@strapi/strapi 4.0.0-next.8 → 4.0.2

package/lib/middlewares/session/index.js

@@ -9,7 +9,7 @@ const session = require('koa-session');
  */
 module.exports = strapi => {
   const requireStore = store => {
-    return require(path.resolve(strapi.config.appPath, 'node_modules', 'koa-' + store));
+    return require(path.resolve(strapi.dirs.root, 'node_modules', 'koa-' + store));
   };
 
   const defineStore = session => {
@@ -93,7 +93,7 @@ module.exports = strapi => {
 
   return {
     initialize() {
-      strapi.app.keys = strapi.config.get('middleware.settings.session.secretKeys');
+      strapi.server.app.keys = strapi.config.get('middleware.settings.session.secretKeys');
 
       if (
         _.has(strapi.config.middleware.settings.session, 'client') &&
@@ -112,8 +112,8 @@ module.exports = strapi => {
             strapi.config.middleware.settings.session
           );
 
-          strapi.app.use(session(options, strapi.app));
-          strapi.app.use((ctx, next) => {
+          strapi.server.use(session(options, strapi.server.app));
+          strapi.server.use((ctx, next) => {
             ctx.state = ctx.state || {};
             ctx.state.session = ctx.session || {};
 
@@ -127,8 +127,8 @@ module.exports = strapi => {
       ) {
         const options = _.assign(strapi.config.middleware.settings.session);
 
-        strapi.app.use(session(options, strapi.app));
-        strapi.app.use((ctx, next) => {
+        strapi.server.use(session(options, strapi.server.app));
+        strapi.server.use((ctx, next) => {
           ctx.state = ctx.state || {};
           ctx.state.session = ctx.session || {};
 

package/lib/migrations/draft-publish.js

@@ -0,0 +1,57 @@
+'use strict';
+
+const { hasDraftAndPublish } = require('@strapi/utils').contentTypes;
+
+const enableDraftAndPublish = async ({ oldContentTypes, contentTypes }) => {
+  if (!oldContentTypes) {
+    return;
+  }
+  // run the after content types migrations
+
+  for (const uid in contentTypes) {
+    if (!oldContentTypes[uid]) {
+      continue;
+    }
+
+    const oldContentType = oldContentTypes[uid];
+    const contentType = contentTypes[uid];
+
+    // if d&p was enabled set publishedAt to eq createdAt
+    if (!hasDraftAndPublish(oldContentType) && hasDraftAndPublish(contentType)) {
+      const qb = strapi.db.queryBuilder(uid);
+      await qb
+        .update({ published_at: qb.ref('created_at') })
+        .where({ published_at: null })
+        .execute();
+    }
+  }
+};
+
+const disableDraftAndPublish = async ({ oldContentTypes, contentTypes }) => {
+  if (!oldContentTypes) {
+    return;
+  }
+
+  for (const uid in contentTypes) {
+    if (!oldContentTypes[uid]) {
+      continue;
+    }
+
+    const oldContentType = oldContentTypes[uid];
+    const contentType = contentTypes[uid];
+
+    // if d&p was disabled remove unpublish content before sync
+    if (hasDraftAndPublish(oldContentType) && !hasDraftAndPublish(contentType)) {
+      await strapi.db
+        .queryBuilder(uid)
+        .delete()
+        .where({ published_at: null })
+        .execute();
+    }
+  }
+};
+
+module.exports = {
+  enable: enableDraftAndPublish,
+  disable: disableDraftAndPublish,
+};

package/lib/services/auth/index.js

@@ -0,0 +1,87 @@
+'use strict';
+
+const { strict: assert } = require('assert');
+const { has, prop } = require('lodash/fp');
+
+const { UnauthorizedError } = require('@strapi/utils').errors;
+
+const INVALID_STRATEGY_MSG =
+  'Invalid auth strategy. Expecting an object with properties {name: string, authenticate: function, verify: function}';
+
+const validStrategy = strategy => {
+  assert(has('authenticate', strategy), INVALID_STRATEGY_MSG);
+  assert(typeof strategy.authenticate === 'function', INVALID_STRATEGY_MSG);
+
+  if (has('verify', strategy)) {
+    assert(typeof strategy.verify === 'function', INVALID_STRATEGY_MSG);
+  }
+};
+
+const createAuthentication = () => {
+  const strategies = {};
+
+  return {
+    register(type, strategy) {
+      validStrategy(strategy);
+
+      if (!strategies[type]) {
+        strategies[type] = [];
+      }
+
+      strategies[type].push(strategy);
+
+      return this;
+    },
+    async authenticate(ctx, next) {
+      const { route } = ctx.state;
+
+      // use route strategy
+      const config = prop('config.auth', route);
+
+      if (config === false) {
+        return next();
+      }
+
+      const strategiesToUse = strategies[route.info.type];
+
+      for (const strategy of strategiesToUse) {
+        const result = await strategy.authenticate(ctx);
+
+        const { authenticated = false, error = null, credentials } = result || {};
+
+        if (error !== null) {
+          return ctx.unauthorized(error);
+        }
+
+        if (authenticated) {
+          ctx.state.isAuthenticated = true;
+          ctx.state.auth = {
+            strategy,
+            credentials,
+          };
+
+          return next();
+        }
+      }
+
+      return ctx.unauthorized('Missing or invalid credentials');
+    },
+    async verify(auth, config = {}) {
+      if (config === false) {
+        return;
+      }
+
+      if (!auth) {
+        throw new UnauthorizedError();
+      }
+
+      if (typeof auth.strategy.verify === 'function') {
+        return auth.strategy.verify(auth, config);
+      }
+
+      return;
+    },
+  };
+};
+
+module.exports = createAuthentication;

