@strapi/plugin-users-permissions 5.18.1 → 5.20.0

package/server/routes/content-api/role.js

@@ -1,29 +1,59 @@
 'use strict';
 
-module.exports = [
-  {
-    method: 'GET',
-    path: '/roles/:id',
-    handler: 'role.findOne',
-  },
-  {
-    method: 'GET',
-    path: '/roles',
-    handler: 'role.find',
-  },
-  {
-    method: 'POST',
-    path: '/roles',
-    handler: 'role.createRole',
-  },
-  {
-    method: 'PUT',
-    path: '/roles/:role',
-    handler: 'role.updateRole',
-  },
-  {
-    method: 'DELETE',
-    path: '/roles/:role',
-    handler: 'role.deleteRole',
-  },
-];
+const { UsersPermissionsRouteValidator } = require('./validation');
+
+module.exports = (strapi) => {
+  const validator = new UsersPermissionsRouteValidator(strapi);
+
+  return [
+    {
+      method: 'GET',
+      path: '/roles/:id',
+      handler: 'role.findOne',
+      request: {
+        params: {
+          id: validator.roleIdParam,
+        },
+      },
+      response: validator.roleResponseSchema,
+    },
+    {
+      method: 'GET',
+      path: '/roles',
+      handler: 'role.find',
+      response: validator.rolesResponseSchema,
+    },
+    {
+      method: 'POST',
+      path: '/roles',
+      handler: 'role.createRole',
+      request: {
+        body: { 'application/json': validator.createRoleBodySchema },
+      },
+      response: validator.roleSuccessResponseSchema,
+    },
+    {
+      method: 'PUT',
+      path: '/roles/:role',
+      handler: 'role.updateRole',
+      request: {
+        params: {
+          role: validator.roleIdParam,
+        },
+        body: { 'application/json': validator.updateRoleBodySchema },
+      },
+      response: validator.roleSuccessResponseSchema,
+    },
+    {
+      method: 'DELETE',
+      path: '/roles/:role',
+      handler: 'role.deleteRole',
+      request: {
+        params: {
+          role: validator.roleIdParam,
+        },
+      },
+      response: validator.roleSuccessResponseSchema,
+    },
+  ];
+};

package/server/routes/content-api/user.js

@@ -1,60 +1,117 @@
 'use strict';
 
-module.exports = [
-  {
-    method: 'GET',
-    path: '/users/count',
-    handler: 'user.count',
-    config: {
-      prefix: '',
+const z = require('zod/v4');
+const { UsersPermissionsRouteValidator } = require('./validation');
+
+module.exports = (strapi) => {
+  const validator = new UsersPermissionsRouteValidator(strapi);
+
+  return [
+    {
+      method: 'GET',
+      path: '/users/count',
+      handler: 'user.count',
+      config: {
+        prefix: '',
+      },
+      request: {
+        query: {
+          filters: validator.filters.optional(),
+        },
+      },
+      response: z.number(),
     },
-  },
-  {
-    method: 'GET',
-    path: '/users',
-    handler: 'user.find',
-    config: {
-      prefix: '',
+    {
+      method: 'GET',
+      path: '/users',
+      handler: 'user.find',
+      config: {
+        prefix: '',
+      },
+      request: {
+        query: {
+          fields: validator.queryFields.optional(),
+          populate: validator.queryPopulate.optional(),
+          sort: validator.querySort.optional(),
+          pagination: validator.pagination.optional(),
+          filters: validator.filters.optional(),
+        },
+      },
+      response: z.array(validator.userSchema),
     },
-  },
-  {
-    method: 'GET',
-    path: '/users/me',
-    handler: 'user.me',
-    config: {
-      prefix: '',
+    {
+      method: 'GET',
+      path: '/users/me',
+      handler: 'user.me',
+      config: {
+        prefix: '',
+      },
+      request: {
+        query: {
+          fields: validator.queryFields.optional(),
+          populate: validator.queryPopulate.optional(),
+        },
+      },
+      response: validator.userSchema,
     },
-  },
-  {
-    method: 'GET',
-    path: '/users/:id',
-    handler: 'user.findOne',
-    config: {
-      prefix: '',
+    {
+      method: 'GET',
+      path: '/users/:id',
+      handler: 'user.findOne',
+      config: {
+        prefix: '',
+      },
+      request: {
+        params: {
+          id: validator.userIdParam,
+        },
+        query: {
+          fields: validator.queryFields.optional(),
+          populate: validator.queryPopulate.optional(),
+        },
+      },
+      response: validator.userSchema,
     },
-  },
-  {
-    method: 'POST',
-    path: '/users',
-    handler: 'user.create',
-    config: {
-      prefix: '',
+    {
+      method: 'POST',
+      path: '/users',
+      handler: 'user.create',
+      config: {
+        prefix: '',
+      },
+      request: {
+        body: { 'application/json': validator.createUserBodySchema },
+      },
+      response: validator.userSchema,
     },
-  },
-  {
-    method: 'PUT',
-    path: '/users/:id',
-    handler: 'user.update',
-    config: {
-      prefix: '',
+    {
+      method: 'PUT',
+      path: '/users/:id',
+      handler: 'user.update',
+      config: {
+        prefix: '',
+      },
+      request: {
+        params: {
+          id: validator.userIdParam,
+        },
+        body: { 'application/json': validator.updateUserBodySchema },
+      },
+      response: validator.userSchema,
     },
-  },
-  {
-    method: 'DELETE',
-    path: '/users/:id',
-    handler: 'user.destroy',
-    config: {
-      prefix: '',
+    {
+      method: 'DELETE',
+      path: '/users/:id',
+      handler: 'user.destroy',
+      config: {
+        prefix: '',
+      },
+      request: {
+        params: {
+          id: validator.userIdParam,
+        },
+      },
+      response: validator.userSchema,
     },
-  },
-];
+  ];
+};

