@strapi/plugin-users-permissions 5.48.1 → 5.49.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (113) hide show
  1. package/dist/admin/components/BoundRoute/index.js +12 -6
  2. package/dist/admin/components/BoundRoute/index.js.map +1 -1
  3. package/dist/admin/components/FormModal/Input/index.js +25 -21
  4. package/dist/admin/components/FormModal/Input/index.js.map +1 -1
  5. package/dist/admin/components/FormModal/index.js +14 -10
  6. package/dist/admin/components/FormModal/index.js.map +1 -1
  7. package/dist/admin/components/Permissions/PermissionRow/SubCategory.js +8 -3
  8. package/dist/admin/components/Permissions/PermissionRow/SubCategory.js.map +1 -1
  9. package/dist/admin/components/Permissions/PermissionRow/index.js +9 -4
  10. package/dist/admin/components/Permissions/PermissionRow/index.js.map +1 -1
  11. package/dist/admin/components/Policies/index.js +9 -3
  12. package/dist/admin/components/Policies/index.js.map +1 -1
  13. package/dist/admin/components/UsersPermissions/index.js +6 -2
  14. package/dist/admin/components/UsersPermissions/index.js.map +1 -1
  15. package/dist/admin/components/UsersPermissions/reducer.js +10 -4
  16. package/dist/admin/components/UsersPermissions/reducer.js.map +1 -1
  17. package/dist/admin/contexts/UsersPermissionsContext/index.js +6 -2
  18. package/dist/admin/contexts/UsersPermissionsContext/index.js.map +1 -1
  19. package/dist/admin/pages/AdvancedSettings/utils/schema.js +3 -2
  20. package/dist/admin/pages/AdvancedSettings/utils/schema.js.map +1 -1
  21. package/dist/admin/pages/EmailTemplates/components/EmailForm.js +17 -13
  22. package/dist/admin/pages/EmailTemplates/components/EmailForm.js.map +1 -1
  23. package/dist/admin/pages/EmailTemplates/components/EmailTable.js +6 -2
  24. package/dist/admin/pages/EmailTemplates/components/EmailTable.js.map +1 -1
  25. package/dist/admin/pages/EmailTemplates/index.js +3 -2
  26. package/dist/admin/pages/EmailTemplates/index.js.map +1 -1
  27. package/dist/admin/pages/EmailTemplates/utils/schema.js +3 -2
  28. package/dist/admin/pages/EmailTemplates/utils/schema.js.map +1 -1
  29. package/dist/admin/pages/Providers/index.js +7 -3
  30. package/dist/admin/pages/Providers/index.js.map +1 -1
  31. package/dist/admin/pages/Providers/utils/forms.js +3 -2
  32. package/dist/admin/pages/Providers/utils/forms.js.map +1 -1
  33. package/dist/admin/pages/Roles/constants.js +3 -2
  34. package/dist/admin/pages/Roles/constants.js.map +1 -1
  35. package/dist/admin/pages/Roles/pages/CreatePage.js +3 -2
  36. package/dist/admin/pages/Roles/pages/CreatePage.js.map +1 -1
  37. package/dist/admin/pages/Roles/pages/EditPage.js +3 -2
  38. package/dist/admin/pages/Roles/pages/EditPage.js.map +1 -1
  39. package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js +9 -5
  40. package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js.map +1 -1
  41. package/dist/admin/utils/cleanPermissions.js +6 -2
  42. package/dist/admin/utils/cleanPermissions.js.map +1 -1
  43. package/dist/admin/utils/formatPluginName.js +5 -1
  44. package/dist/admin/utils/formatPluginName.js.map +1 -1
  45. package/dist/server/bootstrap/index.js +7 -2
  46. package/dist/server/bootstrap/index.js.map +1 -1
  47. package/dist/server/controllers/auth.js +13 -5
  48. package/dist/server/controllers/auth.js.map +1 -1
  49. package/dist/server/controllers/content-manager-user.js +8 -3
  50. package/dist/server/controllers/content-manager-user.js.map +1 -1
  51. package/dist/server/controllers/permissions.js +5 -1
  52. package/dist/server/controllers/permissions.js.map +1 -1
  53. package/dist/server/controllers/role.js +7 -2
  54. package/dist/server/controllers/role.js.map +1 -1
  55. package/dist/server/controllers/settings.js +7 -2
  56. package/dist/server/controllers/settings.js.map +1 -1
  57. package/dist/server/controllers/user.js +7 -2
  58. package/dist/server/controllers/user.js.map +1 -1
  59. package/dist/server/controllers/validation/auth.js +5 -1
  60. package/dist/server/controllers/validation/auth.js.map +1 -1
  61. package/dist/server/controllers/validation/email-template.js +7 -2
  62. package/dist/server/controllers/validation/email-template.js.map +1 -1
  63. package/dist/server/controllers/validation/user.js +5 -1
  64. package/dist/server/controllers/validation/user.js.map +1 -1
  65. package/dist/server/graphql/mutations/auth/change-password.js +5 -1
  66. package/dist/server/graphql/mutations/auth/change-password.js.map +1 -1
  67. package/dist/server/graphql/mutations/auth/email-confirmation.js +5 -1
  68. package/dist/server/graphql/mutations/auth/email-confirmation.js.map +1 -1
  69. package/dist/server/graphql/mutations/auth/forgot-password.js +5 -1
  70. package/dist/server/graphql/mutations/auth/forgot-password.js.map +1 -1
  71. package/dist/server/graphql/mutations/auth/login.js +5 -1
  72. package/dist/server/graphql/mutations/auth/login.js.map +1 -1
  73. package/dist/server/graphql/mutations/auth/register.js +5 -1
  74. package/dist/server/graphql/mutations/auth/register.js.map +1 -1
  75. package/dist/server/graphql/mutations/auth/reset-password.js +5 -1
  76. package/dist/server/graphql/mutations/auth/reset-password.js.map +1 -1
  77. package/dist/server/graphql/mutations/crud/role/create-role.js +5 -1
  78. package/dist/server/graphql/mutations/crud/role/create-role.js.map +1 -1
  79. package/dist/server/graphql/mutations/crud/user/create-user.js +5 -1
  80. package/dist/server/graphql/mutations/crud/user/create-user.js.map +1 -1
  81. package/dist/server/graphql/mutations/crud/user/update-user.js +5 -1
  82. package/dist/server/graphql/mutations/crud/user/update-user.js.map +1 -1
  83. package/dist/server/graphql/utils.js +5 -1
  84. package/dist/server/graphql/utils.js.map +1 -1
  85. package/dist/server/middlewares/rateLimit.js +11 -4
  86. package/dist/server/middlewares/rateLimit.js.map +1 -1
  87. package/dist/server/register.js +7 -2
  88. package/dist/server/register.js.map +1 -1
  89. package/dist/server/routes/content-api/index.js +5 -1
  90. package/dist/server/routes/content-api/index.js.map +1 -1
  91. package/dist/server/routes/content-api/user.js +5 -1
  92. package/dist/server/routes/content-api/user.js.map +1 -1
  93. package/dist/server/routes/content-api/validation.js +7 -2
  94. package/dist/server/routes/content-api/validation.js.map +1 -1
  95. package/dist/server/services/jwt.js +7 -2
  96. package/dist/server/services/jwt.js.map +1 -1
  97. package/dist/server/services/providers-registry.js +13 -5
  98. package/dist/server/services/providers-registry.js.map +1 -1
  99. package/dist/server/services/providers.js +7 -2
  100. package/dist/server/services/providers.js.map +1 -1
  101. package/dist/server/services/role.js +7 -2
  102. package/dist/server/services/role.js.map +1 -1
  103. package/dist/server/services/user.js +13 -5
  104. package/dist/server/services/user.js.map +1 -1
  105. package/dist/server/services/users-permissions.js +11 -4
  106. package/dist/server/services/users-permissions.js.map +1 -1
  107. package/dist/server/strategies/users-permissions.js +7 -2
  108. package/dist/server/strategies/users-permissions.js.map +1 -1
  109. package/dist/server/utils/index.js +5 -1
  110. package/dist/server/utils/index.js.map +1 -1
  111. package/dist/server/utils/sanitize/sanitizers.js +7 -2
  112. package/dist/server/utils/sanitize/sanitizers.js.map +1 -1
  113. package/package.json +3 -3
package/dist/server/services/role.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"role.js","sources":["../../../server/services/role.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { NotFoundError } = require('@strapi/utils').errors;\nconst { getService } = require('../utils');\n\nmodule.exports = ({ strapi }) => ({\n async createRole(params) {\n if (!params.type) {\n params.type = _.snakeCase(_.deburr(_.toLower(params.name)));\n }\n\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .create({ data: _.omit(params, ['users', 'permissions']) });\n\n const createPromises = _.flatMap(params.permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n const actionID = `${typeName}.${controllerName}.${actionName}`;\n\n acc.push(\n strapi.db\n .query('plugin::users-permissions.permission')\n .create({ data: { action: actionID, role: role.id } })\n );\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n await Promise.all(createPromises);\n },\n\n async findOne(roleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n const allActions = getService('users-permissions').getActions();\n\n // Group by `type`.\n role.permissions.forEach((permission) => {\n const [type, controller, action] = permission.action.split('.');\n\n _.set(allActions, `${type}.controllers.${controller}.${action}`, {\n enabled: true,\n policy: '',\n });\n });\n\n return {\n ...role,\n permissions: allActions,\n };\n },\n\n async find() {\n const roles = await strapi.db\n .query('plugin::users-permissions.role')\n .findMany({ sort: ['name'] });\n\n for (const role of roles) {\n role.nb_users = await strapi.db\n .query('plugin::users-permissions.user')\n .count({ where: { role: { id: role.id } } });\n }\n\n return roles;\n },\n\n async updateRole(roleID, data) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n await strapi.db.query('plugin::users-permissions.role').update({\n where: { id: roleID },\n data: _.pick(data, ['name', 'description']),\n });\n\n const { permissions } = data;\n\n const newActions = _.flatMap(permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n acc.push(`${typeName}.