Strapi is a great project, but lacks of a good documentation concerning customization. This gist presents some of my findings / experiments to customize strapi.
My use-case: find
and findOne
need to be active to keep nested queries on other user-relations. But if I allow authenticated users to access these routes, they can access all users. So I customize these routes with my own policies: