@dereekb/model 5.2.1 → 7.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +27 -0
- package/package.json +2 -2
- package/src/lib/index.d.ts +1 -0
- package/src/lib/index.js +1 -0
- package/src/lib/index.js.map +1 -1
- package/src/lib/service/context.d.ts +0 -0
- package/src/lib/service/context.js +2 -0
- package/src/lib/service/context.js.map +1 -0
- package/src/lib/service/index.d.ts +2 -0
- package/src/lib/service/index.js +6 -0
- package/src/lib/service/index.js.map +1 -0
- package/src/lib/service/loader/index.d.ts +1 -0
- package/src/lib/service/loader/index.js +5 -0
- package/src/lib/service/loader/index.js.map +1 -0
- package/src/lib/service/loader/model.loader.d.ts +13 -0
- package/src/lib/service/loader/model.loader.js +3 -0
- package/src/lib/service/loader/model.loader.js.map +1 -0
- package/src/lib/service/permission/index.d.ts +3 -0
- package/src/lib/service/permission/index.js +7 -0
- package/src/lib/service/permission/index.js.map +1 -0
- package/src/lib/service/permission/permission.d.ts +13 -0
- package/src/lib/service/permission/permission.js +21 -0
- package/src/lib/service/permission/permission.js.map +1 -0
- package/src/lib/service/permission/permission.service.d.ts +90 -0
- package/src/lib/service/permission/permission.service.js +50 -0
- package/src/lib/service/permission/permission.service.js.map +1 -0
- package/src/lib/service/permission/role.d.ts +71 -0
- package/src/lib/service/permission/role.js +79 -0
- package/src/lib/service/permission/role.js.map +1 -0
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,33 @@
|
|
|
2
2
|
|
|
3
3
|
This file was generated using [@jscutlery/semver](https://github.com/jscutlery/semver).
|
|
4
4
|
|
|
5
|
+
# [7.0.0](https://github.com/dereekb/dbx-components/compare/v6.0.0-dev...v7.0.0) (2022-06-05)
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
### Features
|
|
9
|
+
|
|
10
|
+
* added useModel to AbstractFirebaseNestContext ([29c1940](https://github.com/dereekb/dbx-components/commit/29c19402bff78d743d28ef88093757844f8ee5f7))
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
# [6.0.0](https://github.com/dereekb/dbx-components/compare/v5.3.0-dev...v6.0.0) (2022-06-03)
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
### Features
|
|
18
|
+
|
|
19
|
+
* added ContextGrantedModelRolesReader ([6fba1cc](https://github.com/dereekb/dbx-components/commit/6fba1cc637beeff55523df599eb88391352f9f58))
|
|
20
|
+
* added FirebaseModelService ([3876575](https://github.com/dereekb/dbx-components/commit/387657559a86908eee57326b655c63a0a836c239))
|
|
21
|
+
* added FirebaseModelsPermissionService ([9d75de4](https://github.com/dereekb/dbx-components/commit/9d75de4052dcfb15ef680d30f476ef494d8328a9))
|
|
22
|
+
* added firebaseModelsService ([7432e55](https://github.com/dereekb/dbx-components/commit/7432e55111cec66a239856ecb2db6adfc9e9780d))
|
|
23
|
+
* added grantedRoleMapReader ([11d2f17](https://github.com/dereekb/dbx-components/commit/11d2f1786f06024dfbbbfd9ac00e48791cbc0521))
|
|
24
|
+
* added InModelContextFirebaseModelServiceFactory ([9bf4697](https://github.com/dereekb/dbx-components/commit/9bf469731699a16ad27c96e3b149f552a429b471))
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
# [5.3.0](https://github.com/dereekb/dbx-components/compare/v5.2.1-dev...v5.3.0) (2022-05-30)
|
|
29
|
+
|
|
30
|
+
|
|
31
|
+
|
|
5
32
|
## [5.2.1](https://github.com/dereekb/dbx-components/compare/v5.2.0-dev...v5.2.1) (2022-05-29)
|
|
6
33
