@strapi/plugin-users-permissions 5.49.0 → 5.50.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.eslintrc.cjs +1 -0
- package/admin/src/pages/AdvancedSettings/index.jsx +1 -1
- package/admin/src/pages/Roles/pages/ListPage/index.jsx +1 -1
- package/admin/src/translations/ja.json +46 -7
- package/dist/admin/pages/AdvancedSettings/index.js +1 -1
- package/dist/admin/pages/AdvancedSettings/index.js.map +1 -1
- package/dist/admin/pages/AdvancedSettings/index.mjs +1 -1
- package/dist/admin/pages/AdvancedSettings/index.mjs.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.js +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs +1 -1
- package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -1
- package/dist/admin/translations/ja.json.js +46 -7
- package/dist/admin/translations/ja.json.js.map +1 -1
- package/dist/admin/translations/ja.json.mjs +46 -7
- package/dist/admin/translations/ja.json.mjs.map +1 -1
- package/dist/server/controllers/auth.js +133 -114
- package/dist/server/controllers/auth.js.map +1 -1
- package/dist/server/controllers/auth.mjs +132 -113
- package/dist/server/controllers/auth.mjs.map +1 -1
- package/dist/server/controllers/validation/auth.js +6 -6
- package/dist/server/controllers/validation/auth.js.map +1 -1
- package/dist/server/controllers/validation/auth.mjs +6 -6
- package/dist/server/controllers/validation/auth.mjs.map +1 -1
- package/dist/server/controllers/validation/user.js +16 -9
- package/dist/server/controllers/validation/user.js.map +1 -1
- package/dist/server/controllers/validation/user.mjs +16 -9
- package/dist/server/controllers/validation/user.mjs.map +1 -1
- package/dist/server/routes/content-api/auth.js +16 -0
- package/dist/server/routes/content-api/auth.js.map +1 -1
- package/dist/server/routes/content-api/auth.mjs +16 -0
- package/dist/server/routes/content-api/auth.mjs.map +1 -1
- package/dist/server/routes/content-api/validation.js +29 -2
- package/dist/server/routes/content-api/validation.js.map +1 -1
- package/dist/server/routes/content-api/validation.mjs +29 -2
- package/dist/server/routes/content-api/validation.mjs.map +1 -1
- package/dist/server/services/jwt.js +8 -6
- package/dist/server/services/jwt.js.map +1 -1
- package/dist/server/services/jwt.mjs +8 -6
- package/dist/server/services/jwt.mjs.map +1 -1
- package/dist/server/services/users-permissions.js +8 -0
- package/dist/server/services/users-permissions.js.map +1 -1
- package/dist/server/services/users-permissions.mjs +8 -0
- package/dist/server/services/users-permissions.mjs.map +1 -1
- package/dist/server/strategies/users-permissions.js +8 -1
- package/dist/server/strategies/users-permissions.js.map +1 -1
- package/dist/server/strategies/users-permissions.mjs +8 -1
- package/dist/server/strategies/users-permissions.mjs.map +1 -1
- package/dist/server/utils/refresh-cookie-options.js +27 -0
- package/dist/server/utils/refresh-cookie-options.js.map +1 -0
- package/dist/server/utils/refresh-cookie-options.mjs +25 -0
- package/dist/server/utils/refresh-cookie-options.mjs.map +1 -0
- package/lint-staged.config.mjs +1 -0
- package/package.json +5 -5
- package/rollup.config.mjs +3 -3
- package/server/controllers/auth.js +162 -141
- package/server/controllers/validation/auth.js +6 -6
- package/server/controllers/validation/user.js +22 -9
- package/server/routes/content-api/auth.js +12 -0
- package/server/routes/content-api/validation.js +32 -2
- package/server/services/jwt.js +4 -3
- package/server/services/users-permissions.js +2 -0
- package/server/strategies/users-permissions.js +6 -1
- package/server/utils/refresh-cookie-options.js +20 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"users-permissions.js","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,6BAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,2BAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,2BAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,2BAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;;AACzC,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;;AAC/C,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAE,CACbC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAE,CACbC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;AAAE,iBAAA,CAAA;AACtD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;uBAASf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
|
|
1
|
+
