@strapi/review-workflows 0.0.0-experimental.f75e3c6d67cc47c64ab37479efdbb7b43be50b78 → 0.0.0-experimental.f9cac24ba3b2f6acb12d0fb5669106e5a134174e

package/dist/server/index.mjs

@@ -6837,23 +6837,6 @@ const reviewWorkflows = {
         ]
       }
     },
-    {
-      method: "GET",
-      path: "/workflows/:id",
-      handler: "workflows.findById",
-      config: {
-        middlewares: [enableFeatureMiddleware("review-workflows")],
-        policies: [
-          "admin::isAuthenticatedAdmin",
-          {
-            name: "admin::hasPermissions",
-            config: {
-              actions: ["admin::review-workflows.read"]
-            }
-          }
-        ]
-      }
-    },
     {
       method: "GET",
       path: "/workflows/:workflow_id/stages",
@@ -6917,7 +6900,7 @@ const reviewWorkflows = {
           {
             name: "admin::hasPermissions",
             config: {
-              actions: ["admin::users.read", "admin::review-workflows.read"]
+              actions: ["admin::users.read"]
             }
           }
         ]
@@ -7338,23 +7321,17 @@ const stages$1 = ({ strapi: strapi2 }) => {
     },
     /**
      * Update the stage of an entity
-     *
-     * @param {object} entityInfo
-     * @param {number} entityInfo.id - Entity id
-     * @param {string} entityInfo.modelUID - the content-type of the entity
-     * @param {number} stageId - The id of the stage to assign to the entity
      */
-    async updateEntity(entityInfo, stageId) {
+    async updateEntity(documentId, locale, model, stageId) {
       const stage = await this.findById(stageId);
       await workflowValidator.validateWorkflowCount();
       if (!stage) {
         throw new ApplicationError$2(`Selected stage does not exist`);
       }
-      const entity = await strapi2.db.query(entityInfo.modelUID).update({
-        where: {
-          id: entityInfo.id
-        },
-        data: { [ENTITY_STAGE_ATTRIBUTE]: stageId },
+      const entity = await strapi2.documents(model).update({
+        documentId,
+        locale,
+        data: { [ENTITY_STAGE_ATTRIBUTE]: stage },
         populate: [ENTITY_STAGE_ATTRIBUTE]
       });
       metrics.sendDidChangeEntryStage();
@@ -7771,7 +7748,12 @@ const reviewWorkflowsWeeklyMetrics = ({ strapi: strapi2 }) => {
     },
     async registerCron() {
       const weeklySchedule = await this.ensureWeeklyStoredCronSchedule();
-      strapi2.cron.add({ [weeklySchedule]: this.sendMetrics.bind(this) });
+      strapi2.cron.add({
+        reviewWorkflowsWeekly: {
+          task: this.sendMetrics.bind(this),
+          options: weeklySchedule
+        }
+      });
     }
   };
 };
@@ -7827,6 +7809,7 @@ const handleStageOnUpdate = async (ctx, next) => {
     strapi.eventHub.emit(WORKFLOW_UPDATE_STAGE, {
       model: model.modelName,
       uid: model.uid,
+      // TODO v6: Rename to "entry", which is what is used for regular CRUD updates
       entity: {
         // @ts-expect-error
         id: result?.id,
@@ -8028,30 +8011,6 @@ const workflows = {
         workflowCount
       }
     };
-  },
-  /**
-   * Get one workflow based on its id contained in request parameters
-   * Returns count of workflows in meta, used to prevent workflow edition when
-   * max workflow count is reached for the current plan
-   * @param {import('koa').BaseContext} ctx - koa context
-   */
-  async findById(ctx) {
-    const { id } = ctx.params;
-    const { query } = ctx.request;
-    const { sanitizeOutput, sanitizedQuery } = getWorkflowsPermissionChecker(
-      { strapi },
-      ctx.state.userAbility
-    );
-    const { populate } = await sanitizedQuery.read(query);
-    const workflowService = getService("workflows");
-    const [workflow2, workflowCount] = await Promise.all([
