strapi/packages/strapi-utils/lib/policy.js

/**
 * Policies util
 */
'use strict';

const _ = require('lodash');

const get = (policy, plugin, apiName) => {
  if (globalPolicyExists(policy)) {
    return parsePolicy(getGlobalPolicy(policy));
  }

  if (pluginPolicyExists(policy)) {
    return parsePolicy(getPluginPolicy(policy));
  }

  if (adminPolicyExists(policy)) {
    return parsePolicy(getAdminPolicy(policy));
  }

  if (APIPolicyExists(policy)) {
    return parsePolicy(getAPIPolicy(policy));
  }

  let [absoluteApiName, policyName] = policy.split('.');
  let absoluteApi = _.get(strapi.api, absoluteApiName);
  if (policyExistsIn(absoluteApi, policyName)) {
    return parsePolicy(getPolicyIn(absoluteApi, policyName));
  }

  const pluginPolicy = `${PLUGIN_PREFIX}${plugin}.${policy}`;

  if (plugin && pluginPolicyExists(pluginPolicy)) {
    return parsePolicy(getPluginPolicy(pluginPolicy));
  }

  const api = _.get(strapi.api, apiName);
  if (api && policyExistsIn(api, policy)) {
    return parsePolicy(getPolicyIn(api, policy));
  }

  throw new Error(`Could not find policy "${policy}"`);
};

const globalPolicy = ({ method, endpoint, controller, action, plugin }) => {
  return async (ctx, next) => {
    ctx.request.route = {
      endpoint: `${method} ${endpoint}`,
      controller: _.toLower(controller),
      action: _.toLower(action),
      splittedEndpoint: endpoint,
      verb: _.toLower(method),
      plugin,
    };

    await next();
  };
};

const parsePolicy = policy => {
  if (_.isFunction(policy)) {
    return policy;
  }

  return policy.handler;
};

const GLOBAL_PREFIX = 'global::';
const PLUGIN_PREFIX = 'plugins::';
const ADMIN_PREFIX = 'admin::';
const APPLICATION_PREFIX = 'application::';

const getPolicyIn = (container, policy) => {
  return _.get(container, ['config', 'policies', _.toLower(policy)]);
};

const policyExistsIn = (container, policy) => {
  return !_.isUndefined(getPolicyIn(container, policy));
};

const isGlobal = policy => _.startsWith(policy, GLOBAL_PREFIX);

const getGlobalPolicy = policy => {
  const strippedPolicy = policy.replace(GLOBAL_PREFIX, '');
  return getPolicyIn(strapi, strippedPolicy);
};

const globalPolicyExists = policy => {
  return isGlobal(policy) && !_.isUndefined(getGlobalPolicy(policy));
};

const getPluginPolicy = policy => {
  const strippedPolicy = policy.replace(PLUGIN_PREFIX, '');
  const [plugin = '', policyName = ''] = strippedPolicy.split('.');
  return getPolicyIn(_.get(strapi, ['plugins', plugin]), policyName);
};

const pluginPolicyExists = policy =>
  isPluginPolicy(policy) && !_.isUndefined(getPluginPolicy(policy));

const isPluginPolicy = policy => _.startsWith(policy, PLUGIN_PREFIX);

const getAdminPolicy = policy => {
  const strippedPolicy = policy.replace(ADMIN_PREFIX, '');
  return getPolicyIn(_.get(strapi, 'admin'), strippedPolicy);
};

const isAdminPolicy = policy => _.startsWith(policy, ADMIN_PREFIX);

const adminPolicyExists = policy => isAdminPolicy(policy) && !_.isUndefined(getAdminPolicy(policy));

const getAPIPolicy = policy => {
  const [, policyWithoutPrefix] = policy.split('::');
  const [api = '', policyName = ''] = policyWithoutPrefix.split('.');
  return getPolicyIn(_.get(strapi, ['api', api]), policyName);
};

const APIPolicyExists = policy => {
  return isAPIPolicy(policy) && !_.isUndefined(getAPIPolicy(policy));
};

const isAPIPolicy = policy => _.startsWith(policy, APPLICATION_PREFIX);

module.exports = {
  get,
  globalPolicy,
};
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00			`/**`
			`* Policies util`
			`*/`
			`'use strict';`

Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`const _ = require('lodash');`
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00
			`const get = (policy, plugin, apiName) => {`
			`if (globalPolicyExists(policy)) {`
			`return parsePolicy(getGlobalPolicy(policy));`
			`}`

			`if (pluginPolicyExists(policy)) {`
			`return parsePolicy(getPluginPolicy(policy));`
			`}`

Add check many permissions route/controller / Add userAbility to the context's state / Add isAuthenticatedAdmin.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-06-10 18:04:47 +02:00			`if (adminPolicyExists(policy)) {`
			`return parsePolicy(getAdminPolicy(policy));`
			`}`

Add graphql tests for single-types Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-29 15:30:53 +01:00			`if (APIPolicyExists(policy)) {`
			`return parsePolicy(getAPIPolicy(policy));`
			`}`

