@byted-apaas/server-sdk-node 1.0.12 → 1.0.15

package/README.md

@@ -1 +1,31 @@
-## aPaaS Server SDK 版本说明：
+## aPaaS @byted-apaas/server-sdk-node 版本说明：
+
+-------
+### 版本：1.0.15｜兼容升级
+新功能：数据操作接口支持指定鉴权身份
+- 不指定: 访问数据模型时, 权限 1.0 应用默认使用系统身份鉴权, 权限 2.0 应用默认使用用户身份鉴权
+- useUserAuth(): 访问数据模型时, 使用用户身份鉴权
+- useSystemAuth(): 访问数据模型时, 使用系统身份鉴权
+```js
+// 示例
+await context.db.object("obj").findOne();
+await context.db.object("obj").useUserAuth().findOne();
+await context.db.object("obj").useSystemAuth().findOne();
+
+await context.db.newTransaction().object("obj").commit();
+await context.db.newTransaction().useUserAuth().object("obj").commit();
+await context.db.newTransaction().useSystemAuth().object("obj").commit();
+
+await context.db.oql("SELECT _id FROM obj").execute();
+await context.db.oql("SELECT _id FROM obj").useUserAuth().execute();
+await context.db.oql("SELECT _id FROM obj").useSystemAuth().execute();
+```
+
+### 版本：1.0.14｜兼容升级
+新功能：支持流式查询 findStream
+```js
+await context.db.object("_user").findStream(async (records) => {
+    // doSomething ...
+});
+```
+优化：findAll 标记为过时方法，用 findStream 替代

package/context/db/impl/IObject.d.ts

@@ -86,6 +86,14 @@ export interface _IKSyncEndpoint<T> {
      * @paramExample [{_id: 1001, _name: "John", gender: "male"}, {_id: 1002, _name: "Alis", gender: "female"}]
      */
     batchUpdate(recordMapList: _Cond<T>[]): Promise<void>;
+    /**
+     * 用户级鉴权
+     */
+    useUserAuth(): this;
+    /**
+     * 系统级鉴权
+     */
+    useSystemAuth(): this;
 }
 export interface _IKAsyncEndpoint<T> {
     /**
@@ -118,9 +126,19 @@ export interface _IKAsyncEndpoint<T> {
     batchUpdateAsync(recordMapList: _Cond<T>[]): Promise<{
         taskID: number;
     }>;
+    /**
+     * 用户级鉴权
+     */
+    useUserAuth(): this;
+    /**
+     * 系统级鉴权
+     */
+    useSystemAuth(): this;
 }
 export interface _IKQuery<T> {
     /**
+     * @Deprecated Use FindStream instead.
+     *
      * 无需入参，返回全部符合条件的记录
      * @example
      * ```
@@ -130,6 +148,17 @@ export interface _IKQuery<T> {
      * ```
      */
     findAll(): Promise<_Record<T>[]>;
+    /**
+     * 遍历全部符合条件的记录
+     * @param handler 业务处理函数
+     * @example
+     * ```
+     * await context.db.object("_user").findStream(async (records) => {
+     *     // doSomething ...
+     * });
+     * ```
+     */
+    findStream(handler: (records: object[]) => Promise<void>): Promise<void>;
     /**
      * 无需入参，返回符合条件的记录，单次返回 200 条
      * @example
@@ -248,4 +277,12 @@ export interface _IKQuery<T> {
      * ```
      */
     count(): Promise<number>;
+    /**
+     * 用户级鉴权
+     */
+    useUserAuth(): this;
+    /**
+     * 系统级鉴权
+     */
+    useSystemAuth(): this;
 }

