strapi/packages/plugins/users-permissions/server/services/users-permissions.js

'use strict';

const _ = require('lodash');
const { filter, map, pipe, prop } = require('lodash/fp');

const { getService } = require('../utils');

const DEFAULT_PERMISSIONS = [
  { action: 'plugin::users-permissions.auth.admincallback', roleType: 'public' },
  { action: 'plugin::users-permissions.auth.adminregister', roleType: 'public' },
  { action: 'plugin::users-permissions.auth.callback', roleType: 'public' },
  { action: 'plugin::users-permissions.auth.connect', roleType: null },
  { action: 'plugin::users-permissions.auth.forgotpassword', roleType: 'public' },
  { action: 'plugin::users-permissions.auth.resetpassword', roleType: 'public' },
  { action: 'plugin::users-permissions.auth.register', roleType: 'public' },
  { action: 'plugin::users-permissions.auth.emailconfirmation', roleType: 'public' },
  { action: 'plugin::users-permissions.user.me', roleType: null },
];

const transformRoutePrefixFor = pluginName => route => {
  const prefix = route.config && route.config.prefix;
  const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;

  return {
    ...route,
    path,
  };
};

module.exports = ({ strapi }) => ({
  getPlugins(lang = 'en') {
    const request = require('request');
    return new Promise(resolve => {
      request(
        {
          uri: `https://marketplace.strapi.io/plugins?lang=${lang}`,
          json: true,
          timeout: 3000,
          headers: {
            'cache-control': 'max-age=3600',
          },
        },
        (err, response, body) => {
          if (err || response.statusCode !== 200) {
            return resolve([]);
          }

          resolve(body);
        }
      );
    });
  },

  // TODO: Filter on content-api only
  getActions() {
    const actionMap = {};

    _.forEach(strapi.api, (api, apiName) => {
      const controllers = _.mapValues(api.controllers, controller => {
        return _.mapValues(controller, () => {
          return { enabled: false, policy: '' };
        });
      });

      actionMap[`api::${apiName}`] = { controllers };
    });

    _.forEach(strapi.plugins, (plugin, pluginName) => {
      const controllers = _.mapValues(plugin.controllers, controller => {
        return _.mapValues(controller, () => {
          return { enabled: false, policy: '' };
        });
      });

      actionMap[`plugin::${pluginName}`] = { controllers };
    });

    return actionMap;
  },

  // TODO: Filter on content-api only
  async getRoutes() {
    const routesMap = {};

    _.forEach(strapi.api, (api, apiName) => {
      const routes = _.flatMap(api.routes, route => {
        if (_.has(route, 'routes')) {
          return route.routes;
        }

        return route;
      });

      if (routes.length === 0) {
        return;
      }

      routesMap[`api::${apiName}`] = routes;
    });

    _.forEach(strapi.plugins, (plugin, pluginName) => {
      const transformPrefix = transformRoutePrefixFor(pluginName);

      const routes = _.flatMap(plugin.routes, route => {
        if (_.has(route, 'routes')) {
          return route.routes.map(transformPrefix);
        }

        return transformPrefix(route);
      });

      if (routes.length === 0) {
        return;
      }

      routesMap[`plugin::${pluginName}`] = routes;
    });

    return routesMap;
  },

  async syncPermissions() {
    const roles = await strapi.query('plugin::users-permissions.role').findMany();
    const dbPermissions = await strapi.query('plugin::users-permissions.permission').findMany();

    const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));

    const appActions = _.flatMap(strapi.api, (api, apiName) => {
      return _.flatMap(api.controllers, (controller, controllerName) => {
        return _.keys(controller).map(actionName => {
          return `api::${apiName}.${controllerName}.${_.toLower(actionName)}`;
        });
      });
    });

    const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {
      return _.flatMap(plugin.controllers, (controller, controllerName) => {
        return _.keys(controller).map(actionName => {
          return `plugin::${pluginName}.${controllerName}.${_.toLower(actionName)}`;
        });
      });
    });

    const allActions = [...appActions, ...pluginsActions];

    const toDelete = _.difference(permissionsFoundInDB, allActions);

    await Promise.all(
      toDelete.map(action => {
        return strapi.query('plugin::users-permissions.permission').delete({ where: { action } });
      })
    );

    if (permissionsFoundInDB.length === 0) {
      // create default permissions
      for (const role of roles) {
        const toCreate = pipe(
          filter(({ roleType }) => roleType === role.type || roleType === null),
          map(prop('action'))
        )(DEFAULT_PERMISSIONS);

        await Promise.all(
          toCreate.map(action => {
            return strapi.query('plugin::users-permissions.permission').create({
              data: {
                action,
                role: role.id,
              },
            });
          })
        );
      }
    }
  },

