@webbio/strapi-plugin-page-builder 0.9.7-platform → 0.9.8-authentication

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@webbio/strapi-plugin-page-builder",
-	"version": "0.9.7-platform",
+	"version": "0.9.8-authentication",
 	"description": "This is the description of the plugin.",
 	"scripts": {
 		"develop": "tsc -p tsconfig.server.json -w",
@@ -20,14 +20,20 @@
 		"url": "https://github.com/webbio/strapi-plugin-page-builder.git"
 	},
 	"dependencies": {
+		"@aws-sdk/client-ses": "^3.485.0",
 		"@mantine/hooks": "^7.2.2",
 		"@strapi/design-system": "^1.11.0",
 		"@strapi/helper-plugin": "^4.15.0",
 		"@strapi/icons": "^1.11.0",
+		"@strapi/provider-email-amazon-ses": "^4.16.2",
 		"@strapi/typescript-utils": "^4.15.0",
 		"@strapi/utils": "^4.15.0",
+		"add": "^2.0.6",
+		"aws-sdk": "^2.1528.0",
+		"handlebars": "^4.7.8",
 		"react-select": "^5.7.4",
-		"slugify": "^1.6.6"
+		"slugify": "^1.6.6",
+		"yarn": "^1.22.21"
 	},
 	"devDependencies": {
 		"@types/react": "^18.2.21",
@@ -42,7 +48,7 @@
 	},
 	"peerDependencies": {
 		"@strapi/strapi": "^4.15.0",
-		"@webbio/strapi-plugin-slug": "^3.0.0",
+		"@webbio/strapi-plugin-slug": "^3.0.1",
 		"react": "^17.0.0 || ^18.0.0",
 		"react-dom": "^17.0.0 || ^18.0.0",
 		"react-router-dom": "^5.3.4",

package/server/bootstrap.ts

@@ -1,6 +1,12 @@
 import { Common, Strapi } from '@strapi/strapi';
 import { errors } from '@strapi/utils';
-import { PAGE_TYPE_UID, PAGE_UID, PLATFORM_UID } from '../shared/utils/constants';
+import {
+	PAGE_BUILDER_EMAIL_PLUGIN,
+	PAGE_TYPE_UID,
+	PAGE_UID,
+	PLATFORM_UID,
+	USER_PERMISSION_USER_PLUGIN
+} from '../shared/utils/constants';
 import permissions from './bootstrap/permissions';
 import collectionTypeLifecycles from './bootstrap/collection-type-lifecycles';
 
@@ -20,6 +26,38 @@ export default async ({ strapi }: { strapi: Strapi }) => {
 		return data;
 	};
 
+	const plugin = strapi.plugin('users-permissions');
+
+	plugin.services.user.fetchAuthenticatedUser = async (id: any) => {
+		return strapi.query('plugin::users-permissions.user').findOne({ where: { id }, populate: ['role', 'platform'] });
+	};
+
+	strapi.db?.lifecycles.subscribe({
+		models: [USER_PERMISSION_USER_PLUGIN],
+		async beforeUpdate(event) {
+			if (event.params.data.id) {
+				const userToUpdate = await strapi.entityService?.findOne(USER_PERMISSION_USER_PLUGIN, event.params.data.id, {
+					populate: { platform: { populate: { platformMails: { populate: '*' } } } }
+				});
+				if (userToUpdate) {
+					if (event.params.data.activateUser && event.params.data.confirmed && !userToUpdate.confirmMailSend) {
+						await strapi.service(PAGE_BUILDER_EMAIL_PLUGIN).sendMail({
+							// @ts-ignore strapi typings
+							from: userToUpdate.platform.platformMails.accountAcceptedMail.fromEmail,
+							to: event.params.data.email,
+							// @ts-ignore
+							subject: userToUpdate.platform.platformMails.accountAcceptedMail.subject,
+							// @ts-ignore
+							text: userToUpdate.platform.platformMails.accountAcceptedMail.message,
+							firstName: event.params.data.firstName,
+							lastName: event.params.data.lastName
+						});
+					}
+				}
+			}
+		}
+	});
+
 	strapi.db?.lifecycles.subscribe({
 		// @ts-ignore
 		models: [PAGE_UID],

package/server/controllers/index.ts

@@ -3,11 +3,13 @@ import pageType from './page-type';
 import collectionTypes from './collection-types';
 import template from './template';
 import platform from './platform';
+import privateContent from './private-content';
 
