@strapi/strapi 4.0.0-beta.0

package/lib/services/metrics/sender.js

@@ -0,0 +1,76 @@
+'use strict';
+
+const os = require('os');
+const _ = require('lodash');
+const isDocker = require('is-docker');
+const { machineIdSync } = require('node-machine-id');
+const fetch = require('node-fetch');
+const ciEnv = require('ci-info');
+const ee = require('../../utils/ee');
+const stringifyDeep = require('./stringify-deep');
+
+const defaultQueryOpts = {
+  timeout: 1000,
+  headers: { 'Content-Type': 'application/json' },
+};
+
+const ANALYTICS_URI = 'https://analytics.strapi.io';
+
+/**
+ * Add properties from the package.json strapi key in the metadata
+ * @param {object} metadata
+ */
+const addPackageJsonStrapiMetadata = (metadata, strapi) => {
+  const { packageJsonStrapi = {} } = strapi.config;
+
+  _.defaults(metadata, packageJsonStrapi);
+};
+
+/**
+ * Create a send function for event with all the necessary metadatas
+ * @param {Object} strapi strapi app
+ * @returns {Function} (event, payload) -> Promise{boolean}
+ */
+module.exports = strapi => {
+  const { uuid } = strapi.config;
+  const deviceId = machineIdSync();
+  const isEE = strapi.EE === true && ee.isEE === true;
+
+  const anonymous_metadata = {
+    environment: strapi.config.environment,
+    os: os.type(),
+    osPlatform: os.platform(),
+    osRelease: os.release(),
+    nodeVersion: process.version,
+    docker: process.env.DOCKER || isDocker(),
+    isCI: ciEnv.isCI,
+    version: strapi.config.get('info.strapi'),
+    strapiVersion: strapi.config.get('info.strapi'),
+    projectType: isEE ? 'Enterprise' : 'Community',
+  };
+
+  addPackageJsonStrapiMetadata(anonymous_metadata, strapi);
+
+  return async (event, payload = {}, opts = {}) => {
+    const reqParams = {
+      method: 'POST',
+      body: JSON.stringify({
+        event,
+        uuid,
+        deviceId,
+        properties: stringifyDeep({
+          ...payload,
+          ...anonymous_metadata,
+        }),
+      }),
+      ..._.merge({}, defaultQueryOpts, opts),
+    };
+
+    try {
+      const res = await fetch(`${ANALYTICS_URI}/track`, reqParams);
+      return res.ok;
+    } catch (err) {
+      return false;
+    }
+  };
+};

package/lib/services/metrics/stringify-deep.js

@@ -0,0 +1,22 @@
+'use strict';
+
+const { map, mapValues, isObject, isArray, toString } = require('lodash/fp');
+
+/**
+ * Stringify all non object valutes before send them
+ * @param {object} obj
+ * @returns {object}
+ */
+const stringifyDeep = value => {
+  if (isArray(value)) {
+    return map(stringifyDeep, value);
+  }
+
+  if (isObject(value)) {
+    return mapValues(stringifyDeep, value);
+  }
+
+  return toString(value);
+};
+
+module.exports = stringifyDeep;

package/lib/services/server/admin-api.js

@@ -0,0 +1,14 @@
+'use strict';
+
+const { createAPI } = require('./api');
+
+const createAdminAPI = strapi => {
+  const opts = {
+    prefix: '', // '/admin';
+    type: 'admin',
+  };
+
+  return createAPI(strapi, opts);
+};
+
+module.exports = { createAdminAPI };

package/lib/services/server/api.js

@@ -0,0 +1,32 @@
+'use strict';
+
+const Router = require('@koa/router');
+
+const { createRouteManager } = require('./routing');
+
+const createAPI = (strapi, opts = {}) => {
+  const { prefix, type } = opts;
+
+  const api = new Router({ prefix });
+
+  const routeManager = createRouteManager(strapi, { type });
+
+  return {
+    use(fn) {
+      api.use(fn);
+      return this;
+    },
+
+    routes(routes) {
+      routeManager.addRoutes(routes, api);
+      return this;
+    },
+
+    mount(router) {
+      router.use(api.routes(), api.allowedMethods());
+      return this;
+    },
+  };
+};
+
+module.exports = { createAPI };