{"version":3,"file":"users-permissions.js","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.getSessions', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.revokeSession', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,6BAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,2BAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,2BAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,2BAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,4CAAA;YAA8CC,QAAAA,EAAU;AAAe,SAAA;AACjF,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAe,SAAA;AACnF,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;;AACzC,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;;AAC/C,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAE,CACbC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAE,CACbC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;AAAE,iBAAA,CAAA;AACtD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;uBAASf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
|
|
@@ -51,6 +51,14 @@ function requireUsersPermissions() {
|
|
|
51
51
|
action: 'plugin::users-permissions.auth.logout',
|
|
52
52
|
roleType: 'authenticated'
|
|
53
53
|
},
|
|
54
|
+
{
|
|
55
|
+
action: 'plugin::users-permissions.auth.getSessions',
|
|
56
|
+
roleType: 'authenticated'
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
action: 'plugin::users-permissions.auth.revokeSession',
|
|
60
|
+
roleType: 'authenticated'
|
|
61
|
+
},
|
|
54
62
|
{
|
|
55
63
|
action: 'plugin::users-permissions.user.me',
|
|
56
64
|
roleType: 'authenticated'
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"users-permissions.mjs","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,YAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,UAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;;AACzC,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;;AAC/C,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAE,CACbC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAE,CACbC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;AAAE,iBAAA,CAAA;AACtD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;uBAASf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
|
|
1
|
+
{"version":3,"file":"users-permissions.mjs","sources":["../../../server/services/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst _ = require('lodash');\nconst { filter, map, pipe, prop } = require('lodash/fp');\nconst urlJoin = require('url-join');\nconst {\n template: { createStrictInterpolationRegExp },\n errors,\n objects,\n sanitizeRoutesMapForSerialization,\n} = require('@strapi/utils');\n\nconst { getService } = require('../utils');\n\nconst DEFAULT_PERMISSIONS = [\n { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.connect', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.forgotPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.resetPassword', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.register', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.emailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.sendEmailConfirmation', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.refresh', roleType: 'public' },\n { action: 'plugin::users-permissions.auth.logout', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.getSessions', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.revokeSession', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.user.me', roleType: 'authenticated' },\n { action: 'plugin::users-permissions.auth.changePassword', roleType: 'authenticated' },\n];\n\nconst transformRoutePrefixFor = (pluginName) => (route) => {\n const prefix = route.config && route.config.prefix;\n const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;\n\n return {\n ...route,\n path,\n };\n};\n\nmodule.exports = ({ strapi }) => ({\n getActions({ defaultEnable = false } = {}) {\n const actionMap = {};\n\n const isContentApi = (action) => {\n if (!_.has(action, Symbol.for('__type__'))) {\n return false;\n }\n\n return action[Symbol.for('__type__')].includes('content-api');\n };\n\n _.forEach(strapi.apis, (api, apiName) => {\n const controllers = _.reduce(\n api.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`api::${apiName}`] = { controllers };\n }\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const controllers = _.reduce(\n plugin.controllers,\n (acc, controller, controllerName) => {\n const contentApiActions = _.pickBy(controller, isContentApi);\n\n if (_.isEmpty(contentApiActions)) {\n return acc;\n }\n\n acc[controllerName] = _.mapValues(contentApiActions, () => {\n return {\n enabled: defaultEnable,\n policy: '',\n };\n });\n\n return acc;\n },\n {}\n );\n\n if (!