@strapi/plugin-users-permissions 5.39.0 → 5.41.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/dist/server/bootstrap/index.js.map +1 -1
  2. package/dist/server/bootstrap/index.mjs.map +1 -1
  3. package/dist/server/config.js.map +1 -1
  4. package/dist/server/config.mjs.map +1 -1
  5. package/dist/server/controllers/auth.js.map +1 -1
  6. package/dist/server/controllers/auth.mjs.map +1 -1
  7. package/dist/server/controllers/content-manager-user.js.map +1 -1
  8. package/dist/server/controllers/content-manager-user.mjs.map +1 -1
  9. package/dist/server/controllers/permissions.js.map +1 -1
  10. package/dist/server/controllers/permissions.mjs.map +1 -1
  11. package/dist/server/controllers/role.js.map +1 -1
  12. package/dist/server/controllers/role.mjs.map +1 -1
  13. package/dist/server/controllers/settings.js.map +1 -1
  14. package/dist/server/controllers/settings.mjs.map +1 -1
  15. package/dist/server/controllers/user.js.map +1 -1
  16. package/dist/server/controllers/user.mjs.map +1 -1
  17. package/dist/server/controllers/validation/auth.js.map +1 -1
  18. package/dist/server/controllers/validation/auth.mjs.map +1 -1
  19. package/dist/server/controllers/validation/user.js.map +1 -1
  20. package/dist/server/controllers/validation/user.mjs.map +1 -1
  21. package/dist/server/graphql/index.js.map +1 -1
  22. package/dist/server/graphql/index.mjs.map +1 -1
  23. package/dist/server/graphql/mutations/auth/login.js.map +1 -1
  24. package/dist/server/graphql/mutations/auth/login.mjs.map +1 -1
  25. package/dist/server/graphql/mutations/crud/role/create-role.js.map +1 -1
  26. package/dist/server/graphql/mutations/crud/role/create-role.mjs.map +1 -1
  27. package/dist/server/graphql/mutations/crud/role/delete-role.js.map +1 -1
  28. package/dist/server/graphql/mutations/crud/role/delete-role.mjs.map +1 -1
  29. package/dist/server/graphql/mutations/crud/role/update-role.js.map +1 -1
  30. package/dist/server/graphql/mutations/crud/role/update-role.mjs.map +1 -1
  31. package/dist/server/graphql/mutations/crud/user/create-user.js.map +1 -1
  32. package/dist/server/graphql/mutations/crud/user/create-user.mjs.map +1 -1
  33. package/dist/server/graphql/types/login-input.js.map +1 -1
  34. package/dist/server/graphql/types/login-input.mjs.map +1 -1
  35. package/dist/server/graphql/types/login-payload.js.map +1 -1
  36. package/dist/server/graphql/types/login-payload.mjs.map +1 -1
  37. package/dist/server/register.js.map +1 -1
  38. package/dist/server/register.mjs.map +1 -1
  39. package/dist/server/services/jwt.js.map +1 -1
  40. package/dist/server/services/jwt.mjs.map +1 -1
  41. package/dist/server/services/permission.js.map +1 -1
  42. package/dist/server/services/permission.mjs.map +1 -1
  43. package/dist/server/services/providers-registry.js.map +1 -1
  44. package/dist/server/services/providers-registry.mjs.map +1 -1
  45. package/dist/server/services/providers.js.map +1 -1
  46. package/dist/server/services/providers.mjs.map +1 -1
  47. package/dist/server/services/role.js.map +1 -1
  48. package/dist/server/services/role.mjs.map +1 -1
  49. package/dist/server/services/user.js.map +1 -1
  50. package/dist/server/services/user.mjs.map +1 -1
  51. package/dist/server/services/users-permissions.js.map +1 -1
  52. package/dist/server/services/users-permissions.mjs.map +1 -1
  53. package/dist/server/strategies/users-permissions.js.map +1 -1
  54. package/dist/server/strategies/users-permissions.mjs.map +1 -1
  55. package/package.json +5 -5
package/dist/server/services/role.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"role.js","sources":["../../../server/services/role.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { NotFoundError } = require('@strapi/utils').errors;\nconst { getService } = require('../utils');\n\nmodule.exports = ({ strapi }) => ({\n async createRole(params) {\n if (!params.type) {\n params.type = _.snakeCase(_.deburr(_.toLower(params.name)));\n }\n\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .create({ data: _.omit(params, ['users', 'permissions']) });\n\n const createPromises = _.flatMap(params.permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n const actionID = `${typeName}.${controllerName}.${actionName}`;\n\n acc.push(\n strapi.db\n .query('plugin::users-permissions.permission')\n .create({ data: { action: actionID, role: role.id } })\n );\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n await Promise.all(createPromises);\n },\n\n async findOne(roleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n const allActions = getService('users-permissions').getActions();\n\n // Group by `type`.\n role.permissions.forEach((permission) => {\n const [type, controller, action] = permission.action.split('.');\n\n _.set(allActions, `${type}.controllers.${controller}.${action}`, {\n enabled: true,\n policy: '',\n });\n });\n\n return {\n ...role,\n permissions: allActions,\n };\n },\n\n async find() {\n const roles = await strapi.db\n .query('plugin::users-permissions.role')\n .findMany({ sort: ['name'] });\n\n for (const role of roles) {\n role.nb_users = await strapi.db\n .query('plugin::users-permissions.user')\n .count({ where: { role: { id: role.id } } });\n }\n\n return roles;\n },\n\n async updateRole(roleID, data) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n await strapi.db.query('plugin::users-permissions.role').update({\n where: { id: roleID },\n data: _.pick(data, ['name', 'description']),\n });\n\n const { permissions } = data;\n\n const newActions = _.flatMap(permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n acc.push(`${typeName}.${controllerName}.${actionName}`);\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n const oldActions = role.permissions.map(({ action }) => action);\n\n const toDelete = role.permissions.reduce((acc, permission) => {\n if (!newActions.includes(permission.action)) {\n acc.push(permission);\n }\n return acc;\n }, []);\n\n const toCreate = newActions\n .filter((action) => !oldActions.includes(action))\n .map((action) => ({ action, role: role.id }));\n\n await Promise.all(\n toDelete.map((permission) =>\n strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { id: permission.id } })\n )\n );\n\n await Promise.all(\n toCreate.map((permissionInfo) =>\n strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })\n )\n );\n },\n\n async deleteRole(roleID, publicRoleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n // Move users to guest role.\n await Promise.all(\n role.users.map((user) => {\n return strapi.db.query('plugin::users-permissions.user').update({\n where: { id: user.id },\n data: { role: publicRoleID },\n });\n })\n );\n\n // Remove permissions related to this role.\n // TODO: use delete many\n await Promise.all(\n role.permissions.map((permission) => {\n return strapi.db.query('plugin::users-permissions.permission').delete({\n where: { id: permission.id },\n });\n })\n );\n\n // Delete the role.\n await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });\n },\n});\n"],"names":["_","require$$0","NotFoundError","require$$1","errors","getService","require$$2","role","strapi","createRole","params","type","snakeCase","deburr","toLower","name","db","query","create","data","omit","createPromises","flatMap","permissions","typeName","controllers","controller","controllerName","reduce","acc","action","actionName","enabled","actionID","push","id","Promise","all","findOne","roleID","where","populate","allActions","getActions","forEach","permission","split","set","policy","find","roles","findMany","sort","nb_users","count","updateRole","update","pick","newActions","oldActions","map","toDelete","includes","toCreate","filter","delete","permissionInfo","deleteRole","publicRoleID","users","user"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGC,WAAyBC,MAAM;IACzD,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChC,YAAA,MAAMC,YAAWC,MAAM,EAAA;gBACrB,IAAI,CAACA,MAAAA,CAAOC,IAAI,EAAE;AAChBD,oBAAAA,MAAAA,CAAOC,IAAI,GAAGX,CAAAA,CAAEY,SAAS,CAACZ,CAAAA,CAAEa,MAAM,CAACb,CAAAA,CAAEc,OAAO,CAACJ,MAAAA,CAAOK,IAAI,CAAA,CAAA,CAAA;AAC9D,gBAAA;gBAEI,MAAMR,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,MAAM,CAAC;oBAAEC,IAAAA,EAAMnB,CAAAA,CAAEoB,IAAI,CAACV,MAAAA,EAAQ;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc,qBAAA;AAAC,iBAAA,CAAA;gBAE1D,MAAMW,cAAAA,GAAiBrB,EAAEsB,OAAO,CAACZ,OAAOa,WAAW,EAAE,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC1D,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACX,MAAMC,QAAAA,GAAW,GAAGT,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY;gCAE9DF,GAAAA,CAAIK,IAAI,CACN1B,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNC,MAAM,CAAC;oCAAEC,IAAAA,EAAM;wCAAEW,MAAAA,EAAQG,QAAAA;AAAU1B,wCAAAA,IAAAA,EAAMA,KAAK4B;AAAE;;AAEnE,4BAAA;4BAEY,OAAON,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAE,CAAA;AAEZ,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMO,OAAAA,CAAQC,GAAG,CAAChB,cAAAA,CAAAA;AACtB,YAAA,CAAA;AAEE,YAAA,MAAMiB,SAAQC,MAAM,EAAA;gBAClB,MAAMhC,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;gBAEI,MAAMwC,UAAAA,GAAarC,UAAAA,CAAW,mBAAA,CAAA,CAAqBsC,UAAU,EAAA;;AAG7DpC,gBAAAA,IAAAA,CAAKgB,WAAW,CAACqB,OAAO,CAAC,CAACC,UAAAA,GAAAA;oBACxB,MAAM,CAAClC,MAAMe,UAAAA,EAAYI,MAAAA,CAAO,GAAGe,UAAAA,CAAWf,MAAM,CAACgB,KAAK,CAAC,GAAA,CAAA;oBAE3D9C,CAAAA,CAAE+C,GAAG,CAACL,UAAAA,EAAY,CAAA,EAAG/B,IAAAA,CAAK,aAAa,EAAEe,UAAAA,CAAW,CAAC,EAAEI,MAAAA,CAAAA,CAAQ,EAAE;wBAC/DE,OAAAA,EAAS,IAAA;wBACTgB,MAAAA,EAAQ;AAChB,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,OAAO;AACL,oBAAA,GAAGzC,IAAI;oBACPgB,WAAAA,EAAamB;AACnB,iBAAA;AACA,YAAA,CAAA;YAEE,MAAMO,IAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAM1C,MAAAA,CAAOQ,EAAE,CAC1BC,KAAK,CAAC,gCAAA,CAAA,CACNkC,QAAQ,CAAC;oBAAEC,IAAAA,EAAM;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;gBAE5B,KAAK,MAAM7C,QAAQ2C,KAAAA,CAAO;oBACxB3C,IAAAA,CAAK8C,QAAQ,GAAG,MAAM7C,MAAAA,CAAOQ,EAAE,CAC5BC,KAAK,CAAC,gCAAA,CAAA,CACNqC,KAAK,CAAC;wBAAEd,KAAAA,EAAO;4BAAEjC,IAAAA,EAAM;AAAE4B,gCAAAA,EAAAA,EAAI5B,KAAK4B;;AAAI;AAAE,qBAAA,CAAA;AACjD,gBAAA;gBAEI,OAAOe,KAAAA;AACX,YAAA,CAAA;YAEE,MAAMK,UAAAA,CAAAA,CAAWhB,MAAM,EAAEpB,IAAI,EAAA;gBAC3B,MAAMZ,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;AAEI,gBAAA,MAAMM,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;oBAC7DhB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBACnBpB,IAAAA,EAAMnB,CAAAA,CAAEyD,IAAI,CAACtC,IAAAA,EAAM;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAc,qBAAA;AAChD,iBAAA,CAAA;gBAEI,MAAM,EAAEI,WAAW,EAAE,GAAGJ,IAAAA;AAExB,gBAAA,MAAMuC,aAAa1D,CAAAA,CAAEsB,OAAO,CAACC,WAAAA,EAAa,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC/C,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACXH,GAAAA,CAAIK,IAAI,CAAC,CAAA,EAAGV,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY,CAAA;AACpE,4BAAA;4BAEY,OAAOF,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAE,CAAA;AAEZ,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAM8B,UAAAA,GAAapD,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAAC,EAAE9B,MAAM,EAAE,GAAKA,MAAAA,CAAAA;AAExD,gBAAA,MAAM+B,WAAWtD,IAAAA,CAAKgB,WAAW,CAACK,MAAM,CAAC,CAACC,GAAAA,EAAKgB,UAAAA,GAAAA;AAC7C,oBAAA,IAAI,CAACa,UAAAA,CAAWI,QAAQ,CAACjB,UAAAA,CAAWf,MAAM,CAAA,EAAG;AAC3CD,wBAAAA,GAAAA,CAAIK,IAAI,CAACW,UAAAA,CAAAA;AACjB,oBAAA;oBACM,OAAOhB,GAAAA;AACb,gBAAA,CAAA,EAAO,EAAE,CAAA;AAEL,gBAAA,MAAMkC,QAAAA,GAAWL,UAAAA,CACdM,MAAM,CAAC,CAAClC,MAAAA,GAAW,CAAC6B,UAAAA,CAAWG,QAAQ,CAAChC,MAAAA,CAAAA,CAAAA,CACxC8B,GAAG,CAAC,CAAC9B,UAAY;AAAEA,wBAAAA,MAAAA;AAAQvB,wBAAAA,IAAAA,EAAMA,KAAK4B;qBAAE,CAAA,CAAA;AAE3C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACfwB,QAAAA,CAASD,GAAG,CAAC,CAACf,UAAAA,GACZrC,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNgD,MAAM,CAAC;wBAAEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;;AAI1C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACf0B,QAAAA,CAASH,GAAG,CAAC,CAACM,cAAAA,GACZ1D,MAAAA,CAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCC,MAAM,CAAC;wBAAEC,IAAAA,EAAM+C;;AAG/E,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,CAAW5B,MAAM,EAAE6B,YAAY,EAAA;gBACnC,MAAM7D,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAEtE,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;;gBAGI,MAAMkC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAK8D,KAAK,CAACT,GAAG,CAAC,CAACU,IAAAA,GAAAA;AACd,oBAAA,OAAO9D,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;wBAC9DhB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAImC,KAAKnC;AAAE,yBAAA;wBACpBhB,IAAAA,EAAM;4BAAEZ,IAAAA,EAAM6D;AAAY;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;;gBAKI,MAAMhC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAACf,UAAAA,GAAAA;AACpB,oBAAA,OAAOrC,OAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCgD,MAAM,CAAC;wBACpEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;AAII,gBAAA,MAAM3B,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCgD,MAAM,CAAC;oBAAEzB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM;AAAE,iBAAA,CAAA;AAC1F,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"role.js","sources":["../../../server/services/role.