${controllerName}.${actionName}`);\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n const oldActions = role.permissions.map(({ action }) => action);\n\n const toDelete = role.permissions.reduce((acc, permission) => {\n if (!newActions.includes(permission.action)) {\n acc.push(permission);\n }\n return acc;\n }, []);\n\n const toCreate = newActions\n .filter((action) => !oldActions.includes(action))\n .map((action) => ({ action, role: role.id }));\n\n await Promise.all(\n toDelete.map((permission) =>\n strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { id: permission.id } })\n )\n );\n\n await Promise.all(\n toCreate.map((permissionInfo) =>\n strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })\n )\n );\n },\n\n async deleteRole(roleID, publicRoleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n // Move users to guest role.\n await Promise.all(\n role.users.map((user) => {\n return strapi.db.query('plugin::users-permissions.user').update({\n where: { id: user.id },\n data: { role: publicRoleID },\n });\n })\n );\n\n // Remove permissions related to this role.\n // TODO: use delete many\n await Promise.all(\n role.permissions.map((permission) => {\n return strapi.db.query('plugin::users-permissions.permission').delete({\n where: { id: permission.id },\n });\n })\n );\n\n // Delete the role.\n await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });\n },\n});\n"],"names":["_","require$$0","NotFoundError","require$$1","errors","getService","require$$2","role","strapi","createRole","params","type","snakeCase","deburr","toLower","name","db","query","create","data","omit","createPromises","flatMap","permissions","typeName","controllers","controller","controllerName","reduce","acc","action","actionName","enabled","actionID","push","id","Promise","all","findOne","roleID","where","populate","allActions","getActions","forEach","permission","split","set","policy","find","roles","findMany","sort","nb_users","count","updateRole","update","pick","newActions","oldActions","map","toDelete","includes","toCreate","filter","delete","permissionInfo","deleteRole","publicRoleID","users","user"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGC,WAAyBC,MAAM;IACzD,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChC,YAAA,MAAMC,YAAWC,MAAM,EAAA;gBACrB,IAAI,CAACA,MAAAA,CAAOC,IAAI,EAAE;AAChBD,oBAAAA,MAAAA,CAAOC,IAAI,GAAGX,CAAAA,CAAEY,SAAS,CAACZ,CAAAA,CAAEa,MAAM,CAACb,CAAAA,CAAEc,OAAO,CAACJ,MAAAA,CAAOK,IAAI,CAAA,CAAA,CAAA;AAC9D,gBAAA;gBAEI,MAAMR,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,MAAM,CAAC;oBAAEC,IAAAA,EAAMnB,CAAAA,CAAEoB,IAAI,CAACV,MAAAA,EAAQ;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc,qBAAA;AAAC,iBAAA,CAAA;gBAE1D,MAAMW,cAAAA,GAAiBrB,EAAEsB,OAAO,CAACZ,OAAOa,WAAW,EAAE,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC1D,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACX,MAAMC,QAAAA,GAAW,GAAGT,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY;gCAE9DF,GAAAA,CAAIK,IAAI,CACN1B,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNC,MAAM,CAAC;oCAAEC,IAAAA,EAAM;wCAAEW,MAAAA,EAAQG,QAAAA;AAAU1B,wCAAAA,IAAAA,EAAMA,KAAK4B;AAAE;;AAEnE,4BAAA;4BAEY,OAAON,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAE,CAAA;AAEZ,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMO,OAAAA,CAAQC,GAAG,CAAChB,cAAAA,CAAAA;AACtB,YAAA,CAAA;AAEE,YAAA,MAAMiB,SAAQC,MAAM,EAAA;gBAClB,MAAMhC,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;gBAEI,MAAMwC,UAAAA,GAAarC,UAAAA,CAAW,mBAAA,CAAA,CAAqBsC,UAAU,EAAA;;AAG7DpC,gBAAAA,IAAAA,CAAKgB,WAAW,CAACqB,OAAO,CAAC,CAACC,UAAAA,GAAAA;oBACxB,MAAM,CAAClC,MAAMe,UAAAA,EAAYI,MAAAA,CAAO,GAAGe,UAAAA,CAAWf,MAAM,CAACgB,KAAK,CAAC,GAAA,CAAA;oBAE3D9C,CAAAA,CAAE+C,GAAG,CAACL,UAAAA,EAAY,CAAA,EAAG/B,IAAAA,CAAK,aAAa,EAAEe,UAAAA,CAAW,CAAC,EAAEI,MAAAA,CAAAA,CAAQ,EAAE;wBAC/DE,OAAAA,EAAS,IAAA;wBACTgB,MAAAA,EAAQ;AAChB,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,OAAO;AACL,oBAAA,GAAGzC,IAAI;oBACPgB,WAAAA,EAAamB;AACnB,iBAAA;AACA,YAAA,CAAA;YAEE,MAAMO,IAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAM1C,MAAAA,CAAOQ,EAAE,CAC1BC,KAAK,CAAC,gCAAA,CAAA,CACNkC,QAAQ,CAAC;oBAAEC,IAAAA,EAAM;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;gBAE5B,KAAK,MAAM7C,QAAQ2C,KAAAA,CAAO;oBACxB3C,IAAAA,CAAK8C,QAAQ,GAAG,MAAM7C,MAAAA,CAAOQ,EAAE,CAC5BC,KAAK,CAAC,gCAAA,CAAA,CACNqC,KAAK,CAAC;wBAAEd,KAAAA,EAAO;4BAAEjC,IAAAA,EAAM;AAAE4B,gCAAAA,EAAAA,EAAI5B,KAAK4B;;AAAI;AAAE,qBAAA,CAAA;AACjD,gBAAA;gBAEI,OAAOe,KAAAA;AACX,YAAA,CAAA;YAEE,MAAMK,UAAAA,CAAAA,CAAWhB,MAAM,EAAEpB,IAAI,EAAA;gBAC3B,MAAMZ,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;AAEI,gBAAA,MAAMM,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;oBAC7DhB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBACnBpB,IAAAA,EAAMnB,CAAAA,CAAEyD,IAAI,CAACtC,IAAAA,EAAM;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAc,qBAAA;AAChD,iBAAA,CAAA;gBAEI,MAAM,EAAEI,WAAW,EAAE,GAAGJ,IAAAA;AAExB,gBAAA,MAAMuC,aAAa1D,CAAAA,CAAEsB,OAAO,CAACC,WAAAA,EAAa,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC/C,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACXH,GAAAA,CAAIK,IAAI,CAAC,CAAA,EAAGV,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY,CAAA;AACpE,4BAAA;4BAEY,OAAOF,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAE,CAAA;AAEZ,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAM8B,UAAAA,GAAapD,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAAC,EAAE9B,MAAM,EAAE,GAAKA,MAAAA,CAAAA;AAExD,gBAAA,MAAM+B,WAAWtD,IAAAA,CAAKgB,WAAW,CAACK,MAAM,CAAC,CAACC,GAAAA,EAAKgB,UAAAA,GAAAA;AAC7C,oBAAA,IAAI,CAACa,UAAAA,CAAWI,QAAQ,CAACjB,UAAAA,CAAWf,MAAM,CAAA,EAAG;AAC3CD,wBAAAA,GAAAA,CAAIK,IAAI,CAACW,UAAAA,CAAAA;AACjB,oBAAA;oBACM,OAAOhB,GAAAA;AACb,gBAAA,CAAA,EAAO,EAAE,CAAA;AAEL,gBAAA,MAAMkC,QAAAA,GAAWL,UAAAA,CACdM,MAAM,CAAC,CAAClC,MAAAA,GAAW,CAAC6B,UAAAA,CAAWG,QAAQ,CAAChC,MAAAA,CAAAA,CAAAA,CACxC8B,GAAG,CAAC,CAAC9B,UAAY;AAAEA,wBAAAA,MAAAA;AAAQvB,wBAAAA,IAAAA,EAAMA,KAAK4B;qBAAE,CAAA,CAAA;AAE3C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACfwB,QAAAA,CAASD,GAAG,CAAC,CAACf,UAAAA,GACZrC,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNgD,MAAM,CAAC;wBAAEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;;AAI1C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACf0B,QAAAA,CAASH,GAAG,CAAC,CAACM,cAAAA,GACZ1D,MAAAA,CAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCC,MAAM,CAAC;wBAAEC,IAAAA,EAAM+C;;AAG/E,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,CAAW5B,MAAM,EAAE6B,YAAY,EAAA;gBACnC,MAAM7D,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAEtE,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;;gBAGI,MAAMkC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAK8D,KAAK,CAACT,GAAG,CAAC,CAACU,IAAAA,GAAAA;AACd,oBAAA,OAAO9D,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;wBAC9DhB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAImC,KAAKnC;AAAE,yBAAA;wBACpBhB,IAAAA,EAAM;4BAAEZ,IAAAA,EAAM6D;AAAY;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;;gBAKI,MAAMhC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAACf,UAAAA,GAAAA;AACpB,oBAAA,OAAOrC,OAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCgD,MAAM,CAAC;wBACpEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;AAII,gBAAA,MAAM3B,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCgD,MAAM,CAAC;oBAAEzB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM;AAAE,iBAAA,CAAA;AAC1F,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"role.js","sources":["../../../server/services/role.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { NotFoundError } = require('@strapi/utils').errors;\nconst { getService } = require('../utils');\n\nmodule.exports = ({ strapi }) => ({\n async createRole(params) {\n if (!params.type) {\n params.type = _.snakeCase(_.deburr(_.toLower(params.name)));\n }\n\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .create({ data: _.omit(params, ['users', 'permissions']) });\n\n const createPromises = _.flatMap(params.permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n const actionID = `${typeName}.${controllerName}.${actionName}`;\n\n acc.push(\n strapi.db\n .query('plugin::users-permissions.permission')\n .create({ data: { action: actionID, role: role.id } })\n );\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n await Promise.all(createPromises);\n },\n\n async findOne(roleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n const allActions = getService('users-permissions').getActions();\n\n // Group by `type`.\n role.permissions.forEach((permission) => {\n const [type, controller, action] = permission.action.split('.');\n\n _.set(allActions, `${type}.controllers.${controller}.${action}`, {\n enabled: true,\n policy: '',\n });\n });\n\n return {\n ...role,\n permissions: allActions,\n };\n },\n\n async find() {\n const roles = await strapi.db\n .query('plugin::users-permissions.role')\n .findMany({ sort: ['name'] });\n\n for (const role of roles) {\n role.nb_users = await strapi.db\n .query('plugin::users-permissions.user')\n .count({ where: { role: { id: role.id } } });\n }\n\n return roles;\n },\n\n async updateRole(roleID, data) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n await strapi.db.query('plugin::users-permissions.role').update({\n where: { id: roleID },\n data: _.pick(data, ['name', 'description']),\n });\n\n const { permissions } = data;\n\n const newActions = _.flatMap(permissions, (type, typeName) => {\n return _.flatMap(type.controllers, (controller, controllerName) => {\n return _.reduce(\n controller,\n (acc, action, actionName) => {\n const { enabled /* policy */ } = action;\n\n if (enabled) {\n acc.push(`${typeName}.