@strapi/plugin-users-permissions 5.19.0 → 5.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/dist/server/controllers/content-manager-user.js +3 -3
  2. package/dist/server/controllers/content-manager-user.js.map +1 -1
  3. package/dist/server/controllers/content-manager-user.mjs +3 -3
  4. package/dist/server/controllers/content-manager-user.mjs.map +1 -1
  5. package/dist/server/controllers/validation/user.js +6 -1
  6. package/dist/server/controllers/validation/user.js.map +1 -1
  7. package/dist/server/controllers/validation/user.mjs +6 -1
  8. package/dist/server/controllers/validation/user.mjs.map +1 -1
  9. package/dist/server/routes/content-api/auth.js +139 -91
  10. package/dist/server/routes/content-api/auth.js.map +1 -1
  11. package/dist/server/routes/content-api/auth.mjs +139 -91
  12. package/dist/server/routes/content-api/auth.mjs.map +1 -1
  13. package/dist/server/routes/content-api/index.js +10 -8
  14. package/dist/server/routes/content-api/index.js.map +1 -1
  15. package/dist/server/routes/content-api/index.mjs +10 -8
  16. package/dist/server/routes/content-api/index.mjs.map +1 -1
  17. package/dist/server/routes/content-api/permissions.js +14 -7
  18. package/dist/server/routes/content-api/permissions.js.map +1 -1
  19. package/dist/server/routes/content-api/permissions.mjs +14 -7
  20. package/dist/server/routes/content-api/permissions.mjs.map +1 -1
  21. package/dist/server/routes/content-api/role.js +61 -27
  22. package/dist/server/routes/content-api/role.js.map +1 -1
  23. package/dist/server/routes/content-api/role.mjs +61 -27
  24. package/dist/server/routes/content-api/role.mjs.map +1 -1
  25. package/dist/server/routes/content-api/user.js +119 -57
  26. package/dist/server/routes/content-api/user.js.map +1 -1
  27. package/dist/server/routes/content-api/user.mjs +119 -57
  28. package/dist/server/routes/content-api/user.mjs.map +1 -1
  29. package/dist/server/routes/content-api/validation.js +216 -0
  30. package/dist/server/routes/content-api/validation.js.map +1 -0
  31. package/dist/server/routes/content-api/validation.mjs +214 -0
  32. package/dist/server/routes/content-api/validation.mjs.map +1 -0
  33. package/package.json +5 -4
  34. package/server/controllers/content-manager-user.js +3 -4
  35. package/server/controllers/validation/user.js +12 -1
  36. package/server/routes/content-api/auth.js +107 -71
  37. package/server/routes/content-api/index.js +10 -3
  38. package/server/routes/content-api/permissions.js +14 -7
  39. package/server/routes/content-api/role.js +57 -27
  40. package/server/routes/content-api/user.js +108 -51
  41. package/server/routes/content-api/validation.js +249 -0
package/dist/server/controllers/content-manager-user.js CHANGED
@@ -11,7 +11,7 @@ function requireContentManagerUser() {
11
11
  hasRequiredContentManagerUser = 1;
12
12
  const _ = require$$0;
13
13
  const { contentTypes: contentTypesUtils } = require$$1;
14
- const { ApplicationError, ValidationError, NotFoundError, ForbiddenError } = require$$1.errors;
14
+ const { ApplicationError, NotFoundError, ForbiddenError } = require$$1.errors;
15
15
  const { validateCreateUserBody, validateUpdateUserBody } = user.__require();
16
16
  const { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;
17
17
  const userModel = 'plugin::users-permissions.user';
@@ -122,8 +122,8 @@ function requireContentManagerUser() {
122
122
  const { pm, doc } = await findEntityAndCheckPermissions(userAbility, ACTIONS.edit, userModel, documentId);
123
123
  const user = doc;
124
124
  await validateUpdateUserBody(ctx.request.body);
125
- if (_.has(body, 'password') && !password && user.provider === 'local') {
126
- throw new ValidationError('password.notNull');
125
+ if (_.has(body, 'password') && (password == null || password === '')) {
126
+ delete body.password;
127
127
  }
128
128
  if (_.has(body, 'username')) {
129
129
  const userWithSameUsername = await strapi.db.query('plugin::users-permissions.user').findOne({
package/dist/server/controllers/content-manager-user.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"content-manager-user.js","sources":["../../../server/controllers/content-manager-user.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { contentTypes: contentTypesUtils } = require('@strapi/utils');\nconst { ApplicationError, ValidationError, NotFoundError, ForbiddenError } =\n require('@strapi/utils').errors;\nconst { validateCreateUserBody, validateUpdateUserBody } = require('./validation/user');\n\nconst { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;\n\nconst userModel = 'plugin::users-permissions.user';\nconst ACTIONS = {\n read: 'plugin::content-manager.explorer.read',\n create: 'plugin::content-manager.explorer.create',\n edit: 'plugin::content-manager.explorer.update',\n delete: 'plugin::content-manager.explorer.delete',\n};\n\nconst findEntityAndCheckPermissions = async (ability, action, model, id) => {\n const doc = await strapi.service('plugin::content-manager.document-manager').findOne(id, model, {\n populate: [`${CREATED_BY_ATTRIBUTE}.roles`],\n });\n\n if (_.isNil(doc)) {\n throw new NotFoundError();\n }\n\n const pm = strapi\n .service('admin::permission')\n .createPermissionsManager({ ability, action, model });\n\n if (pm.ability.cannot(pm.action, pm.toSubject(doc))) {\n throw new ForbiddenError();\n }\n\n const docWithoutCreatorRoles = _.omit(doc, `${CREATED_BY_ATTRIBUTE}.roles`);\n\n return { pm, doc: docWithoutCreatorRoles };\n};\n\nmodule.exports = {\n /**\n * Create a/an user record.\n * @return {Object}\n */\n async create(ctx) {\n const { body } = ctx.request;\n const { user: admin, userAbility } = ctx.state;\n\n const { email, username } = body;\n\n const pm = strapi.service('admin::permission').createPermissionsManager({\n ability: userAbility,\n action: ACTIONS.create,\n model: userModel,\n });\n\n if (!pm.isAllowed) {\n return ctx.forbidden();\n }\n\n const sanitizedBody = await pm.pickPermittedFieldsOf(body, { subject: userModel });\n\n const advanced = await strapi\n .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })\n .get();\n\n await validateCreateUserBody(ctx.request.body);\n\n const userWithSameUsername = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n\n if (userWithSameUsername) {\n throw new ApplicationError('Username already taken');\n }\n\n if (advanced.unique_email) {\n const userWithSameEmail = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { email: email.toLowerCase() } });\n\n if (userWithSameEmail) {\n throw new ApplicationError('Email already taken');\n }\n }\n\n const user = {\n ...sanitizedBody,\n provider: 'local',\n [CREATED_BY_ATTRIBUTE]: admin.id,\n [UPDATED_BY_ATTRIBUTE]: admin.id,\n };\n\n user.email = _.toLower(user.email);\n\n try {\n const data = await strapi\n .service('plugin::content-manager.document-manager')\n .create(userModel, { data: user });\n\n const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });\n\n ctx.created(sanitizedData);\n } catch (error) {\n throw new ApplicationError(error.message);\n }\n },\n /**\n * Update a/an user record.\n * @return {Object}\n */\n\n async update(ctx) {\n const { id: documentId } = ctx.params;\n const { body } = ctx.request;\n const { user: admin, userAbility } = ctx.state;\n\n const advancedConfigs = await strapi\n .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })\n .get();\n\n const { email, username, password } = body;\n\n const { pm, doc } = await findEntityAndCheckPermissions(\n userAbility,\n ACTIONS.edit,\n userModel,\n documentId\n );\n\n const user = doc;\n\n await validateUpdateUserBody(ctx.request.body);\n\n if (_.has(body, 'password') && !password && user.provider === 'local') {\n throw new ValidationError('password.notNull');\n }\n\n if (_.has(body, 'username')) {\n const userWithSameUsername = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n\n if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(user.id)) {\n throw new ApplicationError('Username already taken');\n }\n }\n\n if (_.has(body, 'email') && advancedConfigs.unique_email) {\n const userWithSameEmail = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { email: _.toLower(email) } });\n\n if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(user.id)) {\n throw new ApplicationError('Email already taken');\n }\n\n body.email = _.toLower(body.email);\n }\n\n const sanitizedData = await pm.pickPermittedFieldsOf(body, { subject: pm.toSubject(user) });\n const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');\n\n const data = await strapi\n .service('plugin::content-manager.document-manager')\n .update(documentId, userModel, {\n data: updateData,\n });\n\n ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });\n },\n};\n"],"names":["_","require$$0","contentTypes","contentTypesUtils","require$$1","ApplicationError","ValidationError","NotFoundError","ForbiddenError","errors","validateCreateUserBody","validateUpdateUserBody","require$$2","UPDATED_BY_ATTRIBUTE","CREATED_BY_ATTRIBUTE","constants","userModel","ACTIONS","read","create","edit","delete","findEntityAndCheckPermissions","ability","action","model","id","doc","strapi","service","findOne","populate","isNil","pm","createPermissionsManager","cannot","toSubject","docWithoutCreatorRoles","omit","contentManagerUser","ctx","body","request","user","admin","userAbility","state","email","username","isAllowed","forbidden","sanitizedBody","pickPermittedFieldsOf","subject","advanced","store","type","name","key","get","userWithSameUsername","db","query","where","unique_email","userWithSameEmail","toLowerCase","provider","toLower","data","sanitizedData","sanitizeOutput","created","error","message","update","documentId","params","advancedConfigs","password","has","toString","updateData","updatedBy"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAM,EAAEC,YAAAA,EAAcC,iBAAiB,EAAE,GAAGC,UAAAA;IAC5C,MAAM,EAAEC,gBAAgB,EAAEC,eAAe,EAAEC,aAAa,EAAEC,cAAc,EAAE,GACxEJ,UAAAA,CAAyBK,MAAM;AACjC,IAAA,MAAM,EAAEC,sBAAsB,EAAEC,sBAAsB,EAAE,GAAGC,cAAAA,EAAAA;AAE3D,IAAA,MAAM,EAAEC,oBAAoB,EAAEC,oBAAoB,EAAE,GAAGX,kBAAkBY,SAAS;AAElF,IAAA,MAAMC,SAAY,GAAA,gCAAA;AAClB,IAAA,MAAMC,OAAU,GAAA;QACdC,IAAM,EAAA,uCAAA;QACNC,MAAQ,EAAA,yCAAA;QACRC,IAAM,EAAA,yCAAA;QACNC,MAAQ,EAAA;AACV,KAAA;AAEA,IAAA,MAAMC,6BAAgC,GAAA,OAAOC,OAASC,EAAAA,MAAAA,EAAQC,KAAOC,EAAAA,EAAAA,GAAAA;QACnE,MAAMC,GAAAA,GAAM,MAAMC,MAAOC,CAAAA,OAAO,CAAC,0CAA4CC,CAAAA,CAAAA,OAAO,CAACJ,EAAAA,EAAID,KAAO,EAAA;YAC9FM,QAAU,EAAA;gBAAC,CAAC,EAAEjB,oBAAqB,CAAA,MAAM;AAAE;AAC/C,SAAA,CAAA;QAEE,IAAId,CAAAA,CAAEgC,KAAK,CAACL,GAAM,CAAA,EAAA;AAChB,YAAA,MAAM,IAAIpB,aAAAA,EAAAA;AACX;AAED,QAAA,MAAM0B,KAAKL,MACRC,CAAAA,OAAO,CAAC,mBAAA,CAAA,CACRK,wBAAwB,CAAC;AAAEX,YAAAA,OAAAA;AAASC,YAAAA,MAAAA;AAAQC,YAAAA;AAAO,SAAA,CAAA;QAEtD,IAAIQ,EAAAA,CAAGV,OAAO,CAACY,MAAM,CAACF,EAAGT,CAAAA,MAAM,EAAES,EAAAA,CAAGG,SAAS,CAACT,GAAO,CAAA,CAAA,EAAA;AACnD,YAAA,MAAM,IAAInB,cAAAA,EAAAA;AACX;QAED,MAAM6B,sBAAAA,GAAyBrC,EAAEsC,IAAI,CAACX,KAAK,CAAC,EAAEb,oBAAqB,CAAA,MAAM,CAAC,CAAA;QAE1E,OAAO;AAAEmB,YAAAA,EAAAA;YAAIN,GAAKU,EAAAA;;AACpB,KAAA;IAEAE,kBAAiB,GAAA;AACjB;;;OAIE,MAAMpB,QAAOqB,GAAG,EAAA;AACd,YAAA,MAAM,EAAEC,IAAI,EAAE,GAAGD,IAAIE,OAAO;YAC5B,MAAM,EAAEC,MAAMC,KAAK,EAAEC,WAAW,EAAE,GAAGL,IAAIM,KAAK;AAE9C,YAAA,MAAM,EAAEC,KAAK,EAAEC,QAAQ,EAAE,GAAGP,IAAAA;AAE5B,YAAA,MAAMR,KAAKL,MAAOC,CAAAA,OAAO,CAAC,mBAAA,CAAA,CAAqBK,wBAAwB,CAAC;gBACtEX,OAASsB,EAAAA,WAAAA;AACTrB,gBAAAA,MAAAA,EAAQP,QAAQE,MAAM;gBACtBM,KAAOT,EAAAA;AACb,aAAA,CAAA;YAEI,IAAI,CAACiB,EAAGgB,CAAAA,SAAS,EAAE;AACjB,gBAAA,OAAOT,IAAIU,SAAS,EAAA;AACrB;AAED,YAAA,MAAMC,aAAgB,GAAA,MAAMlB,EAAGmB,CAAAA,qBAAqB,CAACX,IAAM,EAAA;gBAAEY,OAASrC,EAAAA;AAAS,aAAA,CAAA;AAE/E,YAAA,MAAMsC,QAAW,GAAA,MAAM1B,MACpB2B,CAAAA,KAAK,CAAC;gBAAEC,IAAM,EAAA,QAAA;gBAAUC,IAAM,EAAA,mBAAA;gBAAqBC,GAAK,EAAA;eACxDC,GAAG,EAAA;AAEN,YAAA,MAAMjD,sBAAuB8B,CAAAA,GAAAA,CAAIE,OAAO,CAACD,IAAI,CAAA;YAE7C,MAAMmB,oBAAAA,GAAuB,MAAMhC,MAAOiC,CAAAA,EAAE,CACzCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;gBAAEiC,KAAO,EAAA;AAAEf,oBAAAA;AAAQ;AAAI,aAAA,CAAA;AAElC,YAAA,IAAIY,oBAAsB,EAAA;AACxB,gBAAA,MAAM,IAAIvD,gBAAiB,CAAA,wBAAA,CAAA;AAC5B;YAED,IAAIiD,QAAAA,CAASU,YAAY,EAAE;gBACzB,MAAMC,iBAAAA,GAAoB,MAAMrC,MAAOiC,CAAAA,EAAE,CACtCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;AAAEhB,wBAAAA,KAAAA,EAAOA,MAAMmB,WAAW;AAAI;AAAA,iBAAA,CAAA;AAElD,gBAAA,IAAID,iBAAmB,EAAA;AACrB,oBAAA,MAAM,IAAI5D,gBAAiB,CAAA,qBAAA,CAAA;AAC5B;AACF;AAED,YAAA,MAAMsC,IAAO,GAAA;AACX,gBAAA,GAAGQ,aAAa;gBAChBgB,QAAU,EAAA,OAAA;gBACV,CAACrD,oBAAAA,GAAuB8B,KAAAA,CAAMlB,EAAE;gBAChC,CAACb,oBAAAA,GAAuB+B,KAAAA,CAAMlB;AACpC,aAAA;AAEIiB,YAAAA,IAAAA,CAAKI,KAAK,GAAG/C,CAAAA,CAAEoE,OAAO,CAACzB,KAAKI,KAAK,CAAA;YAEjC,IAAI;gBACF,MAAMsB,IAAAA,GAAO,MAAMzC,MAChBC,CAAAA,OAAO,CAAC,0CACRV,CAAAA,CAAAA,MAAM,CAACH,SAAW,EAAA;oBAAEqD,IAAM1B,EAAAA;AAAM,iBAAA,CAAA;AAEnC,gBAAA,MAAM2B,aAAgB,GAAA,MAAMrC,EAAGsC,CAAAA,cAAc,CAACF,IAAM,EAAA;AAAE7C,oBAAAA,MAAAA,EAAQP,QAAQC;AAAI,iBAAA,CAAA;AAE1EsB,gBAAAA,GAAAA,CAAIgC,OAAO,CAACF,aAAAA,CAAAA;AACb,aAAA,CAAC,OAAOG,KAAO,EAAA;gBACd,MAAM,IAAIpE,gBAAiBoE,CAAAA,KAAAA,CAAMC,OAAO,CAAA;AACzC;AACF,SAAA;AACH;;;OAKE,MAAMC,QAAOnC,GAAG,EAAA;AACd,YAAA,MAAM,EAAEd,EAAIkD,EAAAA,UAAU,EAAE,GAAGpC,IAAIqC,MAAM;AACrC,YAAA,MAAM,EAAEpC,IAAI,EAAE,GAAGD,IAAIE,OAAO;YAC5B,MAAM,EAAEC,MAAMC,KAAK,EAAEC,WAAW,EAAE,GAAGL,IAAIM,KAAK;AAE9C,YAAA,MAAMgC,eAAkB,GAAA,MAAMlD,MAC3B2B,CAAAA,KAAK,CAAC;gBAAEC,IAAM,EAAA,QAAA;gBAAUC,IAAM,EAAA,mBAAA;gBAAqBC,GAAK,EAAA;eACxDC,GAAG,EAAA;AAEN,YAAA,MAAM,EAAEZ,KAAK,EAAEC,QAAQ,EAAE+B,QAAQ,EAAE,GAAGtC,IAAAA;AAEtC,YAAA,MAAM,EAAER,EAAE,EAAEN,GAAG,EAAE,GAAG,MAAML,6BAAAA,CACxBuB,WACA5B,EAAAA,OAAAA,CAAQG,IAAI,EACZJ,SACA4D,EAAAA,UAAAA,CAAAA;AAGF,YAAA,MAAMjC,IAAOhB,GAAAA,GAAAA;AAEb,YAAA,MAAMhB,sBAAuB6B,CAAAA,GAAAA,CAAIE,OAAO,CAACD,IAAI,CAAA;YAE7C,IAAIzC,CAAAA,CAAEgF,GAAG,CAACvC,IAAM,EAAA,UAAA,CAAA,IAAe,CAACsC,QAAYpC,IAAAA,IAAAA,CAAKwB,QAAQ,KAAK,OAAS,EAAA;AACrE,gBAAA,MAAM,IAAI7D,eAAgB,CAAA,kBAAA,CAAA;AAC3B;AAED,YAAA,IAAIN,CAAEgF,CAAAA,GAAG,CAACvC,IAAAA,EAAM,UAAa,CAAA,EAAA;gBAC3B,MAAMmB,oBAAAA,GAAuB,MAAMhC,MAAOiC,CAAAA,EAAE,CACzCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;AAAEf,wBAAAA;AAAQ;AAAI,iBAAA,CAAA;AAElC,gBAAA,IAAIY,oBAAwB5D,IAAAA,CAAAA,CAAEiF,QAAQ,CAACrB,oBAAqBlC,CAAAA,EAAE,CAAM1B,KAAAA,CAAAA,CAAEiF,QAAQ,CAACtC,IAAKjB,CAAAA,EAAE,CAAG,EAAA;AACvF,oBAAA,MAAM,IAAIrB,gBAAiB,CAAA,wBAAA,CAAA;AAC5B;AACF;AAED,YAAA,IAAIL,EAAEgF,GAAG,CAACvC,MAAM,OAAYqC,CAAAA,IAAAA,eAAAA,CAAgBd,YAAY,EAAE;gBACxD,MAAMC,iBAAAA,GAAoB,MAAMrC,MAAOiC,CAAAA,EAAE,CACtCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;wBAAEhB,KAAO/C,EAAAA,CAAAA,CAAEoE,OAAO,CAACrB,KAAAA;AAAQ;AAAA,iBAAA,CAAA;AAE/C,gBAAA,IAAIkB,iBAAqBjE,IAAAA,CAAAA,CAAEiF,QAAQ,CAAChB,iBAAkBvC,CAAAA,EAAE,CAAM1B,KAAAA,CAAAA,CAAEiF,QAAQ,CAACtC,IAAKjB,CAAAA,EAAE,CAAG,EAAA;AACjF,oBAAA,MAAM,IAAIrB,gBAAiB,CAAA,qBAAA,CAAA;AAC5B;AAEDoC,gBAAAA,IAAAA,CAAKM,KAAK,GAAG/C,CAAAA,CAAEoE,OAAO,CAAC3B,KAAKM,KAAK,CAAA;AAClC;AAED,YAAA,MAAMuB,aAAgB,GAAA,MAAMrC,EAAGmB,CAAAA,qBAAqB,CAACX,IAAM,EAAA;gBAAEY,OAASpB,EAAAA,EAAAA,CAAGG,SAAS,CAACO,IAAAA;AAAO,aAAA,CAAA;YAC1F,MAAMuC,UAAAA,GAAalF,CAAEsC,CAAAA,IAAI,CAAC;AAAE,gBAAA,GAAGgC,aAAa;AAAEa,gBAAAA,SAAAA,EAAWvC,MAAMlB;aAAM,EAAA,WAAA,CAAA;YAErE,MAAM2C,IAAAA,GAAO,MAAMzC,MAChBC,CAAAA,OAAO,CAAC,0CACR8C,CAAAA,CAAAA,MAAM,CAACC,UAAAA,EAAY5D,SAAW,EAAA;gBAC7BqD,IAAMa,EAAAA;AACd,aAAA,CAAA;AAEI1C,YAAAA,GAAAA,CAAIC,IAAI,GAAG,MAAMR,EAAGsC,CAAAA,cAAc,CAACF,IAAM,EAAA;AAAE7C,gBAAAA,MAAAA,EAAQP,QAAQC;AAAI,aAAA,CAAA;AAChE;AACH,KAAA;;;;;;"}
1
+ {"version":3,"file":"content-manager-user.js","sources":["../../../server/controllers/content-manager-user.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { contentTypes: contentTypesUtils } = require('@strapi/utils');\nconst { ApplicationError, NotFoundError, ForbiddenError } = require('@strapi/utils').errors;\nconst { validateCreateUserBody, validateUpdateUserBody } = require('./validation/user');\n\nconst { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;\n\nconst userModel = 'plugin::users-permissions.user';\nconst ACTIONS = {\n read: 'plugin::content-manager.explorer.read',\n create: 'plugin::content-manager.explorer.create',\n edit: 'plugin::content-manager.explorer.update',\n delete: 'plugin::content-manager.explorer.delete',\n};\n\nconst findEntityAndCheckPermissions = async (ability, action, model, id) => {\n const doc = await strapi.service('plugin::content-manager.document-manager').findOne(id, model, {\n populate: [`${CREATED_BY_ATTRIBUTE}.roles`],\n });\n\n if (_.isNil(doc)) {\n throw new NotFoundError();\n }\n\n const pm = strapi\n .service('admin::permission')\n .createPermissionsManager({ ability, action, model });\n\n if (pm.ability.cannot(pm.action, pm.toSubject(doc))) {\n throw new ForbiddenError();\n }\n\n const docWithoutCreatorRoles = _.omit(doc, `${CREATED_BY_ATTRIBUTE}.roles`);\n\n return { pm, doc: docWithoutCreatorRoles };\n};\n\nmodule.exports = {\n /**\n * Create a/an user record.\n * @return {Object}\n */\n async create(ctx) {\n const { body } = ctx.request;\n const { user: admin, userAbility } = ctx.state;\n\n const { email, username } = body;\n\n const pm = strapi.service('admin::permission').createPermissionsManager({\n ability: userAbility,\n action: ACTIONS.create,\n model: userModel,\n });\n\n if (!pm.isAllowed) {\n return ctx.forbidden();\n }\n\n const sanitizedBody = await pm.pickPermittedFieldsOf(body, { subject: userModel });\n\n const advanced = await strapi\n .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })\n .get();\n\n await validateCreateUserBody(ctx.request.body);\n\n const userWithSameUsername = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n\n if (userWithSameUsername) {\n throw new ApplicationError('Username already taken');\n }\n\n if (advanced.unique_email) {\n const userWithSameEmail = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { email: email.toLowerCase() } });\n\n if (userWithSameEmail) {\n throw new ApplicationError('Email already taken');\n }\n }\n\n const user = {\n ...sanitizedBody,\n provider: 'local',\n [CREATED_BY_ATTRIBUTE]: admin.id,\n [UPDATED_BY_ATTRIBUTE]: admin.id,\n };\n\n user.email = _.toLower(user.email);\n\n try {\n const data = await strapi\n .service('plugin::content-manager.document-manager')\n .create(userModel, { data: user });\n\n const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });\n\n ctx.created(sanitizedData);\n } catch (error) {\n throw new ApplicationError(error.message);\n }\n },\n /**\n * Update a/an user record.\n * @return {Object}\n */\n\n async update(ctx) {\n const { id: documentId } = ctx.params;\n const { body } = ctx.request;\n const { user: admin, userAbility } = ctx.state;\n\n const advancedConfigs = await strapi\n .