@holoyan/adonisjs-permissions 0.5.0 → 0.6.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +277 -97
- package/build/configure.js +9 -0
- package/build/index.d.ts +2 -1
- package/build/index.js +2 -1
- package/build/providers/role_permission_provider.js +5 -3
- package/build/src/acl.d.ts +14 -6
- package/build/src/acl.js +33 -12
- package/build/src/mixins/has_permissions.d.ts +1 -2
- package/build/src/mixins/has_permissions.js +0 -3
- package/build/src/model_manager.d.ts +3 -3
- package/build/src/scope.d.ts +7 -0
- package/build/src/scope.js +14 -0
- package/build/src/services/model_has_role_permissions.d.ts +12 -3
- package/build/src/services/model_has_role_permissions.js +29 -2
- package/build/src/services/permissions/empty_permission.d.ts +5 -1
- package/build/src/services/permissions/empty_permission.js +10 -1
- package/build/src/services/permissions/permission_has_model_roles.d.ts +5 -2
- package/build/src/services/permissions/permission_has_model_roles.js +10 -1
- package/build/src/services/permissions/permissions_service.d.ts +11 -3
- package/build/src/services/permissions/permissions_service.js +58 -13
- package/build/src/services/query_helper.d.ts +4 -4
- package/build/src/services/query_helper.js +8 -8
- package/build/src/services/roles/empty_roles.d.ts +5 -1
- package/build/src/services/roles/empty_roles.js +10 -1
- package/build/src/services/roles/role_has_model_permissions.d.ts +7 -6
- package/build/src/services/roles/role_has_model_permissions.js +16 -6
- package/build/src/services/roles/roles_service.d.ts +10 -5
- package/build/src/services/roles/roles_service.js +34 -19
- package/build/src/types.d.ts +22 -1
- package/build/stubs/middlewares/acl_middleware.stub +26 -0
- package/package.json +1 -1
package/build/configure.js
CHANGED
|
@@ -30,4 +30,13 @@ export async function configure(_command) {
|
|
|
30
30
|
await codemods.updateRcFile((rcFile) => {
|
|
31
31
|
rcFile.addProvider('@holoyan/adonisjs-permissions/role_permission_provider');
|
|
32
32
|
});
|
|
33
|
+
/**
|
|
34
|
+
* Publish and register middleware
|
|
35
|
+
*/
|
|
36
|
+
await codemods.makeUsingStub(stubsRoot, 'middlewares/acl_middleware.stub', {});
|
|
37
|
+
await codemods.registerMiddleware('server', [
|
|
38
|
+
{
|
|
39
|
+
path: '#middleware/acl_middleware',
|
|
40
|
+
},
|
|
41
|
+
]);
|
|
33
42
|
}
|
package/build/index.d.ts
CHANGED
|
@@ -8,7 +8,8 @@ export declare const Permission: typeof permission;
|
|
|
8
8
|
export declare const Role: typeof role;
|
|
9
9
|
export { configure } from './configure.js';
|
|
10
10
|
export { stubsRoot } from './stubs/main.js';
|
|
11
|
-
export { Acl } from './src/acl.js';
|
|
11
|
+
export { Acl, AclManager } from './src/acl.js';
|
|
12
12
|
export { MorphMap, getClassPath } from './src/decorators.js';
|
|
13
13
|
export * as morphMapModel from './src/morph_map.js';
|
|
14
14
|
export { hasPermissions } from './src/mixins/has_permissions.js';
|
|
15
|
+
export { Scope } from './src/scope.js';
|
package/build/index.js
CHANGED
|
@@ -16,7 +16,8 @@ export const Permission = permission;
|
|
|
16
16
|
export const Role = role;
|
|
17
17
|
export { configure } from './configure.js';
|
|
18
18
|
export { stubsRoot } from './stubs/main.js';
|
|
19
|
-
export { Acl } from './src/acl.js';
|
|
19
|
+
export { Acl, AclManager } from './src/acl.js';
|
|
20
20
|
export { MorphMap, getClassPath } from './src/decorators.js';
|
|
21
21
|
export * as morphMapModel from './src/morph_map.js';
|
|
22
22
|
export { hasPermissions } from './src/mixins/has_permissions.js';
|
|
23
|
+
export { Scope } from './src/scope.js';
