{"version":3,"file":"user.mjs","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nconst getSessionManager = () => {\n  const manager = strapi.sessionManager;\n  return manager ?? null;\n};\n\nmodule.exports = ({ strapi }) => ({\n  /**\n   * Promise to count users\n   *\n   * @return {Promise}\n   */\n\n  count(params) {\n    return strapi.db.query(USER_MODEL_UID).count({ where: params });\n  },\n\n  /**\n   * Hashes password fields in the provided values object if they are present.\n   * It checks each key in the values object against the model's attributes and\n   * hashes it if the attribute type is 'password',\n   *\n   * @param {object} values - The object containing the fields to be hashed.\n   * @return {object} The values object with hashed password fields if they were present.\n   */\n  async ensureHashedPasswords(values) {\n    const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n    for (const key in values) {\n      if (attributes[key] && attributes[key].type === 'password') {\n        // Check if a custom encryption.rounds has been set on the password attribute\n        const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n        values[key] = await bcrypt.hash(values[key], rounds);\n      }\n    }\n\n    return values;\n  },\n\n  /**\n   * Promise to add a/an user.\n   * @return {Promise}\n   */\n  async add(values) {\n    return strapi.db.query(USER_MODEL_UID).create({\n      data: await this.ensureHashedPasswords(values),\n      populate: ['role'],\n    });\n  },\n\n  /**\n   * Promise to edit a/an user.\n   * @param {string} userId\n   * @param {object} params\n   * @return {Promise}\n   */\n  async edit(userId, params = {}) {\n    return strapi.db.query(USER_MODEL_UID).update({\n      where: { id: userId },\n      data: await this.ensureHashedPasswords(params),\n      populate: ['role'],\n    });\n  },\n\n  /**\n   * Promise to fetch a/an user.\n   * @return {Promise}\n   */\n  fetch(id, params) {\n    const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n    return strapi.db.query(USER_MODEL_UID).findOne({\n      ...query,\n      where: {\n        $and: [{ id }, query.where || {}],\n      },\n    });\n  },\n\n  /**\n   * Promise to fetch authenticated user.\n   * @return {Promise}\n   */\n  fetchAuthenticatedUser(id) {\n    return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n  },\n\n  /**\n   * Promise to fetch all users.\n   * @return {Promise}\n   */\n  fetchAll(params) {\n    const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n    return strapi.db.query(USER_MODEL_UID).findMany(query);\n  },\n\n  /**\n   * Promise to remove a/an user.\n   * @return {Promise}\n   */\n  async remove(params) {\n    // Invalidate sessions for all affected users\n    const sessionManager = getSessionManager();\n    if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {\n      await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));\n    }\n\n    return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n  },\n\n  validatePassword(password, hash) {\n    return bcrypt.compare(password, hash);\n  },\n\n  async sendConfirmationEmail(user) {\n    const userPermissionService = getService('users-permissions');\n    const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n    const userSchema = strapi.getModel(USER_MODEL_UID);\n\n    const settings = await pluginStore\n      .get({ key: 'email' })\n      .then((storeEmail) => storeEmail.email_confirmation.options);\n\n    // Sanitize the template's user information\n    const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n      {\n        schema: userSchema,\n        getModel: strapi.getModel.bind(strapi),\n      },\n      user\n    );\n\n    const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n    await this.edit(user.id, { confirmationToken });\n\n    const apiPrefix = strapi.config.get('api.rest.prefix');\n\n    try {\n      settings.message = await userPermissionService.template(settings.message, {\n        URL: urlJoin(\n          strapi.config.get('server.absoluteUrl'),\n          apiPrefix,\n          '/auth/email-confirmation'\n        ),\n        SERVER_URL: strapi.config.get('server.absoluteUrl'),\n        ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n        USER: sanitizedUserInfo,\n        CODE: confirmationToken,\n      });\n\n      settings.object = await userPermissionService.template(settings.object, {\n        USER: sanitizedUserInfo,\n      });\n    } catch {\n      strapi.log.error(\n        '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n      );\n      return;\n    }\n\n    // Send an email to the user.