@strapi/utils 4.0.0-next.6 → 4.0.0

package/lib/sanitize/visitors/restricted-fields.js

@@ -0,0 +1,31 @@
+'use strict';
+
+const { isArray } = require('lodash/fp');
+
+module.exports = (restrictedFields = null) => ({ key, path }, { remove }) => {
+  // Remove all fields
+  if (restrictedFields === null) {
+    remove(key);
+    return;
+  }
+
+  // Ignore invalid formats
+  if (!isArray(restrictedFields)) {
+    return;
+  }
+
+  // Remove if an exact match was found
+  if (restrictedFields.includes(path)) {
+    remove(key);
+    return;
+  }
+
+  // Remove nested matches
+  const isRestrictedNested = restrictedFields.some(allowedPath =>
+    path.startsWith(`${allowedPath}.`)
+  );
+  if (isRestrictedNested) {
+    remove(key);
+    return;
+  }
+};

package/lib/string-formatting.js

@@ -33,6 +33,8 @@ const escapeQuery = (query, charsToEscape, escapeChar = '\\') => {
 
 const stringIncludes = (arr, val) => arr.map(String).includes(String(val));
 const stringEquals = (a, b) => String(a) === String(b);
+const isCamelCase = value => /^[a-z][a-zA-Z0-9]+$/.test(value);
+const isKebabCase = value => /^([a-z][a-z0-9]*)(-[a-z0-9]+)*$/.test(value);
 
 module.exports = {
   nameToSlug,
@@ -42,4 +44,6 @@ module.exports = {
   escapeQuery,
   stringIncludes,
   stringEquals,
+  isCamelCase,
+  isKebabCase,
 };

package/lib/traverse-entity.js

@@ -0,0 +1,100 @@
+'use strict';
+
+const { cloneDeep, isObject, isArray, isNil, curry } = require('lodash/fp');
+
+const traverseEntity = async (visitor, options, entity) => {
+  const { path = null, schema } = options;
+
+  // End recursion
+  if (!isObject(entity) || isNil(schema)) {
+    return entity;
+  }
+
+  // Don't mutate the original entity object
+  const copy = cloneDeep(entity);
+
+  for (const key of Object.keys(copy)) {
+    // Retrieve the attribute definition associated to the key from the schema
+    const attribute = schema.attributes[key];
+
+    // If the attribute doesn't exist within the schema, ignore it
+    if (isNil(attribute)) {
+      continue;
+    }
+
+    const newPath = path ? `${path}.${key}` : key;
+
+    // Visit the current attribute
+    const visitorOptions = { data: copy, schema, key, value: copy[key], attribute, path: newPath };
+    const visitorUtils = createVisitorUtils({ data: copy });
+
+    await visitor(visitorOptions, visitorUtils);
+
+    // Extract the value for the current key (after calling the visitor)
+    const value = copy[key];
+
+    // Ignore Nil values
+    if (isNil(value)) {
+      continue;
+    }
+
+    const isRelation = attribute.type === 'relation';
+    const isComponent = attribute.type === 'component';
+    const isDynamicZone = attribute.type === 'dynamiczone';
+
+    if (isRelation) {
+      const isMorphRelation = attribute.relation.toLowerCase().startsWith('morph');
+
+      const traverseTarget = entry => {
+        // Handle polymorphic relationships
+        const targetSchemaUID = isMorphRelation ? entry.__type : attribute.target;
+        const targetSchema = strapi.getModel(targetSchemaUID);
+
+        const traverseOptions = { schema: targetSchema, path: newPath };
+
+        return traverseEntity(visitor, traverseOptions, entry);
+      };
+
+      // need to update copy
+      copy[key] = isArray(value)
+        ? await Promise.all(value.map(traverseTarget))
+        : await traverseTarget(value);
+    }
+
+    if (isComponent) {
+      const targetSchema = strapi.getModel(attribute.component);
+      const traverseOptions = { schema: targetSchema, path: newPath };
+
+      const traverseComponent = entry => traverseEntity(visitor, traverseOptions, entry);
+
+      copy[key] = isArray(value)
+        ? await Promise.all(value.map(traverseComponent))
+        : await traverseComponent(value);
+    }
+
+    if (isDynamicZone && isArray(value)) {
+      const visitDynamicZoneEntry = entry => {
+        const targetSchema = strapi.getModel(entry.__component);
+        const traverseOptions = { schema: targetSchema, path: newPath };
+
+        return traverseEntity(visitor, traverseOptions, entry);
+      };
+
+      copy[key] = await Promise.all(value.map(visitDynamicZoneEntry));
+    }
+  }
+
+  return copy;
+};
+
+const createVisitorUtils = ({ data }) => ({
+  remove(key) {
+    delete data[key];
+  },
+
+  set(key, value) {
+    data[key] = value;
+  },
+});
+
+module.exports = curry(traverseEntity);