${controllerName}.${actionName}`);\n }\n\n return acc;\n },\n []\n );\n });\n });\n\n const oldActions = role.permissions.map(({ action }) => action);\n\n const toDelete = role.permissions.reduce((acc, permission) => {\n if (!newActions.includes(permission.action)) {\n acc.push(permission);\n }\n return acc;\n }, []);\n\n const toCreate = newActions\n .filter((action) => !oldActions.includes(action))\n .map((action) => ({ action, role: role.id }));\n\n await Promise.all(\n toDelete.map((permission) =>\n strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { id: permission.id } })\n )\n );\n\n await Promise.all(\n toCreate.map((permissionInfo) =>\n strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })\n )\n );\n },\n\n async deleteRole(roleID, publicRoleID) {\n const role = await strapi.db\n .query('plugin::users-permissions.role')\n .findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });\n\n if (!role) {\n throw new NotFoundError('Role not found');\n }\n\n // Move users to guest role.\n await Promise.all(\n role.users.map((user) => {\n return strapi.db.query('plugin::users-permissions.user').update({\n where: { id: user.id },\n data: { role: publicRoleID },\n });\n })\n );\n\n // Remove permissions related to this role.\n // TODO: use delete many\n await Promise.all(\n role.permissions.map((permission) => {\n return strapi.db.query('plugin::users-permissions.permission').delete({\n where: { id: permission.id },\n });\n })\n );\n\n // Delete the role.\n await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });\n },\n});\n"],"names":["_","require$$0","NotFoundError","require$$1","errors","getService","require$$2","role","strapi","createRole","params","type","snakeCase","deburr","toLower","name","db","query","create","data","omit","createPromises","flatMap","permissions","typeName","controllers","controller","controllerName","reduce","acc","action","actionName","enabled","actionID","push","id","Promise","all","findOne","roleID","where","populate","allActions","getActions","forEach","permission","split","set","policy","find","roles","findMany","sort","nb_users","count","updateRole","update","pick","newActions","oldActions","map","toDelete","includes","toCreate","filter","delete","permissionInfo","deleteRole","publicRoleID","users","user"],"mappings":";;;;;;;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,2BAAAA;AACV,IAAA,MAAM,EAAEC,aAAa,EAAE,GAAGC,4BAAyBC,MAAM;IACzD,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvBC,IAAAA,IAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChC,YAAA,MAAMC,YAAWC,MAAM,EAAA;gBACrB,IAAI,CAACA,MAAAA,CAAOC,IAAI,EAAE;AAChBD,oBAAAA,MAAAA,CAAOC,IAAI,GAAGX,CAAAA,CAAEY,SAAS,CAACZ,CAAAA,CAAEa,MAAM,CAACb,CAAAA,CAAEc,OAAO,CAACJ,MAAAA,CAAOK,IAAI,CAAA,CAAA,CAAA;AAC9D,gBAAA;gBAEI,MAAMR,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,MAAM,CAAC;oBAAEC,IAAAA,EAAMnB,CAAAA,CAAEoB,IAAI,CAACV,MAAAA,EAAQ;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc,qBAAA;AAAC,iBAAA,CAAA;gBAE1D,MAAMW,cAAAA,GAAiBrB,EAAEsB,OAAO,CAACZ,OAAOa,WAAW,EAAE,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC1D,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACX,MAAMC,QAAAA,GAAW,GAAGT,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY;gCAE9DF,GAAAA,CAAIK,IAAI,CACN1B,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNC,MAAM,CAAC;oCAAEC,IAAAA,EAAM;wCAAEW,MAAAA,EAAQG,QAAAA;AAAU1B,wCAAAA,IAAAA,EAAMA,KAAK4B;AAAE;;AAEnE,4BAAA;4BAEY,OAAON,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAE,CAAA;AAEZ,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMO,OAAAA,CAAQC,GAAG,CAAChB,cAAAA,CAAAA;AACtB,YAAA,CAAA;AAEE,YAAA,MAAMiB,SAAQC,MAAM,EAAA;gBAClB,MAAMhC,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;gBAEI,MAAMwC,UAAAA,GAAarC,UAAAA,CAAW,mBAAA,CAAA,CAAqBsC,UAAU,EAAA;;AAG7DpC,gBAAAA,IAAAA,CAAKgB,WAAW,CAACqB,OAAO,CAAC,CAACC,UAAAA,GAAAA;oBACxB,MAAM,CAAClC,MAAMe,UAAAA,EAAYI,MAAAA,CAAO,GAAGe,UAAAA,CAAWf,MAAM,CAACgB,KAAK,CAAC,GAAA,CAAA;oBAE3D9C,CAAAA,CAAE+C,GAAG,CAACL,UAAAA,EAAY,CAAA,EAAG/B,IAAAA,CAAK,aAAa,EAAEe,UAAAA,CAAW,CAAC,EAAEI,MAAAA,CAAAA,CAAQ,EAAE;wBAC/DE,OAAAA,EAAS,IAAA;wBACTgB,MAAAA,EAAQ;AAChB,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,OAAO;AACL,oBAAA,GAAGzC,IAAI;oBACPgB,WAAAA,EAAamB;AACnB,iBAAA;AACA,YAAA,CAAA;YAEE,MAAMO,IAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAM1C,MAAAA,CAAOQ,EAAE,CAC1BC,KAAK,CAAC,gCAAA,CAAA,CACNkC,QAAQ,CAAC;oBAAEC,IAAAA,EAAM;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;gBAE5B,KAAK,MAAM7C,QAAQ2C,KAAAA,CAAO;oBACxB3C,IAAAA,CAAK8C,QAAQ,GAAG,MAAM7C,MAAAA,CAAOQ,EAAE,CAC5BC,KAAK,CAAC,gCAAA,CAAA,CACNqC,KAAK,CAAC;wBAAEd,KAAAA,EAAO;4BAAEjC,IAAAA,EAAM;AAAE4B,gCAAAA,EAAAA,EAAI5B,KAAK4B;;AAAI;AAAE,qBAAA,CAAA;AACjD,gBAAA;gBAEI,OAAOe,KAAAA;AACX,YAAA,CAAA;YAEE,MAAMK,UAAAA,CAAAA,CAAWhB,MAAM,EAAEpB,IAAI,EAAA;gBAC3B,MAAMZ,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAE7D,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;AAEI,gBAAA,MAAMM,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;oBAC7DhB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBACnBpB,IAAAA,EAAMnB,CAAAA,CAAEyD,IAAI,CAACtC,IAAAA,EAAM;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAc,qBAAA;AAChD,iBAAA,CAAA;gBAEI,MAAM,EAAEI,WAAW,EAAE,GAAGJ,IAAAA;AAExB,gBAAA,MAAMuC,aAAa1D,CAAAA,CAAEsB,OAAO,CAACC,WAAAA,EAAa,CAACZ,IAAAA,EAAMa,QAAAA,GAAAA;AAC/C,oBAAA,OAAOxB,EAAEsB,OAAO,CAACX,KAAKc,WAAW,EAAE,CAACC,UAAAA,EAAYC,cAAAA,GAAAA;AAC9C,wBAAA,OAAO3B,EAAE4B,MAAM,CACbF,UAAAA,EACA,CAACG,KAAKC,MAAAA,EAAQC,UAAAA,GAAAA;AACZ,4BAAA,MAAM,EAAEC,OAAO,eAAe,GAAGF,MAAAA;AAEjC,4BAAA,IAAIE,OAAAA,EAAS;gCACXH,GAAAA,CAAIK,IAAI,CAAC,CAAA,EAAGV,QAAAA,CAAS,CAAC,EAAEG,cAAAA,CAAe,CAAC,EAAEI,UAAAA,CAAAA,CAAY,CAAA;AACpE,4BAAA;4BAEY,OAAOF,GAAAA;AACnB,wBAAA,CAAA,EACU,EAAE,CAAA;AAEZ,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAM8B,UAAAA,GAAapD,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAAC,EAAE9B,MAAM,EAAE,GAAKA,MAAAA,CAAAA;AAExD,gBAAA,MAAM+B,WAAWtD,IAAAA,CAAKgB,WAAW,CAACK,MAAM,CAAC,CAACC,GAAAA,EAAKgB,UAAAA,GAAAA;AAC7C,oBAAA,IAAI,CAACa,UAAAA,CAAWI,QAAQ,CAACjB,UAAAA,CAAWf,MAAM,CAAA,EAAG;AAC3CD,wBAAAA,GAAAA,CAAIK,IAAI,CAACW,UAAAA,CAAAA;AACjB,oBAAA;oBACM,OAAOhB,GAAAA;AACb,gBAAA,CAAA,EAAO,EAAE,CAAA;AAEL,gBAAA,MAAMkC,QAAAA,GAAWL,UAAAA,CACdM,MAAM,CAAC,CAAClC,MAAAA,GAAW,CAAC6B,UAAAA,CAAWG,QAAQ,CAAChC,MAAAA,CAAAA,CAAAA,CACxC8B,GAAG,CAAC,CAAC9B,UAAY;AAAEA,wBAAAA,MAAAA;AAAQvB,wBAAAA,IAAAA,EAAMA,KAAK4B;qBAAE,CAAA,CAAA;AAE3C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACfwB,QAAAA,CAASD,GAAG,CAAC,CAACf,UAAAA,GACZrC,MAAAA,CAAOQ,EAAE,CACNC,KAAK,CAAC,sCAAA,CAAA,CACNgD,MAAM,CAAC;wBAAEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;;AAI1C,gBAAA,MAAMC,OAAAA,CAAQC,GAAG,CACf0B,QAAAA,CAASH,GAAG,CAAC,CAACM,cAAAA,GACZ1D,MAAAA,CAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCC,MAAM,CAAC;wBAAEC,IAAAA,EAAM+C;;AAG/E,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,CAAW5B,MAAM,EAAE6B,YAAY,EAAA;gBACnC,MAAM7D,IAAAA,GAAO,MAAMC,MAAAA,CAAOQ,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNqB,OAAO,CAAC;oBAAEE,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM,qBAAA;oBAAIE,QAAAA,EAAU;AAAC,wBAAA,OAAA;AAAS,wBAAA;AAAc;AAAA,iBAAA,CAAA;AAEtE,gBAAA,IAAI,CAAClC,IAAAA,EAAM;AACT,oBAAA,MAAM,IAAIL,aAAAA,CAAc,gBAAA,CAAA;AAC9B,gBAAA;;gBAGI,MAAMkC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAK8D,KAAK,CAACT,GAAG,CAAC,CAACU,IAAAA,GAAAA;AACd,oBAAA,OAAO9D,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCuC,MAAM,CAAC;wBAC9DhB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAImC,KAAKnC;AAAE,yBAAA;wBACpBhB,IAAAA,EAAM;4BAAEZ,IAAAA,EAAM6D;AAAY;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;;gBAKI,MAAMhC,OAAAA,CAAQC,GAAG,CACf9B,IAAAA,CAAKgB,WAAW,CAACqC,GAAG,CAAC,CAACf,UAAAA,GAAAA;AACpB,oBAAA,OAAOrC,OAAOQ,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCgD,MAAM,CAAC;wBACpEzB,KAAAA,EAAO;AAAEL,4BAAAA,EAAAA,EAAIU,WAAWV;AAAE;AACpC,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAA,CAAA;;AAII,gBAAA,MAAM3B,OAAOQ,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCgD,MAAM,CAAC;oBAAEzB,KAAAA,EAAO;wBAAEL,EAAAA,EAAII;AAAM;AAAE,iBAAA,CAAA;AAC1F,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/services/user.js CHANGED
@@ -7,6 +7,14 @@ var require$$1 = require('@strapi/utils');
7
7
  var require$$0 = require('lodash/fp');
8
8
  var index = require('../utils/index.js');
9
9
 
10
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
11
+
12
+ var require$$0__default$1 = /*#__PURE__*/_interopDefault(require$$0$1);
13
+ var require$$1__default$1 = /*#__PURE__*/_interopDefault(require$$1$1);
14
+ var require$$2__default = /*#__PURE__*/_interopDefault(require$$2);
15
+ var require$$1__default = /*#__PURE__*/_interopDefault(require$$1);
16
+ var require$$0__default = /*#__PURE__*/_interopDefault(require$$0);
17
+
10
18
  var user;
11
19
  var hasRequiredUser;
12
20
  function requireUser() {
@@ -16,11 +24,11 @@ function requireUser() {
16
24
  * User.js service
17
25
  *
18
26
  * @description: A set of functions similar to controller's actions to avoid code duplication.