package/context/db/impl/object.d.ts

@@ -23,6 +23,7 @@ export declare class _KApplicationObject<T> {
 declare class _KObjectSync<T> implements _IKSyncEndpoint<T> {
     apiName: string;
     appCtx: AppCtx;
+    authType: string;
     create(recordMap: _Cond<T>): Promise<{
         _id: number;
     }>;
@@ -34,9 +35,12 @@ declare class _KObjectSync<T> implements _IKSyncEndpoint<T> {
     batchDelete(recordIdList: number[]): Promise<void>;
     batchDelete(recordList: _Cond<T>[]): Promise<void>;
     batchUpdate(recordMapList: _Cond<T>[]): Promise<void>;
+    useUserAuth(): this;
+    useSystemAuth(): this;
 }
 declare class _KObjectAsync<T> implements _IKAsyncEndpoint<T> {
     apiName: string;
+    authType: string;
     batchCreateAsync(recordMapList: _Cond<T>[]): Promise<{
         taskID: number;
     }>;
@@ -49,13 +53,17 @@ declare class _KObjectAsync<T> implements _IKAsyncEndpoint<T> {
     batchUpdateAsync(recordMapList: _Cond<T>[]): Promise<{
         taskID: number;
     }>;
+    useUserAuth(): this;
+    useSystemAuth(): this;
 }
 declare class _KObjectQuery<T> implements _IKQuery<T> {
     apiName: string;
     appCtx: AppCtx;
+    authType: string;
     find(): Promise<_Record<T>[]>;
     findOne(): Promise<_Record<T>>;
     findAll(): Promise<_Record<T>[]>;
+    findStream(handler: (records: object[]) => Promise<void>): Promise<void>;
     orderBy<K extends keyof T>(fieldApiNames: K[]): _KQuery<T>;
     orderBy<K extends keyof T>(...fieldApiNames: K[]): _KQuery<T>;
     orderByDesc<K extends keyof T>(fieldApiNames: K[]): _KQuery<T>;
@@ -67,15 +75,24 @@ declare class _KObjectQuery<T> implements _IKQuery<T> {
     limit(limit: number): _KQuery<T>;
     offset(offset: number): _KQuery<T>;
     count(): Promise<number>;
+    useSystemAuth(): this;
+    useUserAuth(): this;
 }
 /**
  * _KQuery is kunlun query implement, implements ORM operations.
  */
 declare class _KQuery<T> implements _IKQuery<T> {
-    constructor(objectApiName: string, appCtx?: AppCtx);
+    private authType;
+    constructor(objectApiName: string, appCtx?: AppCtx, authType?: string);
     find(): Promise<_Record<T>[]>;
     findOne(): Promise<_Record<T>>;
+    /**
+     * @Deprecated Use FindStream instead.
+     */
     findAll(): Promise<_Record<T>[]>;
+    findStream(handler: (records: object[]) => Promise<void>): Promise<void>;
+    private walkRecordsByID;
+    private walkRecordsByLimitOffset;
     private getRecordsByPage;
     orderBy<K extends keyof T>(fieldApiNames: K[]): this;
     orderBy<K extends keyof T>(...fieldApiNames: K[]): this;
@@ -88,5 +105,8 @@ declare class _KQuery<T> implements _IKQuery<T> {
     limit(limit: number): this;
     offset(offset: number): this;
     count(): Promise<number>;
+    private findPreCheck;
+    useSystemAuth(): this;
+    useUserAuth(): this;
 }
 export {};

