@azteam/express 1.2.433 → 1.2.435
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -312,7 +312,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
312
312
|
}, options.roles);
|
|
313
313
|
_this.roleMiddlewareOptions = {
|
|
314
314
|
secretKey: options.secretKey || process.env.SECRET_KEY,
|
|
315
|
-
systemURL: options.systemURL || process.env.
|
|
315
|
+
systemURL: options.systemURL || process.env.SYSTEM_URL
|
|
316
316
|
};
|
|
317
317
|
_this.paginateOptions = options.paginateOptions || {
|
|
318
318
|
autocompleteField: null,
|
|
@@ -38,7 +38,7 @@ function _default() {
|
|
|
38
38
|
}, opts);
|
|
39
39
|
return /*#__PURE__*/function () {
|
|
40
40
|
var _ref = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee(req, res, next) {
|
|
41
|
-
var headers, secretKey, systemURL, token,
|
|
41
|
+
var headers, secretKey, systemURL, token, authAPIURL, splitToken, client, response, _client, _response;
|
|
42
42
|
return _regeneratorRuntime().wrap(function _callee$(_context) {
|
|
43
43
|
while (1) switch (_context.prev = _context.next) {
|
|
44
44
|
case 0:
|
|
@@ -84,10 +84,10 @@ function _default() {
|
|
|
84
84
|
break;
|
|
85
85
|
}
|
|
86
86
|
token = token.replace('apikey ', '');
|
|
87
|
-
|
|
87
|
+
authAPIURL = "".concat(systemURL, "/auth/login_api/").concat(token);
|
|
88
88
|
splitToken = token.split(':');
|
|
89
89
|
if (splitToken.length === 2) {
|
|
90
|
-
|
|
90
|
+
authAPIURL = "https://".concat(req.hostname, "/auth/login_api/").concat(splitToken[1]);
|
|
91
91
|
}
|
|
92
92
|
client = new _httpClient["default"]({
|
|
93
93
|
timeout: 20000,
|
|
@@ -96,7 +96,7 @@ function _default() {
|
|
|
96
96
|
}
|
|
97
97
|
});
|
|
98
98
|
_context.next = 27;
|
|
99
|
-
return client.get(
|
|
99
|
+
return client.get(authAPIURL);
|
|
100
100
|
case 27:
|
|
101
101
|
response = _context.sent;
|
|
102
102
|
if (!response.success) {
|
|
@@ -116,16 +116,37 @@ function _default() {
|
|
|
116
116
|
throw new _error.ErrorException(_error.UNAUTHORIZED);
|
|
117
117
|
case 35:
|
|
118
118
|
req.user.level = req.user.level || _constant.USER_LEVEL.USER;
|
|
119
|
-
if (!(!roles || req.user.level === 100
|
|
120
|
-
return roles.includes(r);
|
|
121
|
-
}))) {
|
|
119
|
+
if (!(!roles || req.user.level === 100)) {
|
|
122
120
|
_context.next = 38;
|
|
123
121
|
break;
|
|
124
122
|
}
|
|
125
123
|
return _context.abrupt("return", next());
|
|
126
124
|
case 38:
|
|
125
|
+
if (!(req.user.level >= minLevel)) {
|
|
126
|
+
_context.next = 45;
|
|
127
|
+
break;
|
|
128
|
+
}
|
|
129
|
+
_client = new _httpClient["default"]({
|
|
130
|
+
timeout: 20000,
|
|
131
|
+
headers: {
|
|
132
|
+
'User-Agent': req.header('User-Agent'),
|
|
133
|
+
Authorization: headers.authorization
|
|
134
|
+
}
|
|
135
|
+
});
|
|
136
|
+
_context.next = 42;
|
|
137
|
+
return _client.post("".concat(systemURL, "/v1/user_positions/is_permission"), {
|
|
138
|
+
roles: JSON.stringify(roles)
|
|
139
|
+
});
|
|
140
|
+
case 42:
|
|
141
|
+
_response = _context.sent;
|
|
142
|
+
if (!_response.success) {
|
|
143
|
+
_context.next = 45;
|
|
144
|
+
break;
|
|
145
|
+
}
|
|
146
|
+
return _context.abrupt("return", next());
|
|
147
|
+
case 45:
|
|
127
148
|
throw new _error.ErrorException(_error.PERMISSION);
|
|
128
|
-
case
|
|
149
|
+
case 46:
|
|
129
150
|
case "end":
|
|
130
151
|
return _context.stop();
|
|
131
152
|
}
|
package/package.json
CHANGED
|
@@ -43,7 +43,7 @@ class AdminController extends Controller {
|
|
|
43
43
|
|
|
44
44
|
this.roleMiddlewareOptions = {
|
|
45
45
|
secretKey: options.secretKey || process.env.SECRET_KEY,
|
|
46
|
-
systemURL: options.systemURL || process.env.
