@webbio/strapi-plugin-page-builder 0.9.10-authentication → 0.9.12-authentication

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@webbio/strapi-plugin-page-builder",
-	"version": "0.9.10-authentication",
+	"version": "0.9.12-authentication",
 	"description": "This is the description of the plugin.",
 	"scripts": {
 		"develop": "tsc -p tsconfig.server.json -w",

package/server/bootstrap.ts

@@ -37,18 +37,18 @@ export default async ({ strapi }: { strapi: Strapi }) => {
 		async beforeUpdate(event) {
 			if (event.params.data.id) {
 				const userToUpdate = await strapi.entityService?.findOne(USER_PERMISSION_USER_PLUGIN, event.params.data.id, {
-					populate: { platform: { populate: { platformMails: { populate: '*' } } } }
+					populate: { platform: { populate: { platformEmails: { populate: '*' } } } }
 				});
 				if (userToUpdate) {
 					if (event.params.data.activateUser && event.params.data.confirmed && !userToUpdate.confirmMailSend) {
 						await strapi.service(PAGE_BUILDER_EMAIL_PLUGIN).sendMail({
 							// @ts-ignore strapi typings
-							from: userToUpdate.platform.platformMails.accountAcceptedMail.fromEmail,
+							from: userToUpdate.platform.platformEmails.accountAcceptedMail.fromEmail,
 							to: event.params.data.email,
 							// @ts-ignore
-							subject: userToUpdate.platform.platformMails.accountAcceptedMail.subject,
+							subject: userToUpdate.platform.platformEmails.accountAcceptedMail.subject,
 							// @ts-ignore
-							text: userToUpdate.platform.platformMails.accountAcceptedMail.message,
+							text: userToUpdate.platform.platformEmails.accountAcceptedMail.message,
 							firstName: event.params.data.firstName,
 							lastName: event.params.data.lastName
 						});

package/server/content-types/category/schema.json

@@ -1,18 +1,18 @@
 {
-  "kind": "collectionType",
-  "collectionName": "categories",
-  "info": {
-    "singularName": "category",
-    "pluralName": "categories",
-    "displayName": "category"
-  },
-  "options": {
-    "draftAndPublish": false,
-    "comment": ""
-  },
-  "attributes": {
-    "title": {
-      "type": "string"
-    }
-  }
-}
+	"kind": "collectionType",
+	"collectionName": "categories",
+	"info": {
+		"singularName": "category",
+		"pluralName": "categories",
+		"displayName": "category"
+	},
+	"options": {
+		"draftAndPublish": false,
+		"comment": ""
+	},
+	"attributes": {
+		"title": {
+			"type": "string"
+		}
+	}
+}

package/server/graphql/page-by-path.ts

@@ -3,6 +3,7 @@ import { Strapi } from '@strapi/strapi';
 import { PAGE_UID } from '../../shared/utils/constants';
 
 import { ForbiddenError as ApolloForbiddenError } from 'apollo-server-koa';
+import { getConfig } from '../utils/strapi';
 
 const getPageByPath = (strapi: Strapi) => {
 	const typeDefs = () => {
@@ -112,8 +113,11 @@ const getPageByPath = (strapi: Strapi) => {
 		};
 	};
 
+	const pageBuilderConfig = getConfig();
+
 	const resolversConfig = {
 		'Query.getPageByPath': {
+			policies: pageBuilderConfig?.privateContent === true ? ['plugin::page-builder.isAuthorizedForPage'] : [],
 			auth: false
 		}
 	};

package/server/policies/index.ts

@@ -1 +1,5 @@
-export default {};
+import isAuthorizedForPage from './isAuthorizedPage';
+
+export default {
+	isAuthorizedForPage
+};

package/server/policies/isAuthorizedPage.ts

@@ -0,0 +1,11 @@
+const isAuthorizedForPage = (policyContext, _config, { strapi }) => {
+	const pageToken = policyContext.http.request.headers['x-strapi-page-secret'];
+	const pageEnvToken = process.env.STRAPI_PAGE_SECRET;
+
+	if (pageToken && pageEnvToken && pageToken === pageEnvToken) {
+		return true;
+	}
+	return false;
+};
+
+export default isAuthorizedForPage;

