@casl/mongoose 7.2.1 → 7.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/es6c/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../src/mongo.ts","../../src/accessible_records.ts","../../src/accessible_fields.ts"],"sourcesContent":["import { AnyMongoAbility } from '@casl/ability';\nimport { AbilityQuery, rulesToQuery } from '@casl/ability/extra';\n\nfunction convertToMongoQuery(rule: AnyMongoAbility['rules'][number]) {\n const conditions = rule.conditions!;\n return rule.inverted ? { $nor: [conditions] } : conditions;\n}\n\n/**\n * @deprecated use accessibleBy instead\n *\n * Converts ability action + subjectType to MongoDB query\n */\nexport function toMongoQuery<T extends AnyMongoAbility>(\n ability: T,\n subjectType: Parameters<T['rulesFor']>[1],\n action: Parameters<T['rulesFor']>[0] = 'read'\n): AbilityQuery | null {\n return rulesToQuery(ability, action, subjectType, convertToMongoQuery);\n}\n\nexport interface RecordTypes {\n}\ntype StringOrKeysOf<T> = keyof T extends never ? string : keyof T;\n\n/**\n * Returns Mongo query per record type (i.e., entity type) based on provided Ability and action.\n * In case action is not allowed, it returns `{ $expr: false }`\n */\nexport function accessibleBy<T extends AnyMongoAbility>(\n ability: T,\n action: Parameters<T['rulesFor']>[0] = 'read'\n): Record<StringOrKeysOf<RecordTypes>, AbilityQuery> {\n return new Proxy({\n _ability: ability,\n _action: action\n }, accessibleByProxyHandlers) as unknown as Record<StringOrKeysOf<RecordTypes>, AbilityQuery>;\n}\n\nexport const EMPTY_RESULT_QUERY = { $expr: { $eq: [0, 1] } };\nconst accessibleByProxyHandlers: ProxyHandler<{ _ability: AnyMongoAbility, _action: string }> = {\n get(target, subjectType) {\n const query = rulesToQuery(target._ability, target._action, subjectType, convertToMongoQuery);\n return query === null ? EMPTY_RESULT_QUERY : query;\n }\n};\n","import { Normalize, AnyMongoAbility, Generics, ForbiddenError } from '@casl/ability';\nimport { Schema, QueryWithHelpers, Model, Document, HydratedDocument, Query } from 'mongoose';\nimport { EMPTY_RESULT_QUERY, toMongoQuery } from './mongo';\n\nfunction failedQuery(\n ability: AnyMongoAbility,\n action: string,\n modelName: string,\n query: QueryWithHelpers<Document, Document>\n) {\n query.where(EMPTY_RESULT_QUERY);\n const anyQuery: any = query;\n\n if (typeof anyQuery.pre === 'function') {\n anyQuery.pre((cb: (error?: Error) => void) => {\n const error = ForbiddenError.from(ability).unlessCan(action, modelName);\n cb(error);\n });\n }\n\n return query;\n}\n\nfunction accessibleBy<T extends AnyMongoAbility>(\n baseQuery: Query<any, any>,\n ability: T,\n action?: Normalize<Generics<T>['abilities']>[0]\n): QueryWithHelpers<Document, Document> {\n const subjectType = ability.detectSubjectType({\n constructor: baseQuery.model\n });\n\n if (!subjectType) {\n throw new TypeError(`Cannot detect subject type of \"${baseQuery.model.modelName}\" to return accessible records`);\n }\n\n const query = toMongoQuery(ability, subjectType, action);\n\n if (query === null) {\n return failedQuery(ability, action || 'read', subjectType, baseQuery.where());\n }\n\n return baseQuery.and([query]);\n}\n\ntype GetAccessibleRecords<T, TQueryHelpers, TMethods, TVirtuals> = <U extends AnyMongoAbility>(\n ability: U,\n action?: Normalize<Generics<U>['abilities']>[0]\n) => QueryWithHelpers<\nArray<T>,\nT,\nAccessibleRecordQueryHelpers<T, TQueryHelpers, TMethods, TVirtuals>\n>;\n\nexport type AccessibleRecordQueryHelpers<T, TQueryHelpers = {}, TMethods = {}, TVirtuals = {}> = {\n /** @deprecated use accessibleBy helper instead */\n accessibleBy: GetAccessibleRecords<\n HydratedDocument<T, TMethods, TVirtuals>,\n TQueryHelpers,\n TMethods,\n TVirtuals\n >\n};\nexport interface AccessibleRecordModel<\n T,\n TQueryHelpers = {},\n TMethods = {},\n TVirtuals = {}\n> extends Model<T,\n TQueryHelpers & AccessibleRecordQueryHelpers<T, TQueryHelpers, TMethods, TVirtuals>,\n TMethods,\n TVirtuals> {\n /** @deprecated use accessibleBy helper instead */\n accessibleBy: GetAccessibleRecords<\n HydratedDocument<T, TMethods, TVirtuals>,\n TQueryHelpers,\n TMethods,\n TVirtuals\n >\n}\n\nfunction modelAccessibleBy(this: Model<unknown>, ability: AnyMongoAbility, action?: string) {\n return accessibleBy(this.where(), ability, action);\n}\n\nfunction queryAccessibleBy(\n this: Query<unknown, unknown>,\n ability: AnyMongoAbility,\n action?: string\n) {\n return accessibleBy(this, ability, action);\n}\n\nexport function accessibleRecordsPlugin(schema: Schema<any>): void {\n (schema.query as Record<string, unknown>).accessibleBy = queryAccessibleBy;\n schema.statics.accessibleBy = modelAccessibleBy;\n}\n","import { wrapArray, Normalize, AnyMongoAbility, Generics } from '@casl/ability';\nimport { permittedFieldsOf, PermittedFieldsOptions } from '@casl/ability/extra';\nimport type { Schema, Model, Document } from 'mongoose';\n\nexport type AccessibleFieldsOptions =\n {\n getFields(schema: Schema<Document>): string[]\n } &\n ({ only: string | string[] } | { except: string | string[] });\n\nexport const getSchemaPaths: AccessibleFieldsOptions['getFields'] = schema => Object.keys((schema as { paths: object }).paths);\n\nfunction fieldsOf(schema: Schema<Document>, options: Partial<AccessibleFieldsOptions>) {\n const fields = options.getFields!