2020-06-09 11:48:49 +02:00
|
|
|
'use strict';
|
|
|
|
|
|
2022-08-29 17:32:41 +02:00
|
|
|
const { merge, map, difference, uniq } = require('lodash/fp');
|
|
|
|
|
const { pipeAsync } = require('@strapi/utils');
|
2021-08-23 22:04:15 +02:00
|
|
|
const { getService } = require('./utils');
|
|
|
|
|
const adminActions = require('./config/admin-actions');
|
|
|
|
|
const adminConditions = require('./config/admin-conditions');
|
2020-06-02 17:59:57 +02:00
|
|
|
|
2020-12-21 17:11:48 +01:00
|
|
|
const defaultAdminAuthSettings = {
|
|
|
|
|
providers: {
|
|
|
|
|
autoRegister: false,
|
|
|
|
|
defaultRole: null,
|
2023-05-23 09:19:07 +02:00
|
|
|
ssoLockedRoles: null,
|
2020-12-21 17:11:48 +01:00
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
|
2022-03-25 09:02:19 +01:00
|
|
|
const registerPermissionActions = async () => {
|
|
|
|
|
await getService('permission').actionProvider.registerMany(adminActions.actions);
|
2020-06-02 17:59:57 +02:00
|
|
|
};
|
2020-06-08 15:13:26 +02:00
|
|
|
|
2022-03-25 09:02:19 +01:00
|
|
|
const registerAdminConditions = async () => {
|
|
|
|
|
await getService('permission').conditionProvider.registerMany(adminConditions.conditions);
|
2020-06-16 13:51:34 +02:00
|
|
|
};
|
|
|
|
|
|
2022-01-17 17:45:26 +01:00
|
|
|
const registerModelHooks = () => {
|
|
|
|
|
const { sendDidChangeInterfaceLanguage } = getService('metrics');
|
|
|
|
|
|
|
|
|
|
strapi.db.lifecycles.subscribe({
|
|
|
|
|
models: ['admin::user'],
|
|
|
|
|
afterCreate: sendDidChangeInterfaceLanguage,
|
|
|
|
|
afterDelete: sendDidChangeInterfaceLanguage,
|
|
|
|
|
afterUpdate({ params }) {
|
|
|
|
|
if (params.data.preferedLanguage) {
|
|
|
|
|
sendDidChangeInterfaceLanguage();
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
2020-12-21 17:11:48 +01:00
|
|
|
const syncAuthSettings = async () => {
|
2021-09-13 12:03:12 +02:00
|
|
|
const adminStore = await strapi.store({ type: 'core', name: 'admin' });
|
2020-12-21 17:11:48 +01:00
|
|
|
const adminAuthSettings = await adminStore.get({ key: 'auth' });
|
|
|
|
|
const newAuthSettings = merge(defaultAdminAuthSettings, adminAuthSettings);
|
|
|
|
|
|
2021-07-28 15:32:21 +02:00
|
|
|
const roleExists = await getService('role').exists({
|
2021-01-27 11:52:02 +01:00
|
|
|
id: newAuthSettings.providers.defaultRole,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Reset the default SSO role if it has been deleted manually
|
|
|
|
|
if (!roleExists) {
|
|
|
|
|
newAuthSettings.providers.defaultRole = null;
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-21 17:11:48 +01:00
|
|
|
await adminStore.set({ key: 'auth', value: newAuthSettings });
|
|
|
|
|
};
|
|
|
|
|
|
2022-08-29 17:32:41 +02:00
|
|
|
const syncAPITokensPermissions = async () => {
|
|
|
|
|
const validPermissions = strapi.contentAPI.permissions.providers.action.keys();
|
|
|
|
|
const permissionsInDB = await pipeAsync(
|
|
|
|
|
strapi.query('admin::api-token-permission').findMany,
|
|
|
|
|
map('action')
|
|
|
|
|
)();
|
|
|
|
|
|
|
|
|
|
const unknownPermissions = uniq(difference(permissionsInDB, validPermissions));
|
|
|
|
|
|
|
|
|
|
if (unknownPermissions.length > 0) {
|
2022-08-29 17:39:41 +02:00
|
|
|
await strapi
|
|
|
|
|
.query('admin::api-token-permission')
|
|
|
|
|
.deleteMany({ where: { action: { $in: unknownPermissions } } });
|
2022-08-29 17:32:41 +02:00
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
2023-09-07 00:13:09 +02:00
|
|
|
module.exports = async ({ strapi }) => {
|
2022-03-25 09:02:19 +01:00
|
|
|
await registerAdminConditions();
|
|
|
|
|
await registerPermissionActions();
|
2022-01-17 17:45:26 +01:00
|
|
|
registerModelHooks();
|
2021-03-25 14:59:44 +01:00
|
|
|
|
2021-06-28 21:37:44 +02:00
|
|
|
const permissionService = getService('permission');
|
2021-03-25 14:59:44 +01:00
|
|
|
const userService = getService('user');
|
|
|
|
|
const roleService = getService('role');
|
2021-08-27 16:23:19 +02:00
|
|
|
const apiTokenService = getService('api-token');
|
2023-02-02 13:15:41 +01:00
|
|
|
const transferService = getService('transfer');
|
2022-01-24 18:13:27 +01:00
|
|
|
const tokenService = getService('token');
|
2021-03-25 14:59:44 +01:00
|
|
|
|
|
|
|
|
await roleService.createRolesIfNoneExist();
|
2021-06-28 12:34:29 +02:00
|
|
|
await roleService.resetSuperAdminPermissions();
|
2021-03-25 14:59:44 +01:00
|
|
|
await roleService.displayWarningIfNoSuperAdmin();
|
|
|
|
|
|
2021-06-28 22:37:19 +02:00
|
|
|
await permissionService.cleanPermissionsInDatabase();
|
2021-03-30 11:28:47 +02:00
|
|
|
|
2021-03-25 14:59:44 +01:00
|
|
|
await userService.displayWarningIfUsersDontHaveRole();
|
2020-12-21 17:11:48 +01:00
|
|
|
|
|
|
|
|
await syncAuthSettings();
|
2022-08-29 17:32:41 +02:00
|
|
|
await syncAPITokensPermissions();
|
2021-08-27 16:23:19 +02:00
|
|
|
|
2023-09-07 00:13:09 +02:00
|
|
|
getService('metrics').startCron(strapi);
|
|
|
|
|
|
2022-01-24 18:13:27 +01:00
|
|
|
apiTokenService.checkSaltIsDefined();
|
2023-02-02 13:15:41 +01:00
|
|
|
transferService.token.checkSaltIsDefined();
|
2022-01-24 18:13:27 +01:00
|
|
|
tokenService.checkSecretIsDefined();
|
2020-06-08 15:13:26 +02:00
|
|
|
};
|
