strapi/packages/strapi-utils/lib/sanitize-entity.js

'use strict';

const _ = require('lodash');
const { constants } = require('./content-types');
const {
  ID_ATTRIBUTE,
  PUBLISHED_AT_ATTRIBUTE,
  CREATED_BY_ATTRIBUTE,
  UPDATED_BY_ATTRIBUTE,
} = constants;

const sanitizeEntity = (dataSource, options) => {
  const { model, withPrivate = false, isOutput = true, includeFields = null } = options;

  if (typeof dataSource !== 'object' || _.isNil(dataSource)) {
    return dataSource;
  }

  const data = parseOriginalData(dataSource);

  if (typeof data !== 'object' || _.isNil(data)) {
    return data;
  }

  if (_.isArray(data)) {
    return data.map(entity => sanitizeEntity(entity, options));
  }

  if (_.isNil(model)) {
    return null;
  }

  const { attributes } = model;
  const allowedFields = getAllowedFields({ includeFields, model, isOutput });

  const reducerFn = (acc, value, key) => {
    const attribute = attributes[key];
    const allowedFieldsHasKey = allowedFields.includes(key);

    if (shouldRemoveAttribute(model, key, attribute, { withPrivate, isOutput })) {
      return acc;
    }

    // Relations
    const relation = attribute && (attribute.model || attribute.collection || attribute.component);
    if (relation) {
      if (_.isNil(value)) {
        return { ...acc, [key]: value };
      }

      const [nextFields, isAllowed] = includeFields
        ? getNextFields(allowedFields, key, { allowedFieldsHasKey })
        : [null, true];

      if (!isAllowed) {
        return acc;
      }

      const nextOptions = {
        model: strapi.getModel(relation, attribute.plugin),
        withPrivate,
        isOutput,
        includeFields: nextFields,
      };

      const nextVal = Array.isArray(value)
        ? value.map(elem => sanitizeEntity(elem, nextOptions))
        : sanitizeEntity(value, nextOptions);

      return { ...acc, [key]: nextVal };
    }

    const isAllowedField = !includeFields || allowedFieldsHasKey;

    // Dynamic zones
    if (attribute && attribute.type === 'dynamiczone' && value !== null && isAllowedField) {
      const nextVal = value.map(elem =>
        sanitizeEntity(elem, {
          model: strapi.getModel(elem.__component),
          withPrivate,
          isOutput,
        })
      );
      return { ...acc, [key]: nextVal };
    }

    // Other fields
    if (isAllowedField) {
      return { ...acc, [key]: value };
    }

    return acc;
  };

  return _.reduce(data, reducerFn, {});
};

const parseOriginalData = data => (_.isFunction(data.toJSON) ? data.toJSON() : data);

const COMPONENT_FIELDS = ['__component'];
const STATIC_FIELDS = [ID_ATTRIBUTE, '__v'];

const getAllowedFields = ({ includeFields, model, isOutput }) => {
  const { options, primaryKey } = model;

  const timestamps = options.timestamps || [];

  return _.concat(
    includeFields || [],
    ...(isOutput
      ? [
          primaryKey,
          timestamps,
          STATIC_FIELDS,
          COMPONENT_FIELDS,
          CREATED_BY_ATTRIBUTE,
          UPDATED_BY_ATTRIBUTE,
          PUBLISHED_AT_ATTRIBUTE,
        ]
      : [primaryKey, STATIC_FIELDS, COMPONENT_FIELDS])
  );
};

const getNextFields = (fields, key, { allowedFieldsHasKey }) => {
  const searchStr = `${key}.`;

  const transformedFields = (fields || [])
    .filter(field => field.startsWith(searchStr))
    .map(field => field.replace(searchStr, ''));

  const isAllowed = allowedFieldsHasKey || transformedFields.length > 0;
  const nextFields = allowedFieldsHasKey ? null : transformedFields;

  return [nextFields, isAllowed];
};

const getPrivateAttributes = model => {
  const allPrivatesAttributes = _.union(
    strapi.config.get('api.responses.privateAttributes', []),
    _.get(model, 'options.privateAttributes', [])
  );

  return allPrivatesAttributes;
};

const shouldRemoveAttribute = (model, key, attribute = {}, { withPrivate, isOutput }) => {
  const privateAttributes = getPrivateAttributes(model);

  const isPassword = attribute.type === 'password';
  const isPrivate = attribute.private === true || privateAttributes.includes(key);

  const shouldRemovePassword = isOutput;
  const shouldRemovePrivate = !withPrivate && isOutput;

  return !!((isPassword && shouldRemovePassword) || (isPrivate && shouldRemovePrivate));
};

module.exports = {
  sanitizeEntity,
  getPrivateAttributes,
};
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`'use strict';`

Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const _ = require('lodash');`
add published_at (#7374) * add published_at Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-08-18 17:09:21 +02:00			`const { constants } = require('./content-types');`
			`const {`
			`ID_ATTRIBUTE,`
			`PUBLISHED_AT_ATTRIBUTE,`
			`CREATED_BY_ATTRIBUTE,`
			`UPDATED_BY_ATTRIBUTE,`
			`} = constants;`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const sanitizeEntity = (dataSource, options) => {`
			`const { model, withPrivate = false, isOutput = true, includeFields = null } = options;`
Support toJSON in sanitizeEntity 2019-09-20 09:56:00 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`if (typeof dataSource !== 'object' \|\| _.isNil(dataSource)) {`
			`return dataSource;`
			`}`
Fix sanitize bug with mongo objectid and use lower-case for getModel 2019-10-04 11:38:54 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const data = parseOriginalData(dataSource);`

Add utils::sanitize-entity tests (#7497) * Add utils::sanitize-entity tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-18 16:26:24 +02:00			`if (typeof data !== 'object' \|\| _.isNil(data)) {`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`return data;`
			`}`

Add utils::sanitize-entity tests (#7497) * Add utils::sanitize-entity tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-18 16:26:24 +02:00			`if (_.isArray(data)) {`
			`return data.map(entity => sanitizeEntity(entity, options));`
			`}`

Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`if (_.isNil(model)) {`
			`return null;`
			`}`

			`const { attributes } = model;`
			`const allowedFields = getAllowedFields({ includeFields, model, isOutput });`

			`const reducerFn = (acc, value, key) => {`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`const attribute = attributes[key];`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const allowedFieldsHasKey = allowedFields.includes(key);`

Add privateAttributes to global and per model response (#7331) * Added privateAttributes globally and per model Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added tests for sanitizeEntity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed broken test Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added privateAttributes to GraphQL responses Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added docs for privateAttributes Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored and fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Merged tests and fixed broken tests from merge Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Updated documentation for new option Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored GraphQL implementation Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed tests for sanitize-entity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed code and tests for ignorePrivateFor Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Exported getPrivateAttributes for GraphQL plugin Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed ignorePrivateFor from docs Signed-off-by: Diego Albitres <diego.albitres@gmail.com> 2020-09-24 02:40:10 -05:00			`if (shouldRemoveAttribute(model, key, attribute, { withPrivate, isOutput })) {`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`return acc;`
			`}`

Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`// Relations`
			`const relation = attribute && (attribute.model \|\| attribute.collection \|\| attribute.component);`
Fix e2e tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-08 13:53:56 +02:00			`if (relation) {`
			`if (_.isNil(value)) {`
			`return { ...acc, [key]: value };`
			`}`

Fix sanitizeEntity Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-02 19:26:36 +02:00			`const [nextFields, isAllowed] = includeFields`
			`? getNextFields(allowedFields, key, { allowedFieldsHasKey })`
			`: [null, true];`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`if (!isAllowed) {`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`return acc;`
			`}`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00
			`const nextOptions = {`
			`model: strapi.getModel(relation, attribute.plugin),`
			`withPrivate,`
			`isOutput,`
			`includeFields: nextFields,`
			`};`

			`const nextVal = Array.isArray(value)`
			`? value.map(elem => sanitizeEntity(elem, nextOptions))`
			`: sanitizeEntity(value, nextOptions);`

			`return { ...acc, [key]: nextVal };`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`}`

Fix sanitizeEntity's includeFields usage for dynamic zones Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-06 11:19:58 +02:00			`const isAllowedField = !includeFields \|\| allowedFieldsHasKey;`

Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`// Dynamic zones`
Fix sanitizeEntity's includeFields usage for dynamic zones Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-06 11:19:58 +02:00			`if (attribute && attribute.type === 'dynamiczone' && value !== null && isAllowedField) {`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const nextVal = value.map(elem =>`
			`sanitizeEntity(elem, {`
			`model: strapi.getModel(elem.__component),`
			`withPrivate,`
			`isOutput,`
			`})`
			`);`
			`return { ...acc, [key]: nextVal };`
			`}`
Fix sanitizeEntity's includeFields usage for dynamic zones Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-06 11:19:58 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`// Other fields`
			`if (isAllowedField) {`
			`return { ...acc, [key]: value };`
Better permissions-manager.sanitize behavior Forbid empty arrays as fields for permissions (on ability creation) Differentiate input from output sanitizing Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 13:03:30 +02:00			`}`

Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`return acc;`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`};`

			`return _.reduce(data, reducerFn, {});`
			`};`

			`const parseOriginalData = data => (_.isFunction(data.toJSON) ? data.toJSON() : data);`

Fix mongo issues Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-08 16:07:11 +02:00			`const COMPONENT_FIELDS = ['__component'];`
add published_at (#7374) * add published_at Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-08-18 17:09:21 +02:00			`const STATIC_FIELDS = [ID_ATTRIBUTE, '__v'];`
Fix mongo issues Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-08 16:07:11 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const getAllowedFields = ({ includeFields, model, isOutput }) => {`
			`const { options, primaryKey } = model;`

			`const timestamps = options.timestamps \|\| [];`

			`return _.concat(`
			`includeFields \|\| [],`
			`...(isOutput`
add published_at (#7374) * add published_at Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-08-18 17:09:21 +02:00			`? [`
			`primaryKey,`
			`timestamps,`
			`STATIC_FIELDS,`
			`COMPONENT_FIELDS,`
			`CREATED_BY_ATTRIBUTE,`
			`UPDATED_BY_ATTRIBUTE,`
			`PUBLISHED_AT_ATTRIBUTE,`
			`]`
Fix mongo issues Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-08 16:07:11 +02:00			`: [primaryKey, STATIC_FIELDS, COMPONENT_FIELDS])`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`);`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`};`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00
			`const getNextFields = (fields, key, { allowedFieldsHasKey }) => {`
			const searchStr = `${key}.`;

			`const transformedFields = (fields \|\| [])`
			`.filter(field => field.startsWith(searchStr))`
			`.map(field => field.replace(searchStr, ''));`

			`const isAllowed = allowedFieldsHasKey \|\| transformedFields.length > 0;`
			`const nextFields = allowedFieldsHasKey ? null : transformedFields;`

			`return [nextFields, isAllowed];`
			`};`

Add privateAttributes to global and per model response (#7331) * Added privateAttributes globally and per model Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added tests for sanitizeEntity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed broken test Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added privateAttributes to GraphQL responses Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added docs for privateAttributes Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored and fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Merged tests and fixed broken tests from merge Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Updated documentation for new option Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored GraphQL implementation Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed tests for sanitize-entity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed code and tests for ignorePrivateFor Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Exported getPrivateAttributes for GraphQL plugin Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed ignorePrivateFor from docs Signed-off-by: Diego Albitres <diego.albitres@gmail.com> 2020-09-24 02:40:10 -05:00			`const getPrivateAttributes = model => {`
			`const allPrivatesAttributes = _.union(`
			`strapi.config.get('api.responses.privateAttributes', []),`
			`_.get(model, 'options.privateAttributes', [])`
			`);`

			`return allPrivatesAttributes;`
			`};`

			`const shouldRemoveAttribute = (model, key, attribute = {}, { withPrivate, isOutput }) => {`
			`const privateAttributes = getPrivateAttributes(model);`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00
			`const isPassword = attribute.type === 'password';`
Add privateAttributes to global and per model response (#7331) * Added privateAttributes globally and per model Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added tests for sanitizeEntity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed broken test Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added privateAttributes to GraphQL responses Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added docs for privateAttributes Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored and fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Merged tests and fixed broken tests from merge Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Updated documentation for new option Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored GraphQL implementation Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed tests for sanitize-entity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed code and tests for ignorePrivateFor Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Exported getPrivateAttributes for GraphQL plugin Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed ignorePrivateFor from docs Signed-off-by: Diego Albitres <diego.albitres@gmail.com> 2020-09-24 02:40:10 -05:00			`const isPrivate = attribute.private === true \|\| privateAttributes.includes(key);`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00
			`const shouldRemovePassword = isOutput;`
			`const shouldRemovePrivate = !withPrivate && isOutput;`

			`return !!((isPassword && shouldRemovePassword) \|\| (isPrivate && shouldRemovePrivate));`
			`};`

Add privateAttributes to global and per model response (#7331) * Added privateAttributes globally and per model Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added tests for sanitizeEntity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed broken test Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added privateAttributes to GraphQL responses Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added docs for privateAttributes Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored and fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Merged tests and fixed broken tests from merge Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Updated documentation for new option Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored GraphQL implementation Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed tests for sanitize-entity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed code and tests for ignorePrivateFor Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Exported getPrivateAttributes for GraphQL plugin Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed ignorePrivateFor from docs Signed-off-by: Diego Albitres <diego.albitres@gmail.com> 2020-09-24 02:40:10 -05:00			`module.exports = {`
			`sanitizeEntity,`
			`getPrivateAttributes,`
			`};`