yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-07-08 01:22:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
36,133 Commits 116 Branches 482 Tags
Commit Graph

277 Commits

Author SHA1 Message Date
Ben Irvin
8263926b47 feat: register.allowedFields defaults to empty array 2024-01-16 18:14:32 +01:00
Marc-Roig
856dfd8ee5
fix: ignore locale field in api tests 2024-01-10 11:01:21 +01:00
Alexandre BODIN
5ae0dc40cd feat!(content-manager): remove the ability to disable draft&publish (#18488) 
* feat!: remove draft and publish triggering

* chore: update snapshots and tests

* test: adapt tests
 2023-10-24 17:18:59 +01:00
Alexandre Bodin
0b5590b0eb chore(core/strapi): extend container in strapi class 2023-10-24 17:18:59 +01:00
Kushal Kanungo
ae06d7f100 changed the error type from application to forbidden 2023-09-12 20:24:43 +05:30
Kushal Kanungo
a8149c55fd fix: blocked users can still login via provider 2023-09-06 11:05:39 +05:30
Marc-Roig
066c1ba947
chore: remove space 2023-08-30 15:21:30 +02:00
Marc-Roig
d7f1a83ca0
fix: add review workflow types in the ignoreDiffs list 2023-08-30 15:20:47 +02:00
Marc-Roig
a720271836
fix: ignore review workflow fields in users and permissions user 2023-08-30 15:17:32 +02:00
Ben Irvin
026570c3a4
Merge pull request #17804 from strapi/feature/add-allowedfields 2023-08-25 15:55:06 +02:00
Ben Irvin
7cbd31e19c add allowedFields feature 2023-08-25 13:44:44 +02:00
Ben Irvin
dce86bec5c validate does not sanitize 2023-08-11 13:13:44 +02:00
Ben Irvin
995473d959 add utils.validate and replace sanitize usage 2023-08-10 15:24:35 +02:00
Gustav Hansen
20937a7464 Chore: Apply lint autofixable rules 2023-07-31 08:18:00 +02:00
derrickmehaffy
9f1600ab5d update path normalize to a cleaner implementation 2023-07-19 01:35:40 -07:00
derrickmehaffy
e8231bbca2 handle cleanup of trailing / 2023-07-19 01:25:04 -07:00
derrickmehaffy
ed364d951a Update both Admin and U&P ratelimit to lower path 2023-07-17 14:55:45 -07:00
Christian Capeans
90694bdfbe Remove didReceiveAPIRequest event 2023-06-19 11:53:24 +02:00
markkaylor
f1c2201b6e
Merge pull request #16265 from strapi/fix/plugin-documentation-bugs 
Fix/plugin documentation bugs
 2023-04-24 19:50:10 +02:00
Mark Kaylor
02a6ea5cf5 Add customizer function 2023-04-24 15:25:17 +02:00
Mark Kaylor
23acbabc95 Fix plugins generating documentation the user doesn't want 2023-04-24 15:25:17 +02:00
Christian
5f092683d9
Merge branch 'main' into patch-1 2023-04-21 10:09:56 +02:00
Ben Irvin
1d06a15e99
Merge pull request #16420 from strapi/fix/upRegisterBlacklist 2023-04-20 16:47:51 +02:00
Christian
7f397db96a
Merge branch 'main' into patch-1 2023-04-20 09:58:31 +02:00
Christian
98c0a2a5d1
Update packages/plugins/users-permissions/server/strategies/users-permissions.js 
Co-authored-by: Ben Irvin <ben@innerdvations.com>
 2023-04-19 16:46:29 +02:00
Christian Capeans
0acb4ab3aa Change event name 2023-04-19 16:44:00 +02:00
Christian Capeans
0740be570f Add didCompleteRequest event 2023-04-19 12:54:10 +02:00
derrickmehaffy
773db0dcaf add role as a failsafe 2023-04-17 08:08:19 -07:00
derrickmehaffy
52f5b7a16e update blacklist with all system fields 2023-04-17 07:30:28 -07:00
focus-at
8e3d6c1e9b Update providers-registry.js 
FIX for 
```
body {
  error: {
    error_code: 3,
    error_msg: 'Unknown method passed',
    request_params: [ [Object], [Object], [Object], [Object] ]
  }
}
```
 2023-04-12 19:59:49 +03:00
Alexandre BODIN
aaeb988a0b
Expand nx usage and migrate logger to ts (#15957) 2023-03-22 11:21:33 +01:00
Ben Irvin
801e3db415 add traverse query 
fix single type

fix query

sanitize pagination count params

add comments

Cleanup the params/filters sanitize helpers

sanitize association resolver

Sanitize sort

fix graphql single type

fix graphql types

fix addFindQuery

Sanitize fields

Update sanitize sort to handle all the different formats

Update fields sanitize to handle regular strings & wildcard

Fix non scalar recursion

Add a traverse factory

Add visitor to remove dz & morph relations

Replace the old traverse utils (sort, filters) by one created using the traverse factory

add sanitize populate

await args

fix async and duplicate sanitization

sanitize u&p params

Add traverse fields

Fix traverse & sanitize fields

add traverse fields to nested populate

sanitize admin api filter queries

Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>

sanitize sort params in admin API

todo

make token fields unsearchable with _q

sanitize delete mutation

Update packages/core/admin/server/services/permission/permissions-manager/sanitize.js

