@strapi/utils 4.7.2-exp.24dd7d95972fa822bf43e9b095b51027402c229e → 4.8.1

package/coverage/lcov-report/sorter.js

@@ -0,0 +1,196 @@
+/* eslint-disable */
+var addSorting = (function() {
+    'use strict';
+    var cols,
+        currentSort = {
+            index: 0,
+            desc: false
+        };
+
+    // returns the summary table element
+    function getTable() {
+        return document.querySelector('.coverage-summary');
+    }
+    // returns the thead element of the summary table
+    function getTableHeader() {
+        return getTable().querySelector('thead tr');
+    }
+    // returns the tbody element of the summary table
+    function getTableBody() {
+        return getTable().querySelector('tbody');
+    }
+    // returns the th element for nth column
+    function getNthColumn(n) {
+        return getTableHeader().querySelectorAll('th')[n];
+    }
+
+    function onFilterInput() {
+        const searchValue = document.getElementById('fileSearch').value;
+        const rows = document.getElementsByTagName('tbody')[0].children;
+        for (let i = 0; i < rows.length; i++) {
+            const row = rows[i];
+            if (
+                row.textContent
+                    .toLowerCase()
+                    .includes(searchValue.toLowerCase())
+            ) {
+                row.style.display = '';
+            } else {
+                row.style.display = 'none';
+            }
+        }
+    }
+
+    // loads the search box
+    function addSearchBox() {
+        var template = document.getElementById('filterTemplate');
+        var templateClone = template.content.cloneNode(true);
+        templateClone.getElementById('fileSearch').oninput = onFilterInput;
+        template.parentElement.appendChild(templateClone);
+    }
+
+    // loads all columns
+    function loadColumns() {
+        var colNodes = getTableHeader().querySelectorAll('th'),
+            colNode,
+            cols = [],
+            col,
+            i;
+
+        for (i = 0; i < colNodes.length; i += 1) {
+            colNode = colNodes[i];
+            col = {
+                key: colNode.getAttribute('data-col'),
+                sortable: !colNode.getAttribute('data-nosort'),
+                type: colNode.getAttribute('data-type') || 'string'
+            };
+            cols.push(col);
+            if (col.sortable) {
+                col.defaultDescSort = col.type === 'number';
+                colNode.innerHTML =
+                    colNode.innerHTML + '<span class="sorter"></span>';
+            }
+        }
+        return cols;
+    }
+    // attaches a data attribute to every tr element with an object
+    // of data values keyed by column name
+    function loadRowData(tableRow) {
+        var tableCols = tableRow.querySelectorAll('td'),
+            colNode,
+            col,
+            data = {},
+            i,
+            val;
+        for (i = 0; i < tableCols.length; i += 1) {
+            colNode = tableCols[i];
+            col = cols[i];
+            val = colNode.getAttribute('data-value');
+            if (col.type === 'number') {
+                val = Number(val);
+            }
+            data[col.key] = val;
+        }
+        return data;
+    }
+    // loads all row data
+    function loadData() {
+        var rows = getTableBody().querySelectorAll('tr'),
+            i;
+
+        for (i = 0; i < rows.length; i += 1) {
+            rows[i].data = loadRowData(rows[i]);
+        }
+    }
+    // sorts the table using the data for the ith column
+    function sortByIndex(index, desc) {
+        var key = cols[index].key,
+            sorter = function(a, b) {
+                a = a.data[key];
+                b = b.data[key];
+                return a < b ? -1 : a > b ? 1 : 0;
+            },
+            finalSorter = sorter,
+            tableBody = document.querySelector('.coverage-summary tbody'),
+            rowNodes = tableBody.querySelectorAll('tr'),
+            rows = [],
+            i;
+
+        if (desc) {
+            finalSorter = function(a, b) {
+                return -1 * sorter(a, b);
+            };
+        }
+
+        for (i = 0; i < rowNodes.length; i += 1) {
+            rows.push(rowNodes[i]);
+            tableBody.removeChild(rowNodes[i]);
+        }
+
+        rows.sort(finalSorter);
+
+        for (i = 0; i < rows.length; i += 1) {
+            tableBody.appendChild(rows[i]);
+        }
+    }
+    // removes sort indicators for current column being sorted
+    function removeSortIndicators() {
+        var col = getNthColumn(currentSort.index),
+            cls = col.className;
+
+        cls = cls.replace(/ sorted$/, '').replace(/ sorted-desc$/, '');
+        col.className = cls;
+    }
+    // adds sort indicators for current column being sorted
+    function addSortIndicators() {
+        getNthColumn(currentSort.index).className += currentSort.desc
+            ? ' sorted-desc'
+            : ' sorted';
+    }
+    // adds event listeners for all sorter widgets
+    function enableUI() {
+        var i,
+            el,
+            ithSorter = function ithSorter(i) {
+                var col = cols[i];
+
+                return function() {
+                    var desc = col.defaultDescSort;
+
+                    if (currentSort.index === i) {
+                        desc = !currentSort.desc;
+                    }
+                    sortByIndex(i, desc);
+                    removeSortIndicators();
+                    currentSort.index = i;
+                    currentSort.desc = desc;
+                    addSortIndicators();
+                };
+            };
+        for (i = 0; i < cols.length; i += 1) {
+            if (cols[i].sortable) {
+                // add the click event handler on the th so users
+                // dont have to click on those tiny arrows
+                el = getNthColumn(i).querySelector('.sorter').parentElement;
+                if (el.addEventListener) {
+                    el.addEventListener('click', ithSorter(i));
+                } else {
+                    el.attachEvent('onclick', ithSorter(i));
+                }
+            }
+        }
+    }
+    // adds sorting functionality to the UI
+    return function() {
+        if (!getTable()) {
+            return;
+        }
+        cols = loadColumns();
+        loadData();
+        addSearchBox();
+        addSortIndicators();
+        enableUI();
+    };
+})();
+
+window.addEventListener('load', addSorting);

