/vi-69AF03Iv.mjs → translations/vi.json.mjs} +1 -1
- package/dist/admin/translations/vi.json.mjs.map +1 -0
- package/dist/admin/{chunks/zh-Hans-CKqQbpsM.js → translations/zh-Hans.json.js} +2 -2
- package/dist/admin/translations/zh-Hans.json.js.map +1 -0
- package/dist/admin/{chunks/zh-Hans-DmDcSsp7.mjs → translations/zh-Hans.json.mjs} +1 -1
- package/dist/admin/translations/zh-Hans.json.mjs.map +1 -0
- package/dist/admin/{chunks/zh-BzWgJEzz.js → translations/zh.json.js} +2 -2
- package/dist/admin/translations/zh.json.js.map +1 -0
- package/dist/admin/{chunks/zh-BzSkqxo-.mjs → translations/zh.json.mjs} +1 -1
- package/dist/admin/translations/zh.json.mjs.map +1 -0
- package/dist/admin/utils/cleanPermissions.js +24 -0
- package/dist/admin/utils/cleanPermissions.js.map +1 -0
- package/dist/admin/utils/cleanPermissions.mjs +22 -0
- package/dist/admin/utils/cleanPermissions.mjs.map +1 -0
- package/dist/admin/utils/formatPluginName.js +29 -0
- package/dist/admin/utils/formatPluginName.js.map +1 -0
- package/dist/admin/utils/formatPluginName.mjs +27 -0
- package/dist/admin/utils/formatPluginName.mjs.map +1 -0
- package/dist/admin/utils/getTrad.js +8 -0
- package/dist/admin/utils/getTrad.js.map +1 -0
- package/dist/admin/utils/getTrad.mjs +6 -0
- package/dist/admin/utils/getTrad.mjs.map +1 -0
- package/dist/admin/utils/prefixPluginTranslations.js +11 -0
- package/dist/admin/utils/prefixPluginTranslations.js.map +1 -0
- package/dist/admin/utils/prefixPluginTranslations.mjs +9 -0
- package/dist/admin/utils/prefixPluginTranslations.mjs.map +1 -0
- package/dist/server/_virtual/_commonjsHelpers.js +8 -0
- package/dist/server/_virtual/_commonjsHelpers.js.map +1 -0
- package/dist/server/_virtual/_commonjsHelpers.mjs +6 -0
- package/dist/server/_virtual/_commonjsHelpers.mjs.map +1 -0
- package/dist/server/bootstrap/index.js +145 -0
- package/dist/server/bootstrap/index.js.map +1 -0
- package/dist/server/bootstrap/index.mjs +143 -0
- package/dist/server/bootstrap/index.mjs.map +1 -0
- package/dist/server/bootstrap/users-permissions-actions.js +98 -0
- package/dist/server/bootstrap/users-permissions-actions.js.map +1 -0
- package/dist/server/bootstrap/users-permissions-actions.mjs +96 -0
- package/dist/server/bootstrap/users-permissions-actions.mjs.map +1 -0
- package/dist/server/config.js +54 -0
- package/dist/server/config.js.map +1 -0
- package/dist/server/config.mjs +52 -0
- package/dist/server/config.mjs.map +1 -0
- package/dist/server/content-types/index.js +30 -0
- package/dist/server/content-types/index.js.map +1 -0
- package/dist/server/content-types/index.mjs +28 -0
- package/dist/server/content-types/index.mjs.map +1 -0
- package/dist/server/content-types/permission/index.js +44 -0
- package/dist/server/content-types/permission/index.js.map +1 -0
- package/dist/server/content-types/permission/index.mjs +42 -0
- package/dist/server/content-types/permission/index.mjs.map +1 -0
- package/dist/server/content-types/role/index.js +61 -0
- package/dist/server/content-types/role/index.js.map +1 -0
- package/dist/server/content-types/role/index.mjs +59 -0
- package/dist/server/content-types/role/index.mjs.map +1 -0
- package/dist/server/content-types/user/index.js +84 -0
- package/dist/server/content-types/user/index.js.map +1 -0
- package/dist/server/content-types/user/index.mjs +82 -0
- package/dist/server/content-types/user/index.mjs.map +1 -0
- package/dist/server/content-types/user/schema-config.js +25 -0
- package/dist/server/content-types/user/schema-config.js.map +1 -0
- package/dist/server/content-types/user/schema-config.mjs +23 -0
- package/dist/server/content-types/user/schema-config.mjs.map +1 -0
- package/dist/server/controllers/auth.js +429 -0
- package/dist/server/controllers/auth.js.map +1 -0
- package/dist/server/controllers/auth.mjs +427 -0
- package/dist/server/controllers/auth.mjs.map +1 -0
- package/dist/server/controllers/content-manager-user.js +168 -0
- package/dist/server/controllers/content-manager-user.js.map +1 -0
- package/dist/server/controllers/content-manager-user.mjs +166 -0
- package/dist/server/controllers/content-manager-user.mjs.map +1 -0
- package/dist/server/controllers/index.js +33 -0
- package/dist/server/controllers/index.js.map +1 -0
- package/dist/server/controllers/index.mjs +31 -0
- package/dist/server/controllers/index.mjs.map +1 -0
- package/dist/server/controllers/permissions.js +37 -0
- package/dist/server/controllers/permissions.js.map +1 -0
- package/dist/server/controllers/permissions.mjs +35 -0
- package/dist/server/controllers/permissions.mjs.map +1 -0
- package/dist/server/controllers/role.js +91 -0
- package/dist/server/controllers/role.js.map +1 -0
- package/dist/server/controllers/role.mjs +89 -0
- package/dist/server/controllers/role.mjs.map +1 -0
- package/dist/server/controllers/settings.js +107 -0
- package/dist/server/controllers/settings.js.map +1 -0
- package/dist/server/controllers/settings.mjs +105 -0
- package/dist/server/controllers/settings.mjs.map +1 -0
- package/dist/server/controllers/user.js +201 -0
- package/dist/server/controllers/user.js.map +1 -0
- package/dist/server/controllers/user.mjs +199 -0
- package/dist/server/controllers/user.mjs.map +1 -0
- package/dist/server/controllers/validation/auth.js +131 -0
- package/dist/server/controllers/validation/auth.js.map +1 -0
- package/dist/server/controllers/validation/auth.mjs +129 -0
- package/dist/server/controllers/validation/auth.mjs.map +1 -0
- package/dist/server/controllers/validation/email-template.js +72 -0
- package/dist/server/controllers/validation/email-template.js.map +1 -0
- package/dist/server/controllers/validation/email-template.mjs +70 -0
- package/dist/server/controllers/validation/email-template.mjs.map +1 -0
- package/dist/server/controllers/validation/user.js +49 -0
- package/dist/server/controllers/validation/user.js.map +1 -0
- package/dist/server/controllers/validation/user.mjs +47 -0
- package/dist/server/controllers/validation/user.mjs.map +1 -0
- package/dist/server/graphql/index.js +66 -0
- package/dist/server/graphql/index.js.map +1 -0
- package/dist/server/graphql/index.mjs +64 -0
- package/dist/server/graphql/index.mjs.map +1 -0
- package/dist/server/graphql/mutations/auth/change-password.js +40 -0
- package/dist/server/graphql/mutations/auth/change-password.js.map +1 -0
- package/dist/server/graphql/mutations/auth/change-password.mjs +38 -0
- package/dist/server/graphql/mutations/auth/change-password.mjs.map +1 -0
- package/dist/server/graphql/mutations/auth/email-confirmation.js +38 -0
- package/dist/server/graphql/mutations/auth/email-confirmation.js.map +1 -0
- package/dist/server/graphql/mutations/auth/email-confirmation.mjs +36 -0
- package/dist/server/graphql/mutations/auth/email-confirmation.mjs.map +1 -0
- package/dist/server/graphql/mutations/auth/forgot-password.js +37 -0
- package/dist/server/graphql/mutations/auth/forgot-password.js.map +1 -0
- package/dist/server/graphql/mutations/auth/forgot-password.mjs +35 -0
- package/dist/server/graphql/mutations/auth/forgot-password.mjs.map +1 -0
- package/dist/server/graphql/mutations/auth/login.js +40 -0
- package/dist/server/graphql/mutations/auth/login.js.map +1 -0
- package/dist/server/graphql/mutations/auth/login.mjs +38 -0
- package/dist/server/graphql/mutations/auth/login.mjs.map +1 -0
- package/dist/server/graphql/mutations/auth/register.js +38 -0
- package/dist/server/graphql/mutations/auth/register.js.map +1 -0
- package/dist/server/graphql/mutations/auth/register.mjs +36 -0
- package/dist/server/graphql/mutations/auth/register.mjs.map +1 -0
- package/dist/server/graphql/mutations/auth/reset-password.js +40 -0
- package/dist/server/graphql/mutations/auth/reset-password.js.map +1 -0
- package/dist/server/graphql/mutations/auth/reset-password.mjs +38 -0
- package/dist/server/graphql/mutations/auth/reset-password.mjs.map +1 -0
- package/dist/server/graphql/mutations/crud/role/create-role.js +37 -0
- package/dist/server/graphql/mutations/crud/role/create-role.js.map +1 -0
- package/dist/server/graphql/mutations/crud/role/create-role.mjs +35 -0
- package/dist/server/graphql/mutations/crud/role/create-role.mjs.map +1 -0
- package/dist/server/graphql/mutations/crud/role/delete-role.js +32 -0
- package/dist/server/graphql/mutations/crud/role/delete-role.js.map +1 -0
- package/dist/server/graphql/mutations/crud/role/delete-role.mjs +30 -0
- package/dist/server/graphql/mutations/crud/role/delete-role.mjs.map +1 -0
- package/dist/server/graphql/mutations/crud/role/update-role.js +39 -0
- package/dist/server/graphql/mutations/crud/role/update-role.js.map +1 -0
- package/dist/server/graphql/mutations/crud/role/update-role.mjs +37 -0
- package/dist/server/graphql/mutations/crud/role/update-role.mjs.map +1 -0
- package/dist/server/graphql/mutations/crud/user/create-user.js +46 -0
- package/dist/server/graphql/mutations/crud/user/create-user.js.map +1 -0
- package/dist/server/graphql/mutations/crud/user/create-user.mjs +44 -0
- package/dist/server/graphql/mutations/crud/user/create-user.mjs.map +1 -0
- package/dist/server/graphql/mutations/crud/user/delete-user.js +44 -0
- package/dist/server/graphql/mutations/crud/user/delete-user.js.map +1 -0
- package/dist/server/graphql/mutations/crud/user/delete-user.mjs +42 -0
- package/dist/server/graphql/mutations/crud/user/delete-user.mjs.map +1 -0
- package/dist/server/graphql/mutations/crud/user/update-user.js +49 -0
- package/dist/server/graphql/mutations/crud/user/update-user.js.map +1 -0
- package/dist/server/graphql/mutations/crud/user/update-user.mjs +47 -0
- package/dist/server/graphql/mutations/crud/user/update-user.mjs.map +1 -0
- package/dist/server/graphql/mutations/index.js +58 -0
- package/dist/server/graphql/mutations/index.js.map +1 -0
- package/dist/server/graphql/mutations/index.mjs +56 -0
- package/dist/server/graphql/mutations/index.mjs.map +1 -0
- package/dist/server/graphql/queries/index.js +25 -0
- package/dist/server/graphql/queries/index.js.map +1 -0
- package/dist/server/graphql/queries/index.mjs +23 -0
- package/dist/server/graphql/queries/index.mjs.map +1 -0
- package/dist/server/graphql/queries/me.js +23 -0
- package/dist/server/graphql/queries/me.js.map +1 -0
- package/dist/server/graphql/queries/me.mjs +21 -0
- package/dist/server/graphql/queries/me.mjs.map +1 -0
- package/dist/server/graphql/resolvers-configs.js +93 -0
- package/dist/server/graphql/resolvers-configs.js.map +1 -0
- package/dist/server/graphql/resolvers-configs.mjs +91 -0
- package/dist/server/graphql/resolvers-configs.mjs.map +1 -0
- package/dist/server/graphql/types/create-role-payload.js +20 -0
- package/dist/server/graphql/types/create-role-payload.js.map +1 -0
- package/dist/server/graphql/types/create-role-payload.mjs +18 -0
- package/dist/server/graphql/types/create-role-payload.mjs.map +1 -0
- package/dist/server/graphql/types/delete-role-payload.js +20 -0
- package/dist/server/graphql/types/delete-role-payload.js.map +1 -0
- package/dist/server/graphql/types/delete-role-payload.mjs +18 -0
- package/dist/server/graphql/types/delete-role-payload.mjs.map +1 -0
- package/dist/server/graphql/types/index.js +41 -0
- package/dist/server/graphql/types/index.js.map +1 -0
- package/dist/server/graphql/types/index.mjs +39 -0
- package/dist/server/graphql/types/index.mjs.map +1 -0
- package/dist/server/graphql/types/login-input.js +24 -0
- package/dist/server/graphql/types/login-input.js.map +1 -0
- package/dist/server/graphql/types/login-input.mjs +22 -0
- package/dist/server/graphql/types/login-input.mjs.map +1 -0
- package/dist/server/graphql/types/login-payload.js +23 -0
- package/dist/server/graphql/types/login-payload.js.map +1 -0
- package/dist/server/graphql/types/login-payload.mjs +21 -0
- package/dist/server/graphql/types/login-payload.mjs.map +1 -0
- package/dist/server/graphql/types/me-role.js +23 -0
- package/dist/server/graphql/types/me-role.js.map +1 -0
- package/dist/server/graphql/types/me-role.mjs +21 -0
- package/dist/server/graphql/types/me-role.mjs.map +1 -0
- package/dist/server/graphql/types/me.js +28 -0
- package/dist/server/graphql/types/me.js.map +1 -0
- package/dist/server/graphql/types/me.mjs +26 -0
- package/dist/server/graphql/types/me.mjs.map +1 -0
- package/dist/server/graphql/types/password-payload.js +20 -0
- package/dist/server/graphql/types/password-payload.js.map +1 -0
- package/dist/server/graphql/types/password-payload.mjs +18 -0
- package/dist/server/graphql/types/password-payload.mjs.map +1 -0
- package/dist/server/graphql/types/register-input.js +22 -0
- package/dist/server/graphql/types/register-input.js.map +1 -0
- package/dist/server/graphql/types/register-input.mjs +20 -0
- package/dist/server/graphql/types/register-input.mjs.map +1 -0
- package/dist/server/graphql/types/update-role-payload.js +20 -0
- package/dist/server/graphql/types/update-role-payload.js.map +1 -0
- package/dist/server/graphql/types/update-role-payload.mjs +18 -0
- package/dist/server/graphql/types/update-role-payload.mjs.map +1 -0
- package/dist/server/graphql/types/user-input.js +26 -0
- package/dist/server/graphql/types/user-input.js.map +1 -0
- package/dist/server/graphql/types/user-input.mjs +24 -0
- package/dist/server/graphql/types/user-input.mjs.map +1 -0
- package/dist/server/graphql/utils.js +32 -0
- package/dist/server/graphql/utils.js.map +1 -0
- package/dist/server/graphql/utils.mjs +30 -0
- package/dist/server/graphql/utils.mjs.map +1 -0
- package/dist/server/index.js +4 -4760
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +2 -4758
- package/dist/server/index.mjs.map +1 -1
- package/dist/server/index2.js +39 -0
- package/dist/server/index2.js.map +1 -0
- package/dist/server/index2.mjs +37 -0
- package/dist/server/index2.mjs.map +1 -0
- package/dist/server/middlewares/index.js +18 -0
- package/dist/server/middlewares/index.js.map +1 -0
- package/dist/server/middlewares/index.mjs +16 -0
- package/dist/server/middlewares/index.mjs.map +1 -0
- package/dist/server/middlewares/rateLimit.js +51 -0
- package/dist/server/middlewares/rateLimit.js.map +1 -0
- package/dist/server/middlewares/rateLimit.mjs +49 -0
- package/dist/server/middlewares/rateLimit.mjs.map +1 -0
- package/dist/server/register.js +41 -0
- package/dist/server/register.js.map +1 -0
- package/dist/server/register.mjs +39 -0
- package/dist/server/register.mjs.map +1 -0
- package/dist/server/routes/admin/index.js +27 -0
- package/dist/server/routes/admin/index.js.map +1 -0
- package/dist/server/routes/admin/index.mjs +25 -0
- package/dist/server/routes/admin/index.mjs.map +1 -0
- package/dist/server/routes/admin/permissions.js +29 -0
- package/dist/server/routes/admin/permissions.js.map +1 -0
- package/dist/server/routes/admin/permissions.mjs +27 -0
- package/dist/server/routes/admin/permissions.mjs.map +1 -0
- package/dist/server/routes/admin/role.js +99 -0
- package/dist/server/routes/admin/role.js.map +1 -0
- package/dist/server/routes/admin/role.mjs +97 -0
- package/dist/server/routes/admin/role.mjs.map +1 -0
- package/dist/server/routes/admin/settings.js +116 -0
- package/dist/server/routes/admin/settings.js.map +1 -0
- package/dist/server/routes/admin/settings.mjs +114 -0
- package/dist/server/routes/admin/settings.mjs.map +1 -0
- package/dist/server/routes/content-api/auth.js +104 -0
- package/dist/server/routes/content-api/auth.js.map +1 -0
- package/dist/server/routes/content-api/auth.mjs +102 -0
- package/dist/server/routes/content-api/auth.mjs.map +1 -0
- package/dist/server/routes/content-api/index.js +30 -0
- package/dist/server/routes/content-api/index.js.map +1 -0
- package/dist/server/routes/content-api/index.mjs +28 -0
- package/dist/server/routes/content-api/index.mjs.map +1 -0
- package/dist/server/routes/content-api/permissions.js +19 -0
- package/dist/server/routes/content-api/permissions.js.map +1 -0
- package/dist/server/routes/content-api/permissions.mjs +17 -0
- package/dist/server/routes/content-api/permissions.mjs.map +1 -0
- package/dist/server/routes/content-api/role.js +39 -0
- package/dist/server/routes/content-api/role.js.map +1 -0
- package/dist/server/routes/content-api/role.mjs +37 -0
- package/dist/server/routes/content-api/role.mjs.map +1 -0
- package/dist/server/routes/content-api/user.js +70 -0
- package/dist/server/routes/content-api/user.js.map +1 -0
- package/dist/server/routes/content-api/user.mjs +68 -0
- package/dist/server/routes/content-api/user.mjs.map +1 -0
- package/dist/server/routes/index.js +19 -0
- package/dist/server/routes/index.js.map +1 -0
- package/dist/server/routes/index.mjs +17 -0
- package/dist/server/routes/index.mjs.map +1 -0
- package/dist/server/services/index.js +36 -0
- package/dist/server/services/index.js.map +1 -0
- package/dist/server/services/index.mjs +34 -0
- package/dist/server/services/index.mjs.map +1 -0
- package/dist/server/services/jwt.js +50 -0
- package/dist/server/services/jwt.js.map +1 -0
- package/dist/server/services/jwt.mjs +48 -0
- package/dist/server/services/jwt.mjs.map +1 -0
- package/dist/server/services/permission.js +52 -0
- package/dist/server/services/permission.js.map +1 -0
- package/dist/server/services/permission.mjs +50 -0
- package/dist/server/services/permission.mjs.map +1 -0
- package/dist/server/services/providers-registry.js +555 -0
- package/dist/server/services/providers-registry.js.map +1 -0
- package/dist/server/services/providers-registry.mjs +553 -0
- package/dist/server/services/providers-registry.mjs.map +1 -0
- package/dist/server/services/providers.js +111 -0
- package/dist/server/services/providers.js.map +1 -0
- package/dist/server/services/providers.mjs +109 -0
- package/dist/server/services/providers.mjs.map +1 -0
- package/dist/server/services/role.js +186 -0
- package/dist/server/services/role.js.map +1 -0
- package/dist/server/services/role.mjs +184 -0
- package/dist/server/services/role.mjs.map +1 -0
- package/dist/server/services/user.js +179 -0
- package/dist/server/services/user.js.map +1 -0
- package/dist/server/services/user.mjs +177 -0
- package/dist/server/services/user.mjs.map +1 -0
- package/dist/server/services/users-permissions.js +247 -0
- package/dist/server/services/users-permissions.js.map +1 -0
- package/dist/server/services/users-permissions.mjs +245 -0
- package/dist/server/services/users-permissions.mjs.map +1 -0
- package/dist/server/strategies/users-permissions.js +114 -0
- package/dist/server/strategies/users-permissions.js.map +1 -0
- package/dist/server/strategies/users-permissions.mjs +112 -0
- package/dist/server/strategies/users-permissions.mjs.map +1 -0
- package/dist/server/utils/index.js +22 -0
- package/dist/server/utils/index.js.map +1 -0
- package/dist/server/utils/index.mjs +20 -0
- package/dist/server/utils/index.mjs.map +1 -0
- package/dist/server/utils/sanitize/index.js +21 -0
- package/dist/server/utils/sanitize/index.js.map +1 -0
- package/dist/server/utils/sanitize/index.mjs +19 -0
- package/dist/server/utils/sanitize/index.mjs.map +1 -0
- package/dist/server/utils/sanitize/sanitizers.js +32 -0
- package/dist/server/utils/sanitize/sanitizers.js.map +1 -0
- package/dist/server/utils/sanitize/sanitizers.mjs +30 -0
- package/dist/server/utils/sanitize/sanitizers.mjs.map +1 -0
- package/dist/server/utils/sanitize/visitors/index.js +17 -0
- package/dist/server/utils/sanitize/visitors/index.js.map +1 -0
- package/dist/server/utils/sanitize/visitors/index.mjs +15 -0
- package/dist/server/utils/sanitize/visitors/index.mjs.map +1 -0
- package/dist/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js +17 -0
- package/dist/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.js.map +1 -0
- package/dist/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.mjs +15 -0
- package/dist/server/utils/sanitize/visitors/remove-user-relation-from-role-entities.mjs.map +1 -0
- package/package.json +3 -3
- package/rollup.config.mjs +15 -48
- package/dist/admin/chunks/ar-BJwjobLp.js.map +0 -1
- package/dist/admin/chunks/ar-G6bUGuUb.mjs.map +0 -1
- package/dist/admin/chunks/cs-Bu59JqhG.mjs.map +0 -1
- package/dist/admin/chunks/cs-uS_SIEo8.js.map +0 -1
- package/dist/admin/chunks/de-7MVMrqqI.js.map +0 -1
- package/dist/admin/chunks/de-B81A69_5.mjs.map +0 -1
- package/dist/admin/chunks/dk-BaelzvBE.mjs.map +0 -1
- package/dist/admin/chunks/dk-DwCLGmy9.js.map +0 -1
- package/dist/admin/chunks/en-BhgCBe7M.mjs.map +0 -1
- package/dist/admin/chunks/en-DwQjkHi_.js.map +0 -1
- package/dist/admin/chunks/es-B0wXmvRj.mjs.map +0 -1
- package/dist/admin/chunks/es-BOJOedG5.js.map +0 -1
- package/dist/admin/chunks/fr-BDNWCNs0.js.map +0 -1
- package/dist/admin/chunks/fr-CGYvGUXg.mjs.map +0 -1
- package/dist/admin/chunks/id-CNzbwFjA.mjs.map +0 -1
- package/dist/admin/chunks/id-UqUPykHZ.js.map +0 -1
- package/dist/admin/chunks/index--_o6btSC.js +0 -471
- package/dist/admin/chunks/index--_o6btSC.js.map +0 -1
- package/dist/admin/chunks/index-BBjNJt_G.mjs +0 -448
- package/dist/admin/chunks/index-BBjNJt_G.mjs.map +0 -1
- package/dist/admin/chunks/index-BgAfLcWs.mjs +0 -1516
- package/dist/admin/chunks/index-BgAfLcWs.mjs.map +0 -1
- package/dist/admin/chunks/index-CHTUC0LM.mjs +0 -718
- package/dist/admin/chunks/index-CHTUC0LM.mjs.map +0 -1
- package/dist/admin/chunks/index-CY5JZ38k.mjs +0 -213
- package/dist/admin/chunks/index-CY5JZ38k.mjs.map +0 -1
- package/dist/admin/chunks/index-Cu1VuLS3.js +0 -741
- package/dist/admin/chunks/index-Cu1VuLS3.js.map +0 -1
- package/dist/admin/chunks/index-Cy-tPfRk.mjs.map +0 -1
- package/dist/admin/chunks/index-DD-Z6c1S.js +0 -217
- package/dist/admin/chunks/index-DD-Z6c1S.js.map +0 -1
- package/dist/admin/chunks/index-DFnYIqrB.js.map +0 -1
- package/dist/admin/chunks/index-DvubCYNe.js +0 -1537
- package/dist/admin/chunks/index-DvubCYNe.js.map +0 -1
- package/dist/admin/chunks/it-B2H2foTf.mjs.map +0 -1
- package/dist/admin/chunks/it-D5VuyoLU.js.map +0 -1
- package/dist/admin/chunks/ja-C0z9d7L9.mjs.map +0 -1
- package/dist/admin/chunks/ja-MpqVsCgs.js.map +0 -1
- package/dist/admin/chunks/ko-Bm-grPSc.js.map +0 -1
- package/dist/admin/chunks/ko-CzUgzpeS.mjs.map +0 -1
- package/dist/admin/chunks/ms-CCacxjim.mjs.map +0 -1
- package/dist/admin/chunks/ms-D7eyBD5H.js.map +0 -1
- package/dist/admin/chunks/nl-BIOwAQtI.js.map +0 -1
- package/dist/admin/chunks/nl-DDC3nZW-.mjs.map +0 -1
- package/dist/admin/chunks/pl-D5BeNrg_.js.map +0 -1
- package/dist/admin/chunks/pl-XkS463rN.mjs.map +0 -1
- package/dist/admin/chunks/pt-BR-8cC7z8Km.mjs.map +0 -1
- package/dist/admin/chunks/pt-BR-DxPBzQGx.js.map +0 -1
- package/dist/admin/chunks/pt-DQpEvio8.mjs.map +0 -1
- package/dist/admin/chunks/pt-kkCwzNvH.js.map +0 -1
- package/dist/admin/chunks/ru-BQ0gHmp3.js.map +0 -1
- package/dist/admin/chunks/ru-nzL_7Mhg.mjs.map +0 -1
- package/dist/admin/chunks/sk-Ddxc_tZA.mjs.map +0 -1
- package/dist/admin/chunks/sk-nVwAPdYC.js.map +0 -1
- package/dist/admin/chunks/sv-BDfk2A-F.js.map +0 -1
- package/dist/admin/chunks/sv-By3RYpMG.mjs.map +0 -1
- package/dist/admin/chunks/th-BtTtpHe2.js.map +0 -1
- package/dist/admin/chunks/th-COl50vqb.mjs.map +0 -1
- package/dist/admin/chunks/tr-80SJU6jg.mjs.map +0 -1
- package/dist/admin/chunks/tr-Di-Nf7cT.js.map +0 -1
- package/dist/admin/chunks/uk-DnrIlPwG.mjs.map +0 -1
- package/dist/admin/chunks/uk-r5zXTAS7.js.map +0 -1
- package/dist/admin/chunks/vi-69AF03Iv.mjs.map +0 -1
- package/dist/admin/chunks/vi-D9cCsHsU.js.map +0 -1
- package/dist/admin/chunks/zh-BzSkqxo-.mjs.map +0 -1
- package/dist/admin/chunks/zh-BzWgJEzz.js.map +0 -1
- package/dist/admin/chunks/zh-Hans-CKqQbpsM.js.map +0 -1
- package/dist/admin/chunks/zh-Hans-DmDcSsp7.mjs.map +0 -1
package/dist/server/index.mjs
CHANGED
|
@@ -1,4761 +1,5 @@
|
|
|
1
|
-
import
|
|
2
|
-
import
|
|
3
|
-
import require$$0 from 'lodash/fp';
|
|
4
|
-
import require$$1 from '@strapi/utils';
|
|
5
|
-
import require$$0$2 from 'crypto';
|
|
6
|
-
import require$$0$3 from 'lodash';
|
|
7
|
-
import require$$3 from 'koa2-ratelimit';
|
|
8
|
-
import require$$1$2 from 'jsonwebtoken';
|
|
9
|
-
import require$$2 from 'url-join';
|
|
10
|
-
import require$$1$3 from 'bcryptjs';