\n    await strapi\n      .plugin('email')\n      .service('email')\n      .send({\n        to: user.email,\n        from:\n          settings.from.email && settings.from.name\n            ? `${settings.from.name} <${settings.from.email}>`\n            : undefined,\n        replyTo: settings.response_email,\n        subject: settings.object,\n        text: settings.message,\n        html: settings.message,\n      });\n  },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","getSessionManager","manager","strapi","sessionManager","user","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","create","data","populate","edit","userId","update","id","fetch","get","transform","findOne","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","hasOrigin","invalidateRefreshToken","String","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,MAAAA,GAASC,YAAAA;AACf,IAAA,MAAMC,OAAAA,GAAUC,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,UAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,UAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAAA,GAAiB,gCAAA;AAEvB,IAAA,MAAMC,iBAAAA,GAAoB,IAAA;QACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,QAAA,OAAOF,OAAAA,IAAW,IAAA;AACpB,IAAA,CAAA;AAEAG,IAAAA,IAAAA,GAAiB,CAAC,EAAEF,MAAAA,EAAAA,OAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEG,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBM,KAAK,CAAC;oBAAEI,KAAAA,EAAOH;;AAC1D,YAAA,CAAA;AAEA;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAAA,GAAaV,OAAAA,CAAOW,QAAQ,CAACd,gBAAgBa,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAAA,CAAQ;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAAA,CAAI,CAACC,IAAI,KAAK,UAAA,EAAY;;AAE1D,wBAAA,MAAMC,SAAStB,QAAAA,CAASC,KAAAA,CAAM,IAAI,mBAAA,EAAqBiB,UAAU,CAACE,GAAAA,CAAI,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAAA,CAAI,GAAG,MAAM1B,MAAAA,CAAO6B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AACrD,oBAAA;AACA,gBAAA;gBAEI,OAAOL,MAAAA;AACX,YAAA,CAAA;AAEA;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;AACd,gBAAA,OAAOT,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBoB,MAAM,CAAC;AAC5CC,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACC,MAAAA,CAAAA;oBACvCU,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;;;AAKA,OACE,MAAMC,IAAAA,CAAAA,CAAKC,MAAM,EAAEjB,MAAAA,GAAS,EAAE,EAAA;AAC5B,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgByB,MAAM,CAAC;oBAC5Cf,KAAAA,EAAO;wBAAEgB,EAAAA,EAAIF;AAAM,qBAAA;AACnBH,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACJ,MAAAA,CAAAA;oBACvCe,QAAAA,EAAU;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;OAIEK,KAAAA,CAAAA,CAAMD,EAAE,EAAEnB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;AAC7C,oBAAA,GAAGrB,KAAK;oBACRC,KAAAA,EAAO;wBACLqB,IAAAA,EAAM;AAAC,4BAAA;AAAEL,gCAAAA;AAAE,6BAAA;4BAAIjB,KAAAA,CAAMC,KAAK,IAAI;AAAG;AACzC;AACA,iBAAA,CAAA;AACA,YAAA,CAAA;AAEA;;;AAGA,OACEsB,wBAAuBN,EAAE,EAAA;AACvB,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;oBAAEpB,KAAAA,EAAO;AAAEgB,wBAAAA;AAAE,qBAAA;oBAAIJ,QAAAA,EAAU;AAAC,wBAAA;AAAO;AAAA,iBAAA,CAAA;AACtF,YAAA,CAAA;AAEA;;;AAGA,OACEW,UAAS1B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAAA,EAAgBO,MAAAA,IAAU;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBkC,QAAQ,CAACzB,KAAAA,CAAAA;AACpD,YAAA,CAAA;AAEA;;;OAIE,MAAM0B,QAAO5B,MAAM,EAAA;;AAEjB,gBAAA,MAAMH,cAAAA,GAAiBH,iBAAAA,EAAAA;AACvB,gBAAA,IAAIG,kBAAkBA,cAAAA,CAAegC,SAAS,CAAC,mBAAA,CAAA,IAAwB7B,MAAAA,CAAOmB,EAAE,EAAE;AAChF,oBAAA,MAAMtB,eAAe,mBAAA,CAAA,CAAqBiC,sBAAsB,CAACC,MAAAA,CAAO/B,OAAOmB,EAAE,CAAA,CAAA;AACvF,gBAAA;AAEI,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBuC,MAAM,CAAC;oBAAE7B,KAAAA,EAAOH;;AAC3D,YAAA,CAAA;YAEEiC,gBAAAA,CAAAA,CAAiBC,QAAQ,EAAEvB,IAAI,EAAA;gBAC7B,OAAO7B,MAAAA,CAAOqD,OAAO,CAACD,QAAAA,EAAUvB,IAAAA,CAAAA;AACpC,YAAA,CAAA;AAEE,YAAA,MAAMyB,uBAAsBtC,IAAI,EAAA;AAC9B,gBAAA,MAAMuC,wBAAwB9C,UAAAA,CAAW,mBAAA,CAAA;AACzC,gBAAA,MAAM+C,WAAAA,GAAc,MAAM1C,OAAAA,CAAO2C,KAAK,CAAC;oBAAE9B,IAAAA,EAAM,QAAA;oBAAU+B,IAAAA,EAAM;;gBAC/D,MAAMC,UAAAA,GAAa7C,OAAAA,CAAOW,QAAQ,CAACd,cAAAA,CAAAA;AAEnC,gBAAA,MAAMiD,QAAAA,GAAW,MAAMJ,WAAAA,CACpBjB,GAAG,CAAC;oBAAEb,GAAAA,EAAK;AAAO,iBAAA,CAAA,CAClBmC,IAAI,CAAC,CAACC,aAAeA,UAAAA,CAAWC,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAM7D,QAAAA,CAAS8D,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAAA,EAAQT,UAAAA;AACRlC,oBAAAA,QAAAA,EAAUX,OAAAA,CAAOW,QAAQ,CAAC4C,IAAI,CAACvD,OAAAA;iBACvC,EACME,IAAAA,CAAAA;AAGF,gBAAA,MAAMsD,oBAAoBxE,MAAAA,CAAOyE,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACtC,IAAI,CAAClB,IAAAA,CAAKqB,EAAE,EAAE;AAAEiC,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAAA,GAAY3D,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFqB,QAAAA,CAASe,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAK3E,QACHY,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,uBAClBkC,SAAAA,EACA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAYhE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,oBAAA,CAAA;AAC9BwC,wBAAAA,SAAAA,EAAWjE,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,mBAAA,CAAA;wBAC7ByC,IAAAA,EAAMf,iBAAAA;wBACNgB,IAAAA,EAAMX;AACd,qBAAA,CAAA;oBAEMV,QAAAA,CAASsB,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAAA,EAAMf;AACd,qBAAA,CAAA;AACA,gBAAA,CAAA,CAAM,OAAM;oBACNnD,OAAAA,CAAOqE,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACN,gBAAA;;gBAGI,MAAMtE,OAAAA,CACHuE,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAIxE,KAAKyE,KAAK;oBACdC,IAAAA,EACE9B,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,SAAS8B,IAAI,CAAChC,IAAA,GACjC,CAAA,EAAGE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAA,GAC/CE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACA,YAAA;SACA,CAAA;;;;;;"}