|
|
@@ -3,8 +3,9 @@ import Role from '../src/models/role.js';
|
|
|
3
3
|
import ModelPermission from '../src/models/model_permission.js';
|
|
4
4
|
import ModelRole from '../src/models/model_role.js';
|
|
5
5
|
import ModelManager from '../src/model_manager.js';
|
|
6
|
-
import {
|
|
6
|
+
import { AclManager } from '../src/acl.js';
|
|
7
7
|
import MorphMap from '../src/morph_map.js';
|
|
8
|
+
import { Scope } from '../src/scope.js';
|
|
8
9
|
export default class RolePermissionProvider {
|
|
9
10
|
app;
|
|
10
11
|
constructor(app) {
|
|
@@ -24,10 +25,11 @@ export default class RolePermissionProvider {
|
|
|
24
25
|
modelManager.setModel('role', Role);
|
|
25
26
|
modelManager.setModel('modelPermission', ModelPermission);
|
|
26
27
|
modelManager.setModel('modelRole', ModelRole);
|
|
27
|
-
|
|
28
|
+
modelManager.setModel('scope', Scope);
|
|
29
|
+
AclManager.setModelManager(modelManager);
|
|
28
30
|
const map = await this.app.container.make('morphMap');
|
|
29
31
|
map.set('permissions', Permission);
|
|
30
32
|
map.set('roles', Role);
|
|
31
|
-
|
|
33
|
+
AclManager.setMorphMap(map);
|
|
32
34
|
}
|
|
33
35
|
}
|
package/build/src/acl.d.ts
CHANGED
|
@@ -1,16 +1,24 @@
|
|
|
1
1
|
import { RoleHasModelPermissions } from './services/roles/role_has_model_permissions.js';
|
|
2
2
|
import { ModelHasRolePermissions } from './services/model_has_role_permissions.js';
|
|
3
|
-
import { AclModel, MorphInterface, PermissionInterface, RoleInterface } from './types.js';
|
|
4
|
-
import PermissionHasModelRoles from './services/permissions/permission_has_model_roles.js';
|
|
3
|
+
import { AclModel, MorphInterface, PermissionInterface, RoleInterface, ScopeInterface } from './types.js';
|
|
5
4
|
import ModelManager from './model_manager.js';
|
|
6
5
|
import EmptyPermission from './services/permissions/empty_permission.js';
|
|
7
6
|
import EmptyRoles from './services/roles/empty_roles.js';
|
|
8
|
-
export declare class
|
|
7
|
+
export declare class AclManager {
|
|
9
8
|
private static modelManager;
|
|
10
9
|
private static map;
|
|
11
10
|
static setModelManager(manager: ModelManager): void;
|
|
12
11
|
static setMorphMap(map: MorphInterface): void;
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
12
|
+
private _scope?;
|
|
13
|
+
private allowScopeRewriting;
|
|
14
|
+
constructor(allowScopeRewriting?: boolean);
|
|
15
|
+
model(model: AclModel): ModelHasRolePermissions;
|
|
16
|
+
role(): EmptyRoles;
|
|
17
|
+
role(role: RoleInterface): RoleHasModelPermissions;
|
|
18
|
+
permission(): EmptyPermission;
|
|
19
|
+
permission(permission: PermissionInterface): EmptyPermission;
|
|
20
|
+
private createNewScope;
|
|
21
|
+
scope(scope: ScopeInterface): this;
|
|
22
|
+
getScope(): ScopeInterface;
|
|
16
23
|
}
|
|
24
|
+
export declare const Acl: AclManager;
|
package/build/src/acl.js
CHANGED
|
@@ -6,7 +6,7 @@ import PermissionHasModelRoles from './services/permissions/permission_has_model
|
|
|
6
6
|
import ModelService from './services/model_service.js';
|
|
7
7
|
import EmptyPermission from './services/permissions/empty_permission.js';
|
|
8
8
|
import EmptyRoles from './services/roles/empty_roles.js';
|
|
9
|
-
export class
|
|
9
|
+
export class AclManager {
|
|
10
10
|
static modelManager;
|
|
11
11
|
static map;
|
|
12
12
|
static setModelManager(manager) {
|
|
@@ -15,23 +15,44 @@ export class Acl {
|
|
|
15
15
|
static setMorphMap(map) {
|
|
16
16
|
this.map = map;
|
|
17
17
|
}
|
|
18
|
-
|
|
19
|
-
|
|
18
|
+
_scope;
|
|
19
|
+
allowScopeRewriting = true;
|
|
20
|
+
constructor(allowScopeRewriting) {
