@strapi/utils/dist/sanitize/sanitizers.mjs.map

Shared utilities for the Strapi packages

{"version":3,"file":"sanitizers.mjs","sources":["../../src/sanitize/sanitizers.ts"],"sourcesContent":["import { curry, isEmpty, isNil, isArray, isObject } from 'lodash/fp';\n\nimport { pipe as pipeAsync } from '../async';\nimport traverseEntity from '../traverse-entity';\nimport { isScalarAttribute, constants } from '../content-types';\n\nimport {\n  traverseQueryFilters,\n  traverseQuerySort,\n  traverseQueryPopulate,\n  traverseQueryFields,\n} from '../traverse';\n\nimport {\n  removePassword,\n  removePrivate,\n  removeDynamicZones,\n  removeMorphToRelations,\n  expandWildcardPopulate,\n} from './visitors';\nimport { isOperator } from '../operators';\n\nimport type { Model, Data } from '../types';\nimport type { Parent } from '../traverse/factory';\n\ninterface Context {\n  schema: Model;\n  getModel: (model: string) => Model;\n  parent?: Parent;\n}\n\nconst { ID_ATTRIBUTE, DOC_ID_ATTRIBUTE } = constants;\n\nconst sanitizePasswords = (ctx: Context) => async (entity: Data) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in sanitizePasswords');\n  }\n\n  return traverseEntity(removePassword, ctx, entity);\n};\n\nconst defaultSanitizeOutput = async (ctx: Context, entity: Data) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeOutput');\n  }\n\n  return traverseEntity(\n    (...args) => {\n      removePassword(...args);\n      removePrivate(...args);\n    },\n    ctx,\n    entity\n  );\n};\n\nconst defaultSanitizeFilters = curry((ctx: Context, filters: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeFilters');\n  }\n\n  return pipeAsync(\n    // Remove keys that are not attributes or valid operators\n    traverseQueryFilters(({ key, attribute }, { remove }) => {\n      const isAttribute = !!attribute;\n\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!isAttribute && !isOperator(key)) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove dynamic zones from filters\n    traverseQueryFilters(removeDynamicZones, ctx),\n    // Remove morpTo relations from filters\n    traverseQueryFilters(removeMorphToRelations, ctx),\n    // Remove passwords from filters\n    traverseQueryFilters(removePassword, ctx),\n    // Remove private from filters\n    traverseQueryFilters(removePrivate, ctx),\n    // Remove empty objects\n    traverseQueryFilters(({ key, value }, { remove }) => {\n      if (isObject(value) && isEmpty(value)) {\n        remove(key);\n      }\n    }, ctx)\n  )(filters);\n});\n\nconst defaultSanitizeSort = curry((ctx: Context, sort: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeSort');\n  }\n\n  return pipeAsync(\n    // Remove non attribute keys\n    traverseQuerySort(({ key, attribute }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!attribute) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove dynamic zones from sort\n    traverseQuerySort(removeDynamicZones, ctx),\n    // Remove morpTo relations from sort\n    traverseQuerySort(removeMorphToRelations, ctx),\n    // Remove private from sort\n    traverseQuerySort(removePrivate, ctx),\n    // Remove passwords from filters\n    traverseQuerySort(removePassword, ctx),\n    // Remove keys for empty non-scalar values\n    traverseQuerySort(({ key, attribute, value }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not removing it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!isScalarAttribute(attribute) && isEmpty(value)) {\n        