{"version":3,"file":"users-permissions.mjs","sources":["../../../server/strategies/users-permissions.js"],"sourcesContent":["'use strict';\n\nconst { castArray, map, every, pipe } = require('lodash/fp');\nconst { ForbiddenError, UnauthorizedError } = require('@strapi/utils').errors;\n\nconst { getService } = require('../utils');\n\nconst getAdvancedSettings = () => {\n  return strapi.store({ type: 'plugin', name: 'users-permissions' }).get({ key: 'advanced' });\n};\n\nconst authenticate = async (ctx) => {\n  try {\n    const token = await getService('jwt').getToken(ctx);\n\n    if (token) {\n      const { id } = token;\n\n      // Invalid token\n      if (id === undefined) {\n        return { authenticated: false };\n      }\n\n      const user = await getService('user').fetchAuthenticatedUser(id);\n\n      // No user associated to the token\n      if (!user) {\n        return { error: 'Invalid credentials' };\n      }\n\n      const advancedSettings = await getAdvancedSettings();\n\n      // User not confirmed\n      if (advancedSettings.email_confirmation && !user.confirmed) {\n        return { error: 'Invalid credentials' };\n      }\n\n      // User blocked\n      if (user.blocked) {\n        return { error: 'Invalid credentials' };\n      }\n\n      // Fetch user's permissions\n      const permissions = await Promise.resolve(user.role.id)\n        .then(getService('permission').findRolePermissions)\n        .then(map(getService('permission').toContentAPIPermission));\n\n      // Generate an ability (content API engine) based on the given permissions\n      const ability = await strapi.contentAPI.permissions.engine.generateAbility(permissions);\n\n      ctx.state.user = user;\n\n      return {\n        authenticated: true,\n        credentials: user,\n        ability,\n      };\n    }\n\n    const publicPermissions = await getService('permission')\n      .findPublicPermissions()\n      .then(map(getService('permission').toContentAPIPermission));\n\n    if (publicPermissions.length === 0) {\n      return { authenticated: false };\n    }\n\n    const ability = await strapi.contentAPI.permissions.engine.generateAbility(publicPermissions);\n\n    return {\n      authenticated: true,\n      credentials: null,\n      ability,\n    };\n  } catch (err) {\n    return { authenticated: false };\n  }\n};\n\nconst verify = async (auth, config) => {\n  const { credentials: user, ability } = auth;\n\n  if (!config.scope) {\n    if (!user) {\n      // A non authenticated user cannot access routes that do not have a scope\n      throw new UnauthorizedError();\n    } else {\n      // An authenticated user can access non scoped routes\n      return;\n    }\n  }\n\n  // If no ability have been generated, then consider auth is missing\n  if (!ability) {\n    throw new UnauthorizedError();\n  }\n\n  const isAllowed = pipe(\n    // Make sure we're dealing with an array\n    castArray,\n    // Transform the scope array into an action array\n    every((scope) => ability.can(scope))\n  )(config.scope);\n\n  if (!isAllowed) {\n    throw new ForbiddenError();\n  }\n};\n\nmodule.exports = {\n  name: 'users-permissions',\n  authenticate,\n  