@webbio/strapi-plugin-page-builder 0.9.9-platform → 0.9.11-authentication
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +30 -0
- package/admin/src/components/EditView/CollectionTypeSearch/index.tsx +1 -1
- package/admin/src/components/GlobalPlatformSelect/styles.ts +1 -1
- package/admin/src/utils/hooks/usePlatformFormData.ts +6 -10
- package/dist/package.json +9 -3
- package/dist/server/bootstrap.js +31 -1
- package/dist/server/content-types/category/schema.json +18 -0
- package/dist/server/content-types/index.js +9 -1
- package/dist/server/controllers/index.js +3 -1
- package/dist/server/controllers/private-content.js +10 -0
- package/dist/server/graphql/page-by-path.js +22 -2
- package/dist/server/policies/index.js +7 -1
- package/dist/server/policies/isAuthorizedPage.js +11 -0
- package/dist/server/register.js +13 -0
- package/dist/server/routes/index.js +17 -0
- package/dist/server/schema/page-end.json +8 -0
- package/dist/server/schema/platform-start.json +8 -0
- package/dist/server/services/builder.js +86 -0
- package/dist/server/services/constants/customUserConstants.js +16 -0
- package/dist/server/services/custom-user.js +161 -0
- package/dist/server/services/email.js +127 -0
- package/dist/server/services/index.js +5 -1
- package/dist/server/services/private-content/auth.js +0 -0
- package/dist/server/services/private-content/components/admin-email.json +22 -0
- package/dist/server/services/private-content/components/email.json +22 -0
- package/dist/server/services/private-content/components/platform-email.json +30 -0
- package/dist/server/services/private-content/constants/index.js +16 -0
- package/dist/server/services/private-content/email.js +3 -0
- package/dist/server/services/private-content/graphql/index.js +77 -0
- package/dist/server/services/private-content/graphql/resolvers/findOnePage.js +40 -0
- package/dist/server/services/private-content/graphql/resolvers/findPage.js +43 -0
- package/dist/server/services/private-content/graphql/resolvers/forgot-password.js +26 -0
- package/dist/server/services/private-content/graphql/resolvers/login.js +44 -0
- package/dist/server/services/private-content/graphql/resolvers/register.js +60 -0
- package/dist/server/services/private-content/graphql/resolvers/reset-password.js +41 -0
- package/dist/server/services/private-content/graphql/types/index.js +91 -0
- package/dist/server/services/private-content/graphql.js +128 -0
- package/dist/server/services/private-content/hash.js +0 -0
- package/dist/server/services/private-content/index.js +81 -0
- package/dist/server/services/private-content/mail-template/txtMail.email.template.text.js +12 -0
- package/dist/server/services/private-content/mail-template/txtMail.interface.js +2 -0
- package/dist/server/services/private-content/page.js +17 -0
- package/dist/server/services/private-content/platform.js +17 -0
- package/dist/server/services/private-content/schemas/index.js +30 -0
- package/dist/server/services/private-content/user.js +159 -0
- package/dist/server/utils/strapi.js +9 -1
- package/dist/shared/utils/constants.js +3 -1
- package/dist/tsconfig.server.tsbuildinfo +1 -1
- package/package.json +9 -3
- package/server/bootstrap.ts +39 -1
- package/server/content-types/category/schema.json +18 -0
- package/server/content-types/index.ts +7 -1