 export default {
 	page,
 	'page-type': pageType,
 	'collection-types': collectionTypes,
 	template,
-	platform
+	platform,
+	'private-content': privateContent
 };

package/server/controllers/private-content.ts

@@ -0,0 +1,10 @@
+import { Strapi } from '@strapi/strapi';
+
+export default {
+	activateUser(ctx) {
+		return (strapi as Strapi).service('plugin::page-builder.private-content').activateUser(ctx.params.token);
+	},
+	removeInactiveUsers(ctx) {
+		return (strapi as Strapi).service('plugin::page-builder.private-content').removeInactiveUsers();
+	}
+};

package/server/graphql/page-by-path.ts

@@ -2,6 +2,8 @@ import { Strapi } from '@strapi/strapi';
 
 import { PAGE_UID } from '../../shared/utils/constants';
 
+import { ForbiddenError as ApolloForbiddenError } from 'apollo-server-koa';
+
 const getPageByPath = (strapi: Strapi) => {
 	const typeDefs = () => {
 		return `
@@ -34,7 +36,6 @@ const getPageByPath = (strapi: Strapi) => {
 							};
 
 							const { toEntityResponse } = strapi.plugin('graphql').service('format').returnTypes;
-
 							const getPage = async () => {
 								const transformedArgs = transformArgs(filteredArgs, {
 									contentType: strapi.contentTypes[PAGE_UID],
@@ -75,7 +76,28 @@ const getPageByPath = (strapi: Strapi) => {
 							const results: Record<string, any> = await getPage();
 
 							if (Object.values(results)?.filter(Boolean).length > 0) {
-								return results;
+								if (!results?.platform?.isPrivate && !results.isPrivate) {
+									return results;
+								}
+								if (
+									(results?.platform?.isPrivate === true && ctx.koaContext.req.headers.authorization) ||
+									(results?.isPrivate === true && ctx.koaContext.req.headers.authorization)
+								) {
+									const auth = ctx.koaContext.req.headers.authorization;
+									const token = auth.split(' ');
+
+									const jwtService = strapi.plugin('users-permissions').service('jwt');
+									const decodedToken = await jwtService.verify(token[1]);
+									if (decodedToken) {
+										const user = ctx.state.user;
+
+										if (user?.platform?.id === results?.platform?.id) {
+											return results;
+										}
+									}
+								}
+
+								return new ApolloForbiddenError('Forbidden access');
 							} else {
 								throw new Error(ctx.koaContext.response.message);
 							}

package/server/register.ts

@@ -16,6 +16,20 @@ export default async ({ strapi }: { strapi: Strapi }) => {
 	extensionService.use(pageType);
 	extensionService.use(getPageByPath(strapi));
 	extensionService.use(getPageInfoFromUID(strapi));
+	extensionService.shadowCRUD('api::page.page').disableActions(['find', 'findOne']);
+
+	// const contentTypeName = await strapi.contentType('plugin::users-permissions.user');
+	// contentTypeName.attributes = {
+	// 	// Spread previous defined attributes
+	// 	...contentTypeName.attributes,
+	// 	// Add new, or override attributes
+	// 	platform: {
+	// 		type: 'relation',
+	// 		relation: 'oneToOne',
+	// 		target: 'api::platform.platform'
+	// 	}
+	// };
 
 	await strapi.services?.['plugin::page-builder.builder']?.buildContentTypes();
+	await strapi.service('plugin::page-builder.private-content').enablePrivateContent();
 };

package/server/routes/index.ts

@@ -1,4 +1,21 @@
 const routes = {
+	'private-content': {
+		type: 'content-api',
+		prefix: undefined,
+		routes: [
+			{
+				method: 'POST',
+				path: '/activate/:token',
+				handler: 'private-content.activateUser',
+				config: { policies: [], auth: false }
+			},
+			{
+				method: 'POST',
+				path: '/removeInactiveUsers',
+				handler: 'private-content.removeInactiveUsers'
+			}
+		]
+	},
 	'page-type': {
 		type: 'admin',
 		prefix: undefined,

package/server/schema/page-end.json

@@ -91,6 +91,14 @@
 			"type": "relation",
 			"relation": "oneToOne",
 			"target": "api::platform.platform"
-		}
+		},
+    "isPrivate": {
+      "pluginOptions": {
+        "i18n": {
+          "localized": true
+        }
+      },
+      "type": "boolean"
+    }
 	}
 }

