2018-11-26 18:32:35 +01:00
|
|
|
const _ = require('lodash');
|
2019-10-16 00:17:54 +09:00
|
|
|
|
|
|
|
|
/**
|
2020-01-29 15:30:53 +01:00
|
|
|
* Throws an ApolloError if context body contains a bad request
|
|
|
|
|
* @param contextBody - body of the context object given to the resolver
|
|
|
|
|
* @throws ApolloError if the body is a bad request
|
|
|
|
|
*/
|
2019-10-16 00:17:54 +09:00
|
|
|
function checkBadRequest(contextBody) {
|
2020-03-27 12:19:44 +01:00
|
|
|
if (_.get(contextBody, 'statusCode', 200) !== 200) {
|
2020-03-27 14:33:55 +01:00
|
|
|
const message = _.get(contextBody, 'error', 'Bad Request');
|
|
|
|
|
const exception = new Error(message);
|
|
|
|
|
exception.code = _.get(contextBody, 'statusCode', 400);
|
|
|
|
|
exception.data = contextBody;
|
|
|
|
|
throw exception;
|
2019-10-16 00:17:54 +09:00
|
|
|
}
|
|
|
|
|
}
|
2018-11-26 18:32:35 +01:00
|
|
|
|
2018-04-11 12:53:07 +02:00
|
|
|
module.exports = {
|
|
|
|
|
type: {
|
2019-09-18 12:07:45 +02:00
|
|
|
UsersPermissionsPermission: false, // Make this type NOT queriable.
|
2018-10-14 21:14:02 -05:00
|
|
|
},
|
2020-01-29 15:30:53 +01:00
|
|
|
definition: /* GraphQL */ `
|
2018-10-14 21:14:02 -05:00
|
|
|
type UsersPermissionsMe {
|
2019-07-19 02:14:46 -07:00
|
|
|
id: ID!
|
2018-10-14 21:14:02 -05:00
|
|
|
username: String!
|
|
|
|
|
email: String!
|
|
|
|
|
confirmed: Boolean
|
|
|
|
|
blocked: Boolean
|
2018-10-15 11:03:00 -05:00
|
|
|
role: UsersPermissionsMeRole
|
2018-10-14 21:14:02 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type UsersPermissionsMeRole {
|
2019-07-19 02:14:46 -07:00
|
|
|
id: ID!
|
2018-10-14 21:14:02 -05:00
|
|
|
name: String!
|
|
|
|
|
description: String
|
|
|
|
|
type: String
|
|
|
|
|
}
|
2019-10-16 00:17:54 +09:00
|
|
|
|
2020-05-04 12:36:21 -03:00
|
|
|
input UsersPermissionsRegisterInput {
|
|
|
|
|
username: String!
|
|
|
|
|
email: String!
|
|
|
|
|
password: String!
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-16 00:17:54 +09:00
|
|
|
input UsersPermissionsLoginInput {
|
|
|
|
|
identifier: String!
|
|
|
|
|
password: String!
|
|
|
|
|
provider: String = "local"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type UsersPermissionsLoginPayload {
|
|
|
|
|
jwt: String!
|
2019-12-20 13:38:52 +01:00
|
|
|
user: UsersPermissionsMe!
|
2019-10-16 00:17:54 +09:00
|
|
|
}
|
2020-03-27 12:19:44 +01:00
|
|
|
|
2020-03-31 00:52:49 -04:00
|
|
|
type UserPersmissionsPasswordPayload {
|
|
|
|
|
ok: Boolean!
|
2020-03-23 17:57:54 +01:00
|
|
|
}
|
2018-10-14 21:14:02 -05:00
|
|
|
`,
|
2018-10-09 20:06:52 -05:00
|
|
|
query: `
|
2018-10-14 21:14:02 -05:00
|
|
|
me: UsersPermissionsMe
|
2018-10-09 20:06:52 -05:00
|
|
|
`,
|
2019-10-16 00:17:54 +09:00
|
|
|
mutation: `
|
|
|
|
|
login(input: UsersPermissionsLoginInput!): UsersPermissionsLoginPayload!
|
2020-05-19 11:58:36 -04:00
|
|
|
register(input: UsersPermissionsRegisterInput!): UsersPermissionsRegisterInput!
