2017-03-20 22:08:49 +01:00
|
|
|
'use strict';
|
|
|
|
|
|
2017-08-16 17:05:02 +02:00
|
|
|
const _ = require('lodash');
|
2020-02-19 10:54:44 +01:00
|
|
|
|
2019-08-01 17:19:49 +02:00
|
|
|
const parseMultipartBody = require('../utils/parse-multipart');
|
2020-02-19 10:54:44 +01:00
|
|
|
const {
|
|
|
|
|
validateGenerateUIDInput,
|
|
|
|
|
validateCheckUIDAvailabilityInput,
|
|
|
|
|
validateUIDField,
|
|
|
|
|
} = require('./validation');
|
2019-08-01 08:52:35 +02:00
|
|
|
|
2020-06-29 16:32:14 +02:00
|
|
|
const ACTIONS = {
|
2020-06-29 17:23:48 +02:00
|
|
|
read: 'plugins::content-manager.explorer.read',
|
|
|
|
|
create: 'plugins::content-manager.explorer.create',
|
|
|
|
|
edit: 'plugins::content-manager.explorer.update',
|
|
|
|
|
delete: 'plugins::content-manager.explorer.delete',
|
2020-06-29 16:32:14 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const findEntityAndCheckPermissions = async (ability, action, model, id) => {
|
|
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
|
|
|
|
const entity = await contentManagerService.fetch(model, id);
|
|
|
|
|
|
|
|
|
|
if (_.isNil(entity)) {
|
|
|
|
|
throw strapi.errors.notFound();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const pm = strapi.admin.services.permission.createPermissionsManager(ability, action, model);
|
|
|
|
|
|
|
|
|
|
if (pm.ability.cannot(pm.action, pm.toSubject(entity))) {
|
|
|
|
|
throw strapi.errors.forbidden();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return { pm, entity };
|
|
|
|
|
};
|
|
|
|
|
|
2017-03-20 22:08:49 +01:00
|
|
|
module.exports = {
|
2020-02-19 10:54:44 +01:00
|
|
|
async generateUID(ctx) {
|
|
|
|
|
const { contentTypeUID, field, data } = await validateGenerateUIDInput(ctx.request.body);
|
|
|
|
|
|
|
|
|
|
await validateUIDField(contentTypeUID, field);
|
|
|
|
|
|
|
|
|
|
const uidService = strapi.plugins['content-manager'].services.uid;
|
|
|
|
|
|
|
|
|
|
ctx.body = {
|
|
|
|
|
data: await uidService.generateUIDField({ contentTypeUID, field, data }),
|
|
|
|
|
};
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async checkUIDAvailability(ctx) {
|
|
|
|
|
const { contentTypeUID, field, value } = await validateCheckUIDAvailabilityInput(
|
|
|
|
|
ctx.request.body
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
await validateUIDField(contentTypeUID, field);
|
|
|
|
|
|
|
|
|
|
const uidService = strapi.plugins['content-manager'].services.uid;
|
|
|
|
|
|
|
|
|
|
const isAvailable = await uidService.checkUIDAvailability({ contentTypeUID, field, value });
|
|
|
|
|
|
|
|
|
|
ctx.body = {
|
|
|
|
|
isAvailable,
|
|
|
|
|
suggestion: !isAvailable
|
|
|
|
|
? await uidService.findUniqueUID({ contentTypeUID, field, value })
|
|
|
|
|
: null,
|
|
|
|
|
};
|
|
|
|
|
},
|
|
|
|
|
|
2019-07-19 09:58:38 +02:00
|
|
|
/**
|
|
|
|
|
* Returns a list of entities of a content-type matching the query parameters
|
|
|
|
|
*/
|
|
|
|
|
async find(ctx) {
|
2020-06-29 16:32:14 +02:00
|
|
|
const {
|
|
|
|
|
state: { userAbility },
|
|
|
|
|
params: { model },
|
2020-07-01 13:03:30 +02:00
|
|
|
request,
|
2020-06-29 16:32:14 +02:00
|
|
|
} = ctx;
|
2020-02-19 10:54:44 +01:00
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
2020-06-29 16:32:14 +02:00
|
|
|
const pm = strapi.admin.services.permission.createPermissionsManager(
|
|
|
|
|
userAbility,
|
|
|
|
|
ACTIONS.read,
