@strapi/review-workflows 5.0.0-rc.26 → 5.0.0-rc.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/server/index.mjs
CHANGED
|
@@ -6900,7 +6900,7 @@ const reviewWorkflows = {
|
|
|
6900
6900
|
{
|
|
6901
6901
|
name: "admin::hasPermissions",
|
|
6902
6902
|
config: {
|
|
6903
|
-
actions: ["admin::users.read"
|
|
6903
|
+
actions: ["admin::users.read"]
|
|
6904
6904
|
}
|
|
6905
6905
|
}
|
|
6906
6906
|
]
|
|
@@ -8115,10 +8115,9 @@ const stages = {
|
|
|
8115
8115
|
if (strapi.plugin("content-manager").service("permission-checker").create({ userAbility: ctx.state.userAbility, model: modelUID }).cannot.read()) {
|
|
8116
8116
|
return ctx.forbidden();
|
|
8117
8117
|
}
|
|
8118
|
-
const locale = await validateLocale(query?.locale);
|
|
8118
|
+
const locale = await validateLocale(query?.locale) ?? void 0;
|
|
8119
8119
|
const entity = await strapi.documents(modelUID).findOne({
|
|
8120
8120
|
documentId,
|
|
8121
|
-
// @ts-expect-error - locale should be also null in the doc service types
|
|
8122
8121
|
locale,
|
|
8123
8122
|
populate: [ENTITY_STAGE_ATTRIBUTE]
|
|
8124
8123
|
});
|
|
@@ -8169,22 +8168,37 @@ const assignees = {
|
|
|
8169
8168
|
async updateEntity(ctx) {
|
|
8170
8169
|
const assigneeService = getService("assignees");
|
|
8171
8170
|
const workflowService = getService("workflows");
|
|
8171
|
+
const stagePermissions2 = getService("stage-permissions");
|
|
8172
8172
|
const { model_uid: model, id: documentId } = ctx.params;
|
|
8173
|
-
const
|
|
8173
|
+
const locale = await validateLocale(ctx.request.query?.locale) ?? void 0;
|
|
8174
8174
|
const { sanitizeOutput } = strapi.plugin("content-manager").service("permission-checker").create({ userAbility: ctx.state.userAbility, model });
|
|
8175
|
+
const entity = await strapi.documents(model).findOne({
|
|
8176
|
+
documentId,
|
|
8177
|
+
locale,
|
|
8178
|
+
populate: [ENTITY_STAGE_ATTRIBUTE]
|
|
8179
|
+
});
|
|
8180
|
+
if (!entity) {
|
|
8181
|
+
ctx.throw(404, "Entity not found");
|
|
8182
|
+
}
|
|
8183
|
+
const canTransitionStage = stagePermissions2.can(
|
|
8184
|
+
STAGE_TRANSITION_UID,
|
|
8185
|
+
entity[ENTITY_STAGE_ATTRIBUTE]?.id
|
|
8186
|
+
);
|
|
8187
|
+
if (!canTransitionStage) {
|
|
8188
|
+
ctx.throw(403, "Stage transition permission is required");
|
|
8189
|
+
}
|
|
8175
8190
|
const { id: assigneeId } = await validateUpdateAssigneeOnEntity(
|
|
8176
8191
|
ctx.request?.body?.data,
|
|
8177
8192
|
"You should pass a valid id to the body of the put request."
|
|
8178
8193
|
);
|
|
8179
|
-
await validateLocale(locale);
|
|
8180
8194
|
await workflowService.assertContentTypeBelongsToWorkflow(model);
|
|
8181
|
-
const
|
|
8195
|
+
const updatedEntity = await assigneeService.updateEntityAssignee(
|
|
8182
8196
|
documentId,
|
|
8183
8197
|
locale || null,
|
|
8184
8198
|
model,
|
|
8185
8199
|
assigneeId
|
|
8186
8200
|
);
|
|
8187
|
-
ctx.body = { data: await sanitizeOutput(
|
|
8201
|
+
ctx.body = { data: await sanitizeOutput(updatedEntity) };
|
|
8188
8202
|
}
|
|
8189
8203
|
};
|
|
8190
8204
|
const controllers = {
|