diff --git a/packages/strapi-plugin-users-permissions/admin/src/components/BoundRoute/styles.scss b/packages/strapi-plugin-users-permissions/admin/src/components/BoundRoute/styles.scss
index 187ee08fbb..a2f4c992d9 100644
--- a/packages/strapi-plugin-users-permissions/admin/src/components/BoundRoute/styles.scss
+++ b/packages/strapi-plugin-users-permissions/admin/src/components/BoundRoute/styles.scss
@@ -41,3 +41,19 @@
font-weight: 600;
}
}
+
+.get {
+ background-color: #008DFE;
+}
+
+.post {
+ background-color: #69BA05;
+}
+
+.put {
+ background-color: #F68E0E;
+}
+
+.delete {
+ background-color: #F64D0A;
+}
diff --git a/packages/strapi-plugin-users-permissions/admin/src/components/InputSearch/index.js b/packages/strapi-plugin-users-permissions/admin/src/components/InputSearch/index.js
index 28823a032f..6ecd3170ef 100644
--- a/packages/strapi-plugin-users-permissions/admin/src/components/InputSearch/index.js
+++ b/packages/strapi-plugin-users-permissions/admin/src/components/InputSearch/index.js
@@ -41,11 +41,7 @@ class InputSearch extends React.Component { // eslint-disable-line react/prefer-
handleChange = ({ target }) => {
const filteredUsers = isEmpty(target.value) ?
this.state.users
- : this.state.users.filter((user) => {
- if (includes(toLower(user.name), toLower(target.value))) {
- return user;
- }
- });
+ : this.state.users.filter((user) => includes(toLower(user.name), toLower(target.value)));
if (isEmpty(filteredUsers) && !isEmpty(target.value)) {
this.props.getUser(target.value);
diff --git a/packages/strapi-plugin-users-permissions/admin/src/containers/AuthPage/saga.js b/packages/strapi-plugin-users-permissions/admin/src/containers/AuthPage/saga.js
index 8aa5e7b7aa..5f6ef64c68 100644
--- a/packages/strapi-plugin-users-permissions/admin/src/containers/AuthPage/saga.js
+++ b/packages/strapi-plugin-users-permissions/admin/src/containers/AuthPage/saga.js
@@ -1,4 +1,4 @@
-import { get, includes, set } from 'lodash';
+import { get, includes, isArray, set } from 'lodash';
import { call, fork, takeLatest, put, select } from 'redux-saga/effects';
import auth from 'utils/auth';
import request from 'utils/request';
@@ -42,40 +42,45 @@ export function* submitForm() {
} catch(error) {
const formType = yield select(makeSelectFormType());
- const errors = error.response.payload.message.reduce((acc, key) => {
- const err = key.messages.reduce((acc, key) => {
- acc.id = `users-permissions.${key.id}`;
+ if (isArray(error.response.payload.message)) {
+
+ const errors = error.response.payload.message.reduce((acc, key) => {
+ const err = key.messages.reduce((acc, key) => {
+ acc.id = `users-permissions.${key.id}`;
+
+ return acc;
+ }, { id: '' });
+
+ acc.push(err);
return acc;
- }, { id: '' });
+ }, []);
- acc.push(err);
+ let formErrors;
- return acc;
- }, []);
+ switch (formType) {
+ case 'forgot-password':
+ formErrors = [{ name: 'email', errors }];
+ break;
+ case 'login':
+ formErrors = [{ name: 'identifier', errors }];
+ break;
+ case 'reset-password':
+ formErrors = [{ name: 'password', errors: [{ id: 'users-permissions.Auth.form.error.password.matching' }] }];
+ break;
+ case 'register': {
+ const target = includes(get(errors, ['0', 'id']), 'username') ? 'username' : 'email';
+ formErrors = [{ name: target, errors }];
+ break;
+ }
+ default:
- let formErrors;
-
- switch (formType) {
- case 'forgot-password':
- formErrors = [{ name: 'email', errors }];
- break;
- case 'login':
- formErrors = [{ name: 'identifier', errors }];
- break;
- case 'reset-password':
- formErrors = [{ name: 'password', errors: [{ id: 'users-permissions.Auth.form.error.password.matching' }] }];
- break;
- case 'register': {
- const target = includes(get(errors, ['0', 'id']), 'username') ? 'username' : 'email';
- formErrors = [{ name: target, errors }];
- break;
}
- default:
+ yield put(submitError(formErrors));
+ } else {
+ strapi.notification.error('notification.error');
}
-
- yield put(submitError(formErrors));
}
}
