@strapi/strapi 4.0.4 → 4.0.8

package/bin/strapi.js

@@ -17,7 +17,7 @@ const checkCwdIsStrapiApp = name => {
     console.log(
       `You need to run ${yellow(
         `strapi ${name}`
-      )} in a Strapi project. Make sure you are in the right directory`
+      )} in a Strapi project. Make sure you are in the right directory.`
     );
     process.exit(1);
   };
@@ -40,7 +40,7 @@ const getLocalScript = name => (...args) => {
     console.log(
       `Error loading the local ${yellow(
         name
-      )} command. Strapi might not be installed in your "node_modules". You may need to run "npm install"`
+      )} command. Strapi might not be installed in your "node_modules". You may need to run "yarn install".`
     );
     process.exit(1);
   }
@@ -67,7 +67,7 @@ program.addHelpCommand('help [command]', 'Display help for command');
 program.version(packageJSON.version, '-v, --version', 'Output the version number');
 program
   .command('version')
-  .description('Output your version of Strapi')
+  .description('Output the version of Strapi')
   .action(() => {
     process.stdout.write(packageJSON.version + '\n');
     process.exit(0);
@@ -84,8 +84,8 @@ program
   .command('new <directory>')
   .option('--no-run', 'Do not start the application after it is created')
   .option('--use-npm', 'Force usage of npm instead of yarn to create the project')
-  .option('--debug', 'Display database connection error')
-  .option('--quickstart', 'Quickstart app creation')
+  .option('--debug', 'Display database connection errors')
+  .option('--quickstart', 'Create quickstart app')
   .option('--dbclient <dbclient>', 'Database client')
   .option('--dbhost <dbhost>', 'Database host')
   .option('--dbport <dbport>', 'Database port')
@@ -94,7 +94,7 @@ program
   .option('--dbpassword <dbpassword>', 'Database password')
   .option('--dbssl <dbssl>', 'Database SSL')
   .option('--dbfile <dbfile>', 'Database file path for sqlite')
-  .option('--dbforce', 'Overwrite database content if any')
+  .option('--dbforce', 'Allow overwriting existing database content')
   .description('Create a new application')
   .action(require('../lib/commands/new'));
 
@@ -110,7 +110,7 @@ program
   .alias('dev')
   .option('--no-build', 'Disable build')
   .option('--watch-admin', 'Enable watch', false)
-  .option('--polling', 'Watching file changes in network directories', false)
+  .option('--polling', 'Watch for file changes in network directories', false)
   .option('--browser <name>', 'Open the browser', true)
   .description('Start your Strapi application in development mode')
   .action(getLocalScript('develop'));
@@ -118,7 +118,7 @@ program
 // $ strapi generate
 program
   .command('generate')
-  .description('Launch interactive API generator')
+  .description('Launch the interactive API generator')
   .action(() => {
     checkCwdIsStrapiApp('generate');
     process.argv.splice(2, 1);
@@ -133,8 +133,8 @@ program
 
 program
   .command('build')
-  .option('--no-optimization', 'Build the Administration without assets optimization')
-  .description('Builds the strapi admin app')
+  .option('--no-optimization', 'Build the admin app without optimizing assets')
+  .description('Build the strapi admin app')
   .action(getLocalScript('build'));
 
 // `$ strapi install`
@@ -154,7 +154,7 @@ program
 program
   .command('watch-admin')
   .option('--browser <name>', 'Open the browser', true)
-  .description('Starts the admin dev server')
+  .description('Start the admin development server')
   .action(getLocalScript('watchAdmin'));
 
 program

package/lib/Strapi.js

@@ -189,15 +189,13 @@ class Strapi {
   }
 
   sendStartupTelemetry() {
-    // Get database clients
-    const databaseClients = _.map(this.config.get('connections'), _.property('settings.client'));
-
     // Emit started event.
     // do not await to avoid slower startup
     this.telemetry.send('didStartServer', {
-      database: databaseClients,
-      plugins: this.config.installedPlugins,
-      providers: this.config.installedProviders,
+      database: strapi.config.get('database.connection.client'),
+      plugins: Object.keys(strapi.plugins),
+      // TODO: to add back
+      // providers: this.config.installedProviders,
     });
   }
 