package/lib/services/server/compose-endpoint.js

@@ -0,0 +1,112 @@
+'use strict';
+
+const { toLower, castArray, trim, prop } = require('lodash/fp');
+
+const compose = require('koa-compose');
+const { resolveMiddlewares } = require('./middleware');
+const { resolvePolicies } = require('./policy');
+
+const getMethod = route => trim(toLower(route.method));
+const getPath = route => trim(route.path);
+
+const createRouteInfoMiddleware = routeInfo => (ctx, next) => {
+  const route = {
+    ...routeInfo,
+    config: routeInfo.config || {},
+  };
+
+  ctx.state.route = route;
+  return next();
+};
+
+const getAuthConfig = prop('config.auth');
+
+const createAuthorizeMiddleware = strapi => async (ctx, next) => {
+  const { auth, route } = ctx.state;
+
+  const authService = strapi.container.get('auth');
+
+  try {
+    await authService.verify(auth, getAuthConfig(route));
+
+    return next();
+  } catch (error) {
+    const { UnauthorizedError, ForbiddenError } = authService.errors;
+
+    if (error instanceof UnauthorizedError) {
+      return ctx.unauthorized();
+    }
+
+    if (error instanceof ForbiddenError) {
+      return ctx.forbidden();
+    }
+
+    throw error;
+  }
+};
+
+const createAuthenticateMiddleware = strapi => async (ctx, next) => {
+  return strapi.container.get('auth').authenticate(ctx, next);
+};
+
+module.exports = strapi => {
+  const authenticate = createAuthenticateMiddleware(strapi);
+  const authorize = createAuthorizeMiddleware(strapi);
+
+  return (route, { router }) => {
+    try {
+      const method = getMethod(route);
+      const path = getPath(route);
+
+      const middlewares = resolveMiddlewares(route);
+      const policies = resolvePolicies(route);
+
+      const action = getAction(route, strapi);
+
+      const routeHandler = compose([
+        createRouteInfoMiddleware(route),
+        authenticate,
+        authorize,
+        ...policies,
+        ...middlewares,
+        ...castArray(action),
+      ]);
+
+      router[method](path, routeHandler);
+    } catch (error) {
+      throw new Error(`Error creating endpoint ${route.method} ${route.path}: ${error.message}`);
+    }
+  };
+};
+
+const getController = (name, { pluginName, apiName }, strapi) => {
+  if (pluginName) {
+    if (pluginName === 'admin') {
+      return strapi.controller(`admin::${name}`);
+    }
+    return strapi.plugin(pluginName).controller(name);
+  } else if (apiName) {
+    return strapi.controller(`api::${apiName}.${name}`);
+  }
+
+  return strapi.controller(name);
+};
+
+const getAction = (route, strapi) => {
+  const { handler, info = {} } = route;
+  const { pluginName, apiName } = info;
+
+  if (Array.isArray(handler) || typeof handler === 'function') {
+    return handler;
+  }
+
+  const [controllerName, actionName] = trim(handler).split('.');
+
+  const controller = getController(toLower(controllerName), { pluginName, apiName }, strapi);
+
+  if (typeof controller[actionName] !== 'function') {
+    throw new Error(`Handler not found "${handler}"`);
+  }
+
+  return controller[actionName].bind(controller);
+};

package/lib/services/server/content-api.js

@@ -0,0 +1,16 @@
+'use strict';
+
+const { createAPI } = require('./api');
+
+const createContentAPI = strapi => {
+  const opts = {
+    prefix: strapi.config.get('api.prefix', '/api'),
+    type: 'content-api',
+  };
+
+  return createAPI(strapi, opts);
+};
+
+module.exports = {
+  createContentAPI,
+};

package/lib/services/server/http-server.js

@@ -0,0 +1,64 @@
+'use strict';
+
+const http = require('http');
+
+const createHTTPServer = (strapi, koaApp) => {
+  const connections = new Set();
+
+  // lazy creation of the request listener
+  let handler;
+  const listener = function handleRequest(req, res) {
+    if (!handler) {
+      handler = koaApp.callback();
+    }
+
+    return handler(req, res);
+  };
+
+  const server = http.createServer(listener);
+
+  server.on('connection', connection => {
+    connections.add(connection);
+
+    connection.on('close', () => {
+      connections.delete(connection);
+    });
+  });
+
+  // handle port in use cleanly
+  server.on('error', err => {
+    if (err.code === 'EADDRINUSE') {
+      return strapi.stopWithError(`The port ${err.port} is already used by another application.`);
+    }
+
+    strapi.log.error(err);
+  });
+
+  server.destroy = async () => {
+    for (const connection of connections) {
+      connection.destroy();
+
+      connections.delete(connection);
+    }
+
+    if (!server.listening) {
+      return;
+    }
+
+    return new Promise((resolve, reject) =>
+      server.close(error => {
+        if (error) {
+          return reject(error);
+        }
+
+        resolve();
+      })
+    );
+  };
+
+  return server;
+};
+
+module.exports = {
+  createHTTPServer,
+};