(schema);\n\n if (!options || !('except' in options)) {\n return fields;\n }\n\n const excludedFields = wrapArray(options.except);\n return fields.filter(field => excludedFields.indexOf(field) === -1);\n}\n\ntype GetAccessibleFields<T> = <U extends AnyMongoAbility>(\n this: Model<T> | T,\n ability: U,\n action?: Normalize<Generics<U>['abilities']>[0]\n) => string[];\n\nexport interface AccessibleFieldsModel<\n T,\n TQueryHelpers = {},\n TMethods = {},\n TVirtuals = {}\n> extends Model<T, TQueryHelpers, TMethods & AccessibleFieldDocumentMethods<T>, TVirtuals> {\n accessibleFieldsBy: GetAccessibleFields<T>\n}\n\nexport interface AccessibleFieldDocumentMethods<T = Document> {\n accessibleFieldsBy: GetAccessibleFields<T>\n}\n\n/**\n * @deprecated Mongoose recommends against `extends Document`, prefer to use `AccessibleFieldsModel` instead.\n * See here: https://mongoosejs.com/docs/typescript.html#using-extends-document\n */\nexport interface AccessibleFieldsDocument extends Document, AccessibleFieldDocumentMethods {}\n\nfunction modelFieldsGetter() {\n let fieldsFrom: PermittedFieldsOptions<AnyMongoAbility>['fieldsFrom'];\n return (schema: Schema<any>, options: Partial<AccessibleFieldsOptions>) => {\n if (!fieldsFrom) {\n const ALL_FIELDS = options && 'only' in options\n ? wrapArray(options.only as string[])\n : fieldsOf(schema, options);\n fieldsFrom = rule => rule.fields || ALL_FIELDS;\n }\n\n return fieldsFrom;\n };\n}\n\nexport function accessibleFieldsPlugin(\n schema: Schema<any>,\n rawOptions?: Partial<AccessibleFieldsOptions>\n): void {\n const options = { getFields: getSchemaPaths, ...rawOptions };\n const fieldsFrom = modelFieldsGetter();\n\n function istanceAccessibleFields(this: Document, ability: AnyMongoAbility, action?: string) {\n return permittedFieldsOf(ability, action || 'read', this, {\n fieldsFrom: fieldsFrom(schema, options)\n });\n }\n\n function modelAccessibleFields(this: Model<unknown>, ability: AnyMongoAbility, action?: string) {\n const document = { constructor: this };\n return permittedFieldsOf(ability, action || 'read', document, {\n fieldsFrom: fieldsFrom(schema, options)\n });\n }\n\n schema.statics.accessibleFieldsBy = modelAccessibleFields;\n schema.method('accessibleFieldsBy', istanceAccessibleFields);\n}\n"],"names":["convertToMongoQuery","rule","conditions","inverted","$nor","toMongoQuery","ability","subjectType","action","rulesToQuery","accessibleBy","Proxy","_ability","_action","accessibleByProxyHandlers","EMPTY_RESULT_QUERY","$expr","$eq","get","target","query","failedQuery","modelName","where","anyQuery","pre","cb","error","ForbiddenError","from","unlessCan","baseQuery","detectSubjectType","constructor","model","TypeError","and","modelAccessibleBy","this","queryAccessibleBy","accessibleRecordsPlugin","schema","statics","getSchemaPaths","Object","keys","paths","fieldsOf","options","fields","getFields","excludedFields","wrapArray","except","filter","field","indexOf","modelFieldsGetter","fieldsFrom","ALL_FIELDS","only","accessibleFieldsPlugin","rawOptions","assign","istanceAccessibleFields","permittedFieldsOf","modelAccessibleFields","document","accessibleFieldsBy","method"],"mappings":"iFAGA,SAASA,EAAoBC,GAC3B,MAAMC,EAAaD,EAAKC,WACxB,OAAOD,EAAKE,SAAW,CAAEC,KAAM,CAACF,IAAgBA,CAClD,CAOO,SAASG,EACdC,EACAC,EACAC,EAAuC,QAEvC,OAAOC,EAAYA,aAACH,EAASE,EAAQD,EAAaP,EACpD,CAUO,SAASU,EACdJ,EACAE,EAAuC,QAEvC,OAAO,IAAIG,MAAM,CACfC,EAAUN,EACVO,EAASL,GACRM,EACL,CAEO,MAAMC,EAAqB,CAAEC,MAAO,CAAEC,IAAK,CAAC,EAAG,KACtD,MAAMH,EAA0F,CAC9FI,IAAIC,EAAQZ,GACV,MAAMa,EAAQX,EAAYA,aAACU,EAAOP,EAAUO,EAAON,EAASN,EAAaP,GACzE,OAAOoB,IAAU,KAAOL,EAAqBK,CAC/C,GCxCF,SAASC,EACPf,EACAE,EACAc,EACAF,GAEAA,EAAMG,MAAMR,GACZ,MAAMS,EAAgBJ,EAEtB,UAAWI,EAASC,MAAQ,WAC1BD,EAASC,KAAKC,IACZ,MAAMC,EAAQC,EAAcA,eAACC,KAAKvB,GAASwB,UAAUtB,EAAQc,GAC7DI,EAAGC,EAAM,IAIb,OAAOP,CACT,CAEA,SAASV,EACPqB,EACAzB,EACAE,GAEA,MAAMD,EAAcD,EAAQ0B,kBAAkB,CAC5CC,YAAaF,EAAUG,QAGzB,IAAK3B,EACH,MAAM,IAAI4B,UAAW,kCAAiCJ,EAAUG,MAAMZ,2CAGxE,MAAMF,EAAQf,EAAaC,EAASC,EAAaC,GAEjD,GAAIY,IAAU,KACZ,OAAOC,EAAYf,EAASE,GAAU,OAAQD,EAAawB,EAAUR,SAGvE,OAAOQ,EAAUK,IAAI,CAAChB,GACxB,CAsCA,SAASiB,EAAwC/B,EAA0BE,GACzE,OAAOE,EAAa4B,KAAKf,QAASjB,EAASE,EAC7C,CAEA,SAAS+B,EAEPjC,EACAE,GAEA,OAAOE,EAAa4B,KAAMhC,EAASE,EACrC,CAEO,SAASgC,EAAwBC,GACrCA,EAAOrB,MAAkCV,aAAe6B,EACzDE,EAAOC,QAAQhC,aAAe2B,CAChC,CCtFaM,MAAAA,EAAuDF,GAAUG,OAAOC,KAAMJ,EAA6BK,OAExH,SAASC,EAASN,EAA0BO,GAC1C,MAAMC,EAASD,EAAQE,UAAWT,GAElC,IAAKO,KAAa,WAAYA,GAC5B,OAAOC,EAGT,MAAME,EAAiBC,EAAAA,UAAUJ,EAAQK,QACzC,OAAOJ,EAAOK,QAAOC,GAASJ,EAAeK,QAAQD,MAAY,GACnE,CA2BA,SAASE,IACP,IAAIC,EACJ,MAAO,CAACjB,EAAqBO,KAC3B,IAAKU,EAAY,CACf,MAAMC,EAAaX,GAAW,SAAUA,EACpCI,EAASA,UAACJ,EAAQY,MAClBb,EAASN,EAAQO,GACrBU,EAAazD,GAAQA,EAAKgD,QAAUU,CACtC,CAEA,OAAOD,CAAU,CAErB,CAEO,SAASG,EACdpB,EACAqB,GAEA,MAAMd,EAAOJ,OAAAmB,OAAA,CAAKb,UAAWP,GAAmBmB,GAChD,MAAMJ,EAAaD,IAEnB,SAASO,EAAwC1D,EAA0BE,GACzE,OAAOyD,EAAiBA,kBAAC3D,EAASE,GAAU,OAAQ8B,KAAM,CACxDoB,WAAYA,EAAWjB,EAAQO,IAEnC,CAEA,SAASkB,EAA4C5D,EAA0BE,GAC7E,MAAM2D,EAAW,CAAElC,YAAaK,MAChC,OAAO2B,EAAiBA,kBAAC3D,EAASE,GAAU,OAAQ2D,EAAU,CAC5DT,WAAYA,EAAWjB,EAAQO,IAEnC,CAEAP,EAAOC,QAAQ0B,mBAAqBF,EACpCzB,EAAO4B,OAAO,qBAAsBL,EACtC"}