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })\n .get();\n\n const { email, username, password } = body;\n\n const { pm, doc } = await findEntityAndCheckPermissions(\n userAbility,\n ACTIONS.edit,\n userModel,\n documentId\n );\n\n const user = doc;\n\n await validateUpdateUserBody(ctx.request.body);\n\n if (_.has(body, 'password') && (password == null || password === '')) {\n delete body.password;\n }\n\n if (_.has(body, 'username')) {\n const userWithSameUsername = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n\n if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(user.id)) {\n throw new ApplicationError('Username already taken');\n }\n }\n\n if (_.has(body, 'email') && advancedConfigs.unique_email) {\n const userWithSameEmail = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { email: _.toLower(email) } });\n\n if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(user.id)) {\n throw new ApplicationError('Email already taken');\n }\n\n body.email = _.toLower(body.email);\n }\n\n const sanitizedData = await pm.pickPermittedFieldsOf(body, { subject: pm.toSubject(user) });\n const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');\n\n const data = await strapi\n .service('plugin::content-manager.document-manager')\n .update(documentId, userModel, {\n data: updateData,\n });\n\n ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });\n },\n};\n"],"names":["_","require$$0","contentTypes","contentTypesUtils","require$$1","ApplicationError","NotFoundError","ForbiddenError","errors","validateCreateUserBody","validateUpdateUserBody","require$$2","UPDATED_BY_ATTRIBUTE","CREATED_BY_ATTRIBUTE","constants","userModel","ACTIONS","read","create","edit","delete","findEntityAndCheckPermissions","ability","action","model","id","doc","strapi","service","findOne","populate","isNil","pm","createPermissionsManager","cannot","toSubject","docWithoutCreatorRoles","omit","contentManagerUser","ctx","body","request","user","admin","userAbility","state","email","username","isAllowed","forbidden","sanitizedBody","pickPermittedFieldsOf","subject","advanced","store","type","name","key","get","userWithSameUsername","db","query","where","unique_email","userWithSameEmail","toLowerCase","provider","toLower","data","sanitizedData","sanitizeOutput","created","error","message","update","documentId","params","advancedConfigs","password","has","toString","updateData","updatedBy"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAM,EAAEC,YAAAA,EAAcC,iBAAiB,EAAE,GAAGC,UAAAA;IAC5C,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAEC,cAAc,EAAE,GAAGH,UAAAA,CAAyBI,MAAM;AAC3F,IAAA,MAAM,EAAEC,sBAAsB,EAAEC,sBAAsB,EAAE,GAAGC,cAAAA,EAAAA;AAE3D,IAAA,MAAM,EAAEC,oBAAoB,EAAEC,oBAAoB,EAAE,GAAGV,kBAAkBW,SAAS;AAElF,IAAA,MAAMC,SAAY,GAAA,gCAAA;AAClB,IAAA,MAAMC,OAAU,GAAA;QACdC,IAAM,EAAA,uCAAA;QACNC,MAAQ,EAAA,yCAAA;QACRC,IAAM,EAAA,yCAAA;QACNC,MAAQ,EAAA;AACV,KAAA;AAEA,IAAA,MAAMC,6BAAgC,GAAA,OAAOC,OAASC,EAAAA,MAAAA,EAAQC,KAAOC,EAAAA,EAAAA,GAAAA;QACnE,MAAMC,GAAAA,GAAM,MAAMC,MAAOC,CAAAA,OAAO,CAAC,0CAA4CC,CAAAA,CAAAA,OAAO,CAACJ,EAAAA,EAAID,KAAO,EAAA;YAC9FM,QAAU,EAAA;gBAAC,CAAC,EAAEjB,oBAAqB,CAAA,MAAM;AAAE;AAC/C,SAAA,CAAA;QAEE,IAAIb,CAAAA,CAAE+B,KAAK,CAACL,GAAM,CAAA,EAAA;AAChB,YAAA,MAAM,IAAIpB,aAAAA,EAAAA;AACX;AAED,QAAA,MAAM0B,KAAKL,MACRC,CAAAA,OAAO,CAAC,mBAAA,CAAA,CACRK,wBAAwB,CAAC;AAAEX,YAAAA,OAAAA;AAASC,YAAAA,MAAAA;AAAQC,YAAAA;AAAO,SAAA,CAAA;QAEtD,IAAIQ,EAAAA,CAAGV,OAAO,CAACY,MAAM,CAACF,EAAGT,CAAAA,MAAM,EAAES,EAAAA,CAAGG,SAAS,CAACT,GAAO,CAAA,CAAA,EAAA;AACnD,YAAA,MAAM,IAAInB,cAAAA,EAAAA;AACX;QAED,MAAM6B,sBAAAA,GAAyBpC,EAAEqC,IAAI,CAACX,KAAK,CAAC,EAAEb,oBAAqB,CAAA,MAAM,CAAC,CAAA;QAE1E,OAAO;AAAEmB,YAAAA,EAAAA;YAAIN,GAAKU,EAAAA;;AACpB,KAAA;IAEAE,kBAAiB,GAAA;AACjB;;;OAIE,MAAMpB,QAAOqB,GAAG,EAAA;AACd,YAAA,MAAM,EAAEC,IAAI,EAAE,GAAGD,IAAIE,OAAO;YAC5B,MAAM,EAAEC,MAAMC,KAAK,EAAEC,WAAW,EAAE,GAAGL,IAAIM,KAAK;AAE9C,YAAA,MAAM,EAAEC,KAAK,EAAEC,QAAQ,EAAE,GAAGP,IAAAA;AAE5B,YAAA,MAAMR,KAAKL,MAAOC,CAAAA,OAAO,CAAC,mBAAA,CAAA,CAAqBK,wBAAwB,CAAC;gBACtEX,OAASsB,EAAAA,WAAAA;AACTrB,gBAAAA,MAAAA,EAAQP,QAAQE,MAAM;gBACtBM,KAAOT,EAAAA;AACb,aAAA,CAAA;YAEI,IAAI,CAACiB,EAAGgB,CAAAA,SAAS,EAAE;AACjB,gBAAA,OAAOT,IAAIU,SAAS,EAAA;AACrB;AAED,YAAA,MAAMC,aAAgB,GAAA,MAAMlB,EAAGmB,CAAAA,qBAAqB,CAACX,IAAM,EAAA;gBAAEY,OAASrC,EAAAA;AAAS,aAAA,CAAA;AAE/E,YAAA,MAAMsC,QAAW,GAAA,MAAM1B,MACpB2B,CAAAA,KAAK,CAAC;gBAAEC,IAAM,EAAA,QAAA;gBAAUC,IAAM,EAAA,mBAAA;gBAAqBC,GAAK,EAAA;eACxDC,GAAG,EAAA;AAEN,YAAA,MAAMjD,sBAAuB8B,CAAAA,GAAAA,CAAIE,OAAO,CAACD,IAAI,CAAA;YAE7C,MAAMmB,oBAAAA,GAAuB,MAAMhC,MAAOiC,CAAAA,EAAE,CACzCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;gBAAEiC,KAAO,EAAA;AAAEf,oBAAAA;AAAQ;AAAI,aAAA,CAAA;AAElC,YAAA,IAAIY,oBAAsB,EAAA;AACxB,gBAAA,MAAM,IAAItD,gBAAiB,CAAA,wBAAA,CAAA;AAC5B;YAED,IAAIgD,QAAAA,CAASU,YAAY,EAAE;gBACzB,MAAMC,iBAAAA,GAAoB,MAAMrC,MAAOiC,CAAAA,EAAE,CACtCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;AAAEhB,wBAAAA,KAAAA,EAAOA,MAAMmB,WAAW;AAAI;AAAA,iBAAA,CAAA;AAElD,gBAAA,IAAID,iBAAmB,EAAA;AACrB,oBAAA,MAAM,IAAI3D,gBAAiB,CAAA,qBAAA,CAAA;AAC5B;AACF;AAED,YAAA,MAAMqC,IAAO,GAAA;AACX,gBAAA,GAAGQ,aAAa;gBAChBgB,QAAU,EAAA,OAAA;gBACV,CAACrD,oBAAAA,GAAuB8B,KAAAA,CAAMlB,EAAE;gBAChC,CAACb,oBAAAA,GAAuB+B,KAAAA,CAAMlB;AACpC,aAAA;AAEIiB,YAAAA,IAAAA,CAAKI,KAAK,GAAG9C,CAAAA,CAAEmE,OAAO,CAACzB,KAAKI,KAAK,CAAA;YAEjC,IAAI;gBACF,MAAMsB,IAAAA,GAAO,MAAMzC,MAChBC,CAAAA,OAAO,CAAC,0CACRV,CAAAA,CAAAA,MAAM,CAACH,SAAW,EAAA;oBAAEqD,IAAM1B,EAAAA;AAAM,iBAAA,CAAA;AAEnC,gBAAA,MAAM2B,aAAgB,GAAA,MAAMrC,EAAGsC,CAAAA,cAAc,CAACF,IAAM,EAAA;AAAE7C,oBAAAA,MAAAA,EAAQP,QAAQC;AAAI,iBAAA,CAAA;AAE1EsB,gBAAAA,GAAAA,CAAIgC,OAAO,CAACF,aAAAA,CAAAA;AACb,aAAA,CAAC,OAAOG,KAAO,EAAA;gBACd,MAAM,IAAInE,gBAAiBmE,CAAAA,KAAAA,CAAMC,OAAO,CAAA;AACzC;AACF,SAAA;AACH;;;OAKE,MAAMC,QAAOnC,GAAG,EAAA;AACd,YAAA,MAAM,EAAEd,EAAIkD,EAAAA,UAAU,EAAE,GAAGpC,IAAIqC,MAAM;AACrC,YAAA,MAAM,EAAEpC,IAAI,EAAE,GAAGD,IAAIE,OAAO;YAC5B,MAAM,EAAEC,MAAMC,KAAK,EAAEC,WAAW,EAAE,GAAGL,IAAIM,KAAK;AAE9C,YAAA,MAAMgC,eAAkB,GAAA,MAAMlD,MAC3B2B,CAAAA,KAAK,CAAC;gBAAEC,IAAM,EAAA,QAAA;gBAAUC,IAAM,EAAA,mBAAA;gBAAqBC,GAAK,EAAA;eACxDC,GAAG,EAAA;AAEN,YAAA,MAAM,EAAEZ,KAAK,EAAEC,QAAQ,EAAE+B,QAAQ,EAAE,GAAGtC,IAAAA;AAEtC,YAAA,MAAM,EAAER,EAAE,EAAEN,GAAG,EAAE,GAAG,MAAML,6BAAAA,CACxBuB,WACA5B,EAAAA,OAAAA,CAAQG,IAAI,EACZJ,SACA4D,EAAAA,UAAAA,CAAAA;AAGF,YAAA,MAAMjC,IAAOhB,GAAAA,GAAAA;AAEb,YAAA,MAAMhB,sBAAuB6B,CAAAA,GAAAA,CAAIE,OAAO,CAACD,IAAI,CAAA;YAE7C,IAAIxC,CAAAA,CAAE+E,GAAG,CAACvC,IAAM,EAAA,UAAA,CAAA,KAAgBsC,QAAY,IAAA,IAAA,IAAQA,QAAa,KAAA,EAAA,CAAK,EAAA;AACpE,gBAAA,OAAOtC,KAAKsC,QAAQ;AACrB;AAED,YAAA,IAAI9E,CAAE+E,CAAAA,GAAG,CAACvC,IAAAA,EAAM,UAAa,CAAA,EAAA;gBAC3B,MAAMmB,oBAAAA,GAAuB,MAAMhC,MAAOiC,CAAAA,EAAE,CACzCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;AAAEf,wBAAAA;AAAQ;AAAI,iBAAA,CAAA;AAElC,gBAAA,IAAIY,oBAAwB3D,IAAAA,CAAAA,CAAEgF,QAAQ,CAACrB,oBAAqBlC,CAAAA,EAAE,CAAMzB,KAAAA,CAAAA,CAAEgF,QAAQ,CAACtC,IAAKjB,CAAAA,EAAE,CAAG,EAAA;AACvF,oBAAA,MAAM,IAAIpB,gBAAiB,CAAA,wBAAA,CAAA;AAC5B;AACF;AAED,YAAA,IAAIL,EAAE+E,GAAG,CAACvC,MAAM,OAAYqC,CAAAA,IAAAA,eAAAA,CAAgBd,YAAY,EAAE;gBACxD,MAAMC,iBAAAA,GAAoB,MAAMrC,MAAOiC,CAAAA,EAAE,CACtCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;wBAAEhB,KAAO9C,EAAAA,CAAAA,CAAEmE,OAAO,CAACrB,KAAAA;AAAQ;AAAA,iBAAA,CAAA;AAE/C,gBAAA,IAAIkB,iBAAqBhE,IAAAA,CAAAA,CAAEgF,QAAQ,CAAChB,iBAAkBvC,CAAAA,EAAE,CAAMzB,KAAAA,CAAAA,CAAEgF,QAAQ,CAACtC,IAAKjB,CAAAA,EAAE,CAAG,EAAA;AACjF,oBAAA,MAAM,IAAIpB,gBAAiB,CAAA,qBAAA,CAAA;AAC5B;AAEDmC,gBAAAA,IAAAA,CAAKM,KAAK,GAAG9C,CAAAA,CAAEmE,OAAO,CAAC3B,KAAKM,KAAK,CAAA;AAClC;AAED,YAAA,MAAMuB,aAAgB,GAAA,MAAMrC,EAAGmB,CAAAA,qBAAqB,CAACX,IAAM,EAAA;gBAAEY,OAASpB,EAAAA,EAAAA,CAAGG,SAAS,CAACO,IAAAA;AAAO,aAAA,CAAA;YAC1F,MAAMuC,UAAAA,GAAajF,CAAEqC,CAAAA,IAAI,CAAC;AAAE,gBAAA,GAAGgC,aAAa;AAAEa,gBAAAA,SAAAA,EAAWvC,MAAMlB;aAAM,EAAA,WAAA,CAAA;YAErE,MAAM2C,IAAAA,GAAO,MAAMzC,MAChBC,CAAAA,OAAO,CAAC,0CACR8C,CAAAA,CAAAA,MAAM,CAACC,UAAAA,EAAY5D,SAAW,EAAA;gBAC7BqD,IAAMa,EAAAA;AACd,aAAA,CAAA;AAEI1C,YAAAA,GAAAA,CAAIC,IAAI,GAAG,MAAMR,EAAGsC,CAAAA,cAAc,CAACF,IAAM,EAAA;AAAE7C,gBAAAA,MAAAA,EAAQP,QAAQC;AAAI,aAAA,CAAA;AAChE;AACH,KAAA;;;;;;"}
package/dist/server/controllers/content-manager-user.mjs CHANGED
@@ -9,7 +9,7 @@ function requireContentManagerUser() {
9
9
  hasRequiredContentManagerUser = 1;
10
10
  const _ = require$$0;
11
11
  const { contentTypes: contentTypesUtils } = require$$1;
12
- const { ApplicationError, ValidationError, NotFoundError, ForbiddenError } = require$$1.errors;
12
+ const { ApplicationError, NotFoundError, ForbiddenError } = require$$1.errors;
13
13
  const { validateCreateUserBody, validateUpdateUserBody } = requireUser();
14
14
  const { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;
15
15
  const userModel = 'plugin::users-permissions.user';
@@ -120,8 +120,8 @@ function requireContentManagerUser() {
120
120
  const { pm, doc } = await findEntityAndCheckPermissions(userAbility, ACTIONS.edit, userModel, documentId);
121
121
  const user = doc;
122
122
  await validateUpdateUserBody(ctx.request.body);
123
- if (_.has(body, 'password') && !password && user.provider === 'local') {
124
- throw new ValidationError('password.notNull');
123
+ if (_.has(body, 'password') && (password == null || password === '')) {
124
+ delete body.password;
125
125
  }
126
126
  if (_.has(body, 'username')) {
127
127
  const userWithSameUsername = await strapi.db.query('plugin::users-permissions.user').findOne({
