@strapi/strapi 4.4.0-beta.1 → 4.4.0-beta.3

package/lib/Strapi.js

@@ -22,7 +22,7 @@ const createCronService = require('./services/cron');
 const entityValidator = require('./services/entity-validator');
 const createTelemetry = require('./services/metrics');
 const createAuth = require('./services/auth');
-const createContentAPI = require('./services/content-api');
+const createCustomFields = require('./services/custom-fields');
 const createUpdateNotifier = require('./utils/update-notifier');
 const createStartupLogger = require('./utils/startup-logger');
 const { LIFECYCLES } = require('./utils/lifecycles');
@@ -35,12 +35,14 @@ const hooksRegistry = require('./core/registries/hooks');
 const controllersRegistry = require('./core/registries/controllers');
 const modulesRegistry = require('./core/registries/modules');
 const pluginsRegistry = require('./core/registries/plugins');
+const customFieldsRegistry = require('./core/registries/custom-fields');
 const createConfigProvider = require('./core/registries/config');
 const apisRegistry = require('./core/registries/apis');
 const bootstrap = require('./core/bootstrap');
 const loaders = require('./core/loaders');
 const { destroyOnSignal } = require('./utils/signals');
 const sanitizersRegistry = require('./core/registries/sanitizers');
+const convertCustomFieldType = require('./utils/convert-custom-field-type');
 
 // TODO: move somewhere else
 const draftAndPublishSync = require('./migrations/draft-publish');
@@ -75,7 +77,7 @@ class Strapi {
     // Load the app configuration from the dist directory
     const appConfig = loadConfiguration({ appDir: rootDirs.app, distDir: rootDirs.dist }, opts);
 
-    // Instantiate the Strapi container
+    // Instanciate the Strapi container
     this.container = createContainer(this);
 
     // Register every Strapi registry in the container
@@ -88,9 +90,9 @@ class Strapi {
     this.container.register('controllers', controllersRegistry(this));
     this.container.register('modules', modulesRegistry(this));
     this.container.register('plugins', pluginsRegistry(this));
+    this.container.register('custom-fields', customFieldsRegistry(this));
     this.container.register('apis', apisRegistry(this));
     this.container.register('auth', createAuth(this));
-    this.container.register('content-api', createContentAPI(this));
     this.container.register('sanitizers', sanitizersRegistry(this));
 
     // Create a mapping of every useful directory (for the app, dist and static directories)
@@ -100,7 +102,7 @@ class Strapi {
     this.isLoaded = false;
     this.reload = this.reload();
 
-    // Instantiate the Koa app & the HTTP server
+    // Instanciate the Koa app & the HTTP server
     this.server = createServer(this);
 
     // Strapi utils instanciation
@@ -111,6 +113,8 @@ class Strapi {
     this.cron = createCronService();
     this.telemetry = createTelemetry(this);
 
+    this.customFields = createCustomFields(this);
+
     createUpdateNotifier(this).notify();
   }
 
@@ -190,10 +194,6 @@ class Strapi {
     return this.container.get('auth');
   }
 
-  get contentAPI() {
-    return this.container.get('content-api');
-  }
-
   get sanitizers() {
     return this.container.get('sanitizers');
   }
@@ -383,6 +383,8 @@ class Strapi {
     this.telemetry.register();
 
     await this.runLifecyclesFunctions(LIFECYCLES.REGISTER);
+    // NOTE: Swap type customField for underlying data type
+    convertCustomFieldType(this);
 
     return this;
   }
@@ -451,8 +453,6 @@ class Strapi {
     await this.server.initMiddlewares();
     await this.server.initRouting();
 
-    await this.contentAPI.permissions.registerActions();
-
     await this.runLifecyclesFunctions(LIFECYCLES.BOOTSTRAP);
 
     this.cron.start();

package/lib/commands/admin-create.js

@@ -17,7 +17,7 @@ const passwordValidator = yup
 const adminCreateSchema = yup.object().shape({
   email: emailValidator,
   password: passwordValidator,
-  firstname: yup.string().required('First name is required'),
+  firstname: yup.string().trim().required('First name is required'),
   lastname: yup.string(),
 });
 