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { NotFoundError } = require('@strapi/utils').errors;\nconst { getService } = require('../utils');\n\nmodule.exports = ({ strapi }) => ({\n async createRole(params) {\n if (!params.type) {\n params.type = _.snakeCase(_.deburr(_.toLower(params.name)));\n }\n\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .create({ data: _.omit(params, ['users', 'permissions']) });\n\n const createPromises = _.flatMap(params.permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n const actionID = `${typeName}.${controllerName}.${actionName}`;\n\n acc.push(\n strapi.db\n .query('plugin::users-permissions.permission')\n .create({ data: { action: actionID, role: role.id } })\n );\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n await Promise.all(createPromises);\n },\n\n async findOne(roleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n const allActions = getService('users-permissions').getActions();\n\n // Group by `type`.\n role.permissions.forEach((permission) => {\n const [type, controller, action] = permission.action.split('.');\n\n _.set(allActions, `${type}.controllers.${controller}.${action}`, {\n enabled: true,\n policy: '',\n });\n });\n\n return {\n ...role,\n permissions: allActions,\n };\n },\n\n async find() {\n const roles = await strapi.db\n .query('plugin::users-permissions.role')\n .findMany({ sort: ['name'] });\n\n for (const role of roles) {\n role.nb_users = await strapi.db\n .query('plugin::users-permissions.user')\n .count({ where: { role: { id: role.id } } });\n }\n\n return roles;\n },\n\n async updateRole(roleID, data) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n await strapi.db.query('plugin::users-permissions.role').update({\n where: { id: roleID },\n data: _.pick(data, ['name', 'description']),\n });\n\n const { permissions } = data;\n\n const newActions = _.flatMap(permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n acc.push(`${typeName}.${controllerName}.${actionName}`);\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n const oldActions = role.permissions.map(({ action }) => action);\n\n const toDelete = role.permissions.reduce((acc, permission) => {\n if (!newActions.includes(permission.action)) {\n acc.push(permission);\n }\n return acc;\n }, []);\n\n const toCreate = newActions\n .filter((action) => !oldActions.includes(action))\n .map((action) => ({ action, role: role.id }));\n\n await Promise.all(\n toDelete.map((permission) =>\n strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { id: permission.id } })\n )\n );\n\n await Promise.all(\n toCreate.map((permissionInfo) =>\n strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })\n )\n );\n },\n\n async deleteRole(roleID, publicRoleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n // Move users to guest role.\n await Promise.all(\n role.users.map((user) => {\n return strapi.db.query('plugin::users-permissions.user').update({\n where: { id: user.id },\n data: { role: publicRoleID },\n });\n })\n );\n\n // Remove permissions related to this role.\n // TODO: use delete many\n await Promise.all(\n role.permissions.map((permission) => {\n return strapi.db.query('plugin::users-permissions.permission').delete({\n where: { id: permission.id },\n });\n })\n );\n\n // Delete the role.\n await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });\n },\n});\n"],"names":["_","require$$0","NotFoundError","require$$1","errors","getService","require$$2","role","strapi","createRole","params","type","snakeCase","deburr","toLower","name","db","query","create","data","omit","createPromises","flatMap","permissions","typeName","controllers","controller","controllerName","reduce","acc","action","actionName","enabled","actionID","push","id","Promise","all","findOne","roleID","where","populate","allActions","getActions","forEach","permission","split","set","policy","find","roles","findMany","sort","nb_users","count","updateRole","update","pick","newActions","oldActions","map","toDelete","includes","toCreate","filter","delete","permissionInfo","deleteRole","publicRoleID","users","user"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGC,WAAyBC,MAAM;IACzD,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChC,YAAA,MAAMC,YAAWC,MAAM,EAAA;gBACrB,IAAI,CAACA,MAAAA,CAAOC,IAAI,EAAE;AAChBD,oBAAAA,MAAAA,CAAOC,IAAI,GAAGX,CAAAA,CAAEY,SAAS,CAACZ,CAAAA,CAAEa,MAAM,CAACb,CAAAA,CAAEc,OAAO,CAACJ,MAAAA,CAAOK,IAAI,CAAA,CAAA,CAAA;AAC9D,gBAAA;gBAEI,MAAMR,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAA,CACvBC,KAAK,CAAC,gCAAA,CAAA,CACNC,MAAM,CAAC;oBAAEC,IAAAA,EAAMnB,CAAAA,CAAEoB,IAAI,CAACV,MAAAA,EAAQ;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc,qBAAA;;gBAEzD,MAAMW,cAAAA,GAAiBrB,EAAEsB,OAAO,CAACZ,OAAOa,WAAW,EAAE,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC1D,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACX,MAAMC,QAAAA,GAAW,GAAGT,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY;gCAE9DF,GAAAA,CAAIK,IAAI,CACN1B,MAAAA,CAAOQ,EAAA,CACJC,KAAK,CAAC,sCAAA,CAAA,CACNC,MAAM,CAAC;oCAAEC,IAAAA,EAAM;wCAAEW,MAAAA,EAAQG,QAAAA;AAAU1B,wCAAAA,IAAAA,EAAMA,KAAK4B;;AAAI,iCAAA,CAAA,CAAA;AAErE,4BAAA;4BAEY,OAAON,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAA,CAAA;AAEV,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMO,OAAAA,CAAQC,GAAG,CAAChB,cAAAA,CAAAA;AACtB,YAAA,CAAA;AAEE,YAAA,MAAMiB,SAAQC,MAAM,EAAA;gBAClB,MAAMhC,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAA,CACvBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;gBAEI,MAAMwC,UAAAA,GAAarC,UAAAA,CAAW,mBAAA,CAAA,CAAqBsC,UAAU,EAAA;;AAG7DpC,gBAAAA,IAAAA,CAAKgB,WAAW,CAACqB,OAAO,CAAC,CAACC,UAAAA,GAAAA;oBACxB,MAAM,CAAClC,MAAMe,UAAAA,EAAYI,MAAAA,CAAO,GAAGe,UAAAA,CAAWf,MAAM,CAACgB,KAAK,CAAC,GAAA,CAAA;oBAE3D9C,CAAAA,CAAE+C,GAAG,CAACL,UAAAA,EAAY,CAAA,EAAG/B,IAAAA,CAAK,aAAa,EAAEe,UAAAA,CAAW,CAAC,EAAEI,MAAAA,CAAAA,CAAQ,EAAE;wBAC/DE,OAAAA,EAAS,IAAA;wBACTgB,MAAAA,EAAQ;AAChB,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,OAAO;AACL,oBAAA,GAAGzC,IAAI;oBACPgB,WAAAA,EAAamB;AACnB,iBAAA;AACA,YAAA,CAAA;YAEE,MAAMO,IAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAM1C,MAAAA,CAAOQ,EAAA,CACxBC,KAAK,CAAC,gCAAA,CAAA,CACNkC,QAAQ,CAAC;oBAAEC,IAAAA,EAAM;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;gBAE5B,KAAK,MAAM7C,QAAQ2C,KAAAA,CAAO;oBACxB3C,IAAAA,CAAK8C,QAAQ,GAAG,MAAM7C,MAAAA,CAAOQ,EAAA,CAC1BC,KAAK,CAAC,gCAAA,CAAA,CACNqC,KAAK,CAAC;wBAAEd,KAAAA,EAAO;4BAAEjC,IAAAA,EAAM;AAAE4B,gCAAAA,EAAAA,EAAI5B,KAAK4B;AAAE;AAAE;;AAC/C,gBAAA;gBAEI,OAAOe,KAAAA;AACX,YAAA,CAAA;YAEE,MAAMK,UAAAA,CAAAA,CAAWhB,MAAM,EAAEpB,IAAI,EAAA;gBAC3B,MAAMZ,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAA,CACvBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;AAEI,gBAAA,MAAMM,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;oBAC7DhB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBACnBpB,IAAAA,EAAMnB,CAAAA,CAAEyD,IAAI,CAACtC,IAAAA,EAAM;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAc,qBAAA;AAChD,iBAAA,CAAA;gBAEI,MAAM,EAAEI,WAAW,EAAE,GAAGJ,IAAAA;AAExB,gBAAA,MAAMuC,aAAa1D,CAAAA,CAAEsB,OAAO,CAACC,WAAAA,EAAa,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC/C,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACXH,GAAAA,CAAIK,IAAI,CAAC,CAAA,EAAGV,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY,CAAA;AACpE,4BAAA;4BAEY,OAAOF,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAA,CAAA;AAEV,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAM8B,UAAAA,GAAapD,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAAC,EAAE9B,MAAM,EAAE,GAAKA,MAAAA,CAAAA;AAExD,gBAAA,MAAM+B,WAAWtD,IAAAA,CAAKgB,WAAW,CAACK,MAAM,CAAC,CAACC,GAAAA,EAAKgB,UAAAA,GAAAA;AAC7C,oBAAA,IAAI,CAACa,UAAAA,CAAWI,QAAQ,CAACjB,UAAAA,CAAWf,MAAM,CAAA,EAAG;AAC3CD,wBAAAA,GAAAA,CAAIK,IAAI,CAACW,UAAAA,CAAAA;AACjB,oBAAA;oBACM,OAAOhB,GAAAA;AACb,gBAAA,CAAA,EAAO,EAAE,CAAA;AAEL,gBAAA,MAAMkC,QAAAA,GAAWL,UAAAA,CACdM,MAAM,CAAC,CAAClC,MAAAA,GAAW,CAAC6B,UAAAA,CAAWG,QAAQ,CAAChC,MAAAA,CAAAA,CAAAA,CACxC8B,GAAG,CAAC,CAAC9B,UAAY;AAAEA,wBAAAA,MAAAA;AAAQvB,wBAAAA,IAAAA,EAAMA,KAAK4B;qBAAE,CAAA,CAAA;AAE3C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACfwB,QAAAA,CAASD,GAAG,CAAC,CAACf,UAAAA,GACZrC,MAAAA,CAAOQ,EAAA,CACJC,KAAK,CAAC,sCAAA,CAAA,CACNgD,MAAM,CAAC;wBAAEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;AAAE,qBAAA,CAAA,CAAA,CAAA;AAI5C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACf0B,QAAAA,CAASH,GAAG,CAAC,CAACM,cAAAA,GACZ1D,MAAAA,CAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCC,MAAM,CAAC;wBAAEC,IAAAA,EAAM+C;AAAc,qBAAA,CAAA,CAAA,CAAA;AAG7F,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,CAAW5B,MAAM,EAAE6B,YAAY,EAAA;gBACnC,MAAM7D,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAA,CACvBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;;oBAAUE,QAAAA,EAAU;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc;;AAEtE,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;;gBAGI,MAAMkC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAK8D,KAAK,CAACT,GAAG,CAAC,CAACU,IAAAA,GAAAA;AACd,oBAAA,OAAO9D,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;wBAC9DhB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAImC,KAAKnC;AAAE,yBAAA;wBACpBhB,IAAAA,EAAM;4BAAEZ,IAAAA,EAAM6D;AAAY;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;;gBAKI,MAAMhC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAACf,UAAAA,GAAAA;AACpB,oBAAA,OAAOrC,OAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCgD,MAAM,CAAC;wBACpEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;AAII,gBAAA,MAAM3B,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCgD,MAAM,CAAC;oBAAEzB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM;AAAE,iBAAA,CAAA;AAC1F,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/services/role.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"role.mjs","sources":["../../../server/services/role.