|
|
21
|
+
if (allowScopeRewriting !== undefined) {
|
|
22
|
+
this.allowScopeRewriting = allowScopeRewriting;
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
model(model) {
|
|
26
|
+
const scope = this._scope || this.createNewScope();
|
|
27
|
+
return new ModelHasRolePermissions(model, new RolesService(AclManager.modelManager.getModel('role'), AclManager.modelManager.getModel('modelPermission'), AclManager.modelManager.getModel('modelRole'), AclManager.map, scope), new PermissionsService(AclManager.modelManager.getModel('permission'), AclManager.modelManager.getModel('role'), AclManager.modelManager.getModel('modelPermission'), AclManager.modelManager.getModel('modelRole'), AclManager.map, scope), AclManager.map, scope);
|
|
20
28
|
}
|
|
21
|
-
|
|
29
|
+
role(role) {
|
|
30
|
+
const scope = this._scope || this.createNewScope();
|
|
22
31
|
if (role) {
|
|
23
|
-
return new RoleHasModelPermissions(role, new PermissionsService(
|
|
24
|
-
}
|
|
25
|
-
else {
|
|
26
|
-
return new EmptyRoles(this.modelManager.getModel('role'));
|
|
32
|
+
return new RoleHasModelPermissions(role, new PermissionsService(AclManager.modelManager.getModel('permission'), AclManager.modelManager.getModel('role'), AclManager.modelManager.getModel('modelPermission'), AclManager.modelManager.getModel('modelRole'), AclManager.map, scope), new ModelService(AclManager.modelManager.getModel('modelPermission'), AclManager.modelManager.getModel('modelRole'), AclManager.map), AclManager.map, scope);
|
|
27
33
|
}
|
|
34
|
+
return new EmptyRoles(AclManager.modelManager.getModel('role'), scope);
|
|
28
35
|
}
|
|
29
|
-
|
|
36
|
+
permission(permission) {
|
|
37
|
+
const scope = this._scope || this.createNewScope();
|
|
30
38
|
if (permission) {
|
|
31
|
-
return new PermissionHasModelRoles(permission, new RolesService(
|
|
39
|
+
return new PermissionHasModelRoles(permission, new RolesService(AclManager.modelManager.getModel('role'), AclManager.modelManager.getModel('modelPermission'), AclManager.modelManager.getModel('modelRole'), AclManager.map, scope), new PermissionsService(AclManager.modelManager.getModel('permission'), AclManager.modelManager.getModel('role'), AclManager.modelManager.getModel('modelPermission'), AclManager.modelManager.getModel('modelRole'), AclManager.map, scope), new ModelService(AclManager.modelManager.getModel('modelPermission'), AclManager.modelManager.getModel('modelRole'), AclManager.map), AclManager.modelManager.getModel('modelPermission'), AclManager.modelManager.getModel('modelRole'), AclManager.map, scope);
|
|
32
40
|
}
|
|
33
|
-
|
|
34
|
-
|
|
41
|
+
return new EmptyPermission(AclManager.modelManager.getModel('permission'), scope);
|
|
42
|
+
}
|
|
43
|
+
createNewScope() {
|
|
44
|
+
const ScopeClass = AclManager.modelManager.getModel('scope');
|
|
45
|
+
return new ScopeClass();
|
|
46
|
+
}
|
|
47
|
+
scope(scope) {
|
|
48
|
+
if (!this.allowScopeRewriting) {
|
|
49
|
+
throw new Error('Scope method call is not available on global Acl object, use AclManager to create new scoped acl object');
|
|
35
50
|
}
|
|
51
|
+
this._scope = scope;
|
|
52
|
+
return this;
|
|
53
|
+
}
|
|
54
|
+
getScope() {
|
|
55
|
+
return this._scope || this.createNewScope();
|
|
36
56
|
}
|
|
37
57
|
}
|
|
58
|
+
export const Acl = new AclManager(false);
|
|
@@ -4,7 +4,7 @@ import { AclModel, RoleInterface } from '../types.js';
|
|
|
4
4
|
export declare function hasPermissions(): <Model extends NormalizeConstructor<import("@adonisjs/lucid/types/model").LucidModel>>(superclass: Model) => {
|
|
5
5
|
new (...args: any[]): {
