@strapi/strapi 4.0.0-next.9 → 4.0.0

package/lib/services/entity-validator/index.js

@@ -4,15 +4,19 @@
  */
 'use strict';
 
-const { has, assoc, prop } = require('lodash/fp');
+const { has, assoc, prop, isObject } = require('lodash/fp');
 const strapiUtils = require('@strapi/utils');
 const validators = require('./validators');
 
-const { yup, formatYupErrors } = strapiUtils;
+const { yup, validateYupSchema } = strapiUtils;
 const { isMediaAttribute, isScalarAttribute, getWritableAttributes } = strapiUtils.contentTypes;
+const { ValidationError } = strapiUtils.errors;
 
-const addMinMax = (attr, validator, data) => {
-  if (Number.isInteger(attr.min) && (attr.required || (Array.isArray(data) && data.length > 0))) {
+const addMinMax = (validator, { attr, updatedAttribute }) => {
+  if (
+    Number.isInteger(attr.min) &&
+    (attr.required || (Array.isArray(updatedAttribute.value) && updatedAttribute.value.length > 0))
+  ) {
     validator = validator.min(attr.min);
   }
   if (Number.isInteger(attr.max)) {
@@ -21,7 +25,7 @@ const addMinMax = (attr, validator, data) => {
   return validator;
 };
 
-const addRequiredValidation = createOrUpdate => (required, validator) => {
+const addRequiredValidation = createOrUpdate => (validator, { attr: { required } }) => {
   if (required) {
     if (createOrUpdate === 'creation') {
       validator = validator.notNil();
@@ -34,7 +38,7 @@ const addRequiredValidation = createOrUpdate => (required, validator) => {
   return validator;
 };
 
-const addDefault = createOrUpdate => (attr, validator) => {
+const addDefault = createOrUpdate => (validator, { attr }) => {
   if (createOrUpdate === 'creation') {
     if (
       ((attr.type === 'component' && attr.repeatable) || attr.type === 'dynamiczone') &&
@@ -53,7 +57,7 @@ const addDefault = createOrUpdate => (attr, validator) => {
 
 const preventCast = validator => validator.transform((val, originalVal) => originalVal);
 
-const createComponentValidator = createOrUpdate => (attr, data, { isDraft }) => {
+const createComponentValidator = createOrUpdate => ({ attr, updatedAttribute }, { isDraft }) => {
   let validator;
 
   const model = strapi.getModel(attr.component);
@@ -65,19 +69,23 @@ const createComponentValidator = createOrUpdate => (attr, data, { isDraft }) =>
     validator = yup
       .array()
       .of(
-        yup.lazy(item => createModelValidator(createOrUpdate)(model, item, { isDraft }).notNull())
+        yup.lazy(item =>
+          createModelValidator(createOrUpdate)({ model, data: item }, { isDraft }).notNull()
+        )
       );
-    validator = addRequiredValidation(createOrUpdate)(true, validator);
-    validator = addMinMax(attr, validator, data);
+    validator = addRequiredValidation(createOrUpdate)(validator, { attr: { required: true } });
+    validator = addMinMax(validator, { attr, updatedAttribute });
   } else {
-    validator = createModelValidator(createOrUpdate)(model, data, { isDraft });
-    validator = addRequiredValidation(createOrUpdate)(!isDraft && attr.required, validator);
+    validator = createModelValidator(createOrUpdate)({ model, updatedAttribute }, { isDraft });
+    validator = addRequiredValidation(createOrUpdate)(validator, {
+      attr: { required: !isDraft && attr.required },
+    });
   }
 
   return validator;
 };
 