diff --git a/packages/strapi-plugin-users-permissions/admin/src/containers/EditPage/index.js b/packages/strapi-plugin-users-permissions/admin/src/containers/EditPage/index.js
index aef3b48b3a..621594bc30 100644
--- a/packages/strapi-plugin-users-permissions/admin/src/containers/EditPage/index.js
+++ b/packages/strapi-plugin-users-permissions/admin/src/containers/EditPage/index.js
@@ -124,7 +124,7 @@ export class EditPage extends React.Component { // eslint-disable-line react/pre
disabled: isEqual(this.props.editPage.modifiedData, this.props.editPage.initialData),
},
];
-
+
return (
this.props.history.goBack()} />
diff --git a/packages/strapi-plugin-users-permissions/config/policies/isAuthenticated.js b/packages/strapi-plugin-users-permissions/config/policies/isAuthenticated.js
index bb2a4db355..dd43630807 100644
--- a/packages/strapi-plugin-users-permissions/config/policies/isAuthenticated.js
+++ b/packages/strapi-plugin-users-permissions/config/policies/isAuthenticated.js
@@ -1,6 +1,6 @@
module.exports = async (ctx, next) => {
if (!ctx.state.user) {
- throw new Error('Authentication is required.');
+ throw new Error('Authentication required.');
}
await next();
diff --git a/packages/strapi-plugin-users-permissions/config/policies/permissions.js b/packages/strapi-plugin-users-permissions/config/policies/permissions.js
index 4e3ec82fb8..1cba5cddc6 100644
--- a/packages/strapi-plugin-users-permissions/config/policies/permissions.js
+++ b/packages/strapi-plugin-users-permissions/config/policies/permissions.js
@@ -17,7 +17,7 @@ module.exports = async (ctx, next) => {
}
}
- const permission = _.get(_.clone(strapi.plugins['users-permissions'].config), [role.toString(), 'permissions', route.plugin || 'application', 'controllers', route.controller, route.action]);
+ const permission = _.get(strapi.plugins['users-permissions'].config, [role.toString(), 'permissions', route.plugin || 'application', 'controllers', route.controller, route.action]);
if (!permission) {
return await next();
@@ -25,7 +25,7 @@ module.exports = async (ctx, next) => {
if (permission.enabled && permission.policy) {
try {
- await require(`./${permission.policy}.js`)(ctx, next);
+ await strapi.plugins['users-permissions'].config.policies[permission.policy](ctx, next);
} catch (err) {
ctx.unauthorized(err);
}
diff --git a/packages/strapi-plugin-users-permissions/config/queries/bookshelf.js b/packages/strapi-plugin-users-permissions/config/queries/bookshelf.js
index 2febbd45bd..707ce94d47 100644
--- a/packages/strapi-plugin-users-permissions/config/queries/bookshelf.js
+++ b/packages/strapi-plugin-users-permissions/config/queries/bookshelf.js
@@ -26,13 +26,13 @@ module.exports = {
},
findOne: async function (params) {
- if (_.get(params, 'where._id')) {
- params.where.id = params.where._id;
- delete params.where._id;
+ if (_.get(params, '_id')) {
+ params.id = params._id;
+ delete params._id;
}
const record = await this
- .forge(params.where)
+ .forge(params)
.fetch({
withRelated: this.associations.map(x => x.alias)
});
@@ -99,7 +99,7 @@ module.exports = {
},
countByRoles: async function () {
- const result = await strapi.connections[this.connection].raw('SELECT COUNT("id") AS total, "role" FROM "user" GROUP BY "role";');
+ const result = await strapi.connections[this.connection].raw(`SELECT COUNT("id") AS total, "role" FROM "${strapi.plugins['users-permissions'].models.user.collectionName}" GROUP BY "role";`);
return result.rows.reduce((acc, current) => {
acc.push({
_id: parseFloat(current.role),
diff --git a/packages/strapi-plugin-users-permissions/controllers/Auth.js b/packages/strapi-plugin-users-permissions/controllers/Auth.js
index cc9253c79a..5ab1d66e73 100644
--- a/packages/strapi-plugin-users-permissions/controllers/Auth.js
+++ b/packages/strapi-plugin-users-permissions/controllers/Auth.js
@@ -98,8 +98,7 @@ module.exports = {
},
forgotPassword: async (ctx) => {
- const email = ctx.request.body.email;
- const url = ctx.request.body.url;
+ const { email, url } = ctx.request.body;
// Find the user user thanks to his email.