19
- */ const crypto = require$$0$1;
20
- const bcrypt = require$$1$1;
21
- const urlJoin = require$$2;
22
- const { sanitize } = require$$1;
23
- const { toNumber, getOr } = require$$0;
27
+ */ const crypto = require$$0__default$1.default;
28
+ const bcrypt = require$$1__default$1.default;
29
+ const urlJoin = require$$2__default.default;
30
+ const { sanitize } = require$$1__default.default;
31
+ const { toNumber, getOr } = require$$0__default.default;
24
32
  const { getService } = index.__require();
25
33
  const USER_MODEL_UID = 'plugin::users-permissions.user';
26
34
  const getSessionManager = ()=>{
package/dist/server/services/user.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.js","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\nmodule.exports = ({ strapi }) => ({\n /**\n * Promise to count users\n *\n * @return {Promise}\n */\n\n count(params) {\n return strapi.db.query(USER_MODEL_UID).count({ where: params });\n },\n\n /**\n * Hashes password fields in the provided values object if they are present.\n * It checks each key in the values object against the model's attributes and\n * hashes it if the attribute type is 'password',\n *\n * @param {object} values - The object containing the fields to be hashed.\n * @return {object} The values object with hashed password fields if they were present.\n */\n async ensureHashedPasswords(values) {\n const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n for (const key in values) {\n if (attributes[key] && attributes[key].type === 'password') {\n // Check if a custom encryption.rounds has been set on the password attribute\n const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n values[key] = await bcrypt.hash(values[key], rounds);\n }\n }\n\n return values;\n },\n\n /**\n * Promise to add a/an user.\n * @return {Promise}\n */\n async add(values) {\n // Use the Document Service so relation inputs accept both the internal\n // numeric id (legacy) and the documentId (v5 default) syntax, consistent\n // with every other content-type endpoint. The Document Service hashes\n // `password` attributes itself, so we must not pre-hash here.\n return strapi.documents(USER_MODEL_UID).create({\n data: values,\n populate: ['role'],\n });\n },\n\n /**\n * Promise to edit a/an user.\n * @param {string} userId\n * @param {object} params\n * @return {Promise}\n */\n async edit(userId, params = {}) {\n // The user is addressed by its numeric id (e.g. the `/users/:id` route),\n // but the Document Service updates by documentId. Resolve it first so the\n // relation inputs are processed by the Document Service, which accepts both\n // numeric ids (legacy) and documentIds (v5 default). The Document Service\n // hashes `password` attributes itself, so we must not pre-hash here.\n const entry = await strapi.db\n .query(USER_MODEL_UID)\n .findOne({ where: { id: userId }, select: ['documentId'] });\n\n if (!entry) {\n return null;\n }\n\n return strapi.documents(USER_MODEL_UID).update({\n documentId: entry.documentId,\n data: params,\n populate: ['role'],\n });\n },\n\n /**\n * Promise to fetch a/an user.\n * @return {Promise}\n */\n fetch(id, params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findOne({\n ...query,\n where: {\n $and: [{ id }, query.where || {}],\n },\n });\n },\n\n /**\n * Promise to fetch authenticated user.\n * @return {Promise}\n */\n fetchAuthenticatedUser(id) {\n return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n },\n\n /**\n * Promise to fetch all users.\n * @return {Promise}\n */\n fetchAll(params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findMany(query);\n },\n\n /**\n * Promise to remove a/an user.\n * @return {Promise}\n */\n async remove(params) {\n // Invalidate sessions for all affected users\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {\n await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));\n }\n\n return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n },\n\n validatePassword(password, hash) {\n return bcrypt.compare(password, hash);\n },\n\n async sendConfirmationEmail(user) {\n const userPermissionService = getService('users-permissions');\n const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n const userSchema = strapi.getModel(USER_MODEL_UID);\n\n const settings = await pluginStore\n .get({ key: 'email' })\n .then((storeEmail) => storeEmail.email_confirmation.options);\n\n // Sanitize the template's user information\n const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n {\n schema: userSchema,\n getModel: strapi.getModel.bind(strapi),\n },\n user\n );\n\n const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n await this.edit(user.id, { confirmationToken });\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n\n try {\n settings.message = await userPermissionService.template(settings.message, {\n URL: urlJoin(\n strapi.config.get('server.absoluteUrl'),\n apiPrefix,\n '/auth/email-confirmation'\n ),\n SERVER_URL: strapi.config.get('server.absoluteUrl'),\n ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n USER: sanitizedUserInfo,\n CODE: confirmationToken,\n });\n\n settings.object = await userPermissionService.template(settings.object, {\n USER: sanitizedUserInfo,\n });\n } catch {\n strapi.log.error(\n '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n );\n return;\n }\n\n // Send an email to the user.\n await strapi\n .plugin('email')\n .service('email')\n .send({\n to: user.email,\n from:\n settings.from.email && settings.from.name\n ? `${settings.from.name} <${settings.from.email}>`\n : undefined,\n replyTo: settings.response_email,\n subject: settings.object,\n text: settings.message,\n html: settings.message,\n });\n },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","getSessionManager","manager","strapi","sessionManager","user","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","documents","create","data","populate","edit","userId","entry","findOne","id","select","update","documentId","fetch","get","transform","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","hasOrigin","invalidateRefreshToken","String","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,UAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,UAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAAA,GAAiB,gCAAA;AAEvB,IAAA,MAAMC,iBAAAA,GAAoB,IAAA;QACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,QAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,IAAA,CAAA;AAEAG,IAAAA,IAAAA,GAAiB,CAAC,EAAEF,MAAAA,EAAAA,OAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEG,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBM,KAAK,CAAC;oBAAEI,KAAAA,EAAOH;AAAM,iBAAA,CAAA;AAChE,YAAA,CAAA;AAEA;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAAA,GAAaV,OAAAA,CAAOW,QAAQ,CAACd,gBAAgBa,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAAA,CAAQ;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAAA,CAAI,CAACC,IAAI,KAAK,UAAA,EAAY;;AAE1D,wBAAA,MAAMC,SAAStB,QAAAA,CAASC,KAAAA,CAAM,IAAI,mBAAA,EAAqBiB,UAAU,CAACE,GAAAA,CAAI,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAAA,CAAI,GAAG,MAAM1B,MAAAA,CAAO6B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AACrD,oBAAA;AACA,gBAAA;gBAEI,OAAOL,MAAAA;AACX,YAAA,CAAA;AAEA;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;;;;;AAKd,gBAAA,OAAOT,OAAAA,CAAOiB,SAAS,CAACpB,cAAAA,CAAAA,CAAgBqB,MAAM,CAAC;oBAC7CC,IAAAA,EAAMV,MAAAA;oBACNW,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;;;AAKA,OACE,MAAMC,IAAAA,CAAAA,CAAKC,MAAM,EAAElB,MAAAA,GAAS,EAAE,EAAA;;;;;;gBAM5B,MAAMmB,KAAAA,GAAQ,MAAMvB,OAAAA,CAAOK,EAAE,CAC1BC,KAAK,CAACT,cAAAA,CAAAA,CACN2B,OAAO,CAAC;oBAAEjB,KAAAA,EAAO;wBAAEkB,EAAAA,EAAIH;AAAM,qBAAA;oBAAII,MAAAA,EAAQ;AAAC,wBAAA;AAAa;AAAA,iBAAA,CAAA;AAE1D,gBAAA,IAAI,CAACH,KAAAA,EAAO;oBACV,OAAO,IAAA;AACb,gBAAA;AAEI,gBAAA,OAAOvB,OAAAA,CAAOiB,SAAS,CAACpB,cAAAA,CAAAA,CAAgB8B,MAAM,CAAC;AAC7CC,oBAAAA,UAAAA,EAAYL,MAAMK,UAAU;oBAC5BT,IAAAA,EAAMf,MAAAA;oBACNgB,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;OAIES,KAAAA,CAAAA,CAAMJ,EAAE,EAAErB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQN,QAAO8B,GAAG,CAAC,gBAAgBC,SAAS,CAAClC,cAAAA,EAAgBO,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB2B,OAAO,CAAC;AAC7C,oBAAA,GAAGlB,KAAK;oBACRC,KAAAA,EAAO;wBACLyB,IAAAA,EAAM;AAAC,4BAAA;AAAEP,gCAAAA;AAAE,6BAAA;4BAAInB,KAAAA,CAAMC,KAAK,IAAI;AAAG;AACzC;AACA,