package/dist/server/controllers/content-manager-user.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"content-manager-user.mjs","sources":["../../../server/controllers/content-manager-user.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { contentTypes: contentTypesUtils } = require('@strapi/utils');\nconst { ApplicationError, ValidationError, NotFoundError, ForbiddenError } =\n require('@strapi/utils').errors;\nconst { validateCreateUserBody, validateUpdateUserBody } = require('./validation/user');\n\nconst { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;\n\nconst userModel = 'plugin::users-permissions.user';\nconst ACTIONS = {\n read: 'plugin::content-manager.explorer.read',\n create: 'plugin::content-manager.explorer.create',\n edit: 'plugin::content-manager.explorer.update',\n delete: 'plugin::content-manager.explorer.delete',\n};\n\nconst findEntityAndCheckPermissions = async (ability, action, model, id) => {\n const doc = await strapi.service('plugin::content-manager.document-manager').findOne(id, model, {\n populate: [`${CREATED_BY_ATTRIBUTE}.roles`],\n });\n\n if (_.isNil(doc)) {\n throw new NotFoundError();\n }\n\n const pm = strapi\n .service('admin::permission')\n .createPermissionsManager({ ability, action, model });\n\n if (pm.ability.cannot(pm.action, pm.toSubject(doc))) {\n throw new ForbiddenError();\n }\n\n const docWithoutCreatorRoles = _.omit(doc, `${CREATED_BY_ATTRIBUTE}.roles`);\n\n return { pm, doc: docWithoutCreatorRoles };\n};\n\nmodule.exports = {\n /**\n * Create a/an user record.\n * @return {Object}\n */\n async create(ctx) {\n const { body } = ctx.request;\n const { user: admin, userAbility } = ctx.state;\n\n const { email, username } = body;\n\n const pm = strapi.service('admin::permission').createPermissionsManager({\n ability: userAbility,\n action: ACTIONS.create,\n model: userModel,\n });\n\n if (!pm.isAllowed) {\n return ctx.forbidden();\n }\n\n const sanitizedBody = await pm.pickPermittedFieldsOf(body, { subject: userModel });\n\n const advanced = await strapi\n .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })\n .get();\n\n await validateCreateUserBody(ctx.request.body);\n\n const userWithSameUsername = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n\n if (userWithSameUsername) {\n throw new ApplicationError('Username already taken');\n }\n\n if (advanced.unique_email) {\n const userWithSameEmail = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { email: email.toLowerCase() } });\n\n if (userWithSameEmail) {\n throw new ApplicationError('Email already taken');\n }\n }\n\n const user = {\n ...sanitizedBody,\n provider: 'local',\n [CREATED_BY_ATTRIBUTE]: admin.id,\n [UPDATED_BY_ATTRIBUTE]: admin.id,\n };\n\n user.email = _.toLower(user.email);\n\n try {\n const data = await strapi\n .service('plugin::content-manager.document-manager')\n .create(userModel, { data: user });\n\n const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });\n\n ctx.created(sanitizedData);\n } catch (error) {\n throw new ApplicationError(error.message);\n }\n },\n /**\n * Update a/an user record.\n * @return {Object}\n */\n\n async update(ctx) {\n const { id: documentId } = ctx.params;\n const { body } = ctx.request;\n const { user: admin, userAbility } = ctx.state;\n\n const advancedConfigs = await strapi\n .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })\n .get();\n\n const { email, username, password } = body;\n\n const { pm, doc } = await findEntityAndCheckPermissions(\n userAbility,\n ACTIONS.edit,\n userModel,\n documentId\n );\n\n const user = doc;\n\n await validateUpdateUserBody(ctx.request.body);\n\n if (_.has(body, 'password') && !password && user.provider === 'local') {\n throw new ValidationError('password.notNull');\n }\n\n if (_.has(body, 'username')) {\n const userWithSameUsername = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n\n if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(user.id)) {\n throw new ApplicationError('Username already taken');\n }\n }\n\n if (_.has(body, 'email') && advancedConfigs.unique_email) {\n const userWithSameEmail = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { email: _.toLower(email) } });\n\n if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(user.id)) {\n throw new ApplicationError('Email already taken');\n }\n\n body.email = _.toLower(body.email);\n }\n\n const sanitizedData = await pm.pickPermittedFieldsOf(body, { subject: pm.toSubject(user) });\n const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');\n\n const data = await strapi\n .service('plugin::content-manager.document-manager')\n .update(documentId, userModel, {\n data: updateData,\n });\n\n ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });\n },\n};\n"],"names":["_","require$$0","contentTypes","contentTypesUtils","require$$1","ApplicationError","ValidationError","NotFoundError","ForbiddenError","errors","validateCreateUserBody","validateUpdateUserBody","require$$2","UPDATED_BY_ATTRIBUTE","CREATED_BY_ATTRIBUTE","constants","userModel","ACTIONS","read","create","edit","delete","findEntityAndCheckPermissions","ability","action","model","id","doc","strapi","service","findOne","populate","isNil","pm","createPermissionsManager","cannot","toSubject","docWithoutCreatorRoles","omit","contentManagerUser","ctx","body","request","user","admin","userAbility","state","email","username","isAllowed","forbidden","sanitizedBody","pickPermittedFieldsOf","subject","advanced","store","type","name","key","get","userWithSameUsername","db","query","where","unique_email","userWithSameEmail","toLowerCase","provider","toLower","data","sanitizedData","sanitizeOutput","created","error","message","update","documentId","params","advancedConfigs","password","has","toString","updateData","updatedBy"],"mappings":";;;;;;;;;AAEA,IAAA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAM,EAAEC,YAAAA,EAAcC,iBAAiB,EAAE,GAAGC,UAAAA;IAC5C,MAAM,EAAEC,gBAAgB,EAAEC,eAAe,EAAEC,aAAa,EAAEC,cAAc,EAAE,GACxEJ,UAAAA,CAAyBK,MAAM;AACjC,IAAA,MAAM,EAAEC,sBAAsB,EAAEC,sBAAsB,EAAE,GAAGC,WAAAA,EAAAA;AAE3D,IAAA,MAAM,EAAEC,oBAAoB,EAAEC,oBAAoB,EAAE,GAAGX,kBAAkBY,SAAS;AAElF,IAAA,MAAMC,SAAY,GAAA,gCAAA;AAClB,IAAA,MAAMC,OAAU,GAAA;QACdC,IAAM,EAAA,uCAAA;QACNC,MAAQ,EAAA,yCAAA;QACRC,IAAM,EAAA,yCAAA;QACNC,MAAQ,EAAA;AACV,KAAA;AAEA,IAAA,MAAMC,6BAAgC,GAAA,OAAOC,OAASC,EAAAA,MAAAA,EAAQC,KAAOC,EAAAA,EAAAA,GAAAA;QACnE,MAAMC,GAAAA,GAAM,MAAMC,MAAOC,CAAAA,OAAO,CAAC,0CAA4CC,CAAAA,CAAAA,OAAO,CAACJ,EAAAA,EAAID,KAAO,EAAA;YAC9FM,QAAU,EAAA;gBAAC,CAAC,EAAEjB,oBAAqB,CAAA,MAAM;AAAE;AAC/C,SAAA,CAAA;QAEE,IAAId,CAAAA,CAAEgC,KAAK,CAACL,GAAM,CAAA,EAAA;AAChB,YAAA,MAAM,IAAIpB,aAAAA,EAAAA;AACX;AAED,QAAA,MAAM0B,KAAKL,MACRC,CAAAA,OAAO,CAAC,mBAAA,CAAA,CACRK,wBAAwB,CAAC;AAAEX,YAAAA,OAAAA;AAASC,YAAAA,MAAAA;AAAQC,YAAAA;AAAO,SAAA,CAAA;QAEtD,IAAIQ,EAAAA,CAAGV,OAAO,CAACY,MAAM,CAACF,EAAGT,CAAAA,MAAM,EAAES,EAAAA,CAAGG,SAAS,CAACT,GAAO,CAAA,CAAA,EAAA;AACnD,YAAA,MAAM,IAAInB,cAAAA,EAAAA;AACX;QAED,MAAM6B,sBAAAA,GAAyBrC,EAAEsC,IAAI,CAACX,KAAK,CAAC,EAAEb,oBAAqB,CAAA,MAAM,CAAC,CAAA;QAE1E,OAAO;AAAEmB,YAAAA,EAAAA;YAAIN,GAAKU,EAAAA;;AACpB,KAAA;IAEAE,kBAAiB,GAAA;AACjB;;;OAIE,MAAMpB,QAAOqB,GAAG,EAAA;AACd,YAAA,MAAM,EAAEC,IAAI,EAAE,GAAGD,IAAIE,OAAO;YAC5B,MAAM,EAAEC,MAAMC,KAAK,EAAEC,WAAW,EAAE,GAAGL,IAAIM,KAAK;AAE9C,YAAA,MAAM,EAAEC,KAAK,EAAEC,QAAQ,EAAE,GAAGP,IAAAA;AAE5B,YAAA,MAAMR,KAAKL,MAAOC,CAAAA,OAAO,CAAC,mBAAA,CAAA,CAAqBK,wBAAwB,CAAC;gBACtEX,OAASsB,EAAAA,WAAAA;AACTrB,gBAAAA,MAAAA,EAAQP,QAAQE,MAAM;gBACtBM,KAAOT,EAAAA;AACb,aAAA,CAAA;YAEI,IAAI,CAACiB,EAAGgB,CAAAA,SAAS,EAAE;AACjB,gBAAA,OAAOT,IAAIU,SAAS,EAAA;AACrB;AAED,YAAA,MAAMC,aAAgB,GAAA,MAAMlB,EAAGmB,CAAAA,qBAAqB,CAACX,IAAM,EAAA;gBAAEY,OAASrC,EAAAA;AAAS,aAAA,CAAA;AAE/E,YAAA,MAAMsC,QAAW,GAAA,MAAM1B,MACpB2B,CAAAA,KAAK,CAAC;gBAAEC,IAAM,EAAA,QAAA;gBAAUC,IAAM,EAAA,mBAAA;gBAAqBC,GAAK,EAAA;eACxDC,GAAG,EAAA;AAEN,YAAA,MAAMjD,sBAAuB8B,CAAAA,GAAAA,CAAIE,OAAO,CAACD,IAAI,CAAA;YAE7C,MAAMmB,oBAAAA,GAAuB,MAAMhC,MAAOiC,CAAAA,EAAE,CACzCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;gBAAEiC,KAAO,EAAA;AAAEf,oBAAAA;AAAQ;AAAI,aAAA,CAAA;AAElC,YAAA,IAAIY,oBAAsB,EAAA;AACxB,gBAAA,MAAM,IAAIvD,gBAAiB,CAAA,wBAAA,CAAA;AAC5B;YAED,IAAIiD,QAAAA,CAASU,YAAY,EAAE;gBACzB,MAAMC,iBAAAA,GAAoB,MAAMrC,MAAOiC,CAAAA,EAAE,CACtCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;AAAEhB,wBAAAA,KAAAA,EAAOA,MAAMmB,WAAW;AAAI;AAAA,iBAAA,CAAA;AAElD,gBAAA,IAAID,iBAAmB,EAAA;AACrB,oBAAA,MAAM,IAAI5D,gBAAiB,CAAA,qBAAA,CAAA;AAC5B;AACF;AAED,YAAA,MAAMsC,IAAO,GAAA;AACX,gBAAA,GAAGQ,aAAa;gBAChBgB,QAAU,EAAA,OAAA;gBACV,CAACrD,oBAAAA,GAAuB8B,KAAAA,CAAMlB,EAAE;gBAChC,CAACb,oBAAAA,GAAuB+B,KAAAA,CAAMlB;AACpC,aAAA;AAEIiB,YAAAA,IAAAA,CAAKI,KAAK,GAAG/C,CAAAA,CAAEoE,OAAO,CAACzB,KAAKI,KAAK,CAAA;YAEjC,IAAI;gBACF,MAAMsB,IAAAA,GAAO,MAAMzC,MAChBC,CAAAA,OAAO,CAAC,0CACRV,CAAAA,CAAAA,MAAM,CAACH,SAAW,EAAA;oBAAEqD,IAAM1B,EAAAA;AAAM,iBAAA,CAAA;AAEnC,gBAAA,MAAM2B,aAAgB,GAAA,MAAMrC,EAAGsC,CAAAA,cAAc,CAACF,IAAM,EAAA;AAAE7C,oBAAAA,MAAAA,EAAQP,QAAQC;AAAI,iBAAA,CAAA;AAE1EsB,gBAAAA,GAAAA,CAAIgC,OAAO,CAACF,aAAAA,CAAAA;AACb,aAAA,CAAC,OAAOG,KAAO,EAAA;gBACd,MAAM,IAAIpE,gBAAiBoE,CAAAA,KAAAA,CAAMC,OAAO,CAAA;AACzC;AACF,SAAA;AACH;;;OAKE,MAAMC,QAAOnC,GAAG,EAAA;AACd,YAAA,MAAM,EAAEd,EAAIkD,EAAAA,UAAU,EAAE,GAAGpC,IAAIqC,MAAM;AACrC,YAAA,MAAM,EAAEpC,IAAI,EAAE,GAAGD,IAAIE,OAAO;YAC5B,MAAM,EAAEC,MAAMC,KAAK,EAAEC,WAAW,EAAE,GAAGL,IAAIM,KAAK;AAE9C,YAAA,MAAMgC,eAAkB,GAAA,MAAMlD,MAC3B2B,CAAAA,KAAK,CAAC;gBAAEC,IAAM,EAAA,QAAA;gBAAUC,IAAM,EAAA,mBAAA;gBAAqBC,GAAK,EAAA;eACxDC,GAAG,EAAA;AAEN,YAAA,MAAM,EAAEZ,KAAK,EAAEC,QAAQ,EAAE+B,QAAQ,EAAE,GAAGtC,IAAAA;AAEtC,YAAA,MAAM,EAAER,EAAE,EAAEN,GAAG,EAAE,GAAG,MAAML,6BAAAA,CACxBuB,WACA5B,EAAAA,OAAAA,CAAQG,IAAI,EACZJ,SACA4D,EAAAA,UAAAA,CAAAA;AAGF,YAAA,MAAMjC,IAAOhB,GAAAA,GAAAA;AAEb,YAAA,MAAMhB,sBAAuB6B,CAAAA,GAAAA,CAAIE,OAAO,CAACD,IAAI,CAAA;YAE7C,IAAIzC,CAAAA,CAAEgF,GAAG,CAACvC,IAAM,EAAA,UAAA,CAAA,IAAe,CAACsC,QAAYpC,IAAAA,IAAAA,CAAKwB,QAAQ,KAAK,OAAS,EAAA;AACrE,gBAAA,MAAM,IAAI7D,eAAgB,CAAA,kBAAA,CAAA;AAC3B;AAED,YAAA,IAAIN,CAAEgF,CAAAA,GAAG,CAACvC,IAAAA,EAAM,UAAa,CAAA,EAAA;gBAC3B,MAAMmB,oBAAAA,GAAuB,MAAMhC,MAAOiC,CAAAA,EAAE,CACzCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;AAAEf,wBAAAA;AAAQ;AAAI,iBAAA,CAAA;AAElC,gBAAA,IAAIY,oBAAwB5D,IAAAA,CAAAA,CAAEiF,QAAQ,CAACrB,oBAAqBlC,CAAAA,EAAE,CAAM1B,KAAAA,CAAAA,CAAEiF,QAAQ,CAACtC,IAAKjB,CAAAA,EAAE,CAAG,EAAA;AACvF,oBAAA,MAAM,IAAIrB,gBAAiB,CAAA,wBAAA,CAAA;AAC5B;AACF;AAED,YAAA,IAAIL,EAAEgF,GAAG,CAACvC,MAAM,OAAYqC,CAAAA,IAAAA,eAAAA,CAAgBd,YAAY,EAAE;gBACxD,MAAMC,iBAAAA,GAAoB,MAAMrC,MAAOiC,CAAAA,EAAE,CACtCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;wBAAEhB,KAAO/C,EAAAA,CAAAA,CAAEoE,OAAO,CAACrB,KAAAA;AAAQ;AAAA,iBAAA,CAAA;AAE/C,gBAAA,IAAIkB,iBAAqBjE,IAAAA,CAAAA,CAAEiF,QAAQ,CAAChB,iBAAkBvC,CAAAA,EAAE,CAAM1B,KAAAA,CAAAA,CAAEiF,QAAQ,CAACtC,IAAKjB,CAAAA,EAAE,CAAG,EAAA;AACjF,oBAAA,MAAM,IAAIrB,gBAAiB,CAAA,qBAAA,CAAA;AAC5B;AAEDoC,gBAAAA,IAAAA,CAAKM,KAAK,GAAG/C,CAAAA,CAAEoE,OAAO,CAAC3B,KAAKM,KAAK,CAAA;AAClC;AAED,YAAA,MAAMuB,aAAgB,GAAA,MAAMrC,EAAGmB,CAAAA,qBAAqB,CAACX,IAAM,EAAA;gBAAEY,OAASpB,EAAAA,EAAAA,CAAGG,SAAS,CAACO,IAAAA;AAAO,aAAA,CAAA;YAC1F,MAAMuC,UAAAA,GAAalF,CAAEsC,CAAAA,IAAI,CAAC;AAAE,gBAAA,GAAGgC,aAAa;AAAEa,gBAAAA,SAAAA,EAAWvC,MAAMlB;aAAM,EAAA,WAAA,CAAA;YAErE,MAAM2C,IAAAA,GAAO,MAAMzC,MAChBC,CAAAA,OAAO,CAAC,0CACR8C,CAAAA,CAAAA,MAAM,CAACC,UAAAA,EAAY5D,SAAW,EAAA;gBAC7BqD,IAAMa,EAAAA;AACd,aAAA,CAAA;AAEI1C,YAAAA,GAAAA,CAAIC,IAAI,GAAG,MAAMR,EAAGsC,CAAAA,cAAc,CAACF,IAAM,EAAA;AAAE7C,gBAAAA,MAAAA,EAAQP,QAAQC;AAAI,aAAA,CAAA;AAChE;AACH,KAAA;;;;;;"}