package/lib/index.js

@@ -41,8 +41,8 @@ const { pipeAsync, mapAsync, reduceAsync, forEachAsync } = require('./async');
 const convertQueryParams = require('./convert-query-params');
 const importDefault = require('./import-default');
 const template = require('./template');
-const traverse = require('./traverse');
 const file = require('./file');
+const traverse = require('./traverse');
 
 module.exports = {
   yup,
@@ -91,6 +91,6 @@ module.exports = {
   validateYupSchemaSync,
   convertQueryParams,
   importDefault,
-  traverse,
   file,
+  traverse,
 };

package/lib/sanitize/index.js

@@ -11,138 +11,128 @@ const traverseEntity = require('../traverse-entity');
 
 const { traverseQueryFilters, traverseQuerySort, traverseQueryPopulate } = require('../traverse');
 
-module.exports = {
-  contentAPI: {
-    input(data, schema, { auth } = {}) {
-      if (isArray(data)) {
-        return Promise.all(data.map((entry) => this.input(entry, schema, { auth })));
-      }
-
-      const nonWritableAttributes = getNonWritableAttributes(schema);
-
-      const transforms = [
-        // Remove non writable attributes
-        traverseEntity(visitors.restrictedFields(nonWritableAttributes), { schema }),
-      ];
+const createContentAPISanitizers = () => {
+  const sanitizeInput = (data, schema, { auth } = {}) => {
+    if (isArray(data)) {
+      return Promise.all(data.map((entry) => sanitizeInput(entry, schema, { auth })));
+    }
 
-      if (auth) {
-        // Remove restricted relations
-        transforms.push(traverseEntity(visitors.removeRestrictedRelations(auth), { schema }));
-      }
+    const nonWritableAttributes = getNonWritableAttributes(schema);
 
