mirror of
				https://github.com/strapi/strapi.git
				synced 2025-10-20 12:31:29 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			43 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
			
		
		
	
	
			43 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
| 'use strict';
 | |
| 
 | |
| const userUID = 'plugin::users-permissions.user';
 | |
| const roleUID = 'plugin::users-permissions.role';
 | |
| 
 | |
| module.exports = ({ strapi }) => {
 | |
|   const { naming } = strapi.plugin('graphql').service('utils');
 | |
| 
 | |
|   const user = strapi.getModel(userUID);
 | |
|   const role = strapi.getModel(roleUID);
 | |
| 
 | |
|   const createRole = naming.getCreateMutationTypeName(role);
 | |
|   const updateRole = naming.getUpdateMutationTypeName(role);
 | |
|   const deleteRole = naming.getDeleteMutationTypeName(role);
 | |
|   const createUser = naming.getCreateMutationTypeName(user);
 | |
|   const updateUser = naming.getUpdateMutationTypeName(user);
 | |
|   const deleteUser = naming.getDeleteMutationTypeName(user);
 | |
| 
 | |
|   return {
 | |
|     // Disabled auth for some operations
 | |
|     'Mutation.login': { auth: false },
 | |
|     'Mutation.register': { auth: false },
 | |
|     'Mutation.forgotPassword': { auth: false },
 | |
|     'Mutation.resetPassword': { auth: false },
 | |
|     'Mutation.emailConfirmation': { auth: false },
 | |
|     'Mutation.changePassword': {
 | |
|       auth: {
 | |
|         scope: 'plugin::users-permissions.auth.changePassword',
 | |
|       },
 | |
|     },
 | |
| 
 | |
|     // Scoped auth for replaced CRUD operations
 | |
|     // Role
 | |
|     [`Mutation.${createRole}`]: { auth: { scope: [`${roleUID}.createRole`] } },
 | |
|     [`Mutation.${updateRole}`]: { auth: { scope: [`${roleUID}.updateRole`] } },
 | |
|     [`Mutation.${deleteRole}`]: { auth: { scope: [`${roleUID}.deleteRole`] } },
 | |
|     // User
 | |
|     [`Mutation.${createUser}`]: { auth: { scope: [`${userUID}.create`] } },
 | |
|     [`Mutation.${updateUser}`]: { auth: { scope: [`${userUID}.update`] } },
 | |
|     [`Mutation.${deleteUser}`]: { auth: { scope: [`${userUID}.destroy`] } },
 | |
|   };
 | |
| };
 | 