|
|
6
6
|
getModelId(): number;
|
|
7
|
-
roles():
|
|
7
|
+
roles(): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("../types.js").RoleModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
8
8
|
hasRole(role: string | RoleInterface): Promise<boolean>;
|
|
9
9
|
hasAllRoles(...roles: (string | RoleInterface)[]): Promise<boolean>;
|
|
10
10
|
hasAnyRole(...roles: (string | RoleInterface)[]): Promise<boolean>;
|
|
@@ -28,7 +28,6 @@ export declare function hasPermissions(): <Model extends NormalizeConstructor<im
|
|
|
28
28
|
hasAnyDirectPermission(permissions: (string | Permission)[], target?: AclModel | Function): Promise<boolean>;
|
|
29
29
|
hasDirectPermission(permission: string | Permission, target?: AclModel | Function): Promise<boolean>;
|
|
30
30
|
hasAllPermissionsDirect(permissions: (string | Permission)[], target?: AclModel | Function): Promise<boolean>;
|
|
31
|
-
can(permission: string | Permission, target?: AclModel | Function): Promise<boolean>;
|
|
32
31
|
canAll(permissions: (string | Permission)[], target?: AclModel | Function): Promise<boolean>;
|
|
33
32
|
canAny(permissions: (string | Permission)[], target?: AclModel | Function): Promise<boolean>;
|
|
34
33
|
assignDirectPermission(permission: string, target?: AclModel | Function): Promise<import("@adonisjs/lucid/types/model").LucidRow[]>;
|
|
@@ -79,9 +79,6 @@ export function hasPermissions() {
|
|
|
79
79
|
async hasAllPermissionsDirect(permissions, target) {
|
|
80
80
|
return Acl.model(this).hasAllPermissionsDirect(permissions, target);
|
|
81
81
|
}
|
|
82
|
-
can(permission, target) {
|
|
83
|
-
return Acl.model(this).can(permission, target);
|
|
84
|
-
}
|
|
85
82
|
canAll(permissions, target) {
|
|
86
83
|
return Acl.model(this).canAll(permissions, target);
|
|
87
84
|
}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { ModelManagerBindings } from './types.js';
|
|
2
2
|
export default class ModelManager {
|
|
3
3
|
private models;
|
|
4
|
-
setModel(key:
|
|
4
|
+
setModel<Binding extends keyof ModelManagerBindings>(key: Binding, className: ModelManagerBindings[Binding]): void;
|
|
5
5
|
has(key: string): boolean;
|
|
6
|
-
getModel(key:
|
|
6
|
+
getModel<Binding extends keyof ModelManagerBindings>(key: Binding): ModelManagerBindings[Binding];
|
|
7
7
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AclModel, MorphInterface, PermissionInterface, RoleInterface } from '../types.js';
|
|
1
|
+
import { AclModel, MorphInterface, PermissionInterface, RoleInterface, ScopeInterface } from '../types.js';
|
|
2
2
|
import PermissionsService from './permissions/permissions_service.js';
|
|
3
3
|
import RolesService from './roles/roles_service.js';
|
|
4
4
|
export declare class ModelHasRolePermissions {
|
|
@@ -6,12 +6,16 @@ export declare class ModelHasRolePermissions {
|
|
|
6
6
|
private roleService;
|
|
7
7
|
private permissionsService;
|
|
8
8
|
private map;
|
|
9
|
-
|
|
10
|
-
|
|
9
|
+
private scope;
|
|
10
|
+
constructor(model: AclModel, roleService: RolesService, permissionsService: PermissionsService, map: MorphInterface, scope: ScopeInterface);
|
|
11
|
+
on(scope: number): this;
|
|
12
|
+
getScope(): number;
|
|
13
|
+
roles(): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("../types.js").RoleModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
11
14
|
hasRole(role: string | RoleInterface): Promise<boolean>;
|
|
12
15
|
hasAllRoles(...roles: (string | RoleInterface)[]): Promise<boolean>;
|
|
13
16
|
hasAnyRole(...roles: (string | RoleInterface)[]): Promise<boolean>;
|
|
14
17
|
