Jean-Sébastien Herbaux 1e5b1c99f6
I18n/ permissions rework (#9535)
* Add a domain layer for the permission, rework the engine handling of the permissions

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Add permissions-fields-to-properties migration for the admin

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Removes useless console.log

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Remove debug logLevel from provider-login.test.e2e.js

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Adds the new layout for the GET permissions, allow to subscribe to actionRegistered events, adds i18n handlers

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Fix typo

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Update permissions validators

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Update unit tests

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Update integrations test + fix some validation issues

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Change plugins & settings section format for the permissions layout

* only return locales property to localized subjects for the permission's layout

* Do not send the locales property to the permission's layout when there is no locales created

* Add the 'locales' property to publish & delete routes

* Fix unwanted mutation of the sections builder states on multiple builds

* Fix units tests with (new engine)

* Fix admin-role e2e test - Add locales property to the update payload

* fix e2e testsé

* Update e2e snapshots

* Fix unit test for i18n bootstrap

* Add mocks for i18n/bootstrap test

* Fix has-locale condition & updatePermission validator

* Avoid mutation in migration, always authorize super admin for has-locales condition

* Rework rbac domain objects, add a hook module and a provider factory

* Remove old providers

* Update the admin services & tests for the new rbac domain & providers

* Fix tests, bootstrap functions & services following rbac domain rework

* Update migration runner

* PR comments

Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>

* Remove useless console.log

* Fix sanitizeCondition bug

* Section builder rework

* Add test for the section-builder section & add jsdoc for the permission domain

* pr comments (without the migrations)

* fix fields-to-properties migration

* Add jsdoc for the sections-builder

* Moves createBoundAbstractDomain from permission domain to the engine service

* Remove debug logLevel for admin role test (e2e)

* Fix core-store

* Fix hooks & move business logic from i18n bootstrap to dedicated services

* add route get-non-localized-fields

* use write and read permission

* refacto

* add input validator

* add route doc

* handle ST

Co-authored-by: Pierre Noël <petersg83@gmail.com>
Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
2021-03-25 14:59:44 +01:00

226 lines
5.9 KiB
JavaScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

'use strict';
/**
* An asynchronous bootstrap function that runs before
* your application gets started.
*
* This gives you an opportunity to set up your data model,
* run jobs, or perform some special logic.
*/
const _ = require('lodash');
const uuid = require('uuid/v4');
const usersPermissionsActions = require('../users-permissions-actions');
module.exports = async () => {
const pluginStore = strapi.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
});
const grantConfig = {
email: {
enabled: true,
icon: 'envelope',
},
discord: {
enabled: false,
icon: 'discord',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/discord/callback`,
scope: ['identify', 'email'],
},
facebook: {
enabled: false,
icon: 'facebook-square',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/facebook/callback`,
scope: ['email'],
},
google: {
enabled: false,
icon: 'google',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/google/callback`,
scope: ['email'],
},
github: {
enabled: false,
icon: 'github',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/github/callback`,
scope: ['user', 'user:email'],
},
microsoft: {
enabled: false,
icon: 'windows',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/microsoft/callback`,
scope: ['user.read'],
},
twitter: {
enabled: false,
icon: 'twitter',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/twitter/callback`,
},
instagram: {
enabled: false,
icon: 'instagram',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/instagram/callback`,
scope: ['user_profile'],
},
vk: {
enabled: false,
icon: 'vk',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/vk/callback`,
scope: ['email'],
},
twitch: {
enabled: false,
icon: 'twitch',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/twitch/callback`,
scope: ['user:read:email'],
},
linkedin: {
enabled: false,
icon: 'linkedin',
key: '',
secret: '',
callback: `${strapi.config.server.url}/auth/linkedin/callback`,
scope: ['r_liteprofile', 'r_emailaddress'],
},
cognito: {
enabled: false,
icon: 'aws',
key: '',
secret: '',
subdomain: 'my.subdomain.com',
callback: `${strapi.config.server.url}/auth/cognito/callback`,
scope: ['email', 'openid', 'profile'],
},
reddit: {
enabled: false,
icon: 'reddit',
key: '',
secret: '',
state: true,
callback: `${strapi.config.server.url}/auth/reddit/callback`,
scope: ['identity'],
},
auth0: {
enabled: false,
icon: '',
key: '',
secret: '',
subdomain: 'my-tenant.eu',
callback: `${strapi.config.server.url}/auth/auth0/callback`,
scope: ['openid', 'email', 'profile'],
},
};
const prevGrantConfig = (await pluginStore.get({ key: 'grant' })) || {};
// store grant auth config to db
// when plugin_users-permissions_grant is not existed in db
// or we have added/deleted provider here.
if (!prevGrantConfig || !_.isEqual(_.keys(prevGrantConfig), _.keys(grantConfig))) {
// merge with the previous provider config.
_.keys(grantConfig).forEach(key => {
if (key in prevGrantConfig) {
grantConfig[key] = _.merge(grantConfig[key], prevGrantConfig[key]);
}
});
await pluginStore.set({ key: 'grant', value: grantConfig });
}
if (!(await pluginStore.get({ key: 'email' }))) {
const value = {
reset_password: {
display: 'Email.template.reset_password',
icon: 'sync',
options: {
from: {
name: 'Administration Panel',
email: 'no-reply@strapi.io',
},
response_email: '',
object: 'Reset password',
message: `<p>We heard that you lost your password. Sorry about that!</p>
<p>But dont worry! You can use the following link to reset your password:</p>
<p><%= URL %>?code=<%= TOKEN %></p>
<p>Thanks.</p>`,
},
},
email_confirmation: {
display: 'Email.template.email_confirmation',
icon: 'check-square',
options: {
from: {
name: 'Administration Panel',
email: 'no-reply@strapi.io',
},
response_email: '',
object: 'Account confirmation',
message: `<p>Thank you for registering!</p>
<p>You have to confirm your email address. Please click on the link below.</p>
<p><%= URL %>?confirmation=<%= CODE %></p>
<p>Thanks.</p>`,
},
},
};
await pluginStore.set({ key: 'email', value });
}
if (!(await pluginStore.get({ key: 'advanced' }))) {
const value = {
unique_email: true,
allow_register: true,
email_confirmation: false,
email_reset_password: null,
email_confirmation_redirection: null,
default_role: 'authenticated',
};
await pluginStore.set({ key: 'advanced', value });
}
await strapi.plugins['users-permissions'].services.userspermissions.initialize();
if (!_.get(strapi.plugins['users-permissions'], 'config.jwtSecret')) {
const jwtSecret = uuid();
_.set(strapi.plugins['users-permissions'], 'config.jwtSecret', jwtSecret);
strapi.reload.isWatching = false;
await strapi.fs.writePluginFile(
'users-permissions',
'config/jwt.js',
`module.exports = {\n jwtSecret: process.env.JWT_SECRET || '${jwtSecret}'\n};`
);
strapi.reload.isWatching = true;
}
await strapi.admin.services.permission.actionProvider.registerMany(
usersPermissionsActions.actions
);
};