-const createDzValidator = createOrUpdate => (attr, data, { isDraft }) => {
+const createDzValidator = createOrUpdate => ({ attr, updatedAttribute }, { isDraft }) => {
   let validator;
 
   validator = yup.array().of(
@@ -94,76 +102,85 @@ const createDzValidator = createOrUpdate => (attr, data, { isDraft }) => {
         .notNull();
 
       return model
-        ? schema.concat(createModelValidator(createOrUpdate)(model, item, { isDraft }))
+        ? schema.concat(createModelValidator(createOrUpdate)({ model, data: item }, { isDraft }))
         : schema;
     })
   );
-  validator = addRequiredValidation(createOrUpdate)(true, validator);
-  validator = addMinMax(attr, validator, data);
+  validator = addRequiredValidation(createOrUpdate)(validator, { attr: { required: true } });
+  validator = addMinMax(validator, { attr, updatedAttribute });
 
   return validator;
 };
 
-const createRelationValidator = createOrUpdate => (attr, data, { isDraft }) => {
+const createRelationValidator = createOrUpdate => ({ attr, updatedAttribute }, { isDraft }) => {
   let validator;
 
-  if (Array.isArray(data)) {
+  if (Array.isArray(updatedAttribute.value)) {
     validator = yup.array().of(yup.mixed());
   } else {
     validator = yup.mixed();
   }
-  validator = addRequiredValidation(createOrUpdate)(!isDraft && attr.required, validator);
+
+  validator = addRequiredValidation(createOrUpdate)(validator, {
+    attr: { required: !isDraft && attr.required },
+  });
 
   return validator;
 };
 
-const createScalarAttributeValidator = createOrUpdate => (attr, { isDraft }) => {
+const createScalarAttributeValidator = createOrUpdate => (metas, options) => {
   let validator;
 
-  if (has(attr.type, validators)) {
-    validator = validators[attr.type](attr, { isDraft });
+  if (has(metas.attr.type, validators)) {
+    validator = validators[metas.attr.type](metas, options);
   } else {
     // No validators specified - fall back to mixed
     validator = yup.mixed();
   }
 
-  validator = addRequiredValidation(createOrUpdate)(!isDraft && attr.required, validator);
+  validator = addRequiredValidation(createOrUpdate)(validator, {
+    attr: { required: !options.isDraft && metas.attr.required },
+  });
 
   return validator;
 };
 
-const createAttributeValidator = createOrUpdate => (attr, data, { isDraft }) => {
+const createAttributeValidator = createOrUpdate => (metas, options) => {
   let validator;
 
-  if (isMediaAttribute(attr)) {
+  if (isMediaAttribute(metas.attr)) {
     validator = yup.mixed();
-  } else if (isScalarAttribute(attr)) {
-    validator = createScalarAttributeValidator(createOrUpdate)(attr, { isDraft });
+  } else if (isScalarAttribute(metas.attr)) {
+    validator = createScalarAttributeValidator(createOrUpdate)(metas, options);
   } else {
-    if (attr.type === 'component') {
-      validator = createComponentValidator(createOrUpdate)(attr, data, { isDraft });
-    } else if (attr.type === 'dynamiczone') {
-      validator = createDzValidator(createOrUpdate)(attr, data, { isDraft });
+    if (metas.attr.type === 'component') {
+      validator = createComponentValidator(createOrUpdate)(metas, options);
+    } else if (metas.attr.type === 'dynamiczone') {
+      validator = createDzValidator(createOrUpdate)(metas, options);
     } else {
-      validator = createRelationValidator(createOrUpdate)(attr, data, { isDraft });
+      validator = createRelationValidator(createOrUpdate)(metas, options);
     }
 
     validator = preventCast(validator);
   }
 
-  validator = addDefault(createOrUpdate)(attr, validator);
+  validator = addDefault(createOrUpdate)(validator, metas);
 
   return validator;
 };
 
-const createModelValidator = createOrUpdate => (model, data, { isDraft }) => {
+const createModelValidator = createOrUpdate => ({ model, data, entity }, options) => {
   const writableAttributes = model ? getWritableAttributes(model) : [];
 
   const schema = writableAttributes.reduce((validators, attributeName) => {
     const validator = createAttributeValidator(createOrUpdate)(
-      model.attributes[attributeName],
-      prop(attributeName, data),
-      { isDraft }
+      {
+        attr: model.attributes[attributeName],
+        updatedAttribute: { name: attributeName, value: prop(attributeName, data) },
+        model,
+        entity,
+      },
+      options
     );
 
     return assoc(attributeName, validator)(validators);
@@ -172,13 +189,29 @@ const createModelValidator = createOrUpdate => (model, data, { isDraft }) => {
   return yup.object().shape(schema);
 };
 