assignRole(role: string | RoleInterface): Promise<boolean>;
|
|
18
|
+
assign(role: string | RoleInterface): Promise<boolean>;
|
|
15
19
|
assignAllRoles(...roles: (string | RoleInterface)[]): Promise<boolean>;
|
|
16
20
|
revokeRole(role: string | number | RoleInterface): Promise<boolean>;
|
|
17
21
|
revokeAllRoles(...roles: (string | number | RoleInterface)[]): Promise<boolean>;
|
|
@@ -19,9 +23,12 @@ export declare class ModelHasRolePermissions {
|
|
|
19
23
|
permissions(includeForbiddings?: boolean): Promise<import("../types.js").PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>[]>;
|
|
20
24
|
globalPermissions(includeForbiddings?: boolean): Promise<import("../types.js").PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>[]>;
|
|
21
25
|
onResourcePermissions(includeForbiddings?: boolean): Promise<import("../types.js").PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>[]>;
|
|
26
|
+
directPermissions(includeForbiddings?: boolean): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("../types.js").PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
27
|
+
rolePermissions(includeForbiddings?: boolean): Promise<import("../types.js").PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>[]>;
|
|
22
28
|
directGlobalPermissions(includeForbiddings?: boolean): Promise<import("../types.js").PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>[]>;
|
|
23
29
|
directResourcePermissions(includeForbiddings?: boolean): Promise<import("../types.js").PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>[]>;
|
|
24
30
|
containsPermission(permission: string | PermissionInterface): Promise<boolean>;
|
|
31
|
+
contains(permission: string | PermissionInterface): Promise<boolean>;
|
|
25
32
|
containsAllPermissions(permissions: (string | PermissionInterface)[]): Promise<boolean>;
|
|
26
33
|
containsAnyPermission(permissions: (string | PermissionInterface)[]): Promise<boolean>;
|
|
27
34
|
containsDirectPermission(permission: string | PermissionInterface): Promise<boolean>;
|
|
@@ -40,6 +47,8 @@ export declare class ModelHasRolePermissions {
|
|
|
40
47
|
assignDirectAllPermissions(permissions: string[], target?: AclModel | Function): Promise<import("@adonisjs/lucid/types/model").LucidRow[]>;
|
|
41
48
|
allow(permission: string, target?: AclModel | Function): Promise<import("@adonisjs/lucid/types/model").LucidRow[]>;
|
|
42
49
|
revokePermission(permission: string, target?: AclModel | Function): Promise<any[]>;
|
|
50
|
+
revoke(permission: string, target?: AclModel | Function): Promise<any[]>;
|
|
51
|
+
revokeAll(permissions: string[], target?: AclModel | Function): Promise<any[]>;
|
|
43
52
|
revokeAllPermissions(permissions: string[], target?: AclModel | Function): Promise<any[]>;
|
|
44
53
|
flushPermissions(): Promise<any[]>;
|
|
45
54
|
flush(): Promise<boolean>;
|
|
@@ -4,14 +4,23 @@ export class ModelHasRolePermissions {
|
|
|
4
4
|
roleService;
|
|
5
5
|
permissionsService;
|
|
6
6
|
map;
|
|
7
|
-
|
|
7
|
+
scope;
|
|
8
|
+
constructor(model, roleService, permissionsService, map, scope) {
|
|
8
9
|
this.model = model;
|
|
9
10
|
this.roleService = roleService;
|
|
10
11
|
this.permissionsService = permissionsService;
|
|
11
12
|
this.map = map;
|
|
13
|
+
this.scope = scope;
|
|
14
|
+
}
|
|
15
|
+
on(scope) {
|
|
16
|
+
this.scope.set(scope);
|
|
17
|
+
return this;
|
|
18
|
+
}
|
|
19
|
+
getScope() {
|
|
20
|
+
return this.scope.get();
|
|
12
21
|
}
|
|
13
22
|
// roles related section BEGIN
|
|
14
|
-
|
|
23
|
+
roles() {
|
|
15
24
|
return this.roleService.all(this.map.getAlias(this.model), this.model.getModelId());
