strapi/packages/core/admin/ee/server/bootstrap.js

'use strict';

const _ = require('lodash');
// eslint-disable-next-line node/no-extraneous-require
const { features } = require('@strapi/strapi/lib/utils/ee');
const executeCEBootstrap = require('../../server/bootstrap');
const { getService } = require('../../server/utils');
const actions = require('./config/admin-actions');

const enableUsersToLicenseLimit = async (numberOfUsersToEnable) => {
  const data = await strapi.db.query('strapi::ee-store').findOne({
    where: { key: 'ee_disabled_users' },
  });

  if (!data || !data.value || data.value.length === 0) return;

  const disabledUsers = JSON.parse(data.value);

  const usersToEnable = _.take(disabledUsers, numberOfUsersToEnable);

  usersToEnable.forEach(async (user) => {
    const data = await strapi.db.query('admin::user').findOne({
      where: { id: user.id },
    });

    if (!data) return;

    await strapi.db.query('admin::user').update({
      where: { id: user.id },
      data: { isActive: true },
    });
  });

  const remainingDisabledUsers = _.drop(disabledUsers, numberOfUsersToEnable);

  return strapi.db.query('strapi::ee-store').update({
    where: { id: data.id },
    data: { value: JSON.stringify(remainingDisabledUsers) },
  });
};

const calculateAdminSeatDifference = async (seatsAllowedByLicense) => {
  const currentAdminSeats = await strapi.db.query('admin::user').count({
    where: {
      isActive: true,
    },
  });
  return currentAdminSeats - seatsAllowedByLicense;
};

const disableUsersAboveLicenseLimit = async (numberOfUsersToDisable) => {
  const users = await strapi.db.query('admin::user').findMany({
    where: { isActive: 'true' },
    orderBy: { createdAt: 'DESC' },
    populate: { roles: { select: ['id'] } },
  });

  const usersToDisable = _.take(users, numberOfUsersToDisable);

  usersToDisable.forEach(async (user) => {
    user.isActive = false;
    await strapi.db.query('admin::user').update({
      where: { id: user.id },
      data: {
        isActive: false,
      },
    });
  });

  const data = await strapi.db.query('strapi::ee-store').findOne({
    where: { key: 'ee_disabled_users' },
  });

  if (data) {
    return strapi.db.query('strapi::ee-store').update({
      where: { id: data.id },
      data: { value: JSON.stringify(usersToDisable) },
    });
  }

  return strapi.db.query('strapi::ee-store').create({
    data: {
      key: 'ee_disabled_users',
      value: JSON.stringify(usersToDisable),
    },
  });
};

const syncdDisabledUserRecords = async () => {
  const data = await strapi.db.query('strapi::ee-store').findOne({
    where: { key: 'ee_disabled_users' },
  });

  if (!data || !data.value || data.value.length === 0) return;

  const disabledUsers = JSON.parse(data.value);
  disabledUsers.forEach(async (user) => {
    const data = await strapi.db.query('admin::user').findOne({
      where: { id: user.id },
    });

    if (!data) return;

    return strapi.db.query('admin::user').update({
      where: { id: user.id },
      data: { isActive: user.isActive }, // TODO: should this value be hardcoded to 'false' or no?
    });
  });
};

module.exports = async () => {
  const { actionProvider } = getService('permission');

  if (features.isEnabled('sso')) {
    await actionProvider.registerMany(actions.sso);
  }

  if (features.isEnabled('audit-logs')) {
    await actionProvider.registerMany(actions.auditLogs);
  }

  // TODO: check admin seats
  await syncdDisabledUserRecords();

  const permittedAdminSeats = 5;

  const adminSeatDifference = await calculateAdminSeatDifference(permittedAdminSeats);

  switch (true) {
    case adminSeatDifference === 0:
      break;
    case adminSeatDifference > 0:
      await disableUsersAboveLicenseLimit(adminSeatDifference);
      break;
    case adminSeatDifference < 0:
      await enableUsersToLicenseLimit(Math.abs(adminSeatDifference));
      break;
    default:
      break;
  }
  await executeCEBootstrap();
};
Provider's connection implementation Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-12-21 17:11:48 +01:00			`'use strict';`

