I'm trying out the new strapi v4 right now (4.0.0) community edition. I've got a custom controller which queries for the current user and (in the future) fetches related objects.
When I did this with strapi v3 I used the built-in sanititzeEntitiy - helper function to remove sensitive fields from the user instance. In v4 however, this function appears to not exist anymore and I can't figure out how to achieve this.
Is there anyone that can help me with this? My code so far is:
module.exports = {
currentUser: async(ctx, next) => {
let user = ctx.state.user;
// TODO: sanitize this
}
}
In v3 I just did return sanitizeEntity(user); which would have the desired effect. I just can't figure out how to do this in v4 and I can't find anything related to that in the docs.
So I simultaneously posted this question on the strapi community forums. A user named JustJerem got me an answer to this question which looks like this:
**const { sanitizeEntity } = require("strapi-utils/lib");**
module.exports = (plugin) => {
plugin.controllers.user.deleteMe = async (ctx) => {
const entity = await strapi.entityService.delete('plugin::users-permissions.user', user.id)
var result = **sanitizeEntity(entity, { model: strapi.getModel('plugin::users-permissions.user') })**
return result
};
//...
};
The original answer in the strapi forums can be found here:
https://forum.strapi.io/t/v4-0-0-sanitize-user-data/13326/4?u=derelektrischemoench
All credits to this solution go out to JustJerem on the strapi boards. Doing it like this worked for me. Hopefully this can help someone else, too.
Greetings, derelektrischemoench