@holoyan/adonisjs-permissions 0.8.21 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +295 -4
- package/build/index.d.ts +1 -1
- package/build/index.js +1 -1
- package/build/providers/role_permission_provider.js +11 -0
- package/build/src/acl.d.ts +18 -7
- package/build/src/acl.js +43 -21
- package/build/src/decorators.d.ts +3 -1
- package/build/src/events/index.d.ts +2 -0
- package/build/src/events/index.js +2 -0
- package/build/src/events/permissions/permissions.d.ts +80 -0
- package/build/src/events/permissions/permissions.js +113 -0
- package/build/src/events/roles/roles.d.ts +40 -0
- package/build/src/events/roles/roles.js +55 -0
- package/build/src/mixins/has_permissions.d.ts +248 -79
- package/build/src/mixins/has_permissions.js +199 -23
- package/build/src/models/model_permission.d.ts +0 -1
- package/build/src/models/model_permission.js +0 -4
- package/build/src/models/model_role.d.ts +0 -1
- package/build/src/models/model_role.js +0 -4
- package/build/src/models/permission.d.ts +3 -4
- package/build/src/models/permission.js +2 -8
- package/build/src/models/role.d.ts +3 -4
- package/build/src/models/role.js +2 -8
- package/build/src/services/base_adapter.d.ts +10 -3
- package/build/src/services/base_adapter.js +30 -6
- package/build/src/services/base_service.d.ts +7 -3
- package/build/src/services/base_service.js +8 -4
- package/build/src/services/models/model_has_role_permissions.d.ts +185 -0
- package/build/src/services/models/model_has_role_permissions.js +346 -0
- package/build/src/services/{model_service.d.ts → models/model_service.d.ts} +7 -5
- package/build/src/services/{model_service.js → models/model_service.js} +6 -4
- package/build/src/services/permissions/empty_permission.d.ts +10 -8
- package/build/src/services/permissions/empty_permission.js +26 -10
- package/build/src/services/permissions/permission_has_model_roles.d.ts +24 -17
- package/build/src/services/permissions/permission_has_model_roles.js +48 -31
- package/build/src/services/permissions/permissions_service.d.ts +25 -23
- package/build/src/services/permissions/permissions_service.js +12 -11
- package/build/src/services/roles/empty_roles.d.ts +11 -8
- package/build/src/services/roles/empty_roles.js +27 -8
- package/build/src/services/roles/role_has_model_permissions.d.ts +71 -20
- package/build/src/services/roles/role_has_model_permissions.js +87 -19
- package/build/src/services/roles/roles_service.d.ts +8 -4
- package/build/src/services/roles/roles_service.js +15 -16
- package/build/src/types.d.ts +18 -7
- package/build/stubs/middlewares/acl_middleware.stub +1 -0
- package/build/stubs/migrations/create_db.stub +71 -56
- package/package.json +3 -2
- package/build/src/services/model_has_role_permissions.d.ts +0 -65
- package/build/src/services/model_has_role_permissions.js +0 -189
|
@@ -0,0 +1,185 @@
|
|
|
1
|
+
import { AclModel, MorphInterface, OptionsInterface } from '../../types.js';
|
|
2
|
+
import RolesService from '../roles/roles_service.js';
|
|
3
|
+
import BaseAdapter from '../base_adapter.js';
|
|
4
|
+
import ModelManager from '../../model_manager.js';
|
|
5
|
+
import PermissionService from '../permissions/permissions_service.js';
|
|
6
|
+
import { Scope } from '../../scope.js';
|
|
7
|
+
import { Emitter } from '@adonisjs/core/events';
|
|
8
|
+
export declare class ModelHasRolePermissions extends BaseAdapter {
|
|
9
|
+
protected manager: ModelManager;
|
|
10
|
+
protected map: MorphInterface;
|
|
11
|
+
protected options: OptionsInterface;
|
|
12
|
+
protected scope: Scope;