package/context/db/impl/object.js

@@ -12,6 +12,7 @@ const propertiesStore_1 = require("./propertiesStore");
 const common_1 = require("../../../application/impl/common");
 const logicV2_1 = require("../../../kunlun/operator/impl/logicV2");
 const operator_1 = require("../../../kunlun/operator/impl/operator");
+const constants_1 = require("@byted-apaas/server-common-node/constants/constants");
 const queryPropertiesStore = new propertiesStore_1.default();
 // _KObject will be Mixin with [_KObjectSync, _KObjectAsync, _KObjectQuery]
 class _KObject {
@@ -52,7 +53,7 @@ class _KObjectSync {
                 return await Request.GetInstance().openSDKCreateRecordBySync(this.apiName, recordMap);
             });
         }
-        return await Request.GetInstance().createRecordBySync(this.apiName, recordMap);
+        return await Request.GetInstance().createRecordBySync(this.apiName, recordMap, this.authType);
     }
     ;
     async delete(recordOrRecordID) {
@@ -79,7 +80,7 @@ class _KObjectSync {
                     return await Request.GetInstance().openSDKDeleteRecordBySync(this.apiName, recordID);
                 });
             }
-            return await Request.GetInstance().deleteRecordBySync(this.apiName, recordID);
+            return await Request.GetInstance().deleteRecordBySync(this.apiName, recordID, this.authType);
         }
         throw new server_common_node_1.exceptions.InvalidParamError("record must be number or object");
     }
@@ -115,7 +116,7 @@ class _KObjectSync {
                 return await Request.GetInstance().openSDKUpdateRecordBySync(this.apiName, recordID, record);
             });
         }
-        return await Request.GetInstance().updateRecordBySync(this.apiName, recordID, record);
+        return await Request.GetInstance().updateRecordBySync(this.apiName, recordID, record, this.authType);
     }
     ;
     // batch sync
@@ -135,7 +136,7 @@ class _KObjectSync {
         let data = (this.appCtx && this.appCtx.mode == 'openSDK') ?
             await (0, common_1.runCtxForOpenSDK)(this.appCtx, async () => {
                 return await Request.GetInstance().openSDKCreateRecordsBySync(this.apiName, recordMapList);
-            }) : await Request.GetInstance().createRecordsBySync(this.apiName, recordMapList);
+            }) : await Request.GetInstance().createRecordsBySync(this.apiName, recordMapList, this.authType);
         // todo: 确定函数返回值
         if (!(data instanceof Array) && data["record_ids"]) {
             return data["record_ids"];
@@ -169,7 +170,7 @@ class _KObjectSync {
                 return await Request.GetInstance().openSDKDeleteRecordsBySync(this.apiName, recordIDs);
             });
         }
-        return await Request.GetInstance().deleteRecordsBySync(this.apiName, recordIDs);
+        return await Request.GetInstance().deleteRecordsBySync(this.apiName, recordIDs, this.authType);
     }
     async batchUpdate(recordMapList) {
         // 参数校验、组装
@@ -193,9 +194,17 @@ class _KObjectSync {
                 return await Request.GetInstance().openSDKUpdateRecordsBySync(this.apiName, recordMapList);
             });
         }
-        return await Request.GetInstance().updateRecordsBySync(this.apiName, recordMap);
+        return await Request.GetInstance().updateRecordsBySync(this.apiName, recordMap, this.authType);
     }
     ;
+    useUserAuth() {
+        this.authType = constants_1.AuthTypeUser;
+        return this;
+    }
+    useSystemAuth() {
+        this.authType = constants_1.AuthTypeSystem;
+        return this;
+    }
 }
 class _KObjectAsync {
     constructor() {
@@ -221,7 +230,7 @@ class _KObjectAsync {
         if (server_common_node_1.utils.stringify(recordMapList).length > 50 * 1024 * 1024) {
             throw new server_common_node_1.exceptions.InvalidParamError("parameter records size exceeds 50MB");
         }
-        return await Request.GetInstance().createRecordsByAsync(this.apiName, recordMapList);
+        return await Request.GetInstance().createRecordsByAsync(this.apiName, recordMapList, this.authType);
     }
     ;
     async batchDeleteAsync(recordOrIDList) {
@@ -250,7 +259,7 @@ class _KObjectAsync {
         if (server_common_node_1.utils.stringify(recordIDs).length > 50 * 1024 * 1024) {
             throw new server_common_node_1.exceptions.InvalidParamError("parameter records size exceeds 50MB");
         }
-        return await Request.GetInstance().deleteRecordsByAsync(this.apiName, recordIDs);
+        return await Request.GetInstance().deleteRecordsByAsync(this.apiName, recordIDs, this.authType);
     }
     async batchUpdateAsync(recordMapList) {
         // 参数校验、组装
@@ -280,9 +289,17 @@ class _KObjectAsync {
         if (server_common_node_1.utils.stringify(recordMap).length > 50 * 1024 * 1024) {
             throw new server_common_node_1.exceptions.InvalidParamError("parameter records size exceeds 50MB");
