@strapi/strapi 4.3.4 → 4.3.7

package/lib/core-api/controller/transform.js

@@ -3,7 +3,7 @@
 const { isNil, isPlainObject } = require('lodash/fp');
 const { parseMultipartData } = require('@strapi/utils');
 
-const parseBody = ctx => {
+const parseBody = (ctx) => {
   if (ctx.is('multipart')) {
     return parseMultipartData(ctx);
   }
@@ -26,7 +26,7 @@ const transformResponse = (resource, meta = {}, { contentType } = {}) => {
 
 const transformComponent = (data, component) => {
   if (Array.isArray(data)) {
-    return data.map(datum => transformComponent(datum, component));
+    return data.map((datum) => transformComponent(datum, component));
   }
 
   const res = transformEntry(data, component);
@@ -45,7 +45,7 @@ const transformEntry = (entry, type) => {
   }
 
   if (Array.isArray(entry)) {
-    return entry.map(singleEntry => transformEntry(singleEntry, type));
+    return entry.map((singleEntry) => transformEntry(singleEntry, type));
   }
 
   if (!isPlainObject(entry)) {
@@ -71,7 +71,7 @@ const transformEntry = (entry, type) => {
         attributeValues[key] = property;
       }
 
-      attributeValues[key] = property.map(subProperty => {
+      attributeValues[key] = property.map((subProperty) => {
         return transformComponent(subProperty, strapi.components[subProperty.__component]);
       });
     } else if (attribute && attribute.type === 'media') {

package/lib/core-api/service/collection-type.js

@@ -14,7 +14,7 @@ const {
   transformPaginationResponse,
 } = require('./pagination');
 
-const setPublishedAt = data => {
+const setPublishedAt = (data) => {
   data[PUBLISHED_AT_ATTRIBUTE] = propOr(new Date(), PUBLISHED_AT_ATTRIBUTE, data);
 };
 

package/lib/core-api/service/index.d.ts

@@ -12,11 +12,14 @@ export interface SingleTypeService extends BaseService {
 
 export interface CollectionTypeService extends BaseService {
   find?(params: object): Promise<Entity[]> | Entity;
-  findOne?(entityId: string,params: object): Promise<Entity> | Entity;
+  findOne?(entityId: string, params: object): Promise<Entity> | Entity;
   create?(params: object): Promise<Entity> | Entity;
-  update?(entityId: string,params: object): Promise<Entity> | Entity;
-  delete?(entityId: string,params: object): Promise<Entity> | Entity;
+  update?(entityId: string, params: object): Promise<Entity> | Entity;
+  delete?(entityId: string, params: object): Promise<Entity> | Entity;
 }
 
 export type Service = SingleTypeService | CollectionTypeService;
 
+export type GenericService = Partial<Service> & {
+  [method: string | number | symbol]: <T = any>(...args: any) => T;
+};

package/lib/core-api/service/pagination.js

@@ -21,7 +21,7 @@ const getLimitConfigDefaults = () => ({
 const shouldApplyMaxLimit = (limit, maxLimit = null, { isPagedPagination = false } = {}) =>
   (!isPagedPagination && limit === -1) || (maxLimit && limit > maxLimit);
 
-const shouldCount = params => {
+const shouldCount = (params) => {
   if (has('pagination.withCount', params)) {
     const { withCount } = params.pagination;
 
@@ -45,10 +45,10 @@ const shouldCount = params => {
   return Boolean(strapi.config.get('api.rest.withCount', true));
 };
 
-const isOffsetPagination = pagination => has('start', pagination) || has('limit', pagination);
-const isPagedPagination = pagination => has('page', pagination) || has('pageSize', pagination);
+const isOffsetPagination = (pagination) => has('start', pagination) || has('limit', pagination);
+const isPagedPagination = (pagination) => has('page', pagination) || has('pageSize', pagination);
 
-const getPaginationInfo = params => {
+const getPaginationInfo = (params) => {
   const { defaultLimit, maxLimit } = getLimitConfigDefaults();
 
   const { pagination } = params;
@@ -90,7 +90,7 @@ const getPaginationInfo = params => {
   };
 };
 
