strapi/packages/strapi-plugin-users-permissions/config/schema.graphql

const _ = require('lodash');
const { ApolloError } = require('apollo-server-koa');

/**
* Throws an ApolloError if context body contains a bad request
* @param contextBody - body of the context object given to the resolver
* @throws ApolloError if the body is a bad request
*/
function checkBadRequest(contextBody) {
  if (_.get(contextBody, 'output.payload.statusCode', 200) !== 200) {
    const statusCode = _.get(contextBody, 'output.payload.statusCode', 400);
    const message = _.get(contextBody, 'output.payload.message', 'Bad Request');
    throw new ApolloError(message, statusCode, _.omit(contextBody, ['output']));
  }
}

module.exports = {
  type: {
    UsersPermissionsPermission: false, // Make this type NOT queriable.
  },
  definition: `
    type UsersPermissionsMe {
      id: ID!
      username: String!
      email: String!
      confirmed: Boolean
      blocked: Boolean
      role: UsersPermissionsMeRole
    }

    type UsersPermissionsMeRole {
      id: ID!
      name: String!
      description: String
      type: String
    }

    input UsersPermissionsLoginInput {
      identifier: String!
      password: String!
      provider: String = "local"
    }

    type UsersPermissionsLoginPayload {
      jwt: String!
      user: UsersPermissionsUser!
    }
  `,
  query: `
    me: UsersPermissionsMe
  `,
  mutation: `
    login(input: UsersPermissionsLoginInput!): UsersPermissionsLoginPayload!
    register(input: UserInput!): UsersPermissionsLoginPayload!
  `,
  resolver: {
    Query: {
      me: {
        resolverOf: 'User.me',
        resolver: {
          plugin: 'users-permissions',
          handler: 'User.me',
        },
      },
      role: {
        plugin: 'users-permissions',
        resolverOf: 'UsersPermissions.getRole',
        resolver: async (obj, options, { context }) => {
          await strapi.plugins[
            'users-permissions'
          ].controllers.userspermissions.getRole(context);

          return context.body.role;
        },
      },
      roles: {
        description: `Retrieve all the existing roles. You can't apply filters on this query.`,
        plugin: 'users-permissions',
        resolverOf: 'UsersPermissions.getRoles', // Apply the `getRoles` permissions on the resolver.
        resolver: async (obj, options, { context }) => {
          await strapi.plugins[
            'users-permissions'
          ].controllers.userspermissions.getRoles(context);

          return context.body.roles;
        },
      },
    },
    Mutation: {
      createRole: {
        description: 'Create a new role',
        plugin: 'users-permissions',
        resolverOf: 'UsersPermissions.createRole',
        resolver: async (obj, options, { context }) => {
          await strapi.plugins[
            'users-permissions'
          ].controllers.userspermissions.createRole(context);

          return { ok: true };
        },
      },
      updateRole: {
        description: 'Update an existing role',
        plugin: 'users-permissions',
        resolverOf: 'UsersPermissions.updateRole',
        resolver: async (obj, options, { context }) => {
          await strapi.plugins[
            'users-permissions'
          ].controllers.userspermissions.updateRole(
            context.params,
            context.body
          );

          return { ok: true };
        },
      },
      deleteRole: {
        description: 'Delete an existing role',
        plugin: 'users-permissions',
        resolverOf: 'UsersPermissions.deleteRole',
        resolver: async (obj, options, { context }) => {
          await strapi.plugins[
            'users-permissions'
          ].controllers.userspermissions.deleteRole(context);

          return { ok: true };
        },
      },
      createUser: {
        description: 'Create a new user',
        plugin: 'users-permissions',
        resolverOf: 'User.create',
        resolver: async (obj, options, { context }) => {
          context.params = _.toPlainObject(options.input.where);
          context.request.body = _.toPlainObject(options.input.data);

          await strapi.plugins['users-permissions'].controllers.user.create(
            context
          );

          return {
            user: context.body.toJSON ? context.body.toJSON() : context.body,
          };
        },
      },
      updateUser: {
        description: 'Update an existing user',
        plugin: 'users-permissions',
        resolverOf: 'User.update',
        resolver: async (obj, options, { context }) => {
          context.params = _.toPlainObject(options.input.where);
          context.request.body = _.toPlainObject(options.input.data);

          await strapi.plugins['users-permissions'].controllers.user.update(
            context
          );

          return {
            user: context.body.toJSON ? context.body.toJSON() : context.body,
          };
        },
      },
      deleteUser: {
        description: 'Delete an existing user',
        plugin: 'users-permissions',
        resolverOf: 'User.destroy',
        resolver: async (obj, options, { context }) => {
          // Set parameters to context.
          context.params = _.toPlainObject(options.input.where);
          context.request.body = _.toPlainObject(options.input.data);