package/lib/validators.js

@@ -2,6 +2,10 @@
 
 const yup = require('yup');
 const _ = require('lodash');
+const { defaults } = require('lodash/fp');
+const utils = require('./string-formatting');
+const { YupValidationError } = require('./errors');
+const printValue = require('./print-value');
 
 const MixedSchemaType = yup.mixed;
 
@@ -16,8 +20,32 @@ function isNotNull(msg = '${path} cannot be null.') {
   return this.test('defined', msg, isNotNullTest);
 }
 
+function isFunction(message = '${path} is not a function') {
+  return this.test('is a function', message, value => _.isUndefined(value) || _.isFunction(value));
+}
+
+function isCamelCase(message = '${path} is not in camel case (anExampleOfCamelCase)') {
+  return this.test('is in camelCase', message, value => utils.isCamelCase(value));
+}
+
+function isKebabCase(message = '${path} is not in kebab case (an-example-of-kebab-case)') {
+  return this.test('is in kebab-case', message, value => utils.isKebabCase(value));
+}
+
+function onlyContainsFunctions(message = '${path} contains values that are not functions') {
+  return this.test(
+    'only contains functions',
+    message,
+    value => _.isUndefined(value) || (value && Object.values(value).every(_.isFunction))
+  );
+}
+
 yup.addMethod(yup.mixed, 'notNil', isNotNill);
 yup.addMethod(yup.mixed, 'notNull', isNotNull);
+yup.addMethod(yup.mixed, 'isFunction', isFunction);
+yup.addMethod(yup.string, 'isCamelCase', isCamelCase);
+yup.addMethod(yup.string, 'isKebabCase', isKebabCase);
+yup.addMethod(yup.object, 'onlyContainsFunctions', onlyContainsFunctions);
 
 class StrapiIDSchema extends MixedSchemaType {
   constructor() {
@@ -31,27 +59,53 @@ class StrapiIDSchema extends MixedSchemaType {
 
 yup.strapiID = () => new StrapiIDSchema();
 
-/**
- * Returns a formatted error for http responses
- * @param {Object} validationError - a Yup ValidationError
- */
-const formatYupErrors = validationError => {
-  if (!validationError.inner) {
-    throw new Error('invalid.input');
-  }
+const handleYupError = (error, errorMessage) => {
+  throw new YupValidationError(error, errorMessage);
+};
 
-  if (validationError.inner.length === 0) {
-    if (validationError.path === undefined) return validationError.errors;
-    return { [validationError.path]: validationError.errors };
+const defaultValidationParam = { strict: true, abortEarly: false };
+
+const validateYupSchema = (schema, options = {}) => async (body, errorMessage) => {
+  try {
+    const optionsWithDefaults = defaults(defaultValidationParam, options);
+    return await schema.validate(body, optionsWithDefaults);
+  } catch (e) {
+    handleYupError(e, errorMessage);
   }
+};
 
