@forestadmin/agent 1.1.0-alpha.1 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent.d.ts +11 -1
- package/dist/agent.js +14 -1
- package/dist/routes/access/chart.js +8 -4
- package/dist/routes/access/count-related.js +3 -3
- package/dist/routes/access/count.js +3 -3
- package/dist/routes/access/csv-related.js +4 -4
- package/dist/routes/access/csv.js +4 -4
- package/dist/routes/access/get.js +3 -3
- package/dist/routes/access/list-related.js +3 -3
- package/dist/routes/access/list.js +3 -3
- package/dist/routes/modification/action.d.ts +1 -1
- package/dist/routes/modification/action.js +7 -24
- package/dist/routes/modification/associate-related.js +3 -3
- package/dist/routes/modification/create.js +4 -4
- package/dist/routes/modification/delete.js +3 -3
- package/dist/routes/modification/dissociate-delete-related.js +3 -3
- package/dist/routes/modification/update-field.js +3 -3
- package/dist/routes/modification/update-relation.js +5 -5
- package/dist/routes/modification/update.js +3 -3
- package/dist/routes/security/scope-invalidation.js +2 -2
- package/dist/services/index.d.ts +2 -2
- package/dist/services/index.js +6 -8
- package/dist/services/permissions.d.ts +19 -0
- package/dist/services/permissions.js +85 -0
- package/dist/types.d.ts +0 -2
- package/dist/types.js +1 -1
- package/dist/utils/forest-http-api.d.ts +28 -0
- package/dist/utils/forest-http-api.js +81 -1
- package/dist/utils/options-validator.js +6 -14
- package/package.json +4 -4
- package/dist/services/authorization/authorization.d.ts +0 -31
- package/dist/services/authorization/authorization.js +0 -107
- package/dist/services/authorization/index.d.ts +0 -4
- package/dist/services/authorization/index.js +0 -11
- package/dist/services/authorization/types.d.ts +0 -26
- package/dist/services/authorization/types.js +0 -3
package/dist/agent.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ChartDefinition, CollectionCustomizer, DataSourceOptions, TCollectionName, TSchema } from '@forestadmin/datasource-customizer';
|
|
1
|
+
import { ChartDefinition, CollectionCustomizer, DataSourceOptions, Plugin, TCollectionName, TSchema } from '@forestadmin/datasource-customizer';
|
|
2
2
|
import { DataSourceFactory } from '@forestadmin/datasource-toolkit';
|
|
3
3
|
import { AgentOptions } from './types';
|
|
4
4
|
import FrameworkMounter from './framework-mounter';
|
|
@@ -64,6 +64,16 @@ export default class Agent<S extends TSchema = TSchema> extends FrameworkMounter
|
|
|
64
64
|
* .customizeCollection('books', books => books.renameField('xx', 'yy'))
|
|
65
65
|
*/
|
|
66
66
|
customizeCollection<N extends TCollectionName<S>>(name: N, handle: (collection: CollectionCustomizer<S, N>) => unknown): this;
|
|
67
|
+
/**
|
|
68
|
+
* Load a plugin across all collections
|
|
69
|
+
* @param plugin instance of the plugin
|
|
70
|
+
* @param options options which need to be passed to the plugin
|
|
71
|
+
* @example
|
|
72
|
+
* import advancedExportPlugin from '@forestadmin/plugin-advanced-export';
|
|
73
|
+
*
|
|
74
|
+
* agent.use(advancedExportPlugin, { format: 'xlsx' });
|
|
75
|
+
*/
|
|
76
|
+
use<Options>(plugin: Plugin<Options>, options?: Options): this;
|
|
67
77
|
/**
|
|
68
78
|
* Create an http handler which can respond to all queries which are expected from an agent.
|
|
69
79
|
*/
|
package/dist/agent.js
CHANGED
|
@@ -99,6 +99,19 @@ class Agent extends framework_mounter_1.default {
|
|
|
99
99
|
this.customizer.customizeCollection(name, handle);
|
|
100
100
|
return this;
|
|
101
101
|
}
|
|
102
|
+
/**
|
|
103
|
+
* Load a plugin across all collections
|
|
104
|
+
* @param plugin instance of the plugin
|
|
105
|
+
* @param options options which need to be passed to the plugin
|
|
106
|
+
* @example
|
|
107
|
+
* import advancedExportPlugin from '@forestadmin/plugin-advanced-export';
|
|
108
|
+
*
|
|
109
|
+
* agent.use(advancedExportPlugin, { format: 'xlsx' });
|
|
110
|
+
*/
|
|
111
|
+
use(plugin, options) {
|
|
112
|
+
this.customizer.use(plugin, options);
|
|
113
|
+
return this;
|
|
114
|
+
}
|
|
102
115
|
/**
|
|
103
116
|
* Create an http handler which can respond to all queries which are expected from an agent.
|
|
104
117
|
*/
|
|
@@ -130,4 +143,4 @@ class Agent extends framework_mounter_1.default {
|
|
|
130
143
|
}
|
|
131
144
|
}
|
|
132
145
|
exports.default = Agent;
|
|
133
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
146
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWdlbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvYWdlbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSx1REFBdUQ7QUFDdkQsOEVBUTRDO0FBRTVDLHlEQUFpQztBQUNqQyxvRUFBd0M7QUFDeEMscURBQTZCO0FBRzdCLDhFQUFvRDtBQUNwRCw0RUFBbUQ7QUFDbkQsa0ZBQXlEO0FBQ3pELDRFQUEwRDtBQUMxRCxzREFBa0M7QUFDbEMsMERBQXNDO0FBRXRDOzs7Ozs7Ozs7R0FTRztBQUNILE1BQXFCLEtBQW1DLFNBQVEsMkJBQWdCO0lBSTlFOzs7Ozs7Ozs7Ozs7Ozs7T0FlRztJQUNILFlBQVksT0FBcUI7UUFDL0IsTUFBTSxVQUFVLEdBQUcsMkJBQWdCLENBQUMsUUFBUSxDQUFDLDJCQUFnQixDQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1FBQ3JGLEtBQUssQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLFVBQVUsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUU1QyxJQUFJLENBQUMsT0FBTyxHQUFHLFVBQVUsQ0FBQztRQUMxQixJQUFJLENBQUMsVUFBVSxHQUFHLElBQUksNENBQW9CLEVBQUssQ0FBQztJQUNsRCxDQUFDO0lBRUQ7O09BRUc7SUFDTSxLQUFLLENBQUMsS0FBSztRQUNsQixNQUFNLEVBQUUsTUFBTSxFQUFFLFdBQVcsRUFBRSxlQUFlLEVBQUUsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDO1FBRTlELE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDL0QsTUFBTSxDQUFDLE1BQU0sQ0FBQyxHQUFHLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQztZQUNqQyxJQUFJLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQztZQUMxQixJQUFJLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQztZQUMzQixDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsWUFBWSxJQUFJLFdBQVc7Z0JBQ3ZDLENBQUMsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLHVCQUF1QixDQUFDLFdBQVcsRUFBRSxlQUFlLENBQUM7Z0JBQ3ZFLENBQUMsQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFO1NBQ3RCLENBQUMsQ0FBQztRQUVILE9BQU8sS0FBSyxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUM3QixDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILGFBQWEsQ0FBQyxPQUEwQixFQUFFLE9BQTJCO1FBQ25FLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLE9BQU8sRUFBRSxPQUFPLENBQUMsQ0FBQztRQUVoRCxPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7T0FXRztJQUNILFFBQVEsQ0FBQyxJQUFZLEVBQUUsVUFBOEI7UUFDbkQsSUFBSSxDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBRTNDLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVEOzs7Ozs7O09BT0c7SUFDSCxtQkFBbUIsQ0FDakIsSUFBTyxFQUNQLE1BQTJEO1FBRTNELElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLENBQUMsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRWxELE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0gsR0FBRyxDQUFVLE1BQXVCLEVBQUUsT0FBaUI7UUFDckQsSUFBSSxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBRXJDLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVEOztPQUVHO0lBQ0ssS0FBSyxDQUFDLFNBQVMsQ0FBQyxVQUFzQjtRQUM1QyxnQkFBZ0I7UUFDaEIsTUFBTSxRQUFRLEdBQUcsSUFBQSxrQkFBWSxFQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM1QyxNQUFNLE1BQU0sR0FBRyxJQUFBLGdCQUFVLEVBQUMsVUFBVSxFQUFFLElBQUksQ0FBQyxPQUFPLEVBQUUsUUFBUSxDQUFDLENBQUM7UUFDOUQsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBRTFELGVBQWU7UUFDZixNQUFNLE1BQU0sR0FBRyxJQUFJLGdCQUFNLEVBQUUsQ0FBQztRQUM1QixNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxJQUFBLGNBQUksRUFBQyxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLEVBQUUsR0FBRyxJQUFJLEVBQUUsb0JBQW9CLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQy9GLE1BQU0sQ0FBQyxHQUFHLENBQUMsSUFBQSx3QkFBVSxFQUFDLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxDQUFDLENBQUMsQ0FBQztRQUM5QyxNQUFNLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO1FBRW5ELE9BQU8sTUFBTSxDQUFDO0lBQ2hCLENBQUM7SUFFRDs7T0FFRztJQUNLLEtBQUssQ0FBQyxVQUFVLENBQUMsVUFBc0I7UUFDN0MsTUFBTSxNQUFNLEdBQUcsTUFBTSxpQkFBYSxDQUFDLG1CQUFtQixDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsVUFBVSxDQUFDLENBQUM7UUFDakYsTUFBTSxhQUFhLEdBQUcsTUFBTSx5QkFBYSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLENBQUM7UUFFOUYsSUFBSSxDQUFDLGFBQWEsRUFBRTtZQUNsQixJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUseUNBQXlDLENBQUMsQ0FBQztZQUN2RSxNQUFNLHlCQUFhLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsTUFBTSxDQUFDLENBQUM7U0FDeEQ7YUFBTTtZQUNMLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSx1Q0FBdUMsQ0FBQyxDQUFDO1NBQ3RFO0lBQ0gsQ0FBQztDQUNGO0FBM0lELHdCQTJJQyJ9
|
|
@@ -22,7 +22,7 @@ class Chart extends collection_route_1.default {
|
|
|
22
22
|
router.post(`/stats/${this.collection.name}`, this.handleChart.bind(this));
|
|
23
23
|
}
|
|
24
24
|
async handleChart(context) {
|
|
25
|
-
await this.services.