- package/server/controllers/index.ts +3 -1
- package/server/controllers/private-content.ts +10 -0
- package/server/graphql/page-by-path.ts +28 -2
- package/server/policies/index.ts +5 -1
- package/server/policies/isAuthorizedPage.ts +11 -0
- package/server/register.ts +14 -0
- package/server/routes/index.ts +17 -0
- package/server/schema/page-end.json +8 -0
- package/server/schema/platform-start.json +8 -0
- package/server/services/builder.ts +83 -1
- package/server/services/email.ts +122 -0
- package/server/services/index.ts +5 -1
- package/server/services/private-content/components/admin-email.json +22 -0
- package/server/services/private-content/components/email.json +22 -0
- package/server/services/private-content/components/platform-email.json +30 -0
- package/server/services/private-content/constants/index.ts +13 -0
- package/server/services/private-content/graphql/index.ts +88 -0
- package/server/services/private-content/graphql/resolvers/findOnePage.ts +40 -0
- package/server/services/private-content/graphql/resolvers/findPage.ts +45 -0
- package/server/services/private-content/graphql/resolvers/forgot-password.ts +26 -0
- package/server/services/private-content/graphql/resolvers/login.ts +51 -0
- package/server/services/private-content/graphql/resolvers/register.ts +68 -0
- package/server/services/private-content/graphql/resolvers/reset-password.ts +44 -0
- package/server/services/private-content/graphql/types/index.ts +98 -0
- package/server/services/private-content/index.ts +84 -0
- package/server/services/private-content/mail-template/txtMail.email.template.text.ts +7 -0
- package/server/services/private-content/mail-template/txtMail.interface.ts +7 -0
- package/server/services/private-content/page.ts +14 -0
- package/server/services/private-content/platform.ts +14 -0
- package/server/services/private-content/schemas/index.ts +28 -0
- package/server/services/private-content/user.ts +187 -0
- package/server/utils/strapi.ts +5 -0
- package/shared/utils/constants.ts +2 -0
|
@@ -0,0 +1,187 @@
|
|
|
1
|
+
import toString from 'lodash/toString';
|
|
2
|
+
import has from 'lodash/has';
|
|
3
|
+
import omit from 'lodash/omit';
|
|
4
|
+
import { errors } from '@strapi/utils';
|
|
5
|
+
import {
|
|
6
|
+
ACTIONS,
|
|
7
|
+
CONTENT_ENTITY_MANAGER,
|
|
8
|
+
CREATED_BY_ATTRIBUTE,
|
|
9
|
+
UPDATED_BY_ATTRIBUTE,
|
|
10
|
+
USER_CONTENT_MANAGER,
|
|
11
|
+
USER_MODEL,
|
|
12
|
+
USER_ROLE
|
|
13
|
+
} from './constants';
|
|
14
|
+
|
|
15
|
+
const { ApplicationError, ValidationError, NotFoundError, ForbiddenError } = errors;
|
|
16
|
+
|
|
17
|
+
export const extendUser = () => {
|
|
18
|
+
const userContentType = strapi.contentType(USER_MODEL);
|
|
19
|
+
userContentType.attributes = {
|
|
20
|
+
// Spread previous defined attributes
|
|
21
|
+
...userContentType.attributes,
|
|
22
|
+
// Add new, or override attributes
|
|
23
|
+
platform: {
|
|
24
|
+
type: 'relation',
|
|
25
|
+
relation: 'oneToOne',
|
|
26
|
+
target: 'api::platform.platform',
|
|
27
|
+
required: true
|
|
28
|
+
},
|
|
29
|
+
firstName: {
|
|
30
|
+
type: 'string'
|
|
31
|
+
},
|
|
32
|
+
lastName: {
|
|
33
|
+
type: 'string'
|
|
34
|
+
},
|
|
35
|
+
company: {
|
|
36
|
+
type: 'string'
|
|
37
|
+
},
|
|
38
|
+
jobTitle: {
|
|
39
|