-      // Apply sanitizers from registry if exists
-      strapi.sanitizers
-        .get('content-api.input')
-        .forEach((sanitizer) => transforms.push(sanitizer(schema)));
+    const transforms = [
+      // Remove non writable attributes
+      traverseEntity(visitors.restrictedFields(nonWritableAttributes), { schema }),
+    ];
 
-      return pipeAsync(...transforms)(data);
-    },
+    if (auth) {
+      // Remove restricted relations
+      transforms.push(traverseEntity(visitors.removeRestrictedRelations(auth), { schema }));
+    }
 
-    output(data, schema, { auth } = {}) {
-      if (isArray(data)) {
-        return Promise.all(data.map((entry) => this.output(entry, schema, { auth })));
-      }
+    // Apply sanitizers from registry if exists
+    strapi.sanitizers
+      .get('content-api.input')
+      .forEach((sanitizer) => transforms.push(sanitizer(schema)));
 
-      const transforms = [sanitizers.defaultSanitizeOutput(schema)];
+    return pipeAsync(...transforms)(data);
+  };
 
-      if (auth) {
-        transforms.push(traverseEntity(visitors.removeRestrictedRelations(auth), { schema }));
-      }
+  const sanitizeOuput = (data, schema, { auth } = {}) => {
+    if (isArray(data)) {
+      return Promise.all(data.map((entry) => sanitizeOuput(entry, schema, { auth })));
+    }
 
-      // Apply sanitizers from registry if exists
-      strapi.sanitizers
-        .get('content-api.output')
-        .forEach((sanitizer) => transforms.push(sanitizer(schema)));
+    const transforms = [sanitizers.defaultSanitizeOutput(schema)];
 
-      return pipeAsync(...transforms)(data);
-    },
+    if (auth) {
+      transforms.push(traverseEntity(visitors.removeRestrictedRelations(auth), { schema }));
+    }
 
-    async params(params, schema, { auth } = {}) {
-      const { filters, sort, fields, populate } = params;
+    // Apply sanitizers from registry if exists
+    strapi.sanitizers
+      .get('content-api.output')
+      .forEach((sanitizer) => transforms.push(sanitizer(schema)));
 
-      const sanitizedParams = cloneDeep(params);
+    return pipeAsync(...transforms)(data);
+  };
 
-      if (filters) {
-        Object.assign(sanitizedParams, { filters: await this.filters(filters, schema, { auth }) });
-      }
+  const sanitizeQuery = async (query, schema, { auth } = {}) => {
+    const { filters, sort, fields, populate } = query;
 
-      if (sort) {
-        Object.assign(sanitizedParams, { sort: await this.sort(sort, schema, { auth }) });
-      }
+    const sanitizedQuery = cloneDeep(query);
 
-      if (fields) {
-        Object.assign(sanitizedParams, { fields: await this.fields(fields, schema) });
-      }
+    if (filters) {
+      Object.assign(sanitizedQuery, { filters: await sanitizeFilters(filters, schema, { auth }) });
+    }
 
-      if (populate) {
-        Object.assign(sanitizedParams, { populate: await this.populate(populate, schema) });
-      }
+    if (sort) {
+      Object.assign(sanitizedQuery, { sort: await sanitizeSort(sort, schema, { auth }) });
+    }
 
-      return sanitizedParams;
-    },
+    if (fields) {
+      Object.assign(sanitizedQuery, { fields: await sanitizeFields(fields, schema) });
+    }
 
-    filters(filters, schema, { auth } = {}) {
-      if (isArray(filters)) {
-        return Promise.all(filters.map((filter) => this.filters(filter, schema, { auth })));
-      }
+    if (populate) {
+      Object.assign(sanitizedQuery, { populate: await sanitizePopulate(populate, schema) });
+    }
 
-      const transforms = [sanitizers.defaultSanitizeFilters(schema)];
+    return sanitizedQuery;
+  };
 