|
|
|
7
34
|
|
package/package.json
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dereekb/model",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "7.0.0",
|
|
4
4
|
"type": "commonjs",
|
|
5
5
|
"main": "./src/index.js",
|
|
6
6
|
"typings": "./src/index.d.ts",
|
|
7
7
|
"dependencies": {},
|
|
8
8
|
"peerDependencies": {
|
|
9
|
-
"@dereekb/util": "
|
|
9
|
+
"@dereekb/util": "7.0.0",
|
|
10
10
|
"make-error": "^1.3.0",
|
|
11
11
|
"extra-set": "^2.2.11",
|
|
12
12
|
"class-transformer": "^0.5.1",
|
package/src/lib/index.d.ts
CHANGED
package/src/lib/index.js
CHANGED
package/src/lib/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/model/src/lib/index.ts"],"names":[],"mappings":";;;AAAA,sDAA4B"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/model/src/lib/index.ts"],"names":[],"mappings":";;;AAAA,oDAA0B;AAC1B,sDAA4B"}
|
|
File without changes
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"context.js","sourceRoot":"","sources":["../../../../../../packages/model/src/lib/service/context.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/model/src/lib/service/index.ts"],"names":[],"mappings":";;;AAAA,mDAAyB;AACzB,uDAA6B"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export * from './model.loader';
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../../packages/model/src/lib/service/loader/index.ts"],"names":[],"mappings":";;;AAAA,yDAA+B"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { PromiseOrValue, Maybe, ModelKey } from '@dereekb/util';
|
|
2
|
+
/**
|
|
3
|
+
* Interface used to load models given a key.
|
|
4
|
+
*/
|
|
5
|
+
export interface ModelLoader<C, T> {
|
|
6
|
+
loadModelForKey(key: ModelKey, context: C): PromiseOrValue<Maybe<T>>;
|
|
7
|
+
}
|
|
8
|
+
/**
|
|
9
|
+
* ModelLoader that has a captured context.
|
|
10
|
+
*/
|
|
11
|
+
export interface InContextModelLoader<T> {
|
|
12
|
+
loadModelForKey(key: ModelKey): PromiseOrValue<Maybe<T>>;
|
|
13
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"model.loader.js","sourceRoot":"","sources":["../../../../../../../packages/model/src/lib/service/loader/model.loader.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const tslib_1 = require("tslib");
|
|
4
|
+
tslib_1.__exportStar(require("./role"), exports);
|
|
5
|
+
tslib_1.__exportStar(require("./permission.service"), exports);
|
|
6
|
+
tslib_1.__exportStar(require("./permission"), exports);
|
|
7
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../../packages/model/src/lib/service/permission/index.ts"],"names":[],"mappings":";;;AAAA,iDAAuB;AACvB,+DAAqC;AACrC,uDAA6B"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { Maybe } from '@dereekb/util';
|
|
2
|
+
import { GrantedRoleMap } from './role';
|
|
3
|
+
/**
|
|
4
|
+
* Object that contains granted roles, a model, and the context the roles were granted in.
|
|
5
|
+
*/
|
|
6
|
+
export interface ContextGrantedModelRoles<O, C = unknown, R extends string = string> {
|
|
7
|
+
readonly data: Maybe<O>;
|
|
8
|
+
readonly context: C;
|
|
9
|
+
readonly roleMap: GrantedRoleMap<R>;
|
|
10
|
+
}
|
|
11
|
+
export declare function noAccessContextGrantedModelRoles<O, C = unknown, R extends string = string>(context: C, data?: Maybe<O>): ContextGrantedModelRoles<O, C, R>;
|
|
12
|
+
export declare function fullAccessGrantedModelRoles<O, C = unknown, R extends string = string>(context: C, data?: Maybe<O>): ContextGrantedModelRoles<O, C, R>;
|
|
13
|
+