         }
-        return await Request.GetInstance().updateRecordsByAsync(this.apiName, recordMap);
+        return await Request.GetInstance().updateRecordsByAsync(this.apiName, recordMap, this.authType);
     }
     ;
+    useUserAuth() {
+        this.authType = constants_1.AuthTypeUser;
+        return this;
+    }
+    useSystemAuth() {
+        this.authType = constants_1.AuthTypeSystem;
+        return this;
+    }
 }
 class _KObjectQuery {
     constructor() {
@@ -290,55 +307,68 @@ class _KObjectQuery {
     }
     // find, findOne
     async find() {
-        return new _KQuery(this.apiName, this.appCtx).find();
+        return new _KQuery(this.apiName, this.appCtx, this.authType).find();
     }
     ;
     async findOne() {
-        return new _KQuery(this.apiName, this.appCtx).findOne();
+        return new _KQuery(this.apiName, this.appCtx, this.authType).findOne();
     }
     ;
     async findAll() {
-        return new _KQuery(this.apiName, this.appCtx).findAll();
+        return new _KQuery(this.apiName, this.appCtx, this.authType).findAll();
     }
     ;
+    async findStream(handler) {
+        return new _KQuery(this.apiName, this.appCtx).findStream(handler);
+    }
     orderBy(fieldApiNames, ...restFieldApiNames) {
         fieldApiNames = !fieldApiNames ? [] : fieldApiNames;
-        return new _KQuery(this.apiName, this.appCtx).orderBy(server_common_node_1.utils.argsToList(fieldApiNames, restFieldApiNames));
+        return new _KQuery(this.apiName, this.appCtx, this.authType).orderBy(server_common_node_1.utils.argsToList(fieldApiNames, restFieldApiNames));
     }
     orderByDesc(fieldApiNames, ...restFieldApiNames) {
         fieldApiNames = !fieldApiNames ? [] : fieldApiNames;
-        return new _KQuery(this.apiName, this.appCtx).orderByDesc(server_common_node_1.utils.argsToList(fieldApiNames, restFieldApiNames));
+        return new _KQuery(this.apiName, this.appCtx, this.authType).orderByDesc(server_common_node_1.utils.argsToList(fieldApiNames, restFieldApiNames));
     }
     select(fieldApiNames, ...restFieldApiNames) {
         fieldApiNames = !fieldApiNames ? [] : fieldApiNames;
-        return new _KQuery(this.apiName, this.appCtx).select(server_common_node_1.utils.argsToList(fieldApiNames, restFieldApiNames));
+        return new _KQuery(this.apiName, this.appCtx, this.authType).select(server_common_node_1.utils.argsToList(fieldApiNames, restFieldApiNames));
     }
     where(conditionMap) {
         if (!conditionMap) {
-            return new _KQuery(this.apiName, this.appCtx).where();
+            return new _KQuery(this.apiName, this.appCtx, this.authType).where();
         }
-        return new _KQuery(this.apiName, this.appCtx).where(conditionMap);
+        return new _KQuery(this.apiName, this.appCtx, this.authType).where(conditionMap);
     }
     // limit, offset, count
     limit(limit) {
-        return new _KQuery(this.apiName, this.appCtx).limit(limit);
+        return new _KQuery(this.apiName, this.appCtx, this.authType).limit(limit);
     }
     ;
     offset(offset) {
-        return new _KQuery(this.apiName, this.appCtx).offset(offset);
+        return new _KQuery(this.apiName, this.appCtx, this.authType).offset(offset);
     }
     ;
     async count() {
-        return new _KQuery(this.apiName, this.appCtx).count();
+        return new _KQuery(this.apiName, this.appCtx, this.authType).count();
     }
     ;
+    useSystemAuth() {
+        this.authType = constants_1.AuthTypeSystem;
+        return this;
+    }
+    useUserAuth() {
+        this.authType = constants_1.AuthTypeUser;
+        return this;
+    }
 }
 /**
  * _KQuery is kunlun query implement, implements ORM operations.
  */
 class _KQuery {
-    // 使用请求上下文和对象 Api Name 进行初始化
-    constructor(objectApiName, appCtx = null) {
+    constructor(objectApiName, appCtx = null, authType = null) {
+        if (authType) {
+            this.authType = authType;
+        }
         if (!objectApiName) {
             throw new server_common_node_1.exceptions.InvalidParamError("objectApiName is empty");
         }
@@ -350,23 +380,8 @@ class _KQuery {
         });
     }
     async find() {
+        this.findPreCheck();
         const { apiName, appCtx, queryBuilder, queryV2 } = queryPropertiesStore.get(this);
-        // 查询非 _id 字段或者关联对象下钻._id, limit 不允许超过 200
-        let checkLimit;
-        let checkFields;
-        if (queryV2) {
-            checkLimit = queryV2._limit;
-            checkFields = queryV2.fields;
-        }
-        else {
-            checkLimit = queryBuilder.getLimit();
-            checkFields = queryBuilder.getSelect();
-        }
-        if (checkFields.length != 1 || !(checkFields[0] == "_id" || checkFields[0].endsWith("._id"))) {
-            if (checkLimit > 200) {
-                throw new Error(`limit(${checkLimit}) > ${queryBuilder_1.maxLimit}. Limit should be 1~${queryBuilder_1.maxLimitV2} when querying the id field, otherwise it should be 1~${queryBuilder_1.maxLimit}`);
