Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix init reset password permission #6696

Merged
merged 1 commit into from Jun 16, 2020
Merged

Fix init reset password permission #6696

merged 1 commit into from Jun 16, 2020

Conversation

lauriejim
Copy link
Contributor

Description of what you did:

When the changepassword function has been renamed resetpassword.
the init permissions hasn't been updated?
So the function has been no longer available by default for the public role.

close #6440

@lauriejim
fix: init reset password permission close #6440
a1a3596 
Signed-off-by: Jim LAURIE <j.laurie6993@gmail.com>
@lauriejim lauriejim added issue: bug Issue reporting a bug source: plugin:users-permissions Source is plugin/users-permissions package labels Jun 16, 2020
@lauriejim lauriejim added this to the 3.0.3 milestone Jun 16, 2020
alexandrebodin
alexandrebodin approved these changes Jun 16, 2020
View reviewed changes
Copy link
Member

@alexandrebodin alexandrebodin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM !

@alexandrebodin alexandrebodin merged commit 4582c55 into master Jun 16, 2020
@alexandrebodin alexandrebodin deleted the fix-reset-password-permission branch June 16, 2020 09:51
iicdii pushed a commit to iicdii/strapi that referenced this pull request Jul 2, 2020
@lauriejim @iicdii
fix: init reset password permission close strapi#6440 (strapi#6696)
088b3a7 
Signed-off-by: Jim LAURIE <j.laurie6993@gmail.com>
Signed-off-by: harimkims <harimkims@gmail.com>
nicksp
nicksp reviewed Jul 10, 2020
View reviewed changes
packages/strapi-plugin-users-permissions/services/UsersPermissions.js
@@ -22,7 +22,7 @@ const DEFAULT_PERMISSIONS = [
type: 'users-permissions',
roleType: 'public',
},
{ action: 'changepassword', controller: 'auth', type: 'users-permissions', roleType: 'public' },
{ action: 'resetPassword', controller: 'auth', type: 'users-permissions', roleType: 'public' },
Copy link

@nicksp nicksp Jul 10, 2020
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@alexandrebodin I know this is merged already, but this seems might not work as one might expect. The correct action name is resetpassword. 🤔 Or is it case insensitive?

I also noticed that bug mentioin in the ticket a while ago and what I did was setting this permission programmatically. And I used exactly a lowercased action name:

const permissionQuery = strapi.query('permission', 'users-permissions')
const params = {
  role: ID,
  type: 'users-permissions',
  controller: 'auth',
  action: 'resetpassword'
}
<..>

if (!existingPermission) {
  await permissionQuery.create({
        ...params,
        enabled: true
    })
}

This is also the name used in a DB:

image

@MattieBelt MattieBelt mentioned this pull request Jul 14, 2020
Merged
This was referenced Jun 6, 2021
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicksp nicksp nicksp left review comments

@alexandrebodin alexandrebodin alexandrebodin approved these changes

Assignees

@alexandrebodin alexandrebodin

Labels
issue: bug Issue reporting a bug source: plugin:users-permissions Source is plugin/users-permissions package
Projects
None yet
Milestone
3.0.3
Development

Successfully merging this pull request may close these issues.

Reset Password permission is disabled by default
3 participants
@lauriejim @nicksp @alexandrebodin