fix single type
fix query
sanitize pagination count params
add comments
Cleanup the params/filters sanitize helpers
sanitize association resolver
Sanitize sort
fix graphql single type
fix graphql types
fix addFindQuery
Sanitize fields
Update sanitize sort to handle all the different formats
Update fields sanitize to handle regular strings & wildcard
Fix non scalar recursion
Add a traverse factory
Add visitor to remove dz & morph relations
Replace the old traverse utils (sort, filters) by one created using the traverse factory
add sanitize populate
await args
fix async and duplicate sanitization
sanitize u&p params
Add traverse fields
Fix traverse & sanitize fields
add traverse fields to nested populate
sanitize admin api filter queries
Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>
sanitize sort params in admin API
todo
make token fields unsearchable with _q
sanitize delete mutation
Update packages/core/admin/server/services/permission/permissions-manager/sanitize.js
Co-authored-by: Jamie Howard <48524071+jhoward1994@users.noreply.github.com>
fix errors on queries without ctx
rename findParams to sanitizedParams
Sanitize queries everywhere in the content manager admin controllers
sanitize single type update and delete
Ignore non attribute keys in the sanitize sort
Fix the sanitize query sort for nested string sort
Fix permission check for the admin
typo
sanitize upload
sanitize admin media library
sanitize admin users
Add missing await
Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>
set U&P users fields to searchable:false
add token support to createContentAPIRequest
add searchable:false to getstarted U&P schema
remove comment
sanitize component resolver
remove await
add searchable false to the file's folder path
Fix admin query when the permission query is set to null
add basic tests for filtering private params
add tests for fields
add pagination tests
Fix admin user fields not being sanitized
Fix convert query params for the morph fragment on undefined value
Traverse dynamic zone on nested populate
Handle nested sort, filters & fields in populate queries + handle populate fragment for morphTo relations
Sanitize 'on' subpopulate
Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>
don't throw error on invalid attributes
check models for snake case column name instead of assuming they are operators
Add first batch of api tests for params sanitize
Fix sort traversal: handle object arrays
Put back removePassword for fields,sort,filters
Add schemas and fixtures for sanitize api tests
Add tests for relations (sanitize api tests)
Move constant to domain scope
Rename sanitize params to sanitize query
Fix typo
Cleanup fixtures file
Fix variable name conflict
Update packages/core/admin/server/services/permission/permissions-manager/sanitize.js
Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
Update comment for array filters
Rename sanitize test
Test implicit & explicit array operator for filter
Remove unused code
* Add an Error object type
* Fix typo in collection-type queries definition
* Add dynamic zone resolver
* Handle empty dynamic zone (no component attached)
* Add basic implementation for the graphql extension service
* Add createPolicyContext in @strapi/utils
* policiesMiddleware implementation for graphql
* wrapResolvers first implementation (authentication, middlewares, policies)
* move the content API schema build from /generators to /content-api. Extract types' register functions into a dedicated folder
* fix schema generation on bootstrap
* update the graphql service file to match new services arch
* fix single type queries
* simplify entity's resolver
* use apollo graphql conventions for resolver's args naming
* use the graphql extension system in i18n to add a locale arg to localized queries & mutations