|
|
11
|
-
import require$$0$4 from 'assert';
|
|
12
|
-
import require$$3$1 from 'jwk-to-pem';
|
|
13
|
-
import require$$4 from 'purest';
|
|
14
|
-
import require$$6 from 'grant';
|
|
15
|
-
|
|
16
|
-
function getDefaultExportFromCjs (x) {
|
|
17
|
-
return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
var removeUserRelationFromRoleEntities;
|
|
21
|
-
var hasRequiredRemoveUserRelationFromRoleEntities;
|
|
22
|
-
function requireRemoveUserRelationFromRoleEntities() {
|
|
23
|
-
if (hasRequiredRemoveUserRelationFromRoleEntities) return removeUserRelationFromRoleEntities;
|
|
24
|
-
hasRequiredRemoveUserRelationFromRoleEntities = 1;
|
|
25
|
-
removeUserRelationFromRoleEntities = ({ schema, key, attribute }, { remove })=>{
|
|
26
|
-
if (attribute?.type === 'relation' && attribute?.target === 'plugin::users-permissions.user' && schema.uid === 'plugin::users-permissions.role') {
|
|
27
|
-
remove(key);
|
|
28
|
-
}
|
|
29
|
-
};
|
|
30
|
-
return removeUserRelationFromRoleEntities;
|
|
31
|
-
}
|
|
32
|
-
|
|
33
|
-
var visitors;
|
|
34
|
-
var hasRequiredVisitors;
|
|
35
|
-
function requireVisitors() {
|
|
36
|
-
if (hasRequiredVisitors) return visitors;
|
|
37
|
-
hasRequiredVisitors = 1;
|
|
38
|
-
visitors = {
|
|
39
|
-
removeUserRelationFromRoleEntities: requireRemoveUserRelationFromRoleEntities()
|
|
40
|
-
};
|
|
41
|
-
return visitors;
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
var sanitizers;
|
|
45
|
-
var hasRequiredSanitizers;
|
|
46
|
-
function requireSanitizers() {
|
|
47
|
-
if (hasRequiredSanitizers) return sanitizers;
|
|
48
|
-
hasRequiredSanitizers = 1;
|
|
49
|
-
const { curry } = require$$0;
|
|
50
|
-
const { traverseEntity, async } = require$$1;
|
|
51
|
-
const { removeUserRelationFromRoleEntities } = requireVisitors();
|
|
52
|
-
const sanitizeUserRelationFromRoleEntities = curry((schema, entity)=>{
|
|
53
|
-
return traverseEntity(removeUserRelationFromRoleEntities, {
|
|
54
|
-
schema,
|
|
55
|
-
getModel: strapi.getModel.bind(strapi)
|
|
56
|
-
}, entity);
|
|
57
|
-
});
|
|
58
|
-
const defaultSanitizeOutput = curry((schema, entity)=>{
|
|
59
|
-
return async.pipe(sanitizeUserRelationFromRoleEntities(schema))(entity);
|
|
60
|
-
});
|
|
61
|
-
sanitizers = {
|
|
62
|
-
sanitizeUserRelationFromRoleEntities,
|
|
63
|
-
defaultSanitizeOutput
|
|
64
|
-
};
|
|
65
|
-
return sanitizers;
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
var sanitize;
|
|
69
|
-
var hasRequiredSanitize;
|
|
70
|
-
function requireSanitize() {
|
|
71
|
-
if (hasRequiredSanitize) return sanitize;
|
|
72
|
-
hasRequiredSanitize = 1;
|
|
73
|
-
const visitors = requireVisitors();
|
|
74
|
-
const sanitizers = requireSanitizers();
|
|
75
|
-
sanitize = {
|
|
76
|
-
sanitizers,
|
|
77
|
-
visitors
|
|
78
|
-
};
|
|
79
|
-
return sanitize;
|
|
80
|
-
}
|
|
81
|
-
|
|
82
|
-
var utils$1;
|
|
83
|
-
var hasRequiredUtils$1;
|
|
84
|
-
function requireUtils$1() {
|
|
85
|
-
if (hasRequiredUtils$1) return utils$1;
|
|
86
|
-
hasRequiredUtils$1 = 1;
|
|
87
|
-
const sanitize = requireSanitize();
|
|
88
|
-
const getService = (name)=>{
|
|
89
|
-
return strapi.plugin('users-permissions').service(name);
|
|
90
|
-
};
|
|
91
|
-
utils$1 = {
|
|
92
|
-
getService,
|
|
93
|
-
sanitize
|
|
94
|
-
};
|
|
95
|
-
return utils$1;
|
|
96
|
-
}
|
|
97
|
-
|
|
98
|
-
var usersPermissions$1;
|
|
99
|
-
var hasRequiredUsersPermissions$1;
|
|
100
|
-
function requireUsersPermissions$1() {
|
|
101
|
-
if (hasRequiredUsersPermissions$1) return usersPermissions$1;
|
|
102
|
-
hasRequiredUsersPermissions$1 = 1;
|
|
103
|
-
const { castArray, map, every, pipe } = require$$0;
|
|
104
|
-
const { ForbiddenError, UnauthorizedError } = require$$1.errors;
|
|
105
|
-
const { getService } = requireUtils$1();
|
|
106
|
-
const getAdvancedSettings = ()=>{
|
|
107
|
-
return strapi.store({
|
|
108
|
-
type: 'plugin',
|
|
109
|
-
name: 'users-permissions'
|
|
110
|
-
}).get({
|
|
111
|
-
key: 'advanced'
|
|
112
|
-
});
|
|
113
|
-
};
|
|
114
|
-
const authenticate = async (ctx)=>{
|
|
115
|
-
try {
|
|
116
|
-
const token = await getService('jwt').getToken(ctx);
|
|
117
|
-
if (token) {
|
|
118
|
-
const { id } = token;
|
|
119
|
-
// Invalid token
|
|
120
|
-
if (id === undefined) {
|
|
121
|
-
return {
|
|
122
|
-
authenticated: false
|
|
123
|
-
};
|
|
124
|
-
}
|
|
125
|
-
const user = await getService('user').fetchAuthenticatedUser(id);
|
|
126
|
-
// No user associated to the token
|
|
127
|
-
if (!user) {
|
|
128
|
-
return {
|
|
129
|
-
error: 'Invalid credentials'
|
|
130
|
-
};
|
|
131
|
-
}
|
|
132
|
-
const advancedSettings = await getAdvancedSettings();
|
|
133
|
-
// User not confirmed
|
|
134
|
-
if (advancedSettings.email_confirmation && !user.confirmed) {
|
|
135
|
-
return {
|
|
136
|
-
error: 'Invalid credentials'
|
|
137
|
-
};
|
|
138
|
-
}
|
|
139
|
-
// User blocked
|
|
140
|
-
if (user.blocked) {
|
|
141
|
-
return {
|
|
142
|
-
error: 'Invalid credentials'
|
|
143
|
-
};
|
|
144
|
-
}
|
|
145
|
-
// Fetch user's permissions
|
|
146
|
-
const permissions = await Promise.resolve(user.role.id).then(getService('permission').findRolePermissions).then(map(getService('permission').toContentAPIPermission));
|
|
147
|
-
// Generate an ability (content API engine) based on the given permissions
|
|
148
|
-
const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);
|
|
149
|
-
ctx.state.user = user;
|
|
150
|
-
return {
|
|
151
|
-
authenticated: true,
|
|
152
|
-
credentials: user,
|
|
153
|
-
ability
|
|
154
|
-
};
|
|
155
|
-
}
|
|
156
|
-
const publicPermissions = await getService('permission').findPublicPermissions().then(map(getService('permission').toContentAPIPermission));
|
|
157
|
-
if (publicPermissions.length === 0) {
|
|
158
|
-
return {
|
|
159
|
-
authenticated: false
|
|
160
|
-
};
|
|
161
|
-
}
|
|
162
|
-
const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);
|
|
163
|
-
return {
|
|
164
|
-
authenticated: true,
|
|
165
|
-
credentials: null,
|
|
166
|
-
ability
|
|
167
|
-
};
|
|
168
|
-
} catch (err) {
|
|
169
|
-
return {
|
|
170
|
-
authenticated: false
|
|
171
|
-
};
|
|
172
|
-
}
|
|
173
|
-
};
|
|
174
|
-
const verify = async (auth, config)=>{
|
|
175
|
-
const { credentials: user, ability } = auth;
|
|
176
|
-
if (!config.scope) {
|
|
177
|
-
if (!user) {
|
|
178
|
-
// A non authenticated user cannot access routes that do not have a scope
|
|
179
|
-
throw new UnauthorizedError();
|
|
180
|
-
} else {
|
|
181
|
-
// An authenticated user can access non scoped routes
|
|
182
|
-
return;
|
|
183
|
-
}
|
|
184
|
-
}
|
|
185
|
-
// If no ability have been generated, then consider auth is missing
|
|
186
|
-
if (!ability) {
|
|
187
|
-
throw new UnauthorizedError();
|
|
188
|
-
}
|
|
189
|
-
const isAllowed = pipe(// Make sure we're dealing with an array
|
|
190
|
-
castArray, // Transform the scope array into an action array
|
|
191
|
-
every((scope)=>ability.can(scope)))(config.scope);
|
|
192
|
-
if (!isAllowed) {
|
|
193
|
-
throw new ForbiddenError();
|
|
194
|
-
}
|
|
195
|
-
};
|
|
196
|
-
usersPermissions$1 = {
|
|
197
|
-
name: 'users-permissions',
|
|
198
|
-
authenticate,
|
|
199
|
-
verify
|
|
200
|
-
};
|
|
201
|
-
return usersPermissions$1;
|
|
202
|
-
}
|
|
203
|
-
|
|
204
|
-
var me$1;
|
|
205
|
-
var hasRequiredMe$1;
|
|
206
|
-
function requireMe$1() {
|
|
207
|
-
if (hasRequiredMe$1) return me$1;
|
|
208
|
-
hasRequiredMe$1 = 1;
|
|
209
|
-
me$1 = ({ nexus })=>{
|
|
210
|
-
return nexus.objectType({
|
|
211
|
-
name: 'UsersPermissionsMe',
|
|
212
|
-
definition (t) {
|
|
213
|
-
t.nonNull.id('id');
|
|
214
|
-
t.nonNull.id('documentId');
|
|
215
|
-
t.nonNull.string('username');
|
|
216
|
-
t.string('email');
|
|
217
|
-
t.boolean('confirmed');
|
|
218
|
-
t.boolean('blocked');
|
|
219
|
-
t.field('role', {
|
|
220
|
-
type: 'UsersPermissionsMeRole'
|
|
221
|
-
});
|
|
222
|
-
}
|
|
223
|
-
});
|
|
224
|
-
};
|
|
225
|
-
return me$1;
|
|
226
|
-
}
|
|
227
|
-
|
|
228
|
-
var meRole;
|
|
229
|
-
var hasRequiredMeRole;
|
|
230
|
-
function requireMeRole() {
|
|
231
|
-
if (hasRequiredMeRole) return meRole;
|
|
232
|
-
hasRequiredMeRole = 1;
|
|
233
|
-
meRole = ({ nexus })=>{
|
|
234
|
-
return nexus.objectType({
|
|
235
|
-
name: 'UsersPermissionsMeRole',
|
|
236
|
-
definition (t) {
|
|
237
|
-
t.nonNull.id('id');
|
|
238
|
-
t.nonNull.string('name');
|
|
239
|
-
t.string('description');
|
|
240
|
-
t.string('type');
|
|
241
|
-
}
|
|
242
|
-
});
|
|
243
|
-
};
|
|
244
|
-
return meRole;
|
|
245
|
-
}
|
|
246
|
-
|
|
247
|
-
var registerInput;
|
|
248
|
-
var hasRequiredRegisterInput;
|
|
249
|
-
function requireRegisterInput() {
|
|
250
|
-
if (hasRequiredRegisterInput) return registerInput;
|
|
251
|
-
hasRequiredRegisterInput = 1;
|
|
252
|
-
registerInput = ({ nexus })=>{
|
|
253
|
-
return nexus.inputObjectType({
|
|
254
|
-
name: 'UsersPermissionsRegisterInput',
|
|
255
|
-
definition (t) {
|
|
256
|
-
t.nonNull.string('username');
|
|
257
|
-
t.nonNull.string('email');
|
|
258
|
-
t.nonNull.string('password');
|
|
259
|
-
}
|
|
260
|
-
});
|
|
261
|
-
};
|
|
262
|
-
return registerInput;
|
|
263
|
-
}
|
|
264
|
-
|
|
265
|
-
var loginInput;
|
|
266
|
-
var hasRequiredLoginInput;
|
|
267
|
-
function requireLoginInput() {
|
|
268
|
-
if (hasRequiredLoginInput) return loginInput;
|
|
269
|
-
hasRequiredLoginInput = 1;
|
|
270
|
-
loginInput = ({ nexus })=>{
|
|
271
|
-
return nexus.inputObjectType({
|
|
272
|
-
name: 'UsersPermissionsLoginInput',
|
|
273
|
-
definition (t) {
|
|
274
|
-
t.nonNull.string('identifier');
|
|
275
|
-
t.nonNull.string('password');
|
|
276
|
-
t.nonNull.string('provider', {
|
|
277
|
-
default: 'local'
|
|
278
|
-
});
|
|
279
|
-
}
|
|
280
|
-
});
|
|
281
|
-
};
|
|
282
|
-
return loginInput;
|
|
283
|
-
}
|
|
284
|
-
|
|
285
|
-
var passwordPayload;
|
|
286
|
-
var hasRequiredPasswordPayload;
|
|
287
|
-
function requirePasswordPayload() {
|
|
288
|
-
if (hasRequiredPasswordPayload) return passwordPayload;
|
|
289
|
-
hasRequiredPasswordPayload = 1;
|
|
290
|
-
passwordPayload = ({ nexus })=>{
|
|
291
|
-
return nexus.objectType({
|
|
292
|
-
name: 'UsersPermissionsPasswordPayload',
|
|
293
|
-
definition (t) {
|
|
294
|
-
t.nonNull.boolean('ok');
|
|
295
|
-
}
|
|
296
|
-
});
|
|
297
|
-
};
|
|
298
|
-
return passwordPayload;
|
|
299
|
-
}
|
|
300
|
-
|
|
301
|
-
var loginPayload;
|
|
302
|
-
var hasRequiredLoginPayload;
|
|
303
|
-
function requireLoginPayload() {
|
|
304
|
-
if (hasRequiredLoginPayload) return loginPayload;
|
|
305
|
-
hasRequiredLoginPayload = 1;
|
|
306
|
-
loginPayload = ({ nexus })=>{
|
|
307
|
-
return nexus.objectType({
|
|
308
|
-
name: 'UsersPermissionsLoginPayload',
|
|
309
|
-
definition (t) {
|
|
310
|
-
t.string('jwt');
|
|
311
|
-
t.nonNull.field('user', {
|
|
312
|
-
type: 'UsersPermissionsMe'
|
|
313
|
-
});
|
|
314
|
-
}
|
|
315
|
-
});
|
|
316
|
-
};
|
|
317
|
-
return loginPayload;
|
|
318
|
-
}
|
|
319
|
-
|
|
320
|
-
var createRolePayload;
|
|
321
|
-
var hasRequiredCreateRolePayload;
|
|
322
|
-
function requireCreateRolePayload() {
|
|
323
|
-
if (hasRequiredCreateRolePayload) return createRolePayload;
|
|
324
|
-
hasRequiredCreateRolePayload = 1;
|
|
325
|
-
createRolePayload = ({ nexus })=>{
|
|
326
|
-
return nexus.objectType({
|
|
327
|
-
name: 'UsersPermissionsCreateRolePayload',
|
|
328
|
-
definition (t) {
|
|
329
|
-
t.nonNull.boolean('ok');
|
|
330
|
-
}
|
|
331
|
-
});
|
|
332
|
-
};
|
|
333
|
-
return createRolePayload;
|
|
334
|
-
}
|
|
335
|
-
|
|
336
|
-
var updateRolePayload;
|
|
337
|
-
var hasRequiredUpdateRolePayload;
|
|
338
|
-
function requireUpdateRolePayload() {
|
|
339
|
-
if (hasRequiredUpdateRolePayload) return updateRolePayload;
|
|
340
|
-
hasRequiredUpdateRolePayload = 1;
|
|
341
|
-
updateRolePayload = ({ nexus })=>{
|
|
342
|
-
return nexus.objectType({
|
|
343
|
-
name: 'UsersPermissionsUpdateRolePayload',
|
|
344
|
-
definition (t) {
|
|
345
|
-
t.nonNull.boolean('ok');
|
|
346
|
-
}
|
|
347
|
-
});
|
|
348
|
-
};
|
|
349
|
-
return updateRolePayload;
|
|
350
|
-
}
|
|
351
|
-
|
|
352
|
-
var deleteRolePayload;
|
|
353
|
-
var hasRequiredDeleteRolePayload;
|
|
354
|
-
function requireDeleteRolePayload() {
|
|
355
|
-
if (hasRequiredDeleteRolePayload) return deleteRolePayload;
|
|
356
|
-
hasRequiredDeleteRolePayload = 1;
|
|
357
|
-
deleteRolePayload = ({ nexus })=>{
|
|
358
|
-
return nexus.objectType({
|
|
359
|
-
name: 'UsersPermissionsDeleteRolePayload',
|
|
360
|
-
definition (t) {
|
|
361
|
-
t.nonNull.boolean('ok');
|
|
362
|
-
}
|
|
363
|
-
});
|
|
364
|
-
};
|
|
365
|
-
return deleteRolePayload;
|
|
366
|
-
}
|
|
367
|
-
|
|
368
|
-
var userInput;
|
|
369
|
-
var hasRequiredUserInput;
|
|
370
|
-
function requireUserInput() {
|
|
371
|
-
if (hasRequiredUserInput) return userInput;
|
|
372
|
-
hasRequiredUserInput = 1;
|
|
373
|
-
const usersPermissionsUserUID = 'plugin::users-permissions.user';
|
|
374
|
-
userInput = ({ nexus, strapi })=>{
|
|
375
|
-
const { getContentTypeInputName } = strapi.plugin('graphql').service('utils').naming;
|
|
376
|
-
const userContentType = strapi.getModel(usersPermissionsUserUID);
|
|
377
|
-
const userInputName = getContentTypeInputName(userContentType);
|
|
378
|
-
return nexus.extendInputType({
|
|
379
|
-
type: userInputName,
|
|
380
|
-
definition (t) {
|
|
381
|
-
// Manually add the private password field back to the data
|
|
382
|
-
// input type as it is used for CRUD operations on users
|
|
383
|
-
t.string('password');
|
|
384
|
-
}
|
|
385
|
-
});
|
|
386
|
-
};
|
|
387
|
-
return userInput;
|
|
388
|
-
}
|
|
389
|
-
|
|
390
|
-
var types;
|
|
391
|
-
var hasRequiredTypes;
|
|
392
|
-
function requireTypes() {
|
|
393
|
-
if (hasRequiredTypes) return types;
|
|
394
|
-
hasRequiredTypes = 1;
|
|
395
|
-
const typesFactories = [
|
|
396
|
-
requireMe$1(),
|
|
397
|
-
requireMeRole(),
|
|
398
|
-
requireRegisterInput(),
|
|
399
|
-
requireLoginInput(),
|
|
400
|
-
requirePasswordPayload(),
|
|
401
|
-
requireLoginPayload(),
|
|
402
|
-
requireCreateRolePayload(),
|
|
403
|
-
requireUpdateRolePayload(),
|
|
404
|
-
requireDeleteRolePayload(),
|
|
405
|
-
requireUserInput()
|
|
406
|
-
];
|
|
407
|
-
/**
|
|
408
|
-
* @param {object} context
|
|
409
|
-
* @param {object} context.nexus
|
|
410
|
-
* @param {object} context.strapi
|
|
411
|
-
* @return {any[]}
|
|
412
|
-
*/ types = (context)=>typesFactories.map((factory)=>factory(context));
|
|
413
|
-
return types;
|
|
414
|
-
}
|
|
415
|
-
|
|
416
|
-
var me;
|
|
417
|
-
var hasRequiredMe;
|
|
418
|
-
function requireMe() {
|
|
419
|
-
if (hasRequiredMe) return me;
|
|
420
|
-
hasRequiredMe = 1;
|
|
421
|
-
me = ()=>({
|
|
422
|
-
type: 'UsersPermissionsMe',
|
|
423
|
-
args: {},
|
|
424
|
-
resolve (parent, args, context) {
|
|
425
|
-
const { user } = context.state;
|
|
426
|
-
if (!user) {
|
|
427
|
-
throw new Error('Authentication requested');
|
|
428
|
-
}
|
|
429
|
-
return user;
|
|
430
|
-
}
|
|
431
|
-
});
|
|
432
|
-
return me;
|
|
433
|
-
}
|
|
434
|
-
|
|
435
|
-
var queries;
|
|
436
|
-
var hasRequiredQueries;
|
|
437
|
-
function requireQueries() {
|
|
438
|
-
if (hasRequiredQueries) return queries;
|
|
439
|
-
hasRequiredQueries = 1;
|
|
440
|
-
const me = requireMe();
|
|
441
|
-
queries = ({ nexus })=>{
|
|
442
|
-
return nexus.extendType({
|
|
443
|
-
type: 'Query',
|
|
444
|
-
definition (t) {
|
|
445
|
-
t.field('me', me({
|
|
446
|
-
nexus
|
|
447
|
-
}));
|
|
448
|
-
}
|
|
449
|
-
});
|
|
450
|
-
};
|
|
451
|
-
return queries;
|
|
452
|
-
}
|
|
453
|
-
|
|
454
|
-
var createRole;
|
|
455
|
-
var hasRequiredCreateRole;
|
|
456
|
-
function requireCreateRole() {
|
|
457
|
-
if (hasRequiredCreateRole) return createRole;
|
|
458
|
-
hasRequiredCreateRole = 1;
|
|
459
|
-
const { toPlainObject } = require$$0;
|
|
460
|
-
const usersPermissionsRoleUID = 'plugin::users-permissions.role';
|
|
461
|
-
createRole = ({ nexus, strapi })=>{
|
|
462
|
-
const { getContentTypeInputName } = strapi.plugin('graphql').service('utils').naming;
|
|
463
|
-
const { nonNull } = nexus;
|
|
464
|
-
const roleContentType = strapi.getModel(usersPermissionsRoleUID);
|
|
465
|
-
const roleInputName = getContentTypeInputName(roleContentType);
|
|
466
|
-
return {
|
|
467
|
-
type: 'UsersPermissionsCreateRolePayload',
|
|
468
|
-
args: {
|
|
469
|
-
data: nonNull(roleInputName)
|
|
470
|
-
},
|
|
471
|
-
description: 'Create a new role',
|
|
472
|
-
async resolve (parent, args, context) {
|
|
473
|
-
const { koaContext } = context;
|
|
474
|
-
koaContext.request.body = toPlainObject(args.data);
|
|
475
|
-
await strapi.plugin('users-permissions').controller('role').createRole(koaContext);
|
|
476
|
-
return {
|
|
477
|
-
ok: true
|
|
478
|
-
};
|
|
479
|
-
}
|
|
480
|
-
};
|
|
481
|
-
};
|
|
482
|
-
return createRole;
|
|
483
|
-
}
|
|
484
|
-
|
|
485
|
-
var updateRole;
|
|
486
|
-
var hasRequiredUpdateRole;
|
|
487
|
-
function requireUpdateRole() {
|
|
488
|
-
if (hasRequiredUpdateRole) return updateRole;
|
|
489
|
-
hasRequiredUpdateRole = 1;
|
|
490
|
-
const usersPermissionsRoleUID = 'plugin::users-permissions.role';
|
|
491
|
-
updateRole = ({ nexus, strapi })=>{
|
|
492
|
-
const { getContentTypeInputName } = strapi.plugin('graphql').service('utils').naming;
|
|
493
|
-
const { nonNull } = nexus;
|
|
494
|
-
const roleContentType = strapi.getModel(usersPermissionsRoleUID);
|
|
495
|
-
const roleInputName = getContentTypeInputName(roleContentType);
|
|
496
|
-
return {
|
|
497
|
-
type: 'UsersPermissionsUpdateRolePayload',
|
|
498
|
-
args: {
|
|
499
|
-
id: nonNull('ID'),
|
|
500
|
-
data: nonNull(roleInputName)
|
|
501
|
-
},
|
|
502
|
-
description: 'Update an existing role',
|
|
503
|
-
async resolve (parent, args, context) {
|
|
504
|
-
const { koaContext } = context;
|
|
505
|
-
koaContext.params = {
|
|
506
|
-
role: args.id
|
|
507
|
-
};
|
|
508
|
-
koaContext.request.body = args.data;
|
|
509
|
-
koaContext.request.body.role = args.id;
|
|
510
|
-
await strapi.plugin('users-permissions').controller('role').updateRole(koaContext);
|
|
511
|
-
return {
|
|
512
|
-
ok: true
|
|
513
|
-
};
|
|
514
|
-
}
|
|
515
|
-
};
|
|
516
|
-
};
|
|
517
|
-
return updateRole;
|
|
518
|
-
}
|
|
519
|
-
|
|
520
|
-
var deleteRole;
|
|
521
|
-
var hasRequiredDeleteRole;
|
|
522
|
-
function requireDeleteRole() {
|
|
523
|
-
if (hasRequiredDeleteRole) return deleteRole;
|
|
524
|
-
hasRequiredDeleteRole = 1;
|
|
525
|
-
deleteRole = ({ nexus, strapi })=>{
|
|
526
|
-
const { nonNull } = nexus;
|
|
527
|
-
return {
|
|
528
|
-
type: 'UsersPermissionsDeleteRolePayload',
|
|
529
|
-
args: {
|
|
530
|
-
id: nonNull('ID')
|
|
531
|
-
},
|
|
532
|
-
description: 'Delete an existing role',
|
|
533
|
-
async resolve (parent, args, context) {
|
|
534
|
-
const { koaContext } = context;
|
|
535
|
-
koaContext.params = {
|
|
536
|
-
role: args.id
|
|
537
|
-
};
|
|
538
|
-
await strapi.plugin('users-permissions').controller('role').deleteRole(koaContext);
|
|
539
|
-
return {
|
|
540
|
-
ok: true
|
|
541
|
-
};
|
|
542
|
-
}
|
|
543
|
-
};
|
|
544
|
-
};
|
|
545
|
-
return deleteRole;
|
|
546
|
-
}
|
|
547
|
-
|
|
548
|
-
var utils;
|
|
549
|
-
var hasRequiredUtils;
|
|
550
|
-
function requireUtils() {
|
|
551
|
-
if (hasRequiredUtils) return utils;
|
|
552
|
-
hasRequiredUtils = 1;
|
|
553
|
-
const { getOr } = require$$0;
|
|
554
|
-
/**
|
|
555
|
-
* Throws an ApolloError if context body contains a bad request
|
|
556
|
-
* @param contextBody - body of the context object given to the resolver
|
|
557
|
-
* @throws ApolloError if the body is a bad request
|
|
558
|
-
*/ function checkBadRequest(contextBody) {
|
|
559
|
-
const statusCode = getOr(200, 'statusCode', contextBody);
|
|
560
|
-
if (statusCode !== 200) {
|
|
561
|
-
const errorMessage = getOr('Bad Request', 'error', contextBody);
|
|
562
|
-
const exception = new Error(errorMessage);
|
|
563
|
-
exception.code = statusCode || 400;
|
|
564
|
-
exception.data = contextBody;
|
|
565
|
-
throw exception;
|
|
566
|
-
}
|
|
567
|
-
}
|
|
568
|
-
utils = {
|
|
569
|
-
checkBadRequest
|
|
570
|
-
};
|
|
571
|
-
return utils;
|
|
572
|
-
}
|
|
573
|
-
|
|
574
|
-
var createUser;
|
|
575
|
-
var hasRequiredCreateUser;
|
|
576
|
-
function requireCreateUser() {
|
|
577
|
-
if (hasRequiredCreateUser) return createUser;
|
|
578
|
-
hasRequiredCreateUser = 1;
|
|
579
|
-
const { toPlainObject } = require$$0;
|
|
580
|
-
const { checkBadRequest } = requireUtils();
|
|
581
|
-
const usersPermissionsUserUID = 'plugin::users-permissions.user';
|
|
582
|
-
createUser = ({ nexus, strapi })=>{
|
|
583
|
-
const { nonNull } = nexus;
|
|
584
|
-
const { getContentTypeInputName, getEntityResponseName } = strapi.plugin('graphql').service('utils').naming;
|
|
585
|
-
const userContentType = strapi.getModel(usersPermissionsUserUID);
|
|
586
|
-
const userInputName = getContentTypeInputName(userContentType);
|
|
587
|
-
const responseName = getEntityResponseName(userContentType);
|
|
588
|
-
return {
|
|
589
|
-
type: nonNull(responseName),
|
|
590
|
-
args: {
|
|
591
|
-
data: nonNull(userInputName)
|
|
592
|
-
},
|
|
593
|
-
description: 'Create a new user',
|
|
594
|
-
async resolve (parent, args, context) {
|
|
595
|
-
const { koaContext } = context;
|
|
596
|
-
koaContext.params = {};
|
|
597
|
-
koaContext.request.body = toPlainObject(args.data);
|
|
598
|
-
await strapi.plugin('users-permissions').controller('user').create(koaContext);
|
|
599
|
-
checkBadRequest(koaContext.body);
|
|
600
|
-
return {
|
|
601
|
-
value: koaContext.body,
|
|
602
|
-
info: {
|
|
603
|
-
args,
|
|
604
|
-
resourceUID: 'plugin::users-permissions.user'
|
|
605
|
-
}
|
|
606
|
-
};
|
|
607
|
-
}
|
|
608
|
-
};
|
|
609
|
-
};
|
|
610
|
-
return createUser;
|
|
611
|
-
}
|
|
612
|
-
|
|
613
|
-
var updateUser;
|
|
614
|
-
var hasRequiredUpdateUser;
|
|
615
|
-
function requireUpdateUser() {
|
|
616
|
-
if (hasRequiredUpdateUser) return updateUser;
|
|
617
|
-
hasRequiredUpdateUser = 1;
|
|
618
|
-
const { toPlainObject } = require$$0;
|
|
619
|
-
const { checkBadRequest } = requireUtils();
|
|
620
|
-
const usersPermissionsUserUID = 'plugin::users-permissions.user';
|
|
621
|
-
updateUser = ({ nexus, strapi })=>{
|
|
622
|
-
const { nonNull } = nexus;
|
|
623
|
-
const { getContentTypeInputName, getEntityResponseName } = strapi.plugin('graphql').service('utils').naming;
|
|
624
|
-
const userContentType = strapi.getModel(usersPermissionsUserUID);
|
|
625
|
-
const userInputName = getContentTypeInputName(userContentType);
|
|
626
|
-
const responseName = getEntityResponseName(userContentType);
|
|
627
|
-
return {
|
|
628
|
-
type: nonNull(responseName),
|
|
629
|
-
args: {
|
|
630
|
-
id: nonNull('ID'),
|
|
631
|
-
data: nonNull(userInputName)
|
|
632
|
-
},
|
|
633
|
-
description: 'Update an existing user',
|
|
634
|
-
async resolve (parent, args, context) {
|
|
635
|
-
const { koaContext } = context;
|
|
636
|
-
koaContext.params = {
|
|
637
|
-
id: args.id
|
|
638
|
-
};
|
|
639
|
-
koaContext.request.body = toPlainObject(args.data);
|
|
640
|
-
await strapi.plugin('users-permissions').controller('user').update(koaContext);
|
|
641
|
-
checkBadRequest(koaContext.body);
|
|
642
|
-
return {
|
|
643
|
-
value: koaContext.body,
|
|
644
|
-
info: {
|
|
645
|
-
args,
|
|
646
|
-
resourceUID: 'plugin::users-permissions.user'
|
|
647
|
-
}
|
|
648
|
-
};
|
|
649
|
-
}
|
|
650
|
-
};
|
|
651
|
-
};
|
|
652
|
-
return updateUser;
|
|
653
|
-
}
|
|
654
|
-
|
|
655
|
-
var deleteUser;
|
|
656
|
-
var hasRequiredDeleteUser;
|
|
657
|
-
function requireDeleteUser() {
|
|
658
|
-
if (hasRequiredDeleteUser) return deleteUser;
|
|
659
|
-
hasRequiredDeleteUser = 1;
|
|
660
|
-
const { checkBadRequest } = requireUtils();
|
|
661
|
-
const usersPermissionsUserUID = 'plugin::users-permissions.user';
|
|
662
|
-
deleteUser = ({ nexus, strapi })=>{
|
|
663
|
-
const { nonNull } = nexus;
|
|
664
|
-
const { getEntityResponseName } = strapi.plugin('graphql').service('utils').naming;
|
|
665
|
-
const userContentType = strapi.getModel(usersPermissionsUserUID);