package/server/services/builder.ts

@@ -11,10 +11,16 @@ import pageTypeEnd from '../schema/page-type-end.json';
 import templateStart from '../schema/template-start.json';
 import templateEnd from '../schema/template-end.json';
 import platformStart from '../schema/platform-start.json';
+import email from './private-content/components/email.json';
+import platformEmail from './private-content/components/platform-email.json';
+import adminEmail from './private-content/components/admin-email.json';
 
 const UIDS: Common.UID.ContentType[] = [TEMPLATE_UID, PAGE_TYPE_UID, PLATFORM_UID, PAGE_UID];
 
 export default {
+	async buildComponents() {
+		await this.createEmailComponents();
+	},
 	async buildContentTypes() {
 		this.listenToCreatedContentTypes();
 
@@ -29,7 +35,83 @@ export default {
 			}
 		});
 	},
-
+	async createEmailComponents() {
+		const foundEmailComponent = strapi.components['internal.email'];
+		const foundAdminEmail = strapi.components['internal.admin-email'];
+		const foundPlatformEmail = strapi.components['internal.platform-email'];
+
+		if (!foundAdminEmail && !foundEmailComponent && !foundPlatformEmail) {
+			try {
+				const res = await strapi.plugin('content-type-builder').services.components.createComponent({
+					component: {
+						category: 'internal',
+						displayName: platformEmail.info.displayName,
+						attributes: platformEmail.attributes
+					},
+					components: [
+						{
+							tmpUID: 'internal.email',
+							category: 'internal',
+							displayName: email.info.displayName,
+							attributes: email.attributes
+						},
+						{
+							tmpUID: 'internal.admin-email',
+							category: 'internal',
+							displayName: adminEmail.info.displayName,
+							attributes: adminEmail.attributes
+						}
+					]
+				});
+				return res;
+			} catch (error) {
+				console.log(error);
+			}
+		}
+	},
+	async createEmailComponent() {
+		try {
+			const res = await strapi.plugin('content-type-builder').services.components.createComponent({
+				component: {
+					category: 'internal',
+					displayName: email.info.displayName,
+					attributes: email.attributes
+				}
+			});
+			return res;
+		} catch (error) {
+			console.log(error);
+		}
+	},
+	async createPlatformEmail() {
+		try {
+			const res = await strapi.plugin('content-type-builder').services.components.createComponent({
+				component: {
+					category: 'internal',
+					displayName: platformEmail.info.displayName,
+					attributes: platformEmail.attributes
+				}
+			});
+			return res;
+		} catch (error) {
+			console.log(error);
+		}
+	},
+	async createAdminEmail() {
+		try {
+			const res = await strapi.plugin('content-type-builder').services.components.createComponent({
+				component: {
+					category: 'internal',
+					displayName: adminEmail.info.displayName,
+					attributes: adminEmail.attributes
+				}
+			});
+			console.log(res);
+			return res;
+		} catch (error) {
+			console.log(error);
+		}
+	},
 	async createContentTypes() {
 		const newContentTypes = UIDS.filter((c) => !Boolean(strapi.contentType(c)))
 			.map((c) => this.getContentType(c)?.create)