const user = await strapi.query('user', 'users-permissions').findOne({ email });
diff --git a/packages/strapi-plugin-users-permissions/controllers/User.js b/packages/strapi-plugin-users-permissions/controllers/User.js
index 29cedc56d1..05d9f8a2fc 100644
--- a/packages/strapi-plugin-users-permissions/controllers/User.js
+++ b/packages/strapi-plugin-users-permissions/controllers/User.js
@@ -17,14 +17,8 @@ module.exports = {
*/
find: async (ctx) => {
- let data = await strapi.plugins['users-permissions'].services.user.fetchAll(ctx.query);
-
- if (data) {
- data = _.reduce(data, (acc, user) => {
- acc.push(_.omit(user.toJSON(), ['password', 'resetPasswordToken']));
- return acc;
- }, []);
- }
+ const data = await strapi.plugins['users-permissions'].services.user.fetchAll(ctx.query)
+ .map(user => _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']));
// Send 200 `ok`
ctx.send(data);
@@ -41,7 +35,7 @@ module.exports = {
let data = await strapi.plugins['users-permissions'].services.user.fetch(ctx.params);
if (data) {
- data = _.omit(data.toJSON(), ['password', 'resetPasswordToken']);
+ data = _.omit(data.toJSON ? data.toJSON() : data, ['password', 'resetPasswordToken']);
}
// Send 200 `ok`
diff --git a/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js b/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js
index eae76dd1e4..b07d0cf54a 100644
--- a/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js
+++ b/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js
@@ -90,6 +90,7 @@ module.exports = {
ctx.send({ roles });
} catch(err) {
+ console.log(err);
ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
}
},
@@ -100,7 +101,6 @@ module.exports = {
ctx.send({ routes });
} catch(err) {
- console.log(err);
ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
}
},
diff --git a/packages/strapi-plugin-users-permissions/services/UsersPermissions.js b/packages/strapi-plugin-users-permissions/services/UsersPermissions.js
index 9c61acecf9..90b8e7738d 100644
--- a/packages/strapi-plugin-users-permissions/services/UsersPermissions.js
+++ b/packages/strapi-plugin-users-permissions/services/UsersPermissions.js
@@ -4,7 +4,7 @@ const fs = require('fs')
const path = require('path');
const stringify = JSON.stringify;
const _ = require('lodash');
-// const Service = strapi.plugins['users-permissions'].services;
+
/**
* UsersPermissions.js service
*
@@ -14,7 +14,7 @@ const _ = require('lodash');
module.exports = {
createRole: (role) => {
const Service = strapi.plugins['users-permissions'].services.userspermissions;
- const appRoles = require(Service.getRoleConfigPath());
+ const appRoles = strapi.plugins['users-permissions'].config.roles;
const highestId = _.last(Object.keys(appRoles).reduce((acc, key) => {
acc.push(_.toNumber(key));
@@ -34,7 +34,7 @@ module.exports = {
deleteRole: async (roleId) => {
const Service = strapi.plugins['users-permissions'].services.userspermissions;
- const appRoles = require(Service.getRoleConfigPath());
+ const appRoles = strapi.plugins['users-permissions'].config.roles
Service.writePermissions(_.omit(appRoles, [roleId]));
@@ -85,7 +85,7 @@ module.exports = {
getRole: async (roleId) => {
const Service = strapi.plugins['users-permissions'].services.userspermissions;
- const appRoles = require(Service.getRoleConfigPath());
+ const appRoles = strapi.plugins['users-permissions'].config.roles
appRoles[roleId].users = await strapi.query('user', 'users-permissions').find(strapi.utils.models.convertParams('user', { role: roleId }));
return appRoles[roleId];
@@ -93,7 +93,7 @@ module.exports = {
getRoles: async () => {
const Service = strapi.plugins['users-permissions'].services.userspermissions;
- const roles = require(Service.getRoleConfigPath());
+ const roles = strapi.plugins['users-permissions'].config.roles;
const usersCount = await strapi.query('user', 'users-permissions').countByRoles();
const formattedRoles = Object.keys(roles).reduce((acc, key) => {
const role = _.pick(roles[key], ['name', 'description']);
@@ -109,11 +109,17 @@ module.exports = {
},
getRoutes: async () => {
- return Object.keys(strapi.plugins).reduce((acc, current) => {
+ const apiRoutes = Object.keys(strapi.api).reduce((acc, current) => {
+ return acc.concat(strapi.api[current].config.routes);
+ }, []);
+
+ const pluginsRoutes = Object.keys(strapi.plugins).reduce((acc, current) => {
acc[current] = strapi.plugins[current].config.routes;
return acc;
- }, {});
+ }, []);
+
+ return _.merge({ application: apiRoutes}, pluginsRoutes);
},
getRoleConfigPath: () => (
@@ -144,17 +150,15 @@ module.exports = {
if (!_.get(dataToCompare, [pluginName, 'controllers', controllerName, actionName])) {