package/lib/services/core-store.js

@@ -22,21 +22,37 @@ const coreStoreModel = {
   },
 };
 
-const createCoreStore = ({ environment: defaultEnv, db }) => {
-  return (source = {}) => {
-    async function get(params = {}) {
-      const { key, environment = defaultEnv, type = 'core', name = '', tag = '' } = Object.assign(
-        {},
-        source,
-        params
-      );
+const createCoreStore = ({ db }) => {
+  const mergeParams = (defaultParams, params) => {
+    return {
+      ...defaultParams,
+      ...params,
+    };
+  };
+
+  const store = function(defaultParams = {}) {
+    return {
+      get: params => store.get(mergeParams(defaultParams, params)),
+      set: params => store.set(mergeParams(defaultParams, params)),
+      delete: params => store.delete(mergeParams(defaultParams, params)),
+    };
+  };
+
+  Object.assign(store, {
+    /**
+     * Get value from the core store
+     * @param {Object} params
+     * @returns {*}
+     */
+    async get(params = {}) {
+      const { key, type = 'core', environment, name, tag } = params;
 
       const prefix = `${type}${name ? `_${name}` : ''}`;
 
       const where = {
         key: `${prefix}_${key}`,
-        environment,
-        tag,
+        environment: environment || null,
+        tag: tag || null,
       };
 
       const data = await db.query('strapi::core-store').findOne({ where });
@@ -57,71 +73,70 @@ const createCoreStore = ({ environment: defaultEnv, db }) => {
           return new Date(data.value);
         }
       } else if (data.type === 'number') {
-        return parseFloat(data.value);
+        return Number(data.value);
       } else {
         return null;
       }
-    }
+    },
 
-    async function set(params = {}) {
-      const { key, value, environment = defaultEnv, type, name, tag = '' } = Object.assign(
-        {},
-        source,
-        params
-      );
+    /**
+     * Set value in the core store
+     * @param {Object} params
+     * @returns {*}
+     */
+    async set(params = {}) {
+      const { key, value, type, environment, name, tag } = params;
 
       const prefix = `${type}${name ? `_${name}` : ''}`;
 
       const where = {
         key: `${prefix}_${key}`,
-        environment,
-        tag,
+        environment: environment || null,
+        tag: tag || null,
       };
 
       const data = await db.query('strapi::core-store').findOne({ where });
 
       if (data) {
-        Object.assign(data, {
-          value: JSON.stringify(value) || value.toString(),
-          type: (typeof value).toString(),
+        return db.query('strapi::core-store').update({
+          where: { id: data.id },
+          data: {
+            value: JSON.stringify(value) || value.toString(),
+            type: typeof value,
+          },
         });
+      }
 
-        await db.query('strapi::core-store').update({ where: { id: data.id }, data });
-      } else {
-        const data = Object.assign({}, where, {
+      return db.query('strapi::core-store').create({
+        data: {
+          ...where,
           value: JSON.stringify(value) || value.toString(),
-          type: (typeof value).toString(),
-          tag,
-        });
-
-        await db.query('strapi::core-store').create({ data });
-      }
-    }
+          type: typeof value,
+        },
+      });
+    },
 
-    async function deleteFn(params = {}) {
-      const { key, environment = defaultEnv, type, name, tag = '' } = Object.assign(
-        {},
-        source,
-        params
-      );
+    /**
+     * Deletes a value from the core store
+     * @param {Object} params
+     * @returns {*}
+     */
+    async delete(params = {}) {
+      const { key, environment, type, name, tag } = params;
 
       const prefix = `${type}${name ? `_${name}` : ''}`;
 
       const where = {
         key: `${prefix}_${key}`,
-        environment,
-        tag,
+        environment: environment || null,
+        tag: tag || null,
       };
 
-      await db.query('strapi::core-store').delete({ where });
-    }
+      return db.query('strapi::core-store').delete({ where });
+    },
+  });
 
