System Information
- Strapi Version: 4.15
- Operating System: Docker Node16 Alpine
- Database: Postgres
- Node Version: 16
- NPM Version: 8.5.5
Hey together,
I’m writing a policy where I like to work with the body. As example: I like to check if the user filled their firstname and lastname, that they are not sending an empty string.
Also I have no idea how to send an error message. In Strapi3 there was a ctx object where I got access to this with ease.
This is my current code:
'use strict';
/**
* `updateOwnerOnly` policy.
*/
module.exports = (policyContext, config, { strapi }) => {
// Add your own logic here.
strapi.log.info('updateOwnerOnly policy.');
console.log(policyContext.req)
if (policyContext.state.auth.strategy.name === "api-token") {
if (policyContext.state.auth.credentials.type === "full-access")
return true;
} else if (
policyContext.state.auth.strategy.name === "users-permissions"
) {
// Skip for admins
if (policyContext.state.auth.credentials.role.type === "admin")
return true;
const currentUserId = policyContext.state.auth.credentials.id;
const userToUpdate = policyContext.params.id;
// Unable that an user can update an other user
if (currentUserId != userToUpdate) {
strapi.log.info(`WARNING: User ${currentUserId} tried to edit user ${userToUpdate}`);
throw new Error("Unable to edit this user ID");
}
return true
}
return false;
};
Everything works fine. I can check that the user only update his own profile and admins can do what they want. But unfortunately I can’t find any body information in policyContext and also when I throw a new Error the message in my API don’t get through. I found in the docs to use ctx.badRequest("My Error Message")
but as I sad I don’t have an ctx object.
I hope someone can give me a hint or bring me on the right track.
Thanks in advance,
Lars