npm - strapi-plugin-magic-mail - Versions diffs - 2.9.0 → 2.9.1 - Mend

strapi-plugin-magic-mail 2.9.0 → 2.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/server/index.js CHANGED Viewed

@@ -51493,16 +51493,24 @@ var controllers$1 = {
   whatsapp: whatsapp$2,
   pluginSettings: pluginSettings$2
 };
+const PLUGIN_ACCESS_ACTION = "plugin::magic-mail.access";
+const adminPolicy = () => [
+  "admin::isAuthenticatedAdmin",
+  {
+    name: "admin::hasPermissions",
+    config: { actions: [PLUGIN_ACCESS_ACTION] }
+  }
+];
 var admin$1 = {
   type: "admin",
   routes: [
-    // Account Management
+    // ─────────────────────── Account Management ───────────────────────
     {
       method: "GET",
       path: "/accounts",
       handler: "accounts.getAll",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get all email accounts"
       }
     },
@@ -51511,7 +51519,7 @@ var admin$1 = {
       path: "/accounts/:accountId",
       handler: "accounts.getOne",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get single email account with decrypted config"
       }
     },
@@ -51520,7 +51528,7 @@ var admin$1 = {
       path: "/accounts",
       handler: "accounts.create",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Create email account"
       }
     },
@@ -51529,7 +51537,7 @@ var admin$1 = {
       path: "/accounts/:accountId",
       handler: "accounts.update",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update email account"
       }
     },
@@ -51538,7 +51546,7 @@ var admin$1 = {
       path: "/accounts/:accountId/test",
       handler: "accounts.test",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Test email account"
       }
     },
@@ -51547,7 +51555,7 @@ var admin$1 = {
       path: "/test-strapi-service",
       handler: "accounts.testStrapiService",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Test Strapi Email Service integration (MagicMail intercept)"
       }
     },
@@ -51556,17 +51564,17 @@ var admin$1 = {
       path: "/accounts/:accountId",
       handler: "accounts.delete",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete email account"
       }
     },
-    // Routing Rules
+    // ─────────────────────── Routing Rules ───────────────────────
     {
       method: "GET",
       path: "/routing-rules",
       handler: "routingRules.getAll",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get all routing rules"
       }
     },
@@ -51575,7 +51583,7 @@ var admin$1 = {
       path: "/routing-rules/:ruleId",
       handler: "routingRules.getOne",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get single routing rule"
       }
     },
@@ -51584,7 +51592,7 @@ var admin$1 = {
       path: "/routing-rules",
       handler: "routingRules.create",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Create routing rule"
       }
     },
@@ -51593,7 +51601,7 @@ var admin$1 = {
       path: "/routing-rules/:ruleId",
       handler: "routingRules.update",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update routing rule"
       }
     },
@@ -51602,23 +51610,21 @@ var admin$1 = {
       path: "/routing-rules/:ruleId",
       handler: "routingRules.delete",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete routing rule"
       }
     },
-    // OAuth Routes - Gmail
-    // The /auth endpoints are admin-only (they produce OAuth URLs for the
-    // currently-authenticated admin). The /callback endpoints must stay
-    // public because the upstream OAuth provider (Google/Microsoft/Yahoo)
-    // cannot send a bearer token on the redirect back — security is
-    // enforced by the signed, one-time-use state parameter that callback
-    // + token exchange verify.
+    // ─────────────────────── OAuth – Gmail ───────────────────────
+    // /auth endpoints are admin-only (they generate the OAuth URL for
+    // the currently-authenticated admin). /callback MUST remain public
+    // because Google/Microsoft/Yahoo can't send a bearer token on the
+    // redirect — security is enforced by the signed single-use state.