|
|
13
|
+
protected model: AclModel;
|
|
14
|
+
protected emitter: Emitter<any>;
|
|
15
|
+
constructor(manager: ModelManager, map: MorphInterface, options: OptionsInterface, scope: Scope, model: AclModel, emitter: Emitter<any>);
|
|
16
|
+
get roleService(): RolesService;
|
|
17
|
+
get permissionService(): PermissionService;
|
|
18
|
+
roles(): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<typeof import("../../models/role.js").default, import("../../models/role.js").default>;
|
|
19
|
+
hasRole(role: string): Promise<boolean>;
|
|
20
|
+
hasAllRoles(...roles: string[]): Promise<boolean>;
|
|
21
|
+
hasAnyRole(...roles: string[]): Promise<boolean>;
|
|
22
|
+
/**
|
|
23
|
+
* Assign role to the model
|
|
24
|
+
* calls assignAllRoles
|
|
25
|
+
* @param role
|
|
26
|
+
*/
|
|
27
|
+
assignRole(role: string): Promise<void>;
|
|
28
|
+
/**
|
|
29
|
+
* Assign role to the model
|
|
30
|
+
* calls assignAllRoles
|
|
31
|
+
* @param role
|
|
32
|
+
*/
|
|
33
|
+
assign(role: string): Promise<void>;
|
|
34
|
+
/**
|
|
35
|
+
* Assign list of roles to the model
|
|
36
|
+
* @param roles
|
|
37
|
+
*/
|
|
38
|
+
assignAllRoles(...roles: string[]): Promise<void>;
|
|
39
|
+
/**
|
|
40
|
+
* Revoke role from the model
|
|
41
|
+
* calls revokeAllRoles
|
|
42
|
+
* @param role
|
|
43
|
+
*/
|
|
44
|
+
revokeRole(role: string): Promise<boolean>;
|
|
45
|
+
/**
|
|
46
|
+
* Revoke role from the model
|
|
47
|
+
* @param roles
|
|
48
|
+
*/
|
|
49
|
+
revokeAllRoles(...roles: string[]): Promise<boolean>;
|
|
50
|
+
flushRoles(): Promise<boolean>;
|
|
51
|
+
/**
|
|
52
|
+
* Sync roles with the model (detach all roles and assign new roles)
|
|
53
|
+
* @param roles - array of roles
|
|
54
|
+
* @param detach - if true, it will detach the existing roles
|
|
55
|
+
*/
|
|
56
|
+
syncRoles(roles: string[], detach?: boolean): Promise<void>;
|
|
57
|
+
/**
|
|
58
|
+
* Sync roles with the model without detaching the existing ones
|
|
59
|
+
* @param roles
|
|
60
|
+
*/
|
|
61
|
+
syncRolesWithoutDetaching(roles: string[]): Promise<void>;
|
|
62
|
+
permissions(includeForbiddings?: boolean): Promise<import("../../models/permission.js").default[]>;
|
|
63
|
+
/**
|
|
64
|
+
* returns list of global permissions assigned to the model
|
|
65
|
+
* @param includeForbiddings
|
|
66
|
+
*/
|
|
67
|
+
globalPermissions(includeForbiddings?: boolean): Promise<import("../../models/permission.js").default[]>;
|
|
68
|
+
/**
|
|
69
|
+
* @param includeForbiddings
|
|
70
|
+
*/
|
|
71
|
+
onResourcePermissions(includeForbiddings?: boolean): Promise<import("../../models/permission.js").default[]>;
|
|
72
|
+
directPermissions(includeForbiddings?: boolean): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<typeof import("../../models/permission.js").default, import("../../models/permission.js").default>;
|
|
73
|
+
/**
|
|
74
|
+
* Get permission through roles
|
|
75
|
+
* @param includeForbiddings
|
|
76
|
+
*/
|
|
77
|
+
rolePermissions(includeForbiddings?: boolean): Promise<import("../../models/permission.js").default[]>;
|
|
78
|
+
directGlobalPermissions(includeForbiddings?: boolean): Promise<import("../../models/permission.js").default[]>;
|
|
79
|
+
directResourcePermissions(includeForbiddings?: boolean): Promise<import("../../models/permission.js").default[]>;
|
|
80
|
+
containsPermission(permission: string): Promise<boolean>;
|
|
81
|
+
contains(permission: string): Promise<boolean>;
|
|
82
|
+
containsAllPermissions(permissions: string[]): Promise<boolean>;
|
|
83
|
+