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { NotFoundError } = require('@strapi/utils').errors;\nconst { getService } = require('../utils');\n\nmodule.exports = ({ strapi }) => ({\n async createRole(params) {\n if (!params.type) {\n params.type = _.snakeCase(_.deburr(_.toLower(params.name)));\n }\n\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .create({ data: _.omit(params, ['users', 'permissions']) });\n\n const createPromises = _.flatMap(params.permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n const actionID = `${typeName}.${controllerName}.${actionName}`;\n\n acc.push(\n strapi.db\n .query('plugin::users-permissions.permission')\n .create({ data: { action: actionID, role: role.id } })\n );\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n await Promise.all(createPromises);\n },\n\n async findOne(roleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n const allActions = getService('users-permissions').getActions();\n\n // Group by `type`.\n role.permissions.forEach((permission) => {\n const [type, controller, action] = permission.action.split('.');\n\n _.set(allActions, `${type}.controllers.${controller}.${action}`, {\n enabled: true,\n policy: '',\n });\n });\n\n return {\n ...role,\n permissions: allActions,\n };\n },\n\n async find() {\n const roles = await strapi.db\n .query('plugin::users-permissions.role')\n .findMany({ sort: ['name'] });\n\n for (const role of roles) {\n role.nb_users = await strapi.db\n .query('plugin::users-permissions.user')\n .count({ where: { role: { id: role.id } } });\n }\n\n return roles;\n },\n\n async updateRole(roleID, data) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n await strapi.db.query('plugin::users-permissions.role').update({\n where: { id: roleID },\n data: _.pick(data, ['name', 'description']),\n });\n\n const { permissions } = data;\n\n const newActions = _.flatMap(permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n acc.push(`${typeName}.${controllerName}.${actionName}`);\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n const oldActions = role.permissions.map(({ action }) => action);\n\n const toDelete = role.permissions.reduce((acc, permission) => {\n if (!newActions.includes(permission.action)) {\n acc.push(permission);\n }\n return acc;\n }, []);\n\n const toCreate = newActions\n .filter((action) => !oldActions.includes(action))\n .map((action) => ({ action, role: role.id }));\n\n await Promise.all(\n toDelete.map((permission) =>\n strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { id: permission.id } })\n )\n );\n\n await Promise.all(\n toCreate.map((permissionInfo) =>\n strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })\n )\n );\n },\n\n async deleteRole(roleID, publicRoleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n // Move users to guest role.\n await Promise.all(\n role.users.map((user) => {\n return strapi.db.query('plugin::users-permissions.user').update({\n where: { id: user.id },\n data: { role: publicRoleID },\n });\n })\n );\n\n // Remove permissions related to this role.\n // TODO: use delete many\n await Promise.all(\n role.permissions.map((permission) => {\n return strapi.db.query('plugin::users-permissions.permission').delete({\n where: { id: permission.id },\n });\n })\n );\n\n // Delete the role.\n await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });\n },\n});\n"],"names":["_","require$$0","NotFoundError","require$$1","errors","getService","require$$2","role","strapi","createRole","params","type","snakeCase","deburr","toLower","name","db","query","create","data","omit","createPromises","flatMap","permissions","typeName","controllers","controller","controllerName","reduce","acc","action","actionName","enabled","actionID","push","id","Promise","all","findOne","roleID","where","populate","allActions","getActions","forEach","permission","split","set","policy","find","roles","findMany","sort","nb_users","count","updateRole","update","pick","newActions","oldActions","map","toDelete","includes","toCreate","filter","delete","permissionInfo","deleteRole","publicRoleID","users","user"],"mappings":";;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGC,WAAyBC,MAAM;IACzD,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChC,YAAA,MAAMC,YAAWC,MAAM,EAAA;gBACrB,IAAI,CAACA,MAAAA,CAAOC,IAAI,EAAE;AAChBD,oBAAAA,MAAAA,CAAOC,IAAI,GAAGX,CAAAA,CAAEY,SAAS,CAACZ,CAAAA,CAAEa,MAAM,CAACb,CAAAA,CAAEc,OAAO,CAACJ,MAAAA,CAAOK,IAAI,CAAA,CAAA,CAAA;AAC9D,gBAAA;gBAEI,MAAMR,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,MAAM,CAAC;oBAAEC,IAAAA,EAAMnB,CAAAA,CAAEoB,IAAI,CAACV,MAAAA,EAAQ;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc,qBAAA;AAAC,iBAAA,CAAA;gBAE1D,MAAMW,cAAAA,GAAiBrB,EAAEsB,OAAO,CAACZ,OAAOa,WAAW,EAAE,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC1D,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACX,MAAMC,QAAAA,GAAW,GAAGT,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY;gCAE9DF,GAAAA,CAAIK,IAAI,CACN1B,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNC,MAAM,CAAC;oCAAEC,IAAAA,EAAM;wCAAEW,MAAAA,EAAQG,QAAAA;AAAU1B,wCAAAA,IAAAA,EAAMA,KAAK4B;AAAE;;AAEnE,4BAAA;4BAEY,OAAON,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAE,CAAA;AAEZ,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMO,OAAAA,CAAQC,GAAG,CAAChB,cAAAA,CAAAA;AACtB,YAAA,CAAA;AAEE,YAAA,MAAMiB,SAAQC,MAAM,EAAA;gBAClB,MAAMhC,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;gBAEI,MAAMwC,UAAAA,GAAarC,UAAAA,CAAW,mBAAA,CAAA,CAAqBsC,UAAU,EAAA;;AAG7DpC,gBAAAA,IAAAA,CAAKgB,WAAW,CAACqB,OAAO,CAAC,CAACC,UAAAA,GAAAA;oBACxB,MAAM,CAAClC,MAAMe,UAAAA,EAAYI,MAAAA,CAAO,GAAGe,UAAAA,CAAWf,MAAM,CAACgB,KAAK,CAAC,GAAA,CAAA;oBAE3D9C,CAAAA,CAAE+C,GAAG,CAACL,UAAAA,EAAY,CAAA,EAAG/B,IAAAA,CAAK,aAAa,EAAEe,UAAAA,CAAW,CAAC,EAAEI,MAAAA,CAAAA,CAAQ,EAAE;wBAC/DE,OAAAA,EAAS,IAAA;wBACTgB,MAAAA,EAAQ;AAChB,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,OAAO;AACL,oBAAA,GAAGzC,IAAI;oBACPgB,WAAAA,EAAamB;AACnB,iBAAA;AACA,YAAA,CAAA;YAEE,MAAMO,IAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAM1C,MAAAA,CAAOQ,EAAE,CAC1BC,KAAK,CAAC,gCAAA,CAAA,CACNkC,QAAQ,CAAC;oBAAEC,IAAAA,EAAM;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;gBAE5B,KAAK,MAAM7C,QAAQ2C,KAAAA,CAAO;oBACxB3C,IAAAA,CAAK8C,QAAQ,GAAG,MAAM7C,MAAAA,CAAOQ,EAAE,CAC5BC,KAAK,CAAC,gCAAA,CAAA,CACNqC,KAAK,CAAC;wBAAEd,KAAAA,EAAO;4BAAEjC,IAAAA,EAAM;AAAE4B,gCAAAA,EAAAA,EAAI5B,KAAK4B;;AAAI;AAAE,qBAAA,CAAA;AACjD,gBAAA;gBAEI,OAAOe,KAAAA;AACX,YAAA,CAAA;YAEE,MAAMK,UAAAA,CAAAA,CAAWhB,MAAM,EAAEpB,IAAI,EAAA;gBAC3B,MAAMZ,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;AAEI,gBAAA,MAAMM,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;oBAC7DhB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBACnBpB,IAAAA,EAAMnB,CAAAA,CAAEyD,IAAI,CAACtC,IAAAA,EAAM;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAc,qBAAA;AAChD,iBAAA,CAAA;gBAEI,MAAM,EAAEI,WAAW,EAAE,GAAGJ,IAAAA;AAExB,gBAAA,MAAMuC,aAAa1D,CAAAA,CAAEsB,OAAO,CAACC,WAAAA,EAAa,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC/C,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACXH,GAAAA,CAAIK,IAAI,CAAC,CAAA,EAAGV,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY,CAAA;AACpE,4BAAA;4BAEY,OAAOF,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAE,CAAA;AAEZ,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAM8B,UAAAA,GAAapD,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAAC,EAAE9B,MAAM,EAAE,GAAKA,MAAAA,CAAAA;AAExD,gBAAA,MAAM+B,WAAWtD,IAAAA,CAAKgB,WAAW,CAACK,MAAM,CAAC,CAACC,GAAAA,EAAKgB,UAAAA,GAAAA;AAC7C,oBAAA,IAAI,CAACa,UAAAA,CAAWI,QAAQ,CAACjB,UAAAA,CAAWf,MAAM,CAAA,EAAG;AAC3CD,wBAAAA,GAAAA,CAAIK,IAAI,CAACW,UAAAA,CAAAA;AACjB,oBAAA;oBACM,OAAOhB,GAAAA;AACb,gBAAA,CAAA,EAAO,EAAE,CAAA;AAEL,gBAAA,MAAMkC,QAAAA,GAAWL,UAAAA,CACdM,MAAM,CAAC,CAAClC,MAAAA,GAAW,CAAC6B,UAAAA,CAAWG,QAAQ,CAAChC,MAAAA,CAAAA,CAAAA,CACxC8B,GAAG,CAAC,CAAC9B,UAAY;AAAEA,wBAAAA,MAAAA;AAAQvB,wBAAAA,IAAAA,EAAMA,KAAK4B;qBAAE,CAAA,CAAA;AAE3C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACfwB,QAAAA,CAASD,GAAG,CAAC,CAACf,UAAAA,GACZrC,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNgD,MAAM,CAAC;wBAAEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;;AAI1C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACf0B,QAAAA,CAASH,GAAG,CAAC,CAACM,cAAAA,GACZ1D,MAAAA,CAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCC,MAAM,CAAC;wBAAEC,IAAAA,EAAM+C;;AAG/E,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,CAAW5B,MAAM,EAAE6B,YAAY,EAAA;gBACnC,MAAM7D,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAEtE,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;;gBAGI,MAAMkC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAK8D,KAAK,CAACT,GAAG,CAAC,CAACU,IAAAA,GAAAA;AACd,oBAAA,OAAO9D,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;wBAC9DhB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAImC,KAAKnC;AAAE,yBAAA;wBACpBhB,IAAAA,EAAM;4BAAEZ,IAAAA,EAAM6D;AAAY;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;;gBAKI,MAAMhC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAACf,UAAAA,GAAAA;AACpB,oBAAA,OAAOrC,OAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCgD,MAAM,CAAC;wBACpEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;AAII,gBAAA,MAAM3B,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCgD,MAAM,CAAC;oBAAEzB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM;AAAE,iBAAA,CAAA;AAC1F,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"role.mjs","sources":["../../../server/services/role.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { NotFoundError } = require('@strapi/utils').errors;\nconst { getService } = require('../utils');\n\nmodule.exports = ({ strapi }) => ({\n async createRole(params) {\n if (!params.type) {\n params.type = _.snakeCase(_.deburr(_.toLower(params.name)));\n }\n\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .create({ data: _.omit(params, ['users', 'permissions']) });\n\n const createPromises = _.flatMap(params.permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n const actionID = `${typeName}.${controllerName}.${actionName}`;\n\n acc.push(\n strapi.db\n .query('plugin::users-permissions.permission')\n .create({ data: { action: actionID, role: role.id } })\n );\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n await Promise.all(createPromises);\n },\n\n async findOne(roleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n const allActions = getService('users-permissions').getActions();\n\n // Group by `type`.\n role.permissions.forEach((permission) => {\n const [type, controller, action] = permission.action.split('.');\n\n _.set(allActions, `${type}.controllers.${controller}.${action}`, {\n enabled: true,\n policy: '',\n });\n });\n\n return {\n ...role,\n permissions: allActions,\n };\n },\n\n async find() {\n const roles = await strapi.db\n .query('plugin::users-permissions.role')\n .findMany({ sort: ['name'] });\n\n for (const role of roles) {\n role.nb_users = await strapi.db\n .query('plugin::users-permissions.user')\n .count({ where: { role: { id: role.id } } });\n }\n\n return roles;\n },\n\n async updateRole(roleID, data) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n await strapi.db.query('plugin::users-permissions.role').update({\n where: { id: roleID },\n data: _.pick(data, ['name', 'description']),\n });\n\n const { permissions } = data;\n\n const newActions = _.flatMap(permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n acc.push(`${typeName}.${controllerName}.