verify,\n};\n"],"names":["castArray","map","every","pipe","require$$0","ForbiddenError","UnauthorizedError","require$$1","errors","getService","require$$2","getAdvancedSettings","strapi","store","type","name","get","key","authenticate","ctx","token","getToken","id","undefined","authenticated","user","fetchAuthenticatedUser","error","advancedSettings","email_confirmation","confirmed","blocked","permissions","Promise","resolve","role","then","findRolePermissions","toContentAPIPermission","ability","contentAPI","engine","generateAbility","state","credentials","publicPermissions","findPublicPermissions","length","err","verify","auth","config","scope","isAllowed","can","usersPermissions"],"mappings":";;;;;;;;;IAEA,MAAM,EAAEA,SAAS,EAAEC,GAAG,EAAEC,KAAK,EAAEC,IAAI,EAAE,GAAGC,UAAAA;AACxC,IAAA,MAAM,EAAEC,cAAc,EAAEC,iBAAiB,EAAE,GAAGC,WAAyBC,MAAM;IAE7E,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,mBAAAA,GAAsB,IAAA;QAC1B,OAAOC,MAAAA,CAAOC,KAAK,CAAC;YAAEC,IAAAA,EAAM,QAAA;YAAUC,IAAAA,EAAM;AAAmB,SAAA,CAAA,CAAIC,GAAG,CAAC;YAAEC,GAAAA,EAAK;AAAU,SAAA,CAAA;AAC1F,IAAA,CAAA;AAEA,IAAA,MAAMC,eAAe,OAAOC,GAAAA,GAAAA;QAC1B,IAAI;AACF,YAAA,MAAMC,KAAAA,GAAQ,MAAMX,UAAAA,CAAW,KAAA,CAAA,CAAOY,QAAQ,CAACF,GAAAA,CAAAA;AAE/C,YAAA,IAAIC,KAAAA,EAAO;gBACT,MAAM,EAAEE,EAAE,EAAE,GAAGF,KAAAA;;AAGf,gBAAA,IAAIE,OAAOC,SAAAA,EAAW;oBACpB,OAAO;wBAAEC,aAAAA,EAAe;AAAK,qBAAA;AACrC,gBAAA;AAEM,gBAAA,MAAMC,IAAAA,GAAO,MAAMhB,UAAAA,CAAW,MAAA,CAAA,CAAQiB,sBAAsB,CAACJ,EAAAA,CAAAA;;AAG7D,gBAAA,IAAI,CAACG,IAAAA,EAAM;oBACT,OAAO;wBAAEE,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;AAEM,gBAAA,MAAMC,mBAAmB,MAAMjB,mBAAAA,EAAAA;;AAG/B,gBAAA,IAAIiB,iBAAiBC,kBAAkB,IAAI,CAACJ,IAAAA,CAAKK,SAAS,EAAE;oBAC1D,OAAO;wBAAEH,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;;gBAGM,IAAIF,IAAAA,CAAKM,OAAO,EAAE;oBAChB,OAAO;wBAAEJ,KAAAA,EAAO;AAAqB,qBAAA;AAC7C,gBAAA;;gBAGM,MAAMK,WAAAA,GAAc,MAAMC,OAAAA,CAAQC,OAAO,CAACT,IAAAA,CAAKU,IAAI,CAACb,EAAE,CAAA,CACnDc,IAAI,CAAC3B,UAAAA,CAAW,cAAc4B,mBAAmB,CAAA,CACjDD,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;;gBAG3D,MAAMC,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACV,WAAAA,CAAAA;gBAE3Eb,GAAAA,CAAIwB,KAAK,CAAClB,IAAI,GAAGA,IAAAA;gBAEjB,OAAO;oBACLD,aAAAA,EAAe,IAAA;oBACfoB,WAAAA,EAAanB,IAAAA;AACbc,oBAAAA;AACR,iBAAA;AACA,YAAA;YAEI,MAAMM,iBAAAA,GAAoB,MAAMpC,UAAAA,CAAW,YAAA,CAAA,CACxCqC,qBAAqB,EAAA,CACrBV,IAAI,CAACnC,GAAAA,CAAIQ,UAAAA,CAAW,YAAA,CAAA,CAAc6B,sBAAsB,CAAA,CAAA;YAE3D,IAAIO,iBAAAA,CAAkBE,MAAM,KAAK,CAAA,EAAG;gBAClC,OAAO;oBAAEvB,aAAAA,EAAe;AAAK,iBAAA;AACnC,YAAA;YAEI,MAAMe,OAAAA,GAAU,MAAM3B,MAAAA,CAAO4B,UAAU,CAACR,WAAW,CAACS,MAAM,CAACC,eAAe,CAACG,iBAAAA,CAAAA;YAE3E,OAAO;gBACLrB,aAAAA,EAAe,IAAA;gBACfoB,WAAAA,EAAa,IAAA;AACbL,gBAAAA;AACN,aAAA;AACA,QAAA,CAAA,CAAI,OAAOS,GAAAA,EAAK;YACZ,OAAO;gBAAExB,aAAAA,EAAe;AAAK,aAAA;AACjC,QAAA;AACA,IAAA,CAAA;IAEA,MAAMyB,MAAAA,GAAS,OAAOC,IAAAA,EAAMC,MAAAA,GAAAA;AAC1B,QAAA,MAAM,EAAEP,WAAAA,EAAanB,IAAI,EAAEc,OAAO,EAAE,GAAGW,IAAAA;QAEvC,IAAI,CAACC,MAAAA,CAAOC,KAAK,EAAE;AACjB,YAAA,IAAI,CAAC3B,IAAAA,EAAM;;AAET,gBAAA,MAAM,IAAInB,iBAAAA,EAAAA;YAChB,CAAA,MAAW;;AAEL,gBAAA;AACN,YAAA;AACA,QAAA;;AAGE,QAAA,IAAI,CAACiC,OAAAA,EAAS;AACZ,YAAA,MAAM,IAAIjC,iBAAAA,EAAAA;AACd,QAAA;QAEE,MAAM+C,SAAAA,GAAYlD;AAEhBH,QAAAA,SAAAA;AAEAE,QAAAA,KAAAA,CAAM,CAACkD,KAAAA,GAAUb,OAAAA,CAAQe,GAAG,CAACF,KAAAA,CAAAA,CAAAA,CAAAA,CAC7BD,OAAOC,KAAK,CAAA;AAEd,QAAA,IAAI,CAACC,SAAAA,EAAW;AACd,YAAA,MAAM,IAAIhD,cAAAA,EAAAA;AACd,QAAA;AACA,IAAA,CAAA;IAEAkD,gBAAAA,GAAiB;QACfxC,IAAAA,EAAM,mBAAA;AACNG,QAAAA,YAAAA;AACA+B,QAAAA;AACF,KAAA;;;;;;"}