|
|
25
|
+
await this.services.permissions.canChart(context);
|
|
26
26
|
context.response.body = {
|
|
27
27
|
data: {
|
|
28
28
|
id: (0, uuid_1.v1)(),
|
|
@@ -79,7 +79,11 @@ class Chart extends collection_route_1.default {
|
|
|
79
79
|
}
|
|
80
80
|
async makeLineChart(context) {
|
|
81
81
|
const { aggregate, aggregate_field: aggregateField, group_by_date_field: groupByDateField, time_range: timeRange, } = context.request.body;
|
|
82
|
-
const
|
|
82
|
+
const filter = await this.getFilter(context);
|
|
83
|
+
const filterOnlyWithValues = filter.override({
|
|
84
|
+
conditionTree: datasource_toolkit_1.ConditionTreeFactory.intersect(filter.conditionTree, new datasource_toolkit_1.ConditionTreeLeaf(groupByDateField, 'Present')),
|
|
85
|
+
});
|
|
86
|
+
const rows = await this.collection.aggregate(query_string_1.default.parseCaller(context), filterOnlyWithValues, new datasource_toolkit_1.Aggregation({
|
|
83
87
|
operation: aggregate,
|
|
84
88
|
field: aggregateField,
|
|
85
89
|
groups: [{ field: groupByDateField, operation: timeRange }],
|
|
@@ -148,7 +152,7 @@ class Chart extends collection_route_1.default {
|
|
|
148
152
|
return rows.length ? rows[0].value : 0;
|
|
149
153
|
}
|
|
150
154
|
async getFilter(context) {
|
|
151
|
-
const scope = await this.services.
|
|
155
|
+
const scope = await this.services.permissions.getScope(this.collection, context);
|
|
152
156
|
return context_filter_factory_1.default.build(this.collection, context, scope);
|
|
153
157
|
}
|
|
154
158
|
}
|
|
@@ -159,4 +163,4 @@ Chart.formats = {
|
|
|
159
163
|
Month: 'MMM yy',
|
|
160
164
|
Year: 'yyyy',
|
|
161
165
|
};
|
|
162
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
166
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhcnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcm91dGVzL2FjY2Vzcy9jaGFydC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLHdFQVd5QztBQUV6QyxpQ0FBaUM7QUFDakMsK0JBQW9DO0FBR3BDLDJFQUFrRDtBQUNsRCxnR0FBc0U7QUFDdEUsNEVBQXlEO0FBRXpELElBQUssU0FNSjtBQU5ELFdBQUssU0FBUztJQUNaLDRCQUFlLENBQUE7SUFDZixvQ0FBdUIsQ0FBQTtJQUN2Qix3QkFBVyxDQUFBO0lBQ1gsMEJBQWEsQ0FBQTtJQUNiLHdDQUEyQixDQUFBO0FBQzdCLENBQUMsRUFOSSxTQUFTLEtBQVQsU0FBUyxRQU1iO0FBRUQsTUFBcUIsS0FBTSxTQUFRLDBCQUFlO0lBUWhELFdBQVcsQ0FBQyxNQUFjO1FBQ3hCLE1BQU0sQ0FBQyxJQUFJLENBQUMsVUFBVSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxFQUFFLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDN0UsQ0FBQztJQUVELEtBQUssQ0FBQyxXQUFXLENBQUMsT0FBZ0I7UUFDaEMsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFbEQsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUc7WUFDdEIsSUFBSSxFQUFFO2dCQUNKLEVBQUUsRUFBRSxJQUFBLFNBQU0sR0FBRTtnQkFDWixJQUFJLEVBQUUsT0FBTztnQkFDYixVQUFVLEVBQUUsRUFBRSxLQUFLLEVBQUUsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxFQUFFO2FBQ3JEO1NBQ0YsQ0FBQztJQUNKLENBQUM7SUFFTyxLQUFLLENBQUMsU0FBUyxDQUFDLE9BQWdCO1FBQ3RDLE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDO1FBRWpDLFFBQVEsSUFBSSxDQUFDLElBQUksRUFBRTtZQUNqQixLQUFLLFNBQVMsQ0FBQyxLQUFLO2dCQUNsQixPQUFPLElBQUksQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDdEMsS0FBSyxTQUFTLENBQUMsV0FBVztnQkFDeEIsT0FBTyxJQUFJLENBQUMsb0JBQW9CLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDNUMsS0FBSyxTQUFTLENBQUMsU0FBUztnQkFDdEIsT0FBTyxJQUFJLENBQUMsa0JBQWtCLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDMUMsS0FBSyxTQUFTLENBQUMsR0FBRztnQkFDaEIsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBQ3BDLEtBQUssU0FBUyxDQUFDLElBQUk7Z0JBQ2pCLE9BQU8sSUFBSSxDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUNyQztnQkFDRSxNQUFNLElBQUksb0NBQWUsQ0FBQyx1QkFBdUIsSUFBSSxDQUFDLElBQUksR0FBRyxDQUFDLENBQUM7U0FDbEU7SUFDSCxDQUFDO0lBRU8sS0FBSyxDQUFDLGNBQWMsQ0FDMUIsT0FBZ0I7UUFFaEIsTUFBTSxNQUFNLEdBQUcsc0JBQWlCLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RELE1BQU0sYUFBYSxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNwRCxNQUFNLE1BQU0sR0FBRztZQUNiLFlBQVksRUFBRSxNQUFNLElBQUksQ0FBQyxZQUFZLENBQUMsT0FBTyxFQUFFLGFBQWEsQ0FBQztZQUM3RCxhQUFhLEVBQUUsU0FBUztTQUN6QixDQUFDO1FBRUYsTUFBTSxlQUFlLEdBQ2xCLGFBQWEsQ0FBQyxhQUFxQyxFQUFFLFVBQVUsS0FBSyxLQUFLLENBQUM7UUFDN0UsTUFBTSxpQkFBaUIsR0FBRyxhQUFhLENBQUMsYUFBYSxFQUFFLFFBQVEsQ0FDN0QsSUFBSSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQ2pDLENBQUM7UUFFRixJQUFJLGlCQUFpQixJQUFJLENBQUMsZUFBZSxFQUFFO1lBQ3pDLE1BQU0sQ0FBQyxhQUFhLEdBQUcsTUFBTSxJQUFJLENBQUMsWUFBWSxDQUM1QyxPQUFPLEVBQ1Asa0NBQWEsQ0FBQyx1QkFBdUIsQ0FBQyxhQUFhLEVBQUUsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUN0RSxDQUFDO1NBQ0g7UUFFRCxPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDO0lBRU8sS0FBSyxDQUFDLGtCQUFrQixDQUFDLE9BQWdCO1FBQy9DLE9BQU8sRUFBRSxLQUFLLEVBQUUsTUFBTSxJQUFJLENBQUMsWUFBWSxDQUFDLE9BQU8sRUFBRSxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxDQUFDO0lBQ3BGLENBQUM7SUFFTyxLQUFLLENBQUMsWUFBWSxDQUFDLE9BQWdCO1FBQ3pDLE1BQU0sRUFDSixjQUFjLEVBQUUsWUFBWSxFQUM1QixTQUFTLEVBQ1QsZUFBZSxFQUFFLGNBQWMsR0FDaEMsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQztRQUV6QixNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUMxQyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLEVBQ3RDLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsRUFDN0IsSUFBSSxnQ0FBVyxDQUFDO1lBQ2QsU0FBUyxFQUFFLFNBQVM7WUFDcEIsS0FBSyxFQUFFLGNBQWM7WUFDckIsTUFBTSxFQUFFLENBQUMsRUFBRSxLQUFLLEVBQUUsWUFBWSxFQUFFLENBQUM7U0FDbEMsQ0FBQyxDQUNILENBQUM7UUFFRixPQUFPLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ3RCLEdBQUcsRUFBRSxHQUFHLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBVztZQUN0QyxLQUFLLEVBQUUsR0FBRyxDQUFDLEtBQWU7U0FDM0IsQ0FBQyxDQUFDLENBQUM7SUFDTixDQUFDO0lBRU8sS0FBSyxDQUFDLGFBQWEsQ0FBQyxPQUFnQjtRQUMxQyxNQUFNLEVBQ0osU0FBUyxFQUNULGVBQWUsRUFBRSxjQUFjLEVBQy9CLG1CQUFtQixFQUFFLGdCQUFnQixFQUNyQyxVQUFVLEVBQUUsU0FBUyxHQUN0QixHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDO1FBRXpCLE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM3QyxNQUFNLG9CQUFvQixHQUFHLE1BQU0sQ0FBQyxRQUFRLENBQUM7WUFDM0MsYUFBYSxFQUFFLHlDQUFvQixDQUFDLFNBQVMsQ0FDM0MsTUFBTSxDQUFDLGFBQWEsRUFDcEIsSUFBSSxzQ0FBaUIsQ0FBQyxnQkFBZ0IsRUFBRSxTQUFTLENBQUMsQ0FDbkQ7U0FDRixDQUFDLENBQUM7UUFDSCxNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUMxQyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLEVBQ3RDLG9CQUFvQixFQUNwQixJQUFJLGdDQUFXLENBQUM7WUFDZCxTQUFTLEVBQUUsU0FBUztZQUNwQixLQUFLLEVBQUUsY0FBYztZQUNyQixNQUFNLEVBQUUsQ0FBQyxFQUFFLEtBQUssRUFBRSxnQkFBZ0IsRUFBRSxTQUFTLEVBQUUsU0FBUyxFQUFFLENBQUM7U0FDNUQsQ0FBQyxDQUNILENBQUM7UUFFRixNQUFNLE1BQU0sR0FBRyxFQUFFLENBQUM7UUFDbEIsSUFBSSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsRUFBRTtZQUNqQixNQUFNLENBQUMsZ0JBQVEsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBVyxDQUFDLENBQUMsU0FBUyxFQUFFLENBQUMsR0FBRyxNQUFNLENBQ2xGLEdBQUcsQ0FBQyxLQUFLLENBQ1YsQ0FBQztRQUNKLENBQUMsQ0FBQyxDQUFDO1FBRUgsTUFBTSxLQUFLLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxLQUFLLEVBQUUsS0FBSyxFQUFFLEVBQUUsQ0FBQyxLQUFLLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7UUFDckYsTUFBTSxJQUFJLEdBQUcsZ0JBQVEsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUV2RCxNQUFNLFVBQVUsR0FBRyxFQUFFLENBQUM7UUFDdEIsTUFBTSxNQUFNLEdBQUcsS0FBSyxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUV4QyxLQUNFLElBQUksT0FBTyxHQUFHLGdCQUFRLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUN4QyxPQUFPLElBQUksSUFBSSxFQUNmLE9BQU8sR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLEVBQUUsQ0FBQyxFQUMxQztZQUNBLE1BQU0sS0FBSyxHQUFHLE9BQU8sQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDdkMsTUFBTSxLQUFLLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxTQUFTLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUMvQyxVQUFVLENBQUMsSUFBSSxDQUFDLEVBQUUsS0FBSyxFQUFFLE1BQU0sRUFBRSxFQUFFLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztTQUMvQztRQUVELE9BQU8sVUFBVSxDQUFDO0lBQ3BCLENBQUM7SUFFTyxLQUFLLENBQUMsb0JBQW9CLENBQ2hDLE9BQWdCO1FBRWhCLE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDO1FBQ2pDLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsa0JBQWtCLENBQW1CLENBQUM7UUFFdkYsSUFBSSxVQUFrQixDQUFDO1FBQ3ZCLElBQUksTUFBYyxDQUFDO1FBQ25CLElBQUksV0FBd0IsQ0FBQztRQUU3QixJQUFJLEtBQUssRUFBRSxJQUFJLEtBQUssV0FBVyxFQUFFO1lBQy9CLE1BQU0sT0FBTyxHQUFHLG9DQUFlLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsa0JBQWtCLENBQUMsQ0FBQztZQUU3RixJQUFJLE9BQU8sRUFBRTtnQkFDWCxVQUFVLEdBQUcsS0FBSyxDQUFDLGlCQUFpQixDQUFDO2dCQUNyQyxNQUFNLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ3ZELFdBQVcsR0FBRyxJQUFJLGdDQUFXLENBQUM7b0JBQzVCLFNBQVMsRUFBRSxJQUFJLENBQUMsU0FBUztvQkFDekIsS0FBSyxFQUFFLElBQUksQ0FBQyxlQUFlO29CQUMzQixNQUFNLEVBQUUsQ0FBQyxFQUFFLEtBQUssRUFBRSxHQUFHLE9BQU8sSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFLEVBQUUsQ0FBQztpQkFDdEQsQ0FBQyxDQUFDO2FBQ0o7U0FDRjtRQUVELElBQUksS0FBSyxFQUFFLElBQUksS0FBSyxZQUFZLEVBQUU7WUFDaEMsTUFBTSxNQUFNLEdBQUcsb0NBQWUsQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO1lBQzFGLE1BQU0sTUFBTSxHQUFHLG9DQUFlLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsa0JBQWtCLENBQUMsQ0FBQztZQUUxRixJQUFJLE1BQU0sSUFBSSxNQUFNLEVBQUU7Z0JBQ3BCLFVBQVUsR0FBRyxLQUFLLENBQUMsaUJBQWlCLENBQUM7Z0JBQ3JDLE1BQU0sR0FBRyxDQUFDLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztnQkFDdEQsV0FBVyxHQUFHLElBQUksZ0NBQVcsQ0FBQztvQkFDNUIsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTO29CQUN6QixLQUFLLEVBQUUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUMsR0FBRyxNQUFNLElBQUksSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDLENBQUMsQ0FBQyxJQUFJO29CQUN4RSxNQUFNLEVBQUUsQ0FBQyxFQUFFLEtBQUssRUFBRSxHQUFHLE1BQU0sSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFLEVBQUUsQ0FBQztpQkFDckQsQ0FBQyxDQUFDO2FBQ0o7U0FDRjtRQUVELElBQUksVUFBVSxJQUFJLE1BQU0sSUFBSSxXQUFXLEVBQUU7WUFDdkMsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVTtpQkFDL0IsYUFBYSxDQUFDLFVBQVUsQ0FBQztpQkFDekIsU0FBUyxDQUFDLHNCQUFpQixDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsRUFBRSxNQUFNLEVBQUUsV0FBVyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztZQUU5RixPQUFPLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDO2dCQUN0QixHQUFHLEVBQUUsR0FBRyxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBVztnQkFDckQsS0FBSyxFQUFFLEdBQUcsQ0FBQyxLQUFlO2FBQzNCLENBQUMsQ0FBQyxDQUFDO1NBQ0w7UUFFRCxNQUFNLElBQUksb0NBQWUsQ0FDdkIsOEVBQThFLENBQy9FLENBQUM7SUFDSixDQUFDO0lBRU8sS0FBSyxDQUFDLFlBQVksQ0FBQyxPQUFnQixFQUFFLE1BQWM7UUFDekQsTUFBTSxFQUFFLFNBQVMsRUFBRSxlQUFlLEVBQUUsY0FBYyxFQUFFLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUM7UUFDNUUsTUFBTSxXQUFXLEdBQUcsSUFBSSxnQ0FBVyxDQUFDLEVBQUUsU0FBUyxFQUFFLFNBQVMsRUFBRSxLQUFLLEVBQUUsY0FBYyxFQUFFLENBQUMsQ0FBQztRQUVyRixNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUMxQyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLEVBQ3RDLE1BQU0sRUFDTixXQUFXLENBQ1osQ0FBQztRQUVGLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUUsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQWdCLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNyRCxDQUFDO0lBRU8sS0FBSyxDQUFDLFNBQVMsQ0FBQyxPQUFnQjtRQUN0QyxNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBRWpGLE9BQU8sZ0NBQW9CLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQ3JFLENBQUM7O0FBM05ILHdCQTROQztBQTNOeUIsYUFBTyxHQUFrQztJQUMvRCxHQUFHLEVBQUUsWUFBWTtJQUNqQixJQUFJLEVBQUUsV0FBVztJQUNqQixLQUFLLEVBQUUsUUFBUTtJQUNmLElBQUksRUFBRSxNQUFNO0NBQ2IsQ0FBQyJ9
|
|
@@ -13,10 +13,10 @@ class CountRelatedRoute extends relation_route_1.default {
|
|
|
13
13
|
router.get(`/${this.collection.name}/:parentId/relationships/${this.relationName}/count`, this.handleCountRelated.bind(this));
|
|
14
14
|
}
|
|
15
15
|
async handleCountRelated(context) {
|
|
16
|
-
await this.services.
|
|
16
|
+
await this.services.permissions.can(context, `browse:${this.collection.name}`);
|
|
17
17
|
if (this.foreignCollection.schema.countable) {
|
|
18
18
|
const parentId = id_1.default.unpackId(this.collection.schema, context.params.parentId);
|
|
19
|
-
const scope = await this.services.
|
|
19
|
+
const scope = await this.services.permissions.getScope(this.foreignCollection, context);
|
|
20
20
|
const caller = query_string_1.default.parseCaller(context);
|
|
21
21
|
const filter = context_filter_factory_1.default.build(this.foreignCollection, context, scope);
|
|
22
22
|
const aggregationResult = await datasource_toolkit_1.CollectionUtils.aggregateRelation(this.collection, parentId, this.relationName, caller, filter, new datasource_toolkit_1.Aggregation({ operation: 'Count' }));
|
|
@@ -28,4 +28,4 @@ class CountRelatedRoute extends relation_route_1.default {
|
|
|
28
28
|
}
|
|
29
29
|
}
|
|
30
30
|
exports.default = CountRelatedRoute;
|
|
31
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
31
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY291bnQtcmVsYXRlZC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9yb3V0ZXMvYWNjZXNzL2NvdW50LXJlbGF0ZWQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSx3RUFBK0U7QUFJL0UsZ0dBQXNFO0FBQ3RFLHdEQUFxQztBQUNyQyw0RUFBeUQ7QUFDekQsdUVBQThDO0FBRTlDLE1BQXFCLGlCQUFrQixTQUFRLHdCQUFhO0lBQzFELFdBQVcsQ0FBQyxNQUFjO1FBQ3hCLE1BQU0sQ0FBQyxHQUFHLENBQ1IsSUFBSSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksNEJBQTRCLElBQUksQ0FBQyxZQUFZLFFBQVEsRUFDN0UsSUFBSSxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FDbkMsQ0FBQztJQUNKLENBQUM7SUFFTSxLQUFLLENBQUMsa0JBQWtCLENBQUMsT0FBZ0I7UUFDOUMsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLFVBQVUsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBRS9FLElBQUksSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FBQyxTQUFTLEVBQUU7WUFDM0MsTUFBTSxRQUFRLEdBQUcsWUFBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQ25GLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxPQUFPLENBQUMsQ0FBQztZQUN4RixNQUFNLE1BQU0sR0FBRyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDdEQsTUFBTSxNQUFNLEdBQUcsZ0NBQW9CLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxPQUFPLEVBQUUsS0FBSyxDQUFDLENBQUM7WUFFbEYsTUFBTSxpQkFBaUIsR0FBRyxNQUFNLG9DQUFlLENBQUMsaUJBQWlCLENBQy9ELElBQUksQ0FBQyxVQUFVLEVBQ2YsUUFBUSxFQUNSLElBQUksQ0FBQyxZQUFZLEVBQ2pCLE1BQU0sRUFDTixNQUFNLEVBQ04sSUFBSSxnQ0FBVyxDQUFDLEVBQUUsU0FBUyxFQUFFLE9BQU8sRUFBRSxDQUFDLENBQ3hDLENBQUM7WUFFRixPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxFQUFFLEtBQUssRUFBRSxpQkFBaUIsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLEtBQUssSUFBSSxDQUFDLEVBQUUsQ0FBQztTQUN2RTthQUFNO1lBQ0wsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUcsRUFBRSxJQUFJLEVBQUUsRUFBRSxLQUFLLEVBQUUsYUFBYSxFQUFFLEVBQUUsQ0FBQztTQUM1RDtJQUNILENBQUM7Q0FDRjtBQS9CRCxvQ0ErQkMifQ==
|
|
@@ -12,9 +12,9 @@ class CountRoute extends collection_route_1.default {
|
|
|
12
12
|
router.get(`/${this.collection.name}/count`, this.handleCount.bind(this));
|
|
13
13
|
}
|
|
14
14
|
async handleCount(context) {
|
|
15
|
-
await this.services.
|
|
15
|
+
await this.services.permissions.can(context, `browse:${this.collection.name}`);
|
|
16
16
|
if (this.collection.schema.countable) {
|
|
17
|
-
const scope = await this.services.
