mirror of
https://github.com/strapi/strapi.git
synced 2025-07-10 02:22:21 +00:00

* Add a domain layer for the permission, rework the engine handling of the permissions Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add permissions-fields-to-properties migration for the admin Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Removes useless console.log Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove debug logLevel from provider-login.test.e2e.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Adds the new layout for the GET permissions, allow to subscribe to actionRegistered events, adds i18n handlers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix typo Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update permissions validators Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update unit tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update integrations test + fix some validation issues Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Change plugins & settings section format for the permissions layout * only return locales property to localized subjects for the permission's layout * Do not send the locales property to the permission's layout when there is no locales created * Add the 'locales' property to publish & delete routes * Fix unwanted mutation of the sections builder states on multiple builds * Fix units tests with (new engine) * Fix admin-role e2e test - Add locales property to the update payload * fix e2e testsé * Update e2e snapshots * Fix unit test for i18n bootstrap * Add mocks for i18n/bootstrap test * Fix has-locale condition & updatePermission validator * Avoid mutation in migration, always authorize super admin for has-locales condition * Rework rbac domain objects, add a hook module and a provider factory * Remove old providers * Update the admin services & tests for the new rbac domain & providers * Fix tests, bootstrap functions & services following rbac domain rework * Update migration runner * PR comments Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove useless console.log * Fix sanitizeCondition bug * Section builder rework * Add test for the section-builder section & add jsdoc for the permission domain * pr comments (without the migrations) * fix fields-to-properties migration * Add jsdoc for the sections-builder * Moves createBoundAbstractDomain from permission domain to the engine service * Remove debug logLevel for admin role test (e2e) * Fix core-store * Fix hooks & move business logic from i18n bootstrap to dedicated services * add route get-non-localized-fields * use write and read permission * refacto * add input validator * add route doc * handle ST Co-authored-by: Pierre Noël <petersg83@gmail.com> Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
226 lines
5.9 KiB
JavaScript
226 lines
5.9 KiB
JavaScript
'use strict';
|
||
|
||
/**
|
||
* An asynchronous bootstrap function that runs before
|
||
* your application gets started.
|
||
*
|
||
* This gives you an opportunity to set up your data model,
|
||
* run jobs, or perform some special logic.
|
||
*/
|
||
const _ = require('lodash');
|
||
const uuid = require('uuid/v4');
|
||
|
||
const usersPermissionsActions = require('../users-permissions-actions');
|
||
|
||
module.exports = async () => {
|
||
const pluginStore = strapi.store({
|
||
environment: '',
|
||
type: 'plugin',
|
||
name: 'users-permissions',
|
||
});
|
||
|
||
const grantConfig = {
|
||
email: {
|
||
enabled: true,
|
||
icon: 'envelope',
|
||
},
|
||
discord: {
|
||
enabled: false,
|
||
icon: 'discord',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/discord/callback`,
|
||
scope: ['identify', 'email'],
|
||
},
|
||
facebook: {
|
||
enabled: false,
|
||
icon: 'facebook-square',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/facebook/callback`,
|
||
scope: ['email'],
|
||
},
|
||
google: {
|
||
enabled: false,
|
||
icon: 'google',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/google/callback`,
|
||
scope: ['email'],
|
||
},
|
||
github: {
|
||
enabled: false,
|
||
icon: 'github',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/github/callback`,
|
||
scope: ['user', 'user:email'],
|
||
},
|
||
microsoft: {
|
||
enabled: false,
|
||
icon: 'windows',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/microsoft/callback`,
|
||
scope: ['user.read'],
|
||
},
|
||
twitter: {
|
||
enabled: false,
|
||
icon: 'twitter',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/twitter/callback`,
|
||
},
|
||
instagram: {
|
||
enabled: false,
|
||
icon: 'instagram',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/instagram/callback`,
|
||
scope: ['user_profile'],
|
||
},
|
||
vk: {
|
||
enabled: false,
|
||
icon: 'vk',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/vk/callback`,
|
||
scope: ['email'],
|
||
},
|
||
twitch: {
|
||
enabled: false,
|
||
icon: 'twitch',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/twitch/callback`,
|
||
scope: ['user:read:email'],
|
||
},
|
||
linkedin: {
|
||
enabled: false,
|
||
icon: 'linkedin',
|
||
key: '',
|
||
secret: '',
|
||
callback: `${strapi.config.server.url}/auth/linkedin/callback`,
|
||
scope: ['r_liteprofile', 'r_emailaddress'],
|
||
},
|
||
cognito: {
|
||
enabled: false,
|
||
icon: 'aws',
|
||
key: '',
|
||
secret: '',
|
||
subdomain: 'my.subdomain.com',
|
||
callback: `${strapi.config.server.url}/auth/cognito/callback`,
|
||
scope: ['email', 'openid', 'profile'],
|
||
},
|
||
reddit: {
|
||
enabled: false,
|
||
icon: 'reddit',
|
||
key: '',
|
||
secret: '',
|
||
state: true,
|
||
callback: `${strapi.config.server.url}/auth/reddit/callback`,
|
||
scope: ['identity'],
|
||
},
|
||
auth0: {
|
||
enabled: false,
|
||
icon: '',
|
||
key: '',
|
||
secret: '',
|
||
subdomain: 'my-tenant.eu',
|
||
callback: `${strapi.config.server.url}/auth/auth0/callback`,
|
||
scope: ['openid', 'email', 'profile'],
|
||
},
|
||
};
|
||
const prevGrantConfig = (await pluginStore.get({ key: 'grant' })) || {};
|
||
// store grant auth config to db
|
||
// when plugin_users-permissions_grant is not existed in db
|
||
// or we have added/deleted provider here.
|
||
if (!prevGrantConfig || !_.isEqual(_.keys(prevGrantConfig), _.keys(grantConfig))) {
|
||
// merge with the previous provider config.
|
||
_.keys(grantConfig).forEach(key => {
|
||
if (key in prevGrantConfig) {
|
||
grantConfig[key] = _.merge(grantConfig[key], prevGrantConfig[key]);
|
||
}
|
||
});
|
||
await pluginStore.set({ key: 'grant', value: grantConfig });
|
||
}
|
||
|
||
if (!(await pluginStore.get({ key: 'email' }))) {
|
||
const value = {
|
||
reset_password: {
|
||
display: 'Email.template.reset_password',
|
||
icon: 'sync',
|
||
options: {
|
||
from: {
|
||
name: 'Administration Panel',
|
||
email: 'no-reply@strapi.io',
|
||
},
|
||
response_email: '',
|
||
object: 'Reset password',
|
||
message: `<p>We heard that you lost your password. Sorry about that!</p>
|
||
|
||
<p>But don’t worry! You can use the following link to reset your password:</p>
|
||
<p><%= URL %>?code=<%= TOKEN %></p>
|
||
|
||
<p>Thanks.</p>`,
|
||
},
|
||
},
|
||
email_confirmation: {
|
||
display: 'Email.template.email_confirmation',
|
||
icon: 'check-square',
|
||
options: {
|
||
from: {
|
||
name: 'Administration Panel',
|
||
email: 'no-reply@strapi.io',
|
||
},
|
||
response_email: '',
|
||
object: 'Account confirmation',
|
||
message: `<p>Thank you for registering!</p>
|
||
|
||
<p>You have to confirm your email address. Please click on the link below.</p>
|
||
|
||
<p><%= URL %>?confirmation=<%= CODE %></p>
|
||
|
||
<p>Thanks.</p>`,
|
||
},
|
||
},
|
||
};
|
||
|
||
await pluginStore.set({ key: 'email', value });
|
||
}
|
||
|
||
if (!(await pluginStore.get({ key: 'advanced' }))) {
|
||
const value = {
|
||
unique_email: true,
|
||
allow_register: true,
|
||
email_confirmation: false,
|
||
email_reset_password: null,
|
||
email_confirmation_redirection: null,
|
||
default_role: 'authenticated',
|
||
};
|
||
|
||
await pluginStore.set({ key: 'advanced', value });
|
||
}
|
||
|
||
await strapi.plugins['users-permissions'].services.userspermissions.initialize();
|
||
|
||
if (!_.get(strapi.plugins['users-permissions'], 'config.jwtSecret')) {
|
||
const jwtSecret = uuid();
|
||
_.set(strapi.plugins['users-permissions'], 'config.jwtSecret', jwtSecret);
|
||
|
||
strapi.reload.isWatching = false;
|
||
|
||
await strapi.fs.writePluginFile(
|
||
'users-permissions',
|
||
'config/jwt.js',
|
||
`module.exports = {\n jwtSecret: process.env.JWT_SECRET || '${jwtSecret}'\n};`
|
||
);
|
||
|
||
strapi.reload.isWatching = true;
|
||
}
|
||
|
||
await strapi.admin.services.permission.actionProvider.registerMany(
|
||
usersPermissionsActions.actions
|
||
);
|
||
};
|