|
|
666
|
-
const responseName = getEntityResponseName(userContentType);
|
|
667
|
-
return {
|
|
668
|
-
type: nonNull(responseName),
|
|
669
|
-
args: {
|
|
670
|
-
id: nonNull('ID')
|
|
671
|
-
},
|
|
672
|
-
description: 'Delete an existing user',
|
|
673
|
-
async resolve (parent, args, context) {
|
|
674
|
-
const { koaContext } = context;
|
|
675
|
-
koaContext.params = {
|
|
676
|
-
id: args.id
|
|
677
|
-
};
|
|
678
|
-
await strapi.plugin('users-permissions').controller('user').destroy(koaContext);
|
|
679
|
-
checkBadRequest(koaContext.body);
|
|
680
|
-
return {
|
|
681
|
-
value: koaContext.body,
|
|
682
|
-
info: {
|
|
683
|
-
args,
|
|
684
|
-
resourceUID: 'plugin::users-permissions.user'
|
|
685
|
-
}
|
|
686
|
-
};
|
|
687
|
-
}
|
|
688
|
-
};
|
|
689
|
-
};
|
|
690
|
-
return deleteUser;
|
|
691
|
-
}
|
|
692
|
-
|
|
693
|
-
var login;
|
|
694
|
-
var hasRequiredLogin;
|
|
695
|
-
function requireLogin() {
|
|
696
|
-
if (hasRequiredLogin) return login;
|
|
697
|
-
hasRequiredLogin = 1;
|
|
698
|
-
const { toPlainObject } = require$$0;
|
|
699
|
-
const { checkBadRequest } = requireUtils();
|
|
700
|
-
login = ({ nexus, strapi })=>{
|
|
701
|
-
const { nonNull } = nexus;
|
|
702
|
-
return {
|
|
703
|
-
type: nonNull('UsersPermissionsLoginPayload'),
|
|
704
|
-
args: {
|
|
705
|
-
input: nonNull('UsersPermissionsLoginInput')
|
|
706
|
-
},
|
|
707
|
-
async resolve (parent, args, context) {
|
|
708
|
-
const { koaContext } = context;
|
|
709
|
-
koaContext.params = {
|
|
710
|
-
provider: args.input.provider
|
|
711
|
-
};
|
|
712
|
-
koaContext.request.body = toPlainObject(args.input);
|
|
713
|
-
await strapi.plugin('users-permissions').controller('auth').callback(koaContext);
|
|
714
|
-
const output = koaContext.body;
|
|
715
|
-
checkBadRequest(output);
|
|
716
|
-
return {
|
|
717
|
-
user: output.user || output,
|
|
718
|
-
jwt: output.jwt
|
|
719
|
-
};
|
|
720
|
-
}
|
|
721
|
-
};
|
|
722
|
-
};
|
|
723
|
-
return login;
|
|
724
|
-
}
|
|
725
|
-
|
|
726
|
-
var register$1;
|
|
727
|
-
var hasRequiredRegister$1;
|
|
728
|
-
function requireRegister$1() {
|
|
729
|
-
if (hasRequiredRegister$1) return register$1;
|
|
730
|
-
hasRequiredRegister$1 = 1;
|
|
731
|
-
const { toPlainObject } = require$$0;
|
|
732
|
-
const { checkBadRequest } = requireUtils();
|
|
733
|
-
register$1 = ({ nexus, strapi })=>{
|
|
734
|
-
const { nonNull } = nexus;
|
|
735
|
-
return {
|
|
736
|
-
type: nonNull('UsersPermissionsLoginPayload'),
|
|
737
|
-
args: {
|
|
738
|
-
input: nonNull('UsersPermissionsRegisterInput')
|
|
739
|
-
},
|
|
740
|
-
description: 'Register a user',
|
|
741
|
-
async resolve (parent, args, context) {
|
|
742
|
-
const { koaContext } = context;
|
|
743
|
-
koaContext.request.body = toPlainObject(args.input);
|
|
744
|
-
await strapi.plugin('users-permissions').controller('auth').register(koaContext);
|
|
745
|
-
const output = koaContext.body;
|
|
746
|
-
checkBadRequest(output);
|
|
747
|
-
return {
|
|
748
|
-
user: output.user || output,
|
|
749
|
-
jwt: output.jwt
|
|
750
|
-
};
|
|
751
|
-
}
|
|
752
|
-
};
|
|
753
|
-
};
|
|
754
|
-
return register$1;
|
|
755
|
-
}
|
|
756
|
-
|
|
757
|
-
var forgotPassword;
|
|
758
|
-
var hasRequiredForgotPassword;
|
|
759
|
-
function requireForgotPassword() {
|
|
760
|
-
if (hasRequiredForgotPassword) return forgotPassword;
|
|
761
|
-
hasRequiredForgotPassword = 1;
|
|
762
|
-
const { toPlainObject } = require$$0;
|
|
763
|
-
const { checkBadRequest } = requireUtils();
|
|
764
|
-
forgotPassword = ({ nexus, strapi })=>{
|
|
765
|
-
const { nonNull } = nexus;
|
|
766
|
-
return {
|
|
767
|
-
type: 'UsersPermissionsPasswordPayload',
|
|
768
|
-
args: {
|
|
769
|
-
email: nonNull('String')
|
|
770
|
-
},
|
|
771
|
-
description: 'Request a reset password token',
|
|
772
|
-
async resolve (parent, args, context) {
|
|
773
|
-
const { koaContext } = context;
|
|
774
|
-
koaContext.request.body = toPlainObject(args);
|
|
775
|
-
await strapi.plugin('users-permissions').controller('auth').forgotPassword(koaContext);
|
|
776
|
-
const output = koaContext.body;
|
|
777
|
-
checkBadRequest(output);
|
|
778
|
-
return {
|
|
779
|
-
ok: output.ok || output
|
|
780
|
-
};
|
|
781
|
-
}
|
|
782
|
-
};
|
|
783
|
-
};
|
|
784
|
-
return forgotPassword;
|
|
785
|
-
}
|
|
786
|
-
|
|
787
|
-
var resetPassword;
|
|
788
|
-
var hasRequiredResetPassword;
|
|
789
|
-
function requireResetPassword() {
|
|
790
|
-
if (hasRequiredResetPassword) return resetPassword;
|
|
791
|
-
hasRequiredResetPassword = 1;
|
|
792
|
-
const { toPlainObject } = require$$0;
|
|
793
|
-
const { checkBadRequest } = requireUtils();
|
|
794
|
-
resetPassword = ({ nexus, strapi })=>{
|
|
795
|
-
const { nonNull } = nexus;
|
|
796
|
-
return {
|
|
797
|
-
type: 'UsersPermissionsLoginPayload',
|
|
798
|
-
args: {
|
|
799
|
-
password: nonNull('String'),
|
|
800
|
-
passwordConfirmation: nonNull('String'),
|
|
801
|
-
code: nonNull('String')
|
|
802
|
-
},
|
|
803
|
-
description: 'Reset user password. Confirm with a code (resetToken from forgotPassword)',
|
|
804
|
-
async resolve (parent, args, context) {
|
|
805
|
-
const { koaContext } = context;
|
|
806
|
-
koaContext.request.body = toPlainObject(args);
|
|
807
|
-
await strapi.plugin('users-permissions').controller('auth').resetPassword(koaContext);
|
|
808
|
-
const output = koaContext.body;
|
|
809
|
-
checkBadRequest(output);
|
|
810
|
-
return {
|
|
811
|
-
user: output.user || output,
|
|
812
|
-
jwt: output.jwt
|
|
813
|
-
};
|
|
814
|
-
}
|
|
815
|
-
};
|
|
816
|
-
};
|
|
817
|
-
return resetPassword;
|
|
818
|
-
}
|
|
819
|
-
|
|
820
|
-
var changePassword;
|
|
821
|
-
var hasRequiredChangePassword;
|
|
822
|
-
function requireChangePassword() {
|
|
823
|
-
if (hasRequiredChangePassword) return changePassword;
|
|
824
|
-
hasRequiredChangePassword = 1;
|
|
825
|
-
const { toPlainObject } = require$$0;
|
|
826
|
-
const { checkBadRequest } = requireUtils();
|
|
827
|
-
changePassword = ({ nexus, strapi })=>{
|
|
828
|
-
const { nonNull } = nexus;
|
|
829
|
-
return {
|
|
830
|
-
type: 'UsersPermissionsLoginPayload',
|
|
831
|
-
args: {
|
|
832
|
-
currentPassword: nonNull('String'),
|
|
833
|
-
password: nonNull('String'),
|
|
834
|
-
passwordConfirmation: nonNull('String')
|
|
835
|
-
},
|
|
836
|
-
description: 'Change user password. Confirm with the current password.',
|
|
837
|
-
async resolve (parent, args, context) {
|
|
838
|
-
const { koaContext } = context;
|
|
839
|
-
koaContext.request.body = toPlainObject(args);
|
|
840
|
-
await strapi.plugin('users-permissions').controller('auth').changePassword(koaContext);
|
|
841
|
-
const output = koaContext.body;
|
|
842
|
-
checkBadRequest(output);
|
|
843
|
-
return {
|
|
844
|
-
user: output.user || output,
|
|
845
|
-
jwt: output.jwt
|
|
846
|
-
};
|
|
847
|
-
}
|
|
848
|
-
};
|
|
849
|
-
};
|
|
850
|
-
return changePassword;
|
|
851
|
-
}
|
|
852
|
-
|
|
853
|
-
var emailConfirmation;
|
|
854
|
-
var hasRequiredEmailConfirmation;
|
|
855
|
-
function requireEmailConfirmation() {
|
|
856
|
-
if (hasRequiredEmailConfirmation) return emailConfirmation;
|
|
857
|
-
hasRequiredEmailConfirmation = 1;
|
|
858
|
-
const { toPlainObject } = require$$0;
|
|
859
|
-
const { checkBadRequest } = requireUtils();
|
|
860
|
-
emailConfirmation = ({ nexus, strapi })=>{
|
|
861
|
-
const { nonNull } = nexus;
|
|
862
|
-
return {
|
|
863
|
-
type: 'UsersPermissionsLoginPayload',
|
|
864
|
-
args: {
|
|
865
|
-
confirmation: nonNull('String')
|
|
866
|
-
},
|
|
867
|
-
description: 'Confirm an email users email address',
|
|
868
|
-
async resolve (parent, args, context) {
|
|
869
|
-
const { koaContext } = context;
|
|
870
|
-
koaContext.query = toPlainObject(args);
|
|
871
|
-
await strapi.plugin('users-permissions').controller('auth').emailConfirmation(koaContext, null, true);
|
|
872
|
-
const output = koaContext.body;
|
|
873
|
-
checkBadRequest(output);
|
|
874
|
-
return {
|
|
875
|
-
user: output.user || output,
|
|
876
|
-
jwt: output.jwt
|
|
877
|
-
};
|
|
878
|
-
}
|
|
879
|
-
};
|
|
880
|
-
};
|
|
881
|
-
return emailConfirmation;
|
|
882
|
-
}
|
|
883
|
-
|
|
884
|
-
var mutations;
|
|
885
|
-
var hasRequiredMutations;
|
|
886
|
-
function requireMutations() {
|
|
887
|
-
if (hasRequiredMutations) return mutations;
|
|
888
|
-
hasRequiredMutations = 1;
|
|
889
|
-
const userUID = 'plugin::users-permissions.user';
|
|
890
|
-
const roleUID = 'plugin::users-permissions.role';
|
|
891
|
-
mutations = (context)=>{
|
|
892
|
-
const { nexus, strapi } = context;
|
|
893
|
-
const { naming } = strapi.plugin('graphql').service('utils');
|
|
894
|
-
const user = strapi.getModel(userUID);
|
|
895
|
-
const role = strapi.getModel(roleUID);
|
|
896
|
-
const mutations = {
|
|
897
|
-
// CRUD (user & role)
|
|
898
|
-
[naming.getCreateMutationTypeName(role)]: requireCreateRole(),
|
|
899
|
-
[naming.getUpdateMutationTypeName(role)]: requireUpdateRole(),
|
|
900
|
-
[naming.getDeleteMutationTypeName(role)]: requireDeleteRole(),
|
|
901
|
-
[naming.getCreateMutationTypeName(user)]: requireCreateUser(),
|
|
902
|
-
[naming.getUpdateMutationTypeName(user)]: requireUpdateUser(),
|
|
903
|
-
[naming.getDeleteMutationTypeName(user)]: requireDeleteUser(),
|
|
904
|
-
// Other mutations
|
|
905
|
-
login: requireLogin(),
|
|
906
|
-
register: requireRegister$1(),
|
|
907
|
-
forgotPassword: requireForgotPassword(),
|
|
908
|
-
resetPassword: requireResetPassword(),
|
|
909
|
-
changePassword: requireChangePassword(),
|
|
910
|
-
emailConfirmation: requireEmailConfirmation()
|
|
911
|
-
};
|
|
912
|
-
return nexus.extendType({
|
|
913
|
-
type: 'Mutation',
|
|
914
|
-
definition (t) {
|
|
915
|
-
for (const [name, getConfig] of Object.entries(mutations)){
|
|
916
|
-
const config = getConfig(context);
|
|
917
|
-
t.field(name, config);
|
|
918
|
-
}
|
|
919
|
-
}
|
|
920
|
-
});
|
|
921
|
-
};
|
|
922
|
-
return mutations;
|
|
923
|
-
}
|
|
924
|
-
|
|
925
|
-
var resolversConfigs;
|
|
926
|
-
var hasRequiredResolversConfigs;
|
|
927
|
-
function requireResolversConfigs() {
|
|
928
|
-
if (hasRequiredResolversConfigs) return resolversConfigs;
|
|
929
|
-
hasRequiredResolversConfigs = 1;
|
|
930
|
-
const userUID = 'plugin::users-permissions.user';
|
|
931
|
-
const roleUID = 'plugin::users-permissions.role';
|
|
932
|
-
resolversConfigs = ({ strapi })=>{
|
|
933
|
-
const { naming } = strapi.plugin('graphql').service('utils');
|
|
934
|
-
const user = strapi.getModel(userUID);
|
|
935
|
-
const role = strapi.getModel(roleUID);
|
|
936
|
-
const createRole = naming.getCreateMutationTypeName(role);
|
|
937
|
-
const updateRole = naming.getUpdateMutationTypeName(role);
|
|
938
|
-
const deleteRole = naming.getDeleteMutationTypeName(role);
|
|
939
|
-
const createUser = naming.getCreateMutationTypeName(user);
|
|
940
|
-
const updateUser = naming.getUpdateMutationTypeName(user);
|
|
941
|
-
const deleteUser = naming.getDeleteMutationTypeName(user);
|
|
942
|
-
return {
|
|
943
|
-
// Disabled auth for some operations
|
|
944
|
-
'Mutation.login': {
|
|
945
|
-
auth: false
|
|
946
|
-
},
|
|
947
|
-
'Mutation.register': {
|
|
948
|
-
auth: false
|
|
949
|
-
},
|
|
950
|
-
'Mutation.forgotPassword': {
|
|
951
|
-
auth: false
|
|
952
|
-
},
|
|
953
|
-
'Mutation.resetPassword': {
|
|
954
|
-
auth: false
|
|
955
|
-
},
|
|
956
|
-
'Mutation.emailConfirmation': {
|
|
957
|
-
auth: false
|
|
958
|
-
},
|
|
959
|
-
'Mutation.changePassword': {
|
|
960
|
-
auth: {
|
|
961
|
-
scope: 'plugin::users-permissions.auth.changePassword'
|
|
962
|
-
}
|
|
963
|
-
},
|
|
964
|
-
// Scoped auth for replaced CRUD operations
|
|
965
|
-
// Role
|
|
966
|
-
[`Mutation.${createRole}`]: {
|
|
967
|
-
auth: {
|
|
968
|
-
scope: [
|
|
969
|
-
`${roleUID}.createRole`
|
|
970
|
-
]
|
|
971
|
-
}
|
|
972
|
-
},
|
|
973
|
-
[`Mutation.${updateRole}`]: {
|
|
974
|
-
auth: {
|
|
975
|
-
scope: [
|
|
976
|
-
`${roleUID}.updateRole`
|
|
977
|
-
]
|
|
978
|
-
}
|
|
979
|
-
},
|
|
980
|
-
[`Mutation.${deleteRole}`]: {
|
|
981
|
-
auth: {
|
|
982
|
-
scope: [
|
|
983
|
-
`${roleUID}.deleteRole`
|
|
984
|
-
]
|
|
985
|
-
}
|
|
986
|
-
},
|
|
987
|
-
// User
|
|
988
|
-
[`Mutation.${createUser}`]: {
|
|
989
|
-
auth: {
|
|
990
|
-
scope: [
|
|
991
|
-
`${userUID}.create`
|
|
992
|
-
]
|
|
993
|
-
}
|
|
994
|
-
},
|
|
995
|
-
[`Mutation.${updateUser}`]: {
|
|
996
|
-
auth: {
|
|
997
|
-
scope: [
|
|
998
|
-
`${userUID}.update`
|
|
999
|
-
]
|
|
1000
|
-
}
|
|
1001
|
-
},
|
|
1002
|
-
[`Mutation.${deleteUser}`]: {
|
|
1003
|
-
auth: {
|
|
1004
|
-
scope: [
|
|
1005
|
-
`${userUID}.destroy`
|
|
1006
|
-
]
|
|
1007
|
-
}
|
|
1008
|
-
}
|
|
1009
|
-
};
|
|
1010
|
-
};
|
|
1011
|
-
return resolversConfigs;
|
|
1012
|
-
}
|
|
1013
|
-
|
|
1014
|
-
var graphql;
|
|
1015
|
-
var hasRequiredGraphql;
|
|
1016
|
-
function requireGraphql() {
|
|
1017
|
-
if (hasRequiredGraphql) return graphql;
|
|
1018
|
-
hasRequiredGraphql = 1;
|
|
1019
|
-
const getTypes = requireTypes();
|
|
1020
|
-
const getQueries = requireQueries();
|
|
1021
|
-
const getMutations = requireMutations();
|
|
1022
|
-
const getResolversConfig = requireResolversConfigs();
|
|
1023
|
-
graphql = ({ strapi })=>{
|
|
1024
|
-
const { config: graphQLConfig } = strapi.plugin('graphql');
|
|
1025
|
-
const extensionService = strapi.plugin('graphql').service('extension');
|
|
1026
|
-
const isShadowCRUDEnabled = graphQLConfig('shadowCRUD', true);
|
|
1027
|
-
if (!isShadowCRUDEnabled) {
|
|
1028
|
-
return;
|
|
1029
|
-
}
|
|
1030
|
-
// Disable Permissions queries & mutations but allow the
|
|
1031
|
-
// type to be used/selected in filters or nested resolvers
|
|
1032
|
-
extensionService.shadowCRUD('plugin::users-permissions.permission').disableQueries().disableMutations();
|
|
1033
|
-
// Disable User & Role's Create/Update/Delete actions so they can be replaced
|
|
1034
|
-
const actionsToDisable = [
|
|
1035
|
-
'create',
|
|
1036
|
-
'update',
|
|
1037
|
-
'delete'
|
|
1038
|
-
];
|
|
1039
|
-
extensionService.shadowCRUD('plugin::users-permissions.user').disableActions(actionsToDisable);
|
|
1040
|
-
extensionService.shadowCRUD('plugin::users-permissions.role').disableActions(actionsToDisable);
|
|
1041
|
-
// Register new types & resolvers config
|
|
1042
|
-
extensionService.use(({ nexus })=>{
|
|
1043
|
-
const types = getTypes({
|
|
1044
|
-
strapi,
|
|
1045
|
-
nexus
|
|
1046
|
-
});
|
|
1047
|
-
const queries = getQueries({
|
|
1048
|
-
strapi,
|
|
1049
|
-
nexus
|
|
1050
|
-
});
|
|
1051
|
-
const mutations = getMutations({
|
|
1052
|
-
strapi,
|
|
1053
|
-
nexus
|
|
1054
|
-
});
|
|
1055
|
-
const resolversConfig = getResolversConfig({
|
|
1056
|
-
strapi
|
|
1057
|
-
});
|
|
1058
|
-
return {
|
|
1059
|
-
types: [
|
|
1060
|
-
types,
|
|
1061
|
-
queries,
|
|
1062
|
-
mutations
|
|
1063
|
-
],
|
|
1064
|
-
resolversConfig
|
|
1065
|
-
};
|
|
1066
|
-
});
|
|
1067
|
-
};
|
|
1068
|
-
return graphql;
|
|
1069
|
-
}
|
|
1070
|
-
|
|
1071
|
-
var register;
|
|
1072
|
-
var hasRequiredRegister;
|
|
1073
|
-
function requireRegister() {
|
|
1074
|
-
if (hasRequiredRegister) return register;
|
|
1075
|
-
hasRequiredRegister = 1;
|
|
1076
|
-
const fs = require$$0$1;
|
|
1077
|
-
const path = require$$1$1;
|
|
1078
|
-
const authStrategy = requireUsersPermissions$1();
|
|
1079
|
-
const sanitizers = requireSanitizers();
|
|
1080
|
-
register = ({ strapi })=>{
|
|
1081
|
-
strapi.get('auth').register('content-api', authStrategy);
|
|
1082
|
-
strapi.sanitizers.add('content-api.output', sanitizers.defaultSanitizeOutput);
|
|
1083
|
-
if (strapi.plugin('graphql')) {
|
|
1084
|
-
requireGraphql()({
|
|
1085
|
-
strapi
|
|
1086
|
-
});
|
|
1087
|
-
}
|
|
1088
|
-
if (strapi.plugin('documentation')) {
|
|
1089
|
-
const specPath = path.join(__dirname, '../../documentation/content-api.yaml');
|
|
1090
|
-
const spec = fs.readFileSync(specPath, 'utf8');
|
|
1091
|
-
strapi.plugin('documentation').service('override').registerOverride(spec, {
|
|
1092
|
-
pluginOrigin: 'users-permissions',
|
|
1093
|
-
excludeFromGeneration: [
|
|
1094
|
-
'users-permissions'
|
|
1095
|
-
]
|
|
1096
|
-
});
|
|
1097
|
-
}
|
|
1098
|
-
};
|
|
1099
|
-
return register;
|
|
1100
|
-
}
|
|
1101
|
-
|
|
1102
|
-
var usersPermissionsActions;
|
|
1103
|
-
var hasRequiredUsersPermissionsActions;
|
|
1104
|
-
function requireUsersPermissionsActions() {
|
|
1105
|
-
if (hasRequiredUsersPermissionsActions) return usersPermissionsActions;
|
|
1106
|
-
hasRequiredUsersPermissionsActions = 1;
|
|
1107
|
-
usersPermissionsActions = {
|
|
1108
|
-
actions: [
|
|
1109
|
-
{
|
|
1110
|
-
// Roles
|
|
1111
|
-
section: 'plugins',
|
|
1112
|
-
displayName: 'Create',
|
|
1113
|
-
uid: 'roles.create',
|
|
1114
|
-
subCategory: 'roles',
|
|
1115
|
-
pluginName: 'users-permissions'
|
|
1116
|
-
},
|
|
1117
|
-
{
|
|
1118
|
-
section: 'plugins',
|
|
1119
|
-
displayName: 'Read',
|
|
1120
|
-
uid: 'roles.read',
|
|
1121
|
-
subCategory: 'roles',
|
|
1122
|
-
pluginName: 'users-permissions',
|
|
1123
|
-
aliases: [
|
|
1124
|
-
{
|
|
1125
|
-
actionId: 'plugin::content-manager.explorer.read',
|
|
1126
|
-
subjects: [
|
|
1127
|
-
'plugin::users-permissions.role'
|
|
1128
|
-
]
|
|
1129
|
-
}
|
|
1130
|
-
]
|
|
1131
|
-
},
|
|
1132
|
-
{
|
|
1133
|
-
section: 'plugins',
|
|
1134
|
-
displayName: 'Update',
|
|
1135
|
-
uid: 'roles.update',
|
|
1136
|
-
subCategory: 'roles',
|
|
1137
|
-
pluginName: 'users-permissions'
|
|
1138
|
-
},
|
|
1139
|
-
{
|
|
1140
|
-
section: 'plugins',
|
|
1141
|
-
displayName: 'Delete',
|
|
1142
|
-
uid: 'roles.delete',
|
|
1143
|
-
subCategory: 'roles',
|
|
1144
|
-
pluginName: 'users-permissions'
|
|
1145
|
-
},
|
|
1146
|
-
{
|
|
1147
|
-
// providers
|
|
1148
|
-
section: 'plugins',
|
|
1149
|
-
displayName: 'Read',
|
|
1150
|
-
uid: 'providers.read',
|
|
1151
|
-
subCategory: 'providers',
|
|
1152
|
-
pluginName: 'users-permissions'
|
|
1153
|
-
},
|
|
1154
|
-
{
|
|
1155
|
-
section: 'plugins',
|
|
1156
|
-
displayName: 'Edit',
|
|
1157
|
-
uid: 'providers.update',
|
|
1158
|
-
subCategory: 'providers',
|
|
1159
|
-
pluginName: 'users-permissions'
|
|
1160
|
-
},
|
|
1161
|
-
{
|
|
1162
|
-
// emailTemplates
|
|
1163
|
-
section: 'plugins',
|
|
1164
|
-
displayName: 'Read',
|
|
1165
|
-
uid: 'email-templates.read',
|
|
1166
|
-
subCategory: 'emailTemplates',
|
|
1167
|
-
pluginName: 'users-permissions'
|
|
1168
|
-
},
|
|
1169
|
-
{
|
|
1170
|
-
section: 'plugins',
|
|
1171
|
-
displayName: 'Edit',
|
|
1172
|
-
uid: 'email-templates.update',
|
|
1173
|
-
subCategory: 'emailTemplates',
|
|
1174
|
-
pluginName: 'users-permissions'
|
|
1175
|
-
},
|
|
1176
|
-
{
|
|
1177
|
-
// advancedSettings
|
|
1178
|
-
section: 'plugins',
|
|
1179
|
-
displayName: 'Read',
|
|
1180
|
-
uid: 'advanced-settings.read',
|
|
1181
|
-
subCategory: 'advancedSettings',
|
|
1182
|
-
pluginName: 'users-permissions'
|
|
1183
|
-
},
|
|
1184
|
-
{
|
|
1185
|
-
section: 'plugins',
|
|
1186
|
-
displayName: 'Edit',
|
|
1187
|
-
uid: 'advanced-settings.update',
|
|
1188
|
-
subCategory: 'advancedSettings',
|
|
1189
|
-
pluginName: 'users-permissions'
|
|
1190
|
-
}
|
|
1191
|
-
]
|
|
1192
|
-
};
|
|
1193
|
-
return usersPermissionsActions;
|
|
1194
|
-
}
|
|
1195
|
-
|
|
1196
|
-
var bootstrap;
|
|
1197
|
-
var hasRequiredBootstrap;
|
|
1198
|
-
function requireBootstrap() {
|
|
1199
|
-
if (hasRequiredBootstrap) return bootstrap;
|
|
1200
|
-
hasRequiredBootstrap = 1;
|
|
1201
|
-
/**
|
|
1202
|
-
* An asynchronous bootstrap function that runs before
|
|
1203
|
-
* your application gets started.
|
|
1204
|
-
*
|
|
1205
|
-
* This gives you an opportunity to set up your data model,
|
|
1206
|
-
* run jobs, or perform some special logic.
|
|
1207
|
-
*/ const crypto = require$$0$2;
|
|
1208
|
-
const _ = require$$0$3;
|
|
1209
|
-
const { getService } = requireUtils$1();
|
|
1210
|
-
const usersPermissionsActions = requireUsersPermissionsActions();
|
|
1211
|
-
const initGrant = async (pluginStore)=>{
|
|
1212
|
-
const allProviders = getService('providers-registry').getAll();
|
|
1213
|
-
const grantConfig = Object.entries(allProviders).reduce((acc, [name, provider])=>{
|
|
1214
|
-
const { icon, enabled, grantConfig } = provider;
|
|
1215
|
-
acc[name] = {
|
|
1216
|
-
icon,
|
|
1217
|
-
enabled,
|
|
1218
|
-
...grantConfig
|
|
1219
|
-
};
|
|
1220
|
-
return acc;
|
|
1221
|
-
}, {});
|
|
1222
|
-
const prevGrantConfig = await pluginStore.get({
|
|
1223
|
-
key: 'grant'
|
|
1224
|
-
}) || {};
|
|
1225
|
-
if (!prevGrantConfig || !_.isEqual(prevGrantConfig, grantConfig)) {
|
|
1226
|
-
// merge with the previous provider config.
|
|
1227
|
-
_.keys(grantConfig).forEach((key)=>{
|
|
1228
|
-
if (key in prevGrantConfig) {
|
|
1229
|
-
grantConfig[key] = _.merge(grantConfig[key], prevGrantConfig[key]);
|
|
1230
|
-
}
|
|
1231
|
-
});
|
|
1232
|
-
await pluginStore.set({
|
|
1233
|
-
key: 'grant',
|
|
1234
|
-
value: grantConfig
|
|
1235
|
-
});
|
|
1236
|
-
}
|
|
1237
|
-
};
|
|
1238
|
-
const initEmails = async (pluginStore)=>{
|
|
1239
|
-
if (!await pluginStore.get({
|
|
1240
|
-
key: 'email'
|
|
1241
|
-
})) {
|
|
1242
|
-
const value = {
|
|
1243
|
-
reset_password: {
|
|
1244
|
-
display: 'Email.template.reset_password',
|
|
1245
|
-
icon: 'sync',
|
|
1246
|
-
options: {
|
|
1247
|
-
from: {
|
|
1248
|
-
name: 'Administration Panel',
|
|
1249
|
-
email: 'no-reply@strapi.io'
|
|
1250
|
-
},
|
|
1251
|
-
response_email: '',
|
|
1252
|
-
object: 'Reset password',
|
|
1253
|
-
message: `<p>We heard that you lost your password. Sorry about that!</p>
|
|
1254
|
-
|
|
1255
|
-
<p>But don’t worry! You can use the following link to reset your password:</p>
|
|
1256
|
-
<p><%= URL %>?code=<%= TOKEN %></p>
|
|
1257
|
-
|
|
1258
|
-
<p>Thanks.</p>`
|
|
1259
|
-
}
|
|
1260
|
-
},
|
|
1261
|
-
email_confirmation: {
|
|
1262
|
-
display: 'Email.template.email_confirmation',
|
|
1263
|
-
icon: 'check-square',
|
|
1264
|
-
options: {
|
|
1265
|
-
from: {
|
|
1266
|
-
name: 'Administration Panel',
|
|
1267
|
-
email: 'no-reply@strapi.io'
|
|
1268
|
-
},
|
|
1269
|
-
response_email: '',
|
|
1270
|
-
object: 'Account confirmation',
|
|
1271
|
-
message: `<p>Thank you for registering!</p>
|
|
1272
|
-
|
|
1273
|
-
<p>You have to confirm your email address. Please click on the link below.</p>
|
|
1274
|
-
|
|
1275
|
-
<p><%= URL %>?confirmation=<%= CODE %></p>
|
|
1276
|
-
|
|
1277
|
-
<p>Thanks.</p>`
|
|
1278
|
-
}
|
|
1279
|
-
}
|
|
1280
|
-
};
|
|
1281
|
-
await pluginStore.set({
|
|
1282
|
-
key: 'email',
|
|
1283
|
-
value
|
|
1284
|
-
});
|
|
1285
|
-
}
|
|
1286
|
-
};
|
|
1287
|
-
const initAdvancedOptions = async (pluginStore)=>{
|
|
1288
|
-
if (!await pluginStore.get({
|
|
1289
|
-
key: 'advanced'
|
|
1290
|
-
})) {
|
|
1291
|
-
const value = {
|
|
1292
|
-
unique_email: true,
|
|
1293
|
-
allow_register: true,
|
|
1294
|
-
email_confirmation: false,
|
|
1295
|
-
email_reset_password: null,
|
|
1296
|
-
email_confirmation_redirection: null,
|
|
1297
|
-
default_role: 'authenticated'
|
|
1298
|
-
};
|
|
1299
|
-
await pluginStore.set({
|
|
1300
|
-
key: 'advanced',
|
|
1301
|
-
value
|
|
1302
|
-
});
|
|
1303
|
-
}
|
|
1304
|
-
};
|
|
1305
|
-
bootstrap = async ({ strapi })=>{
|
|
1306
|
-
const pluginStore = strapi.store({
|
|
1307
|
-
type: 'plugin',
|
|
1308
|
-
name: 'users-permissions'
|
|
1309
|
-
});
|
|
1310
|
-
await initGrant(pluginStore);
|
|
1311
|
-
await initEmails(pluginStore);
|
|
1312
|
-
await initAdvancedOptions(pluginStore);
|
|
1313
|
-
await strapi.service('admin::permission').actionProvider.registerMany(usersPermissionsActions.actions);
|
|
1314
|
-
await getService('users-permissions').initialize();
|
|
1315
|
-
if (!strapi.config.get('plugin::users-permissions.jwtSecret')) {
|
|
1316
|
-
if (process.env.NODE_ENV !== 'development') {
|
|
1317
|
-
throw new Error(`Missing jwtSecret. Please, set configuration variable "jwtSecret" for the users-permissions plugin in config/plugins.js (ex: you can generate one using Node with \`crypto.randomBytes(16).toString('base64')\`).
