strapi/packages/strapi-utils/lib/sanitize-entity.js

'use strict';

const _ = require('lodash');
const { constants, isPrivateAttribute } = require('./content-types');

const {
  ID_ATTRIBUTE,
  PUBLISHED_AT_ATTRIBUTE,
  CREATED_BY_ATTRIBUTE,
  UPDATED_BY_ATTRIBUTE,
} = constants;

const sanitizeEntity = (dataSource, options) => {
  const { model, withPrivate = false, isOutput = true, includeFields = null } = options;

  if (typeof dataSource !== 'object' || _.isNil(dataSource)) {
    return dataSource;
  }

  const data = parseOriginalData(dataSource);

  if (typeof data !== 'object' || _.isNil(data)) {
    return data;
  }

  if (_.isArray(data)) {
    return data.map(entity => sanitizeEntity(entity, options));
  }

  if (_.isNil(model)) {
    return data;
  }

  const { attributes } = model;
  const allowedFields = getAllowedFields({ includeFields, model, isOutput });

  const reducerFn = (acc, value, key) => {
    const attribute = attributes[key];
    const allowedFieldsHasKey = allowedFields.includes(key);

    if (shouldRemoveAttribute(model, key, attribute, { withPrivate, isOutput })) {
      return acc;
    }

    // Relations
    const relation = attribute && (attribute.model || attribute.collection || attribute.component);
    if (relation) {
      if (_.isNil(value)) {
        return { ...acc, [key]: value };
      }

      const [nextFields, isAllowed] = includeFields
        ? getNextFields(allowedFields, key, { allowedFieldsHasKey })
        : [null, true];

      if (!isAllowed) {
        return acc;
      }

      const nextOptions = {
        model: strapi.getModel(relation, attribute.plugin),
        withPrivate,
        isOutput,
        includeFields: nextFields,
      };

      const nextVal = Array.isArray(value)
        ? value.map(elem => sanitizeEntity(elem, nextOptions))
        : sanitizeEntity(value, nextOptions);

      return { ...acc, [key]: nextVal };
    }

    const isAllowedField = !includeFields || allowedFieldsHasKey;

    // Dynamic zones
    if (attribute && attribute.type === 'dynamiczone' && value !== null && isAllowedField) {
      const nextVal = value.map(elem =>
        sanitizeEntity(elem, {
          model: strapi.getModel(elem.__component),
          withPrivate,
          isOutput,
        })
      );
      return { ...acc, [key]: nextVal };
    }

    // Other fields
    if (isAllowedField) {
      return { ...acc, [key]: value };
    }

    return acc;
  };

  return _.reduce(data, reducerFn, {});
};

const parseOriginalData = data => (_.isFunction(data.toJSON) ? data.toJSON() : data);

const COMPONENT_FIELDS = ['__component'];
const STATIC_FIELDS = [ID_ATTRIBUTE, '__v'];

const getAllowedFields = ({ includeFields, model, isOutput }) => {
  const { options, primaryKey } = model;

  const timestamps = options.timestamps || [];

  return _.concat(
    includeFields || [],
    ...(isOutput
      ? [
          primaryKey,
          timestamps,
          STATIC_FIELDS,
          COMPONENT_FIELDS,
          CREATED_BY_ATTRIBUTE,
          UPDATED_BY_ATTRIBUTE,
          PUBLISHED_AT_ATTRIBUTE,
        ]
      : [primaryKey, STATIC_FIELDS, COMPONENT_FIELDS])
  );
};

const getNextFields = (fields, key, { allowedFieldsHasKey }) => {
  const searchStr = `${key}.`;

  const transformedFields = (fields || [])
    .filter(field => field.startsWith(searchStr))
    .map(field => field.replace(searchStr, ''));

  const isAllowed = allowedFieldsHasKey || transformedFields.length > 0;
  const nextFields = allowedFieldsHasKey ? null : transformedFields;

  return [nextFields, isAllowed];
};

const shouldRemoveAttribute = (model, key, attribute = {}, { withPrivate, isOutput }) => {
  const isPassword = attribute.type === 'password';
  const isPrivate = isPrivateAttribute(model, key);

  const shouldRemovePassword = isOutput;
  const shouldRemovePrivate = !withPrivate && isOutput;

  return !!((isPassword && shouldRemovePassword) || (isPrivate && shouldRemovePrivate));
};

module.exports = sanitizeEntity;
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`'use strict';`

Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const _ = require('lodash');`
Merge branch 'master' into releases/3.2 Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-05 12:00:03 +02:00			`const { constants, isPrivateAttribute } = require('./content-types');`
Make lint stricter and fix the errors Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-27 11:27:17 +01:00
add published_at (#7374) * add published_at Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-08-18 17:09:21 +02:00			`const {`
			`ID_ATTRIBUTE,`
			`PUBLISHED_AT_ATTRIBUTE,`
			`CREATED_BY_ATTRIBUTE,`
			`UPDATED_BY_ATTRIBUTE,`
			`} = constants;`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const sanitizeEntity = (dataSource, options) => {`
			`const { model, withPrivate = false, isOutput = true, includeFields = null } = options;`
Support toJSON in sanitizeEntity 2019-09-20 09:56:00 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`if (typeof dataSource !== 'object' \|\| _.isNil(dataSource)) {`
			`return dataSource;`
			`}`
Fix sanitize bug with mongo objectid and use lower-case for getModel 2019-10-04 11:38:54 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const data = parseOriginalData(dataSource);`

Add utils::sanitize-entity tests (#7497) * Add utils::sanitize-entity tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-18 16:26:24 +02:00			`if (typeof data !== 'object' \|\| _.isNil(data)) {`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`return data;`
			`}`

Add utils::sanitize-entity tests (#7497) * Add utils::sanitize-entity tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-18 16:26:24 +02:00			`if (_.isArray(data)) {`
			`return data.map(entity => sanitizeEntity(entity, options));`
			`}`

Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`if (_.isNil(model)) {`
Update tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-11-02 12:40:35 +01:00			`return data;`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`}`

			`const { attributes } = model;`
			`const allowedFields = getAllowedFields({ includeFields, model, isOutput });`

			`const reducerFn = (acc, value, key) => {`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`const attribute = attributes[key];`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const allowedFieldsHasKey = allowedFields.includes(key);`

Add privateAttributes to global and per model response (#7331) * Added privateAttributes globally and per model Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added tests for sanitizeEntity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed broken test Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added privateAttributes to GraphQL responses Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added docs for privateAttributes Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored and fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Merged tests and fixed broken tests from merge Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Updated documentation for new option Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored GraphQL implementation Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed tests for sanitize-entity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed code and tests for ignorePrivateFor Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Exported getPrivateAttributes for GraphQL plugin Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed ignorePrivateFor from docs Signed-off-by: Diego Albitres <diego.albitres@gmail.com> 2020-09-24 02:40:10 -05:00			`if (shouldRemoveAttribute(model, key, attribute, { withPrivate, isOutput })) {`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`return acc;`
			`}`

Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`// Relations`
			`const relation = attribute && (attribute.model \|\| attribute.collection \|\| attribute.component);`
Fix e2e tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-08 13:53:56 +02:00			`if (relation) {`
			`if (_.isNil(value)) {`
			`return { ...acc, [key]: value };`
			`}`

Fix sanitizeEntity Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-02 19:26:36 +02:00			`const [nextFields, isAllowed] = includeFields`
			`? getNextFields(allowedFields, key, { allowedFieldsHasKey })`
			`: [null, true];`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`if (!isAllowed) {`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`return acc;`
			`}`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00
			`const nextOptions = {`
			`model: strapi.getModel(relation, attribute.plugin),`
			`withPrivate,`
			`isOutput,`
			`includeFields: nextFields,`
			`};`

			`const nextVal = Array.isArray(value)`
			`? value.map(elem => sanitizeEntity(elem, nextOptions))`
			`: sanitizeEntity(value, nextOptions);`

			`return { ...acc, [key]: nextVal };`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`}`

Fix sanitizeEntity's includeFields usage for dynamic zones Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-06 11:19:58 +02:00			`const isAllowedField = !includeFields \|\| allowedFieldsHasKey;`

Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`// Dynamic zones`
Fix sanitizeEntity's includeFields usage for dynamic zones Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-06 11:19:58 +02:00			`if (attribute && attribute.type === 'dynamiczone' && value !== null && isAllowedField) {`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const nextVal = value.map(elem =>`
			`sanitizeEntity(elem, {`
			`model: strapi.getModel(elem.__component),`
			`withPrivate,`
			`isOutput,`
			`})`
			`);`
			`return { ...acc, [key]: nextVal };`
			`}`
Fix sanitizeEntity's includeFields usage for dynamic zones Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-08-06 11:19:58 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`// Other fields`
			`if (isAllowedField) {`
			`return { ...acc, [key]: value };`
Better permissions-manager.sanitize behavior Forbid empty arrays as fields for permissions (on ability creation) Differentiate input from output sanitizing Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 13:03:30 +02:00			`}`

Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`return acc;`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`};`

			`return _.reduce(data, reducerFn, {});`
			`};`

			`const parseOriginalData = data => (_.isFunction(data.toJSON) ? data.toJSON() : data);`

