I created this structure:
api/
└── user-permissions/
└── config/
└── routes.json
└── controllers/
└── role.js
└── user.js
└── policies/
└── isSuperAdminOrClientSuperAdmin.js
└── models/
└── role.settings.json
routes.json
{
"routes": [
{
"method": "GET",
"path": "/roles",
"handler": "role.find",
"config": {
"policies": ["global::isSuperAdminOrClientSuperAdmin"]
}
},
{
"method": "POST",
"path": "/roles",
"handler": "role.create",
"config": {
"policies": ["global::isSuperAdminOrClientSuperAdmin"]
}
},
{
"method": "GET",
"path": "/users",
"handler": "user.find",
"config": {
"policies": ["global::isSuperAdminOrClientSuperAdmin"]
}
},
{
"method": "POST",
"path": "/users",
"handler": "user.create",
"config": {
"policies": ["global::isSuperAdminOrClientSuperAdmin"]
}
}
]
}
role.js
'use strict';
const { sanitize } = require('@strapi/utils');
module.exports = {
async find(ctx) {
const { user } = ctx.state;
console.log('Current User in find roles:', user);
let roles;
if (user.role.name === 'Super Admin') {
roles = await strapi.query('plugin::users-permissions.role').findMany();
} else if (user.role.name === 'Client Super Admin') {
roles = await strapi.query('plugin::users-permissions.role').findMany({
where: { type: 'client-super-admin' },
});
} else {
return ctx.forbidden('Você não tem permissão para visualizar roles.');
}
const schema = strapi.getModel('plugin::users-permissions.role');
console.log('Roles found:', roles);
return await sanitize.contentAPI.output(roles, schema);
},
async create(ctx) {
const { user } = ctx.state;
console.log('Current User in create roles:', user);
let role;
if (user.role.name === 'Super Admin') {
role = await strapi.query('plugin::users-permissions.role').create({
data: ctx.request.body,
});
} else if (user.role.name === 'Client Super Admin') {
role = await strapi.query('plugin::users-permissions.role').create({
data: {
...ctx.request.body,
type: 'client-super-admin',
},
});
} else {
return ctx.forbidden('Você não tem permissão para criar roles.');
}
const schema = strapi.getModel('plugin::users-permissions.role');
console.log('Role created:', role);
return await sanitize.contentAPI.output(role, schema);
},
};
user.js
'use strict';
const { sanitize } = require('@strapi/utils');
module.exports = {
async find(ctx) {
const { user } = ctx.state;
console.log('Current User in find users:', user);
let users;
if (user.role.name === 'Super Admin') {
users = await strapi.query('plugin::users-permissions.user').findMany();
} else if (user.role.name === 'Client Super Admin') {
users = await strapi.query('plugin::users-permissions.user').findMany({
where: { role: { type: 'client-super-admin' } },
});
} else {
return ctx.forbidden('Você não tem permissão para visualizar usuários.');
}
const schema = strapi.getModel('plugin::users-permissions.user');
console.log('Users found:', users);
return await sanitize.contentAPI.output(users, schema);
},
async create(ctx) {
const { user } = ctx.state;
console.log('Current User in create users:', user);
let newUser;
if (user.role.name === 'Super Admin') {
newUser = await strapi.query('plugin::users-permissions.user').create({
data: ctx.request.body,
});
} else if (user.role.name === 'Client Super Admin') {
newUser = await strapi.query('plugin::users-permissions.user').create({
data: {
...ctx.request.body,
role: 'client-super-admin',
},
});
} else {
return ctx.forbidden('Você não tem permissão para criar usuários.');
}
const schema = strapi.getModel('plugin::users-permissions.user');
console.log('User created:', newUser);
return await sanitize.contentAPI.output(newUser, schema);
},
};
isSuperAdminOrClientSuperAdmin.js
module.exports = async (ctx, next) => {
const { user } = ctx.state;
if (!user || !['Super Admin', 'Client Super Admin'].includes(user.role.name)) {
return ctx.forbidden('Você não tem permissão para acessar esta rota.');
}
await next();
};
role.settings.json
{
"kind": "collectionType",
"collectionName": "up_roles",
"info": {
"singularName": "role",
"pluralName": "roles",
"displayName": "Role",
"description": ""
},
"options": {
"draftAndPublish": false,
"timestamps": true
},
"attributes": {
"name": {
"type": "string",
"required": true,
"unique": true
},
"description": {
"type": "string"
},
"type": {
"type": "string",
"default": "default"
},
"permissions": {
"type": "relation",
"relation": "manyToMany",
"target": "plugin::users-permissions.permission",
"mappedBy": "roles"
},
"users": {
"type": "relation",
"relation": "manyToMany",
"target": "plugin::users-permissions.user",
"inversedBy": "roles"
},
"created_by": {
"type": "relation",
"relation": "manyToOne",
"target": "plugin::users-permissions.user"
}
}
}
However, this structure is not working, I don’t know if I’m doing something wrong.