containsAnyPermission(permissions: string[]): Promise<boolean>;
|
|
84
|
+
containsDirectPermission(permission: string): Promise<boolean>;
|
|
85
|
+
containsAllPermissionsDirectly(permissions: string[]): Promise<boolean>;
|
|
86
|
+
containsAnyPermissionDirectly(permissions: string[]): Promise<boolean>;
|
|
87
|
+
/**
|
|
88
|
+
* @param permission
|
|
89
|
+
* @param target
|
|
90
|
+
*/
|
|
91
|
+
hasPermission(permission: string, target?: AclModel | Function): Promise<boolean>;
|
|
92
|
+
/**
|
|
93
|
+
*
|
|
94
|
+
* @param permissions
|
|
95
|
+
* @param target
|
|
96
|
+
*/
|
|
97
|
+
hasAllPermissions(permissions: string[], target?: AclModel | Function): Promise<boolean>;
|
|
98
|
+
hasAnyPermission(permissions: string[], target?: AclModel | Function): Promise<boolean>;
|
|
99
|
+
hasAnyDirectPermission(permissions: string[], target?: AclModel | Function): Promise<boolean>;
|
|
100
|
+
hasDirectPermission(permission: string, target?: AclModel | Function): Promise<boolean>;
|
|
101
|
+
hasAllPermissionsDirect(permissions: string[], target?: AclModel | Function): Promise<boolean>;
|
|
102
|
+
can(permission: string, target?: AclModel | Function): Promise<boolean>;
|
|
103
|
+
canAll(permissions: string[], target?: AclModel | Function): Promise<boolean>;
|
|
104
|
+
canAny(permissions: string[], target?: AclModel | Function): Promise<boolean>;
|
|
105
|
+
/**
|
|
106
|
+
* calls assignDirectAllPermissions()
|
|
107
|
+
* @param permission
|
|
108
|
+
* @param target
|
|
109
|
+
*/
|
|
110
|
+
assignDirectPermission(permission: string, target?: AclModel | Function): Promise<import("../../models/model_permission.js").default[]>;
|
|
111
|
+
/**
|
|
112
|
+
*
|
|
113
|
+
* @param permissions
|
|
114
|
+
* @param target
|
|
115
|
+
*/
|
|
116
|
+
assignDirectAllPermissions(permissions: string[], target?: AclModel | Function): Promise<import("../../models/model_permission.js").default[]>;
|
|
117
|
+
/**
|
|
118
|
+
* Assign permission to the model
|
|
119
|
+
* calls assignDirectAllPermissions
|
|
120
|
+
* @param permission
|
|
121
|
+
* @param target
|
|
122
|
+
*/
|
|
123
|
+
allow(permission: string, target?: AclModel | Function): Promise<import("../../models/model_permission.js").default[]>;
|
|
124
|
+
/**
|
|
125
|
+
* Assign list of permissions to the model
|
|
126
|
+
* calls assignDirectAllPermissions
|
|
127
|
+
* @param permission
|
|
128
|
+
* @param target
|
|
129
|
+
*/
|
|
130
|
+
allowAll(permission: string[], target?: AclModel | Function): Promise<import("../../models/model_permission.js").default[]>;
|
|
131
|
+
/**
|
|
132
|
+
* Revoke permission from the model
|
|
133
|
+
* calls revokeAllPermissions
|
|
134
|
+
* @param permission
|
|
135
|
+
* @param target
|
|
136
|
+
*/
|
|
137
|
+
revokePermission(permission: string, target?: AclModel | Function): Promise<any[]>;
|
|
138
|
+
/**
|
|
139
|
+
* Revoke permission from the model
|
|
140
|
+
* calls revokeAllPermissions
|
|
141
|
+
* @param permission
|
|
142
|
+
* @param target
|
|
143
|
+
*/
|
|
144
|
+
revoke(permission: string, target?: AclModel | Function): Promise<any[]>;
|
|
145
|
+
/**
|
|
146
|
+
* Revoke list of permissions from the model
|
|
147
|
+
* calls revokeAllPermissions
|
|
148
|
+
* @param permissions
|
|
149
|
+
* @param target
|
|
150
|
+
*/
|
|
151
|
+
revokeAll(permissions: string[], target?: AclModel | Function): Promise<any[]>;
|
|
152
|
+
/**
|
|
153
|
+
* @param permissions
|
|
154
|
+
* @param target
|
|
155
|
+
*/
|
|
156
|
+
revokeAllPermissions(permissions: string[], target?: AclModel | Function): Promise<any[]>;
