strapi/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js

'use strict';

/**
 * UsersPermissions.js controller
 *
 * @description: A set of functions called "actions" of the `users-permissions` plugin.
 */

const _ = require('lodash');

module.exports = {

  /**
   * Default action.
   *
   * @return {Object}
   */
  createRole: async (ctx) => {
    if (_.isEmpty(ctx.request.body)) {
      return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
    }

    try {
      await strapi.plugins['users-permissions'].services.userspermissions.createRole(ctx.request.body);
      ctx.send({ ok: true });
    } catch(err) {
      ctx.badRequest(null, [{ messages: [{ id: 'An error occured' }] }]);
    }
  },

  deleteProvider: async ctx => {
    const { provider } = ctx.params;

    if (!provider) {
      return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
    }

    // TODO handle dynamic
    return ctx.send({ ok: true });
  },

  deleteRole: async ctx => {
    const { role } = ctx.params;

    if (!role) {
      return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
    }

    if (role === '0' || role === '1') {
      return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);
    }

    try {
      await strapi.plugins['users-permissions'].services.userspermissions.deleteRole(role);
      return ctx.send({ ok: true });
    } catch(err) {
      return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
    }
  },

  getPermissions: async (ctx) => {
    try {
      const { lang } = ctx.query;
      const plugins = await strapi.plugins['users-permissions'].services.userspermissions.getPlugins(lang);
      const permissions = await strapi.plugins['users-permissions'].services.userspermissions.getActions(plugins);
      ctx.send({ permissions });
    } catch(err) {
      ctx.badRequest(null, [{ message: [{ id: 'Not Found' }] }]);
    }
  },

  getPolicies: async (ctx) => {
    return ctx.send({
      policies: _.without(_.keys(strapi.plugins['users-permissions'].config.policies), 'permissions')
    });
  },

  getRole: async (ctx) => {
    const { id } = ctx.params;
    const { lang } = ctx.query;
    const plugins = await strapi.plugins['users-permissions'].services.userspermissions.getPlugins(lang);
    const role = await strapi.plugins['users-permissions'].services.userspermissions.getRole(id, plugins);

    if (_.isEmpty(role)) {
      return ctx.badRequest(null, [{ messages: [{ id: `Role don't exist` }] }]);
    }

    return ctx.send({ role });
  },

  getRoles: async (ctx) => {
    try {
      const roles = await strapi.plugins['users-permissions'].services.userspermissions.getRoles();

      ctx.send({ roles });
    } catch(err) {
      ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
    }
  },

  getRoutes: async (ctx) => {
    try {
      const routes = await strapi.plugins['users-permissions'].services.userspermissions.getRoutes();

      ctx.send({ routes });
    } catch(err) {
      ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
    }
  },

  index: async (ctx) => {
    // Add your own logic here.

    // Send 200 `ok`
    ctx.send({
      message: 'ok'
    });
  },

  init: async (ctx) => {
    const hasAdmin = await strapi.query('user', 'users-permissions').find(strapi.utils.models.convertParams('user', { role: '0' }));

    ctx.send({ hasAdmin: hasAdmin.length > 0 });
  },

  searchUsers: async (ctx) => {
    const data = await strapi.query('user', 'users-permissions').search(ctx.params);
    return ctx.send(data);
  },

  updateRole: async (ctx) => {
    const roleId = ctx.params.role;
    // Prevent from updating the Administrator role
    if (roleId === '0') {
      return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);
    }

    if (_.isEmpty(ctx.request.body)) {
      return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
    }

    try {
      await strapi.plugins['users-permissions'].services.userspermissions.updateRole(roleId, ctx.request.body);
      ctx.send({ ok: true });
    } catch(error) {
      ctx.badRequest(null, [{ messages: [{ id: 'An error occurred' }] }]);
    }
  }
};
Generate plugin users-permissions and add it to strapi-packages 2017-11-06 11:14:43 +01:00			`'use strict';`

			`/**`
			`* UsersPermissions.js controller`
			`*`
			* @description: A set of functions called "actions" of the `users-permissions` plugin.
			`*/`

Mount mongoose instance in plugins models 2017-11-15 15:06:09 +01:00			`const _ = require('lodash');`

Generate plugin users-permissions and add it to strapi-packages 2017-11-06 11:14:43 +01:00			`module.exports = {`

			`/**`
			`* Default action.`
			`*`
			`* @return {Object}`
			`*/`
Edit role 2017-11-23 17:13:46 +01:00			`createRole: async (ctx) => {`
Created handler for POST role 2017-11-23 11:03:26 +01:00			`if (_.isEmpty(ctx.request.body)) {`
			`return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);`
			`}`
Edit role 2017-11-23 17:13:46 +01:00
Created handler for POST role 2017-11-23 11:03:26 +01:00			`try {`
Handle create role 2017-11-27 16:49:56 +01:00			`await strapi.plugins['users-permissions'].services.userspermissions.createRole(ctx.request.body);`
Created handler for POST role 2017-11-23 11:03:26 +01:00			`ctx.send({ ok: true });`
			`} catch(err) {`
			`ctx.badRequest(null, [{ messages: [{ id: 'An error occured' }] }]);`
			`}`
			`},`
Generate plugin users-permissions and add it to strapi-packages 2017-11-06 11:14:43 +01:00
Delete dynamic (front end) 2017-11-23 18:08:14 +01:00			`deleteProvider: async ctx => {`
			`const { provider } = ctx.params;`

			`if (!provider) {`
			`return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);`
			`}`

			`// TODO handle dynamic`
			`return ctx.send({ ok: true });`
			`},`

			`deleteRole: async ctx => {`
			`const { role } = ctx.params;`

			`if (!role) {`
			`return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);`
			`}`