package/lib/commands/develop.js

@@ -22,7 +22,7 @@ module.exports = async function({ build, watchAdmin, polling, browser }) {
   const logger = createLogger(config.logger, {});
 
   try {
-    if (cluster.isMaster) {
+    if (cluster.isMaster || cluster.isPrimary) {
       const serveAdminPanel = getOr(true, 'admin.serveAdminPanel')(config);
 
       const buildExists = fs.existsSync(path.join(dir, 'build'));

package/lib/core/loaders/plugins/index.js

@@ -55,17 +55,6 @@ const applyUserExtension = async plugins => {
   }
 };
 
-const formatContentTypes = plugins => {
-  for (const pluginName in plugins) {
-    const plugin = plugins[pluginName];
-    for (const contentTypeName in plugin.contentTypes) {
-      const ctSchema = plugin.contentTypes[contentTypeName].schema;
-      ctSchema.plugin = pluginName;
-      ctSchema.uid = `plugin::${pluginName}.${ctSchema.singularName}`;
-    }
-  }
-};
-
 const applyUserConfig = async plugins => {
   const userPluginsConfig = await getUserPluginsConfig();
 
@@ -111,7 +100,6 @@ const loadPlugins = async strapi => {
   // TODO: validate plugin format
   await applyUserConfig(plugins);
   await applyUserExtension(plugins);
-  formatContentTypes(plugins);
 
   for (const pluginName in plugins) {
     strapi.container.get('plugins').add(pluginName, plugins[pluginName]);

package/lib/middlewares/index.js

@@ -12,8 +12,7 @@ const query = require('./query');
 const responseTime = require('./response-time');
 const responses = require('./responses');
 const security = require('./security');
-// TODO: add back ?
-// session: require('./session'),
+const session = require('./session');
 const publicStatic = require('./public');
 
 module.exports = {
@@ -23,6 +22,7 @@ module.exports = {
   cors,
   responseTime,
   poweredBy,
+  session,
   logger,
   compression,
   responses,

package/lib/middlewares/session.js

@@ -0,0 +1,28 @@
+'use strict';
+
+const { defaultsDeep, isEmpty, isArray } = require('lodash/fp');
+const session = require('koa-session');
+
+const defaultConfig = {
+  key: 'koa.sess',
+  maxAge: 86400000,
+  autoCommit: true,
+  overwrite: true,
+  httpOnly: true,
+  signed: true,
+  rolling: false,
+  renew: false,
+  secure: process.env.NODE_ENV === 'production' ? true : false,
+  sameSite: null,
+};
+
+module.exports = (userConfig, { strapi }) => {
+  const keys = strapi.server.app.keys;
+  if (!isArray(keys) || isEmpty(keys) || keys.some(isEmpty)) {
+    throw new Error(`App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`);
+  }
+
+  const config = defaultsDeep(defaultConfig, userConfig);
+
+  strapi.server.use(session(config, strapi.server.app));
+};

package/lib/services/entity-service/params.js

@@ -32,7 +32,7 @@ const transformParamsToQuery = (uid, params) => {
   }
 
   if (!isNil(filters)) {
-    query.where = convertFiltersQueryParams(filters);
+    query.where = convertFiltersQueryParams(filters, type);
   }
 
   if (!isNil(fields)) {

package/lib/services/fs.js

@@ -12,7 +12,7 @@ module.exports = strapi => {
 
     const normalizedPath = path.normalize(filePath).replace(/^\/?(\.\/|\.\.\/)+/, '');
 