package/server/schema/page-end.json

@@ -92,13 +92,13 @@
 			"relation": "oneToOne",
 			"target": "api::platform.platform"
 		},
-    "isPrivate": {
-      "pluginOptions": {
-        "i18n": {
-          "localized": true
-        }
-      },
-      "type": "boolean"
-    }
+		"isPrivate": {
+			"pluginOptions": {
+				"i18n": {
+					"localized": true
+				}
+			},
+			"type": "boolean"
+		}
 	}
 }

package/server/services/email.ts

@@ -43,25 +43,27 @@ export default {
 	},
 	async sendAdminMail(user) {
 		const foundUser = await strapi.entityService.findOne(USER_PERMISSION_USER_PLUGIN, user.id, {
-			populate: { platform: { populate: { platformMails: { populate: '*' } } } }
+			populate: { platform: { populate: { platformEmails: { populate: '*' } } } }
 		});
 		await this.sendMail({
 			// @ts-ignore we all love strapi typings
-			from: foundUser.platform.platformMails.adminEmail.fromEmail,
+			from: foundUser.platform.platformEmails.adminEmail.fromEmail,
 			// @ts-ignore
-			to: foundUser.platform.platformMails.adminEmail.toMail,
+			to: foundUser.platform.platformEmails.adminEmail.toMail,
 			// @ts-ignore
-			subject: foundUser.platform.platformMails.adminEmail.subject,
+			subject: foundUser.platform.platformEmails.adminEmail.subject,
 			// @ts-ignore
-			text: foundUser.platform.platformMails.adminEmail.message,
+			text: foundUser.platform.platformEmails.adminEmail.message,
 			firstName: user.firstName,
 			lastName: user.lastName
 		});
 	},
 	async sendConfirmationEmail(user) {
+		console.log('HALLO');
 		const foundUser = await strapi.entityService.findOne(USER_PERMISSION_USER_PLUGIN, user.id, {
-			populate: { platform: { populate: { platformMails: { populate: '*' } } } }
+			populate: { platform: { populate: { platformEmails: { populate: '*' } } } }
 		});
+		console.log({ foundUser });
 		if (foundUser && foundUser.platform) {
 			const jwtService = strapi.plugin('users-permissions').service('jwt');
 			const confirmationToken = await jwtService.issue(
@@ -78,12 +80,12 @@ export default {
 
 			await this.sendMail({
 				// @ts-ignore
-				from: foundUser.platform.platformMails.accountCreatedMail.fromEmail,
+				from: foundUser.platform.platformEmails.accountCreatedMail.fromEmail,
 				to: user.email,
 				// @ts-ignore
-				subject: foundUser.platform.platformMails.accountCreatedMail.subject,
+				subject: foundUser.platform.platformEmails.accountCreatedMail.subject,
 				// @ts-ignore
-				text: foundUser.platform.platformMails.accountCreatedMail.message,
+				text: foundUser.platform.platformEmails.accountCreatedMail.message,
 				firstName: user.firstName,
 				lastName: user.lastName,
 				confirmationUrl: activateUrl
@@ -107,12 +109,12 @@ export default {
 
 			await this.sendMail({
 				// @ts-ignore
-				from: user.platform.platformMails.resetPasswordMail.fromEmail,
+				from: user.platform.platformEmails.resetPasswordMail.fromEmail,
 				to: user.email,
 				// @ts-ignore
-				subject: user.platform.platformMails.resetPasswordMail.subject,
+				subject: user.platform.platformEmails.resetPasswordMail.subject,
 				// @ts-ignore
-				text: user.platform.platformMails.resetPasswordMail.message,
+				text: user.platform.platformEmails.resetPasswordMail.message,
 				firstName: user.firstName,
 				lastName: user.lastName,
 				confirmationUrl: activateUrl

