diff --git a/packages/strapi-bookshelf/lib/index.js b/packages/strapi-bookshelf/lib/index.js index a09fc90e8c..29e4001013 100755 --- a/packages/strapi-bookshelf/lib/index.js +++ b/packages/strapi-bookshelf/lib/index.js @@ -227,7 +227,7 @@ module.exports = function(strapi) { // Build associations key utilsModels.defineAssociations( - definition.globalName, + model.toLowerCase(), definition, details, name diff --git a/packages/strapi-bookshelf/package.json b/packages/strapi-bookshelf/package.json index fffc8ed841..26c2ea11f0 100755 --- a/packages/strapi-bookshelf/package.json +++ b/packages/strapi-bookshelf/package.json @@ -55,4 +55,4 @@ "npm": ">= 5.3.0" }, "license": "MIT" -} +} \ No newline at end of file diff --git a/packages/strapi-mongoose/lib/index.js b/packages/strapi-mongoose/lib/index.js index 0b1cf3ba84..31f83b0c29 100755 --- a/packages/strapi-mongoose/lib/index.js +++ b/packages/strapi-mongoose/lib/index.js @@ -205,7 +205,7 @@ module.exports = function (strapi) { const verbose = _.get(utilsModels.getNature(details, name, undefined, model.toLowerCase()), 'verbose') || ''; // Build associations key - utilsModels.defineAssociations(model, definition, details, name); + utilsModels.defineAssociations(model.toLowerCase(), definition, details, name); if (_.isEmpty(verbose)) { definition.loadedModel[name].type = utils(instance).convertType(details.type); diff --git a/packages/strapi-plugin-content-manager/config/queries/bookshelf.js b/packages/strapi-plugin-content-manager/config/queries/bookshelf.js index 512b3f32ee..e5a30a8481 100755 --- a/packages/strapi-plugin-content-manager/config/queries/bookshelf.js +++ b/packages/strapi-plugin-content-manager/config/queries/bookshelf.js @@ -11,9 +11,13 @@ module.exports = { qb.orderBy(params.sort); } - qb.offset(_.toNumber(params.skip)); + if (params.skip) { + qb.offset(_.toNumber(params.skip)); + } - qb.limit(_.toNumber(params.limit)); + if (params.limit) { + qb.limit(_.toNumber(params.limit)); + } }).fetchAll({ withRelated: this.associations.map(x => x.alias) }); @@ -39,14 +43,14 @@ module.exports = { create: async function (params) { const entry = await this - .forge() - .save(Object.keys(params.values).reduce((acc, current) => { + .forge(Object.keys(params.values).reduce((acc, current) => { if (this._attributes[current].type) { acc[current] = params.values[current]; } return acc; }, {})) + .save() .catch((err) => { if (err.detail) { const field = _.last(_.words(err.detail.split('=')[0])); diff --git a/packages/strapi-plugin-users-permissions/config/queries/bookshelf.js b/packages/strapi-plugin-users-permissions/config/queries/bookshelf.js index efcd6ca2e5..e34302b8f6 100644 --- a/packages/strapi-plugin-users-permissions/config/queries/bookshelf.js +++ b/packages/strapi-plugin-users-permissions/config/queries/bookshelf.js @@ -1,42 +1,49 @@ const _ = require('lodash'); module.exports = { - find: async function (params) { - const records = this.query(function(qb) { + find: async function (params = {}, populate) { + const records = await this.query(function(qb) { _.forEach(params.where, (where, key) => { qb.where(key, where[0].symbol, where[0].value); }); if (params.sort) { - qb.orderBy(params.sort); + qb.orderByRaw(params.sort); } - qb.offset(params.start); + if (params.start) { + qb.offset(params.start); + } - qb.limit(params.limit); + if (params.limit) { + qb.limit(params.limit); + } }).fetchAll({ - withRelated: _.keys(_.groupBy(_.reject(this.associations, {autoPopulate: false}), 'alias')) + withRelated: populate || _.keys(_.groupBy(_.reject(this.associations, { autoPopulate: false }), 'alias')) }); return records ? records.toJSON() : records; }, - count: async function (params) { + count: async function (params = {}) { return await this - .forge() + .where(params) .count(); }, - findOne: async function (params) { - if (_.get(params, '_id')) { - params.id = params._id; - delete params._id; + findOne: async function (params, populate) { + const primaryKey = params[this.primaryKey] || params.id; + + if (primaryKey) { + params = { + [this.primaryKey]: primaryKey + } } const record = await this .forge(params) .fetch({ - withRelated: this.associations.map(x => x.alias) + withRelated: populate || this.associations.map(x => x.alias) }); return record ? record.toJSON() : record; @@ -46,20 +53,20 @@ module.exports = { return this .forge() .save(Object.keys(params).reduce((acc, current) => { - if (_.get(this, ['_attributes', current, 'type'])) { - acc[current] = params[current]; - } + if (_.get(this._attributes, [current, 'type']) || _.get(this._attributes, [current, 'model'])) { + acc[current] = params[current]; + } - return acc; - }, {})) - .catch((err) => { - if (err.detail) { - const field = _.last(_.words(err.detail.split('=')[0])); - err = { message: `This ${field} is already taken`, field }; - } + return acc; + }, {})) + .catch((err) => { + if (err.detail) { + const field = _.last(_.words(err.detail.split('=')[0])); + err = { message: `This ${field} is already taken`, field }; + } - throw err; - }); + throw