@dnax/core 0.13.3 → 0.13.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/app/hono.ts +5 -5
- package/lib/asyncLocalStorage.ts +1 -0
- package/lib/permissions.ts +7 -2
- package/package.json +1 -1
- package/types/index.ts +1 -1
package/app/hono.ts
CHANGED
|
@@ -227,6 +227,7 @@ function HonoInstance(): typeof app {
|
|
|
227
227
|
col?.access?.hasOwnProperty(action) ||
|
|
228
228
|
getPermission(session.get()?.role, tenant_id) ||
|
|
229
229
|
null;
|
|
230
|
+
|
|
230
231
|
let nextLifecyle: any = false;
|
|
231
232
|
|
|
232
233
|
// Middleware for apis
|
|
@@ -263,10 +264,9 @@ function HonoInstance(): typeof app {
|
|
|
263
264
|
return await next();
|
|
264
265
|
}
|
|
265
266
|
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
nextLifecyle = await col?.access?.allAction({
|
|
267
|
+
if (col && (col?.access?.allAction || col?.access?.hasOwnProperty("*"))) {
|
|
268
|
+
let accesFx = col?.access?.allAction || col?.access?.["*"];
|
|
269
|
+
nextLifecyle = await accesFx({
|
|
270
270
|
token: c.var["token"] || null,
|
|
271
271
|
action: action,
|
|
272
272
|
c: c,
|
|
@@ -305,7 +305,7 @@ function HonoInstance(): typeof app {
|
|
|
305
305
|
}
|
|
306
306
|
}
|
|
307
307
|
|
|
308
|
-
if (nextLifecyle
|
|
308
|
+
if (nextLifecyle) {
|
|
309
309
|
return await next();
|
|
310
310
|
} else {
|
|
311
311
|
c.status(403);
|
package/lib/asyncLocalStorage.ts
CHANGED
package/lib/permissions.ts
CHANGED
|
@@ -17,10 +17,12 @@ async function loadPermissions() {
|
|
|
17
17
|
for await (let t of Cfg.tenants) {
|
|
18
18
|
let tenantPath = `${t.dir}/permissions/**/**.rabc.{ts,js}`;
|
|
19
19
|
const glob = new Glob(tenantPath);
|
|
20
|
+
|
|
20
21
|
for await (let file of glob.scan({
|
|
21
22
|
cwd: Cfg.cwd,
|
|
22
23
|
})) {
|
|
23
24
|
let fullPathFile = path.join(Cfg.cwd || "", file);
|
|
25
|
+
|
|
24
26
|
await import(fullPathFile)
|
|
25
27
|
.then((inject) => {
|
|
26
28
|
permissions.push({
|
|
@@ -44,7 +46,7 @@ function getPermission(
|
|
|
44
46
|
): permissionSchema | undefined | null {
|
|
45
47
|
if (Cfg?.permissions?.length) {
|
|
46
48
|
return Cfg.permissions.find((col: permissionSchema) => {
|
|
47
|
-
return col
|
|
49
|
+
return col?.role === role && col?.tenant_id === tenant_id;
|
|
48
50
|
});
|
|
49
51
|
}
|
|
50
52
|
return null;
|
|
@@ -77,8 +79,11 @@ function checkPermission(
|
|
|
77
79
|
let findCollection = perm?.access?.find((c) =>
|
|
78
80
|
c?.collections?.includes(collection)
|
|
79
81
|
);
|
|
82
|
+
|
|
80
83
|
if (findCollection) {
|
|
81
|
-
let actionsOnCollection = findCollection.actions.find(
|
|
84
|
+
let actionsOnCollection = findCollection.actions.find(
|
|
85
|
+
(a) => a === action || a == "*"
|
|
86
|
+
);
|
|
82
87
|
actionsOnCollection ? (approved = true) : (approved = false);
|
|
83
88
|
}
|
|
84
89
|
|
package/package.json
CHANGED
package/types/index.ts
CHANGED
|
@@ -270,6 +270,7 @@ export type Collection = {
|
|
|
270
270
|
afterAggregate?: hooksCtx;
|
|
271
271
|
};
|
|
272
272
|
access?: {
|
|
273
|
+
"*"?: accessCtx;
|
|
273
274
|
beforeAction?: accessCtx;
|
|
274
275
|
allAction?: accessCtx;
|
|
275
276
|
find?: accessCtx;
|
|
@@ -545,7 +546,6 @@ export type accessType = {
|
|
|
545
546
|
handler: AccessFunctionType;
|
|
546
547
|
}
|
|
547
548
|
| "*"
|
|
548
|
-
| "allAction"
|
|
549
549
|
| "aggregate"
|
|
550
550
|
| "find"
|
|
551
551
|
| "findOne"
|