package/server/services/private-content/components/admin-email.json

@@ -1,23 +1,22 @@
 {
-  "collectionName": "components_internal_admin_emails",
-  "info": {
-    "displayName": "AdminEmail",
-    "description": ""
-  },
-  "options": {},
-  "attributes": {
-    "toMail": {
-      "type": "string"
-    },
-    "fromEmail": {
-      "type": "string"
-    },
-    "subject": {
-      "type": "string"
-    },
-    "message": {
-      "type": "text"
-    }
-  }
+	"collectionName": "components_internal_admin_emails",
+	"info": {
+		"displayName": "AdminEmail",
+		"description": ""
+	},
+	"options": {},
+	"attributes": {
+		"toMail": {
+			"type": "string"
+		},
+		"fromEmail": {
+			"type": "string"
+		},
+		"subject": {
+			"type": "string"
+		},
+		"message": {
+			"type": "text"
+		}
+	}
 }
-

package/server/services/private-content/components/email.json

@@ -1,23 +1,22 @@
 {
-  "collectionName": "components_internal_emails",
-  "info": {
-    "displayName": "email",
-    "description": ""
-  },
-  "options": {},
-  "attributes": {
-    "nameSender": {
-      "type": "string"
-    },
-    "fromEmail": {
-      "type": "string"
-    },
-    "subject": {
-      "type": "string"
-    },
-    "message": {
-      "type": "text"
-    }
-  }
+	"collectionName": "components_internal_emails",
+	"info": {
+		"displayName": "email",
+		"description": ""
+	},
+	"options": {},
+	"attributes": {
+		"nameSender": {
+			"type": "string"
+		},
+		"fromEmail": {
+			"type": "string"
+		},
+		"subject": {
+			"type": "string"
+		},
+		"message": {
+			"type": "text"
+		}
+	}
 }
-

package/server/services/private-content/components/platform-email.json

@@ -1,30 +1,30 @@
 {
-  "collectionName": "components_internal_platform_emails",
-  "info": {
-    "displayName": "PlatformEmail"
-  },
-  "options": {},
-  "attributes": {
-    "resetPasswordMail": {
-      "type": "component",
-      "repeatable": false,
-      "component": "internal.email"
-    },
-    "accountCreatedMail": {
-      "type": "component",
-      "repeatable": false,
-      "component": "internal.email"
-    },
-    "accountAcceptedMail": {
-      "type": "component",
-      "repeatable": false,
-      "component": "internal.email"
-    },
-    "adminEmail": {
-      "displayName": "AdminEmail",
-      "type": "component",
-      "repeatable": false,
-      "component": "internal.admin-email"
-    }
-  }
+	"collectionName": "components_internal_platform_emails",
+	"info": {
+		"displayName": "PlatformEmail"
+	},
+	"options": {},
+	"attributes": {
+		"resetPasswordMail": {
+			"type": "component",
+			"repeatable": false,
+			"component": "internal.email"
+		},
+		"accountCreatedMail": {
+			"type": "component",
+			"repeatable": false,
+			"component": "internal.email"
+		},
+		"accountAcceptedMail": {
+			"type": "component",
+			"repeatable": false,
+			"component": "internal.email"
+		},
+		"adminEmail": {
+			"displayName": "AdminEmail",
+			"type": "component",
+			"repeatable": false,
+			"component": "internal.admin-email"
+		}
+	}
 }

package/server/services/private-content/graphql/resolvers/forgot-password.ts

@@ -10,7 +10,7 @@ export const platformForgotPassword = {
 		const { email, platformId } = args.input;
 
 		const user = await strapi.query(USER_MODEL).findOne({
-			populate: { platform: { populate: { platformMails: { populate: true } } } },
+			populate: { platform: { populate: { platformEmails: { populate: true } } } },
 			where: {
 				email: email.toLowerCase(),
 				platform: {

package/server/services/private-content/graphql/resolvers/register.ts

@@ -6,6 +6,7 @@ const { ApplicationError } = errors;
 
 export const platformRegister = {
 	async resolve(parent, args, context) {
+		console.log('WAAROM LOG JIJ NIKS');
 		const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });
 		const settings: any = await pluginStore.get({ key: 'advanced' });
 
@@ -17,6 +18,8 @@ export const platformRegister = {
 			.query('plugin::users-permissions.role')
 			.findOne({ where: { type: settings.default_role } });
 
+		console.log('dsfjsdds');
+
 		if (!role) {
 			throw new ApplicationError('Impossible to find the default role');
 		}
@@ -59,6 +62,7 @@ export const platformRegister = {
 			auth: false
 		});
 