_.isEmpty(controllers)) {\n actionMap[`plugin::${pluginName}`] = { controllers };\n }\n });\n\n // Return a deeply cloned version to avoid circular references\n return _.cloneDeep(actionMap);\n },\n\n async getRoutes() {\n const routesMap = {};\n\n _.forEach(strapi.apis, (api, apiName) => {\n const routes = _.flatMap(api.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes;\n }\n\n return route;\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`api::${apiName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n _.forEach(strapi.plugins, (plugin, pluginName) => {\n const transformPrefix = transformRoutePrefixFor(pluginName);\n\n const routes = _.flatMap(plugin.routes, (route) => {\n if (_.has(route, 'routes')) {\n return route.routes.map(transformPrefix);\n }\n\n return transformPrefix(route);\n }).filter((route) => route.info.type === 'content-api');\n\n if (routes.length === 0) {\n return;\n }\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n routesMap[`plugin::${pluginName}`] = routes.map((route) => ({\n ...route,\n path: urlJoin(apiPrefix, route.path),\n }));\n });\n\n return sanitizeRoutesMapForSerialization(routesMap);\n },\n\n async syncPermissions() {\n const roles = await strapi.db.query('plugin::users-permissions.role').findMany();\n const dbPermissions = await strapi.db.query('plugin::users-permissions.permission').findMany();\n\n const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));\n\n const appActions = _.flatMap(strapi.apis, (api, apiName) => {\n return _.flatMap(api.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `api::${apiName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {\n return _.flatMap(plugin.controllers, (controller, controllerName) => {\n return _.keys(controller).map((actionName) => {\n return `plugin::${pluginName}.${controllerName}.${actionName}`;\n });\n });\n });\n\n const allActions = [...appActions, ...pluginsActions];\n\n const toDelete = _.difference(permissionsFoundInDB, allActions);\n\n await Promise.all(\n toDelete.map((action) => {\n return strapi.db\n .query('plugin::users-permissions.permission')\n .delete({ where: { action } });\n })\n );\n\n if (permissionsFoundInDB.length === 0) {\n // create default permissions\n for (const role of roles) {\n const toCreate = pipe(\n filter(({ roleType }) => roleType === role.type || roleType === null),\n map(prop('action'))\n )(DEFAULT_PERMISSIONS);\n\n await Promise.all(\n toCreate.map((action) => {\n return strapi.db.query('plugin::users-permissions.permission').create({\n data: {\n action,\n role: role.id,\n },\n });\n })\n );\n }\n }\n },\n\n async initialize() {\n const roleCount = await strapi.db.query('plugin::users-permissions.role').count();\n\n if (roleCount === 0) {\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Authenticated',\n description: 'Default role given to authenticated user.',\n type: 'authenticated',\n },\n });\n\n await strapi.db.query('plugin::users-permissions.role').create({\n data: {\n name: 'Public',\n description: 'Default role given to unauthenticated user.',\n type: 'public',\n },\n });\n }\n\n return getService('users-permissions').syncPermissions();\n },\n\n async updateUserRole(user, role) {\n return strapi.db\n .query('plugin::users-permissions.user')\n .update({ where: { id: user.id }, data: { role } });\n },\n\n template(layout, data) {\n const allowedTemplateVariables = objects.keysDeep(data);\n\n // Create a strict interpolation RegExp based on possible variable names\n const interpolate = createStrictInterpolationRegExp(allowedTemplateVariables, 'g');\n\n try {\n return _.template(layout, { interpolate, evaluate: false, escape: false })(data);\n } catch (e) {\n throw new errors.ApplicationError('Invalid email template');\n }\n },\n});\n"],"names":["_","require$$0","filter","map","pipe","prop","require$$1","urlJoin","require$$2","template","createStrictInterpolationRegExp","errors","objects","sanitizeRoutesMapForSerialization","require$$3","getService","require$$4","DEFAULT_PERMISSIONS","action","roleType","transformRoutePrefixFor","pluginName","route","prefix","config","path","undefined","usersPermissions","strapi","getActions","defaultEnable","actionMap","isContentApi","has","Symbol","for","includes","forEach","apis","api","apiName","controllers","reduce","acc","controller","controllerName","contentApiActions","pickBy","isEmpty","mapValues","enabled","policy","plugins","plugin","cloneDeep","getRoutes","routesMap","routes","flatMap","info","type","length","apiPrefix","get","transformPrefix","syncPermissions","roles","db","query","findMany","