-      if (auth) {
-        transforms.push(traverseQueryFilters(visitors.removeRestrictedRelations(auth), { schema }));
-      }
+  const sanitizeFilters = (filters, schema, { auth } = {}) => {
+    if (isArray(filters)) {
+      return Promise.all(filters.map((filter) => sanitizeFilters(filter, schema, { auth })));
+    }
 
-      // Apply sanitizers from registry if exists
-      strapi.sanitizers
-        .get('content-api.filters')
-        .forEach((sanitizer) => transforms.push(sanitizer(schema)));
+    const transforms = [sanitizers.defaultSanitizeFilters(schema)];
 
-      return pipeAsync(...transforms)(filters);
-    },
+    if (auth) {
+      transforms.push(traverseQueryFilters(visitors.removeRestrictedRelations(auth), { schema }));
+    }
 
-    sort(sort, schema, { auth } = {}) {
-      const transforms = [sanitizers.defaultSanitizeSort(schema)];
+    return pipeAsync(...transforms)(filters);
+  };
 
-      if (auth) {
-        transforms.push(traverseQuerySort(visitors.removeRestrictedRelations(auth), { schema }));
-      }
+  const sanitizeSort = (sort, schema, { auth } = {}) => {
+    const transforms = [sanitizers.defaultSanitizeSort(schema)];
 
-      // Apply sanitizers from registry if exists
-      strapi.sanitizers
-        .get('content-api.sort')
-        .forEach((sanitizer) => transforms.push(sanitizer(schema)));
+    if (auth) {
+      transforms.push(traverseQuerySort(visitors.removeRestrictedRelations(auth), { schema }));
+    }
 
-      return pipeAsync(...transforms)(sort);
-    },
+    return pipeAsync(...transforms)(sort);
+  };
 
-    fields(fields, schema) {
-      const transforms = [sanitizers.defaultSanitizeFields(schema)];
+  const sanitizeFields = (fields, schema) => {
+    const transforms = [sanitizers.defaultSanitizeFields(schema)];
 
-      // Apply sanitizers from registry if exists
-      strapi.sanitizers
-        .get('content-api.fields')
-        .forEach((sanitizer) => transforms.push(sanitizer(schema)));
+    return pipeAsync(...transforms)(fields);
+  };
 
-      return pipeAsync(...transforms)(fields);
-    },
+  const sanitizePopulate = (populate, schema, { auth } = {}) => {
+    const transforms = [sanitizers.defaultSanitizePopulate(schema)];
 
-    populate(populate, schema, { auth } = {}) {
-      const transforms = [sanitizers.defaultSanitizePopulate(schema)];
+    if (auth) {
+      transforms.push(traverseQueryPopulate(visitors.removeRestrictedRelations(auth), { schema }));
+    }
 
-      if (auth) {
-        transforms.push(
-          traverseQueryPopulate(visitors.removeRestrictedRelations(auth), { schema })
-        );
-      }
+    return pipeAsync(...transforms)(populate);
+  };
 
-      // Apply sanitizers from registry if exists
-      strapi.sanitizers
-        .get('content-api.populate')
-        .forEach((sanitizer) => transforms.push(sanitizer(schema)));
+  return {
+    input: sanitizeInput,
+    output: sanitizeOuput,
+    query: sanitizeQuery,
+    filters: sanitizeFilters,
+    sort: sanitizeSort,
+    fields: sanitizeFields,
+    populate: sanitizePopulate,
+  };
+};
 
-      return pipeAsync(...transforms)(populate);
-    },
-  },
+module.exports = {
+  contentAPI: createContentAPISanitizers(),
 