-    return path.join(strapi.dirs.root, normalizedPath);
+    return path.resolve(strapi.dirs.root, normalizedPath);
   }
 
   const strapiFS = {

package/lib/services/metrics/sender.js

@@ -3,10 +3,10 @@
 const os = require('os');
 const _ = require('lodash');
 const isDocker = require('is-docker');
-const { machineIdSync } = require('node-machine-id');
 const fetch = require('node-fetch');
 const ciEnv = require('ci-info');
 const ee = require('../../utils/ee');
+const machineID = require('../../utils/machine-id');
 const stringifyDeep = require('./stringify-deep');
 
 const defaultQueryOpts = {
@@ -33,7 +33,7 @@ const addPackageJsonStrapiMetadata = (metadata, strapi) => {
  */
 module.exports = strapi => {
   const { uuid } = strapi.config;
-  const deviceId = machineIdSync();
+  const deviceId = machineID();
   const isEE = strapi.EE === true && ee.isEE === true;
 
   const anonymous_metadata = {

package/lib/services/server/index.js

@@ -28,7 +28,10 @@ const healthCheck = async ctx => {
  * @returns {Server}
  */
 const createServer = strapi => {
-  const app = createKoaApp({ proxy: strapi.config.get('server.proxy') });
+  const app = createKoaApp({
+    proxy: strapi.config.get('server.proxy'),
+    keys:  strapi.config.get('server.app.keys'),
+  });
 
   const router = new Router();
 

package/lib/services/server/koa.js

@@ -53,8 +53,9 @@ const addCustomMethods = app => {
   return app;
 };
 
-const createKoaApp = ({ proxy }) => {
+const createKoaApp = ({ proxy, keys }) => {
   const app = new Koa({ proxy });
+  app.keys = keys;
 
   addCustomMethods(app);
 

package/lib/services/server/middleware.js

@@ -5,6 +5,14 @@ const { propOr, isArray, isNil } = require('lodash/fp');
 
 const getMiddlewareConfig = propOr([], 'config.middlewares');
 
+const instantiateMiddleware = (middlewareFactory, name, config, strapi) => {
+  try {
+    return middlewareFactory(config, { strapi });
+  } catch (e) {
+    throw new Error(`Middleware "${name}": ${e.message}`);
+  }
+};
+
 const resolveRouteMiddlewares = (route, strapi) => {
   const middlewaresConfig = getMiddlewareConfig(route);
 
@@ -45,7 +53,7 @@ const resolveMiddlewares = (config, strapi) => {
 
       middlewares.push({
         name: item,
-        handler: middlewareFactory({}, { strapi }),
+        handler: instantiateMiddleware(middlewareFactory, item, {}, strapi),
       });
 
       continue;
@@ -58,16 +66,17 @@ const resolveMiddlewares = (config, strapi) => {
         const middlewareFactory = strapi.middleware(name);
         middlewares.push({
           name,
-          handler: middlewareFactory(config, { strapi }),
+          handler: instantiateMiddleware(middlewareFactory, name, config, strapi),
         });
 
         continue;
       }
 
       if (resolve) {
+        const resolvedMiddlewareFactory = resolveCustomMiddleware(resolve, strapi);
         middlewares.push({
           name: resolve,
-          handler: resolveCustomMiddleware(resolve, strapi)(config, { strapi }),
+          handler: instantiateMiddleware(resolvedMiddlewareFactory, item, config, strapi),
         });
 
         continue;

package/lib/services/server/policy.js

@@ -1,7 +1,7 @@
 'use strict';
 
 const { propOr } = require('lodash/fp');
-const { ForbiddenError } = require('@strapi/utils').errors;
+const { PolicyError } = require('@strapi/utils').errors;
 const { policy: policyUtils } = require('@strapi/utils');
 
 const getPoliciesConfig = propOr([], 'config.policies');
@@ -17,7 +17,7 @@ const resolvePolicies = route => {
       const result = await handler(context, config, { strapi });
 
       if (![true, undefined].includes(result)) {
-        throw new ForbiddenError('Policies failed.');
+        throw new PolicyError();
       }
     }
 

package/lib/services/server/register-middlewares.js

@@ -15,6 +15,7 @@ const defaultConfig = [
   'strapi::security',
   'strapi::cors',
   'strapi::poweredBy',
+  'strapi::session',
   'strapi::logger',
   'strapi::query',
   'strapi::body',

package/lib/utils/machine-id.js

@@ -0,0 +1,14 @@
+'use strict';
+
+const { machineIdSync } = require('node-machine-id');
+const uuid = require('uuid');
+
+module.exports = () => {
+  try {
+    const deviceId = machineIdSync();
+    return deviceId;
+  } catch (error) {
+    const deviceId = uuid();
+    return deviceId;
+  }
+};

package/lib/utils/success.js

@@ -5,7 +5,7 @@
  */
 
 const fetch = require('node-fetch');
-const { machineIdSync } = require('node-machine-id');
+const machineID = require('./machine-id');
 