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;AAGA,OACE0B,wBAAuBR,EAAE,EAAA;AACvB,gBAAA,OAAOzB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB2B,OAAO,CAAC;oBAAEjB,KAAAA,EAAO;AAAEkB,wBAAAA;AAAE,qBAAA;oBAAIL,QAAAA,EAAU;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;AACtF,YAAA,CAAA;AAEA;;;AAGA,OACEc,UAAS9B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQN,QAAO8B,GAAG,CAAC,gBAAgBC,SAAS,CAAClC,cAAAA,EAAgBO,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBsC,QAAQ,CAAC7B,KAAAA,CAAAA;AACpD,YAAA,CAAA;AAEA;;;OAIE,MAAM8B,QAAOhC,MAAM,EAAA;;AAEjB,gBAAA,MAAMH,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,gBAAA,IAAIG,kBAAkBA,cAAAA,CAAeoC,SAAS,CAAC,mBAAA,CAAA,IAAwBjC,MAAAA,CAAOqB,EAAE,EAAE;AAChF,oBAAA,MAAMxB,eAAe,mBAAA,CAAA,CAAqBqC,sBAAsB,CAACC,MAAAA,CAAOnC,OAAOqB,EAAE,CAAA,CAAA;AACvF,gBAAA;AAEI,gBAAA,OAAOzB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB2C,MAAM,CAAC;oBAAEjC,KAAAA,EAAOH;AAAM,iBAAA,CAAA;AACjE,YAAA,CAAA;YAEEqC,gBAAAA,CAAAA,CAAiBC,QAAQ,EAAE3B,IAAI,EAAA;gBAC7B,OAAO7B,MAAAA,CAAOyD,OAAO,CAACD,QAAAA,EAAU3B,IAAAA,CAAAA;AACpC,YAAA,CAAA;AAEE,YAAA,MAAM6B,uBAAsB1C,IAAI,EAAA;AAC9B,gBAAA,MAAM2C,wBAAwBlD,UAAAA,CAAW,mBAAA,CAAA;AACzC,gBAAA,MAAMmD,WAAAA,GAAc,MAAM9C,OAAAA,CAAO+C,KAAK,CAAC;oBAAElC,IAAAA,EAAM,QAAA;oBAAUmC,IAAAA,EAAM;AAAmB,iBAAA,CAAA;gBAClF,MAAMC,UAAAA,GAAajD,OAAAA,CAAOW,QAAQ,CAACd,cAAAA,CAAAA;AAEnC,gBAAA,MAAMqD,QAAAA,GAAW,MAAMJ,WAAAA,CACpBhB,GAAG,CAAC;oBAAElB,GAAAA,EAAK;mBACXuC,IAAI,CAAC,CAACC,aAAeA,UAAAA,CAAWC,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAMjE,QAAAA,CAASkE,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAAA,EAAQT,UAAAA;AACRtC,oBAAAA,QAAAA,EAAUX,OAAAA,CAAOW,QAAQ,CAACgD,IAAI,CAAC3D,OAAAA;iBACvC,EACME,IAAAA,CAAAA;AAGF,gBAAA,MAAM0D,oBAAoB5E,MAAAA,CAAO6E,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACzC,IAAI,CAACnB,IAAAA,CAAKuB,EAAE,EAAE;AAAEmC,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAAA,GAAY/D,OAAAA,CAAOgE,MAAM,CAAClC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFoB,QAAAA,CAASe,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAK/E,QACHY,OAAAA,CAAOgE,MAAM,CAAClC,GAAG,CAAC,uBAClBiC,SAAAA,EACA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAYpE,OAAAA,CAAOgE,MAAM,CAAClC,GAAG,CAAC,oBAAA,CAAA;AAC9BuC,wBAAAA,SAAAA,EAAWrE,OAAAA,CAAOgE,MAAM,CAAClC,GAAG,CAAC,mBAAA,CAAA;wBAC7BwC,IAAAA,EAAMf,iBAAAA;wBACNgB,IAAAA,EAAMX;AACd,qBAAA,CAAA;oBAEMV,QAAAA,CAASsB,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAAA,EAAMf;AACd,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAM,OAAM;oBACNvD,OAAAA,CAAOyE,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACN,gBAAA;;gBAGI,MAAM1E,OAAAA,CACH2E,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAI5E,KAAK6E,KAAK;oBACdC,IAAAA,EACE9B,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,SAAS8B,IAAI,CAAChC,IAAI,GACrC,CAAA,EAAGE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAC,GAChDE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"user.js","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\nmodule.exports = ({ strapi }) => ({\n /**\n * Promise to count users\n *\n * @return {Promise}\n */\n\n count(params) {\n return strapi.db.query(USER_MODEL_UID).count({ where: params });\n },\n\n /**\n * Hashes password fields in the provided values object if they are present.\n * It checks each key in the values object against the model's attributes and\n * hashes it if the attribute type is 'password',\n *\n * @param {object} values - The object containing the fields to be hashed.\n * @return {object} The values object with hashed password fields if they were present.\n */\n async ensureHashedPasswords(values) {\n const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n for (const key in values) {\n if (attributes[key] && attributes[key].type === 'password') {\n // Check if a custom encryption.rounds has been set on the password attribute\n const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n values[key] = await bcrypt.hash(values[key], rounds);\n }\n }\n\n return values;\n },\n\n /**\n * Promise to add a/an user.\n * @return {Promise}\n */\n async add(values) {\n // Use the Document Service so relation inputs accept both the internal\n // numeric id (legacy) and the documentId (v5 default) syntax, consistent\n // with every other content-type endpoint. The Document Service hashes\n // `password` attributes itself, so we must not pre-hash here.\n return strapi.documents(USER_MODEL_UID).create({\n data: values,\n populate: ['role'],\n });\n },\n\n /**\n * Promise to edit a/an user.\n * @param {string} userId\n * @param {object} params\n * @return {Promise}\n */\n async edit(userId, params = {}) {\n // The user is addressed by its numeric id (e.g. the `/users/:id` route),\n // but the Document Service updates by documentId. Resolve it first so the\n // relation inputs are processed by the Document Service, which accepts both\n // numeric ids (legacy) and documentIds (v5 default). The Document Service\n // hashes `password` attributes itself, so we must not pre-hash here.\n const entry = await strapi.db\n .query(USER_MODEL_UID)\n .findOne({ where: { id: userId }, select: ['documentId'] });\n\n if (!entry) {\n return null;\n }\n\n return strapi.documents(USER_MODEL_UID).update({\n documentId: entry.documentId,\n data: params,\n populate: ['role'],\n });\n },\n\n /**\n * Promise to fetch a/an user.\n * @return {Promise}\n */\n fetch(id, params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findOne({\n ...query,\n where: {\n $and: [{ id }, query.where || {}],\n },\n });\n },\n\n /**\n * Promise to fetch authenticated user.\n * @return {Promise}\n */\n fetchAuthenticatedUser(id) {\n return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n },\n\n /**\n * Promise to fetch all users.\n * @return {Promise}\n */\n fetchAll(params) {\n const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n return strapi.db.query(USER_MODEL_UID).findMany(query);\n },\n\n /**\n * Promise to remove a/an user.\n * @return {Promise}\n */\n async remove(params) {\n // Invalidate sessions for all affected users\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {\n await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));\n }\n\n return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n },\n\n validatePassword(password, hash) {\n return bcrypt.compare(password, hash);\n },\n\n async sendConfirmationEmail(user) {\n const userPermissionService = getService('users-permissions');\n const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n const userSchema = strapi.getModel(USER_MODEL_UID);\n\n const settings = await pluginStore\n .get({ key: 'email' })\n .then((storeEmail) => storeEmail.email_confirmation.options);\n\n // Sanitize the template's user information\n const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n {\n schema: userSchema,\n getModel: strapi.getModel.bind(strapi),\n },\n user\n );\n\n const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n await this.edit(user.id, { confirmationToken });\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n\n try {\n settings.message = await userPermissionService.template(settings.message, {\n URL: urlJoin(\n strapi.config.get('server.absoluteUrl'),\n apiPrefix,\n '/auth/email-confirmation'\n ),\n SERVER_URL: strapi.config.get('server.absoluteUrl'),\n ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n USER: sanitizedUserInfo,\n CODE: confirmationToken,\n });\n\n settings.object = await userPermissionService.template(settings.object, {\n USER: sanitizedUserInfo,\n });\n } catch {\n strapi.log.error(\n '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n );\n return;\n }\n\n // Send an email to the user.