-const createValidateEntity = createOrUpdate => async (model, data, { isDraft = false } = {}) => {
-  try {
-    const validator = createModelValidator(createOrUpdate)(model, data, { isDraft }).required();
-    return await validator.validate(data, { abortEarly: false });
-  } catch (e) {
-    throw strapi.errors.badRequest('ValidationError', { errors: formatYupErrors(e) });
+const createValidateEntity = createOrUpdate => async (
+  model,
+  data,
+  { isDraft = false } = {},
+  entity = null
+) => {
+  if (!isObject(data)) {
+    const { displayName } = model.info;
+
+    throw new ValidationError(
+      `Invalid payload submitted for the ${createOrUpdate} of an entity of type ${displayName}. Expected an object, but got ${typeof data}`
+    );
   }
+
+  const validator = createModelValidator(createOrUpdate)(
+    {
+      model,
+      data,
+      entity,
+    },
+    { isDraft }
+  ).required();
+  return validateYupSchema(validator, { strict: false, abortEarly: false })(data);
 };
 
 module.exports = {

package/lib/services/entity-validator/validators.js

@@ -4,72 +4,155 @@ const _ = require('lodash');
 
 const { yup } = require('@strapi/utils');
 
+/**
+ * @type {import('yup').StringSchema} StringSchema
+ * @type {import('yup').NumberSchema} NumberSchema
+ * @type {import('yup').AnySchema} AnySchema
+ */
+
 /**
  * Utility function to compose validators
  */
-const composeValidators = (...fns) => (attr, { isDraft }) => {
-  return fns.reduce((validator, fn) => {
-    return fn(attr, validator, { isDraft });
-  }, yup.mixed());
+const composeValidators = (...fns) => (...args) => {
+  let validator = yup.mixed();
+
+  // if we receive a schema then use it as base schema for nested composition
+  if (yup.isSchema(args[0])) {
+    validator = args[0];
+    args = args.slice(1);
+  }
+
+  return fns.reduce((validator, fn) => fn(validator, ...args), validator);
 };
 
 /* Validator utils */
 
 /**
  * Adds minLength validator
- * @param {Object} attribute model attribute
- * @param {Object} validator yup validator
+ * @param {StringSchema} validator yup validator
+ * @param {Object} metas
+ * @param {{ minLength: Number }} metas.attr model attribute
+ * @param {Object} options
+ * @param {boolean} options.isDraft
+ *
+ * @returns {StringSchema}
  */
-const addMinLengthValidator = ({ minLength }, validator, { isDraft }) =>
-  _.isInteger(minLength) && !isDraft ? validator.min(minLength) : validator;
+const addMinLengthValidator = (validator, { attr }, { isDraft }) =>
+  _.isInteger(attr.minLength) && !isDraft ? validator.min(attr.minLength) : validator;
 
 /**
  * Adds maxLength validator
- * @param {Object} attribute model attribute
- * @param {Object} validator yup validator
+ * @param {StringSchema} validator yup validator
+ * @param {Object} metas
+ * @param {{ maxLength: Number }} metas.attr model attribute
+ *
+ * @returns {StringSchema}
  */
-const addMaxLengthValidator = ({ maxLength }, validator) =>
-  _.isInteger(maxLength) ? validator.max(maxLength) : validator;
+const addMaxLengthValidator = (validator, { attr }) =>
+  _.isInteger(attr.maxLength) ? validator.max(attr.maxLength) : validator;
 
 /**
  * Adds min integer validator
- * @param {Object} attribute model attribute
- * @param {Object} validator yup validator
+ * @param {NumberSchema} validator yup validator
+ * @param {Object} metas
+ * @param {{ min: Number }} metas.attr model attribute
+ *
+ * @returns {NumberSchema}
  */
-const addMinIntegerValidator = ({ min }, validator) =>
-  _.isNumber(min) ? validator.min(_.toInteger(min)) : validator;
+const addMinIntegerValidator = (validator, { attr }) =>
+  _.isNumber(attr.min) ? validator.min(_.toInteger(attr.min)) : validator;
 