|
|
|
|
|
model
|
|
|
|
|
);
|
2020-01-08 17:00:29 +01:00
|
|
|
|
2019-07-19 09:58:38 +02:00
|
|
|
let entities = [];
|
2020-07-01 13:03:30 +02:00
|
|
|
|
2019-07-26 10:57:27 +02:00
|
|
|
if (_.has(ctx.request.query, '_q')) {
|
2020-07-01 13:03:30 +02:00
|
|
|
entities = await contentManagerService.search(model, request.query, pm.query);
|
2019-07-19 09:58:38 +02:00
|
|
|
} else {
|
2020-07-01 13:03:30 +02:00
|
|
|
entities = await contentManagerService.fetchAll(model, request.query, pm.query);
|
2019-07-19 09:58:38 +02:00
|
|
|
}
|
2020-01-28 17:14:53 +01:00
|
|
|
|
2020-06-01 12:01:12 +02:00
|
|
|
if (!entities) {
|
|
|
|
|
return ctx.notFound();
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-30 12:03:13 +02:00
|
|
|
ctx.body = _.isArray(entities)
|
|
|
|
|
? entities.map(entity => pm.sanitize(entity))
|
|
|
|
|
: pm.sanitize(entities);
|
2017-03-20 22:08:49 +01:00
|
|
|
},
|
|
|
|
|
|
2019-07-19 09:58:38 +02:00
|
|
|
/**
|
|
|
|
|
* Returns an entity of a content type by id
|
|
|
|
|
*/
|
|
|
|
|
async findOne(ctx) {
|
2020-06-29 16:32:14 +02:00
|
|
|
const {
|
|
|
|
|
state: { userAbility },
|
|
|
|
|
params: { model, id },
|
|
|
|
|
} = ctx;
|
2020-02-19 10:54:44 +01:00
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
2020-06-29 16:32:14 +02:00
|
|
|
const pm = strapi.admin.services.permission.createPermissionsManager(
|
|
|
|
|
userAbility,
|
|
|
|
|
ACTIONS.read,
|
|
|
|
|
model
|
|
|
|
|
);
|
2020-01-08 17:00:29 +01:00
|
|
|
|
2020-06-29 16:32:14 +02:00
|
|
|
const entry = await contentManagerService.fetch(model, id, { params: pm.query });
|
2018-06-07 14:35:09 +02:00
|
|
|
|
2019-07-19 09:58:38 +02:00
|
|
|
// Entry not found
|
|
|
|
|
if (!entry) {
|
|
|
|
|
return ctx.notFound('Entry not found');
|
2018-06-07 14:35:09 +02:00
|
|
|
}
|
|
|
|
|
|
2020-06-29 16:32:14 +02:00
|
|
|
ctx.body = pm.sanitize(entry);
|
2017-03-20 22:08:49 +01:00
|
|
|
},
|
|
|
|
|
|
2019-07-19 09:58:38 +02:00
|
|
|
/**
|
|
|
|
|
* Returns a count of entities of a content type matching query parameters
|
|
|
|
|
*/
|
|
|
|
|
async count(ctx) {
|
2020-03-06 19:16:23 +01:00
|
|
|
const { model } = ctx.params;
|
2020-02-19 10:54:44 +01:00
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
2020-01-08 17:00:29 +01:00
|
|
|
|
2019-07-19 09:58:38 +02:00
|
|
|
let count;
|
2019-07-26 10:57:27 +02:00
|
|
|
if (_.has(ctx.request.query, '_q')) {
|
2020-03-06 19:16:23 +01:00
|
|
|
count = await contentManagerService.countSearch({ model }, ctx.request.query);
|
2019-07-19 09:58:38 +02:00
|
|
|
} else {
|
2020-03-06 19:16:23 +01:00
|
|
|
count = await contentManagerService.count({ model }, ctx.request.query);
|
2019-07-19 09:58:38 +02:00
|
|
|
}
|
2017-04-11 11:34:59 +02:00
|
|
|
|
|
|
|
|
ctx.body = {
|
2019-07-19 09:58:38 +02:00
|
|
|
count: _.isNumber(count) ? count : _.toNumber(count),
|
2017-04-11 11:34:59 +02:00
|
|
|
};
|
|
|
|
|
},
|
|
|
|
|
|
2019-07-19 09:58:38 +02:00
|
|
|
/**
|
|
|
|
|
* Creates an entity of a content type
|
|
|
|
|
*/
|
|
|
|
|
async create(ctx) {
|
2020-06-29 16:32:14 +02:00
|
|
|
const {
|
|
|
|
|
state: { userAbility, user },
|
|
|
|
|
params: { model },
|
|
|
|
|
request: { body },
|
|
|
|
|
} = ctx;
|
2020-02-19 10:54:44 +01:00
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
2020-01-08 17:00:29 +01:00
|
|
|
|
2020-06-29 16:32:14 +02:00
|
|
|