 /*
  * No need to worry about this file, we only retrieve anonymous data here.
@@ -21,7 +21,7 @@ try {
       method: 'POST',
       body: JSON.stringify({
         event: 'didInstallStrapi',
-        deviceId: machineIdSync(),
+        deviceId: machineID(),
       }),
       headers: { 'Content-Type': 'application/json' },
     }).catch(() => {});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/strapi",
-  "version": "4.0.4",
+  "version": "4.0.8",
   "description": "An open source headless CMS solution to create and manage your own API. It provides a powerful dashboard and features to make your life easier. Databases supported: MySQL, MariaDB, PostgreSQL, SQLite",
   "keywords": [
     "strapi",
@@ -80,16 +80,16 @@
   "dependencies": {
     "@koa/cors": "3.1.0",
     "@koa/router": "10.1.1",
-    "@strapi/admin": "4.0.4",
-    "@strapi/database": "4.0.4",
-    "@strapi/generate-new": "4.0.4",
-    "@strapi/generators": "4.0.4",
-    "@strapi/logger": "4.0.4",
-    "@strapi/plugin-content-manager": "4.0.4",
-    "@strapi/plugin-content-type-builder": "4.0.4",
-    "@strapi/plugin-email": "4.0.4",
-    "@strapi/plugin-upload": "4.0.4",
-    "@strapi/utils": "4.0.4",
+    "@strapi/admin": "4.0.8",
+    "@strapi/database": "4.0.8",
+    "@strapi/generate-new": "4.0.8",
+    "@strapi/generators": "4.0.8",
+    "@strapi/logger": "4.0.8",
+    "@strapi/plugin-content-manager": "4.0.8",
+    "@strapi/plugin-content-type-builder": "4.0.8",
+    "@strapi/plugin-email": "4.0.8",
+    "@strapi/plugin-upload": "4.0.8",
+    "@strapi/utils": "4.0.8",
     "bcryptjs": "2.4.3",
     "boxen": "5.1.2",
     "chalk": "4.1.2",
@@ -117,7 +117,7 @@
     "koa-session": "6.2.0",
     "koa-static": "5.0.0",
     "lodash": "4.17.21",
-    "node-fetch": "2.6.5",
+    "node-fetch": "2.6.7",
     "node-machine-id": "1.1.12",
     "node-schedule": "2.0.0",
     "open": "8.2.1",
@@ -126,7 +126,8 @@
     "qs": "6.10.1",
     "resolve-cwd": "3.0.0",
     "semver": "7.3.5",
-    "statuses": "2.0.1"
+    "statuses": "2.0.1",
+    "uuid": "^3.3.2"
   },
   "devDependencies": {
     "supertest": "^6.1.6"
@@ -135,5 +136,5 @@
     "node": ">=12.22.0 <=16.x.x",
     "npm": ">=6.0.0"
   },
-  "gitHead": "d81919ac2272948b3f5d3b25a4cf8cc7b6994460"
+  "gitHead": "669bb2f0440d3b21a23c8d665fdba98bd3d8cc71"
 }

package/lib/middlewares/session/defaults.json

@@ -1,18 +0,0 @@
-{
-  "session": {
-    "enabled": true,
-    "client": "cookie",
-    "key": "strapi.sid",
-    "prefix": "strapi:sess:",
-    "ttl": 864000000,
-    "rolling": false,
-    "secretKeys": ["mySecretKey1", "mySecretKey2"],
-    "cookie": {
-      "path": "/",
-      "httpOnly": true,
-      "maxAge": 864000000,
-      "rewrite": true,
-      "signed": false
-    }
-  }
-}