-const convertPagedToStartLimit = pagination => {
+const convertPagedToStartLimit = (pagination) => {
   if (isPagedPagination(pagination)) {
     const { page, pageSize } = pagination;
     return {

package/lib/factories.js

@@ -12,7 +12,7 @@ const createCoreController = (uid, cfg = {}) => {
       contentType: strapi.contentType(uid),
     });
 
-    let userCtrl = typeof cfg === 'function' ? cfg({ strapi }) : cfg;
+    const userCtrl = typeof cfg === 'function' ? cfg({ strapi }) : cfg;
 
     for (const methodName of Object.keys(baseController)) {
       if (userCtrl[methodName] === undefined) {
@@ -31,7 +31,7 @@ const createCoreService = (uid, cfg = {}) => {
       contentType: strapi.contentType(uid),
     });
 
-    let userService = typeof cfg === 'function' ? cfg({ strapi }) : cfg;
+    const userService = typeof cfg === 'function' ? cfg({ strapi }) : cfg;
 
     for (const methodName of Object.keys(baseService)) {
       if (userService[methodName] === undefined) {
@@ -58,15 +58,15 @@ const createCoreRouter = (uid, cfg = {}) => {
 
         const defaultRoutes = createRoutes({ contentType });
 
-        Object.keys(defaultRoutes).forEach(routeName => {
+        Object.keys(defaultRoutes).forEach((routeName) => {
           const defaultRoute = defaultRoutes[routeName];
 
           Object.assign(defaultRoute.config, config[routeName] || {});
         });
 
         const selectedRoutes = pipe(
-          routes => (except ? omit(except, routes) : routes),
-          routes => (only ? pick(only, routes) : routes)
+          (routes) => (except ? omit(except, routes) : routes),
+          (routes) => (only ? pick(only, routes) : routes)
         )(defaultRoutes);
 
         routes = Object.values(selectedRoutes);

package/lib/load/filepath-to-prop-path.js

@@ -8,13 +8,13 @@ const _ = require('lodash');
  * @param {boolean} useFileNameAsKey - wethear to skip the last path key
  */
 module.exports = (filePath, useFileNameAsKey = true) => {
-  let cleanPath = filePath.startsWith('./') ? filePath.slice(2) : filePath;
+  const cleanPath = filePath.startsWith('./') ? filePath.slice(2) : filePath;
 
   const prop = cleanPath
     .replace(/(\.settings|\.json|\.js)/g, '')
     .toLowerCase()
     .split('/')
-    .map(p => _.trimStart(p, '.'))
+    .map((p) => _.trimStart(p, '.'))
     .join('.')
     .split('.');
 

package/lib/load/load-files.js

@@ -26,7 +26,7 @@ const loadFiles = async (
   const root = {};
   const files = await glob(pattern, { cwd: dir, ...globArgs });
 
-  for (let file of files) {
+  for (const file of files) {
     const absolutePath = path.resolve(dir, file);
 
     // load module

package/lib/load/package-path.js

@@ -6,4 +6,4 @@ const path = require('path');
  * Returns the path to a node modules root directory (not the main file path)
  * @param {string} moduleName - name of a node module
  */
-module.exports = moduleName => path.dirname(require.resolve(`${moduleName}/package.json`));
+module.exports = (moduleName) => path.dirname(require.resolve(`${moduleName}/package.json`));

package/lib/middlewares/body.js

@@ -23,12 +23,19 @@ function getFiles(ctx) {
 /**
  * @type {import('./').MiddlewareFactory}
  */
-module.exports = config => {
+
+module.exports = (config, { strapi }) => {
   const bodyConfig = defaultsDeep(defaults, config);
 
+  let gqlEndpoint;
+  if (strapi.plugin('graphql')) {
+    const { config: gqlConfig } = strapi.plugin('graphql');
+    gqlEndpoint = gqlConfig('endpoint');
+  }
+
   return async (ctx, next) => {
     // TODO: find a better way later
-    if (ctx.url === '/graphql') {
+    if (gqlEndpoint && ctx.url === gqlEndpoint) {
       await next();
     } else {
       try {
@@ -64,7 +71,7 @@ module.exports = config => {
     if (files) {
       if (Array.isArray(files)) {
         // not awaiting to not slow the request
-        Promise.all(files.map(file => fse.remove(file.path)));
+        Promise.all(files.map((file) => fse.remove(file.path)));
       } else if (files && files.path) {
         // not awaiting to not slow the request
         fse.remove(files.path);