-            }
-        }
         if (appCtx) {
             const param = {
                 limit: queryV2._limit,
@@ -382,7 +397,7 @@ class _KQuery {
         }
         else {
             const criterion = (0, logic_1.buildCriterion)(queryBuilder.getLogic(), apiName);
-            return await Request.GetInstance().getRecordsOrCountByCriterion(apiName, await (0, logic_1.handleCriterion)(criterion), queryBuilder.getOrder(), false, queryBuilder.getSelect(), queryBuilder.getOffset(), queryBuilder.getLimit(), false);
+            return await Request.GetInstance().getRecordsOrCountByCriterion(apiName, await (0, logic_1.handleCriterion)(criterion), queryBuilder.getOrder(), false, queryBuilder.getSelect(), queryBuilder.getOffset(), queryBuilder.getLimit(), false, this.authType);
         }
     }
     ;
@@ -393,6 +408,9 @@ class _KQuery {
         return records instanceof Array ? (records.length > 0 ? records[0] : null) : null;
     }
     ;
+    /**
+     * @Deprecated Use FindStream instead.
+     */
     async findAll() {
         const { queryBuilder, queryV2 } = queryPropertiesStore.get(this);
         if (queryBuilder.getOrder().length > 0) {
@@ -404,6 +422,152 @@ class _KQuery {
         return await this.getRecordsByPage();
     }
     ;
+    async findStream(handler) {
+        const { queryBuilder, queryV2 } = queryPropertiesStore.get(this);
+        let offset = 0, orders = [];
+        if (queryV2) {
+            offset = queryV2._offset;
+            orders = queryV2._order;
+        }
+        else {
+            offset = queryBuilder.getOffset();
+            orders = queryBuilder.getOrder();
+        }
+        if (orders.length === 0 && offset === 0) {
+            // 走主键翻页
+            return await this.walkRecordsByID(handler);
+        }
+        // 走 limit offset 翻页
+        return await this.walkRecordsByLimitOffset(handler);
+    }
+    async walkRecordsByID(handler) {
+        const { apiName, appCtx, queryBuilder, queryV2 } = queryPropertiesStore.get(this);
+        let limit = 0, selectFields = [];
+        if (queryV2) {
+            if (queryV2.isSetLimit) {
+                limit = queryV2._limit;
+            }
+            selectFields = queryV2.fields;
+        }
+        else {
+            if (queryBuilder.isSetLimit) {
+                limit = queryBuilder.getLimit();
+            }
+            selectFields = queryBuilder.getSelect();
+        }
+        let maxId = 0, queryCount = 0;
+        while (true) {
+            let newLimit = queryBuilder_1.defaultLimit;
+            if (limit > 0 && limit - queryCount < queryBuilder_1.defaultLimit) {
+                newLimit = limit - queryCount;
+            }
+            if (newLimit <= 0) {
+                break;
+            }
+            let rs;
+            if (appCtx) {
+                let criterion = (0, logicV2_1.buildCriterionV2)(queryV2.filter);
+                criterion.push({ leftValue: '_id', operator: operator_1.operates.GT, rightValue: maxId });
+                const param = {
+                    limit: newLimit,
+                    offset: 0,
+                    sort: [{ field: '_id', direction: 'asc', type: '' }],
+                    fields: selectFields,
+                    count: false,
+                    filter: criterion,
+                };
+                rs = await (0, common_1.runCtxForOpenSDK)(appCtx, async () => {
+                    return await Request.GetInstance().openSDKGetRecords(apiName, param);
+                });
+            }
+            else {
+                let criterion = (0, logic_1.buildCriterion)(queryBuilder.getLogic(), apiName, maxId);
+                rs = await Request.GetInstance().getRecordsOrCountByCriterion(apiName, await (0, logic_1.handleCriterion)(criterion), [new order_1.Order("_id", "asc")], false, queryBuilder.getSelect(), 0, newLimit, false, this.authType);
+            }
+            queryCount += rs.length;
+            rs.forEach((r) => {
+                maxId = r._id > maxId ? r._id : maxId;
+            });
+            try {
+                if (rs.length > 0) {
+                    await handler(rs);
+                }
+            }
+            catch (err) {
+                throw err;
+            }
+            if (rs.length < queryBuilder_1.defaultLimit) {
+                break;
+            }
+        }
+    }
+    async walkRecordsByLimitOffset(handler) {
+        const { apiName, appCtx, queryBuilder, queryV2 } = queryPropertiesStore.get(this);
+        let limit = 0, offset = 0, selectFields = [], orders = [];
+        if (queryV2) {
+            if (queryV2.isSetLimit) {
+                limit = queryV2._limit;
+            }
+            offset = queryV2._offset;
+            selectFields = queryV2.fields;
+            orders = queryV2._order;