Fix mongo issues Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-08 16:07:11 +02:00			`const COMPONENT_FIELDS = ['__component'];`
add published_at (#7374) * add published_at Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-08-18 17:09:21 +02:00			`const STATIC_FIELDS = [ID_ATTRIBUTE, '__v'];`
Fix mongo issues Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-08 16:07:11 +02:00
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const getAllowedFields = ({ includeFields, model, isOutput }) => {`
			`const { options, primaryKey } = model;`

			`const timestamps = options.timestamps \|\| [];`

			`return _.concat(`
			`includeFields \|\| [],`
			`...(isOutput`
add published_at (#7374) * add published_at Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-08-18 17:09:21 +02:00			`? [`
			`primaryKey,`
			`timestamps,`
			`STATIC_FIELDS,`
			`COMPONENT_FIELDS,`
			`CREATED_BY_ATTRIBUTE,`
			`UPDATED_BY_ATTRIBUTE,`
			`PUBLISHED_AT_ATTRIBUTE,`
			`]`
Fix mongo issues Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-08 16:07:11 +02:00			`: [primaryKey, STATIC_FIELDS, COMPONENT_FIELDS])`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`);`
Remove x-forwarded-host. - set security defaults for development mode that are standard - refactor error messages to work without ctx.request.admin - remove mask middleware and add a sanitization layer to the core-api to hide private fileds 2019-08-21 12:10:23 +02:00			`};`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00
			`const getNextFields = (fields, key, { allowedFieldsHasKey }) => {`
			const searchStr = `${key}.`;

			`const transformedFields = (fields \|\| [])`
			`.filter(field => field.startsWith(searchStr))`
			`.map(field => field.replace(searchStr, ''));`

			`const isAllowed = allowedFieldsHasKey \|\| transformedFields.length > 0;`
			`const nextFields = allowedFieldsHasKey ? null : transformedFields;`

			`return [nextFields, isAllowed];`
			`};`

Add privateAttributes to global and per model response (#7331) * Added privateAttributes globally and per model Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added tests for sanitizeEntity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed broken test Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added privateAttributes to GraphQL responses Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Added docs for privateAttributes Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored and fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Merged tests and fixed broken tests from merge Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Updated documentation for new option Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Refactored GraphQL implementation Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed PR comments Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Fixed tests for sanitize-entity Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed code and tests for ignorePrivateFor Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Exported getPrivateAttributes for GraphQL plugin Signed-off-by: Diego Albitres <diego.albitres@gmail.com> * Removed ignorePrivateFor from docs Signed-off-by: Diego Albitres <diego.albitres@gmail.com> 2020-09-24 02:40:10 -05:00			`const shouldRemoveAttribute = (model, key, attribute = {}, { withPrivate, isOutput }) => {`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00			`const isPassword = attribute.type === 'password';`
Hide creator fields from public api by default (#8052) * Add model option to hide/show creators fields in public API response Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add content-types util, rework sanitize-entity's private handling Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update search e2e tests, fix an issue on empty search for the core-api controller (find) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix GraphQL plugin (handle privates attributes on typeDefs + resolver builds) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix sanitizeEntity import Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Move doc update from beta to stable Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix e2e test Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix pr comments Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove creator's field from upload controller routes Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix typedef build for graphql association Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix pr (comments + several issues) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add tests for search behavior in content-manager Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Rename files variables to meaningful names (upload controllers) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix test with search id matching serialNumber Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * Add toHasBeenCalledWith check for config.get (utils/content-types.test.js) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> Co-authored-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-01 17:47:08 +02:00			`const isPrivate = isPrivateAttribute(model, key);`
Add new sanitize-entity.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-07-01 18:08:21 +02:00
			`const shouldRemovePassword = isOutput;`
			`const shouldRemovePrivate = !withPrivate && isOutput;`

			`return !!((isPassword && shouldRemovePassword) \|\| (isPrivate && shouldRemovePrivate));`
			`};`

Hide creator fields from public api by default (#8052) * Add model option to hide/show creators fields in public API response Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add content-types util, rework sanitize-entity's private handling Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update search e2e tests, fix an issue on empty search for the core-api controller (find) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix GraphQL plugin (handle privates attributes on typeDefs + resolver builds) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix sanitizeEntity import Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Move doc update from beta to stable Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix e2e test Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix pr comments Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove creator's field from upload controller routes Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix typedef build for graphql association Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix pr (comments + several issues) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add tests for search behavior in content-manager Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Rename files variables to meaningful names (upload controllers) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix test with search id matching serialNumber Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * Add toHasBeenCalledWith check for config.get (utils/content-types.test.js) Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> Co-authored-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-10-01 17:47:08 +02:00			`module.exports = sanitizeEntity;`