package/lib/core/registries/custom-fields.js

@@ -0,0 +1,54 @@
+'use strict';
+
+const { has } = require('lodash/fp');
+const validators = require('../../services/entity-validator/validators');
+
+const customFieldsRegistry = (strapi) => {
+  const customFields = {};
+
+  return {
+    getAll() {
+      return customFields;
+    },
+    get(customField) {
+      const registeredCustomField = customFields[customField];
+      if (!registeredCustomField) {
+        throw new Error(`Could not find Custom Field: ${customField}`);
+      }
+
+      return registeredCustomField;
+    },
+    add(customField) {
+      const customFieldList = Array.isArray(customField) ? customField : [customField];
+
+      for (const cf of customFieldList) {
+        if (!has('name', cf) || !has('type', cf)) {
+          throw new Error(`Custom fields require a 'name' and 'type' key`);
+        }
+
+        const { name, plugin, type } = cf;
+        if (!has(type, validators)) {
+          throw new Error(
+            `Custom field type: '${type}' is not a valid Strapi type or it can't be used with a Custom Field`
+          );
+        }
+
+        const isValidObjectKey = /^(?![0-9])[a-zA-Z0-9$_-]+$/g;
+        if (!isValidObjectKey.test(name)) {
+          throw new Error(`Custom field name: '${name}' is not a valid object key`);
+        }
+
+        // When no plugin is specified, or it isn't found in Strapi, default to global
+        const uid = strapi.plugin(plugin) ? `plugin::${plugin}.${name}` : `global::${name}`;
+
+        if (has(uid, customFields)) {
+          throw new Error(`Custom field: '${uid}' has already been registered`);
+        }
+
+        customFields[uid] = cf;
+      }
+    },
+  };
+};
+
+module.exports = customFieldsRegistry;

package/lib/services/auth/index.js

@@ -32,7 +32,6 @@ const createAuthentication = () => {
 
       return this;
     },
-
     async authenticate(ctx, next) {
       const { route } = ctx.state;
 
@@ -48,7 +47,7 @@ const createAuthentication = () => {
       for (const strategy of strategiesToUse) {
         const result = await strategy.authenticate(ctx);
 
-        const { authenticated = false, credentials, ability = null, error = null } = result || {};
+        const { authenticated = false, error = null, credentials } = result || {};
 
         if (error !== null) {
           return ctx.unauthorized(error);
@@ -59,7 +58,6 @@ const createAuthentication = () => {
           ctx.state.auth = {
             strategy,
             credentials,
-            ability,
           };
 
           return next();
@@ -68,7 +66,6 @@ const createAuthentication = () => {
 
       return ctx.unauthorized('Missing or invalid credentials');
     },
-
     async verify(auth, config = {}) {
       if (config === false) {
         return;

package/lib/services/custom-fields.js

@@ -0,0 +1,11 @@
+'use strict';
+
+const createCustomFields = (strapi) => {
+  return {
+    register(customField) {
+      strapi.container.get('custom-fields').add(customField);
+    },
+  };
+};
+
+module.exports = createCustomFields;

package/lib/types/core/strapi/index.d.ts

@@ -5,6 +5,28 @@ import type { StringMap } from './utils';
 import type { GenericController } from '../../../core-api/controller'
 import type { GenericService } from '../../../core-api/service'
 
+// TODO move custom fields types to a separate file
+interface CustomFieldServerOptions {
+  /**
+   * The name of the custom field
+   */
+  name: string;
+
+  /**
+   * The name of the plugin creating the custom field
+   */
+  plugin?: string;
+
+  /**
+   * The existing Strapi data type the custom field uses
+   */
+  type: string;
+}
+
+interface CustomFields {
+  register: (customFields: CustomFieldServerOptions[] | CustomFieldServerOptions) => void;
+}
+
 /**
  * The Strapi interface implemented by the main Strapi class.
  */
@@ -24,11 +46,6 @@ export interface Strapi {
    */
   readonly auth: any;
 
-  /**
-   * Getter for the Strapi content API container
-   */
-  readonly contentAPI: any;
-
   /**
    * Getter for the Strapi sanitizers container
    */
@@ -70,6 +87,13 @@ export interface Strapi {
    */
   contentType(uid: string): any;
 