package/lib/services/server/index.js

@@ -0,0 +1,108 @@
+'use strict';
+
+const Koa = require('koa');
+const Router = require('@koa/router');
+
+const { createHTTPServer } = require('./http-server');
+const { createRouteManager } = require('./routing');
+const { createAdminAPI } = require('./admin-api');
+const { createContentAPI } = require('./content-api');
+
+const healthCheck = async ctx => {
+  ctx.set('strapi', 'You are so French!');
+  ctx.status = 204;
+};
+
+/**
+ * @typedef Server
+ *
+ * @property {Koa} app
+ * @property {http.Server} app
+ */
+
+/**
+ *
+ * @param {Strapi} strapi
+ * @returns {Server}
+ */
+const createServer = strapi => {
+  const app = new Koa({
+    proxy: strapi.config.get('server.proxy'),
+  });
+
+  const router = new Router({
+    // FIXME: this prefix can break the admin if not specified in the admin url
+    prefix: strapi.config.get('middleware.settings.router.prefix', ''),
+  });
+
+  const routeManager = createRouteManager(strapi);
+
+  const httpServer = createHTTPServer(strapi, app);
+
+  const apis = {
+    'content-api': createContentAPI(strapi),
+    admin: createAdminAPI(strapi),
+  };
+
+  // init health check
+  router.all('/_health', healthCheck);
+
+  const state = {
+    mounted: false,
+  };
+
+  return {
+    app,
+    router,
+    httpServer,
+
+    api(name) {
+      return apis[name];
+    },
+
+    use(...args) {
+      app.use(...args);
+      return this;
+    },
+
+    routes(routes) {
+      if (routes.type) {
+        const api = apis[routes.type];
+        if (!api) {
+          throw new Error(`API ${routes.type} not found. Possible APIs are ${Object.keys(apis)}`);
+        }
+
+        apis[routes.type].routes(routes);
+        return this;
+      }
+
+      routeManager.addRoutes(routes, router);
+      return this;
+    },
+
+    mount() {
+      state.mounted = true;
+
+      Object.values(apis).forEach(api => api.mount(router));
+      app.use(router.routes()).use(router.allowedMethods());
+
+      return this;
+    },
+
+    listen(...args) {
+      if (!state.mounted) {
+        this.mount();
+      }
+
+      return httpServer.listen(...args);
+    },
+
+    async destroy() {
+      await httpServer.destroy();
+    },
+  };
+};
+
+module.exports = {
+  createServer,
+};

package/lib/services/server/middleware.js

@@ -0,0 +1,28 @@
+'use strict';
+
+const { propOr } = require('lodash/fp');
+
+const getMiddlewareConfig = propOr([], 'config.middlewares');
+
+const resolveMiddlewares = route => {
+  const middlewaresConfig = getMiddlewareConfig(route);
+
+  return middlewaresConfig.map(middlewareConfig => {
+    if (typeof middlewareConfig === 'function') {
+      return middlewareConfig;
+    }
+
+    // TODO: this won't work until we have the new middleware formats
+    const middleware = strapi.middleware(middlewareConfig);
+
+    if (!middleware) {
+      throw new Error(`Middleware ${middlewareConfig} not found.`);
+    }
+
+    return middleware;
+  });
+};
+
+module.exports = {
+  resolveMiddlewares,
+};

package/lib/services/server/policy.js

@@ -0,0 +1,34 @@
+'use strict';
+
+const { propOr } = require('lodash/fp');
+const policy = require('@strapi/utils/lib/policy');
+
+const { bodyPolicy } = policy;
+
+const getPoliciesConfig = propOr([], 'config.policies');
+
+const resolvePolicies = route => {
+  const { pluginName, apiName } = route.info || {};
+  const policiesConfig = getPoliciesConfig(route);
+
+  const policiesMiddleware = async (ctx, next) => {
+    const context = policy.createPolicyContext('koa', ctx);
+
+    for (const policyName of policiesConfig) {
+      const resolvedPolicy = await policy.get(policyName, { pluginName, apiName });
+      const result = await resolvedPolicy({ ctx: context, strapi });
+
+      if (![true, undefined].includes(result)) {
+        throw new Error('Policies failed.');
+      }
+    }
+
+    await next();
+  };
+
+  return [policiesMiddleware, bodyPolicy];
+};
+
+module.exports = {
+  resolvePolicies,
+};

