@strapi/review-workflows 5.0.0-rc.27 → 5.0.0-rc.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/server/index.js
CHANGED
|
@@ -6901,7 +6901,7 @@ const reviewWorkflows = {
|
|
|
6901
6901
|
{
|
|
6902
6902
|
name: "admin::hasPermissions",
|
|
6903
6903
|
config: {
|
|
6904
|
-
actions: ["admin::users.read"
|
|
6904
|
+
actions: ["admin::users.read"]
|
|
6905
6905
|
}
|
|
6906
6906
|
}
|
|
6907
6907
|
]
|
|
@@ -8116,10 +8116,9 @@ const stages = {
|
|
|
8116
8116
|
if (strapi.plugin("content-manager").service("permission-checker").create({ userAbility: ctx.state.userAbility, model: modelUID }).cannot.read()) {
|
|
8117
8117
|
return ctx.forbidden();
|
|
8118
8118
|
}
|
|
8119
|
-
const locale = await validateLocale(query?.locale);
|
|
8119
|
+
const locale = await validateLocale(query?.locale) ?? void 0;
|
|
8120
8120
|
const entity = await strapi.documents(modelUID).findOne({
|
|
8121
8121
|
documentId,
|
|
8122
|
-
// @ts-expect-error - locale should be also null in the doc service types
|
|
8123
8122
|
locale,
|
|
8124
8123
|
populate: [ENTITY_STAGE_ATTRIBUTE]
|
|
8125
8124
|
});
|
|
@@ -8170,22 +8169,37 @@ const assignees = {
|
|
|
8170
8169
|
async updateEntity(ctx) {
|
|
8171
8170
|
const assigneeService = getService("assignees");
|
|
8172
8171
|
const workflowService = getService("workflows");
|
|
8172
|
+
const stagePermissions2 = getService("stage-permissions");
|
|
8173
8173
|
const { model_uid: model, id: documentId } = ctx.params;
|
|
8174
|
-
const
|
|
8174
|
+
const locale = await validateLocale(ctx.request.query?.locale) ?? void 0;
|
|
8175
8175
|
const { sanitizeOutput } = strapi.plugin("content-manager").service("permission-checker").create({ userAbility: ctx.state.userAbility, model });
|
|
8176
|
+
const entity = await strapi.documents(model).findOne({
|
|
8177
|
+
documentId,
|
|
8178
|
+
locale,
|
|
8179
|
+
populate: [ENTITY_STAGE_ATTRIBUTE]
|
|
8180
|
+
});
|
|
8181
|
+
if (!entity) {
|
|
8182
|
+
ctx.throw(404, "Entity not found");
|
|
8183
|
+
}
|
|
8184
|
+
const canTransitionStage = stagePermissions2.can(
|
|
8185
|
+
STAGE_TRANSITION_UID,
|
|
8186
|
+
entity[ENTITY_STAGE_ATTRIBUTE]?.id
|
|
8187
|
+
);
|
|
8188
|
+
if (!canTransitionStage) {
|
|
8189
|
+
ctx.throw(403, "Stage transition permission is required");
|
|
8190
|
+
}
|
|
8176
8191
|
const { id: assigneeId } = await validateUpdateAssigneeOnEntity(
|
|
8177
8192
|
ctx.request?.body?.data,
|
|
8178
8193
|
"You should pass a valid id to the body of the put request."
|
|
8179
8194
|
);
|
|
8180
|
-
await validateLocale(locale);
|
|
8181
8195
|
await workflowService.assertContentTypeBelongsToWorkflow(model);
|
|
8182
|
-
const
|
|
8196
|
+
const updatedEntity = await assigneeService.updateEntityAssignee(
|
|
8183
8197
|
documentId,
|
|
8184
8198
|
locale || null,
|
|
8185
8199
|
model,
|
|
8186
8200
|
assigneeId
|
|
8187
8201
|
);
|
|
8188
|
-
ctx.body = { data: await sanitizeOutput(
|
|
8202
|
+
ctx.body = { data: await sanitizeOutput(updatedEntity) };
|
|
8189
8203
|
}
|
|
8190
8204
|
};
|
|
8191
8205
|
const controllers = {
|