How to use the strapi-utils.policy.globalPolicy function in strapi-utils
To help you get started, we’ve selected a few strapi-utils examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
strapi / strapi / packages / strapi-plugin-graphql / services / Mutation.js View on Github 
const [name, action] = resolverOf.split('.');
const controller = plugin
? _.get(
strapi.plugins,
`${plugin}.controllers.${_.toLower(name)}.${action}`
)
: _.get(strapi.controllers, `${_.toLower(name)}.${action}`);
if (!controller) {
return new Error(
`Cannot find the controller's action ${name}.${action}`
);
}
policiesFn[0] = policyUtils.globalPolicy(
undefined,
{
handler: `${name}.${action}`,
},
undefined,
plugin
);
}
if (strapi.plugins['users-permissions']) {
policies.unshift('plugins.users-permissions.permissions');
}
// Populate policies.
policies.forEach(policy =>
policyUtils.get(}
// Force policies of another action on a custom resolver.
if (_.isString(resolverOf) && !_.isEmpty(resolverOf)) {
// Retrieve the controller's action to be executed.
const [ name, action ] = resolverOf.split('.');
const controller = plugin ?
_.get(strapi.plugins, `${plugin}.controllers.${_.toLower(name)}.${action}`):
_.get(strapi.controllers, `${_.toLower(name)}.${action}`);
if (!controller) {
return new Error(`Cannot find the controller's action ${name}.${action}`);
}
policiesFn[0] = policyUtils.globalPolicy(undefined, {
handler: `${name}.${action}`
}, undefined, plugin);
}
if (strapi.plugins['users-permissions']) {
policies.push('plugins.users-permissions.permissions');
}
// Populate policies.
policies.forEach(policy => policyUtils.get(policy, plugin, policiesFn, `GraphQL query "${queryName}"`, name));
return async (obj, options, context) => {
// Hack to be able to handle permissions for each query.
const ctx = Object.assign(_.clone(context), {
request: Object.assign(_.clone(context.request), {
graphql: nullconst [name, action] = resolverOf.split('.');
const controller = plugin
? _.get(
strapi.plugins,
`${plugin}.controllers.${_.toLower(name)}.${action}`
)
: _.get(strapi.controllers, `${_.toLower(name)}.${action}`);
if (!controller) {
return new Error(
`Cannot find the controller's action ${name}.${action}`
);
}
policiesFn[0] = policyUtils.globalPolicy({
controller: name,
action,
plugin,
});
}
if (strapi.plugins['users-permissions']) {
policies.unshift('plugins.users-permissions.permissions');
}
// Populate policies.
policies.forEach(policy =>
policyUtils.get(
policy,
plugin,
policiesFn,// Force policies of another action on a custom resolver.
if (_.isString(resolverOf) && !_.isEmpty(resolverOf)) {
// Retrieve the controller's action to be executed.
const [name, action] = resolverOf.split('.');
const controller = plugin
? _.get(strapi.plugins, `${plugin}.controllers.${_.toLower(name)}.${action}`)
: _.get(strapi.controllers, `${_.toLower(name)}.${action}`);
if (!controller) {
return new Error(
`Cannot find the controller's action ${name}.${action}`,
);
}
policiesFn[0] = policyUtils.globalPolicy(
undefined,
{
handler: `${name}.${action}`,
},
undefined,
plugin,
);
}
if (strapi.plugins['users-permissions']) {
policies.push('plugins.users-permissions.permissions');
}
// Populate policies.
policies.forEach(policy =>
policyUtils.get(const controller = isSingular
? _.get(controllers, `${name}.findOne`)
: _.get(controllers, `${name}.find`);
if (!controller) {
return new Error(
`Cannot find the controller's action ${name}.${
isSingular ? 'findOne' : 'find'
}`,
);
}
// Push global policy to make sure the permissions will work as expected.