|
|
17
|
+
const scope = await this.services.permissions.getScope(this.collection, context);
|
|
18
18
|
const caller = query_string_1.default.parseCaller(context);
|
|
19
19
|
const filter = context_filter_factory_1.default.build(this.collection, context, scope);
|
|
20
20
|
const aggregation = new datasource_toolkit_1.Aggregation({ operation: 'Count' });
|
|
@@ -28,4 +28,4 @@ class CountRoute extends collection_route_1.default {
|
|
|
28
28
|
}
|
|
29
29
|
}
|
|
30
30
|
exports.default = CountRoute;
|
|
31
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
31
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY291bnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcm91dGVzL2FjY2Vzcy9jb3VudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLHdFQUE4RDtBQUk5RCwyRUFBa0Q7QUFDbEQsZ0dBQXNFO0FBQ3RFLDRFQUF5RDtBQUV6RCxNQUFxQixVQUFXLFNBQVEsMEJBQWU7SUFDckQsV0FBVyxDQUFDLE1BQWM7UUFDeEIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxJQUFJLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxRQUFRLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUM1RSxDQUFDO0lBRU0sS0FBSyxDQUFDLFdBQVcsQ0FBQyxPQUFnQjtRQUN2QyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsVUFBVSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7UUFFL0UsSUFBSSxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxTQUFTLEVBQUU7WUFDcEMsTUFBTSxLQUFLLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsQ0FBQztZQUNqRixNQUFNLE1BQU0sR0FBRyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDdEQsTUFBTSxNQUFNLEdBQUcsZ0NBQW9CLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxFQUFFLEtBQUssQ0FBQyxDQUFDO1lBRTNFLE1BQU0sV0FBVyxHQUFHLElBQUksZ0NBQVcsQ0FBQyxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQzVELE1BQU0saUJBQWlCLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLFdBQVcsQ0FBQyxDQUFDO1lBQ3ZGLE1BQU0sS0FBSyxHQUFHLGlCQUFpQixFQUFFLENBQUMsQ0FBQyxDQUFDLEVBQUUsS0FBSyxJQUFJLENBQUMsQ0FBQztZQUVqRCxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxFQUFFLEtBQUssRUFBRSxDQUFDO1NBQ25DO2FBQU07WUFDTCxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxFQUFFLElBQUksRUFBRSxFQUFFLEtBQUssRUFBRSxhQUFhLEVBQUUsRUFBRSxDQUFDO1NBQzVEO0lBQ0gsQ0FBQztDQUNGO0FBdEJELDZCQXNCQyJ9
|
|
@@ -16,12 +16,12 @@ class CsvRelatedRoute extends relation_route_1.default {
|
|
|
16
16
|
router.get(`/${this.collection.name}/:parentId/relationships/${this.relationName}.csv`, this.handleRelatedCsv.bind(this));
|
|
17
17
|
}
|
|
18
18
|
async handleRelatedCsv(context) {
|
|
19
|
-
await this.services.
|
|
20
|
-
await this.services.
|
|
19
|
+
await this.services.permissions.can(context, `browse:${this.collection.name}`);
|
|
20
|
+
await this.services.permissions.can(context, `export:${this.collection.name}`);
|
|
21
21
|
const { header } = context.request.query;
|
|
22
22
|
csv_route_context_1.default.buildResponse(context);
|
|
23
23
|
const projection = query_string_1.default.parseProjection(this.foreignCollection, context);
|
|
24
|
-
const scope = await this.services.
|
|
24
|
+
const scope = await this.services.permissions.getScope(this.foreignCollection, context);
|
|
25
25
|
const caller = query_string_1.default.parseCaller(context);
|
|
26
26
|
const filter = context_filter_factory_1.default.buildPaginated(this.foreignCollection, context, scope);
|
|
27
27
|
const parentId = id_1.default.unpackId(this.collection.schema, context.params.parentId);
|
|
@@ -30,4 +30,4 @@ class CsvRelatedRoute extends relation_route_1.default {
|
|
|
30
30
|
}
|
|
31
31
|
}
|
|
32
32
|
exports.default = CsvRelatedRoute;
|
|
33
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
33
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3N2LXJlbGF0ZWQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcm91dGVzL2FjY2Vzcy9jc3YtcmVsYXRlZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLHdFQUt5QztBQUl6QyxtQ0FBa0M7QUFDbEMsZ0dBQXNFO0FBQ3RFLDhFQUFxRDtBQUNyRCxzRkFBNEQ7QUFDNUQsd0RBQXFDO0FBQ3JDLDRFQUF5RDtBQUN6RCx1RUFBOEM7QUFFOUMsTUFBcUIsZUFBZ0IsU0FBUSx3QkFBYTtJQUN4RCxXQUFXLENBQUMsTUFBYztRQUN4QixNQUFNLENBQUMsR0FBRyxDQUNSLElBQUksSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLDRCQUE0QixJQUFJLENBQUMsWUFBWSxNQUFNLEVBQzNFLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQ2pDLENBQUM7SUFDSixDQUFDO0lBRUQsS0FBSyxDQUFDLGdCQUFnQixDQUFDLE9BQWdCO1FBQ3JDLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxVQUFVLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztRQUMvRSxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsVUFBVSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7UUFFL0UsTUFBTSxFQUFFLE1BQU0sRUFBRSxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsS0FBK0IsQ0FBQztRQUNuRSwyQkFBZSxDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUV2QyxNQUFNLFVBQVUsR0FBRyxzQkFBaUIsQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLGlCQUFpQixFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ3RGLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUN4RixNQUFNLE1BQU0sR0FBRyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDdEQsTUFBTSxNQUFNLEdBQUcsZ0NBQW9CLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxPQUFPLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDM0YsTUFBTSxRQUFRLEdBQUcsWUFBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRW5GLE1BQU0sR0FBRyxHQUFHLHVCQUFZLENBQUMsUUFBUSxDQUMvQixNQUFNLEVBQ04sVUFBVSxFQUNWLE1BQU0sRUFDTixNQUFNLEVBQ04sSUFBSSxDQUFDLGlCQUFpQixFQUN0QixLQUFLLEVBQUUsR0FBVyxFQUFFLEdBQW9CLEVBQUUsSUFBZ0IsRUFBRSxFQUFFLENBQzVELG9DQUFlLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsUUFBUSxFQUFFLElBQUksQ0FBQyxZQUFZLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxJQUFJLENBQUMsQ0FDN0YsQ0FBQztRQUNGLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxHQUFHLGlCQUFRLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzdDLENBQUM7Q0FDRjtBQWhDRCxrQ0FnQ0MifQ==
|
|
@@ -14,12 +14,12 @@ class CsvRoute extends collection_route_1.default {
|
|
|
14
14
|
router.get(`/${this.collection.name}.csv`, this.handleCsv.bind(this));
|
|
15
15
|
}
|
|
16
16
|
async handleCsv(context) {
|
|
17
|
-
await this.services.
|
|
18
|
-
await this.services.
|
|
17
|
+
await this.services.permissions.can(context, `browse:${this.collection.name}`);
|
|
18
|
+
await this.services.permissions.can(context, `export:${this.collection.name}`);
|
|
19
19
|
const { header } = context.request.query;
|
|
20
20
|
csv_route_context_1.default.buildResponse(context);
|
|
21
21
|
const projection = query_string_1.default.parseProjection(this.collection, context);
|
|
22
|
-
const scope = await this.services.
|
|
22
|
+
const scope = await this.services.permissions.getScope(this.collection, context);
|
|
23
23
|
const caller = query_string_1.default.parseCaller(context);
|
|
24
24
|
const filter = context_filter_factory_1.default.buildPaginated(this.collection, context, scope);
|
|
25
25
|
const list = this.collection.list.bind(this.collection);
|
|
@@ -28,4 +28,4 @@ class CsvRoute extends collection_route_1.default {
|
|
|
28
28
|
}
|
|
29
29
|
}
|
|
30
30
|
exports.default = CsvRoute;
|
|
31
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
31
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3N2LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9hY2Nlc3MvY3N2LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBR0EsbUNBQWtDO0FBQ2xDLDJFQUFrRDtBQUNsRCxnR0FBc0U7QUFDdEUsOEVBQXFEO0FBQ3JELHNGQUE0RDtBQUM1RCw0RUFBeUQ7QUFFekQsTUFBcUIsUUFBUyxTQUFRLDBCQUFlO0lBQ25ELFdBQVcsQ0FBQyxNQUFjO1FBQ3hCLE1BQU0sQ0FBQyxHQUFHLENBQUMsSUFBSSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksTUFBTSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDeEUsQ0FBQztJQUVELEtBQUssQ0FBQyxTQUFTLENBQUMsT0FBZ0I7UUFDOUIsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLFVBQVUsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBQy9FLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxVQUFVLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztRQUUvRSxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxLQUErQixDQUFDO1FBQ25FLDJCQUFlLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRXZDLE1BQU0sVUFBVSxHQUFHLHNCQUFpQixDQUFDLGVBQWUsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQy9FLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDakYsTUFBTSxNQUFNLEdBQUcsc0JBQWlCLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RELE1BQU0sTUFBTSxHQUFHLGdDQUFvQixDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE9BQU8sRUFBRSxLQUFLLENBQUMsQ0FBQztRQUVwRixNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQ3hELE1BQU0sR0FBRyxHQUFHLHVCQUFZLENBQUMsUUFBUSxDQUFDLE1BQU0sRUFBRSxVQUFVLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxJQUFJLENBQUMsVUFBVSxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQzdGLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxHQUFHLGlCQUFRLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzdDLENBQUM7Q0FDRjtBQXJCRCwyQkFxQkMifQ==
|
|
@@ -13,10 +13,10 @@ class GetRoute extends collection_route_1.default {
|
|
|
13
13
|
router.get(`/${this.collection.name}/:id`, this.handleGet.bind(this));
|
|
14
14
|
}
|
|
15
15
|
async handleGet(context) {
|
|
16
|
-
await this.services.
|
|
16
|
+
await this.services.permissions.can(context, `read:${this.collection.name}`);
|
|
17
17
|
const id = id_1.default.unpackId(this.collection.schema, context.params.id);
|
|
18
18
|
const filter = new datasource_toolkit_1.PaginatedFilter({
|
|
19
|
-
conditionTree: datasource_toolkit_1.ConditionTreeFactory.intersect(datasource_toolkit_1.ConditionTreeFactory.matchIds(this.collection.schema, [id]), await this.services.
