strapi/packages/strapi-utils/lib/policy.js


// Public dependencies.
const _ = require('lodash');
/* eslint-disable prefer-template */
module.exports = {
  get: function (policy, plugin, policies = [], endpoint, currentApiName) {
    // Define global policy prefix.
    const globalPolicyPrefix = 'global.';
    const pluginPolicyPrefix = 'plugins.';
    const policySplited = policy.split('.');

    // Looking for global policy or namespaced.
    if (
      _.startsWith(policy, globalPolicyPrefix, 0) &&
      !_.isUndefined(
        _.get(
          strapi.config.policies,
          policy.replace(globalPolicyPrefix, '').toLowerCase()
        )
      )
    ) {
      // Global policy.
      return policies.push(
        this.parsePolicy(
          _.get(
            strapi.config.policies,
            policy.replace(globalPolicyPrefix, '').toLowerCase()
          )
        )
      );
    } else if (
      _.startsWith(policy, pluginPolicyPrefix, 0) &&
      strapi.plugins[policySplited[1]] &&
      !_.isUndefined(
        _.get(
          strapi.plugins,
          policySplited[1] +
            '.config.policies.' +
            policySplited[2].toLowerCase()
        )
      )
    ) {
      // Plugin's policies can be used from app APIs with a specific syntax (`plugins.pluginName.policyName`).
      return policies.push(
        this.parsePolicy(_.get(
          strapi.plugins,
          policySplited[1] +
            '.config.policies.' +
            policySplited[2].toLowerCase()
        ))
      );
    } else if (
      !_.startsWith(policy, globalPolicyPrefix, 0) &&
      plugin &&
      !_.isUndefined(
        _.get(
          strapi.plugins,
          plugin + '.config.policies.' + policy.toLowerCase()
        )
      )
    ) {
      // Plugin policy used in the plugin itself.
      return policies.push(
        this.parsePolicy(_.get(
          strapi.plugins,
          plugin + '.config.policies.' + policy.toLowerCase()
        ))
      );
    } else if (
      !_.startsWith(policy, globalPolicyPrefix, 0) &&
      !_.isUndefined(
        _.get(
          strapi.api,
          currentApiName + '.config.policies.' + policy.toLowerCase()
        )
      )
    ) {
      // API policy used in the API itself.
      return policies.push(
        this.parsePolicy(_.get(
          strapi.api,
          currentApiName + '.config.policies.' + policy.toLowerCase()
        ))
      );
    }

    strapi.log.error(`Ignored attempt to bind to ${endpoint} with unknown policy "${policy}"`);
  },

  parsePolicy: (policy) => {
    if (_.isFunction(policy)) {
      return policy;
    }

    return policy.handler;
  },

  // Middleware used for every routes.
  // Expose the endpoint in `this`.
  globalPolicy: (endpoint, value, route = {}, plugin) => {
    return async (ctx, next) => {
      ctx.request.route = {
        endpoint: _.trim(endpoint),
        controller: value.handler.split('.')[0].toLowerCase(),
        action: value.handler.split('.')[1].toLowerCase(),
        splittedEndpoint: _.trim(route.endpoint),
        verb: route.verb && _.trim(route.verb.toLowerCase()),
        plugin
      };

      await next();
    };
  }
};
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00
			`// Public dependencies.`
			`const _ = require('lodash');`
Add eslint to strapi-utils 2018-05-03 18:13:22 +02:00			`/* eslint-disable prefer-template */`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`module.exports = {`
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`get: function (policy, plugin, policies = [], endpoint, currentApiName) {`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`// Define global policy prefix.`
			`const globalPolicyPrefix = 'global.';`
			`const pluginPolicyPrefix = 'plugins.';`
			`const policySplited = policy.split('.');`