package/server/services/email.ts

@@ -0,0 +1,122 @@
+import * as AWS from '@aws-sdk/client-ses';
+import { txtEmail } from './private-content/mail-template/txtMail.email.template.text';
+import { USER_PERMISSION_USER_PLUGIN } from '../../shared/utils/constants';
+
+interface SendOptions {
+	from: string;
+	to: string;
+	subject: string;
+	text: string;
+	firstName: string;
+	lastName: string;
+	confirmationUrl?: string;
+}
+
+export default {
+	async sendMail(options: SendOptions) {
+		const { from, to, subject, text, firstName, lastName, confirmationUrl } = options;
+		const emailData = txtEmail({
+			email: to,
+			firstName: firstName,
+			lastName: lastName,
+			text: text,
+			confirmationUrl: confirmationUrl
+		});
+
+		try {
+			const client = new AWS.SES();
+			await client.sendEmail({
+				Source: from,
+				Destination: {
+					ToAddresses: [to]
+				},
+				Message: {
+					Subject: { Data: subject },
+					Body: {
+						Text: { Data: emailData }
+					}
+				}
+			});
+		} catch (error) {
+			console.error(error);
+		}
+	},
+	async sendAdminMail(user) {
+		const foundUser = await strapi.entityService.findOne(USER_PERMISSION_USER_PLUGIN, user.id, {
+			populate: { platform: { populate: { platformMails: { populate: '*' } } } }
+		});
+		await this.sendMail({
+			// @ts-ignore we all love strapi typings
+			from: foundUser.platform.platformMails.adminEmail.fromEmail,
+			// @ts-ignore
+			to: foundUser.platform.platformMails.adminEmail.toMail,
+			// @ts-ignore
+			subject: foundUser.platform.platformMails.adminEmail.subject,
+			// @ts-ignore
+			text: foundUser.platform.platformMails.adminEmail.message,
+			firstName: user.firstName,
+			lastName: user.lastName
+		});
+	},
+	async sendConfirmationEmail(user) {
+		const foundUser = await strapi.entityService.findOne(USER_PERMISSION_USER_PLUGIN, user.id, {
+			populate: { platform: { populate: { platformMails: { populate: '*' } } } }
+		});
+		if (foundUser && foundUser.platform) {
+			const jwtService = strapi.plugin('users-permissions').service('jwt');
+			const confirmationToken = await jwtService.issue(
+				// @ts-ignore
+				{ userId: user.id, platformId: foundUser.platform.id },
+				{ expiresIn: '1d' }
+			);
+			await strapi.entityService.update(USER_PERMISSION_USER_PLUGIN, user.id, {
+				// @ts-ignore
+				data: { confirmationToken: confirmationToken }
+			});
+			// @ts-ignore
+			const activateUrl = `${foundUser.platform.domain}/api/page-builder/activate/${confirmationToken}`;
+
+			await this.sendMail({
+				// @ts-ignore
+				from: foundUser.platform.platformMails.accountCreatedMail.fromEmail,
+				to: user.email,
+				// @ts-ignore
+				subject: foundUser.platform.platformMails.accountCreatedMail.subject,
+				// @ts-ignore
+				text: foundUser.platform.platformMails.accountCreatedMail.message,
+				firstName: user.firstName,
+				lastName: user.lastName,
+				confirmationUrl: activateUrl
+			});
+		}
+	},
+	async sendForgotPasswordMail(user) {
+		if (user && user.platform) {
+			const jwtService = strapi.plugin('users-permissions').service('jwt');
+
+			const resetPasswordToken = await jwtService.issue(
+				{ userId: user.id, platformId: user.platform.id },
+				{ expiresIn: '1d' }
+			);
+			await strapi.entityService.update(USER_PERMISSION_USER_PLUGIN, user.id, {
+				// @ts-ignore
+				data: { resetPasswordToken }
+			});
+
+			const activateUrl = `${user.platform.domain}/api/page-builder/reset/${resetPasswordToken}`;
+
+			await this.sendMail({
+				// @ts-ignore
+				from: user.platform.platformMails.resetPasswordMail.fromEmail,
+				to: user.email,
+				// @ts-ignore
+				subject: user.platform.platformMails.resetPasswordMail.subject,
+				// @ts-ignore
+				text: user.platform.platformMails.resetPasswordMail.message,
+				firstName: user.firstName,
+				lastName: user.lastName,
+				confirmationUrl: activateUrl
+			});
+		}
+	}
+};

package/server/services/index.ts

@@ -4,6 +4,8 @@ import pageType from './page-type';
 import collectionTypes from './collection-types';
 import template from './template';
 import platform from './platform';
+import email from './email';
+import privateContent from './private-content';
 
 export default {
 	page,
@@ -11,5 +13,7 @@ export default {
 	'page-type': pageType,
 	'collection-types': collectionTypes,
 	template,
-	platform
+	platform,
+	email,
+	'private-content': privateContent
 };

package/server/services/private-content/components/admin-email.json

@@ -0,0 +1,23 @@
+{
+  "collectionName": "components_internal_admin_emails",
+  "info": {
+    "displayName": "AdminEmail",
+    "description": ""
+  },
+  "options": {},
+  "attributes": {
+    "toMail": {
+      "type": "string"
+    },
+    "fromEmail": {
+      "type": "string"
+    },
+    "subject": {
+      "type": "string"
+    },
+    "message": {
+      "type": "text"
+    }
+  }
+}
+