|
|
157
|
+
flushPermissions(): Promise<any[]>;
|
|
158
|
+
/**
|
|
159
|
+
* @param permissions
|
|
160
|
+
* @param target
|
|
161
|
+
*/
|
|
162
|
+
syncPermissions(permissions: string[], target?: AclModel | Function): Promise<import("../../models/model_permission.js").default[]>;
|
|
163
|
+
flush(): Promise<boolean>;
|
|
164
|
+
/**
|
|
165
|
+
* calls forbidAll
|
|
166
|
+
* @param permission
|
|
167
|
+
* @param target
|
|
168
|
+
*/
|
|
169
|
+
forbid(permission: string, target?: AclModel | Function): Promise<void>;
|
|
170
|
+
/**
|
|
171
|
+
* @param permissions
|
|
172
|
+
* @param target
|
|
173
|
+
*/
|
|
174
|
+
forbidAll(permissions: string[], target?: AclModel | Function): Promise<void>;
|
|
175
|
+
/**
|
|
176
|
+
* @param permissions
|
|
177
|
+
* @param target
|
|
178
|
+
*/
|
|
179
|
+
unforbidAll(permissions: string[], target?: AclModel | Function): Promise<any[]>;
|
|
180
|
+
/**
|
|
181
|
+
* @param permission
|
|
182
|
+
* @param target
|
|
183
|
+
*/
|
|
184
|
+
unforbid(permission: string, target?: AclModel | Function): Promise<any[]>;
|
|
185
|
+
}
|
|
@@ -0,0 +1,346 @@
|
|
|
1
|
+
import RolesService from '../roles/roles_service.js';
|
|
2
|
+
import { destructTarget, formatList } from '../helper.js';
|
|
3
|
+
import BaseAdapter from '../base_adapter.js';
|
|
4
|
+
import PermissionService from '../permissions/permissions_service.js';
|
|
5
|
+
import { PermissionsAttachedToModelEvent, PermissionsDetachedFromModelEvent, PermissionsFlushedEvent, PermissionsForbadeEvent, PermissionsUnForbadeEvent, } from '../../events/index.js';
|
|
6
|
+
import { RolesAttachedToModel, RolesDetachedFromModelEvent, RolesFlushedFromModelEvent, } from '../../events/index.js';
|
|
7
|
+
export class ModelHasRolePermissions extends BaseAdapter {
|
|
8
|
+
manager;
|
|
9
|
+
map;
|
|
10
|
+
options;
|
|
11
|
+
scope;
|
|
12
|
+
model;
|
|
13
|
+
emitter;
|
|
14
|
+
constructor(manager, map, options, scope, model, emitter) {
|
|
15
|
+
super(manager, map, options, scope, emitter);
|
|
16
|
+
this.manager = manager;
|
|
17
|
+
this.map = map;
|
|
18
|
+
this.options = options;
|
|
19
|
+
this.scope = scope;
|
|
20
|
+
this.model = model;
|
|
21
|
+
this.emitter = emitter;
|
|
22
|
+
}
|
|
23
|
+
get roleService() {
|
|
24
|
+
const role = this.manager.getModel('role');
|
|
25
|
+
const modelPermission = this.manager.getModel('modelPermission');
|
|
26
|
+
const modelRole = this.manager.getModel('modelRole');
|
|
27
|
+
return new RolesService(this.options, this.scope, role, modelPermission, modelRole, this.map).setQueryOptions(this.queryOptions);
|
|
28
|
+
}
|
|
29
|
+
get permissionService() {
|
|
30
|
+
const role = this.manager.getModel('role');
|
|
31
|
+
const modelPermission = this.manager.getModel('modelPermission');
|
|
32
|
+
const modelRole = this.manager.getModel('modelRole');
|
|
33
|
+
return new PermissionService(this.options, this.scope, this.manager.getModel('permission'), role, modelPermission, modelRole, this.map).setQueryOptions(this.queryOptions);
|
|
34
|
+
}
|
|
35
|
+
// roles related section BEGIN
|
|
36
|
+
roles() {
|
|
37
|
+
return this.roleService.all(this.map.getAlias(this.model), this.model.getModelId());
|
|
38
|
+
}
|
|
39
|
+
hasRole(role) {
|
|
40
|
+
return this.roleService.has(this.map.getAlias(this.model), this.model.getModelId(), role);
|
|
41
|
+
}
|
|
42
|
+
hasAllRoles(...roles) {
|
|
43
|
+
return this.roleService.hasAll(this.map.getAlias(this.model), this.model.getModelId(), roles);
|
|
44
|
+
}
|