remove(key);\n      }\n    }, ctx)\n  )(sort);\n});\n\nconst defaultSanitizeFields = curry((ctx: Context, fields: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeFields');\n  }\n\n  return pipeAsync(\n    // Only keep scalar attributes\n    traverseQueryFields(({ key, attribute }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (isNil(attribute) || !isScalarAttribute(attribute)) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove private fields\n    traverseQueryFields(removePrivate, ctx),\n    // Remove password fields\n    traverseQueryFields(removePassword, ctx),\n    // Remove nil values from fields array\n    (value) => (isArray(value) ? value.filter((field) => !isNil(field)) : value)\n  )(fields);\n});\n\nconst defaultSanitizePopulate = curry((ctx: Context, populate: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizePopulate');\n  }\n\n  return pipeAsync(\n    traverseQueryPopulate(expandWildcardPopulate, ctx),\n    traverseQueryPopulate(async ({ key, value, schema, attribute, getModel, path }, { set }) => {\n      if (attribute) {\n        return;\n      }\n\n      const parent = { key, path, schema, attribute } satisfies Parent;\n\n      if (key === 'sort') {\n        set(key, await defaultSanitizeSort({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'filters') {\n        set(key, await defaultSanitizeFilters({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'fields') {\n        set(key, await defaultSanitizeFields({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'populate') {\n        set(key, await defaultSanitizePopulate({ schema, getModel, parent }, value));\n      }\n    }, ctx),\n    // Remove private fields\n    traverseQueryPopulate(removePrivate, ctx)\n  )(populate);\n});\n\nexport {\n  sanitizePasswords,\n  defaultSanitizeOutput,\n  defaultSanitizeFilters,\n  defaultSanitizeSort,\n  defaultSanitizeFields,\n  defaultSanitizePopulate,\n};\n"],"names":["ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","constants","sanitizePasswords","ctx","entity","schema","Error","traverseEntity","removePassword","defaultSanitizeOutput","args","removePrivate","defaultSanitizeFilters","curry","filters","pipeAsync","traverseQueryFilters","key","attribute","remove","isAttribute","includes","isOperator","removeDynamicZones","removeMorphToRelations","value","isObject","isEmpty","defaultSanitizeSort","sort","traverseQuerySort","isScalarAttribute","defaultSanitizeFields","fields","traverseQueryFields","isNil","isArray","filter","field","defaultSanitizePopulate","populate","traverseQueryPopulate","expandWildcardPopulate","getModel","path","set","parent"],"mappings":";;;;;;;;;;;;;;;AA+BA,MAAM,EAAEA,YAAY,EAAEC,gBAAgB,EAAE,GAAGC,SAAAA;AAErCC,MAAAA,iBAAAA,GAAoB,CAACC,GAAAA,GAAiB,OAAOC,MAAAA,GAAAA;QACjD,IAAI,CAACD,GAAIE,CAAAA,MAAM,EAAE;AACf,YAAA,MAAM,IAAIC,KAAM,CAAA,qCAAA,CAAA;AAClB;QAEA,OAAOC,cAAAA,CAAeC,WAAgBL,GAAKC,EAAAA,MAAAA,CAAAA;AAC7C;AAEMK,MAAAA,qBAAAA,GAAwB,OAAON,GAAcC,EAAAA,MAAAA,GAAAA;IACjD,IAAI,CAACD,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,yCAAA,CAAA;AAClB;IAEA,OAAOC,cAAAA,CACL,CAAC,GAAGG,IAAAA,GAAAA;QACFF,SAAkBE,CAAAA,GAAAA,IAAAA,CAAAA;QAClBC,OAAiBD,CAAAA,GAAAA,IAAAA,CAAAA;AACnB,KAAA,EACAP,GACAC,EAAAA,MAAAA,CAAAA;AAEJ;AAEMQ,MAAAA,sBAAAA,GAAyBC,KAAM,CAAA,CAACV,GAAcW,EAAAA,OAAAA,GAAAA;IAClD,IAAI,CAACX,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,0CAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELC,oBAAqB,CAAA,CAAC,EAAEC,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