package/lib/middlewares/session/index.js

@@ -1,140 +0,0 @@
-'use strict';
-
-const path = require('path');
-const _ = require('lodash');
-const session = require('koa-session');
-
-/**
- * Session middleware
- */
-module.exports = strapi => {
-  const requireStore = store => {
-    return require(path.resolve(strapi.dirs.root, 'node_modules', 'koa-' + store));
-  };
-
-  const defineStore = session => {
-    if (_.isEmpty(_.get(session, 'client'))) {
-      return strapi.log.error(
-        '(middleware:session) please provide a valid client to store session'
-      );
-    } else if (_.isEmpty(_.get(session, 'connection'))) {
-      return strapi.log.error(
-        '(middleware:session) please provide connection for the session store'
-      );
-    } else if (!strapi.config.get(`database.connections.${session.connection}`)) {
-      return strapi.log.error(
-        '(middleware:session) please provide a valid connection for the session store'
-      );
-    }
-
-    session.settings = strapi.config.get(`database.connections.${session.connection}`);
-
-    // Define correct store name to avoid require to failed.
-    switch (session.client.toLowerCase()) {
-      case 'redis': {
-        const store = requireStore('redis');
-
-        session.settings.db = session.settings.database;
-
-        return store(session.settings);
-      }
-      case 'mysql': {
-        const Store = requireStore('mysql-session');
-
-        return new Store(session.settings);
-      }
-      case 'mongo': {
-        const Store = requireStore('generic-session-mongo');
-
-        session.settings.db = session.settings.database;
-
-        return new Store(session.settings);
-      }
-      case 'postgresql': {
-        const Store = requireStore('pg-session');
-
-        return new Store(session.settings, session.options);
-      }
-      case 'rethink': {
-        const Store = requireStore('generic-session-rethinkdb');
-
-        session.settings.dbName = session.settings.database;
-        session.settings.tableName = session.settings.table;
-
-        const sessionStore = new Store({
-          connection: session.settings,
-        });
-
-        // Create the DB, tables and indexes to store sessions.
-        sessionStore.setup();
-
-        return sessionStore;
-      }
-      case 'sqlite': {
-        const Store = requireStore('sqlite3-session');
-
-        return new Store(session.fileName, session.options);
-      }
-      case 'sequelize': {
-        const Store = requireStore('generic-session-sequelize');
-
-        // Sequelize needs to be instantiated.
-        if (!_.isObject(strapi.sequelize)) {
-          return null;
-        }
-
-        return new Store(strapi.sequelize, session.options);
-      }
-      default: {
-        return null;
-      }
-    }
-  };
-
-  return {
-    initialize() {
-      strapi.server.app.keys = strapi.config.get('middleware.settings.session.secretKeys');
-
-      if (
-        _.has(strapi.config.middleware.settings.session, 'client') &&
-        _.isString(strapi.config.middleware.settings.session.client) &&
-        strapi.config.middleware.settings.session.client !== 'cookie'
-      ) {
-        const store = defineStore(strapi.config.middleware.settings.session);
-
-        if (!_.isEmpty(store)) {
-          // Options object contains the defined store, the custom middlewares configurations
-          // and also the function which are located to `./config/functions/session.js`
-          const options = _.assign(
-            {
-              store,
-            },
-            strapi.config.middleware.settings.session
-          );
-
-          strapi.server.use(session(options, strapi.server.app));
-          strapi.server.use((ctx, next) => {
-            ctx.state = ctx.state || {};
-            ctx.state.session = ctx.session || {};
-
-            return next();
-          });
-        }
-      } else if (
-        _.has(strapi.config.middleware.settings.session, 'client') &&
-        _.isString(strapi.config.middleware.settings.session.client) &&
-        strapi.config.middleware.settings.session.client === 'cookie'
-      ) {
-        const options = _.assign(strapi.config.middleware.settings.session);
-
-        strapi.server.use(session(options, strapi.server.app));
-        strapi.server.use((ctx, next) => {
-          ctx.state = ctx.state || {};
-          ctx.state.session = ctx.session || {};
-
-          return next();
-        });
-      }
-    },
-  };
-};