     {
       method: "GET",
       path: "/oauth/gmail/auth",
       handler: "oauth.gmailAuth",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Initiate Gmail OAuth flow"
       }
     },
@@ -51632,13 +51638,13 @@ var admin$1 = {
         description: "Gmail OAuth callback"
       }
     },
-    // OAuth Routes - Microsoft
+    // ─────────────────────── OAuth – Microsoft ───────────────────────
     {
       method: "GET",
       path: "/oauth/microsoft/auth",
       handler: "oauth.microsoftAuth",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Initiate Microsoft OAuth flow"
       }
     },
@@ -51652,13 +51658,13 @@ var admin$1 = {
         description: "Microsoft OAuth callback"
       }
     },
-    // OAuth Routes - Yahoo
+    // ─────────────────────── OAuth – Yahoo ───────────────────────
     {
       method: "GET",
       path: "/oauth/yahoo/auth",
       handler: "oauth.yahooAuth",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Initiate Yahoo OAuth flow"
       }
     },
@@ -51672,23 +51678,23 @@ var admin$1 = {
         description: "Yahoo OAuth callback"
       }
     },
-    // OAuth Routes - Generic
+    // ─────────────────────── OAuth – Generic ───────────────────────
     {
       method: "POST",
       path: "/oauth/create-account",
       handler: "oauth.createOAuthAccount",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Create account from OAuth"
       }
     },
-    // License Routes
+    // ─────────────────────── License ───────────────────────
     {
       method: "GET",
       path: "/license/status",
       handler: "license.getStatus",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get license status"
       }
     },
@@ -51697,7 +51703,7 @@ var admin$1 = {
       path: "/license/auto-create",
       handler: "license.autoCreate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Auto-create license with admin user data"
       }
     },
@@ -51706,7 +51712,7 @@ var admin$1 = {
       path: "/license/store-key",
       handler: "license.storeKey",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Store and validate existing license key"
       }
     },
@@ -51715,7 +51721,7 @@ var admin$1 = {
       path: "/license/limits",
       handler: "license.getLimits",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get license limits and available features"
       }
     },
@@ -51724,17 +51730,17 @@ var admin$1 = {
       path: "/license/debug",
       handler: "license.debugLicense",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Debug license data"
       }
     },
-    // Email Designer Routes
+    // ─────────────────────── Email Designer ───────────────────────
     {
       method: "GET",
       path: "/designer/templates",
       handler: "emailDesigner.findAll",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get all email templates"
       }
     },
@@ -51743,7 +51749,7 @@ var admin$1 = {
       path: "/designer/templates/:id",
       handler: "emailDesigner.findOne",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get email template by ID"
       }
     },
@@ -51752,7 +51758,7 @@ var admin$1 = {
       path: "/designer/templates",
       handler: "emailDesigner.create",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Create email template"
       }
     },
@@ -51761,7 +51767,7 @@ var admin$1 = {
       path: "/designer/templates/:id",
       handler: "emailDesigner.update",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update email template"
       }
     },
@@ -51770,7 +51776,7 @@ var admin$1 = {
       path: "/designer/templates/:id",
       handler: "emailDesigner.delete",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete email template"
       }
     },
@@ -51779,7 +51785,7 @@ var admin$1 = {
       path: "/designer/templates/:id/versions",
       handler: "emailDesigner.getVersions",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get template versions"
       }
     },
@@ -51788,7 +51794,7 @@ var admin$1 = {
       path: "/designer/templates/:id/versions/:versionId/restore",
       handler: "emailDesigner.restoreVersion",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Restore template from version"
       }
     },
@@ -51797,7 +51803,7 @@ var admin$1 = {
       path: "/designer/templates/:id/versions/:versionId/delete",
       handler: "emailDesigner.deleteVersion",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete a single version"
       }
     },
@@ -51806,7 +51812,7 @@ var admin$1 = {
       path: "/designer/templates/:id/versions/delete-all",
       handler: "emailDesigner.deleteAllVersions",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete all versions for a template"
       }
     },
@@ -51815,7 +51821,7 @@ var admin$1 = {
       path: "/designer/render/:templateReferenceId",
       handler: "emailDesigner.renderTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Render template with data"
       }
     },
@@ -51824,7 +51830,7 @@ var admin$1 = {
       path: "/designer/export",
       handler: "emailDesigner.exportTemplates",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Export templates (ADVANCED+)"
       }
     },
@@ -51833,7 +51839,7 @@ var admin$1 = {
       path: "/designer/import",
       handler: "emailDesigner.importTemplates",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Import templates (ADVANCED+)"
       }
     },
@@ -51842,7 +51848,7 @@ var admin$1 = {
       path: "/designer/stats",
       handler: "emailDesigner.getStats",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get template statistics"
       }
     },
@@ -51851,7 +51857,7 @@ var admin$1 = {
       path: "/designer/core/:coreEmailType",
       handler: "emailDesigner.getCoreTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get core email template"
       }
     },
@@ -51860,7 +51866,7 @@ var admin$1 = {
       path: "/designer/core/:coreEmailType",
       handler: "emailDesigner.updateCoreTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update core email template"
       }
     },
@@ -51869,7 +51875,7 @@ var admin$1 = {
       path: "/designer/templates/:id/download",
       handler: "emailDesigner.download",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Download template as HTML or JSON"
       }
     },
@@ -51878,7 +51884,7 @@ var admin$1 = {
       path: "/designer/templates/:id/duplicate",
       handler: "emailDesigner.duplicate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Duplicate template"
       }
     },
@@ -51887,17 +51893,17 @@ var admin$1 = {
       path: "/designer/templates/:id/test-send",
       handler: "emailDesigner.testSend",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Send test email for template"
       }
     },
-    // Analytics & Tracking
+    // ─────────────────────── Analytics & Tracking ───────────────────────
     {
       method: "GET",
       path: "/analytics/stats",
       handler: "analytics.getStats",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get analytics statistics"
       }
     },
@@ -51906,7 +51912,7 @@ var admin$1 = {
       path: "/analytics/emails",
       handler: "analytics.getEmailLogs",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get email logs"
       }
     },
@@ -51915,7 +51921,7 @@ var admin$1 = {
       path: "/analytics/emails/:emailId",
       handler: "analytics.getEmailDetails",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get email details"
       }
     },
@@ -51924,7 +51930,7 @@ var admin$1 = {
       path: "/analytics/users/:userId",
       handler: "analytics.getUserActivity",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get user email activity"
       }
     },
@@ -51933,7 +51939,7 @@ var admin$1 = {
       path: "/analytics/debug",
       handler: "analytics.debug",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Debug analytics state"
       }
     },
@@ -51942,7 +51948,7 @@ var admin$1 = {
       path: "/analytics/emails/:emailId",
       handler: "analytics.deleteEmailLog",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete single email log"
       }
     },
@@ -51951,27 +51957,27 @@ var admin$1 = {
       path: "/analytics/emails",
       handler: "analytics.clearAllEmailLogs",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Clear all email logs"
       }
     },
-    // Test Routes (Development)
+    // ─────────────────────── Test (Dev) ───────────────────────
     {
       method: "POST",
       path: "/test/relations",
       handler: "test.testRelations",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Test template-version relations"
       }
     },
-    // WhatsApp Routes
+    // ─────────────────────── WhatsApp ───────────────────────
     {
       method: "GET",
       path: "/whatsapp/available",
       handler: "whatsapp.checkAvailable",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Check if WhatsApp/Baileys is available"
       }
     },
@@ -51980,7 +51986,7 @@ var admin$1 = {
       path: "/whatsapp/status",
       handler: "whatsapp.getStatus",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get WhatsApp connection status"
       }
     },
@@ -51989,7 +51995,7 @@ var admin$1 = {
       path: "/whatsapp/connect",
       handler: "whatsapp.connect",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Connect to WhatsApp (generates QR if needed)"
       }
     },
@@ -51998,7 +52004,7 @@ var admin$1 = {
       path: "/whatsapp/disconnect",
       handler: "whatsapp.disconnect",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Disconnect from WhatsApp"
       }
     },
@@ -52007,7 +52013,7 @@ var admin$1 = {
       path: "/whatsapp/send-test",
       handler: "whatsapp.sendTest",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Send a test WhatsApp message"
       }
     },
@@ -52016,7 +52022,7 @@ var admin$1 = {
       path: "/whatsapp/send-template",
       handler: "whatsapp.sendTemplateMessage",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Send WhatsApp message using template"
       }
     },
@@ -52025,7 +52031,7 @@ var admin$1 = {
       path: "/whatsapp/check-number",
       handler: "whatsapp.checkNumber",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Check if phone number is on WhatsApp"
       }