|
|
1318
|
-
For security reasons, prefer storing the secret in an environment variable and read it in config/plugins.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);
|
|
1319
|
-
}
|
|
1320
|
-
const jwtSecret = crypto.randomBytes(16).toString('base64');
|
|
1321
|
-
strapi.config.set('plugin::users-permissions.jwtSecret', jwtSecret);
|
|
1322
|
-
if (!process.env.JWT_SECRET) {
|
|
1323
|
-
const envPath = process.env.ENV_PATH || '.env';
|
|
1324
|
-
strapi.fs.appendFile(envPath, `JWT_SECRET=${jwtSecret}\n`);
|
|
1325
|
-
strapi.log.info(`The Users & Permissions plugin automatically generated a jwt secret and stored it in ${envPath} under the name JWT_SECRET.`);
|
|
1326
|
-
}
|
|
1327
|
-
}
|
|
1328
|
-
};
|
|
1329
|
-
return bootstrap;
|
|
1330
|
-
}
|
|
1331
|
-
|
|
1332
|
-
var permission$1;
|
|
1333
|
-
var hasRequiredPermission$1;
|
|
1334
|
-
function requirePermission$1() {
|
|
1335
|
-
if (hasRequiredPermission$1) return permission$1;
|
|
1336
|
-
hasRequiredPermission$1 = 1;
|
|
1337
|
-
permission$1 = {
|
|
1338
|
-
collectionName: 'up_permissions',
|
|
1339
|
-
info: {
|
|
1340
|
-
name: 'permission',
|
|
1341
|
-
description: '',
|
|
1342
|
-
singularName: 'permission',
|
|
1343
|
-
pluralName: 'permissions',
|
|
1344
|
-
displayName: 'Permission'
|
|
1345
|
-
},
|
|
1346
|
-
pluginOptions: {
|
|
1347
|
-
'content-manager': {
|
|
1348
|
-
visible: false
|
|
1349
|
-
},
|
|
1350
|
-
'content-type-builder': {
|
|
1351
|
-
visible: false
|
|
1352
|
-
}
|
|
1353
|
-
},
|
|
1354
|
-
attributes: {
|
|
1355
|
-
action: {
|
|
1356
|
-
type: 'string',
|
|
1357
|
-
required: true,
|
|
1358
|
-
configurable: false
|
|
1359
|
-
},
|
|
1360
|
-
role: {
|
|
1361
|
-
type: 'relation',
|
|
1362
|
-
relation: 'manyToOne',
|
|
1363
|
-
target: 'plugin::users-permissions.role',
|
|
1364
|
-
inversedBy: 'permissions',
|
|
1365
|
-
configurable: false
|
|
1366
|
-
}
|
|
1367
|
-
}
|
|
1368
|
-
};
|
|
1369
|
-
return permission$1;
|
|
1370
|
-
}
|
|
1371
|
-
|
|
1372
|
-
var role$4;
|
|
1373
|
-
var hasRequiredRole$4;
|
|
1374
|
-
function requireRole$4() {
|
|
1375
|
-
if (hasRequiredRole$4) return role$4;
|
|
1376
|
-
hasRequiredRole$4 = 1;
|
|
1377
|
-
role$4 = {
|
|
1378
|
-
collectionName: 'up_roles',
|
|
1379
|
-
info: {
|
|
1380
|
-
name: 'role',
|
|
1381
|
-
description: '',
|
|
1382
|
-
singularName: 'role',
|
|
1383
|
-
pluralName: 'roles',
|
|
1384
|
-
displayName: 'Role'
|
|
1385
|
-
},
|
|
1386
|
-
pluginOptions: {
|
|
1387
|
-
'content-manager': {
|
|
1388
|
-
visible: false
|
|
1389
|
-
},
|
|
1390
|
-
'content-type-builder': {
|
|
1391
|
-
visible: false
|
|
1392
|
-
}
|
|
1393
|
-
},
|
|
1394
|
-
attributes: {
|
|
1395
|
-
name: {
|
|
1396
|
-
type: 'string',
|
|
1397
|
-
minLength: 3,
|
|
1398
|
-
required: true,
|
|
1399
|
-
configurable: false
|
|
1400
|
-
},
|
|
1401
|
-
description: {
|
|
1402
|
-
type: 'string',
|
|
1403
|
-
configurable: false
|
|
1404
|
-
},
|
|
1405
|
-
type: {
|
|
1406
|
-
type: 'string',
|
|
1407
|
-
unique: true,
|
|
1408
|
-
configurable: false
|
|
1409
|
-
},
|
|
1410
|
-
permissions: {
|
|
1411
|
-
type: 'relation',
|
|
1412
|
-
relation: 'oneToMany',
|
|
1413
|
-
target: 'plugin::users-permissions.permission',
|
|
1414
|
-
mappedBy: 'role',
|
|
1415
|
-
configurable: false
|
|
1416
|
-
},
|
|
1417
|
-
users: {
|
|
1418
|
-
type: 'relation',
|
|
1419
|
-
relation: 'oneToMany',
|
|
1420
|
-
target: 'plugin::users-permissions.user',
|
|
1421
|
-
mappedBy: 'role',
|
|
1422
|
-
configurable: false
|
|
1423
|
-
}
|
|
1424
|
-
}
|
|
1425
|
-
};
|
|
1426
|
-
return role$4;
|
|
1427
|
-
}
|
|
1428
|
-
|
|
1429
|
-
var schemaConfig;
|
|
1430
|
-
var hasRequiredSchemaConfig;
|
|
1431
|
-
function requireSchemaConfig() {
|
|
1432
|
-
if (hasRequiredSchemaConfig) return schemaConfig;
|
|
1433
|
-
hasRequiredSchemaConfig = 1;
|
|
1434
|
-
schemaConfig = {
|
|
1435
|
-
attributes: {
|
|
1436
|
-
resetPasswordToken: {
|
|
1437
|
-
hidden: true
|
|
1438
|
-
},
|
|
1439
|
-
confirmationToken: {
|
|
1440
|
-
hidden: true
|
|
1441
|
-
},
|
|
1442
|
-
provider: {
|
|
1443
|
-
hidden: true
|
|
1444
|
-
}
|
|
1445
|
-
}
|
|
1446
|
-
};
|
|
1447
|
-
return schemaConfig;
|
|
1448
|
-
}
|
|
1449
|
-
|
|
1450
|
-
var user$4;
|
|
1451
|
-
var hasRequiredUser$4;
|
|
1452
|
-
function requireUser$4() {
|
|
1453
|
-
if (hasRequiredUser$4) return user$4;
|
|
1454
|
-
hasRequiredUser$4 = 1;
|
|
1455
|
-
const schemaConfig = requireSchemaConfig();
|
|
1456
|
-
user$4 = {
|
|
1457
|
-
collectionName: 'up_users',
|
|
1458
|
-
info: {
|
|
1459
|
-
name: 'user',
|
|
1460
|
-
description: '',
|
|
1461
|
-
singularName: 'user',
|
|
1462
|
-
pluralName: 'users',
|
|
1463
|
-
displayName: 'User'
|
|
1464
|
-
},
|
|
1465
|
-
options: {
|
|
1466
|
-
timestamps: true
|
|
1467
|
-
},
|
|
1468
|
-
attributes: {
|
|
1469
|
-
username: {
|
|
1470
|
-
type: 'string',
|
|
1471
|
-
minLength: 3,
|
|
1472
|
-
unique: true,
|
|
1473
|
-
configurable: false,
|
|
1474
|
-
required: true
|
|
1475
|
-
},
|
|
1476
|
-
email: {
|
|
1477
|
-
type: 'email',
|
|
1478
|
-
minLength: 6,
|
|
1479
|
-
configurable: false,
|
|
1480
|
-
required: true
|
|
1481
|
-
},
|
|
1482
|
-
provider: {
|
|
1483
|
-
type: 'string',
|
|
1484
|
-
configurable: false
|
|
1485
|
-
},
|
|
1486
|
-
password: {
|
|
1487
|
-
type: 'password',
|
|
1488
|
-
minLength: 6,
|
|
1489
|
-
configurable: false,
|
|
1490
|
-
private: true,
|
|
1491
|
-
searchable: false
|
|
1492
|
-
},
|
|
1493
|
-
resetPasswordToken: {
|
|
1494
|
-
type: 'string',
|
|
1495
|
-
configurable: false,
|
|
1496
|
-
private: true,
|
|
1497
|
-
searchable: false
|
|
1498
|
-
},
|
|
1499
|
-
confirmationToken: {
|
|
1500
|
-
type: 'string',
|
|
1501
|
-
configurable: false,
|
|
1502
|
-
private: true,
|
|
1503
|
-
searchable: false
|
|
1504
|
-
},
|
|
1505
|
-
confirmed: {
|
|
1506
|
-
type: 'boolean',
|
|
1507
|
-
default: false,
|
|
1508
|
-
configurable: false
|
|
1509
|
-
},
|
|
1510
|
-
blocked: {
|
|
1511
|
-
type: 'boolean',
|
|
1512
|
-
default: false,
|
|
1513
|
-
configurable: false
|
|
1514
|
-
},
|
|
1515
|
-
role: {
|
|
1516
|
-
type: 'relation',
|
|
1517
|
-
relation: 'manyToOne',
|
|
1518
|
-
target: 'plugin::users-permissions.role',
|
|
1519
|
-
inversedBy: 'users',
|
|
1520
|
-
configurable: false
|
|
1521
|
-
}
|
|
1522
|
-
},
|
|
1523
|
-
config: schemaConfig
|
|
1524
|
-
};
|
|
1525
|
-
return user$4;
|
|
1526
|
-
}
|
|
1527
|
-
|
|
1528
|
-
var contentTypes;
|
|
1529
|
-
var hasRequiredContentTypes;
|
|
1530
|
-
function requireContentTypes() {
|
|
1531
|
-
if (hasRequiredContentTypes) return contentTypes;
|
|
1532
|
-
hasRequiredContentTypes = 1;
|
|
1533
|
-
const permission = requirePermission$1();
|
|
1534
|
-
const role = requireRole$4();
|
|
1535
|
-
const user = requireUser$4();
|
|
1536
|
-
contentTypes = {
|
|
1537
|
-
permission: {
|
|
1538
|
-
schema: permission
|
|
1539
|
-
},
|
|
1540
|
-
role: {
|
|
1541
|
-
schema: role
|
|
1542
|
-
},
|
|
1543
|
-
user: {
|
|
1544
|
-
schema: user
|
|
1545
|
-
}
|
|
1546
|
-
};
|
|
1547
|
-
return contentTypes;
|
|
1548
|
-
}
|
|
1549
|
-
|
|
1550
|
-
var rateLimit;
|
|
1551
|
-
var hasRequiredRateLimit;
|
|
1552
|
-
function requireRateLimit() {
|
|
1553
|
-
if (hasRequiredRateLimit) return rateLimit;
|
|
1554
|
-
hasRequiredRateLimit = 1;
|
|
1555
|
-
const path = require$$1$1;
|
|
1556
|
-
const utils = require$$1;
|
|
1557
|
-
const { isString, has, toLower } = require$$0;
|
|
1558
|
-
const { RateLimitError } = utils.errors;
|
|
1559
|
-
rateLimit = (config, { strapi })=>async (ctx, next)=>{
|
|
1560
|
-
let rateLimitConfig = strapi.config.get('plugin::users-permissions.ratelimit');
|
|
1561
|
-
if (!rateLimitConfig) {
|
|
1562
|
-
rateLimitConfig = {
|
|
1563
|
-
enabled: true
|
|
1564
|
-
};
|
|
1565
|
-
}
|
|
1566
|
-
if (!has('enabled', rateLimitConfig)) {
|
|
1567
|
-
rateLimitConfig.enabled = true;
|
|
1568
|
-
}
|
|
1569
|
-
if (rateLimitConfig.enabled === true) {
|
|
1570
|
-
const rateLimit = require$$3.RateLimit;
|
|
1571
|
-
const userIdentifier = toLower(ctx.request.body.email) || 'unknownIdentifier';
|
|
1572
|
-
const requestPath = isString(ctx.request.path) ? toLower(path.normalize(ctx.request.path)) : 'invalidPath';
|
|
1573
|
-
const loadConfig = {
|
|
1574
|
-
interval: {
|
|
1575
|
-
min: 5
|
|
1576
|
-
},
|
|
1577
|
-
max: 5,
|
|
1578
|
-
prefixKey: `${userIdentifier}:${requestPath}:${ctx.request.ip}`,
|
|
1579
|
-
handler () {
|
|
1580
|
-
throw new RateLimitError();
|
|
1581
|
-
},
|
|
1582
|
-
...rateLimitConfig,
|
|
1583
|
-
...config
|
|
1584
|
-
};
|
|
1585
|
-
return rateLimit.middleware(loadConfig)(ctx, next);
|
|
1586
|
-
}
|
|
1587
|
-
return next();
|
|
1588
|
-
};
|
|
1589
|
-
return rateLimit;
|
|
1590
|
-
}
|
|
1591
|
-
|
|
1592
|
-
var middlewares;
|
|
1593
|
-
var hasRequiredMiddlewares;
|
|
1594
|
-
function requireMiddlewares() {
|
|
1595
|
-
if (hasRequiredMiddlewares) return middlewares;
|
|
1596
|
-
hasRequiredMiddlewares = 1;
|
|
1597
|
-
const rateLimit = requireRateLimit();
|
|
1598
|
-
middlewares = {
|
|
1599
|
-
rateLimit
|
|
1600
|
-
};
|
|
1601
|
-
return middlewares;
|
|
1602
|
-
}
|
|
1603
|
-
|
|
1604
|
-
var jwt_1;
|
|
1605
|
-
var hasRequiredJwt;
|
|
1606
|
-
function requireJwt() {
|
|
1607
|
-
if (hasRequiredJwt) return jwt_1;
|
|
1608
|
-
hasRequiredJwt = 1;
|
|
1609
|
-
/**
|
|
1610
|
-
* Jwt.js service
|
|
1611
|
-
*
|
|
1612
|
-
* @description: A set of functions similar to controller's actions to avoid code duplication.
|
|
1613
|
-
*/ const _ = require$$0$3;
|
|
1614
|
-
const jwt = require$$1$2;
|
|
1615
|
-
jwt_1 = ({ strapi })=>({
|
|
1616
|
-
getToken (ctx) {
|
|
1617
|
-
let token;
|
|
1618
|
-
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
1619
|
-
const parts = ctx.request.header.authorization.split(/\s+/);
|
|
1620
|
-
if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {
|
|
1621
|
-
return null;
|
|
1622
|
-
}
|
|
1623
|
-
token = parts[1];
|
|
1624
|
-
} else {
|
|
1625
|
-
return null;
|
|
1626
|
-
}
|
|
1627
|
-
return this.verify(token);
|
|
1628
|
-
},
|
|
1629
|
-
issue (payload, jwtOptions = {}) {
|
|
1630
|
-
_.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));
|
|
1631
|
-
return jwt.sign(_.clone(payload.toJSON ? payload.toJSON() : payload), strapi.config.get('plugin::users-permissions.jwtSecret'), jwtOptions);
|
|
1632
|
-
},
|
|
1633
|
-
verify (token) {
|
|
1634
|
-
return new Promise((resolve, reject)=>{
|
|
1635
|
-
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {}, (err, tokenPayload = {})=>{
|
|
1636
|
-
if (err) {
|
|
1637
|
-
return reject(new Error('Invalid token.'));
|
|
1638
|
-
}
|
|
1639
|
-
resolve(tokenPayload);
|
|
1640
|
-
});
|
|
1641
|
-
});
|
|
1642
|
-
}
|
|
1643
|
-
});
|
|
1644
|
-
return jwt_1;
|
|
1645
|
-
}
|
|
1646
|
-
|
|
1647
|
-
var providers;
|
|
1648
|
-
var hasRequiredProviders;
|
|
1649
|
-
function requireProviders() {
|
|
1650
|
-
if (hasRequiredProviders) return providers;
|
|
1651
|
-
hasRequiredProviders = 1;
|
|
1652
|
-
/**
|
|
1653
|
-
* Module dependencies
|
|
1654
|
-
*/ // Public node modules.
|
|
1655
|
-
const _ = require$$0$3;
|
|
1656
|
-
const urlJoin = require$$2;
|
|
1657
|
-
const { getService } = requireUtils$1();
|
|
1658
|
-
providers = ({ strapi })=>{
|
|
1659
|
-
/**
|
|
1660
|
-
* Helper to get profiles
|
|
1661
|
-
*
|
|
1662
|
-
* @param {String} provider
|
|
1663
|
-
*/ const getProfile = async (provider, query)=>{
|
|
1664
|
-
const accessToken = query.access_token || query.code || query.oauth_token;
|
|
1665
|
-
const providers = await strapi.store({
|
|
1666
|
-
type: 'plugin',
|
|
1667
|
-
name: 'users-permissions',
|
|
1668
|
-
key: 'grant'
|
|
1669
|
-
}).get();
|
|
1670
|
-
return getService('providers-registry').run({
|
|
1671
|
-
provider,
|
|
1672
|
-
query,
|
|
1673
|
-
accessToken,
|
|
1674
|
-
providers
|
|
1675
|
-
});
|
|
1676
|
-
};
|
|
1677
|
-
/**
|
|
1678
|
-
* Connect thanks to a third-party provider.
|
|
1679
|
-
*
|
|
1680
|
-
*
|
|
1681
|
-
* @param {String} provider
|
|
1682
|
-
* @param {String} accessToken
|
|
1683
|
-
*
|
|
1684
|
-
* @return {*}
|
|
1685
|
-
*/ const connect = async (provider, query)=>{
|
|
1686
|
-
const accessToken = query.access_token || query.code || query.oauth_token;
|
|
1687
|
-
if (!accessToken) {
|
|
1688
|
-
throw new Error('No access_token.');
|
|
1689
|
-
}
|
|
1690
|
-
// Get the profile.
|
|
1691
|
-
const profile = await getProfile(provider, query);
|
|
1692
|
-
const email = _.toLower(profile.email);
|
|
1693
|
-
// We need at least the mail.
|
|
1694
|
-
if (!email) {
|
|
1695
|
-
throw new Error('Email was not available.');
|
|
1696
|
-
}
|
|
1697
|
-
const users = await strapi.db.query('plugin::users-permissions.user').findMany({
|
|
1698
|
-
where: {
|
|
1699
|
-
email
|
|
1700
|
-
}
|
|
1701
|
-
});
|
|
1702
|
-
const advancedSettings = await strapi.store({
|
|
1703
|
-
type: 'plugin',
|
|
1704
|
-
name: 'users-permissions',
|
|
1705
|
-
key: 'advanced'
|
|
1706
|
-
}).get();
|
|
1707
|
-
const user = _.find(users, {
|
|
1708
|
-
provider
|
|
1709
|
-
});
|
|
1710
|
-
if (_.isEmpty(user) && !advancedSettings.allow_register) {
|
|
1711
|
-
throw new Error('Register action is actually not available.');
|
|
1712
|
-
}
|
|
1713
|
-
if (!_.isEmpty(user)) {
|
|
1714
|
-
return user;
|
|
1715
|
-
}
|
|
1716
|
-
if (users.length && advancedSettings.unique_email) {
|
|
1717
|
-
throw new Error('Email is already taken.');
|
|
1718
|
-
}
|
|
1719
|
-
// Retrieve default role.
|
|
1720
|
-
const defaultRole = await strapi.db.query('plugin::users-permissions.role').findOne({
|
|
1721
|
-
where: {
|
|
1722
|
-
type: advancedSettings.default_role
|
|
1723
|
-
}
|
|
1724
|
-
});
|
|
1725
|
-
// Create the new user.
|
|
1726
|
-
const newUser = {
|
|
1727
|
-
...profile,
|
|
1728
|
-
email,
|
|
1729
|
-
provider,
|
|
1730
|
-
role: defaultRole.id,
|
|
1731
|
-
confirmed: true
|
|
1732
|
-
};
|
|
1733
|
-
const createdUser = await strapi.db.query('plugin::users-permissions.user').create({
|
|
1734
|
-
data: newUser
|
|
1735
|
-
});
|
|
1736
|
-
return createdUser;
|
|
1737
|
-
};
|
|
1738
|
-
const buildRedirectUri = (provider = '')=>{
|
|
1739
|
-
const apiPrefix = strapi.config.get('api.rest.prefix');
|
|
1740
|
-
return urlJoin(strapi.config.get('server.absoluteUrl'), apiPrefix, 'connect', provider, 'callback');
|
|
1741
|
-
};
|
|
1742
|
-
return {
|
|
1743
|
-
connect,
|
|
1744
|
-
buildRedirectUri
|
|
1745
|
-
};
|
|
1746
|
-
};
|
|
1747
|
-
return providers;
|
|
1748
|
-
}
|
|
1749
|
-
|
|
1750
|
-
var user$3;
|
|
1751
|
-
var hasRequiredUser$3;
|
|
1752
|
-
function requireUser$3() {
|
|
1753
|
-
if (hasRequiredUser$3) return user$3;
|
|
1754
|
-
hasRequiredUser$3 = 1;
|
|
1755
|
-
/**
|
|
1756
|
-
* User.js service
|
|
1757
|
-
*
|
|
1758
|
-
* @description: A set of functions similar to controller's actions to avoid code duplication.
|
|
1759
|
-
*/ const crypto = require$$0$2;
|
|
1760
|
-
const bcrypt = require$$1$3;
|
|
1761
|
-
const urlJoin = require$$2;
|
|
1762
|
-
const { sanitize } = require$$1;
|
|
1763
|
-
const { toNumber, getOr } = require$$0;
|
|
1764
|
-
const { getService } = requireUtils$1();
|
|
1765
|
-
const USER_MODEL_UID = 'plugin::users-permissions.user';
|
|
1766
|
-
user$3 = ({ strapi })=>({
|
|
1767
|
-
/**
|
|
1768
|
-
* Promise to count users
|
|
1769
|
-
*
|
|
1770
|
-
* @return {Promise}
|
|
1771
|
-
*/ count (params) {
|
|
1772
|
-
return strapi.db.query(USER_MODEL_UID).count({
|
|
1773
|
-
where: params
|
|
1774
|
-
});
|
|
1775
|
-
},
|
|
1776
|
-
/**
|
|
1777
|
-
* Hashes password fields in the provided values object if they are present.
|
|
1778
|
-
* It checks each key in the values object against the model's attributes and
|
|
1779
|
-
* hashes it if the attribute type is 'password',
|
|
1780
|
-
*
|
|
1781
|
-
* @param {object} values - The object containing the fields to be hashed.
|
|
1782
|
-
* @return {object} The values object with hashed password fields if they were present.
|
|
1783
|
-
*/ async ensureHashedPasswords (values) {
|
|
1784
|
-
const attributes = strapi.getModel(USER_MODEL_UID).attributes;
|
|
1785
|
-
for(const key in values){
|
|
1786
|
-
if (attributes[key] && attributes[key].type === 'password') {
|
|
1787
|
-
// Check if a custom encryption.rounds has been set on the password attribute
|
|
1788
|
-
const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));
|
|
1789
|
-
values[key] = await bcrypt.hash(values[key], rounds);
|
|
1790
|
-
}
|
|
1791
|
-
}
|
|
1792
|
-
return values;
|
|
1793
|
-
},
|
|
1794
|
-
/**
|
|
1795
|
-
* Promise to add a/an user.
|
|
1796
|
-
* @return {Promise}
|
|
1797
|
-
*/ async add (values) {
|
|
1798
|
-
return strapi.db.query(USER_MODEL_UID).create({
|
|
1799
|
-
data: await this.ensureHashedPasswords(values),
|
|
1800
|
-
populate: [
|
|
1801
|
-
'role'
|
|
1802
|
-
]
|
|
1803
|
-
});
|
|
1804
|
-
},
|
|
1805
|
-
/**
|
|
1806
|
-
* Promise to edit a/an user.
|
|
1807
|
-
* @param {string} userId
|
|
1808
|
-
* @param {object} params
|
|
1809
|
-
* @return {Promise}
|
|
1810
|
-
*/ async edit (userId, params = {}) {
|
|
1811
|
-
return strapi.db.query(USER_MODEL_UID).update({
|
|
1812
|
-
where: {
|
|
1813
|
-
id: userId
|
|
1814
|
-
},
|
|
1815
|
-
data: await this.ensureHashedPasswords(params),
|
|
1816
|
-
populate: [
|
|
1817
|
-
'role'
|
|
1818
|
-
]
|
|
1819
|
-
});
|
|
1820
|
-
},
|
|
1821
|
-
/**
|
|
1822
|
-
* Promise to fetch a/an user.
|
|
1823
|
-
* @return {Promise}
|
|
1824
|
-
*/ fetch (id, params) {
|
|
1825
|
-
const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});
|
|
1826
|
-
return strapi.db.query(USER_MODEL_UID).findOne({
|
|
1827
|
-
...query,
|
|
1828
|
-
where: {
|
|
1829
|
-
$and: [
|
|
1830
|
-
{
|
|
1831
|
-
id
|
|
1832
|
-
},
|
|
1833
|
-
query.where || {}
|
|
1834
|
-
]
|
|
1835
|
-
}
|
|
1836
|
-
});
|
|
1837
|
-
},
|
|
1838
|
-
/**
|
|
1839
|
-
* Promise to fetch authenticated user.
|
|
1840
|
-
* @return {Promise}
|
|
1841
|
-
*/ fetchAuthenticatedUser (id) {
|
|
1842
|
-
return strapi.db.query(USER_MODEL_UID).findOne({
|
|
1843
|
-
where: {
|
|
1844
|
-
id
|
|
1845
|
-
},
|
|
1846
|
-
populate: [
|
|
1847
|
-
'role'
|
|
1848
|
-
]
|
|
1849
|
-
});
|
|
1850
|
-
},
|
|
1851
|
-
/**
|
|
1852
|
-
* Promise to fetch all users.
|
|
1853
|
-
* @return {Promise}
|
|
1854
|
-
*/ fetchAll (params) {
|
|
1855
|
-
const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});
|
|
1856
|
-
return strapi.db.query(USER_MODEL_UID).findMany(query);
|
|
1857
|
-
},
|
|
1858
|
-
/**
|
|
1859
|
-
* Promise to remove a/an user.
|
|
1860
|
-
* @return {Promise}
|
|
1861
|
-
*/ async remove (params) {
|
|
1862
|
-
return strapi.db.query(USER_MODEL_UID).delete({
|
|
1863
|
-
where: params
|
|
1864
|
-
});
|
|
1865
|
-
},
|
|
1866
|
-
validatePassword (password, hash) {
|
|
1867
|
-
return bcrypt.compare(password, hash);
|
|
1868
|
-
},
|
|
1869
|
-
async sendConfirmationEmail (user) {
|
|
1870
|
-
const userPermissionService = getService('users-permissions');
|
|
1871
|
-
const pluginStore = await strapi.store({
|
|
1872
|
-
type: 'plugin',
|
|
1873
|
-
name: 'users-permissions'
|
|
1874
|
-
});
|
|
1875
|
-
const userSchema = strapi.getModel(USER_MODEL_UID);
|
|
1876
|
-
const settings = await pluginStore.get({
|
|
1877
|
-
key: 'email'
|
|
1878
|
-
}).then((storeEmail)=>storeEmail.email_confirmation.options);
|
|
1879
|
-
// Sanitize the template's user information
|
|
1880
|
-
const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput({
|
|
1881
|
-
schema: userSchema,
|
|
1882
|
-
getModel: strapi.getModel.bind(strapi)
|
|
1883
|
-
}, user);
|
|
1884
|
-
const confirmationToken = crypto.randomBytes(20).toString('hex');
|
|
1885
|
-
await this.edit(user.id, {
|
|
1886
|
-
confirmationToken
|
|
1887
|
-
});
|
|
1888
|
-
const apiPrefix = strapi.config.get('api.rest.prefix');
|
|
1889
|
-
try {
|
|
1890
|
-
settings.message = await userPermissionService.template(settings.message, {
|
|
1891
|
-
URL: urlJoin(strapi.config.get('server.absoluteUrl'), apiPrefix, '/auth/email-confirmation'),
|
|
1892
|
-
SERVER_URL: strapi.config.get('server.absoluteUrl'),
|
|
1893
|
-
ADMIN_URL: strapi.config.get('admin.absoluteUrl'),
|
|
1894
|
-
USER: sanitizedUserInfo,
|
|
1895
|
-
CODE: confirmationToken
|
|
1896
|
-
});
|
|
1897
|
-
settings.object = await userPermissionService.template(settings.object, {
|
|
1898
|
-
USER: sanitizedUserInfo
|
|
1899
|
-
});
|
|
1900
|
-
} catch {
|
|
1901
|
-
strapi.log.error('[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for "user confirmation email". Please make sure your email template is valid and does not contain invalid characters or patterns');
|
|
1902
|
-
return;
|
|
1903
|
-
}
|
|
1904
|
-
// Send an email to the user.
|
|
1905
|
-
await strapi.plugin('email').service('email').send({
|
|
1906
|
-
to: user.email,
|
|
1907
|
-
from: settings.from.email && settings.from.name ? `${settings.from.name} <${settings.from.email}>` : undefined,
|
|
1908
|
-
replyTo: settings.response_email,
|
|
1909
|
-
subject: settings.object,
|
|
1910
|
-
text: settings.message,
|
|
1911
|
-
html: settings.message
|
|
1912
|
-
});
|
|
1913
|
-
}
|
|
1914
|
-
});
|
|
1915
|
-
return user$3;
|
|
1916
|
-
}
|
|
1917
|
-
|
|
1918
|
-
var role$3;
|
|
1919
|
-
var hasRequiredRole$3;
|
|
1920
|
-
function requireRole$3() {
|
|
1921
|
-
if (hasRequiredRole$3) return role$3;
|
|
1922
|
-
hasRequiredRole$3 = 1;
|
|
1923
|
-
const _ = require$$0$3;
|
|
1924
|
-
const { NotFoundError } = require$$1.errors;
|
|
1925
|
-
const { getService } = requireUtils$1();
|
|
1926
|
-
role$3 = ({ strapi })=>({
|
|
1927
|
-
async createRole (params) {
|
|
1928
|
-
if (!params.type) {
|
|
1929
|
-
params.type = _.snakeCase(_.deburr(_.toLower(params.name)));
|
|
1930
|
-
}
|
|
1931
|
-
const role = await strapi.db.query('plugin::users-permissions.role').create({
|
|
1932
|
-
data: _.omit(params, [
|
|
1933
|
-
'users',
|
|
1934
|
-
'permissions'
|
|
1935
|
-
])
|
|
1936
|
-
});
|
|
1937
|
-
const createPromises = _.flatMap(params.permissions, (type, typeName)=>{
|
|
1938
|
-
return _.flatMap(type.controllers, (controller, controllerName)=>{
|
|
1939
|
-
return _.reduce(controller, (acc, action, actionName)=>{
|
|
1940
|
-
const { enabled/* policy */ } = action;
|
|
1941
|
-
if (enabled) {
|
|
1942
|
-
const actionID = `${typeName}.${controllerName}.${actionName}`;
|
|
1943
|
-
acc.push(strapi.db.query('plugin::users-permissions.permission').create({
|
|
1944
|
-
data: {
|
|
1945
|
-
action: actionID,
|
|
1946
|
-
role: role.id
|
|
1947
|
-
}
|
|
1948
|
-
}));
|
|
1949
|
-
}
|
|
1950
|
-
return acc;
|
|
1951
|
-
}, []);
|
|
1952
|
-
});
|
|
1953
|
-
});
|
|
1954
|
-
await Promise.all(createPromises);
|
|
1955
|
-
},
|
|
1956
|
-
async findOne (roleID) {
|
|
1957
|
-
const role = await strapi.db.query('plugin::users-permissions.role').findOne({
|
|
1958
|
-
where: {
|
|
1959
|
-
id: roleID
|
|
1960
|
-
},
|
|
1961
|
-
populate: [
|
|
1962
|
-
'permissions'
|
|
1963
|
-
]
|
|
1964
|
-
});
|
|
1965
|
-
if (!role) {
|
|
1966
|
-
throw new NotFoundError('Role not found');
|
|
1967
|
-
}
|
|
1968
|
-
const allActions = getService('users-permissions').getActions();
|
|
1969
|
-
// Group by `type`.
|
|
1970
|
-
role.permissions.forEach((permission)=>{
|
|
1971
|
-
const [type, controller, action] = permission.action.split('.');
|
|
1972
|
-
_.set(allActions, `${type}.controllers.${controller}.${action}`, {
|
|
1973
|
-
enabled: true,
|
|
1974
|
-
policy: ''
|
|
1975
|
-
});
|
|
1976
|
-
});
|
|
1977
|
-
return {
|
|
1978
|
-
...role,
|
|
1979
|
-
permissions: allActions
|
|
1980
|
-
};
|
|
1981
|
-
},
|
|
1982
|
-
async find () {
|
|
1983
|
-
const roles = await strapi.db.query('plugin::users-permissions.role').findMany({
|
|
1984
|
-
sort: [
|
|
1985
|
-
'name'
|
|
1986
|
-
]
|
|
1987
|
-
});
|
|
1988
|
-
for (const role of roles){
|
|
1989
|
-
role.nb_users = await strapi.db.query('plugin::users-permissions.user').count({
|
|
1990
|
-
where: {
|
|
1991
|
-
role: {
|
|
1992
|
-
id: role.id
|
|
1993
|
-
}
|
|
1994
|
-
}
|
|
1995
|
-
});
|
|
1996
|
-
}
|
|
1997
|
-
return roles;
|
|
1998
|
-
},
|
|
1999
|
-
async updateRole (roleID, data) {
|
|
2000
|
-
const role = await strapi.db.query('plugin::users-permissions.role').findOne({
|
|
2001
|
-
where: {
|
|
2002
|
-
id: roleID
|
|
2003
|
-
},
|
|
2004
|
-
populate: [
|
|
2005
|
-
'permissions'
|
|
2006
|
-
]
|
|
2007
|
-
});
|
|
2008
|
-
if (!role) {
|
|
2009
|
-
throw new NotFoundError('Role not found');
|
|
2010
|
-
}
|
|
2011
|
-
await strapi.db.query('plugin::users-permissions.role').update({
|
|
2012
|
-
where: {
|
|
2013
|
-
id: roleID
|
|
2014
|
-
},
|
|
2015
|
-
data: _.pick(data, [
|
|
2016
|
-
'name',
|
|
2017
|
-
'description'
|
|
2018
|
-
])
|
|
2019
|
-
});
|
|
2020
|
-
const { permissions } = data;
|
|
2021
|
-
const newActions = _.flatMap(permissions, (type, typeName)=>{
|
|
2022
|
-
return _.flatMap(type.controllers, (controller, controllerName)=>{
|
|
2023
|
-
return _.reduce(controller, (acc, action, actionName)=>{
|
|
2024
|
-
const { enabled/* policy */ } = action;
|
|
2025
|
-
if (enabled) {
|
|
2026
|
-
acc.push(`${typeName}.${controllerName}.${actionName}`);
|
|
2027
|
-
}
|
|
2028
|
-
return acc;
|
|
2029
|
-
}, []);
|
|
2030
|
-
});
|
|
2031
|
-
});
|
|
2032
|
-
const oldActions = role.permissions.map(({ action })=>action);
|
|
2033
|
-
const toDelete = role.permissions.reduce((acc, permission)=>{
|
|
2034
|
-
if (!newActions.includes(permission.action)) {
|
|
2035
|
-
acc.push(permission);
|
|
2036
|
-
}
|
|
2037
|
-
return acc;
|
|
2038
|
-
}, []);
|
|
2039
|
-
const toCreate = newActions.filter((action)=>!oldActions.includes(action)).map((action)=>({
|
|
2040
|
-
action,
|
|
2041
|
-
role: role.id
|
|
2042
|
-
}));
|
|
2043
|
-
await Promise.all(toDelete.map((permission)=>strapi.db.query('plugin::users-permissions.permission').delete({
|
|
2044
|
-
where: {
|
|
2045
|
-
id: permission.id
|
|
2046
|
-
}
|
|
2047
|
-
})));
|
|
2048
|
-
await Promise.all(toCreate.map((permissionInfo)=>strapi.db.query('plugin::users-permissions.permission').create({
|
|
2049
|
-
data: permissionInfo
|
|
2050
|
-
})));
|
|
2051
|
-
},
|
|
2052
|
-
async deleteRole (roleID, publicRoleID) {
|
|
2053
|
-
const role = await strapi.db.query('plugin::users-permissions.role').findOne({
|
|
2054
|
-
where: {
|
|
2055
|
-
id: roleID
|
|
2056
|
-
},
|
|
2057
|
-
populate: [
|
|
2058
|
-
'users',
|
|
2059
|
-
'permissions'
|
|
2060
|
-
]
|
|
2061
|
-
});
|
|
2062
|
-
if (!role) {
|
|
2063
|
-
throw new NotFoundError('Role not found');
|
|
2064
|
-
}
|
|
2065
|
-
// Move users to guest role.
|
|
2066
|
-
await Promise.all(role.users.map((user)=>{
|
|
2067
|
-
return strapi.db.query('plugin::users-permissions.user').update({
|
|
2068
|
-
where: {
|
|
2069
|
-
id: user.id
|
|
2070
|
-
},
|
|
2071
|
-
data: {
|
|
2072
|
-
role: publicRoleID
|
|
2073
|
-
}
|
|
2074
|
-
});
|
|
2075
|
-
}));
|
|
2076
|
-
// Remove permissions related to this role.
|
|
2077
|
-
// TODO: use delete many
|
|
2078
|
-
await Promise.all(role.permissions.map((permission)=>{
|
|
2079
|
-
return strapi.db.query('plugin::users-permissions.permission').delete({
|
|
2080
|
-
where: {
|
|
2081
|
-
id: permission.id
|
|
2082
|
-
}
|
|
2083
|
-
});
|
|
2084
|
-
}));
|
|
2085
|
-
// Delete the role.