-  return validationError.inner.reduce((acc, err) => {
-    acc[err.path] = err.errors;
-    return acc;
-  }, {});
+const validateYupSchemaSync = (schema, options = {}) => (body, errorMessage) => {
+  try {
+    const optionsWithDefaults = defaults(defaultValidationParam, options);
+    return schema.validateSync(body, optionsWithDefaults);
+  } catch (e) {
+    handleYupError(e, errorMessage);
+  }
 };
 
+// Temporary fix of this issue : https://github.com/jquense/yup/issues/616
+yup.setLocale({
+  mixed: {
+    notType({ path, type, value, originalValue }) {
+      let isCast = originalValue != null && originalValue !== value;
+      let msg =
+        `${path} must be a \`${type}\` type, ` +
+        `but the final value was: \`${printValue(value, true)}\`` +
+        (isCast ? ` (cast from the value \`${printValue(originalValue, true)}\`).` : '.');
+
+      /* Remove comment that is not supposed to be seen by the enduser
+      if (value === null) {
+        msg += `\n If "null" is intended as an empty value be sure to mark the schema as \`.nullable()\``;
+      }
+      */
+      return msg;
+    },
+  },
+});
+
 module.exports = {
   yup,
-  formatYupErrors,
+  handleYupError,
+  validateYupSchema,
+  validateYupSchemaSync,
 };

package/package.json

@@ -1,49 +1,46 @@
 {
   "name": "@strapi/utils",
-  "version": "4.0.0-next.6",
+  "version": "4.0.0",
   "description": "Shared utilities for the Strapi packages",
-  "homepage": "https://strapi.io",
   "keywords": [
     "strapi",
-    "utilities",
-    "utils",
-    "winston"
+    "utils"
   ],
-  "directories": {
-    "lib": "./lib"
+  "homepage": "https://strapi.io",
+  "bugs": {
+    "url": "https://github.com/strapi/strapi/issues"
   },
-  "main": "./lib",
-  "dependencies": {
-    "@sindresorhus/slugify": "1.1.0",
-    "date-fns": "^2.19.0",
-    "lodash": "4.17.21",
-    "pino": "^4.7.1",
-    "pluralize": "^8.0.0",
-    "yup": "^0.32.9"
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/strapi/strapi.git"
   },
+  "license": "SEE LICENSE IN LICENSE",
   "author": {
+    "name": "Strapi Solutions SAS",
     "email": "hi@strapi.io",
-    "name": "Strapi team",
     "url": "https://strapi.io"
   },
   "maintainers": [
     {
-      "name": "Strapi team",
+      "name": "Strapi Solutions SAS",
       "email": "hi@strapi.io",
       "url": "https://strapi.io"
     }
   ],
-  "repository": {
-    "type": "git",
-    "url": "git://github.com/strapi/strapi.git"
+  "main": "./lib",
+  "directories": {
+    "lib": "./lib"
   },
-  "bugs": {
-    "url": "https://github.com/strapi/strapi/issues"
+  "dependencies": {
+    "@sindresorhus/slugify": "1.1.0",
+    "date-fns": "2.24.0",
+    "http-errors": "1.8.0",
+    "lodash": "4.17.21",
+    "yup": "0.32.9"
   },
   "engines": {
     "node": ">=12.x.x <=16.x.x",
     "npm": ">=6.0.0"
   },
-  "license": "SEE LICENSE IN LICENSE",
-  "gitHead": "f528a865cb9c4234f2cda4f0df5b40e7c427ff9a"
+  "gitHead": "b181702f0202b2c6d645d42b195a831f25cd0b03"
 }

