Software: Apache/2.4.41 (Ubuntu). PHP/8.0.30 uname -a: Linux apirnd 5.4.0-204-generic #224-Ubuntu SMP Thu Dec 5 13:38:28 UTC 2024 x86_64 uid=33(www-data) gid=33(www-data) groups=33(www-data) Safe-mode: OFF (not secure) /usr/local/lib/node_modules/strapi/node_modules/strapi-utils/lib/ drwxr-xr-x | |
| Viewing file: Select action/file-type: 'use strict';
const _ = require('lodash');
const sanitizeEntity = (dataSource, options) => {
const { model, withPrivate = false, isOutput = true, includeFields = null } = options;
if (typeof dataSource !== 'object' || _.isNil(dataSource)) {
return dataSource;
}
const data = parseOriginalData(dataSource);
if (typeof data !== 'object') {
return data;
}
if (_.isNil(model)) {
return null;
}
const { attributes } = model;
const allowedFields = getAllowedFields({ includeFields, model, isOutput });
const reducerFn = (acc, value, key) => {
const attribute = attributes[key];
const allowedFieldsHasKey = allowedFields.includes(key);
if (shouldRemoveAttribute(attribute, { withPrivate, isOutput })) {
return acc;
}
// Relations
const relation = attribute && (attribute.model || attribute.collection || attribute.component);
if (relation) {
if (_.isNil(value)) {
return { ...acc, [key]: value };
}
const [nextFields, isAllowed] = includeFields
? getNextFields(allowedFields, key, { allowedFieldsHasKey })
: [null, true];
if (!isAllowed) {
return acc;
}
const nextOptions = {
model: strapi.getModel(relation, attribute.plugin),
withPrivate,
isOutput,
includeFields: nextFields,
};
const nextVal = Array.isArray(value)
? value.map(elem => sanitizeEntity(elem, nextOptions))
: sanitizeEntity(value, nextOptions);
return { ...acc, [key]: nextVal };
}
// Dynamic zones
if (attribute && attribute.type === 'dynamiczone' && value !== null && allowedFieldsHasKey) {
const nextVal = value.map(elem =>
sanitizeEntity(elem, {
model: strapi.getModel(elem.__component),
withPrivate,
isOutput,
})
);
return { ...acc, [key]: nextVal };
}
// Other fields
const isAllowedField = !includeFields || allowedFieldsHasKey;
if (isAllowedField) {
return { ...acc, [key]: value };
}
return acc;
};
return _.reduce(data, reducerFn, {});
};
const parseOriginalData = data => (_.isFunction(data.toJSON) ? data.toJSON() : data);
const CREATOR_FIELDS = ['created_by', 'updated_by'];
const COMPONENT_FIELDS = ['__component'];
const STATIC_FIELDS = ['id', '__v'];
const getAllowedFields = ({ includeFields, model, isOutput }) => {
const { options, primaryKey } = model;
const timestamps = options.timestamps || [];
return _.concat(
includeFields || [],
...(isOutput
? [primaryKey, timestamps, STATIC_FIELDS, COMPONENT_FIELDS, CREATOR_FIELDS]
: [primaryKey, STATIC_FIELDS, COMPONENT_FIELDS])
);
};
const getNextFields = (fields, key, { allowedFieldsHasKey }) => {
const searchStr = `${key}.`;
const transformedFields = (fields || [])
.filter(field => field.startsWith(searchStr))
.map(field => field.replace(searchStr, ''));
const isAllowed = allowedFieldsHasKey || transformedFields.length > 0;
const nextFields = allowedFieldsHasKey ? null : transformedFields;
return [nextFields, isAllowed];
};
const shouldRemoveAttribute = (attribute, { withPrivate, isOutput }) => {
if (_.isNil(attribute)) {
return false;
}
const isPassword = attribute.type === 'password';
const isPrivate = attribute.private === true;
const shouldRemovePassword = isOutput;
const shouldRemovePrivate = !withPrivate && isOutput;
return !!((isPassword && shouldRemovePassword) || (isPrivate && shouldRemovePrivate));
};
module.exports = sanitizeEntity;
|
:: Command execute :: | |
--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0362 ]-- |