Search code examples
strapi

Strapi Custom Endpoint for Updating User Not Appearing in Admin Roles and Permissions

I'm trying to extend the users-permissions plugin in Strapi to add a custom endpoint for updating user information. However, the new endpoint is not appearing under the roles and permissions section in the admin panel.

Here's what I've done so far: Created strapi-server.js in src/extensions/users-permissions/ with the following content:

const _ = require("lodash");
const utils = require("@strapi/utils");
const { ApplicationError, ValidationError } = utils.errors;

module.exports = (plugin) => {
  plugin.controllers.user.updateMe = async (ctx) => {
    // needs to be logged in
    if (!ctx.state.user || !ctx.state.user.id) {
      throw new ApplicationError("You need to be logged");
    }

    if (
      !_.has(ctx.request.body, "username") ||
      ctx.request.body.username === ""
    ) {
      throw new ValidationError("Invalid data");
    }
    const allowedProperties = ["username"];
    const bodyKeys = Object.keys(ctx.request.body);
    if (bodyKeys.filter((key) => !allowedProperties.includes(key)).length > 0) {
      throw new ValidationError("Invalid data");
    }

    const newBody = {};
    bodyKeys.map(
      (key) =>
        (newBody[key] = ctx.request.body[key].trim().replace(/[<>]/g, ""))
    );
    if (_.has(ctx.request.body, "username")) {
      const userWithSameUsername = await strapi
        .query("plugin::users-permissions.user")
        .findOne({ where: { username: ctx.request.body.username } });
      if (
        userWithSameUsername &&
        _.toString(userWithSameUsername.id) !== _.toString(ctx.state.user.id)
      ) {
        throw new ApplicationError("Username already taken");
      }
    }

    await strapi
      .query("plugin::users-permissions.user")
      .update({
        where: { id: ctx.state.user.id },
        data: newBody,
      })
      .then((res) => {
        ctx.response.body = { username: res.username };
        ctx.response.status = 200;
      });
  };

  plugin.routes["content-api"].routes.push({
    method: "PUT",
    path: "/user/me",
    handler: "user.updateMe",
    config: {
      prefix: "",
      policies: [],
    },
  });

  return plugin;
};

Registered the plugin in config/plugins.js:

module.exports = ({ env }) => ({
  email: {
    config: {
      provider: "nodemailer",
      providerOptions: {
        host: env("SMTP_HOST"),
        port: env("SMTP_PORT"),
        auth: {
          user: env("SMTP_USER"),
          pass: env("SMTP_PASS"),
        },
      },
      settings: {
        defaultFrom: env("SMTP_DEFAULT_FROM"),
        defaultReplyTo: env("SMTP_DEFAULT_REPLYTO"),
      },
    },
  },
  "users-permissions": {
    enabled: true,
    resolve: "./src/extensions/users-permissions",
  },
});

Logs from yarn develop:

[2024-07-08 17:25:07.365] http: GET /admin (12 ms) 200
[2024-07-08 17:25:07.485] http: GET /admin/project-type (14 ms) 200
[2024-07-08 17:25:07.561] http: POST /admin/renew-token (7 ms) 200
[2024-07-08 17:25:07.563] http: GET /admin/init (13 ms) 200
[2024-07-08 17:25:07.572] http: GET /admin/users/me (21 ms) 200
[2024-07-08 17:25:07.606] http: GET /admin/telemetry-properties (18 ms) 200
[2024-07-08 17:25:07.619] http: GET /admin/users/me/permissions (18 ms) 200
[2024-07-08 17:25:07.620] http: GET /admin/information (21 ms) 200
[2024-07-08 17:25:07.627] http: GET /admin/project-settings (22 ms) 200
[2024-07-08 17:25:07.635] http: GET /i18n/locales (7 ms) 200
[2024-07-08 17:25:07.691] http: GET /content-manager/components (5 ms) 200
[2024-07-08 17:25:07.705] http: GET /content-manager/content-types (12 ms) 200
[2024-07-08 17:25:09.264] http: GET /content-manager/init (8 ms) 200
[2024-07-08 17:25:09.280] http: GET /content-manager/content-types-settings (12 ms) 200
[2024-07-08 17:25:09.305] http: GET /content-manager/content-types/plugin::users-permissions.user/configuration (6 ms) 200
[2024-07-08 17:25:09.343] http: GET /content-manager/collection-types/plugin::users-permissions.user?page=1&pageSize=10&sort=username:ASC (10 ms) 200
[2024-07-08 17:25:12.515] http: GET /users-permissions/roles (9 ms) 200
[2024-07-08 17:25:13.362] http: GET /users-permissions/permissions (9 ms) 200
[2024-07-08 17:25:13.374] http: GET /users-permissions/routes (9 ms) 200
[2024-07-08 17:25:13.386] http: GET /users-permissions/roles/1 (10 ms) 200

I check under settings/users and permissions plugin/roles/Authenticated/user-permissions/user and there is not updateMe field. enter image description here

What am I doing wrong?

Any help will be appreciated.

Note: I followed this tutorial. Update: It seems to be issue with the latest version of strapi: 4.24.4, but downgrading causes other issues.

Solution

  • For anyone else struggling with the issue updateMe field not appearing on strapi admin board.

    Downgrading the versions worked for me.

     "@strapi/plugin-cloud": "4.20.4",
 "@strapi/plugin-i18n": "4.20.4",
 "@strapi/plugin-users-permissions": "4.20.4",
 "@strapi/provider-email-nodemailer": "^4.20.4",
 "@strapi/strapi": "4.20.4",

    Otherwise you should need to create a separate route. https://docs.strapi.io/dev-docs/backend-customization/routes