|
|
16
25
|
}
|
|
17
26
|
hasRole(role) {
|
|
@@ -26,6 +35,9 @@ export class ModelHasRolePermissions {
|
|
|
26
35
|
assignRole(role) {
|
|
27
36
|
return this.roleService.assign(role, this.map.getAlias(this.model), this.model.getModelId());
|
|
28
37
|
}
|
|
38
|
+
assign(role) {
|
|
39
|
+
return this.assignRole(role);
|
|
40
|
+
}
|
|
29
41
|
assignAllRoles(...roles) {
|
|
30
42
|
return this.roleService.assignAll(roles, this.map.getAlias(this.model), this.model.getModelId());
|
|
31
43
|
}
|
|
@@ -50,6 +62,12 @@ export class ModelHasRolePermissions {
|
|
|
50
62
|
async onResourcePermissions(includeForbiddings = false) {
|
|
51
63
|
return this.permissionsService.onResource(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
52
64
|
}
|
|
65
|
+
directPermissions(includeForbiddings = false) {
|
|
66
|
+
return this.permissionsService.direct(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
67
|
+
}
|
|
68
|
+
rolePermissions(includeForbiddings = false) {
|
|
69
|
+
return this.permissionsService.throughRoles(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
70
|
+
}
|
|
53
71
|
async directGlobalPermissions(includeForbiddings = false) {
|
|
54
72
|
return this.permissionsService.directGlobal(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
55
73
|
}
|
|
@@ -60,6 +78,9 @@ export class ModelHasRolePermissions {
|
|
|
60
78
|
const result = await this.permissionsService.containsAny(this.map.getAlias(this.model), this.model.getModelId(), [permission]);
|
|
61
79
|
return result;
|
|
62
80
|
}
|
|
81
|
+
async contains(permission) {
|
|
82
|
+
return this.containsPermission(permission);
|
|
83
|
+
}
|
|
63
84
|
async containsAllPermissions(permissions) {
|
|
64
85
|
const result = await this.permissionsService.containsAll(this.map.getAlias(this.model), this.model.getModelId(), permissions);
|
|
65
86
|
return result;
|
|
@@ -124,6 +145,12 @@ export class ModelHasRolePermissions {
|
|
|
124
145
|
async revokePermission(permission, target) {
|
|
125
146
|
return this.revokeAllPermissions([permission], target);
|
|
126
147
|
}
|
|
148
|
+
async revoke(permission, target) {
|
|
149
|
+
return this.revokeAllPermissions([permission], target);
|
|
150
|
+
}
|
|
151
|
+
async revokeAll(permissions, target) {
|
|
152
|
+
return this.revokeAllPermissions(permissions, target);
|
|
153
|
+
}
|
|
127
154
|
async revokeAllPermissions(permissions, target) {
|
|
128
155
|
const entity = await destructTarget(this.map, target);
|
|
129
156
|
return this.permissionsService.revokeAll(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId);
|
|
@@ -1,8 +1,12 @@
|
|
|
1
1
|
import { BaseModel } from '@adonisjs/lucid/orm';
|
|
2
|
+
import { ScopeInterface } from '../../types.js';
|
|
2
3
|
export default class EmptyPermission {
|
|
3
4
|
private permissionClassName;
|
|
5
|
+
private scope;
|
|
4
6
|
private permissionQuery;
|
|
5
|
-
constructor(permissionClassName: typeof BaseModel);
|
|
7
|
+
constructor(permissionClassName: typeof BaseModel, scope: ScopeInterface);
|
|
8
|
+
on(scope: number): this;
|
|
9
|
+
getScope(): number;
|
|
6
10
|
delete(permission: string): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, any>;
|
|
7
11
|
query(): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("../../types.js").PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
8
12
|
}
|
|
@@ -1,11 +1,20 @@
|
|
|
1
1
|
import { getPermissionModelQuery } from '../query_helper.js';
|
|
2
2
|
export default class EmptyPermission {
|
|
3
3
|
permissionClassName;
|
|
4
|
+
scope;
|
|
4
5
|
permissionQuery;
|
|
5
|
-
