mirror of
https://github.com/strapi/strapi.git
synced 2025-08-29 11:15:55 +00:00
chore: update u&p
This commit is contained in:
parent
23d1b3801a
commit
3e8b3d565b
@ -641,6 +641,7 @@ const UpdateAction: DocumentActionComponent = ({
|
|||||||
}),
|
}),
|
||||||
onClick: async () => {
|
onClick: async () => {
|
||||||
setSubmitting(true);
|
setSubmitting(true);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const { errors } = await validate();
|
const { errors } = await validate();
|
||||||
|
|
||||||
|
@ -228,7 +228,7 @@ const RelationsField = React.forwardRef<HTMLDivElement, RelationsFieldProps>(
|
|||||||
};
|
};
|
||||||
|
|
||||||
if (ONE_WAY_RELATIONS.includes(props.attribute.relation)) {
|
if (ONE_WAY_RELATIONS.includes(props.attribute.relation)) {
|
||||||
field.onChange(props.name, { connect: [item] });
|
field.onChange(`${props.name}.connect`, [item]);
|
||||||
} else {
|
} else {
|
||||||
field.onChange(`${props.name}.connect`, [...(field.value?.connect ?? []), item]);
|
field.onChange(`${props.name}.connect`, [...(field.value?.connect ?? []), item]);
|
||||||
}
|
}
|
||||||
|
@ -91,7 +91,7 @@ const getPublishedAtClause = (
|
|||||||
* As it only contains entries with publishedAt set.
|
* As it only contains entries with publishedAt set.
|
||||||
*/
|
*/
|
||||||
if (!contentTypes.hasDraftAndPublish(targetModel)) {
|
if (!contentTypes.hasDraftAndPublish(targetModel)) {
|
||||||
return { $ne: null };
|
return {};
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -30,14 +30,12 @@ export default async (ctx: Context, next: Next) => {
|
|||||||
|
|
||||||
const [, action] = route.handler.split('.');
|
const [, action] = route.handler.split('.');
|
||||||
|
|
||||||
const configPath =
|
let actionConfig: any;
|
||||||
ct.plugin === 'admin'
|
if (!ct.plugin || ct.plugin === 'admin') {
|
||||||
? ['admin.layout', ct.modelName, 'actions', action]
|
actionConfig = strapi.config.get(`admin.layout.${ct.modelName}.actions.${action}`);
|
||||||
: ['plugin', ct.plugin, 'layout', ct.modelName, 'actions', action];
|
} else {
|
||||||
|
actionConfig = strapi.plugin(ct.plugin).config(`layout.${ct.modelName}.actions.${action}`);
|
||||||
// TODO
|
}
|
||||||
// @ts-expect-error check input for strapi.config.get
|
|
||||||
const actionConfig: string | undefined = strapi.config.get(configPath);
|
|
||||||
|
|
||||||
if (!isNil(actionConfig)) {
|
if (!isNil(actionConfig)) {
|
||||||
const [controller, action] = actionConfig.split('.');
|
const [controller, action] = actionConfig.split('.');
|
||||||
|
@ -17,24 +17,23 @@ const ACTIONS = {
|
|||||||
};
|
};
|
||||||
|
|
||||||
const findEntityAndCheckPermissions = async (ability, action, model, id) => {
|
const findEntityAndCheckPermissions = async (ability, action, model, id) => {
|
||||||
const entity = await strapi.db.query(userModel).findOne({
|
const doc = await strapi.service('plugin::content-manager.document-manager').findOne(id, model, {
|
||||||
where: { id },
|
|
||||||
populate: [`${CREATED_BY_ATTRIBUTE}.roles`],
|
populate: [`${CREATED_BY_ATTRIBUTE}.roles`],
|
||||||
});
|
});
|
||||||
|
|
||||||
if (_.isNil(entity)) {
|
if (_.isNil(doc)) {
|
||||||
throw new NotFoundError();
|
throw new NotFoundError();
|
||||||
}
|
}
|
||||||
|
|
||||||
const pm = strapi.admin.services.permission.createPermissionsManager({ ability, action, model });
|
const pm = strapi.admin.services.permission.createPermissionsManager({ ability, action, model });
|
||||||
|
|
||||||
if (pm.ability.cannot(pm.action, pm.toSubject(entity))) {
|
if (pm.ability.cannot(pm.action, pm.toSubject(doc))) {
|
||||||
throw new ForbiddenError();
|
throw new ForbiddenError();
|
||||||
}
|
}
|
||||||
|
|
||||||
const entityWithoutCreatorRoles = _.omit(entity, `${CREATED_BY_ATTRIBUTE}.roles`);
|
const docWithoutCreatorRoles = _.omit(doc, `${CREATED_BY_ATTRIBUTE}.roles`);
|
||||||
|
|
||||||
return { pm, entity: entityWithoutCreatorRoles };
|
return { pm, doc: docWithoutCreatorRoles };
|
||||||
};
|
};
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
@ -93,18 +92,11 @@ module.exports = {
|
|||||||
|
|
||||||
user.email = _.toLower(user.email);
|
user.email = _.toLower(user.email);
|
||||||
|
|
||||||
if (!user.role) {
|
|
||||||
const defaultRole = await strapi.db
|
|
||||||
.query('plugin::users-permissions.role')
|
|
||||||
.findOne({ where: { type: advanced.default_role } });
|
|
||||||
|
|
||||||
user.role = defaultRole.id;
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const data = await strapi
|
const data = await strapi
|
||||||
.service('plugin::content-manager.entity-manager')
|
.service('plugin::content-manager.document-manager')
|
||||||
.create(user, userModel);
|
.create(userModel, { data: user });
|
||||||
|
|
||||||
const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });
|
const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });
|
||||||
|
|
||||||
ctx.created(sanitizedData);
|
ctx.created(sanitizedData);
|
||||||
@ -118,7 +110,7 @@ module.exports = {
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
async update(ctx) {
|
async update(ctx) {
|
||||||
const { id } = ctx.params;
|
const { id: documentId } = ctx.params;
|
||||||
const { body } = ctx.request;
|
const { body } = ctx.request;
|
||||||
const { user: admin, userAbility } = ctx.state;
|
const { user: admin, userAbility } = ctx.state;
|
||||||
|
|
||||||
@ -128,13 +120,14 @@ module.exports = {
|
|||||||
|
|
||||||
const { email, username, password } = body;
|
const { email, username, password } = body;
|
||||||
|
|
||||||
const { pm, entity } = await findEntityAndCheckPermissions(
|
const { pm, doc } = await findEntityAndCheckPermissions(
|
||||||
userAbility,
|
userAbility,
|
||||||
ACTIONS.edit,
|
ACTIONS.edit,
|
||||||
userModel,
|
userModel,
|
||||||
id
|
documentId
|
||||||
);
|
);
|
||||||
const user = entity;
|
|
||||||
|
const user = doc;
|
||||||
|
|
||||||
await validateUpdateUserBody(ctx.request.body);
|
await validateUpdateUserBody(ctx.request.body);
|
||||||
|
|
||||||
@ -147,7 +140,7 @@ module.exports = {
|
|||||||
.query('plugin::users-permissions.user')
|
.query('plugin::users-permissions.user')
|
||||||
.findOne({ where: { username } });
|
.findOne({ where: { username } });
|
||||||
|
|
||||||
if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(id)) {
|
if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(user.id)) {
|
||||||
throw new ApplicationError('Username already taken');
|
throw new ApplicationError('Username already taken');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -157,9 +150,10 @@ module.exports = {
|
|||||||
.query('plugin::users-permissions.user')
|
.query('plugin::users-permissions.user')
|
||||||
.findOne({ where: { email: _.toLower(email) } });
|
.findOne({ where: { email: _.toLower(email) } });
|
||||||
|
|
||||||
if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(id)) {
|
if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(user.id)) {
|
||||||
throw new ApplicationError('Email already taken');
|
throw new ApplicationError('Email already taken');
|
||||||
}
|
}
|
||||||
|
|
||||||
body.email = _.toLower(body.email);
|
body.email = _.toLower(body.email);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -167,8 +161,10 @@ module.exports = {
|
|||||||
const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');
|
const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');
|
||||||
|
|
||||||
const data = await strapi
|
const data = await strapi
|
||||||
.service('plugin::content-manager.entity-manager')
|
.service('plugin::content-manager.document-manager')
|
||||||
.update({ id }, updateData, userModel);
|
.update(documentId, userModel, {
|
||||||
|
data: updateData,
|
||||||
|
});
|
||||||
|
|
||||||
ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });
|
ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });
|
||||||
},
|
},
|
||||||
|
Loading…
x
Reference in New Issue
Block a user