Co-authored-by: Jamie Howard <48524071+jhoward1994@users.noreply.github.com>

fix errors on queries without ctx

rename findParams to sanitizedParams

Sanitize queries everywhere in the content manager admin controllers

sanitize single type update and delete

Ignore non attribute keys in the sanitize sort

Fix the sanitize query sort for nested string sort

Fix permission check for the admin

typo

sanitize upload

sanitize admin media library

sanitize admin users

Add missing await

Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>

set U&P users fields to searchable:false

add token support to createContentAPIRequest

add searchable:false to getstarted U&P schema

remove comment

sanitize component resolver

remove await

add searchable false to the file's folder path

Fix admin query when the permission query is set to null

add basic tests for filtering private params

add tests for fields

add pagination tests

Fix admin user fields not being sanitized

Fix convert query params for the morph fragment on undefined value

Traverse dynamic zone on nested populate

Handle nested sort, filters & fields in populate queries + handle populate fragment for morphTo relations

Sanitize 'on' subpopulate

Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>

don't throw error on invalid attributes

check models for snake case column name instead of assuming they are operators

Add first batch of api tests for params sanitize

Fix sort traversal: handle object arrays

Put back removePassword for fields,sort,filters

Add schemas and fixtures for sanitize api tests

Add tests for relations (sanitize api tests)

Move constant to domain scope

Rename sanitize params to sanitize query

Fix typo

Cleanup fixtures file

Fix variable name conflict

Update packages/core/admin/server/services/permission/permissions-manager/sanitize.js

Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>

Update comment for array filters

Rename sanitize test

Test implicit & explicit array operator for filter

Remove unused code
 2023-03-15 14:59:19 +01:00
Nathan Pichon
0bd42b52de
Merge branch 'main' into features/patreon-auth-provider 2023-02-06 11:40:26 +01:00
Christian
449529fd02
Merge branch 'main' into fix/users-permissions-unique-email 2023-01-31 16:17:19 +01:00
Christian Capeans
bec07b0b0a Merge branch 'main' into fix/unvalidated-cognito-access 2023-01-25 12:28:47 +01:00
Christian Capeans
8bbbd7383a Split the url to fill origin and path values in purest 2023-01-25 12:12:55 +01:00
Christian Capeans
eeab43b577 Store jwk set url in strapi core 2023-01-11 12:57:39 +01:00
Convly
56aa69f472 Use lodash fp instead of lodash 2023-01-10 10:34:49 +01:00
Convly
6f07d33f88 Disable lodash template's escape 2023-01-09 18:28:30 +01:00
Christian Capeans
46f8f98378 Verify cognito token with AWS 2023-01-09 14:20:02 +01:00
Convly
0458e88bce Handle object variables & fix sendTemplatedEmail 2022-12-30 19:46:33 +01:00
Convly
6b0b981e90 Update users-permissions service to prevent usage of invalid email templates 2022-12-30 19:01:04 +01:00
Convly
403a1fe81b Update email template validation & tests 2022-12-30 19:00:19 +01:00
Tom Shortall
7dbf8896ee use full_name instead of concatenating first_name and last_name 2022-12-19 21:31:01 +00:00
Tom Shortall
32f9e9a780 Add Patreon as an Oauth2 Provider to the Users & Permissions plugin 2022-12-19 21:10:31 +00:00
jason.chang
00dcbf8ee2 fix: fix duplicated emails checking in connect method 2022-11-18 11:59:11 +08:00
Alexandre Bodin
3ef2eabdad Fix validation on user update 2022-11-09 19:10:41 +01:00
Julie Plantey
41b1bcf8cd Merge branch 'main' of https://github.com/strapi/strapi into feature/relations-main-view 2022-10-11 11:16:00 +02:00
Pierre Noël
93d030df8b update permissions plugin role validation (done by @Marc-Roig) 2022-10-06 11:15:07 +02:00
derrickmehaffy
a230f29587 Fix wrong filter param used with the entityService 
Signed-off-by: Derrick Mehaffy <derrickmehaffy@gmail.com>
 2022-09-29 14:02:26 -07:00