export declare function contextGrantedModelRoles<O, C = unknown, R extends string = string>(context: C, data: Maybe<O>, roles: GrantedRoleMap<R>): ContextGrantedModelRoles<O, C, R>;
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.contextGrantedModelRoles = exports.fullAccessGrantedModelRoles = exports.noAccessContextGrantedModelRoles = void 0;
|
|
4
|
+
const role_1 = require("./role");
|
|
5
|
+
function noAccessContextGrantedModelRoles(context, data) {
|
|
6
|
+
return contextGrantedModelRoles(context, data, (0, role_1.noAccessRoleMap)());
|
|
7
|
+
}
|
|
8
|
+
exports.noAccessContextGrantedModelRoles = noAccessContextGrantedModelRoles;
|
|
9
|
+
function fullAccessGrantedModelRoles(context, data) {
|
|
10
|
+
return contextGrantedModelRoles(context, data, (0, role_1.fullAccessRoleMap)());
|
|
11
|
+
}
|
|
12
|
+
exports.fullAccessGrantedModelRoles = fullAccessGrantedModelRoles;
|
|
13
|
+
function contextGrantedModelRoles(context, data, roles) {
|
|
14
|
+
return {
|
|
15
|
+
data,
|
|
16
|
+
context,
|
|
17
|
+
roleMap: roles
|
|
18
|
+
};
|
|
19
|
+
}
|
|
20
|
+
exports.contextGrantedModelRoles = contextGrantedModelRoles;
|
|
21
|
+
//# sourceMappingURL=permission.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permission.js","sourceRoot":"","sources":["../../../../../../../packages/model/src/lib/service/permission/permission.ts"],"names":[],"mappings":";;;AACA,iCAA4E;AAW5E,SAAgB,gCAAgC,CAA4C,OAAU,EAAE,IAAe;IACrH,OAAO,wBAAwB,CAAC,OAAO,EAAE,IAAI,EAAE,IAAA,sBAAe,GAAE,CAAC,CAAC;AACpE,CAAC;AAFD,4EAEC;AAED,SAAgB,2BAA2B,CAA4C,OAAU,EAAE,IAAe;IAChH,OAAO,wBAAwB,CAAC,OAAO,EAAE,IAAI,EAAE,IAAA,wBAAiB,GAAE,CAAC,CAAC;AACtE,CAAC;AAFD,kEAEC;AAED,SAAgB,wBAAwB,CAA4C,OAAU,EAAE,IAAc,EAAE,KAAwB;IACtI,OAAO;QACL,IAAI;QACJ,OAAO;QACP,OAAO,EAAE,KAAK;KACf,CAAC;AACJ,CAAC;AAND,4DAMC"}
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
import { PromiseOrValue, Maybe, ModelKey, ModelTypeString } from '@dereekb/util';
|
|
2
|
+
import { ModelLoader } from '../loader/model.loader';
|
|
3
|
+
import { ContextGrantedModelRoles } from './permission';
|
|
4
|
+
import { GrantedRoleMap } from './role';
|
|
5
|
+
/**
|
|
6
|
+
* Full model permission service that can read permissions for models by key or for an input model.
|
|
7
|
+
*/
|
|
8
|
+
export interface ModelPermissionService<C, T, R extends string = string, O = T> extends ModelOnlyModelPermissionService<C, T, R, O>, KeyOnlyModelPermissionService<C, T, R, O> {
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Used for retrieving permissions for a specific model.
|
|
12
|
+
*/
|
|
13
|
+
export interface ModelOnlyModelPermissionService<C, T, R extends string = string, O = T> {
|
|
14
|
+
/**
|
|
15
|
+
* Returns roles for the model given the input context.
|
|
16
|
+
* @param model
|
|
17
|
+
* @param context
|
|
18
|
+
*/
|
|
19
|
+
roleMapForModelContext(model: T, context: C): Promise<ContextGrantedModelRoles<O, C, R>>;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Used for retrieving permissions for a specific model by their key.
|
|
23
|
+
*/
|
|
24
|
+
export interface KeyOnlyModelPermissionService<C, T, R extends string = string, O = T> {
|
|
25
|
+
/**
|
|
26
|
+
* Returns roles for the model given the input context.
|
|
27
|
+
* @param model
|
|
28
|
+
* @param context
|
|
29
|
+
*/
|
|
30
|
+
roleMapForKeyContext(key: ModelKey, context: C): Promise<ContextGrantedModelRoles<O, C, R>>;
|
|
31
|
+
}
|
|
32
|
+
/**
|
|
33
|
+
* Abstract ModelPermissionService implementation.