 /**
  * Adds max integer validator
- * @param {Object} attribute model attribute
- * @param {Object} validator yup validator
+ * @param {NumberSchema} validator yup validator
+ * @param {Object} metas
+ * @param {{ max: Number }} metas.attr model attribute
+ *
+ * @returns {NumberSchema}
  */
-const addMaxIntegerValidator = ({ max }, validator) =>
-  _.isNumber(max) ? validator.max(_.toInteger(max)) : validator;
+const addMaxIntegerValidator = (validator, { attr }) =>
+  _.isNumber(attr.max) ? validator.max(_.toInteger(attr.max)) : validator;
 
 /**
  * Adds min float/decimal validator
- * @param {Object} attribute model attribute
- * @param {Object} validator yup validator
+ * @param {NumberSchema} validator yup validator
+ * @param {Object} metas
+ * @param {{ min: Number }} metas.attr model attribute
+ *
+ * @returns {NumberSchema}
  */
-const addMinFloatValidator = ({ min }, validator) =>
-  _.isNumber(min) ? validator.min(min) : validator;
+const addMinFloatValidator = (validator, { attr }) =>
+  _.isNumber(attr.min) ? validator.min(attr.min) : validator;
 
 /**
  * Adds max float/decimal validator
- * @param {Object} attribute model attribute
- * @param {Object} validator yup validator
+ * @param {NumberSchema} validator yup validator
+ * @param {Object} metas model attribute
+ * @param {{ max: Number }} metas.attr
+ *
+ * @returns {NumberSchema}
  */
-const addMaxFloatValidator = ({ max }, validator) =>
-  _.isNumber(max) ? validator.max(max) : validator;
+const addMaxFloatValidator = (validator, { attr }) =>
+  _.isNumber(attr.max) ? validator.max(attr.max) : validator;
 
 /**
  * Adds regex validator
- * @param {Object} attribute model attribute
- * @param {Object} validator yup validator
+ * @param {StringSchema} validator yup validator
+ * @param {Object} metas model attribute
+ * @param {{ regex: RegExp }} metas.attr
+ *
+ * @returns {StringSchema}
  */
-const addStringRegexValidator = ({ regex }, validator) =>
-  _.isUndefined(regex) ? validator : validator.matches(new RegExp(regex));
+const addStringRegexValidator = (validator, { attr }) =>
+  _.isUndefined(attr.regex) ? validator : validator.matches(new RegExp(attr.regex));
+
+/**
+ *
+ * @param {AnySchema} validator
+ * @param {Object} metas
+ * @param {{ unique: Boolean, type: String }} metas.attr
+ * @param {{ uid: String }} metas.model
+ * @param {{ name: String, value: any }} metas.updatedAttribute
+ * @param {Object} metas.entity
+ *
+ * @returns {AnySchema}
+ */
+const addUniqueValidator = (validator, { attr, model, updatedAttribute, entity }) => {
+  if (!attr.unique && attr.type !== 'uid') {
+    return validator;
+  }
+
+  return validator.test('unique', 'This attribute must be unique', async value => {
+    /**
+     * If the attribute value is `null` we want to skip the unique validation.
+     * Otherwise it'll only accept a single `null` entry in the database.
+     */
+    if (_.isNil(updatedAttribute.value)) {
+      return true;
+    }
+
+    /**
+     * If the attribute is unchanged we skip the unique verification. This will
+     * prevent the validator to be triggered in case the user activated the
+     * unique constraint after already creating multiple entries with
+     * the same attribute value for that field.
+     */
+    if (entity && updatedAttribute.value === entity[updatedAttribute.name]) {
+      return true;
+    }
+
+    let whereParams = entity
+      ? { $and: [{ [updatedAttribute.name]: value }, { $not: { id: entity.id } }] }
+      : { [updatedAttribute.name]: value };
+
+    const record = await strapi.db.query(model.uid).findOne({
+      select: ['id'],
+      where: whereParams,
+    });
+
+    return !record;
+  });
+};
 