-    return {
-      get,
-      set,
-      delete: deleteFn,
-    };
-  };
+  return store;
 };
 
 module.exports = {

package/lib/services/cron.js

@@ -0,0 +1,54 @@
+'use strict';
+
+const { Job } = require('node-schedule');
+const { isFunction } = require('lodash/fp');
+
+const createCronService = () => {
+  let jobsSpecs = [];
+
+  return {
+    add(tasks = {}) {
+      for (const taskExpression in tasks) {
+        const taskValue = tasks[taskExpression];
+
+        let fn;
+        let options;
+        if (isFunction(taskValue)) {
+          fn = taskValue.bind(tasks);
+          options = taskExpression;
+        } else if (isFunction(taskValue.task)) {
+          fn = taskValue.task.bind(taskValue);
+          options = taskValue.options;
+        } else {
+          throw new Error(
+            `Could not schedule a cron job for "${taskExpression}": no function found.`
+          );
+        }
+
+        const fnWithStrapi = (...args) => fn({ strapi }, ...args);
+
+        const job = new Job(null, fnWithStrapi);
+        jobsSpecs.push({ job, options });
+      }
+      return this;
+    },
+    start() {
+      if (!strapi.config.get('server.cron.enabled')) {
+        return;
+      }
+      jobsSpecs.forEach(({ job, options }) => job.schedule(options));
+      return this;
+    },
+    stop() {
+      jobsSpecs.forEach(({ job }) => job.cancel());
+      return this;
+    },
+    destroy() {
+      this.stop();
+      jobsSpecs = [];
+      return this;
+    },
+  };
+};
+
+module.exports = createCronService;

package/lib/services/entity-service/attributes/index.js

@@ -0,0 +1,31 @@
+'use strict';
+
+const transforms = require('./transforms');
+
+const applyTransforms = (data, context) => {
+  const { contentType } = context;
+
+  const entries = Object.entries(data);
+
+  for (const [attributeName, value] of entries) {
+    const attribute = contentType.attributes[attributeName];
+
+    if (!attribute) {
+      continue;
+    }
+
+    const transform = transforms[attribute.type];
+
+    if (transform) {
+      const attributeContext = { ...context, attributeName, attribute };
+
+      data[attributeName] = transform(value, attributeContext);
+    }
+  }
+
+  return data;
+};
+
+module.exports = {
+  applyTransforms,
+};

package/lib/services/entity-service/attributes/transforms.js

@@ -0,0 +1,20 @@
+'use strict';
+
+const { getOr, toNumber, isString, isBuffer } = require('lodash/fp');
+const bcrypt = require('bcryptjs');
+
+const transforms = {
+  password(value, context) {
+    const { attribute } = context;
+
+    if (!isString(value) && !isBuffer(value)) {
+      return value;
+    }
+
+    const rounds = toNumber(getOr(10, 'encryption.rounds', attribute));
+
+    return bcrypt.hashSync(value, rounds);
+  },
+};
+
+module.exports = transforms;

package/lib/services/entity-service/components.js

@@ -1,9 +1,10 @@
 'use strict';
 
 const _ = require('lodash');
-const { has, prop, omit } = require('lodash/fp');
+const { has, prop, omit, toString } = require('lodash/fp');
 
 const { contentTypes: contentTypesUtils } = require('@strapi/utils');
+const { ApplicationError } = require('@strapi/utils').errors;
 
 const omitComponentData = (contentType, data) => {
   const { attributes } = contentType;
@@ -131,11 +132,26 @@ const updateComponents = async (uid, entityToUpdate, data) => {
           componentValue.map(value => updateOrCreateComponent(componentUID, value))
         );
 
-        // TODO: add order
-        componentBody[attributeName] = components.filter(_.negate(_.isNil)).map(({ id }) => id);
+        componentBody[attributeName] = components.filter(_.negate(_.isNil)).map(({ id }, idx) => {
+          return {
+            id,
+            __pivot: {
+              order: idx + 1,
+              field: attributeName,
+              component_type: componentUID,
+            },
+          };
+        });
       } else {
         const component = await updateOrCreateComponent(componentUID, componentValue);
-        componentBody[attributeName] = component && component.id;
+        componentBody[attributeName] = component && {
+          id: component.id,
+          __pivot: {
+            order: 1,
+            field: attributeName,
+            component_type: componentUID,
+          },
+        };
       }
 
       continue;
@@ -151,9 +167,17 @@ const updateComponents = async (uid, entityToUpdate, data) => {
       }
 
       componentBody[attributeName] = await Promise.all(
-        dynamiczoneValues.map(async value => {
+        dynamiczoneValues.map(async (value, idx) => {
           const { id } = await updateOrCreateComponent(value.__component, value);
-          return { id, __component: value.__component };
+
+          return {
+            id,
+            __component: value.__component,
+            __pivot: {
+              order: idx + 1,
+              field: attributeName,
+            },
+          };
         })
       );
 