1
+ {"version":3,"file":"content-manager-user.mjs","sources":["../../../server/controllers/content-manager-user.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { contentTypes: contentTypesUtils } = require('@strapi/utils');\nconst { ApplicationError, NotFoundError, ForbiddenError } = require('@strapi/utils').errors;\nconst { validateCreateUserBody, validateUpdateUserBody } = require('./validation/user');\n\nconst { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;\n\nconst userModel = 'plugin::users-permissions.user';\nconst ACTIONS = {\n read: 'plugin::content-manager.explorer.read',\n create: 'plugin::content-manager.explorer.create',\n edit: 'plugin::content-manager.explorer.update',\n delete: 'plugin::content-manager.explorer.delete',\n};\n\nconst findEntityAndCheckPermissions = async (ability, action, model, id) => {\n const doc = await strapi.service('plugin::content-manager.document-manager').findOne(id, model, {\n populate: [`${CREATED_BY_ATTRIBUTE}.roles`],\n });\n\n if (_.isNil(doc)) {\n throw new NotFoundError();\n }\n\n const pm = strapi\n .service('admin::permission')\n .createPermissionsManager({ ability, action, model });\n\n if (pm.ability.cannot(pm.action, pm.toSubject(doc))) {\n throw new ForbiddenError();\n }\n\n const docWithoutCreatorRoles = _.omit(doc, `${CREATED_BY_ATTRIBUTE}.roles`);\n\n return { pm, doc: docWithoutCreatorRoles };\n};\n\nmodule.exports = {\n /**\n * Create a/an user record.\n * @return {Object}\n */\n async create(ctx) {\n const { body } = ctx.request;\n const { user: admin, userAbility } = ctx.state;\n\n const { email, username } = body;\n\n const pm = strapi.service('admin::permission').createPermissionsManager({\n ability: userAbility,\n action: ACTIONS.create,\n model: userModel,\n });\n\n if (!pm.isAllowed) {\n return ctx.forbidden();\n }\n\n const sanitizedBody = await pm.pickPermittedFieldsOf(body, { subject: userModel });\n\n const advanced = await strapi\n .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })\n .get();\n\n await validateCreateUserBody(ctx.request.body);\n\n const userWithSameUsername = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n\n if (userWithSameUsername) {\n throw new ApplicationError('Username already taken');\n }\n\n if (advanced.unique_email) {\n const userWithSameEmail = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { email: email.toLowerCase() } });\n\n if (userWithSameEmail) {\n throw new ApplicationError('Email already taken');\n }\n }\n\n const user = {\n ...sanitizedBody,\n provider: 'local',\n [CREATED_BY_ATTRIBUTE]: admin.id,\n [UPDATED_BY_ATTRIBUTE]: admin.id,\n };\n\n user.email = _.toLower(user.email);\n\n try {\n const data = await strapi\n .service('plugin::content-manager.document-manager')\n .create(userModel, { data: user });\n\n const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });\n\n ctx.created(sanitizedData);\n } catch (error) {\n throw new ApplicationError(error.message);\n }\n },\n /**\n * Update a/an user record.\n * @return {Object}\n */\n\n async update(ctx) {\n const { id: documentId } = ctx.params;\n const { body } = ctx.request;\n const { user: admin, userAbility } = ctx.state;\n\n const advancedConfigs = await strapi\n .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })\n .get();\n\n const { email, username, password } = body;\n\n const { pm, doc } = await findEntityAndCheckPermissions(\n userAbility,\n ACTIONS.edit,\n userModel,\n documentId\n );\n\n const user = doc;\n\n await validateUpdateUserBody(ctx.request.body);\n\n if (_.has(body, 'password') && (password == null || password === '')) {\n delete body.password;\n }\n\n if (_.has(body, 'username')) {\n const userWithSameUsername = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n\n if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(user.id)) {\n throw new ApplicationError('Username already taken');\n }\n }\n\n if (_.has(body, 'email') && advancedConfigs.unique_email) {\n const userWithSameEmail = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { email: _.toLower(email) } });\n\n if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(user.id)) {\n throw new ApplicationError('Email already taken');\n }\n\n body.email = _.toLower(body.email);\n }\n\n const sanitizedData = await pm.pickPermittedFieldsOf(body, { subject: pm.toSubject(user) });\n const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');\n\n const data = await strapi\n .service('plugin::content-manager.document-manager')\n .update(documentId, userModel, {\n data: updateData,\n });\n\n ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });\n },\n};\n"],"names":["_","require$$0","contentTypes","contentTypesUtils","require$$1","ApplicationError","NotFoundError","ForbiddenError","errors","validateCreateUserBody","validateUpdateUserBody","require$$2","UPDATED_BY_ATTRIBUTE","CREATED_BY_ATTRIBUTE","constants","userModel","ACTIONS","read","create","edit","delete","findEntityAndCheckPermissions","ability","action","model","id","doc","strapi","service","findOne","populate","isNil","pm","createPermissionsManager","cannot","toSubject","docWithoutCreatorRoles","omit","contentManagerUser","ctx","body","request","user","admin","userAbility","state","email","username","isAllowed","forbidden","sanitizedBody","pickPermittedFieldsOf","subject","advanced","store","type","name","key","get","userWithSameUsername","db","query","where","unique_email","userWithSameEmail","toLowerCase","provider","toLower","data","sanitizedData","sanitizeOutput","created","error","message","update","documentId","params","advancedConfigs","password","has","toString","updateData","updatedBy"],"mappings":";;;;;;;;;AAEA,IAAA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAM,EAAEC,YAAAA,EAAcC,iBAAiB,EAAE,GAAGC,UAAAA;IAC5C,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAEC,cAAc,EAAE,GAAGH,UAAAA,CAAyBI,MAAM;AAC3F,IAAA,MAAM,EAAEC,sBAAsB,EAAEC,sBAAsB,EAAE,GAAGC,WAAAA,EAAAA;AAE3D,IAAA,MAAM,EAAEC,oBAAoB,EAAEC,oBAAoB,EAAE,GAAGV,kBAAkBW,SAAS;AAElF,IAAA,MAAMC,SAAY,GAAA,gCAAA;AAClB,IAAA,MAAMC,OAAU,GAAA;QACdC,IAAM,EAAA,uCAAA;QACNC,MAAQ,EAAA,yCAAA;QACRC,IAAM,EAAA,yCAAA;QACNC,MAAQ,EAAA;AACV,KAAA;AAEA,IAAA,MAAMC,6BAAgC,GAAA,OAAOC,OAASC,EAAAA,MAAAA,EAAQC,KAAOC,EAAAA,EAAAA,GAAAA;QACnE,MAAMC,GAAAA,GAAM,MAAMC,MAAOC,CAAAA,OAAO,CAAC,0CAA4CC,CAAAA,CAAAA,OAAO,CAACJ,EAAAA,EAAID,KAAO,EAAA;YAC9FM,QAAU,EAAA;gBAAC,CAAC,EAAEjB,oBAAqB,CAAA,MAAM;AAAE;AAC/C,SAAA,CAAA;QAEE,IAAIb,CAAAA,CAAE+B,KAAK,CAACL,GAAM,CAAA,EAAA;AAChB,YAAA,MAAM,IAAIpB,aAAAA,EAAAA;AACX;AAED,QAAA,MAAM0B,KAAKL,MACRC,CAAAA,OAAO,CAAC,mBAAA,CAAA,CACRK,wBAAwB,CAAC;AAAEX,YAAAA,OAAAA;AAASC,YAAAA,MAAAA;AAAQC,YAAAA;AAAO,SAAA,CAAA;QAEtD,IAAIQ,EAAAA,CAAGV,OAAO,CAACY,MAAM,CAACF,EAAGT,CAAAA,MAAM,EAAES,EAAAA,CAAGG,SAAS,CAACT,GAAO,CAAA,CAAA,EAAA;AACnD,YAAA,MAAM,IAAInB,cAAAA,EAAAA;AACX;QAED,MAAM6B,sBAAAA,GAAyBpC,EAAEqC,IAAI,CAACX,KAAK,CAAC,EAAEb,oBAAqB,CAAA,MAAM,CAAC,CAAA;QAE1E,OAAO;AAAEmB,YAAAA,EAAAA;YAAIN,GAAKU,EAAAA;;AACpB,KAAA;IAEAE,kBAAiB,GAAA;AACjB;;;OAIE,MAAMpB,QAAOqB,GAAG,EAAA;AACd,YAAA,MAAM,EAAEC,IAAI,EAAE,GAAGD,IAAIE,OAAO;YAC5B,MAAM,EAAEC,MAAMC,KAAK,EAAEC,WAAW,EAAE,GAAGL,IAAIM,KAAK;AAE9C,YAAA,MAAM,EAAEC,KAAK,EAAEC,QAAQ,EAAE,GAAGP,IAAAA;AAE5B,YAAA,MAAMR,KAAKL,MAAOC,CAAAA,OAAO,CAAC,mBAAA,CAAA,CAAqBK,wBAAwB,CAAC;gBACtEX,OAASsB,EAAAA,WAAAA;AACTrB,gBAAAA,MAAAA,EAAQP,QAAQE,MAAM;gBACtBM,KAAOT,EAAAA;AACb,aAAA,CAAA;YAEI,IAAI,CAACiB,EAAGgB,CAAAA,SAAS,EAAE;AACjB,gBAAA,OAAOT,IAAIU,SAAS,EAAA;AACrB;AAED,YAAA,MAAMC,aAAgB,GAAA,MAAMlB,EAAGmB,CAAAA,qBAAqB,CAACX,IAAM,EAAA;gBAAEY,OAASrC,EAAAA;AAAS,aAAA,CAAA;AAE/E,YAAA,MAAMsC,QAAW,GAAA,MAAM1B,MACpB2B,CAAAA,KAAK,CAAC;gBAAEC,IAAM,EAAA,QAAA;gBAAUC,IAAM,EAAA,mBAAA;gBAAqBC,GAAK,EAAA;eACxDC,GAAG,EAAA;AAEN,YAAA,MAAMjD,sBAAuB8B,CAAAA,GAAAA,CAAIE,OAAO,CAACD,IAAI,CAAA;YAE7C,MAAMmB,oBAAAA,GAAuB,MAAMhC,MAAOiC,CAAAA,EAAE,CACzCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;gBAAEiC,KAAO,EAAA;AAAEf,oBAAAA;AAAQ;AAAI,aAAA,CAAA;AAElC,YAAA,IAAIY,oBAAsB,EAAA;AACxB,gBAAA,MAAM,IAAItD,gBAAiB,CAAA,wBAAA,CAAA;AAC5B;YAED,IAAIgD,QAAAA,CAASU,YAAY,EAAE;gBACzB,MAAMC,iBAAAA,GAAoB,MAAMrC,MAAOiC,CAAAA,EAAE,CACtCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;AAAEhB,wBAAAA,KAAAA,EAAOA,MAAMmB,WAAW;AAAI;AAAA,iBAAA,CAAA;AAElD,gBAAA,IAAID,iBAAmB,EAAA;AACrB,oBAAA,MAAM,IAAI3D,gBAAiB,CAAA,qBAAA,CAAA;AAC5B;AACF;AAED,YAAA,MAAMqC,IAAO,GAAA;AACX,gBAAA,GAAGQ,aAAa;gBAChBgB,QAAU,EAAA,OAAA;gBACV,CAACrD,oBAAAA,GAAuB8B,KAAAA,CAAMlB,EAAE;gBAChC,CAACb,oBAAAA,GAAuB+B,KAAAA,CAAMlB;AACpC,aAAA;AAEIiB,YAAAA,IAAAA,CAAKI,KAAK,GAAG9C,CAAAA,CAAEmE,OAAO,CAACzB,KAAKI,KAAK,CAAA;YAEjC,IAAI;gBACF,MAAMsB,IAAAA,GAAO,MAAMzC,MAChBC,CAAAA,OAAO,CAAC,0CACRV,CAAAA,CAAAA,MAAM,CAACH,SAAW,EAAA;oBAAEqD,IAAM1B,EAAAA;AAAM,iBAAA,CAAA;AAEnC,gBAAA,MAAM2B,aAAgB,GAAA,MAAMrC,EAAGsC,CAAAA,cAAc,CAACF,IAAM,EAAA;AAAE7C,oBAAAA,MAAAA,EAAQP,QAAQC;AAAI,iBAAA,CAAA;AAE1EsB,gBAAAA,GAAAA,CAAIgC,OAAO,CAACF,aAAAA,CAAAA;AACb,aAAA,CAAC,OAAOG,KAAO,EAAA;gBACd,MAAM,IAAInE,gBAAiBmE,CAAAA,KAAAA,CAAMC,OAAO,CAAA;AACzC;AACF,SAAA;AACH;;;OAKE,MAAMC,QAAOnC,GAAG,EAAA;AACd,YAAA,MAAM,EAAEd,EAAIkD,EAAAA,UAAU,EAAE,GAAGpC,IAAIqC,MAAM;AACrC,YAAA,MAAM,EAAEpC,IAAI,EAAE,GAAGD,IAAIE,OAAO;YAC5B,MAAM,EAAEC,MAAMC,KAAK,EAAEC,WAAW,EAAE,GAAGL,IAAIM,KAAK;AAE9C,YAAA,MAAMgC,eAAkB,GAAA,MAAMlD,MAC3B2B,CAAAA,KAAK,CAAC;gBAAEC,IAAM,EAAA,QAAA;gBAAUC,IAAM,EAAA,mBAAA;gBAAqBC,GAAK,EAAA;eACxDC,GAAG,EAAA;AAEN,YAAA,MAAM,EAAEZ,KAAK,EAAEC,QAAQ,EAAE+B,QAAQ,EAAE,GAAGtC,IAAAA;AAEtC,YAAA,MAAM,EAAER,EAAE,EAAEN,GAAG,EAAE,GAAG,MAAML,6BAAAA,CACxBuB,WACA5B,EAAAA,OAAAA,CAAQG,IAAI,EACZJ,SACA4D,EAAAA,UAAAA,CAAAA;AAGF,YAAA,MAAMjC,IAAOhB,GAAAA,GAAAA;AAEb,YAAA,MAAMhB,sBAAuB6B,CAAAA,GAAAA,CAAIE,OAAO,CAACD,IAAI,CAAA;YAE7C,IAAIxC,CAAAA,CAAE+E,GAAG,CAACvC,IAAM,EAAA,UAAA,CAAA,KAAgBsC,QAAY,IAAA,IAAA,IAAQA,QAAa,KAAA,EAAA,CAAK,EAAA;AACpE,gBAAA,OAAOtC,KAAKsC,QAAQ;AACrB;AAED,YAAA,IAAI9E,CAAE+E,CAAAA,GAAG,CAACvC,IAAAA,EAAM,UAAa,CAAA,EAAA;gBAC3B,MAAMmB,oBAAAA,GAAuB,MAAMhC,MAAOiC,CAAAA,EAAE,CACzCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;AAAEf,wBAAAA;AAAQ;AAAI,iBAAA,CAAA;AAElC,gBAAA,IAAIY,oBAAwB3D,IAAAA,CAAAA,CAAEgF,QAAQ,CAACrB,oBAAqBlC,CAAAA,EAAE,CAAMzB,KAAAA,CAAAA,CAAEgF,QAAQ,CAACtC,IAAKjB,CAAAA,EAAE,CAAG,EAAA;AACvF,oBAAA,MAAM,IAAIpB,gBAAiB,CAAA,wBAAA,CAAA;AAC5B;AACF;AAED,YAAA,IAAIL,EAAE+E,GAAG,CAACvC,MAAM,OAAYqC,CAAAA,IAAAA,eAAAA,CAAgBd,YAAY,EAAE;gBACxD,MAAMC,iBAAAA,GAAoB,MAAMrC,MAAOiC,CAAAA,EAAE,CACtCC,KAAK,CAAC,gCACNhC,CAAAA,CAAAA,OAAO,CAAC;oBAAEiC,KAAO,EAAA;wBAAEhB,KAAO9C,EAAAA,CAAAA,CAAEmE,OAAO,CAACrB,KAAAA;AAAQ;AAAA,iBAAA,CAAA;AAE/C,gBAAA,IAAIkB,iBAAqBhE,IAAAA,CAAAA,CAAEgF,QAAQ,CAAChB,iBAAkBvC,CAAAA,EAAE,CAAMzB,KAAAA,CAAAA,CAAEgF,QAAQ,CAACtC,IAAKjB,CAAAA,EAAE,CAAG,EAAA;AACjF,oBAAA,MAAM,IAAIpB,gBAAiB,CAAA,qBAAA,CAAA;AAC5B;AAEDmC,gBAAAA,IAAAA,CAAKM,KAAK,GAAG9C,CAAAA,CAAEmE,OAAO,CAAC3B,KAAKM,KAAK,CAAA;AAClC;AAED,YAAA,MAAMuB,aAAgB,GAAA,MAAMrC,EAAGmB,CAAAA,qBAAqB,CAACX,IAAM,EAAA;gBAAEY,OAASpB,EAAAA,EAAAA,CAAGG,SAAS,CAACO,IAAAA;AAAO,aAAA,CAAA;YAC1F,MAAMuC,UAAAA,GAAajF,CAAEqC,CAAAA,IAAI,CAAC;AAAE,gBAAA,GAAGgC,aAAa;AAAEa,gBAAAA,SAAAA,EAAWvC,MAAMlB;aAAM,EAAA,WAAA,CAAA;YAErE,MAAM2C,IAAAA,GAAO,MAAMzC,MAChBC,CAAAA,OAAO,CAAC,0CACR8C,CAAAA,CAAAA,MAAM,CAACC,UAAAA,EAAY5D,SAAW,EAAA;gBAC7BqD,IAAMa,EAAAA;AACd,aAAA,CAAA;AAEI1C,YAAAA,GAAAA,CAAIC,IAAI,GAAG,MAAMR,EAAGsC,CAAAA,cAAc,CAACF,IAAM,EAAA;AAAE7C,gBAAAA,MAAAA,EAAQP,QAAQC;AAAI,aAAA,CAAA;AAChE;AACH,KAAA;;;;;;"}
package/dist/server/controllers/validation/user.js CHANGED
@@ -24,7 +24,12 @@ function requireUser() {
24
24
  const updateUserBodySchema = yup.object().shape({
25
25
  email: yup.string().email().min(1),
26
26
  username: yup.string().min(1),
27
- password: yup.string().min(1),
27
+ password: yup.mixed().test('password-validation', 'Password must be at least 1 character', function validatePassword(value) {
28
+ if (value == null || value === '') {
29
+ return true;
30
+ }
31
+ return typeof value === 'string' && value.length >= 1;
32
+ }),
28
33
  role: yup.lazy((value)=>typeof value === 'object' ? yup.object().shape({
29
34
  connect: yup.array().of(yup.object().shape({
30
35
  id: yup.strapiID().required()
package/dist/server/controllers/validation/user.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.js","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n role: yup.strapiID().required(),\n});\n\nconst createUserBodySchema = yup.object().shape({\n email: yup.string().email().required(),\n username: yup.string().min(1).required(),\n password: yup.string().min(1).required(),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup\n .object()\n .shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .min(1, 'Users must have a role')\n .required(),\n })\n .required()\n : yup.strapiID().required()\n ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n email: yup.string().email().min(1),\n username: yup.string().min(1),\n password: yup.string().min(1),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup.object().shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .required(),\n disconnect: yup\n .array()\n .test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {\n if (value.connect.length === 0 && disconnectValue.length > 0) {\n return false;\n }\n\n return true;\n })\n .required(),\n })\n : yup.strapiID()\n ),\n});\n\nmodule.exports = {\n validateCreateUserBody: validateYupSchema(createUserBodySchema),\n validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","id","updateUserBodySchema","disconnect","test","disconnectValue","length","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAmBH,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAMN,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;AAEA,IAAA,MAAMC,oBAAuBT,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,GAAIW,CAAAA,MAAM,EAAGD,CAAAA,KAAK,GAAGF,QAAQ,EAAA;AACpCI,QAAAA,QAAAA,EAAUZ,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCM,QAAAA,QAAAA,EAAUd,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GACGI,CAAAA,MAAM,EACNC,CAAAA,KAAK,CAAC;gBACLY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDK,GAAG,CAAC,CAAG,EAAA,wBAAA,CAAA,CACPL,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAIO,CAAAA,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMa,oBAAuBrB,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,IAAIW,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUZ,GAAIW,CAAAA,MAAM,EAAGE,CAAAA,GAAG,CAAC,CAAA,CAAA;AAC3BC,QAAAA,QAAAA,EAAUd,GAAIW,CAAAA,MAAM,EAAGE,CAAAA,GAAG,CAAC,CAAA,CAAA;AAC3BP,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;gBACjBY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDA,QAAQ,EAAA;gBACXc,UAAYtB,EAAAA,GAAAA,CACTkB,KAAK,EACLK,CAAAA,IAAI,CAAC,iBAAmB,EAAA,oBAAA,EAAsB,SAASA,IAAAA,CAAKC,eAAe,EAAA;oBAC1E,IAAIR,KAAAA,CAAMC,OAAO,CAACQ,MAAM,KAAK,CAAKD,IAAAA,eAAAA,CAAgBC,MAAM,GAAG,CAAG,EAAA;wBAC5D,OAAO,KAAA;AACR;oBAED,OAAO,IAAA;AACrB,iBAAA,CAAA,CACajB,QAAQ;AACrB,aAAA,CAAA,GACQR,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAmB,IAAiB,GAAA;AACfC,QAAAA,sBAAAA,EAAwB1B,iBAAkBQ,CAAAA,oBAAAA,CAAAA;AAC1CmB,QAAAA,sBAAAA,EAAwB3B,iBAAkBoB,CAAAA,oBAAAA,CAAAA;AAC1CQ,QAAAA,sBAAAA,EAAwB5B,iBAAkBE,CAAAA,gBAAAA;AAC5C,KAAA;;;;;;"}
1
+ {"version":3,"file":"user.js","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n role: yup.strapiID().required(),\n});\n\nconst createUserBodySchema = yup.object().shape({\n email: yup.string().email().required(),\n username: yup.string().min(1).required(),\n password: yup.string().min(1).required(),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup\n .object()\n .shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .min(1, 'Users must have a role')\n .required(),\n })\n .required()\n : yup.strapiID().required()\n ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n email: yup.string().email().min(1),\n username: yup.string().min(1),\n password: yup\n .mixed()\n .test(\n 'password-validation',\n 'Password must be at least 1 character',\n function validatePassword(value) {\n if (value == null || value === '') {\n return true;\n }\n return typeof value === 'string' && value.length >= 1;\n }\n ),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup.object().shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .required(),\n disconnect: yup\n .array()\n .test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {\n if (value.connect.length === 0 && disconnectValue.length > 0) {\n return false;\n }\n\n return true;\n })\n .required(),\n })\n : yup.strapiID()\n ),\n});\n\nmodule.exports = {\n validateCreateUserBody: validateYupSchema(createUserBodySchema),\n validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","id","updateUserBodySchema","mixed","test","validatePassword","length","disconnect","disconnectValue","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAmBH,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAMN,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;AAEA,IAAA,MAAMC,oBAAuBT,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,GAAIW,CAAAA,MAAM,EAAGD,CAAAA,KAAK,GAAGF,QAAQ,EAAA;AACpCI,QAAAA,QAAAA,EAAUZ,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCM,QAAAA,QAAAA,EAAUd,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GACGI,CAAAA,MAAM,EACNC,CAAAA,KAAK,CAAC;gBACLY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDK,GAAG,CAAC,CAAG,EAAA,wBAAA,CAAA,CACPL,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAIO,CAAAA,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMa,oBAAuBrB,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,IAAIW,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUZ,GAAIW,CAAAA,MAAM,EAAGE,CAAAA,GAAG,CAAC,CAAA,CAAA;QAC3BC,QAAUd,EAAAA,GAAAA,CACPsB,KAAK,EACLC,CAAAA,IAAI,CACH,qBACA,EAAA,uCAAA,EACA,SAASC,gBAAAA,CAAiBR,KAAK,EAAA;YAC7B,IAAIA,KAAAA,IAAS,IAAQA,IAAAA,KAAAA,KAAU,EAAI,EAAA;gBACjC,OAAO,IAAA;AACR;AACD,YAAA,OAAO,OAAOA,KAAAA,KAAU,QAAYA,IAAAA,KAAAA,CAAMS,MAAM,IAAI,CAAA;AACrD,SAAA,CAAA;AAELnB,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;gBACjBY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDA,QAAQ,EAAA;gBACXkB,UAAY1B,EAAAA,GAAAA,CACTkB,KAAK,EACLK,CAAAA,IAAI,CAAC,iBAAmB,EAAA,oBAAA,EAAsB,SAASA,IAAAA,CAAKI,eAAe,EAAA;oBAC1E,IAAIX,KAAAA,CAAMC,OAAO,CAACQ,MAAM,KAAK,CAAKE,IAAAA,eAAAA,CAAgBF,MAAM,GAAG,CAAG,EAAA;wBAC5D,OAAO,KAAA;AACR;oBAED,OAAO,IAAA;AACrB,iBAAA,CAAA,CACajB,QAAQ;AACrB,aAAA,CAAA,GACQR,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAqB,IAAiB,GAAA;AACfC,QAAAA,sBAAAA,EAAwB5B,iBAAkBQ,CAAAA,oBAAAA,CAAAA;AAC1CqB,QAAAA,sBAAAA,EAAwB7B,iBAAkBoB,CAAAA,oBAAAA,CAAAA;AAC1CU,QAAAA,sBAAAA,EAAwB9B,iBAAkBE,CAAAA,gBAAAA;AAC5C,KAAA;;;;;;"}
package/dist/server/controllers/validation/user.mjs CHANGED
@@ -22,7 +22,12 @@ function requireUser() {
22
22
  const updateUserBodySchema = yup.object().shape({
23
23
  email: yup.string().email().min(1),
24
24
  username: yup.string().min(1),
25
- password: yup.string().min(1),
25
+ password: yup.mixed().test('password-validation', 'Password must be at least 1 character', function validatePassword(value) {
26
+ if (value == null || value === '') {