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../src/mongo.ts","../../src/accessible_records.ts","../../src/accessible_fields.ts"],"sourcesContent":["import { AnyMongoAbility } from '@casl/ability';\nimport { AbilityQuery, rulesToQuery } from '@casl/ability/extra';\n\nfunction convertToMongoQuery(rule: AnyMongoAbility['rules'][number]) {\n const conditions = rule.conditions!;\n return rule.inverted ? { $nor: [conditions] } : conditions;\n}\n\n/**\n * @deprecated use accessibleBy instead\n *\n * Converts ability action + subjectType to MongoDB query\n */\nexport function toMongoQuery<T extends AnyMongoAbility>(\n ability: T,\n subjectType: Parameters<T['rulesFor']>[1],\n action: Parameters<T['rulesFor']>[0] = 'read'\n): AbilityQuery | null {\n return rulesToQuery(ability, action, subjectType, convertToMongoQuery);\n}\n\nexport interface RecordTypes {\n}\ntype StringOrKeysOf<T> = keyof T extends never ? string : keyof T;\n\n/**\n * Returns Mongo query per record type (i.e., entity type) based on provided Ability and action.\n * In case action is not allowed, it returns `{ $expr: false }`\n */\nexport function accessibleBy<T extends AnyMongoAbility>(\n ability: T,\n action: Parameters<T['rulesFor']>[0] = 'read'\n): Record<StringOrKeysOf<RecordTypes>, AbilityQuery> {\n return new Proxy({\n _ability: ability,\n _action: action\n }, accessibleByProxyHandlers) as unknown as Record<StringOrKeysOf<RecordTypes>, AbilityQuery>;\n}\n\nexport const EMPTY_RESULT_QUERY = { $expr: { $eq: [0, 1] } };\nconst accessibleByProxyHandlers: ProxyHandler<{ _ability: AnyMongoAbility, _action: string }> = {\n get(target, subjectType) {\n const query = rulesToQuery(target._ability, target._action, subjectType, convertToMongoQuery);\n return query === null ? EMPTY_RESULT_QUERY : query;\n }\n};\n","import { Normalize, AnyMongoAbility, Generics, ForbiddenError } from '@casl/ability';\nimport { Schema, QueryWithHelpers, Model, Document, HydratedDocument, Query } from 'mongoose';\nimport { EMPTY_RESULT_QUERY, toMongoQuery } from './mongo';\n\nfunction failedQuery(\n ability: AnyMongoAbility,\n action: string,\n modelName: string,\n query: QueryWithHelpers<Document, Document>\n) {\n query.where(EMPTY_RESULT_QUERY);\n const anyQuery: any = query;\n\n if (typeof anyQuery.pre === 'function') {\n anyQuery.pre((cb: (error?: Error) => void) => {\n const error = ForbiddenError.from(ability).unlessCan(action, modelName);\n cb(error);\n });\n }\n\n return query;\n}\n\nfunction accessibleBy<T extends AnyMongoAbility>(\n baseQuery: Query<any, any>,\n ability: T,\n action?: Normalize<Generics<T>['abilities']>[0]\n): QueryWithHelpers<Document, Document> {\n const subjectType = ability.detectSubjectType({\n constructor: baseQuery.model\n });\n\n if (!subjectType) {\n throw new TypeError(`Cannot detect subject type of \"${baseQuery.model.modelName}\" to return accessible records`);\n }\n\n const query = toMongoQuery(ability, subjectType, action);\n\n if (query === null) {\n return failedQuery(ability, action || 'read', subjectType, baseQuery.where());\n }\n\n return baseQuery.and([query]);\n}\n\ntype GetAccessibleRecords<T, TQueryHelpers, TMethods, TVirtuals> = <U extends AnyMongoAbility>(\n ability: U,\n action?: Normalize<Generics<U>['abilities']>[0]\n) => QueryWithHelpers<\nArray<T>,\nT,\nAccessibleRecordQueryHelpers<T, TQueryHelpers, TMethods, TVirtuals>\n>;\n\nexport type AccessibleRecordQueryHelpers<T, TQueryHelpers = {}, TMethods = {}, TVirtuals = {}> = {\n /** @deprecated use accessibleBy helper instead */\n accessibleBy: GetAccessibleRecords<\n HydratedDocument<T, TMethods, TVirtuals>,\n TQueryHelpers,\n TMethods,\n TVirtuals\n >\n};\nexport interface AccessibleRecordModel<\n T,\n TQueryHelpers = {},\n TMethods = {},\n TVirtuals = {}\n> extends Model<T,\n TQueryHelpers & AccessibleRecordQueryHelpers<T, TQueryHelpers, TMethods, TVirtuals>,\n TMethods,\n TVirtuals> {\n /** @deprecated use accessibleBy helper instead */\n accessibleBy: GetAccessibleRecords<\n HydratedDocument<T, TMethods, TVirtuals>,\n TQueryHelpers,\n TMethods,\n TVirtuals\n >\n}\n\nfunction modelAccessibleBy(this: Model<unknown>, ability: AnyMongoAbility, action?: string) {\n return accessibleBy(this.where(), ability, action);\n}\n\nfunction queryAccessibleBy(\n this: Query<unknown, unknown>,\n ability: AnyMongoAbility,\n action?: string\n) {\n return accessibleBy(this, ability, action);\n}\n\nexport function accessibleRecordsPlugin(schema: Schema<any>): void {\n (schema.query as Record<string, unknown>).accessibleBy = queryAccessibleBy;\n schema.statics.accessibleBy = modelAccessibleBy;\n}\n","import { wrapArray, Normalize, AnyMongoAbility, Generics } from '@casl/ability';\nimport { permittedFieldsOf, PermittedFieldsOptions } from '@casl/ability/extra';\nimport type { Schema, Model, Document } from 'mongoose';\n\nexport type AccessibleFieldsOptions =\n {\n getFields(schema: Schema<Document>): string[]\n } &\n ({ only: string | string[] } | { except: string | string[] });\n\nexport const getSchemaPaths: AccessibleFieldsOptions['getFields'] = schema => Object.keys((schema as { paths: object }).paths);\n\nfunction fieldsOf(schema: Schema<Document>, options: Partial<AccessibleFieldsOptions>) {\n const fields = options.getFields!(schema);\n\n if (!options || !