{"version":3,"file":"user.mjs","sources":["../../../server/services/user.js"],"sourcesContent":["'use strict';\n\n/**\n * User.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst crypto = require('crypto');\nconst bcrypt = require('bcryptjs');\nconst urlJoin = require('url-join');\n\nconst { sanitize } = require('@strapi/utils');\nconst { toNumber, getOr } = require('lodash/fp');\nconst { getService } = require('../utils');\n\nconst USER_MODEL_UID = 'plugin::users-permissions.user';\n\nconst getSessionManager = () => {\n  const manager = strapi.sessionManager;\n  return manager ?? null;\n};\n\nmodule.exports = ({ strapi }) => ({\n  /**\n   * Promise to count users\n   *\n   * @return {Promise}\n   */\n\n  count(params) {\n    return strapi.db.query(USER_MODEL_UID).count({ where: params });\n  },\n\n  /**\n   * Hashes password fields in the provided values object if they are present.\n   * It checks each key in the values object against the model's attributes and\n   * hashes it if the attribute type is 'password',\n   *\n   * @param {object} values - The object containing the fields to be hashed.\n   * @return {object} The values object with hashed password fields if they were present.\n   */\n  async ensureHashedPasswords(values) {\n    const attributes = strapi.getModel(USER_MODEL_UID).attributes;\n\n    for (const key in values) {\n      if (attributes[key] && attributes[key].type === 'password') {\n        // Check if a custom encryption.rounds has been set on the password attribute\n        const rounds = toNumber(getOr(10, 'encryption.rounds', attributes[key]));\n        values[key] = await bcrypt.hash(values[key], rounds);\n      }\n    }\n\n    return values;\n  },\n\n  /**\n   * Promise to add a/an user.\n   * @return {Promise}\n   */\n  async add(values) {\n    return strapi.db.query(USER_MODEL_UID).create({\n      data: await this.ensureHashedPasswords(values),\n      populate: ['role'],\n    });\n  },\n\n  /**\n   * Promise to edit a/an user.\n   * @param {string} userId\n   * @param {object} params\n   * @return {Promise}\n   */\n  async edit(userId, params = {}) {\n    return strapi.db.query(USER_MODEL_UID).update({\n      where: { id: userId },\n      data: await this.ensureHashedPasswords(params),\n      populate: ['role'],\n    });\n  },\n\n  /**\n   * Promise to fetch a/an user.\n   * @return {Promise}\n   */\n  fetch(id, params) {\n    const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n    return strapi.db.query(USER_MODEL_UID).findOne({\n      ...query,\n      where: {\n        $and: [{ id }, query.where || {}],\n      },\n    });\n  },\n\n  /**\n   * Promise to fetch authenticated user.\n   * @return {Promise}\n   */\n  fetchAuthenticatedUser(id) {\n    return strapi.db.query(USER_MODEL_UID).findOne({ where: { id }, populate: ['role'] });\n  },\n\n  /**\n   * Promise to fetch all users.\n   * @return {Promise}\n   */\n  fetchAll(params) {\n    const query = strapi.get('query-params').transform(USER_MODEL_UID, params ?? {});\n\n    return strapi.db.query(USER_MODEL_UID).findMany(query);\n  },\n\n  /**\n   * Promise to remove a/an user.