@strapi/plugin-users-permissions 5.48.1 → 5.50.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.eslintrc.cjs +1 -0
- package/admin/src/pages/AdvancedSettings/index.jsx +1 -1
- package/admin/src/pages/Roles/pages/ListPage/index.jsx +1 -1
- package/admin/src/translations/ja.json +46 -7
- package/dist/admin/components/BoundRoute/index.js +12 -6
- package/dist/admin/components/BoundRoute/index.js.map +1 -1
- package/dist/admin/components/FormModal/Input/index.js +25 -21
- package/dist/admin/components/FormModal/Input/index.js.map +1 -1
- package/dist/admin/components/FormModal/index.js +14 -10
- package/dist/admin/components/FormModal/index.js.map +1 -1
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.js +8 -3
- package/dist/admin/components/Permissions/PermissionRow/SubCategory.js.map +1 -1
- package/dist/admin/components/Permissions/PermissionRow/index.js +9 -4
- package/dist/admin/components/Permissions/PermissionRow/index.js.map +1 -1
- package/dist/admin/components/Policies/index.js +9 -3
- package/dist/admin/components/Policies/index.js.map +1 -1
- package/dist/admin/components/UsersPermissions/index.js +6 -2
- package/dist/admin/components/UsersPermissions/index.js.map +1 -1
- package/dist/admin/components/UsersPermissions/reducer.js +10 -4
- package/dist/admin/components/UsersPermissions/reducer.js.map +1 -1
- package/dist/admin/contexts/UsersPermissionsContext/index.js +6 -2
- package/dist/admin/contexts/UsersPermissionsContext/index.js.map +1 -1
- package/dist/admin/pages/AdvancedSettings/index.js +1 -1
- package/dist/admin/pages/AdvancedSettings/index.js.map +1 -1
- package/dist/admin/pages/AdvancedSettings/index.mjs +1 -1
- package/dist/admin/pages/AdvancedSettings/index.mjs.map +1 -1
- package/dist/admin/pages/AdvancedSettings/utils/schema.js +3 -2
- package/dist/admin/pages/AdvancedSettings/utils/schema.js.map +1 -1
- package/dist/admin/pages/EmailTemplates/components/EmailForm.js +17 -13
- package/dist/admin/pages/EmailTemplates/components/EmailForm.js.map +1 -1
- package/dist/admin/pages/EmailTemplates/components/EmailTable.js +6 -2
- package/dist/admin/pages/EmailTemplates/components/EmailTable.js.map +1 -1
- package/dist/admin/pages/EmailTemplates/index.js +3 -2
- package/dist/admin/pages/EmailTemplates/index.js.map +1 -1
- package/dist/admin/pages/EmailTemplates/utils/schema.js +3 -2
- package/dist/admin/pages/EmailTemplates/utils/schema.js.map +1 -1
- package/dist/admin/pages/Providers/index.js +7 -3
- package/dist/admin/pages/Providers/index.js.map +1 -1
- package/dist/admin/pages/Providers/utils/forms.js +3 -2
- package/dist/admin/pages/Providers/utils/forms.js.map +1 -1
- package/dist/admin/pages/Roles/constants.js +3 -2
- package/dist/admin/pages/Roles/constants.js.map +1 -1
- package/dist/admin/pages/Roles/pages/CreatePage.js +3 -2
- package/dist/admin/pages/Roles/pages/CreatePage.js.map +1 -1
- package/dist/admin/pages/Roles/pages/EditPage.js +3 -2
- package/dist/admin/pages/Roles/pages/EditPage.js.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js +9 -5
- package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.js +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -1
- package/dist/admin/translations/ja.json.js +46 -7
- package/dist/admin/translations/ja.json.js.map +1 -1
- package/dist/admin/translations/ja.json.mjs +46 -7
- package/dist/admin/translations/ja.json.mjs.map +1 -1
- package/dist/admin/utils/cleanPermissions.js +6 -2
- package/dist/admin/utils/cleanPermissions.js.map +1 -1
- package/dist/admin/utils/formatPluginName.js +5 -1
- package/dist/admin/utils/formatPluginName.js.map +1 -1
- package/dist/server/bootstrap/index.js +7 -2
- package/dist/server/bootstrap/index.js.map +1 -1
- package/dist/server/controllers/auth.js +144 -117
- package/dist/server/controllers/auth.js.map +1 -1
- package/dist/server/controllers/auth.mjs +132 -113
- package/dist/server/controllers/auth.mjs.map +1 -1
- package/dist/server/controllers/content-manager-user.js +8 -3
- package/dist/server/controllers/content-manager-user.js.map +1 -1
- package/dist/server/controllers/permissions.js +5 -1
- package/dist/server/controllers/permissions.js.map +1 -1
- package/dist/server/controllers/role.js +7 -2
- package/dist/server/controllers/role.js.map +1 -1
- package/dist/server/controllers/settings.js +7 -2
- package/dist/server/controllers/settings.js.map +1 -1
- package/dist/server/controllers/user.js +7 -2
- package/dist/server/controllers/user.js.map +1 -1
- package/dist/server/controllers/validation/auth.js +5 -1
- package/dist/server/controllers/validation/auth.js.map +1 -1
- package/dist/server/controllers/validation/email-template.js +7 -2
- package/dist/server/controllers/validation/email-template.js.map +1 -1
- package/dist/server/controllers/validation/user.js +21 -10
- package/dist/server/controllers/validation/user.js.map +1 -1
- package/dist/server/controllers/validation/user.mjs +16 -9
- package/dist/server/controllers/validation/user.mjs.map +1 -1
- package/dist/server/graphql/mutations/auth/change-password.js +5 -1
- package/dist/server/graphql/mutations/auth/change-password.js.map +1 -1
- package/dist/server/graphql/mutations/auth/email-confirmation.js +5 -1
- package/dist/server/graphql/mutations/auth/email-confirmation.js.map +1 -1
- package/dist/server/graphql/mutations/auth/forgot-password.js +5 -1
- package/dist/server/graphql/mutations/auth/forgot-password.js.map +1 -1
- package/dist/server/graphql/mutations/auth/login.js +5 -1
- package/dist/server/graphql/mutations/auth/login.js.map +1 -1
- package/dist/server/graphql/mutations/auth/register.js +5 -1
- package/dist/server/graphql/mutations/auth/register.js.map +1 -1
- package/dist/server/graphql/mutations/auth/reset-password.js +5 -1
- package/dist/server/graphql/mutations/auth/reset-password.js.map +1 -1
- package/dist/server/graphql/mutations/crud/role/create-role.js +5 -1
- package/dist/server/graphql/mutations/crud/role/create-role.js.map +1 -1
- package/dist/server/graphql/mutations/crud/user/create-user.js +5 -1
- package/dist/server/graphql/mutations/crud/user/create-user.js.map +1 -1
- package/dist/server/graphql/mutations/crud/user/update-user.js +5 -1
- package/dist/server/graphql/mutations/crud/user/update-user.js.map +1 -1
- package/dist/server/graphql/utils.js +5 -1
- package/dist/server/graphql/utils.js.map +1 -1
- package/dist/server/middlewares/rateLimit.js +11 -4
- package/dist/server/middlewares/rateLimit.js.map +1 -1
- package/dist/server/register.js +7 -2
- package/dist/server/register.js.map +1 -1
- package/dist/server/routes/content-api/auth.js +16 -0
- package/dist/server/routes/content-api/auth.js.map +1 -1
- package/dist/server/routes/content-api/auth.mjs +16 -0
- package/dist/server/routes/content-api/auth.mjs.map +1 -1
- package/dist/server/routes/content-api/index.js +5 -1
- package/dist/server/routes/content-api/index.js.map +1 -1
- package/dist/server/routes/content-api/user.js +5 -1
- package/dist/server/routes/content-api/user.js.map +1 -1
- package/dist/server/routes/content-api/validation.js +36 -4
- package/dist/server/routes/content-api/validation.js.map +1 -1
- package/dist/server/routes/content-api/validation.mjs +29 -2
- package/dist/server/routes/content-api/validation.mjs.map +1 -1