          // Retrieve user to be able to return it because
          // Bookshelf doesn't return the row once deleted.
          await strapi.plugins['users-permissions'].controllers.user.findOne(
            context
          );
          // Assign result to user.
          const user = context.body.toJSON
            ? context.body.toJSON()
            : context.body;

          // Run destroy query.
          await strapi.plugins['users-permissions'].controllers.user.destroy(
            context
          );

          return {
            user,
          };
        }
      },
      register: {
        description: 'Register a user',
        plugin: 'users-permissions',
        resolverOf: 'Auth.register',
        resolver: async (obj, options, {context}) => {
          context.request.body = _.toPlainObject(options.input);
          
          await strapi.plugins['users-permissions'].controllers.auth.register(context);
          let output = context.body.toJSON ? context.body.toJSON() : context.body;
          
          checkBadRequest(output);
          return {
            user: output.user || output, jwt: output.jwt
          };
        }
      },
      login: {
        resolverOf: 'Auth.callback',
        plugin: 'users-permissions',
        resolver: async (obj, options, {context}) => {
          context.params = {...context.params, provider: options.input.provider};
          context.request.body = _.toPlainObject(options.input);

          await strapi.plugins['users-permissions'].controllers.auth.callback(context);
          let output = context.body.toJSON ? context.body.toJSON() : context.body;

          checkBadRequest(output);
          return {
            user: output.user || output, jwt: output.jwt
          };
        }
      }
    }
  }
};
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`const _ = require('lodash');`
Add GraphQL register/login (#3879) * Add GraphQL login * Add GraphQL register * Add graphql login/register/delete End2End test * Update from requests * Remove logging * Update to beta.16 * Update * Add error handling * Util function * Update 2019-10-16 00:17:54 +09:00			`const { ApolloError } = require('apollo-server-koa');`

			`/**`
			`* Throws an ApolloError if context body contains a bad request`
			`* @param contextBody - body of the context object given to the resolver`
			`* @throws ApolloError if the body is a bad request`
			`*/`
			`function checkBadRequest(contextBody) {`
			`if (_.get(contextBody, 'output.payload.statusCode', 200) !== 200) {`
			`const statusCode = _.get(contextBody, 'output.payload.statusCode', 400);`
			`const message = _.get(contextBody, 'output.payload.message', 'Bad Request');`
			`throw new ApolloError(message, statusCode, _.omit(contextBody, ['output']));`
			`}`
			`}`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00			`module.exports = {`
			`type: {`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`UsersPermissionsPermission: false, // Make this type NOT queriable.`
Add a special return type for the me graphql query This helps avoid returning roles and permissions that the user doesn't have access to. 2018-10-14 21:14:02 -05:00			`},`
			definition: `
			`type UsersPermissionsMe {`
Fix graphql me route when using bookshelf databases 2019-07-19 02:14:46 -07:00			`id: ID!`
Add a special return type for the me graphql query This helps avoid returning roles and permissions that the user doesn't have access to. 2018-10-14 21:14:02 -05:00			`username: String!`
			`email: String!`
			`confirmed: Boolean`
			`blocked: Boolean`
Use the UserPermissionsMeRole 2018-10-15 11:03:00 -05:00			`role: UsersPermissionsMeRole`
Add a special return type for the me graphql query This helps avoid returning roles and permissions that the user doesn't have access to. 2018-10-14 21:14:02 -05:00			`}`

			`type UsersPermissionsMeRole {`
Fix graphql me route when using bookshelf databases 2019-07-19 02:14:46 -07:00			`id: ID!`
Add a special return type for the me graphql query This helps avoid returning roles and permissions that the user doesn't have access to. 2018-10-14 21:14:02 -05:00			`name: String!`
			`description: String`
			`type: String`
			`}`
Add GraphQL register/login (#3879) * Add GraphQL login * Add GraphQL register * Add graphql login/register/delete End2End test * Update from requests * Remove logging * Update to beta.16 * Update * Add error handling * Util function * Update 2019-10-16 00:17:54 +09:00
			`input UsersPermissionsLoginInput {`
			`identifier: String!`
			`password: String!`
			`provider: String = "local"`
			`}`