27
+ return true;
28
+ }
29
+ return typeof value === 'string' && value.length >= 1;
30
+ }),
26
31
  role: yup.lazy((value)=>typeof value === 'object' ? yup.object().shape({
27
32
  connect: yup.array().of(yup.object().shape({
28
33
  id: yup.strapiID().required()
package/dist/server/controllers/validation/user.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.mjs","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n role: yup.strapiID().required(),\n});\n\nconst createUserBodySchema = yup.object().shape({\n email: yup.string().email().required(),\n username: yup.string().min(1).required(),\n password: yup.string().min(1).required(),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup\n .object()\n .shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .min(1, 'Users must have a role')\n .required(),\n })\n .required()\n : yup.strapiID().required()\n ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n email: yup.string().email().min(1),\n username: yup.string().min(1),\n password: yup.string().min(1),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup.object().shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .required(),\n disconnect: yup\n .array()\n .test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {\n if (value.connect.length === 0 && disconnectValue.length > 0) {\n return false;\n }\n\n return true;\n })\n .required(),\n })\n : yup.strapiID()\n ),\n});\n\nmodule.exports = {\n validateCreateUserBody: validateYupSchema(createUserBodySchema),\n validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","id","updateUserBodySchema","disconnect","test","disconnectValue","length","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAmBH,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAMN,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;AAEA,IAAA,MAAMC,oBAAuBT,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,GAAIW,CAAAA,MAAM,EAAGD,CAAAA,KAAK,GAAGF,QAAQ,EAAA;AACpCI,QAAAA,QAAAA,EAAUZ,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCM,QAAAA,QAAAA,EAAUd,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GACGI,CAAAA,MAAM,EACNC,CAAAA,KAAK,CAAC;gBACLY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDK,GAAG,CAAC,CAAG,EAAA,wBAAA,CAAA,CACPL,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAIO,CAAAA,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMa,oBAAuBrB,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,IAAIW,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUZ,GAAIW,CAAAA,MAAM,EAAGE,CAAAA,GAAG,CAAC,CAAA,CAAA;AAC3BC,QAAAA,QAAAA,EAAUd,GAAIW,CAAAA,MAAM,EAAGE,CAAAA,GAAG,CAAC,CAAA,CAAA;AAC3BP,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;gBACjBY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDA,QAAQ,EAAA;gBACXc,UAAYtB,EAAAA,GAAAA,CACTkB,KAAK,EACLK,CAAAA,IAAI,CAAC,iBAAmB,EAAA,oBAAA,EAAsB,SAASA,IAAAA,CAAKC,eAAe,EAAA;oBAC1E,IAAIR,KAAAA,CAAMC,OAAO,CAACQ,MAAM,KAAK,CAAKD,IAAAA,eAAAA,CAAgBC,MAAM,GAAG,CAAG,EAAA;wBAC5D,OAAO,KAAA;AACR;oBAED,OAAO,IAAA;AACrB,iBAAA,CAAA,CACajB,QAAQ;AACrB,aAAA,CAAA,GACQR,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAmB,IAAiB,GAAA;AACfC,QAAAA,sBAAAA,EAAwB1B,iBAAkBQ,CAAAA,oBAAAA,CAAAA;AAC1CmB,QAAAA,sBAAAA,EAAwB3B,iBAAkBoB,CAAAA,oBAAAA,CAAAA;AAC1CQ,QAAAA,sBAAAA,EAAwB5B,iBAAkBE,CAAAA,gBAAAA;AAC5C,KAAA;;;;;;"}
1
+ {"version":3,"file":"user.mjs","sources":["../../../../server/controllers/validation/user.js"],"sourcesContent":["'use strict';\n\nconst { yup, validateYupSchema } = require('@strapi/utils');\n\nconst deleteRoleSchema = yup.object().shape({\n role: yup.strapiID().required(),\n});\n\nconst createUserBodySchema = yup.object().shape({\n email: yup.string().email().required(),\n username: yup.string().min(1).required(),\n password: yup.string().min(1).required(),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup\n .object()\n .shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .min(1, 'Users must have a role')\n .required(),\n })\n .required()\n : yup.strapiID().required()\n ),\n});\n\nconst updateUserBodySchema = yup.object().shape({\n email: yup.string().email().min(1),\n username: yup.string().min(1),\n password: yup\n .mixed()\n .test(\n 'password-validation',\n 'Password must be at least 1 character',\n function validatePassword(value) {\n if (value == null || value === '') {\n return true;\n }\n return typeof value === 'string' && value.length >= 1;\n }\n ),\n role: yup.lazy((value) =>\n typeof value === 'object'\n ? yup.object().shape({\n connect: yup\n .array()\n .of(yup.object().shape({ id: yup.strapiID().required() }))\n .required(),\n disconnect: yup\n .array()\n .test('CheckDisconnect', 'Cannot remove role', function test(disconnectValue) {\n if (value.connect.length === 0 && disconnectValue.length > 0) {\n return false;\n }\n\n return true;\n })\n .required(),\n })\n : yup.strapiID()\n ),\n});\n\nmodule.exports = {\n validateCreateUserBody: validateYupSchema(createUserBodySchema),\n validateUpdateUserBody: validateYupSchema(updateUserBodySchema),\n validateDeleteRoleBody: validateYupSchema(deleteRoleSchema),\n};\n"],"names":["yup","validateYupSchema","require$$0","deleteRoleSchema","object","shape","role","strapiID","required","createUserBodySchema","email","string","username","min","password","lazy","value","connect","array","of","id","updateUserBodySchema","mixed","test","validatePassword","length","disconnect","disconnectValue","user","validateCreateUserBody","validateUpdateUserBody","validateDeleteRoleBody"],"mappings":";;;;;;;AAEA,IAAA,MAAM,EAAEA,GAAG,EAAEC,iBAAiB,EAAE,GAAGC,UAAAA;AAEnC,IAAA,MAAMC,gBAAmBH,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;QAC1CC,IAAMN,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAC/B,KAAA,CAAA;AAEA,IAAA,MAAMC,oBAAuBT,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,GAAIW,CAAAA,MAAM,EAAGD,CAAAA,KAAK,GAAGF,QAAQ,EAAA;AACpCI,QAAAA,QAAAA,EAAUZ,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCM,QAAAA,QAAAA,EAAUd,IAAIW,MAAM,EAAA,CAAGE,GAAG,CAAC,GAAGL,QAAQ,EAAA;AACtCF,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GACGI,CAAAA,MAAM,EACNC,CAAAA,KAAK,CAAC;gBACLY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDK,GAAG,CAAC,CAAG,EAAA,wBAAA,CAAA,CACPL,QAAQ;AACvB,aAAA,CAAA,CACWA,QAAQ,EAAA,GACXR,GAAIO,CAAAA,QAAQ,GAAGC,QAAQ,EAAA;AAE/B,KAAA,CAAA;AAEA,IAAA,MAAMa,oBAAuBrB,GAAAA,GAAAA,CAAII,MAAM,EAAA,CAAGC,KAAK,CAAC;AAC9CK,QAAAA,KAAAA,EAAOV,IAAIW,MAAM,EAAA,CAAGD,KAAK,EAAA,CAAGG,GAAG,CAAC,CAAA,CAAA;AAChCD,QAAAA,QAAAA,EAAUZ,GAAIW,CAAAA,MAAM,EAAGE,CAAAA,GAAG,CAAC,CAAA,CAAA;QAC3BC,QAAUd,EAAAA,GAAAA,CACPsB,KAAK,EACLC,CAAAA,IAAI,CACH,qBACA,EAAA,uCAAA,EACA,SAASC,gBAAAA,CAAiBR,KAAK,EAAA;YAC7B,IAAIA,KAAAA,IAAS,IAAQA,IAAAA,KAAAA,KAAU,EAAI,EAAA;gBACjC,OAAO,IAAA;AACR;AACD,YAAA,OAAO,OAAOA,KAAAA,KAAU,QAAYA,IAAAA,KAAAA,CAAMS,MAAM,IAAI,CAAA;AACrD,SAAA,CAAA;AAELnB,QAAAA,IAAAA,EAAMN,GAAIe,CAAAA,IAAI,CAAC,CAACC,KACd,GAAA,OAAOA,KAAU,KAAA,QAAA,GACbhB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;gBACjBY,OAASjB,EAAAA,GAAAA,CACNkB,KAAK,EACLC,CAAAA,EAAE,CAACnB,GAAII,CAAAA,MAAM,EAAGC,CAAAA,KAAK,CAAC;oBAAEe,EAAIpB,EAAAA,GAAAA,CAAIO,QAAQ,EAAA,CAAGC,QAAQ;AAAI,iBAAA,CAAA,CAAA,CACvDA,QAAQ,EAAA;gBACXkB,UAAY1B,EAAAA,GAAAA,CACTkB,KAAK,EACLK,CAAAA,IAAI,CAAC,iBAAmB,EAAA,oBAAA,EAAsB,SAASA,IAAAA,CAAKI,eAAe,EAAA;oBAC1E,IAAIX,KAAAA,CAAMC,OAAO,CAACQ,MAAM,KAAK,CAAKE,IAAAA,eAAAA,CAAgBF,MAAM,GAAG,CAAG,EAAA;wBAC5D,OAAO,KAAA;AACR;oBAED,OAAO,IAAA;AACrB,iBAAA,CAAA,CACajB,QAAQ;AACrB,aAAA,CAAA,GACQR,IAAIO,QAAQ,EAAA;AAEpB,KAAA,CAAA;IAEAqB,IAAiB,GAAA;AACfC,QAAAA,sBAAAA,EAAwB5B,iBAAkBQ,CAAAA,oBAAAA,CAAAA;AAC1CqB,QAAAA,sBAAAA,EAAwB7B,iBAAkBoB,CAAAA,oBAAAA,CAAAA;AAC1CU,QAAAA,sBAAAA,EAAwB9B,iBAAkBE,CAAAA,gBAAAA;AAC5C,KAAA;;;;;;"}
package/dist/server/routes/content-api/auth.js CHANGED
@@ -1,102 +1,150 @@
1
1
  'use strict';
2
2
 
3
+ var validation = require('./validation.js');
4
+
3
5
  var auth;
4
6
  var hasRequiredAuth;
5
7
  function requireAuth() {
6
8
  if (hasRequiredAuth) return auth;
7
9
  hasRequiredAuth = 1;
8
- auth = [
9
- {
10
- method: 'GET',
11
- path: '/connect/(.*)',
12
- handler: 'auth.connect',
13
- config: {
14
- middlewares: [
15
- 'plugin::users-permissions.rateLimit'
16
- ],
17
- prefix: ''
18
- }
19
- },
20
- {
21
- method: 'POST',
22
- path: '/auth/local',
23
- handler: 'auth.callback',
24
- config: {
25
- middlewares: [
26
- 'plugin::users-permissions.rateLimit'
27
- ],
28
- prefix: ''
29
- }
30
- },
31
- {
32
- method: 'POST',
33
- path: '/auth/local/register',
34
- handler: 'auth.register',
35
- config: {
36
- middlewares: [
37
- 'plugin::users-permissions.rateLimit'
38
- ],
39
- prefix: ''
40
- }
41
- },
42
- {
43
- method: 'GET',
44
- path: '/auth/:provider/callback',
45
- handler: 'auth.callback',
46
- config: {
47
- prefix: ''
48
- }
49
- },
50
- {
51
- method: 'POST',
52
- path: '/auth/forgot-password',
53
- handler: 'auth.forgotPassword',
54
- config: {
55
- middlewares: [
56
- 'plugin::users-permissions.rateLimit'
57
- ],
58
- prefix: ''
59
- }
60
- },
61
- {
62
- method: 'POST',
63
- path: '/auth/reset-password',
64
- handler: 'auth.resetPassword',
65
- config: {
66
- middlewares: [
67
- 'plugin::users-permissions.rateLimit'
68
- ],
69
- prefix: ''
70
- }
71
- },
72
- {
73
- method: 'GET',
74
- path: '/auth/email-confirmation',
75
- handler: 'auth.emailConfirmation',
76
- config: {
77
- prefix: ''
78
- }
79
- },
80
- {
81
- method: 'POST',
82
- path: '/auth/send-email-confirmation',
83
- handler: 'auth.sendEmailConfirmation',
84
- config: {
85
- prefix: ''
86
- }
87
- },
88
- {
89
- method: 'POST',
90
- path: '/auth/change-password',
91
- handler: 'auth.changePassword',
92
- config: {
93
- middlewares: [
94
- 'plugin::users-permissions.rateLimit'
95
- ],
96
- prefix: ''
10