+  /**
+   * The custom fields registry
+   * 
+   * It returns the custom fields interface
+   */
+  readonly customFields: CustomFields;
+
   /**
    * Getter for the Strapi policies container
    *
@@ -200,7 +224,7 @@ export interface Strapi {
   /**
    * Restart the server and reload all the configuration.
    * It re-runs all the lifecycles phases.
-   * 
+   *
    * @example
    * ``` ts
    * setImmediate(() => strapi.reload());
@@ -228,13 +252,13 @@ export interface Strapi {
   /**
    * Opent he administration panel in a browser if the option is enabled.
    * You can disable it using the admin.autoOpen configuration variable.
-   * 
+   *
    * Note: It only works in development envs.
    */
   openAdmin(options: { isInitialized: boolean }): Promise<void>;
 
   /**
-   * Load the admin panel server logic into the server code and initialize its configuration. 
+   * Load the admin panel server logic into the server code and initialize its configuration.
    */
   loadAdmin(): Promise<void>;
 
@@ -293,7 +317,7 @@ export interface Strapi {
   container: any;
 
   /**
-   * References to all the directories handled by Strapi 
+   * References to all the directories handled by Strapi
    */
   dirs: StrapiDirectories;
 
@@ -328,7 +352,7 @@ export interface Strapi {
   startupLogger: any;
 
   /**
-   * Strapi logger used to send errors, warning or information messages 
+   * Strapi logger used to send errors, warning or information messages
    */
   log: any;
 
@@ -361,7 +385,7 @@ export interface Strapi {
   /**
    * Entity Service instance
    */
-  entityService: any;  
+  entityService: any;
 }
 
 export interface Lifecycles {
@@ -394,4 +418,4 @@ export interface StrapiDirectories {
     middlewares: string;
     config: string;
   };
-}
+}

package/lib/utils/convert-custom-field-type.js

@@ -0,0 +1,22 @@
+'use strict';
+
+const convertCustomFieldType = (strapi) => {
+  const allContentTypeSchemaAttributes = Object.values(strapi.contentTypes).map(
+    (schema) => schema.attributes
+  );
+  const allComponentSchemaAttributes = Object.values(strapi.components).map(
+    (schema) => schema.attributes
+  );
+  const allSchemasAttributes = [...allContentTypeSchemaAttributes, ...allComponentSchemaAttributes];
+
+  for (const schemaAttrbutes of allSchemasAttributes) {
+    for (const attribute of Object.values(schemaAttrbutes)) {
+      if (attribute.type === 'customField') {
+        const customField = strapi.container.get('custom-fields').get(attribute.customField);
+        attribute.type = customField.type;
+      }
+    }
+  }
+};
+
+module.exports = convertCustomFieldType;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/strapi",
-  "version": "4.4.0-beta.1",
+  "version": "4.4.0-beta.3",
   "description": "An open source headless CMS solution to create and manage your own API. It provides a powerful dashboard and features to make your life easier. Databases supported: MySQL, MariaDB, PostgreSQL, SQLite",
   "keywords": [
     "strapi",
@@ -80,18 +80,17 @@
   "dependencies": {
     "@koa/cors": "3.4.1",
     "@koa/router": "10.1.1",
-    "@strapi/admin": "4.4.0-beta.1",
-    "@strapi/database": "4.4.0-beta.1",
-    "@strapi/generate-new": "4.4.0-beta.1",
-    "@strapi/generators": "4.4.0-beta.1",
-    "@strapi/logger": "4.4.0-beta.1",
-    "@strapi/permissions": "4.4.0-beta.1",
-    "@strapi/plugin-content-manager": "4.4.0-beta.1",
-    "@strapi/plugin-content-type-builder": "4.4.0-beta.1",
-    "@strapi/plugin-email": "4.4.0-beta.1",
-    "@strapi/plugin-upload": "4.4.0-beta.1",
-    "@strapi/typescript-utils": "4.4.0-beta.1",
-    "@strapi/utils": "4.4.0-beta.1",
+    "@strapi/admin": "4.4.0-beta.3",
+    "@strapi/database": "4.4.0-beta.3",
+    "@strapi/generate-new": "4.4.0-beta.3",
+    "@strapi/generators": "4.4.0-beta.3",
+    "@strapi/logger": "4.4.0-beta.3",
+    "@strapi/plugin-content-manager": "4.4.0-beta.3",
+    "@strapi/plugin-content-type-builder": "4.4.0-beta.3",
+    "@strapi/plugin-email": "4.4.0-beta.3",
+    "@strapi/plugin-upload": "4.4.0-beta.3",
+    "@strapi/typescript-utils": "4.4.0-beta.3",
+    "@strapi/utils": "4.4.0-beta.3",
     "bcryptjs": "2.4.3",
     "boxen": "5.1.2",
     "chalk": "4.1.2",
@@ -140,5 +139,5 @@
     "node": ">=14.19.1 <=18.x.x",
     "npm": ">=6.0.0"
   },
-  "gitHead": "cae16f7f259fa4473a55e8fea57839cda98f34ae"
+  "gitHead": "baad89e67844d972ef53a6f1b0839a361bf968c0"
 }