dbPermissions","permissionsFoundInDB","uniq","appActions","keys","actionName","pluginsActions","allActions","toDelete","difference","Promise","all","delete","where","role","toCreate","create","data","id","initialize","roleCount","count","name","description","updateUserRole","user","update","layout","allowedTemplateVariables","keysDeep","interpolate","evaluate","escape","e","ApplicationError"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAMA,CAAAA,GAAIC,YAAAA;IACV,MAAM,EAAEC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACpC,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;AAChB,IAAA,MAAM,EACJC,QAAAA,EAAU,EAAEC,+BAA+B,EAAE,EAC7CC,MAAM,EACNC,OAAO,EACPC,iCAAiC,EAClC,GAAGC,UAAAA;IAEJ,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB;AAC1B,QAAA;YAAEC,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAQ,SAAA;AAC7E,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAQ,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,yCAAA;YAA2CC,QAAAA,EAAU;AAAQ,SAAA;AACvE,QAAA;YAAED,MAAAA,EAAQ,kDAAA;YAAoDC,QAAAA,EAAU;AAAQ,SAAA;AAChF,QAAA;YAAED,MAAAA,EAAQ,sDAAA;YAAwDC,QAAAA,EAAU;AAAQ,SAAA;AACpF,QAAA;YAAED,MAAAA,EAAQ,wCAAA;YAA0CC,QAAAA,EAAU;AAAQ,SAAA;AACtE,QAAA;YAAED,MAAAA,EAAQ,uCAAA;YAAyCC,QAAAA,EAAU;AAAe,SAAA;AAC5E,QAAA;YAAED,MAAAA,EAAQ,4CAAA;YAA8CC,QAAAA,EAAU;AAAe,SAAA;AACjF,QAAA;YAAED,MAAAA,EAAQ,8CAAA;YAAgDC,QAAAA,EAAU;AAAe,SAAA;AACnF,QAAA;YAAED,MAAAA,EAAQ,mCAAA;YAAqCC,QAAAA,EAAU;AAAe,SAAA;AACxE,QAAA;YAAED,MAAAA,EAAQ,+CAAA;YAAiDC,QAAAA,EAAU;AAAe;AACrF,KAAA;IAED,MAAMC,uBAAAA,GAA0B,CAACC,UAAAA,GAAe,CAACC,KAAAA,GAAAA;AAC/C,YAAA,MAAMC,SAASD,KAAAA,CAAME,MAAM,IAAIF,KAAAA,CAAME,MAAM,CAACD,MAAM;AAClD,YAAA,MAAME,IAAAA,GAAOF,MAAAA,KAAWG,SAAAA,GAAY,CAAA,EAAGH,SAASD,KAAAA,CAAMG,IAAI,CAAA,CAAE,GAAG,CAAC,CAAC,EAAEJ,UAAAA,CAAAA,EAAaC,KAAAA,CAAMG,IAAI,CAAA,CAAE;YAE5F,OAAO;AACL,gBAAA,GAAGH,KAAK;AACRG,gBAAAA;AACJ,aAAA;AACA,QAAA,CAAA;AAEAE,IAAAA,gBAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,UAAAA,CAAAA,CAAW,EAAEC,aAAAA,GAAgB,KAAK,EAAE,GAAG,EAAE,EAAA;AACvC,gBAAA,MAAMC,YAAY,EAAA;AAElB,gBAAA,MAAMC,eAAe,CAACd,MAAAA,GAAAA;oBACpB,IAAI,CAAClB,EAAEiC,GAAG,CAACf,QAAQgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAA,EAAc;wBAC1C,OAAO,KAAA;AACf,oBAAA;oBAEM,OAAOjB,MAAM,CAACgB,MAAAA,CAAOC,GAAG,CAAC,UAAA,CAAA,CAAY,CAACC,QAAQ,CAAC,aAAA,CAAA;AACrD,gBAAA,CAAA;AAEIpC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;oBAC3B,MAAMC,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BH,IAAIE,WAAW,EACf,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,KAAK,EAAES,OAAAA,CAAAA,CAAS,CAAC,GAAG;AAAEC,4BAAAA;;AACzC,oBAAA;AACA,gBAAA,CAAA,CAAA;AAEIzC,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;oBACjC,MAAMoB,WAAAA,GAAczC,EAAE0C,MAAM,CAC1BW,OAAOZ,WAAW,EAClB,CAACE,GAAAA,EAAKC,UAAAA,EAAYC,cAAAA,GAAAA;AAChB,wBAAA,MAAMC,iBAAAA,GAAoB9C,CAAAA,CAAE+C,MAAM,CAACH,UAAAA,EAAYZ,YAAAA,CAAAA;wBAE/C,IAAIhC,CAAAA,CAAEgD,OAAO,CAACF,iBAAAA,CAAAA,EAAoB;4BAChC,OAAOH,GAAAA;AACnB,wBAAA;AAEUA,wBAAAA,GAAG,CAACE,cAAAA,CAAe,GAAG7C,CAAAA,CAAEiD,SAAS,CAACH,iBAAAA,EAAmB,IAAA;4BACnD,OAAO;gCACLI,OAAAA,EAASpB,aAAAA;gCACTqB,MAAAA,EAAQ;AACtB,6BAAA;AACA,wBAAA,CAAA,CAAA;wBAEU,OAAOR,GAAAA;AACjB,oBAAA,CAAA,EACQ,EAAA,CAAA;AAGF,oBAAA,IAAI,CAAC3C,CAAAA,CAAEgD,OAAO,CAACP,WAAAA,CAAAA,EAAc;AAC3BV,wBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEV,UAAAA,CAAAA,CAAY,CAAC,GAAG;AAAEoB,4BAAAA;;AAC/C,oBAAA;AACA,gBAAA,CAAA,CAAA;;gBAGI,OAAOzC,CAAAA,CAAEsD,SAAS,CAACvB,SAAAA,CAAAA;AACvB,YAAA,CAAA;YAEE,MAAMwB,SAAAA,CAAAA,GAAAA;AACJ,gBAAA,MAAMC,YAAY,EAAA;AAElBxD,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC3B,oBAAA,MAAMiB,SAASzD,CAAAA,CAAE0D,OAAO,CAACnB,GAAAA,CAAIkB,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACpC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,MAAMmC,MAAM;AAC7B,wBAAA;wBAEQ,OAAOnC,KAAAA;oBACf,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,KAAK,EAAEhB,OAAAA,CAAAA,CAAS,CAAC,GAAGiB,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AACpD,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEIzB,gBAAAA,CAAAA,CAAEqC,OAAO,CAACT,MAAAA,CAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACjC,oBAAA,MAAM2C,kBAAkB5C,uBAAAA,CAAwBC,UAAAA,CAAAA;AAEhD,oBAAA,MAAMoC,SAASzD,CAAAA,CAAE0D,OAAO,CAACL,MAAAA,CAAOI,MAAM,EAAE,CAACnC,KAAAA,GAAAA;AACvC,wBAAA,IAAItB,CAAAA,CAAEiC,GAAG,CAACX,KAAAA,EAAO,QAAA,CAAA,EAAW;AAC1B,4BAAA,OAAOA,KAAAA,CAAMmC,MAAM,CAACtD,GAAG,CAAC6D,eAAAA,CAAAA;AAClC,wBAAA;AAEQ,wBAAA,OAAOA,eAAAA,CAAgB1C,KAAAA,CAAAA;oBAC/B,CAAA,CAAA,CAASpB,MAAM,CAAC,CAACoB,KAAAA,GAAUA,MAAMqC,IAAI,CAACC,IAAI,KAAK,aAAA,CAAA;oBAEzC,IAAIH,MAAAA,CAAOI,MAAM,KAAK,CAAA,EAAG;AACvB,wBAAA;