yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-10-18 03:23:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Dashboard token and config

Browse Source
This commit is contained in:
pierreburgy 2015-10-30 14:36:19 +01:00
parent 67de1b791f
commit a13ad7cf22
13 changed files with 125 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
lib/configuration/hooks/dashboard/config/config.js Normal file
View File

@ -0,0 +1,56 @@
'use strict';
/**
* Returns the config for the dashboard.
*/
module.exports = function * () {
try {
// Init output object.
const output = {};
// Set the config.
output.settings = {
url: strapi.config.url,
i18n: strapi.config.i18n
};
// Set the models.
output.models = strapi.models;
// Format `config.api` for multi templates models.
_.forEach(strapi.api, function (api, key) {
if (api.templates) {
output.models[key].templates = {};
}
// Assign the template attributes with the model attributes.
_.forEach(api.templates, function (template, templateName) {
output.models[key].templates[templateName] = {};
output.models[key].templates[templateName].attributes = {};
_.forEach(template.attributes, function (value, attributeKey) {
output.models[key].templates[templateName].attributes[attributeKey] = _.cloneDeep(output.models[key].attributes[attributeKey]);
});
output.models[key].templates[templateName].displayedAttribute = template.displayedAttribute;
});
});
// User count.
const promises = [];
promises.push(strapi.orm.collections.user.count());
// Execute promises.
const response = yield promises;
// Define if the app is considered as new.
const userCount = response[0];
output.settings.isNewApp = !userCount;
// Finally send the result in the callback.
this.body = output;
} catch (err) {
this.status = 500;
this.body = err;
}
};

9
lib/configuration/hooks/dashboard/config/index.js Normal file
View File

@ -0,0 +1,9 @@
'use strict';
/**
* Index of the explorer hook config actions.
*/
module.exports = {
config: require('./config')
};

2
lib/configuration/hooks/dashboard/explorer/count.js
View File

@ -1,3 +1,5 @@
'use strict';
/** /**
* Count entries of a model. * Count entries of a model.
*/ */

2
lib/configuration/hooks/dashboard/explorer/create.js
View File

@ -1,3 +1,5 @@
'use strict';
/** /**
* Create a new entry. * Create a new entry.
*/ */

2
lib/configuration/hooks/dashboard/explorer/destroy.js
View File

@ -1,3 +1,5 @@
'use strict';
/** /**
* Destroy a specific entry. * Destroy a specific entry.
*/ */

2
lib/configuration/hooks/dashboard/explorer/find.js
View File

@ -1,3 +1,5 @@
'use strict';
/** /**
* List every entries of a model. * List every entries of a model.
*/ */

2
lib/configuration/hooks/dashboard/explorer/findOne.js
View File

@ -1,3 +1,5 @@
'use strict';
/** /**
* Show a specific entry. * Show a specific entry.
*/ */

2
lib/configuration/hooks/dashboard/explorer/index.js
View File

@ -1,3 +1,5 @@
'use strict';
/** /**
* Index of the explorer hook explorer actions. * Index of the explorer hook explorer actions.
*/ */

2
lib/configuration/hooks/dashboard/explorer/update.js
View File

@ -1,3 +1,5 @@
'use strict';
/** /**
* Update a specific entry. * Update a specific entry.
*/ */

