@adminforth/list-in-place-edit 1.0.25 → 1.0.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build.log +1 -1
- package/dist/index.js +25 -2
- package/index.ts +34 -3
- package/package.json +1 -1
- package/pnpm-workspace.yaml +2 -0
package/build.log
CHANGED
package/dist/index.js
CHANGED
|
@@ -7,7 +7,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
7
7
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
8
|
});
|
|
9
9
|
};
|
|
10
|
-
import { AdminForthPlugin } from "adminforth";
|
|
10
|
+
import { AdminForthPlugin, interpretResource, ActionCheckSource, AllowedActionsEnum } from "adminforth";
|
|
11
11
|
export default class ListInPlaceEditPlugin extends AdminForthPlugin {
|
|
12
12
|
constructor(options) {
|
|
13
13
|
super(options, import.meta.url);
|
|
@@ -63,14 +63,37 @@ export default class ListInPlaceEditPlugin extends AdminForthPlugin {
|
|
|
63
63
|
return { error: 'Field not allowed to be edited' };
|
|
64
64
|
}
|
|
65
65
|
const resource = this.adminforth.config.resources.find(r => r.resourceId === resourceId);
|
|
66
|
-
if (resource
|
|
66
|
+
if (!resource) {
|
|
67
|
+
return { error: `Resource '${resourceId}' not found` };
|
|
68
|
+
}
|
|
69
|
+
const column = resource.columns.find(c => c.name === field);
|
|
70
|
+
if (!column) {
|
|
71
|
+
return { error: 'Field not allowed to be edited' };
|
|
72
|
+
}
|
|
73
|
+
if (column.primaryKey) {
|
|
74
|
+
return { error: 'Primary key field cannot be edited' };
|
|
75
|
+
}
|
|
76
|
+
if (column.backendOnly === true) {
|
|
67
77
|
return { error: 'Field is not editable, because it is marked as backendOnly' };
|
|
68
78
|
}
|
|
79
|
+
if (column.editReadonly === true) {
|
|
80
|
+
return { error: 'Field is not editable, because it is marked as editReadonly' };
|
|
81
|
+
}
|
|
69
82
|
// Create update object with just the single field
|
|
70
83
|
const updateRecord = { [field]: value };
|
|
71
84
|
// Use AdminForth's built-in update method
|
|
72
85
|
const connector = this.adminforth.connectors[resource.dataSource];
|
|
73
86
|
const oldRecord = yield connector.getRecordByPrimaryKey(resource, recordId);
|
|
87
|
+
if (!oldRecord) {
|
|
88
|
+
return { error: 'Record not found' };
|
|
89
|
+
}
|
|
90
|
+
// Enforce the resource's edit permission for this specific record
|
|
91
|
+
// (mirrors the core /update_record access check, since updateResourceRecord does not check ACL).
|
|
92
|
+
const { allowedActions } = yield interpretResource(adminUser, resource, { requestBody: body, newRecord: updateRecord, oldRecord, pk: recordId }, ActionCheckSource.EditRequest, this.adminforth);
|
|
93
|
+
const editAllowed = allowedActions[AllowedActionsEnum.edit];
|
|
94
|
+
if (editAllowed !== true) {
|
|
95
|
+
return { error: typeof editAllowed === 'string' ? editAllowed : 'You do not have permission to edit this record' };
|
|
96
|
+
}
|
|
74
97
|
const result = yield this.adminforth.updateResourceRecord({
|
|
75
98
|
resource,
|
|
76
99
|
recordId,
|
package/index.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AdminForthPlugin } from "adminforth";
|
|
1
|
+
import { AdminForthPlugin, interpretResource, ActionCheckSource, AllowedActionsEnum } from "adminforth";
|
|
2
2
|
import type { IAdminForth, IHttpServer, AdminForthResourcePages, AdminForthResourceColumn, AdminForthDataTypes, AdminForthResource } from "adminforth";
|
|
3
3
|
import type { PluginOptions } from './types.js';
|
|
4
4
|
|
|
@@ -62,15 +62,46 @@ export default class ListInPlaceEditPlugin extends AdminForthPlugin {
|
|
|
62
62
|
return { error: 'Field not allowed to be edited' };
|
|
63
63
|
}
|
|
64
64
|
const resource = this.adminforth.config.resources.find(r => r.resourceId === resourceId);
|
|
65
|
-
if (resource
|
|
65
|
+
if (!resource) {
|
|
66
|
+
return { error: `Resource '${resourceId}' not found` };
|
|
67
|
+
}
|
|
68
|
+
const column = resource.columns.find(c => c.name === field);
|
|
69
|
+
if (!column) {
|
|
70
|
+
return { error: 'Field not allowed to be edited' };
|
|
71
|
+
}
|
|
72
|
+
if (column.primaryKey) {
|
|
73
|
+
return { error: 'Primary key field cannot be edited' };
|
|
74
|
+
}
|
|
75
|
+
if (column.backendOnly === true) {
|
|
66
76
|
return { error: 'Field is not editable, because it is marked as backendOnly' };
|
|
67
77
|
}
|
|
78
|
+
if (column.editReadonly === true) {
|
|
79
|
+
return { error: 'Field is not editable, because it is marked as editReadonly' };
|
|
80
|
+
}
|
|
68
81
|
// Create update object with just the single field
|
|
69
82
|
const updateRecord = { [field]: value };
|
|
70
|
-
|
|
83
|
+
|
|
71
84
|
// Use AdminForth's built-in update method
|
|
72
85
|
const connector = this.adminforth.connectors[resource.dataSource];
|
|
73
86
|
const oldRecord = await connector.getRecordByPrimaryKey(resource, recordId)
|
|
87
|
+
if (!oldRecord) {
|
|
88
|
+
return { error: 'Record not found' };
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
// Enforce the resource's edit permission for this specific record
|
|
92
|
+
// (mirrors the core /update_record access check, since updateResourceRecord does not check ACL).
|
|
93
|
+
const { allowedActions } = await interpretResource(
|
|
94
|
+
adminUser,
|
|
95
|
+
resource,
|
|
96
|
+
{ requestBody: body, newRecord: updateRecord, oldRecord, pk: recordId },
|
|
97
|
+
ActionCheckSource.EditRequest,
|
|
98
|
+
this.adminforth
|
|
99
|
+
);
|
|
100
|
+
const editAllowed = allowedActions[AllowedActionsEnum.edit] as boolean | string | undefined;
|
|
101
|
+
if (editAllowed !== true) {
|
|
102
|
+
return { error: typeof editAllowed === 'string' ? editAllowed : 'You do not have permission to edit this record' };
|
|
103
|
+
}
|
|
104
|
+
|
|
74
105
|
const result = await this.adminforth.updateResourceRecord({
|
|
75
106
|
resource,
|
|
76
107
|
recordId,
|
package/package.json
CHANGED
package/pnpm-workspace.yaml
CHANGED