     },
@@ -52034,7 +52040,7 @@ var admin$1 = {
       path: "/whatsapp/templates",
       handler: "whatsapp.getTemplates",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get all WhatsApp message templates"
       }
     },
@@ -52043,7 +52049,7 @@ var admin$1 = {
       path: "/whatsapp/templates",
       handler: "whatsapp.saveTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Save a WhatsApp message template"
       }
     },
@@ -52052,7 +52058,7 @@ var admin$1 = {
       path: "/whatsapp/templates/:templateName",
       handler: "whatsapp.deleteTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete a WhatsApp message template"
       }
     },
@@ -52061,17 +52067,17 @@ var admin$1 = {
       path: "/whatsapp/session",
       handler: "whatsapp.getSession",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get WhatsApp session info"
       }
     },
-    // Plugin Settings Routes
+    // ─────────────────────── Plugin Settings ───────────────────────
     {
       method: "GET",
       path: "/settings",
       handler: "pluginSettings.getSettings",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get plugin settings"
       }
     },
@@ -52080,7 +52086,7 @@ var admin$1 = {
       path: "/settings",
       handler: "pluginSettings.updateSettings",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update plugin settings"
       }
     }
@@ -63348,7 +63354,7 @@ var oauth$1 = ({ strapi: strapi2 }) => ({
     return account;
   }
 });
-const version = "2.8.4";
+const version = "2.9.0";
 const require$$2 = {
   version
 };

package/dist/server/index.mjs CHANGED Viewed

@@ -51457,16 +51457,24 @@ var controllers$1 = {
   whatsapp: whatsapp$2,
   pluginSettings: pluginSettings$2
 };
+const PLUGIN_ACCESS_ACTION = "plugin::magic-mail.access";
+const adminPolicy = () => [
+  "admin::isAuthenticatedAdmin",
+  {
+    name: "admin::hasPermissions",
+    config: { actions: [PLUGIN_ACCESS_ACTION] }
+  }
+];
 var admin$1 = {
   type: "admin",
   routes: [
-    // Account Management
+    // ─────────────────────── Account Management ───────────────────────
     {
       method: "GET",
       path: "/accounts",
       handler: "accounts.getAll",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get all email accounts"
       }
     },
@@ -51475,7 +51483,7 @@ var admin$1 = {
       path: "/accounts/:accountId",
       handler: "accounts.getOne",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get single email account with decrypted config"
       }
     },
@@ -51484,7 +51492,7 @@ var admin$1 = {
       path: "/accounts",
       handler: "accounts.create",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Create email account"
       }
     },
@@ -51493,7 +51501,7 @@ var admin$1 = {
       path: "/accounts/:accountId",
       handler: "accounts.update",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update email account"
       }
     },
@@ -51502,7 +51510,7 @@ var admin$1 = {
       path: "/accounts/:accountId/test",
       handler: "accounts.test",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Test email account"
       }
     },
@@ -51511,7 +51519,7 @@ var admin$1 = {
       path: "/test-strapi-service",
       handler: "accounts.testStrapiService",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Test Strapi Email Service integration (MagicMail intercept)"
       }
     },
@@ -51520,17 +51528,17 @@ var admin$1 = {
       path: "/accounts/:accountId",
       handler: "accounts.delete",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete email account"
       }
     },
-    // Routing Rules
+    // ─────────────────────── Routing Rules ───────────────────────
     {
       method: "GET",
       path: "/routing-rules",
       handler: "routingRules.getAll",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get all routing rules"
       }
     },
@@ -51539,7 +51547,7 @@ var admin$1 = {
       path: "/routing-rules/:ruleId",
       handler: "routingRules.getOne",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get single routing rule"
       }
     },
@@ -51548,7 +51556,7 @@ var admin$1 = {
       path: "/routing-rules",
       handler: "routingRules.create",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Create routing rule"
       }
     },
@@ -51557,7 +51565,7 @@ var admin$1 = {
       path: "/routing-rules/:ruleId",
       handler: "routingRules.update",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update routing rule"
       }
     },
@@ -51566,23 +51574,21 @@ var admin$1 = {
       path: "/routing-rules/:ruleId",
       handler: "routingRules.delete",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete routing rule"
       }
     },
-    // OAuth Routes - Gmail
-    // The /auth endpoints are admin-only (they produce OAuth URLs for the
-    // currently-authenticated admin). The /callback endpoints must stay
-    // public because the upstream OAuth provider (Google/Microsoft/Yahoo)
-    // cannot send a bearer token on the redirect back — security is
-    // enforced by the signed, one-time-use state parameter that callback
-    // + token exchange verify.