('except' in options)) {\n return fields;\n }\n\n const excludedFields = wrapArray(options.except);\n return fields.filter(field => excludedFields.indexOf(field) === -1);\n}\n\ntype GetAccessibleFields<T> = <U extends AnyMongoAbility>(\n this: Model<T> | T,\n ability: U,\n action?: Normalize<Generics<U>['abilities']>[0]\n) => string[];\n\nexport interface AccessibleFieldsModel<\n T,\n TQueryHelpers = {},\n TMethods = {},\n TVirtuals = {}\n> extends Model<T, TQueryHelpers, TMethods & AccessibleFieldDocumentMethods<T>, TVirtuals> {\n accessibleFieldsBy: GetAccessibleFields<T>\n}\n\nexport interface AccessibleFieldDocumentMethods<T = Document> {\n accessibleFieldsBy: GetAccessibleFields<T>\n}\n\n/**\n * @deprecated Mongoose recommends against `extends Document`, prefer to use `AccessibleFieldsModel` instead.\n * See here: https://mongoosejs.com/docs/typescript.html#using-extends-document\n */\nexport interface AccessibleFieldsDocument extends Document, AccessibleFieldDocumentMethods {}\n\nfunction modelFieldsGetter() {\n let fieldsFrom: PermittedFieldsOptions<AnyMongoAbility>['fieldsFrom'];\n return (schema: Schema<any>, options: Partial<AccessibleFieldsOptions>) => {\n if (!fieldsFrom) {\n const ALL_FIELDS = options && 'only' in options\n ? wrapArray(options.only as string[])\n : fieldsOf(schema, options);\n fieldsFrom = rule => rule.fields || ALL_FIELDS;\n }\n\n return fieldsFrom;\n };\n}\n\nexport function accessibleFieldsPlugin(\n schema: Schema<any>,\n rawOptions?: Partial<AccessibleFieldsOptions>\n): void {\n const options = { getFields: getSchemaPaths, ...rawOptions };\n const fieldsFrom = modelFieldsGetter();\n\n function istanceAccessibleFields(this: Document, ability: AnyMongoAbility, action?: string) {\n return permittedFieldsOf(ability, action || 'read', this, {\n fieldsFrom: fieldsFrom(schema, options)\n });\n }\n\n function modelAccessibleFields(this: Model<unknown>, ability: AnyMongoAbility, action?: string) {\n const document = { constructor: this };\n return permittedFieldsOf(ability, action || 'read', document, {\n fieldsFrom: fieldsFrom(schema, options)\n });\n }\n\n schema.statics.accessibleFieldsBy = modelAccessibleFields;\n schema.method('accessibleFieldsBy', istanceAccessibleFields);\n}\n"],"names":["convertToMongoQuery","rule","conditions","inverted","$nor","toMongoQuery","ability","subjectType","action","rulesToQuery","accessibleBy","Proxy","_ability","_action","accessibleByProxyHandlers","EMPTY_RESULT_QUERY","$expr","$eq","get","target","query","failedQuery","modelName","where","anyQuery","pre","cb","error","ForbiddenError","from","unlessCan","baseQuery","detectSubjectType","constructor","model","TypeError","and","modelAccessibleBy","this","queryAccessibleBy","accessibleRecordsPlugin","schema","statics","getSchemaPaths","Object","keys","paths","fieldsOf","options","fields","getFields","excludedFields","wrapArray","except","filter","field","indexOf","modelFieldsGetter","fieldsFrom","ALL_FIELDS","only","accessibleFieldsPlugin","rawOptions","assign","istanceAccessibleFields","permittedFieldsOf","modelAccessibleFields","document","accessibleFieldsBy","method"],"mappings":"iFAGA,SAASA,EAAoBC,GAC3B,MAAMC,EAAaD,EAAKC,WACxB,OAAOD,EAAKE,SAAW,CAAEC,KAAM,CAACF,IAAgBA,CAClD,CAOO,SAASG,EACdC,EACAC,EACAC,EAAuC,QAEvC,OAAOC,EAAYA,aAACH,EAASE,EAAQD,EAAaP,EACpD,CAUO,SAASU,EACdJ,EACAE,EAAuC,QAEvC,OAAO,IAAIG,MAAM,CACfC,EAAUN,EACVO,EAASL,GACRM,EACL,CAEO,MAAMC,EAAqB,CAAEC,MAAO,CAAEC,IAAK,CAAC,EAAG,KACtD,MAAMH,EAA0F,CAC9FI,GAAAA,CAAIC,EAAQZ,GACV,MAAMa,EAAQX,EAAYA,aAACU,EAAOP,EAAUO,EAAON,EAASN,EAAaP,GACzE,OAAOoB,IAAU,KAAOL,EAAqBK,CAC/C,GCxCF,SAASC,EACPf,EACAE,EACAc,EACAF,GAEAA,EAAMG,MAAMR,GACZ,MAAMS,EAAgBJ,EAEtB,UAAWI,EAASC,MAAQ,WAC1BD,EAASC,KAAKC,IACZ,MAAMC,EAAQC,EAAcA,eAACC,KAAKvB,GAASwB,UAAUtB,EAAQc,GAC7DI,EAAGC,EAAM,IAIb,OAAOP,CACT,CAEA,SAASV,EACPqB,EACAzB,EACAE,GAEA,MAAMD,EAAcD,EAAQ0B,kBAAkB,CAC5CC,YAAaF,EAAUG,QAGzB,IAAK3B,EACH,MAAM,IAAI4B,UAAW,kCAAiCJ,EAAUG,MAAMZ,2CAGxE,MAAMF,EAAQf,EAAaC,EAASC,EAAaC,GAEjD,GAAIY,IAAU,KACZ,OAAOC,EAAYf,EAASE,GAAU,OAAQD,EAAawB,EAAUR,SAGvE,OAAOQ,EAAUK,IAAI,CAAChB,GACxB,CAsCA,SAASiB,EAAwC/B,EAA0BE,GACzE,OAAOE,EAAa4B,KAAKf,QAASjB,EAASE,EAC7C,CAEA,SAAS+B,EAEPjC,EACAE,GAEA,OAAOE,EAAa4B,KAAMhC,EAASE,EACrC,CAEO,SAASgC,EAAwBC,GACrCA,EAAOrB,MAAkCV,aAAe6B,EACzDE,EAAOC,QAAQhC,aAAe2B,CAChC,CCtFaM,MAAAA,EAAuDF,GAAUG,OAAOC,KAAMJ,EAA6BK,OAExH,SAASC,EAASN,EAA0BO,GAC1C,MAAMC,EAASD,EAAQE,UAAWT,GAElC,IAAKO,KAAa,WAAYA,GAC5B,OAAOC,EAGT,MAAME,EAAiBC,EAAAA,UAAUJ,EAAQK,QACzC,OAAOJ,EAAOK,QAAOC,GAASJ,EAAeK,QAAQD,MAAY,GACnE,CA2BA,SAASE,IACP,IAAIC,EACJ,MAAO,CAACjB,EAAqBO,KAC3B,IAAKU,EAAY,CACf,MAAMC,EAAaX,GAAW,SAAUA,EACpCI,EAASA,UAACJ,EAAQY,MAClBb,EAASN,EAAQO,GACrBU,EAAazD,GAAQA,EAAKgD,QAAUU,CACtC,CAEA,OAAOD,CAAU,CAErB,CAEO,SAASG,EACdpB,EACAqB,GAEA,MAAMd,EAAOJ,OAAAmB,OAAA,CAAKb,UAAWP,GAAmBmB,GAChD,MAAMJ,EAAaD,IAEnB,SAASO,EAAwC1D,EAA0BE,GACzE,OAAOyD,EAAiBA,kBAAC3D,EAASE,GAAU,OAAQ8B,KAAM,CACxDoB,WAAYA,EAAWjB,EAAQO,IAEnC,CAEA,SAASkB,EAA4C5D,EAA0BE,GAC7E,MAAM2D,EAAW,CAAElC,YAAaK,MAChC,OAAO2B,EAAiBA,kBAAC3D,EAASE,GAAU,OAAQ2D,EAAU,CAC5DT,WAAYA,EAAWjB,EAAQO,IAEnC,CAEAP,EAAOC,QAAQ0B,mBAAqBF,EACpCzB,EAAO4B,OAAO,qBAAsBL,EACtC"}
|