  async initialize() {
    const roleCount = await strapi.query('plugin::users-permissions.role').count();

    if (roleCount === 0) {
      await strapi.query('plugin::users-permissions.role').create({
        data: {
          name: 'Authenticated',
          description: 'Default role given to authenticated user.',
          type: 'authenticated',
        },
      });

      await strapi.query('plugin::users-permissions.role').create({
        data: {
          name: 'Public',
          description: 'Default role given to unauthenticated user.',
          type: 'public',
        },
      });
    }

    return getService('users-permissions').syncPermissions();
  },

  async updateUserRole(user, role) {
    return strapi
      .query('plugin::users-permissions.user')
      .update({ where: { id: user.id }, data: { role } });
  },

  template(layout, data) {
    const compiledObject = _.template(layout);
    return compiledObject(data);
  },
});
Generate plugin users-permissions and add it to strapi-packages 2017-11-06 11:14:43 +01:00			`'use strict';`

Change permissions data format 2017-11-16 17:59:41 +01:00			`const _ = require('lodash');`
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`const { filter, map, pipe, prop } = require('lodash/fp');`
Add some lazy loading 2021-09-03 11:11:37 +02:00
Refactor all query() calls 2021-07-08 18:15:32 +02:00			`const { getService } = require('../utils');`
Generate plugin users-permissions and add it to strapi-packages 2017-11-06 11:14:43 +01:00
rename DEFAULT_PERMISSIONS Signed-off-by: Pierre Noël <pierre.noel@strapi.io> 2020-04-20 12:19:44 +02:00			`const DEFAULT_PERMISSIONS = [`
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`{ action: 'plugin::users-permissions.auth.admincallback', roleType: 'public' },`
			`{ action: 'plugin::users-permissions.auth.adminregister', roleType: 'public' },`
			`{ action: 'plugin::users-permissions.auth.callback', roleType: 'public' },`
			`{ action: 'plugin::users-permissions.auth.connect', roleType: null },`
			`{ action: 'plugin::users-permissions.auth.forgotpassword', roleType: 'public' },`
			`{ action: 'plugin::users-permissions.auth.resetpassword', roleType: 'public' },`
			`{ action: 'plugin::users-permissions.auth.register', roleType: 'public' },`
			`{ action: 'plugin::users-permissions.auth.emailconfirmation', roleType: 'public' },`
			`{ action: 'plugin::users-permissions.user.me', roleType: null },`
fix missing permissions at startup Signed-off-by: Pierre Noël <pierre.noel@strapi.io> 2020-04-15 19:47:55 +02:00			`];`

Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`const transformRoutePrefixFor = pluginName => route => {`
			`const prefix = route.config && route.config.prefix;`
			const path = prefix !== undefined ? `${prefix}${route.path}` : `/${pluginName}${route.path}`;

			`return {`
			`...route,`
			`path,`
			`};`
			`};`

WIP 2021-07-08 11:20:13 +02:00			`module.exports = ({ strapi }) => ({`
Fix no response when get user permission role with internal network 2019-12-02 14:58:57 +08:00			`getPlugins(lang = 'en') {`
Add some lazy loading 2021-09-03 11:11:37 +02:00			`const request = require('request');`
Split admin and users. Co-authored-by: lauriejim 2019-04-09 12:09:03 +02:00			`return new Promise(resolve => {`
			`request(`
			`{`
			uri: `https://marketplace.strapi.io/plugins?lang=${lang}`,
			`json: true,`
Fix no response when get user permission role with internal network 2019-12-02 14:58:57 +08:00			`timeout: 3000,`
Split admin and users. Co-authored-by: lauriejim 2019-04-09 12:09:03 +02:00			`headers: {`
			`'cache-control': 'max-age=3600',`
			`},`
			`},`
			`(err, response, body) => {`
fix(strapi-plugin-users-permissions): fix when connecting to marketplace error cause app crash 2019-06-17 00:02:27 +08:00			`if (err \|\| response.statusCode !== 200) {`
Split admin and users. Co-authored-by: lauriejim 2019-04-09 12:09:03 +02:00			`return resolve([]);`
			`}`
Retrieve plugins' icons URL from API and name Redux store 2018-01-05 16:19:53 +01:00
Split admin and users. Co-authored-by: lauriejim 2019-04-09 12:09:03 +02:00			`resolve(body);`
Fix error not ignored getPlugins 2019-06-08 16:23:52 +02:00			`}`
Split admin and users. Co-authored-by: lauriejim 2019-04-09 12:09:03 +02:00			`);`
Retrieve plugins' icons URL from API and name Redux store 2018-01-05 16:19:53 +01:00			`});`
			`},`

Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`// TODO: Filter on content-api only`
Fix PR feedback Signed-off-by: soupette <cyril.lpz@gmail.com> 2020-08-31 14:17:30 +02:00			`getActions() {`
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`const actionMap = {};`
Change permissions data format 2017-11-16 17:59:41 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`_.forEach(strapi.api, (api, apiName) => {`
			`const controllers = _.mapValues(api.controllers, controller => {`
			`return _.mapValues(controller, () => {`
			`return { enabled: false, policy: '' };`
			`});`
			`});`
Fix design and generatePermissions service 2017-11-17 12:14:12 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			actionMap[`api::${apiName}`] = { controllers };
			`});`
Fix design and generatePermissions service 2017-11-17 12:14:12 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`_.forEach(strapi.plugins, (plugin, pluginName) => {`
			`const controllers = _.mapValues(plugin.controllers, controller => {`
			`return _.mapValues(controller, () => {`
			`return { enabled: false, policy: '' };`
			`});`
			`});`
Change permissions data format 2017-11-16 17:59:41 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			actionMap[`plugin::${pluginName}`] = { controllers };
			`});`
Change permissions data format 2017-11-16 17:59:41 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`return actionMap;`
Algo diff between objects 2017-11-17 16:36:57 +01:00			`},`
Write roles.sjon file 2017-11-17 14:22:59 +01:00
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`// TODO: Filter on content-api only`
Refactor users-permissions to use the new strapi.query 2019-07-15 23:16:50 +02:00			`async getRoutes() {`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`const routesMap = {};`
Fix get routes u&p 2021-09-03 23:45:53 +02:00
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`_.forEach(strapi.api, (api, apiName) => {`
			`const routes = _.flatMap(api.routes, route => {`
Fix get routes u&p 2021-09-03 23:45:53 +02:00			`if (_.has(route, 'routes')) {`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`return route.routes;`
Fix get routes u&p 2021-09-03 23:45:53 +02:00			`}`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00
			`return route;`
Fix get routes u&p 2021-09-03 23:45:53 +02:00			`});`
Add handler to get the plugins routes 2017-11-30 16:34:43 +01:00
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`if (routes.length === 0) {`
			`return;`
			`}`

			routesMap[`api::${apiName}`] = routes;
			`});`
Merge branch 'develop' into features/media-lib Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-03-02 15:18:08 +01:00
Fix get routes u&p 2021-09-03 23:45:53 +02:00			`_.forEach(strapi.plugins, (plugin, pluginName) => {`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`const transformPrefix = transformRoutePrefixFor(pluginName);`
Merge branch 'develop' into features/media-lib Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-03-02 15:18:08 +01:00
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`const routes = _.flatMap(plugin.routes, route => {`
Fix get routes u&p 2021-09-03 23:45:53 +02:00			`if (_.has(route, 'routes')) {`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`return route.routes.map(transformPrefix);`
Fix get routes u&p 2021-09-03 23:45:53 +02:00			`}`
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00
			`return transformPrefix(route);`
Fix get routes u&p 2021-09-03 23:45:53 +02:00			`});`

Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`if (routes.length === 0) {`
			`return;`
			`}`

			routesMap[`plugin::${pluginName}`] = routes;
Fix get routes u&p 2021-09-03 23:45:53 +02:00			`});`
Add apiRoutes and fix feedback PR 2017-12-07 18:16:18 +01:00
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`return routesMap;`
Add handler to get the plugins routes 2017-11-30 16:34:43 +01:00			`},`

Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`async syncPermissions() {`
refactor with module approach 2021-08-06 18:09:49 +02:00			`const roles = await strapi.query('plugin::users-permissions.role').findMany();`
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`const dbPermissions = await strapi.query('plugin::users-permissions.permission').findMany();`
Refactor all query() calls 2021-07-08 18:15:32 +02:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`const permissionsFoundInDB = _.uniq(_.map(dbPermissions, 'action'));`
Merge branch 'develop' into features/media-lib Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-03-02 15:18:08 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`const appActions = _.flatMap(strapi.api, (api, apiName) => {`
			`return _.flatMap(api.controllers, (controller, controllerName) => {`
			`return _.keys(controller).map(actionName => {`
			return `api::${apiName}.${controllerName}.${_.toLower(actionName)}`;
			`});`
Merge branch 'develop' into features/media-lib Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-03-02 15:18:08 +01:00			`});`
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`});`
Algo diff between objects 2017-11-17 16:36:57 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`const pluginsActions = _.flatMap(strapi.plugins, (plugin, pluginName) => {`
			`return _.flatMap(plugin.controllers, (controller, controllerName) => {`
			`return _.keys(controller).map(actionName => {`
			return `plugin::${pluginName}.${controllerName}.${_.toLower(actionName)}`;
			`});`
Split admin and users. Co-authored-by: lauriejim 2019-04-09 12:09:03 +02:00			`});`
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`});`
Fix roles.json bug 2017-12-07 10:16:36 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`const allActions = [...appActions, ...pluginsActions];`
Refactor all query() calls 2021-07-08 18:15:32 +02:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`const toDelete = _.difference(permissionsFoundInDB, allActions);`
[WIP] Read and update roles & permissions using database 2018-01-17 18:50:12 +01:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`await Promise.all(`
			`toDelete.map(action => {`
			`return strapi.query('plugin::users-permissions.permission').delete({ where: { action } });`
			`})`
			`);`
Remove email update of admin during test that break next tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 20:39:39 +02:00
Refactor u-p permission syntax 2021-09-06 22:33:55 +02:00			`if (permissionsFoundInDB.length === 0) {`
			`// create default permissions`
			`for (const role of roles) {`
			`const toCreate = pipe(`
			`filter(({ roleType }) => roleType === role.type \|\| roleType === null),`
			`map(prop('action'))`
			`)(DEFAULT_PERMISSIONS);`

			`await Promise.all(`
			`toCreate.map(action => {`
			`return strapi.query('plugin::users-permissions.permission').create({`
			`data: {`
			`action,`
			`role: role.id,`
			`},`
			`});`
			`})`
			`);`
			`}`
Write roles.sjon file 2017-11-17 14:22:59 +01:00			`}`
Algo diff between objects 2017-11-17 16:36:57 +01:00			`},`
Write roles.sjon file 2017-11-17 14:22:59 +01:00
make boostrap functions async only 2019-08-12 15:35:40 +02:00			`async initialize() {`
refactor with module approach 2021-08-06 18:09:49 +02:00			`const roleCount = await strapi.query('plugin::users-permissions.role').count();`
[WIP] Read and update roles & permissions using database 2018-01-17 18:50:12 +01:00
fix missing permissions at startup Signed-off-by: Pierre Noël <pierre.noel@strapi.io> 2020-04-15 19:47:55 +02:00			`if (roleCount === 0) {`
refactor with module approach 2021-08-06 18:09:49 +02:00			`await strapi.query('plugin::users-permissions.role').create({`
Refactor all query() calls 2021-07-08 18:15:32 +02:00			`data: {`
			`name: 'Authenticated',`
			`description: 'Default role given to authenticated user.',`
			`type: 'authenticated',`
			`},`
fix missing permissions at startup Signed-off-by: Pierre Noël <pierre.noel@strapi.io> 2020-04-15 19:47:55 +02:00			`});`
Fix user-permissions bootstrap issue Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-01-16 11:41:07 +01:00
refactor with module approach 2021-08-06 18:09:49 +02:00			`await strapi.query('plugin::users-permissions.role').create({`
Refactor all query() calls 2021-07-08 18:15:32 +02:00			`data: {`
			`name: 'Public',`
			`description: 'Default role given to unauthenticated user.',`
			`type: 'public',`
			`},`
fix missing permissions at startup Signed-off-by: Pierre Noël <pierre.noel@strapi.io> 2020-04-15 19:47:55 +02:00			`});`
			`}`
[WIP] Read and update roles & permissions using database 2018-01-17 18:50:12 +01:00
Make new format compatible with old permissions format in u&p 2021-09-07 12:26:01 +02:00			`return getService('users-permissions').syncPermissions();`
Handle update role 2017-11-27 17:50:51 +01:00			`},`

Refactor users-permissions to use the new strapi.query 2019-07-15 23:16:50 +02:00			`async updateUserRole(user, role) {`
Refactor all query() calls 2021-07-08 18:15:32 +02:00			`return strapi`
refactor with module approach 2021-08-06 18:09:49 +02:00			`.query('plugin::users-permissions.user')`
Refactor all query() calls 2021-07-08 18:15:32 +02:00			`.update({ where: { id: user.id }, data: { role } });`
Fix roles.json bug 2017-12-07 10:16:36 +01:00			`},`

Refactor users-permissions to use the new strapi.query 2019-07-15 23:16:50 +02:00			`template(layout, data) {`
User service to template email 2018-01-25 08:38:46 +01:00			`const compiledObject = _.template(layout);`
			`return compiledObject(data);`
Split admin and users. Co-authored-by: lauriejim 2019-04-09 12:09:03 +02:00			`},`
WIP 2021-07-08 11:20:13 +02:00			`});`