@ditojs/server 2.69.0 → 2.70.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ditojs/server",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.70.0",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "Dito.js Server – Dito.js is a declarative and modern web framework, based on Objection.js, Koa.js and Vue.js",
|
|
6
6
|
"repository": "https://github.com/ditojs/dito/tree/master/packages/server",
|
|
@@ -26,10 +26,10 @@
|
|
|
26
26
|
"node >= 18"
|
|
27
27
|
],
|
|
28
28
|
"dependencies": {
|
|
29
|
-
"@ditojs/admin": "^2.
|
|
30
|
-
"@ditojs/build": "^2.
|
|
31
|
-
"@ditojs/router": "^2.
|
|
32
|
-
"@ditojs/utils": "^2.
|
|
29
|
+
"@ditojs/admin": "^2.70.0",
|
|
30
|
+
"@ditojs/build": "^2.70.0",
|
|
31
|
+
"@ditojs/router": "^2.70.0",
|
|
32
|
+
"@ditojs/utils": "^2.70.0",
|
|
33
33
|
"@koa/cors": "^5.0.0",
|
|
34
34
|
"@koa/etag": "^5.0.1",
|
|
35
35
|
"@koa/multer": "^4.0.0",
|
|
@@ -90,5 +90,5 @@
|
|
|
90
90
|
"objection": "^3.1.5",
|
|
91
91
|
"typescript": "^5.9.3"
|
|
92
92
|
},
|
|
93
|
-
"gitHead": "
|
|
93
|
+
"gitHead": "2010c0695b5a7296e10c2b6bf2539d552c576fd9"
|
|
94
94
|
}
|
|
@@ -435,10 +435,12 @@ export class Controller {
|
|
|
435
435
|
}
|
|
436
436
|
}
|
|
437
437
|
|
|
438
|
-
const handleAuthorize = authorize => {
|
|
438
|
+
const handleAuthorize = (authorize, allowOverride) => {
|
|
439
439
|
const add = (key, value) => {
|
|
440
440
|
if (key in values && includeKey(key)) {
|
|
441
|
-
|
|
441
|
+
if (allowOverride || !(key in authorizeMap)) {
|
|
442
|
+
authorizeMap[key] = value
|
|
443
|
+
}
|
|
442
444
|
}
|
|
443
445
|
}
|
|
444
446
|
|
|
@@ -466,14 +468,14 @@ export class Controller {
|
|
|
466
468
|
|
|
467
469
|
for (const current of chain) {
|
|
468
470
|
handleAllow(getOwnProperty(current, 'allow'), current)
|
|
469
|
-
handleAuthorize(getOwnProperty(current, 'authorize'))
|
|
471
|
+
handleAuthorize(getOwnProperty(current, 'authorize'), true)
|
|
470
472
|
}
|
|
471
473
|
|
|
472
474
|
// At the end of the chain, also support authorize settings on the
|
|
473
|
-
// controller-level,
|
|
474
|
-
//
|
|
475
|
+
// controller-level, acting as a fallback for actions that don't already
|
|
476
|
+
// have authorization.
|
|
475
477
|
if (this.authorize) {
|
|
476
|
-
handleAuthorize(this.authorize)
|
|
478
|
+
handleAuthorize(this.authorize, false)
|
|
477
479
|
}
|
|
478
480
|
|
|
479
481
|
return {
|