+
type: 'string'
|
|
40
|
+
},
|
|
41
|
+
address: {
|
|
42
|
+
type: 'string'
|
|
43
|
+
},
|
|
44
|
+
postalCode: {
|
|
45
|
+
type: 'string'
|
|
46
|
+
},
|
|
47
|
+
city: {
|
|
48
|
+
type: 'string'
|
|
49
|
+
},
|
|
50
|
+
country: {
|
|
51
|
+
type: 'string'
|
|
52
|
+
},
|
|
53
|
+
phone: {
|
|
54
|
+
type: 'string'
|
|
55
|
+
},
|
|
56
|
+
activateUser: {
|
|
57
|
+
type: 'boolean',
|
|
58
|
+
default: false
|
|
59
|
+
},
|
|
60
|
+
categories: {
|
|
61
|
+
type: 'relation',
|
|
62
|
+
relation: 'oneToMany',
|
|
63
|
+
target: 'plugin::page-builder.category'
|
|
64
|
+
},
|
|
65
|
+
confirmMailSend: {
|
|
66
|
+
type: 'boolean',
|
|
67
|
+
private: true,
|
|
68
|
+
writable: false,
|
|
69
|
+
visible: false,
|
|
70
|
+
default: false
|
|
71
|
+
}
|
|
72
|
+
};
|
|
73
|
+
delete userContentType.attributes.username;
|
|
74
|
+
};
|
|
75
|
+
|
|
76
|
+
export const extendControllers = () => {
|
|
77
|
+
const contentController = strapi.controller(USER_CONTENT_MANAGER);
|
|
78
|
+
contentController.create = async (ctx: any) => {
|
|
79
|
+
const { body } = ctx.request;
|
|
80
|
+
const { user: admin, userAbility } = ctx.state;
|
|
81
|
+
|
|
82
|
+
const { email } = body;
|
|
83
|
+
const platformId = body.platform.connect[0].id;
|
|
84
|
+
|
|
85
|
+
const pm = strapi?.admin?.services.permission.createPermissionsManager({
|
|
86
|
+
ability: userAbility,
|
|
87
|
+
action: ACTIONS.create,
|
|
88
|
+
model: USER_MODEL
|
|
89
|
+
});
|
|
90
|
+
|
|
91
|
+
if (!pm.isAllowed) {
|
|
92
|
+
return ctx.forbidden();
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
const sanitizedBody = await pm.pickPermittedFieldsOf(body, { subject: USER_MODEL });
|
|
96
|
+
|
|
97
|
+
const userWithSameEmail = await strapi.query(USER_MODEL).findOne({
|
|
98
|
+
where: { $and: [{ email: email.toLowerCase() }, { platform: { id: platformId } }] }
|
|
99
|
+
});
|
|
100
|
+
|
|
101
|
+
if (userWithSameEmail) {
|
|
102
|
+
throw new ApplicationError('Email already taken');
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
const user = {
|
|
106
|
+
...sanitizedBody,
|
|
107
|
+
provider: 'local',
|
|
108
|
+
[CREATED_BY_ATTRIBUTE]: admin.id,
|
|
109
|
+
[UPDATED_BY_ATTRIBUTE]: admin.id
|
|
110
|
+
};
|
|
111
|
+
|
|
112
|
+
user.email = user.email.toLowerCase();
|
|
113
|
+
|
|
114
|
+
const advanced = await strapi?.store({ type: 'plugin', name: 'users-permissions', key: 'advanced' }).get({});
|
|
115
|
+
|
|
116
|
+
if (user.role.connect.length === 0) {
|
|
117
|
+
//@ts-ignore strapi types...
|
|
118
|
+
const defaultRole = await strapi.query(USER_ROLE).findOne({ where: { type: advanced.default_role } });
|
|
119
|
+
user.role = defaultRole.id;
|
|
120
|
+
}
|
|
121
|
+
|
|
122
|
+
try {
|
|
123
|
+
const data = await strapi.service(CONTENT_ENTITY_MANAGER).create(user, USER_MODEL);
|
|
124
|
+
const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });
|
|
125
|
+
|
|
126
|
+
ctx.created(sanitizedData);
|
|
127
|
+
} catch (error) {
|
|
128
|
+
throw new ApplicationError(error.message);
|
|
129
|
+
}
|
|
130
|
+
};
|
|
131
|
+
contentController.update = async (ctx: any) => {
|
|
132
|
+
const { id } = ctx.params;
|
|
133
|
+
const { body } = ctx.request;
|
|
134
|
+
const { user: admin, userAbility } = ctx.state;
|
|
135
|
+
|
|
136
|
+