|
|
2086
|
-
await strapi.db.query('plugin::users-permissions.role').delete({
|
|
2087
|
-
where: {
|
|
2088
|
-
id: roleID
|
|
2089
|
-
}
|
|
2090
|
-
});
|
|
2091
|
-
}
|
|
2092
|
-
});
|
|
2093
|
-
return role$3;
|
|
2094
|
-
}
|
|
2095
|
-
|
|
2096
|
-
var usersPermissions;
|
|
2097
|
-
var hasRequiredUsersPermissions;
|
|
2098
|
-
function requireUsersPermissions() {
|
|
2099
|
-
if (hasRequiredUsersPermissions) return usersPermissions;
|
|
2100
|
-
hasRequiredUsersPermissions = 1;
|
|
2101
|
-
const _ = require$$0$3;
|
|
2102
|
-
const { filter, map, pipe, prop } = require$$0;
|
|
2103
|
-
const urlJoin = require$$2;
|
|
2104
|
-
const { template: { createStrictInterpolationRegExp }, errors, objects } = require$$1;
|
|
2105
|
-
const { getService } = requireUtils$1();
|
|
2106
|
-
const DEFAULT_PERMISSIONS = [
|
|
2107
|
-
{
|
|
2108
|
-
action: 'plugin::users-permissions.auth.callback',
|
|
2109
|
-
roleType: 'public'
|
|
2110
|
-
},
|
|
2111
|
-
{
|
|
2112
|
-
action: 'plugin::users-permissions.auth.connect',
|
|
2113
|
-
roleType: 'public'
|
|
2114
|
-
},
|
|
2115
|
-
{
|
|
2116
|
-
action: 'plugin::users-permissions.auth.forgotPassword',
|
|
2117
|
-
roleType: 'public'
|
|
2118
|
-
},
|
|
2119
|
-
{
|
|
2120
|
-
action: 'plugin::users-permissions.auth.resetPassword',
|
|
2121
|
-
roleType: 'public'
|
|
2122
|
-
},
|
|
2123
|
-
{
|
|
2124
|
-
action: 'plugin::users-permissions.auth.register',
|
|
2125
|
-
roleType: 'public'
|
|
2126
|
-
},
|
|
2127
|
-
{
|
|
2128
|
-
action: 'plugin::users-permissions.auth.emailConfirmation',
|
|
2129
|
-
roleType: 'public'
|
|
2130
|
-
},
|
|
2131
|
-
{
|
|
2132
|
-
action: 'plugin::users-permissions.auth.sendEmailConfirmation',
|
|
2133
|
-
roleType: 'public'
|
|
2134
|
-
},
|
|
2135
|
-
{
|
|
2136
|
-
action: 'plugin::users-permissions.user.me',
|
|
2137
|
-
roleType: 'authenticated'
|
|
2138
|
-
},
|
|
2139
|
-
{
|
|
2140
|
-
action: 'plugin::users-permissions.auth.changePassword',
|
|
2141
|
-
roleType: 'authenticated'
|
|
2142
|
-
}
|
|
2143
|
-
];
|
|
2144
|
-
const transformRoutePrefixFor = (pluginName)=>(route)=>{
|
|
2145
|
-
const prefix = route.config && route.config.prefix;
|
|
2146
|
-
const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;
|
|
2147
|
-
return {
|
|
2148
|
-
...route,
|
|
2149
|
-
path
|
|
2150
|
-
};
|
|
2151
|
-
};
|
|
2152
|
-
usersPermissions = ({ strapi })=>({
|
|
2153
|
-
getActions ({ defaultEnable = false } = {}) {
|
|
2154
|
-
const actionMap = {};
|
|
2155
|
-
const isContentApi = (action)=>{
|
|
2156
|
-
if (!_.has(action, Symbol.for('__type__'))) {
|
|
2157
|
-
return false;
|
|
2158
|
-
}
|
|
2159
|
-
return action[Symbol.for('__type__')].includes('content-api');
|
|
2160
|
-
};
|
|
2161
|
-
_.forEach(strapi.apis, (api, apiName)=>{
|
|
2162
|
-
const controllers = _.reduce(api.controllers, (acc, controller, controllerName)=>{
|
|
2163
|
-
const contentApiActions = _.pickBy(controller, isContentApi);
|
|
2164
|
-
if (_.isEmpty(contentApiActions)) {
|
|
2165
|
-
return acc;
|
|
2166
|
-
}
|
|
2167
|
-
acc[controllerName] = _.mapValues(contentApiActions, ()=>{
|
|
2168
|
-
return {
|
|
2169
|
-
enabled: defaultEnable,
|
|
2170
|
-
policy: ''
|
|
2171
|
-
};
|
|
2172
|
-
});
|
|
2173
|
-
return acc;
|
|
2174
|
-
}, {});
|
|
2175
|
-
if (!_.isEmpty(controllers)) {
|
|
2176
|
-
actionMap[`api::${apiName}`] = {
|
|
2177
|
-
controllers
|
|
2178
|
-
};
|
|
2179
|
-
}
|
|
2180
|
-
});
|
|
2181
|
-
_.forEach(strapi.plugins, (plugin, pluginName)=>{
|
|
2182
|
-
const controllers = _.reduce(plugin.controllers, (acc, controller, controllerName)=>{
|
|
2183
|
-
const contentApiActions = _.pickBy(controller, isContentApi);
|
|
2184
|
-
if (_.isEmpty(contentApiActions)) {
|
|
2185
|
-
return acc;
|
|
2186
|
-
}
|
|
2187
|
-
acc[controllerName] = _.mapValues(contentApiActions, ()=>{
|
|
2188
|
-
return {
|
|
2189
|
-
enabled: defaultEnable,
|
|
2190
|
-
policy: ''
|
|
2191
|
-
};
|
|
2192
|
-
});
|
|
2193
|
-
return acc;
|
|
2194
|
-
}, {});
|
|
2195
|
-
if (!_.isEmpty(controllers)) {
|
|
2196
|
-
actionMap[`plugin::${pluginName}`] = {
|
|
2197
|
-
controllers
|
|
2198
|
-
};
|
|
2199
|
-
}
|
|
2200
|
-
});
|
|
2201
|
-
return actionMap;
|
|
2202
|
-
},
|
|
2203
|
-
async getRoutes () {
|
|
2204
|
-
const routesMap = {};
|
|
2205
|
-
_.forEach(strapi.apis, (api, apiName)=>{
|
|
2206
|
-
const routes = _.flatMap(api.routes, (route)=>{
|
|
2207
|
-
if (_.has(route, 'routes')) {
|
|
2208
|
-
return route.routes;
|
|
2209
|
-
}
|
|
2210
|
-
return route;
|
|
2211
|
-
}).filter((route)=>route.info.type === 'content-api');
|
|
2212
|
-
if (routes.length === 0) {
|
|
2213
|
-
return;
|
|
2214
|
-
}
|
|
2215
|
-
const apiPrefix = strapi.config.get('api.rest.prefix');
|
|
2216
|
-
routesMap[`api::${apiName}`] = routes.map((route)=>({
|
|
2217
|
-
...route,
|
|
2218
|
-
path: urlJoin(apiPrefix, route.path)
|
|
2219
|
-
}));
|
|
2220
|
-
});
|
|
2221
|
-
_.forEach(strapi.plugins, (plugin, pluginName)=>{
|
|
2222
|
-
const transformPrefix = transformRoutePrefixFor(pluginName);
|
|
2223
|
-
const routes = _.flatMap(plugin.routes, (route)=>{
|
|
2224
|
-
if (_.has(route, 'routes')) {
|
|
2225
|
-
return route.routes.map(transformPrefix);
|
|
2226
|
-
}
|
|
2227
|
-
return transformPrefix(route);
|
|
2228
|
-
}).filter((route)=>route.info.type === 'content-api');
|
|
2229
|
-
if (routes.length === 0) {
|
|
2230
|
-
return;
|
|
2231
|
-
}
|
|
2232
|
-
const apiPrefix = strapi.config.get('api.rest.prefix');
|
|
2233
|
-
routesMap[`plugin::${pluginName}`] = routes.map((route)=>({
|
|
2234
|
-
...route,
|
|
2235
|
-
path: urlJoin(apiPrefix, route.path)
|
|
2236
|
-
}));
|
|
2237
|
-
});
|
|
2238
|
-
return routesMap;
|
|
2239
|
-
},
|
|
2240
|
-
async syncPermissions () {
|
|
2241
|
-
const roles = await strapi.db.query('plugin::users-permissions.role').findMany();
|
|
2242
|
-
const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();
|
|
2243
|
-
const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));
|
|
2244
|
-
const appActions = _.flatMap(strapi.apis, (api, apiName)=>{
|
|
2245
|
-
return _.flatMap(api.controllers, (controller, controllerName)=>{
|
|
2246
|
-
return _.keys(controller).map((actionName)=>{
|
|
2247
|
-
return `api::${apiName}.${controllerName}.${actionName}`;
|
|
2248
|
-
});
|
|
2249
|
-
});
|
|
2250
|
-
});
|
|
2251
|
-
const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName)=>{
|
|
2252
|
-
return _.flatMap(plugin.controllers, (controller, controllerName)=>{
|
|
2253
|
-
return _.keys(controller).map((actionName)=>{
|
|
2254
|
-
return `plugin::${pluginName}.${controllerName}.${actionName}`;
|
|
2255
|
-
});
|
|
2256
|
-
});
|
|
2257
|
-
});
|
|
2258
|
-
const allActions = [
|
|
2259
|
-
...appActions,
|
|
2260
|
-
...pluginsActions
|
|
2261
|
-
];
|
|
2262
|
-
const toDelete = _.difference(permissionsFoundInDB, allActions);
|
|
2263
|
-
await Promise.all(toDelete.map((action)=>{
|
|
2264
|
-
return strapi.db.query('plugin::users-permissions.permission').delete({
|
|
2265
|
-
where: {
|
|
2266
|
-
action
|
|
2267
|
-
}
|
|
2268
|
-
});
|
|
2269
|
-
}));
|
|
2270
|
-
if (permissionsFoundInDB.length === 0) {
|
|
2271
|
-
// create default permissions
|
|
2272
|
-
for (const role of roles){
|
|
2273
|
-
const toCreate = pipe(filter(({ roleType })=>roleType === role.type || roleType === null), map(prop('action')))(DEFAULT_PERMISSIONS);
|
|
2274
|
-
await Promise.all(toCreate.map((action)=>{
|
|
2275
|
-
return strapi.db.query('plugin::users-permissions.permission').create({
|
|
2276
|
-
data: {
|
|
2277
|
-
action,
|
|
2278
|
-
role: role.id
|
|
2279
|
-
}
|
|
2280
|
-
});
|
|
2281
|
-
}));
|
|
2282
|
-
}
|
|
2283
|
-
}
|
|
2284
|
-
},
|
|
2285
|
-
async initialize () {
|
|
2286
|
-
const roleCount = await strapi.db.query('plugin::users-permissions.role').count();
|
|
2287
|
-
if (roleCount === 0) {
|
|
2288
|
-
await strapi.db.query('plugin::users-permissions.role').create({
|
|
2289
|
-
data: {
|
|
2290
|
-
name: 'Authenticated',
|
|
2291
|
-
description: 'Default role given to authenticated user.',
|
|
2292
|
-
type: 'authenticated'
|
|
2293
|
-
}
|
|
2294
|
-
});
|
|
2295
|
-
await strapi.db.query('plugin::users-permissions.role').create({
|
|
2296
|
-
data: {
|
|
2297
|
-
name: 'Public',
|
|
2298
|
-
description: 'Default role given to unauthenticated user.',
|
|
2299
|
-
type: 'public'
|
|
2300
|
-
}
|
|
2301
|
-
});
|
|
2302
|
-
}
|
|
2303
|
-
return getService('users-permissions').syncPermissions();
|
|
2304
|
-
},
|
|
2305
|
-
async updateUserRole (user, role) {
|
|
2306
|
-
return strapi.db.query('plugin::users-permissions.user').update({
|
|
2307
|
-
where: {
|
|
2308
|
-
id: user.id
|
|
2309
|
-
},
|
|
2310
|
-
data: {
|
|
2311
|
-
role
|
|
2312
|
-
}
|
|
2313
|
-
});
|
|
2314
|
-
},
|
|
2315
|
-
template (layout, data) {
|
|
2316
|
-
const allowedTemplateVariables = objects.keysDeep(data);
|
|
2317
|
-
// Create a strict interpolation RegExp based on possible variable names
|
|
2318
|
-
const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');
|
|
2319
|
-
try {
|
|
2320
|
-
return _.template(layout, {
|
|
2321
|
-
interpolate,
|
|
2322
|
-
evaluate: false,
|
|
2323
|
-
escape: false
|
|
2324
|
-
})(data);
|
|
2325
|
-
} catch (e) {
|
|
2326
|
-
throw new errors.ApplicationError('Invalid email template');
|
|
2327
|
-
}
|
|
2328
|
-
}
|
|
2329
|
-
});
|
|
2330
|
-
return usersPermissions;
|
|
2331
|
-
}
|
|
2332
|
-
|
|
2333
|
-
var providersRegistry;
|
|
2334
|
-
var hasRequiredProvidersRegistry;
|
|
2335
|
-
function requireProvidersRegistry() {
|
|
2336
|
-
if (hasRequiredProvidersRegistry) return providersRegistry;
|
|
2337
|
-
hasRequiredProvidersRegistry = 1;
|
|
2338
|
-
const { strict: assert } = require$$0$4;
|
|
2339
|
-
const jwt = require$$1$2;
|
|
2340
|
-
const urljoin = require$$2;
|
|
2341
|
-
const jwkToPem = require$$3$1;
|
|
2342
|
-
const getCognitoPayload = async ({ idToken, jwksUrl, purest })=>{
|
|
2343
|
-
const { header: { kid }, payload } = jwt.decode(idToken, {
|
|
2344
|
-
complete: true
|
|
2345
|
-
});
|
|
2346
|
-
if (!payload || !kid) {
|
|
2347
|
-
throw new Error('The provided token is not valid');
|
|
2348
|
-
}
|
|
2349
|
-
const config = {
|
|
2350
|
-
cognito: {
|
|
2351
|
-
discovery: {
|
|
2352
|
-
origin: jwksUrl.origin,
|
|
2353
|
-
path: jwksUrl.pathname
|
|
2354
|
-
}
|
|
2355
|
-
}
|
|
2356
|
-
};
|
|
2357
|
-
try {
|
|
2358
|
-
const cognito = purest({
|
|
2359
|
-
provider: 'cognito',
|
|
2360
|
-
config
|
|
2361
|
-
});
|
|
2362
|
-
// get the JSON Web Key (JWK) for the user pool
|
|
2363
|
-
const { body: jwk } = await cognito('discovery').request();
|
|
2364
|
-
// Get the key with the same Key ID as the provided token
|
|
2365
|
-
const key = jwk.keys.find(({ kid: jwkKid })=>jwkKid === kid);
|
|
2366
|
-
const pem = jwkToPem(key);
|
|
2367
|
-
// https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html
|
|
2368
|
-
const decodedToken = await new Promise((resolve, reject)=>{
|
|
2369
|
-
jwt.verify(idToken, pem, {
|
|
2370
|
-
algorithms: [
|
|
2371
|
-
'RS256'
|
|
2372
|
-
]
|
|
2373
|
-
}, (err, decodedToken)=>{
|
|
2374
|
-
if (err) {
|
|
2375
|
-
reject();
|
|
2376
|
-
}
|
|
2377
|
-
resolve(decodedToken);
|
|
2378
|
-
});
|
|
2379
|
-
});
|
|
2380
|
-
return decodedToken;
|
|
2381
|
-
} catch (err) {
|
|
2382
|
-
throw new Error('There was an error verifying the token');
|
|
2383
|
-
}
|
|
2384
|
-
};
|
|
2385
|
-
const initProviders = ({ baseURL, purest })=>({
|
|
2386
|
-
email: {
|
|
2387
|
-
enabled: true,
|
|
2388
|
-
icon: 'envelope',
|
|
2389
|
-
grantConfig: {}
|
|
2390
|
-
},
|
|
2391
|
-
discord: {
|
|
2392
|
-
enabled: false,
|
|
2393
|
-
icon: 'discord',
|
|
2394
|
-
grantConfig: {
|
|
2395
|
-
key: '',
|
|
2396
|
-
secret: '',
|
|
2397
|
-
callbackUrl: `${baseURL}/discord/callback`,
|
|
2398
|
-
scope: [
|
|
2399
|
-
'identify',
|
|
2400
|
-
'email'
|
|
2401
|
-
]
|
|
2402
|
-
},
|
|
2403
|
-
async authCallback ({ accessToken }) {
|
|
2404
|
-
const discord = purest({
|
|
2405
|
-
provider: 'discord'
|
|
2406
|
-
});
|
|
2407
|
-
return discord.get('users/@me').auth(accessToken).request().then(({ body })=>{
|
|
2408
|
-
// Combine username and discriminator (if discriminator exists and not equal to 0)
|
|
2409
|
-
const username = body.discriminator && body.discriminator !== '0' ? `${body.username}#${body.discriminator}` : body.username;
|
|
2410
|
-
return {
|
|
2411
|
-
username,
|
|
2412
|
-
email: body.email
|
|
2413
|
-
};
|
|
2414
|
-
});
|
|
2415
|
-
}
|
|
2416
|
-
},
|
|
2417
|
-
facebook: {
|
|
2418
|
-
enabled: false,
|
|
2419
|
-
icon: 'facebook-square',
|
|
2420
|
-
grantConfig: {
|
|
2421
|
-
key: '',
|
|
2422
|
-
secret: '',
|
|
2423
|
-
callbackUrl: `${baseURL}/facebook/callback`,
|
|
2424
|
-
scope: [
|
|
2425
|
-
'email'
|
|
2426
|
-
]
|
|
2427
|
-
},
|
|
2428
|
-
async authCallback ({ accessToken }) {
|
|
2429
|
-
const facebook = purest({
|
|
2430
|
-
provider: 'facebook'
|
|
2431
|
-
});
|
|
2432
|
-
return facebook.get('me').auth(accessToken).qs({
|
|
2433
|
-
fields: 'name,email'
|
|
2434
|
-
}).request().then(({ body })=>({
|
|
2435
|
-
username: body.name,
|
|
2436
|
-
email: body.email
|
|
2437
|
-
}));
|
|
2438
|
-
}
|
|
2439
|
-
},
|
|
2440
|
-
google: {
|
|
2441
|
-
enabled: false,
|
|
2442
|
-
icon: 'google',
|
|
2443
|
-
grantConfig: {
|
|
2444
|
-
key: '',
|
|
2445
|
-
secret: '',
|
|
2446
|
-
callbackUrl: `${baseURL}/google/callback`,
|
|
2447
|
-
scope: [
|
|
2448
|
-
'email'
|
|
2449
|
-
]
|
|
2450
|
-
},
|
|
2451
|
-
async authCallback ({ accessToken }) {
|
|
2452
|
-
const google = purest({
|
|
2453
|
-
provider: 'google'
|
|
2454
|
-
});
|
|
2455
|
-
return google.query('oauth').get('tokeninfo').qs({
|
|
2456
|
-
accessToken
|
|
2457
|
-
}).request().then(({ body })=>({
|
|
2458
|
-
username: body.email.split('@')[0],
|
|
2459
|
-
email: body.email
|
|
2460
|
-
}));
|
|
2461
|
-
}
|
|
2462
|
-
},
|
|
2463
|
-
github: {
|
|
2464
|
-
enabled: false,
|
|
2465
|
-
icon: 'github',
|
|
2466
|
-
grantConfig: {
|
|
2467
|
-
key: '',
|
|
2468
|
-
secret: '',
|
|
2469
|
-
callbackUrl: `${baseURL}/github/callback`,
|
|
2470
|
-
scope: [
|
|
2471
|
-
'user',
|
|
2472
|
-
'user:email'
|
|
2473
|
-
]
|
|
2474
|
-
},
|
|
2475
|
-
async authCallback ({ accessToken }) {
|
|
2476
|
-
const github = purest({
|
|
2477
|
-
provider: 'github',
|
|
2478
|
-
defaults: {
|
|
2479
|
-
headers: {
|
|
2480
|
-
'user-agent': 'strapi'
|
|
2481
|
-
}
|
|
2482
|
-
}
|
|
2483
|
-
});
|
|
2484
|
-
const { body: userBody } = await github.get('user').auth(accessToken).request();
|
|
2485
|
-
// This is the public email on the github profile
|
|
2486
|
-
if (userBody.email) {
|
|
2487
|
-
return {
|
|
2488
|
-
username: userBody.login,
|
|
2489
|
-
email: userBody.email
|
|
2490
|
-
};
|
|
2491
|
-
}
|
|
2492
|
-
// Get the email with Github's user/emails API
|
|
2493
|
-
const { body: emailBody } = await github.get('user/emails').auth(accessToken).request();
|
|
2494
|
-
return {
|
|
2495
|
-
username: userBody.login,
|
|
2496
|
-
email: Array.isArray(emailBody) ? emailBody.find((email)=>email.primary === true).email : null
|
|
2497
|
-
};
|
|
2498
|
-
}
|
|
2499
|
-
},
|
|
2500
|
-
microsoft: {
|
|
2501
|
-
enabled: false,
|
|
2502
|
-
icon: 'windows',
|
|
2503
|
-
grantConfig: {
|
|
2504
|
-
key: '',
|
|
2505
|
-
secret: '',
|
|
2506
|
-
callbackUrl: `${baseURL}/microsoft/callback`,
|
|
2507
|
-
scope: [
|
|
2508
|
-
'user.read'
|
|
2509
|
-
]
|
|
2510
|
-
},
|
|
2511
|
-
async authCallback ({ accessToken }) {
|
|
2512
|
-
const microsoft = purest({
|
|
2513
|
-
provider: 'microsoft'
|
|
2514
|
-
});
|
|
2515
|
-
return microsoft.get('me').auth(accessToken).request().then(({ body })=>({
|
|
2516
|
-
username: body.userPrincipalName,
|
|
2517
|
-
email: body.userPrincipalName
|
|
2518
|
-
}));
|
|
2519
|
-
}
|
|
2520
|
-
},
|
|
2521
|
-
twitter: {
|
|
2522
|
-
enabled: false,
|
|
2523
|
-
icon: 'twitter',
|
|
2524
|
-
grantConfig: {
|
|
2525
|
-
key: '',
|
|
2526
|
-
secret: '',
|
|
2527
|
-
callbackUrl: `${baseURL}/twitter/callback`
|
|
2528
|
-
},
|
|
2529
|
-
async authCallback ({ accessToken, query, providers }) {
|
|
2530
|
-
const twitter = purest({
|
|
2531
|
-
provider: 'twitter',
|
|
2532
|
-
defaults: {
|
|
2533
|
-
oauth: {
|
|
2534
|
-
consumer_key: providers.twitter.key,
|
|
2535
|
-
consumer_secret: providers.twitter.secret
|
|
2536
|
-
}
|
|
2537
|
-
}
|
|
2538
|
-
});
|
|
2539
|
-
return twitter.get('account/verify_credentials').auth(accessToken, query.access_secret).qs({
|
|
2540
|
-
screen_name: query['raw[screen_name]'],
|
|
2541
|
-
include_email: 'true'
|
|
2542
|
-
}).request().then(({ body })=>({
|
|
2543
|
-
username: body.screen_name,
|
|
2544
|
-
email: body.email
|
|
2545
|
-
}));
|
|
2546
|
-
}
|
|
2547
|
-
},
|
|
2548
|
-
instagram: {
|
|
2549
|
-
enabled: false,
|
|
2550
|
-
icon: 'instagram',
|
|
2551
|
-
grantConfig: {
|
|
2552
|
-
key: '',
|
|
2553
|
-
secret: '',
|
|
2554
|
-
callbackUrl: `${baseURL}/instagram/callback`,
|
|
2555
|
-
scope: [
|
|
2556
|
-
'user_profile'
|
|
2557
|
-
]
|
|
2558
|
-
},
|
|
2559
|
-
async authCallback ({ accessToken }) {
|
|
2560
|
-
const instagram = purest({
|
|
2561
|
-
provider: 'instagram'
|
|
2562
|
-
});
|
|
2563
|
-
return instagram.get('me').auth(accessToken).qs({
|
|
2564
|
-
fields: 'id,username'
|
|
2565
|
-
}).request().then(({ body })=>({
|
|
2566
|
-
username: body.username,
|
|
2567
|
-
email: `${body.username}@strapi.io`
|
|
2568
|
-
}));
|
|
2569
|
-
}
|
|
2570
|
-
},
|
|
2571
|
-
vk: {
|
|
2572
|
-
enabled: false,
|
|
2573
|
-
icon: 'vk',
|
|
2574
|
-
grantConfig: {
|
|
2575
|
-
key: '',
|
|
2576
|
-
secret: '',
|
|
2577
|
-
callbackUrl: `${baseURL}/vk/callback`,
|
|
2578
|
-
scope: [
|
|
2579
|
-
'email'
|
|
2580
|
-
]
|
|
2581
|
-
},
|
|
2582
|
-
async authCallback ({ accessToken, query }) {
|
|
2583
|
-
const vk = purest({
|
|
2584
|
-
provider: 'vk'
|
|
2585
|
-
});
|
|
2586
|
-
return vk.get('users').auth(accessToken).qs({
|
|
2587
|
-
id: query.raw.user_id,
|
|
2588
|
-
v: '5.122'
|
|
2589
|
-
}).request().then(({ body })=>({
|
|
2590
|
-
username: `${body.response[0].last_name} ${body.response[0].first_name}`,
|
|
2591
|
-
email: query.raw.email
|
|
2592
|
-
}));
|
|
2593
|
-
}
|
|
2594
|
-
},
|
|
2595
|
-
twitch: {
|
|
2596
|
-
enabled: false,
|
|
2597
|
-
icon: 'twitch',
|
|
2598
|
-
grantConfig: {
|
|
2599
|
-
key: '',
|
|
2600
|
-
secret: '',
|
|
2601
|
-
callbackUrl: `${baseURL}/twitch/callback`,
|
|
2602
|
-
scope: [
|
|
2603
|
-
'user:read:email'
|
|
2604
|
-
]
|
|
2605
|
-
},
|
|
2606
|
-
async authCallback ({ accessToken, providers }) {
|
|
2607
|
-
const twitch = purest({
|
|
2608
|
-
provider: 'twitch',
|
|
2609
|
-
config: {
|
|
2610
|
-
twitch: {
|
|
2611
|
-
default: {
|
|
2612
|
-
origin: 'https://api.twitch.tv',
|
|
2613
|
-
path: 'helix/{path}',
|
|
2614
|
-
headers: {
|
|
2615
|
-
Authorization: 'Bearer {auth}',
|
|
2616
|
-
'Client-Id': '{auth}'
|
|
2617
|
-
}
|
|
2618
|
-
}
|
|
2619
|
-
}
|
|
2620
|
-
}
|
|
2621
|
-
});
|
|
2622
|
-
return twitch.get('users').auth(accessToken, providers.twitch.key).request().then(({ body })=>({
|
|
2623
|
-
username: body.data[0].login,
|
|
2624
|
-
email: body.data[0].email
|
|
2625
|
-
}));
|
|
2626
|
-
}
|
|
2627
|
-
},
|
|
2628
|
-
linkedin: {
|
|
2629
|
-
enabled: false,
|
|
2630
|
-
icon: 'linkedin',
|
|
2631
|
-
grantConfig: {
|
|
2632
|
-
key: '',
|
|
2633
|
-
secret: '',
|
|
2634
|
-
callbackUrl: `${baseURL}/linkedin/callback`,
|
|
2635
|
-
scope: [
|
|
2636
|
-
'r_liteprofile',
|
|
2637
|
-
'r_emailaddress'
|
|
2638
|
-
]
|
|
2639
|
-
},
|
|
2640
|
-
async authCallback ({ accessToken }) {
|
|
2641
|
-
const linkedIn = purest({
|
|
2642
|
-
provider: 'linkedin'
|
|
2643
|
-
});
|
|
2644
|
-
const { body: { localizedFirstName } } = await linkedIn.get('me').auth(accessToken).request();
|
|
2645
|
-
const { body: { elements } } = await linkedIn.get('emailAddress?q=members&projection=(elements*(handle~))').auth(accessToken).request();
|
|
2646
|
-
const email = elements[0]['handle~'];
|
|
2647
|
-
return {
|
|
2648
|
-
username: localizedFirstName,
|
|
2649
|
-
email: email.emailAddress
|
|
2650
|
-
};
|
|
2651
|
-
}
|
|
2652
|
-
},
|
|
2653
|
-
cognito: {
|
|
2654
|
-
enabled: false,
|
|
2655
|
-
icon: 'aws',
|
|
2656
|
-
grantConfig: {
|
|
2657
|
-
key: '',
|
|
2658
|
-
secret: '',
|
|
2659
|
-
subdomain: 'my.subdomain.com',
|
|
2660
|
-
callback: `${baseURL}/cognito/callback`,
|
|
2661
|
-
scope: [
|
|
2662
|
-
'email',
|
|
2663
|
-
'openid',
|
|
2664
|
-
'profile'
|
|
2665
|
-
]
|
|
2666
|
-
},
|
|
2667
|
-
async authCallback ({ query, providers }) {
|
|
2668
|
-
const jwksUrl = new URL(providers.cognito.jwksurl);
|
|
2669
|
-
const idToken = query.id_token;
|
|
2670
|
-
const tokenPayload = await getCognitoPayload({
|
|
2671
|
-
idToken,
|
|
2672
|
-
jwksUrl,
|
|
2673
|
-
purest
|
|
2674
|
-
});
|
|
2675
|
-
return {
|
|
2676
|
-
username: tokenPayload['cognito:username'],
|
|
2677
|
-
email: tokenPayload.email
|
|
2678
|
-
};
|
|
2679
|
-
}
|
|
2680
|
-
},
|
|
2681
|
-
reddit: {
|
|
2682
|
-
enabled: false,
|
|
2683
|
-
icon: 'reddit',
|
|
2684
|
-
grantConfig: {
|
|
2685
|
-
key: '',
|
|
2686
|
-
secret: '',
|
|
2687
|
-
callback: `${baseURL}/reddit/callback`,
|
|
2688
|
-
scope: [
|
|
2689
|
-
'identity'
|
|
2690
|
-
]
|
|
2691
|
-
},
|
|
2692
|
-
async authCallback ({ accessToken }) {
|
|
2693
|
-
const reddit = purest({
|
|
2694
|
-
provider: 'reddit',
|
|
2695
|
-
config: {
|
|
2696
|
-
reddit: {
|
|
2697
|
-
default: {
|
|
2698
|
-
origin: 'https://oauth.reddit.com',
|
|
2699
|
-
path: 'api/{version}/{path}',
|
|
2700
|
-
version: 'v1',
|
|
2701
|
-
headers: {
|
|
2702
|
-
Authorization: 'Bearer {auth}',
|
|
2703
|
-
'user-agent': 'strapi'
|
|
2704
|
-
}
|
|
2705
|
-
}
|
|
2706
|
-
}
|
|
2707
|
-
}
|
|
2708
|
-
});
|
|
2709
|
-
return reddit.get('me').auth(accessToken).request().then(({ body })=>({
|
|
2710
|
-
username: body.name,
|
|
2711
|
-
email: `${body.name}@strapi.io`
|
|
2712
|
-
}));
|
|
2713
|
-
}
|
|
2714
|
-
},
|
|
2715
|
-
auth0: {
|
|
2716
|
-
enabled: false,
|
|
2717
|
-
icon: '',
|
|
2718
|
-
grantConfig: {
|
|
2719
|
-
key: '',
|
|
2720
|
-
secret: '',
|
|
2721
|
-
subdomain: 'my-tenant.eu',
|
|
2722
|
-
callback: `${baseURL}/auth0/callback`,
|
|
2723
|
-
scope: [
|
|
2724
|
-
'openid',
|
|
2725
|
-
'email',
|
|
2726
|
-
'profile'
|
|
2727
|
-
]
|
|
2728
|
-
},
|
|
2729
|
-
async authCallback ({ accessToken, providers }) {
|
|
2730
|
-
const auth0 = purest({
|
|
2731
|
-
provider: 'auth0'
|
|
2732
|
-
});
|
|
2733
|
-
return auth0.get('userinfo').subdomain(providers.auth0.subdomain).auth(accessToken).request().then(({ body })=>{
|
|
2734
|
-
const username = body.username || body.nickname || body.name || body.email.split('@')[0];
|
|
2735
|
-
const email = body.email || `${username.replace(/\s+/g, '.')}@strapi.io`;
|
|
2736
|
-
return {
|
|
2737
|
-
username,
|
|
2738
|
-
email
|
|
2739
|
-
};
|
|
2740
|
-
});
|
|
2741
|
-
}
|
|
2742
|
-
},
|
|
2743
|
-
cas: {
|
|
2744
|
-
enabled: false,
|
|
2745
|
-
icon: 'book',
|
|
2746
|
-
grantConfig: {
|
|
2747
|
-
key: '',