|
|
34
|
+
*/
|
|
35
|
+
export declare abstract class AbstractModelPermissionService<C, T, R extends string = string, O = T> implements ModelPermissionService<C, T, R, O> {
|
|
36
|
+
readonly modelLoader: ModelLoader<C, T>;
|
|
37
|
+
constructor(modelLoader: ModelLoader<C, T>);
|
|
38
|
+
roleMapForKeyContext(key: string, context: C): Promise<ContextGrantedModelRoles<O, C, R>>;
|
|
39
|
+
roleMapForModelContext(model: T, context: C): Promise<ContextGrantedModelRoles<O, C, R>>;
|
|
40
|
+
protected getRoleMapForOutput(output: O, context: C, model: T): Promise<ContextGrantedModelRoles<O, C, R>>;
|
|
41
|
+
protected abstract outputForModel(model: T, context: C): PromiseOrValue<Maybe<O>>;
|
|
42
|
+
protected isUsableOutputForRoles(output: O, context: C): boolean;
|
|
43
|
+
protected abstract roleMapForModel(output: O, context: C, model: T): PromiseOrValue<GrantedRoleMap<R>>;
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Used to retrieve a ModelPermissionService for a specific type.
|
|
47
|
+
*/
|
|
48
|
+
export interface ModelsPermissionService<C> {
|
|
49
|
+
modelPermissions<T, R extends string = string, O = T>(type: ModelTypeString): ModelPermissionService<C, T, R, O>;
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Used for retrieving permissions for a specific model.
|
|
53
|
+
*/
|
|
54
|
+
export interface InContextModelOnlyModelPermissionService<C, T, R extends string = string, O = T> {
|
|
55
|
+
/**
|
|
56
|
+
* Returns roles for the model given the input context.
|
|
57
|
+
* @param model
|
|
58
|
+
* @param context
|
|
59
|
+
*/
|
|
60
|
+
roleMapForModel(model: T): Promise<ContextGrantedModelRoles<O, C, R>>;
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Used for retrieving permissions for a specific model by their key.
|
|
64
|
+
*/
|
|
65
|
+
export interface InContextKeyOnlyModelPermissionService<C, T, R extends string = string, O = T> {
|
|
66
|
+
/**
|
|
67
|
+
* Returns roles for the model given the input context.
|
|
68
|
+
* @param model
|
|
69
|
+
* @param context
|
|
70
|
+
*/
|
|
71
|
+
roleMapForKey(key: ModelKey): Promise<ContextGrantedModelRoles<O, C, R>>;
|
|
72
|
+
}
|
|
73
|
+
/**
|
|
74
|
+
* ModelsPermissionService that has a context.
|
|
75
|
+
*/
|
|
76
|
+
export interface InContextModelPermissionService<C, T, R extends string = string, O = T> extends InContextModelOnlyModelPermissionService<C, T, R, O>, InContextKeyOnlyModelPermissionService<C, T, R, O> {
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Used for retrieving permissions from the in-context model.
|
|
80
|
+
*/
|
|
81
|
+
export interface InModelContextModelOnlyModelPermissionService<C, T, R extends string = string, O = T> {
|
|
82
|
+
/**
|
|
83
|
+
* Computes and returns roles for the model given the input context.
|
|
84
|
+
*
|
|
85
|
+
* @param model
|
|
86
|
+
* @param context
|
|
87
|
+
*/
|
|
88
|
+
roleMap(): Promise<ContextGrantedModelRoles<O, C, R>>;
|
|
89
|
+
}
|
|
90
|
+
export declare type InModelContextModelPermissionService<C, T, R extends string = string, O = T> = InModelContextModelOnlyModelPermissionService<C, T, R, O>;
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AbstractModelPermissionService = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const permission_1 = require("./permission");
|
|
6
|
+
/**
|
|
7
|
+
* Abstract ModelPermissionService implementation.