\n await strapi\n .plugin('email')\n .service('email')\n .send({\n to: user.email,\n from:\n settings.from.email && settings.from.name\n ? `${settings.from.name} <${settings.from.email}>`\n : undefined,\n replyTo: settings.response_email,\n subject: settings.object,\n text: settings.message,\n html: settings.message,\n });\n },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","getSessionManager","manager","strapi","sessionManager","user","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","documents","create","data","populate","edit","userId","entry","findOne","id","select","update","documentId","fetch","get","transform","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","hasOrigin","invalidateRefreshToken","String","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAAAA,GAASC,6BAAAA;AACf,IAAA,MAAMC,MAAAA,GAASC,6BAAAA;AACf,IAAA,MAAMC,OAAAA,GAAUC,2BAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,2BAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,2BAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAAA,GAAiB,gCAAA;AAEvB,IAAA,MAAMC,iBAAAA,GAAoB,IAAA;QACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,QAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,IAAA,CAAA;AAEAG,IAAAA,IAAAA,GAAiB,CAAC,EAAEF,MAAAA,EAAAA,OAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEG,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBM,KAAK,CAAC;oBAAEI,KAAAA,EAAOH;AAAM,iBAAA,CAAA;AAChE,YAAA,CAAA;AAEA;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAAA,GAAaV,OAAAA,CAAOW,QAAQ,CAACd,gBAAgBa,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAAA,CAAQ;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAAA,CAAI,CAACC,IAAI,KAAK,UAAA,EAAY;;AAE1D,wBAAA,MAAMC,SAAStB,QAAAA,CAASC,KAAAA,CAAM,IAAI,mBAAA,EAAqBiB,UAAU,CAACE,GAAAA,CAAI,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAAA,CAAI,GAAG,MAAM1B,MAAAA,CAAO6B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AACrD,oBAAA;AACA,gBAAA;gBAEI,OAAOL,MAAAA;AACX,YAAA,CAAA;AAEA;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;;;;;AAKd,gBAAA,OAAOT,OAAAA,CAAOiB,SAAS,CAACpB,cAAAA,CAAAA,CAAgBqB,MAAM,CAAC;oBAC7CC,IAAAA,EAAMV,MAAAA;oBACNW,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;;;AAKA,OACE,MAAMC,IAAAA,CAAAA,CAAKC,MAAM,EAAElB,MAAAA,GAAS,EAAE,EAAA;;;;;;gBAM5B,MAAMmB,KAAAA,GAAQ,MAAMvB,OAAAA,CAAOK,EAAE,CAC1BC,KAAK,CAACT,cAAAA,CAAAA,CACN2B,OAAO,CAAC;oBAAEjB,KAAAA,EAAO;wBAAEkB,EAAAA,EAAIH;AAAM,qBAAA;oBAAII,MAAAA,EAAQ;AAAC,wBAAA;AAAa;AAAA,iBAAA,CAAA;AAE1D,gBAAA,IAAI,CAACH,KAAAA,EAAO;oBACV,OAAO,IAAA;AACb,gBAAA;AAEI,gBAAA,OAAOvB,OAAAA,CAAOiB,SAAS,CAACpB,cAAAA,CAAAA,CAAgB8B,MAAM,CAAC;AAC7CC,oBAAAA,UAAAA,EAAYL,MAAMK,UAAU;oBAC5BT,IAAAA,EAAMf,MAAAA;oBACNgB,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;OAIES,KAAAA,CAAAA,CAAMJ,EAAE,EAAErB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQN,QAAO8B,GAAG,CAAC,gBAAgBC,SAAS,CAAClC,cAAAA,EAAgBO,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB2B,OAAO,CAAC;AAC7C,oBAAA,GAAGlB,KAAK;oBACRC,KAAAA,EAAO;wBACLyB,IAAAA,EAAM;AAAC,4BAAA;AAAEP,gCAAAA;AAAE,6BAAA;4BAAInB,KAAAA,CAAMC,KAAK,IAAI;AAAG;AACzC;AACA,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;AAGA,OACE0B,wBAAuBR,EAAE,EAAA;AACvB,gBAAA,OAAOzB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB2B,OAAO,CAAC;oBAAEjB,KAAAA,EAAO;AAAEkB,wBAAAA;AAAE,qBAAA;oBAAIL,QAAAA,EAAU;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;AACtF,YAAA,CAAA;AAEA;;;AAGA,OACEc,UAAS9B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQN,QAAO8B,GAAG,CAAC,gBAAgBC,SAAS,CAAClC,cAAAA,EAAgBO,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBsC,QAAQ,CAAC7B,KAAAA,CAAAA;AACpD,YAAA,CAAA;AAEA;;;OAIE,MAAM8B,QAAOhC,MAAM,EAAA;;AAEjB,gBAAA,MAAMH,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,gBAAA,IAAIG,kBAAkBA,cAAAA,CAAeoC,SAAS,CAAC,mBAAA,CAAA,IAAwBjC,MAAAA,CAAOqB,EAAE,EAAE;AAChF,oBAAA,MAAMxB,eAAe,mBAAA,CAAA,CAAqBqC,sBAAsB,CAACC,MAAAA,CAAOnC,OAAOqB,EAAE,CAAA,CAAA;AACvF,gBAAA;AAEI,gBAAA,OAAOzB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB2C,MAAM,CAAC;oBAAEjC,KAAAA,EAAOH;AAAM,iBAAA,CAAA;AACjE,YAAA,CAAA;YAEEqC,gBAAAA,CAAAA,CAAiBC,QAAQ,EAAE3B,IAAI,EAAA;gBAC7B,OAAO7B,MAAAA,CAAOyD,OAAO,CAACD,QAAAA,EAAU3B,IAAAA,CAAAA;AACpC,YAAA,CAAA;AAEE,YAAA,MAAM6B,uBAAsB1C,IAAI,EAAA;AAC9B,gBAAA,MAAM2C,wBAAwBlD,UAAAA,CAAW,mBAAA,CAAA;AACzC,gBAAA,MAAMmD,WAAAA,GAAc,MAAM9C,OAAAA,CAAO+C,KAAK,CAAC;oBAAElC,IAAAA,EAAM,QAAA;oBAAUmC,IAAAA,EAAM;AAAmB,iBAAA,CAAA;gBAClF,MAAMC,UAAAA,GAAajD,OAAAA,CAAOW,QAAQ,CAACd,cAAAA,CAAAA;AAEnC,gBAAA,MAAMqD,QAAAA,GAAW,MAAMJ,WAAAA,CACpBhB,GAAG,CAAC;oBAAElB,GAAAA,EAAK;mBACXuC,IAAI,CAAC,CAACC,aAAeA,UAAAA,CAAWC,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAMjE,QAAAA,CAASkE,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAAA,EAAQT,UAAAA;AACRtC,oBAAAA,QAAAA,EAAUX,OAAAA,CAAOW,QAAQ,CAACgD,IAAI,CAAC3D,OAAAA;iBACvC,EACME,IAAAA,CAAAA;AAGF,gBAAA,MAAM0D,oBAAoB5E,MAAAA,CAAO6E,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACzC,IAAI,CAACnB,IAAAA,CAAKuB,EAAE,EAAE;AAAEmC,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAAA,GAAY/D,OAAAA,CAAOgE,MAAM,CAAClC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFoB,QAAAA,CAASe,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAK/E,QACHY,OAAAA,CAAOgE,MAAM,CAAClC,GAAG,CAAC,uBAClBiC,SAAAA,EACA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAYpE,OAAAA,CAAOgE,MAAM,CAAClC,GAAG,CAAC,oBAAA,CAAA;AAC9BuC,wBAAAA,SAAAA,EAAWrE,OAAAA,CAAOgE,MAAM,CAAClC,GAAG,CAAC,mBAAA,CAAA;wBAC7BwC,IAAAA,EAAMf,iBAAAA;wBACNgB,IAAAA,EAAMX;AACd,qBAAA,CAAA;oBAEMV,QAAAA,CAASsB,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAAA,EAAMf;AACd,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAM,OAAM;oBACNvD,OAAAA,CAAOyE,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACN,gBAAA;;gBAGI,MAAM1E,OAAAA,CACH2E,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAI5E,KAAK6E,KAAK;oBACdC,IAAAA,EACE9B,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,SAAS8B,IAAI,CAAChC,IAAI,GACrC,CAAA,EAAGE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAC,GAChDE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/services/users-permissions.js CHANGED
@@ -6,15 +6,22 @@ var require$$2 = require('url-join');
6
6
  var require$$1 = require('@strapi/utils');
7
7
  var index = require('../utils/index.js');
8
8
 
9
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
10
+
11
+ var require$$0__default$1 = /*#__PURE__*/_interopDefault(require$$0$1);
12
+ var require$$0__default = /*#__PURE__*/_interopDefault(require$$0);
13
+ var require$$2__default = /*#__PURE__*/_interopDefault(require$$2);
14
+ var require$$1__default = /*#__PURE__*/_interopDefault(require$$1);
15
+
9
16
  var usersPermissions;
10
17
  var hasRequiredUsersPermissions;
11
18
  function requireUsersPermissions() {
12
19
  if (hasRequiredUsersPermissions) return usersPermissions;
13
20
  hasRequiredUsersPermissions = 1;
14
- const _ = require$$0$1;
15
- const { filter, map, pipe, prop } = require$$0;
16
- const urlJoin = require$$2;
17
- const { template: { createStrictInterpolationRegExp }, errors, objects, sanitizeRoutesMapForSerialization } = require$$1;
21
+ const _ = require$$0__default$1.default;
22
+ const { filter, map, pipe, prop } = require$$0__default.default;
23
+ const urlJoin = require$$2__default.default;
24
+ const { template: { createStrictInterpolationRegExp }, errors, objects, sanitizeRoutesMapForSerialization } = require$$1__default.default;
18
25
  const { getService } = index.__require();
19
26
  const DEFAULT_PERMISSIONS = [
20
27
  {
package/dist/server/services/users-permissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"users-permissions.js","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,YAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,UAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;;AACzC,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;;AAC/C,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAE,CACbC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAE,CACbC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;AAAE,iBAAA,CAAA;AACtD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;uBAASf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
1
+ {"version":3,"file":"users-permissions.js","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,6BAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,2BAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,2BAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,2BAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;;AACzC,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;;AAC/C,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAE,CACbC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAE,CACbC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;AAAE,iBAAA,CAAA;AACtD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;uBAASf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
package/dist/server/strategies/users-permissions.js CHANGED
@@ -4,13 +4,18 @@ var require$$0 = require('lodash/fp');
4
4
  var require$$1 = require('@strapi/utils');
5
5
