strapi/packages/core/content-manager/server/controllers/relations.js

'use strict';

const { prop, isEmpty, isNil } = require('lodash/fp');
const { convertFiltersQueryParams } = require('@strapi/utils/lib/convert-query-params');
const { hasDraftAndPublish } = require('@strapi/utils').contentTypes;
const { PUBLISHED_AT_ATTRIBUTE } = require('@strapi/utils').contentTypes.constants;

const { getService } = require('../utils');
const { validateFindAvailable } = require('./validation/relations');

module.exports = {
  async findAvailable(ctx) {
    const { userAbility } = ctx.state;
    const { model, targetField } = ctx.params;

    await validateFindAvailable(ctx.request.query);

    const { component, entityId, idsToOmit, page = 1, pageSize = 10, _q } = ctx.request.query;

    const sourceModelUid = component || model;

    const sourceModel = strapi.getModel(sourceModelUid);
    if (!sourceModel) {
      return ctx.badRequest("The model doesn't exist");
    }

    // permission check
    if (entityId) {
      const entityManager = getService('entity-manager');
      const permissionChecker = getService('permission-checker').create({
        userAbility,
        model: sourceModel,
      });

      if (permissionChecker.cannot.read()) {
        return ctx.forbidden();
      }

      const entity = await entityManager.findOneWithCreatorRoles(entityId, model);

      if (!entity) {
        return ctx.notFound();
      }

      if (permissionChecker.cannot.read(entity)) {
        return ctx.forbidden();
      }
    }

    const attribute = sourceModel.attributes[targetField];
    if (!attribute || attribute.type !== 'relation') {
      return ctx.badRequest("This relational field doesn't exist");
    }

    const targetedModel = strapi.getModel(attribute.target);

    const offset = Math.max(page - 1, 0) * pageSize;
    const limit = Number(pageSize);

    const modelConfig = component
      ? await getService('components').findConfiguration(sourceModel)
      : await getService('content-types').findConfiguration(sourceModel);
    const mainField = prop(`metadatas.${targetField}.edit.mainField`, modelConfig) || 'id';

    const query = strapi.db.queryBuilder(targetedModel.uid);

    if (!isNil(_q)) {
      query.search(_q);
    }

    if (!isNil(ctx.request.query.filters)) {
      query.where(convertFiltersQueryParams(ctx.request.query.filters, targetedModel));
    }

    if (!isEmpty(idsToOmit)) {
      query.where({ id: { $notIn: idsToOmit } });
    }

    if (entityId) {
      const joinTable = strapi.db.metadata.get(sourceModelUid).attributes[targetField].joinTable;
      const sourceColumn = component ? joinTable.joinColumn.name : joinTable.inverseJoinColumn.name;
      const targetColumn = component ? joinTable.inverseJoinColumn.name : joinTable.joinColumn.name;

      // Select ids of targeted entities already having a relation with entityId
      const knexSubQuery = strapi.db
        .queryBuilder(joinTable.name)
        .select([targetColumn])
        .where({ [sourceColumn]: entityId })
        .getKnexQuery();

      query.where({ id: { $notIn: knexSubQuery } });
    }

    const { count } = await query
      .clone()
      .count()
      .first()
      .execute();

    const fieldsToSelect = ['id', mainField];
    if (hasDraftAndPublish(targetedModel)) {
      fieldsToSelect.push(PUBLISHED_AT_ATTRIBUTE);
    }
    const entities = await query
      .select(fieldsToSelect)
      .orderBy(mainField)
      .offset(offset)
      .limit(limit)
      .execute();

    ctx.body = {
      results: entities,
      pagination: {
        page: Number(page),
        pageSize: Number(pageSize),
        total: count,
      },
    };
  },
};
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00			`'use strict';`

handle i18n dimension 2022-08-10 19:14:04 +02:00			`const { prop, isEmpty, isNil } = require('lodash/fp');`
			`const { convertFiltersQueryParams } = require('@strapi/utils/lib/convert-query-params');`
add e2e tests 2022-08-09 19:35:48 +02:00			`const { hasDraftAndPublish } = require('@strapi/utils').contentTypes;`
Rename import & requires, fix tests 2021-04-29 13:51:12 +02:00			`const { PUBLISHED_AT_ATTRIBUTE } = require('@strapi/utils').contentTypes.constants;`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
			`const { getService } = require('../utils');`
renaming + add permission check on entity 2022-08-11 15:52:58 +02:00			`const { validateFindAvailable } = require('./validation/relations');`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
			`module.exports = {`
renaming + add permission check on entity 2022-08-11 15:52:58 +02:00			`async findAvailable(ctx) {`
			`const { userAbility } = ctx.state;`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00			`const { model, targetField } = ctx.params;`

renaming + add permission check on entity 2022-08-11 15:52:58 +02:00			`await validateFindAvailable(ctx.request.query);`
refactor relation findNew route 2022-08-05 16:05:52 +02:00
renaming + add permission check on entity 2022-08-11 15:52:58 +02:00			`const { component, entityId, idsToOmit, page = 1, pageSize = 10, _q } = ctx.request.query;`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
add e2e tests 2022-08-09 19:35:48 +02:00			`const sourceModelUid = component \|\| model;`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
add e2e tests 2022-08-09 19:35:48 +02:00			`const sourceModel = strapi.getModel(sourceModelUid);`
			`if (!sourceModel) {`
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`return ctx.badRequest("The model doesn't exist");`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00			`}`

renaming + add permission check on entity 2022-08-11 15:52:58 +02:00			`// permission check`
			`if (entityId) {`
			`const entityManager = getService('entity-manager');`
			`const permissionChecker = getService('permission-checker').create({`
			`userAbility,`
			`model: sourceModel,`
			`});`