+		console.log('HALLO MADDERFACKKER');
 		await strapi.service('plugin::page-builder.email').sendConfirmationEmail(createdUser);
 
 		return {

package/dist/server/services/constants/customUserConstants.js

@@ -1,16 +0,0 @@
-"use strict";
-var _a;
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ACTIONS = exports.CONTENT_ENTITY_MANAGER = exports.USER_ROLE = exports.USER_CONTENT_MANAGER = exports.USER_MODEL = exports.CREATED_BY_ATTRIBUTE = exports.UPDATED_BY_ATTRIBUTE = void 0;
-const utils_1 = require("@strapi/utils");
-_a = utils_1.contentTypes.constants, exports.UPDATED_BY_ATTRIBUTE = _a.UPDATED_BY_ATTRIBUTE, exports.CREATED_BY_ATTRIBUTE = _a.CREATED_BY_ATTRIBUTE;
-exports.USER_MODEL = 'plugin::users-permissions.user';
-exports.USER_CONTENT_MANAGER = 'plugin::users-permissions.contentmanageruser';
-exports.USER_ROLE = 'plugin::users-permissions.role';
-exports.CONTENT_ENTITY_MANAGER = 'plugin::content-manager.entity-manager';
-exports.ACTIONS = {
-    read: 'plugin::content-manager.explorer.read',
-    create: 'plugin::content-manager.explorer.create',
-    edit: 'plugin::content-manager.explorer.update',
-    delete: 'plugin::content-manager.explorer.delete'
-};