+ const { UsersPermissionsRouteValidator } = validation.__require();
11
+ auth = (strapi)=>{
12
+ const validator = new UsersPermissionsRouteValidator(strapi);
13
+ return [
14
+ {
15
+ method: 'GET',
16
+ path: '/connect/(.*)',
17
+ handler: 'auth.connect',
18
+ config: {
19
+ middlewares: [
20
+ 'plugin::users-permissions.rateLimit'
21
+ ],
22
+ prefix: ''
23
+ }
24
+ },
25
+ {
26
+ method: 'POST',
27
+ path: '/auth/local',
28
+ handler: 'auth.callback',
29
+ config: {
30
+ middlewares: [
31
+ 'plugin::users-permissions.rateLimit'
32
+ ],
33
+ prefix: ''
34
+ },
35
+ request: {
36
+ body: {
37
+ 'application/json': validator.loginBodySchema
38
+ }
39
+ },
40
+ response: validator.authResponseSchema
41
+ },
42
+ {
43
+ method: 'POST',
44
+ path: '/auth/local/register',
45
+ handler: 'auth.register',
46
+ config: {
47
+ middlewares: [
48
+ 'plugin::users-permissions.rateLimit'
49
+ ],
50
+ prefix: ''
51
+ },
52
+ request: {
53
+ body: {
54
+ 'application/json': validator.registerBodySchema
55
+ }
56
+ },
57
+ response: validator.authRegisterResponseSchema
58
+ },
59
+ {
60
+ method: 'GET',
61
+ path: '/auth/:provider/callback',
62
+ handler: 'auth.callback',
63
+ config: {
64
+ prefix: ''
65
+ },
66
+ request: {
67
+ params: {
68
+ provider: validator.providerParam
69
+ }
70
+ },
71
+ response: validator.authResponseSchema
72
+ },
73
+ {
74
+ method: 'POST',
75
+ path: '/auth/forgot-password',
76
+ handler: 'auth.forgotPassword',
77
+ config: {
78
+ middlewares: [
79
+ 'plugin::users-permissions.rateLimit'
80
+ ],
81
+ prefix: ''
82
+ },
83
+ request: {
84
+ body: {
85
+ 'application/json': validator.forgotPasswordBodySchema
86
+ }
87
+ },
88
+ response: validator.forgotPasswordResponseSchema
89
+ },
90
+ {
91
+ method: 'POST',
92
+ path: '/auth/reset-password',
93
+ handler: 'auth.resetPassword',
94
+ config: {
95
+ middlewares: [
96
+ 'plugin::users-permissions.rateLimit'
97
+ ],
98
+ prefix: ''
99
+ },
100
+ request: {
101
+ body: {
102
+ 'application/json': validator.resetPasswordBodySchema
103
+ }
104
+ },
105
+ response: validator.authResponseSchema
106
+ },
107
+ {
108
+ method: 'GET',
109
+ path: '/auth/email-confirmation',
110
+ handler: 'auth.emailConfirmation',
111
+ config: {
112
+ prefix: ''
113
+ }
114
+ },
115
+ {
116
+ method: 'POST',
117
+ path: '/auth/send-email-confirmation',
118
+ handler: 'auth.sendEmailConfirmation',
119
+ config: {
120
+ prefix: ''
121
+ },
122
+ request: {
123
+ body: {
124
+ 'application/json': validator.sendEmailConfirmationBodySchema
125
+ }
126
+ },
127
+ response: validator.sendEmailConfirmationResponseSchema
128
+ },
129
+ {
130
+ method: 'POST',
131
+ path: '/auth/change-password',
132
+ handler: 'auth.changePassword',
133
+ config: {
134
+ middlewares: [
135
+ 'plugin::users-permissions.rateLimit'
136
+ ],
137
+ prefix: ''
138
+ },
139
+ request: {
140
+ body: {
141
+ 'application/json': validator.changePasswordBodySchema
142
+ }
143
+ },
144
+ response: validator.authResponseSchema
97
145
  }
98
- }
99
- ];
146
+ ];
147
+ };
100
148
  return auth;
101
149
  }
102
150
 
package/dist/server/routes/content-api/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nmodule.exports = [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n];\n"],"names":["auth","method","path","handler","config","middlewares","prefix"],"mappings":";;;;;;;IAEAA,IAAiB,GAAA;AACf,QAAA;YACEC,MAAQ,EAAA,KAAA;YACRC,IAAM,EAAA,eAAA;YACNC,OAAS,EAAA,cAAA;YACTC,MAAQ,EAAA;gBACNC,WAAa,EAAA;AAAC,oBAAA;AAAsC,iBAAA;gBACpDC,MAAQ,EAAA;AACT;AACF,SAAA;AACD,QAAA;YACEL,MAAQ,EAAA,MAAA;YACRC,IAAM,EAAA,aAAA;YACNC,OAAS,EAAA,eAAA;YACTC,MAAQ,EAAA;gBACNC,WAAa,EAAA;AAAC,oBAAA;AAAsC,iBAAA;gBACpDC,MAAQ,EAAA;AACT;AACF,SAAA;AACD,QAAA;YACEL,MAAQ,EAAA,MAAA;YACRC,IAAM,EAAA,sBAAA;YACNC,OAAS,EAAA,eAAA;YACTC,MAAQ,EAAA;gBACNC,WAAa,EAAA;AAAC,oBAAA;AAAsC,iBAAA;gBACpDC,MAAQ,EAAA;AACT;AACF,SAAA;AACD,QAAA;YACEL,MAAQ,EAAA,KAAA;YACRC,IAAM,EAAA,0BAAA;YACNC,OAAS,EAAA,eAAA;YACTC,MAAQ,EAAA;gBACNE,MAAQ,EAAA;AACT;AACF,SAAA;AACD,QAAA;YACEL,MAAQ,EAAA,MAAA;YACRC,IAAM,EAAA,uBAAA;YACNC,OAAS,EAAA,qBAAA;YACTC,MAAQ,EAAA;gBACNC,WAAa,EAAA;AAAC,oBAAA;AAAsC,iBAAA;gBACpDC,MAAQ,EAAA;AACT;AACF,SAAA;AACD,QAAA;YACEL,MAAQ,EAAA,MAAA;YACRC,IAAM,EAAA,sBAAA;YACNC,OAAS,EAAA,oBAAA;YACTC,MAAQ,EAAA;gBACNC,WAAa,EAAA;AAAC,oBAAA;AAAsC,iBAAA;gBACpDC,MAAQ,EAAA;AACT;AACF,SAAA;AACD,QAAA;YACEL,MAAQ,EAAA,KAAA;YACRC,IAAM,EAAA,0BAAA;YACNC,OAAS,EAAA,wBAAA;YACTC,MAAQ,EAAA;gBACNE,MAAQ,EAAA;AACT;AACF,SAAA;AACD,QAAA;YACEL,MAAQ,EAAA,MAAA;YACRC,IAAM,EAAA,+BAAA;YACNC,OAAS,EAAA,4BAAA;YACTC,MAAQ,EAAA;gBACNE,MAAQ,EAAA;AACT;AACF,SAAA;AACD,QAAA;YACEL,MAAQ,EAAA,MAAA;YACRC,IAAM,EAAA,uBAAA;YACNC,OAAS,EAAA,qBAAA;YACTC,MAAQ,EAAA;gBACNC,WAAa,EAAA;AAAC,oBAAA;AAAsC,iBAAA;gBACpDC,MAAQ,EAAA;AACT;AACF;AACF,KAAA;;;;;;"}
1
+ {"version":3,"file":"auth.js","sources":["../../../../server/routes/content-api/auth.js"],"sourcesContent":["'use strict';\n\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/connect/(.*)',\n handler: 'auth.connect',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/local',\n handler: 'auth.callback',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.loginBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/local/register',\n handler: 'auth.register',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.registerBodySchema },\n },\n response: validator.authRegisterResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/:provider/callback',\n handler: 'auth.callback',\n config: {\n prefix: '',\n },\n request: {\n params: {\n provider: validator.providerParam,\n },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/forgot-password',\n handler: 'auth.forgotPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.forgotPasswordBodySchema },\n },\n response: validator.forgotPasswordResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/reset-password',\n handler: 'auth.resetPassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.resetPasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n {\n method: 'GET',\n path: '/auth/email-confirmation',\n handler: 'auth.emailConfirmation',\n config: {\n prefix: '',\n },\n },\n {\n method: 'POST',\n path: '/auth/send-email-confirmation',\n handler: 'auth.sendEmailConfirmation',\n config: {\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.sendEmailConfirmationBodySchema },\n },\n response: validator.sendEmailConfirmationResponseSchema,\n },\n {\n method: 'POST',\n path: '/auth/change-password',\n handler: 'auth.changePassword',\n config: {\n middlewares: ['plugin::users-permissions.rateLimit'],\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.changePasswordBodySchema },\n },\n response: validator.authResponseSchema,\n },\n ];\n};\n"],"names":["UsersPermissionsRouteValidator","require$$0","auth","strapi","validator","method","path","handler","config","middlewares","prefix","request","body","loginBodySchema","response","authResponseSchema","registerBodySchema","authRegisterResponseSchema","params","provider","providerParam","forgotPasswordBodySchema","forgotPasswordResponseSchema","resetPasswordBodySchema","sendEmailConfirmationBodySchema","sendEmailConfirmationResponseSchema","changePasswordBodySchema"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,8BAA8B,EAAE,GAAGC,oBAAAA,EAAAA;AAE7BC,IAAAA,IAAAA,GAAG,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAA+BG,CAAAA,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAQ,EAAA,KAAA;gBACRC,IAAM,EAAA,eAAA;gBACNC,OAAS,EAAA,cAAA;gBACTC,MAAQ,EAAA;oBACNC,WAAa,EAAA;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAQ,EAAA;AACT;AACF,aAAA;AACD,YAAA;gBACEL,MAAQ,EAAA,MAAA;gBACRC,IAAM,EAAA,aAAA;gBACNC,OAAS,EAAA,eAAA;gBACTC,MAAQ,EAAA;oBACNC,WAAa,EAAA;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAQ,EAAA;AACT,iBAAA;gBACDC,OAAS,EAAA;oBACPC,IAAM,EAAA;AAAE,wBAAA,kBAAA,EAAoBR,UAAUS;AAAiB;AACxD,iBAAA;AACDC,gBAAAA,QAAAA,EAAUV,UAAUW;AACrB,aAAA;AACD,YAAA;gBACEV,MAAQ,EAAA,MAAA;gBACRC,IAAM,EAAA,sBAAA;gBACNC,OAAS,EAAA,eAAA;gBACTC,MAAQ,EAAA;oBACNC,WAAa,EAAA;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAQ,EAAA;AACT,iBAAA;gBACDC,OAAS,EAAA;oBACPC,IAAM,EAAA;AAAE,wBAAA,kBAAA,EAAoBR,UAAUY;AAAoB;AAC3D,iBAAA;AACDF,gBAAAA,QAAAA,EAAUV,UAAUa;AACrB,aAAA;AACD,YAAA;gBACEZ,MAAQ,EAAA,KAAA;gBACRC,IAAM,EAAA,0BAAA;gBACNC,OAAS,EAAA,eAAA;gBACTC,MAAQ,EAAA;oBACNE,MAAQ,EAAA;AACT,iBAAA;gBACDC,OAAS,EAAA;oBACPO,MAAQ,EAAA;AACNC,wBAAAA,QAAAA,EAAUf,UAAUgB;AACrB;AACF,iBAAA;AACDN,gBAAAA,QAAAA,EAAUV,UAAUW;AACrB,aAAA;AACD,YAAA;gBACEV,MAAQ,EAAA,MAAA;gBACRC,IAAM,EAAA,uBAAA;gBACNC,OAAS,EAAA,qBAAA;gBACTC,MAAQ,EAAA;oBACNC,WAAa,EAAA;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAQ,EAAA;AACT,iBAAA;gBACDC,OAAS,EAAA;oBACPC,IAAM,EAAA;AAAE,wBAAA,kBAAA,EAAoBR,UAAUiB;AAA0B;AACjE,iBAAA;AACDP,gBAAAA,QAAAA,EAAUV,UAAUkB;AACrB,aAAA;AACD,YAAA;gBACEjB,MAAQ,EAAA,MAAA;gBACRC,IAAM,EAAA,sBAAA;gBACNC,OAAS,EAAA,oBAAA;gBACTC,MAAQ,EAAA;oBACNC,WAAa,EAAA;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAQ,EAAA;AACT,iBAAA;gBACDC,OAAS,EAAA;oBACPC,IAAM,EAAA;AAAE,wBAAA,kBAAA,EAAoBR,UAAUmB;AAAyB;AAChE,iBAAA;AACDT,gBAAAA,QAAAA,EAAUV,UAAUW;AACrB,aAAA;AACD,YAAA;gBACEV,MAAQ,EAAA,KAAA;gBACRC,IAAM,EAAA,0BAAA;gBACNC,OAAS,EAAA,wBAAA;gBACTC,MAAQ,EAAA;oBACNE,MAAQ,EAAA;AACT;AACF,aAAA;AACD,YAAA;gBACEL,MAAQ,EAAA,MAAA;gBACRC,IAAM,EAAA,+BAAA;gBACNC,OAAS,EAAA,4BAAA;gBACTC,MAAQ,EAAA;oBACNE,MAAQ,EAAA;AACT,iBAAA;gBACDC,OAAS,EAAA;oBACPC,IAAM,EAAA;AAAE,wBAAA,kBAAA,EAAoBR,UAAUoB;AAAiC;AACxE,iBAAA;AACDV,gBAAAA,QAAAA,EAAUV,UAAUqB;AACrB,aAAA;AACD,YAAA;gBACEpB,MAAQ,EAAA,MAAA;gBACRC,IAAM,EAAA,uBAAA;gBACNC,OAAS,EAAA,qBAAA;gBACTC,MAAQ,EAAA;oBACNC,WAAa,EAAA;AAAC,wBAAA;AAAsC,qBAAA;oBACpDC,MAAQ,EAAA;AACT,iBAAA;gBACDC,OAAS,EAAA;oBACPC,IAAM,EAAA;AAAE,wBAAA,kBAAA,EAAoBR,UAAUsB;AAA0B;AACjE,iBAAA;AACDZ,gBAAAA,QAAAA,EAAUV,UAAUW;AACrB;AACF,SAAA;AACH,KAAA;;;;;;"}