|
2020-03-31 00:52:49 -04:00
|
|
|
forgotPassword(email: String!): UserPersmissionsPasswordPayload
|
2020-03-31 00:53:06 -04:00
|
|
|
resetPassword(password: String!, passwordConfirmation: String!, code: String!): UsersPermissionsLoginPayload
|
2020-03-23 17:57:54 +01:00
|
|
|
emailConfirmation(confirmation: String!): UsersPermissionsLoginPayload
|
2019-10-16 00:17:54 +09:00
|
|
|
`,
|
2018-04-11 12:53:07 +02:00
|
|
|
resolver: {
|
|
|
|
|
Query: {
|
2018-10-09 20:06:52 -05:00
|
|
|
me: {
|
2020-01-29 15:30:53 +01:00
|
|
|
resolver: 'plugins::users-permissions.user.me',
|
2018-10-09 20:06:52 -05:00
|
|
|
},
|
2018-04-11 12:53:07 +02:00
|
|
|
role: {
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.userspermissions.getRole',
|
2019-09-18 12:07:45 +02:00
|
|
|
resolver: async (obj, options, { context }) => {
|
2020-01-29 15:30:53 +01:00
|
|
|
context.params = { ...context.params, ...options.input };
|
2020-01-20 17:00:20 +01:00
|
|
|
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.userspermissions.getRole(context);
|
2018-04-11 12:53:07 +02:00
|
|
|
|
2019-03-13 19:27:18 +01:00
|
|
|
return context.body.role;
|
2019-09-18 12:07:45 +02:00
|
|
|
},
|
2018-04-11 12:53:07 +02:00
|
|
|
},
|
|
|
|
|
roles: {
|
2018-04-12 15:57:25 +02:00
|
|
|
description: `Retrieve all the existing roles. You can't apply filters on this query.`,
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.userspermissions.getRoles', // Apply the `getRoles` permissions on the resolver.
|
2019-09-18 12:07:45 +02:00
|
|
|
resolver: async (obj, options, { context }) => {
|
2020-01-29 15:30:53 +01:00
|
|
|
context.params = { ...context.params, ...options.input };
|
2020-01-20 17:00:20 +01:00
|
|
|
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.userspermissions.getRoles(context);
|
2018-04-11 12:53:07 +02:00
|
|
|
|
2019-03-13 19:27:18 +01:00
|
|
|
return context.body.roles;
|
2019-09-18 12:07:45 +02:00
|
|
|
},
|
|
|
|
|
},
|
2018-09-10 16:05:00 +08:00
|
|
|
},
|
|
|
|
|
Mutation: {
|
|
|
|
|
createRole: {
|
|
|
|
|
description: 'Create a new role',
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.userspermissions.createRole',
|
2019-09-18 12:07:45 +02:00
|
|
|
resolver: async (obj, options, { context }) => {
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.userspermissions.createRole(
|
|
|
|
|
context
|
|
|
|
|
);
|
2018-09-10 16:05:00 +08:00
|
|
|
|
|
|
|
|
return { ok: true };
|
2019-09-18 12:07:45 +02:00
|
|
|
},
|
2018-09-10 16:05:00 +08:00
|
|
|
},
|
|
|
|
|
updateRole: {
|
|
|
|
|
description: 'Update an existing role',
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.userspermissions.updateRole',
|
2019-09-18 12:07:45 +02:00
|
|
|
resolver: async (obj, options, { context }) => {
|
2020-04-22 05:13:48 -04:00
|
|
|
context.params = { ...context.params, ...options.input };
|
|
|
|
|
context.params.role = context.params.id;
|
|
|
|
|
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.userspermissions.updateRole(
|
2020-04-22 05:13:48 -04:00
|
|
|
context
|
2019-09-18 12:07:45 +02:00
|
|
|
);
|
2018-09-10 16:05:00 +08:00
|
|
|
|
|
|
|
|
return { ok: true };
|
2019-09-18 12:07:45 +02:00
|
|
|
},
|
2018-09-10 16:05:00 +08:00
|
|
|
},
|
|
|
|
|
deleteRole: {
|
|
|
|
|
description: 'Delete an existing role',
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.userspermissions.deleteRole',
|
2019-09-18 12:07:45 +02:00
|
|
|
resolver: async (obj, options, { context }) => {
|
2020-04-22 05:13:48 -04:00
|
|
|
context.params = { ...context.params, ...options.input };
|
|
|
|
|
context.params.role = context.params.id;
|
|