AACR,oBAAA;AAEM,oBAAA,MAAMC,SAAAA,GAAYlC,MAAAA,CAAOJ,MAAM,CAACuC,GAAG,CAAC,iBAAA,CAAA;AACpCP,oBAAAA,SAAS,CAAC,CAAC,QAAQ,EAAEnC,UAAAA,CAAAA,CAAY,CAAC,GAAGoC,MAAAA,CAAOtD,GAAG,CAAC,CAACmB,KAAAA,IAAW;AAC1D,4BAAA,GAAGA,KAAK;4BACRG,IAAAA,EAAMlB,OAAAA,CAAQuD,SAAAA,EAAWxC,KAAAA,CAAMG,IAAI;yBAC3C,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,OAAOZ,iCAAAA,CAAkC2C,SAAAA,CAAAA;AAC7C,YAAA,CAAA;YAEE,MAAMS,eAAAA,CAAAA,GAAAA;gBACJ,MAAMC,KAAAA,GAAQ,MAAMtC,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCC,QAAQ,EAAA;gBAC9E,MAAMC,aAAAA,GAAgB,MAAM1C,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,wCAAwCC,QAAQ,EAAA;AAE5F,gBAAA,MAAME,uBAAuBvE,CAAAA,CAAEwE,IAAI,CAACxE,CAAAA,CAAEG,GAAG,CAACmE,aAAAA,EAAe,QAAA,CAAA,CAAA;gBAEzD,MAAMG,UAAAA,GAAazE,EAAE0D,OAAO,CAAC9B,OAAOU,IAAI,EAAE,CAACC,GAAAA,EAAKC,OAAAA,GAAAA;AAC9C,oBAAA,OAAOxC,EAAE0D,OAAO,CAACnB,IAAIE,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAC7C,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,KAAK,EAAEnC,OAAAA,CAAQ,CAAC,EAAEK,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AAClE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;gBAEI,MAAMC,cAAAA,GAAiB5E,EAAE0D,OAAO,CAAC9B,OAAOwB,OAAO,EAAE,CAACC,MAAAA,EAAQhC,UAAAA,GAAAA;AACxD,oBAAA,OAAOrB,EAAE0D,OAAO,CAACL,OAAOZ,WAAW,EAAE,CAACG,UAAAA,EAAYC,cAAAA,GAAAA;AAChD,wBAAA,OAAO7C,EAAE0E,IAAI,CAAC9B,UAAAA,CAAAA,CAAYzC,GAAG,CAAC,CAACwE,UAAAA,GAAAA;4BAC7B,OAAO,CAAC,QAAQ,EAAEtD,UAAAA,CAAW,CAAC,EAAEwB,cAAAA,CAAe,CAAC,EAAE8B,UAAAA,CAAAA,CAAY;AACxE,wBAAA,CAAA,CAAA;AACA,oBAAA,CAAA,CAAA;AACA,gBAAA,CAAA,CAAA;AAEI,gBAAA,MAAME,UAAAA,GAAa;AAAIJ,oBAAAA,GAAAA,UAAAA;AAAeG,oBAAAA,GAAAA;AAAe,iBAAA;AAErD,gBAAA,MAAME,QAAAA,GAAW9E,CAAAA,CAAE+E,UAAU,CAACR,oBAAAA,EAAsBM,UAAAA,CAAAA;AAEpD,gBAAA,MAAMG,QAAQC,GAAG,CACfH,QAAAA,CAAS3E,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,oBAAA,OAAOU,OAAOuC,EAAE,CACbC,KAAK,CAAC,sCAAA,CAAA,CACNc,MAAM,CAAC;wBAAEC,KAAAA,EAAO;AAAEjE,4BAAAA;AAAM;AAAE,qBAAA,CAAA;AACrC,gBAAA,CAAA,CAAA,CAAA;gBAGI,IAAIqD,oBAAAA,CAAqBV,MAAM,KAAK,CAAA,EAAG;;oBAErC,KAAK,MAAMuB,QAAQlB,KAAAA,CAAO;AACxB,wBAAA,MAAMmB,WAAWjF,IAAAA,CACfF,MAAAA,CAAO,CAAC,EAAEiB,QAAQ,EAAE,GAAKA,QAAAA,KAAaiE,IAAAA,CAAKxB,IAAI,IAAIzC,QAAAA,KAAa,IAAA,CAAA,EAChEhB,GAAAA,CAAIE,KAAK,QAAA,CAAA,CAAA,CAAA,CACTY,mBAAAA,CAAAA;AAEF,wBAAA,MAAM+D,QAAQC,GAAG,CACfI,QAAAA,CAASlF,GAAG,CAAC,CAACe,MAAAA,GAAAA;AACZ,4BAAA,OAAOU,OAAOuC,EAAE,CAACC,KAAK,CAAC,sCAAA,CAAA,CAAwCkB,MAAM,CAAC;gCACpEC,IAAAA,EAAM;AACJrE,oCAAAA,MAAAA;AACAkE,oCAAAA,IAAAA,EAAMA,KAAKI;AAC3B;AACA,6BAAA,CAAA;AACA,wBAAA,CAAA,CAAA,CAAA;AAEA,oBAAA;AACA,gBAAA;AACA,YAAA,CAAA;YAEE,MAAMC,UAAAA,CAAAA,GAAAA;gBACJ,MAAMC,SAAAA,GAAY,MAAM9D,MAAAA,CAAOuC,EAAE,CAACC,KAAK,CAAC,kCAAkCuB,KAAK,EAAA;AAE/E,gBAAA,IAAID,cAAc,CAAA,EAAG;AACnB,oBAAA,MAAM9D,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,eAAA;4BACNC,WAAAA,EAAa,2CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AAEM,oBAAA,MAAMhC,OAAOuC,EAAE,CAACC,KAAK,CAAC,gCAAA,CAAA,CAAkCkB,MAAM,CAAC;wBAC7DC,IAAAA,EAAM;4BACJK,IAAAA,EAAM,QAAA;4BACNC,WAAAA,EAAa,6CAAA;4BACbjC,IAAAA,EAAM;AAChB;AACA,qBAAA,CAAA;AACA,gBAAA;gBAEI,OAAO7C,UAAAA,CAAW,qBAAqBkD,eAAe,EAAA;AAC1D,YAAA,CAAA;YAEE,MAAM6B,cAAAA,CAAAA,CAAeC,IAAI,EAAEX,IAAI,EAAA;AAC7B,gBAAA,OAAOxD,OAAOuC,EAAE,CACbC,KAAK,CAAC,gCAAA,CAAA,CACN4B,MAAM,CAAC;oBAAEb,KAAAA,EAAO;AAAEK,wBAAAA,EAAAA,EAAIO,KAAKP;AAAE,qBAAA;oBAAID,IAAAA,EAAM;AAAEH,wBAAAA;AAAI;AAAE,iBAAA,CAAA;AACtD,YAAA,CAAA;YAEE3E,QAAAA,CAAAA,CAASwF,MAAM,EAAEV,IAAI,EAAA;gBACnB,MAAMW,wBAAAA,GAA2BtF,OAAAA,CAAQuF,QAAQ,CAACZ,IAAAA,CAAAA;;gBAGlD,MAAMa,WAAAA,GAAc1F,gCAAgCwF,wBAAAA,EAA0B,GAAA,CAAA;gBAE9E,IAAI;oBACF,OAAOlG,CAAAA,CAAES,QAAQ,CAACwF,MAAAA,EAAQ;AAAEG,wBAAAA,WAAAA;wBAAaC,QAAAA,EAAU,KAAA;wBAAOC,MAAAA,EAAQ;uBAASf,IAAAA,CAAAA;AACjF,gBAAA,CAAA,CAAM,OAAOgB,CAAAA,EAAG;oBACV,MAAM,IAAI5F,MAAAA,CAAO6F,gBAAgB,CAAC,wBAAA,CAAA;AACxC,gBAAA;AACA,YAAA;SACA,CAAA;;;;;;"}
|
|
@@ -29,7 +29,7 @@ function requireUsersPermissions() {
|
|
|
29
29
|
try {
|
|
30
30
|
const token = await getService('jwt').getToken(ctx);
|
|
31
31
|
if (token) {
|
|
32
|
-
const { id } = token;
|
|
32
|
+
const { id, sessionId } = token;
|
|
33
33
|
// Invalid token
|
|
34
34
|
if (id === undefined) {
|
|
35
35
|
return {
|
|
@@ -61,6 +61,13 @@ function requireUsersPermissions() {
|
|
|
61
61
|
// Generate an ability (content API engine) based on the given permissions
|
|
62
62
|
const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);
|
|
63
63
|
ctx.state.user = user;
|
|
64
|
+
// Expose the session backing this request (refresh mode only) so endpoints
|
|
65
|
+
// can flag the "current" session when listing active sessions.