err; + }); }, update: async function (search, params = {}) { @@ -72,19 +79,25 @@ module.exports = { if (primaryKey) { search = { [this.primaryKey]: primaryKey + }; + } else { + const entry = await module.exports.findOne.call(this, search); + + search = { + [this.primaryKey]: entry[this.primaryKey] || entry.id } } return this.forge(search) - .save(params, { - patch: true - }) - .catch((err) => { - const field = _.last(_.words(err.detail.split('=')[0])); - const error = { message: `This ${field} is already taken`, field }; + .save(params, { + patch: true + }) + .catch((err) => { + const field = _.last(_.words(err.detail.split('=')[0])); + const error = { message: `This ${field} is already taken`, field }; - throw error; - }); + throw error; + }); }, delete: async function (params) { @@ -107,8 +120,8 @@ module.exports = { addPermission: async function (params) { return this - .forge() - .save(params); + .forge(params) + .save(); }, removePermission: async function (params) { diff --git a/packages/strapi-plugin-users-permissions/config/queries/mongoose.js b/packages/strapi-plugin-users-permissions/config/queries/mongoose.js index 747a10acff..5117d0daf9 100644 --- a/packages/strapi-plugin-users-permissions/config/queries/mongoose.js +++ b/packages/strapi-plugin-users-permissions/config/queries/mongoose.js @@ -17,11 +17,12 @@ module.exports = { }, findOne: async function (params, populate) { - if (!params[this.primaryKey] && params.id) { - params[this.primaryKey] = params.id; - delete params.id; - } else if (params.id) { - delete params.id; + const primaryKey = params[this.primaryKey] || params.id; + + if (primaryKey) { + params = { + [this.primaryKey]: primaryKey + } } return this diff --git a/packages/strapi-plugin-users-permissions/controllers/Auth.js b/packages/strapi-plugin-users-permissions/controllers/Auth.js index 2e7f11cb3a..96bc2a47e1 100644 --- a/packages/strapi-plugin-users-permissions/controllers/Auth.js +++ b/packages/strapi-plugin-users-permissions/controllers/Auth.js @@ -158,13 +158,14 @@ module.exports = { return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.password.format' }] }] : 'Your password cannot contain more than three times the symbol `$`.'); } + // Retrieve root role. + const root = await strapi.query('role', 'users-permissions').findOne({ type: 'root' }, ['users']); + // First, check if the user is the first one to register as admin. - const hasAdmin = await strapi.query('user', 'users-permissions').count(strapi.utils.models.convertParams('user', { type: 'root' })); + const hasAdmin = root.users.length > 0; // Check if the user is the first to register - const role = hasAdmin < 1 ? - await strapi.query('role', 'users-permissions').findOne({ type: 'root' }, []): - await strapi.query('role', 'users-permissions').findOne({ type: 'guest' }, []); + const role = hasAdmin === false ? root : await strapi.query('role', 'users-permissions').findOne({ type: 'guest' }, []); if (!role) { return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.role.notFound' }] }] : 'Impossible to find the root role.'); @@ -180,7 +181,6 @@ module.exports = { jwt: strapi.plugins['users-permissions'].services.jwt.issue(user), user: _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']) }); - } catch(err) { const adminError = _.includes(err.message, 'username') ? 'Auth.form.error.username.taken' : 'Auth.form.error.email.taken'; diff --git a/packages/strapi-plugin-users-permissions/services/UsersPermissions.js b/packages/strapi-plugin-users-permissions/services/UsersPermissions.js index e58c18c258..2f2756341e 100644 --- a/packages/strapi-plugin-users-permissions/services/UsersPermissions.js +++ b/packages/strapi-plugin-users-permissions/services/UsersPermissions.js @@ -17,7 +17,7 @@ module.exports = { return new Error('This feature requires to install the Content Manager plugin'); } - const role = await strapi.query('role', 'users-permissions').create(_.omit(params, ['users', 'permissions'])); + const role = await strapi.query('role', 'users-permissions').create(_.omit(params, ['users', 'permissions', 'type'])); const arrayOfPromises = Object.keys(params.permissions).reduce((acc, type) => { Object.keys(params.permissions[type].controllers).forEach(controller => { @@ -53,6 +53,10 @@ module.exports = { throw new Error('Cannot found this role'); } + if (role.type === 'root') { + return new Error(`You cannot delete the root admin role.`); + } + // Move users to guest role. const arrayOfPromises = role.users.reduce((acc, user) => { acc.push(strapi.query('user', 'users-permissions').update({ @@ -149,7 +153,7 @@ module.exports = { // Group by `type`. role.permissions = role.permissions.reduce((acc, permission) => { _.set(acc, `${permission.type}.controllers.${permission.controller}.${permission.action}`, { - enabled: permission.enabled, + enabled: _.toNumber(permission.enabled) == true, policy: permission.policy }); @@ -339,6 +343,7 @@ module.exports = { arrayOfPromises.push(this.updateUserRole(user, guest._id || guest.id)); }); + return Promise.all(arrayOfPromises); },