constructor(permissionClassName) {
|
|
6
|
+
constructor(permissionClassName, scope) {
|
|
6
7
|
this.permissionClassName = permissionClassName;
|
|
8
|
+
this.scope = scope;
|
|
7
9
|
this.permissionQuery = getPermissionModelQuery(this.permissionClassName);
|
|
8
10
|
}
|
|
11
|
+
on(scope) {
|
|
12
|
+
this.scope.set(scope);
|
|
13
|
+
return this;
|
|
14
|
+
}
|
|
15
|
+
getScope() {
|
|
16
|
+
return this.scope.get();
|
|
17
|
+
}
|
|
9
18
|
delete(permission) {
|
|
10
19
|
// get all permissions by slug
|
|
11
20
|
// if there is permission with allowed false then check if it has `links`
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AclModel, MorphInterface, PermissionInterface } from '../../types.js';
|
|
1
|
+
import { AclModel, MorphInterface, PermissionInterface, ScopeInterface } from '../../types.js';
|
|
2
2
|
import ModelService from '../model_service.js';
|
|
3
3
|
import RolesService from '../roles/roles_service.js';
|
|
4
4
|
import PermissionsService from './permissions_service.js';
|
|
@@ -11,11 +11,14 @@ export default class PermissionHasModelRoles {
|
|
|
11
11
|
private modelPermissionClassName;
|
|
12
12
|
private roleClassName;
|
|
13
13
|
private map;
|
|
14
|
+
private scope;
|
|
14
15
|
private modelPermissionQuery;
|
|
15
16
|
private roleQuery;
|
|
16
17
|
private readonly roleTable;
|
|
17
|
-
constructor(permission: PermissionInterface, roleService: RolesService, permissionService: PermissionsService, modelService: ModelService, modelPermissionClassName: typeof BaseModel, roleClassName: typeof BaseModel, map: MorphInterface);
|
|
18
|
+
constructor(permission: PermissionInterface, roleService: RolesService, permissionService: PermissionsService, modelService: ModelService, modelPermissionClassName: typeof BaseModel, roleClassName: typeof BaseModel, map: MorphInterface, scope: ScopeInterface);
|
|
18
19
|
models(): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("../../types.js").ModelPermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
20
|
+
on(scope: number): this;
|
|
21
|
+
getScope(): number;
|
|
19
22
|
modelsFor(modelType: string): Promise<any>;
|
|
20
23
|
roles(): Promise<import("../../types.js").RoleModel<import("@adonisjs/lucid/types/model").LucidModel>[]>;
|
|
21
24
|
belongsToRole(role: string | number): Promise<boolean>;
|
|
@@ -8,11 +8,12 @@ export default class PermissionHasModelRoles {
|
|
|
8
8
|
modelPermissionClassName;
|
|
9
9
|
roleClassName;
|
|
10
10
|
map;
|
|
11
|
+
scope;
|
|
11
12
|
modelPermissionQuery;
|
|
12
13
|
// private readonly modelPermissionTable
|
|
13
14
|
roleQuery;
|
|
14
15
|
roleTable;
|
|
15
|
-
constructor(permission, roleService, permissionService, modelService, modelPermissionClassName, roleClassName, map) {
|
|
16
|
+
constructor(permission, roleService, permissionService, modelService, modelPermissionClassName, roleClassName, map, scope) {
|
|
16
17
|
this.permission = permission;
|
|
17
18
|
this.roleService = roleService;
|
|
18
19
|
this.permissionService = permissionService;
|
|
@@ -20,6 +21,7 @@ export default class PermissionHasModelRoles {
|
|
|
20
21
|
this.modelPermissionClassName = modelPermissionClassName;
|
|
21
22
|
this.roleClassName = roleClassName;
|
|
22
23
|
this.map = map;
|
|
24
|
+
this.scope = scope;
|
|
23
25
|
this.modelPermissionQuery = getModelPermissionModelQuery(this.modelPermissionClassName);
|
|
24
26
|
// this.modelPermissionTable = this.modelPermissionClassName.table
|
|
25
27
|
this.roleQuery = getRoleModelQuery(this.roleClassName);
|
|
@@ -28,6 +30,13 @@ export default class PermissionHasModelRoles {