- package/dist/server/services/jwt.js +15 -8
- package/dist/server/services/jwt.js.map +1 -1
- package/dist/server/services/jwt.mjs +8 -6
- package/dist/server/services/jwt.mjs.map +1 -1
- package/dist/server/services/providers-registry.js +13 -5
- package/dist/server/services/providers-registry.js.map +1 -1
- package/dist/server/services/providers.js +7 -2
- package/dist/server/services/providers.js.map +1 -1
- package/dist/server/services/role.js +7 -2
- package/dist/server/services/role.js.map +1 -1
- package/dist/server/services/user.js +13 -5
- package/dist/server/services/user.js.map +1 -1
- package/dist/server/services/users-permissions.js +19 -4
- package/dist/server/services/users-permissions.js.map +1 -1
- package/dist/server/services/users-permissions.mjs +8 -0
- package/dist/server/services/users-permissions.mjs.map +1 -1
- package/dist/server/strategies/users-permissions.js +15 -3
- package/dist/server/strategies/users-permissions.js.map +1 -1
- package/dist/server/strategies/users-permissions.mjs +8 -1
- package/dist/server/strategies/users-permissions.mjs.map +1 -1
- package/dist/server/utils/index.js +5 -1
- package/dist/server/utils/index.js.map +1 -1
- package/dist/server/utils/refresh-cookie-options.js +27 -0
- package/dist/server/utils/refresh-cookie-options.js.map +1 -0
- package/dist/server/utils/refresh-cookie-options.mjs +25 -0
- package/dist/server/utils/refresh-cookie-options.mjs.map +1 -0
- package/dist/server/utils/sanitize/sanitizers.js +7 -2
- package/dist/server/utils/sanitize/sanitizers.js.map +1 -1
- package/lint-staged.config.mjs +1 -0
- package/package.json +5 -5
- package/rollup.config.mjs +3 -3
- package/server/controllers/auth.js +162 -141
- package/server/controllers/validation/user.js +22 -9
- package/server/routes/content-api/auth.js +12 -0
- package/server/routes/content-api/validation.js +32 -2
- package/server/services/jwt.js +4 -3
- package/server/services/users-permissions.js +2 -0
- package/server/strategies/users-permissions.js +6 -1
- package/server/utils/refresh-cookie-options.js +20 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../server/routes/content-api/index.js"],"sourcesContent":["'use strict';\n\nconst { createContentApiRoutesFactory } = require('@strapi/utils');\nconst authRoutes = require('./auth');\nconst userRoutes = require('./user');\nconst roleRoutes = require('./role');\nconst permissionsRoutes = require('./permissions');\n\nconst createContentApiRoutes = createContentApiRoutesFactory(() => {\n return [\n ...authRoutes(strapi),\n ...userRoutes(strapi),\n ...roleRoutes(strapi),\n ...permissionsRoutes(strapi),\n ];\n});\n\nmodule.exports = createContentApiRoutes;\n"],"names":["createContentApiRoutesFactory","require$$0","authRoutes","require$$1","userRoutes","require$$2","roleRoutes","require$$3","permissionsRoutes","require$$4","createContentApiRoutes","strapi","contentApi"],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../server/routes/content-api/index.js"],"sourcesContent":["'use strict';\n\nconst { createContentApiRoutesFactory } = require('@strapi/utils');\nconst authRoutes = require('./auth');\nconst userRoutes = require('./user');\nconst roleRoutes = require('./role');\nconst permissionsRoutes = require('./permissions');\n\nconst createContentApiRoutes = createContentApiRoutesFactory(() => {\n return [\n ...authRoutes(strapi),\n ...userRoutes(strapi),\n ...roleRoutes(strapi),\n ...permissionsRoutes(strapi),\n ];\n});\n\nmodule.exports = createContentApiRoutes;\n"],"names":["createContentApiRoutesFactory","require$$0","authRoutes","require$$1","userRoutes","require$$2","roleRoutes","require$$3","permissionsRoutes","require$$4","createContentApiRoutes","strapi","contentApi"],"mappings":";;;;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,6BAA6B,EAAE,GAAGC,2BAAAA;AAC1C,IAAA,MAAMC,UAAAA,GAAaC,cAAAA,EAAAA;AACnB,IAAA,MAAMC,UAAAA,GAAaC,cAAAA,EAAAA;AACnB,IAAA,MAAMC,UAAAA,GAAaC,cAAAA,EAAAA;AACnB,IAAA,MAAMC,iBAAAA,GAAoBC,qBAAAA,EAAAA;AAE1B,IAAA,MAAMC,yBAAyBV,6BAAAA,CAA8B,IAAA;QAC3D,OAAO;eACFE,UAAAA,CAAWS,MAAAA,CAAAA;eACXP,UAAAA,CAAWO,MAAAA,CAAAA;eACXL,UAAAA,CAAWK,MAAAA,CAAAA;eACXH,iBAAAA,CAAkBG,MAAAA;AACtB,SAAA;AACH,IAAA,CAAA,CAAA;IAEAC,UAAAA,GAAiBF,sBAAAA;;;;;;"}
|
|
@@ -3,12 +3,16 @@
|
|
|
3
3
|
var require$$1 = require('zod/v4');
|
|
4
4
|
var validation = require('./validation.js');
|
|
5
5
|
|
|
6
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
7
|
+
|
|
8
|
+
var require$$1__default = /*#__PURE__*/_interopDefault(require$$1);
|
|
9
|
+
|
|
6
10
|
var user;
|
|
7
11
|
var hasRequiredUser;
|
|
8
12
|
function requireUser() {
|
|
9
13
|
if (hasRequiredUser) return user;
|
|
10
14
|
hasRequiredUser = 1;
|
|
11
|
-
const z = require$$
|
|
15
|
+
const z = require$$1__default.default;
|
|
12
16
|
const { UsersPermissionsRouteValidator } = validation.__require();
|
|
13
17
|
user = (strapi)=>{
|
|
14
18
|
const validator = new UsersPermissionsRouteValidator(strapi);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user.js","sources":["../../../../server/routes/content-api/user.js"],"sourcesContent":["'use strict';\n\nconst z = require('zod/v4');\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/users/count',\n handler: 'user.count',\n config: {\n prefix: '',\n },\n request: {\n query: {\n filters: validator.filters.optional(),\n },\n },\n response: z.number(),\n },\n {\n method: 'GET',\n path: '/users',\n handler: 'user.find',\n config: {\n prefix: '',\n },\n request: {\n query: {\n fields: validator.queryFields.optional(),\n populate: validator.queryPopulate.optional(),\n sort: validator.querySort.optional(),\n pagination: validator.pagination.optional(),\n filters: validator.filters.optional(),\n },\n },\n response: z.array(validator.userSchema),\n },\n {\n method: 'GET',\n path: '/users/me',\n handler: 'user.me',\n config: {\n prefix: '',\n },\n request: {\n query: {\n fields: validator.queryFields.optional(),\n populate: validator.queryPopulate.optional(),\n },\n },\n response: validator.userSchema,\n },\n {\n method: 'GET',\n path: '/users/:id',\n handler: 'user.findOne',\n config: {\n prefix: '',\n },\n request: {\n params: {\n id: validator.userIdParam,\n },\n query: {\n fields: validator.queryFields.optional(),\n populate: validator.queryPopulate.optional(),\n },\n },\n response: validator.userSchema,\n },\n {\n method: 'POST',\n path: '/users',\n handler: 'user.create',\n config: {\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.createUserBodySchema },\n },\n response: validator.userSchema,\n },\n {\n method: 'PUT',\n path: '/users/:id',\n handler: 'user.update',\n config: {\n prefix: '',\n },\n request: {\n params: {\n id: validator.userIdParam,\n },\n body: { 'application/json': validator.updateUserBodySchema },\n },\n response: validator.userSchema,\n },\n {\n method: 'DELETE',\n path: '/users/:id',\n handler: 'user.destroy',\n config: {\n prefix: '',\n },\n request: {\n params: {\n id: validator.userIdParam,\n },\n },\n response: validator.userSchema,\n },\n ];\n};\n"],"names":["z","require$$0","UsersPermissionsRouteValidator","require$$1","user","strapi","validator","method","path","handler","config","prefix","request","query","filters","optional","response","number","fields","queryFields","populate","queryPopulate","sort","querySort","pagination","array","userSchema","params","id","userIdParam","body","createUserBodySchema","updateUserBodySchema"],"mappings":"
