Execute controller action out of authorization try

packages/strapi-admin/package.json

@@ -46,4 +46,4 @@
     "npm": ">= 3.0.0"
   },
   "license": "MIT"
-}
+}

packages/strapi-bookshelf/package.json

@@ -55,4 +55,4 @@
     "npm": ">= 5.3.0"
   },
   "license": "MIT"
-}
+}

packages/strapi-knex/package.json

@@ -46,4 +46,4 @@
     "npm": ">= 5.0.0"
   },
   "license": "MIT"
-}
+}

packages/strapi-plugin-content-manager/package.json

@@ -48,4 +48,4 @@
     "react-select": "^1.0.0-rc.5",
     "strapi-helper-plugin": "3.0.0-alpha.7.3"
   }
-}
+}

packages/strapi-plugin-content-type-builder/package.json

@@ -48,4 +48,4 @@
     "npm": ">= 3.0.0"
   },
   "license": "MIT"
-}
+}

packages/strapi-plugin-email/package.json

@@ -46,4 +46,4 @@
     "npm": ">= 3.0.0"
   },
   "license": "MIT"
-}
+}

packages/strapi-plugin-settings-manager/package.json

@@ -45,4 +45,4 @@
     "npm": ">= 3.0.0"
   },
   "license": "MIT"
-}
+}

packages/strapi-plugin-users-permissions/config/policies/permissions.js

@@ -10,18 +10,19 @@ module.exports = async (ctx, next) => {
 
       ctx.state.user = await strapi.plugins['users-permissions'].services.user.fetch(_.pick(tokenUser, ['_id', 'id']));
 
-      if (!ctx.state.user) {
-        ctx.unauthorized('This user doesn\'t exit.');
-      }
-
-      role = ctx.state.user.role;
-
-      if (role.toString() === '0') {
-        return await next();
-      }
     } catch (err) {
       return ctx.unauthorized(err);
     }
+
+    if (!ctx.state.user) {
+      ctx.unauthorized('This user doesn\'t exit.');
+    }
+
+    role = ctx.state.user.role;
+
+    if (role.toString() === '0') {
+      return await next();
+    }
   }
 
   const permission = _.get(strapi.plugins['users-permissions'].config, ['roles', role.toString(), 'permissions', route.plugin || 'application', 'controllers', route.controller, route.action]);

packages/strapi-plugin-users-permissions/package.json

@@ -48,4 +48,4 @@
     "npm": ">= 3.0.0"
   },
   "license": "MIT"
-}
+}