 /* Type validators */
 
@@ -77,29 +160,32 @@ const stringValidator = composeValidators(
   () => yup.string().transform((val, originalVal) => originalVal),
   addMinLengthValidator,
   addMaxLengthValidator,
-  addStringRegexValidator
+  addStringRegexValidator,
+  addUniqueValidator
 );
 
-const emailValidator = composeValidators(stringValidator, (attr, validator) => validator.email());
+const emailValidator = composeValidators(stringValidator, validator => validator.email());
 
-const uidValidator = composeValidators(stringValidator, (attr, validator) =>
+const uidValidator = composeValidators(stringValidator, validator =>
   validator.matches(new RegExp('^[A-Za-z0-9-_.~]*$'))
 );
 
-const enumerationValidator = attr => {
+const enumerationValidator = ({ attr }) => {
   return yup.string().oneOf((Array.isArray(attr.enum) ? attr.enum : [attr.enum]).concat(null));
 };
 
 const integerValidator = composeValidators(
   () => yup.number().integer(),
   addMinIntegerValidator,
-  addMaxIntegerValidator
+  addMaxIntegerValidator,
+  addUniqueValidator
 );
 
 const floatValidator = composeValidators(
   () => yup.number(),
   addMinFloatValidator,
-  addMaxFloatValidator
+  addMaxFloatValidator,
+  addUniqueValidator
 );
 
 module.exports = {
@@ -113,11 +199,11 @@ module.exports = {
   uid: uidValidator,
   json: () => yup.mixed(),
   integer: integerValidator,
-  biginteger: () => yup.mixed(),
+  biginteger: composeValidators(addUniqueValidator),
   float: floatValidator,
   decimal: floatValidator,
-  date: () => yup.mixed(),
-  time: () => yup.mixed(),
-  datetime: () => yup.mixed(),
-  timestamp: () => yup.mixed(),
+  date: composeValidators(addUniqueValidator),
+  time: composeValidators(addUniqueValidator),
+  datetime: composeValidators(addUniqueValidator),
+  timestamp: composeValidators(addUniqueValidator),
 };

package/lib/services/errors.js

@@ -0,0 +1,77 @@
+'use strict';
+
+const createError = require('http-errors');
+const {
+  NotFoundError,
+  UnauthorizedError,
+  ForbiddenError,
+  PayloadTooLargeError,
+} = require('@strapi/utils').errors;
+
+const mapErrorsAndStatus = [
+  {
+    classError: UnauthorizedError,
+    status: 401,
+  },
+  {
+    classError: ForbiddenError,
+    status: 403,
+  },
+  {
+    classError: NotFoundError,
+    status: 404,
+  },
+  {
+    classError: PayloadTooLargeError,
+    status: 413,
+  },
+];
+
+const formatApplicationError = error => {
+  const errorAndStatus = mapErrorsAndStatus.find(pair => error instanceof pair.classError);
+  const status = errorAndStatus ? errorAndStatus.status : 400;
+
+  return {
+    status,
+    body: {
+      data: null,
+      error: {
+        status,
+        name: error.name,
+        message: error.message,
+        details: error.details,
+      },
+    },
+  };
+};
+
+const formatHttpError = error => {
+  return {
+    status: error.status,
+    body: {
+      data: null,
+      error: {
+        status: error.status,
+        name: error.name,
+        message: error.message,
+        details: error.details,
+      },
+    },
+  };
+};
+
+const formatInternalError = error => {
+  const httpError = createError(error);
+
+  if (httpError.expose) {
+    return formatHttpError(httpError);
+  }
+
+  return formatHttpError(createError(httpError.status || 500));
+};
+
+module.exports = {
+  formatApplicationError,
+  formatHttpError,
+  formatInternalError,
+};

package/lib/services/fs.js

@@ -12,7 +12,7 @@ module.exports = strapi => {
 
     const normalizedPath = path.normalize(filePath).replace(/^\/?(\.\/|\.\.\/)+/, '');
 