|
|
66
|
+
if (sessionId) {
|
|
67
|
+
ctx.state.session = {
|
|
68
|
+
id: sessionId
|
|
69
|
+
};
|
|
70
|
+
}
|
|
64
71
|
return {
|
|
65
72
|
authenticated: true,
|
|
66
73
|
credentials: user,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"users-permissions.js","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,2BAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,4BAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;
|
|
1
|
+
{"version":3,"file":"users-permissions.js","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id, sessionId } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n // Expose the session backing this request (refresh mode only) so endpoints\n // can flag the \"current\" session when listing active sessions.\n if (sessionId) {\n ctx.state.session = { id: sessionId };\n }\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","sessionId","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","session","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,2BAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,4BAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,eAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;AACT,gBAAA,MAAM,EAAEE,EAAE,EAAEC,SAAS,EAAE,GAAGH,KAAAA;;AAG1B,gBAAA,IAAIE,OAAOE,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;;AAChC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMjB,UAAAA,CAAW,MAAA,CAAA,CAAQkB,sBAAsB,CAACL,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACI,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;;AACxB,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMlB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIkB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACd,EAAE,CAAA,CACnDe,IAAI,CAAC5B,UAAAA,CAAW,cAAc6B,mBAAmB,CAAA,CACjDD,IAAI,CAACpC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc8B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM5B,MAAAA,CAAO6B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Ed,GAAAA,CAAIyB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;;;AAGjB,gBAAA,IAAIH,SAAAA,EAAW;oBACbJ,GAAAA,CAAIyB,KAAK,CAACC,OAAO,GAAG;wBAAEvB,EAAAA,EAAIC;AAAS,qBAAA;AAC3C,gBAAA;gBAEM,OAAO;oBACLE,aAAAA,EAAe,IAAA;oBACfqB,WAAAA,EAAapB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMO,iBAAAA,GAAoB,MAAMtC,UAAAA,CAAW,YAAA,CAAA,CACxCuC,qBAAqB,EAAA,CACrBX,IAAI,CAACpC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc8B,sBAAsB,CAAA,CAAA;YAE3D,IAAIQ,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAExB,aAAAA,EAAe;;AAC9B,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM5B,MAAAA,CAAO6B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACI,iBAAAA,CAAAA;YAE3E,OAAO;gBACLtB,aAAAA,EAAe,IAAA;gBACfqB,WAAAA,EAAa,IAAA;AACbN,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOU,GAAAA,EAAK;YACZ,OAAO;gBAAEzB,aAAAA,EAAe;;AAC5B,QAAA;AACA,IAAA,CAAA;IAEA,MAAM0B,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAapB,IAAI,EAAEc,OAAO,EAAE,GAAGY,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC5B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAIpB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACkC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIlC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAMiD,SAAAA,GAAYpD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACoD,KAAAA,GAAUd,OAAAA,CAAQgB,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIlD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAoD,gBAAAA,GAAiB;QACf1C,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACAiC,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -22,7 +22,7 @@ function requireUsersPermissions() {
|
|
|
22
22
|
try {
|
|
23
23
|
const token = await getService('jwt').getToken(ctx);
|
|
24
24
|
if (token) {
|
|
25
|
-
const { id } = token;
|
|
25
|
+
const { id, sessionId } = token;
|
|
26
26
|
// Invalid token
|
|
27
27
|
if (id === undefined) {
|
|
28
28
|
return {
|
|
@@ -54,6 +54,13 @@ function requireUsersPermissions() {
|
|
|
54
54
|
// Generate an ability (content API engine) based on the given permissions
|
|
55
55
|
const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);
|
|
56
56
|
ctx.state.user = user;
|
|
57
|
+
// Expose the session backing this request (refresh mode only) so endpoints
|
|
58
|
+
// can flag the "current" session when listing active sessions.
|
|
59
|
+
if (sessionId) {
|
|
60
|
+
ctx.state.session = {
|
|
61
|
+
id: sessionId
|
|
62
|
+
};
|
|
63
|
+
}
|
|
57
64
|
return {
|
|
58
65
|
authenticated: true,
|
|
59
66
|
credentials: user,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"users-permissions.mjs","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,WAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;
|
|
1
|
+
{"version":3,"file":"users-permissions.mjs","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n try {\n const token = await getService('jwt').getToken(ctx);\n\n if (token) {\n const { id, sessionId } = token;\n\n // Invalid token\n if (id === undefined) {\n return { authenticated: false };\n }\n\n const user = await getService('user').fetchAuthenticatedUser(id);\n\n // No user associated to the token\n if (!user) {\n return { error: 'Invalid credentials' };\n }\n\n const advancedSettings = await getAdvancedSettings();\n\n // User not confirmed\n if (advancedSettings.email_confirmation && !user.confirmed) {\n return { error: 'Invalid credentials' };\n }\n\n // User blocked\n if (user.blocked) {\n return { error: 'Invalid credentials' };\n }\n\n // Fetch user's permissions\n const permissions = await Promise.resolve(user.role.id)\n .then(getService('permission').findRolePermissions)\n .then(map(getService('permission').toContentAPIPermission));\n\n // Generate an ability (content API engine) based on the given permissions\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n ctx.state.user = user;\n // Expose the session backing this request (refresh mode only) so endpoints\n // can flag the \"current\" session when listing active sessions.