package/dist/es6m/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","sources":["../../src/mongo.ts","../../src/accessible_records.ts","../../src/accessible_fields.ts"],"sourcesContent":["import { AnyMongoAbility } from '@casl/ability';\nimport { AbilityQuery, rulesToQuery } from '@casl/ability/extra';\n\nfunction convertToMongoQuery(rule: AnyMongoAbility['rules'][number]) {\n const conditions = rule.conditions!;\n return rule.inverted ? { $nor: [conditions] } : conditions;\n}\n\n/**\n * @deprecated use accessibleBy instead\n *\n * Converts ability action + subjectType to MongoDB query\n */\nexport function toMongoQuery<T extends AnyMongoAbility>(\n ability: T,\n subjectType: Parameters<T['rulesFor']>[1],\n action: Parameters<T['rulesFor']>[0] = 'read'\n): AbilityQuery | null {\n return rulesToQuery(ability, action, subjectType, convertToMongoQuery);\n}\n\nexport interface RecordTypes {\n}\ntype StringOrKeysOf<T> = keyof T extends never ? string : keyof T;\n\n/**\n * Returns Mongo query per record type (i.e., entity type) based on provided Ability and action.\n * In case action is not allowed, it returns `{ $expr: false }`\n */\nexport function accessibleBy<T extends AnyMongoAbility>(\n ability: T,\n action: Parameters<T['rulesFor']>[0] = 'read'\n): Record<StringOrKeysOf<RecordTypes>, AbilityQuery> {\n return new Proxy({\n _ability: ability,\n _action: action\n }, accessibleByProxyHandlers) as unknown as Record<StringOrKeysOf<RecordTypes>, AbilityQuery>;\n}\n\nexport const EMPTY_RESULT_QUERY = { $expr: { $eq: [0, 1] } };\nconst accessibleByProxyHandlers: ProxyHandler<{ _ability: AnyMongoAbility, _action: string }> = {\n get(target, subjectType) {\n const query = rulesToQuery(target._ability, target._action, subjectType, convertToMongoQuery);\n return query === null ? EMPTY_RESULT_QUERY : query;\n }\n};\n","import { Normalize, AnyMongoAbility, Generics, ForbiddenError } from '@casl/ability';\nimport { Schema, QueryWithHelpers, Model, Document, HydratedDocument, Query } from 'mongoose';\nimport { EMPTY_RESULT_QUERY, toMongoQuery } from './mongo';\n\nfunction failedQuery(\n ability: AnyMongoAbility,\n action: string,\n modelName: string,\n query: QueryWithHelpers<Document, Document>\n) {\n query.where(EMPTY_RESULT_QUERY);\n const anyQuery: any = query;\n\n if (typeof anyQuery.pre === 'function') {\n anyQuery.pre((cb: (error?: Error) => void) => {\n const error = ForbiddenError.from(ability).unlessCan(action, modelName);\n cb(error);\n });\n }\n\n return query;\n}\n\nfunction accessibleBy<T extends AnyMongoAbility>(\n baseQuery: Query<any, any>,\n ability: T,\n action?: Normalize<Generics<T>['abilities']>[0]\n): QueryWithHelpers<Document, Document> {\n const subjectType = ability.detectSubjectType({\n constructor: baseQuery.model\n });\n\n if (!subjectType) {\n throw new TypeError(`Cannot detect subject type of \"${baseQuery.model.modelName}\" to return accessible records`);\n }\n\n const query = toMongoQuery(ability, subjectType, action);\n\n if (query === null) {\n return failedQuery(ability, action || 'read', subjectType, baseQuery.where());\n }\n\n return baseQuery.and([query]);\n}\n\ntype GetAccessibleRecords<T, TQueryHelpers, TMethods, TVirtuals> = <U extends AnyMongoAbility>(\n ability: U,\n action?: Normalize<Generics<U>['abilities']>[0]\n) => QueryWithHelpers<\nArray<T>,\nT,\nAccessibleRecordQueryHelpers<T, TQueryHelpers, TMethods, TVirtuals>\n>;\n\nexport type AccessibleRecordQueryHelpers<T, TQueryHelpers = {}, TMethods = {}, TVirtuals = {}> = {\n /** @deprecated use accessibleBy helper instead */\n accessibleBy: GetAccessibleRecords<\n HydratedDocument<T, TMethods, TVirtuals>,\n TQueryHelpers,\n TMethods,\n TVirtuals\n >\n};\nexport interface AccessibleRecordModel<\n T,\n TQueryHelpers = {},\n TMethods = {},\n TVirtuals = {}\n> extends Model<T,\n TQueryHelpers & AccessibleRecordQueryHelpers<T, TQueryHelpers, TMethods, TVirtuals>,\n TMethods,\n TVirtuals> {\n /** @deprecated use accessibleBy helper instead */\n accessibleBy: GetAccessibleRecords<\n HydratedDocument<T, TMethods, TVirtuals>,\n TQueryHelpers,\n TMethods,\n TVirtuals\n >\n}\n\nfunction modelAccessibleBy(this: Model<unknown>, ability: AnyMongoAbility, action?: string) {\n return accessibleBy(this.where(), ability, action);\n}\n\nfunction queryAccessibleBy(\n this: Query<unknown, unknown>,\n ability: AnyMongoAbility,\n action?: string\n) {\n return accessibleBy(this, ability, action);\n}\n\nexport function accessibleRecordsPlugin(schema: Schema<any>): void {\n (schema.query as Record<string, unknown>).accessibleBy = queryAccessibleBy;\n schema.statics.accessibleBy = modelAccessibleBy;\n}\n","import { wrapArray, Normalize, AnyMongoAbility, Generics } from '@casl/ability';\nimport { permittedFieldsOf, PermittedFieldsOptions } from '@casl/ability/extra';\nimport type { Schema, Model, Document } from 'mongoose';\n\nexport type AccessibleFieldsOptions =\n {\n getFields(schema: Schema<Document>): string[]\n } &\n ({ only: string | string[] } | { except: string | string[] });\n\nexport const getSchemaPaths: AccessibleFieldsOptions['getFields'] = schema => Object.keys((schema as { paths: object }).paths);\n\nfunction fieldsOf(schema: Schema<Document>, options: Partial<AccessibleFieldsOptions>) {\n const fields = options.getFields!(schema);\n\n if (!options || !