3

I have created a books content type containg books. Each book in the collection belongs to a user (user content type provided by Strapi).

I want to return list of books owned by authenticated user at /users/me/books endpoint. Where can I add this route and handler as there is /api/books directory containing books related route, controllers, etc. but not /api/users directory.

DarthWader
  • 986
  • 1
  • 9
  • 17

1 Answers1

4

You can extend or override using the extensions system.

extensions/users-permissions/controllers

Just add the controller you want to extend or override as a .js file like so:

So to override the me endpoint under User.js you only need to define the method again:

'use strict';
module.exports = {
  //Override me
  async me(ctx) {
      //do your thing
  }
};

To extend, not override, means to add another endpoint, therefor you need to define it, add a route and set permissions for it. The routes.js files should be created at:

extensions/users-permissions/config/routes.json

Like so:

{
    "routes": [
    {
      "method": "GET",
      "path": "/users/me/books",
      "handler": "User.getUserBooks",
      "config": {
        "policies": [],
        "prefix": "",
        "description": "description",
        "tag": {
          "plugin": "users-permissions",
          "name": "User",
          "actionType": "find"
        }
      }
    }
}

The controller this time (same location as in beginning):

module.exports = {
    async getUserBooks(ctx) {
      //add logic
    }
}

OP correctly added:

After adding custom route and controller, one has to go to Admin Panel(log in as admin)>Roles and Permission> Users-Permission. There you can find the newly added route and have to enable it by checking it.

The originals(if you need examples) are located at:

/node_modules/strapi-plugin-users-permissions/config/routes.json
/node_modules/strapi-plugin-users-permissions/controllers/User.js

I don't think you should extend the User controller as it isn't logically correct. You are trying to GET books - you should extend the book api in the same way. From what I can tell a ContentType doesn't contain information about its creator(you're welcome to educate me if it's not true). So to tackle that you can add to your ContentType "books" a relation to User. Then I think you should extend the books api with a endpoint that returns books "belonging" to that user using the ctx received.

Also - check this question out

Comment if you need more info.

Eggcellentos
  • 1,570
  • 1
  • 18
  • 25
  • Can you provide where exactly to add controller. I am new to Strapi. – DarthWader Jun 29 '20 at 09:49
  • I have overrided the users/me route. How do I define users/me/books route? and in which file? – DarthWader Jun 29 '20 at 10:13
  • I did what you asked. Now I am getting 403 error instead of 404 even though i have attached jwt token of logged in user in postman to the request. I have not yet added logic to retrieve books yet, just trying to return dummy object from the route. – DarthWader Jun 29 '20 at 16:04
  • Related to your opinion that I should add a books route instead of user; wouldn't it be more appropriate to add a user route like i am trying to do? Like /users/me/books should return logged in users books. I already have user relation in books ContentType with many to one relationship (one user has many books). – DarthWader Jun 29 '20 at 16:06
  • ans comment #1: OK 403 even though it's a permissions issue, it means that it found your endpoint. How to authenticate is a totally different question so I advise you to test in development environment with public permissions allowed, just to separate the 2 things you are trying to do(query & authenticate). ans comment #2: It's my opinion because you are querying books(and not users). You can do what you think is best for you. – Eggcellentos Jun 29 '20 at 16:21
  • 1
    I found out why it was giving 403 error. After adding custom route and controller, one has to go to Admin Panel(log in as admin)>Roles and Permission> Users-Permission. There you can find the newly added route and have to enable it by checking it. Then you get whatever you from route when you access it. – DarthWader Jun 29 '20 at 16:30
  • 1
    Thanks Gosh!! You saved my day! I was looking to add an api /users/bla but always ended up with /user-permissions/bla...until I read your answer en found config: prefix: "" in routes. Awesome – jr00n Feb 03 '22 at 11:25
  • @jr00n happy to help – Eggcellentos Feb 03 '22 at 11:45