|
|
19
|
+
conditionTree: datasource_toolkit_1.ConditionTreeFactory.intersect(datasource_toolkit_1.ConditionTreeFactory.matchIds(this.collection.schema, [id]), await this.services.permissions.getScope(this.collection, context)),
|
|
20
20
|
});
|
|
21
21
|
const records = await this.collection.list(query_string_1.default.parseCaller(context), filter, datasource_toolkit_1.ProjectionFactory.all(this.collection));
|
|
22
22
|
if (!records.length) {
|
|
@@ -26,4 +26,4 @@ class GetRoute extends collection_route_1.default {
|
|
|
26
26
|
}
|
|
27
27
|
}
|
|
28
28
|
exports.default = GetRoute;
|
|
29
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
29
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ2V0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9hY2Nlc3MvZ2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBSXlDO0FBSXpDLHVDQUF1QztBQUN2QywyRUFBa0Q7QUFDbEQsd0RBQXFDO0FBQ3JDLDRFQUF5RDtBQUV6RCxNQUFxQixRQUFTLFNBQVEsMEJBQWU7SUFDbkQsV0FBVyxDQUFDLE1BQWM7UUFDeEIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxJQUFJLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxNQUFNLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUN4RSxDQUFDO0lBRU0sS0FBSyxDQUFDLFNBQVMsQ0FBQyxPQUFnQjtRQUNyQyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsUUFBUSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7UUFFN0UsTUFBTSxFQUFFLEdBQUcsWUFBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ3ZFLE1BQU0sTUFBTSxHQUFHLElBQUksb0NBQWUsQ0FBQztZQUNqQyxhQUFhLEVBQUUseUNBQW9CLENBQUMsU0FBUyxDQUMzQyx5Q0FBb0IsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQyxFQUMzRCxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE9BQU8sQ0FBQyxDQUNuRTtTQUNGLENBQUMsQ0FBQztRQUVILE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQ3hDLHNCQUFpQixDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsRUFDdEMsTUFBTSxFQUNOLHNDQUFpQixDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQ3ZDLENBQUM7UUFFRixJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRTtZQUNuQixPQUFPLENBQUMsS0FBSyxDQUFDLGdCQUFRLENBQUMsUUFBUSxFQUFFLHdCQUF3QixDQUFDLENBQUM7U0FDNUQ7UUFFRCxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUMxRixDQUFDO0NBQ0Y7QUE1QkQsMkJBNEJDIn0=
|
|
@@ -13,13 +13,13 @@ class ListRelatedRoute extends relation_route_1.default {
|
|
|
13
13
|
router.get(`/${this.collection.name}/:parentId/relationships/${this.relationName}`, this.handleListRelated.bind(this));
|
|
14
14
|
}
|
|
15
15
|
async handleListRelated(context) {
|
|
16
|
-
await this.services.
|
|
16
|
+
await this.services.permissions.can(context, `browse:${this.collection.name}`);
|
|
17
17
|
const parentId = id_1.default.unpackId(this.collection.schema, context.params.parentId);
|
|
18
|
-
const scope = await this.services.
|
|
18
|
+
const scope = await this.services.permissions.getScope(this.foreignCollection, context);
|
|
19
19
|
const paginatedFilter = context_filter_factory_1.default.buildPaginated(this.foreignCollection, context, scope);
|
|
20
20
|
const records = await datasource_toolkit_1.CollectionUtils.listRelation(this.collection, parentId, this.relationName, query_string_1.default.parseCaller(context), paginatedFilter, query_string_1.default.parseProjectionWithPks(this.foreignCollection, context));
|
|
21
21
|
context.response.body = this.services.serializer.serializeWithSearchMetadata(this.foreignCollection, records, paginatedFilter.search);
|
|
22
22
|
}
|
|
23
23
|
}
|
|
24
24
|
exports.default = ListRelatedRoute;
|
|
25
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
25
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibGlzdC1yZWxhdGVkLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9hY2Nlc3MvbGlzdC1yZWxhdGVkLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBQWtFO0FBSWxFLGdHQUFzRTtBQUN0RSx3REFBcUM7QUFDckMsNEVBQXlEO0FBQ3pELHVFQUE4QztBQUU5QyxNQUFxQixnQkFBaUIsU0FBUSx3QkFBYTtJQUN6RCxXQUFXLENBQUMsTUFBYztRQUN4QixNQUFNLENBQUMsR0FBRyxDQUNSLElBQUksSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLDRCQUE0QixJQUFJLENBQUMsWUFBWSxFQUFFLEVBQ3ZFLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQ2xDLENBQUM7SUFDSixDQUFDO0lBRU0sS0FBSyxDQUFDLGlCQUFpQixDQUFDLE9BQWdCO1FBQzdDLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxVQUFVLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztRQUUvRSxNQUFNLFFBQVEsR0FBRyxZQUFPLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDbkYsTUFBTSxLQUFLLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLGlCQUFpQixFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ3hGLE1BQU0sZUFBZSxHQUFHLGdDQUFvQixDQUFDLGNBQWMsQ0FDekQsSUFBSSxDQUFDLGlCQUFpQixFQUN0QixPQUFPLEVBQ1AsS0FBSyxDQUNOLENBQUM7UUFFRixNQUFNLE9BQU8sR0FBRyxNQUFNLG9DQUFlLENBQUMsWUFBWSxDQUNoRCxJQUFJLENBQUMsVUFBVSxFQUNmLFFBQVEsRUFDUixJQUFJLENBQUMsWUFBWSxFQUNqQixzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLEVBQ3RDLGVBQWUsRUFDZixzQkFBaUIsQ0FBQyxzQkFBc0IsQ0FBQyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsT0FBTyxDQUFDLENBQzFFLENBQUM7UUFFRixPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQywyQkFBMkIsQ0FDMUUsSUFBSSxDQUFDLGlCQUFpQixFQUN0QixPQUFPLEVBQ1AsZUFBZSxDQUFDLE1BQU0sQ0FDdkIsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQWxDRCxtQ0FrQ0MifQ==
|
|
@@ -11,12 +11,12 @@ class ListRoute extends collection_route_1.default {
|
|
|
11
11
|
router.get(`/${this.collection.name}`, this.handleList.bind(this));
|
|
12
12
|
}
|
|
13
13
|
async handleList(context) {
|
|
14
|
-
await this.services.
|
|
15
|
-
const scope = await this.services.
|
|
14
|
+
await this.services.permissions.can(context, `browse:${this.collection.name}`);
|
|
15
|
+
const scope = await this.services.permissions.getScope(this.collection, context);
|
|
16
16
|
const paginatedFilter = context_filter_factory_1.default.buildPaginated(this.collection, context, scope);
|
|
17
17
|
const records = await this.collection.list(query_string_1.default.parseCaller(context), paginatedFilter, query_string_1.default.parseProjectionWithPks(this.collection, context));
|
|
18
18
|
context.response.body = this.services.serializer.serializeWithSearchMetadata(this.collection, records, paginatedFilter.search);
|
|
19
19
|
}
|
|
20
20
|
}
|
|
21
21
|
exports.default = ListRoute;
|
|
22
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
22
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibGlzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9yb3V0ZXMvYWNjZXNzL2xpc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFHQSwyRUFBa0Q7QUFDbEQsZ0dBQXNFO0FBQ3RFLDRFQUF5RDtBQUV6RCxNQUFxQixTQUFVLFNBQVEsMEJBQWU7SUFDcEQsV0FBVyxDQUFDLE1BQWM7UUFDeEIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxJQUFJLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxFQUFFLEVBQUUsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUNyRSxDQUFDO0lBRU0sS0FBSyxDQUFDLFVBQVUsQ0FBQyxPQUFnQjtRQUN0QyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsVUFBVSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7UUFFL0UsTUFBTSxLQUFLLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUNqRixNQUFNLGVBQWUsR0FBRyxnQ0FBb0IsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFFN0YsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FDeEMsc0JBQWlCLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxFQUN0QyxlQUFlLEVBQ2Ysc0JBQWlCLENBQUMsc0JBQXNCLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsQ0FDbkUsQ0FBQztRQUVGLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsVUFBVSxDQUFDLDJCQUEyQixDQUMxRSxJQUFJLENBQUMsVUFBVSxFQUNmLE9BQU8sRUFDUCxlQUFlLENBQUMsTUFBTSxDQUN2QixDQUFDO0lBQ0osQ0FBQztDQUNGO0FBdkJELDRCQXVCQyJ9
|
|
@@ -10,7 +10,7 @@ export default class ActionRoute extends CollectionRoute {
|
|
|
10
10
|
setupRoutes(router: Router): void;
|
|
11
11
|
private handleExecute;
|
|
12
12
|
private handleHook;
|
|
13
|
-
private
|
|
13
|
+
private checkPermissions;
|
|
14
14
|
private getRecordSelection;
|
|
15
15
|
}
|
|
16
16
|
//# sourceMappingURL=action.d.ts.map
|
|
@@ -20,11 +20,12 @@ class ActionRoute extends collection_route_1.default {
|
|
|
20
20
|
setupRoutes(router) {
|
|
21
21
|
const actionIndex = Object.keys(this.collection.schema.actions).indexOf(this.actionName);
|
|
22
22
|
const path = `/_actions/${this.collection.name}/${actionIndex}`;
|
|
23
|
-
router.post(`${path}/:slug`, this.
|
|
23
|
+
router.post(`${path}/:slug`, this.handleExecute.bind(this));
|
|
24
24
|
router.post(`${path}/:slug/hooks/load`, this.handleHook.bind(this));
|
|
25
25
|
router.post(`${path}/:slug/hooks/change`, this.handleHook.bind(this));
|
|
26
26
|
}
|
|
27
27
|
async handleExecute(context) {
|
|
28
|
+
await this.checkPermissions(context);
|
|
28
29
|
const { dataSource } = this.collection;
|
|
29
30
|
const caller = query_string_1.default.parseCaller(context);
|
|
30
31
|
const filter = await this.getRecordSelection(context);
|
|
@@ -65,7 +66,7 @@ class ActionRoute extends collection_route_1.default {
|
|
|
65
66
|
}
|
|
66
67
|
}
|
|
67
68
|
async handleHook(context) {
|
|
68
|
-
await this.