			`if (permissionChecker.cannot.read()) {`
			`return ctx.forbidden();`
			`}`

			`const entity = await entityManager.findOneWithCreatorRoles(entityId, model);`

			`if (!entity) {`
			`return ctx.notFound();`
			`}`

			`if (permissionChecker.cannot.read(entity)) {`
			`return ctx.forbidden();`
			`}`
			`}`

add e2e tests 2022-08-09 19:35:48 +02:00			`const attribute = sourceModel.attributes[targetField];`
Refactor all query() calls 2021-07-08 18:15:32 +02:00			`if (!attribute \|\| attribute.type !== 'relation') {`
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`return ctx.badRequest("This relational field doesn't exist");`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00			`}`

refactor relation findNew route 2022-08-05 16:05:52 +02:00			`const targetedModel = strapi.getModel(attribute.target);`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`const offset = Math.max(page - 1, 0) * pageSize;`
			`const limit = Number(pageSize);`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`const modelConfig = component`
add e2e tests 2022-08-09 19:35:48 +02:00			`? await getService('components').findConfiguration(sourceModel)`
			`: await getService('content-types').findConfiguration(sourceModel);`
refactor relation findNew route 2022-08-05 16:05:52 +02:00			const mainField = prop(`metadatas.${targetField}.edit.mainField`, modelConfig) \|\| 'id';
Fix relation search (#9156) * add params to relation route to omit existing relations * small refacto * use omit approach * Fix relation select (Front) Signed-off-by: HichamELBSI <elabbassih@gmail.com> * Fix relation select review Signed-off-by: HichamELBSI <elabbassih@gmail.com> * update doc aos + remove useless cast to string Co-authored-by: HichamELBSI <elabbassih@gmail.com> 2021-01-25 17:58:18 +01:00
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`const query = strapi.db.queryBuilder(targetedModel.uid);`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
renaming + add permission check on entity 2022-08-11 15:52:58 +02:00			`if (!isNil(_q)) {`
			`query.search(_q);`
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`}`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
handle i18n dimension 2022-08-10 19:14:04 +02:00			`if (!isNil(ctx.request.query.filters)) {`
			`query.where(convertFiltersQueryParams(ctx.request.query.filters, targetedModel));`
			`}`

refactor relation findNew route 2022-08-05 16:05:52 +02:00			`if (!isEmpty(idsToOmit)) {`
			`query.where({ id: { $notIn: idsToOmit } });`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00			`}`

refactor relation findNew route 2022-08-05 16:05:52 +02:00			`if (entityId) {`
add e2e tests 2022-08-09 19:35:48 +02:00			`const joinTable = strapi.db.metadata.get(sourceModelUid).attributes[targetField].joinTable;`
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`const sourceColumn = component ? joinTable.joinColumn.name : joinTable.inverseJoinColumn.name;`
			`const targetColumn = component ? joinTable.inverseJoinColumn.name : joinTable.joinColumn.name;`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
handle i18n dimension 2022-08-10 19:14:04 +02:00			`// Select ids of targeted entities already having a relation with entityId`
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`const knexSubQuery = strapi.db`
			`.queryBuilder(joinTable.name)`
			`.select([targetColumn])`
			`.where({ [sourceColumn]: entityId })`
			`.getKnexQuery();`

			`query.where({ id: { $notIn: knexSubQuery } });`
			`}`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`const { count } = await query`
			`.clone()`
			`.count()`
			`.first()`
			`.execute();`
add e2e tests 2022-08-09 19:35:48 +02:00
			`const fieldsToSelect = ['id', mainField];`
			`if (hasDraftAndPublish(targetedModel)) {`
			`fieldsToSelect.push(PUBLISHED_AT_ATTRIBUTE);`
			`}`
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`const entities = await query`
add e2e tests 2022-08-09 19:35:48 +02:00			`.select(fieldsToSelect)`
refactor relation findNew route 2022-08-05 16:05:52 +02:00			`.orderBy(mainField)`
			`.offset(offset)`
			`.limit(limit)`
			`.execute();`

			`ctx.body = {`
			`results: entities,`
			`pagination: {`
			`page: Number(page),`
			`pageSize: Number(pageSize),`
			`total: count,`
			`},`
			`};`
Refactor relation-list route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 16:01:46 +01:00			`},`
			`};`