|
|
|
28
30
|
models() {
|
|
29
31
|
return this.modelService.allByPermission(this.permission.getModelId());
|
|
30
32
|
}
|
|
33
|
+
on(scope) {
|
|
34
|
+
this.scope.set(scope);
|
|
35
|
+
return this;
|
|
36
|
+
}
|
|
37
|
+
getScope() {
|
|
38
|
+
return this.scope.get();
|
|
39
|
+
}
|
|
31
40
|
modelsFor(modelType) {
|
|
32
41
|
return this.modelService.allByPermissionFor(modelType, this.permission.getModelId());
|
|
33
42
|
}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { ModelQueryBuilderContract } from '@adonisjs/lucid/types/model';
|
|
2
|
-
import { ModelPermissionsQuery, MorphInterface, PermissionInterface, PermissionModel } from '../../types.js';
|
|
2
|
+
import { ModelPermissionsQuery, MorphInterface, PermissionInterface, PermissionModel, ScopeInterface } from '../../types.js';
|
|
3
3
|
import BaseService from '../base_service.js';
|
|
4
4
|
import { BaseModel } from '@adonisjs/lucid/orm';
|
|
5
5
|
export default class PermissionsService extends BaseService {
|
|
@@ -8,12 +8,13 @@ export default class PermissionsService extends BaseService {
|
|
|
8
8
|
private modelPermissionClassName;
|
|
9
9
|
private modelRoleClassName;
|
|
10
10
|
private map;
|
|
11
|
-
private
|
|
11
|
+
private scope;
|
|
12
12
|
private readonly permissionTable;
|
|
13
13
|
private modelPermissionQuery;
|
|
14
14
|
private readonly modelPermissionTable;
|
|
15
15
|
private readonly modelRoleTable;
|
|
16
|
-
constructor(permissionClassName: typeof BaseModel, roleClassName: typeof BaseModel, modelPermissionClassName: typeof BaseModel, modelRoleClassName: typeof BaseModel, map: MorphInterface);
|
|
16
|
+
constructor(permissionClassName: typeof BaseModel, roleClassName: typeof BaseModel, modelPermissionClassName: typeof BaseModel, modelRoleClassName: typeof BaseModel, map: MorphInterface, scope: ScopeInterface);
|
|
17
|
+
private get permissionQuery();
|
|
17
18
|
/**
|
|
18
19
|
* return all permissions, including forbidden
|
|
19
20
|
*/
|
|
@@ -30,6 +31,7 @@ export default class PermissionsService extends BaseService {
|
|
|
30
31
|
* all direct permissions
|
|
31
32
|
*/
|
|
32
33
|
direct(modelType: string, modelId: number, includeForbiddings?: boolean): ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
34
|
+
throughRoles(modelType: string, modelId: number, includeForbiddings?: boolean): Promise<PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>[]>;
|
|
33
35
|
directGlobal(modelType: string, modelId: number, includeForbiddings?: boolean): ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
34
36
|
/**
|
|
35
37
|
* return direct and resource assigned permissions
|
|
@@ -98,7 +100,13 @@ export default class PermissionsService extends BaseService {
|
|
|
98
100
|
findBySlug(slug: string, allowed?: boolean): Promise<PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
99
101
|
private modelPermissionQueryWithForbiddenCheck;
|
|
100
102
|
private modelPermissionQueryBuilder;
|
|
103
|
+
/**
|
|
104
|
+
* @deprecated
|
|
105
|
+
* @param conditions
|
|
106
|
+
*/
|
|
101
107
|
reverseModelPermissionQuery(conditions: Partial<ModelPermissionsQuery>): ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("../../types.js").ModelPermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
102
108
|
findAssignableEntity(permission: string[], entityClass: string | null, entityId: number | null, allowed: boolean): ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
103
109
|
private applyTargetRestriction;
|
|
110
|
+
private applyScopes;
|
|
111
|
+
private applyModelPermissionScopes;
|
|
104
112
|
}
|