|
|
2748
|
-
secret: '',
|
|
2749
|
-
callback: `${baseURL}/cas/callback`,
|
|
2750
|
-
scope: [
|
|
2751
|
-
'openid email'
|
|
2752
|
-
],
|
|
2753
|
-
subdomain: 'my.subdomain.com/cas'
|
|
2754
|
-
},
|
|
2755
|
-
async authCallback ({ accessToken, providers }) {
|
|
2756
|
-
const cas = purest({
|
|
2757
|
-
provider: 'cas'
|
|
2758
|
-
});
|
|
2759
|
-
return cas.get('oidc/profile').subdomain(providers.cas.subdomain).auth(accessToken).request().then(({ body })=>{
|
|
2760
|
-
// CAS attribute may be in body.attributes or "FLAT", depending on CAS config
|
|
2761
|
-
const username = body.attributes ? body.attributes.strapiusername || body.id || body.sub : body.strapiusername || body.id || body.sub;
|
|
2762
|
-
const email = body.attributes ? body.attributes.strapiemail || body.attributes.email : body.strapiemail || body.email;
|
|
2763
|
-
if (!username || !email) {
|
|
2764
|
-
strapi.log.warn(`CAS Response Body did not contain required attributes: ${JSON.stringify(body)}`);
|
|
2765
|
-
}
|
|
2766
|
-
return {
|
|
2767
|
-
username,
|
|
2768
|
-
email
|
|
2769
|
-
};
|
|
2770
|
-
});
|
|
2771
|
-
}
|
|
2772
|
-
},
|
|
2773
|
-
patreon: {
|
|
2774
|
-
enabled: false,
|
|
2775
|
-
icon: '',
|
|
2776
|
-
grantConfig: {
|
|
2777
|
-
key: '',
|
|
2778
|
-
secret: '',
|
|
2779
|
-
callback: `${baseURL}/patreon/callback`,
|
|
2780
|
-
scope: [
|
|
2781
|
-
'identity',
|
|
2782
|
-
'identity[email]'
|
|
2783
|
-
]
|
|
2784
|
-
},
|
|
2785
|
-
async authCallback ({ accessToken }) {
|
|
2786
|
-
const patreon = purest({
|
|
2787
|
-
provider: 'patreon',
|
|
2788
|
-
config: {
|
|
2789
|
-
patreon: {
|
|
2790
|
-
default: {
|
|
2791
|
-
origin: 'https://www.patreon.com',
|
|
2792
|
-
path: 'api/oauth2/{path}',
|
|
2793
|
-
headers: {
|
|
2794
|
-
authorization: 'Bearer {auth}'
|
|
2795
|
-
}
|
|
2796
|
-
}
|
|
2797
|
-
}
|
|
2798
|
-
}
|
|
2799
|
-
});
|
|
2800
|
-
return patreon.get('v2/identity').auth(accessToken).qs(new URLSearchParams({
|
|
2801
|
-
'fields[user]': 'full_name,email'
|
|
2802
|
-
}).toString()).request().then(({ body })=>{
|
|
2803
|
-
const patreonData = body.data.attributes;
|
|
2804
|
-
return {
|
|
2805
|
-
username: patreonData.full_name,
|
|
2806
|
-
email: patreonData.email
|
|
2807
|
-
};
|
|
2808
|
-
});
|
|
2809
|
-
}
|
|
2810
|
-
},
|
|
2811
|
-
keycloak: {
|
|
2812
|
-
enabled: false,
|
|
2813
|
-
icon: '',
|
|
2814
|
-
grantConfig: {
|
|
2815
|
-
key: '',
|
|
2816
|
-
secret: '',
|
|
2817
|
-
subdomain: 'myKeycloakProvider.com/realms/myrealm',
|
|
2818
|
-
callback: `${baseURL}/keycloak/callback`,
|
|
2819
|
-
scope: [
|
|
2820
|
-
'openid',
|
|
2821
|
-
'email',
|
|
2822
|
-
'profile'
|
|
2823
|
-
]
|
|
2824
|
-
},
|
|
2825
|
-
async authCallback ({ accessToken, providers }) {
|
|
2826
|
-
const keycloak = purest({
|
|
2827
|
-
provider: 'keycloak'
|
|
2828
|
-
});
|
|
2829
|
-
return keycloak.subdomain(providers.keycloak.subdomain).get('protocol/openid-connect/userinfo').auth(accessToken).request().then(({ body })=>{
|
|
2830
|
-
return {
|
|
2831
|
-
username: body.preferred_username,
|
|
2832
|
-
email: body.email
|
|
2833
|
-
};
|
|
2834
|
-
});
|
|
2835
|
-
}
|
|
2836
|
-
}
|
|
2837
|
-
});
|
|
2838
|
-
providersRegistry = ()=>{
|
|
2839
|
-
const purest = require$$4;
|
|
2840
|
-
const apiPrefix = strapi.config.get('api.rest.prefix');
|
|
2841
|
-
const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');
|
|
2842
|
-
const authProviders = initProviders({
|
|
2843
|
-
baseURL,
|
|
2844
|
-
purest
|
|
2845
|
-
});
|
|
2846
|
-
/**
|
|
2847
|
-
* @public
|
|
2848
|
-
*/ return {
|
|
2849
|
-
getAll () {
|
|
2850
|
-
return authProviders;
|
|
2851
|
-
},
|
|
2852
|
-
get (name) {
|
|
2853
|
-
return authProviders[name];
|
|
2854
|
-
},
|
|
2855
|
-
add (name, config) {
|
|
2856
|
-
authProviders[name] = config;
|
|
2857
|
-
},
|
|
2858
|
-
remove (name) {
|
|
2859
|
-
delete authProviders[name];
|
|
2860
|
-
},
|
|
2861
|
-
/**
|
|
2862
|
-
* @internal
|
|
2863
|
-
*/ async run ({ provider, accessToken, query, providers }) {
|
|
2864
|
-
const authProvider = authProviders[provider];
|
|
2865
|
-
assert(authProvider, 'Unknown auth provider');
|
|
2866
|
-
return authProvider.authCallback({
|
|
2867
|
-
accessToken,
|
|
2868
|
-
query,
|
|
2869
|
-
providers,
|
|
2870
|
-
purest
|
|
2871
|
-
});
|
|
2872
|
-
}
|
|
2873
|
-
};
|
|
2874
|
-
};
|
|
2875
|
-
return providersRegistry;
|
|
2876
|
-
}
|
|
2877
|
-
|
|
2878
|
-
var permission;
|
|
2879
|
-
var hasRequiredPermission;
|
|
2880
|
-
function requirePermission() {
|
|
2881
|
-
if (hasRequiredPermission) return permission;
|
|
2882
|
-
hasRequiredPermission = 1;
|
|
2883
|
-
const PUBLIC_ROLE_FILTER = {
|
|
2884
|
-
role: {
|
|
2885
|
-
type: 'public'
|
|
2886
|
-
}
|
|
2887
|
-
};
|
|
2888
|
-
permission = ({ strapi })=>({
|
|
2889
|
-
/**
|
|
2890
|
-
* Find permissions associated to a specific role ID
|
|
2891
|
-
*
|
|
2892
|
-
* @param {number} roleID
|
|
2893
|
-
*
|
|
2894
|
-
* @return {object[]}
|
|
2895
|
-
*/ async findRolePermissions (roleID) {
|
|
2896
|
-
return strapi.db.query('plugin::users-permissions.role').load({
|
|
2897
|
-
id: roleID
|
|
2898
|
-
}, 'permissions');
|
|
2899
|
-
},
|
|
2900
|
-
/**
|
|
2901
|
-
* Find permissions for the public role
|
|
2902
|
-
*
|
|
2903
|
-
* @return {object[]}
|
|
2904
|
-
*/ async findPublicPermissions () {
|
|
2905
|
-
return strapi.db.query('plugin::users-permissions.permission').findMany({
|
|
2906
|
-
where: PUBLIC_ROLE_FILTER
|
|
2907
|
-
});
|
|
2908
|
-
},
|
|
2909
|
-
/**
|
|
2910
|
-
* Transform a Users-Permissions' action into a content API one
|
|
2911
|
-
*
|
|
2912
|
-
* @param {object} permission
|
|
2913
|
-
* @param {string} permission.action
|
|
2914
|
-
*
|
|
2915
|
-
* @return {{ action: string }}
|
|
2916
|
-
*/ toContentAPIPermission (permission) {
|
|
2917
|
-
const { action } = permission;
|
|
2918
|
-
return {
|
|
2919
|
-
action
|
|
2920
|
-
};
|
|
2921
|
-
}
|
|
2922
|
-
});
|
|
2923
|
-
return permission;
|
|
2924
|
-
}
|
|
2925
|
-
|
|
2926
|
-
var services;
|
|
2927
|
-
var hasRequiredServices;
|
|
2928
|
-
function requireServices() {
|
|
2929
|
-
if (hasRequiredServices) return services;
|
|
2930
|
-
hasRequiredServices = 1;
|
|
2931
|
-
const jwt = requireJwt();
|
|
2932
|
-
const providers = requireProviders();
|
|
2933
|
-
const user = requireUser$3();
|
|
2934
|
-
const role = requireRole$3();
|
|
2935
|
-
const usersPermissions = requireUsersPermissions();
|
|
2936
|
-
const providersRegistry = requireProvidersRegistry();
|
|
2937
|
-
const permission = requirePermission();
|
|
2938
|
-
services = {
|
|
2939
|
-
jwt,
|
|
2940
|
-
providers,
|
|
2941
|
-
'providers-registry': providersRegistry,
|
|
2942
|
-
role,
|
|
2943
|
-
user,
|
|
2944
|
-
'users-permissions': usersPermissions,
|
|
2945
|
-
permission
|
|
2946
|
-
};
|
|
2947
|
-
return services;
|
|
2948
|
-
}
|
|
2949
|
-
|
|
2950
|
-
var permissions$2;
|
|
2951
|
-
var hasRequiredPermissions$2;
|
|
2952
|
-
function requirePermissions$2() {
|
|
2953
|
-
if (hasRequiredPermissions$2) return permissions$2;
|
|
2954
|
-
hasRequiredPermissions$2 = 1;
|
|
2955
|
-
permissions$2 = [
|
|
2956
|
-
{
|
|
2957
|
-
method: 'GET',
|
|
2958
|
-
path: '/permissions',
|
|
2959
|
-
handler: 'permissions.getPermissions'
|
|
2960
|
-
},
|
|
2961
|
-
{
|
|
2962
|
-
method: 'GET',
|
|
2963
|
-
path: '/policies',
|
|
2964
|
-
handler: 'permissions.getPolicies'
|
|
2965
|
-
},
|
|
2966
|
-
{
|
|
2967
|
-
method: 'GET',
|
|
2968
|
-
path: '/routes',
|
|
2969
|
-
handler: 'permissions.getRoutes'
|
|
2970
|
-
}
|
|
2971
|
-
];
|
|
2972
|
-
return permissions$2;
|
|
2973
|
-
}
|
|
2974
|
-
|
|
2975
|
-
var settings$1;
|
|
2976
|
-
var hasRequiredSettings$1;
|
|
2977
|
-
function requireSettings$1() {
|
|
2978
|
-
if (hasRequiredSettings$1) return settings$1;
|
|
2979
|
-
hasRequiredSettings$1 = 1;
|
|
2980
|
-
settings$1 = [
|
|
2981
|
-
{
|
|
2982
|
-
method: 'GET',
|
|
2983
|
-
path: '/email-templates',
|
|
2984
|
-
handler: 'settings.getEmailTemplate',
|
|
2985
|
-
config: {
|
|
2986
|
-
policies: [
|
|
2987
|
-
{
|
|
2988
|
-
name: 'admin::hasPermissions',
|
|
2989
|
-
config: {
|
|
2990
|
-
actions: [
|
|
2991
|
-
'plugin::users-permissions.email-templates.read'
|
|
2992
|
-
]
|
|
2993
|
-
}
|
|
2994
|
-
}
|
|
2995
|
-
]
|
|
2996
|
-
}
|
|
2997
|
-
},
|
|
2998
|
-
{
|
|
2999
|
-
method: 'PUT',
|
|
3000
|
-
path: '/email-templates',
|
|
3001
|
-
handler: 'settings.updateEmailTemplate',
|
|
3002
|
-
config: {
|
|
3003
|
-
policies: [
|
|
3004
|
-
{
|
|
3005
|
-
name: 'admin::hasPermissions',
|
|
3006
|
-
config: {
|
|
3007
|
-
actions: [
|
|
3008
|
-
'plugin::users-permissions.email-templates.update'
|
|
3009
|
-
]
|
|
3010
|
-
}
|
|
3011
|
-
}
|
|
3012
|
-
]
|
|
3013
|
-
}
|
|
3014
|
-
},
|
|
3015
|
-
{
|
|
3016
|
-
method: 'GET',
|
|
3017
|
-
path: '/advanced',
|
|
3018
|
-
handler: 'settings.getAdvancedSettings',
|
|
3019
|
-
config: {
|
|
3020
|
-
policies: [
|
|
3021
|
-
{
|
|
3022
|
-
name: 'admin::hasPermissions',
|
|
3023
|
-
config: {
|
|
3024
|
-
actions: [
|
|
3025
|
-
'plugin::users-permissions.advanced-settings.read'
|
|
3026
|
-
]
|
|
3027
|
-
}
|
|
3028
|
-
}
|
|
3029
|
-
]
|
|
3030
|
-
}
|
|
3031
|
-
},
|
|
3032
|
-
{
|
|
3033
|
-
method: 'PUT',
|
|
3034
|
-
path: '/advanced',
|
|
3035
|
-
handler: 'settings.updateAdvancedSettings',
|
|
3036
|
-
config: {
|
|
3037
|
-
policies: [
|
|
3038
|
-
{
|
|
3039
|
-
name: 'admin::hasPermissions',
|
|
3040
|
-
config: {
|
|
3041
|
-
actions: [
|
|
3042
|
-
'plugin::users-permissions.advanced-settings.update'
|
|
3043
|
-
]
|
|
3044
|
-
}
|
|
3045
|
-
}
|
|
3046
|
-
]
|
|
3047
|
-
}
|
|
3048
|
-
},
|
|
3049
|
-
{
|
|
3050
|
-
method: 'GET',
|
|
3051
|
-
path: '/providers',
|
|
3052
|
-
handler: 'settings.getProviders',
|
|
3053
|
-
config: {
|
|
3054
|
-
policies: [
|
|
3055
|
-
{
|
|
3056
|
-
name: 'admin::hasPermissions',
|
|
3057
|
-
config: {
|
|
3058
|
-
actions: [
|
|
3059
|
-
'plugin::users-permissions.providers.read'
|
|
3060
|
-
]
|
|
3061
|
-
}
|
|
3062
|
-
}
|
|
3063
|
-
]
|
|
3064
|
-
}
|
|
3065
|
-
},
|
|
3066
|
-
{
|
|
3067
|
-
method: 'PUT',
|
|
3068
|
-
path: '/providers',
|
|
3069
|
-
handler: 'settings.updateProviders',
|
|
3070
|
-
config: {
|
|
3071
|
-
policies: [
|
|
3072
|
-
{
|
|
3073
|
-
name: 'admin::hasPermissions',
|
|
3074
|
-
config: {
|
|
3075
|
-
actions: [
|
|
3076
|
-
'plugin::users-permissions.providers.update'
|
|
3077
|
-
]
|
|
3078
|
-
}
|
|
3079
|
-
}
|
|
3080
|
-
]
|
|
3081
|
-
}
|
|
3082
|
-
}
|
|
3083
|
-
];
|
|
3084
|
-
return settings$1;
|
|
3085
|
-
}
|
|
3086
|
-
|
|
3087
|
-
var role$2;
|
|
3088
|
-
var hasRequiredRole$2;
|
|
3089
|
-
function requireRole$2() {
|
|
3090
|
-
if (hasRequiredRole$2) return role$2;
|
|
3091
|
-
hasRequiredRole$2 = 1;
|
|
3092
|
-
role$2 = [
|
|
3093
|
-
{
|
|
3094
|
-
method: 'GET',
|
|
3095
|
-
path: '/roles/:id',
|
|
3096
|
-
handler: 'role.findOne',
|
|
3097
|
-
config: {
|
|
3098
|
-
policies: [
|
|
3099
|
-
{
|
|
3100
|
-
name: 'admin::hasPermissions',
|
|
3101
|
-
config: {
|
|
3102
|
-
actions: [
|
|
3103
|
-
'plugin::users-permissions.roles.read'
|
|
3104
|
-
]
|
|
3105
|
-
}
|
|
3106
|
-
}
|
|
3107
|
-
]
|
|
3108
|
-
}
|
|
3109
|
-
},
|
|
3110
|
-
{
|
|
3111
|
-
method: 'GET',
|
|
3112
|
-
path: '/roles',
|
|
3113
|
-
handler: 'role.find',
|
|
3114
|
-
config: {
|
|
3115
|
-
policies: [
|
|
3116
|
-
{
|
|
3117
|
-
name: 'admin::hasPermissions',
|
|
3118
|
-
config: {
|
|
3119
|
-
actions: [
|
|
3120
|
-
'plugin::users-permissions.roles.read'
|
|
3121
|
-
]
|
|
3122
|
-
}
|
|
3123
|
-
}
|
|
3124
|
-
]
|
|
3125
|
-
}
|
|
3126
|
-
},
|
|
3127
|
-
{
|
|
3128
|
-
method: 'POST',
|
|
3129
|
-
path: '/roles',
|
|
3130
|
-
handler: 'role.createRole',
|
|
3131
|
-
config: {
|
|
3132
|
-
policies: [
|
|
3133
|
-
{
|
|
3134
|
-
name: 'admin::hasPermissions',
|
|
3135
|
-
config: {
|
|
3136
|
-
actions: [
|
|
3137
|
-
'plugin::users-permissions.roles.create'
|
|
3138
|
-
]
|
|
3139
|
-
}
|
|
3140
|
-
}
|
|
3141
|
-
]
|
|
3142
|
-
}
|
|
3143
|
-
},
|
|
3144
|
-
{
|
|
3145
|
-
method: 'PUT',
|
|
3146
|
-
path: '/roles/:role',
|
|
3147
|
-
handler: 'role.updateRole',
|
|
3148
|
-
config: {
|
|
3149
|
-
policies: [
|
|
3150
|
-
{
|
|
3151
|
-
name: 'admin::hasPermissions',
|
|
3152
|
-
config: {
|
|
3153
|
-
actions: [
|
|
3154
|
-
'plugin::users-permissions.roles.update'
|
|
3155
|
-
]
|
|
3156
|
-
}
|
|
3157
|
-
}
|
|
3158
|
-
]
|
|
3159
|
-
}
|
|
3160
|
-
},
|
|
3161
|
-
{
|
|
3162
|
-
method: 'DELETE',
|
|
3163
|
-
path: '/roles/:role',
|
|
3164
|
-
handler: 'role.deleteRole',
|
|
3165
|
-
config: {
|
|
3166
|
-
policies: [
|
|
3167
|
-
{
|
|
3168
|
-
name: 'admin::hasPermissions',
|
|
3169
|
-
config: {
|
|
3170
|
-
actions: [
|
|
3171
|
-
'plugin::users-permissions.roles.delete'
|
|
3172
|
-
]
|
|
3173
|
-
}
|
|
3174
|
-
}
|
|
3175
|
-
]
|
|
3176
|
-
}
|
|
3177
|
-
}
|
|
3178
|
-
];
|
|
3179
|
-
return role$2;
|
|
3180
|
-
}
|
|
3181
|
-
|
|
3182
|
-
var admin;
|
|
3183
|
-
var hasRequiredAdmin;
|
|
3184
|
-
function requireAdmin() {
|
|
3185
|
-
if (hasRequiredAdmin) return admin;
|
|
3186
|
-
hasRequiredAdmin = 1;
|
|
3187
|
-
const permissionsRoutes = requirePermissions$2();
|
|
3188
|
-
const settingsRoutes = requireSettings$1();
|
|
3189
|
-
const roleRoutes = requireRole$2();
|
|
3190
|
-
admin = {
|
|
3191
|
-
type: 'admin',
|
|
3192
|
-
routes: [
|
|
3193
|
-
...roleRoutes,
|
|
3194
|
-
...settingsRoutes,
|
|
3195
|
-
...permissionsRoutes
|
|
3196
|
-
]
|
|
3197
|
-
};
|
|
3198
|
-
return admin;
|
|
3199
|
-
}
|
|
3200
|
-
|
|
3201
|
-
var auth$2;
|
|
3202
|
-
var hasRequiredAuth$2;
|
|
3203
|
-
function requireAuth$2() {
|
|
3204
|
-
if (hasRequiredAuth$2) return auth$2;
|
|
3205
|
-
hasRequiredAuth$2 = 1;
|
|
3206
|
-
auth$2 = [
|
|
3207
|
-
{
|
|
3208
|
-
method: 'GET',
|
|
3209
|
-
path: '/connect/(.*)',
|
|
3210
|
-
handler: 'auth.connect',
|
|
3211
|
-
config: {
|
|
3212
|
-
middlewares: [
|
|
3213
|
-
'plugin::users-permissions.rateLimit'
|
|
3214
|
-
],
|
|
3215
|
-
prefix: ''
|
|
3216
|
-
}
|
|
3217
|
-
},
|
|
3218
|
-
{
|
|
3219
|
-
method: 'POST',
|
|
3220
|
-
path: '/auth/local',
|
|
3221
|
-
handler: 'auth.callback',
|
|
3222
|
-
config: {
|
|
3223
|
-
middlewares: [
|
|
3224
|
-
'plugin::users-permissions.rateLimit'
|
|
3225
|
-
],
|
|
3226
|
-
prefix: ''
|
|
3227
|
-
}
|
|
3228
|
-
},
|
|
3229
|
-
{
|
|
3230
|
-
method: 'POST',
|
|
3231
|
-
path: '/auth/local/register',
|
|
3232
|
-
handler: 'auth.register',
|
|
3233
|
-
config: {
|
|
3234
|
-
middlewares: [
|
|
3235
|
-
'plugin::users-permissions.rateLimit'
|
|
3236
|
-
],
|
|
3237
|
-
prefix: ''
|
|
3238
|
-
}
|
|
3239
|
-
},
|
|
3240
|
-
{
|
|
3241
|
-
method: 'GET',
|
|
3242
|
-
path: '/auth/:provider/callback',
|
|
3243
|
-
handler: 'auth.callback',
|
|
3244
|
-
config: {
|
|
3245
|
-
prefix: ''
|
|
3246
|
-
}
|
|
3247
|
-
},
|
|
3248
|
-
{
|
|
3249
|
-
method: 'POST',
|
|
3250
|
-
path: '/auth/forgot-password',
|
|
3251
|
-
handler: 'auth.forgotPassword',
|
|
3252
|
-
config: {
|
|
3253
|
-
middlewares: [
|
|
3254
|
-
'plugin::users-permissions.rateLimit'
|
|
3255
|
-
],
|
|
3256
|
-
prefix: ''
|
|
3257
|
-
}
|
|
3258
|
-
},
|
|
3259
|
-
{
|
|
3260
|
-
method: 'POST',
|
|
3261
|
-
path: '/auth/reset-password',
|
|
3262
|
-
handler: 'auth.resetPassword',
|
|
3263
|
-
config: {
|
|
3264
|
-
middlewares: [
|
|
3265
|
-
'plugin::users-permissions.rateLimit'
|
|
3266
|
-
],
|
|
3267
|
-
prefix: ''
|
|
3268
|
-
}
|
|
3269
|
-
},
|
|
3270
|
-
{
|
|
3271
|
-
method: 'GET',
|
|
3272
|
-
path: '/auth/email-confirmation',
|
|
3273
|
-
handler: 'auth.emailConfirmation',
|
|
3274
|
-
config: {
|
|
3275
|
-
prefix: ''
|
|
3276
|
-
}
|
|
3277
|
-
},
|
|
3278
|
-
{
|
|
3279
|
-
method: 'POST',
|
|
3280
|
-
path: '/auth/send-email-confirmation',
|
|
3281
|
-
handler: 'auth.sendEmailConfirmation',
|
|
3282
|
-
config: {
|
|
3283
|
-
prefix: ''
|
|
3284
|
-
}
|
|
3285
|
-
},
|
|
3286
|
-
{
|
|
3287
|
-
method: 'POST',
|
|
3288
|
-
path: '/auth/change-password',
|
|
3289
|
-
handler: 'auth.changePassword',
|
|
3290
|
-
config: {
|
|
3291
|
-
middlewares: [
|
|
3292
|
-
'plugin::users-permissions.rateLimit'
|
|
3293
|
-
],
|
|
3294
|
-
prefix: ''
|
|
3295
|
-
}
|
|
3296
|
-
}
|
|
3297
|
-
];
|
|
3298
|
-
return auth$2;
|
|
3299
|
-
}
|
|
3300
|
-
|
|
3301
|
-
var user$2;
|
|
3302
|
-
var hasRequiredUser$2;
|
|
3303
|
-
function requireUser$2() {
|
|
3304
|
-
if (hasRequiredUser$2) return user$2;
|
|
3305
|
-
hasRequiredUser$2 = 1;
|
|
3306
|
-
user$2 = [
|
|
3307
|
-
{
|
|
3308
|
-
method: 'GET',
|
|
3309
|
-
path: '/users/count',
|
|
3310
|
-
handler: 'user.count',
|
|
3311
|
-
config: {
|
|
3312
|
-
prefix: ''
|
|
3313
|
-
}
|
|
3314
|
-
},
|
|
3315
|
-
{
|
|
3316
|
-
method: 'GET',
|
|
3317
|
-
path: '/users',
|
|
3318
|
-
handler: 'user.find',
|
|
3319
|
-
config: {
|
|
3320
|
-
prefix: ''
|
|
3321
|
-
}
|
|
3322
|
-
},
|
|
3323
|
-
{
|
|
3324
|
-
method: 'GET',
|
|
3325
|
-
path: '/users/me',
|
|
3326
|
-
handler: 'user.me',
|
|
3327
|
-
config: {
|
|
3328
|
-
prefix: ''
|
|
3329
|
-
}
|
|
3330
|
-
},
|
|
3331
|
-
{
|
|
3332
|
-
method: 'GET',
|
|
3333
|
-
path: '/users/:id',
|
|
3334
|
-
handler: 'user.findOne',
|
|
3335
|
-
config: {
|
|
3336
|
-
prefix: ''
|
|
3337
|
-
}
|
|
3338
|
-
},
|
|
3339
|
-
{
|
|
3340
|
-
method: 'POST',
|
|
3341
|
-
path: '/users',
|
|
3342
|
-
handler: 'user.create',
|
|
3343
|
-
config: {
|
|
3344
|
-
prefix: ''
|
|
3345
|
-
}
|
|
3346
|
-
},
|
|
3347
|
-
{
|
|
3348
|
-
method: 'PUT',
|
|
3349
|
-
path: '/users/:id',
|
|
3350
|
-
handler: 'user.update',
|
|
3351
|
-
config: {
|
|
3352
|
-
prefix: ''
|
|
3353
|
-
}
|
|
3354
|
-
},
|
|
3355
|
-
{
|
|
3356
|
-
method: 'DELETE',
|
|
3357
|
-
path: '/users/:id',
|
|
3358
|
-
handler: 'user.destroy',
|
|
3359
|
-
config: {
|
|
3360
|
-
prefix: ''
|
|
3361
|
-
}
|
|
3362
|
-
}
|
|
3363
|
-
];
|
|
3364
|
-
return user$2;
|
|
3365
|
-
}
|
|
3366
|
-
|
|
3367
|
-
var role$1;
|
|
3368
|
-
var hasRequiredRole$1;
|
|
3369
|
-
function requireRole$1() {
|
|
3370
|
-
if (hasRequiredRole$1) return role$1;
|
|
3371
|
-
hasRequiredRole$1 = 1;
|
|
3372
|
-
role$1 = [
|
|
3373
|
-
{
|
|
3374
|
-
method: 'GET',
|
|
3375
|
-
path: '/roles/:id',
|
|
3376
|
-
handler: 'role.findOne'
|
|
3377
|
-
},
|
|
3378
|
-
{
|
|
3379
|
-
method: 'GET',
|
|
3380
|
-
path: '/roles',
|
|
3381
|
-
handler: 'role.find'
|
|
3382
|
-
},
|
|
3383
|
-
{
|
|
3384
|
-
method: 'POST',
|
|
3385
|
-
path: '/roles',
|
|
3386
|
-
handler: 'role.createRole'
|
|
3387
|
-
},
|
|
3388
|
-
{
|
|
3389
|
-
method: 'PUT',
|
|
3390
|
-
path: '/roles/:role',
|
|
3391
|
-
handler: 'role.updateRole'
|
|
3392
|
-
},
|
|
3393
|
-
{
|
|
3394
|
-
method: 'DELETE',
|
|
3395
|
-
path: '/roles/:role',
|
|
3396
|
-
handler: 'role.deleteRole'
|
|
3397
|
-
}
|
|
3398
|
-
];
|
|
3399
|
-
return role$1;
|
|
3400
|
-
}
|
|
3401
|
-
|
|
3402
|
-
var permissions$1;
|
|
3403
|
-
var hasRequiredPermissions$1;
|
|
3404
|
-
function requirePermissions$1() {
|
|
3405
|
-
if (hasRequiredPermissions$1) return permissions$1;
|
|
3406
|
-
hasRequiredPermissions$1 = 1;
|
|
3407
|
-
permissions$1 = [
|
|
3408
|
-
{
|
|
3409
|
-
method: 'GET',
|
|
3410
|
-
path: '/permissions',
|
|
3411
|
-
handler: 'permissions.getPermissions'
|
|
3412
|
-
}
|
|
3413
|
-
];
|
|
3414
|
-
return permissions$1;
|
|
3415
|
-
}
|
|
3416
|
-
|
|
3417
|
-
var contentApi;
|
|
3418
|
-
var hasRequiredContentApi;
|
|
3419
|
-
function requireContentApi() {
|
|
3420
|
-
if (hasRequiredContentApi) return contentApi;
|
|
3421
|
-
hasRequiredContentApi = 1;
|
|
3422
|
-
const authRoutes = requireAuth$2();
|
|
3423
|
-
const userRoutes = requireUser$2();
|
|
3424
|
-
const roleRoutes = requireRole$1();
|
|
3425
|
-
const permissionsRoutes = requirePermissions$1();
|
|
3426
|
-
contentApi = {
|
|
3427
|
-
type: 'content-api',
|
|
3428
|
-
routes: [
|
|
3429
|
-
...authRoutes,
|
|
3430
|
-
...userRoutes,
|
|
3431
|
-
...roleRoutes,
|
|
3432
|
-
...permissionsRoutes
|
|
3433
|
-
]
|
|
3434
|
-
};
|
|
3435
|
-
return contentApi;
|
|
3436
|
-
}
|
|
3437
|
-
|
|
3438
|
-
var routes;
|
|
3439
|
-
var hasRequiredRoutes;
|
|
3440
|
-
function requireRoutes() {
|
|
3441
|
-
if (hasRequiredRoutes) return routes;
|
|
3442
|
-
hasRequiredRoutes = 1;
|
|
3443
|
-
routes = {
|
|
3444
|
-
admin: requireAdmin(),
|
|
3445
|
-
'content-api': requireContentApi()
|
|
3446
|
-
};
|
|
3447
|
-
return routes;
|
|
3448
|
-
}
|
|
3449
|
-
|
|
3450
|
-
var auth$1;
|
|
3451
|
-
var hasRequiredAuth$1;
|
|
3452
|
-
function requireAuth$1() {
|
|
3453
|
-
if (hasRequiredAuth$1) return auth$1;
|
|
3454
|
-
hasRequiredAuth$1 = 1;
|
|
3455
|
-
const { yup, validateYupSchema } = require$$1;
|
|
3456
|
-
const callbackSchema = yup.object({
|
|
3457
|
-
identifier: yup.string().required(),
|
|
3458
|
-
password: yup.string().required()
|
|
3459
|
-
});
|
|
3460
|
-
const createRegisterSchema = (config)=>yup.object({
|
|
3461
|
-
email: yup.string().email().required(),
|
|
3462
|
-
username: yup.string().required(),
|
|
3463
|
-
password: yup.string().required().test(function(value) {
|
|
3464
|
-
if (!value) return true;
|
|
3465
|
-
const isValid = new TextEncoder().encode(value).length <= 72;
|
|
3466
|
-
if (!isValid) {
|
|
3467
|
-
return this.createError({
|
|
3468
|
-
message: 'Password must be less than 73 bytes'
|
|
3469
|
-
});
|
|
3470
|
-
}
|
|
3471
|
-
return true;
|
|
3472
|
-
}).test(async function(value) {
|
|
3473
|
-
if (typeof config?.validatePassword === 'function') {
|
|
3474
|
-
try {
|
|
3475
|
-
const isValid = await config.validatePassword(value);
|
|
3476
|
-
if (!isValid) {
|
|
3477
|
-
return this.createError({
|
|
3478
|
-
message: 'Password validation failed.'
|
|
3479
|
-
});
|
|
3480
|
-
}
|
|
3481
|
-
} catch (error) {
|
|
3482
|
-
return this.createError({
|
|
3483
|
-
message: error.message || 'An error occurred.'
|
|
3484
|
-
});
|
|
3485
|
-
}
|
|
3486
|
-
}
|
|
3487
|
-
return true;
|
|
3488
|
-
})
|
|
3489
|
-
});
|
|
3490
|
-
const sendEmailConfirmationSchema = yup.object({
|
|
3491
|
-
email: yup.string().email().required()
|
|
3492
|
-
});
|
|
3493
|
-
const validateEmailConfirmationSchema = yup.object({
|
|
3494
|
-
confirmation: yup.string().required()
|
|
3495
|
-
});
|
|
3496
|
-
const forgotPasswordSchema = yup.object({
|
|
3497
|
-
email: yup.string().email().required()
|
|
3498
|
-
}).noUnknown();
|
|
3499
|
-
const createResetPasswordSchema = (config)=>yup.object({
|
|
3500
|
-
password: yup.string().required().test(function(value) {
|
|
3501
|
-
if (!value) return true;
|
|
3502
|
-
const isValid = new TextEncoder().encode(value).length <= 72;
|
|
3503
|
-
if (!isValid) {
|
|
3504
|
-
return this.createError({
|
|
3505
|
-
message: 'Password must be less than 73 bytes'
|
|
3506
|
-
});
|
|
3507
|
-
}
|
|
3508
|
-
return true;
|
|
3509
|
-
}).test(async function(value) {
|
|
3510
|
-
if (typeof config?.validatePassword === 'function') {
|
|
3511
|
-
try {
|
|
3512
|
-
const isValid = await config.validatePassword(value);
|
|
3513
|
-
if (!isValid) {
|
|
3514
|
-
return this.createError({
|
|
3515
|
-
message: 'Password validation failed.'