|
|
8
|
+
*/
|
|
9
|
+
class AbstractModelPermissionService {
|
|
10
|
+
constructor(modelLoader) {
|
|
11
|
+
this.modelLoader = modelLoader;
|
|
12
|
+
}
|
|
13
|
+
roleMapForKeyContext(key, context) {
|
|
14
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
15
|
+
const model = yield this.modelLoader.loadModelForKey(key, context);
|
|
16
|
+
let result;
|
|
17
|
+
if (model != null) {
|
|
18
|
+
result = yield this.roleMapForModelContext(model, context);
|
|
19
|
+
}
|
|
20
|
+
else {
|
|
21
|
+
result = (0, permission_1.noAccessContextGrantedModelRoles)(context);
|
|
22
|
+
}
|
|
23
|
+
return result;
|
|
24
|
+
});
|
|
25
|
+
}
|
|
26
|
+
roleMapForModelContext(model, context) {
|
|
27
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
28
|
+
const output = yield this.outputForModel(model, context);
|
|
29
|
+
let result;
|
|
30
|
+
if (output != null && this.isUsableOutputForRoles(output, context)) {
|
|
31
|
+
result = yield this.getRoleMapForOutput(output, context, model);
|
|
32
|
+
}
|
|
33
|
+
else {
|
|
34
|
+
result = (0, permission_1.noAccessContextGrantedModelRoles)(context, output);
|
|
35
|
+
}
|
|
36
|
+
return result;
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
getRoleMapForOutput(output, context, model) {
|
|
40
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
41
|
+
const roleMap = yield this.roleMapForModel(output, context, model);
|
|
42
|
+
return (0, permission_1.contextGrantedModelRoles)(context, output, roleMap);
|
|
43
|
+
});
|
|
44
|
+
}
|
|
45
|
+
isUsableOutputForRoles(output, context) {
|
|
46
|
+
return true; // can override in parent functions to further filter roles.
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
exports.AbstractModelPermissionService = AbstractModelPermissionService;
|
|
50
|
+
//# sourceMappingURL=permission.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permission.service.js","sourceRoot":"","sources":["../../../../../../../packages/model/src/lib/service/permission/permission.service.ts"],"names":[],"mappings":";;;;AAEA,6CAAoH;AAgCpH;;GAEG;AACH,MAAsB,8BAA8B;IAClD,YAAqB,WAA8B;QAA9B,gBAAW,GAAX,WAAW,CAAmB;IAAG,CAAC;IAEjD,oBAAoB,CAAC,GAAW,EAAE,OAAU;;YAChD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;YACnE,IAAI,MAAyC,CAAC;YAE9C,IAAI,KAAK,IAAI,IAAI,EAAE;gBACjB,MAAM,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;aAC5D;iBAAM;gBACL,MAAM,GAAG,IAAA,6CAAgC,EAAU,OAAO,CAAC,CAAC;aAC7D;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEK,sBAAsB,CAAC,KAAQ,EAAE,OAAU;;YAC/C,MAAM,MAAM,GAAa,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;YACnE,IAAI,MAAyC,CAAC;YAE9C,IAAI,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE;gBAClE,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;aACjE;iBAAM;gBACL,MAAM,GAAG,IAAA,6CAAgC,EAAU,OAAO,EAAE,MAAM,CAAC,CAAC;aACrE;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEe,mBAAmB,CAAC,MAAS,EAAE,OAAU,EAAE,KAAQ;;YACjE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;YACnE,OAAO,IAAA,qCAAwB,EAAU,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QACrE,CAAC;KAAA;IAIS,sBAAsB,CAAC,MAAS,EAAE,OAAU;QACpD,OAAO,IAAI,CAAC,CAAC,4DAA4D;IAC3E,CAAC;CAGF;AAzCD,wEAyCC"}
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
import { ArrayOrValue, Maybe, SetIncludesMode } from '@dereekb/util';
|
|
2
|
+
/**
|
|
3
|
+
* A granted role for a model.
|
|
4
|
+
*/
|
|
5
|
+
export declare type GrantedRole = string;
|
|
6
|
+
/**
|
|
7
|
+
* Communicates that the current context has read access to a model.
|
|
8
|
+
*/
|
|
9
|
+
export declare type GrantedReadRole = typeof GRANTED_READ_ROLE_KEY;
|
|
10
|
+
export declare const GRANTED_READ_ROLE_KEY = "read";
|
|
11
|
+
/**
|
|
12
|
+
* Communicates that the current context has update access to a model.