|
|
69
|
+
await this.checkPermissions(context);
|
|
69
70
|
const { dataSource } = this.collection;
|
|
70
71
|
const forestFields = context.request.body?.data?.attributes?.fields;
|
|
71
72
|
const data = forestFields
|
|
@@ -78,33 +79,15 @@ class ActionRoute extends collection_route_1.default {
|
|
|
78
79
|
fields: fields.map(field => generator_actions_1.default.buildFieldSchema(this.collection.dataSource, field)),
|
|
79
80
|
};
|
|
80
81
|
}
|
|
81
|
-
async
|
|
82
|
-
|
|
83
|
-
if (requestBody?.data?.attributes?.signed_approval_request) {
|
|
84
|
-
const signedParameters = this.services.authorization.verifySignedActionParameters(requestBody.data.attributes.signed_approval_request);
|
|
85
|
-
await this.services.authorization.assertCanApproveCustomAction({
|
|
86
|
-
context,
|
|
87
|
-
customActionName: this.actionName,
|
|
88
|
-
collectionName: this.collection.name,
|
|
89
|
-
requesterId: signedParameters?.data?.attributes?.requester_id,
|
|
90
|
-
});
|
|
91
|
-
context.request.body = signedParameters;
|
|
92
|
-
}
|
|
93
|
-
else {
|
|
94
|
-
await this.services.authorization.assertCanTriggerCustomAction({
|
|
95
|
-
context,
|
|
96
|
-
customActionName: this.actionName,
|
|
97
|
-
collectionName: this.collection.name,
|
|
98
|
-
});
|
|
99
|
-
}
|
|
100
|
-
return next();
|
|
82
|
+
async checkPermissions(context) {
|
|
83
|
+
await this.services.permissions.can(context, `custom:${this.actionName}:${this.collection.name}`);
|
|
101
84
|
}
|
|
102
85
|
async getRecordSelection(context) {
|
|
103
86
|
const selectionIds = body_parser_1.default.parseSelectionIds(this.collection.schema, context);
|
|
104
87
|
let selectedIds = datasource_toolkit_1.ConditionTreeFactory.matchIds(this.collection.schema, selectionIds.ids);
|
|
105
88
|
if (selectionIds.areExcluded)
|
|
106
89
|
selectedIds = selectedIds.inverse();
|
|
107
|
-
const conditionTree = datasource_toolkit_1.ConditionTreeFactory.intersect(selectedIds, query_string_1.default.parseConditionTree(this.collection, context), await this.services.
|
|
90
|
+
const conditionTree = datasource_toolkit_1.ConditionTreeFactory.intersect(selectedIds, query_string_1.default.parseConditionTree(this.collection, context), await this.services.permissions.getScope(this.collection, context));
|
|
108
91
|
const caller = query_string_1.default.parseCaller(context);
|
|
109
92
|
const filter = context_filter_factory_1.default.build(this.collection, context, null, { conditionTree });
|
|
110
93
|
const attributes = context.request?.body?.data?.attributes;
|
|
@@ -118,4 +101,4 @@ class ActionRoute extends collection_route_1.default {
|
|
|
118
101
|
}
|
|
119
102
|
}
|
|
120
103
|
exports.default = ActionRoute;
|
|
121
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
104
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWN0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9tb2RpZmljYXRpb24vYWN0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBS3lDO0FBSXpDLHVDQUFpRTtBQUVqRSwwRUFBaUQ7QUFDakQsMkVBQWtEO0FBQ2xELGdHQUFzRTtBQUN0RSw0RkFBMkU7QUFDM0Usd0RBQXFDO0FBQ3JDLDRFQUF5RDtBQUN6RCxvR0FBaUY7QUFFakYsTUFBcUIsV0FBWSxTQUFRLDBCQUFlO0lBR3RELFlBQ0UsUUFBdUMsRUFDdkMsT0FBaUMsRUFDakMsVUFBc0IsRUFDdEIsY0FBc0IsRUFDdEIsVUFBa0I7UUFFbEIsS0FBSyxDQUFDLFFBQVEsRUFBRSxPQUFPLEVBQUUsVUFBVSxFQUFFLGNBQWMsQ0FBQyxDQUFDO1FBQ3JELElBQUksQ0FBQyxVQUFVLEdBQUcsVUFBVSxDQUFDO0lBQy9CLENBQUM7SUFFRCxXQUFXLENBQUMsTUFBYztRQUN4QixNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDekYsTUFBTSxJQUFJLEdBQUcsYUFBYSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksSUFBSSxXQUFXLEVBQUUsQ0FBQztRQUVoRSxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsSUFBSSxRQUFRLEVBQUUsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUM1RCxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsSUFBSSxtQkFBbUIsRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1FBQ3BFLE1BQU0sQ0FBQyxJQUFJLENBQUMsR0FBRyxJQUFJLHFCQUFxQixFQUFFLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDeEUsQ0FBQztJQUVPLEtBQUssQ0FBQyxhQUFhLENBQUMsT0FBZ0I7UUFDMUMsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFckMsTUFBTSxFQUFFLFVBQVUsRUFBRSxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUM7UUFDdkMsTUFBTSxNQUFNLEdBQUcsc0JBQWlCLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RELE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RELE1BQU0sT0FBTyxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDO1FBRTVELDhGQUE4RjtRQUM5RiwyRkFBMkY7UUFDM0YsTUFBTSxVQUFVLEdBQUcsdUJBQW9CLENBQUMsa0JBQWtCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDcEUsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLFVBQVUsRUFBRSxVQUFVLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFMUYsZ0VBQWdFO1FBQ2hFLE1BQU0sSUFBSSxHQUFHLHVCQUFvQixDQUFDLFlBQVksQ0FBQyxVQUFVLEVBQUUsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBQzVFLE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxVQUFVLEVBQUUsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRXBGLElBQUksTUFBTSxFQUFFLElBQUksS0FBSyxPQUFPLEVBQUU7WUFDNUIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEdBQUcsZ0JBQVEsQ0FBQyxVQUFVLENBQUM7WUFDOUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUcsRUFBRSxLQUFLLEVBQUUsTUFBTSxDQUFDLE9BQU8sRUFBRSxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO1NBQ3RFO2FBQU0sSUFBSSxNQUFNLEVBQUUsSUFBSSxLQUFLLFNBQVMsRUFBRTtZQUNyQyxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRztnQkFDdEIsT0FBTyxFQUFFLE1BQU0sQ0FBQyxPQUFPO2dCQUN2QixJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUk7Z0JBQ2pCLE9BQU8sRUFBRSxFQUFFLGFBQWEsRUFBRSxDQUFDLEdBQUcsTUFBTSxDQUFDLFdBQVcsQ0FBQyxFQUFFO2FBQ3BELENBQUM7U0FDSDthQUFNLElBQUksTUFBTSxFQUFFLElBQUksS0FBSyxTQUFTLEVBQUU7WUFDckMsTUFBTSxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxHQUFHLE1BQU0sQ0FBQztZQUM5QyxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxFQUFFLE9BQU8sRUFBRSxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxFQUFFLENBQUM7U0FDckU7YUFBTSxJQUFJLE1BQU0sRUFBRSxJQUFJLEtBQUssVUFBVSxFQUFFO1lBQ3RDLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxHQUFHLEVBQUUsVUFBVSxFQUFFLE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQztTQUNyRDthQUFNLElBQUksTUFBTSxFQUFFLElBQUksS0FBSyxNQUFNLEVBQUU7WUFDbEMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3pDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLCtCQUErQixFQUFFLHFCQUFxQixDQUFDLENBQUM7WUFDN0UsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUcsTUFBTSxDQUFDLFFBQVEsQ0FBQztZQUN4QyxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO1NBQ3ZDO2FBQU07WUFDTCxNQUFNLElBQUksS0FBSyxDQUFDLDJCQUEyQixDQUFDLENBQUM7U0FDOUM7SUFDSCxDQUFDO0lBRU8sS0FBSyxDQUFDLFVBQVUsQ0FBQyxPQUFnQjtRQUN2QyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUVyQyxNQUFNLEVBQUUsVUFBVSxFQUFFLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQztRQUN2QyxNQUFNLFlBQVksR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxJQUFJLEVBQUUsVUFBVSxFQUFFLE1BQU0sQ0FBQztRQUNwRSxNQUFNLElBQUksR0FBRyxZQUFZO1lBQ3ZCLENBQUMsQ0FBQyx1QkFBb0IsQ0FBQyxzQkFBc0IsQ0FBQyxVQUFVLEVBQUUsWUFBWSxDQUFDO1lBQ3ZFLENBQUMsQ0FBQyxJQUFJLENBQUM7UUFFVCxNQUFNLE1BQU0sR0FBRyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDdEQsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsa0JBQWtCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDdEQsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFcEYsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUc7WUFDdEIsTUFBTSxFQUFFLE1BQU0sQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FDekIsMkJBQXNCLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxVQUFVLEVBQUUsS0FBSyxDQUFDLENBQzNFO1NBQ0YsQ0FBQztJQUNKLENBQUM7SUFFTyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsT0FBZ0I7UUFDN0MsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQ2pDLE9BQU8sRUFDUCxVQUFVLElBQUksQ0FBQyxVQUFVLElBQUksSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FDcEQsQ0FBQztJQUNKLENBQUM7SUFFTyxLQUFLLENBQUMsa0JBQWtCLENBQUMsT0FBZ0I7UUFDL0MsTUFBTSxZQUFZLEdBQUcscUJBQVUsQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsQ0FBQztRQUNuRixJQUFJLFdBQVcsR0FBRyx5Q0FBb0IsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLEVBQUUsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzFGLElBQUksWUFBWSxDQUFDLFdBQVc7WUFBRSxXQUFXLEdBQUcsV0FBVyxDQUFDLE9BQU8sRUFBRSxDQUFDO1FBRWxFLE1BQU0sYUFBYSxHQUFHLHlDQUFvQixDQUFDLFNBQVMsQ0FDbEQsV0FBVyxFQUNYLHNCQUFpQixDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxDQUFDLEVBQzlELE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxDQUFDLENBQ25FLENBQUM7UUFFRixNQUFNLE1BQU0sR0FBRyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDdEQsTUFBTSxNQUFNLEdBQUcsZ0NBQW9CLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxFQUFFLGFBQWEsRUFBRSxDQUFDLENBQUM7UUFDN0YsTUFBTSxVQUFVLEdBQUcsT0FBTyxDQUFDLE9BQU8sRUFBRSxJQUFJLEVBQUUsSUFBSSxFQUFFLFVBQVUsQ0FBQztRQUUzRCxJQUFJLFVBQVUsRUFBRSx1QkFBdUIsRUFBRTtZQUN2QyxNQUFNLFFBQVEsR0FBRyxVQUFVLEVBQUUsdUJBQXVCLENBQUM7WUFDckQsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMsc0JBQXNCLENBQUMsQ0FBQztZQUMxRixNQUFNLFFBQVEsR0FBRyxZQUFPLENBQUMsUUFBUSxDQUFDLGdCQUFnQixDQUFDLE1BQU0sRUFBRSxVQUFVLENBQUMsb0JBQW9CLENBQUMsQ0FBQztZQUU1RixPQUFPLGtDQUFhLENBQUMsaUJBQWlCLENBQUMsZ0JBQWdCLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxNQUFNLEVBQUUsTUFBTSxDQUFDLENBQUM7U0FDOUY7UUFFRCxPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDO0NBQ0Y7QUFwSEQsOEJBb0hDIn0=
|
|
@@ -14,10 +14,10 @@ class AssociateRelatedRoute extends relation_route_1.default {
|
|
|
14
14
|
router.post(`/${this.collection.name}/:parentId/relationships/${this.relationName}`, this.handleAssociateRelatedRoute.bind(this));
|
|
15
15
|
}
|
|
16
16
|
async handleAssociateRelatedRoute(context) {
|
|
17
|
-
await this.services.
