"The model user-permissions can't be found."

Question

System Information

Strapi Version: 3.6.5
Operating System: MacOS 11.4
Database: SQL
Node Version: 14.17.0
NPM Version: 6.14.13

Hey there,

I wanted to have a function to change the password by passing the old password and a new one. For that, I found this solution from yohanes (https://stackoverflow.com/a/65237275/9476651). Unfortunately, if I want to execute the POST request, I get the error "Error: The model users-permissions can’t be found. It’s coming from this piece of code:
const user = await strapi.query('user', 'users-permissions').findOne({ email: params.identifier });
This is the first out of maximum three times I need to use the users-permissions plugin and I am pretty sure this error will occur at the other usages as well.

Is there anyone who is able to help me? Have a great day!

Lucas

My full code:

"use strict";

/**
 * api/password/controllers/password.js
 */

const { sanitizeEntity } = require("strapi-utils");
const formatError = (error) => [
  { messages: [{ id: error.id, message: error.message, field: error.field }] },
];

module.exports = {
  index: async (ctx) => {
    // const params = JSON.parse(ctx.request.body);
    const params = ctx.request.body;

    // The identifier is required
    if (!params.identifier) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.email.provide",
          message: "Please provide your username or your e-mail.",
        })
      );
    }

    // The password is required
    if (!params.password) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.password.provide",
          message: "Please provide your password.",
        })
      );
    }

    // The new password is required
    if (!params.newPassword) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.password.provide",
          message: "Please provide your new password.",
        })
      );
    }

    if (!params.confirmPassword) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.password.provide",
          message: "Please provide your new password confirmation.",
        })
      );
    }

    if (
      params.newPassword &&
      params.confirmPassword &&
      params.newPassword !== params.confirmPassword
    ) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.password.matching",
          message: "New passwords do not match.",
        })
      );
    } else if (
      params.newPassword &&
      params.confirmPassword &&
      params.newPassword === params.confirmPassword
    ) {
      // Get user based on identifier
      const user = await strapi
        .query("user", "users-permissions")
        .findOne({ email: params.identifier });

      // Validate given password against user query result password
      const validPassword = await strapi.plugins[
        "users-permissions"
      ].services.user.validatePassword(params.password, user.password);

      if (!validPassword) {
        return ctx.badRequest(
          null,
          formatError({
            id: "Auth.form.error.invalid",
            message: "Identifier or password invalid.",
          })
        );
      } else {
        // Generate new hash password
        const password = await strapi.plugins[
          "users-permissions"
        ].services.user.hashPassword({
          password: params.newPassword,
        });

        // Update user password
        await strapi
          .query("users-permissions")
          .update({ id: user.id }, { resetPasswordToken: null, password });

        // Return new jwt token
        ctx.send({
          jwt: strapi.plugins["users-permissions"].services.jwt.issue({
            id: user.id,
          }),
          user: sanitizeEntity(user.toJSON ? user.toJSON() : user, {
            model: strapi.query("user", "users-permissions").model,
          }),
        });
      }
    }
  },
};```

Answer 1

This part of the code works perfectly fine. const user = await strapi.query('user', 'users-permissions').findOne({ email: params.identifier }); The issue is with the other places where users-permissions is used. You need to use "user", "users-permissions" instead of only "users-permissions". I modified the code below so it works now.

"use strict";

/**
 * api/password/controllers/password.js
 */

const { sanitizeEntity } = require("strapi-utils");
const formatError = (error) => [
  { messages: [{ id: error.id, message: error.message, field: error.field }] },
];

module.exports = {
  index: async (ctx) => {
    // const params = JSON.parse(ctx.request.body);
    const params = ctx.request.body;
    console.log("params is ", params);
    // The identifier is required
    if (!params.identifier) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.email.provide",
          message: "Please provide your username or your e-mail.",
        })
      );
    }

    // The password is required
    if (!params.password) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.password.provide",
          message: "Please provide your password.",
        })
      );
    }

    // The new password is required
    if (!params.newPassword) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.password.provide",
          message: "Please provide your new password.",
        })
      );
    }

    if (!params.confirmPassword) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.password.provide",
          message: "Please provide your new password confirmation.",
        })
      );
    }

    if (
      params.newPassword &&
      params.confirmPassword &&
      params.newPassword !== params.confirmPassword
    ) {
      return ctx.badRequest(
        null,
        formatError({
          id: "Auth.form.error.password.matching",
          message: "New passwords do not match.",
        })
      );
    } else if (
      params.newPassword &&
      params.confirmPassword &&
      params.newPassword === params.confirmPassword
    ) {
      // Get user based on identifier
      const user = await strapi
        .query("user", "users-permissions")
        .findOne({ email: params.identifier });

      // Validate given password against user query result password
      const validPassword = await strapi.plugins[
        ("user", "users-permissions")
      ].services.user.validatePassword(params.password, user.password);

      if (!validPassword) {
        return ctx.badRequest(
          null,
          formatError({
            id: "Auth.form.error.invalid",
            message: "Identifier or password invalid.",
          })
        );
      } else {
        // Generate new hash password
        const password = await strapi.plugins[
          ("user", "users-permissions")
        ].services.user.hashPassword({
          password: params.newPassword,
        });

        // Update user password
        await strapi
          .query("user", "users-permissions")
          .update({ id: user.id }, { resetPasswordToken: null, password });

        // Return new jwt token
        ctx.send({
          jwt: strapi.plugins[("user", "users-permissions")].services.jwt.issue(
            {
              id: user.id,
            }
          ),
          user: sanitizeEntity(user.toJSON ? user.toJSON() : user, {
            model: strapi.query("user", "users-permissions").model,
          }),
        });
      }
    }
  },
};