|
|
13
|
+
*/
|
|
14
|
+
export declare type GrantedUpdateRole = typeof GRANTED_UPDATE_ROLE_KEY;
|
|
15
|
+
export declare const GRANTED_UPDATE_ROLE_KEY = "update";
|
|
16
|
+
/**
|
|
17
|
+
* Communicates that the current context has delete access to a model.
|
|
18
|
+
*/
|
|
19
|
+
export declare type GrantedDeleteRole = typeof GRANTED_DELETE_ROLE_KEY;
|
|
20
|
+
export declare const GRANTED_DELETE_ROLE_KEY = "delete";
|
|
21
|
+
export declare type GrantedCrudRoles = GrantedReadRole | GrantedUpdateRole | GrantedDeleteRole;
|
|
22
|
+
export declare const FULL_ACCESS_ROLE_KEY = "__FULL__";
|
|
23
|
+
/**
|
|
24
|
+
* Communicates that the current context has full access to a model.
|
|
25
|
+
*/
|
|
26
|
+
export declare type GrantedFullAccessGrantedRole = typeof FULL_ACCESS_ROLE_KEY;
|
|
27
|
+
export declare const NO_ACCESS_ROLE_KEY = "__EMPTY__";
|
|
28
|
+
export declare type NoAccessGrantedRole = typeof NO_ACCESS_ROLE_KEY;
|
|
29
|
+
export declare type NoAccessRoleMap = {
|
|
30
|
+
[NO_ACCESS_ROLE_KEY]: true;
|
|
31
|
+
};
|
|
32
|
+
export declare function noAccessRoleMap(): NoAccessRoleMap;
|
|
33
|
+
export declare function isNoAccessRoleMap<T extends string = string>(input: GrantedRoleMap<T> | NoAccessRoleMap): input is NoAccessRoleMap;
|
|
34
|
+
export declare type FullAccessRoleMap = {
|
|
35
|
+
[FULL_ACCESS_ROLE_KEY]: true;
|
|
36
|
+
};
|
|
37
|
+
export declare function fullAccessRoleMap(): FullAccessRoleMap;
|
|
38
|
+
export declare function isFullAccessRoleMap<T extends string = string>(input: GrantedRoleMap<T> | FullAccessRoleMap): input is FullAccessRoleMap;
|
|
39
|
+
export declare type GrantedRoleMap<T extends GrantedRole = string> = NoAccessRoleMap | FullAccessRoleMap | GrantedRoleKeysMap<T>;
|
|
40
|
+
export declare type GrantedRoleKeysMap<T extends GrantedRole = string> = {
|
|
41
|
+
[key in T]?: Maybe<boolean>;
|
|
42
|
+
};
|
|
43
|
+
export interface GrantedRoleMapReader<T extends GrantedRole = string> {
|
|
44
|
+
/**
|
|
45
|
+
* Returns true if no access has been given.
|
|
46
|
+
*/
|
|
47
|
+
hasNoAccess(): boolean;
|
|
48
|
+
/**
|
|
49
|
+
* Returns true if the role is granted.
|
|
50
|
+
*/
|
|
51
|
+
hasRole(role: T): boolean;
|
|
52
|
+
/**
|
|
53
|
+
* Returns true if the roles are granted.
|
|
54
|
+
*/
|
|
55
|
+
hasRoles(setIncludes: SetIncludesMode, roles: ArrayOrValue<T>): boolean;
|
|
56
|
+
/**
|
|
57
|
+
* Returns true if the map explicitly contains the role.