|
45
|
+
hasAnyRole(...roles) {
|
|
46
|
+
return this.roleService.hasAny(this.map.getAlias(this.model), this.model.getModelId(), roles);
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Assign role to the model
|
|
50
|
+
* calls assignAllRoles
|
|
51
|
+
* @param role
|
|
52
|
+
*/
|
|
53
|
+
assignRole(role) {
|
|
54
|
+
return this.assignAllRoles(role);
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* Assign role to the model
|
|
58
|
+
* calls assignAllRoles
|
|
59
|
+
* @param role
|
|
60
|
+
*/
|
|
61
|
+
assign(role) {
|
|
62
|
+
return this.assignAllRoles(role);
|
|
63
|
+
}
|
|
64
|
+
/**
|
|
65
|
+
* Assign list of roles to the model
|
|
66
|
+
* @param roles
|
|
67
|
+
*/
|
|
68
|
+
async assignAllRoles(...roles) {
|
|
69
|
+
const assigned = await this.roleService.assignAll(roles, this.map.getAlias(this.model), this.model.getModelId());
|
|
70
|
+
if (assigned) {
|
|
71
|
+
this.fire(RolesAttachedToModel, roles, this.model);
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
/**
|
|
75
|
+
* Revoke role from the model
|
|
76
|
+
* calls revokeAllRoles
|
|
77
|
+
* @param role
|
|
78
|
+
*/
|
|
79
|
+
revokeRole(role) {
|
|
80
|
+
return this.revokeAllRoles(role);
|
|
81
|
+
}
|
|
82
|
+
/**
|
|
83
|
+
* Revoke role from the model
|
|
84
|
+
* @param roles
|
|
85
|
+
*/
|
|
86
|
+
async revokeAllRoles(...roles) {
|
|
87
|
+
const { slugs } = formatList(roles);
|
|
88
|
+
const revoked = await this.roleService.revokeAll(slugs, this.model);
|
|
89
|
+
if (revoked) {
|
|
90
|
+
this.fire(RolesDetachedFromModelEvent, roles, this.model);
|
|
91
|
+
}
|
|
92
|
+
return revoked;
|
|
93
|
+
}
|
|
94
|
+
async flushRoles() {
|
|
95
|
+
const deleted = await this.roleService.flush(this.map.getAlias(this.model), this.model.getModelId());
|
|
96
|
+
if (deleted.length) {
|
|
97
|
+
this.fire(RolesFlushedFromModelEvent, this.model);
|
|
98
|
+
}
|
|
99
|
+
return deleted.length > 0;
|
|
100
|
+
}
|
|
101
|
+
/**
|
|
102
|
+
* Sync roles with the model (detach all roles and assign new roles)
|
|
103
|
+
* @param roles - array of roles
|
|
104
|
+
* @param detach - if true, it will detach the existing roles
|
|
105
|
+
*/
|
|
106
|
+
async syncRoles(roles, detach = true) {
|
|
107
|
+
if (detach) {
|
|
108
|
+
await this.flushRoles();
|
|
109
|
+
}
|
|
110
|
+
return this.assignAllRoles(...roles);
|
|
111
|
+
}
|
|
112
|
+
/**
|
|
113
|
+
* Sync roles with the model without detaching the existing ones
|
|
114
|
+
* @param roles
|
|
115
|
+
*/
|
|
116
|
+
syncRolesWithoutDetaching(roles) {
|
|
117
|
+
return this.syncRoles(roles, false);
|
|
118
|
+
}
|
|
119
|
+
// roles related section END
|
|
120
|
+
// permissions related section BEGIN
|
|
121
|
+
async permissions(includeForbiddings = false) {
|
|
122
|
+
return this.permissionService.all(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
123
|
+
}
|
|
124
|
+
/**
|
|
125
|
+
* returns list of global permissions assigned to the model
|
|
126
|
+
* @param includeForbiddings
|
|
127
|
+
*/
|
|
128
|
+
async globalPermissions(includeForbiddings = false) {
|
|
129
|
+
return this.permissionService.global(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
130
|
+
}
|
|
131
|
+
/**
|
|
132
|
+
* @param includeForbiddings
|
|
133
|
+
*/
|
|
134
|
+
async onResourcePermissions(includeForbiddings = false) {
|
|
135
|
+
return this.permissionService.onResource(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
136
|
+
}
|
|
137
|
+
directPermissions(includeForbiddings = false) {
|
|
138
|
+