('except' in options)) {\n return fields;\n }\n\n const excludedFields = wrapArray(options.except);\n return fields.filter(field => excludedFields.indexOf(field) === -1);\n}\n\ntype GetAccessibleFields<T> = <U extends AnyMongoAbility>(\n this: Model<T> | T,\n ability: U,\n action?: Normalize<Generics<U>['abilities']>[0]\n) => string[];\n\nexport interface AccessibleFieldsModel<\n T,\n TQueryHelpers = {},\n TMethods = {},\n TVirtuals = {}\n> extends Model<T, TQueryHelpers, TMethods & AccessibleFieldDocumentMethods<T>, TVirtuals> {\n accessibleFieldsBy: GetAccessibleFields<T>\n}\n\nexport interface AccessibleFieldDocumentMethods<T = Document> {\n accessibleFieldsBy: GetAccessibleFields<T>\n}\n\n/**\n * @deprecated Mongoose recommends against `extends Document`, prefer to use `AccessibleFieldsModel` instead.\n * See here: https://mongoosejs.com/docs/typescript.html#using-extends-document\n */\nexport interface AccessibleFieldsDocument extends Document, AccessibleFieldDocumentMethods {}\n\nfunction modelFieldsGetter() {\n let fieldsFrom: PermittedFieldsOptions<AnyMongoAbility>['fieldsFrom'];\n return (schema: Schema<any>, options: Partial<AccessibleFieldsOptions>) => {\n if (!fieldsFrom) {\n const ALL_FIELDS = options && 'only' in options\n ? wrapArray(options.only as string[])\n : fieldsOf(schema, options);\n fieldsFrom = rule => rule.fields || ALL_FIELDS;\n }\n\n return fieldsFrom;\n };\n}\n\nexport function accessibleFieldsPlugin(\n schema: Schema<any>,\n rawOptions?: Partial<AccessibleFieldsOptions>\n): void {\n const options = { getFields: getSchemaPaths, ...rawOptions };\n const fieldsFrom = modelFieldsGetter();\n\n function istanceAccessibleFields(this: Document, ability: AnyMongoAbility, action?: string) {\n return permittedFieldsOf(ability, action || 'read', this, {\n fieldsFrom: fieldsFrom(schema, options)\n });\n }\n\n function modelAccessibleFields(this: Model<unknown>, ability: AnyMongoAbility, action?: string) {\n const document = { constructor: this };\n return permittedFieldsOf(ability, action || 'read', document, {\n fieldsFrom: fieldsFrom(schema, options)\n });\n }\n\n schema.statics.accessibleFieldsBy = modelAccessibleFields;\n schema.method('accessibleFieldsBy', istanceAccessibleFields);\n}\n"],"names":["convertToMongoQuery","rule","conditions","inverted","$nor","toMongoQuery","ability","subjectType","action","rulesToQuery","accessibleBy","Proxy","_ability","_action","accessibleByProxyHandlers","EMPTY_RESULT_QUERY","$expr","$eq","get","target","query","failedQuery","modelName","where","anyQuery","pre","cb","error","ForbiddenError","from","unlessCan","baseQuery","detectSubjectType","constructor","model","TypeError","and","modelAccessibleBy","this","queryAccessibleBy","accessibleRecordsPlugin","schema","statics","getSchemaPaths","Object","keys","paths","fieldsOf","options","fields","getFields","excludedFields","wrapArray","except","filter","field","indexOf","modelFieldsGetter","fieldsFrom","ALL_FIELDS","only","accessibleFieldsPlugin","rawOptions","assign","istanceAccessibleFields","permittedFieldsOf","modelAccessibleFields","document","accessibleFieldsBy","method"],"mappings":"wIAGA,SAASA,EAAoBC,GAC3B,MAAMC,EAAaD,EAAKC,WACxB,OAAOD,EAAKE,SAAW,CAAEC,KAAM,CAACF,IAAgBA,CAClD,CAOO,SAASG,EACdC,EACAC,EACAC,EAAuC,QAEvC,OAAOC,EAAaH,EAASE,EAAQD,EAAaP,EACpD,CAUO,SAASU,EACdJ,EACAE,EAAuC,QAEvC,OAAO,IAAIG,MAAM,CACfC,EAAUN,EACVO,EAASL,GACRM,EACL,CAEO,MAAMC,EAAqB,CAAEC,MAAO,CAAEC,IAAK,CAAC,EAAG,KACtD,MAAMH,EAA0F,CAC9FI,IAAIC,EAAQZ,GACV,MAAMa,EAAQX,EAAaU,EAAOP,EAAUO,EAAON,EAASN,EAAaP,GACzE,OAAOoB,IAAU,KAAOL,EAAqBK,CAC/C,GCxCF,SAASC,EACPf,EACAE,EACAc,EACAF,GAEAA,EAAMG,MAAMR,GACZ,MAAMS,EAAgBJ,EAEtB,UAAWI,EAASC,MAAQ,WAC1BD,EAASC,KAAKC,IACZ,MAAMC,EAAQC,EAAeC,KAAKvB,GAASwB,UAAUtB,EAAQc,GAC7DI,EAAGC,EAAM,IAIb,OAAOP,CACT,CAEA,SAASV,EACPqB,EACAzB,EACAE,GAEA,MAAMD,EAAcD,EAAQ0B,kBAAkB,CAC5CC,YAAaF,EAAUG,QAGzB,IAAK3B,EACH,MAAM,IAAI4B,UAAW,kCAAiCJ,EAAUG,MAAMZ,2CAGxE,MAAMF,EAAQf,EAAaC,EAASC,EAAaC,GAEjD,GAAIY,IAAU,KACZ,OAAOC,EAAYf,EAASE,GAAU,OAAQD,EAAawB,EAAUR,SAGvE,OAAOQ,EAAUK,IAAI,CAAChB,GACxB,CAsCA,SAASiB,EAAwC/B,EAA0BE,GACzE,OAAOE,EAAa4B,KAAKf,QAASjB,EAASE,EAC7C,CAEA,SAAS+B,EAEPjC,EACAE,GAEA,OAAOE,EAAa4B,KAAMhC,EAASE,EACrC,CAEO,SAASgC,EAAwBC,GACrCA,EAAOrB,MAAkCV,aAAe6B,EACzDE,EAAOC,QAAQhC,aAAe2B,CAChC,CCtFaM,MAAAA,EAAuDF,GAAUG,OAAOC,KAAMJ,EAA6BK,OAExH,SAASC,EAASN,EAA0BO,GAC1C,MAAMC,EAASD,EAAQE,UAAWT,GAElC,IAAKO,KAAa,WAAYA,GAC5B,OAAOC,EAGT,MAAME,EAAiBC,EAAUJ,EAAQK,QACzC,OAAOJ,EAAOK,QAAOC,GAASJ,EAAeK,QAAQD,MAAY,GACnE,CA2BA,SAASE,IACP,IAAIC,EACJ,MAAO,CAACjB,EAAqBO,KAC3B,IAAKU,EAAY,CACf,MAAMC,EAAaX,GAAW,SAAUA,EACpCI,EAAUJ,EAAQY,MAClBb,EAASN,EAAQO,GACrBU,EAAazD,GAAQA,EAAKgD,QAAUU,CACtC,CAEA,OAAOD,CAAU,CAErB,CAEO,SAASG,EACdpB,EACAqB,GAEA,MAAMd,EAAOJ,OAAAmB,OAAA,CAAKb,UAAWP,GAAmBmB,GAChD,MAAMJ,EAAaD,IAEnB,SAASO,EAAwC1D,EAA0BE,GACzE,OAAOyD,EAAkB3D,EAASE,GAAU,OAAQ8B,KAAM,CACxDoB,WAAYA,EAAWjB,EAAQO,IAEnC,CAEA,SAASkB,EAA4C5D,EAA0BE,GAC7E,MAAM2D,EAAW,CAAElC,YAAaK,MAChC,OAAO2B,EAAkB3D,EAASE,GAAU,OAAQ2D,EAAU,CAC5DT,WAAYA,EAAWjB,EAAQO,IAEnC,CAEAP,EAAOC,QAAQ0B,mBAAqBF,EACpCzB,EAAO4B,OAAO,qBAAsBL,EACtC"}
|
|
1
|
+
