@cfast/permissions 0.4.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -75,6 +75,23 @@ type TableName<TTables extends SchemaMap> = Extract<keyof TTables, string> | Sql
|
|
|
75
75
|
* - The literal `"all"` for grants that apply to every table.
|
|
76
76
|
*/
|
|
77
77
|
type SubjectInput<TTables extends SchemaMap = SchemaMap> = DrizzleTable | TableName<TTables> | "all";
|
|
78
|
+
/**
|
|
79
|
+
* Structural shape of a Drizzle table that exposes its column map.
|
|
80
|
+
* @internal
|
|
81
|
+
*/
|
|
82
|
+
type TableWithColumns = {
|
|
83
|
+
_: {
|
|
84
|
+
columns: Record<string, unknown>;
|
|
85
|
+
};
|
|
86
|
+
};
|
|
87
|
+
/**
|
|
88
|
+
* Resolves the column map for a grant subject.
|
|
89
|
+
*
|
|
90
|
+
* - **Drizzle table object** — extracts `T["_"]["columns"]`.
|
|
91
|
+
* - **JS-key string** (`keyof TTables`) — schema lookup to extract columns.
|
|
92
|
+
* - **SQL-name string** / **`"all"`** — falls back to `Record<string, unknown>`.
|
|
93
|
+
*/
|
|
94
|
+
type ColumnsOf<TSubject, TTables extends SchemaMap = SchemaMap> = TSubject extends "all" ? Record<string, unknown> : TSubject extends TableWithColumns ? TSubject["_"]["columns"] : TSubject extends Extract<keyof TTables, string> ? TTables[TSubject] extends TableWithColumns ? TTables[TSubject]["_"]["columns"] : Record<string, unknown> : Record<string, unknown>;
|
|
78
95
|
/**
|
|
79
96
|
* Extracts the table name string from a Drizzle table reference, or returns
|
|
80
97
|
* a string subject as-is.
|
|
@@ -244,7 +261,7 @@ type Grant = {
|
|
|
244
261
|
* @typeParam TTables - Optional schema map (e.g. `typeof schema`) used to
|
|
245
262
|
* constrain string subjects to known table-name literals.
|
|
246
263
|
*/
|
|
247
|
-
type GrantFn<TUser, TTables extends SchemaMap = SchemaMap> = <TWith extends WithLookups<TUser> = WithLookups<TUser>>(action: PermissionAction, subject:
|
|
264
|
+
type GrantFn<TUser, TTables extends SchemaMap = SchemaMap> = <TSubject extends SubjectInput<TTables>, TWith extends WithLookups<TUser> = WithLookups<TUser>>(action: PermissionAction, subject: TSubject, options?: {
|
|
248
265
|
/**
|
|
249
266
|
* Prerequisite lookups whose resolved values are passed to {@link where}
|
|
250
267
|
* via its third argument. See {@link Grant.with}.
|
|
@@ -255,7 +272,7 @@ type GrantFn<TUser, TTables extends SchemaMap = SchemaMap> = <TWith extends With
|
|
|
255
272
|
* {@link with}, keyed by the same names; pass an empty `with` map (or
|
|
256
273
|
* omit it) when the filter does not need cross-table data.
|
|
257
274
|
*/
|
|
258
|
-
where?: (columns:
|
|
275
|
+
where?: (columns: ColumnsOf<TSubject, TTables>, user: TUser, lookups: {
|
|
259
276
|
[K in keyof TWith]: Awaited<ReturnType<TWith[K]>>;
|
|
260
277
|
}) => DrizzleSQL | undefined;
|
|
261
278
|
}) => Grant;
|
|
@@ -403,4 +420,4 @@ declare class PermissionRegistrationError extends Error {
|
|
|
403
420
|
constructor(subject: string, availableTables: readonly string[]);
|
|
404
421
|
}
|
|
405
422
|
|
|
406
|
-
export { CRUD_ACTIONS as C, type DrizzleTable as D, ForbiddenError as F, type Grant as G, type LookupDb as L, type PermissionsConfig as P, type SchemaMap as S, type TableName as T, type WithLookups as W, type Permissions as a, type PermissionAction as b, type SubjectInput as c, type WhereClause as d, type PermissionDescriptor as e, type PermissionCheckResult as f, type
|
|
423
|
+
export { CRUD_ACTIONS as C, type DrizzleTable as D, ForbiddenError as F, type Grant as G, type LookupDb as L, type PermissionsConfig as P, type SchemaMap as S, type TableName as T, type WithLookups as W, type Permissions as a, type PermissionAction as b, type SubjectInput as c, type WhereClause as d, type PermissionDescriptor as e, type PermissionCheckResult as f, type ColumnsOf as g, type CrudAction as h, type GrantFn as i, type LookupFn as j, PermissionRegistrationError as k, type SqlNameOf as l, getTableName as m };
|
package/dist/client.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
export {
|
|
1
|
+
export { h as CrudAction, F as ForbiddenError, b as PermissionAction, f as PermissionCheckResult, e as PermissionDescriptor } from './client-DpwiMpD0.js';
|
package/dist/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { P as PermissionsConfig, a as Permissions, S as SchemaMap, b as PermissionAction, c as SubjectInput, W as WithLookups, d as WhereClause, G as Grant, e as PermissionDescriptor, f as PermissionCheckResult } from './client-
|
|
2
|
-
export { C as CRUD_ACTIONS, g as CrudAction, D as DrizzleTable, F as ForbiddenError,
|
|
1
|
+
import { P as PermissionsConfig, a as Permissions, S as SchemaMap, b as PermissionAction, c as SubjectInput, W as WithLookups, d as WhereClause, G as Grant, e as PermissionDescriptor, f as PermissionCheckResult } from './client-DpwiMpD0.js';
|
|
2
|
+
export { C as CRUD_ACTIONS, g as ColumnsOf, h as CrudAction, D as DrizzleTable, F as ForbiddenError, i as GrantFn, L as LookupDb, j as LookupFn, k as PermissionRegistrationError, l as SqlNameOf, T as TableName, m as getTableName } from './client-DpwiMpD0.js';
|
|
3
3
|
|
|
4
4
|
/**
|
|
5
5
|
* Creates a permission configuration that can be shared between server-side
|