Implement ee bootstrap seat enforcement 2023-01-29 19:24:55 +02:00			`const _ = require('lodash');`
Apply some feedbacks 2021-02-02 12:27:24 +01:00			`// eslint-disable-next-line node/no-extraneous-require`
Rename import & requires, fix tests 2021-04-29 13:51:12 +02:00			`const { features } = require('@strapi/strapi/lib/utils/ee');`
Update createContentType to expose a simpler object 2021-08-23 22:25:31 +02:00			`const executeCEBootstrap = require('../../server/bootstrap');`
			`const { getService } = require('../../server/utils');`
Create a new admin-actions file for EE and add audit logs actions 2023-01-02 10:08:16 +01:00			`const actions = require('./config/admin-actions');`
Provider's connection implementation Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-12-21 17:11:48 +01:00
Implement ee bootstrap seat enforcement 2023-01-29 19:24:55 +02:00			`const enableUsersToLicenseLimit = async (numberOfUsersToEnable) => {`
			`const data = await strapi.db.query('strapi::ee-store').findOne({`
			`where: { key: 'ee_disabled_users' },`
			`});`

			`if (!data \|\| !data.value \|\| data.value.length === 0) return;`

			`const disabledUsers = JSON.parse(data.value);`

			`const usersToEnable = _.take(disabledUsers, numberOfUsersToEnable);`

			`usersToEnable.forEach(async (user) => {`
			`const data = await strapi.db.query('admin::user').findOne({`
			`where: { id: user.id },`
			`});`

			`if (!data) return;`

			`await strapi.db.query('admin::user').update({`
			`where: { id: user.id },`
			`data: { isActive: true },`
			`});`
			`});`

WIP 2023-02-03 10:20:55 +02:00			`const remainingDisabledUsers = _.drop(disabledUsers, numberOfUsersToEnable);`

			`return strapi.db.query('strapi::ee-store').update({`
			`where: { id: data.id },`
			`data: { value: JSON.stringify(remainingDisabledUsers) },`
			`});`
Implement ee bootstrap seat enforcement 2023-01-29 19:24:55 +02:00			`};`

			`const calculateAdminSeatDifference = async (seatsAllowedByLicense) => {`
			`const currentAdminSeats = await strapi.db.query('admin::user').count({`
			`where: {`
			`isActive: true,`
			`},`
			`});`
			`return currentAdminSeats - seatsAllowedByLicense;`
			`};`

			`const disableUsersAboveLicenseLimit = async (numberOfUsersToDisable) => {`
			`const users = await strapi.db.query('admin::user').findMany({`
			`where: { isActive: 'true' },`
			`orderBy: { createdAt: 'DESC' },`
			`populate: { roles: { select: ['id'] } },`
			`});`

			`const usersToDisable = _.take(users, numberOfUsersToDisable);`

			`usersToDisable.forEach(async (user) => {`
			`user.isActive = false;`
			`await strapi.db.query('admin::user').update({`
			`where: { id: user.id },`
			`data: {`
			`isActive: false,`
			`},`
			`});`
			`});`

			`const data = await strapi.db.query('strapi::ee-store').findOne({`
			`where: { key: 'ee_disabled_users' },`
			`});`

			`if (data) {`
			`return strapi.db.query('strapi::ee-store').update({`
			`where: { id: data.id },`
			`data: { value: JSON.stringify(usersToDisable) },`
			`});`
			`}`

			`return strapi.db.query('strapi::ee-store').create({`
			`data: {`
			`key: 'ee_disabled_users',`
			`value: JSON.stringify(usersToDisable),`
			`},`
			`});`
			`};`

			`const syncdDisabledUserRecords = async () => {`
			`const data = await strapi.db.query('strapi::ee-store').findOne({`
			`where: { key: 'ee_disabled_users' },`
			`});`

			`if (!data \|\| !data.value \|\| data.value.length === 0) return;`

			`const disabledUsers = JSON.parse(data.value);`
			`disabledUsers.forEach(async (user) => {`
			`const data = await strapi.db.query('admin::user').findOne({`
			`where: { id: user.id },`
			`});`