|
|
3516
|
-
});
|
|
3517
|
-
}
|
|
3518
|
-
} catch (error) {
|
|
3519
|
-
return this.createError({
|
|
3520
|
-
message: error.message || 'An error occurred.'
|
|
3521
|
-
});
|
|
3522
|
-
}
|
|
3523
|
-
}
|
|
3524
|
-
return true;
|
|
3525
|
-
}),
|
|
3526
|
-
passwordConfirmation: yup.string().required().oneOf([
|
|
3527
|
-
yup.ref('password')
|
|
3528
|
-
], 'Passwords do not match'),
|
|
3529
|
-
code: yup.string().required()
|
|
3530
|
-
}).noUnknown();
|
|
3531
|
-
const createChangePasswordSchema = (config)=>yup.object({
|
|
3532
|
-
password: yup.string().required().test(function(value) {
|
|
3533
|
-
if (!value) return true;
|
|
3534
|
-
const isValid = new TextEncoder().encode(value).length <= 72;
|
|
3535
|
-
if (!isValid) {
|
|
3536
|
-
return this.createError({
|
|
3537
|
-
message: 'Password must be less than 73 bytes'
|
|
3538
|
-
});
|
|
3539
|
-
}
|
|
3540
|
-
return true;
|
|
3541
|
-
}).test(async function(value) {
|
|
3542
|
-
if (typeof config?.validatePassword === 'function') {
|
|
3543
|
-
try {
|
|
3544
|
-
const isValid = await config.validatePassword(value);
|
|
3545
|
-
if (!isValid) {
|
|
3546
|
-
return this.createError({
|
|
3547
|
-
message: 'Password validation failed.'
|
|
3548
|
-
});
|
|
3549
|
-
}
|
|
3550
|
-
} catch (error) {
|
|
3551
|
-
return this.createError({
|
|
3552
|
-
message: error.message || 'An error occurred.'
|
|
3553
|
-
});
|
|
3554
|
-
}
|
|
3555
|
-
}
|
|
3556
|
-
return true;
|
|
3557
|
-
}),
|
|
3558
|
-
passwordConfirmation: yup.string().required().oneOf([
|
|
3559
|
-
yup.ref('password')
|
|
3560
|
-
], 'Passwords do not match'),
|
|
3561
|
-
currentPassword: yup.string().required()
|
|
3562
|
-
}).noUnknown();
|
|
3563
|
-
auth$1 = {
|
|
3564
|
-
validateCallbackBody: validateYupSchema(callbackSchema),
|
|
3565
|
-
validateRegisterBody: (payload, config)=>validateYupSchema(createRegisterSchema(config))(payload),
|
|
3566
|
-
validateSendEmailConfirmationBody: validateYupSchema(sendEmailConfirmationSchema),
|
|
3567
|
-
validateEmailConfirmationBody: validateYupSchema(validateEmailConfirmationSchema),
|
|
3568
|
-
validateForgotPasswordBody: validateYupSchema(forgotPasswordSchema),
|
|
3569
|
-
validateResetPasswordBody: (payload, config)=>validateYupSchema(createResetPasswordSchema(config))(payload),
|
|
3570
|
-
validateChangePasswordBody: (payload, config)=>validateYupSchema(createChangePasswordSchema(config))(payload)
|
|
3571
|
-
};
|
|
3572
|
-
return auth$1;
|
|
3573
|
-
}
|
|
3574
|
-
|
|
3575
|
-
var auth;
|
|
3576
|
-
var hasRequiredAuth;
|
|
3577
|
-
function requireAuth() {
|
|
3578
|
-
if (hasRequiredAuth) return auth;
|
|
3579
|
-
hasRequiredAuth = 1;
|
|
3580
|
-
/**
|
|
3581
|
-
* Auth.js controller
|
|
3582
|
-
*
|
|
3583
|
-
* @description: A set of functions called "actions" for managing `Auth`.
|
|
3584
|
-
*/ /* eslint-disable no-useless-escape */ const crypto = require$$0$2;
|
|
3585
|
-
const _ = require$$0$3;
|
|
3586
|
-
const { concat, compact, isArray } = require$$0;
|
|
3587
|
-
const utils = require$$1;
|
|
3588
|
-
const { getService } = requireUtils$1();
|
|
3589
|
-
const { validateCallbackBody, validateRegisterBody, validateSendEmailConfirmationBody, validateForgotPasswordBody, validateResetPasswordBody, validateEmailConfirmationBody, validateChangePasswordBody } = requireAuth$1();
|
|
3590
|
-
const { ApplicationError, ValidationError, ForbiddenError } = utils.errors;
|
|
3591
|
-
const sanitizeUser = (user, ctx)=>{
|
|
3592
|
-
const { auth } = ctx.state;
|
|
3593
|
-
const userSchema = strapi.getModel('plugin::users-permissions.user');
|
|
3594
|
-
return strapi.contentAPI.sanitize.output(user, userSchema, {
|
|
3595
|
-
auth
|
|
3596
|
-
});
|
|
3597
|
-
};
|
|
3598
|
-
auth = ({ strapi: strapi1 })=>({
|
|
3599
|
-
async callback (ctx) {
|
|
3600
|
-
const provider = ctx.params.provider || 'local';
|
|
3601
|
-
const params = ctx.request.body;
|
|
3602
|
-
const store = strapi1.store({
|
|
3603
|
-
type: 'plugin',
|
|
3604
|
-
name: 'users-permissions'
|
|
3605
|
-
});
|
|
3606
|
-
const grantSettings = await store.get({
|
|
3607
|
-
key: 'grant'
|
|
3608
|
-
});
|
|
3609
|
-
const grantProvider = provider === 'local' ? 'email' : provider;
|
|
3610
|
-
if (!_.get(grantSettings, [
|
|
3611
|
-
grantProvider,
|
|
3612
|
-
'enabled'
|
|
3613
|
-
])) {
|
|
3614
|
-
throw new ApplicationError('This provider is disabled');
|
|
3615
|
-
}
|
|
3616
|
-
if (provider === 'local') {
|
|
3617
|
-
await validateCallbackBody(params);
|
|
3618
|
-
const { identifier } = params;
|
|
3619
|
-
// Check if the user exists.
|
|
3620
|
-
const user = await strapi1.db.query('plugin::users-permissions.user').findOne({
|
|
3621
|
-
where: {
|
|
3622
|
-
provider,
|
|
3623
|
-
$or: [
|
|
3624
|
-
{
|
|
3625
|
-
email: identifier.toLowerCase()
|
|
3626
|
-
},
|
|
3627
|
-
{
|
|
3628
|
-
username: identifier
|
|
3629
|
-
}
|
|
3630
|
-
]
|
|
3631
|
-
}
|
|
3632
|
-
});
|
|
3633
|
-
if (!user) {
|
|
3634
|
-
throw new ValidationError('Invalid identifier or password');
|
|
3635
|
-
}
|
|
3636
|
-
if (!user.password) {
|
|
3637
|
-
throw new ValidationError('Invalid identifier or password');
|
|
3638
|
-
}
|
|
3639
|
-
const validPassword = await getService('user').validatePassword(params.password, user.password);
|
|
3640
|
-
if (!validPassword) {
|
|
3641
|
-
throw new ValidationError('Invalid identifier or password');
|
|
3642
|
-
}
|
|
3643
|
-
const advancedSettings = await store.get({
|
|
3644
|
-
key: 'advanced'
|
|
3645
|
-
});
|
|
3646
|
-
const requiresConfirmation = _.get(advancedSettings, 'email_confirmation');
|
|
3647
|
-
if (requiresConfirmation && user.confirmed !== true) {
|
|
3648
|
-
throw new ApplicationError('Your account email is not confirmed');
|
|
3649
|
-
}
|
|
3650
|
-
if (user.blocked === true) {
|
|
3651
|
-
throw new ApplicationError('Your account has been blocked by an administrator');
|
|
3652
|
-
}
|
|
3653
|
-
return ctx.send({
|
|
3654
|
-
jwt: getService('jwt').issue({
|
|
3655
|
-
id: user.id
|
|
3656
|
-
}),
|
|
3657
|
-
user: await sanitizeUser(user, ctx)
|
|
3658
|
-
});
|
|
3659
|
-
}
|
|
3660
|
-
// Connect the user with the third-party provider.
|
|
3661
|
-
try {
|
|
3662
|
-
const user = await getService('providers').connect(provider, ctx.query);
|
|
3663
|
-
if (user.blocked) {
|
|
3664
|
-
throw new ForbiddenError('Your account has been blocked by an administrator');
|
|
3665
|
-
}
|
|
3666
|
-
return ctx.send({
|
|
3667
|
-
jwt: getService('jwt').issue({
|
|
3668
|
-
id: user.id
|
|
3669
|
-
}),
|
|
3670
|
-
user: await sanitizeUser(user, ctx)
|
|
3671
|
-
});
|
|
3672
|
-
} catch (error) {
|
|
3673
|
-
throw new ApplicationError(error.message);
|
|
3674
|
-
}
|
|
3675
|
-
},
|
|
3676
|
-
async changePassword (ctx) {
|
|
3677
|
-
if (!ctx.state.user) {
|
|
3678
|
-
throw new ApplicationError('You must be authenticated to reset your password');
|
|
3679
|
-
}
|
|
3680
|
-
const validations = strapi1.config.get('plugin::users-permissions.validationRules');
|
|
3681
|
-
const { currentPassword, password } = await validateChangePasswordBody(ctx.request.body, validations);
|
|
3682
|
-
const user = await strapi1.db.query('plugin::users-permissions.user').findOne({
|
|
3683
|
-
where: {
|
|
3684
|
-
id: ctx.state.user.id
|
|
3685
|
-
}
|
|
3686
|
-
});
|
|
3687
|
-
const validPassword = await getService('user').validatePassword(currentPassword, user.password);
|
|
3688
|
-
if (!validPassword) {
|
|
3689
|
-
throw new ValidationError('The provided current password is invalid');
|
|
3690
|
-
}
|
|
3691
|
-
if (currentPassword === password) {
|
|
3692
|
-
throw new ValidationError('Your new password must be different than your current password');
|
|
3693
|
-
}
|
|
3694
|
-
await getService('user').edit(user.id, {
|
|
3695
|
-
password
|
|
3696
|
-
});
|
|
3697
|
-
ctx.send({
|
|
3698
|
-
jwt: getService('jwt').issue({
|
|
3699
|
-
id: user.id
|
|
3700
|
-
}),
|
|
3701
|
-
user: await sanitizeUser(user, ctx)
|
|
3702
|
-
});
|
|
3703
|
-
},
|
|
3704
|
-
async resetPassword (ctx) {
|
|
3705
|
-
const validations = strapi1.config.get('plugin::users-permissions.validationRules');
|
|
3706
|
-
const { password, passwordConfirmation, code } = await validateResetPasswordBody(ctx.request.body, validations);
|
|
3707
|
-
if (password !== passwordConfirmation) {
|
|
3708
|
-
throw new ValidationError('Passwords do not match');
|
|
3709
|
-
}
|
|
3710
|
-
const user = await strapi1.db.query('plugin::users-permissions.user').findOne({
|
|
3711
|
-
where: {
|
|
3712
|
-
resetPasswordToken: code
|
|
3713
|
-
}
|
|
3714
|
-
});
|
|
3715
|
-
if (!user) {
|
|
3716
|
-
throw new ValidationError('Incorrect code provided');
|
|
3717
|
-
}
|
|
3718
|
-
await getService('user').edit(user.id, {
|
|
3719
|
-
resetPasswordToken: null,
|
|
3720
|
-
password
|
|
3721
|
-
});
|
|
3722
|
-
// Update the user.
|
|
3723
|
-
ctx.send({
|
|
3724
|
-
jwt: getService('jwt').issue({
|
|
3725
|
-
id: user.id
|
|
3726
|
-
}),
|
|
3727
|
-
user: await sanitizeUser(user, ctx)
|
|
3728
|
-
});
|
|
3729
|
-
},
|
|
3730
|
-
async connect (ctx, next) {
|
|
3731
|
-
const grant = require$$6.koa();
|
|
3732
|
-
const providers = await strapi1.store({
|
|
3733
|
-
type: 'plugin',
|
|
3734
|
-
name: 'users-permissions',
|
|
3735
|
-
key: 'grant'
|
|
3736
|
-
}).get();
|
|
3737
|
-
const apiPrefix = strapi1.config.get('api.rest.prefix');
|
|
3738
|
-
const grantConfig = {
|
|
3739
|
-
defaults: {
|
|
3740
|
-
prefix: `${apiPrefix}/connect`
|
|
3741
|
-
},
|
|
3742
|
-
...providers
|
|
3743
|
-
};
|
|
3744
|
-
const [requestPath] = ctx.request.url.split('?');
|
|
3745
|
-
const provider = requestPath.split('/connect/')[1].split('/')[0];
|
|
3746
|
-
if (!_.get(grantConfig[provider], 'enabled')) {
|
|
3747
|
-
throw new ApplicationError('This provider is disabled');
|
|
3748
|
-
}
|
|
3749
|
-
if (!strapi1.config.server.url.startsWith('http')) {
|
|
3750
|
-
strapi1.log.warn('You are using a third party provider for login. Make sure to set an absolute url in config/server.js. More info here: https://docs.strapi.io/developer-docs/latest/plugins/users-permissions.html#setting-up-the-server-url');
|
|
3751
|
-
}
|
|
3752
|
-
// Ability to pass OAuth callback dynamically
|
|
3753
|
-
const queryCustomCallback = _.get(ctx, 'query.callback');
|
|
3754
|
-
const dynamicSessionCallback = _.get(ctx, 'session.grant.dynamic.callback');
|
|
3755
|
-
const customCallback = queryCustomCallback ?? dynamicSessionCallback;
|
|
3756
|
-
// The custom callback is validated to make sure it's not redirecting to an unwanted actor.
|
|
3757
|
-
if (customCallback !== undefined) {
|
|
3758
|
-
try {
|
|
3759
|
-
// We're extracting the callback validator from the plugin config since it can be user-customized
|
|
3760
|
-
const { validate: validateCallback } = strapi1.plugin('users-permissions').config('callback');
|
|
3761
|
-
await validateCallback(customCallback, grantConfig[provider]);
|
|
3762
|
-
grantConfig[provider].callback = customCallback;
|
|
3763
|
-
} catch (e) {
|
|
3764
|
-
throw new ValidationError('Invalid callback URL provided', {
|
|
3765
|
-
callback: customCallback
|
|
3766
|
-
});
|
|
3767
|
-
}
|
|
3768
|
-
}
|
|
3769
|
-
// Build a valid redirect URI for the current provider
|
|
3770
|
-
grantConfig[provider].redirect_uri = getService('providers').buildRedirectUri(provider);
|
|
3771
|
-
return grant(grantConfig)(ctx, next);
|
|
3772
|
-
},
|
|
3773
|
-
async forgotPassword (ctx) {
|
|
3774
|
-
const { email } = await validateForgotPasswordBody(ctx.request.body);
|
|
3775
|
-
const pluginStore = await strapi1.store({
|
|
3776
|
-
type: 'plugin',
|
|
3777
|
-
name: 'users-permissions'
|
|
3778
|
-
});
|
|
3779
|
-
const emailSettings = await pluginStore.get({
|
|
3780
|
-
key: 'email'
|
|
3781
|
-
});
|
|
3782
|
-
const advancedSettings = await pluginStore.get({
|
|
3783
|
-
key: 'advanced'
|
|
3784
|
-
});
|
|
3785
|
-
// Find the user by email.
|
|
3786
|
-
const user = await strapi1.db.query('plugin::users-permissions.user').findOne({
|
|
3787
|
-
where: {
|
|
3788
|
-
email: email.toLowerCase()
|
|
3789
|
-
}
|
|
3790
|
-
});
|
|
3791
|
-
if (!user || user.blocked) {
|
|
3792
|
-
return ctx.send({
|
|
3793
|
-
ok: true
|
|
3794
|
-
});
|
|
3795
|
-
}
|
|
3796
|
-
// Generate random token.
|
|
3797
|
-
const userInfo = await sanitizeUser(user, ctx);
|
|
3798
|
-
const resetPasswordToken = crypto.randomBytes(64).toString('hex');
|
|
3799
|
-
const resetPasswordSettings = _.get(emailSettings, 'reset_password.options', {});
|
|
3800
|
-
const emailBody = await getService('users-permissions').template(resetPasswordSettings.message, {
|
|
3801
|
-
URL: advancedSettings.email_reset_password,
|
|
3802
|
-
SERVER_URL: strapi1.config.get('server.absoluteUrl'),
|
|
3803
|
-
ADMIN_URL: strapi1.config.get('admin.absoluteUrl'),
|
|
3804
|
-
USER: userInfo,
|
|
3805
|
-
TOKEN: resetPasswordToken
|
|
3806
|
-
});
|
|
3807
|
-
const emailObject = await getService('users-permissions').template(resetPasswordSettings.object, {
|
|
3808
|
-
USER: userInfo
|
|
3809
|
-
});
|
|
3810
|
-
const emailToSend = {
|
|
3811
|
-
to: user.email,
|
|
3812
|
-
from: resetPasswordSettings.from.email || resetPasswordSettings.from.name ? `${resetPasswordSettings.from.name} <${resetPasswordSettings.from.email}>` : undefined,
|
|
3813
|
-
replyTo: resetPasswordSettings.response_email,
|
|
3814
|
-
subject: emailObject,
|
|
3815
|
-
text: emailBody,
|
|
3816
|
-
html: emailBody
|
|
3817
|
-
};
|
|
3818
|
-
// NOTE: Update the user before sending the email so an Admin can generate the link if the email fails
|
|
3819
|
-
await getService('user').edit(user.id, {
|
|
3820
|
-
resetPasswordToken
|
|
3821
|
-
});
|
|
3822
|
-
// Send an email to the user.
|
|
3823
|
-
await strapi1.plugin('email').service('email').send(emailToSend);
|
|
3824
|
-
ctx.send({
|
|
3825
|
-
ok: true
|
|
3826
|
-
});
|
|
3827
|
-
},
|
|
3828
|
-
async register (ctx) {
|
|
3829
|
-
const pluginStore = await strapi1.store({
|
|
3830
|
-
type: 'plugin',
|
|
3831
|
-
name: 'users-permissions'
|
|
3832
|
-
});
|
|
3833
|
-
const settings = await pluginStore.get({
|
|
3834
|
-
key: 'advanced'
|
|
3835
|
-
});
|
|
3836
|
-
if (!settings.allow_register) {
|
|
3837
|
-
throw new ApplicationError('Register action is currently disabled');
|
|
3838
|
-
}
|
|
3839
|
-
const { register } = strapi1.config.get('plugin::users-permissions');
|
|
3840
|
-
const alwaysAllowedKeys = [
|
|
3841
|
-
'username',
|
|
3842
|
-
'password',
|
|
3843
|
-
'email'
|
|
3844
|
-
];
|
|
3845
|
-
// Note that we intentionally do not filter allowedFields to allow a project to explicitly accept private or other Strapi field on registration
|
|
3846
|
-
const allowedKeys = compact(concat(alwaysAllowedKeys, isArray(register?.allowedFields) ? register.allowedFields : []));
|
|
3847
|
-
// Check if there are any keys in requestBody that are not in allowedKeys
|
|
3848
|
-
const invalidKeys = Object.keys(ctx.request.body).filter((key)=>!allowedKeys.includes(key));
|
|
3849
|
-
if (invalidKeys.length > 0) {
|
|
3850
|
-
// If there are invalid keys, throw an error
|
|
3851
|
-
throw new ValidationError(`Invalid parameters: ${invalidKeys.join(', ')}`);
|
|
3852
|
-
}
|
|
3853
|
-
const params = {
|
|
3854
|
-
..._.pick(ctx.request.body, allowedKeys),
|
|
3855
|
-
provider: 'local'
|
|
3856
|
-
};
|
|
3857
|
-
const validations = strapi1.config.get('plugin::users-permissions.validationRules');
|
|
3858
|
-
await validateRegisterBody(params, validations);
|
|
3859
|
-
const role = await strapi1.db.query('plugin::users-permissions.role').findOne({
|
|
3860
|
-
where: {
|
|
3861
|
-
type: settings.default_role
|
|
3862
|
-
}
|
|
3863
|
-
});
|
|
3864
|
-
if (!role) {
|
|
3865
|
-
throw new ApplicationError('Impossible to find the default role');
|
|
3866
|
-
}
|
|
3867
|
-
const { email, username, provider } = params;
|
|
3868
|
-
const identifierFilter = {
|
|
3869
|
-
$or: [
|
|
3870
|
-
{
|
|
3871
|
-
email: email.toLowerCase()
|
|
3872
|
-
},
|
|
3873
|
-
{
|
|
3874
|
-
username: email.toLowerCase()
|
|
3875
|
-
},
|
|
3876
|
-
{
|
|
3877
|
-
username
|
|
3878
|
-
},
|
|
3879
|
-
{
|
|
3880
|
-
email: username
|
|
3881
|
-
}
|
|
3882
|
-
]
|
|
3883
|
-
};
|
|
3884
|
-
const conflictingUserCount = await strapi1.db.query('plugin::users-permissions.user').count({
|
|
3885
|
-
where: {
|
|
3886
|
-
...identifierFilter,
|
|
3887
|
-
provider
|
|
3888
|
-
}
|
|
3889
|
-
});
|
|
3890
|
-
if (conflictingUserCount > 0) {
|
|
3891
|
-
throw new ApplicationError('Email or Username are already taken');
|
|
3892
|
-
}
|
|
3893
|
-
if (settings.unique_email) {
|
|
3894
|
-
const conflictingUserCount = await strapi1.db.query('plugin::users-permissions.user').count({
|
|
3895
|
-
where: {
|
|
3896
|
-
...identifierFilter
|
|
3897
|
-
}
|
|
3898
|
-
});
|
|
3899
|
-
if (conflictingUserCount > 0) {
|
|
3900
|
-
throw new ApplicationError('Email or Username are already taken');
|
|
3901
|
-
}
|
|
3902
|
-
}
|
|
3903
|
-
const newUser = {
|
|
3904
|
-
...params,
|
|
3905
|
-
role: role.id,
|
|
3906
|
-
email: email.toLowerCase(),
|
|
3907
|
-
username,
|
|
3908
|
-
confirmed: !settings.email_confirmation
|
|
3909
|
-
};
|
|
3910
|
-
const user = await getService('user').add(newUser);
|
|
3911
|
-
const sanitizedUser = await sanitizeUser(user, ctx);
|
|
3912
|
-
if (settings.email_confirmation) {
|
|
3913
|
-
try {
|
|
3914
|
-
await getService('user').sendConfirmationEmail(sanitizedUser);
|
|
3915
|
-
} catch (err) {
|
|
3916
|
-
strapi1.log.error(err);
|
|
3917
|
-
throw new ApplicationError('Error sending confirmation email');
|
|
3918
|
-
}
|
|
3919
|
-
return ctx.send({
|
|
3920
|
-
user: sanitizedUser
|
|
3921
|
-
});
|
|
3922
|
-
}
|
|
3923
|
-
const jwt = getService('jwt').issue(_.pick(user, [
|
|
3924
|
-
'id'
|
|
3925
|
-
]));
|
|
3926
|
-
return ctx.send({
|
|
3927
|
-
jwt,
|
|
3928
|
-
user: sanitizedUser
|
|
3929
|
-
});
|
|
3930
|
-
},
|
|
3931
|
-
async emailConfirmation (ctx, next, returnUser) {
|
|
3932
|
-
const { confirmation: confirmationToken } = await validateEmailConfirmationBody(ctx.query);
|
|
3933
|
-
const userService = getService('user');
|
|
3934
|
-
const jwtService = getService('jwt');
|
|
3935
|
-
const [user] = await userService.fetchAll({
|
|
3936
|
-
filters: {
|
|
3937
|
-
confirmationToken
|
|
3938
|
-
}
|
|
3939
|
-
});
|
|
3940
|
-
if (!user) {
|
|
3941
|
-
throw new ValidationError('Invalid token');
|
|
3942
|
-
}
|
|
3943
|
-
await userService.edit(user.id, {
|
|
3944
|
-
confirmed: true,
|
|
3945
|
-
confirmationToken: null
|
|
3946
|
-
});
|
|
3947
|
-
if (returnUser) {
|
|
3948
|
-
ctx.send({
|
|
3949
|
-
jwt: jwtService.issue({
|
|
3950
|
-
id: user.id
|
|
3951
|
-
}),
|
|
3952
|
-
user: await sanitizeUser(user, ctx)
|
|
3953
|
-
});
|
|
3954
|
-
} else {
|
|
3955
|
-
const settings = await strapi1.store({
|
|
3956
|
-
type: 'plugin',
|
|
3957
|
-
name: 'users-permissions',
|
|
3958
|
-
key: 'advanced'
|
|
3959
|
-
}).get();
|
|
3960
|
-
ctx.redirect(settings.email_confirmation_redirection || '/');
|
|
3961
|
-
}
|
|
3962
|
-
},
|
|
3963
|
-
async sendEmailConfirmation (ctx) {
|
|
3964
|
-
const { email } = await validateSendEmailConfirmationBody(ctx.request.body);
|
|
3965
|
-
const user = await strapi1.db.query('plugin::users-permissions.user').findOne({
|
|
3966
|
-
where: {
|
|
3967
|
-
email: email.toLowerCase()
|
|
3968
|
-
}
|
|
3969
|
-
});
|
|
3970
|
-
if (!user) {
|
|
3971
|
-
return ctx.send({
|
|
3972
|
-
email,
|
|
3973
|
-
sent: true
|
|
3974
|
-
});
|
|
3975
|
-
}
|
|
3976
|
-
if (user.confirmed) {
|
|
3977
|
-
throw new ApplicationError('Already confirmed');
|
|
3978
|
-
}
|
|
3979
|
-
if (user.blocked) {
|
|
3980
|
-
throw new ApplicationError('User blocked');
|
|
3981
|
-
}
|
|
3982
|
-
await getService('user').sendConfirmationEmail(user);
|
|
3983
|
-
ctx.send({
|
|
3984
|
-
email: user.email,
|
|
3985
|
-
sent: true
|
|
3986
|
-
});
|
|
3987
|
-
}
|
|
3988
|
-
});
|
|
3989
|
-
return auth;
|
|
3990
|
-
}
|
|
3991
|
-
|
|
3992
|
-
var user$1;
|
|
3993
|
-
var hasRequiredUser$1;
|
|
3994
|
-
function requireUser$1() {
|
|
3995
|
-
if (hasRequiredUser$1) return user$1;
|
|
3996
|
-
hasRequiredUser$1 = 1;
|
|
3997
|
-
const { yup, validateYupSchema } = require$$1;
|
|
3998
|
-
const deleteRoleSchema = yup.object().shape({
|
|
3999
|
-
role: yup.strapiID().required()
|
|
4000
|
-
});
|
|
4001
|
-
const createUserBodySchema = yup.object().shape({
|
|
4002
|
-
email: yup.string().email().required(),
|
|
4003
|
-
username: yup.string().min(1).required(),
|
|
4004
|
-
password: yup.string().min(1).required(),
|
|
4005
|
-
role: yup.lazy((value)=>typeof value === 'object' ? yup.object().shape({
|
|
4006
|
-
connect: yup.array().of(yup.object().shape({
|
|
4007
|
-
id: yup.strapiID().required()
|
|
4008
|
-
})).min(1, 'Users must have a role').required()
|
|
4009
|
-
}).required() : yup.strapiID().required())
|
|
4010
|
-
});
|
|
4011
|
-
const updateUserBodySchema = yup.object().shape({
|
|
4012
|
-
email: yup.string().email().min(1),
|
|
4013
|
-
username: yup.string().min(1),
|
|
4014
|
-
password: yup.string().min(1),
|
|
4015
|
-
role: yup.lazy((value)=>typeof value === 'object' ? yup.object().shape({
|
|
4016
|
-
connect: yup.array().of(yup.object().shape({
|
|
4017
|
-
id: yup.strapiID().required()
|
|
4018
|
-
})).required(),
|
|
4019
|
-
disconnect: yup.array().test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {
|
|
4020
|
-
if (value.connect.length === 0 && disconnectValue.length > 0) {
|
|
4021
|
-
return false;
|
|
4022
|
-
}
|
|
4023
|
-
return true;
|
|
4024
|
-
}).required()
|
|
4025
|
-
}) : yup.strapiID())
|
|
4026
|
-
});
|
|
4027
|
-
user$1 = {
|
|
4028
|
-
validateCreateUserBody: validateYupSchema(createUserBodySchema),
|
|
4029
|
-
validateUpdateUserBody: validateYupSchema(updateUserBodySchema),
|
|
4030
|
-
validateDeleteRoleBody: validateYupSchema(deleteRoleSchema)
|
|
4031
|
-
};
|
|
4032
|
-
return user$1;
|
|
4033
|
-
}
|
|
4034
|
-
|
|
4035
|
-
var user;
|
|
4036
|
-
var hasRequiredUser;
|
|
4037
|
-
function requireUser() {
|
|
4038
|
-
if (hasRequiredUser) return user;
|
|
4039
|
-
hasRequiredUser = 1;
|
|
4040
|
-
/**
|
|
4041
|
-
* User.js controller
|
|
4042
|
-
*
|
|
4043
|
-
* @description: A set of functions called "actions" for managing `User`.
|
|
4044
|
-
*/ const _ = require$$0$3;
|
|
4045
|
-
const utils = require$$1;
|
|
4046
|
-
const { getService } = requireUtils$1();
|
|
4047
|
-
const { validateCreateUserBody, validateUpdateUserBody } = requireUser$1();
|
|
4048
|
-
const { ApplicationError, ValidationError, NotFoundError } = utils.errors;
|
|
4049
|
-
const sanitizeOutput = async (user, ctx)=>{
|
|
4050
|
-
const schema = strapi.getModel('plugin::users-permissions.user');
|
|
4051
|
-
const { auth } = ctx.state;
|
|
4052
|
-
return strapi.contentAPI.sanitize.output(user, schema, {
|
|
4053
|
-
auth
|
|
4054
|
-
});
|
|
4055
|
-
};
|
|
4056
|
-
const validateQuery = async (query, ctx)=>{
|
|
4057
|
-
const schema = strapi.getModel('plugin::users-permissions.user');
|
|
4058
|
-
const { auth } = ctx.state;
|
|
4059
|
-
return strapi.contentAPI.validate.query(query, schema, {
|
|
4060
|
-
auth
|
|
4061
|
-
});
|
|
4062
|
-
};
|
|
4063
|
-
const sanitizeQuery = async (query, ctx)=>{
|
|
4064
|
-
const schema = strapi.getModel('plugin::users-permissions.user');
|
|
4065
|
-
const { auth } = ctx.state;
|
|
4066
|
-
return strapi.contentAPI.sanitize.query(query, schema, {
|
|
4067
|
-
auth
|
|
4068
|
-
});
|
|
4069
|
-
};
|
|
4070
|
-
user = {
|
|
4071
|
-
/**
|
|
4072
|
-
* Create a/an user record.
|
|
4073
|
-
* @return {Object}
|
|
4074
|
-
*/ async create (ctx) {
|
|
4075
|
-
const advanced = await strapi.store({
|
|
4076
|
-
type: 'plugin',
|
|
4077
|
-
name: 'users-permissions',
|
|
4078
|
-
key: 'advanced'
|
|
4079
|
-
}).get();
|
|
4080
|
-
await validateCreateUserBody(ctx.request.body);
|
|
4081
|
-
const { email, username, role } = ctx.request.body;
|
|
4082
|
-
const userWithSameUsername = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
4083
|
-
where: {
|
|
4084
|
-
username
|
|
4085
|
-
}
|
|
4086
|
-
});
|
|
4087
|
-
if (userWithSameUsername) {
|
|
4088
|
-
if (!email) throw new ApplicationError('Username already taken');
|
|
4089
|
-
}
|
|
4090
|
-
if (advanced.unique_email) {
|
|
4091
|
-
const userWithSameEmail = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
4092
|
-
where: {
|
|
4093
|
-
email: email.toLowerCase()
|
|
4094
|
-
}
|
|
4095
|
-
});
|
|
4096
|
-
if (userWithSameEmail) {
|
|
4097
|
-
throw new ApplicationError('Email already taken');
|
|
4098
|
-
}
|
|
4099
|
-
}
|
|
4100
|
-
const user = {
|
|
4101
|
-
...ctx.request.body,
|
|
4102
|
-
email: email.toLowerCase(),
|
|
4103
|
-
provider: 'local'
|
|
4104
|
-
};
|
|
4105
|
-
if (!role) {
|
|
4106
|
-
const defaultRole = await strapi.db.query('plugin::users-permissions.role').findOne({
|
|
4107
|
-
where: {
|
|
4108
|
-
type: advanced.default_role
|
|
4109
|
-
}
|
|
4110
|
-
});
|
|
4111
|
-
user.role = defaultRole.id;
|
|
4112
|
-
}
|
|
4113
|
-
try {
|
|
4114
|
-
const data = await getService('user').add(user);
|
|
4115
|
-
const sanitizedData = await sanitizeOutput(data, ctx);
|
|
4116
|
-
ctx.created(sanitizedData);
|
|
4117
|
-
} catch (error) {
|
|
4118
|
-
throw new ApplicationError(error.message);
|
|
4119
|
-
}
|
|
4120
|
-
},
|
|
4121
|
-
/**
|
|
4122
|
-
* Update a/an user record.
