strapi/packages/plugins/users-permissions/server/services/role.js

'use strict';

const _ = require('lodash');
const { NotFoundError } = require('@strapi/utils').errors;
const { getService } = require('../utils');

module.exports = ({ strapi }) => ({
  async createRole(params) {
    if (!params.type) {
      params.type = _.snakeCase(_.deburr(_.toLower(params.name)));
    }

    const role = await strapi.db
      .query('plugin::users-permissions.role')
      .create({ data: _.omit(params, ['users', 'permissions']) });

    const createPromises = _.flatMap(params.permissions, (type, typeName) => {
      return _.flatMap(type.controllers, (controller, controllerName) => {
        return _.reduce(
          controller,
          (acc, action, actionName) => {
            const { enabled /* policy */ } = action;

            if (enabled) {
              const actionID = `${typeName}.${controllerName}.${actionName}`;

              acc.push(
                strapi.db
                  .query('plugin::users-permissions.permission')
                  .create({ data: { action: actionID, role: role.id } })
              );
            }

            return acc;
          },
          []
        );
      });
    });

    await Promise.all(createPromises);
  },

  async findOne(roleID) {
    const role = await strapi.db
      .query('plugin::users-permissions.role')
      .findOne({ where: { id: roleID }, populate: ['permissions'] });

    if (!role) {
      throw new NotFoundError('Role not found');
    }

    const allActions = getService('users-permissions').getActions();

    // Group by `type`.
    role.permissions.forEach((permission) => {
      const [type, controller, action] = permission.action.split('.');

      _.set(allActions, `${type}.controllers.${controller}.${action}`, {
        enabled: true,
        policy: '',
      });
    });

    return {
      ...role,
      permissions: allActions,
    };
  },

  async find() {
    const roles = await strapi.db
      .query('plugin::users-permissions.role')
      .findMany({ sort: ['name'] });

    for (const role of roles) {
      role.nb_users = await strapi.db
        .query('plugin::users-permissions.user')
        .count({ where: { role: { id: role.id } } });
    }

    return roles;
  },

  async updateRole(roleID, data) {
    const role = await strapi.db
      .query('plugin::users-permissions.role')
      .findOne({ where: { id: roleID }, populate: ['permissions'] });

    if (!role) {
      throw new NotFoundError('Role not found');
    }

    await strapi.db.query('plugin::users-permissions.role').update({
      where: { id: roleID },
      data: _.pick(data, ['name', 'description']),
    });

    const { permissions } = data;

    const newActions = _.flatMap(permissions, (type, typeName) => {
      return _.flatMap(type.controllers, (controller, controllerName) => {
        return _.reduce(
          controller,
          (acc, action, actionName) => {
            const { enabled /* policy */ } = action;

            if (enabled) {
              acc.push(`${typeName}.${controllerName}.${actionName}`);
            }

            return acc;
          },
          []
        );
      });
    });

    const oldActions = role.permissions.map(({ action }) => action);

    const toDelete = role.permissions.reduce((acc, permission) => {
      if (!newActions.includes(permission.action)) {
        acc.push(permission);
      }
      return acc;
    }, []);

    const toCreate = newActions
      .filter((action) => !oldActions.includes(action))
      .map((action) => ({ action, role: role.id }));

    await Promise.all(
      toDelete.map((permission) =>
        strapi.db
          .query('plugin::users-permissions.permission')
          .delete({ where: { id: permission.id } })
      )
    );

    await Promise.all(
      toCreate.map((permissionInfo) =>
        strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })
      )
    );
  },

  async deleteRole(roleID, publicRoleID) {
    const role = await strapi.db
      .query('plugin::users-permissions.role')
      .findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });

    if (!role) {
      throw new NotFoundError('Role not found');
    }

    // Move users to guest role.
    await Promise.all(
      role.users.map((user) => {
        return strapi.db.query('plugin::users-permissions.user').update({
          where: { id: user.id },
          data: { role: publicRoleID },
        });
      })
    );

    // Remove permissions related to this role.
    // TODO: use delete many
    await Promise.all(
      role.permissions.map((permission) => {
        return strapi.db.query('plugin::users-permissions.permission').delete({
          where: { id: permission.id },
        });
      })
    );

    // Delete the role.
    await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });
  },
});
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`'use strict';`

			`const _ = require('lodash');`
refacto graphql errors 2021-10-27 18:54:58 +02:00			`const { NotFoundError } = require('@strapi/utils').errors;`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`const { getService } = require('../utils');`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
			`module.exports = ({ strapi }) => ({`
			`async createRole(params) {`
			`if (!params.type) {`
			`params.type = _.snakeCase(_.deburr(_.toLower(params.name)));`
			`}`

chore: database enhancements 2024-03-13 15:40:30 +01:00			`const role = await strapi.db`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`.query('plugin::users-permissions.role')`
			`.create({ data: _.omit(params, ['users', 'permissions']) });`

Cleanup create/update role 2021-09-07 10:53:37 +02:00			`const createPromises = _.flatMap(params.permissions, (type, typeName) => {`
			`return _.flatMap(type.controllers, (controller, controllerName) => {`
			`return _.reduce(`
			`controller,`
			`(acc, action, actionName) => {`
			`const { enabled /* policy */ } = action;`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`if (enabled) {`
			const actionID = `${typeName}.${controllerName}.${actionName}`;
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`acc.push(`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`strapi.db`
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`.query('plugin::users-permissions.permission')`
			`.create({ data: { action: actionID, role: role.id } })`
			`);`
			`}`