${actionName}`);\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n const oldActions = role.permissions.map(({ action }) => action);\n\n const toDelete = role.permissions.reduce((acc, permission) => {\n if (!newActions.includes(permission.action)) {\n acc.push(permission);\n }\n return acc;\n }, []);\n\n const toCreate = newActions\n .filter((action) => !oldActions.includes(action))\n .map((action) => ({ action, role: role.id }));\n\n await Promise.all(\n toDelete.map((permission) =>\n strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { id: permission.id } })\n )\n );\n\n await Promise.all(\n toCreate.map((permissionInfo) =>\n strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })\n )\n );\n },\n\n async deleteRole(roleID, publicRoleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n // Move users to guest role.\n await Promise.all(\n role.users.map((user) => {\n return strapi.db.query('plugin::users-permissions.user').update({\n where: { id: user.id },\n data: { role: publicRoleID },\n });\n })\n );\n\n // Remove permissions related to this role.\n // TODO: use delete many\n await Promise.all(\n role.permissions.map((permission) => {\n return strapi.db.query('plugin::users-permissions.permission').delete({\n where: { id: permission.id },\n });\n })\n );\n\n // Delete the role.\n await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });\n },\n});\n"],"names":["_","require$$0","NotFoundError","require$$1","errors","getService","require$$2","role","strapi","createRole","params","type","snakeCase","deburr","toLower","name","db","query","create","data","omit","createPromises","flatMap","permissions","typeName","controllers","controller","controllerName","reduce","acc","action","actionName","enabled","actionID","push","id","Promise","all","findOne","roleID","where","populate","allActions","getActions","forEach","permission","split","set","policy","find","roles","findMany","sort","nb_users","count","updateRole","update","pick","newActions","oldActions","map","toDelete","includes","toCreate","filter","delete","permissionInfo","deleteRole","publicRoleID","users","user"],"mappings":";;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGC,WAAyBC,MAAM;IACzD,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChC,YAAA,MAAMC,YAAWC,MAAM,EAAA;gBACrB,IAAI,CAACA,MAAAA,CAAOC,IAAI,EAAE;AAChBD,oBAAAA,MAAAA,CAAOC,IAAI,GAAGX,CAAAA,CAAEY,SAAS,CAACZ,CAAAA,CAAEa,MAAM,CAACb,CAAAA,CAAEc,OAAO,CAACJ,MAAAA,CAAOK,IAAI,CAAA,CAAA,CAAA;AAC9D,gBAAA;gBAEI,MAAMR,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAA,CACvBC,KAAK,CAAC,gCAAA,CAAA,CACNC,MAAM,CAAC;oBAAEC,IAAAA,EAAMnB,CAAAA,CAAEoB,IAAI,CAACV,MAAAA,EAAQ;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc,qBAAA;;gBAEzD,MAAMW,cAAAA,GAAiBrB,EAAEsB,OAAO,CAACZ,OAAOa,WAAW,EAAE,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC1D,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACX,MAAMC,QAAAA,GAAW,GAAGT,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY;gCAE9DF,GAAAA,CAAIK,IAAI,CACN1B,MAAAA,CAAOQ,EAAA,CACJC,KAAK,CAAC,sCAAA,CAAA,CACNC,MAAM,CAAC;oCAAEC,IAAAA,EAAM;wCAAEW,MAAAA,EAAQG,QAAAA;AAAU1B,wCAAAA,IAAAA,EAAMA,KAAK4B;;AAAI,iCAAA,CAAA,CAAA;AAErE,4BAAA;4BAEY,OAAON,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAA,CAAA;AAEV,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMO,OAAAA,CAAQC,GAAG,CAAChB,cAAAA,CAAAA;AACtB,YAAA,CAAA;AAEE,YAAA,MAAMiB,SAAQC,MAAM,EAAA;gBAClB,MAAMhC,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAA,CACvBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;gBAEI,MAAMwC,UAAAA,GAAarC,UAAAA,CAAW,mBAAA,CAAA,CAAqBsC,UAAU,EAAA;;AAG7DpC,gBAAAA,IAAAA,CAAKgB,WAAW,CAACqB,OAAO,CAAC,CAACC,UAAAA,GAAAA;oBACxB,MAAM,CAAClC,MAAMe,UAAAA,EAAYI,MAAAA,CAAO,GAAGe,UAAAA,CAAWf,MAAM,CAACgB,KAAK,CAAC,GAAA,CAAA;oBAE3D9C,CAAAA,CAAE+C,GAAG,CAACL,UAAAA,EAAY,CAAA,EAAG/B,IAAAA,CAAK,aAAa,EAAEe,UAAAA,CAAW,CAAC,EAAEI,MAAAA,CAAAA,CAAQ,EAAE;wBAC/DE,OAAAA,EAAS,IAAA;wBACTgB,MAAAA,EAAQ;AAChB,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,OAAO;AACL,oBAAA,GAAGzC,IAAI;oBACPgB,WAAAA,EAAamB;AACnB,iBAAA;AACA,YAAA,CAAA;YAEE,MAAMO,IAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAM1C,MAAAA,CAAOQ,EAAA,CACxBC,KAAK,CAAC,gCAAA,CAAA,CACNkC,QAAQ,CAAC;oBAAEC,IAAAA,EAAM;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;gBAE5B,KAAK,MAAM7C,QAAQ2C,KAAAA,CAAO;oBACxB3C,IAAAA,CAAK8C,QAAQ,GAAG,MAAM7C,MAAAA,CAAOQ,EAAA,CAC1BC,KAAK,CAAC,gCAAA,CAAA,CACNqC,KAAK,CAAC;wBAAEd,KAAAA,EAAO;4BAAEjC,IAAAA,EAAM;AAAE4B,gCAAAA,EAAAA,EAAI5B,KAAK4B;AAAE;AAAE;;AAC/C,gBAAA;gBAEI,OAAOe,KAAAA;AACX,YAAA,CAAA;YAEE,MAAMK,UAAAA,CAAAA,CAAWhB,MAAM,EAAEpB,IAAI,EAAA;gBAC3B,MAAMZ,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAA,CACvBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;AAEI,gBAAA,MAAMM,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;oBAC7DhB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBACnBpB,IAAAA,EAAMnB,CAAAA,CAAEyD,IAAI,CAACtC,IAAAA,EAAM;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAc,qBAAA;AAChD,iBAAA,CAAA;gBAEI,MAAM,EAAEI,WAAW,EAAE,GAAGJ,IAAAA;AAExB,gBAAA,MAAMuC,aAAa1D,CAAAA,CAAEsB,OAAO,CAACC,WAAAA,EAAa,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC/C,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACXH,GAAAA,CAAIK,IAAI,CAAC,CAAA,EAAGV,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY,CAAA;AACpE,4BAAA;4BAEY,OAAOF,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAA,CAAA;AAEV,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAM8B,UAAAA,GAAapD,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAAC,EAAE9B,MAAM,EAAE,GAAKA,MAAAA,CAAAA;AAExD,gBAAA,MAAM+B,WAAWtD,IAAAA,CAAKgB,WAAW,CAACK,MAAM,CAAC,CAACC,GAAAA,EAAKgB,UAAAA,GAAAA;AAC7C,oBAAA,IAAI,CAACa,UAAAA,CAAWI,QAAQ,CAACjB,UAAAA,CAAWf,MAAM,CAAA,EAAG;AAC3CD,wBAAAA,GAAAA,CAAIK,IAAI,CAACW,UAAAA,CAAAA;AACjB,oBAAA;oBACM,OAAOhB,GAAAA;AACb,gBAAA,CAAA,EAAO,EAAE,CAAA;AAEL,gBAAA,MAAMkC,QAAAA,GAAWL,UAAAA,CACdM,MAAM,CAAC,CAAClC,MAAAA,GAAW,CAAC6B,UAAAA,CAAWG,QAAQ,CAAChC,MAAAA,CAAAA,CAAAA,CACxC8B,GAAG,CAAC,CAAC9B,UAAY;AAAEA,wBAAAA,MAAAA;AAAQvB,wBAAAA,IAAAA,EAAMA,KAAK4B;qBAAE,CAAA,CAAA;AAE3C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACfwB,QAAAA,CAASD,GAAG,CAAC,CAACf,UAAAA,GACZrC,MAAAA,CAAOQ,EAAA,CACJC,KAAK,CAAC,sCAAA,CAAA,CACNgD,MAAM,CAAC;wBAAEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;AAAE,qBAAA,CAAA,CAAA,CAAA;AAI5C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACf0B,QAAAA,CAASH,GAAG,CAAC,CAACM,cAAAA,GACZ1D,MAAAA,CAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCC,MAAM,CAAC;wBAAEC,IAAAA,EAAM+C;AAAc,qBAAA,CAAA,CAAA,CAAA;AAG7F,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,CAAW5B,MAAM,EAAE6B,YAAY,EAAA;gBACnC,MAAM7D,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAA,CACvBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;;oBAAUE,QAAAA,EAAU;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc;;AAEtE,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;;gBAGI,MAAMkC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAK8D,KAAK,CAACT,GAAG,CAAC,CAACU,IAAAA,GAAAA;AACd,oBAAA,OAAO9D,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;wBAC9DhB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAImC,KAAKnC;AAAE,yBAAA;wBACpBhB,IAAAA,EAAM;4BAAEZ,IAAAA,EAAM6D;AAAY;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;;gBAKI,MAAMhC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAACf,UAAAA,GAAAA;AACpB,oBAAA,OAAOrC,OAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCgD,MAAM,CAAC;wBACpEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;AAII,gBAAA,MAAM3B,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCgD,MAAM,CAAC;oBAAEzB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM;AAAE,iBAAA,CAAA;AAC1F,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/services/user.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.js","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\nmodule.exports = ({ strapi }) => ({\n /**\n * Promise to count users\n *\n * @return {Promise}\n */\n\n count(params) {\n return strapi.db.query(USER_MODEL_UID).count({ where: params });\n },\n\n /**\n * Hashes password fields in the provided values object if they are present.\n * It checks each key in the values object against the model's attributes and\n * hashes it if the attribute type is 'password',\n *\n * @param {object} values - The object containing the fields to be hashed.\n * @return {object} The values object with hashed password fields if they were present.\n */\n async ensureHashedPasswords(values) {\n const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n for (const key in values) {\n if (attributes[key] && attributes[key].type === 'password') {\n // Check if a custom encryption.rounds has been set on the password attribute\n const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n values[key] = await bcrypt.hash(values[key], rounds);\n }\n }\n\n return values;\n },\n\n /**\n * Promise to add a/an user.\n * @return {Promise}\n */\n async add(values) {\n return strapi.db.query(USER_MODEL_UID).create({\n data: await this.ensureHashedPasswords(values),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to edit a/an user.\n * @param {string} userId\n * @param {object} params\n * @return {Promise}\n */\n async edit(userId, params = {}) {\n return strapi.db.query(USER_MODEL_UID).update({\n where: { id: userId },\n data: await this.ensureHashedPasswords(params),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to fetch a/an user.\n * @return {Promise}\n */\n fetch(id, params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findOne({\n ...query,\n where: {\n $and: [{ id }, query.where || {}],\n },\n });\n },\n\n /**\n * Promise to fetch authenticated user.\n * @return {Promise}\n */\n fetchAuthenticatedUser(id) {\n return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n },\n\n /**\n * Promise to fetch all users.\n * @return {Promise}\n */\n fetchAll(params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findMany(query);\n },\n\n /**\n * Promise to remove a/an user.\n * @return {Promise}\n */\n async remove(params) {\n // Invalidate sessions for all affected users\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {\n await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));\n }\n\n return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n },\n\n validatePassword(password, hash) {\n return bcrypt.compare(password, hash);\n },\n\n async sendConfirmationEmail(user) {\n const userPermissionService = getService('users-permissions');\n const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n const userSchema = strapi.getModel(USER_MODEL_UID);\n\n const settings = await pluginStore\n .get({ key: 'email' })\n .then((storeEmail) => storeEmail.email_confirmation.options);\n\n // Sanitize the template's user information\n const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n {\n schema: userSchema,\n getModel: strapi.getModel.bind(strapi),\n },\n user\n );\n\n const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n await this.edit(user.id, { confirmationToken });\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n\n try {\n settings.message = await userPermissionService.template(settings.message, {\n URL: urlJoin(\n strapi.config.get('server.absoluteUrl'),\n apiPrefix,\n '/auth/email-confirmation'\n ),\n SERVER_URL: strapi.config.get('server.absoluteUrl'),\n ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n USER: sanitizedUserInfo,\n CODE: confirmationToken,\n });\n\n settings.object = await userPermissionService.template(settings.object, {\n USER: sanitizedUserInfo,\n });\n } catch {\n strapi.log.error(\n '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n );\n return;\n }\n\n // Send an email to the user.