			`let [absoluteApiName, policyName] = policy.split('.');`
			`let absoluteApi = _.get(strapi.api, absoluteApiName);`
			`if (policyExistsIn(absoluteApi, policyName)) {`
			`return parsePolicy(getPolicyIn(absoluteApi, policyName));`
			`}`

Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00			const pluginPolicy = `${PLUGIN_PREFIX}${plugin}.${policy}`;

Add graphql tests for single-types Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-29 15:30:53 +01:00			`if (plugin && pluginPolicyExists(pluginPolicy)) {`
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00			`return parsePolicy(getPluginPolicy(pluginPolicy));`
			`}`

			`const api = _.get(strapi.api, apiName);`
Add graphql tests for single-types Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-29 15:30:53 +01:00			`if (api && policyExistsIn(api, policy)) {`
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00			`return parsePolicy(getPolicyIn(api, policy));`
			`}`

			throw new Error(`Could not find policy "${policy}"`);
			`};`

			`const globalPolicy = ({ method, endpoint, controller, action, plugin }) => {`
			`return async (ctx, next) => {`
			`ctx.request.route = {`
			endpoint: `${method} ${endpoint}`,
			`controller: _.toLower(controller),`
			`action: _.toLower(action),`
			`splittedEndpoint: endpoint,`
			`verb: _.toLower(method),`
			`plugin,`
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`};`
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00
			`await next();`
			`};`
			`};`

			`const parsePolicy = policy => {`
			`if (_.isFunction(policy)) {`
			`return policy;`
			`}`

			`return policy.handler;`
			`};`

User :: in policies prefix and update documentation accordingly Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-02-10 12:50:11 +01:00			`const GLOBAL_PREFIX = 'global::';`
			`const PLUGIN_PREFIX = 'plugins::';`
Add check many permissions route/controller / Add userAbility to the context's state / Add isAuthenticatedAdmin.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-06-10 18:04:47 +02:00			`const ADMIN_PREFIX = 'admin::';`
Add graphql tests for single-types Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-29 15:30:53 +01:00			`const APPLICATION_PREFIX = 'application::';`
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00
			`const getPolicyIn = (container, policy) => {`
Add graphql tests for single-types Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-29 15:30:53 +01:00			`return _.get(container, ['config', 'policies', _.toLower(policy)]);`
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00			`};`

			`const policyExistsIn = (container, policy) => {`
			`return !_.isUndefined(getPolicyIn(container, policy));`
			`};`

			`const isGlobal = policy => _.startsWith(policy, GLOBAL_PREFIX);`

			`const getGlobalPolicy = policy => {`
			`const strippedPolicy = policy.replace(GLOBAL_PREFIX, '');`
			`return getPolicyIn(strapi, strippedPolicy);`
			`};`

			`const globalPolicyExists = policy => {`
			`return isGlobal(policy) && !_.isUndefined(getGlobalPolicy(policy));`
			`};`

			`const getPluginPolicy = policy => {`
User :: in policies prefix and update documentation accordingly Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-02-10 12:50:11 +01:00			`const strippedPolicy = policy.replace(PLUGIN_PREFIX, '');`
			`const [plugin = '', policyName = ''] = strippedPolicy.split('.');`
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00			`return getPolicyIn(_.get(strapi, ['plugins', plugin]), policyName);`
			`};`

Add check many permissions route/controller / Add userAbility to the context's state / Add isAuthenticatedAdmin.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-06-10 18:04:47 +02:00			`const pluginPolicyExists = policy =>`
			`isPluginPolicy(policy) && !_.isUndefined(getPluginPolicy(policy));`
Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00
			`const isPluginPolicy = policy => _.startsWith(policy, PLUGIN_PREFIX);`

Add check many permissions route/controller / Add userAbility to the context's state / Add isAuthenticatedAdmin.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-06-10 18:04:47 +02:00			`const getAdminPolicy = policy => {`
			`const strippedPolicy = policy.replace(ADMIN_PREFIX, '');`
			`return getPolicyIn(_.get(strapi, 'admin'), strippedPolicy);`
			`};`

			`const isAdminPolicy = policy => _.startsWith(policy, ADMIN_PREFIX);`

			`const adminPolicyExists = policy => isAdminPolicy(policy) && !_.isUndefined(getAdminPolicy(policy));`

Add graphql tests for single-types Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-29 15:30:53 +01:00			`const getAPIPolicy = policy => {`
			`const [, policyWithoutPrefix] = policy.split('::');`
			`const [api = '', policyName = ''] = policyWithoutPrefix.split('.');`
			`return getPolicyIn(_.get(strapi, ['api', api]), policyName);`
			`};`

			`const APIPolicyExists = policy => {`
			`return isAPIPolicy(policy) && !_.isUndefined(getAPIPolicy(policy));`
			`};`

			`const isAPIPolicy = policy => _.startsWith(policy, APPLICATION_PREFIX);`

Refactor policy util and error handling Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-23 16:59:50 +01:00			`module.exports = {`
			`get,`
			`globalPolicy,`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`};`