New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix init reset password permission #6696
Conversation
Signed-off-by: Jim LAURIE <j.laurie6993@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM !
Signed-off-by: Jim LAURIE <j.laurie6993@gmail.com> Signed-off-by: harimkims <harimkims@gmail.com>
@@ -22,7 +22,7 @@ const DEFAULT_PERMISSIONS = [ | |||
type: 'users-permissions', | |||
roleType: 'public', | |||
}, | |||
{ action: 'changepassword', controller: 'auth', type: 'users-permissions', roleType: 'public' }, | |||
{ action: 'resetPassword', controller: 'auth', type: 'users-permissions', roleType: 'public' }, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alexandrebodin I know this is merged already, but this seems might not work as one might expect. The correct action name is resetpassword
. 🤔 Or is it case insensitive?
I also noticed that bug mentioin in the ticket a while ago and what I did was setting this permission programmatically. And I used exactly a lowercased action name:
const permissionQuery = strapi.query('permission', 'users-permissions')
const params = {
role: ID,
type: 'users-permissions',
controller: 'auth',
action: 'resetpassword'
}
<..>
if (!existingPermission) {
await permissionQuery.create({
...params,
enabled: true
})
}
This is also the name used in a DB:
Description of what you did:
When the
changepassword
function has been renamedresetpassword
.the init permissions hasn't been updated?
So the function has been no longer available by default for the public role.
close #6440