package/lib/middlewares/compression.js

@@ -5,4 +5,4 @@ const compress = require('koa-compress');
 /**
  * @type {import('./').MiddlewareFactory}
  */
-module.exports = config => compress(config);
+module.exports = (config) => compress(config);

package/lib/middlewares/cors.js

@@ -15,16 +15,9 @@ const defaults = {
 /**
  * @type {import('./').MiddlewareFactory}
  */
-module.exports = config => {
-  const {
-    origin,
-    expose,
-    maxAge,
-    credentials,
-    methods,
-    headers,
-    keepHeadersOnError,
-  } = defaultsDeep(defaults, config);
+module.exports = (config) => {
+  const { origin, expose, maxAge, credentials, methods, headers, keepHeadersOnError } =
+    defaultsDeep(defaults, config);
 
   return cors({
     async origin(ctx) {

package/lib/middlewares/ip.js

@@ -5,4 +5,4 @@ const ip = require('koa-ip');
 /**
  * @type {import('./').MiddlewareFactory}
  */
-module.exports = config => ip(config);
+module.exports = (config) => ip(config);

package/lib/middlewares/logger.js

@@ -1,7 +1,10 @@
 'use strict';
+
+/* eslint-disable no-nested-ternary */
+
 const chalk = require('chalk');
 
-const codeToColor = code => {
+const codeToColor = (code) => {
   return code >= 500
     ? chalk.red(code)
     : code >= 400

package/lib/middlewares/powered-by.js

@@ -9,7 +9,7 @@ const defaults = {
 /**
  * @type {import('./').MiddlewareFactory}
  */
-module.exports = config => {
+module.exports = (config) => {
   const { poweredBy } = defaultsDeep(defaults, config);
 
   return async (ctx, next) => {

package/lib/middlewares/query.js

@@ -21,8 +21,14 @@ const addQsParser = (app, settings) => {
      */
     get() {
       const qstr = this.querystring;
-      const cache = (this._querycache = this._querycache || {});
-      return cache[qstr] || (cache[qstr] = qs.parse(qstr, settings));
+      this._querycache = this._querycache || {};
+      const cache = this._querycache;
+
+      if (!cache[qstr]) {
+        cache[qstr] = qs.parse(qstr, settings);
+      }
+
+      return cache[qstr];
     },
 
     /*

package/lib/middlewares/response-time.js

@@ -10,6 +10,6 @@ module.exports = () => {
     await next();
 
     const delta = Math.ceil(Date.now() - start);
-    ctx.set('X-Response-Time', delta + 'ms');
+    ctx.set('X-Response-Time', `${delta}ms`);
   };
 };

package/lib/middlewares/responses.js

@@ -9,7 +9,7 @@ module.exports = (config = {}) => {
   return async (ctx, next) => {
     await next();
 
-    const status = ctx.status;
+    const { status } = ctx;
     const handler = prop(`handlers.${status}`, config);
 
     if (isFunction(handler)) {

package/lib/middlewares/security.js

@@ -30,22 +30,28 @@ const defaults = {
 /**
  * @type {import('./').MiddlewareFactory}
  */
-module.exports = config => (ctx, next) => {
-  let helmetConfig = defaultsDeep(defaults, config);
 
-  if (
-    ctx.method === 'GET' &&
-    ['/graphql', '/documentation'].some(str => ctx.path.startsWith(str))
-  ) {
-    helmetConfig = merge(helmetConfig, {
-      contentSecurityPolicy: {
-        directives: {
-          'script-src': ["'self'", "'unsafe-inline'", 'cdn.jsdelivr.net'],
-          'img-src': ["'self'", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],
+module.exports =
+  (config, { strapi }) =>
+  (ctx, next) => {
+    let helmetConfig = defaultsDeep(defaults, config);
+    const specialPaths = ['/documentation'];
+
+    if (strapi.plugin('graphql')) {
+      const { config: gqlConfig } = strapi.plugin('graphql');
+      specialPaths.push(gqlConfig('endpoint'));
+    }
+
+    if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {
+      helmetConfig = merge(helmetConfig, {
+        contentSecurityPolicy: {
+          directives: {
+            'script-src': ["'self'", "'unsafe-inline'", 'cdn.jsdelivr.net'],
+            'img-src': ["'self'", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],
+          },
         },
-      },
-    });
-  }
+      });
+    }
 