\n if (sessionId) {\n ctx.state.session = { id: sessionId };\n }\n\n return {\n authenticated: true,\n credentials: user,\n ability,\n };\n }\n\n const publicPermissions = await getService('permission')\n .findPublicPermissions()\n .then(map(getService('permission').toContentAPIPermission));\n\n if (publicPermissions.length === 0) {\n return { authenticated: false };\n }\n\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n return {\n authenticated: true,\n credentials: null,\n ability,\n };\n } catch (err) {\n return { authenticated: false };\n }\n};\n\nconst verify = async (auth, config) => {\n const { credentials: user, ability } = auth;\n\n if (!config.scope) {\n if (!user) {\n // A non authenticated user cannot access routes that do not have a scope\n throw new UnauthorizedError();\n } else {\n // An authenticated user can access non scoped routes\n return;\n }\n }\n\n // If no ability have been generated, then consider auth is missing\n if (!ability) {\n throw new UnauthorizedError();\n }\n\n const isAllowed = pipe(\n // Make sure we're dealing with an array\n castArray,\n // Transform the scope array into an action array\n every((scope) => ability.can(scope))\n )(config.scope);\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nmodule.exports = {\n name: 'users-permissions',\n authenticate,\n verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","sessionId","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","session","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,WAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;AACT,gBAAA,MAAM,EAAEE,EAAE,EAAEC,SAAS,EAAE,GAAGH,KAAAA;;AAG1B,gBAAA,IAAIE,OAAOE,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;;AAChC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMjB,UAAAA,CAAW,MAAA,CAAA,CAAQkB,sBAAsB,CAACL,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACI,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;;AACxB,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMlB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIkB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;;AACxB,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACd,EAAE,CAAA,CACnDe,IAAI,CAAC5B,UAAAA,CAAW,cAAc6B,mBAAmB,CAAA,CACjDD,IAAI,CAACpC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc8B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM5B,MAAAA,CAAO6B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Ed,GAAAA,CAAIyB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;;;AAGjB,gBAAA,IAAIH,SAAAA,EAAW;oBACbJ,GAAAA,CAAIyB,KAAK,CAACC,OAAO,GAAG;wBAAEvB,EAAAA,EAAIC;AAAS,qBAAA;AAC3C,gBAAA;gBAEM,OAAO;oBACLE,aAAAA,EAAe,IAAA;oBACfqB,WAAAA,EAAapB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMO,iBAAAA,GAAoB,MAAMtC,UAAAA,CAAW,YAAA,CAAA,CACxCuC,qBAAqB,EAAA,CACrBX,IAAI,CAACpC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc8B,sBAAsB,CAAA,CAAA;YAE3D,IAAIQ,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAExB,aAAAA,EAAe;;AAC9B,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM5B,MAAAA,CAAO6B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACI,iBAAAA,CAAAA;YAE3E,OAAO;gBACLtB,aAAAA,EAAe,IAAA;gBACfqB,WAAAA,EAAa,IAAA;AACbN,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOU,GAAAA,EAAK;YACZ,OAAO;gBAAEzB,aAAAA,EAAe;;AAC5B,QAAA;AACA,IAAA,CAAA;IAEA,MAAM0B,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAapB,IAAI,EAAEc,OAAO,EAAE,GAAGY,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC5B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAIpB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACkC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIlC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAMiD,SAAAA,GAAYpD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACoD,KAAAA,GAAUd,OAAAA,CAAQgB,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIlD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAoD,gBAAAA,GAAiB;QACf1C,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACAiC,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var refreshCookieOptions;
|
|
4
|
+
var hasRequiredRefreshCookieOptions;
|
|
5
|
+
function requireRefreshCookieOptions() {
|
|
6
|
+
if (hasRequiredRefreshCookieOptions) return refreshCookieOptions;
|
|
7
|
+
hasRequiredRefreshCookieOptions = 1;
|
|
8
|
+
const buildRefreshCookieOptions = (upSessions, isProduction)=>{
|
|
9
|
+
const isSecure = typeof upSessions.cookie?.secure === 'boolean' ? upSessions.cookie?.secure : isProduction;
|
|
10
|
+
return {
|
|
11
|
+
httpOnly: true,
|
|
12
|
+
secure: isSecure,
|
|
13
|
+
sameSite: upSessions.cookie?.sameSite ?? 'lax',
|
|
14
|
+
path: upSessions.cookie?.path ?? '/',
|
|
15
|
+
domain: upSessions.cookie?.domain,
|
|
16
|
+
maxAge: upSessions.cookie?.maxAge,
|
|
17
|
+
overwrite: true
|
|
18
|
+
};
|
|
19
|
+
};
|
|
20
|
+
refreshCookieOptions = {
|
|
21
|
+
buildRefreshCookieOptions
|
|
22
|
+
};
|
|
23
|
+
return refreshCookieOptions;
|
|
24
|
+
}
|
|
25
|
+
|
|
26
|
+
exports.__require = requireRefreshCookieOptions;
|
|
27
|
+