			`// Looking for global policy or namespaced.`
			`if (`
			`_.startsWith(policy, globalPolicyPrefix, 0) &&`
Allow global policies to be organised in folders Hi, I'm been using Strapi for a project I'm doing and you guys have done a great work! I love the idea. This is a small Pull Request, however, I find it very useful if you would like to have your global policies organized by folders. Just in case you have more than 10 of them. If you try at the moment to create a policy inside a folder, it will throw ``` Cannot read property 'handler' of undefined ``` This will fix it and it will allow you to have folders on your `config/policies` folder. 2018-08-17 14:27:59 +10:00			`!_.isUndefined(`
			`_.get(`
			`strapi.config.policies,`
			`policy.replace(globalPolicyPrefix, '').toLowerCase()`
			`)`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`)`
			`) {`
			`// Global policy.`
			`return policies.push(`
Allow global policies to be organised in folders Hi, I'm been using Strapi for a project I'm doing and you guys have done a great work! I love the idea. This is a small Pull Request, however, I find it very useful if you would like to have your global policies organized by folders. Just in case you have more than 10 of them. If you try at the moment to create a policy inside a folder, it will throw ``` Cannot read property 'handler' of undefined ``` This will fix it and it will allow you to have folders on your `config/policies` folder. 2018-08-17 14:27:59 +10:00			`this.parsePolicy(`
			`_.get(`
			`strapi.config.policies,`
			`policy.replace(globalPolicyPrefix, '').toLowerCase()`
			`)`
			`)`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`);`
			`} else if (`
			`_.startsWith(policy, pluginPolicyPrefix, 0) &&`
			`strapi.plugins[policySplited[1]] &&`
			`!_.isUndefined(`
			`_.get(`
			`strapi.plugins,`
			`policySplited[1] +`
			`'.config.policies.' +`
			`policySplited[2].toLowerCase()`
			`)`
			`)`
			`) {`
			// Plugin's policies can be used from app APIs with a specific syntax (`plugins.pluginName.policyName`).
			`return policies.push(`
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`this.parsePolicy(_.get(`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`strapi.plugins,`
			`policySplited[1] +`
			`'.config.policies.' +`
			`policySplited[2].toLowerCase()`
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`))`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`);`
			`} else if (`
			`!_.startsWith(policy, globalPolicyPrefix, 0) &&`
			`plugin &&`
			`!_.isUndefined(`
			`_.get(`
			`strapi.plugins,`
			`plugin + '.config.policies.' + policy.toLowerCase()`
			`)`
			`)`
			`) {`
			`// Plugin policy used in the plugin itself.`
			`return policies.push(`
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`this.parsePolicy(_.get(`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`strapi.plugins,`
			`plugin + '.config.policies.' + policy.toLowerCase()`
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`))`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`);`
			`} else if (`
			`!_.startsWith(policy, globalPolicyPrefix, 0) &&`
			`!_.isUndefined(`
			`_.get(`
			`strapi.api,`
			`currentApiName + '.config.policies.' + policy.toLowerCase()`
			`)`
			`)`
			`) {`
			`// API policy used in the API itself.`
			`return policies.push(`
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`this.parsePolicy(_.get(`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`strapi.api,`
			`currentApiName + '.config.policies.' + policy.toLowerCase()`
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`))`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`);`
			`}`

Write GraphQL documentation and fix details 2018-04-03 18:14:56 +02:00			strapi.log.error(`Ignored attempt to bind to ${endpoint} with unknown policy "${policy}"`);
Apply policy for each query and use generated API business logic 2018-04-10 11:47:01 +02:00			`},`

			`parsePolicy: (policy) => {`
			`if (_.isFunction(policy)) {`
			`return policy;`
			`}`

			`return policy.handler;`
			`},`

			`// Middleware used for every routes.`
			// Expose the endpoint in `this`.
			`globalPolicy: (endpoint, value, route = {}, plugin) => {`
			`return async (ctx, next) => {`
			`ctx.request.route = {`
			`endpoint: _.trim(endpoint),`
			`controller: value.handler.split('.')[0].toLowerCase(),`
			`action: value.handler.split('.')[1].toLowerCase(),`
			`splittedEndpoint: _.trim(route.endpoint),`
			`verb: route.verb && _.trim(route.verb.toLowerCase()),`
			`plugin`
			`};`

			`await next();`
			`};`
Add description and execute policies before the resolver 2018-03-30 17:05:24 +02:00			`}`
			`};`