// We're trying to detect the controller name.
policiesFn.push(
policyUtils.globalPolicy(
undefined,
{
handler: `${name}.${isSingular ? 'findOne' : 'find'}`,
},
undefined,
plugin,
),
);
// Make the query compatible with our controller by
// setting in the context the parameters.
if (isSingular) {
return async (ctx, next) => {
ctx.params = {
...params,
[model.primaryKey]: ctx.params.id,}
const action = controller[actionName].bind(controller);
// Retrieve the API's name where the controller is located
// to access to the right validators
const currentApiName = finder(
strapi.plugins[plugin] || strapi.api || strapi.admin,
controller
);
// Init policies array.
const policies = [];
// Add the `globalPolicy`.
policies.push(policyUtils.globalPolicy(endpoint, value, route, plugin));
// Allow string instead of array of policies.
if (
!_.isArray(_.get(value, 'config.policies')) &&
!_.isEmpty(_.get(value, 'config.policies'))
) {
value.config.policies = [value.config.policies];
}
if (
_.isArray(_.get(value, 'config.policies')) &&
!_.isEmpty(_.get(value, 'config.policies'))
) {
_.forEach(value.config.policies, policy => {
policyUtils.get(policy, plugin, policies, endpoint, currentApiName);
});`${plugin}.controllers.${_.toLower(name)}.${action}`
)
: _.get(strapi.controllers, `${_.toLower(name)}.${action}`);
if (!controller) {
return new Error(
`Cannot find the controller's action ${name}.${action}`
);
}
// We're going to return a controller instead.
isController = true;
// Push global policy to make sure the permissions will work as expected.
policiesFn.push(
policyUtils.globalPolicy({
controller: name,
action,
plugin,
})
);
// Return the controller.
return controller;
} else if (resolver) {
// Function.
return resolver;
}
// We're going to return a controller instead.
isController = true;const controllers = plugin ? strapi.plugins[plugin].controllers : strapi.controllers;
// Try to find the controller that should be related to this model.
const controller = isSingular ?
_.get(controllers, `${name}.findOne`):
_.get(controllers, `${name}.find`);
if (!controller) {
return new Error(`Cannot find the controller's action ${name}.${isSingular ? 'findOne' : 'find'}`);
}
// Push global policy to make sure the permissions will work as expected.
// We're trying to detect the controller name.
policiesFn.push(
policyUtils.globalPolicy(undefined, {
handler: `${name}.${isSingular ? 'findOne' : 'find'}`
}, undefined, plugin)
);
// Make the query compatible with our controller by
// setting in the context the parameters.
if (isSingular) {
return async (ctx, next) => {
ctx.params = {
...params,
[model.primaryKey]: ctx.params.id
};
// Return the controller.
return controller(ctx, next);
};? strapi.plugins[plugin].controllers
: strapi.controllers;
// Try to find the controller that should be related to this model.
const controller = _.get(controllers, `${name}.${action}`);
if (!controller) {
return new Error(
`Cannot find the controller's action ${name}.${action}`
);
}
// Push global policy to make sure the permissions will work as expected.
// We're trying to detect the controller name.
policiesFn.push(
policyUtils.globalPolicy(
undefined,
{
handler: `${name}.${action}`,
},
undefined,
plugin
)
);
// Make the query compatible with our controller by
// setting in the context the parameters.
return async (ctx, next) => {
return controller(ctx, next);
};
})();strapi-utils
Shared utilities for the Strapi packages
Package Health Score
67 / 100Popular strapi-utils functions
- strapi-utils.buildQuery
- strapi-utils.cli.isStrapiApp
- strapi-utils.commander.command
- strapi-utils.convertRestQueryParams
- strapi-utils.dictionary
- strapi-utils.dictionary.aggregate
- strapi-utils.dictionary.optional
- strapi-utils.knex
- strapi-utils.logger
- strapi-utils.logger.error
- strapi-utils.logger.info
- strapi-utils.logger.warn
- strapi-utils.models
- strapi-utils.models.convertParams
- strapi-utils.models.defineAssociations
- strapi-utils.models.getNature
- strapi-utils.policy
- strapi-utils.policy.get
- strapi-utils.policy.globalPolicy
- strapi-utils.sanitizeEntity