			`type UsersPermissionsLoginPayload {`
			`jwt: String!`
			`user: UsersPermissionsUser!`
			`}`
Add a special return type for the me graphql query This helps avoid returning roles and permissions that the user doesn't have access to. 2018-10-14 21:14:02 -05:00			`,
add graphql query for the current user 2018-10-09 20:06:52 -05:00			query: `
Add a special return type for the me graphql query This helps avoid returning roles and permissions that the user doesn't have access to. 2018-10-14 21:14:02 -05:00			`me: UsersPermissionsMe`
add graphql query for the current user 2018-10-09 20:06:52 -05:00			`,
Add GraphQL register/login (#3879) * Add GraphQL login * Add GraphQL register * Add graphql login/register/delete End2End test * Update from requests * Remove logging * Update to beta.16 * Update * Add error handling * Util function * Update 2019-10-16 00:17:54 +09:00			mutation: `
			`login(input: UsersPermissionsLoginInput!): UsersPermissionsLoginPayload!`
			`register(input: UserInput!): UsersPermissionsLoginPayload!`
			`,
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00			`resolver: {`
			`Query: {`
add graphql query for the current user 2018-10-09 20:06:52 -05:00			`me: {`
			`resolverOf: 'User.me',`
			`resolver: {`
			`plugin: 'users-permissions',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`handler: 'User.me',`
			`},`
add graphql query for the current user 2018-10-09 20:06:52 -05:00			`},`
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00			`role: {`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`plugin: 'users-permissions',`
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00			`resolverOf: 'UsersPermissions.getRole',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`resolver: async (obj, options, { context }) => {`
			`await strapi.plugins[`
			`'users-permissions'`
			`].controllers.userspermissions.getRole(context);`
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00
Mongo + graphql v1 2019-03-13 19:27:18 +01:00			`return context.body.role;`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`},`
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00			`},`
			`roles: {`
Add description to explain specificities of the roles query 2018-04-12 15:57:25 +02:00			description: `Retrieve all the existing roles. You can't apply filters on this query.`,
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`plugin: 'users-permissions',`
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00			resolverOf: 'UsersPermissions.getRoles', // Apply the `getRoles` permissions on the resolver.
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`resolver: async (obj, options, { context }) => {`
			`await strapi.plugins[`
			`'users-permissions'`
			`].controllers.userspermissions.getRoles(context);`
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00
Mongo + graphql v1 2019-03-13 19:27:18 +01:00			`return context.body.roles;`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`},`
			`},`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00			`},`
			`Mutation: {`
			`createRole: {`
			`description: 'Create a new role',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`plugin: 'users-permissions',`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00			`resolverOf: 'UsersPermissions.createRole',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`resolver: async (obj, options, { context }) => {`
			`await strapi.plugins[`
			`'users-permissions'`
			`].controllers.userspermissions.createRole(context);`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00
			`return { ok: true };`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`},`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00			`},`
			`updateRole: {`
			`description: 'Update an existing role',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`plugin: 'users-permissions',`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00			`resolverOf: 'UsersPermissions.updateRole',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`resolver: async (obj, options, { context }) => {`
			`await strapi.plugins[`
			`'users-permissions'`
			`].controllers.userspermissions.updateRole(`
			`context.params,`
			`context.body`
			`);`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00
			`return { ok: true };`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`},`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00			`},`
			`deleteRole: {`
			`description: 'Delete an existing role',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`plugin: 'users-permissions',`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00			`resolverOf: 'UsersPermissions.deleteRole',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`resolver: async (obj, options, { context }) => {`
			`await strapi.plugins[`
			`'users-permissions'`
			`].controllers.userspermissions.deleteRole(context);`
GraphQL Mutations, Aggregations, Decimals Merging Mutations and Aggregations. Fixed Mongoose Hook to use Decimals (2 decimal places) and Floats (20 decimal places). 2018-09-10 16:05:00 +08:00
			`return { ok: true };`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`},`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`},`
			`createUser: {`
			`description: 'Create a new user',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`plugin: 'users-permissions',`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`resolverOf: 'User.create',`
			`resolver: async (obj, options, { context }) => {`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`context.params = _.toPlainObject(options.input.where);`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`context.request.body = _.toPlainObject(options.input.data);`

Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`await strapi.plugins['users-permissions'].controllers.user.create(`
			`context`
			`);`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00
			`return {`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`user: context.body.toJSON ? context.body.toJSON() : context.body,`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`};`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`},`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`},`
			`updateUser: {`
			`description: 'Update an existing user',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`plugin: 'users-permissions',`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`resolverOf: 'User.update',`
			`resolver: async (obj, options, { context }) => {`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`context.params = _.toPlainObject(options.input.where);`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`context.request.body = _.toPlainObject(options.input.data);`

Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`await strapi.plugins['users-permissions'].controllers.user.update(`
			`context`
			`);`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`return {`
			`user: context.body.toJSON ? context.body.toJSON() : context.body,`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`};`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`},`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`},`
			`deleteUser: {`
			`description: 'Delete an existing user',`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`plugin: 'users-permissions',`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`resolverOf: 'User.destroy',`
			`resolver: async (obj, options, { context }) => {`
Fix deleteUser mutation for Mongoose and Bookshelf 2018-11-27 14:54:34 +01:00			`// Set parameters to context.`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`context.params = _.toPlainObject(options.input.where);`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`context.request.body = _.toPlainObject(options.input.data);`

Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`// Retrieve user to be able to return it because`
Fix deleteUser mutation for Mongoose and Bookshelf 2018-11-27 14:54:34 +01:00			`// Bookshelf doesn't return the row once deleted.`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`await strapi.plugins['users-permissions'].controllers.user.findOne(`
			`context`
			`);`
Fix deleteUser mutation for Mongoose and Bookshelf 2018-11-27 14:54:34 +01:00			`// Assign result to user.`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`const user = context.body.toJSON`
			`? context.body.toJSON()`
			`: context.body;`
Fix deleteUser mutation for Mongoose and Bookshelf 2018-11-27 14:54:34 +01:00
			`// Run destroy query.`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`await strapi.plugins['users-permissions'].controllers.user.destroy(`
			`context`
			`);`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00
			`return {`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`user,`
Follow generated GraphQL input to return data 2018-11-26 18:32:35 +01:00			`};`
Add GraphQL register/login (#3879) * Add GraphQL login * Add GraphQL register * Add graphql login/register/delete End2End test * Update from requests * Remove logging * Update to beta.16 * Update * Add error handling * Util function * Update 2019-10-16 00:17:54 +09:00			`}`
Fix user-permissions graphql permissions and update user 2019-09-18 12:07:45 +02:00			`},`
Add GraphQL register/login (#3879) * Add GraphQL login * Add GraphQL register * Add graphql login/register/delete End2End test * Update from requests * Remove logging * Update to beta.16 * Update * Add error handling * Util function * Update 2019-10-16 00:17:54 +09:00			`register: {`
			`description: 'Register a user',`
			`plugin: 'users-permissions',`
			`resolverOf: 'Auth.register',`
			`resolver: async (obj, options, {context}) => {`
			`context.request.body = _.toPlainObject(options.input);`

			`await strapi.plugins['users-permissions'].controllers.auth.register(context);`
			`let output = context.body.toJSON ? context.body.toJSON() : context.body;`

			`checkBadRequest(output);`
			`return {`
			`user: output.user \|\| output, jwt: output.jwt`
			`};`
			`}`
			`},`
			`login: {`
			`resolverOf: 'Auth.callback',`
			`plugin: 'users-permissions',`
			`resolver: async (obj, options, {context}) => {`
			`context.params = {...context.params, provider: options.input.provider};`
			`context.request.body = _.toPlainObject(options.input);`

			`await strapi.plugins['users-permissions'].controllers.auth.callback(context);`
			`let output = context.body.toJSON ? context.body.toJSON() : context.body;`

			`checkBadRequest(output);`
			`return {`
			`user: output.user \|\| output, jwt: output.jwt`
			`};`
			`}`
			`}`
			`}`
			`}`
Make GraphQL polymorphic relationships working with Bookshelf 2018-04-11 12:53:07 +02:00			`};`