yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-07-19 07:02:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/plugins/users-permissions/server/controllers/user/api.js

175 lines
4.3 KiB
JavaScript
Raw Normal View History

Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
'use strict';
const _ = require('lodash');
Rename import & requires, fix tests
2021-04-29 13:51:12 +02:00
const { sanitizeEntity } = require('@strapi/utils');
Use getService
2021-07-08 22:07:52 +02:00
const { getService } = require('../../utils');
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
const sanitizeUser = user =>
sanitizeEntity(user, {
refactor with module approach
2021-08-06 18:09:49 +02:00
model: strapi.getModel('plugin::users-permissions.user'),
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
});
const formatError = error => [
{ messages: [{ id: error.id, message: error.message, field: error.field }] },
];
module.exports = {
/**
* Create a/an user record.
* @return {Object}
*/
async create(ctx) {
const advanced = await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'advanced',
})
.get();
const { email, username, password, role } = ctx.request.body;
if (!email) return ctx.badRequest('missing.email');
if (!username) return ctx.badRequest('missing.username');
if (!password) return ctx.badRequest('missing.password');
const userWithSameUsername = await strapi
refactor with module approach
2021-08-06 18:09:49 +02:00
.query('plugin::users-permissions.user')
Refactor all query() calls
2021-07-08 18:15:32 +02:00
.findOne({ where: { username } });
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
if (userWithSameUsername) {
return ctx.badRequest(
null,
formatError({
id: 'Auth.form.error.username.taken',
message: 'Username already taken.',
field: ['username'],
})
);
}
if (advanced.unique_email) {
Autofix yarn.lock conflict Signed-off-by: Rémi de Juvigny <remi@hey.com>
2020-09-23 14:25:55 +02:00
const userWithSameEmail = await strapi
refactor with module approach
2021-08-06 18:09:49 +02:00
.query('plugin::users-permissions.user')
Refactor all query() calls
2021-07-08 18:15:32 +02:00
.findOne({ where: { email: email.toLowerCase() } });
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
if (userWithSameEmail) {
return ctx.badRequest(
null,
formatError({
id: 'Auth.form.error.email.taken',
message: 'Email already taken.',
field: ['email'],
})
);
}
}
const user = {
...ctx.request.body,
provider: 'local',
};
set email validator to lowercase (#7645) * set email validator to lowercase Yup .lowercase() converts the string to lowercase which should be done in all instances of email across the application. Fixes bug where users created inside Strapi admin panel end up with mixed case emails in database. Signed-off-by: bglidwell <sintex+github@gmail.com> * match front-end profile validation to backend Removed .min(5) from backend validation due to redundancy with .email() check Signed-off-by: bglidwell <sintex+github@gmail.com> * cleanup redundant email.toLowerCase() Signed-off-by: Bobby Glidwell <sintex+github@gmail.com> * Revert "cleanup redundant email.toLowerCase()" This reverts commit 4565054b298e4518e4ddf41ca602c5960bd9cc28. Signed-off-by: Bobby Glidwell <sintex+github@gmail.com> * fix email case in admin user controller Signed-off-by: Bobby Glidwell <sintex+github@gmail.com> * fix email case in api user controller Signed-off-by: Bobby Glidwell <sintex+github@gmail.com> * fix for graphql tests Signed-off-by: Bobby Glidwell <sintex+github@gmail.com>
2020-09-14 02:30:12 -05:00
user.email = user.email.toLowerCase();
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
if (!role) {
const defaultRole = await strapi
refactor with module approach
2021-08-06 18:09:49 +02:00
.query('plugin::users-permissions.role')
Refactor all query() calls
2021-07-08 18:15:32 +02:00
.findOne({ where: { type: advanced.default_role } });
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
user.role = defaultRole.id;
}
try {
Use getService
2021-07-08 22:07:52 +02:00
const data = await getService('user').add(user);
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
ctx.created(sanitizeUser(data));
} catch (error) {
ctx.badRequest(null, formatError(error));
}
},
/**
* Update a/an user record.
* @return {Object}
*/
async update(ctx) {
const advancedConfigs = await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'advanced',
})
.get();
const { id } = ctx.params;
const { email, username, password } = ctx.request.body;
Use getService
2021-07-08 22:07:52 +02:00
const user = await getService('user').fetch({
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
id,
});
if (_.has(ctx.request.body, 'email') && !email) {
return ctx.badRequest('email.notNull');
}
if (_.has(ctx.request.body, 'username') && !username) {
return ctx.badRequest('username.notNull');
}
if (_.has(ctx.request.body, 'password') && !password && user.provider === 'local') {
return ctx.badRequest('password.notNull');
}
if (_.has(ctx.request.body, 'username')) {
const userWithSameUsername = await strapi
refactor with module approach
2021-08-06 18:09:49 +02:00
.query('plugin::users-permissions.user')
Refactor all query() calls
2021-07-08 18:15:32 +02:00
.findOne({ where: { username } });
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
if (userWithSameUsername && userWithSameUsername.id != id) {
return ctx.badRequest(
null,
formatError({
id: 'Auth.form.error.username.taken',
message: 'username.alreadyTaken.',
field: ['username'],
})
);
}
}
if (_.has(ctx.request.body, 'email') && advancedConfigs.unique_email) {
Autofix yarn.lock conflict Signed-off-by: Rémi de Juvigny <remi@hey.com>
2020-09-23 14:25:55 +02:00
const userWithSameEmail = await strapi
refactor with module approach
2021-08-06 18:09:49 +02:00
.query('plugin::users-permissions.user')
Refactor all query() calls
2021-07-08 18:15:32 +02:00
.findOne({ where: { email: email.toLowerCase() } });
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
if (userWithSameEmail && userWithSameEmail.id != id) {
return ctx.badRequest(
null,
formatError({
id: 'Auth.form.error.email.taken',
message: 'Email already taken',
field: ['email'],
})
);
}
set email validator to lowercase (#7645) * set email validator to lowercase Yup .lowercase() converts the string to lowercase which should be done in all instances of email across the application. Fixes bug where users created inside Strapi admin panel end up with mixed case emails in database. Signed-off-by: bglidwell <sintex+github@gmail.com> * match front-end profile validation to backend Removed .min(5) from backend validation due to redundancy with .email() check Signed-off-by: bglidwell <sintex+github@gmail.com> * cleanup redundant email.toLowerCase() Signed-off-by: Bobby Glidwell <sintex+github@gmail.com> * Revert "cleanup redundant email.toLowerCase()" This reverts commit 4565054b298e4518e4ddf41ca602c5960bd9cc28. Signed-off-by: Bobby Glidwell <sintex+github@gmail.com> * fix email case in admin user controller Signed-off-by: Bobby Glidwell <sintex+github@gmail.com> * fix email case in api user controller Signed-off-by: Bobby Glidwell <sintex+github@gmail.com> * fix for graphql tests Signed-off-by: Bobby Glidwell <sintex+github@gmail.com>
2020-09-14 02:30:12 -05:00
ctx.request.body.email = ctx.request.body.email.toLowerCase();
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
}
let updateData = {
...ctx.request.body,
};
if (_.has(ctx.request.body, 'password') && password === user.password) {
delete updateData.password;
}
Use getService
2021-07-08 22:07:52 +02:00
const data = await getService('user').edit({ id }, updateData);
Rewrote users-permissions's controller to fit with rbac, fix various bugs in content-manager's controllers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-06 16:25:25 +02:00
ctx.send(sanitizeUser(data));
},
};
Reference in New Issue Copy Permalink