package/lib/services/content-api/index.js

@@ -1,74 +0,0 @@
-'use strict';
-
-const _ = require('lodash');
-const instantiatePermissionsUtilities = require('./permissions');
-
-const transformRoutePrefixFor = (pluginName) => (route) => {
-  const prefix = route.config && route.config.prefix;
-  const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;
-
-  return {
-    ...route,
-    path,
-  };
-};
-
-/**
- * Create a content API container that holds logic, tools and utils. (eg: permissions, ...)
- */
-const createContentAPI = (strapi) => {
-  const getRoutesMap = async () => {
-    const routesMap = {};
-
-    _.forEach(strapi.api, (api, apiName) => {
-      const routes = _.flatMap(api.routes, (route) => {
-        if (_.has(route, 'routes')) {
-          return route.routes;
-        }
-
-        return route;
-      }).filter((route) => route.info.type === 'content-api');
-
-      if (routes.length === 0) {
-        return;
-      }
-
-      const apiPrefix = strapi.config.get('api.rest.prefix');
-      routesMap[`api::${apiName}`] = routes.map((route) => ({
-        ...route,
-        path: `${apiPrefix}${route.path}`,
-      }));
-    });
-
-    _.forEach(strapi.plugins, (plugin, pluginName) => {
-      const transformPrefix = transformRoutePrefixFor(pluginName);
-
-      const routes = _.flatMap(plugin.routes, (route) => {
-        if (_.has(route, 'routes')) {
-          return route.routes.map(transformPrefix);
-        }
-
-        return transformPrefix(route);
-      }).filter((route) => route.info.type === 'content-api');
-
-      if (routes.length === 0) {
-        return;
-      }
-
-      const apiPrefix = strapi.config.get('api.rest.prefix');
-      routesMap[`plugin::${pluginName}`] = routes.map((route) => ({
-        ...route,
-        path: `${apiPrefix}${route.path}`,
-      }));
-    });
-
-    return routesMap;
-  };
-
-  return {
-    permissions: instantiatePermissionsUtilities(strapi),
-    getRoutesMap,
-  };
-};
-
-module.exports = createContentAPI;

package/lib/services/content-api/permissions/engine.js

@@ -1,5 +0,0 @@
-'use strict';
-
-const permissions = require('@strapi/permissions');
-
-module.exports = ({ providers }) => permissions.engine.new({ providers });