+    // ─────────────────────── OAuth – Gmail ───────────────────────
+    // /auth endpoints are admin-only (they generate the OAuth URL for
+    // the currently-authenticated admin). /callback MUST remain public
+    // because Google/Microsoft/Yahoo can't send a bearer token on the
+    // redirect — security is enforced by the signed single-use state.
     {
       method: "GET",
       path: "/oauth/gmail/auth",
       handler: "oauth.gmailAuth",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Initiate Gmail OAuth flow"
       }
     },
@@ -51596,13 +51602,13 @@ var admin$1 = {
         description: "Gmail OAuth callback"
       }
     },
-    // OAuth Routes - Microsoft
+    // ─────────────────────── OAuth – Microsoft ───────────────────────
     {
       method: "GET",
       path: "/oauth/microsoft/auth",
       handler: "oauth.microsoftAuth",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Initiate Microsoft OAuth flow"
       }
     },
@@ -51616,13 +51622,13 @@ var admin$1 = {
         description: "Microsoft OAuth callback"
       }
     },
-    // OAuth Routes - Yahoo
+    // ─────────────────────── OAuth – Yahoo ───────────────────────
     {
       method: "GET",
       path: "/oauth/yahoo/auth",
       handler: "oauth.yahooAuth",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Initiate Yahoo OAuth flow"
       }
     },
@@ -51636,23 +51642,23 @@ var admin$1 = {
         description: "Yahoo OAuth callback"
       }
     },
-    // OAuth Routes - Generic
+    // ─────────────────────── OAuth – Generic ───────────────────────
     {
       method: "POST",
       path: "/oauth/create-account",
       handler: "oauth.createOAuthAccount",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Create account from OAuth"
       }
     },
-    // License Routes
+    // ─────────────────────── License ───────────────────────
     {
       method: "GET",
       path: "/license/status",
       handler: "license.getStatus",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get license status"
       }
     },
@@ -51661,7 +51667,7 @@ var admin$1 = {
       path: "/license/auto-create",
       handler: "license.autoCreate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Auto-create license with admin user data"
       }
     },
@@ -51670,7 +51676,7 @@ var admin$1 = {
       path: "/license/store-key",
       handler: "license.storeKey",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Store and validate existing license key"
       }
     },
@@ -51679,7 +51685,7 @@ var admin$1 = {
       path: "/license/limits",
       handler: "license.getLimits",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get license limits and available features"
       }
     },
@@ -51688,17 +51694,17 @@ var admin$1 = {
       path: "/license/debug",
       handler: "license.debugLicense",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Debug license data"
       }
     },
-    // Email Designer Routes
+    // ─────────────────────── Email Designer ───────────────────────
     {
       method: "GET",
       path: "/designer/templates",
       handler: "emailDesigner.findAll",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get all email templates"
       }
     },
@@ -51707,7 +51713,7 @@ var admin$1 = {
       path: "/designer/templates/:id",
       handler: "emailDesigner.findOne",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get email template by ID"
       }
     },
@@ -51716,7 +51722,7 @@ var admin$1 = {
       path: "/designer/templates",
       handler: "emailDesigner.create",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Create email template"
       }
     },
@@ -51725,7 +51731,7 @@ var admin$1 = {
       path: "/designer/templates/:id",
       handler: "emailDesigner.update",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update email template"
       }
     },
@@ -51734,7 +51740,7 @@ var admin$1 = {
       path: "/designer/templates/:id",
       handler: "emailDesigner.delete",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete email template"
       }
     },
@@ -51743,7 +51749,7 @@ var admin$1 = {