\n await strapi\n .plugin('email')\n .service('email')\n .send({\n to: user.email,\n from:\n settings.from.email && settings.from.name\n ? `${settings.from.name} <${settings.from.email}>`\n : undefined,\n replyTo: settings.response_email,\n subject: settings.object,\n text: settings.message,\n html: settings.message,\n });\n },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","getSessionManager","manager","strapi","sessionManager","user","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","create","data","populate","edit","userId","update","id","fetch","get","transform","findOne","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","hasOrigin","invalidateRefreshToken","String","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,UAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,UAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAAA,GAAiB,gCAAA;AAEvB,IAAA,MAAMC,iBAAAA,GAAoB,IAAA;QACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,QAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,IAAA,CAAA;AAEAG,IAAAA,IAAAA,GAAiB,CAAC,EAAEF,MAAAA,EAAAA,OAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEG,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBM,KAAK,CAAC;oBAAEI,KAAAA,EAAOH;AAAM,iBAAA,CAAA;AAChE,YAAA,CAAA;AAEA;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAAA,GAAaV,OAAAA,CAAOW,QAAQ,CAACd,gBAAgBa,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAAA,CAAQ;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAAA,CAAI,CAACC,IAAI,KAAK,UAAA,EAAY;;AAE1D,wBAAA,MAAMC,SAAStB,QAAAA,CAASC,KAAAA,CAAM,IAAI,mBAAA,EAAqBiB,UAAU,CAACE,GAAAA,CAAI,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAAA,CAAI,GAAG,MAAM1B,MAAAA,CAAO6B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AACrD,oBAAA;AACA,gBAAA;gBAEI,OAAOL,MAAAA;AACX,YAAA,CAAA;AAEA;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;AACd,gBAAA,OAAOT,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBoB,MAAM,CAAC;AAC5CC,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACC,MAAAA,CAAAA;oBACvCU,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;;;AAKA,OACE,MAAMC,IAAAA,CAAAA,CAAKC,MAAM,EAAEjB,MAAAA,GAAS,EAAE,EAAA;AAC5B,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgByB,MAAM,CAAC;oBAC5Cf,KAAAA,EAAO;wBAAEgB,EAAAA,EAAIF;AAAM,qBAAA;AACnBH,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACJ,MAAAA,CAAAA;oBACvCe,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;OAIEK,KAAAA,CAAAA,CAAMD,EAAE,EAAEnB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;AAC7C,oBAAA,GAAGrB,KAAK;oBACRC,KAAAA,EAAO;wBACLqB,IAAAA,EAAM;AAAC,4BAAA;AAAEL,gCAAAA;AAAE,6BAAA;4BAAIjB,KAAAA,CAAMC,KAAK,IAAI;AAAG;AACzC;AACA,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;AAGA,OACEsB,wBAAuBN,EAAE,EAAA;AACvB,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;oBAAEpB,KAAAA,EAAO;AAAEgB,wBAAAA;AAAE,qBAAA;oBAAIJ,QAAAA,EAAU;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;AACtF,YAAA,CAAA;AAEA;;;AAGA,OACEW,UAAS1B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBkC,QAAQ,CAACzB,KAAAA,CAAAA;AACpD,YAAA,CAAA;AAEA;;;OAIE,MAAM0B,QAAO5B,MAAM,EAAA;;AAEjB,gBAAA,MAAMH,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,gBAAA,IAAIG,kBAAkBA,cAAAA,CAAegC,SAAS,CAAC,mBAAA,CAAA,IAAwB7B,MAAAA,CAAOmB,EAAE,EAAE;AAChF,oBAAA,MAAMtB,eAAe,mBAAA,CAAA,CAAqBiC,sBAAsB,CAACC,MAAAA,CAAO/B,OAAOmB,EAAE,CAAA,CAAA;AACvF,gBAAA;AAEI,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBuC,MAAM,CAAC;oBAAE7B,KAAAA,EAAOH;AAAM,iBAAA,CAAA;AACjE,YAAA,CAAA;YAEEiC,gBAAAA,CAAAA,CAAiBC,QAAQ,EAAEvB,IAAI,EAAA;gBAC7B,OAAO7B,MAAAA,CAAOqD,OAAO,CAACD,QAAAA,EAAUvB,IAAAA,CAAAA;AACpC,YAAA,CAAA;AAEE,YAAA,MAAMyB,uBAAsBtC,IAAI,EAAA;AAC9B,gBAAA,MAAMuC,wBAAwB9C,UAAAA,CAAW,mBAAA,CAAA;AACzC,gBAAA,MAAM+C,WAAAA,GAAc,MAAM1C,OAAAA,CAAO2C,KAAK,CAAC;oBAAE9B,IAAAA,EAAM,QAAA;oBAAU+B,IAAAA,EAAM;AAAmB,iBAAA,CAAA;gBAClF,MAAMC,UAAAA,GAAa7C,OAAAA,CAAOW,QAAQ,CAACd,cAAAA,CAAAA;AAEnC,gBAAA,MAAMiD,QAAAA,GAAW,MAAMJ,WAAAA,CACpBjB,GAAG,CAAC;oBAAEb,GAAAA,EAAK;mBACXmC,IAAI,CAAC,CAACC,aAAeA,UAAAA,CAAWC,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAM7D,QAAAA,CAAS8D,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAAA,EAAQT,UAAAA;AACRlC,oBAAAA,QAAAA,EAAUX,OAAAA,CAAOW,QAAQ,CAAC4C,IAAI,CAACvD,OAAAA;iBACvC,EACME,IAAAA,CAAAA;AAGF,gBAAA,MAAMsD,oBAAoBxE,MAAAA,CAAOyE,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACtC,IAAI,CAAClB,IAAAA,CAAKqB,EAAE,EAAE;AAAEiC,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAAA,GAAY3D,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFqB,QAAAA,CAASe,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAK3E,QACHY,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,uBAClBkC,SAAAA,EACA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAYhE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,oBAAA,CAAA;AAC9BwC,wBAAAA,SAAAA,EAAWjE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,mBAAA,CAAA;wBAC7ByC,IAAAA,EAAMf,iBAAAA;wBACNgB,IAAAA,EAAMX;AACd,qBAAA,CAAA;oBAEMV,QAAAA,CAASsB,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAAA,EAAMf;AACd,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAM,OAAM;oBACNnD,OAAAA,CAAOqE,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACN,gBAAA;;gBAGI,MAAMtE,OAAAA,CACHuE,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAIxE,KAAKyE,KAAK;oBACdC,IAAAA,EACE9B,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,SAAS8B,IAAI,CAAChC,IAAI,GACrC,CAAA,EAAGE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAC,GAChDE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"user.js","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\nmodule.exports = ({ strapi }) => ({\n /**\n * Promise to count users\n *\n * @return {Promise}\n */\n\n count(params) {\n return strapi.db.query(USER_MODEL_UID).count({ where: params });\n },\n\n /**\n * Hashes password fields in the provided values object if they are present.\n * It checks each key in the values object against the model's attributes and\n * hashes it if the attribute type is 'password',\n *\n * @param {object} values - The object containing the fields to be hashed.\n * @return {object} The values object with hashed password fields if they were present.\n */\n async ensureHashedPasswords(values) {\n const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n for (const key in values) {\n if (attributes[key] && attributes[key].type === 'password') {\n // Check if a custom encryption.rounds has been set on the password attribute\n const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n values[key] = await bcrypt.hash(values[key], rounds);\n }\n }\n\n return values;\n },\n\n /**\n * Promise to add a/an user.\n * @return {Promise}\n */\n async add(values) {\n return strapi.db.query(USER_MODEL_UID).create({\n data: await this.ensureHashedPasswords(values),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to edit a/an user.\n * @param {string} userId\n * @param {object} params\n * @return {Promise}\n */\n async edit(userId, params = {}) {\n return strapi.db.query(USER_MODEL_UID).update({\n where: { id: userId },\n data: await this.ensureHashedPasswords(params),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to fetch a/an user.\n * @return {Promise}\n */\n fetch(id, params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findOne({\n ...query,\n where: {\n $and: [{ id }, query.where || {}],\n },\n });\n },\n\n /**\n * Promise to fetch authenticated user.\n * @return {Promise}\n */\n fetchAuthenticatedUser(id) {\n return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n },\n\n /**\n * Promise to fetch all users.\n * @return {Promise}\n */\n fetchAll(params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findMany(query);\n },\n\n /**\n * Promise to remove a/an user.\n * @return {Promise}\n */\n async remove(params) {\n // Invalidate sessions for all affected users\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {\n await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));\n }\n\n return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n },\n\n validatePassword(password, hash) {\n return bcrypt.compare(password, hash);\n },\n\n async sendConfirmationEmail(user) {\n const userPermissionService = getService('users-permissions');\n const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n const userSchema = strapi.getModel(USER_MODEL_UID);\n\n const settings = await pluginStore\n .get({ key: 'email' })\n .then((storeEmail) => storeEmail.email_confirmation.options);\n\n // Sanitize the template's user information\n const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n {\n schema: userSchema,\n getModel: strapi.getModel.bind(strapi),\n },\n user\n );\n\n const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n await this.edit(user.id, { confirmationToken });\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n\n try {\n settings.message = await userPermissionService.template(settings.message, {\n URL: urlJoin(\n strapi.config.get('server.absoluteUrl'),\n apiPrefix,\n '/auth/email-confirmation'\n ),\n SERVER_URL: strapi.config.get('server.absoluteUrl'),\n ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n USER: sanitizedUserInfo,\n CODE: confirmationToken,\n });\n\n settings.object = await userPermissionService.template(settings.object, {\n USER: sanitizedUserInfo,\n });\n } catch {\n strapi.log.error(\n '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n );\n return;\n }\n\n // Send an email to the user.\n await strapi\n .plugin('email')\n .service('email')\n .send({\n to: user.email,\n from:\n settings.from.email && settings.from.name\n ? `${settings.from.name} <${settings.from.email}>`\n : undefined,\n replyTo: settings.response_email,\n subject: settings.object,\n text: settings.message,\n html: settings.message,\n });\n },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","getSessionManager","manager","strapi","sessionManager","user","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","create","data","populate","edit","userId","update","id","fetch","get","transform","findOne","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","hasOrigin","invalidateRefreshToken","String","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,UAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,UAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAAA,GAAiB,gCAAA;AAEvB,IAAA,MAAMC,iBAAAA,GAAoB,IAAA;QACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,QAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,IAAA,CAAA;AAEAG,IAAAA,IAAAA,GAAiB,CAAC,EAAEF,MAAAA,EAAAA,OAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEG,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBM,KAAK,CAAC;oBAAEI,KAAAA,EAAOH;;AAC1D,YAAA,CAAA;AAEA;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAAA,GAAaV,OAAAA,CAAOW,QAAQ,CAACd,gBAAgBa,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAAA,CAAQ;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAAA,CAAI,CAACC,IAAI,KAAK,UAAA,EAAY;;AAE1D,wBAAA,MAAMC,SAAStB,QAAAA,CAASC,KAAAA,CAAM,IAAI,mBAAA,EAAqBiB,UAAU,CAACE,GAAAA,CAAI,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAAA,CAAI,GAAG,MAAM1B,MAAAA,CAAO6B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AACrD,oBAAA;AACA,gBAAA;gBAEI,OAAOL,MAAAA;AACX,YAAA,CAAA;AAEA;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;AACd,gBAAA,OAAOT,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBoB,MAAM,CAAC;AAC5CC,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACC,MAAAA,CAAAA;oBACvCU,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;;;AAKA,OACE,MAAMC,IAAAA,CAAAA,CAAKC,MAAM,EAAEjB,MAAAA,GAAS,EAAE,EAAA;AAC5B,