-      workflowService.findById(id, { populate }).then(formatWorkflowToAdmin),
-      workflowService.count()
-    ]);
-    ctx.body = {
-      data: await sanitizeOutput(workflow2),
-      meta: { workflowCount }
-    };
   }
 };
 function sanitizeStage({ strapi: strapi2 }, userAbility) {
@@ -8136,7 +8095,12 @@ const stages = {
     );
     const workflow2 = await workflowService.assertContentTypeBelongsToWorkflow(modelUID);
     workflowService.assertStageBelongsToWorkflow(stageId, workflow2);
-    const updatedEntity = await stagesService.updateEntity({ id: entity.id, modelUID }, stageId);
+    const updatedEntity = await stagesService.updateEntity(
+      entity.documentId,
+      entity.locale,
+      modelUID,
+      stageId
+    );
     ctx.body = { data: await sanitizeOutput(updatedEntity) };
   },
   /**
@@ -8156,10 +8120,9 @@ const stages = {
     if (strapi.plugin("content-manager").service("permission-checker").create({ userAbility: ctx.state.userAbility, model: modelUID }).cannot.read()) {
       return ctx.forbidden();
     }
-    const locale = await validateLocale(query?.locale);
+    const locale = await validateLocale(query?.locale) ?? void 0;
     const entity = await strapi.documents(modelUID).findOne({
       documentId,
-      // @ts-expect-error - locale should be also null in the doc service types
       locale,
       populate: [ENTITY_STAGE_ATTRIBUTE]
     });
@@ -8168,12 +8131,13 @@ const stages = {
     }
     const entityStageId = entity[ENTITY_STAGE_ATTRIBUTE]?.id;
     const canTransition = stagePermissions2.can(STAGE_TRANSITION_UID, entityStageId);
-    const [workflowCount, { stages: workflowStages }] = await Promise.all([
+    const [workflowCount, workflowResult] = await Promise.all([
       workflowService.count(),
       workflowService.getAssignedWorkflow(modelUID, {
         populate: "stages"
       })
     ]);
+    const workflowStages = workflowResult ? workflowResult.stages : [];
     const meta = {
       stageCount: workflowStages.length,
       workflowCount
@@ -8209,22 +8173,37 @@ const assignees = {
   async updateEntity(ctx) {
     const assigneeService = getService("assignees");
     const workflowService = getService("workflows");
+    const stagePermissions2 = getService("stage-permissions");
     const { model_uid: model, id: documentId } = ctx.params;
-    const { locale } = ctx.request.query || {};
+    const locale = await validateLocale(ctx.request.query?.locale) ?? void 0;
     const { sanitizeOutput } = strapi.plugin("content-manager").service("permission-checker").create({ userAbility: ctx.state.userAbility, model });
+    const entity = await strapi.documents(model).findOne({
+      documentId,
+      locale,
+      populate: [ENTITY_STAGE_ATTRIBUTE]
+    });
+    if (!entity) {
+      ctx.throw(404, "Entity not found");
+    }
+    const canTransitionStage = stagePermissions2.can(
+      STAGE_TRANSITION_UID,
+      entity[ENTITY_STAGE_ATTRIBUTE]?.id
+    );
+    if (!canTransitionStage) {
+      ctx.throw(403, "Stage transition permission is required");
+    }
     const { id: assigneeId } = await validateUpdateAssigneeOnEntity(
       ctx.request?.body?.data,
       "You should pass a valid id to the body of the put request."
     );
-    await validateLocale(locale);
     await workflowService.assertContentTypeBelongsToWorkflow(model);
-    const entity = await assigneeService.updateEntityAssignee(
+    const updatedEntity = await assigneeService.updateEntityAssignee(
       documentId,
       locale || null,
       model,
       assigneeId
     );
-    ctx.body = { data: await sanitizeOutput(entity) };
+    ctx.body = { data: await sanitizeOutput(updatedEntity) };
   }
 };
 const controllers = {