-    return path.join(strapi.dir, normalizedPath);
+    return path.join(strapi.dirs.root, normalizedPath);
   }
 
   const strapiFS = {

package/lib/services/metrics/index.js

@@ -1,7 +1,7 @@
 'use strict';
 /**
  * Strapi telemetry package.
- * You can learn more at https://strapi.io/documentation/developer-docs/latest/getting-started/usage-information.html
+ * You can learn more at https://docs.strapi.io/developer-docs/latest/getting-started/usage-information.html
  */
 
 const crypto = require('crypto');
@@ -30,42 +30,44 @@ const createTelemetryInstance = strapi => {
   const sender = createSender(strapi);
   const sendEvent = wrapWithRateLimit(sender, { limitedEvents: LIMITED_EVENTS });
 
-  if (!isDisabled) {
-    const pingCron = scheduleJob('0 0 12 * * *', () => sendEvent('ping'));
-    crons.push(pingCron);
-
-    strapi.app.use(createMiddleware({ sendEvent }));
-  }
+  return {
+    register() {
+      if (!isDisabled) {
+        const pingCron = scheduleJob('0 0 12 * * *', () => sendEvent('ping'));
+        crons.push(pingCron);
 
-  if (strapi.EE === true && ee.isEE === true) {
-    const pingDisabled =
-      isTruthy(process.env.STRAPI_LICENSE_PING_DISABLED) && ee.licenseInfo.type === 'gold';
-
-    const sendLicenseCheck = () => {
-      return sendEvent(
-        'didCheckLicense',
-        {
-          licenseInfo: {
-            ...ee.licenseInfo,
-            projectHash: hashProject(strapi),
-            dependencyHash: hashDep(strapi),
-          },
-        },
-        {
-          headers: { 'x-strapi-project': 'enterprise' },
+        strapi.server.use(createMiddleware({ sendEvent }));
+      }
+    },
+    bootstrap() {
+      if (strapi.EE === true && ee.isEE === true) {
+        const pingDisabled =
+          isTruthy(process.env.STRAPI_LICENSE_PING_DISABLED) && ee.licenseInfo.type === 'gold';
+
+        const sendLicenseCheck = () => {
+          return sendEvent(
+            'didCheckLicense',
+            {
+              licenseInfo: {
+                ...ee.licenseInfo,
+                projectHash: hashProject(strapi),
+                dependencyHash: hashDep(strapi),
+              },
+            },
+            {
+              headers: { 'x-strapi-project': 'enterprise' },
+            }
+          );
+        };
+
+        if (!pingDisabled) {
+          const licenseCron = scheduleJob('0 0 0 * * 7', () => sendLicenseCheck());
+          crons.push(licenseCron);
+
+          sendLicenseCheck();
         }
-      );
-    };
-
-    if (!pingDisabled) {
-      const licenseCron = scheduleJob('0 0 0 * * 7', () => sendLicenseCheck());
-      crons.push(licenseCron);
-
-      sendLicenseCheck();
-    }
-  }
-
-  return {
+      }
+    },
     destroy() {
       // clear open handles
       crons.forEach(cron => cron.cancel());
@@ -88,7 +90,7 @@ const hashProject = strapi =>
 
 const hashDep = strapi => {
   const depStr = JSON.stringify(strapi.config.info.dependencies);
-  const readmePath = path.join(strapi.dir, 'README.md');
+  const readmePath = path.join(strapi.dirs.root, 'README.md');
 
   try {
     if (fs.existsSync(readmePath)) {

package/lib/services/server/admin-api.js

@@ -0,0 +1,14 @@
+'use strict';
+
+const { createAPI } = require('./api');
+
+const createAdminAPI = strapi => {
+  const opts = {
+    prefix: '', // '/admin';
+    type: 'admin',
+  };
+
+  return createAPI(strapi, opts);
+};
+
+module.exports = { createAdminAPI };