|
|
|
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.userspermissions.deleteRole(
|
|
|
|
|
context
|
|
|
|
|
);
|
2018-09-10 16:05:00 +08:00
|
|
|
|
|
|
|
|
return { ok: true };
|
2019-09-18 12:07:45 +02:00
|
|
|
},
|
2018-11-26 18:32:35 +01:00
|
|
|
},
|
|
|
|
|
createUser: {
|
|
|
|
|
description: 'Create a new user',
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.user.create',
|
2018-11-26 18:32:35 +01:00
|
|
|
resolver: async (obj, options, { context }) => {
|
2019-09-18 12:07:45 +02:00
|
|
|
context.params = _.toPlainObject(options.input.where);
|
2018-11-26 18:32:35 +01:00
|
|
|
context.request.body = _.toPlainObject(options.input.data);
|
|
|
|
|
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.user.create(context);
|
2018-11-26 18:32:35 +01:00
|
|
|
|
|
|
|
|
return {
|
2019-09-18 12:07:45 +02:00
|
|
|
user: context.body.toJSON ? context.body.toJSON() : context.body,
|
2018-11-26 18:32:35 +01:00
|
|
|
};
|
2019-09-18 12:07:45 +02:00
|
|
|
},
|
2018-11-26 18:32:35 +01:00
|
|
|
},
|
|
|
|
|
updateUser: {
|
|
|
|
|
description: 'Update an existing user',
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.user.update',
|
2018-11-26 18:32:35 +01:00
|
|
|
resolver: async (obj, options, { context }) => {
|
2019-09-18 12:07:45 +02:00
|
|
|
context.params = _.toPlainObject(options.input.where);
|
2018-11-26 18:32:35 +01:00
|
|
|
context.request.body = _.toPlainObject(options.input.data);
|
|
|
|
|
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.user.update(context);
|
2018-11-26 18:32:35 +01:00
|
|
|
|
2019-09-18 12:07:45 +02:00
|
|
|
return {
|
|
|
|
|
user: context.body.toJSON ? context.body.toJSON() : context.body,
|
2018-11-26 18:32:35 +01:00
|
|
|
};
|
2019-09-18 12:07:45 +02:00
|
|
|
},
|
2018-11-26 18:32:35 +01:00
|
|
|
},
|
|
|
|
|
deleteUser: {
|
|
|
|
|
description: 'Delete an existing user',
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.user.destroy',
|
2018-11-26 18:32:35 +01:00
|
|
|
resolver: async (obj, options, { context }) => {
|
2018-11-27 14:54:34 +01:00
|
|
|
// Set parameters to context.
|
2019-09-18 12:07:45 +02:00
|
|
|
context.params = _.toPlainObject(options.input.where);
|
2018-11-26 18:32:35 +01:00
|
|
|
context.request.body = _.toPlainObject(options.input.data);
|
|
|
|
|
|
2019-09-18 12:07:45 +02:00
|
|
|
// Retrieve user to be able to return it because
|
2018-11-27 14:54:34 +01:00
|
|
|
// Bookshelf doesn't return the row once deleted.
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.user.findOne(context);
|
2018-11-27 14:54:34 +01:00
|
|
|
// Assign result to user.
|
2020-03-02 09:59:33 +01:00
|
|
|
const user = context.body.toJSON ? context.body.toJSON() : context.body;
|
2018-11-27 14:54:34 +01:00
|
|
|
|
|
|
|
|
// Run destroy query.
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.user.destroy(context);
|
2018-11-26 18:32:35 +01:00
|
|
|
|
|
|
|
|
return {
|
2019-09-18 12:07:45 +02:00
|
|
|
user,
|
2018-11-26 18:32:35 +01:00
|
|
|
};
|
2020-01-29 15:30:53 +01:00
|
|
|
},
|
2019-09-18 12:07:45 +02:00
|
|
|
},
|
2019-10-16 00:17:54 +09:00
|
|
|
register: {
|
|
|
|
|
description: 'Register a user',
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.auth.register',
|
|
|
|
|
resolver: async (obj, options, { context }) => {
|
2019-10-16 00:17:54 +09:00
|
|
|
context.request.body = _.toPlainObject(options.input);
|
2020-01-20 17:00:20 +01:00
|
|
|
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.auth.register(context);
|
|
|
|
|
let output = context.body.toJSON ? context.body.toJSON() : context.body;
|
2020-01-20 17:00:20 +01:00
|
|
|
|