package/lib/convert-rest-query-params.js

@@ -1,243 +0,0 @@
-'use strict';
-
-/**
- * Converts the standard Strapi REST query params to a moe usable format for querying
- * You can read more here: https://strapi.io/documentation/developer-docs/latest/developer-resources/content-api/content-api.html#filters
- */
-
-const _ = require('lodash');
-const {
-  constants: { DP_PUB_STATES },
-} = require('./content-types');
-
-const BOOLEAN_OPERATORS = ['or', 'and'];
-const QUERY_OPERATORS = ['_where', '_or', '_and'];
-
-/**
- * Global converter
- * @param {Object} params
- * @param defaults
- */
-const convertRestQueryParams = (params = {}, defaults = {}) => {
-  if (typeof params !== 'object' || params === null) {
-    throw new Error(
-      `convertRestQueryParams expected an object got ${params === null ? 'null' : typeof params}`
-    );
-  }
-
-  let finalParams = Object.assign({ start: 0, limit: 100 }, defaults);
-
-  if (Object.keys(params).length === 0) {
-    return finalParams;
-  }
-
-  if (_.has(params, '_sort')) {
-    finalParams.sort = convertSortQueryParams(params._sort);
-  }
-
-  if (_.has(params, '_start')) {
-    finalParams.start = convertStartQueryParams(params._start);
-  }
-
-  if (_.has(params, '_limit')) {
-    finalParams.limit = convertLimitQueryParams(params._limit);
-  }
-
-  if (_.has(params, '_publicationState')) {
-    Object.assign(finalParams, convertPublicationStateParams(params._publicationState));
-  }
-
-  const whereParams = convertExtraRootParams(
-    _.omit(params, ['_sort', '_start', '_limit', '_where', '_publicationState'])
-  );
-
-  const whereClauses = [];
-
-  if (_.keys(whereParams).length > 0) {
-    whereClauses.push(...convertWhereParams(whereParams));
-  }
-
-  if (_.has(params, '_where')) {
-    whereClauses.push(...convertWhereParams(params._where));
-  }
-
-  Object.assign(finalParams, { where: whereClauses });
-
-  return finalParams;
-};
-
-/**
- * Convert params prefixed with _ by removing the prefix after we have handle the internal params
- * NOTE: This is only a temporary patch for v3 to handle extra params coming from plugins
- * @param {object} params
- * @returns {object}
- */
-const convertExtraRootParams = params => {
-  return Object.entries(params).reduce((acc, [key, value]) => {
-    if (_.startsWith(key, '_') && !QUERY_OPERATORS.includes(key)) {
-      acc[key.slice(1)] = value;
-    } else {
-      acc[key] = value;
-    }
-
-    return acc;
-  }, {});
-};
-
-/**
- * Sort query parser
- * @param {string} sortQuery - ex: id:asc,price:desc
- */
-const convertSortQueryParams = sortQuery => {
-  if (typeof sortQuery !== 'string') {
-    throw new Error(`convertSortQueryParams expected a string, got ${typeof sortQuery}`);
-  }
-
-  // TODO: handle array input
-
-  const sortKeys = [];
-
-  sortQuery.split(',').forEach(part => {
-    // split field and order param with default order to ascending
-    const [field, order = 'asc'] = part.split(':');
-
-    if (field.length === 0) {
-      throw new Error('Field cannot be empty');
-    }
-
-    if (!['asc', 'desc'].includes(order.toLocaleLowerCase())) {
-      throw new Error('order can only be one of asc|desc|ASC|DESC');
-    }
-
-    sortKeys.push(_.set({}, field, order.toLowerCase()));
-  });
-
-  return sortKeys;
-};
-
-/**
- * Start query parser
- * @param {string} startQuery - ex: id:asc,price:desc
- */
-const convertStartQueryParams = startQuery => {
-  const startAsANumber = _.toNumber(startQuery);
-
-  if (!_.isInteger(startAsANumber) || startAsANumber < 0) {