const pm = strapi.admin.services.permission.createPermissionsManager(
|
|
|
|
|
userAbility,
|
|
|
|
|
ACTIONS.create,
|
|
|
|
|
model
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (pm.ability.cannot(pm.action, pm.model)) {
|
|
|
|
|
throw strapi.errors.forbidden();
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-01 13:03:30 +02:00
|
|
|
const sanitize = e => pm.pickPermittedFieldsOf(e, { subject: model });
|
2020-06-29 16:32:14 +02:00
|
|
|
|
2020-06-29 11:12:53 +02:00
|
|
|
const { data, files } = ctx.is('multipart') ? parseMultipartBody(ctx) : { data: body };
|
2017-11-27 17:27:16 +01:00
|
|
|
|
2020-02-19 11:14:00 +01:00
|
|
|
try {
|
2020-07-01 13:03:30 +02:00
|
|
|
const result = await contentManagerService.create(
|
|
|
|
|
{
|
|
|
|
|
data: { ...sanitize(data), created_by: user.id, updated_by: user.id },
|
|
|
|
|
files,
|
|
|
|
|
},
|
|
|
|
|
{ model }
|
|
|
|
|
);
|
2020-06-29 16:32:14 +02:00
|
|
|
|
|
|
|
|
ctx.body = pm.sanitize(result, { action: ACTIONS.read });
|
2020-02-19 11:14:00 +01:00
|
|
|
|
2020-03-25 20:02:29 +01:00
|
|
|
await strapi.telemetry.send('didCreateFirstContentTypeEntry', { model });
|
2020-02-19 11:14:00 +01:00
|
|
|
} catch (error) {
|
|
|
|
|
strapi.log.error(error);
|
|
|
|
|
ctx.badRequest(null, [
|
|
|
|
|
{
|
|
|
|
|
messages: [{ id: error.message, message: error.message, field: error.field }],
|
2020-03-03 16:12:19 +01:00
|
|
|
errors: _.get(error, 'data.errors'),
|
2020-02-19 11:14:00 +01:00
|
|
|
},
|
|
|
|
|
]);
|
2017-06-17 17:01:50 +02:00
|
|
|
}
|
2019-07-19 09:58:38 +02:00
|
|
|
},
|
2017-03-20 22:08:49 +01:00
|
|
|
|
2019-07-19 09:58:38 +02:00
|
|
|
/**
|
|
|
|
|
* Updates an entity of a content type
|
|
|
|
|
*/
|
|
|
|
|
async update(ctx) {
|
2020-06-29 16:32:14 +02:00
|
|
|
const {
|
|
|
|
|
state: { userAbility, user },
|
|
|
|
|
params: { id, model },
|
|
|
|
|
request: { body },
|
|
|
|
|
} = ctx;
|
2019-07-19 09:58:38 +02:00
|
|
|
|
2020-02-19 10:54:44 +01:00
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
|
|
|
|
|
2020-06-29 16:32:14 +02:00
|
|
|
const { pm, entity } = await findEntityAndCheckPermissions(
|
|
|
|
|
userAbility,
|
|
|
|
|
ACTIONS.edit,
|
|
|
|
|
model,
|
|
|
|
|
id
|
|
|
|
|
);
|
|
|
|
|
|
2020-07-01 13:03:30 +02:00
|
|
|
const sanitize = e => pm.pickPermittedFieldsOf(e, { subject: pm.toSubject(entity) });
|
2020-06-29 16:32:14 +02:00
|
|
|
|
2020-06-29 11:12:53 +02:00
|
|
|
const { data, files } = ctx.is('multipart') ? parseMultipartBody(ctx) : { data: body };
|
|
|
|
|
|
2020-02-19 11:14:00 +01:00
|
|
|
try {
|
2020-06-30 12:03:13 +02:00
|
|
|
const result = await contentManagerService.edit(
|
|
|
|
|
{ id },
|
2020-07-01 13:03:30 +02:00
|
|
|
{ data: { ...sanitize(data), updated_by: user.id }, files },
|
2020-06-30 12:03:13 +02:00
|
|
|
{ model }
|
|
|
|
|
);
|
2020-06-29 16:32:14 +02:00
|
|
|
|
|
|
|
|
ctx.body = pm.sanitize(result, { action: ACTIONS.read });
|
2020-02-19 11:14:00 +01:00
|
|
|
} catch (error) {
|
|
|
|
|
strapi.log.error(error);
|
|
|
|
|
ctx.badRequest(null, [
|
|
|
|
|
{
|
|
|
|
|
messages: [{ id: error.message, message: error.message, field: error.field }],
|
2020-03-03 16:12:19 +01:00
|
|
|
errors: _.get(error, 'data.errors'),
|
2020-02-19 11:14:00 +01:00
|
|
|
},
|
|
|
|
|
]);
|
2019-07-19 09:58:38 +02:00
|
|
|
}
|
|
|
|
|
},
|
2017-05-05 11:40:52 +02:00
|
|
|
|
2019-07-19 17:24:27 +02:00
|
|
|
/**