|
|
17
|
+
await this.services.permissions.can(context, `edit:${this.collection.name}`);
|
|
18
18
|
const parentId = id_1.default.unpackId(this.collection.schema, context.params.parentId);
|
|
19
19
|
const targetedRelationId = id_1.default.unpackId(this.foreignCollection.schema, context.request.body?.data[0].id);
|
|
20
|
-
const scope = await this.services.
|
|
20
|
+
const scope = await this.services.permissions.getScope(this.foreignCollection, context);
|
|
21
21
|
const relation = datasource_toolkit_1.SchemaUtils.getToManyRelation(this.collection.schema, this.relationName);
|
|
22
22
|
const caller = query_string_1.default.parseCaller(context);
|
|
23
23
|
if (relation.type === 'OneToMany') {
|
|
@@ -48,4 +48,4 @@ class AssociateRelatedRoute extends relation_route_1.default {
|
|
|
48
48
|
}
|
|
49
49
|
}
|
|
50
50
|
exports.default = AssociateRelatedRoute;
|
|
51
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
51
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXNzb2NpYXRlLXJlbGF0ZWQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcm91dGVzL21vZGlmaWNhdGlvbi9hc3NvY2lhdGUtcmVsYXRlZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLHdFQVV5QztBQUl6Qyx1Q0FBdUM7QUFDdkMsZ0dBQXNFO0FBQ3RFLHdEQUFxQztBQUNyQyw0RUFBeUQ7QUFDekQsdUVBQThDO0FBRTlDLE1BQXFCLHFCQUFzQixTQUFRLHdCQUFhO0lBQzlELFdBQVcsQ0FBQyxNQUFjO1FBQ3hCLE1BQU0sQ0FBQyxJQUFJLENBQ1QsSUFBSSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksNEJBQTRCLElBQUksQ0FBQyxZQUFZLEVBQUUsRUFDdkUsSUFBSSxDQUFDLDJCQUEyQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FDNUMsQ0FBQztJQUNKLENBQUM7SUFFTSxLQUFLLENBQUMsMkJBQTJCLENBQUMsT0FBZ0I7UUFDdkQsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLFFBQVEsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBQzdFLE1BQU0sUUFBUSxHQUFHLFlBQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUNuRixNQUFNLGtCQUFrQixHQUFHLFlBQU8sQ0FBQyxRQUFRLENBQ3pDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxNQUFNLEVBQzdCLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQ2pDLENBQUM7UUFDRixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDeEYsTUFBTSxRQUFRLEdBQUcsZ0NBQVcsQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDMUYsTUFBTSxNQUFNLEdBQUcsc0JBQWlCLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRXRELElBQUksUUFBUSxDQUFDLElBQUksS0FBSyxXQUFXLEVBQUU7WUFDakMsTUFBTSxJQUFJLENBQUMsa0JBQWtCLENBQUMsTUFBTSxFQUFFLEtBQUssRUFBRSxRQUFRLEVBQUUsUUFBUSxFQUFFLGtCQUFrQixFQUFFLE9BQU8sQ0FBQyxDQUFDO1NBQy9GO2FBQU07WUFDTCxNQUFNLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxNQUFNLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxrQkFBa0IsQ0FBQyxDQUFDO1NBQ2hGO1FBRUQsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEdBQUcsZ0JBQVEsQ0FBQyxTQUFTLENBQUM7SUFDL0MsQ0FBQztJQUVELEtBQUssQ0FBQyxrQkFBa0IsQ0FDdEIsTUFBYyxFQUNkLEtBQW9CLEVBQ3BCLFFBQXlCLEVBQ3pCLFFBQXFCLEVBQ3JCLGtCQUErQixFQUMvQixPQUFnQjtRQUVoQixNQUFNLENBQUMsRUFBRSxDQUFDLEdBQUcsZ0NBQVcsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ3ZFLElBQUksS0FBSyxHQUFHLE1BQU0sb0NBQWUsQ0FBQyxRQUFRLENBQ3hDLElBQUksQ0FBQyxpQkFBaUIsRUFDdEIsTUFBTSxFQUNOLGtCQUFrQixFQUNsQixFQUFFLENBQ0gsQ0FBQztRQUNGLE1BQU0sTUFBTSxHQUFHLGdDQUFvQixDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUU7WUFDekUsYUFBYSxFQUFFLHlDQUFvQixDQUFDLFNBQVMsQ0FDM0MsSUFBSSxzQ0FBaUIsQ0FBQyxFQUFFLEVBQUUsT0FBTyxFQUFFLEtBQUssQ0FBQyxFQUN6QyxLQUFLLENBQ047U0FDRixDQUFDLENBQUM7UUFDSCxLQUFLLEdBQUcsTUFBTSxvQ0FBZSxDQUFDLFFBQVEsQ0FDcEMsSUFBSSxDQUFDLFVBQVUsRUFDZixNQUFNLEVBQ04sUUFBUSxFQUNSLFFBQVEsQ0FBQyxlQUFlLENBQ3pCLENBQUM7UUFDRixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxFQUFFLEtBQUssRUFBRSxDQUFDLENBQUM7SUFDdkYsQ0FBQztJQUVELEtBQUssQ0FBQyxtQkFBbUIsQ0FDdkIsTUFBYyxFQUNkLFFBQTBCLEVBQzFCLFFBQXFCLEVBQ3JCLGtCQUErQjtRQUUvQixJQUFJLENBQUMsRUFBRSxDQUFDLEdBQUcsZ0NBQVcsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ3JFLE1BQU0sT0FBTyxHQUFHLE1BQU0sb0NBQWUsQ0FBQyxRQUFRLENBQzVDLElBQUksQ0FBQyxpQkFBaUIsRUFDdEIsTUFBTSxFQUNOLGtCQUFrQixFQUNsQixFQUFFLENBQ0gsQ0FBQztRQUNGLENBQUMsRUFBRSxDQUFDLEdBQUcsZ0NBQVcsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUMxRCxNQUFNLE1BQU0sR0FBRyxNQUFNLG9DQUFlLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsTUFBTSxFQUFFLFFBQVEsRUFBRSxFQUFFLENBQUMsQ0FBQztRQUNyRixNQUFNLE1BQU0sR0FBRyxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxFQUFFLE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUMsRUFBRSxPQUFPLEVBQUUsQ0FBQztRQUVoRixNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ3BGLE1BQU0saUJBQWlCLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7SUFDbkQsQ0FBQztDQUNGO0FBOUVELHdDQThFQyJ9
|
|
@@ -11,7 +11,7 @@ class CreateRoute extends collection_route_1.default {
|
|
|
11
11
|
router.post(`/${this.collection.name}`, this.handleCreate.bind(this));
|
|
12
12
|
}
|
|
13
13
|
async handleCreate(context) {
|
|
14
|
-
await this.services.
|
|
14
|
+
await this.services.permissions.can(context, `add:${this.collection.name}`);
|
|
15
15
|
const { serializer } = this.services;
|
|
16
16
|
const rawRecord = serializer.deserialize(this.collection, context.request.body);
|
|
17
17
|
const [record, relations] = await this.makeRecord(context, rawRecord);
|
|
@@ -53,8 +53,8 @@ class CreateRoute extends collection_route_1.default {
|
|
|
53
53
|
return;
|
|
54
54
|
// Permissions
|
|
55
55
|
const foreignCollection = this.dataSource.getCollection(relation.foreignCollection);
|
|
56
|
-
const scope = await this.services.
|
|
57
|
-
await this.services.
|
|
56
|
+
const scope = await this.services.permissions.getScope(foreignCollection, context);
|
|
57
|
+
await this.services.permissions.can(context, `edit:${this.collection.name}`);
|
|
58
58
|
// Load the value that will be used as originKey (=== parentId[0] most of the time)
|
|
59
59
|
const originValue = record[relation.originKeyTarget];
|
|
60
60
|
// Break old relation (may update zero or one records).