|
|
46
|
+
systemURL: options.systemURL || process.env.SYSTEM_URL,
|
|
47
47
|
};
|
|
48
48
|
|
|
49
49
|
this.paginateOptions = options.paginateOptions || {
|
|
@@ -50,11 +50,11 @@ export default function (roles = null, minLevel = USER_LEVEL.USER, opts = {}) {
|
|
|
50
50
|
|
|
51
51
|
if (token.startsWith('apikey ')) {
|
|
52
52
|
token = token.replace('apikey ', '');
|
|
53
|
-
let
|
|
53
|
+
let authAPIURL = `${systemURL}/auth/login_api/${token}`;
|
|
54
54
|
|
|
55
55
|
const splitToken = token.split(':');
|
|
56
56
|
if (splitToken.length === 2) {
|
|
57
|
-
|
|
57
|
+
authAPIURL = `https://${req.hostname}/auth/login_api/${splitToken[1]}`;
|
|
58
58
|
}
|
|
59
59
|
|
|
60
60
|
const client = new HttpClient({
|
|
@@ -63,7 +63,7 @@ export default function (roles = null, minLevel = USER_LEVEL.USER, opts = {}) {
|
|
|
63
63
|
'User-Agent': req.header('User-Agent'),
|
|
64
64
|
},
|
|
65
65
|
}),
|
|
66
|
-
response = await client.get(
|
|
66
|
+
response = await client.get(authAPIURL);
|
|
67
67
|
if (response.success) {
|
|
68
68
|
req.user = response.data;
|
|
69
69
|
} else {
|
|
@@ -79,9 +79,23 @@ export default function (roles = null, minLevel = USER_LEVEL.USER, opts = {}) {
|
|
|
79
79
|
|
|
80
80
|
req.user.level = req.user.level || USER_LEVEL.USER;
|
|
81
81
|
|
|
82
|
-
if (!roles || req.user.level === 100
|
|
82
|
+
if (!roles || req.user.level === 100) {
|
|
83
83
|
return next();
|
|
84
84
|
}
|
|
85
|
+
|
|
86
|
+
if (req.user.level >= minLevel) {
|
|
87
|
+
const client = new HttpClient({
|
|
88
|
+
timeout: 20000,
|
|
89
|
+
headers: {
|
|
90
|
+
'User-Agent': req.header('User-Agent'),
|
|
91
|
+
Authorization: headers.authorization,
|
|
92
|
+
},
|
|
93
|
+
}),
|
|
94
|
+
response = await client.post(`${systemURL}/v1/user_positions/is_permission`, {roles: JSON.stringify(roles)});
|
|
95
|
+
if (response.success) {
|
|
96
|
+
return next();
|
|
97
|
+
}
|
|
98
|
+
}
|
|
85
99
|
throw new ErrorException(PERMISSION);
|
|
86
100
|
};
|
|
87
101
|
}
|