+        }
+        else {
+            if (queryBuilder.isSetLimit) {
+                limit = queryBuilder.getLimit();
+            }
+            offset = queryBuilder.getOffset();
+            selectFields = queryBuilder.getSelect();
+            orders = queryBuilder.getOrder();
+        }
+        let maxId = 0, queryCount = 0;
+        for (let i = offset; !limit || i < offset + limit; i += queryBuilder_1.defaultLimit) {
+            let newLimit = function () {
+                if (limit == 0) {
+                    return queryBuilder_1.defaultLimit;
+                }
+                if (offset + limit - i < queryBuilder_1.defaultLimit) {
+                    return offset + limit - i;
+                }
+                return queryBuilder_1.defaultLimit;
+            }();
+            if (newLimit <= 0) {
+                break;
+            }
+            let rs;
+            if (appCtx) {
+                let criterion = (0, logicV2_1.buildCriterionV2)(queryV2.filter);
+                criterion.push({ leftValue: '_id', operator: operator_1.operates.GT, rightValue: maxId });
+                const param = {
+                    limit: newLimit,
+                    offset: i,
+                    sort: orders,
+                    fields: selectFields,
+                    count: false,
+                    filter: criterion,
+                };
+                rs = await (0, common_1.runCtxForOpenSDK)(appCtx, async () => {
+                    return await Request.GetInstance().openSDKGetRecords(apiName, param);
+                });
+            }
+            else {
+                let criterion = (0, logic_1.buildCriterion)(queryBuilder.getLogic(), apiName, maxId);
+                rs = await Request.GetInstance().getRecordsOrCountByCriterion(apiName, await (0, logic_1.handleCriterion)(criterion), orders, false, selectFields, i, newLimit, false, this.authType);
+            }
+            queryCount += rs.length;
+            try {
+                if (rs.length > 0) {
+                    await handler(rs);
+                }
+            }
+            catch (err) {
+                throw err;
+            }
+            if (rs.length < queryBuilder_1.defaultLimit) {
+                break;
+            }
+        }
+    }
     async getRecordsByPage() {
         const { apiName, appCtx, queryBuilder, queryV2 } = queryPropertiesStore.get(this);
         let maxId = 0, records = [];
@@ -426,13 +590,13 @@ class _KQuery {
             }
             else {
                 let criterion = (0, logic_1.buildCriterion)(queryBuilder.getLogic(), apiName, maxId);
-                rs = await Request.GetInstance().getRecordsOrCountByCriterion(apiName, await (0, logic_1.handleCriterion)(criterion), [new order_1.Order("_id", "asc")], false, queryBuilder.getSelect(), 0, queryBuilder_1.maxLimit, false);
+                rs = await Request.GetInstance().getRecordsOrCountByCriterion(apiName, await (0, logic_1.handleCriterion)(criterion), [new order_1.Order("_id", "asc")], false, queryBuilder.getSelect(), 0, queryBuilder_1.defaultLimit, false, this.authType);
             }
             rs.forEach((r) => {
                 maxId = r._id > maxId ? r._id : maxId;
             });
             records.push(...rs);
-            if (rs.length < queryBuilder_1.maxLimit) {
+            if (rs.length < queryBuilder_1.defaultLimit) {
                 break;
             }
         }
@@ -538,10 +702,32 @@ class _KQuery {
         }
         else {
             let criterion = (0, logic_1.buildCriterion)(queryBuilder.getLogic(), apiName);
-            return await Request.GetInstance().getRecordsOrCountByCriterion(apiName, await (0, logic_1.handleCriterion)(criterion), queryBuilder.getOrder(), false, queryBuilder.getSelect(), queryBuilder.getOffset(), queryBuilder.getLimit(), true);
+            return await Request.GetInstance().getRecordsOrCountByCriterion(apiName, await (0, logic_1.handleCriterion)(criterion), queryBuilder.getOrder(), false, queryBuilder.getSelect(), queryBuilder.getOffset(), queryBuilder.getLimit(), true, this.authType);
         }
     }
     ;
+    findPreCheck() {
+        const { queryBuilder, queryV2 } = queryPropertiesStore.get(this);
+        let limit = queryBuilder_1.defaultLimit;
+        if (queryV2) {
+            limit = queryV2._limit;
+        }
+        else {
+            limit = queryBuilder.limit;
+        }
+        if (limit < 1) {
+            // need import exceptions
+            throw new server_common_node_1.exceptions.InvalidParamError(`limit(${limit}) < 1`);
+        }
+    }
+    useSystemAuth() {
+        this.authType = constants_1.AuthTypeSystem;
+        return this;
+    }
+    useUserAuth() {
+        this.authType = constants_1.AuthTypeUser;
+        return this;
+    }
 }
 function applyMixins(derivedCtor, constructors) {
     constructors.forEach((baseCtor) => {

