272 lines
6.3 KiB
JavaScript
Raw Normal View History

2021-07-08 18:15:32 +02:00
'use strict';
const _ = require('lodash');
const { getService } = require('../utils');
const { isValidEmailTemplate } = require('./validation/email-template');
module.exports = {
/**
* Default action.
*
* @return {Object}
*/
async createRole(ctx) {
if (_.isEmpty(ctx.request.body)) {
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
}
try {
2021-07-19 12:48:03 +02:00
await getService('users-permissions').createRole(ctx.request.body);
2021-07-08 18:15:32 +02:00
ctx.send({ ok: true });
} catch (err) {
strapi.log.error(err);
ctx.badRequest(null, [{ messages: [{ id: 'An error occured' }] }]);
}
},
async deleteRole(ctx) {
// Fetch public role.
const publicRole = await strapi
2021-08-06 18:09:49 +02:00
.query('plugin::users-permissions.role')
2021-07-08 18:15:32 +02:00
.findOne({ where: { type: 'public' } });
const publicRoleID = publicRole.id;
const roleID = ctx.params.role;
if (!roleID) {
return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
}
// Prevent from removing the public role.
if (roleID.toString() === publicRoleID.toString()) {
return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);
}
try {
2021-07-19 12:48:03 +02:00
await getService('users-permissions').deleteRole(roleID, publicRoleID);
2021-07-08 18:15:32 +02:00
ctx.send({ ok: true });
} catch (err) {
strapi.log.error(err);
ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
}
},
async getPermissions(ctx) {
try {
const permissions = await getService('users-permissions').getActions();
ctx.send({ permissions });
} catch (err) {
ctx.badRequest(null, [{ message: [{ id: 'Not Found' }] }]);
}
},
async getPolicies(ctx) {
ctx.send({
policies: _.without(
_.keys(strapi.plugins['users-permissions'].config.policies),
'permissions'
),
});
},
async getRole(ctx) {
const { id } = ctx.params;
const { lang } = ctx.query;
2021-07-19 12:48:03 +02:00
const plugins = await getService('users-permissions').getPlugins(lang);
const role = await getService('users-permissions').getRole(id, plugins);
2021-07-08 18:15:32 +02:00
if (_.isEmpty(role)) {
return ctx.badRequest(null, [{ messages: [{ id: `Role don't exist` }] }]);
}
ctx.send({ role });
},
async getRoles(ctx) {
try {
2021-07-19 12:48:03 +02:00
const roles = await getService('users-permissions').getRoles();
2021-07-08 18:15:32 +02:00
ctx.send({ roles });
} catch (err) {
ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
}
},
async getRoutes(ctx) {
try {
const routes = await getService('users-permissions').getRoutes();
ctx.send({ routes });
} catch (err) {
ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
}
},
async index(ctx) {
// Send 200 `ok`
ctx.send({ message: 'ok' });
},
async searchUsers(ctx) {
const { id } = ctx.params;
2021-08-06 18:09:49 +02:00
const data = await strapi.query('plugin::users-permissions.user').custom(searchQueries)({
2021-07-08 18:15:32 +02:00
id,
});
ctx.send(data);
},
async updateRole(ctx) {
const roleID = ctx.params.role;
if (_.isEmpty(ctx.request.body)) {
return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
}
try {
2021-07-19 12:48:03 +02:00
await getService('users-permissions').updateRole(roleID, ctx.request.body);
2021-07-08 18:15:32 +02:00
ctx.send({ ok: true });
} catch (err) {
strapi.log.error(err);
ctx.badRequest(null, [{ messages: [{ id: 'An error occurred' }] }]);
}
},
async getEmailTemplate(ctx) {
ctx.send(
await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'email',
})
.get()
);
},
async updateEmailTemplate(ctx) {
if (_.isEmpty(ctx.request.body)) {
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
}
const emailTemplates = ctx.request.body['email-templates'];
for (let key in emailTemplates) {
const template = emailTemplates[key].options.message;
if (!isValidEmailTemplate(template)) {
return ctx.badRequest(null, [{ messages: [{ id: 'Invalid template' }] }]);
}
}
await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'email',
})
.set({ value: emailTemplates });
ctx.send({ ok: true });
},
async getAdvancedSettings(ctx) {
ctx.send({
settings: await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'advanced',
})
.get(),
2021-07-19 12:48:03 +02:00
roles: await getService('users-permissions').getRoles(),
2021-07-08 18:15:32 +02:00
});
},
async updateAdvancedSettings(ctx) {
if (_.isEmpty(ctx.request.body)) {
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
}
await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'advanced',
})
.set({ value: ctx.request.body });
ctx.send({ ok: true });
},
async getProviders(ctx) {
const providers = await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'grant',
})
.get();
for (const provider in providers) {
if (provider !== 'email') {
providers[provider].redirectUri = strapi.plugins[
'users-permissions'
].services.providers.buildRedirectUri(provider);
}
}
ctx.send(providers);
},
async updateProviders(ctx) {
if (_.isEmpty(ctx.request.body)) {
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
}
await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'grant',
})
.set({ value: ctx.request.body.providers });
ctx.send({ ok: true });
},
};
const searchQueries = {
bookshelf({ model }) {
return ({ id }) => {
return model
.query(function(qb) {
qb.where('username', 'LIKE', `%${id}%`).orWhere('email', 'LIKE', `%${id}%`);
})
.fetchAll()
.then(results => results.toJSON());
};
},
mongoose({ model }) {
return ({ id }) => {
const re = new RegExp(id);
return model.find({
$or: [{ username: re }, { email: re }],
});
};
},
};