|
|
1
|
+
{"version":3,"file":"user.js","sources":["../../../../server/routes/content-api/user.js"],"sourcesContent":["'use strict';\n\nconst z = require('zod/v4');\nconst { UsersPermissionsRouteValidator } = require('./validation');\n\nmodule.exports = (strapi) => {\n const validator = new UsersPermissionsRouteValidator(strapi);\n\n return [\n {\n method: 'GET',\n path: '/users/count',\n handler: 'user.count',\n config: {\n prefix: '',\n },\n request: {\n query: {\n filters: validator.filters.optional(),\n },\n },\n response: z.number(),\n },\n {\n method: 'GET',\n path: '/users',\n handler: 'user.find',\n config: {\n prefix: '',\n },\n request: {\n query: {\n fields: validator.queryFields.optional(),\n populate: validator.queryPopulate.optional(),\n sort: validator.querySort.optional(),\n pagination: validator.pagination.optional(),\n filters: validator.filters.optional(),\n },\n },\n response: z.array(validator.userSchema),\n },\n {\n method: 'GET',\n path: '/users/me',\n handler: 'user.me',\n config: {\n prefix: '',\n },\n request: {\n query: {\n fields: validator.queryFields.optional(),\n populate: validator.queryPopulate.optional(),\n },\n },\n response: validator.userSchema,\n },\n {\n method: 'GET',\n path: '/users/:id',\n handler: 'user.findOne',\n config: {\n prefix: '',\n },\n request: {\n params: {\n id: validator.userIdParam,\n },\n query: {\n fields: validator.queryFields.optional(),\n populate: validator.queryPopulate.optional(),\n },\n },\n response: validator.userSchema,\n },\n {\n method: 'POST',\n path: '/users',\n handler: 'user.create',\n config: {\n prefix: '',\n },\n request: {\n body: { 'application/json': validator.createUserBodySchema },\n },\n response: validator.userSchema,\n },\n {\n method: 'PUT',\n path: '/users/:id',\n handler: 'user.update',\n config: {\n prefix: '',\n },\n request: {\n params: {\n id: validator.userIdParam,\n },\n body: { 'application/json': validator.updateUserBodySchema },\n },\n response: validator.userSchema,\n },\n {\n method: 'DELETE',\n path: '/users/:id',\n handler: 'user.destroy',\n config: {\n prefix: '',\n },\n request: {\n params: {\n id: validator.userIdParam,\n },\n },\n response: validator.userSchema,\n },\n ];\n};\n"],"names":["z","require$$0","UsersPermissionsRouteValidator","require$$1","user","strapi","validator","method","path","handler","config","prefix","request","query","filters","optional","response","number","fields","queryFields","populate","queryPopulate","sort","querySort","pagination","array","userSchema","params","id","userIdParam","body","createUserBodySchema","updateUserBodySchema"],"mappings":";;;;;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,2BAAAA;IACV,MAAM,EAAEC,8BAA8B,EAAE,GAAGC,oBAAAA,EAAAA;AAE3CC,IAAAA,IAAAA,GAAiB,CAACC,MAAAA,GAAAA;QAChB,MAAMC,SAAAA,GAAY,IAAIJ,8BAAAA,CAA+BG,MAAAA,CAAAA;QAErD,OAAO;AACL,YAAA;gBACEE,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,cAAA;gBACNC,OAAAA,EAAS,YAAA;gBACTC,MAAAA,EAAQ;oBACNC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,KAAAA,EAAO;wBACLC,OAAAA,EAASR,SAAAA,CAAUQ,OAAO,CAACC,QAAQ;AAC7C;AACA,iBAAA;AACMC,gBAAAA,QAAAA,EAAUhB,EAAEiB,MAAM;AACxB,aAAA;AACI,YAAA;gBACEV,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,QAAA;gBACNC,OAAAA,EAAS,WAAA;gBACTC,MAAAA,EAAQ;oBACNC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,KAAAA,EAAO;wBACLK,MAAAA,EAAQZ,SAAAA,CAAUa,WAAW,CAACJ,QAAQ,EAAA;wBACtCK,QAAAA,EAAUd,SAAAA,CAAUe,aAAa,CAACN,QAAQ,EAAA;wBAC1CO,IAAAA,EAAMhB,SAAAA,CAAUiB,SAAS,CAACR,QAAQ,EAAA;wBAClCS,UAAAA,EAAYlB,SAAAA,CAAUkB,UAAU,CAACT,QAAQ,EAAA;wBACzCD,OAAAA,EAASR,SAAAA,CAAUQ,OAAO,CAACC,QAAQ;AAC7C;AACA,iBAAA;AACMC,gBAAAA,QAAAA,EAAUhB,CAAAA,CAAEyB,KAAK,CAACnB,SAAAA,CAAUoB,UAAU;AAC5C,aAAA;AACI,YAAA;gBACEnB,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,WAAA;gBACNC,OAAAA,EAAS,SAAA;gBACTC,MAAAA,EAAQ;oBACNC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPC,KAAAA,EAAO;wBACLK,MAAAA,EAAQZ,SAAAA,CAAUa,WAAW,CAACJ,QAAQ,EAAA;wBACtCK,QAAAA,EAAUd,SAAAA,CAAUe,aAAa,CAACN,QAAQ;AACpD;AACA,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUoB;AAC1B,aAAA;AACI,YAAA;gBACEnB,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,YAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPe,MAAAA,EAAQ;AACNC,wBAAAA,EAAAA,EAAItB,UAAUuB;AACxB,qBAAA;oBACQhB,KAAAA,EAAO;wBACLK,MAAAA,EAAQZ,SAAAA,CAAUa,WAAW,CAACJ,QAAQ,EAAA;wBACtCK,QAAAA,EAAUd,SAAAA,CAAUe,aAAa,CAACN,QAAQ;AACpD;AACA,iBAAA;AACMC,gBAAAA,QAAAA,EAAUV,UAAUoB;AAC1B,aAAA;AACI,YAAA;gBACEnB,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM,QAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBACNC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPkB,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBxB,UAAUyB;AAAoB;AAClE,iBAAA;AACMf,gBAAAA,QAAAA,EAAUV,UAAUoB;AAC1B,aAAA;AACI,YAAA;gBACEnB,MAAAA,EAAQ,KAAA;gBACRC,IAAAA,EAAM,YAAA;gBACNC,OAAAA,EAAS,aAAA;gBACTC,MAAAA,EAAQ;oBACNC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPe,MAAAA,EAAQ;AACNC,wBAAAA,EAAAA,EAAItB,UAAUuB;AACxB,qBAAA;oBACQC,IAAAA,EAAM;AAAE,wBAAA,kBAAA,EAAoBxB,UAAU0B;AAAoB;AAClE,iBAAA;AACMhB,gBAAAA,QAAAA,EAAUV,UAAUoB;AAC1B,aAAA;AACI,YAAA;gBACEnB,MAAAA,EAAQ,QAAA;gBACRC,IAAAA,EAAM,YAAA;gBACNC,OAAAA,EAAS,cAAA;gBACTC,MAAAA,EAAQ;oBACNC,MAAAA,EAAQ;AAChB,iBAAA;gBACMC,OAAAA,EAAS;oBACPe,MAAAA,EAAQ;AACNC,wBAAAA,EAAAA,EAAItB,UAAUuB;AACxB;AACA,iBAAA;AACMb,gBAAAA,QAAAA,EAAUV,UAAUoB;AAC1B;AACG,SAAA;AACH,IAAA,CAAA;;;;;;"}
|
|
@@ -3,13 +3,45 @@
|
|
|
3
3
|
var require$$1 = require('@strapi/utils');
|
|
4
4
|
var require$$1$1 = require('zod/v4');
|
|
5
5
|
|
|
6
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
7
|
+
|
|
8
|
+
var require$$1__default = /*#__PURE__*/_interopDefault(require$$1);
|
|
9
|
+
var require$$1__default$1 = /*#__PURE__*/_interopDefault(require$$1$1);
|
|
10
|
+
|
|
6
11
|
var validation;
|
|
7
12
|
var hasRequiredValidation;
|
|
8
13
|
function requireValidation() {
|
|
9
14
|
if (hasRequiredValidation) return validation;
|
|
10
15
|
hasRequiredValidation = 1;
|
|
11
|
-
const { AbstractRouteValidator } = require$$
|
|
12
|
-
const z = require$$
|
|
16
|
+
const { AbstractRouteValidator } = require$$1__default.default;
|
|
17
|
+
const z = require$$1__default$1.default;
|
|
18
|
+
// A single role relation entry, referenced by numeric `id` (legacy) or by
|
|
19
|
+
// `documentId` (the v5 default), but must carry at least one of them. The
|
|
20
|
+
// detailed rules (min one role on create, cannot remove the last role on
|
|
21
|
+
// update) stay in the Yup controller validator.
|
|
22
|
+
const roleRelationEntry = z.object({
|
|
23
|
+
id: z.union([
|
|
24
|
+
z.number(),
|
|
25
|
+
z.string()
|
|
26
|
+
]).optional(),
|
|
27
|
+
documentId: z.string().optional()
|
|
28
|
+
}).refine((entry)=>entry.id != null || entry.documentId != null, {
|
|
29
|
+
message: 'Relation entry must include an id or documentId'
|
|
30
|
+
});
|
|
31
|
+
// The `role` relation input: shorthand scalar (numeric id or documentId) or the
|
|
32
|
+
// longhand connect/disconnect object, matching every other v5 relation. The
|
|
33
|
+
// object form must carry at least one of connect/disconnect (an empty object is
|
|
34
|
+
// a no-op and almost certainly a mistake).