-    throw new Error(`convertStartQueryParams expected a positive integer got ${startAsANumber}`);
-  }
-
-  return startAsANumber;
-};
-
-/**
- * Limit query parser
- * @param {string} limitQuery - ex: id:asc,price:desc
- */
-const convertLimitQueryParams = limitQuery => {
-  const limitAsANumber = _.toNumber(limitQuery);
-
-  if (!_.isInteger(limitAsANumber) || (limitAsANumber !== -1 && limitAsANumber < 0)) {
-    throw new Error(`convertLimitQueryParams expected a positive integer got ${limitAsANumber}`);
-  }
-
-  return limitAsANumber;
-};
-
-/**
- * publicationState query parser
- * @param {string} publicationState - eg: 'live', 'preview'
- */
-const convertPublicationStateParams = publicationState => {
-  if (!DP_PUB_STATES.includes(publicationState)) {
-    throw new Error(
-      `convertPublicationStateParams expected a value from: ${DP_PUB_STATES.join(
-        ', '
-      )}. Got ${publicationState} instead`
-    );
-  }
-
-  return { publicationState };
-};
-
-// List of all the possible filters
-const VALID_REST_OPERATORS = [
-  'eq',
-  'ne',
-  'in',
-  'nin',
-  'contains',
-  'ncontains',
-  'containss',
-  'ncontainss',
-  'lt',
-  'lte',
-  'gt',
-  'gte',
-  'null',
-];
-
-/**
- * Parse where params
- */
-const convertWhereParams = whereParams => {
-  let finalWhere = [];
-
-  if (Array.isArray(whereParams)) {
-    return whereParams.reduce((acc, whereParam) => {
-      return acc.concat(convertWhereParams(whereParam));
-    }, []);
-  }
-
-  Object.keys(whereParams).forEach(whereClause => {
-    const { field, operator = 'eq', value } = convertWhereClause(
-      whereClause,
-      whereParams[whereClause]
-    );
-
-    finalWhere.push({
-      field,
-      operator,
-      value,
-    });
-  });
-
-  return finalWhere;
-};
-
-/**
- * Parse single where param
- * @param {string} whereClause - Any possible where clause e.g: id_ne text_ncontains
- * @param {string} value - the value of the where clause e.g id_ne=value
- */
-const convertWhereClause = (whereClause, value) => {
-  const separatorIndex = whereClause.lastIndexOf('_');
-
-  // eq operator
-  if (separatorIndex === -1) {
-    return { field: whereClause, value };
-  }
-
-  // split field and operator
-  const field = whereClause.substring(0, separatorIndex);
-  const operator = whereClause.slice(separatorIndex + 1);
-
-  if (BOOLEAN_OPERATORS.includes(operator) && field === '') {
-    return { field: null, operator, value: [].concat(value).map(convertWhereParams) };
-  }
-
-  // the field as underscores
-  if (!VALID_REST_OPERATORS.includes(operator)) {
-    return { field: whereClause, value };
-  }
-
-  return { field, operator, value };
-};
-
-module.exports = {
-  convertRestQueryParams,
-  convertSortQueryParams,
-  convertStartQueryParams,
-  convertLimitQueryParams,
-  VALID_REST_OPERATORS,
-  QUERY_OPERATORS,
-};

package/lib/finder.js

@@ -1,32 +0,0 @@
-'use strict';
-
-/**
- * Module dependencies
- */
-
-const _ = require('lodash');
-
-/**
- * Find controller's location
- */
-
-module.exports = (api, controller) => {
-  if (!_.isObject(api)) {
-    throw new Error('Should be an object');
-  }
-
-  if (_.isObject(controller) && _.has(controller, 'identity')) {
-    controller = controller.identity.toLowerCase();
-  } else if (_.isString(controller)) {
-    controller = controller.toLowerCase();
-  } else {
-    throw new Error('Should be an object or a string');
-  }
-
-  const where = _.findKey(api, o => {
-    return _.get(o, `controllers.${controller}`);
-  });
-
-  // Return the API's name where the controller is located
-  return where;
-};