mirror of
https://github.com/strapi/strapi.git
synced 2025-08-01 05:17:14 +00:00
fix updates
This commit is contained in:
Ben Irvin
parent
4f39f046d9
commit
fe51a07d01
@ -1,7 +1,7 @@
|
|||||||
'use strict';
|
'use strict';
|
||||||
|
|
||||||
const crypto = require('crypto');
|
const crypto = require('crypto');
|
||||||
const { map, omit, differenceBy, isEmpty } = require('lodash/fp');
|
const { omit, difference, isEmpty, map } = require('lodash/fp');
|
||||||
const { ValidationError, NotFoundError } = require('@strapi/utils').errors;
|
const { ValidationError, NotFoundError } = require('@strapi/utils').errors;
|
||||||
const constants = require('../services/constants');
|
const constants = require('../services/constants');
|
||||||
|
|
||||||
@ -99,15 +99,32 @@ const create = async attributes => {
|
|||||||
|
|
||||||
const result = { ...apiToken, accessKey };
|
const result = { ...apiToken, accessKey };
|
||||||
|
|
||||||
// If this is a custom type token, create and link the associated permissions
|
// If this is a custom type token, create and the related permissions
|
||||||
if (attributes.type === constants.API_TOKEN_TYPE.CUSTOM) {
|
if (attributes.type === constants.API_TOKEN_TYPE.CUSTOM) {
|
||||||
const permissionsCount = await strapi
|
// TODO: createMany doesn't seem to create relation properly, figure this out?
|
||||||
.query('admin::token-permission')
|
// const permissionsCount = await strapi.query('admin::token-permission').createMany({
|
||||||
.createMany({ data: attributes.permissions.map(action => ({ action, token: apiToken.id })) });
|
// populate: POPULATE_FIELDS,
|
||||||
|
// data: attributes.permissions.map(action => ({ action, token: apiToken })),
|
||||||
|
// });
|
||||||
|
|
||||||
// TODO: select the permissions to ensure it worked
|
let promises = [];
|
||||||
if (permissionsCount) {
|
attributes.permissions.forEach(action => {
|
||||||
Object.assign(result, { permissions: attributes.permissions });
|
promises.push(
|
||||||
|
strapi.query('admin::token-permission').create({
|
||||||
|
data: { action, token: apiToken },
|
||||||
|
})
|
||||||
|
);
|
||||||
|
});
|
||||||
|
await Promise.all(promises);
|
||||||
|
|
||||||
|
const currentPermissions = await strapi.entityService.load(
|
||||||
|
'admin::api-token',
|
||||||
|
apiToken,
|
||||||
|
'permissions'
|
||||||
|
);
|
||||||
|
|
||||||
|
if (currentPermissions) {
|
||||||
|
Object.assign(result, { permissions: map('action', currentPermissions) });
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -204,26 +221,56 @@ const update = async (id, attributes) => {
|
|||||||
data: omit('permissions', attributes),
|
data: omit('permissions', attributes),
|
||||||
});
|
});
|
||||||
|
|
||||||
|
const currentPermissions = await strapi.entityService.load(
|
||||||
|
'admin::api-token',
|
||||||
|
token,
|
||||||
|
'permissions'
|
||||||
|
);
|
||||||
|
|
||||||
let permissions = {};
|
let permissions = {};
|
||||||
if (token.type === constants.API_TOKEN_TYPE.CUSTOM) {
|
if (token.type === constants.API_TOKEN_TYPE.CUSTOM) {
|
||||||
const permissionsToDelete = differenceBy('action', token.permissions, attributes.permissions);
|
const permissionsToDelete = difference(
|
||||||
const permissionsToCreate = differenceBy('action', attributes.permissions, token.permissions);
|
map('action', currentPermissions),
|
||||||
|
attributes.permissions
|
||||||
|
);
|
||||||
|
const permissionsToCreate = difference(attributes.permissions, oldToken.permissions);
|
||||||
|
|
||||||
// TODO: this is deleting the permission, but not the link to this token
|
// TODO: make deleteMany work with relations
|
||||||
await strapi
|
// await strapi
|
||||||
.query('admin::token-permission')
|
// .query('admin::token-permission')
|
||||||
.deleteMany({ where: { action: map('action', permissionsToDelete) } });
|
// .deleteMany({ where: { action: map('action', permissionsToDelete), token: id } });
|
||||||
|
let promises = [];
|
||||||
|
permissionsToDelete.forEach(action => {
|
||||||
|
promises.push(
|
||||||
|
strapi.query('admin::token-permission').delete({
|
||||||
|
where: { action, token: id },
|
||||||
|
})
|
||||||
|
);
|
||||||
|
});
|
||||||
|
await Promise.all(promises);
|
||||||
|
|
||||||
// TODO: This is only creating the permission, not linking it to this token
|
// TODO: make createMany work with relations
|
||||||
await strapi
|
// await strapi
|
||||||
.query('admin::token-permission')
|
// .query('admin::token-permission')
|
||||||
.createMany({ data: permissionsToCreate.map(action => ({ action, token: id })) });
|
// .createMany({ data: permissionsToCreate.map(action => ({ action, token: id })) });
|
||||||
|
promises = [];
|
||||||
|
permissionsToCreate.forEach(action => {
|
||||||
|
promises.push(
|
||||||
|
strapi.query('admin::token-permission').create({
|
||||||
|
data: { action, token: id },
|
||||||
|
})
|
||||||
|
);
|
||||||
|
});
|
||||||
|
await Promise.all(promises);
|
||||||
|
|
||||||
|
// retrieve permissions
|
||||||
permissions = {
|
permissions = {
|
||||||
permissions: await strapi.entityService.load('admin::api-token', token, 'permissions'),
|
permissions: await strapi.entityService.load('admin::api-token', token, 'permissions'),
|
||||||
};
|
};
|
||||||
} else {
|
}
|
||||||
// TODO: if type is changing from custom, make sure old permissions get removed
|
// TODO: if type is changing from custom, make sure old permissions get removed
|
||||||
|
else {
|
||||||
|
//TODO
|
||||||
}
|
}
|
||||||
|
|
||||||
return { ...token, ...permissions };
|
return { ...token, ...permissions };
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user