const { email, password } = body;
|
|
137
|
+
|
|
138
|
+
const { pm, entity } = await findEntityAndCheckPermissions(userAbility, ACTIONS.edit, USER_MODEL, id);
|
|
139
|
+
const user = entity;
|
|
140
|
+
|
|
141
|
+
const platformId = body.platform.connect.length > 0 ? body.platform.connect[0].id : entity.platform.id;
|
|
142
|
+
|
|
143
|
+
if (has(body, 'password') && !password && user.provider === 'local') {
|
|
144
|
+
throw new ValidationError('password.notNull');
|
|
145
|
+
}
|
|
146
|
+
|
|
147
|
+
//@ts-ignore
|
|
148
|
+
if (has(body, 'email')) {
|
|
149
|
+
const userWithSameEmail = await strapi
|
|
150
|
+
.query(USER_MODEL)
|
|
151
|
+
.findOne({ where: { $and: [{ email: email.toLowerCase() }, { platform: { id: platformId } }] } });
|
|
152
|
+
|
|
153
|
+
if (userWithSameEmail && toString(userWithSameEmail.id) !== toString(id)) {
|
|
154
|
+
throw new ApplicationError('Email already taken');
|
|
155
|
+
}
|
|
156
|
+
body.email = body.email.toLowerCase();
|
|
157
|
+
}
|
|
158
|
+
|
|
159
|
+
const sanitizedData = await pm.pickPermittedFieldsOf(body, { subject: pm.toSubject(user) });
|
|
160
|
+
const updateData = omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');
|
|
161
|
+
|
|
162
|
+
const data = await strapi.service('plugin::content-manager.entity-manager').update({ id }, updateData, USER_MODEL);
|
|
163
|
+
|
|
164
|
+
ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });
|
|
165
|
+
};
|
|
166
|
+
};
|
|
167
|
+
|
|
168
|
+
const findEntityAndCheckPermissions = async (ability, action, model, id) => {
|
|
169
|
+
const entity = await strapi.query(USER_MODEL).findOne({
|
|
170
|
+
where: { id },
|
|
171
|
+
populate: [`${CREATED_BY_ATTRIBUTE}.roles`, 'platform']
|
|
172
|
+
});
|
|
173
|
+
|
|
174
|
+
if (!entity) {
|
|
175
|
+
throw new NotFoundError();
|
|
176
|
+
}
|
|
177
|
+
|
|
178
|
+
const pm = strapi.admin.services.permission.createPermissionsManager({ ability, action, model });
|
|
179
|
+
|
|
180
|
+
if (pm.ability.cannot(pm.action, pm.toSubject(entity))) {
|
|
181
|
+
throw new ForbiddenError();
|
|
182
|
+
}
|
|
183
|
+
|
|
184
|
+
const entityWithoutCreatorRoles = omit(entity, `${CREATED_BY_ATTRIBUTE}.roles`);
|
|
185
|
+
|
|
186
|
+
return { pm, entity: entityWithoutCreatorRoles };
|
|
187
|
+
};
|
package/server/utils/strapi.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { Common } from '@strapi/strapi';
|
|
2
|
+
import pluginId from '../../admin/src/pluginId';
|
|
2
3
|
|
|
3
4
|
export const getDeepPopulate = (uid: Common.UID.Component, populate?: any, depth: number = 0) => {
|
|
4
5
|
if (populate) {
|
|
@@ -43,3 +44,7 @@ export const getPopulatedEntity = async (uid, id) => {
|
|
|
43
44
|
populate
|
|
44
45
|
});
|
|
45
46
|
};
|
|
47
|
+
|
|
48
|
+
export const getConfig = () => {
|
|
49
|
+
return strapi.config.get(`plugin.${pluginId}`) as Record<string, any>;
|
|
50
|
+
};
|
|
@@ -4,3 +4,5 @@ export const PAGE_TYPE_UID = 'api::page-type.page-type';
|
|
|
4
4
|
export const PLATFORM_UID = 'api::platform.platform';
|
|
5
5
|
export const PAGE_TYPE_PAGE = 'page';
|
|
6
6
|
export const PLATFORM = 'platform';
|
|
7
|
+
export const USER_PERMISSION_USER_PLUGIN = 'plugin::users-permissions.user';
|
|
8
|
+
export const PAGE_BUILDER_EMAIL_PLUGIN = 'plugin::page-builder.email';
|