|
|
58
|
+
*/
|
|
59
|
+
containsRoles(setIncludes: SetIncludesMode, roles: ArrayOrValue<T>): boolean;
|
|
60
|
+
}
|
|
61
|
+
export declare function grantedRoleMapReader<T extends GrantedRole = string>(map: GrantedRoleMap<T>): GrantedRoleMapReader<T>;
|
|
62
|
+
export declare class GrantedRoleMapReaderInstance<T extends GrantedRole = string> implements GrantedRoleMapReader<T> {
|
|
63
|
+
private readonly _map;
|
|
64
|
+
constructor(_map: GrantedRoleMap<T>);
|
|
65
|
+
hasNoAccess(): boolean;
|
|
66
|
+
hasRole(role: T): boolean;
|
|
67
|
+
hasRoles(setIncludes: SetIncludesMode, inputRoles: ArrayOrValue<T>): boolean;
|
|
68
|
+
containsRoles(setIncludes: SetIncludesMode, inputRoles: ArrayOrValue<T>): boolean;
|
|
69
|
+
containsAnyRole(roles: GrantedRole[]): boolean;
|
|
70
|
+
containsEachRole(roles: GrantedRole[]): boolean;
|
|
71
|
+
}
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.GrantedRoleMapReaderInstance = exports.grantedRoleMapReader = exports.isFullAccessRoleMap = exports.fullAccessRoleMap = exports.isNoAccessRoleMap = exports.noAccessRoleMap = exports.NO_ACCESS_ROLE_KEY = exports.FULL_ACCESS_ROLE_KEY = exports.GRANTED_DELETE_ROLE_KEY = exports.GRANTED_UPDATE_ROLE_KEY = exports.GRANTED_READ_ROLE_KEY = void 0;
|
|
4
|
+
const util_1 = require("@dereekb/util");
|
|
5
|
+
exports.GRANTED_READ_ROLE_KEY = 'read';
|
|
6
|
+
exports.GRANTED_UPDATE_ROLE_KEY = 'update';
|
|
7
|
+
exports.GRANTED_DELETE_ROLE_KEY = 'delete';
|
|
8
|
+
exports.FULL_ACCESS_ROLE_KEY = '__FULL__';
|
|
9
|
+
exports.NO_ACCESS_ROLE_KEY = '__EMPTY__';
|
|
10
|
+
function noAccessRoleMap() {
|
|
11
|
+
return {
|
|
12
|
+
[exports.NO_ACCESS_ROLE_KEY]: true
|
|
13
|
+
};
|
|
14
|
+
}
|
|
15
|
+
exports.noAccessRoleMap = noAccessRoleMap;
|
|
16
|
+
function isNoAccessRoleMap(input) {
|
|
17
|
+
return input[exports.NO_ACCESS_ROLE_KEY] === true;
|
|
18
|
+
}
|
|
19
|
+
exports.isNoAccessRoleMap = isNoAccessRoleMap;
|
|
20
|
+
function fullAccessRoleMap() {
|
|
21
|
+
return {
|
|
22
|
+
[exports.FULL_ACCESS_ROLE_KEY]: true
|
|
23
|
+
};
|
|
24
|
+
}
|
|
25
|
+
exports.fullAccessRoleMap = fullAccessRoleMap;
|
|
26
|
+
function isFullAccessRoleMap(input) {
|
|
27
|
+
return input[exports.FULL_ACCESS_ROLE_KEY] === true;
|
|
28
|
+
}
|
|
29
|
+
exports.isFullAccessRoleMap = isFullAccessRoleMap;
|
|
30
|
+
function grantedRoleMapReader(map) {
|
|
31
|
+
return new GrantedRoleMapReaderInstance(map);
|
|
32
|
+
}
|
|
33
|
+
exports.grantedRoleMapReader = grantedRoleMapReader;
|
|
34
|
+
class GrantedRoleMapReaderInstance {
|
|
35
|
+
constructor(_map) {
|
|
36
|
+
this._map = _map;
|
|
37
|
+
}
|
|
38
|
+
hasNoAccess() {
|
|
39
|
+
return this._map[exports.NO_ACCESS_ROLE_KEY];
|
|
40
|
+
}
|
|
41
|
+
hasRole(role) {
|
|
42
|
+
return this.hasRoles('any', role);
|
|
43
|
+
}
|
|
44
|
+
hasRoles(setIncludes, inputRoles) {
|
|
45
|
+
if (this._map[exports.FULL_ACCESS_ROLE_KEY]) {
|
|
46
|
+
return true;
|
|
47
|
+
}
|
|
48
|
+
else {
|
|
49
|
