fix: :bug: Fix notifications GraphQL method
Tim Izzo tim@5ika.ch
Mon, 17 Jun 2024 14:51:36 +0200
2 files changed,
19 insertions(+),
1 deletions(-)
M
backend/config/permissions.ts
→
backend/config/permissions.ts
@@ -8,7 +8,11 @@ "api::setting.setting.find",
"api::stripe.stripe.handleWebhook", ]; -const authenticated = [...publicPerms, "plugin::users-permissions.user.me"]; +const authenticated = [ + ...publicPerms, + "api::event.event.find", + "plugin::users-permissions.user.me", +]; export default { roles: {
M
backend/src/index.ts
→
backend/src/index.ts
@@ -13,8 +13,22 @@ graphqlExtends(context);
// Because of bug https://github.com/strapi/strapi/issues/17995, we're forced // to enable "plugin::users-permissions.user" permission for Authenticated role. + // Disable REST endpoints context.strapi.controller("plugin::users-permissions.user").find = (ctx) => ctx.unauthorized(); + context.strapi.controller("api::event.event").find = (ctx) => + ctx.unauthorized(); + // Disable GQL methods + strapi + .plugin("graphql") + .service("extension") + .shadowCRUD("plugin::users-permissions.user") + .disableAction("find"); + strapi + .plugin("graphql") + .service("extension") + .shadowCRUD("api::event.event") + .disableAction("find"); }, /**