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgByB,MAAM,CAAC;oBAC5Cf,KAAAA,EAAO;wBAAEgB,EAAAA,EAAIF;AAAM,qBAAA;AACnBH,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACJ,MAAAA,CAAAA;oBACvCe,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;OAIEK,KAAAA,CAAAA,CAAMD,EAAE,EAAEnB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;AAC7C,oBAAA,GAAGrB,KAAK;oBACRC,KAAAA,EAAO;wBACLqB,IAAAA,EAAM;AAAC,4BAAA;AAAEL,gCAAAA;AAAE,6BAAA;4BAAIjB,KAAAA,CAAMC,KAAK,IAAI;AAAG;AACzC;AACA,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;AAGA,OACEsB,wBAAuBN,EAAE,EAAA;AACvB,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;oBAAEpB,KAAAA,EAAO;AAAEgB,wBAAAA;AAAE,qBAAA;oBAAIJ,QAAAA,EAAU;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;AACtF,YAAA,CAAA;AAEA;;;AAGA,OACEW,UAAS1B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBkC,QAAQ,CAACzB,KAAAA,CAAAA;AACpD,YAAA,CAAA;AAEA;;;OAIE,MAAM0B,QAAO5B,MAAM,EAAA;;AAEjB,gBAAA,MAAMH,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,gBAAA,IAAIG,kBAAkBA,cAAAA,CAAegC,SAAS,CAAC,mBAAA,CAAA,IAAwB7B,MAAAA,CAAOmB,EAAE,EAAE;AAChF,oBAAA,MAAMtB,eAAe,mBAAA,CAAA,CAAqBiC,sBAAsB,CAACC,MAAAA,CAAO/B,OAAOmB,EAAE,CAAA,CAAA;AACvF,gBAAA;AAEI,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBuC,MAAM,CAAC;oBAAE7B,KAAAA,EAAOH;;AAC3D,YAAA,CAAA;YAEEiC,gBAAAA,CAAAA,CAAiBC,QAAQ,EAAEvB,IAAI,EAAA;gBAC7B,OAAO7B,MAAAA,CAAOqD,OAAO,CAACD,QAAAA,EAAUvB,IAAAA,CAAAA;AACpC,YAAA,CAAA;AAEE,YAAA,MAAMyB,uBAAsBtC,IAAI,EAAA;AAC9B,gBAAA,MAAMuC,wBAAwB9C,UAAAA,CAAW,mBAAA,CAAA;AACzC,gBAAA,MAAM+C,WAAAA,GAAc,MAAM1C,OAAAA,CAAO2C,KAAK,CAAC;oBAAE9B,IAAAA,EAAM,QAAA;oBAAU+B,IAAAA,EAAM;;gBAC/D,MAAMC,UAAAA,GAAa7C,OAAAA,CAAOW,QAAQ,CAACd,cAAAA,CAAAA;AAEnC,gBAAA,MAAMiD,QAAAA,GAAW,MAAMJ,WAAAA,CACpBjB,GAAG,CAAC;oBAAEb,GAAAA,EAAK;AAAO,iBAAA,CAAA,CAClBmC,IAAI,CAAC,CAACC,aAAeA,UAAAA,CAAWC,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAM7D,QAAAA,CAAS8D,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAAA,EAAQT,UAAAA;AACRlC,oBAAAA,QAAAA,EAAUX,OAAAA,CAAOW,QAAQ,CAAC4C,IAAI,CAACvD,OAAAA;iBACvC,EACME,IAAAA,CAAAA;AAGF,gBAAA,MAAMsD,oBAAoBxE,MAAAA,CAAOyE,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACtC,IAAI,CAAClB,IAAAA,CAAKqB,EAAE,EAAE;AAAEiC,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAAA,GAAY3D,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFqB,QAAAA,CAASe,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAK3E,QACHY,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,uBAClBkC,SAAAA,EACA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAYhE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,oBAAA,CAAA;AAC9BwC,wBAAAA,SAAAA,EAAWjE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,mBAAA,CAAA;wBAC7ByC,IAAAA,EAAMf,iBAAAA;wBACNgB,IAAAA,EAAMX;AACd,qBAAA,CAAA;oBAEMV,QAAAA,CAASsB,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAAA,EAAMf;AACd,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAM,OAAM;oBACNnD,OAAAA,CAAOqE,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACN,gBAAA;;gBAGI,MAAMtE,OAAAA,CACHuE,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAIxE,KAAKyE,KAAK;oBACdC,IAAAA,EACE9B,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,SAAS8B,IAAI,CAAChC,IAAA,GACjC,CAAA,EAAGE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAA,GAC/CE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/services/user.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.mjs","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\nmodule.exports = ({ strapi }) => ({\n /**\n * Promise to count users\n *\n * @return {Promise}\n */\n\n count(params) {\n return strapi.db.query(USER_MODEL_UID).count({ where: params });\n },\n\n /**\n * Hashes password fields in the provided values object if they are present.\n * It checks each key in the values object against the model's attributes and\n * hashes it if the attribute type is 'password',\n *\n * @param {object} values - The object containing the fields to be hashed.\n * @return {object} The values object with hashed password fields if they were present.\n */\n async ensureHashedPasswords(values) {\n const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n for (const key in values) {\n if (attributes[key] && attributes[key].type === 'password') {\n // Check if a custom encryption.rounds has been set on the password attribute\n const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n values[key] = await bcrypt.hash(values[key], rounds);\n }\n }\n\n return values;\n },\n\n /**\n * Promise to add a/an user.\n * @return {Promise}\n */\n async add(values) {\n return strapi.db.query(USER_MODEL_UID).create({\n data: await this.ensureHashedPasswords(values),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to edit a/an user.\n * @param {string} userId\n * @param {object} params\n * @return {Promise}\n */\n async edit(userId, params = {}) {\n return strapi.db.query(USER_MODEL_UID).update({\n where: { id: userId },\n data: await this.ensureHashedPasswords(params),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to fetch a/an user.\n * @return {Promise}\n */\n fetch(id, params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findOne({\n ...query,\n where: {\n $and: [{ id }, query.where || {}],\n },\n });\n },\n\n /**\n * Promise to fetch authenticated user.\n * @return {Promise}\n */\n fetchAuthenticatedUser(id) {\n return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n },\n\n /**\n * Promise to fetch all users.\n * @return {Promise}\n */\n fetchAll(params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findMany(query);\n },\n\n /**\n * Promise to remove a/an user.\n * @return {Promise}\n */\n async remove(params) {\n // Invalidate sessions for all affected users\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {\n await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));\n }\n\n return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n },\n\n validatePassword(password, hash) {\n return bcrypt.compare(password, hash);\n },\n\n async sendConfirmationEmail(user) {\n const userPermissionService = getService('users-permissions');\n const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n const userSchema = strapi.getModel(USER_MODEL_UID);\n\n const settings = await pluginStore\n .get({ key: 'email' })\n .then((storeEmail) => storeEmail.email_confirmation.options);\n\n // Sanitize the template's user information\n const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n {\n schema: userSchema,\n getModel: strapi.getModel.bind(strapi),\n },\n user\n );\n\n const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n await this.edit(user.id, { confirmationToken });\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n\n try {\n settings.message = await userPermissionService.template(settings.message, {\n URL: urlJoin(\n strapi.config.get('server.absoluteUrl'),\n apiPrefix,\n '/auth/email-confirmation'\n ),\n SERVER_URL: strapi.config.get('server.absoluteUrl'),\n ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n USER: sanitizedUserInfo,\n CODE: confirmationToken,\n });\n\n settings.object = await userPermissionService.template(settings.object, {\n USER: sanitizedUserInfo,\n });\n } catch {\n strapi.log.error(\n '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n );\n return;\n }\n\n // Send an email to the user.\n await strapi\n .plugin('email')\n .service('email')\n .send({\n to: user.email,\n from:\n settings.from.email && settings.from.name\n ? `${settings.from.name} <${settings.from.email}>`\n : undefined,\n replyTo: settings.response_email,\n subject: settings.object,\n text: settings.message,\n html: settings.message,\n });\n },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","getSessionManager","manager","strapi","sessionManager","user","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","create","data","populate","edit","userId","update","id","fetch","get","transform","findOne","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","hasOrigin","invalidateRefreshToken","String","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,UAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,UAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAAA,GAAiB,gCAAA;AAEvB,IAAA,MAAMC,iBAAAA,GAAoB,IAAA;QACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,QAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,IAAA,CAAA;AAEAG,IAAAA,IAAAA,GAAiB,CAAC,EAAEF,MAAAA,EAAAA,OAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEG,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBM,KAAK,CAAC;oBAAEI,KAAAA,EAAOH;AAAM,iBAAA,CAAA;AAChE,YAAA,CAAA;AAEA;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAAA,GAAaV,OAAAA,CAAOW,QAAQ,CAACd,gBAAgBa,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAAA,CAAQ;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAAA,CAAI,CAACC,IAAI,KAAK,UAAA,EAAY;;AAE1D,wBAAA,MAAMC,SAAStB,QAAAA,CAASC,KAAAA,CAAM,IAAI,mBAAA,EAAqBiB,UAAU,CAACE,GAAAA,CAAI,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAAA,CAAI,GAAG,MAAM1B,MAAAA,CAAO6B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AACrD,oBAAA;AACA,gBAAA;gBAEI,OAAOL,MAAAA;AACX,YAAA,CAAA;AAEA;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;AACd,gBAAA,OAAOT,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBoB,MAAM,CAAC;AAC5CC,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACC,MAAAA,CAAAA;oBACvCU,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;;;AAKA,OACE,MAAMC,IAAAA,CAAAA,CAAKC,MAAM,EAAEjB,MAAAA,GAAS,EAAE,EAAA;AAC5B,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgByB,MAAM,CAAC;oBAC5Cf,KAAAA,EAAO;wBAAEgB,EAAAA,EAAIF;AAAM,qBAAA;AACnBH,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACJ,MAAAA,CAAAA;oBACvCe,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;OAIEK,KAAAA,CAAAA,CAAMD,EAAE,EAAEnB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;AAC7C,oBAAA,GAAGrB,KAAK;oBACRC,KAAAA,EAAO;wBACLqB,IAAAA,EAAM;AAAC,4BAAA;AAAEL,gCAAAA;AAAE,6BAAA;4BAAIjB,KAAAA,CAAMC,KAAK,IAAI;AAAG;AACzC;AACA,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;AAGA,OACEsB,wBAAuBN,EAAE,EAAA;AACvB,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;oBAAEpB,KAAAA,EAAO;AAAEgB,wBAAAA;AAAE,qBAAA;oBAAIJ,QAAAA,EAAU;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;AACtF,YAAA,CAAA;AAEA;;;AAGA,OACEW,UAAS1B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBkC,QAAQ,CAACzB,KAAAA,CAAAA;AACpD,YAAA,CAAA;AAEA;;;OAIE,MAAM0B,QAAO5B,MAAM,EAAA;;AAEjB,gBAAA,MAAMH,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,gBAAA,IAAIG,kBAAkBA,cAAAA,CAAegC,SAAS,CAAC,mBAAA,CAAA,IAAwB7B,MAAAA,CAAOmB,EAAE,EAAE;AAChF,oBAAA,MAAMtB,eAAe,mBAAA,CAAA,CAAqBiC,sBAAsB,CAACC,MAAAA,CAAO/B,OAAOmB,EAAE,CAAA,CAAA;AACvF,gBAAA;AAEI,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBuC,MAAM,CAAC;oBAAE7B,KAAAA,EAAOH;AAAM,iBAAA,CAAA;AACjE,YAAA,CAAA;YAEEiC,gBAAAA,CAAAA,CAAiBC,QAAQ,EAAEvB,IAAI,EAAA;gBAC7B,OAAO7B,MAAAA,CAAOqD,OAAO,CAACD,QAAAA,EAAUvB,IAAAA,CAAAA;AACpC,YAAA,CAAA;AAEE,YAAA,MAAMyB,uBAAsBtC,IAAI,EAAA;AAC9B,gBAAA,MAAMuC,wBAAwB9C,UAAAA,CAAW,mBAAA,CAAA;AACzC,gBAAA,MAAM+C,WAAAA,GAAc,MAAM1C,OAAAA,CAAO2C,KAAK,CAAC;oBAAE9B,IAAAA,EAAM,QAAA;oBAAU+B,IAAAA,EAAM;AAAmB,iBAAA,CAAA;gBAClF,MAAMC,UAAAA,GAAa7C,OAAAA,CAAOW,QAAQ,CAACd,cAAAA,CAAAA;AAEnC,gBAAA,MAAMiD,QAAAA,GAAW,MAAMJ,WAAAA,CACpBjB,GAAG,CAAC;oBAAEb,GAAAA,EAAK;mBACXmC,IAAI,CAAC,CAACC,aAAeA,UAAAA,CAAWC,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAM7D,QAAAA,CAAS8D,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAAA,EAAQT,UAAAA;AACRlC,oBAAAA,QAAAA,EAAUX,OAAAA,CAAOW,QAAQ,CAAC4C,IAAI,CAACvD,OAAAA;iBACvC,EACME,IAAAA,CAAAA;AAGF,gBAAA,MAAMsD,oBAAoBxE,MAAAA,CAAOyE,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACtC,IAAI,CAAClB,IAAAA,CAAKqB,EAAE,EAAE;AAAEiC,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAAA,GAAY3D,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFqB,QAAAA,CAASe,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAK3E,QACHY,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,uBAClBkC,SAAAA,EACA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAYhE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,oBAAA,CAAA;AAC9BwC,wBAAAA,SAAAA,EAAWjE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,mBAAA,CAAA;wBAC7ByC,IAAAA,EAAMf,iBAAAA;wBACNgB,IAAAA,EAAMX;AACd,qBAAA,CAAA;oBAEMV,QAAAA,CAASsB,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAAA,EAAMf;AACd,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAM,OAAM;oBACNnD,OAAAA,CAAOqE,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACN,gBAAA;;gBAGI,MAAMtE,OAAAA,CACHuE,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAIxE,KAAKyE,KAAK;oBACdC,IAAAA,EACE9B,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,SAAS8B,IAAI,CAAChC,IAAI,GACrC,CAAA,EAAGE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAC,GAChDE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"user.mjs","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\nmodule.exports = ({ strapi }) => ({\n /**\n * Promise to count users\n *\n * @return {Promise}\n */\n\n count(params) {\n return strapi.db.query(USER_MODEL_UID).count({ where: params });\n },\n\n /**\n * Hashes password fields in the provided values object if they are present.