|
|
4123
|
-
* @return {Object}
|
|
4124
|
-
*/ async update (ctx) {
|
|
4125
|
-
const advancedConfigs = await strapi.store({
|
|
4126
|
-
type: 'plugin',
|
|
4127
|
-
name: 'users-permissions',
|
|
4128
|
-
key: 'advanced'
|
|
4129
|
-
}).get();
|
|
4130
|
-
const { id } = ctx.params;
|
|
4131
|
-
const { email, username, password } = ctx.request.body;
|
|
4132
|
-
const user = await getService('user').fetch(id);
|
|
4133
|
-
if (!user) {
|
|
4134
|
-
throw new NotFoundError(`User not found`);
|
|
4135
|
-
}
|
|
4136
|
-
await validateUpdateUserBody(ctx.request.body);
|
|
4137
|
-
if (user.provider === 'local' && _.has(ctx.request.body, 'password') && !password) {
|
|
4138
|
-
throw new ValidationError('password.notNull');
|
|
4139
|
-
}
|
|
4140
|
-
if (_.has(ctx.request.body, 'username')) {
|
|
4141
|
-
const userWithSameUsername = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
4142
|
-
where: {
|
|
4143
|
-
username
|
|
4144
|
-
}
|
|
4145
|
-
});
|
|
4146
|
-
if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(id)) {
|
|
4147
|
-
throw new ApplicationError('Username already taken');
|
|
4148
|
-
}
|
|
4149
|
-
}
|
|
4150
|
-
if (_.has(ctx.request.body, 'email') && advancedConfigs.unique_email) {
|
|
4151
|
-
const userWithSameEmail = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
4152
|
-
where: {
|
|
4153
|
-
email: email.toLowerCase()
|
|
4154
|
-
}
|
|
4155
|
-
});
|
|
4156
|
-
if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(id)) {
|
|
4157
|
-
throw new ApplicationError('Email already taken');
|
|
4158
|
-
}
|
|
4159
|
-
ctx.request.body.email = ctx.request.body.email.toLowerCase();
|
|
4160
|
-
}
|
|
4161
|
-
const updateData = {
|
|
4162
|
-
...ctx.request.body
|
|
4163
|
-
};
|
|
4164
|
-
const data = await getService('user').edit(user.id, updateData);
|
|
4165
|
-
const sanitizedData = await sanitizeOutput(data, ctx);
|
|
4166
|
-
ctx.send(sanitizedData);
|
|
4167
|
-
},
|
|
4168
|
-
/**
|
|
4169
|
-
* Retrieve user records.
|
|
4170
|
-
* @return {Object|Array}
|
|
4171
|
-
*/ async find (ctx) {
|
|
4172
|
-
await validateQuery(ctx.query, ctx);
|
|
4173
|
-
const sanitizedQuery = await sanitizeQuery(ctx.query, ctx);
|
|
4174
|
-
const users = await getService('user').fetchAll(sanitizedQuery);
|
|
4175
|
-
ctx.body = await Promise.all(users.map((user)=>sanitizeOutput(user, ctx)));
|
|
4176
|
-
},
|
|
4177
|
-
/**
|
|
4178
|
-
* Retrieve a user record.
|
|
4179
|
-
* @return {Object}
|
|
4180
|
-
*/ async findOne (ctx) {
|
|
4181
|
-
const { id } = ctx.params;
|
|
4182
|
-
await validateQuery(ctx.query, ctx);
|
|
4183
|
-
const sanitizedQuery = await sanitizeQuery(ctx.query, ctx);
|
|
4184
|
-
let data = await getService('user').fetch(id, sanitizedQuery);
|
|
4185
|
-
if (data) {
|
|
4186
|
-
data = await sanitizeOutput(data, ctx);
|
|
4187
|
-
}
|
|
4188
|
-
ctx.body = data;
|
|
4189
|
-
},
|
|
4190
|
-
/**
|
|
4191
|
-
* Retrieve user count.
|
|
4192
|
-
* @return {Number}
|
|
4193
|
-
*/ async count (ctx) {
|
|
4194
|
-
await validateQuery(ctx.query, ctx);
|
|
4195
|
-
const sanitizedQuery = await sanitizeQuery(ctx.query, ctx);
|
|
4196
|
-
ctx.body = await getService('user').count(sanitizedQuery);
|
|
4197
|
-
},
|
|
4198
|
-
/**
|
|
4199
|
-
* Destroy a/an user record.
|
|
4200
|
-
* @return {Object}
|
|
4201
|
-
*/ async destroy (ctx) {
|
|
4202
|
-
const { id } = ctx.params;
|
|
4203
|
-
const data = await getService('user').remove({
|
|
4204
|
-
id
|
|
4205
|
-
});
|
|
4206
|
-
const sanitizedUser = await sanitizeOutput(data, ctx);
|
|
4207
|
-
ctx.send(sanitizedUser);
|
|
4208
|
-
},
|
|
4209
|
-
/**
|
|
4210
|
-
* Retrieve authenticated user.
|
|
4211
|
-
* @return {Object|Array}
|
|
4212
|
-
*/ async me (ctx) {
|
|
4213
|
-
const authUser = ctx.state.user;
|
|
4214
|
-
const { query } = ctx;
|
|
4215
|
-
if (!authUser) {
|
|
4216
|
-
return ctx.unauthorized();
|
|
4217
|
-
}
|
|
4218
|
-
await validateQuery(query, ctx);
|
|
4219
|
-
const sanitizedQuery = await sanitizeQuery(query, ctx);
|
|
4220
|
-
const user = await getService('user').fetch(authUser.id, sanitizedQuery);
|
|
4221
|
-
ctx.body = await sanitizeOutput(user, ctx);
|
|
4222
|
-
}
|
|
4223
|
-
};
|
|
4224
|
-
return user;
|
|
4225
|
-
}
|
|
4226
|
-
|
|
4227
|
-
var role;
|
|
4228
|
-
var hasRequiredRole;
|
|
4229
|
-
function requireRole() {
|
|
4230
|
-
if (hasRequiredRole) return role;
|
|
4231
|
-
hasRequiredRole = 1;
|
|
4232
|
-
const _ = require$$0$3;
|
|
4233
|
-
const { async, errors } = require$$1;
|
|
4234
|
-
const { getService } = requireUtils$1();
|
|
4235
|
-
const { validateDeleteRoleBody } = requireUser$1();
|
|
4236
|
-
const { ApplicationError, ValidationError } = errors;
|
|
4237
|
-
const sanitizeOutput = async (role)=>{
|
|
4238
|
-
const { sanitizeLocalizationFields } = strapi.plugin('i18n').service('sanitize');
|
|
4239
|
-
const schema = strapi.getModel('plugin::users-permissions.role');
|
|
4240
|
-
return async.pipe(sanitizeLocalizationFields(schema))(role);
|
|
4241
|
-
};
|
|
4242
|
-
role = {
|
|
4243
|
-
/**
|
|
4244
|
-
* Default action.
|
|
4245
|
-
*
|
|
4246
|
-
* @return {Object}
|
|
4247
|
-
*/ async createRole (ctx) {
|
|
4248
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
4249
|
-
throw new ValidationError('Request body cannot be empty');
|
|
4250
|
-
}
|
|
4251
|
-
await getService('role').createRole(ctx.request.body);
|
|
4252
|
-
ctx.send({
|
|
4253
|
-
ok: true
|
|
4254
|
-
});
|
|
4255
|
-
},
|
|
4256
|
-
async findOne (ctx) {
|
|
4257
|
-
const { id } = ctx.params;
|
|
4258
|
-
const role = await getService('role').findOne(id);
|
|
4259
|
-
if (!role) {
|
|
4260
|
-
return ctx.notFound();
|
|
4261
|
-
}
|
|
4262
|
-
const safeRole = await sanitizeOutput(role);
|
|
4263
|
-
ctx.send({
|
|
4264
|
-
role: safeRole
|
|
4265
|
-
});
|
|
4266
|
-
},
|
|
4267
|
-
async find (ctx) {
|
|
4268
|
-
const roles = await getService('role').find();
|
|
4269
|
-
const safeRoles = await Promise.all(roles.map(sanitizeOutput));
|
|
4270
|
-
ctx.send({
|
|
4271
|
-
roles: safeRoles
|
|
4272
|
-
});
|
|
4273
|
-
},
|
|
4274
|
-
async updateRole (ctx) {
|
|
4275
|
-
const roleID = ctx.params.role;
|
|
4276
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
4277
|
-
throw new ValidationError('Request body cannot be empty');
|
|
4278
|
-
}
|
|
4279
|
-
await getService('role').updateRole(roleID, ctx.request.body);
|
|
4280
|
-
ctx.send({
|
|
4281
|
-
ok: true
|
|
4282
|
-
});
|
|
4283
|
-
},
|
|
4284
|
-
async deleteRole (ctx) {
|
|
4285
|
-
const roleID = ctx.params.role;
|
|
4286
|
-
if (!roleID) {
|
|
4287
|
-
await validateDeleteRoleBody(ctx.params);
|
|
4288
|
-
}
|
|
4289
|
-
// Fetch public role.
|
|
4290
|
-
const publicRole = await strapi.db.query('plugin::users-permissions.role').findOne({
|
|
4291
|
-
where: {
|
|
4292
|
-
type: 'public'
|
|
4293
|
-
}
|
|
4294
|
-
});
|
|
4295
|
-
const publicRoleID = publicRole.id;
|
|
4296
|
-
// Prevent from removing the public role.
|
|
4297
|
-
if (roleID.toString() === publicRoleID.toString()) {
|
|
4298
|
-
throw new ApplicationError('Cannot delete public role');
|
|
4299
|
-
}
|
|
4300
|
-
await getService('role').deleteRole(roleID, publicRoleID);
|
|
4301
|
-
ctx.send({
|
|
4302
|
-
ok: true
|
|
4303
|
-
});
|
|
4304
|
-
}
|
|
4305
|
-
};
|
|
4306
|
-
return role;
|
|
4307
|
-
}
|
|
4308
|
-
|
|
4309
|
-
var permissions;
|
|
4310
|
-
var hasRequiredPermissions;
|
|
4311
|
-
function requirePermissions() {
|
|
4312
|
-
if (hasRequiredPermissions) return permissions;
|
|
4313
|
-
hasRequiredPermissions = 1;
|
|
4314
|
-
const _ = require$$0$3;
|
|
4315
|
-
const { getService } = requireUtils$1();
|
|
4316
|
-
permissions = {
|
|
4317
|
-
async getPermissions (ctx) {
|
|
4318
|
-
const permissions = await getService('users-permissions').getActions();
|
|
4319
|
-
ctx.send({
|
|
4320
|
-
permissions
|
|
4321
|
-
});
|
|
4322
|
-
},
|
|
4323
|
-
async getPolicies (ctx) {
|
|
4324
|
-
const policies = _.keys(strapi.plugin('users-permissions').policies);
|
|
4325
|
-
ctx.send({
|
|
4326
|
-
policies: _.without(policies, 'permissions')
|
|
4327
|
-
});
|
|
4328
|
-
},
|
|
4329
|
-
async getRoutes (ctx) {
|
|
4330
|
-
const routes = await getService('users-permissions').getRoutes();
|
|
4331
|
-
ctx.send({
|
|
4332
|
-
routes
|
|
4333
|
-
});
|
|
4334
|
-
}
|
|
4335
|
-
};
|
|
4336
|
-
return permissions;
|
|
4337
|
-
}
|
|
4338
|
-
|
|
4339
|
-
var emailTemplate;
|
|
4340
|
-
var hasRequiredEmailTemplate;
|
|
4341
|
-
function requireEmailTemplate() {
|
|
4342
|
-
if (hasRequiredEmailTemplate) return emailTemplate;
|
|
4343
|
-
hasRequiredEmailTemplate = 1;
|
|
4344
|
-
const { trim } = require$$0;
|
|
4345
|
-
const { template: { createLooseInterpolationRegExp, createStrictInterpolationRegExp } } = require$$1;
|
|
4346
|
-
const invalidPatternsRegexes = [
|
|
4347
|
-
// Ignore "evaluation" patterns: <% ... %>
|
|
4348
|
-
/<%[^=]([\s\S]*?)%>/m,
|
|
4349
|
-
// Ignore basic string interpolations
|
|
4350
|
-
/\${([^{}]*)}/m
|
|
4351
|
-
];
|
|
4352
|
-
const authorizedKeys = [
|
|
4353
|
-
'URL',
|
|
4354
|
-
'ADMIN_URL',
|
|
4355
|
-
'SERVER_URL',
|
|
4356
|
-
'CODE',
|
|
4357
|
-
'USER',
|
|
4358
|
-
'USER.email',
|
|
4359
|
-
'USER.username',
|
|
4360
|
-
'TOKEN'
|
|
4361
|
-
];
|
|
4362
|
-
const matchAll = (pattern, src)=>{
|
|
4363
|
-
const matches = [];
|
|
4364
|
-
let match;
|
|
4365
|
-
const regexPatternWithGlobal = RegExp(pattern, 'g');
|
|
4366
|
-
// eslint-disable-next-line no-cond-assign
|
|
4367
|
-
while(match = regexPatternWithGlobal.exec(src)){
|
|
4368
|
-
const [, group] = match;
|
|
4369
|
-
matches.push(trim(group));
|
|
4370
|
-
}
|
|
4371
|
-
return matches;
|
|
4372
|
-
};
|
|
4373
|
-
const isValidEmailTemplate = (template)=>{
|
|
4374
|
-
// Check for known invalid patterns
|
|
4375
|
-
for (const reg of invalidPatternsRegexes){
|
|
4376
|
-
if (reg.test(template)) {
|
|
4377
|
-
return false;
|
|
4378
|
-
}
|
|
4379
|
-
}
|
|
4380
|
-
const interpolation = {
|
|
4381
|
-
// Strict interpolation pattern to match only valid groups
|
|
4382
|
-
strict: createStrictInterpolationRegExp(authorizedKeys),
|
|
4383
|
-
// Weak interpolation pattern to match as many group as possible.
|
|
4384
|
-
loose: createLooseInterpolationRegExp()
|
|
4385
|
-
};
|
|
4386
|
-
// Compute both strict & loose matches
|
|
4387
|
-
const strictMatches = matchAll(interpolation.strict, template);
|
|
4388
|
-
const looseMatches = matchAll(interpolation.loose, template);
|
|
4389
|
-
// If we have more matches with the loose RegExp than with the strict one,
|
|
4390
|
-
// then it means that at least one of the interpolation group is invalid
|
|
4391
|
-
// Note: In the future, if we wanted to give more details for error formatting
|
|
4392
|
-
// purposes, we could return the difference between the two arrays
|
|
4393
|
-
if (looseMatches.length > strictMatches.length) {
|
|
4394
|
-
return false;
|
|
4395
|
-
}
|
|
4396
|
-
return true;
|
|
4397
|
-
};
|
|
4398
|
-
emailTemplate = {
|
|
4399
|
-
isValidEmailTemplate
|
|
4400
|
-
};
|
|
4401
|
-
return emailTemplate;
|
|
4402
|
-
}
|
|
4403
|
-
|
|
4404
|
-
var settings;
|
|
4405
|
-
var hasRequiredSettings;
|
|
4406
|
-
function requireSettings() {
|
|
4407
|
-
if (hasRequiredSettings) return settings;
|
|
4408
|
-
hasRequiredSettings = 1;
|
|
4409
|
-
const _ = require$$0$3;
|
|
4410
|
-
const { ValidationError } = require$$1.errors;
|
|
4411
|
-
const { getService } = requireUtils$1();
|
|
4412
|
-
const { isValidEmailTemplate } = requireEmailTemplate();
|
|
4413
|
-
settings = {
|
|
4414
|
-
async getEmailTemplate (ctx) {
|
|
4415
|
-
ctx.send(await strapi.store({
|
|
4416
|
-
type: 'plugin',
|
|
4417
|
-
name: 'users-permissions',
|
|
4418
|
-
key: 'email'
|
|
4419
|
-
}).get());
|
|
4420
|
-
},
|
|
4421
|
-
async updateEmailTemplate (ctx) {
|
|
4422
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
4423
|
-
throw new ValidationError('Request body cannot be empty');
|
|
4424
|
-
}
|
|
4425
|
-
const emailTemplates = ctx.request.body['email-templates'];
|
|
4426
|
-
for (const key of Object.keys(emailTemplates)){
|
|
4427
|
-
const template = emailTemplates[key].options.message;
|
|
4428
|
-
if (!isValidEmailTemplate(template)) {
|
|
4429
|
-
throw new ValidationError('Invalid template');
|
|
4430
|
-
}
|
|
4431
|
-
}
|
|
4432
|
-
await strapi.store({
|
|
4433
|
-
type: 'plugin',
|
|
4434
|
-
name: 'users-permissions',
|
|
4435
|
-
key: 'email'
|
|
4436
|
-
}).set({
|
|
4437
|
-
value: emailTemplates
|
|
4438
|
-
});
|
|
4439
|
-
ctx.send({
|
|
4440
|
-
ok: true
|
|
4441
|
-
});
|
|
4442
|
-
},
|
|
4443
|
-
async getAdvancedSettings (ctx) {
|
|
4444
|
-
const settings = await strapi.store({
|
|
4445
|
-
type: 'plugin',
|
|
4446
|
-
name: 'users-permissions',
|
|
4447
|
-
key: 'advanced'
|
|
4448
|
-
}).get();
|
|
4449
|
-
const roles = await getService('role').find();
|
|
4450
|
-
ctx.send({
|
|
4451
|
-
settings,
|
|
4452
|
-
roles
|
|
4453
|
-
});
|
|
4454
|
-
},
|
|
4455
|
-
async updateAdvancedSettings (ctx) {
|
|
4456
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
4457
|
-
throw new ValidationError('Request body cannot be empty');
|
|
4458
|
-
}
|
|
4459
|
-
await strapi.store({
|
|
4460
|
-
type: 'plugin',
|
|
4461
|
-
name: 'users-permissions',
|
|
4462
|
-
key: 'advanced'
|
|
4463
|
-
}).set({
|
|
4464
|
-
value: ctx.request.body
|
|
4465
|
-
});
|
|
4466
|
-
ctx.send({
|
|
4467
|
-
ok: true
|
|
4468
|
-
});
|
|
4469
|
-
},
|
|
4470
|
-
async getProviders (ctx) {
|
|
4471
|
-
const providers = await strapi.store({
|
|
4472
|
-
type: 'plugin',
|
|
4473
|
-
name: 'users-permissions',
|
|
4474
|
-
key: 'grant'
|
|
4475
|
-
}).get();
|
|
4476
|
-
for(const provider in providers){
|
|
4477
|
-
if (provider !== 'email') {
|
|
4478
|
-
providers[provider].redirectUri = strapi.plugin('users-permissions').service('providers').buildRedirectUri(provider);
|
|
4479
|
-
}
|
|
4480
|
-
}
|
|
4481
|
-
ctx.send(providers);
|
|
4482
|
-
},
|
|
4483
|
-
async updateProviders (ctx) {
|
|
4484
|
-
if (_.isEmpty(ctx.request.body)) {
|
|
4485
|
-
throw new ValidationError('Request body cannot be empty');
|
|
4486
|
-
}
|
|
4487
|
-
await strapi.store({
|
|
4488
|
-
type: 'plugin',
|
|
4489
|
-
name: 'users-permissions',
|
|
4490
|
-
key: 'grant'
|
|
4491
|
-
}).set({
|
|
4492
|
-
value: ctx.request.body.providers
|
|
4493
|
-
});
|
|
4494
|
-
ctx.send({
|
|
4495
|
-
ok: true
|
|
4496
|
-
});
|
|
4497
|
-
}
|
|
4498
|
-
};
|
|
4499
|
-
return settings;
|
|
4500
|
-
}
|
|
4501
|
-
|
|
4502
|
-
var contentManagerUser;
|
|
4503
|
-
var hasRequiredContentManagerUser;
|
|
4504
|
-
function requireContentManagerUser() {
|
|
4505
|
-
if (hasRequiredContentManagerUser) return contentManagerUser;
|
|
4506
|
-
hasRequiredContentManagerUser = 1;
|
|
4507
|
-
const _ = require$$0$3;
|
|
4508
|
-
const { contentTypes: contentTypesUtils } = require$$1;
|
|
4509
|
-
const { ApplicationError, ValidationError, NotFoundError, ForbiddenError } = require$$1.errors;
|
|
4510
|
-
const { validateCreateUserBody, validateUpdateUserBody } = requireUser$1();
|
|
4511
|
-
const { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;
|
|
4512
|
-
const userModel = 'plugin::users-permissions.user';
|
|
4513
|
-
const ACTIONS = {
|
|
4514
|
-
read: 'plugin::content-manager.explorer.read',
|
|
4515
|
-
create: 'plugin::content-manager.explorer.create',
|
|
4516
|
-
edit: 'plugin::content-manager.explorer.update',
|
|
4517
|
-
delete: 'plugin::content-manager.explorer.delete'
|
|
4518
|
-
};
|
|
4519
|
-
const findEntityAndCheckPermissions = async (ability, action, model, id)=>{
|
|
4520
|
-
const doc = await strapi.service('plugin::content-manager.document-manager').findOne(id, model, {
|
|
4521
|
-
populate: [
|
|
4522
|
-
`${CREATED_BY_ATTRIBUTE}.roles`
|
|
4523
|
-
]
|
|
4524
|
-
});
|
|
4525
|
-
if (_.isNil(doc)) {
|
|
4526
|
-
throw new NotFoundError();
|
|
4527
|
-
}
|
|
4528
|
-
const pm = strapi.service('admin::permission').createPermissionsManager({
|
|
4529
|
-
ability,
|
|
4530
|
-
action,
|
|
4531
|
-
model
|
|
4532
|
-
});
|
|
4533
|
-
if (pm.ability.cannot(pm.action, pm.toSubject(doc))) {
|
|
4534
|
-
throw new ForbiddenError();
|
|
4535
|
-
}
|
|
4536
|
-
const docWithoutCreatorRoles = _.omit(doc, `${CREATED_BY_ATTRIBUTE}.roles`);
|
|
4537
|
-
return {
|
|
4538
|
-
pm,
|
|
4539
|
-
doc: docWithoutCreatorRoles
|
|
4540
|
-
};
|
|
4541
|
-
};
|
|
4542
|
-
contentManagerUser = {
|
|
4543
|
-
/**
|
|
4544
|
-
* Create a/an user record.
|
|
4545
|
-
* @return {Object}
|
|
4546
|
-
*/ async create (ctx) {
|
|
4547
|
-
const { body } = ctx.request;
|
|
4548
|
-
const { user: admin, userAbility } = ctx.state;
|
|
4549
|
-
const { email, username } = body;
|
|
4550
|
-
const pm = strapi.service('admin::permission').createPermissionsManager({
|
|
4551
|
-
ability: userAbility,
|
|
4552
|
-
action: ACTIONS.create,
|
|
4553
|
-
model: userModel
|
|
4554
|
-
});
|
|
4555
|
-
if (!pm.isAllowed) {
|
|
4556
|
-
return ctx.forbidden();
|
|
4557
|
-
}
|
|
4558
|
-
const sanitizedBody = await pm.pickPermittedFieldsOf(body, {
|
|
4559
|
-
subject: userModel
|
|
4560
|
-
});
|
|
4561
|
-
const advanced = await strapi.store({
|
|
4562
|
-
type: 'plugin',
|
|
4563
|
-
name: 'users-permissions',
|
|
4564
|
-
key: 'advanced'
|
|
4565
|
-
}).get();
|
|
4566
|
-
await validateCreateUserBody(ctx.request.body);
|
|
4567
|
-
const userWithSameUsername = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
4568
|
-
where: {
|
|
4569
|
-
username
|
|
4570
|
-
}
|
|
4571
|
-
});
|
|
4572
|
-
if (userWithSameUsername) {
|
|
4573
|
-
throw new ApplicationError('Username already taken');
|
|
4574
|
-
}
|
|
4575
|
-
if (advanced.unique_email) {
|
|
4576
|
-
const userWithSameEmail = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
4577
|
-
where: {
|
|
4578
|
-
email: email.toLowerCase()
|
|
4579
|
-
}
|
|
4580
|
-
});
|
|
4581
|
-
if (userWithSameEmail) {
|
|
4582
|
-
throw new ApplicationError('Email already taken');
|
|
4583
|
-
}
|
|
4584
|
-
}
|
|
4585
|
-
const user = {
|
|
4586
|
-
...sanitizedBody,
|
|
4587
|
-
provider: 'local',
|
|
4588
|
-
[CREATED_BY_ATTRIBUTE]: admin.id,
|
|
4589
|
-
[UPDATED_BY_ATTRIBUTE]: admin.id
|
|
4590
|
-
};
|
|
4591
|
-
user.email = _.toLower(user.email);
|
|
4592
|
-
try {
|
|
4593
|
-
const data = await strapi.service('plugin::content-manager.document-manager').create(userModel, {
|
|
4594
|
-
data: user
|
|
4595
|
-
});
|
|
4596
|
-
const sanitizedData = await pm.sanitizeOutput(data, {
|
|
4597
|
-
action: ACTIONS.read
|
|
4598
|
-
});
|
|
4599
|
-
ctx.created(sanitizedData);
|
|
4600
|
-
} catch (error) {
|
|
4601
|
-
throw new ApplicationError(error.message);
|
|
4602
|
-
}
|
|
4603
|
-
},
|
|
4604
|
-
/**
|
|
4605
|
-
* Update a/an user record.
|
|
4606
|
-
* @return {Object}
|
|
4607
|
-
*/ async update (ctx) {
|
|
4608
|
-
const { id: documentId } = ctx.params;
|
|
4609
|
-
const { body } = ctx.request;
|
|
4610
|
-
const { user: admin, userAbility } = ctx.state;
|
|
4611
|
-
const advancedConfigs = await strapi.store({
|
|
4612
|
-
type: 'plugin',
|
|
4613
|
-
name: 'users-permissions',
|
|
4614
|
-
key: 'advanced'
|
|
4615
|
-
}).get();
|
|
4616
|
-
const { email, username, password } = body;
|
|
4617
|
-
const { pm, doc } = await findEntityAndCheckPermissions(userAbility, ACTIONS.edit, userModel, documentId);
|
|
4618
|
-
const user = doc;
|
|
4619
|
-
await validateUpdateUserBody(ctx.request.body);
|
|
4620
|
-
if (_.has(body, 'password') && !password && user.provider === 'local') {
|
|
4621
|
-
throw new ValidationError('password.notNull');
|
|
4622
|
-
}
|
|
4623
|
-
if (_.has(body, 'username')) {
|
|
4624
|
-
const userWithSameUsername = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
4625
|
-
where: {
|
|
4626
|
-
username
|
|
4627
|
-
}
|
|
4628
|
-
});
|
|
4629
|
-
if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(user.id)) {
|
|
4630
|
-
throw new ApplicationError('Username already taken');
|
|
4631
|
-
}
|
|
4632
|
-
}
|
|
4633
|
-
if (_.has(body, 'email') && advancedConfigs.unique_email) {
|
|
4634
|
-
const userWithSameEmail = await strapi.db.query('plugin::users-permissions.user').findOne({
|
|
4635
|
-
where: {
|
|
4636
|
-
email: _.toLower(email)
|
|
4637
|
-
}
|
|
4638
|
-
});
|
|
4639
|
-
if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(user.id)) {
|
|
4640
|
-
throw new ApplicationError('Email already taken');
|
|
4641
|
-
}
|
|
4642
|
-
body.email = _.toLower(body.email);
|
|
4643
|
-
}
|
|
4644
|
-
const sanitizedData = await pm.pickPermittedFieldsOf(body, {
|
|
4645
|
-
subject: pm.toSubject(user)
|
|
4646
|
-
});
|
|
4647
|
-
const updateData = _.omit({
|
|
4648
|
-
...sanitizedData,
|
|
4649
|
-
updatedBy: admin.id
|
|
4650
|
-
}, 'createdBy');
|
|
4651
|
-
const data = await strapi.service('plugin::content-manager.document-manager').update(documentId, userModel, {
|
|
4652
|
-
data: updateData
|
|
4653
|
-
});
|
|
4654
|
-
ctx.body = await pm.sanitizeOutput(data, {
|
|
4655
|
-
action: ACTIONS.read
|
|
4656
|
-
});
|
|
4657
|
-
}
|
|
4658
|
-
};
|
|
4659
|
-
return contentManagerUser;
|
|
4660
|
-
}
|
|
4661
|
-
|
|
4662
|
-
var controllers;
|
|
4663
|
-
var hasRequiredControllers;
|
|
4664
|
-
function requireControllers() {
|
|
4665
|
-
if (hasRequiredControllers) return controllers;
|
|
4666
|
-
hasRequiredControllers = 1;
|
|
4667
|
-
const auth = requireAuth();
|
|
4668
|
-
const user = requireUser();
|
|
4669
|
-
const role = requireRole();
|
|
4670
|
-
const permissions = requirePermissions();
|
|
4671
|
-
const settings = requireSettings();
|
|
4672
|
-
const contentmanageruser = requireContentManagerUser();
|
|
4673
|
-
controllers = {
|
|
4674
|
-
auth,
|
|
4675
|
-
user,
|
|
4676
|
-
role,
|
|
4677
|
-
permissions,
|
|
4678
|
-
settings,
|
|
4679
|
-
contentmanageruser
|
|
4680
|
-
};
|
|
4681
|
-
return controllers;
|
|
4682
|
-
}
|
|
4683
|
-
|
|
4684
|
-
var config;
|
|
4685
|
-
var hasRequiredConfig;
|
|
4686
|
-
function requireConfig() {
|
|
4687
|
-
if (hasRequiredConfig) return config;
|
|
4688
|
-
hasRequiredConfig = 1;
|
|
4689
|
-
config = {
|
|
4690
|
-
default: ({ env })=>({
|
|
4691
|
-
jwtSecret: env('JWT_SECRET'),
|
|
4692
|
-
jwt: {
|
|
4693
|
-
expiresIn: '30d'
|
|
4694
|
-
},
|
|
4695
|
-
ratelimit: {
|
|
4696
|
-
interval: 60000,
|
|
4697
|
-
max: 10
|
|
4698
|
-
},
|
|
4699
|
-
layout: {
|
|
4700
|
-
user: {
|
|
4701
|
-
actions: {
|
|
4702
|
-
create: 'contentManagerUser.create',
|
|
4703
|
-
update: 'contentManagerUser.update'
|
|
4704
|
-
}
|
|
4705
|
-
}
|
|
4706
|
-
},
|
|
4707
|
-
callback: {
|
|
4708
|
-
validate (callback, provider) {
|
|
4709
|
-
let uCallback;
|
|
4710
|
-
let uProviderCallback;
|
|
4711
|
-
try {
|
|
4712
|
-
uCallback = new URL(callback);
|
|
4713
|
-
uProviderCallback = new URL(provider.callback);
|
|
4714
|
-
} catch {
|
|
4715
|
-
throw new Error('The callback is not a valid URL');
|
|
4716
|
-
}
|
|
4717
|
-
// Make sure the different origin matches
|
|
4718
|
-
if (uCallback.origin !== uProviderCallback.origin) {
|
|
4719
|
-
throw new Error(`Forbidden callback provided: origins don't match. Please verify your config.`);
|
|
4720
|
-
}
|
|
4721
|
-
// Make sure the different pathname matches
|
|
4722
|
-
if (uCallback.pathname !== uProviderCallback.pathname) {
|
|
4723
|
-
throw new Error(`Forbidden callback provided: pathname don't match. Please verify your config.`);
|
|
4724
|
-
}
|
|
4725
|
-
// NOTE: We're not checking the search parameters on purpose to allow passing different states
|
|
4726
|
-
}
|
|
4727
|
-
}
|
|
4728
|
-
}),
|
|
4729
|
-
validator () {}
|
|
4730
|
-
};
|
|
4731
|
-
return config;
|
|
4732
|
-
}
|
|
4733
|
-
|
|
4734
|
-
var server;
|
|
4735
|
-
var hasRequiredServer;
|
|
4736
|
-
function requireServer() {
|
|
4737
|
-
if (hasRequiredServer) return server;
|
|
4738
|
-
hasRequiredServer = 1;
|
|
4739
|
-
const register = requireRegister();
|
|
4740
|
-
const bootstrap = requireBootstrap();
|
|
4741
|
-
const contentTypes = requireContentTypes();
|
|
4742
|
-
const middlewares = requireMiddlewares();
|
|
4743
|
-
const services = requireServices();
|
|
4744
|
-
const routes = requireRoutes();
|
|
4745
|
-
const controllers = requireControllers();
|
|
4746
|
-
const config = requireConfig();
|
|
4747
|
-
server = ()=>({
|
|
4748
|
-
register,
|
|
4749
|
-
bootstrap,
|
|
4750
|
-
config,
|
|
4751
|
-
routes,
|
|
4752
|
-
controllers,
|
|
4753
|
-
contentTypes,
|
|
4754
|
-
middlewares,
|
|
4755
|
-
services
|
|
4756
|
-
});
|
|
4757
|
-
return server;
|
|
4758
|
-
}
|
|
1
|
+
import { getDefaultExportFromCjs } from './_virtual/_commonjsHelpers.mjs';
|
|
2
|
+
import { __require as requireServer } from './index2.mjs';
|
|
4759
3
|
|
|
4760
4
|
var serverExports = requireServer();
|
|
4761
5
|
var index = /*@__PURE__*/ getDefaultExportFromCjs(serverExports);
|