|
|
|
|
|
* Deletes one entity of a content type matching a query
|
|
|
|
|
*/
|
|
|
|
|
async delete(ctx) {
|
2020-06-29 16:32:14 +02:00
|
|
|
const {
|
|
|
|
|
state: { userAbility },
|
|
|
|
|
params: { id, model },
|
|
|
|
|
} = ctx;
|
2020-02-19 10:54:44 +01:00
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
2020-01-08 17:00:29 +01:00
|
|
|
|
2020-06-29 16:32:14 +02:00
|
|
|
const { pm } = await findEntityAndCheckPermissions(userAbility, ACTIONS.delete, model, id);
|
|
|
|
|
|
|
|
|
|
const result = await contentManagerService.delete(model, id, pm.query);
|
|
|
|
|
|
|
|
|
|
ctx.body = pm.sanitize(result, { action: ACTIONS.read });
|
2018-07-05 17:57:30 +02:00
|
|
|
},
|
|
|
|
|
|
2019-07-19 17:24:27 +02:00
|
|
|
/**
|
|
|
|
|
* Deletes multiple entities of a content type matching a query
|
|
|
|
|
*/
|
|
|
|
|
async deleteMany(ctx) {
|
2020-06-29 16:32:14 +02:00
|
|
|
const {
|
2020-07-01 13:03:30 +02:00
|
|
|
state: { userAbility },
|
2020-06-29 16:32:14 +02:00
|
|
|
params: { model },
|
|
|
|
|
} = ctx;
|
2020-02-19 10:54:44 +01:00
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
2020-06-29 16:32:14 +02:00
|
|
|
const pm = strapi.admin.services.permission.createPermissionsManager(
|
|
|
|
|
userAbility,
|
|
|
|
|
ACTIONS.delete,
|
|
|
|
|
model
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
const results = await contentManagerService.deleteMany(model, ctx.request.query, pm.query);
|
2020-01-08 17:00:29 +01:00
|
|
|
|
2020-06-29 16:32:14 +02:00
|
|
|
ctx.body = results.map(result => pm.sanitize(result, { action: ACTIONS.read }));
|
2019-07-19 09:58:38 +02:00
|
|
|
},
|
2020-07-01 16:37:44 +02:00
|
|
|
|
|
|
|
|
async findRelationList(ctx) {
|
|
|
|
|
const { model, targetField } = ctx.params;
|
|
|
|
|
const { query } = ctx.request;
|
|
|
|
|
|
|
|
|
|
if (!targetField) {
|
|
|
|
|
return ctx.badRequest();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const modelDef = strapi.db.getModel(model);
|
|
|
|
|
|
|
|
|
|
if (!model) {
|
|
|
|
|
return ctx.notFound('model.notFound');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const attr = modelDef.attributes[targetField];
|
|
|
|
|
if (!attr) {
|
|
|
|
|
return ctx.badRequest('targetField.invalid');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const target = strapi.db.getModelByAssoc(attr);
|
|
|
|
|
|
|
|
|
|
const contentManagerService = strapi.plugins['content-manager'].services.contentmanager;
|
|
|
|
|
|
|
|
|
|
let entities = [];
|
|
|
|
|
|
|
|
|
|
if (_.has(ctx.request.query, '_q')) {
|
|
|
|
|
entities = await contentManagerService.search(target.uid, query);
|
|
|
|
|
} else {
|
|
|
|
|
entities = await contentManagerService.fetchAll(target.uid, query);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!entities) {
|
|
|
|
|
return ctx.notFound();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const modelConfig = await strapi.plugins[
|
|
|
|
|
'content-manager'
|
|
|
|
|
].services.contenttypes.getConfiguration(model);
|
|
|
|
|
|
|
|
|
|
const field = _.get(modelConfig, `metadatas.${targetField}.edit.mainField`, 'id');
|
|
|
|
|
const pickFields = [field, 'id', target.primaryKey];
|
|
|
|
|
const sanitize = d => _.pick(d, pickFields);
|
|
|
|
|
|
|
|
|
|
ctx.body = _.isArray(entities) ? entities.map(sanitize) : sanitize(entities);
|
|
|
|
|
},
|
2017-03-20 22:08:49 +01:00
|
|
|
};
|