package/context/db/impl/oql/ioql.d.ts

@@ -3,4 +3,12 @@ export interface IOql {
      * 执行 OQL
      */
     execute(): Promise<any | any[]>;
+    /**
+     * 用户级鉴权
+     */
+    useUserAuth(): IOql;
+    /**
+     * 系统级鉴权
+     */
+    useSystemAuth(): IOql;
 }

package/context/db/impl/oql/oql.d.ts

@@ -3,7 +3,10 @@ export declare class Oql implements IOql {
     oql: string;
     params: any[];
     namedParams: Record<string, any>;
+    authType: string;
     constructor(oql: string);
     constructor(oql: string, namedArgs: Record<string, any>);
     execute(): Promise<any[]>;
+    useSystemAuth(): IOql;
+    useUserAuth(): IOql;
 }

package/context/db/impl/oql/oql.js

@@ -4,6 +4,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Oql = void 0;
 const Request = require("../../../../request/interface");
+const constants_1 = require("@byted-apaas/server-common-node/constants/constants");
 class Oql {
     constructor(oql, namedArgs) {
         this.oql = oql;
@@ -15,11 +16,19 @@ class Oql {
         }
     }
     async execute() {
-        let records = await Request.GetInstance().oql(this.oql, this.params, this.namedParams);
+        let records = await Request.GetInstance().oql(this.oql, this.params, this.namedParams, this.authType);
         if (records && Array.isArray(records)) {
             return records;
         }
         return [];
     }
+    useSystemAuth() {
+        this.authType = constants_1.AuthTypeSystem;
+        return this;
+    }
+    useUserAuth() {
+        this.authType = constants_1.AuthTypeUser;
+        return this;
+    }
 }
 exports.Oql = Oql;

package/context/db/impl/queryBuilder.d.ts

@@ -1,7 +1,6 @@
 import { Order, OrderType } from './order';
 import { Logic } from '../../../kunlun/operator/impl/logic';
-export declare const maxLimit = 200;
-export declare const maxLimitV2 = 10000;
+export declare const defaultLimit = 200;
 /**
  * 查询构造器，在 DB 中被初始化，用于构建一次查询
  */
@@ -11,6 +10,7 @@ export declare class QueryBuilder {
     select: string[];
     where: Logic[];
     limit: number;
+    isSetLimit: boolean;
     offset: number;
     order: Order[];
     logic: Logic;