//# sourceMappingURL=refresh-cookie-options.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-cookie-options.js","sources":["../../../server/utils/refresh-cookie-options.js"],"sourcesContent":["'use strict';\n\nconst buildRefreshCookieOptions = (upSessions, isProduction) => {\n const isSecure =\n typeof upSessions.cookie?.secure === 'boolean' ? upSessions.cookie?.secure : isProduction;\n\n return {\n httpOnly: true,\n secure: isSecure,\n sameSite: upSessions.cookie?.sameSite ?? 'lax',\n path: upSessions.cookie?.path ?? '/',\n domain: upSessions.cookie?.domain,\n maxAge: upSessions.cookie?.maxAge,\n overwrite: true,\n };\n};\n\nmodule.exports = {\n buildRefreshCookieOptions,\n};\n"],"names":["buildRefreshCookieOptions","upSessions","isProduction","isSecure","cookie","secure","httpOnly","sameSite","path","domain","maxAge","overwrite","refreshCookieOptions"],"mappings":";;;;;;;IAEA,MAAMA,yBAAAA,GAA4B,CAACC,UAAAA,EAAYC,YAAAA,GAAAA;QAC7C,MAAMC,QAAAA,GACJ,OAAOF,UAAAA,CAAWG,MAAM,EAAEC,WAAW,SAAA,GAAYJ,UAAAA,CAAWG,MAAM,EAAEC,MAAAA,GAASH,YAAAA;QAE/E,OAAO;YACLI,QAAAA,EAAU,IAAA;YACVD,MAAAA,EAAQF,QAAAA;YACRI,QAAAA,EAAUN,UAAAA,CAAWG,MAAM,EAAEG,QAAAA,IAAY,KAAA;YACzCC,IAAAA,EAAMP,UAAAA,CAAWG,MAAM,EAAEI,IAAAA,IAAQ,GAAA;YACjCC,MAAAA,EAAQR,UAAAA,CAAWG,MAAM,EAAEK,MAAAA;YAC3BC,MAAAA,EAAQT,UAAAA,CAAWG,MAAM,EAAEM,MAAAA;YAC3BC,SAAAA,EAAW;AACf,SAAA;AACA,IAAA,CAAA;IAEAC,oBAAAA,GAAiB;AACfZ,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
var refreshCookieOptions;
|
|
2
|
+
var hasRequiredRefreshCookieOptions;
|
|
3
|
+
function requireRefreshCookieOptions() {
|
|
4
|
+
if (hasRequiredRefreshCookieOptions) return refreshCookieOptions;
|
|
5
|
+
hasRequiredRefreshCookieOptions = 1;
|
|
6
|
+
const buildRefreshCookieOptions = (upSessions, isProduction)=>{
|
|
7
|
+
const isSecure = typeof upSessions.cookie?.secure === 'boolean' ? upSessions.cookie?.secure : isProduction;
|
|
8
|
+
return {
|
|
9
|
+
httpOnly: true,
|
|
10
|
+
secure: isSecure,
|
|
11
|
+
sameSite: upSessions.cookie?.sameSite ?? 'lax',
|
|
12
|
+
path: upSessions.cookie?.path ?? '/',
|
|
13
|
+
domain: upSessions.cookie?.domain,
|
|
14
|
+
maxAge: upSessions.cookie?.maxAge,
|
|
15
|
+
overwrite: true
|
|
16
|
+
};
|
|
17
|
+
};
|
|
18
|
+
refreshCookieOptions = {
|
|
19
|
+
buildRefreshCookieOptions
|
|
20
|
+
};
|
|
21
|
+
return refreshCookieOptions;
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
export { requireRefreshCookieOptions as __require };
|
|
25
|
+
//# sourceMappingURL=refresh-cookie-options.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-cookie-options.mjs","sources":["../../../server/utils/refresh-cookie-options.js"],"sourcesContent":["'use strict';\n\nconst buildRefreshCookieOptions = (upSessions, isProduction) => {\n const isSecure =\n typeof upSessions.cookie?.secure === 'boolean' ? upSessions.cookie?.secure : isProduction;\n\n return {\n httpOnly: true,\n secure: isSecure,\n sameSite: upSessions.cookie?.sameSite ?? 'lax',\n path: upSessions.cookie?.path ?? '/',\n domain: upSessions.cookie?.domain,\n maxAge: upSessions.cookie?.maxAge,\n overwrite: true,\n };\n};\n\nmodule.exports = {\n buildRefreshCookieOptions,\n};\n"],"names":["buildRefreshCookieOptions","upSessions","isProduction","isSecure","cookie","secure","httpOnly","sameSite","path","domain","maxAge","overwrite","refreshCookieOptions"],"mappings":";;;;;IAEA,MAAMA,yBAAAA,GAA4B,CAACC,UAAAA,EAAYC,YAAAA,GAAAA;QAC7C,MAAMC,QAAAA,GACJ,OAAOF,UAAAA,CAAWG,MAAM,EAAEC,WAAW,SAAA,GAAYJ,UAAAA,CAAWG,MAAM,EAAEC,MAAAA,GAASH,YAAAA;QAE/E,OAAO;YACLI,QAAAA,EAAU,IAAA;YACVD,MAAAA,EAAQF,QAAAA;YACRI,QAAAA,EAAUN,UAAAA,CAAWG,MAAM,EAAEG,QAAAA,IAAY,KAAA;YACzCC,IAAAA,EAAMP,UAAAA,CAAWG,MAAM,EAAEI,IAAAA,IAAQ,GAAA;YACjCC,MAAAA,EAAQR,UAAAA,CAAWG,MAAM,EAAEK,MAAAA;YAC3BC,MAAAA,EAAQT,UAAAA,CAAWG,MAAM,EAAEM,MAAAA;YAC3BC,SAAAA,EAAW;AACf,SAAA;AACA,IAAA,CAAA;IAEAC,oBAAAA,GAAiB;AACfZ,QAAAA;AACF,KAAA;;;;;;"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export { default } from '../../../lint-staged.shared.mjs';
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@strapi/plugin-users-permissions",
|
|
3
|
-
"version": "5.
|
|
3
|
+
"version": "5.50.1",
|
|
4
4
|
"description": "Protect your API with a full-authentication process based on JWT",
|
|
5
5
|
"homepage": "https://strapi.io",
|
|
6
6
|
"bugs": {
|
|
@@ -53,9 +53,9 @@
|
|
|
53
53
|
"watch": "run -T rollup -c -w"
|
|
54
54
|
},
|
|
55
55
|
"dependencies": {
|
|
56
|
-
"@strapi/design-system": "2.2.
|
|
57
|
-
"@strapi/icons": "2.2.
|
|
58
|
-
"@strapi/utils": "5.
|
|
56
|
+
"@strapi/design-system": "2.2.1",
|
|
57
|
+
"@strapi/icons": "2.2.1",
|
|
58
|
+
"@strapi/utils": "5.50.1",
|
|
59
59
|
"bcryptjs": "2.4.3",
|
|
60
60
|
"formik": "2.4.5",
|
|
61
61
|
"grant": "5.4.24",
|
|
@@ -75,7 +75,7 @@
|
|
|
75
75
|
"zod": "3.25.67"
|
|
76
76
|
},
|
|
77
77
|
"devDependencies": {
|
|
78
|
-
"@strapi/strapi": "5.
|
|
78
|
+
"@strapi/strapi": "5.50.1",
|
|
79
79
|
"@testing-library/dom": "10.4.1",
|
|
80
80
|
"@testing-library/react": "16.3.2",
|
|
81
81
|
"@testing-library/user-event": "14.6.1",
|
package/rollup.config.mjs
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { defineConfig } from 'rollup';
|
|
2
|
-
import {
|
|
2
|
+
import { baseConfig } from '../../../rollup.utils.mjs';
|
|
3
3
|
|
|
4
4
|
export default defineConfig([
|
|
5
5
|
baseConfig({
|
|
@@ -11,9 +11,9 @@ export default defineConfig([
|
|
|
11
11
|
}),
|
|
12
12
|
baseConfig({
|
|
13
13
|
input: {
|
|
14
|
-
index: './server/index.js'
|
|
14
|
+
index: './server/index.js',
|
|
15
15
|
},
|
|
16
16
|
rootDir: './server',
|
|
17
17
|
outDir: './dist/server',
|
|
18
|
-
})
|
|
18
|
+
}),
|
|
19
19
|
]);
|