{"version":3,"file":"index.mjs","sources":["../../src/mongo.ts","../../src/accessible_records.ts","../../src/accessible_fields.ts"],"sourcesContent":["import { AnyMongoAbility } from '@casl/ability';\nimport { AbilityQuery, rulesToQuery } from '@casl/ability/extra';\n\nfunction convertToMongoQuery(rule: AnyMongoAbility['rules'][number]) {\n const conditions = rule.conditions!;\n return rule.inverted ? { $nor: [conditions] } : conditions;\n}\n\n/**\n * @deprecated use accessibleBy instead\n *\n * Converts ability action + subjectType to MongoDB query\n */\nexport function toMongoQuery<T extends AnyMongoAbility>(\n ability: T,\n subjectType: Parameters<T['rulesFor']>[1],\n action: Parameters<T['rulesFor']>[0] = 'read'\n): AbilityQuery | null {\n return rulesToQuery(ability, action, subjectType, convertToMongoQuery);\n}\n\nexport interface RecordTypes {\n}\ntype StringOrKeysOf<T> = keyof T extends never ? string : keyof T;\n\n/**\n * Returns Mongo query per record type (i.e., entity type) based on provided Ability and action.\n * In case action is not allowed, it returns `{ $expr: false }`\n */\nexport function accessibleBy<T extends AnyMongoAbility>(\n ability: T,\n action: Parameters<T['rulesFor']>[0] = 'read'\n): Record<StringOrKeysOf<RecordTypes>, AbilityQuery> {\n return new Proxy({\n _ability: ability,\n _action: action\n }, accessibleByProxyHandlers) as unknown as Record<StringOrKeysOf<RecordTypes>, AbilityQuery>;\n}\n\nexport const EMPTY_RESULT_QUERY = { $expr: { $eq: [0, 1] } };\nconst accessibleByProxyHandlers: ProxyHandler<{ _ability: AnyMongoAbility, _action: string }> = {\n get(target, subjectType) {\n const query = rulesToQuery(target._ability, target._action, subjectType, convertToMongoQuery);\n return query === null ? EMPTY_RESULT_QUERY : query;\n }\n};\n","import { Normalize, AnyMongoAbility, Generics, ForbiddenError } from '@casl/ability';\nimport { Schema, QueryWithHelpers, Model, Document, HydratedDocument, Query } from 'mongoose';\nimport { EMPTY_RESULT_QUERY, toMongoQuery } from './mongo';\n\nfunction failedQuery(\n ability: AnyMongoAbility,\n action: string,\n modelName: string,\n query: QueryWithHelpers<Document, Document>\n) {\n query.where(EMPTY_RESULT_QUERY);\n const anyQuery: any = query;\n\n if (typeof anyQuery.pre === 'function') {\n anyQuery.pre((cb: (error?: Error) => void) => {\n const error = ForbiddenError.from(ability).unlessCan(action, modelName);\n cb(error);\n });\n }\n\n return query;\n}\n\nfunction accessibleBy<T extends AnyMongoAbility>(\n baseQuery: Query<any, any>,\n ability: T,\n action?: Normalize<Generics<T>['abilities']>[0]\n): QueryWithHelpers<Document, Document> {\n const subjectType = ability.detectSubjectType({\n constructor: baseQuery.model\n });\n\n if (!subjectType) {\n throw new TypeError(`Cannot detect subject type of \"${baseQuery.model.modelName}\" to return accessible records`);\n }\n\n const query = toMongoQuery(ability, subjectType, action);\n\n if (query === null) {\n return failedQuery(ability, action || 'read', subjectType, baseQuery.where());\n }\n\n return baseQuery.and([query]);\n}\n\ntype GetAccessibleRecords<T, TQueryHelpers, TMethods, TVirtuals> = <U extends AnyMongoAbility>(\n ability: U,\n action?: Normalize<Generics<U>['abilities']>[0]\n) => QueryWithHelpers<\nArray<T>,\nT,\nAccessibleRecordQueryHelpers<T, TQueryHelpers, TMethods, TVirtuals>\n>;\n\nexport type AccessibleRecordQueryHelpers<T, TQueryHelpers = {}, TMethods = {}, TVirtuals = {}> = {\n /** @deprecated use accessibleBy helper instead */\n accessibleBy: GetAccessibleRecords<\n HydratedDocument<T, TMethods, TVirtuals>,\n TQueryHelpers,\n TMethods,\n TVirtuals\n >\n};\nexport interface AccessibleRecordModel<\n T,\n TQueryHelpers = {},\n TMethods = {},\n TVirtuals = {}\n> extends Model<T,\n TQueryHelpers & AccessibleRecordQueryHelpers<T, TQueryHelpers, TMethods, TVirtuals>,\n TMethods,\n TVirtuals> {\n /** @deprecated use accessibleBy helper instead */\n accessibleBy: GetAccessibleRecords<\n HydratedDocument<T, TMethods, TVirtuals>,\n TQueryHelpers,\n TMethods,\n TVirtuals\n >\n}\n\nfunction modelAccessibleBy(this: Model<unknown>, ability: AnyMongoAbility, action?: string) {\n return accessibleBy(this.where(), ability, action);\n}\n\nfunction queryAccessibleBy(\n this: Query<unknown, unknown>,\n ability: AnyMongoAbility,\n action?: string\n) {\n return accessibleBy(this, ability, action);\n}\n\nexport function accessibleRecordsPlugin(schema: Schema<any>): void {\n (schema.query as Record<string, unknown>).accessibleBy = queryAccessibleBy;\n schema.statics.accessibleBy = modelAccessibleBy;\n}\n","import { wrapArray, Normalize, AnyMongoAbility, Generics } from '@casl/ability';\nimport { permittedFieldsOf, PermittedFieldsOptions } from '@casl/ability/extra';\nimport type { Schema, Model, Document } from 'mongoose';\n\nexport type AccessibleFieldsOptions =\n {\n getFields(schema: Schema<Document>): string[]\n } &\n ({ only: string | string[] } | { except: string | string[] });\n\nexport const getSchemaPaths: AccessibleFieldsOptions['getFields'] = schema => Object.keys((schema as { paths: object }).paths);\n\nfunction fieldsOf(schema: Schema<Document>, options: Partial<AccessibleFieldsOptions>) {\n const fields = options.getFields!(schema);\n\n if (!options || !('except' in options)) {\n return fields;\n }\n\n const excludedFields = wrapArray(options.except);\n return fields.filter(field => excludedFields.indexOf(field) === -1);\n}\n\ntype GetAccessibleFields<T> = <U extends AnyMongoAbility>(\n this: Model<T> | T,\n ability: U,\n action?: Normalize<Generics<U>['abilities']>[0]\n) => string[];\n\nexport interface AccessibleFieldsModel<\n T,\n TQueryHelpers = {},\n TMethods = {},\n TVirtuals = {}\n> extends Model<T, TQueryHelpers, TMethods & AccessibleFieldDocumentMethods<T>, TVirtuals> {\n accessibleFieldsBy: GetAccessibleFields<T>\n}\n\nexport interface AccessibleFieldDocumentMethods<T = Document> {\n accessibleFieldsBy: GetAccessibleFields<T>\n}\n\n/**\n * @deprecated Mongoose recommends against `extends Document`, prefer to use `AccessibleFieldsModel` instead.