2019-10-16 00:17:54 +09:00
|
|
|
checkBadRequest(output);
|
|
|
|
|
return {
|
2020-01-29 15:30:53 +01:00
|
|
|
user: output.user || output,
|
|
|
|
|
jwt: output.jwt,
|
2019-10-16 00:17:54 +09:00
|
|
|
};
|
2020-01-29 15:30:53 +01:00
|
|
|
},
|
2019-10-16 00:17:54 +09:00
|
|
|
},
|
|
|
|
|
login: {
|
2020-01-29 15:30:53 +01:00
|
|
|
resolverOf: 'plugins::users-permissions.auth.callback',
|
|
|
|
|
resolver: async (obj, options, { context }) => {
|
|
|
|
|
context.params = {
|
|
|
|
|
...context.params,
|
|
|
|
|
provider: options.input.provider,
|
|
|
|
|
};
|
2019-10-16 00:17:54 +09:00
|
|
|
context.request.body = _.toPlainObject(options.input);
|
|
|
|
|
|
2020-03-02 09:59:33 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.auth.callback(context);
|
|
|
|
|
let output = context.body.toJSON ? context.body.toJSON() : context.body;
|
2019-10-16 00:17:54 +09:00
|
|
|
|
|
|
|
|
checkBadRequest(output);
|
|
|
|
|
return {
|
2020-01-29 15:30:53 +01:00
|
|
|
user: output.user || output,
|
|
|
|
|
jwt: output.jwt,
|
2019-10-16 00:17:54 +09:00
|
|
|
};
|
2020-01-29 15:30:53 +01:00
|
|
|
},
|
|
|
|
|
},
|
2020-03-23 17:57:54 +01:00
|
|
|
forgotPassword: {
|
|
|
|
|
description: 'Request a reset password token',
|
|
|
|
|
resolverOf: 'plugins::users-permissions.auth.forgotPassword',
|
|
|
|
|
resolver: async (obj, options, { context }) => {
|
|
|
|
|
context.request.body = _.toPlainObject(options);
|
|
|
|
|
|
|
|
|
|
await strapi.plugins['users-permissions'].controllers.auth.forgotPassword(context);
|
|
|
|
|
let output = context.body.toJSON ? context.body.toJSON() : context.body;
|
|
|
|
|
|
|
|
|
|
checkBadRequest(output);
|
|
|
|
|
|
|
|
|
|
return {
|
2020-03-27 12:19:44 +01:00
|
|
|
ok: output.ok || output,
|
2020-03-23 17:57:54 +01:00
|
|
|
};
|
2020-03-27 12:19:44 +01:00
|
|
|
},
|
2020-03-23 17:57:54 +01:00
|
|
|
},
|
2020-03-31 00:53:06 -04:00
|
|
|
resetPassword: {
|
|
|
|
|
description: 'Reset user password. Confirm with a code (resetToken from forgotPassword)',
|
|
|
|
|
resolverOf: 'plugins::users-permissions.auth.resetPassword',
|
|
|
|
|
resolver: async (obj, options, { context }) => {
|
|
|
|
|
context.request.body = _.toPlainObject(options);
|
|
|
|
|
|
|
|
|
|
await strapi.plugins['users-permissions'].controllers.auth.resetPassword(context);
|
|
|
|
|
let output = context.body.toJSON ? context.body.toJSON() : context.body;
|
|
|
|
|
|
|
|
|
|
checkBadRequest(output);
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
user: output.user || output,
|
|
|
|
|
jwt: output.jwt,
|
|
|
|
|
};
|
|
|
|
|
},
|
|
|
|
|
},
|
2020-03-23 17:57:54 +01:00
|
|
|
emailConfirmation: {
|
|
|
|
|
description: 'Confirm an email users email address',
|
|
|
|
|
resolverOf: 'plugins::users-permissions.auth.emailConfirmation',
|
|
|
|
|
resolver: async (obj, options, { context }) => {
|
|
|
|
|
context.query = _.toPlainObject(options);
|
|
|
|
|
|
2020-03-27 12:19:44 +01:00
|
|
|
await strapi.plugins['users-permissions'].controllers.auth.emailConfirmation(
|
|
|
|
|
context,
|
2020-04-15 21:23:14 +02:00
|
|
|
null,
|
2020-03-27 12:19:44 +01:00
|
|
|
true
|
|
|
|
|
);
|
2020-03-23 17:57:54 +01:00
|
|
|
let output = context.body.toJSON ? context.body.toJSON() : context.body;
|
|
|
|
|
|
|
|
|
|
checkBadRequest(output);
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
user: output.user || output,
|
2020-03-27 12:19:44 +01:00
|
|
|
jwt: output.jwt,
|
2020-03-23 17:57:54 +01:00
|
|
|
};
|
2020-03-27 12:19:44 +01:00
|
|
|
},
|
|
|
|
|
},
|
2020-01-29 15:30:53 +01:00
|
|
|
},
|
|
|
|
|
},
|
2018-04-11 12:53:07 +02:00
|
|
|
};
|