23
lib/configuration/hooks/dashboard/index.js
View File

@ -7,6 +7,7 @@
// Local dependencies. // Local dependencies.
const explorerActions = require('./explorer/index'); const explorerActions = require('./explorer/index');
const routesActions = require('./routes/index'); const routesActions = require('./routes/index');
const configActions = require('./config/index');
/** /**
* Public explorer hook * Public explorer hook
@ -24,38 +25,44 @@ module.exports = function (strapi) {
// Data explorer routes. // Data explorer routes.
'GET /dashboard/explorer/:model/count': { 'GET /dashboard/explorer/:model/count': {
controller: explorerActions.count, controller: explorerActions.count,
policies: ['isAuthorized'] policies: ['dashboardToken', 'isAuthorized']
}, },
'POST /dashboard/explorer/:model': { 'POST /dashboard/explorer/:model': {
controller: explorerActions.create, controller: explorerActions.create,
policies: ['isAuthorized'] policies: ['dashboardToken', 'isAuthorized']
}, },
'DELETE /dashboard/explorer/:model/:id': { 'DELETE /dashboard/explorer/:model/:id': {
controller: explorerActions.destroy, controller: explorerActions.destroy,
policies: ['isAuthorized'] policies: ['dashboardToken', 'isAuthorized']
}, },
'GET /dashboard/explorer/:model': { 'GET /dashboard/explorer/:model': {
controller: explorerActions.find, controller: explorerActions.find,
policies: ['isAuthorized'] policies: ['dashboardToken', 'isAuthorized']
}, },
'GET /dashboard/explorer/:model/:id': { 'GET /dashboard/explorer/:model/:id': {
controller: explorerActions.findOne, controller: explorerActions.findOne,
policies: ['isAuthorized'] policies: ['dashboardToken', 'isAuthorized']
}, },
'PUT /dashboard/explorer/:model': { 'PUT /dashboard/explorer/:model': {
controller: explorerActions.update, controller: explorerActions.update,
policies: ['isAuthorized'] policies: ['dashboardToken', 'isAuthorized']
}, },
// Routes and permissions routes. // Routes and permissions routes.
'GET /dashboard/routes': { 'GET /dashboard/routes': {
controller: routesActions.find, controller: routesActions.find,
action: 'find', action: 'find',
policies: ['isAuthorized'] policies: ['dashboardToken', 'isAuthorized']
}, },
'PUT /dashboard/routes': { 'PUT /dashboard/routes': {
controller: routesActions.update, controller: routesActions.update,
action: 'update', action: 'update',
policies: ['isAuthorized'] policies: ['dashboardToken', 'isAuthorized']
},
// Config routes
'GET /dashboard/config': {
controller: configActions.config,
action: 'index',
policies: ['dashboardToken']
} }
} }
}, },

23
lib/configuration/hooks/dashboard/policies/dashboardToken.js Normal file
View File

@ -0,0 +1,23 @@
'use strict';
/**
* Policy used to check if the `dashboardToken` field is valid.
*
* @param next
*/
module.exports = function * (next) {
// Format dashboardToken variables.
const dashboardTokenParam = this.request.query.dashboardToken || this.request.body.dashboardToken;
const dashboardTokenConfig = strapi.config.dashboard && strapi.config.dashboard.token;
// Check dashboardToken for security purposes.
if (!dashboardTokenParam || !dashboardTokenConfig || dashboardTokenParam !== dashboardTokenConfig) {
this.status = 401;
this.body = {
message: 'dashboardToken parameter is invalid.'
};
} else {
yield next;
}
};

2
lib/configuration/hooks/dashboard/routes/index.js
View File

@ -1,3 +1,5 @@
'use strict';
/** /**
* Index of the explorer hook routes actions. * Index of the explorer hook routes actions.
*/ */

6
lib/configuration/hooks/router/index.js
View File

@ -9,6 +9,7 @@ const _ = require('lodash');
// Local utilities. // Local utilities.
const regex = require('../../../../util/regex'); const regex = require('../../../../util/regex');
const dashboardTokenPolicy = require('../dashboard/policies/dashboardToken');
/** /**
* Router hook * Router hook
@ -61,6 +62,11 @@ module.exports = function (strapi) {
}; };
} }
// Add the `dashboardPolicy` to the list of policies.
if (strapi.config.dashboard.enabled) {
strapi.policies.dashboardToken = dashboardTokenPolicy;
}
// Parse each route from the user config, load policies if any // Parse each route from the user config, load policies if any
// and match the controller and action to the desired endpoint. // and match the controller and action to the desired endpoint.
_.forEach(strapi.config.routes, function (value, endpoint) { _.forEach(strapi.config.routes, function (value, endpoint) {