Hello <@1148597817498140774>
Here is a way you can wrap the creation method. this is considered experimental for now
For example in
src/index.js
'use strict';
module.exports = {
/**
* An asynchronous register function that runs before
* your application is initialized.
*
* This gives you an opportunity to extend code.
*/
register({ strapi }) {
strapi.get('controllers').extend('admin::user', (ctrl) => {
const baseCreate = ctrl.create;
return Object.assign(ctrl, {
async create(ctx) {
// you can also use koa-compose
if (ctx.state.user.roles.some((role) => role.code === 'strapi-super-admin')) {
return baseCreate(ctx);
}
const selectedRoles = await strapi.db.query('admin::role').findMany({
where: {
id: {
$in: ctx.request.body.roles,
},
},
});
if (selectedRoles.some((role) => role.code === 'strapi-super-admin')) {
return ctx.badRequest('You cannot create a user with super-admin role');
}
return baseCreate(ctx);
},
});
});
},
/**
* An asynchronous bootstrap function that runs before
* your application gets started.
*
* This gives you an opportunity to set up your data model,
* run jobs, or perform some special logic.
*/
async bootstrap({ strapi }) {},
/**
* An asynchronous destroy function that runs before
* your application gets shut down.
*
* This gives you an opportunity to gracefully stop services you run.
*/
destroy({ strapi }) {},
};