@dnax/core 0.13.1 → 0.13.5

package/app/hono.ts

@@ -227,6 +227,7 @@ function HonoInstance(): typeof app {
       col?.access?.hasOwnProperty(action) ||
       getPermission(session.get()?.role, tenant_id) ||
       null;
+
     let nextLifecyle: any = false;
 
     // Middleware for apis
@@ -263,10 +264,9 @@ function HonoInstance(): typeof app {
       return await next();
     }
 
-    let performFromStudio = c.var["isStudio"] || false;
-
-    if (col && col?.access?.allAction) {
-      nextLifecyle = await col?.access?.allAction({
+    if (col && (col?.access?.allAction || col?.access?.hasOwnProperty("*"))) {
+      let accesFx = col?.access?.allAction || col?.access?.["*"];
+      nextLifecyle = await accesFx({
         token: c.var["token"] || null,
         action: action,
         c: c,
@@ -305,7 +305,7 @@ function HonoInstance(): typeof app {
       }
     }
 
-    if (nextLifecyle || performFromStudio) {
+    if (nextLifecyle) {
       return await next();
     } else {
       c.status(403);

package/lib/asyncLocalStorage.ts

@@ -69,6 +69,7 @@ const sessionStorage = () => ({
     if (input?.generateToken) {
       localSession.set(input?.id, data);
     }
+
     store.set(key, data);
     return {
       state: input.state,

package/lib/permissions.ts

@@ -17,10 +17,12 @@ async function loadPermissions() {
     for await (let t of Cfg.tenants) {
       let tenantPath = `${t.dir}/permissions/**/**.rabc.{ts,js}`;
       const glob = new Glob(tenantPath);
+
       for await (let file of glob.scan({
         cwd: Cfg.cwd,
       })) {
         let fullPathFile = path.join(Cfg.cwd || "", file);
+
         await import(fullPathFile)
           .then((inject) => {
             permissions.push({
@@ -44,7 +46,7 @@ function getPermission(
 ): permissionSchema | undefined | null {
   if (Cfg?.permissions?.length) {
     return Cfg.permissions.find((col: permissionSchema) => {
-      return col.role === role && col.tenant_id === tenant_id;
+      return col?.role === role && col?.tenant_id === tenant_id;
     });
   }
   return null;
@@ -61,19 +63,27 @@ function checkPermission(
 
   // 1- Check if all connection
   let findAsterixCollection = perm?.access?.find((c) =>
-    c.collections.includes("*")
+    c?.collections?.includes("*")
   );
+
   if (findAsterixCollection) {
-    let actionsOnAll = findAsterixCollection.actions.find((a) => a === action);
+    // super root actions all All
+    let actionsOnAll = findAsterixCollection.actions.find(
+      (a) => a === action || a === "allAction" || a === "*"
+    );
     actionsOnAll ? (approved = true) : (approved = false);
+    if (approved) return true;
   }
 
   // 2- Check if collection and action
   let findCollection = perm?.access?.find((c) =>
-    c.collections.includes(collection)
+    c?.collections?.includes(collection)
   );
+
   if (findCollection) {
-    let actionsOnCollection = findCollection.actions.find((a) => a === action);
+    let actionsOnCollection = findCollection.actions.find(
+      (a) => a === action || a == "*"
+    );
     actionsOnCollection ? (approved = true) : (approved = false);
   }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dnax/core",
-  "version": "0.13.1",
+  "version": "0.13.5",
   "module": "index.ts",
   "type": "module",
   "bin": {

package/types/index.ts

@@ -270,6 +270,7 @@ export type Collection = {
     afterAggregate?: hooksCtx;
   };
   access?: {
+    "*"?: accessCtx;
     beforeAction?: accessCtx;
     allAction?: accessCtx;
     find?: accessCtx;
@@ -545,7 +546,6 @@ export type accessType = {
         handler: AccessFunctionType;
       }
     | "*"
-    | "allAction"
     | "aggregate"
     | "find"
     | "findOne"