			`return acc;`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`},`
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`[]`
			`);`
			`});`
			`});`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`await Promise.all(createPromises);`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`},`

Rename getRoles, getRole to find, findOne 2022-03-03 22:55:29 +09:00			`async findOne(roleID) {`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`const role = await strapi.db`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`.query('plugin::users-permissions.role')`
			`.findOne({ where: { id: roleID }, populate: ['permissions'] });`

			`if (!role) {`
refacto graphql errors 2021-10-27 18:54:58 +02:00			`throw new NotFoundError('Role not found');`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`}`

Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`const allActions = getService('users-permissions').getActions();`

Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			// Group by `type`.
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`role.permissions.forEach((permission) => {`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`const [type, controller, action] = permission.action.split('.');`

Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			_.set(allActions, `${type}.controllers.${controller}.${action}`, {
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`enabled: true,`
			`policy: '',`
			`});`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`});`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
			`return {`
			`...role,`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`permissions: allActions,`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`};`
			`},`

Rename getRoles, getRole to find, findOne 2022-03-03 22:55:29 +09:00			`async find() {`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`const roles = await strapi.db`
			`.query('plugin::users-permissions.role')`
			`.findMany({ sort: ['name'] });`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
			`for (const role of roles) {`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`role.nb_users = await strapi.db`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`.query('plugin::users-permissions.user')`
			`.count({ where: { role: { id: role.id } } });`
			`}`

			`return roles;`
			`},`

Cleanup create/update role 2021-09-07 10:53:37 +02:00			`async updateRole(roleID, data) {`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`const role = await strapi.db`
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`.query('plugin::users-permissions.role')`
			`.findOne({ where: { id: roleID }, populate: ['permissions'] });`

			`if (!role) {`
refacto graphql errors 2021-10-27 18:54:58 +02:00			`throw new NotFoundError('Role not found');`
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`}`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
chore: database enhancements 2024-03-13 15:40:30 +01:00			`await strapi.db.query('plugin::users-permissions.role').update({`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`where: { id: roleID },`
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`data: _.pick(data, ['name', 'description']),`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`});`

Cleanup create/update role 2021-09-07 10:53:37 +02:00			`const { permissions } = data;`

			`const newActions = _.flatMap(permissions, (type, typeName) => {`
			`return _.flatMap(type.controllers, (controller, controllerName) => {`
			`return _.reduce(`
			`controller,`
			`(acc, action, actionName) => {`
			`const { enabled /* policy */ } = action;`

			`if (enabled) {`
			acc.push(`${typeName}.${controllerName}.${actionName}`);
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`}`

Cleanup create/update role 2021-09-07 10:53:37 +02:00			`return acc;`
			`},`
			`[]`
			`);`
			`});`
			`});`

			`const oldActions = role.permissions.map(({ action }) => action);`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`const toDelete = role.permissions.reduce((acc, permission) => {`
			`if (!newActions.includes(permission.action)) {`
			`acc.push(permission);`
			`}`
			`return acc;`
			`}, []);`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`const toCreate = newActions`
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`.filter((action) => !oldActions.includes(action))`
			`.map((action) => ({ action, role: role.id }));`
Cleanup create/update role 2021-09-07 10:53:37 +02:00
			`await Promise.all(`
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`toDelete.map((permission) =>`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`strapi.db`
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`.query('plugin::users-permissions.permission')`
			`.delete({ where: { id: permission.id } })`
			`)`
			`);`

			`await Promise.all(`
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`toCreate.map((permissionInfo) =>`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`strapi.db.query('plugin::users-permissions.permission').create({ data: permissionInfo })`
Cleanup create/update role 2021-09-07 10:53:37 +02:00			`)`
			`);`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`},`

			`async deleteRole(roleID, publicRoleID) {`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`const role = await strapi.db`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`.query('plugin::users-permissions.role')`
			`.findOne({ where: { id: roleID }, populate: ['users', 'permissions'] });`

			`if (!role) {`
refacto graphql errors 2021-10-27 18:54:58 +02:00			`throw new NotFoundError('Role not found');`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`}`

			`// Move users to guest role.`
			`await Promise.all(`
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`role.users.map((user) => {`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`return strapi.db.query('plugin::users-permissions.user').update({`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`where: { id: user.id },`
			`data: { role: publicRoleID },`
			`});`
			`})`
			`);`

			`// Remove permissions related to this role.`
			`// TODO: use delete many`
			`await Promise.all(`
Prettier and backend fix 2022-08-08 23:33:39 +02:00			`role.permissions.map((permission) => {`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`return strapi.db.query('plugin::users-permissions.permission').delete({`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`where: { id: permission.id },`
			`});`
			`})`
			`);`

			`// Delete the role.`
chore: database enhancements 2024-03-13 15:40:30 +01:00			`await strapi.db.query('plugin::users-permissions.role').delete({ where: { id: roleID } });`
Cleanup u-p plugin 2021-09-07 09:45:45 +02:00			`},`
			`});`