_.unset(data, [roleId, 'permissions', pluginName, 'controllers', controllerName, actionName]);
}
- } else {
- if (!_.get(data, [roleId, 'permissions', pluginName, 'controllers', controllerName, actionName])) {
- const isCallback = actionName === 'callback' && controllerName === 'auth' && pluginName === 'users-permissions' && roleId === '1';
- const isRegister = actionName === 'register' && controllerName === 'auth' && pluginName === 'users-permissions' && roleId === '1';
- const isPassword = actionName === 'forgotPassword' && controllerName === 'auth' && pluginName === 'users-permissions' && roleId === '1';
- const isNewPassword = actionName === 'changePassword-password' && controllerName === 'auth' && pluginName === 'users-permissions' && roleId === '1';
- const isInit = actionName === 'init' && controllerName === 'userspermissions';
- const enabled = isCallback || isRegister || roleId === '0' || isInit || isPassword || isNewPassword;
+ } else if (!_.get(data, [roleId, 'permissions', pluginName, 'controllers', controllerName, actionName])) {
+ const isCallback = actionName === 'callback' && controllerName === 'auth' && pluginName === 'users-permissions' && roleId === '1';
+ const isRegister = actionName === 'register' && controllerName === 'auth' && pluginName === 'users-permissions' && roleId === '1';
+ const isPassword = actionName === 'forgotPassword' && controllerName === 'auth' && pluginName === 'users-permissions' && roleId === '1';
+ const isNewPassword = actionName === 'changePassword-password' && controllerName === 'auth' && pluginName === 'users-permissions' && roleId === '1';
+ const isInit = actionName === 'init' && controllerName === 'userspermissions';
+ const enabled = isCallback || isRegister || roleId === '0' || isInit || isPassword || isNewPassword;
- _.set(data, [roleId, 'permissions', pluginName, 'controllers', controllerName, actionName], { enabled, policy: '' })
- }
+ _.set(data, [roleId, 'permissions', pluginName, 'controllers', controllerName, actionName], { enabled, policy: '' })
}
});
});
@@ -167,34 +171,27 @@ module.exports = {
updatePermissions: async (cb) => {
const Service = strapi.plugins['users-permissions'].services.userspermissions;
const appActions = Service.getActions();
- const roleConfigPath = Service.getRoleConfigPath();
const writePermissions = Service.writePermissions;
- let currentRoles;
-
- try {
- currentRoles = require(roleConfigPath);
- } catch(err) {
- currentRoles = {
- '0': {
- description: '',
- name: 'Administrator',
- permissions: {
- application: {
- controllers: {},
- },
+ const currentRoles = strapi.plugins['users-permissions'].config.roles || {
+ '0': {
+ description: '',
+ name: 'Administrator',
+ permissions: {
+ application: {
+ controllers: {},
},
},
- '1': {
- description: '',
- name: 'Guest',
- permissions: {
- application: {
- controllers: {},
- },
+ },
+ '1': {
+ description: '',
+ name: 'Guest',
+ permissions: {
+ application: {
+ controllers: {},
},
},
- };
- }
+ },
+ };
const remove = await Service.updateData(_.cloneDeep(currentRoles));
const added = await Service.updateData(_.cloneDeep(remove), 'set');
@@ -210,7 +207,7 @@ module.exports = {
updateRole: async (roleId, body) => {
const Service = strapi.plugins['users-permissions'].services.userspermissions;
- const appRoles = require(Service.getRoleConfigPath());
+ const appRoles = strapi.plugins['users-permissions'].config.roles
const updatedRole = _.pick(body, ['name', 'description', 'permissions']);
_.set(appRoles, [roleId], updatedRole);
@@ -219,9 +216,8 @@ module.exports = {
const currentUsers = await strapi.query('user', 'users-permissions').find(strapi.utils.models.convertParams('user', {
role: roleId
}));
-
- const userToAdd = _.differenceBy(body.users, currentUsers, 'id');
- const userToRemove = _.differenceBy(currentUsers, body.users, 'id');
+ const userToAdd = _.differenceBy(body.users, currentUsers.toJSON ? currentUsers.toJSON() : currentUsers, 'id');
+ const userToRemove = _.differenceBy(currentUsers.toJSON ? currentUsers.toJSON() : currentUsers, body.users, 'id');
_.forEach(userToAdd, (user) => {
Service.updateUserRole(user, roleId);
@@ -232,7 +228,7 @@ module.exports = {
},
updateUserRole: async (user, role) => {
- await strapi.query('user', 'users-permissions').update({
+ strapi.query('user', 'users-permissions').update({
_id: user._id || user.id,
role: role.toString()
});
@@ -242,7 +238,7 @@ module.exports = {
const roleConfigPath = strapi.plugins['users-permissions'].services.userspermissions.getRoleConfigPath();
try {
- fs.writeFileSync(roleConfigPath, stringify(data, null, 2), 'utf8');
+ fs.writeFileSync(roleConfigPath, stringify({ roles: data }, null, 2), 'utf8');
} catch(err) {
strapi.log.error(err);
}