|
|
35
|
+
const roleRelationInput = z.union([
|
|
36
|
+
z.number(),
|
|
37
|
+
z.string(),
|
|
38
|
+
z.object({
|
|
39
|
+
connect: z.array(roleRelationEntry).optional(),
|
|
40
|
+
disconnect: z.array(roleRelationEntry).optional()
|
|
41
|
+
}).refine((input)=>input.connect != null || input.disconnect != null, {
|
|
42
|
+
message: 'Relation input must include connect or disconnect'
|
|
43
|
+
})
|
|
44
|
+
]);
|
|
13
45
|
class UsersPermissionsRouteValidator extends AbstractRouteValidator {
|
|
14
46
|
get userSchema() {
|
|
15
47
|
return z.object({
|
|
@@ -166,7 +198,7 @@ function requireValidation() {
|
|
|
166
198
|
username: z.string(),
|
|
167
199
|
email: z.email(),
|
|
168
200
|
password: z.string(),
|
|
169
|
-
role:
|
|
201
|
+
role: roleRelationInput.optional()
|
|
170
202
|
});
|
|
171
203
|
}
|
|
172
204
|
get updateUserBodySchema() {
|
|
@@ -174,7 +206,7 @@ function requireValidation() {
|
|
|
174
206
|
username: z.string().optional(),
|
|
175
207
|
email: z.email().optional(),
|
|
176
208
|
password: z.string().optional(),
|
|
177
|
-
role:
|
|
209
|
+
role: roleRelationInput.optional()
|
|
178
210
|
});
|
|
179
211
|
}
|
|
180
212
|
get createRoleBodySchema() {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validation.js","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: z.number().optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: z.number().optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","UsersPermissionsRouteValidator","userSchema","object","id","number","documentId","string","username","email","provider","confirmed","boolean","blocked","role","union","name","description","nullable","type","createdAt","updatedAt","optional","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","array","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,YAAAA;AAEV,IAAA,MAAMC,8BAAAA,SAAuCJ,sBAAAA,CAAAA;AAM3C,QAAA,IAAIK,UAAAA,GAAa;YACf,OAAOH,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBC,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfG,gBAAAA,QAAAA,EAAUX,EAAEQ,MAAM,EAAA;AAClBI,gBAAAA,SAAAA,EAAWZ,EAAEa,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASd,EAAEa,OAAO,EAAA;gBAClBE,IAAAA,EAAMf,CAAAA,CACHgB,KAAK,CAAC;AACLhB,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,wBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;wBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,wBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,wBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAe,QAAQ,EAAA;AACXF,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiB,UAAAA,GAAa;YACf,OAAOzB,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBS,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM,EAAA;gBACrBkB,QAAAA,EAAU1B,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ,EAAA;gBAC7BI,WAAAA,EAAa3B,CAAAA,CACV4B,MAAM,CACL5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESe,QAAQ,EAAA;AACXS,gBAAAA,KAAAA,EAAOhC,EAAEiC,KAAK,CAACjC,CAAAA,CAAEkC,OAAO,IAAIX,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIY,gBAAAA,GAAmB;YACrB,OAAOnC,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZ8B,gBAAAA,MAAAA,EAAQpC,EAAEQ,MAAM,EAAA;gBAChBO,IAAAA,EAAMf,CAAAA,CAAEI,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,oBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;oBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM;AACtB,iBAAA,CAAA;AACMa,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,kBAAAA,GAAqB;YACvB,OAAOrC,CAAAA,CAAEI,MAAM,CAAC;AACdkC,gBAAAA,GAAAA,EAAKtC,EAAEQ,MAAM,EAAA;gBACb+B,YAAAA,EAAcvC,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACjCiB,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,4BAAAA,GAA+B;YACjC,OAAOzC,CAAAA,CAAEI,MAAM,CAAC;gBACdoC,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuC,0BAAAA,GAA6B;YAC/B,OAAO1C,CAAAA,CAAEgB,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACqB,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAO3C,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgC,mCAAAA,GAAsC;YACxC,OAAO7C,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfsC,gBAAAA,IAAAA,EAAM9C,EAAEa,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkC,mBAAAA,GAAsB;YACxB,OAAO/C,CAAAA,CAAEI,MAAM,CAAC;AACd4C,gBAAAA,KAAAA,EAAOhD,CAAAA,CAAEiC,KAAK,CAAC,IAAI,CAACR,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,kBAAAA,GAAqB;YACvB,OAAOjD,CAAAA,CAAEI,MAAM,CAAC;gBACdW,IAAAA,EAAM,IAAI,CAACU;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyB,yBAAAA,GAA4B;YAC9B,OAAOlD,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,yBAAAA,GAA4B;YAC9B,OAAOnD,CAAAA,CAAEI,MAAM,CAAC;gBACduB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,eAAAA,GAAkB;YACpB,OAAOpD,CAAAA,CAAEI,MAAM,CAAC;AACdiD,gBAAAA,UAAAA,EAAYrD,EAAEQ,MAAM,EAAA;AACpB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,kBAAAA,GAAqB;YACvB,OAAOvD,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgD,wBAAAA,GAA2B;YAC7B,OAAOxD,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,uBAAAA,GAA0B;YAC5B,OAAOzD,CAAAA,CAAEI,MAAM,CAAC;AACdsD,gBAAAA,IAAAA,EAAM1D,EAAEQ,MAAM,EAAA;AACd8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIoD,wBAAAA,GAA2B;YAC7B,OAAO5D,CAAAA,CAAEI,MAAM,CAAC;AACdyD,gBAAAA,eAAAA,EAAiB7D,EAAEQ,MAAM,EAAA;AACzB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsD,+BAAAA,GAAkC;YACpC,OAAO9D,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,oBAAAA,GAAuB;YACzB,OAAO/D,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;gBAClBO,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyC,oBAAAA,GAAuB;YACzB,OAAOhE,CAAAA,CAAEI,MAAM,CAAC;gBACdK,QAAAA,EAAUT,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7Bb,KAAAA,EAAOV,CAAAA,CAAEU,KAAK,EAAA,CAAGa,QAAQ,EAAA;gBACzB+B,QAAAA,EAAUtD,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7BR,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI0C,oBAAAA,GAAuB;YACzB,OAAOjE,CAAAA,CAAEI,MAAM,CAAC;AACda,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;AAChCH,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;gBACdmB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2C,oBAAAA,GAAuB;YACzB,OAAOlE,CAAAA,CAAEI,MAAM,CAAC;gBACda,IAAAA,EAAMjB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBL,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAChCH,IAAAA,EAAMpB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBI,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,WAAAA,GAAc;AAChB,YAAA,OAAOnE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI4D,WAAAA,GAAc;AAChB,YAAA,OAAOpE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI6D,aAAAA,GAAgB;AAClB,YAAA,OAAOrE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAY8D,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACftE,QAAAA;AACF,KAAA;;;;;;"}
|
|
1
|
+
{"version":3,"file":"validation.js","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\n// A single role relation entry, referenced by numeric `id` (legacy) or by\n// `documentId` (the v5 default), but must carry at least one of them. The\n// detailed rules (min one role on create, cannot remove the last role on\n// update) stay in the Yup controller validator.\nconst roleRelationEntry = z\n .object({\n id: z.union([z.number(), z.string()]).optional(),\n documentId: z.string().optional(),\n })\n .refine((entry) => entry.id != null || entry.documentId != null, {\n message: 'Relation entry must include an id or documentId',\n });\n\n// The `role` relation input: shorthand scalar (numeric id or documentId) or the\n// longhand connect/disconnect object, matching every other v5 relation. The\n// object form must carry at least one of connect/disconnect (an empty object is\n// a no-op and almost certainly a mistake).\nconst roleRelationInput = z.union([\n z.number(),\n z.string(),\n z\n .object({\n connect: z.array(roleRelationEntry).optional(),\n disconnect: z.array(roleRelationEntry).optional(),\n })\n .refine((input) => input.connect != null || input.disconnect != null, {\n message: 'Relation input must include connect or disconnect',\n }),\n]);\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: roleRelationInput.optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: roleRelationInput.optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","roleRelationEntry","object","id","union","number","string","optional","documentId","refine","entry","message","roleRelationInput","connect","array","disconnect","input","UsersPermissionsRouteValidator","userSchema","username","email","provider","confirmed","boolean","blocked","role","name","description","nullable","type","createdAt","updatedAt","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,2BAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,6BAAAA;;;;;IAMV,MAAMC,iBAAAA,GAAoBF,CAAAA,CACvBG,MAAM,CAAC;QACNC,EAAAA,EAAIJ,CAAAA,CAAEK,KAAK,CAAC;AAACL,YAAAA,CAAAA,CAAEM,MAAM,EAAA;AAAIN,YAAAA,CAAAA,CAAEO,MAAM;AAAG,SAAA,CAAA,CAAEC,QAAQ,EAAA;QAC9CC,UAAAA,EAAYT,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ;KACnC,CAAA,CACGE,MAAM,CAAC,CAACC,KAAAA,GAAUA,KAAAA,CAAMP,EAAE,IAAI,IAAA,IAAQO,KAAAA,CAAMF,UAAU,IAAI,IAAA,EAAM;QAC/DG,OAAAA,EAAS;AACb,KAAA,CAAA;;;;;IAMA,MAAMC,iBAAAA,GAAoBb,CAAAA,CAAEK,KAAK,CAAC;AAChCL,QAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,QAAAA,CAAAA,CAAEO,MAAM,EAAA;AACRP,QAAAA,CAAAA,CACGG,MAAM,CAAC;AACNW,YAAAA,OAAAA,EAASd,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ,EAAA;AAC5CQ,YAAAA,UAAAA,EAAYhB,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ;SACrD,CAAA,CACKE,MAAM,CAAC,CAACO,KAAAA,GAAUA,KAAAA,CAAMH,OAAO,IAAI,IAAA,IAAQG,KAAAA,CAAMD,UAAU,IAAI,IAAA,EAAM;YACpEJ,OAAAA,EAAS;AACf,SAAA;AACC,KAAA,CAAA;AAED,IAAA,MAAMM,8BAAAA,SAAuCpB,sBAAAA,CAAAA;AAM3C,QAAA,IAAIqB,UAAAA,GAAa;YACf,OAAOnB,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBa,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACfe,gBAAAA,QAAAA,EAAUtB,EAAEO,MAAM,EAAA;AAClBgB,gBAAAA,SAAAA,EAAWvB,EAAEwB,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASzB,EAAEwB,OAAO,EAAA;gBAClBE,IAAAA,EAAM1B,CAAAA,CACHK,KAAK,CAAC;AACLL,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEG,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,wBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;wBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,wBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,wBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAC,QAAQ,EAAA;AACXuB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2B,UAAAA,GAAa;YACf,OAAOlC,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBoB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM,EAAA;gBACrB4B,QAAAA,EAAUnC,CAAAA,CAAEM,MAAM,EAAA,CAAGE,QAAQ,EAAA;gBAC7B4B,WAAAA,EAAapC,CAAAA,CACVqC,MAAM,CACLrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESC,QAAQ,EAAA;AACXiC,gBAAAA,KAAAA,EAAOzC,EAAEe,KAAK,CAACf,CAAAA,CAAE0C,OAAO,IAAIlC,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,gBAAAA,GAAmB;YACrB,OAAO3C,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZsC,gBAAAA,MAAAA,EAAQ5C,EAAEO,MAAM,EAAA;gBAChBmB,IAAAA,EAAM1B,CAAAA,CAAEG,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,oBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;oBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAM9B,EAAEO,MAAM;AACtB,iBAAA,CAAA;AACMwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,kBAAAA,GAAqB;YACvB,OAAO7C,CAAAA,CAAEG,MAAM,CAAC;AACd2C,gBAAAA,GAAAA,EAAK9C,EAAEO,MAAM,EAAA;gBACbwC,YAAAA,EAAc/C,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACjCwC,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI8B,4BAAAA,GAA+B;YACjC,OAAOjD,CAAAA,CAAEG,MAAM,CAAC;gBACd6C,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,0BAAAA,GAA6B;YAC/B,OAAOlD,CAAAA,CAAEK,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACwC,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAOnD,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,mCAAAA,GAAsC;YACxC,OAAOrD,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACf+C,gBAAAA,IAAAA,EAAMtD,EAAEwB,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,mBAAAA,GAAsB;YACxB,OAAOvD,CAAAA,CAAEG,MAAM,CAAC;AACdqD,gBAAAA,KAAAA,EAAOxD,CAAAA,CAAEe,KAAK,CAAC,IAAI,CAACmB,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuB,kBAAAA,GAAqB;YACvB,OAAOzD,CAAAA,CAAEG,MAAM,CAAC;gBACduB,IAAAA,EAAM,IAAI,CAACQ;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,yBAAAA,GAA4B;YAC9B,OAAO1D,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,yBAAAA,GAA4B;YAC9B,OAAO3D,CAAAA,CAAEG,MAAM,CAAC;gBACdiC,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,eAAAA,GAAkB;YACpB,OAAO5D,CAAAA,CAAEG,MAAM,CAAC;AACd0D,gBAAAA,UAAAA,EAAY7D,EAAEO,MAAM,EAAA;AACpBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwD,kBAAAA,GAAqB;YACvB,OAAO/D,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyD,wBAAAA,GAA2B;YAC7B,OAAOhE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,uBAAAA,GAA0B;YAC5B,OAAOjE,CAAAA,CAAEG,MAAM,CAAC;AACd+D,gBAAAA,IAAAA,EAAMlE,EAAEO,MAAM,EAAA;AACduD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6D,wBAAAA,GAA2B;YAC7B,OAAOpE,CAAAA,CAAEG,MAAM,CAAC;AACdkE,gBAAAA,eAAAA,EAAiBrE,EAAEO,MAAM,EAAA;AACzBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+D,+BAAAA,GAAkC;YACpC,OAAOtE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkD,oBAAAA,GAAuB;YACzB,OAAOvE,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClBmB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgE,oBAAAA,GAAuB;YACzB,OAAOxE,CAAAA,CAAEG,MAAM,CAAC;gBACdiB,QAAAA,EAAUpB,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAC7Ba,KAAAA,EAAOrB,CAAAA,CAAEqB,KAAK,EAAA,CAAGb,QAAQ,EAAA;gBACzBsD,QAAAA,EAAU9D,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAC7BkB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiE,oBAAAA,GAAuB;YACzB,OAAOzE,CAAAA,CAAEG,MAAM,CAAC;AACdwB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAChCsB,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;gBACd6B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkE,oBAAAA,GAAuB;YACzB,OAAO1E,CAAAA,CAAEG,MAAM,CAAC;gBACdwB,IAAAA,EAAM3B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzBoB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAChCsB,IAAAA,EAAM9B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzB4B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImE,WAAAA,GAAc;AAChB,YAAA,OAAO3E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIqE,WAAAA,GAAc;AAChB,YAAA,OAAO5E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIsE,aAAAA,GAAgB;AAClB,YAAA,OAAO7E,EAAEO,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAYuE,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACf9D,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -8,6 +8,33 @@ function requireValidation() {
|
|
|
8
8
|
hasRequiredValidation = 1;
|
|
9
9
|
const { AbstractRouteValidator } = require$$1;
|
|
10
10
|
const z = require$$1$1;
|
|
11
|
+
// A single role relation entry, referenced by numeric `id` (legacy) or by
|
|
12
|
+
// `documentId` (the v5 default), but must carry at least one of them. The
|
|
13
|
+
// detailed rules (min one role on create, cannot remove the last role on
|
|
14
|
+
// update) stay in the Yup controller validator.
|
|
15
|
+
const roleRelationEntry = z.object({
|
|
16
|
+
id: z.union([
|
|
17
|
+
z.number(),
|
|
18
|
+
z.string()
|
|
19
|
+
]).optional(),
|
|
20
|
+
documentId: z.string().optional()
|
|
21
|
+
}).refine((entry)=>entry.id != null || entry.documentId != null, {
|
|
22
|
+
message: 'Relation entry must include an id or documentId'
|
|
23
|
+
});
|
|
24
|
+
// The `role` relation input: shorthand scalar (numeric id or documentId) or the
|
|
25
|
+
// longhand connect/disconnect object, matching every other v5 relation. The
|
|
26
|
+
// object form must carry at least one of connect/disconnect (an empty object is
|
|
27
|
+
// a no-op and almost certainly a mistake).
|
|
28
|
+
const roleRelationInput = z.union([
|
|
29
|
+
z.number(),
|
|
30
|
+
z.string(),
|
|
31
|
+
z.object({
|
|
32
|
+
connect: z.array(roleRelationEntry).optional(),
|
|
33
|
+
disconnect: z.array(roleRelationEntry).optional()
|
|
34
|
+
}).refine((input)=>input.connect != null || input.disconnect != null, {
|
|
35
|
+
message: 'Relation input must include connect or disconnect'
|
|
36
|
+
})
|
|
37
|
+
]);
|
|
11
38
|
class UsersPermissionsRouteValidator extends AbstractRouteValidator {
|
|
12
39
|
get userSchema() {
|
|
13
40
|
return z.object({
|
|
@@ -164,7 +191,7 @@ function requireValidation() {
|
|
|
164
191
|
username: z.string(),
|
|
165
192
|
email: z.email(),
|
|
166
193
|
password: z.string(),
|
|
167
|
-
role:
|
|
194
|
+
role: roleRelationInput.optional()
|
|
168
195
|
});
|
|
169
196
|
}
|
|
170
197
|
get updateUserBodySchema() {
|
|
@@ -172,7 +199,7 @@ function requireValidation() {
|
|
|
172
199
|
username: z.string().optional(),
|
|
173
200
|
email: z.email().optional(),
|
|
174
201
|
password: z.string().optional(),
|
|
175
|
-
role:
|
|
202
|
+
role: roleRelationInput.optional()
|
|
176
203
|
});
|
|
177
204
|
}
|
|
178
205
|
get createRoleBodySchema() {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validation.mjs","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: z.number().optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: z.number().optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","UsersPermissionsRouteValidator","userSchema","object","id","number","documentId","string","username","email","provider","confirmed","boolean","blocked","role","union","name","description","nullable","type","createdAt","updatedAt","optional","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","array","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,YAAAA;AAEV,IAAA,MAAMC,8BAAAA,SAAuCJ,sBAAAA,CAAAA;AAM3C,QAAA,IAAIK,UAAAA,GAAa;YACf,OAAOH,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBC,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfG,gBAAAA,QAAAA,EAAUX,EAAEQ,MAAM,EAAA;AAClBI,gBAAAA,SAAAA,EAAWZ,EAAEa,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASd,EAAEa,OAAO,EAAA;gBAClBE,IAAAA,EAAMf,CAAAA,CACHgB,KAAK,CAAC;AACLhB,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,wBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;wBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,wBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,wBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAe,QAAQ,EAAA;AACXF,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiB,UAAAA,GAAa;YACf,OAAOzB,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBS,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM,EAAA;gBACrBkB,QAAAA,EAAU1B,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ,EAAA;gBAC7BI,WAAAA,EAAa3B,CAAAA,CACV4B,MAAM,CACL5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESe,QAAQ,EAAA;AACXS,gBAAAA,KAAAA,EAAOhC,EAAEiC,KAAK,CAACjC,CAAAA,CAAEkC,OAAO,IAAIX,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIY,gBAAAA,GAAmB;YACrB,OAAOnC,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZ8B,gBAAAA,MAAAA,EAAQpC,EAAEQ,MAAM,EAAA;gBAChBO,IAAAA,EAAMf,CAAAA,CAAEI,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,oBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;oBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM;AACtB,iBAAA,CAAA;AACMa,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,kBAAAA,GAAqB;YACvB,OAAOrC,CAAAA,CAAEI,MAAM,CAAC;AACdkC,gBAAAA,GAAAA,EAAKtC,EAAEQ,MAAM,EAAA;gBACb+B,YAAAA,EAAcvC,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACjCiB,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,4BAAAA,GAA+B;YACjC,OAAOzC,CAAAA,CAAEI,MAAM,CAAC;gBACdoC,IAAAA,EAAM,IAAI,CAACrC;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuC,0BAAAA,GAA6B;YAC/B,OAAO1C,CAAAA,CAAEgB,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACqB,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAO3C,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgC,mCAAAA,GAAsC;YACxC,OAAO7C,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfsC,gBAAAA,IAAAA,EAAM9C,EAAEa,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkC,mBAAAA,GAAsB;YACxB,OAAO/C,CAAAA,CAAEI,MAAM,CAAC;AACd4C,gBAAAA,KAAAA,EAAOhD,CAAAA,CAAEiC,KAAK,CAAC,IAAI,CAACR,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,kBAAAA,GAAqB;YACvB,OAAOjD,CAAAA,CAAEI,MAAM,CAAC;gBACdW,IAAAA,EAAM,IAAI,CAACU;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyB,yBAAAA,GAA4B;YAC9B,OAAOlD,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,yBAAAA,GAA4B;YAC9B,OAAOnD,CAAAA,CAAEI,MAAM,CAAC;gBACduB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAE4B,MAAM,CACN5B,CAAAA,CAAEQ,MAAM,EAAA,EACRR,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,eAAAA,GAAkB;YACpB,OAAOpD,CAAAA,CAAEI,MAAM,CAAC;AACdiD,gBAAAA,UAAAA,EAAYrD,EAAEQ,MAAM,EAAA;AACpB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,kBAAAA,GAAqB;YACvB,OAAOvD,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgD,wBAAAA,GAA2B;YAC7B,OAAOxD,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+C,uBAAAA,GAA0B;YAC5B,OAAOzD,CAAAA,CAAEI,MAAM,CAAC;AACdsD,gBAAAA,IAAAA,EAAM1D,EAAEQ,MAAM,EAAA;AACd8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIoD,wBAAAA,GAA2B;YAC7B,OAAO5D,CAAAA,CAAEI,MAAM,CAAC;AACdyD,gBAAAA,eAAAA,EAAiB7D,EAAEQ,MAAM,EAAA;AACzB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsD,+BAAAA,GAAkC;YACpC,OAAO9D,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,oBAAAA,GAAuB;YACzB,OAAO/D,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;gBAClBO,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyC,oBAAAA,GAAuB;YACzB,OAAOhE,CAAAA,CAAEI,MAAM,CAAC;gBACdK,QAAAA,EAAUT,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7Bb,KAAAA,EAAOV,CAAAA,CAAEU,KAAK,EAAA,CAAGa,QAAQ,EAAA;gBACzB+B,QAAAA,EAAUtD,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7BR,IAAAA,EAAMf,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI0C,oBAAAA,GAAuB;YACzB,OAAOjE,CAAAA,CAAEI,MAAM,CAAC;AACda,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;AAChCH,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;gBACdmB,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2C,oBAAAA,GAAuB;YACzB,OAAOlE,CAAAA,CAAEI,MAAM,CAAC;gBACda,IAAAA,EAAMjB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBL,WAAAA,EAAalB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAChCH,IAAAA,EAAMpB,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBI,WAAAA,EAAa3B,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAA,EAAIR,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,WAAAA,GAAc;AAChB,YAAA,OAAOnE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI4D,WAAAA,GAAc;AAChB,YAAA,OAAOpE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAI6D,aAAAA,GAAgB;AAClB,YAAA,OAAOrE,EAAEQ,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAY8D,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACftE,QAAAA;AACF,KAAA;;;;;;"}
|
|
1
|
+
{"version":3,"file":"validation.mjs","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\n// A single role relation entry, referenced by numeric `id` (legacy) or by\n// `documentId` (the v5 default), but must carry at least one of them. The\n// detailed rules (min one role on create, cannot remove the last role on\n// update) stay in the Yup controller validator.\nconst roleRelationEntry = z\n .object({\n id: z.union([z.number(), z.string()]).optional(),\n documentId: z.string().optional(),\n })\n .refine((entry) => entry.id != null || entry.documentId != null, {\n message: 'Relation entry must include an id or documentId',\n });\n\n// The `role` relation input: shorthand scalar (numeric id or documentId) or the\n// longhand connect/disconnect object, matching every other v5 relation. The\n// object form must carry at least one of connect/disconnect (an empty object is\n// a no-op and almost certainly a mistake).\nconst roleRelationInput = z.union([\n z.number(),\n z.string(),\n z\n .object({\n connect: z.array(roleRelationEntry).optional(),\n disconnect: z.array(roleRelationEntry).optional(),\n })\n .refine((input) => input.connect != null || input.disconnect != null, {\n message: 'Relation input must include connect or disconnect',\n }),\n]);\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: roleRelationInput.optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: roleRelationInput.optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","roleRelationEntry","object","id","union","number","string","optional","documentId","refine","entry","message","roleRelationInput","connect","array","disconnect","input","UsersPermissionsRouteValidator","userSchema","username","email","provider","confirmed","boolean","blocked","role","name","description","nullable","type","createdAt","updatedAt","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAAA,GAAIC,YAAAA;;;;;IAMV,MAAMC,iBAAAA,GAAoBF,CAAAA,CACvBG,MAAM,CAAC;QACNC,EAAAA,EAAIJ,CAAAA,CAAEK,KAAK,CAAC;AAACL,YAAAA,CAAAA,CAAEM,MAAM,EAAA;AAAIN,YAAAA,CAAAA,CAAEO,MAAM;AAAG,SAAA,CAAA,CAAEC,QAAQ,EAAA;QAC9CC,UAAAA,EAAYT,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ;KACnC,CAAA,CACGE,MAAM,CAAC,CAACC,KAAAA,GAAUA,KAAAA,CAAMP,EAAE,IAAI,IAAA,IAAQO,KAAAA,CAAMF,UAAU,IAAI,IAAA,EAAM;QAC/DG,OAAAA,EAAS;AACb,KAAA,CAAA;;;;;IAMA,MAAMC,iBAAAA,GAAoBb,CAAAA,CAAEK,KAAK,CAAC;AAChCL,QAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,QAAAA,CAAAA,CAAEO,MAAM,EAAA;AACRP,QAAAA,CAAAA,CACGG,MAAM,CAAC;AACNW,YAAAA,OAAAA,EAASd,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ,EAAA;AAC5CQ,YAAAA,UAAAA,EAAYhB,CAAAA,CAAEe,KAAK,CAACb,iBAAAA,CAAAA,CAAmBM,QAAQ;SACrD,CAAA,CACKE,MAAM,CAAC,CAACO,KAAAA,GAAUA,KAAAA,CAAMH,OAAO,IAAI,IAAA,IAAQG,KAAAA,CAAMD,UAAU,IAAI,IAAA,EAAM;YACpEJ,OAAAA,EAAS;AACf,SAAA;AACC,KAAA,CAAA;AAED,IAAA,MAAMM,8BAAAA,SAAuCpB,sBAAAA,CAAAA;AAM3C,QAAA,IAAIqB,UAAAA,GAAa;YACf,OAAOnB,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBa,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACfe,gBAAAA,QAAAA,EAAUtB,EAAEO,MAAM,EAAA;AAClBgB,gBAAAA,SAAAA,EAAWvB,EAAEwB,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASzB,EAAEwB,OAAO,EAAA;gBAClBE,IAAAA,EAAM1B,CAAAA,CACHK,KAAK,CAAC;AACLL,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEG,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,wBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;wBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,wBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,wBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAC,QAAQ,EAAA;AACXuB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM;AAC3B,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI2B,UAAAA,GAAa;YACf,OAAOlC,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZG,gBAAAA,UAAAA,EAAYT,EAAEO,MAAM,EAAA;AACpBoB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;AACdwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM,EAAA;AACnB0B,gBAAAA,WAAAA,EAAajC,EAAEO,MAAM,EAAA;gBACrB4B,QAAAA,EAAUnC,CAAAA,CAAEM,MAAM,EAAA,CAAGE,QAAQ,EAAA;gBAC7B4B,WAAAA,EAAapC,CAAAA,CACVqC,MAAM,CACLrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESC,QAAQ,EAAA;AACXiC,gBAAAA,KAAAA,EAAOzC,EAAEe,KAAK,CAACf,CAAAA,CAAE0C,OAAO,IAAIlC,QAAQ;AAC1C,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,gBAAAA,GAAmB;YACrB,OAAO3C,CAAAA,CAAEG,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZsC,gBAAAA,MAAAA,EAAQ5C,EAAEO,MAAM,EAAA;gBAChBmB,IAAAA,EAAM1B,CAAAA,CAAEG,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIJ,EAAEM,MAAM,EAAA;AACZqB,oBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;oBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGsB,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAM9B,EAAEO,MAAM;AACtB,iBAAA,CAAA;AACMwB,gBAAAA,SAAAA,EAAW/B,EAAEO,MAAM,EAAA;AACnByB,gBAAAA,SAAAA,EAAWhC,EAAEO,MAAM;AACzB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIsC,kBAAAA,GAAqB;YACvB,OAAO7C,CAAAA,CAAEG,MAAM,CAAC;AACd2C,gBAAAA,GAAAA,EAAK9C,EAAEO,MAAM,EAAA;gBACbwC,YAAAA,EAAc/C,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACjCwC,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI8B,4BAAAA,GAA+B;YACjC,OAAOjD,CAAAA,CAAEG,MAAM,CAAC;gBACd6C,IAAAA,EAAM,IAAI,CAAC7B;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,0BAAAA,GAA6B;YAC/B,OAAOlD,CAAAA,CAAEK,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACwC,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC/E,QAAA;AAEE,QAAA,IAAIE,4BAAAA,GAA+B;YACjC,OAAOnD,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6B,mCAAAA,GAAsC;YACxC,OAAOrD,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEO,MAAM,EAAA;AACf+C,gBAAAA,IAAAA,EAAMtD,EAAEwB,OAAO;AACrB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+B,mBAAAA,GAAsB;YACxB,OAAOvD,CAAAA,CAAEG,MAAM,CAAC;AACdqD,gBAAAA,KAAAA,EAAOxD,CAAAA,CAAEe,KAAK,CAAC,IAAI,CAACmB,UAAU;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIuB,kBAAAA,GAAqB;YACvB,OAAOzD,CAAAA,CAAEG,MAAM,CAAC;gBACduB,IAAAA,EAAM,IAAI,CAACQ;AACjB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwB,yBAAAA,GAA4B;YAC9B,OAAO1D,CAAAA,CAAEG,MAAM,CAAC;AACdiD,gBAAAA,EAAAA,EAAIpD,EAAEwB,OAAO;AACnB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImC,yBAAAA,GAA4B;YAC9B,OAAO3D,CAAAA,CAAEG,MAAM,CAAC;gBACdiC,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPmC,oBAAAA,WAAAA,EAAatC,CAAAA,CAAEqC,MAAM,CACnBrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEqC,MAAM,CACNrC,CAAAA,CAAEO,MAAM,EAAA,EACRP,CAAAA,CAAEG,MAAM,CAAC;AACPoC,wBAAAA,OAAAA,EAASvC,EAAEwB,OAAO,EAAA;AAClBgB,wBAAAA,MAAAA,EAAQxC,EAAEO,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIqD,eAAAA,GAAkB;YACpB,OAAO5D,CAAAA,CAAEG,MAAM,CAAC;AACd0D,gBAAAA,UAAAA,EAAY7D,EAAEO,MAAM,EAAA;AACpBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIwD,kBAAAA,GAAqB;YACvB,OAAO/D,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM;AACxB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIyD,wBAAAA,GAA2B;YAC7B,OAAOhE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI4C,uBAAAA,GAA0B;YAC5B,OAAOjE,CAAAA,CAAEG,MAAM,CAAC;AACd+D,gBAAAA,IAAAA,EAAMlE,EAAEO,MAAM,EAAA;AACduD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI6D,wBAAAA,GAA2B;YAC7B,OAAOpE,CAAAA,CAAEG,MAAM,CAAC;AACdkE,gBAAAA,eAAAA,EAAiBrE,EAAEO,MAAM,EAAA;AACzBuD,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClB4D,gBAAAA,oBAAAA,EAAsBnE,EAAEO,MAAM;AACpC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAI+D,+BAAAA,GAAkC;YACpC,OAAOtE,CAAAA,CAAEG,MAAM,CAAC;AACdkB,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK;AACpB,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkD,oBAAAA,GAAuB;YACzB,OAAOvE,CAAAA,CAAEG,MAAM,CAAC;AACdiB,gBAAAA,QAAAA,EAAUpB,EAAEO,MAAM,EAAA;AAClBc,gBAAAA,KAAAA,EAAOrB,EAAEqB,KAAK,EAAA;AACdyC,gBAAAA,QAAAA,EAAU9D,EAAEO,MAAM,EAAA;AAClBmB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIgE,oBAAAA,GAAuB;YACzB,OAAOxE,CAAAA,CAAEG,MAAM,CAAC;gBACdiB,QAAAA,EAAUpB,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAC7Ba,KAAAA,EAAOrB,CAAAA,CAAEqB,KAAK,EAAA,CAAGb,QAAQ,EAAA;gBACzBsD,QAAAA,EAAU9D,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAC7BkB,gBAAAA,IAAAA,EAAMb,kBAAkBL,QAAQ;AACtC,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIiE,oBAAAA,GAAuB;YACzB,OAAOzE,CAAAA,CAAEG,MAAM,CAAC;AACdwB,gBAAAA,IAAAA,EAAM3B,EAAEO,MAAM,EAAA;gBACdqB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;AAChCsB,gBAAAA,IAAAA,EAAM9B,EAAEO,MAAM,EAAA;gBACd6B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAIkE,oBAAAA,GAAuB;YACzB,OAAO1E,CAAAA,CAAEG,MAAM,CAAC;gBACdwB,IAAAA,EAAM3B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzBoB,WAAAA,EAAa5B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBAChCsB,IAAAA,EAAM9B,CAAAA,CAAEO,MAAM,EAAA,CAAGC,QAAQ,EAAA;gBACzB4B,WAAAA,EAAapC,CAAAA,CAAEqC,MAAM,CAACrC,CAAAA,CAAEO,MAAM,EAAA,EAAIP,CAAAA,CAAE0C,OAAO,EAAA,CAAA,CAAIlC,QAAQ;AAC7D,aAAA,CAAA;AACA,QAAA;AAEE,QAAA,IAAImE,WAAAA,GAAc;AAChB,YAAA,OAAO3E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIqE,WAAAA,GAAc;AAChB,YAAA,OAAO5E,EAAEO,MAAM,EAAA;AACnB,QAAA;AAEE,QAAA,IAAIsE,aAAAA,GAAgB;AAClB,YAAA,OAAO7E,EAAEO,MAAM,EAAA;AACnB,QAAA;AA9OE,QAAA,WAAA,CAAYuE,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AACnB,QAAA;AA4OA;IAEAE,UAAAA,GAAiB;AACf9D,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -3,6 +3,11 @@
|
|
|
3
3
|
var require$$0 = require('lodash');
|
|
4
4
|
var require$$1 = require('jsonwebtoken');
|
|
5
5
|
|
|
6
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
7
|
+
|
|
8
|
+
var require$$0__default = /*#__PURE__*/_interopDefault(require$$0);
|
|
9
|
+
var require$$1__default = /*#__PURE__*/_interopDefault(require$$1);
|
|
10
|
+
|
|
6
11
|
var jwt_1;
|
|
7
12
|
var hasRequiredJwt;
|
|
8
13
|
function requireJwt() {
|
|
@@ -12,8 +17,8 @@ function requireJwt() {
|
|
|
12
17
|
* Jwt.js service
|
|
13
18
|
*
|
|
14
19
|
* @description: A set of functions similar to controller's actions to avoid code duplication.
|
|
15
|
-
*/ const _ = require$$
|
|
16
|
-
const jwt = require$$
|
|
20
|
+
*/ const _ = require$$0__default.default;
|
|
21
|
+
const jwt = require$$1__default.default;
|
|
17
22
|
jwt_1 = ({ strapi })=>({
|
|
18
23
|
getToken (ctx) {
|
|
19
24
|
let token;
|
|
@@ -66,18 +71,20 @@ function requireJwt() {
|
|
|
66
71
|
if (!user) {
|
|
67
72
|
throw new Error('Invalid token.');
|
|
68
73
|
}
|
|
74
|
+
// Surface the sessionId so the strategy can flag the "current" session.
|
|
69
75
|
return {
|
|
70
|
-
id: user.id
|
|
76
|
+
id: user.id,
|
|
77
|
+
sessionId: result.payload.sessionId
|
|
71
78
|
};
|
|
72
79
|
}
|
|
73
80
|
return new Promise((resolve, reject)=>{
|
|
74
81
|
const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
|
|
75
|
-
const algorithms =
|
|
76
|
-
jwtConfig
|
|
77
|
-
]
|
|
78
|
-
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'),
|
|
82
|
+
const algorithms = [
|
|
83
|
+
jwtConfig?.algorithm || 'HS256'
|
|
84
|
+
];
|
|
85
|
+
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {
|
|
79
86
|
algorithms
|
|
80
|
-
}
|
|
87
|
+
}, (err, tokenPayload = {})=>{
|
|
81
88
|
if (err) {
|
|
82
89
|
return reject(new Error('Invalid token.'));
|
|
83
90
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig
|
|
1
|
+
{"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n // Surface the sessionId so the strategy can flag the \"current\" session.\n return { id: user.id, sessionId: result.payload.sessionId };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = [jwtConfig?.algorithm || 'HS256'];\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n { algorithms },\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","sessionId","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAAA,GAAIC,2BAAAA;AACV,IAAA,MAAMC,GAAAA,GAAMC,2BAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAAA,CAAIE,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAA,IAAYF,KAAAA,CAAMG,MAAM,KAAK,CAAA,EAAG;wBAC7D,OAAO,IAAA;AACf,oBAAA;oBAEMP,KAAAA,GAAQI,KAAK,CAAC,CAAA,CAAE;gBACtB,CAAA,MAAW;oBACL,OAAO,IAAA;AACb,gBAAA;gBAEI,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACvB,YAAA,CAAA;AAEES,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAAA,GAAa,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;AACtB,oBAAA,MAAMG,SAASC,MAAAA,CAAON,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAAA,EAAQ;AACX,wBAAA,MAAM,IAAIG,KAAAA,CAAM,qCAAA,CAAA;AACxB,oBAAA;AAEM,oBAAA,MAAMC,iBAAAA,GAAoB,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MAAAA,CACnBwB,cAAc,CAAC,mBAAA,CAAA,CACfC,oBAAoB,CAACP,MAAAA,EAAQQ,SAAAA,EAAW;4BAAEC,IAAAA,EAAM;AAAS,yBAAA,CAAA;wBAE5D,MAAMC,MAAAA,GAAS,MAAM5B,MAAAA,CAClBwB,cAAc,CAAC,mBAAA,CAAA,CACfK,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAAA,EAAQ;AACrB,4BAAA,MAAM,IAAIP,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;AAEQ,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,oBAAA,CAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACb,gBAAA;AAEI3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAAA,CAAQoB,MAAM,KAAKpB,OAAAA,CAAAA,EAC5Cb,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClBH,UAAAA,CAAAA;AAEN,YAAA,CAAA;AAEE,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAAA,CAAOwB,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAA,EAAU;AACvD,wBAAA,MAAM,IAAIN,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,MAAMgB,IAAAA,GAAO,MAAMrC,MAAAA,CAAOsC,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;wBAAEC,KAAAA,EAAO;4BAAErB,EAAAA,EAAIsB,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAA,IAAKgB,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAE,qBAAA,CAAA;AAClF,oBAAA,IAAI,CAACmB,IAAAA,EAAM;AACT,wBAAA,MAAM,IAAIhB,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;;oBAGM,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB,EAAE;wBAAEuB,SAAAA,EAAWT,MAAAA,CAAOrB,OAAO,CAAC8B;;AACtD,gBAAA;gBAEI,OAAO,IAAIC,OAAAA,CAAQ,CAACC,OAAAA,EAASC,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY/C,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM+B,UAAAA,GAAa;AAACD,wBAAAA,SAAAA,EAAWE,SAAAA,IAAa;AAAQ,qBAAA;oBAEpDpD,GAAAA,CAAIc,MAAM,CACRR,KAAAA,EACAH,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB;AAAE+B,wBAAAA;AAAU,qBAAA,EACZ,CAACE,GAAAA,EAAKC,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAAA,EAAK;4BACP,OAAOJ,MAAAA,CAAO,IAAIzB,KAAAA,CAAM,gBAAA,CAAA,CAAA;AACpC,wBAAA;wBACUwB,OAAAA,CAAQM,YAAAA,CAAAA;AAClB,oBAAA,CAAA,CAAA;AAEA,gBAAA,CAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
|
|
@@ -64,18 +64,20 @@ function requireJwt() {
|
|
|
64
64
|
if (!user) {
|
|
65
65
|
throw new Error('Invalid token.');
|
|
66
66
|
}
|
|
67
|
+
// Surface the sessionId so the strategy can flag the "current" session.