package/server/services/private-content/components/email.json

@@ -0,0 +1,23 @@
+{
+  "collectionName": "components_internal_emails",
+  "info": {
+    "displayName": "email",
+    "description": ""
+  },
+  "options": {},
+  "attributes": {
+    "nameSender": {
+      "type": "string"
+    },
+    "fromEmail": {
+      "type": "string"
+    },
+    "subject": {
+      "type": "string"
+    },
+    "message": {
+      "type": "text"
+    }
+  }
+}
+

package/server/services/private-content/components/platform-email.json

@@ -0,0 +1,30 @@
+{
+  "collectionName": "components_internal_platform_emails",
+  "info": {
+    "displayName": "PlatformEmail"
+  },
+  "options": {},
+  "attributes": {
+    "resetPasswordMail": {
+      "type": "component",
+      "repeatable": false,
+      "component": "internal.email"
+    },
+    "accountCreatedMail": {
+      "type": "component",
+      "repeatable": false,
+      "component": "internal.email"
+    },
+    "accountAcceptedMail": {
+      "type": "component",
+      "repeatable": false,
+      "component": "internal.email"
+    },
+    "adminEmail": {
+      "displayName": "AdminEmail",
+      "type": "component",
+      "repeatable": false,
+      "component": "internal.admin-email"
+    }
+  }
+}

package/server/services/private-content/constants/index.ts

@@ -0,0 +1,13 @@
+import { contentTypes as contentTypesUtils } from '@strapi/utils';
+export const { UPDATED_BY_ATTRIBUTE, CREATED_BY_ATTRIBUTE } = contentTypesUtils.constants;
+
+export const USER_MODEL = 'plugin::users-permissions.user';
+export const USER_CONTENT_MANAGER = 'plugin::users-permissions.contentmanageruser';
+export const USER_ROLE = 'plugin::users-permissions.role';
+export const CONTENT_ENTITY_MANAGER = 'plugin::content-manager.entity-manager';
+export const ACTIONS = {
+	read: 'plugin::content-manager.explorer.read',
+	create: 'plugin::content-manager.explorer.create',
+	edit: 'plugin::content-manager.explorer.update',
+	delete: 'plugin::content-manager.explorer.delete'
+};

package/server/services/private-content/graphql/index.ts

@@ -0,0 +1,88 @@
+import {
+	ForgotPasswordInput,
+	ForgotPasswordResponse,
+	LoginInput,
+	LoginResponse,
+	Mutations,
+	Queries,
+	RegisterInput,
+	RegisterResponse,
+	ResetPasswordInput,
+	ResetPasswordResponse,
+	User
+} from './types';
+import { platformRegister } from './resolvers/register';
+import { platformLogin } from './resolvers/login';
+import { platformForgotPassword } from './resolvers/forgot-password';
+import { platformResetPassword } from './resolvers/reset-password';
+import { page } from './resolvers/findOnePage';
+import { pages } from './resolvers/findPage';
+
+export const extendGraphQL = () => {
+	const extensionService = strapi.plugin('graphql').service('extension');
+
+	const extension = () => ({
+		typeDefs: `
+			${RegisterInput}
+
+      ${LoginInput}
+
+			${RegisterResponse}
+
+			${LoginResponse}
+
+			${User}
+
+			${Mutations}
+
+			${ForgotPasswordInput}
+
+			${ForgotPasswordResponse}
+
+			${ResetPasswordInput}
+
+			${ResetPasswordResponse}
+
+			${ResetPasswordInput}
+
+			${ResetPasswordResponse}
+
+			${Queries}
+
+      `,
+		resolvers: {
+			Query: {
+				page,
+				pages
+			},
+			Mutation: {
+				platformLogin,
+				platformRegister,
+				platformForgotPassword,
+				platformResetPassword
+			}
+		},
+		resolversConfig: {
+			'Mutation.platformLogin': {
+				auth: false
+			},
+			'Mutation.platformRegister': {
+				auth: false
+			},
+			'Mutation.platformForgotPassword': {
+				auth: false
+			},
+			'Mutation.platformResetPassword': {
+				auth: false
+			},
+			'Query.page': {
+				auth: false
+			},
+			'Query.pages': {
+				auth: false
+			}
+		}
+	});
+
+	extensionService.use(extension);
+};