Fix design 2017-12-04 15:03:53 +01:00			`if (role === '0' \|\| role === '1') {`
Handle delete role 2017-11-27 17:02:45 +01:00			`return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);`
			`}`

			`try {`
			`await strapi.plugins['users-permissions'].services.userspermissions.deleteRole(role);`
			`return ctx.send({ ok: true });`
			`} catch(err) {`
			`return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);`
			`}`
Delete dynamic (front end) 2017-11-23 18:08:14 +01:00			`},`

Edit role 2017-11-23 17:13:46 +01:00			`getPermissions: async (ctx) => {`
Get role and format data with immutable 2017-11-15 15:11:10 +01:00			`try {`
Retrieve plugins' icons URL from API and name Redux store 2018-01-05 16:19:53 +01:00			`const { lang } = ctx.query;`
			`const plugins = await strapi.plugins['users-permissions'].services.userspermissions.getPlugins(lang);`
			`const permissions = await strapi.plugins['users-permissions'].services.userspermissions.getActions(plugins);`
Change permissions data format 2017-11-16 17:59:41 +01:00			`ctx.send({ permissions });`
Get role and format data with immutable 2017-11-15 15:11:10 +01:00			`} catch(err) {`
			`ctx.badRequest(null, [{ message: [{ id: 'Not Found' }] }]);`
			`}`
			`},`

Add get policy functions 2017-11-29 18:45:51 +01:00			`getPolicies: async (ctx) => {`
			`return ctx.send({`
			`policies: _.without(_.keys(strapi.plugins['users-permissions'].config.policies), 'permissions')`
			`});`
			`},`

Edit role 2017-11-23 17:13:46 +01:00			`getRole: async (ctx) => {`
Change frontend routing and prepare for edit 2017-11-15 14:00:51 +01:00			`const { id } = ctx.params;`
Retrieve plugins' icons URL from API and name Redux store 2018-01-05 16:19:53 +01:00			`const { lang } = ctx.query;`
			`const plugins = await strapi.plugins['users-permissions'].services.userspermissions.getPlugins(lang);`
			`const role = await strapi.plugins['users-permissions'].services.userspermissions.getRole(id, plugins);`
Get role and format data with immutable 2017-11-15 15:11:10 +01:00
			`if (_.isEmpty(role)) {`
Fix PR feedback 2017-11-20 14:35:24 +01:00			return ctx.badRequest(null, [{ messages: [{ id: `Role don't exist` }] }]);
Get role and format data with immutable 2017-11-15 15:11:10 +01:00			`}`
Change frontend routing and prepare for edit 2017-11-15 14:00:51 +01:00
Get role and format data with immutable 2017-11-15 15:11:10 +01:00			`return ctx.send({ role });`
Change frontend routing and prepare for edit 2017-11-15 14:00:51 +01:00			`},`
Generate plugin users-permissions and add it to strapi-packages 2017-11-06 11:14:43 +01:00
Get roles (frontend and backend) 2017-11-27 16:04:57 +01:00			`getRoles: async (ctx) => {`
			`try {`
			`const roles = await strapi.plugins['users-permissions'].services.userspermissions.getRoles();`

			`ctx.send({ roles });`
			`} catch(err) {`
			`ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);`
			`}`
			`},`

Add handler to get the plugins routes 2017-11-30 16:34:43 +01:00			`getRoutes: async (ctx) => {`
			`try {`
			`const routes = await strapi.plugins['users-permissions'].services.userspermissions.getRoutes();`

			`ctx.send({ routes });`
			`} catch(err) {`
			`ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);`
			`}`
			`},`

Generate plugin users-permissions and add it to strapi-packages 2017-11-06 11:14:43 +01:00			`index: async (ctx) => {`
			`// Add your own logic here.`

			// Send 200 `ok`
			`ctx.send({`
			`message: 'ok'`
			`});`
Add fake route to check if admin user exists 2017-11-14 17:09:13 +01:00			`},`

			`init: async (ctx) => {`
Last fix PR 2017-12-11 11:14:07 +01:00			`const hasAdmin = await strapi.query('user', 'users-permissions').find(strapi.utils.models.convertParams('user', { role: '0' }));`
Fix query bookshelf and modify init role file 2017-11-29 15:42:11 +01:00
Last fix PR 2017-12-11 11:14:07 +01:00			`ctx.send({ hasAdmin: hasAdmin.length > 0 });`
Edit role 2017-11-23 17:13:46 +01:00			`},`

Add searchUsers and created mongoose query 2017-11-27 12:19:36 +01:00			`searchUsers: async (ctx) => {`
			`const data = await strapi.query('user', 'users-permissions').search(ctx.params);`
			`return ctx.send(data);`
			`},`

Edit role 2017-11-23 17:13:46 +01:00			`updateRole: async (ctx) => {`
Handle update role 2017-11-27 17:50:51 +01:00			`const roleId = ctx.params.role;`
			`// Prevent from updating the Administrator role`
			`if (roleId === '0') {`
			`return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);`
			`}`

			`if (_.isEmpty(ctx.request.body)) {`
			`return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);`
			`}`

Edit role 2017-11-23 17:13:46 +01:00			`try {`
Handle update role 2017-11-27 17:50:51 +01:00			`await strapi.plugins['users-permissions'].services.userspermissions.updateRole(roleId, ctx.request.body);`
Edit role 2017-11-23 17:13:46 +01:00			`ctx.send({ ok: true });`
			`} catch(error) {`
			`ctx.badRequest(null, [{ messages: [{ id: 'An error occurred' }] }]);`
			`}`
Generate plugin users-permissions and add it to strapi-packages 2017-11-06 11:14:43 +01:00			`}`
			`};`