\n   * @return {Promise}\n   */\n  async remove(params) {\n    // Invalidate sessions for all affected users\n    const sessionManager = getSessionManager();\n    if (sessionManager && sessionManager.hasOrigin('users-permissions') && params.id) {\n      await sessionManager('users-permissions').invalidateRefreshToken(String(params.id));\n    }\n\n    return strapi.db.query(USER_MODEL_UID).delete({ where: params });\n  },\n\n  validatePassword(password, hash) {\n    return bcrypt.compare(password, hash);\n  },\n\n  async sendConfirmationEmail(user) {\n    const userPermissionService = getService('users-permissions');\n    const pluginStore = await strapi.store({ type: 'plugin', name: 'users-permissions' });\n    const userSchema = strapi.getModel(USER_MODEL_UID);\n\n    const settings = await pluginStore\n      .get({ key: 'email' })\n      .then((storeEmail) => storeEmail.email_confirmation.options);\n\n    // Sanitize the template's user information\n    const sanitizedUserInfo = await sanitize.sanitizers.defaultSanitizeOutput(\n      {\n        schema: userSchema,\n        getModel: strapi.getModel.bind(strapi),\n      },\n      user\n    );\n\n    const confirmationToken = crypto.randomBytes(20).toString('hex');\n\n    await this.edit(user.id, { confirmationToken });\n\n    const apiPrefix = strapi.config.get('api.rest.prefix');\n\n    try {\n      settings.message = await userPermissionService.template(settings.message, {\n        URL: urlJoin(\n          strapi.config.get('server.absoluteUrl'),\n          apiPrefix,\n          '/auth/email-confirmation'\n        ),\n        SERVER_URL: strapi.config.get('server.absoluteUrl'),\n        ADMIN_URL: strapi.config.get('admin.absoluteUrl'),\n        USER: sanitizedUserInfo,\n        CODE: confirmationToken,\n      });\n\n      settings.object = await userPermissionService.template(settings.object, {\n        USER: sanitizedUserInfo,\n      });\n    } catch {\n      strapi.log.error(\n        '[plugin::users-permissions.sendConfirmationEmail]: Failed to generate a template for \"user confirmation email\". Please make sure your email template is valid and does not contain invalid characters or patterns'\n      );\n      return;\n    }\n\n    // Send an email to the user.\n    await strapi\n      .plugin('email')\n      .service('email')\n      .send({\n        to: user.email,\n        from:\n          settings.from.email && settings.from.name\n            ? `${settings.from.name} <${settings.from.email}>`\n            : undefined,\n        replyTo: settings.response_email,\n        subject: settings.object,\n        text: settings.message,\n        html: settings.message,\n      });\n  },\n});\n"],"names":["crypto","require$$0","bcrypt","require$$1","urlJoin","require$$2","sanitize","require$$3","toNumber","getOr","require$$4","getService","require$$5","USER_MODEL_UID","getSessionManager","manager","strapi","sessionManager","user","count","params","db","query","where","ensureHashedPasswords","values","attributes","getModel","key","type","rounds","hash","add","create","data","populate","edit","userId","update","id","fetch","get","transform","findOne","$and","fetchAuthenticatedUser","fetchAll","findMany","remove","hasOrigin","invalidateRefreshToken","String","delete","validatePassword","password","compare","sendConfirmationEmail","userPermissionService","pluginStore","store","name","userSchema","settings","then","storeEmail","email_confirmation","options","sanitizedUserInfo","sanitizers","defaultSanitizeOutput","schema","bind","confirmationToken","randomBytes","toString","apiPrefix","config","message","template","URL","SERVER_URL","ADMIN_URL","USER","CODE","object","log","error","plugin","service","send","to","email","from","undefined","replyTo","response_email","subject","text","html"],"mappings":";;;;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,MAASC,GAAAA,UAAAA;AACf,IAAA,MAAMC,MAASC,GAAAA,UAAAA;AACf,IAAA,MAAMC,OAAUC,GAAAA,UAAAA;IAEhB,MAAM,EAAEC,QAAQ,EAAE,GAAGC,YAAAA;AACrB,IAAA,MAAM,EAAEC,QAAQ,EAAEC,KAAK,EAAE,GAAGC,YAAAA;IAC5B,MAAM,EAAEC,UAAU,EAAE,GAAGC,YAAAA,EAAAA;AAEvB,IAAA,MAAMC,cAAiB,GAAA,gCAAA;AAEvB,IAAA,MAAMC,iBAAoB,GAAA,IAAA;QACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,QAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,KAAA;AAEAG,IAAAA,IAAAA,GAAiB,CAAC,EAAEF,MAAAA,EAAAA,OAAM,EAAE,IAAM;AAClC;;;;AAIA,OAEEG,OAAMC,MAAM,EAAA;AACV,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBM,KAAK,CAAC;oBAAEI,KAAOH,EAAAA;AAAM,iBAAA,CAAA;AAC7D,aAAA;AAEH;;;;;;;OAQE,MAAMI,uBAAsBC,MAAM,EAAA;AAChC,gBAAA,MAAMC,UAAaV,GAAAA,OAAAA,CAAOW,QAAQ,CAACd,gBAAgBa,UAAU;gBAE7D,IAAK,MAAME,OAAOH,MAAQ,CAAA;oBACxB,IAAIC,UAAU,CAACE,GAAAA,CAAI,IAAIF,UAAU,CAACE,GAAI,CAAA,CAACC,IAAI,KAAK,UAAY,EAAA;;AAE1D,wBAAA,MAAMC,SAAStB,QAASC,CAAAA,KAAAA,CAAM,IAAI,mBAAqBiB,EAAAA,UAAU,CAACE,GAAI,CAAA,CAAA,CAAA;wBACtEH,MAAM,CAACG,GAAI,CAAA,GAAG,MAAM1B,MAAAA,CAAO6B,IAAI,CAACN,MAAM,CAACG,GAAAA,CAAI,EAAEE,MAAAA,CAAAA;AAC9C;AACF;gBAED,OAAOL,MAAAA;AACR,aAAA;AAEH;;;OAIE,MAAMO,KAAIP,MAAM,EAAA;AACd,gBAAA,OAAOT,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBoB,MAAM,CAAC;AAC5CC,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACC,MAAAA,CAAAA;oBACvCU,QAAU,EAAA;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACG,aAAA;AAEH;;;;;AAKA,OACE,MAAMC,IAAKC,CAAAA,CAAAA,MAAM,EAAEjB,MAAAA,GAAS,EAAE,EAAA;AAC5B,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgByB,MAAM,CAAC;oBAC5Cf,KAAO,EAAA;wBAAEgB,EAAIF,EAAAA;AAAQ,qBAAA;AACrBH,oBAAAA,IAAAA,EAAM,MAAM,IAAI,CAACV,qBAAqB,CAACJ,MAAAA,CAAAA;oBACvCe,QAAU,EAAA;AAAC,wBAAA;AAAO;AACxB,iBAAA,CAAA;AACG,aAAA;AAEH;;;OAIEK,KAAAA,CAAAA,CAAMD,EAAE,EAAEnB,MAAM,EAAA;gBACd,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAgBO,EAAAA,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;AAC7C,oBAAA,GAAGrB,KAAK;oBACRC,KAAO,EAAA;wBACLqB,IAAM,EAAA;AAAC,4BAAA;AAAEL,gCAAAA;AAAE,6BAAA;4BAAIjB,KAAMC,CAAAA,KAAK,IAAI;AAAG;AAClC;AACP,iBAAA,CAAA;AACG,aAAA;AAEH;;;AAGA