  var index = require('../utils/index.js');
6
6
 
7
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
8
+
9
+ var require$$0__default = /*#__PURE__*/_interopDefault(require$$0);
10
+ var require$$1__default = /*#__PURE__*/_interopDefault(require$$1);
11
+
7
12
  var usersPermissions;
8
13
  var hasRequiredUsersPermissions;
9
14
  function requireUsersPermissions() {
10
15
  if (hasRequiredUsersPermissions) return usersPermissions;
11
16
  hasRequiredUsersPermissions = 1;
12
- const { castArray, map, every, pipe } = require$$0;
13
- const { ForbiddenError, UnauthorizedError } = require$$1.errors;
17
+ const { castArray, map, every, pipe } = require$$0__default.default;
18
+ const { ForbiddenError, UnauthorizedError } = require$$1__default.default.errors;
14
19
  const { getService } = index.__require();
15
20
  const getAdvancedSettings = ()=>{
16
21
  return strapi.store({
package/dist/server/strategies/users-permissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"users-permissions.js","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,WAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;gBACT,MAAM,EAAEE,EAAE,EAAE,GAAGF,KAAAA;;AAGf,gBAAA,IAAIE,OAAOC,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;;AAChC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMhB,UAAAA,CAAW,MAAA,CAAA,CAAQiB,sBAAsB,CAACJ,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACG,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;;AACxB,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMjB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIiB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACb,EAAE,CAAA,CACnDc,IAAI,CAAC3B,UAAAA,CAAW,cAAc4B,mBAAmB,CAAA,CACjDD,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Eb,GAAAA,CAAIwB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;gBAEjB,OAAO;oBACLD,aAAAA,EAAe,IAAA;oBACfoB,WAAAA,EAAanB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMM,iBAAAA,GAAoB,MAAMpC,UAAAA,CAAW,YAAA,CAAA,CACxCqC,qBAAqB,EAAA,CACrBV,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;YAE3D,IAAIO,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAEvB,aAAAA,EAAe;;AAC9B,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACG,iBAAAA,CAAAA;YAE3E,OAAO;gBACLrB,aAAAA,EAAe,IAAA;gBACfoB,WAAAA,EAAa,IAAA;AACbL,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOS,GAAAA,EAAK;YACZ,OAAO;gBAAExB,aAAAA,EAAe;;AAC5B,QAAA;AACA,IAAA,CAAA;IAEA,MAAMyB,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAanB,IAAI,EAAEc,OAAO,EAAE,GAAGW,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC3B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAInB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACiC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIjC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAM+C,SAAAA,GAAYlD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACkD,KAAAA,GAAUb,OAAAA,CAAQe,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIhD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAkD,gBAAAA,GAAiB;QACfxC,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACA+B,QAAAA;AACF,KAAA;;;;;;"}
1
+ {"version":3,"file":"users-permissions.js","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,2BAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,4BAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;gBACT,MAAM,EAAEE,EAAE,EAAE,GAAGF,KAAAA;;AAGf,gBAAA,IAAIE,OAAOC,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;;AAChC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMhB,UAAAA,CAAW,MAAA,CAAA,CAAQiB,sBAAsB,CAACJ,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACG,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;;AACxB,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMjB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIiB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACb,EAAE,CAAA,CACnDc,IAAI,CAAC3B,UAAAA,CAAW,cAAc4B,mBAAmB,CAAA,CACjDD,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Eb,GAAAA,CAAIwB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;gBAEjB,OAAO;oBACLD,aAAAA,EAAe,IAAA;oBACfoB,WAAAA,EAAanB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMM,iBAAAA,GAAoB,MAAMpC,UAAAA,CAAW,YAAA,CAAA,CACxCqC,qBAAqB,EAAA,CACrBV,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;YAE3D,IAAIO,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAEvB,aAAAA,EAAe;;AAC9B,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACG,iBAAAA,CAAAA;YAE3E,OAAO;gBACLrB,aAAAA,EAAe,IAAA;gBACfoB,WAAAA,EAAa,IAAA;AACbL,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOS,GAAAA,EAAK;YACZ,OAAO;gBAAExB,aAAAA,EAAe;;AAC5B,QAAA;AACA,IAAA,CAAA;IAEA,MAAMyB,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAanB,IAAI,EAAEc,OAAO,EAAE,GAAGW,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC3B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAInB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACiC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIjC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAM+C,SAAAA,GAAYlD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACkD,KAAAA,GAAUb,OAAAA,CAAQe,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIhD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAkD,gBAAAA,GAAiB;QACfxC,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACA+B,QAAAA;AACF,KAAA;;;;;;"}
package/dist/server/utils/index.js CHANGED
@@ -3,12 +3,16 @@
3
3
  var require$$0 = require('crypto');
4
4
  var index = require('./sanitize/index.js');
5
5
 
6
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
7
+
8
+ var require$$0__default = /*#__PURE__*/_interopDefault(require$$0);
9
+
6
10
  var utils;
7
11
  var hasRequiredUtils;
8
12
  function requireUtils() {
9
13
  if (hasRequiredUtils) return utils;
10
14
  hasRequiredUtils = 1;
11
- const crypto = require$$0;
15
+ const crypto = require$$0__default.default;
12
16
  const sanitize = index.__require();
13
17
  const MAX_USERNAME_ATTEMPTS = 10;
14
18
  const getService = (name)=>{
package/dist/server/utils/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sources":["../../../server/utils/index.js"],"sourcesContent":["'use strict';\n\nconst crypto = require('crypto');\nconst sanitize = require('./sanitize');\n\nconst MAX_USERNAME_ATTEMPTS = 10;\n\nconst getService = (name) => {\n return strapi.plugin('users-permissions').service(name);\n};\n\nconst isUsernameTaken = async (username) => {\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n return Boolean(user);\n};\n\nconst findValidUsername = async (basename) => {\n const minLength =\n strapi.getModel('plugin::users-permissions.user')?.attributes?.username?.minLength ?? 3;\n const tryBasenameFirst = basename.length >= minLength;\n\n let attempt = 0;\n let candidate;\n let taken;\n do {\n candidate =\n attempt === 0 && tryBasenameFirst ? basename : `${basename}${crypto.randomInt(1000, 9999)}`;\n taken = await isUsernameTaken(candidate);\n attempt += 1;\n } while (taken && attempt <= MAX_USERNAME_ATTEMPTS);\n\n return taken ? crypto.randomUUID() : candidate;\n};\n\nmodule.exports = {\n getService,\n isUsernameTaken,\n findValidUsername,\n sanitize,\n};\n"],"names":["crypto","require$$0","sanitize","require$$1","MAX_USERNAME_ATTEMPTS","getService","name","strapi","plugin","service","isUsernameTaken","username","user","db","query","findOne","where","Boolean","findValidUsername","basename","minLength","getModel","attributes","tryBasenameFirst","length","attempt","candidate","taken","randomInt","randomUUID","utils"],"mappings":";;;;;;;;;;AAEA,IAAA,MAAMA,MAAAA,GAASC,UAAAA;AACf,IAAA,MAAMC,QAAAA,GAAWC,eAAAA,EAAAA;AAEjB,IAAA,MAAMC,qBAAAA,GAAwB,EAAA;AAE9B,IAAA,MAAMC,aAAa,CAACC,IAAAA,GAAAA;AAClB,QAAA,OAAOC,MAAAA,CAAOC,MAAM,CAAC,mBAAA,CAAA,CAAqBC,OAAO,CAACH,IAAAA,CAAAA;AACpD,IAAA,CAAA;AAEA,IAAA,MAAMI,kBAAkB,OAAOC,QAAAA,GAAAA;QAC7B,MAAMC,IAAAA,GAAO,MAAML,MAAAA,CAAOM,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;YAAEC,KAAAA,EAAO;AAAEL,gBAAAA;AAAQ;AAAE,SAAA,CAAA;AAChC,QAAA,OAAOM,OAAAA,CAAQL,IAAAA,CAAAA;AACjB,IAAA,CAAA;AAEA,IAAA,MAAMM,oBAAoB,OAAOC,QAAAA,GAAAA;AAC/B,QAAA,MAAMC,YACJb,MAAAA,CAAOc,QAAQ,CAAC,gCAAA,CAAA,EAAmCC,UAAAA,EAAYX,UAAUS,SAAAA,IAAa,CAAA;QACxF,MAAMG,gBAAAA,GAAmBJ,QAAAA,CAASK,MAAM,IAAIJ,SAAAA;AAE5C,QAAA,IAAIK,OAAAA,GAAU,CAAA;QACd,IAAIC,SAAAA;QACJ,IAAIC,KAAAA;QACJ,GAAG;YACDD,SAAAA,GACED,OAAAA,KAAY,CAAA,IAAKF,gBAAAA,GAAmBJ,QAAAA,GAAW,CAAA,EAAGA,WAAWnB,MAAAA,CAAO4B,SAAS,CAAC,IAAA,EAAM,IAAA,CAAA,CAAA,CAAO;AAC7FD,YAAAA,KAAAA,GAAQ,MAAMjB,eAAAA,CAAgBgB,SAAAA,CAAAA;YAC9BD,OAAAA,IAAW,CAAA;QACf,CAAA,OAAWE,KAAAA,IAASF,WAAWrB,qBAAAA;QAE7B,OAAOuB,KAAAA,GAAQ3B,MAAAA,CAAO6B,UAAU,EAAA,GAAKH,SAAAA;AACvC,IAAA,CAAA;IAEAI,KAAAA,GAAiB;AACfzB,QAAAA,UAAAA;AACAK,QAAAA,eAAAA;AACAQ,QAAAA,iBAAAA;AACAhB,QAAAA;AACF,KAAA;;;;;;"}