			`if (!data) return;`

WIP 2023-02-03 10:20:55 +02:00			`return strapi.db.query('admin::user').update({`
Implement ee bootstrap seat enforcement 2023-01-29 19:24:55 +02:00			`where: { id: user.id },`
WIP 2023-02-03 10:20:55 +02:00			`data: { isActive: user.isActive }, // TODO: should this value be hardcoded to 'false' or no?`
Implement ee bootstrap seat enforcement 2023-01-29 19:24:55 +02:00			`});`
			`});`
			`};`

Provider's connection implementation Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-12-21 17:11:48 +01:00			`module.exports = async () => {`
I18n/ permissions rework (#9535) * Add a domain layer for the permission, rework the engine handling of the permissions Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add permissions-fields-to-properties migration for the admin Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Removes useless console.log Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove debug logLevel from provider-login.test.e2e.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Adds the new layout for the GET permissions, allow to subscribe to actionRegistered events, adds i18n handlers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix typo Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update permissions validators Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update unit tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update integrations test + fix some validation issues Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Change plugins & settings section format for the permissions layout * only return locales property to localized subjects for the permission's layout * Do not send the locales property to the permission's layout when there is no locales created * Add the 'locales' property to publish & delete routes * Fix unwanted mutation of the sections builder states on multiple builds * Fix units tests with (new engine) * Fix admin-role e2e test - Add locales property to the update payload * fix e2e testsé * Update e2e snapshots * Fix unit test for i18n bootstrap * Add mocks for i18n/bootstrap test * Fix has-locale condition & updatePermission validator * Avoid mutation in migration, always authorize super admin for has-locales condition * Rework rbac domain objects, add a hook module and a provider factory * Remove old providers * Update the admin services & tests for the new rbac domain & providers * Fix tests, bootstrap functions & services following rbac domain rework * Update migration runner * PR comments Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove useless console.log * Fix sanitizeCondition bug * Section builder rework * Add test for the section-builder section & add jsdoc for the permission domain * pr comments (without the migrations) * fix fields-to-properties migration * Add jsdoc for the sections-builder * Moves createBoundAbstractDomain from permission domain to the engine service * Remove debug logLevel for admin role test (e2e) * Fix core-store * Fix hooks & move business logic from i18n bootstrap to dedicated services * add route get-non-localized-fields * use write and read permission * refacto * add input validator * add route doc * handle ST Co-authored-by: Pierre Noël <petersg83@gmail.com> Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com> 2021-03-25 14:59:44 +01:00			`const { actionProvider } = getService('permission');`

Authentication events, sso gold only 2021-01-27 11:52:02 +01:00			`if (features.isEnabled('sso')) {`
Create a new admin-actions file for EE and add audit logs actions 2023-01-02 10:08:16 +01:00			`await actionProvider.registerMany(actions.sso);`
			`}`

			`if (features.isEnabled('audit-logs')) {`
			`await actionProvider.registerMany(actions.auditLogs);`
Authentication events, sso gold only 2021-01-27 11:52:02 +01:00			`}`
Provider's connection implementation Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-12-21 17:11:48 +01:00
Runtime server feature flag 2022-11-24 19:08:45 +01:00			`// TODO: check admin seats`
Implement ee bootstrap seat enforcement 2023-01-29 19:24:55 +02:00			`await syncdDisabledUserRecords();`
Runtime server feature flag 2022-11-24 19:08:45 +01:00
WIP 2023-02-03 10:20:55 +02:00			`const permittedAdminSeats = 5;`
Implement ee bootstrap seat enforcement 2023-01-29 19:24:55 +02:00
			`const adminSeatDifference = await calculateAdminSeatDifference(permittedAdminSeats);`

			`switch (true) {`
			`case adminSeatDifference === 0:`
			`break;`
			`case adminSeatDifference > 0:`
			`await disableUsersAboveLicenseLimit(adminSeatDifference);`
			`break;`
			`case adminSeatDifference < 0:`
			`await enableUsersToLicenseLimit(Math.abs(adminSeatDifference));`
			`break;`
			`default:`
			`break;`
			`}`
Provider's connection implementation Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-12-21 17:11:48 +01:00			`await executeCEBootstrap();`
			`};`