package/dist/server/services/custom-user.js

@@ -1,161 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const pluginId_1 = __importDefault(require("../../admin/src/pluginId"));
-const toString_1 = __importDefault(require("lodash/toString"));
-const has_1 = __importDefault(require("lodash/has"));
-const omit_1 = __importDefault(require("lodash/omit"));
-const utils_1 = require("@strapi/utils");
-const customUserConstants_1 = require("./constants/customUserConstants");
-const { ApplicationError, ValidationError, NotFoundError, ForbiddenError } = utils_1.errors;
-exports.default = {
-    async createCustomUsers() {
-        const config = this.getConfig();
-        const customNPOUser = config === null || config === void 0 ? void 0 : config.customNPOUser;
-        if (customNPOUser) {
-            await this.createNPOUsers();
-            await this.customNPOUserControllers();
-        }
-    },
-    async createNPOUsers() {
-        const contentTypeName = await strapi.contentType(customUserConstants_1.USER_MODEL);
-        contentTypeName.attributes = {
-            // Spread previous defined attributes
-            ...contentTypeName.attributes,
-            // Add new, or override attributes
-            platform: {
-                type: 'relation',
-                relation: 'oneToOne',
-                target: 'api::platform.platform',
-                required: true
-            },
-            firstName: {
-                type: 'string'
-            },
-            lastName: {
-                type: 'string'
-            },
-            company: {
-                type: 'string'
-            },
-            jobTitle: {
-                type: 'string'
-            },
-            address: {
-                type: 'string'
-            },
-            postalCode: {
-                type: 'string'
-            },
-            city: {
-                type: 'string'
-            },
-            country: {
-                type: 'string'
-            },
-            phone: {
-                type: 'string'
-            },
-            categories: {
-                type: 'relation',
-                relation: 'oneToMany',
-                target: 'api::category.category'
-            }
-        };
-        delete contentTypeName.attributes.username;
-    },
-    async findEntityAndCheckPermissions(ability, action, model, id) {
-        const entity = await strapi.query(customUserConstants_1.USER_MODEL).findOne({
-            where: { id },
-            populate: [`${customUserConstants_1.CREATED_BY_ATTRIBUTE}.roles`, 'platform']
-        });
-        if (!entity) {
-            throw new NotFoundError();
-        }
-        const pm = strapi.admin.services.permission.createPermissionsManager({ ability, action, model });
-        if (pm.ability.cannot(pm.action, pm.toSubject(entity))) {
-            throw new ForbiddenError();
-        }
-        const entityWithoutCreatorRoles = (0, omit_1.default)(entity, `${customUserConstants_1.CREATED_BY_ATTRIBUTE}.roles`);
-        return { pm, entity: entityWithoutCreatorRoles };
-    },
-    customNPOUserControllers() {
-        const contentController = strapi.controller(customUserConstants_1.USER_CONTENT_MANAGER);
-        contentController.create = async (ctx) => {
-            var _a;
-            const { body } = ctx.request;
-            const { user: admin, userAbility } = ctx.state;
-            const { email } = body;
-            const platformId = body.platform.connect[0].id;
-            const pm = (_a = strapi === null || strapi === void 0 ? void 0 : strapi.admin) === null || _a === void 0 ? void 0 : _a.services.permission.createPermissionsManager({
-                ability: userAbility,
-                action: customUserConstants_1.ACTIONS.create,
-                model: customUserConstants_1.USER_MODEL
-            });
-            if (!pm.isAllowed) {
-                return ctx.forbidden();
-            }
-            const sanitizedBody = await pm.pickPermittedFieldsOf(body, { subject: customUserConstants_1.USER_MODEL });
-            const userWithSameEmail = await strapi.query(customUserConstants_1.USER_MODEL).findOne({
-                where: { $and: [{ email: email.toLowerCase() }, { platform: { id: platformId } }] }
-            });
-            if (userWithSameEmail) {
-                throw new ApplicationError('Email already taken');
-            }
-            const user = {
-                ...sanitizedBody,
-                provider: 'local',
-                [customUserConstants_1.CREATED_BY_ATTRIBUTE]: admin.id,
-                [customUserConstants_1.UPDATED_BY_ATTRIBUTE]: admin.id
-            };
-            user.email = user.email.toLowerCase();
-            const advanced = await (strapi === null || strapi === void 0 ? void 0 : strapi.store({ type: 'plugin', name: 'users-permissions', key: 'advanced' }).get({}));
-            if (user.role.connect.length === 0) {
-                //@ts-ignore strapi types...
-                const defaultRole = await strapi.query(customUserConstants_1.USER_ROLE).findOne({ where: { type: advanced.default_role } });
-                user.role = defaultRole.id;
-            }
-            try {
-                const data = await strapi.service(customUserConstants_1.CONTENT_ENTITY_MANAGER).create(user, customUserConstants_1.USER_MODEL);
-                const sanitizedData = await pm.sanitizeOutput(data, { action: customUserConstants_1.ACTIONS.read });
-                ctx.created(sanitizedData);
-            }
-            catch (error) {
-                throw new ApplicationError(error.message);
-            }
-        };
-        contentController.update = async (ctx) => {
-            const { id } = ctx.params;
-            const { body } = ctx.request;
-            const { user: admin, userAbility } = ctx.state;
-            const { email, password } = body;
-            const { pm, entity } = await this.findEntityAndCheckPermissions(userAbility, customUserConstants_1.ACTIONS.edit, customUserConstants_1.USER_MODEL, id);
-            const user = entity;
-            const platformId = body.platform.connect.length > 0 ? body.platform.connect[0].id : entity.platform.id;
-            if ((0, has_1.default)(body, 'password') && !password && user.provider === 'local') {
-                throw new ValidationError('password.notNull');
-            }
-            //@ts-ignore
-            if ((0, has_1.default)(body, 'email')) {
-                const userWithSameEmail = await strapi
-                    .query(customUserConstants_1.USER_MODEL)
-                    .findOne({ where: { $and: [{ email: email.toLowerCase() }, { platform: { id: platformId } }] } });
-                if (userWithSameEmail && (0, toString_1.default)(userWithSameEmail.id) !== (0, toString_1.default)(id)) {
-                    throw new ApplicationError('Email already taken');
-                }
-                body.email = body.email.toLowerCase();
-            }
-            const sanitizedData = await pm.pickPermittedFieldsOf(body, { subject: pm.toSubject(user) });
-            const updateData = (0, omit_1.default)({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');
-            const data = await strapi
-                .service('plugin::content-manager.entity-manager')
-                .update({ id }, updateData, customUserConstants_1.USER_MODEL);
-            ctx.body = await pm.sanitizeOutput(data, { action: customUserConstants_1.ACTIONS.read });
-        };
-    },
-    getConfig() {
-        return strapi.config.get(`plugin.${pluginId_1.default}`);
-    }
-};

package/dist/server/services/private-content/email.js

@@ -1,3 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = {};