chore: update u&p

This commit is contained in:
Alexandre Bodin 2024-03-18 21:44:32 +01:00
parent 23d1b3801a
commit 3e8b3d565b
5 changed files with 29 additions and 34 deletions

View File

@ -641,6 +641,7 @@ const UpdateAction: DocumentActionComponent = ({
}), }),
onClick: async () => { onClick: async () => {
setSubmitting(true); setSubmitting(true);
try { try {
const { errors } = await validate(); const { errors } = await validate();

View File

@ -228,7 +228,7 @@ const RelationsField = React.forwardRef<HTMLDivElement, RelationsFieldProps>(
}; };
if (ONE_WAY_RELATIONS.includes(props.attribute.relation)) { if (ONE_WAY_RELATIONS.includes(props.attribute.relation)) {
field.onChange(props.name, { connect: [item] }); field.onChange(`${props.name}.connect`, [item]);
} else { } else {
field.onChange(`${props.name}.connect`, [...(field.value?.connect ?? []), item]); field.onChange(`${props.name}.connect`, [...(field.value?.connect ?? []), item]);
} }

View File

@ -91,7 +91,7 @@ const getPublishedAtClause = (
* As it only contains entries with publishedAt set. * As it only contains entries with publishedAt set.
*/ */
if (!contentTypes.hasDraftAndPublish(targetModel)) { if (!contentTypes.hasDraftAndPublish(targetModel)) {
return { $ne: null }; return {};
} }
/** /**

View File

@ -30,14 +30,12 @@ export default async (ctx: Context, next: Next) => {
const [, action] = route.handler.split('.'); const [, action] = route.handler.split('.');
const configPath = let actionConfig: any;
ct.plugin === 'admin' if (!ct.plugin || ct.plugin === 'admin') {
? ['admin.layout', ct.modelName, 'actions', action] actionConfig = strapi.config.get(`admin.layout.${ct.modelName}.actions.${action}`);
: ['plugin', ct.plugin, 'layout', ct.modelName, 'actions', action]; } else {
actionConfig = strapi.plugin(ct.plugin).config(`layout.${ct.modelName}.actions.${action}`);
// TODO }
// @ts-expect-error check input for strapi.config.get
const actionConfig: string | undefined = strapi.config.get(configPath);
if (!isNil(actionConfig)) { if (!isNil(actionConfig)) {
const [controller, action] = actionConfig.split('.'); const [controller, action] = actionConfig.split('.');

View File

@ -17,24 +17,23 @@ const ACTIONS = {
}; };
const findEntityAndCheckPermissions = async (ability, action, model, id) => { const findEntityAndCheckPermissions = async (ability, action, model, id) => {
const entity = await strapi.db.query(userModel).findOne({ const doc = await strapi.service('plugin::content-manager.document-manager').findOne(id, model, {
where: { id },
populate: [`${CREATED_BY_ATTRIBUTE}.roles`], populate: [`${CREATED_BY_ATTRIBUTE}.roles`],
}); });
if (_.isNil(entity)) { if (_.isNil(doc)) {
throw new NotFoundError(); throw new NotFoundError();
} }
const pm = strapi.admin.services.permission.createPermissionsManager({ ability, action, model }); const pm = strapi.admin.services.permission.createPermissionsManager({ ability, action, model });
if (pm.ability.cannot(pm.action, pm.toSubject(entity))) { if (pm.ability.cannot(pm.action, pm.toSubject(doc))) {
throw new ForbiddenError(); throw new ForbiddenError();
} }
const entityWithoutCreatorRoles = _.omit(entity, `${CREATED_BY_ATTRIBUTE}.roles`); const docWithoutCreatorRoles = _.omit(doc, `${CREATED_BY_ATTRIBUTE}.roles`);
return { pm, entity: entityWithoutCreatorRoles }; return { pm, doc: docWithoutCreatorRoles };
}; };
module.exports = { module.exports = {
@ -93,18 +92,11 @@ module.exports = {
user.email = _.toLower(user.email); user.email = _.toLower(user.email);
if (!user.role) {
const defaultRole = await strapi.db
.query('plugin::users-permissions.role')
.findOne({ where: { type: advanced.default_role } });
user.role = defaultRole.id;
}
try { try {
const data = await strapi const data = await strapi
.service('plugin::content-manager.entity-manager') .service('plugin::content-manager.document-manager')
.create(user, userModel); .create(userModel, { data: user });
const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read }); const sanitizedData = await pm.sanitizeOutput(data, { action: ACTIONS.read });
ctx.created(sanitizedData); ctx.created(sanitizedData);
@ -118,7 +110,7 @@ module.exports = {
*/ */
async update(ctx) { async update(ctx) {
const { id } = ctx.params; const { id: documentId } = ctx.params;
const { body } = ctx.request; const { body } = ctx.request;
const { user: admin, userAbility } = ctx.state; const { user: admin, userAbility } = ctx.state;
@ -128,13 +120,14 @@ module.exports = {
const { email, username, password } = body; const { email, username, password } = body;
const { pm, entity } = await findEntityAndCheckPermissions( const { pm, doc } = await findEntityAndCheckPermissions(
userAbility, userAbility,
ACTIONS.edit, ACTIONS.edit,
userModel, userModel,
id documentId
); );
const user = entity;
const user = doc;
await validateUpdateUserBody(ctx.request.body); await validateUpdateUserBody(ctx.request.body);
@ -147,7 +140,7 @@ module.exports = {
.query('plugin::users-permissions.user') .query('plugin::users-permissions.user')
.findOne({ where: { username } }); .findOne({ where: { username } });
if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(id)) { if (userWithSameUsername && _.toString(userWithSameUsername.id) !== _.toString(user.id)) {
throw new ApplicationError('Username already taken'); throw new ApplicationError('Username already taken');
} }
} }
@ -157,9 +150,10 @@ module.exports = {
.query('plugin::users-permissions.user') .query('plugin::users-permissions.user')
.findOne({ where: { email: _.toLower(email) } }); .findOne({ where: { email: _.toLower(email) } });
if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(id)) { if (userWithSameEmail && _.toString(userWithSameEmail.id) !== _.toString(user.id)) {
throw new ApplicationError('Email already taken'); throw new ApplicationError('Email already taken');
} }
body.email = _.toLower(body.email); body.email = _.toLower(body.email);
} }
@ -167,8 +161,10 @@ module.exports = {
const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy'); const updateData = _.omit({ ...sanitizedData, updatedBy: admin.id }, 'createdBy');
const data = await strapi const data = await strapi
.service('plugin::content-manager.entity-manager') .service('plugin::content-manager.document-manager')
.update({ id }, updateData, userModel); .update(documentId, userModel, {
data: updateData,
});
ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read }); ctx.body = await pm.sanitizeOutput(data, { action: ACTIONS.read });
}, },