@@ -175,19 +199,19 @@ const deleteOldComponents = async (
 
   const idsToKeep = _.castArray(componentValue)
     .filter(has('id'))
-    .map(prop('id'));
+    .map(prop('id'))
+    .map(toString);
 
   const allIds = _.castArray(previousValue)
     .filter(has('id'))
-    .map(prop('id'));
+    .map(prop('id'))
+    .map(toString);
 
   idsToKeep.forEach(id => {
     if (!allIds.includes(id)) {
-      const err = new Error(
+      throw new ApplicationError(
         `Some of the provided components in ${attributeName} are not related to the entity`
       );
-      err.status = 400;
-      throw err;
     }
   });
 
@@ -206,14 +230,14 @@ const deleteOldDZComponents = async (uid, entityToUpdate, attributeName, dynamic
   const idsToKeep = _.castArray(dynamiczoneValues)
     .filter(has('id'))
     .map(({ id, __component }) => ({
-      id,
+      id: toString(id),
       __component,
     }));
 
   const allIds = _.castArray(previousValue)
     .filter(has('id'))
     .map(({ id, __component }) => ({
-      id,
+      id: toString(id),
       __component,
     }));
 
@@ -293,7 +317,7 @@ const createComponent = async (uid, data) => {
 
   const componentData = await createComponents(uid, data);
 
-  return await strapi.query(uid).create({
+  return strapi.query(uid).create({
     data: Object.assign(omitComponentData(model, data), componentData),
   });
 };
@@ -304,7 +328,7 @@ const updateComponent = async (uid, componentToUpdate, data) => {
 
   const componentData = await updateComponents(uid, componentToUpdate, data);
 
-  return await strapi.query(uid).update({
+  return strapi.query(uid).update({
     where: {
       id: componentToUpdate.id,
     },

package/lib/services/entity-service/index.d.ts

@@ -0,0 +1,91 @@
+import { Database } from '@strapi/database';
+import { Strapi } from '../../';
+
+type ID = number | string;
+
+type EntityServiceAction =
+  | 'findMany'
+  | 'findPage'
+  | 'findWithRelationCounts'
+  | 'findOne'
+  | 'count'
+  | 'create'
+  | 'update'
+  | 'delete';
+
+type PaginationInfo = {
+  page: number;
+  pageSize: number;
+  pageCount: number;
+  total: number;
+};
+
+type Params<T> = {
+  fields?: (keyof T)[];
+  filters?: any;
+  _q?: string;
+  populate?: any;
+  sort?: any;
+  start?: number;
+  limit?: number;
+  page?: number;
+  pageSize?: number;
+  publicationState?: string;
+  data?: any;
+  files?: any;
+};
+
+export interface EntityService {
+  uploadFiles<K extends keyof AllTypes, T extends AllTypes[K]>(uid: K, entity, files);
+  wrapParams<K extends keyof AllTypes, T extends AllTypes[K]>(
+    params: Params<T>,
+    { uid: K, action: EntityServiceAction }
+  );
+
+  findMany<K extends keyof AllTypes, T extends AllTypes[K]>(
+    uid: K,
+    params: Params<T>
+  ): Promise<T[]>;
+  findPage<K extends keyof AllTypes, T extends AllTypes[K]>(
+    uid: K,
+    params: Params<T>
+  ): Promise<{
+    results: T[];
+    pagination: PaginationInfo;
+  }>;
+
+  findWithRelationCounts<K extends keyof AllTypes, T extends AllTypes[K]>(
+    uid: K,
+    params: Params<T>
+  ): Promise<{
+    results: T[];
+    pagination: PaginationInfo;
+  }>;
+
+  findOne<K extends keyof AllTypes, T extends AllTypes[K]>(
+    uid: K,
+    entityId: ID,
+    params: Params<T>
+  ): Promise<T>;
+
+  count<K extends keyof AllTypes, T extends AllTypes[K]>(uid: K, params: Params<T>): Promise<any>;
+  create<K extends keyof AllTypes, T extends AllTypes[K]>(uid: K, params: Params<T>): Promise<any>;
+  update<K extends keyof AllTypes, T extends AllTypes[K]>(
+    uid: K,
+    entityId: ID,
+    params: Params<T>
+  ): Promise<any>;
+  delete<K extends keyof AllTypes, T extends AllTypes[K]>(
+    uid: K,
+    entityId: ID,
+    params: Params<T>
+  ): Promise<any>;
+}
+
+export default function(opts: {
+  strapi: Strapi;
+  db: Database;
+  // TODO: define types
+  eventHub: any;
+  entityValidator: any;
+}): EntityService;