;QAClD,MAAMC,WAAAA,GAAc,CAAC,CAACF,SAAAA;;;QAItB,IAAI;AAACnB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACG,WAAAA,IAAe,CAACE,UAAAA,CAAWL,GAAM,CAAA,EAAA;YACpCE,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEHa,oBAAqBO,CAAAA,SAAAA,EAAoBpB;IAEzCa,oBAAqBQ,CAAAA,SAAAA,EAAwBrB;IAE7Ca,oBAAqBR,CAAAA,SAAAA,EAAgBL;IAErCa,oBAAqBL,CAAAA,OAAAA,EAAeR;IAEpCa,oBAAqB,CAAA,CAAC,EAAEC,GAAG,EAAEQ,KAAK,EAAE,EAAE,EAAEN,MAAM,EAAE,GAAA;QAC9C,IAAIO,QAAAA,CAASD,KAAUE,CAAAA,IAAAA,OAAAA,CAAQF,KAAQ,CAAA,EAAA;YACrCN,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd,GACHW,CAAAA,CAAAA,CAAAA,OAAAA,CAAAA;AACJ,CAAA;AAEMc,MAAAA,mBAAAA,GAAsBf,KAAM,CAAA,CAACV,GAAc0B,EAAAA,IAAAA,GAAAA;IAC/C,IAAI,CAAC1B,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,uCAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELe,iBAAkB,CAAA,CAAC,EAAEb,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;;;QAG/C,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACC,SAAW,EAAA;YACdC,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEH2B,iBAAkBP,CAAAA,SAAAA,EAAoBpB;IAEtC2B,iBAAkBN,CAAAA,SAAAA,EAAwBrB;IAE1C2B,iBAAkBnB,CAAAA,OAAAA,EAAeR;IAEjC2B,iBAAkBtB,CAAAA,SAAAA,EAAgBL;IAElC2B,iBAAkB,CAAA,CAAC,EAAEb,GAAG,EAAEC,SAAS,EAAEO,KAAK,EAAE,EAAE,EAAEN,MAAM,EAAE,GAAA;;;QAGtD,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACc,iBAAAA,CAAkBb,SAAcS,CAAAA,IAAAA,OAAAA,CAAQF,KAAQ,CAAA,EAAA;YACnDN,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd,GACH0B,CAAAA,CAAAA,CAAAA,IAAAA,CAAAA;AACJ,CAAA;AAEMG,MAAAA,qBAAAA,GAAwBnB,KAAM,CAAA,CAACV,GAAc8B,EAAAA,MAAAA,GAAAA;IACjD,IAAI,CAAC9B,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,yCAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELmB,mBAAoB,CAAA,CAAC,EAAEjB,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;;;QAGjD,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAIkB,KAAMjB,CAAAA,SAAAA,CAAAA,IAAc,CAACa,iBAAAA,CAAkBb,SAAY,CAAA,EAAA;YACrDC,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEH+B,mBAAoBvB,CAAAA,OAAAA,EAAeR;IAEnC+B,mBAAoB1B,CAAAA,SAAAA,EAAgBL;IAEpC,CAACsB,KAAAA,GAAWW,OAAQX,CAAAA,KAAAA,CAAAA,GAASA,KAAMY,CAAAA,MAAM,CAAC,CAACC,KAAU,GAAA,CAACH,KAAMG,CAAAA,KAAAA,CAAAA,CAAAA,GAAUb,KACtEQ,CAAAA,CAAAA,MAAAA,CAAAA;AACJ,CAAA;AAEMM,MAAAA,uBAAAA,GAA0B1B,KAAM,CAAA,CAACV,GAAcqC,EAAAA,QAAAA,GAAAA;IACnD,IAAI,CAACrC,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,2CAAA,CAAA;AAClB;IAEA,OAAOS,IAAAA,CACL0B,sBAAsBC,SAAwBvC,EAAAA,GAAAA,CAAAA,EAC9CsC,sBAAsB,OAAO,EAAExB,GAAG,EAAEQ,KAAK,EAAEpB,MAAM,EAAEa,SAAS,EAAEyB,QAAQ,EAAEC,IAAI,EAAE,EAAE,EAAEC,GAAG,EAAE,GAAA;AACrF,QAAA,IAAI3B,SAAW,EAAA;AACb,YAAA;AACF;AAEA,QAAA,MAAM4B,MAAS,GAAA;AAAE7B,YAAAA,GAAAA;AAAK2B,YAAAA,IAAAA;AAAMvC,YAAAA,MAAAA;AAAQa,YAAAA;AAAU,SAAA;AAE9C,QAAA,IAAID,QAAQ,MAAQ,EAAA;YAClB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMW,mBAAoB,CAAA;AAAEvB,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACnE;AAEA,QAAA,IAAIR,QAAQ,SAAW,EAAA;YACrB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAML,sBAAuB,CAAA;AAAEP,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACtE;AAEA,QAAA,IAAIR,QAAQ,QAAU,EAAA;YACpB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMe,qBAAsB,CAAA;AAAE3B,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACrE;AAEA,QAAA,IAAIR,QAAQ,UAAY,EAAA;YACtB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMsB,uBAAwB,CAAA;AAAElC,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACvE;AACF,KAAA,EAAGtB;AAEHsC,IAAAA,qBAAAA,CAAsB9B,SAAeR,GACrCqC,CAAAA,CAAAA,CAAAA,QAAAA,CAAAA;AACJ,CAAA;;;;"}