       path: "/designer/templates/:id/versions",
       handler: "emailDesigner.getVersions",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get template versions"
       }
     },
@@ -51752,7 +51758,7 @@ var admin$1 = {
       path: "/designer/templates/:id/versions/:versionId/restore",
       handler: "emailDesigner.restoreVersion",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Restore template from version"
       }
     },
@@ -51761,7 +51767,7 @@ var admin$1 = {
       path: "/designer/templates/:id/versions/:versionId/delete",
       handler: "emailDesigner.deleteVersion",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete a single version"
       }
     },
@@ -51770,7 +51776,7 @@ var admin$1 = {
       path: "/designer/templates/:id/versions/delete-all",
       handler: "emailDesigner.deleteAllVersions",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete all versions for a template"
       }
     },
@@ -51779,7 +51785,7 @@ var admin$1 = {
       path: "/designer/render/:templateReferenceId",
       handler: "emailDesigner.renderTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Render template with data"
       }
     },
@@ -51788,7 +51794,7 @@ var admin$1 = {
       path: "/designer/export",
       handler: "emailDesigner.exportTemplates",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Export templates (ADVANCED+)"
       }
     },
@@ -51797,7 +51803,7 @@ var admin$1 = {
       path: "/designer/import",
       handler: "emailDesigner.importTemplates",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Import templates (ADVANCED+)"
       }
     },
@@ -51806,7 +51812,7 @@ var admin$1 = {
       path: "/designer/stats",
       handler: "emailDesigner.getStats",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get template statistics"
       }
     },
@@ -51815,7 +51821,7 @@ var admin$1 = {
       path: "/designer/core/:coreEmailType",
       handler: "emailDesigner.getCoreTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get core email template"
       }
     },
@@ -51824,7 +51830,7 @@ var admin$1 = {
       path: "/designer/core/:coreEmailType",
       handler: "emailDesigner.updateCoreTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update core email template"
       }
     },
@@ -51833,7 +51839,7 @@ var admin$1 = {
       path: "/designer/templates/:id/download",
       handler: "emailDesigner.download",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Download template as HTML or JSON"
       }
     },
@@ -51842,7 +51848,7 @@ var admin$1 = {
       path: "/designer/templates/:id/duplicate",
       handler: "emailDesigner.duplicate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Duplicate template"
       }
     },
@@ -51851,17 +51857,17 @@ var admin$1 = {
       path: "/designer/templates/:id/test-send",
       handler: "emailDesigner.testSend",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Send test email for template"
       }
     },
-    // Analytics & Tracking
+    // ─────────────────────── Analytics & Tracking ───────────────────────
     {
       method: "GET",
       path: "/analytics/stats",
       handler: "analytics.getStats",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get analytics statistics"
       }
     },
@@ -51870,7 +51876,7 @@ var admin$1 = {
       path: "/analytics/emails",
       handler: "analytics.getEmailLogs",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get email logs"
       }
     },
@@ -51879,7 +51885,7 @@ var admin$1 = {
       path: "/analytics/emails/:emailId",
       handler: "analytics.getEmailDetails",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get email details"
       }
     },
@@ -51888,7 +51894,7 @@ var admin$1 = {
       path: "/analytics/users/:userId",
       handler: "analytics.getUserActivity",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get user email activity"
       }
     },
@@ -51897,7 +51903,7 @@ var admin$1 = {
       path: "/analytics/debug",
       handler: "analytics.debug",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Debug analytics state"
       }
     },
@@ -51906,7 +51912,7 @@ var admin$1 = {