1
+ {"version":3,"file":"index.js","sources":["../../../server/utils/index.js"],"sourcesContent":["'use strict';\n\nconst crypto = require('crypto');\nconst sanitize = require('./sanitize');\n\nconst MAX_USERNAME_ATTEMPTS = 10;\n\nconst getService = (name) => {\n return strapi.plugin('users-permissions').service(name);\n};\n\nconst isUsernameTaken = async (username) => {\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { username } });\n return Boolean(user);\n};\n\nconst findValidUsername = async (basename) => {\n const minLength =\n strapi.getModel('plugin::users-permissions.user')?.attributes?.username?.minLength ?? 3;\n const tryBasenameFirst = basename.length >= minLength;\n\n let attempt = 0;\n let candidate;\n let taken;\n do {\n candidate =\n attempt === 0 && tryBasenameFirst ? basename : `${basename}${crypto.randomInt(1000, 9999)}`;\n taken = await isUsernameTaken(candidate);\n attempt += 1;\n } while (taken && attempt <= MAX_USERNAME_ATTEMPTS);\n\n return taken ? crypto.randomUUID() : candidate;\n};\n\nmodule.exports = {\n getService,\n isUsernameTaken,\n findValidUsername,\n sanitize,\n};\n"],"names":["crypto","require$$0","sanitize","require$$1","MAX_USERNAME_ATTEMPTS","getService","name","strapi","plugin","service","isUsernameTaken","username","user","db","query","findOne","where","Boolean","findValidUsername","basename","minLength","getModel","attributes","tryBasenameFirst","length","attempt","candidate","taken","randomInt","randomUUID","utils"],"mappings":";;;;;;;;;;;;;;AAEA,IAAA,MAAMA,MAAAA,GAASC,2BAAAA;AACf,IAAA,MAAMC,QAAAA,GAAWC,eAAAA,EAAAA;AAEjB,IAAA,MAAMC,qBAAAA,GAAwB,EAAA;AAE9B,IAAA,MAAMC,aAAa,CAACC,IAAAA,GAAAA;AAClB,QAAA,OAAOC,MAAAA,CAAOC,MAAM,CAAC,mBAAA,CAAA,CAAqBC,OAAO,CAACH,IAAAA,CAAAA;AACpD,IAAA,CAAA;AAEA,IAAA,MAAMI,kBAAkB,OAAOC,QAAAA,GAAAA;QAC7B,MAAMC,IAAAA,GAAO,MAAML,MAAAA,CAAOM,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;YAAEC,KAAAA,EAAO;AAAEL,gBAAAA;AAAQ;AAAE,SAAA,CAAA;AAChC,QAAA,OAAOM,OAAAA,CAAQL,IAAAA,CAAAA;AACjB,IAAA,CAAA;AAEA,IAAA,MAAMM,oBAAoB,OAAOC,QAAAA,GAAAA;AAC/B,QAAA,MAAMC,YACJb,MAAAA,CAAOc,QAAQ,CAAC,gCAAA,CAAA,EAAmCC,UAAAA,EAAYX,UAAUS,SAAAA,IAAa,CAAA;QACxF,MAAMG,gBAAAA,GAAmBJ,QAAAA,CAASK,MAAM,IAAIJ,SAAAA;AAE5C,QAAA,IAAIK,OAAAA,GAAU,CAAA;QACd,IAAIC,SAAAA;QACJ,IAAIC,KAAAA;QACJ,GAAG;YACDD,SAAAA,GACED,OAAAA,KAAY,CAAA,IAAKF,gBAAAA,GAAmBJ,QAAAA,GAAW,CAAA,EAAGA,WAAWnB,MAAAA,CAAO4B,SAAS,CAAC,IAAA,EAAM,IAAA,CAAA,CAAA,CAAO;AAC7FD,YAAAA,KAAAA,GAAQ,MAAMjB,eAAAA,CAAgBgB,SAAAA,CAAAA;YAC9BD,OAAAA,IAAW,CAAA;QACf,CAAA,OAAWE,KAAAA,IAASF,WAAWrB,qBAAAA;QAE7B,OAAOuB,KAAAA,GAAQ3B,MAAAA,CAAO6B,UAAU,EAAA,GAAKH,SAAAA;AACvC,IAAA,CAAA;IAEAI,KAAAA,GAAiB;AACfzB,QAAAA,UAAAA;AACAK,QAAAA,eAAAA;AACAQ,QAAAA,iBAAAA;AACAhB,QAAAA;AACF,KAAA;;;;;;"}
package/dist/server/utils/sanitize/sanitizers.js CHANGED
@@ -4,13 +4,18 @@ var require$$0 = require('lodash/fp');
4
4
  var require$$1 = require('@strapi/utils');
5
5
  var index = require('./visitors/index.js');
6
6
 
7
+ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
8
+
9
+ var require$$0__default = /*#__PURE__*/_interopDefault(require$$0);
10
+ var require$$1__default = /*#__PURE__*/_interopDefault(require$$1);
11
+
7
12
  var sanitizers;
8
13
  var hasRequiredSanitizers;
9
14
  function requireSanitizers() {
10
15
  if (hasRequiredSanitizers) return sanitizers;
11
16
  hasRequiredSanitizers = 1;
12
- const { curry } = require$$0;
13
- const { traverseEntity, async } = require$$1;
17
+ const { curry } = require$$0__default.default;
18
+ const { traverseEntity, async } = require$$1__default.default;
14
19
  const { removeUserRelationFromRoleEntities } = index.__require();
15
20
  const sanitizeUserRelationFromRoleEntities = curry((schema, entity)=>{
16
21
  return traverseEntity(removeUserRelationFromRoleEntities, {
package/dist/server/utils/sanitize/sanitizers.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sanitizers.js","sources":["../../../../server/utils/sanitize/sanitizers.js"],"sourcesContent":["'use strict';\n\nconst { curry } = require('lodash/fp');\nconst { traverseEntity, async } = require('@strapi/utils');\n\nconst { removeUserRelationFromRoleEntities } = require('./visitors');\n\nconst sanitizeUserRelationFromRoleEntities = curry((schema, entity) => {\n return traverseEntity(\n removeUserRelationFromRoleEntities,\n { schema, getModel: strapi.getModel.bind(strapi) },\n entity\n );\n});\n\nconst defaultSanitizeOutput = curry((schema, entity) => {\n return async.pipe(sanitizeUserRelationFromRoleEntities(schema))(entity);\n});\n\nmodule.exports = {\n sanitizeUserRelationFromRoleEntities,\n defaultSanitizeOutput,\n};\n"],"names":["curry","require$$0","traverseEntity","async","require$$1","removeUserRelationFromRoleEntities","require$$2","sanitizeUserRelationFromRoleEntities","schema","entity","getModel","strapi","bind","defaultSanitizeOutput","pipe","sanitizers"],"mappings":";;;;;;;;;;;IAEA,MAAM,EAAEA,KAAK,EAAE,GAAGC,UAAAA;AAClB,IAAA,MAAM,EAAEC,cAAc,EAAEC,KAAK,EAAE,GAAGC,UAAAA;IAElC,MAAM,EAAEC,kCAAkC,EAAE,GAAGC,eAAAA,EAAAA;IAE/C,MAAMC,oCAAAA,GAAuCP,KAAAA,CAAM,CAACQ,MAAAA,EAAQC,MAAAA,GAAAA;AAC1D,QAAA,OAAOP,eACLG,kCAAAA,EACA;AAAEG,YAAAA,MAAAA;AAAQE,YAAAA,QAAAA,EAAUC,MAAAA,CAAOD,QAAQ,CAACE,IAAI,CAACD,MAAAA;SAAO,EAChDF,MAAAA,CAAAA;AAEJ,IAAA,CAAA,CAAA;IAEA,MAAMI,qBAAAA,GAAwBb,KAAAA,CAAM,CAACQ,MAAAA,EAAQC,MAAAA,GAAAA;AAC3C,QAAA,OAAON,KAAAA,CAAMW,IAAI,CAACP,oCAAAA,CAAqCC,MAAAA,CAAAA,CAAAA,CAASC,MAAAA,CAAAA;AAClE,IAAA,CAAA,CAAA;IAEAM,UAAAA,GAAiB;AACfR,QAAAA,oCAAAA;AACAM,QAAAA;AACF,KAAA;;;;;;"}
1
+ {"version":3,"file":"sanitizers.js","sources":["../../../../server/utils/sanitize/sanitizers.js"],"sourcesContent":["'use strict';\n\nconst { curry } = require('lodash/fp');\nconst { traverseEntity, async } = require('@strapi/utils');\n\nconst { removeUserRelationFromRoleEntities } = require('./visitors');\n\nconst sanitizeUserRelationFromRoleEntities = curry((schema, entity) => {\n return traverseEntity(\n removeUserRelationFromRoleEntities,\n { schema, getModel: strapi.getModel.bind(strapi) },\n entity\n );\n});\n\nconst defaultSanitizeOutput = curry((schema, entity) => {\n return async.pipe(sanitizeUserRelationFromRoleEntities(schema))(entity);\n});\n\nmodule.exports = {\n sanitizeUserRelationFromRoleEntities,\n defaultSanitizeOutput,\n};\n"],"names":["curry","require$$0","traverseEntity","async","require$$1","removeUserRelationFromRoleEntities","require$$2","sanitizeUserRelationFromRoleEntities","schema","entity","getModel","strapi","bind","defaultSanitizeOutput","pipe","sanitizers"],"mappings":";;;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,KAAK,EAAE,GAAGC,2BAAAA;AAClB,IAAA,MAAM,EAAEC,cAAc,EAAEC,KAAK,EAAE,GAAGC,2BAAAA;IAElC,MAAM,EAAEC,kCAAkC,EAAE,GAAGC,eAAAA,EAAAA;IAE/C,MAAMC,oCAAAA,GAAuCP,KAAAA,CAAM,CAACQ,MAAAA,EAAQC,MAAAA,GAAAA;AAC1D,QAAA,OAAOP,eACLG,kCAAAA,EACA;AAAEG,YAAAA,MAAAA;AAAQE,YAAAA,QAAAA,EAAUC,MAAAA,CAAOD,QAAQ,CAACE,IAAI,CAACD,MAAAA;SAAO,EAChDF,MAAAA,CAAAA;AAEJ,IAAA,CAAA,CAAA;IAEA,MAAMI,qBAAAA,GAAwBb,KAAAA,CAAM,CAACQ,MAAAA,EAAQC,MAAAA,GAAAA;AAC3C,QAAA,OAAON,KAAAA,CAAMW,IAAI,CAACP,oCAAAA,CAAqCC,MAAAA,CAAAA,CAAAA,CAASC,MAAAA,CAAAA;AAClE,IAAA,CAAA,CAAA;IAEAM,UAAAA,GAAiB;AACfR,QAAAA,oCAAAA;AACAM,QAAAA;AACF,KAAA;;;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@strapi/plugin-users-permissions",
3
- "version": "5.48.1",
3
+ "version": "5.49.0",
4
4
  "description": "Protect your API with a full-authentication process based on JWT",
5
5
  "homepage": "https://strapi.io",
6
6
  "bugs": {
@@ -55,7 +55,7 @@
55
55
  "dependencies": {
56
56
  "@strapi/design-system": "2.2.0",
57
57
  "@strapi/icons": "2.2.0",
58
- "@strapi/utils": "5.48.1",
58
+ "@strapi/utils": "5.49.0",
59
59
  "bcryptjs": "2.4.3",
60
60
  "formik": "2.4.5",
61
61
  "grant": "5.4.24",
@@ -75,7 +75,7 @@
75
75
  "zod": "3.25.67"
76
76
  },
77
77
  "devDependencies": {
78
- "@strapi/strapi": "5.48.1",
78
+ "@strapi/strapi": "5.49.0",
79
79
  "@testing-library/dom": "10.4.1",
80
80
  "@testing-library/react": "16.3.2",
81
81
  "@testing-library/user-event": "14.6.1",