|
|
@@ -80,4 +80,4 @@ class CreateRoute extends collection_route_1.default {
|
|
|
80
80
|
}
|
|
81
81
|
}
|
|
82
82
|
exports.default = CreateRoute;
|
|
83
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
83
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JlYXRlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9tb2RpZmljYXRpb24vY3JlYXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBV3lDO0FBSXpDLDJFQUFrRDtBQUNsRCw0RUFBeUQ7QUFFekQsTUFBcUIsV0FBWSxTQUFRLDBCQUFlO0lBQ3RELFdBQVcsQ0FBQyxNQUFjO1FBQ3hCLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDeEUsQ0FBQztJQUVNLEtBQUssQ0FBQyxZQUFZLENBQUMsT0FBZ0I7UUFDeEMsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBRTVFLE1BQU0sRUFBRSxVQUFVLEVBQUUsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDO1FBQ3JDLE1BQU0sU0FBUyxHQUFHLFVBQVUsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRWhGLE1BQU0sQ0FBQyxNQUFNLEVBQUUsU0FBUyxDQUFDLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sRUFBRSxTQUFTLENBQUMsQ0FBQztRQUN0RSxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxZQUFZLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRTNELE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUFDLE9BQU8sRUFBRSxTQUFTLEVBQUUsU0FBUyxDQUFDLENBQUM7UUFFaEUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUcsVUFBVSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLEVBQUUsR0FBRyxTQUFTLEVBQUUsR0FBRyxTQUFTLEVBQUUsQ0FBQyxDQUFDO0lBQ2hHLENBQUM7SUFFTyxLQUFLLENBQUMsVUFBVSxDQUN0QixPQUFnQixFQUNoQixNQUFrQjtRQUVsQixNQUFNLEtBQUssR0FBZSxFQUFFLENBQUM7UUFDN0IsTUFBTSxTQUFTLEdBQStCLEVBQUUsQ0FBQztRQUVqRCxNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDLEdBQUcsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxLQUFLLEVBQUUsS0FBSyxDQUFDLEVBQUUsRUFBRTtZQUNuRSxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7WUFFcEQsSUFBSSxNQUFNLEVBQUUsSUFBSSxLQUFLLFVBQVUsSUFBSSxNQUFNLEVBQUUsSUFBSSxLQUFLLFdBQVcsRUFBRTtnQkFDL0QsU0FBUyxDQUFDLEtBQUssQ0FBQyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLEVBQUUsS0FBb0IsQ0FBQyxDQUFDO2FBQ3hFO1lBRUQsSUFBSSxNQUFNLEVBQUUsSUFBSSxLQUFLLFdBQVcsRUFBRTtnQkFDaEMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsR0FBRyxNQUFNLElBQUksQ0FBQyxrQkFBa0IsQ0FDdEQsT0FBTyxFQUNQLEtBQUssRUFDTCxLQUFvQixDQUNyQixDQUFDO2FBQ0g7WUFFRCxJQUFJLE1BQU0sRUFBRSxJQUFJLEtBQUssUUFBUSxFQUFFO2dCQUM3QixLQUFLLENBQUMsS0FBSyxDQUFDLEdBQUcsS0FBSyxDQUFDO2FBQ3RCO1FBQ0gsQ0FBQyxDQUFDLENBQUM7UUFFSCxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFNUIsT0FBTyxDQUFDLEtBQUssRUFBRSxTQUFTLENBQUMsQ0FBQztJQUM1QixDQUFDO0lBRU8sS0FBSyxDQUFDLFlBQVksQ0FBQyxPQUFnQixFQUFFLEtBQWlCO1FBQzVELE1BQU0sTUFBTSxHQUFHLHNCQUFpQixDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUV0RCxJQUFJLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsTUFBTSxFQUFFO1lBQzdCLG9DQUFlLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsS0FBSyxDQUFDLENBQUM7U0FDbEQ7UUFFRCxNQUFNLENBQUMsTUFBTSxDQUFDLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDO1FBRS9ELE9BQU8sTUFBTSxDQUFDO0lBQ2hCLENBQUM7SUFFTyxLQUFLLENBQUMscUJBQXFCLENBQ2pDLE9BQWdCLEVBQ2hCLE1BQWtCLEVBQ2xCLFNBQXFDO1FBRXJDLE1BQU0sTUFBTSxHQUFHLHNCQUFpQixDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUV0RCxNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLEVBQUUsRUFBRTtZQUN2RSxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDdEQsSUFBSSxRQUFRLENBQUMsSUFBSSxLQUFLLFVBQVU7Z0JBQUUsT0FBTztZQUV6QyxjQUFjO1lBQ2QsTUFBTSxpQkFBaUIsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQUMsQ0FBQztZQUNwRixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsRUFBRSxPQUFPLENBQUMsQ0FBQztZQUNuRixNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsUUFBUSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7WUFFN0UsbUZBQW1GO1lBQ25GLE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUFDLENBQUM7WUFFckQsdURBQXVEO1lBQ3ZELE1BQU0sVUFBVSxHQUFHLElBQUksc0NBQWlCLENBQUMsUUFBUSxDQUFDLFNBQVMsRUFBRSxPQUFPLEVBQUUsV0FBVyxDQUFDLENBQUM7WUFDbkYsTUFBTSxpQkFBaUIsQ0FBQyxNQUFNLENBQzVCLE1BQU0sRUFDTixJQUFJLDJCQUFNLENBQUMsRUFBRSxhQUFhLEVBQUUseUNBQW9CLENBQUMsU0FBUyxDQUFDLFVBQVUsRUFBRSxLQUFLLENBQUMsRUFBRSxDQUFDLEVBQ2hGLEVBQUUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLEVBQUUsSUFBSSxFQUFFLENBQy9CLENBQUM7WUFFRix3REFBd0Q7WUFDeEQsTUFBTSxVQUFVLEdBQUcseUNBQW9CLENBQUMsWUFBWSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sRUFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7WUFDekYsTUFBTSxpQkFBaUIsQ0FBQyxNQUFNLENBQzVCLE1BQU0sRUFDTixJQUFJLDJCQUFNLENBQUMsRUFBRSxhQUFhLEVBQUUseUNBQW9CLENBQUMsU0FBUyxDQUFDLFVBQVUsRUFBRSxLQUFLLENBQUMsRUFBRSxDQUFDLEVBQ2hGLEVBQUUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLEVBQUUsV0FBVyxFQUFFLENBQ3RDLENBQUM7UUFDSixDQUFDLENBQUMsQ0FBQztRQUVILE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUM5QixDQUFDO0lBRU8saUJBQWlCLENBQUMsS0FBYSxFQUFFLEVBQWU7UUFDdEQsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBbUIsQ0FBQztRQUN0RSxNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ2xGLE1BQU0sTUFBTSxHQUFHLGdDQUFXLENBQUMsY0FBYyxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRXBFLE9BQU8sTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDLEVBQUUsR0FBRyxJQUFJLEVBQUUsQ0FBQyxHQUFHLENBQUMsRUFBRSxFQUFFLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBQ2xGLENBQUM7SUFFTyxLQUFLLENBQUMsa0JBQWtCLENBQzlCLE9BQWdCLEVBQ2hCLEtBQWEsRUFDYixFQUFlO1FBRWYsTUFBTSxNQUFNLEdBQUcsc0JBQWlCLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RELE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQW9CLENBQUM7UUFDdkUsTUFBTSxpQkFBaUIsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsQ0FBQyxNQUFNLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUVsRixPQUFPLG9DQUFlLENBQUMsUUFBUSxDQUFDLGlCQUFpQixFQUFFLE1BQU0sRUFBRSxFQUFFLEVBQUUsTUFBTSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDMUYsQ0FBQztDQUNGO0FBekhELDhCQXlIQyJ9
|
|
@@ -16,7 +16,7 @@ class DeleteRoute extends collection_route_1.default {
|
|
|
16
16
|
router.delete(`/${this.collection.name}/:id`, this.handleDelete.bind(this));
|
|
17
17
|
}
|
|
18
18
|
async handleDelete(context) {
|
|
19
|
-
await this.services.
|
|
19
|
+
await this.services.permissions.can(context, `delete:${this.collection.name}`);
|
|
20
20
|
const id = id_1.default.unpackId(this.collection.schema, context.params.id);
|
|
21
21
|
await this.deleteRecords(context, { ids: [id], areExcluded: false });
|
|
22
22
|
context.response.status = types_1.HttpCode.NoContent;
|
|
@@ -32,10 +32,10 @@ class DeleteRoute extends collection_route_1.default {
|
|
|
32
32
|
selectedIds = selectedIds.inverse();
|
|
33
33
|
const caller = query_string_1.default.parseCaller(context);
|
|
34
34
|
const filter = context_filter_factory_1.default.build(this.collection, context, null, {
|
|
35
|
-
conditionTree: datasource_toolkit_1.ConditionTreeFactory.intersect(query_string_1.default.parseConditionTree(this.collection, context), await this.services.
|
|
35
|
+
conditionTree: datasource_toolkit_1.ConditionTreeFactory.intersect(query_string_1.default.parseConditionTree(this.collection, context), await this.services.permissions.getScope(this.collection, context), selectedIds),
|
|
36
36
|
});
|
|
37
37
|
await this.collection.delete(caller, filter);
|
|
38
38
|
}
|
|
39
39
|
}
|
|
40
40
|
exports.default = DeleteRoute;
|
|
41
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
41
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGVsZXRlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9tb2RpZmljYXRpb24vZGVsZXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBQXVFO0FBSXZFLHVDQUFxRDtBQUNyRCwwRUFBaUQ7QUFDakQsMkVBQWtEO0FBQ2xELGdHQUFzRTtBQUN0RSx3REFBcUM7QUFDckMsNEVBQXlEO0FBRXpELE1BQXFCLFdBQVksU0FBUSwwQkFBZTtJQUN0RCxXQUFXLENBQUMsTUFBYztRQUN4QixNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsRUFBRSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7UUFDNUUsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxNQUFNLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUM5RSxDQUFDO0lBRU0sS0FBSyxDQUFDLFlBQVksQ0FBQyxPQUFnQjtRQUN4QyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsVUFBVSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7UUFFL0UsTUFBTSxFQUFFLEdBQUcsWUFBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ3ZFLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxPQUFPLEVBQUUsRUFBRSxHQUFHLEVBQUUsQ0FBQyxFQUFFLENBQUMsRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztRQUVyRSxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sR0FBRyxnQkFBUSxDQUFDLFNBQVMsQ0FBQztJQUMvQyxDQUFDO0lBRU0sS0FBSyxDQUFDLGdCQUFnQixDQUFDLE9BQWdCO1FBQzVDLE1BQU0sWUFBWSxHQUFHLHFCQUFVLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDbkYsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLE9BQU8sRUFBRSxZQUFZLENBQUMsQ0FBQztRQUVoRCxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sR0FBRyxnQkFBUSxDQUFDLFNBQVMsQ0FBQztJQUMvQyxDQUFDO0lBRU8sS0FBSyxDQUFDLGFBQWEsQ0FBQyxPQUFnQixFQUFFLFlBQTBCO1FBQ3RFLElBQUksV0FBVyxHQUFHLHlDQUFvQixDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxZQUFZLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDMUYsSUFBSSxZQUFZLENBQUMsV0FBVztZQUFFLFdBQVcsR0FBRyxXQUFXLENBQUMsT0FBTyxFQUFFLENBQUM7UUFFbEUsTUFBTSxNQUFNLEdBQUcsc0JBQWlCLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RELE1BQU0sTUFBTSxHQUFHLGdDQUFvQixDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUU7WUFDeEUsYUFBYSxFQUFFLHlDQUFvQixDQUFDLFNBQVMsQ0FDM0Msc0JBQWlCLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsRUFDOUQsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsRUFDbEUsV0FBVyxDQUNaO1NBQ0YsQ0FBQyxDQUFDO1FBRUgsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsTUFBTSxDQUFDLENBQUM7SUFDL0MsQ0FBQztDQUNGO0FBckNELDhCQXFDQyJ9
|