yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-07-27 10:56:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
29,765 Commits 111 Branches 486 Tags
Commit Graph

53 Commits

Author SHA1 Message Date
Ben Irvin
801e3db415 add traverse query 
fix single type

fix query

sanitize pagination count params

add comments

Cleanup the params/filters sanitize helpers

sanitize association resolver

Sanitize sort

fix graphql single type

fix graphql types

fix addFindQuery

Sanitize fields

Update sanitize sort to handle all the different formats

Update fields sanitize to handle regular strings & wildcard

Fix non scalar recursion

Add a traverse factory

Add visitor to remove dz & morph relations

Replace the old traverse utils (sort, filters) by one created using the traverse factory

add sanitize populate

await args

fix async and duplicate sanitization

sanitize u&p params

Add traverse fields

Fix traverse & sanitize fields

add traverse fields to nested populate

sanitize admin api filter queries

Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>

sanitize sort params in admin API

todo

make token fields unsearchable with _q

sanitize delete mutation

Update packages/core/admin/server/services/permission/permissions-manager/sanitize.js

Co-authored-by: Jamie Howard <48524071+jhoward1994@users.noreply.github.com>

fix errors on queries without ctx

rename findParams to sanitizedParams

Sanitize queries everywhere in the content manager admin controllers

sanitize single type update and delete

Ignore non attribute keys in the sanitize sort

Fix the sanitize query sort for nested string sort

Fix permission check for the admin

typo

sanitize upload

sanitize admin media library

sanitize admin users

Add missing await

Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>

set U&P users fields to searchable:false

add token support to createContentAPIRequest

add searchable:false to getstarted U&P schema

remove comment

sanitize component resolver

remove await

add searchable false to the file's folder path

Fix admin query when the permission query is set to null

add basic tests for filtering private params

add tests for fields

add pagination tests

Fix admin user fields not being sanitized

Fix convert query params for the morph fragment on undefined value

Traverse dynamic zone on nested populate

Handle nested sort, filters & fields in populate queries + handle populate fragment for morphTo relations

Sanitize 'on' subpopulate

Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>

don't throw error on invalid attributes

check models for snake case column name instead of assuming they are operators

Add first batch of api tests for params sanitize

Fix sort traversal: handle object arrays

Put back removePassword for fields,sort,filters

Add schemas and fixtures for sanitize api tests

Add tests for relations (sanitize api tests)

Move constant to domain scope

Rename sanitize params to sanitize query

Fix typo

Cleanup fixtures file

Fix variable name conflict

Update packages/core/admin/server/services/permission/permissions-manager/sanitize.js

Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>

Update comment for array filters

Rename sanitize test

Test implicit & explicit array operator for filter

Remove unused code
 2023-03-15 14:59:19 +01:00
Marc-Roig
f8d787192b remove todo 2023-02-06 10:41:55 +01:00
Marc-Roig
57a410c6b7 convert pagination query params for load 2023-02-06 10:28:01 +01:00
Marc-Roig
932770b5cc convert publication state arguments when using load 2023-02-02 17:51:53 +01:00
Convly
c49df55a67 Update tests & add type util to convert query params 2022-11-22 11:40:37 +01:00
Convly
b784135413 Fix typo 2022-11-21 14:20:59 +01:00
Convly
7c1837bbe1 Add test + update logic 2022-11-21 11:02:38 +01:00
Convly
0c205d0f58 Fix convert query params for 'true' subPopulate 2022-11-15 18:31:33 +01:00
Convly
8c2fb155b8 hanlde morphToOne populate & re-add legacy way of querying DZs 2022-11-15 15:14:28 +01:00
Convly
4dcfe4ab40 (tmp) init morph populate 2022-11-04 15:06:36 +01:00
Pierre Noël
98e8bc61e0 use transformLoadParamsToQuery instead of transformParamsToQuery to fix ordering being ignored in loadPages() 2022-10-07 18:49:15 +02:00
Pierre Noël
9d23799b5d use transformParamsToQuery 2022-08-30 15:12:06 +02:00
Pierre Noël
b17d1001c8 refactor DZ populate for better clarity 2022-08-29 16:15:09 +02:00
Pierre Noël
6c4039e3f1 remove useless code 2022-08-29 15:22:47 +02:00
Pierre Noël
3327196cce remove populate false only for the rest api, not in db layer 2022-08-26 21:01:50 +02:00
Pierre Noël
0ab458fe0d Allow the use of true, t, false, f, 1, 0 in addition to * when populating a field 2022-08-26 21:01:50 +02:00
Alexandre Bodin
b4572b7fb5 Refactor some multi class files 2022-08-11 10:20:50 +02:00
Alexandre Bodin
cf49ddbbfc Prettier and backend fix 2022-08-11 10:20:49 +02:00
Alexandre Bodin
0ae14c06cb 1st fix pass 2022-08-11 10:20:48 +02:00
Pierre Noël
952bca2dce better handle populating dz 2022-07-26 17:13:59 +02:00
Luan
506cf9e15b refactor: apply review suggestion of generic parsing 2022-03-04 18:57:14 -03:00
Luan
81cbf3b690 fix: sanitization of date type in query param 2022-03-02 23:33:22 -03:00
Convly
f765a4b8fb Pass down the schema when convert/sanitize the filters 2022-02-28 09:53:17 +01:00
Convly
f9305e4ae5 Fix typo for attribute getter 2022-02-25 15:32:11 +01:00
Convly
63f9e6a821 Add consistency for the fake schema geenration (when populating dynamic zones) 2022-02-22 15:52:55 +01:00
Convly
94dc1de744 Handle dynamic zones & medias 2022-02-22 15:34:27 +01:00
Convly
751631e3d8 Style 2022-02-22 15:34:27 +01:00
Convly
51e1f762c1 Handle components & relations for populate & deep populate filtering 2022-02-22 15:34:26 +01:00
Convly
5fb855227a Fix the populate filtering 2022-02-22 15:34:26 +01:00
Pierre Noël
af21bba606 handle object and array for and operator 2022-02-14 17:24:08 +01:00
Pierre Noël
62f7b1dc20 avoid breaking change by casting boolean value all the time 2022-02-11 18:07:05 +01:00
Pierre Noël
ef0cb82192 remove dead code 2022-02-10 18:38:47 +01:00
Pierre Noël
c2b8a4ee98 parse boolean in convertQueryParam instead of parsing in database 2022-02-10 13:12:16 +01:00
Convly
f183ea417b Code performance 2022-01-26 15:45:51 +01:00
Convly
9fbe72d58a Don't mutate the original filters object 2022-01-24 15:43:38 +01:00
Convly
3a732a1d01 Fix tests 2022-01-12 12:10:27 +01:00
Convly
2670d37ddc Fix tests & handle scalars shortcuts 2022-01-10 12:35:08 +01:00
Convly
81fff98c31 Remove dynamic zone filters 2022-01-06 16:35:44 +01:00
Convly
3eafe1c6e1 Enhance filters sanitize 2022-01-06 16:19:27 +01:00
Dieter Stinglhamber
664c18b17e sanitize password from filters 2021-12-15 11:16:12 +01:00
vincentbpro
eab466bb65 Merge branch 'master' into v4/fix-fetch-all-entries 2021-12-02 16:04:49 +01:00
DMehaffy
7e874e00a0 Update all documentation links to new docs url (#11424) 
Signed-off-by: Derrick Mehaffy <derrickmehaffy@gmail.com>
 2021-11-29 18:13:52 +01:00
vincentbpro
d5eb046285 fix: avoid sending -1 limit to db layer 2021-11-08 17:32:40 +01:00
Alexandre Bodin
9dd2824824 Init very simple filters system for the query layer to implement publication state filtering 2021-10-13 14:06:16 +02:00
Alexandre Bodin
edbad96c2c Remove old query params and remove _where occurences 2021-10-11 21:05:23 +02:00
Pierre Noël
491a662692 clean some code 2021-09-27 12:28:17 +02:00
Pierre Noël
b5e2ddfc3b add count feature inside populate field of content-api 2021-09-27 11:08:48 +02:00
Pierre Noël
0f123ceb39 fix RBAC 2021-09-27 11:08:48 +02:00
Alexandre Bodin
23f7cdb7fa Fix typos 2021-09-01 21:13:23 +02:00
Alexandre Bodin
7eaa8ae95e Handle sort query param 2021-08-31 19:31:31 +02:00