-  return helmet(helmetConfig)(ctx, next);
-};
+    return helmet(helmetConfig)(ctx, next);
+  };

package/lib/middlewares/session.js

@@ -12,12 +12,12 @@ const defaultConfig = {
   signed: true,
   rolling: false,
   renew: false,
-  secure: process.env.NODE_ENV === 'production' ? true : false,
+  secure: process.env.NODE_ENV === 'production',
   sameSite: null,
 };
 
 module.exports = (userConfig, { strapi }) => {
-  const keys = strapi.server.app.keys;
+  const { keys } = strapi.server.app;
   if (!isArray(keys) || isEmpty(keys) || keys.some(isEmpty)) {
     throw new Error(
       `App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`

package/lib/migrations/draft-publish.js

@@ -42,11 +42,7 @@ const disableDraftAndPublish = async ({ oldContentTypes, contentTypes }) => {
 
     // if d&p was disabled remove unpublish content before sync
     if (hasDraftAndPublish(oldContentType) && !hasDraftAndPublish(contentType)) {
-      await strapi.db
-        .queryBuilder(uid)
-        .delete()
-        .where({ published_at: null })
-        .execute();
+      await strapi.db.queryBuilder(uid).delete().where({ published_at: null }).execute();
     }
   }
 };

package/lib/services/auth/index.js

@@ -8,7 +8,7 @@ const { UnauthorizedError } = require('@strapi/utils').errors;
 const INVALID_STRATEGY_MSG =
   'Invalid auth strategy. Expecting an object with properties {name: string, authenticate: function, verify: function}';
 
-const validStrategy = strategy => {
+const validStrategy = (strategy) => {
   assert(has('authenticate', strategy), INVALID_STRATEGY_MSG);
   assert(typeof strategy.authenticate === 'function', INVALID_STRATEGY_MSG);
 
@@ -78,8 +78,6 @@ const createAuthentication = () => {
       if (typeof auth.strategy.verify === 'function') {
         return auth.strategy.verify(auth, config);
       }
-
-      return;
     },
   };
 };

package/lib/services/core-store.js

@@ -30,11 +30,11 @@ const createCoreStore = ({ db }) => {
     };
   };
 
-  const store = function(defaultParams = {}) {
+  const store = function (defaultParams = {}) {
     return {
-      get: params => store.get(mergeParams(defaultParams, params)),
-      set: params => store.set(mergeParams(defaultParams, params)),
-      delete: params => store.delete(mergeParams(defaultParams, params)),
+      get: (params) => store.get(mergeParams(defaultParams, params)),
+      set: (params) => store.set(mergeParams(defaultParams, params)),
+      delete: (params) => store.delete(mergeParams(defaultParams, params)),
     };
   };
 

package/lib/services/entity-service/components.js

@@ -5,10 +5,11 @@ const { has, prop, omit, toString } = require('lodash/fp');
 
 const { contentTypes: contentTypesUtils } = require('@strapi/utils');
 const { ApplicationError } = require('@strapi/utils').errors;
+const { getComponentAttributes } = require('@strapi/utils').contentTypes;
 
 const omitComponentData = (contentType, data) => {
   const { attributes } = contentType;
-  const componentAttributes = Object.keys(attributes).filter(attributeName =>
+  const componentAttributes = Object.keys(attributes).filter((attributeName) =>
     contentTypesUtils.isComponentAttribute(attributes[attributeName])
   );
 
@@ -43,7 +44,7 @@ const createComponents = async (uid, data) => {
         }
 
         const components = await Promise.all(
-          componentValue.map(value => createComponent(componentUID, value))
+          componentValue.map((value) => createComponent(componentUID, value))
         );
 
         // TODO: add order
@@ -100,6 +101,18 @@ const createComponents = async (uid, data) => {
   return componentBody;
 };
 