package/server/routes/content-api/validation.js

@@ -0,0 +1,249 @@
+'use strict';
+
+const { AbstractRouteValidator } = require('@strapi/utils');
+const z = require('zod/v4');
+
+class UsersPermissionsRouteValidator extends AbstractRouteValidator {
+  constructor(strapi) {
+    super();
+    this._strapi = strapi;
+  }
+
+  get userSchema() {
+    return z.object({
+      id: z.number(),
+      documentId: z.string(),
+      username: z.string(),
+      email: z.string(),
+      provider: z.string(),
+      confirmed: z.boolean(),
+      blocked: z.boolean(),
+      role: z
+        .union([
+          z.number(),
+          z.object({
+            id: z.number(),
+            name: z.string(),
+            description: z.string().nullable(),
+            type: z.string(),
+            createdAt: z.string(),
+            updatedAt: z.string(),
+          }),
+        ])
+        .optional(),
+      createdAt: z.string(),
+      updatedAt: z.string(),
+      publishedAt: z.string(),
+    });
+  }
+
+  get roleSchema() {
+    return z.object({
+      id: z.number(),
+      documentId: z.string(),
+      name: z.string(),
+      description: z.string().nullable(),
+      type: z.string(),
+      createdAt: z.string(),
+      updatedAt: z.string(),
+      publishedAt: z.string(),
+      nb_users: z.number().optional(),
+      permissions: z
+        .record(
+          z.string(), // plugin name
+          z.object({
+            controllers: z.record(
+              z.string(), // controller name
+              z.record(
+                z.string(), // action name
+                z.object({
+                  enabled: z.boolean(),
+                  policy: z.string(),
+                })
+              )
+            ),
+          })
+        )
+        .optional(),
+      users: z.array(z.unknown()).optional(),
+    });
+  }
+
+  get permissionSchema() {
+    return z.object({
+      id: z.number(),
+      action: z.string(),
+      role: z.object({
+        id: z.number(),
+        name: z.string(),
+        description: z.string().nullable(),
+        type: z.string(),
+      }),
+      createdAt: z.string(),
+      updatedAt: z.string(),
+    });
+  }
+
+  get authResponseSchema() {
+    return z.object({
+      jwt: z.string(),
+      user: this.userSchema,
+    });
+  }
+
+  get authResponseWithoutJwtSchema() {
+    return z.object({
+      user: this.userSchema,
+    });
+  }
+
+  get authRegisterResponseSchema() {
+    return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);
+  }
+
+  get forgotPasswordResponseSchema() {
+    return z.object({
+      ok: z.boolean(),
+    });
+  }
+
+  get sendEmailConfirmationResponseSchema() {
+    return z.object({
+      email: z.string(),
+      sent: z.boolean(),
+    });
+  }
+
+  get rolesResponseSchema() {
+    return z.object({
+      roles: z.array(this.roleSchema),
+    });
+  }
+
+  get roleResponseSchema() {
+    return z.object({
+      role: this.roleSchema,
+    });
+  }
+
+  get roleSuccessResponseSchema() {
+    return z.object({
+      ok: z.boolean(),
+    });
+  }
+
+  get permissionsResponseSchema() {
+    return z.object({
+      permissions: z.record(
+        z.string(), // plugin name
+        z.object({
+          controllers: z.record(
+            z.string(), // controller name
+            z.record(
+              z.string(), // action name
+              z.object({
+                enabled: z.boolean(),
+                policy: z.string(),
+              })
+            )
+          ),
+        })
+      ),
+    });
+  }
+
+  get loginBodySchema() {
+    return z.object({
+      identifier: z.string(),
+      password: z.string(),
+    });
+  }
+
+  get registerBodySchema() {
+    return z.object({
+      username: z.string(),
+      email: z.email(),
+      password: z.string(),
+    });
+  }
+
+  get forgotPasswordBodySchema() {
+    return z.object({
+      email: z.email(),
+    });
+  }
+
+  get resetPasswordBodySchema() {
+    return z.object({
+      code: z.string(),
+      password: z.string(),
+      passwordConfirmation: z.string(),
+    });
+  }
+
+  get changePasswordBodySchema() {
+    return z.object({
+      currentPassword: z.string(),
+      password: z.string(),
+      passwordConfirmation: z.string(),
+    });
+  }
+
+  get sendEmailConfirmationBodySchema() {
+    return z.object({
+      email: z.email(),
+    });
+  }
+
+  get createUserBodySchema() {
+    return z.object({
+      username: z.string(),
+      email: z.email(),
+      password: z.string(),
+      role: z.number().optional(),
+    });
+  }
+
+  get updateUserBodySchema() {
+    return z.object({
+      username: z.string().optional(),
+      email: z.email().optional(),
+      password: z.string().optional(),
+      role: z.number().optional(),
+    });
+  }
+
+  get createRoleBodySchema() {
+    return z.object({
+      name: z.string(),
+      description: z.string().optional(),
+      type: z.string(),
+      permissions: z.record(z.string(), z.unknown()).optional(),
+    });
+  }
+
+  get updateRoleBodySchema() {
+    return z.object({
+      name: z.string().optional(),
+      description: z.string().optional(),
+      type: z.string().optional(),
+      permissions: z.record(z.string(), z.unknown()).optional(),
+    });
+  }
+
+  get userIdParam() {
+    return z.string();
+  }
+
+  get roleIdParam() {
+    return z.string();
+  }
+
+  get providerParam() {
+    return z.string();
+  }
+}
+
+module.exports = {
+  UsersPermissionsRouteValidator,
+};