|
|
67
68
|
return {
|
|
68
|
-
id: user.id
|
|
69
|
+
id: user.id,
|
|
70
|
+
sessionId: result.payload.sessionId
|
|
69
71
|
};
|
|
70
72
|
}
|
|
71
73
|
return new Promise((resolve, reject)=>{
|
|
72
74
|
const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
|
|
73
|
-
const algorithms =
|
|
74
|
-
jwtConfig
|
|
75
|
-
]
|
|
76
|
-
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'),
|
|
75
|
+
const algorithms = [
|
|
76
|
+
jwtConfig?.algorithm || 'HS256'
|
|
77
|
+
];
|
|
78
|
+
jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {
|
|
77
79
|
algorithms
|
|
78
|
-
}
|
|
80
|
+
}, (err, tokenPayload = {})=>{
|
|
79
81
|
if (err) {
|
|
80
82
|
return reject(new Error('Invalid token.'));
|
|
81
83
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig
|
|
1
|
+
{"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n // Surface the sessionId so the strategy can flag the \"current\" session.\n return { id: user.id, sessionId: result.payload.sessionId };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = [jwtConfig?.algorithm || 'HS256'];\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n { algorithms },\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","sessionId","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAAA,GAAIC,UAAAA;AACV,IAAA,MAAMC,GAAAA,GAAMC,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAAA,CAAIE,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAA,IAAYF,KAAAA,CAAMG,MAAM,KAAK,CAAA,EAAG;wBAC7D,OAAO,IAAA;AACf,oBAAA;oBAEMP,KAAAA,GAAQI,KAAK,CAAC,CAAA,CAAE;gBACtB,CAAA,MAAW;oBACL,OAAO,IAAA;AACb,gBAAA;gBAEI,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACvB,YAAA,CAAA;AAEES,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAAA,GAAa,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;AACtB,oBAAA,MAAMG,SAASC,MAAAA,CAAON,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAAA,EAAQ;AACX,wBAAA,MAAM,IAAIG,KAAAA,CAAM,qCAAA,CAAA;AACxB,oBAAA;AAEM,oBAAA,MAAMC,iBAAAA,GAAoB,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MAAAA,CACnBwB,cAAc,CAAC,mBAAA,CAAA,CACfC,oBAAoB,CAACP,MAAAA,EAAQQ,SAAAA,EAAW;4BAAEC,IAAAA,EAAM;AAAS,yBAAA,CAAA;wBAE5D,MAAMC,MAAAA,GAAS,MAAM5B,MAAAA,CAClBwB,cAAc,CAAC,mBAAA,CAAA,CACfK,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAAA,EAAQ;AACrB,4BAAA,MAAM,IAAIP,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;AAEQ,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,oBAAA,CAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACb,gBAAA;AAEI3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAAA,CAAQoB,MAAM,KAAKpB,OAAAA,CAAAA,EAC5Cb,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClBH,UAAAA,CAAAA;AAEN,YAAA,CAAA;AAEE,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,yCAAA,EAA2C,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAA,EAAW;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAAA,CAAOwB,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAA,EAAU;AACvD,wBAAA,MAAM,IAAIN,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;oBAEM,MAAMgB,IAAAA,GAAO,MAAMrC,MAAAA,CAAOsC,EAAE,CACzBC,KAAK,CAAC,gCAAA,CAAA,CACNC,OAAO,CAAC;wBAAEC,KAAAA,EAAO;4BAAErB,EAAAA,EAAIsB,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAA,IAAKgB,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAE,qBAAA,CAAA;AAClF,oBAAA,IAAI,CAACmB,IAAAA,EAAM;AACT,wBAAA,MAAM,IAAIhB,KAAAA,CAAM,gBAAA,CAAA;AACxB,oBAAA;;oBAGM,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB,EAAE;wBAAEuB,SAAAA,EAAWT,MAAAA,CAAOrB,OAAO,CAAC8B;;AACtD,gBAAA;gBAEI,OAAO,IAAIC,OAAAA,CAAQ,CAACC,OAAAA,EAASC,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY/C,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM+B,UAAAA,GAAa;AAACD,wBAAAA,SAAAA,EAAWE,SAAAA,IAAa;AAAQ,qBAAA;oBAEpDpD,GAAAA,CAAIc,MAAM,CACRR,KAAAA,EACAH,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB;AAAE+B,wBAAAA;AAAU,qBAAA,EACZ,CAACE,GAAAA,EAAKC,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAAA,EAAK;4BACP,OAAOJ,MAAAA,CAAO,IAAIzB,KAAAA,CAAM,gBAAA,CAAA,CAAA;AACpC,wBAAA;wBACUwB,OAAAA,CAAQM,YAAAA,CAAAA;AAClB,oBAAA,CAAA,CAAA;AAEA,gBAAA,CAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
|
|
@@ -6,15 +6,23 @@ var require$$2 = require('url-join');
|
|
|
6
6
|
var require$$3 = require('jwk-to-pem');
|
|
7
7
|
var require$$4 = require('purest');
|
|
8
8
|
|
|
9
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
10
|
+
|
|
11
|
+
var require$$0__default = /*#__PURE__*/_interopDefault(require$$0);
|
|
12
|
+
var require$$1__default = /*#__PURE__*/_interopDefault(require$$1);
|
|
13
|
+
var require$$2__default = /*#__PURE__*/_interopDefault(require$$2);
|
|
14
|
+
var require$$3__default = /*#__PURE__*/_interopDefault(require$$3);
|
|
15
|
+
var require$$4__default = /*#__PURE__*/_interopDefault(require$$4);
|
|
16
|
+
|
|
9
17
|
var providersRegistry;
|
|
10
18
|
var hasRequiredProvidersRegistry;
|
|
11
19
|
function requireProvidersRegistry() {
|
|
12
20
|
if (hasRequiredProvidersRegistry) return providersRegistry;
|
|
13
21
|
hasRequiredProvidersRegistry = 1;
|
|
14
|
-
const { strict: assert } = require$$
|
|
15
|
-
const jwt = require$$
|
|
16
|
-
const urljoin = require$$
|
|
17
|
-
const jwkToPem = require$$
|
|
22
|
+
const { strict: assert } = require$$0__default.default;
|
|
23
|
+
const jwt = require$$1__default.default;
|
|
24
|
+
const urljoin = require$$2__default.default;
|
|
25
|
+
const jwkToPem = require$$3__default.default;
|
|
18
26
|
const getCognitoPayload = async ({ idToken, jwksUrl, purest })=>{
|
|
19
27
|
const { header: { kid }, payload } = jwt.decode(idToken, {
|
|
20
28
|
complete: true
|
|
@@ -512,7 +520,7 @@ function requireProvidersRegistry() {
|
|
|
512
520
|
}
|
|
513
521
|
});
|
|
514
522
|
providersRegistry = ()=>{
|
|
515
|
-
const purest = require$$
|
|
523
|
+
const purest = require$$4__default.default;
|
|
516
524
|
const apiPrefix = strapi.config.get('api.rest.prefix');
|
|
517
525
|
const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');
|
|
518
526
|
const authProviders = initProviders({
|