+
return this.containsRoles(setIncludes, inputRoles);
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
containsRoles(setIncludes, inputRoles) {
|
|
53
|
+
const roles = (0, util_1.asArray)(inputRoles);
|
|
54
|
+
if (setIncludes === 'any') {
|
|
55
|
+
return this.containsAnyRole(roles);
|
|
56
|
+
}
|
|
57
|
+
else {
|
|
58
|
+
return this.containsEachRole(roles);
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
containsAnyRole(roles) {
|
|
62
|
+
for (const role of roles) {
|
|
63
|
+
if (this._map[role]) {
|
|
64
|
+
return true;
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
return false;
|
|
68
|
+
}
|
|
69
|
+
containsEachRole(roles) {
|
|
70
|
+
for (const role of roles) {
|
|
71
|
+
if (!this._map[role]) {
|
|
72
|
+
return false;
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
return true;
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
exports.GrantedRoleMapReaderInstance = GrantedRoleMapReaderInstance;
|
|
79
|
+
//# sourceMappingURL=role.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"role.js","sourceRoot":"","sources":["../../../../../../../packages/model/src/lib/service/permission/role.ts"],"names":[],"mappings":";;;AAAA,wCAA8E;AAWjE,QAAA,qBAAqB,GAAG,MAAM,CAAC;AAM/B,QAAA,uBAAuB,GAAG,QAAQ,CAAC;AAMnC,QAAA,uBAAuB,GAAG,QAAQ,CAAC;AAInC,QAAA,oBAAoB,GAAG,UAAU,CAAC;AAOlC,QAAA,kBAAkB,GAAG,WAAW,CAAC;AAO9C,SAAgB,eAAe;IAC7B,OAAO;QACL,CAAC,0BAAkB,CAAC,EAAE,IAAI;KAC3B,CAAC;AACJ,CAAC;AAJD,0CAIC;AAED,SAAgB,iBAAiB,CAA4B,KAA0C;IACrG,OAAQ,KAAyB,CAAC,0BAAkB,CAAC,KAAK,IAAI,CAAC;AACjE,CAAC;AAFD,8CAEC;AAMD,SAAgB,iBAAiB;IAC/B,OAAO;QACL,CAAC,4BAAoB,CAAC,EAAE,IAAI;KAC7B,CAAC;AACJ,CAAC;AAJD,8CAIC;AAED,SAAgB,mBAAmB,CAA4B,KAA4C;IACzG,OAAQ,KAA2B,CAAC,4BAAoB,CAAC,KAAK,IAAI,CAAC;AACrE,CAAC;AAFD,kDAEC;AA8BD,SAAgB,oBAAoB,CAAiC,GAAsB;IACzF,OAAO,IAAI,4BAA4B,CAAC,GAAG,CAAC,CAAC;AAC/C,CAAC;AAFD,oDAEC;AAED,MAAa,4BAA4B;IACvC,YAA6B,IAAuB;QAAvB,SAAI,GAAJ,IAAI,CAAmB;IAAG,CAAC;IAExD,WAAW;QACT,OAAQ,IAAI,CAAC,IAAwB,CAAC,0BAAkB,CAAC,CAAC;IAC5D,CAAC;IAED,OAAO,CAAC,IAAO;QACb,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACpC,CAAC;IAED,QAAQ,CAAC,WAA4B,EAAE,UAA2B;QAChE,IAAK,IAAI,CAAC,IAA0B,CAAC,4BAAoB,CAAC,EAAE;YAC1D,OAAO,IAAI,CAAC;SACb;aAAM;YACL,OAAO,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;SACpD;IACH,CAAC;IAED,aAAa,CAAC,WAA4B,EAAE,UAA2B;QACrE,MAAM,KAAK,GAAG,IAAA,cAAO,EAAC,UAAU,CAAC,CAAC;QAElC,IAAI,WAAW,KAAK,KAAK,EAAE;YACzB,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;SACpC;aAAM;YACL,OAAO,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;SACrC;IACH,CAAC;IAED,eAAe,CAAC,KAAoB;QAClC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;YACxB,IAAK,IAAI,CAAC,IAA2B,CAAC,IAAI,CAAC,EAAE;gBAC3C,OAAO,IAAI,CAAC;aACb;SACF;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gBAAgB,CAAC,KAAoB;QACnC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;YACxB,IAAI,CAAE,IAAI,CAAC,IAA2B,CAAC,IAAI,CAAC,EAAE;gBAC5C,OAAO,KAAK,CAAC;aACd;SACF;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAhDD,oEAgDC"}
|