\n * It checks each key in the values object against the model's attributes and\n * hashes it if the attribute type is 'password',\n *\n * @param {object} values - The object containing the fields to be hashed.\n * @return {object} The values object with hashed password fields if they were present.\n */\n async ensureHashedPasswords(values) {\n const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n for (const key in values) {\n if (attributes[key] && attributes[key].type === 'password') {\n // Check if a custom encryption.rounds has been set on the password attribute\n const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n values[key] = await bcrypt.hash(values[key], rounds);\n }\n }\n\n return values;\n },\n\n /**\n * Promise to add a/an user.\n * @return {Promise}\n */\n async add(values) {\n return strapi.db.query(USER_MODEL_UID).create({\n data: await this.ensureHashedPasswords(values),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to edit a/an user.\n * @param {string} userId\n * @param {object} params\n * @return {Promise}\n */\n async edit(userId, params = {}) {\n return strapi.db.query(USER_MODEL_UID).update({\n where: { id: userId },\n data: await this.ensureHashedPasswords(params),\n populate: ['role'],\n });\n },\n\n /**\n * Promise to fetch a/an user.\n * @return {Promise}\n */\n fetch(id, params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findOne({\n ...query,\n where: {\n $and: [{ id }, query.where || {}],\n },\n });\n },\n\n /**\n * Promise to fetch authenticated user.\n * @return {Promise}\n */\n fetchAuthenticatedUser(id) {\n return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n },\n\n /**\n * Promise to fetch all users.\n * @return {Promise}\n */\n fetchAll(params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findMany(query);\n },\n\n /**\n * Promise to remove a/an user.\n * @return {Promise}\n */\n async remove(params) {\n // Invalidate sessions for all affected users\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {\n await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));\n }\n\n return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n },\n\n validatePassword(password, hash) {\n return bcrypt.compare(password, hash);\n },\n\n async sendConfirmationEmail(user) {\n const userPermissionService = getService('users-permissions');\n const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n const userSchema = strapi.getModel(USER_MODEL_UID);\n\n const settings = await pluginStore\n .get({ key: 'email' })\n .then((storeEmail) => storeEmail.email_confirmation.options);\n\n // Sanitize the template's user information\n const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n {\n schema: userSchema,\n getModel: strapi.getModel.bind(strapi),\n },\n user\n );\n\n const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n await this.edit(user.id, { confirmationToken });\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n\n try {\n settings.message = await userPermissionService.template(settings.message, {\n URL: urlJoin(\n strapi.config.get('server.absoluteUrl'),\n apiPrefix,\n '/auth/email-confirmation'\n ),\n SERVER_URL: strapi.config.get('server.absoluteUrl'),\n ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n USER: sanitizedUserInfo,\n CODE: confirmationToken,\n });\n\n settings.object = await userPermissionService.template(settings.object, {\n USER: sanitizedUserInfo,\n });\n } catch {\n strapi.log.error(\n '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n );\n return;\n }\n\n // Send an email to the user.\n await strapi\n .plugin('email')\n .service('email')\n .send({\n to: user.email,\n from:\n settings.from.email && settings.from.name\n ? `${settings.from.name} <${settings.from.email}>`\n : undefined,\n replyTo: settings.response_email,\n subject: settings.object,\n text: settings.message,\n html: settings.message,\n });\n },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","getSessionManager","manager","strapi","sessionManager","user","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","create","data","populate","edit","userId","update","id","fetch","get","transform","findOne","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","hasOrigin","invalidateRefreshToken","String","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,UAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,UAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAAA,GAAiB,gCAAA;AAEvB,IAAA,MAAMC,iBAAAA,GAAoB,IAAA;QACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,QAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,IAAA,CAAA;AAEAG,IAAAA,IAAAA,GAAiB,CAAC,EAAEF,MAAAA,EAAAA,OAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEG,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBM,KAAK,CAAC;oBAAEI,KAAAA,EAAOH;;AAC1D,YAAA,CAAA;AAEA;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAAA,GAAaV,OAAAA,CAAOW,QAAQ,CAACd,gBAAgBa,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAAA,CAAQ;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAAA,CAAI,CAACC,IAAI,KAAK,UAAA,EAAY;;AAE1D,wBAAA,MAAMC,SAAStB,QAAAA,CAASC,KAAAA,CAAM,IAAI,mBAAA,EAAqBiB,UAAU,CAACE,GAAAA,CAAI,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAAA,CAAI,GAAG,MAAM1B,MAAAA,CAAO6B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AACrD,oBAAA;AACA,gBAAA;gBAEI,OAAOL,MAAAA;AACX,YAAA,CAAA;AAEA;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;AACd,gBAAA,OAAOT,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBoB,MAAM,CAAC;AAC5CC,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACC,MAAAA,CAAAA;oBACvCU,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;;;AAKA,OACE,MAAMC,IAAAA,CAAAA,CAAKC,MAAM,EAAEjB,MAAAA,GAAS,EAAE,EAAA;AAC5B,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgByB,MAAM,CAAC;oBAC5Cf,KAAAA,EAAO;wBAAEgB,EAAAA,EAAIF;AAAM,qBAAA;AACnBH,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACJ,MAAAA,CAAAA;oBACvCe,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;OAIEK,KAAAA,CAAAA,CAAMD,EAAE,EAAEnB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;AAC7C,oBAAA,GAAGrB,KAAK;oBACRC,KAAAA,EAAO;wBACLqB,IAAAA,EAAM;AAAC,4BAAA;AAAEL,gCAAAA;AAAE,6BAAA;4BAAIjB,KAAAA,CAAMC,KAAK,IAAI;AAAG;AACzC;AACA,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;AAGA,OACEsB,wBAAuBN,EAAE,EAAA;AACvB,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;oBAAEpB,KAAAA,EAAO;AAAEgB,wBAAAA;AAAE,qBAAA;oBAAIJ,QAAAA,EAAU;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;AACtF,YAAA,CAAA;AAEA;;;AAGA,OACEW,UAAS1B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBkC,QAAQ,CAACzB,KAAAA,CAAAA;AACpD,YAAA,CAAA;AAEA;;;OAIE,MAAM0B,QAAO5B,MAAM,EAAA;;AAEjB,gBAAA,MAAMH,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,gBAAA,IAAIG,kBAAkBA,cAAAA,CAAegC,SAAS,CAAC,mBAAA,CAAA,IAAwB7B,MAAAA,CAAOmB,EAAE,EAAE;AAChF,oBAAA,MAAMtB,eAAe,mBAAA,CAAA,CAAqBiC,sBAAsB,CAACC,MAAAA,CAAO/B,OAAOmB,EAAE,CAAA,CAAA;AACvF,gBAAA;AAEI,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBuC,MAAM,CAAC;oBAAE7B,KAAAA,EAAOH;;AAC3D,YAAA,CAAA;YAEEiC,gBAAAA,CAAAA,CAAiBC,QAAQ,EAAEvB,IAAI,EAAA;gBAC7B,OAAO7B,MAAAA,CAAOqD,OAAO,CAACD,QAAAA,EAAUvB,IAAAA,CAAAA;AACpC,YAAA,CAAA;AAEE,YAAA,MAAMyB,uBAAsBtC,IAAI,EAAA;AAC9B,gBAAA,MAAMuC,wBAAwB9C,UAAAA,CAAW,mBAAA,CAAA;AACzC,gBAAA,MAAM+C,WAAAA,GAAc,MAAM1C,OAAAA,CAAO2C,KAAK,CAAC;oBAAE9B,IAAAA,EAAM,QAAA;oBAAU+B,IAAAA,EAAM;;gBAC/D,MAAMC,UAAAA,GAAa7C,OAAAA,CAAOW,QAAQ,CAACd,cAAAA,CAAAA;AAEnC,gBAAA,MAAMiD,QAAAA,GAAW,MAAMJ,WAAAA,CACpBjB,GAAG,CAAC;oBAAEb,GAAAA,EAAK;AAAO,iBAAA,CAAA,CAClBmC,IAAI,CAAC,CAACC,aAAeA,UAAAA,CAAWC,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAM7D,QAAAA,CAAS8D,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAAA,EAAQT,UAAAA;AACRlC,oBAAAA,QAAAA,EAAUX,OAAAA,CAAOW,QAAQ,CAAC4C,IAAI,CAACvD,OAAAA;iBACvC,EACME,IAAAA,CAAAA;AAGF,gBAAA,MAAMsD,oBAAoBxE,MAAAA,CAAOyE,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACtC,IAAI,CAAClB,IAAAA,CAAKqB,EAAE,EAAE;AAAEiC,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAAA,GAAY3D,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFqB,QAAAA,CAASe,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAK3E,QACHY,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,uBAClBkC,SAAAA,EACA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAYhE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,oBAAA,CAAA;AAC9BwC,wBAAAA,SAAAA,EAAWjE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,mBAAA,CAAA;wBAC7ByC,IAAAA,EAAMf,iBAAAA;wBACNgB,IAAAA,EAAMX;AACd,qBAAA,CAAA;oBAEMV,QAAAA,CAASsB,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAAA,EAAMf;AACd,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAM,OAAM;oBACNnD,OAAAA,CAAOqE,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACN,gBAAA;;gBAGI,MAAMtE,OAAAA,CACHuE,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAIxE,KAAKyE,KAAK;oBACdC,IAAAA,EACE9B,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,SAAS8B,IAAI,CAAChC,IAAA,GACjC,CAAA,EAAGE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAA,GAC/CE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/services/users-permissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"users-permissions.js","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,YAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,UAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;;AACzC,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;;AAC/C,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAE,CACbC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAE,CACbC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;AAAE,iBAAA,CAAA;AACtD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;uBAASf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"users-permissions.js","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,YAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,UAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;AAAW,yBAAA;AACpD,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;AAAW,yBAAA;AAC1D,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAA,CACXC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAA,CACXC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;;AACpD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;qBAAK,CAAA,CAAIf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/services/users-permissions.