\n * See here: https://mongoosejs.com/docs/typescript.html#using-extends-document\n */\nexport interface AccessibleFieldsDocument extends Document, AccessibleFieldDocumentMethods {}\n\nfunction modelFieldsGetter() {\n let fieldsFrom: PermittedFieldsOptions<AnyMongoAbility>['fieldsFrom'];\n return (schema: Schema<any>, options: Partial<AccessibleFieldsOptions>) => {\n if (!fieldsFrom) {\n const ALL_FIELDS = options && 'only' in options\n ? wrapArray(options.only as string[])\n : fieldsOf(schema, options);\n fieldsFrom = rule => rule.fields || ALL_FIELDS;\n }\n\n return fieldsFrom;\n };\n}\n\nexport function accessibleFieldsPlugin(\n schema: Schema<any>,\n rawOptions?: Partial<AccessibleFieldsOptions>\n): void {\n const options = { getFields: getSchemaPaths, ...rawOptions };\n const fieldsFrom = modelFieldsGetter();\n\n function istanceAccessibleFields(this: Document, ability: AnyMongoAbility, action?: string) {\n return permittedFieldsOf(ability, action || 'read', this, {\n fieldsFrom: fieldsFrom(schema, options)\n });\n }\n\n function modelAccessibleFields(this: Model<unknown>, ability: AnyMongoAbility, action?: string) {\n const document = { constructor: this };\n return permittedFieldsOf(ability, action || 'read', document, {\n fieldsFrom: fieldsFrom(schema, options)\n });\n }\n\n schema.statics.accessibleFieldsBy = modelAccessibleFields;\n schema.method('accessibleFieldsBy', istanceAccessibleFields);\n}\n"],"names":["convertToMongoQuery","rule","conditions","inverted","$nor","toMongoQuery","ability","subjectType","action","rulesToQuery","accessibleBy","Proxy","_ability","_action","accessibleByProxyHandlers","EMPTY_RESULT_QUERY","$expr","$eq","get","target","query","failedQuery","modelName","where","anyQuery","pre","cb","error","ForbiddenError","from","unlessCan","baseQuery","detectSubjectType","constructor","model","TypeError","and","modelAccessibleBy","this","queryAccessibleBy","accessibleRecordsPlugin","schema","statics","getSchemaPaths","Object","keys","paths","fieldsOf","options","fields","getFields","excludedFields","wrapArray","except","filter","field","indexOf","modelFieldsGetter","fieldsFrom","ALL_FIELDS","only","accessibleFieldsPlugin","rawOptions","assign","istanceAccessibleFields","permittedFieldsOf","modelAccessibleFields","document","accessibleFieldsBy","method"],"mappings":"wIAGA,SAASA,EAAoBC,GAC3B,MAAMC,EAAaD,EAAKC,WACxB,OAAOD,EAAKE,SAAW,CAAEC,KAAM,CAACF,IAAgBA,CAClD,CAOO,SAASG,EACdC,EACAC,EACAC,EAAuC,QAEvC,OAAOC,EAAaH,EAASE,EAAQD,EAAaP,EACpD,CAUO,SAASU,EACdJ,EACAE,EAAuC,QAEvC,OAAO,IAAIG,MAAM,CACfC,EAAUN,EACVO,EAASL,GACRM,EACL,CAEO,MAAMC,EAAqB,CAAEC,MAAO,CAAEC,IAAK,CAAC,EAAG,KACtD,MAAMH,EAA0F,CAC9FI,GAAAA,CAAIC,EAAQZ,GACV,MAAMa,EAAQX,EAAaU,EAAOP,EAAUO,EAAON,EAASN,EAAaP,GACzE,OAAOoB,IAAU,KAAOL,EAAqBK,CAC/C,GCxCF,SAASC,EACPf,EACAE,EACAc,EACAF,GAEAA,EAAMG,MAAMR,GACZ,MAAMS,EAAgBJ,EAEtB,UAAWI,EAASC,MAAQ,WAC1BD,EAASC,KAAKC,IACZ,MAAMC,EAAQC,EAAeC,KAAKvB,GAASwB,UAAUtB,EAAQc,GAC7DI,EAAGC,EAAM,IAIb,OAAOP,CACT,CAEA,SAASV,EACPqB,EACAzB,EACAE,GAEA,MAAMD,EAAcD,EAAQ0B,kBAAkB,CAC5CC,YAAaF,EAAUG,QAGzB,IAAK3B,EACH,MAAM,IAAI4B,UAAW,kCAAiCJ,EAAUG,MAAMZ,2CAGxE,MAAMF,EAAQf,EAAaC,EAASC,EAAaC,GAEjD,GAAIY,IAAU,KACZ,OAAOC,EAAYf,EAASE,GAAU,OAAQD,EAAawB,EAAUR,SAGvE,OAAOQ,EAAUK,IAAI,CAAChB,GACxB,CAsCA,SAASiB,EAAwC/B,EAA0BE,GACzE,OAAOE,EAAa4B,KAAKf,QAASjB,EAASE,EAC7C,CAEA,SAAS+B,EAEPjC,EACAE,GAEA,OAAOE,EAAa4B,KAAMhC,EAASE,EACrC,CAEO,SAASgC,EAAwBC,GACrCA,EAAOrB,MAAkCV,aAAe6B,EACzDE,EAAOC,QAAQhC,aAAe2B,CAChC,CCtFaM,MAAAA,EAAuDF,GAAUG,OAAOC,KAAMJ,EAA6BK,OAExH,SAASC,EAASN,EAA0BO,GAC1C,MAAMC,EAASD,EAAQE,UAAWT,GAElC,IAAKO,KAAa,WAAYA,GAC5B,OAAOC,EAGT,MAAME,EAAiBC,EAAUJ,EAAQK,QACzC,OAAOJ,EAAOK,QAAOC,GAASJ,EAAeK,QAAQD,MAAY,GACnE,CA2BA,SAASE,IACP,IAAIC,EACJ,MAAO,CAACjB,EAAqBO,KAC3B,IAAKU,EAAY,CACf,MAAMC,EAAaX,GAAW,SAAUA,EACpCI,EAAUJ,EAAQY,MAClBb,EAASN,EAAQO,GACrBU,EAAazD,GAAQA,EAAKgD,QAAUU,CACtC,CAEA,OAAOD,CAAU,CAErB,CAEO,SAASG,EACdpB,EACAqB,GAEA,MAAMd,EAAOJ,OAAAmB,OAAA,CAAKb,UAAWP,GAAmBmB,GAChD,MAAMJ,EAAaD,IAEnB,SAASO,EAAwC1D,EAA0BE,GACzE,OAAOyD,EAAkB3D,EAASE,GAAU,OAAQ8B,KAAM,CACxDoB,WAAYA,EAAWjB,EAAQO,IAEnC,CAEA,SAASkB,EAA4C5D,EAA0BE,GAC7E,MAAM2D,EAAW,CAAElC,YAAaK,MAChC,OAAO2B,EAAkB3D,EAASE,GAAU,OAAQ2D,EAAU,CAC5DT,WAAYA,EAAWjB,EAAQO,IAEnC,CAEAP,EAAOC,QAAQ0B,mBAAqBF,EACpCzB,EAAO4B,OAAO,qBAAsBL,EACtC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@casl/mongoose",
|
|
3
|
-
"version": "7.2.
|
|
3
|
+
"version": "7.2.2",
|
|
4
4
|
"description": "Allows to query accessible records from MongoDB based on CASL rules",
|
|
5
5
|
"main": "dist/es6c/index.js",
|
|
6
6
|
"es2015": "dist/es6m/index.mjs",
|
|
@@ -41,7 +41,7 @@
|
|
|
41
41
|
"license": "MIT",
|
|
42
42
|
"peerDependencies": {
|
|
43
43
|
"@casl/ability": "^6.3.2",
|
|
44
|
-
"mongoose": "^6.0.13 || ^7.0.0"
|
|
44
|
+
"mongoose": "^6.0.13 || ^7.0.0 || ^8.0.0"
|
|
45
45
|
},
|
|
46
46
|
"devDependencies": {
|
|
47
47
|
"@casl/ability": "^6.0.0",
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
"@types/jest": "^29.0.0",
|
|
50
50
|
"chai": "^4.1.0",
|
|
51
51
|
"chai-spies": "^1.0.0",
|
|
52
|
-
"mongoose": "^
|
|
52
|
+
"mongoose": "^8.0.0"
|
|
53
53
|
},
|
|
54
54
|
"files": [
|
|
55
55
|
"dist",
|