package/lib/services/server/routing.js

@@ -0,0 +1,107 @@
+'use strict';
+
+const Router = require('@koa/router');
+const _ = require('lodash');
+const { has } = require('lodash/fp');
+const { yup } = require('@strapi/utils');
+
+const createEndpointComposer = require('./compose-endpoint');
+
+const policyOrMiddlewareSchema = yup.lazy(value => {
+  if (typeof value === 'string') {
+    return yup.string().required();
+  }
+
+  if (typeof value === 'function') {
+    return yup.mixed().isFunction();
+  }
+
+  return yup.object({
+    name: yup.string().required(),
+    options: yup.object().notRequired(), // any options
+  });
+});
+
+const routeSchema = yup.object({
+  method: yup
+    .string()
+    .oneOf(['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'ALL'])
+    .required(),
+  path: yup.string().required(),
+  handler: yup.lazy(value => {
+    if (typeof value === 'string') {
+      return yup.string().required();
+    }
+
+    if (Array.isArray(value)) {
+      return yup.array().required();
+    }
+
+    return yup
+      .mixed()
+      .isFunction()
+      .required();
+  }),
+  config: yup
+    .object({
+      policies: yup
+        .array()
+        .of(policyOrMiddlewareSchema)
+        .notRequired(),
+      middlwares: yup
+        .array()
+        .of(policyOrMiddlewareSchema)
+        .notRequired(),
+    })
+    .notRequired(),
+});
+
+const validateRouteConfig = routeConfig => {
+  try {
+    return routeSchema.validateSync(routeConfig, {
+      strict: true,
+      abortEarly: false,
+      stripUnknown: true,
+    });
+  } catch (error) {
+    throw new Error('Invalid route config', error.message);
+  }
+};
+
+const createRouteManager = (strapi, opts = {}) => {
+  const { type } = opts;
+
+  const composeEndpoint = createEndpointComposer(strapi);
+
+  const createRoute = (route, router) => {
+    validateRouteConfig(route);
+
+    _.set(route, 'info.type', type || 'admin');
+
+    composeEndpoint(route, { router });
+  };
+
+  const addRoutes = (routes, router) => {
+    if (Array.isArray(routes)) {
+      routes.forEach(route => createRoute(route, router));
+    } else if (routes.routes) {
+      const subRouter = new Router({ prefix: routes.prefix });
+
+      routes.routes.forEach(route => {
+        const hasPrefix = has('prefix', route.config);
+        createRoute(route, hasPrefix ? router : subRouter);
+      });
+
+      return router.use(subRouter.routes(), subRouter.allowedMethods());
+    }
+  };
+
+  return {
+    addRoutes,
+  };
+};
+
+module.exports = {
+  validateRouteConfig,
+  createRouteManager,
+};

package/lib/services/utils/upload-files.js

@@ -0,0 +1,79 @@
+'use strict';
+
+const _ = require('lodash');
+
+/**
+ * Upload files and like them to an entity
+ * @param {string} uid model uid
+ * @param {object} entity entity created
+ * @param {object} files files to upload
+ * @returns {void}
+ */
+module.exports = async (uid, entity, files) => {
+  const modelDef = strapi.getModel(uid);
+
+  if (!_.has(strapi.plugins, 'upload')) {
+    return;
+  }
+
+  const uploadService = strapi.plugin('upload').service('upload');
+
+  const findModelFromUploadPath = path => {
+    if (path.length === 0) {
+      return uid;
+    }
+
+    let currentPath = [];
+    let tmpModel = modelDef;
+    let modelUID = uid;
+
+    for (let i = 0; i < path.length; i++) {
+      if (!tmpModel) return {};
+      const part = path[i];
+      const attr = tmpModel.attributes[part];
+
+      currentPath.push(part);
+
+      // ignore array indexes => handled in the dynamic zone section
+      if (_.isFinite(_.toNumber(path[i]))) {
+        continue;
+      }
+
+      if (!attr) return {};
+
+      if (attr.type === 'component') {
+        modelUID = attr.component;
+        tmpModel = strapi.components[attr.component];
+      } else if (attr.type === 'dynamiczone') {
+        const entryIdx = path[i + 1]; // get component index
+        const value = _.get(entity, [...currentPath, entryIdx]);
+
+        if (!value) return {};
+
+        modelUID = value.__component; // get component type
+        tmpModel = strapi.components[modelUID];
+      } else if (attr.type === 'relation') {
+        modelUID = attr.target;
+        tmpModel = strapi.getModel(modelUID);
+      } else {
+        return;
+      }
+    }
+
+    return modelUID;
+  };
+
+  const doUpload = async (key, files) => {
+    const parts = key.split('.');
+    const [path, field] = [_.initial(parts), _.last(parts)];
+
+    const modelUID = findModelFromUploadPath(path);
+
+    if (modelUID) {
+      const id = _.get(entity, path.concat('id'));
+      return uploadService.uploadToEntity({ id, model: modelUID, field }, files);
+    }
+  };
+
+  await Promise.all(Object.keys(files).map(key => doUpload(key, files[key])));
+};