       path: "/analytics/emails/:emailId",
       handler: "analytics.deleteEmailLog",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete single email log"
       }
     },
@@ -51915,27 +51921,27 @@ var admin$1 = {
       path: "/analytics/emails",
       handler: "analytics.clearAllEmailLogs",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Clear all email logs"
       }
     },
-    // Test Routes (Development)
+    // ─────────────────────── Test (Dev) ───────────────────────
     {
       method: "POST",
       path: "/test/relations",
       handler: "test.testRelations",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Test template-version relations"
       }
     },
-    // WhatsApp Routes
+    // ─────────────────────── WhatsApp ───────────────────────
     {
       method: "GET",
       path: "/whatsapp/available",
       handler: "whatsapp.checkAvailable",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Check if WhatsApp/Baileys is available"
       }
     },
@@ -51944,7 +51950,7 @@ var admin$1 = {
       path: "/whatsapp/status",
       handler: "whatsapp.getStatus",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get WhatsApp connection status"
       }
     },
@@ -51953,7 +51959,7 @@ var admin$1 = {
       path: "/whatsapp/connect",
       handler: "whatsapp.connect",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Connect to WhatsApp (generates QR if needed)"
       }
     },
@@ -51962,7 +51968,7 @@ var admin$1 = {
       path: "/whatsapp/disconnect",
       handler: "whatsapp.disconnect",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Disconnect from WhatsApp"
       }
     },
@@ -51971,7 +51977,7 @@ var admin$1 = {
       path: "/whatsapp/send-test",
       handler: "whatsapp.sendTest",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Send a test WhatsApp message"
       }
     },
@@ -51980,7 +51986,7 @@ var admin$1 = {
       path: "/whatsapp/send-template",
       handler: "whatsapp.sendTemplateMessage",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Send WhatsApp message using template"
       }
     },
@@ -51989,7 +51995,7 @@ var admin$1 = {
       path: "/whatsapp/check-number",
       handler: "whatsapp.checkNumber",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Check if phone number is on WhatsApp"
       }
     },
@@ -51998,7 +52004,7 @@ var admin$1 = {
       path: "/whatsapp/templates",
       handler: "whatsapp.getTemplates",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get all WhatsApp message templates"
       }
     },
@@ -52007,7 +52013,7 @@ var admin$1 = {
       path: "/whatsapp/templates",
       handler: "whatsapp.saveTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Save a WhatsApp message template"
       }
     },
@@ -52016,7 +52022,7 @@ var admin$1 = {
       path: "/whatsapp/templates/:templateName",
       handler: "whatsapp.deleteTemplate",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Delete a WhatsApp message template"
       }
     },
@@ -52025,17 +52031,17 @@ var admin$1 = {
       path: "/whatsapp/session",
       handler: "whatsapp.getSession",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get WhatsApp session info"
       }
     },
-    // Plugin Settings Routes
+    // ─────────────────────── Plugin Settings ───────────────────────
     {
       method: "GET",
       path: "/settings",
       handler: "pluginSettings.getSettings",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Get plugin settings"
       }
     },
@@ -52044,7 +52050,7 @@ var admin$1 = {
       path: "/settings",
       handler: "pluginSettings.updateSettings",
       config: {
-        policies: ["admin::isAuthenticatedAdmin"],
+        policies: adminPolicy(),
         description: "Update plugin settings"
       }
     }
@@ -63312,7 +63318,7 @@ var oauth$1 = ({ strapi: strapi2 }) => ({
     return account;
   }
 });
-const version = "2.8.4";
+const version = "2.9.0";
 const require$$2 = {
   version
 };

package/package.json CHANGED Viewed

@@ -1,5 +1,5 @@
 {
-  "version": "2.9.0",
+  "version": "2.9.1",
   "keywords": [
     "strapi",
     "strapi-plugin",