+/**
+ * @param {str} uid
+ * @param {object} entity
+ * @return {Promise<{uid: string, entity: object}>}
+ */
+const getComponents = async (uid, entity) => {
+  const componentAttributes = getComponentAttributes(strapi.getModel(uid));
+
+  if (_.isEmpty(componentAttributes)) return {};
+  return strapi.query(uid).load(entity, componentAttributes);
+};
+
 /*
   delete old components
   create or update
@@ -129,7 +142,7 @@ const updateComponents = async (uid, entityToUpdate, data) => {
         }
 
         const components = await Promise.all(
-          componentValue.map(value => updateOrCreateComponent(componentUID, value))
+          componentValue.map((value) => updateOrCreateComponent(componentUID, value))
         );
 
         componentBody[attributeName] = components.filter(_.negate(_.isNil)).map(({ id }, idx) => {
@@ -197,17 +210,11 @@ const deleteOldComponents = async (
 ) => {
   const previousValue = await strapi.query(uid).load(entityToUpdate, attributeName);
 
-  const idsToKeep = _.castArray(componentValue)
-    .filter(has('id'))
-    .map(prop('id'))
-    .map(toString);
+  const idsToKeep = _.castArray(componentValue).filter(has('id')).map(prop('id')).map(toString);
 
-  const allIds = _.castArray(previousValue)
-    .filter(has('id'))
-    .map(prop('id'))
-    .map(toString);
+  const allIds = _.castArray(previousValue).filter(has('id')).map(prop('id')).map(toString);
 
-  idsToKeep.forEach(id => {
+  idsToKeep.forEach((id) => {
     if (!allIds.includes(id)) {
       throw new ApplicationError(
         `Some of the provided components in ${attributeName} are not related to the entity`
@@ -242,7 +249,7 @@ const deleteOldDZComponents = async (uid, entityToUpdate, attributeName, dynamic
     }));
 
   idsToKeep.forEach(({ id, __component }) => {
-    if (!allIds.find(el => el.id === id && el.__component === __component)) {
+    if (!allIds.find((el) => el.id === id && el.__component === __component)) {
       const err = new Error(
         `Some of the provided components in ${attributeName} are not related to the entity`
       );
@@ -252,7 +259,7 @@ const deleteOldDZComponents = async (uid, entityToUpdate, attributeName, dynamic
   });
 
   const idsToDelete = allIds.reduce((acc, { id, __component }) => {
-    if (!idsToKeep.find(el => el.id === id && el.__component === __component)) {
+    if (!idsToKeep.find((el) => el.id === id && el.__component === __component)) {
       acc.push({ id, __component });
     }
 
@@ -276,14 +283,17 @@ const deleteComponents = async (uid, entityToDelete) => {
     if (attribute.type === 'component') {
       const { component: componentUID } = attribute;
 
-      const value = await strapi.query(uid).load(entityToDelete, attributeName);
+      // Load attribute value if it's not already loaded
+      const value =
+        entityToDelete[attributeName] ||
+        (await strapi.query(uid).load(entityToDelete, attributeName));
 
       if (!value) {
         continue;
       }
 
       if (Array.isArray(value)) {
-        await Promise.all(value.map(subValue => deleteComponent(componentUID, subValue)));
+        await Promise.all(value.map((subValue) => deleteComponent(componentUID, subValue)));
       } else {
         await deleteComponent(componentUID, value);
       }
@@ -292,14 +302,16 @@ const deleteComponents = async (uid, entityToDelete) => {
     }
 
     if (attribute.type === 'dynamiczone') {
-      const value = await strapi.query(uid).load(entityToDelete, attributeName);
+      const value =
+        entityToDelete[attributeName] ||
+        (await strapi.query(uid).load(entityToDelete, attributeName));
 
       if (!value) {
         continue;
       }
 
       if (Array.isArray(value)) {
-        await Promise.all(value.map(subValue => deleteComponent(subValue.__component, subValue)));
+        await Promise.all(value.map((subValue) => deleteComponent(subValue.__component, subValue)));
       }
 
       continue;
@@ -307,9 +319,9 @@ const deleteComponents = async (uid, entityToDelete) => {
   }
 };
 
-/***************************
+/** *************************
     Component queries
-***************************/
+************************** */
 
 // components can have nested compos so this must be recursive
 const createComponent = async (uid, data) => {
@@ -358,7 +370,9 @@ const deleteComponent = async (uid, componentToDelete) => {
 
 module.exports = {
   omitComponentData,
+  getComponents,
   createComponents,
   updateComponents,
   deleteComponents,
+  deleteComponent,
 };