package/lib/services/content-api/permissions/index.js

@@ -1,148 +0,0 @@
-'use strict';
-
-const _ = require('lodash');
-const { createActionProvider, createConditionProvider } = require('./providers');
-const createPermissionEngine = require('./engine');
-
-/**
- * Creates an handler that checks if the permission's action exists in the action registry
- */
-const createValidatePermissionHandler =
-  (actionProvider) =>
-  ({ permission }) => {
-    const action = actionProvider.get(permission.action);
-
-    // If the action isn't registered into the action provider, then ignore the permission and warn the user
-    if (!action) {
-      strapi.log.debug(
-        `Unknown action "${permission.action}" supplied when registering a new permission`
-      );
-      return false;
-    }
-  };
-
-/**
- * Create instances of providers and permission engine for the core content-API service.
- * Also, expose utilities to get informations about available actions and such.
- *
- * @param {Strapi.Strapi} strapi
- */
-module.exports = (strapi) => {
-  // NOTE: Here we define both an action and condition provider,
-  // but at the moment, we're only using the action one.
-  const providers = {
-    action: createActionProvider(),
-    condition: createConditionProvider(),
-  };
-
-  /**
-   * Get a tree representation of the available Content API actions
-   * based on the methods of the Content API controllers.
-   *
-   * @note Only actions bound to a content-API route are returned.
-   *
-   * @return {{ [api: string]: { [controller: string]: string[] }}}
-   */
-  const getActionsMap = () => {
-    const actionMap = {};
-
-    /**
-     * Check if a controller's action is bound to the
-     * content-api by looking at a potential __type__ symbol
-     *
-     * @param {object} action
-     *
-     * @return {boolean}
-     */
-    const isContentApi = (action) => {
-      if (!_.has(action, Symbol.for('__type__'))) {
-        return false;
-      }
-
-      return action[Symbol.for('__type__')].includes('content-api');
-    };
-
-    /**
-     * Register actions from a specific API source into the result tree
-     *
-     * @param {{ [apiName]: { controllers: { [controller]: object } }}} apis The API container
-     * @param {string} source The prefix to use in front the API name
-     *
-     * @return {void}
-     */
-    const registerAPIsActions = (apis, source) => {
-      _.forEach(apis, (api, apiName) => {
-        const controllers = _.reduce(
-          api.controllers,
-          (acc, controller, controllerName) => {
-            const contentApiActions = _.pickBy(controller, isContentApi);
-
-            if (_.isEmpty(contentApiActions)) {
-              return acc;
-            }
-
-            acc[controllerName] = Object.keys(contentApiActions);
-
-            return acc;
-          },
-          {}
-        );
-
-        if (!_.isEmpty(controllers)) {
-          actionMap[`${source}::${apiName}`] = { controllers };
-        }
-      });
-    };
-
-    registerAPIsActions(strapi.api, 'api');
-    registerAPIsActions(strapi.plugins, 'plugin');
-
-    return actionMap;
-  };
-
-  /**
-   * Register all the content-API's controllers actions into the action provider.
-   * This method make use of the {@link getActionsMap} to generate the list of actions to register.
-   *
-   * @return {void}
-   */
-  const registerActions = async () => {
-    const actionsMap = getActionsMap();
-
-    // For each API
-    for (const [api, value] of Object.entries(actionsMap)) {
-      const { controllers } = value;
-
-      // Register controllers methods as actions
-      for (const [controller, actions] of Object.entries(controllers)) {
-        // Register each action individually
-        await Promise.all(
-          actions.map((action) => {
-            const actionUID = `${api}.${controller}.${action}`;
-
-            return providers.action.register(actionUID, {
-              api,
-              controller,
-              action,
-              uid: actionUID,
-            });
-          })
-        );
-      }
-    }
-  };
-
-  // Create an instance of a content-API permission engine
-  // and binds a custom validation handler to it
-  const engine = createPermissionEngine({ providers }).on(
-    'before-format::validate.permission',
-    createValidatePermissionHandler(providers.action)
-  );
-
-  return {
-    engine,
-    providers,
-    registerActions,
-    getActionsMap,
-  };
-};

package/lib/services/content-api/permissions/providers/action.js

@@ -1,19 +0,0 @@
-'use strict';
-
-const { providerFactory } = require('@strapi/utils');
-
-module.exports = (options = {}) => {
-  const provider = providerFactory(options);
-
-  return {
-    ...provider,
-
-    async register(action, payload) {
-      if (strapi.isLoaded) {
-        throw new Error(`You can't register new actions outside the bootstrap function.`);
-      }
-
-      return provider.register(action, payload);
-    },
-  };
-};

package/lib/services/content-api/permissions/providers/condition.js

@@ -1,19 +0,0 @@
-'use strict';
-
-const { providerFactory } = require('@strapi/utils');
-
-module.exports = (options = {}) => {
-  const provider = providerFactory(options);
-
-  return {
-    ...provider,
-
-    async register(condition) {
-      if (strapi.isLoaded) {
-        throw new Error(`You can't register new conditions outside the bootstrap function.`);
-      }
-
-      return provider.register(condition.name, condition);
-    },
-  };
-};

package/lib/services/content-api/permissions/providers/index.js

@@ -1,9 +0,0 @@
-'use strict';
-
-const createActionProvider = require('./action');
-const createConditionProvider = require('./condition');
-
-module.exports = {
-  createActionProvider,
-  createConditionProvider,
-};