83 Commits

Author SHA1 Message Date
Pierre Noël
0f123ceb39 fix RBAC 2021-09-27 11:08:48 +02:00
Pierre Noël
d02c7ab741 Use new filters format in the upload plugin 2021-09-27 11:08:47 +02:00
Alexandre Bodin
60cbb448f6 Make perm compare accurate 2021-09-25 00:59:53 +02:00
Alexandre BODIN
87d79388c1
Merge pull request #11064 from strapi/v4/refactor-policy-api
[v4] Refactor policy API
2021-09-24 18:44:21 +02:00
Dieter Stinglhamber
14a0ba9ee3 comment the api-token auth strategy 2021-09-24 12:07:31 +02:00
Dieter Stinglhamber
edeca8a6ce fix issue with string and number id comparaison 2021-09-24 12:07:00 +02:00
Dieter Stinglhamber
b9b98c620c improve scope matching and verification failures 2021-09-24 12:07:00 +02:00
Dieter Sting
0db6950d9d fix typo
Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
2021-09-24 12:07:00 +02:00
Dieter Stinglhamber
4b6704d2ae fix unit tests 2021-09-24 12:07:00 +02:00
Dieter Stinglhamber
1a72747672 add api-token auth strategy to the content-api 2021-09-24 12:06:56 +02:00
Dieter Stinglhamber
5bc7c4462a fix typo 2021-09-24 12:05:40 +02:00
Dieter Stinglhamber
31d74d2710 allow for partial payload to update a token 2021-09-24 12:05:40 +02:00
Dieter Stinglhamber
f7bd99cb74 implement PUT endpoint to update a token 2021-09-24 12:05:40 +02:00
Dieter Stinglhamber
ca668c78e8 store the hashed accessKey in the database 2021-09-24 12:05:39 +02:00
Dieter Stinglhamber
b50afb69d5 implement POST endpoint to create api tokens 2021-09-24 12:05:39 +02:00
Dieter Stinglhamber
78e5bd98d3 update tests and rename get method 2021-09-24 12:05:39 +02:00
Dieter Stinglhamber
f791c21cc9 fix typos 2021-09-24 12:05:39 +02:00
Dieter Stinglhamber
a4e0df4ce8 implement GET endpoint to get a single token 2021-09-24 12:05:39 +02:00
Dieter Stinglhamber
c143d58bc1 fix typos 2021-09-24 12:05:38 +02:00
Dieter Stinglhamber
930156a574 return deleted token 2021-09-24 12:05:38 +02:00
Dieter Stinglhamber
946d3a0ea3 add DELETE route and logic 2021-09-24 12:05:38 +02:00
Dieter Stinglhamber
643f26975d use plain text in tests in favor of constants 2021-09-24 12:05:38 +02:00
Dieter Stinglhamber
3321aaa92c extract token types in a constant 2021-09-24 12:05:38 +02:00
Dieter Stinglhamber
6fa87bb146 update test 2021-09-24 12:05:38 +02:00
Dieter Stinglhamber
a804b908c8 adds tests 2021-09-24 12:05:37 +02:00
Dieter Stinglhamber
fd0e206d83 add e2e tests 2021-09-24 12:05:37 +02:00
Dieter Stinglhamber
fd2b0d81ab implement GET endpoint to list the api tokens 2021-09-24 12:05:37 +02:00
Dieter Stinglhamber
03e9ff6084 use spyOn to mock crypto 2021-09-24 12:05:37 +02:00
Dieter Stinglhamber
6a4a4cc1f9 minor fixes 2021-09-24 12:05:37 +02:00
Dieter Stinglhamber
bfcd119311 fix service unit test 2021-09-24 12:05:36 +02:00
Dieter Stinglhamber
a1a072df46 avoid mutation of the body 2021-09-24 12:05:36 +02:00
Dieter Stinglhamber
bfcebc9bae improve tests and minor fixes 2021-09-24 12:05:36 +02:00
Dieter Stinglhamber
305547b9bb use createHmac in favour of createHash for added security 2021-09-24 12:05:36 +02:00
Dieter Stinglhamber
0be0c98d72 add test to support salt errors 2021-09-24 12:05:36 +02:00
Dieter Stinglhamber
ef36034acf throw an error if there is an issue with the salt configuration 2021-09-24 12:05:36 +02:00
Dieter Stinglhamber
e16ce91ade add test to support trimming 2021-09-24 12:05:35 +02:00
Dieter Stinglhamber
4b7a1eb48f trim name and description before validation 2021-09-24 12:05:35 +02:00
Dieter Stinglhamber
e9b897b66b store the hashed accessKey in the database 2021-09-24 12:05:35 +02:00
Dieter Stinglhamber
5305f2e757 fix issues after rebasing on release/v4 2021-09-24 12:05:35 +02:00
Dieter Stinglhamber
1c10cf4acf improve jsdoc comments 2021-09-24 12:05:35 +02:00
Dieter Stinglhamber
f2c6af61ee fix exists function 2021-09-24 12:05:34 +02:00
Dieter Stinglhamber
4d27d9de51 cleanup unnecessary code 2021-09-24 12:05:34 +02:00
Dieter Stinglhamber
3fb6b57808 implement POST endpoint to create api tokens 2021-09-24 12:05:34 +02:00
Dieter Stinglhamber
36af3134be fix displayName for create and delete permissions 2021-09-24 12:05:34 +02:00
Dieter Stinglhamber
33374f4193 update snapshot for EE without SSO test 2021-09-24 12:05:34 +02:00
Dieter Stinglhamber
d60659df89 update snapshot for EE test 2021-09-24 12:05:33 +02:00
Dieter Stinglhamber
8d9b957f8c add CRUD permission for the api token 2021-09-24 12:05:33 +02:00
Dieter Sting
e4d443ed09
cast isAuthenticated as a boolean to avoid side effects
Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
2021-09-24 09:59:19 +02:00
Dieter Stinglhamber
bc9bc1c498 remove commented code 2021-09-24 09:44:53 +02:00
Dieter Stinglhamber
3c1dcbe76d refactor policy API 2021-09-24 09:35:25 +02:00