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"users-permissions.mjs","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,YAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,UAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;;AACzC,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;;AAC/C,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAE,CACbC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAE,CACbC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;AAAE,iBAAA,CAAA;AACtD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;uBAASf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"users-permissions.mjs","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,YAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,UAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;AAAW,yBAAA;AACpD,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;AAAW,yBAAA;AAC1D,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAA,CACXC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAA,CACXC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;;AACpD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;qBAAK,CAAA,CAAIf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/strategies/users-permissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"users-permissions.js","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,WAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;gBACT,MAAM,EAAEE,EAAE,EAAE,GAAGF,KAAAA;;AAGf,gBAAA,IAAIE,OAAOC,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;;AAChC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMhB,UAAAA,CAAW,MAAA,CAAA,CAAQiB,sBAAsB,CAACJ,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACG,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;;AACxB,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMjB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIiB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACb,EAAE,CAAA,CACnDc,IAAI,CAAC3B,UAAAA,CAAW,cAAc4B,mBAAmB,CAAA,CACjDD,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Eb,GAAAA,CAAIwB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;gBAEjB,OAAO;oBACLD,aAAAA,EAAe,IAAA;oBACfoB,WAAAA,EAAanB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMM,iBAAAA,GAAoB,MAAMpC,UAAAA,CAAW,YAAA,CAAA,CACxCqC,qBAAqB,EAAA,CACrBV,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;YAE3D,IAAIO,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAEvB,aAAAA,EAAe;;AAC9B,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACG,iBAAAA,CAAAA;YAE3E,OAAO;gBACLrB,aAAAA,EAAe,IAAA;gBACfoB,WAAAA,EAAa,IAAA;AACbL,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOS,GAAAA,EAAK;YACZ,OAAO;gBAAExB,aAAAA,EAAe;;AAC5B,QAAA;AACA,IAAA,CAAA;IAEA,MAAMyB,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAanB,IAAI,EAAEc,OAAO,EAAE,GAAGW,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC3B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAInB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACiC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIjC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAM+C,SAAAA,GAAYlD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACkD,KAAAA,GAAUb,OAAAA,CAAQe,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIhD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAkD,gBAAAA,GAAiB;QACfxC,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACA+B,QAAAA;AACF,KAAA;;;;;;"}
1
+ {"version":3,"file":"users-permissions.js","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,WAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;gBACT,MAAM,EAAEE,EAAE,EAAE,GAAGF,KAAAA;;AAGf,gBAAA,IAAIE,OAAOC,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;AAAK,qBAAA;AACrC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMhB,UAAAA,CAAW,MAAA,CAAA,CAAQiB,sBAAsB,CAACJ,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACG,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMjB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIiB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACb,EAAE,CAAA,CACnDc,IAAI,CAAC3B,UAAAA,CAAW,cAAc4B,mBAAmB,CAAA,CACjDD,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Eb,GAAAA,CAAIwB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;gBAEjB,OAAO;oBACLD,aAAAA,EAAe,IAAA;oBACfoB,WAAAA,EAAanB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMM,iBAAAA,GAAoB,MAAMpC,UAAAA,CAAW,YAAA,CAAA,CACxCqC,qBAAqB,EAAA,CACrBV,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;YAE3D,IAAIO,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAEvB,aAAAA,EAAe;AAAK,iBAAA;AACnC,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACG,iBAAAA,CAAAA;YAE3E,OAAO;gBACLrB,aAAAA,EAAe,IAAA;gBACfoB,WAAAA,EAAa,IAAA;AACbL,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOS,GAAAA,EAAK;YACZ,OAAO;gBAAExB,aAAAA,EAAe;AAAK,aAAA;AACjC,QAAA;AACA,IAAA,CAAA;IAEA,MAAMyB,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAanB,IAAI,EAAEc,OAAO,EAAE,GAAGW,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC3B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAInB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACiC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIjC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAM+C,SAAAA,GAAYlD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACkD,KAAAA,GAAUb,OAAAA,CAAQe,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIhD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAkD,gBAAAA,GAAiB;QACfxC,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACA+B,QAAAA;AACF,KAAA;;;;;;"}
package/dist/server/strategies/users-permissions.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"users-permissions.mjs","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,WAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;gBACT,MAAM,EAAEE,EAAE,EAAE,GAAGF,KAAAA;;AAGf,gBAAA,IAAIE,OAAOC,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;;AAChC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMhB,UAAAA,CAAW,MAAA,CAAA,CAAQiB,sBAAsB,CAACJ,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACG,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;;AACxB,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMjB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIiB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACb,EAAE,CAAA,CACnDc,IAAI,CAAC3B,UAAAA,CAAW,cAAc4B,mBAAmB,CAAA,CACjDD,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Eb,GAAAA,CAAIwB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;gBAEjB,OAAO;oBACLD,aAAAA,EAAe,IAAA;oBACfoB,WAAAA,EAAanB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMM,iBAAAA,GAAoB,MAAMpC,UAAAA,CAAW,YAAA,CAAA,CACxCqC,qBAAqB,EAAA,CACrBV,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;YAE3D,IAAIO,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAEvB,aAAAA,EAAe;;AAC9B,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACG,iBAAAA,CAAAA;YAE3E,OAAO;gBACLrB,aAAAA,EAAe,IAAA;gBACfoB,WAAAA,EAAa,IAAA;AACbL,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOS,GAAAA,EAAK;YACZ,OAAO;gBAAExB,aAAAA,EAAe;;AAC5B,QAAA;AACA,IAAA,CAAA;IAEA,MAAMyB,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAanB,IAAI,EAAEc,OAAO,EAAE,GAAGW,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC3B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAInB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACiC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIjC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAM+C,SAAAA,GAAYlD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACkD,KAAAA,GAAUb,OAAAA,CAAQe,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIhD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAkD,gBAAAA,GAAiB;QACfxC,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACA+B,QAAAA;AACF,KAAA;;;;;;"}
1
+ {"version":3,"file":"users-permissions.mjs","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,WAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;gBACT,MAAM,EAAEE,EAAE,EAAE,GAAGF,KAAAA;;AAGf,gBAAA,IAAIE,OAAOC,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;AAAK,qBAAA;AACrC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMhB,UAAAA,CAAW,MAAA,CAAA,CAAQiB,sBAAsB,CAACJ,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACG,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMjB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIiB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACb,EAAE,CAAA,CACnDc,IAAI,CAAC3B,UAAAA,CAAW,cAAc4B,mBAAmB,CAAA,CACjDD,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Eb,GAAAA,CAAIwB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;gBAEjB,OAAO;oBACLD,aAAAA,EAAe,IAAA;oBACfoB,WAAAA,EAAanB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMM,iBAAAA,GAAoB,MAAMpC,UAAAA,CAAW,YAAA,CAAA,CACxCqC,qBAAqB,EAAA,CACrBV,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;YAE3D,IAAIO,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAEvB,aAAAA,EAAe;AAAK,iBAAA;AACnC,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACG,iBAAAA,CAAAA;YAE3E,OAAO;gBACLrB,aAAAA,EAAe,IAAA;gBACfoB,WAAAA,EAAa,IAAA;AACbL,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOS,GAAAA,EAAK;YACZ,OAAO;gBAAExB,aAAAA,EAAe;AAAK,aAAA;AACjC,QAAA;AACA,IAAA,CAAA;IAEA,MAAMyB,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAanB,IAAI,EAAEc,OAAO,EAAE,GAAGW,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC3B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAInB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACiC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIjC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAM+C,SAAAA,GAAYlD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACkD,KAAAA,GAAUb,OAAAA,CAAQe,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIhD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAkD,gBAAAA,GAAiB;QACfxC,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACA+B,QAAAA;AACF,KAAA;;;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@strapi/plugin-users-permissions",
3
- "version": "5.39.0",
3
+ "version": "5.41.0",
4
4
  "description": "Protect your API with a full-authentication process based on JWT",
5
5
  "homepage": "https://strapi.io",
6
6
  "bugs": {
@@ -8,7 +8,7 @@
8
8
  },
9
9
  "repository": {
10
10
  "type": "git",
11
- "url": "git://github.com/strapi/strapi.git",
11
+ "url": "https://github.com/strapi/strapi.git",
12
12
  "directory": "packages/plugins/users-permissions"
13
13
  },
14
14
  "license": "SEE LICENSE IN LICENSE",
@@ -55,13 +55,13 @@
55
55
  "dependencies": {
56
56
  "@strapi/design-system": "2.2.0",
57
57
  "@strapi/icons": "2.2.0",
58
- "@strapi/utils": "5.39.0",
58
+ "@strapi/utils": "5.41.0",
59
59
  "bcryptjs": "2.4.3",
60
60
  "formik": "2.4.5",
61
61
  "grant": "^5.4.8",
62
62
  "immer": "9.0.21",
63
63
  "jsonwebtoken": "9.0.0",
64
- "jwk-to-pem": "2.0.5",
64
+ "jwk-to-pem": "2.0.7",
65
65
  "koa": "2.16.4",
66
66
  "koa2-ratelimit": "^1.1.3",
67
67
  "lodash": "4.17.23",
@@ -75,7 +75,7 @@
75
75
  "zod": "3.25.67"
76
76
  },
77
77
  "devDependencies": {
78
- "@strapi/strapi": "5.39.0",
78
+ "@strapi/strapi": "5.41.0",
79
79
  "@testing-library/dom": "10.4.1",
80
80
  "@testing-library/react": "16.3.0",
81
81
  "@testing-library/user-event": "14.6.1",