   sanitizers,
   visitors,

package/lib/sanitize/sanitizers.js

@@ -38,6 +38,8 @@ const defaultSanitizeFilters = curry((schema, filters) => {
     traverseQueryFilters(removeDynamicZones, { schema }),
     // Remove morpTo relations from filters
     traverseQueryFilters(removeMorphToRelations, { schema }),
+    // Remove passwords from filters
+    traverseQueryFilters(removePassword, { schema }),
     // Remove private from filters
     traverseQueryFilters(removePrivate, { schema }),
     // Remove empty objects
@@ -69,6 +71,8 @@ const defaultSanitizeSort = curry((schema, sort) => {
     traverseQuerySort(removeMorphToRelations, { schema }),
     // Remove private from sort
     traverseQuerySort(removePrivate, { schema }),
+    // Remove passwords from filters
+    traverseQuerySort(removePassword, { schema }),
     // Remove keys for empty non-scalar values
     traverseQuerySort(
       ({ key, attribute, value }, { remove }) => {
@@ -94,6 +98,8 @@ const defaultSanitizeFields = curry((schema, fields) => {
     ),
     // Remove private fields
     traverseQueryFields(removePrivate, { schema }),
+    // Remove password fields
+    traverseQueryFields(removePassword, { schema }),
     // Remove nil values from fields array
     (value) => (isArray(value) ? value.filter((field) => !isNil(field)) : value)
   )(fields);

package/lib/traverse/factory.js

@@ -37,7 +37,10 @@ module.exports = () => {
     const keys = utils.keys(out);
 
     for (const key of keys) {
-      const attribute = schema?.attributes?.[key];
+      const attribute =
+        schema?.attributes?.[key] ??
+        // look for the attribute when key is in snake_case
+        schema?.attributes?.[strapi.db.metadata.get(schema?.uid).columnToAttribute[key]];
 
       const newPath = { ...path };
 

package/lib/traverse/query-filters.js

@@ -11,8 +11,8 @@ const filters = traverseFactory()
     async (visitor, options, filters, { recurse }) => {
       return Promise.all(
         filters.map((filter, i) => {
-          // In filters, only operators such as $and or $or can have a value
-          // array, thus we can update the raw path but not the attribute one
+          // In filters, only operators such as $and, $in, $notIn or $or and implicit operators like [...]
+          // can have a value array, thus we can update the raw path but not the attribute one
           const newPath = { ...options.path, raw: `${options.path.raw}[${i}]` };
 
           return recurse(visitor, { ...options, path: newPath }, filter);

package/lib/traverse/query-sort.js

@@ -3,6 +3,7 @@
 const {
   curry,
   isString,
+  isObject,
   map,
   trim,
   split,
@@ -21,6 +22,7 @@ const ORDER_VALUES = Object.values(ORDERS);
 
 const isSortOrder = (value) => ORDER_VALUES.includes(value.toLowerCase());
 const isStringArray = (value) => Array.isArray(value) && value.every(isString);
+const isObjectArray = (value) => Array.isArray(value) && value.every(isObject);
 const isNestedSorts = (value) => isString(value) && value.split(',').length > 1;
 
 const sort = traverseFactory()
@@ -45,6 +47,15 @@ const sort = traverseFactory()
       );
     }
   )
+  .intercept(
+    // Array of objects [{ foo: 'asc' }, { bar: 'desc', baz: 'asc' }] => map(recurse), then filter out empty items
+    isObjectArray,
+    async (visitor, options, sort, { recurse }) => {
+      return Promise.all(sort.map((nestedSort) => recurse(visitor, options, nestedSort))).then(
+        (res) => res.filter((nestedSort) => !isEmpty(nestedSort))
+      );
+    }
+  )
   // Parse string values
   .parse(
     (sort) => typeof sort === 'string',

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/utils",
-  "version": "4.7.2-exp.24dd7d95972fa822bf43e9b095b51027402c229e",
+  "version": "4.8.1",
   "description": "Shared utilities for the Strapi packages",
   "keywords": [
     "strapi",
@@ -46,5 +46,5 @@
     "node": ">=14.19.1 <=18.x.x",
     "npm": ">=6.0.0"
   },
-  "gitHead": "24dd7d95972fa822bf43e9b095b51027402c229e"
+  "gitHead": "b3cb13cb14302ba2ccf2ab6fab774f08efe9f1b7"
 }