,OACEsB,wBAAuBN,EAAE,EAAA;AACvB,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgB8B,OAAO,CAAC;oBAAEpB,KAAO,EAAA;AAAEgB,wBAAAA;AAAE,qBAAA;oBAAIJ,QAAU,EAAA;AAAC,wBAAA;AAAO;AAAE,iBAAA,CAAA;AACrF,aAAA;AAEH;;;AAGA,OACEW,UAAS1B,MAAM,EAAA;gBACb,MAAME,KAAAA,GAAQN,QAAOyB,GAAG,CAAC,gBAAgBC,SAAS,CAAC7B,cAAgBO,EAAAA,MAAAA,IAAU,EAAA,CAAA;AAE7E,gBAAA,OAAOJ,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBkC,QAAQ,CAACzB,KAAAA,CAAAA;AACjD,aAAA;AAEH;;;OAIE,MAAM0B,QAAO5B,MAAM,EAAA;;AAEjB,gBAAA,MAAMH,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,gBAAA,IAAIG,kBAAkBA,cAAegC,CAAAA,SAAS,CAAC,mBAAwB7B,CAAAA,IAAAA,MAAAA,CAAOmB,EAAE,EAAE;AAChF,oBAAA,MAAMtB,eAAe,mBAAqBiC,CAAAA,CAAAA,sBAAsB,CAACC,MAAAA,CAAO/B,OAAOmB,EAAE,CAAA,CAAA;AAClF;AAED,gBAAA,OAAOvB,QAAOK,EAAE,CAACC,KAAK,CAACT,cAAAA,CAAAA,CAAgBuC,MAAM,CAAC;oBAAE7B,KAAOH,EAAAA;AAAM,iBAAA,CAAA;AAC9D,aAAA;YAEDiC,gBAAiBC,CAAAA,CAAAA,QAAQ,EAAEvB,IAAI,EAAA;gBAC7B,OAAO7B,MAAAA,CAAOqD,OAAO,CAACD,QAAUvB,EAAAA,IAAAA,CAAAA;AACjC,aAAA;AAED,YAAA,MAAMyB,uBAAsBtC,IAAI,EAAA;AAC9B,gBAAA,MAAMuC,wBAAwB9C,UAAW,CAAA,mBAAA,CAAA;AACzC,gBAAA,MAAM+C,WAAc,GAAA,MAAM1C,OAAO2C,CAAAA,KAAK,CAAC;oBAAE9B,IAAM,EAAA,QAAA;oBAAU+B,IAAM,EAAA;AAAmB,iBAAA,CAAA;gBAClF,MAAMC,UAAAA,GAAa7C,OAAOW,CAAAA,QAAQ,CAACd,cAAAA,CAAAA;AAEnC,gBAAA,MAAMiD,QAAW,GAAA,MAAMJ,WACpBjB,CAAAA,GAAG,CAAC;oBAAEb,GAAK,EAAA;mBACXmC,IAAI,CAAC,CAACC,aAAeA,UAAWC,CAAAA,kBAAkB,CAACC,OAAO,CAAA;;AAG7D,gBAAA,MAAMC,oBAAoB,MAAM7D,QAAAA,CAAS8D,UAAU,CAACC,qBAAqB,CACvE;oBACEC,MAAQT,EAAAA,UAAAA;AACRlC,oBAAAA,QAAAA,EAAUX,OAAOW,CAAAA,QAAQ,CAAC4C,IAAI,CAACvD,OAAAA;iBAEjCE,EAAAA,IAAAA,CAAAA;AAGF,gBAAA,MAAMsD,oBAAoBxE,MAAOyE,CAAAA,WAAW,CAAC,EAAA,CAAA,CAAIC,QAAQ,CAAC,KAAA,CAAA;AAE1D,gBAAA,MAAM,IAAI,CAACtC,IAAI,CAAClB,IAAAA,CAAKqB,EAAE,EAAE;AAAEiC,oBAAAA;AAAiB,iBAAA,CAAA;AAE5C,gBAAA,MAAMG,SAAY3D,GAAAA,OAAAA,CAAO4D,MAAM,CAACnC,GAAG,CAAC,iBAAA,CAAA;gBAEpC,IAAI;oBACFqB,QAASe,CAAAA,OAAO,GAAG,MAAMpB,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASe,OAAO,EAAE;AACxEE,wBAAAA,GAAAA,EAAK3E,QACHY,OAAO4D,CAAAA,MAAM,CAACnC,GAAG,CAAC,uBAClBkC,SACA,EAAA,0BAAA,CAAA;AAEFK,wBAAAA,UAAAA,EAAYhE,OAAO4D,CAAAA,MAAM,CAACnC,GAAG,CAAC,oBAAA,CAAA;AAC9BwC,wBAAAA,SAAAA,EAAWjE,OAAO4D,CAAAA,MAAM,CAACnC,GAAG,CAAC,mBAAA,CAAA;wBAC7ByC,IAAMf,EAAAA,iBAAAA;wBACNgB,IAAMX,EAAAA;AACd,qBAAA,CAAA;oBAEMV,QAASsB,CAAAA,MAAM,GAAG,MAAM3B,qBAAAA,CAAsBqB,QAAQ,CAAChB,QAAAA,CAASsB,MAAM,EAAE;wBACtEF,IAAMf,EAAAA;AACd,qBAAA,CAAA;AACA,iBAAA,CAAM,OAAM;oBACNnD,OAAOqE,CAAAA,GAAG,CAACC,KAAK,CACd,mNAAA,CAAA;AAEF,oBAAA;AACD;;gBAGD,MAAMtE,OAAAA,CACHuE,MAAM,CAAC,OAAA,CAAA,CACPC,OAAO,CAAC,OAAA,CAAA,CACRC,IAAI,CAAC;AACJC,oBAAAA,EAAAA,EAAIxE,KAAKyE,KAAK;oBACdC,IACE9B,EAAAA,QAAAA,CAAS8B,IAAI,CAACD,KAAK,IAAI7B,QAAS8B,CAAAA,IAAI,CAAChC,IAAI,GACrC,CAAC,EAAEE,QAAAA,CAAS8B,IAAI,CAAChC,IAAI,CAAC,EAAE,EAAEE,QAAAA,CAAS8B,IAAI,CAACD,KAAK,CAAC,CAAC,CAAC,GAChDE,SAAAA;AACNC,oBAAAA,OAAAA,EAAShC,SAASiC,cAAc;AAChCC,oBAAAA,OAAAA,EAASlC,SAASsB,MAAM;AACxBa,oBAAAA,IAAAA,EAAMnC,SAASe,OAAO;AACtBqB,oBAAAA,IAAAA,EAAMpC,SAASe;AACvB,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}