return this.permissionService.direct(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
139
|
+
}
|
|
140
|
+
/**
|
|
141
|
+
* Get permission through roles
|
|
142
|
+
* @param includeForbiddings
|
|
143
|
+
*/
|
|
144
|
+
rolePermissions(includeForbiddings = false) {
|
|
145
|
+
return this.permissionService.throughRoles(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
146
|
+
}
|
|
147
|
+
async directGlobalPermissions(includeForbiddings = false) {
|
|
148
|
+
return this.permissionService.directGlobal(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
149
|
+
}
|
|
150
|
+
async directResourcePermissions(includeForbiddings = false) {
|
|
151
|
+
return this.permissionService.directResource(this.map.getAlias(this.model), this.model.getModelId(), includeForbiddings);
|
|
152
|
+
}
|
|
153
|
+
async containsPermission(permission) {
|
|
154
|
+
const result = await this.permissionService.containsAny(this.map.getAlias(this.model), this.model.getModelId(), [permission]);
|
|
155
|
+
return result;
|
|
156
|
+
}
|
|
157
|
+
async contains(permission) {
|
|
158
|
+
return this.containsPermission(permission);
|
|
159
|
+
}
|
|
160
|
+
async containsAllPermissions(permissions) {
|
|
161
|
+
const result = await this.permissionService.containsAll(this.map.getAlias(this.model), this.model.getModelId(), permissions);
|
|
162
|
+
return result;
|
|
163
|
+
}
|
|
164
|
+
containsAnyPermission(permissions) {
|
|
165
|
+
return this.permissionService.containsAny(this.map.getAlias(this.model), this.model.getModelId(), permissions);
|
|
166
|
+
}
|
|
167
|
+
containsDirectPermission(permission) {
|
|
168
|
+
return this.permissionService.containsAnyDirect(this.map.getAlias(this.model), this.model.getModelId(), [permission]);
|
|
169
|
+
}
|
|
170
|
+
containsAllPermissionsDirectly(permissions) {
|
|
171
|
+
return this.permissionService.containsAllDirect(this.map.getAlias(this.model), this.model.getModelId(), permissions);
|
|
172
|
+
}
|
|
173
|
+
async containsAnyPermissionDirectly(permissions) {
|
|
174
|
+
return await this.permissionService.containsAnyDirect(this.map.getAlias(this.model), this.model.getModelId(), permissions);
|
|
175
|
+
}
|
|
176
|
+
/**
|
|
177
|
+
* @param permission
|
|
178
|
+
* @param target
|
|
179
|
+
*/
|
|
180
|
+
async hasPermission(permission, target) {
|
|
181
|
+
return this.hasAnyPermission([permission], target);
|
|
182
|
+
}
|
|
183
|
+
/**
|
|
184
|
+
*
|
|
185
|
+
* @param permissions
|
|
186
|
+
* @param target
|
|
187
|
+
*/
|
|
188
|
+
async hasAllPermissions(permissions, target) {
|
|
189
|
+
const entity = await destructTarget(this.map, target);
|
|
190
|
+
return await this.permissionService.hasAll(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId);
|
|
191
|
+
}
|
|
192
|
+
async hasAnyPermission(permissions, target) {
|
|
193
|
+
const entity = await destructTarget(this.map, target);
|
|
194
|
+
return await this.permissionService.hasAny(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId);
|
|
195
|
+
}
|
|
196
|
+
async hasAnyDirectPermission(permissions, target) {
|
|
197
|
+
const entity = await destructTarget(this.map, target);
|
|
198
|
+
return await this.permissionService.hasAnyDirect(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId);
|
|
199
|
+
}
|
|
200
|
+
async hasDirectPermission(permission, target) {
|
|
201
|
+
return this.hasAnyDirectPermission([permission], target);
|
|
202
|
+
}
|
|
203
|
+
async hasAllPermissionsDirect(permissions, target) {
|
|
204
|
+
const entity = await destructTarget(this.map, target);
|
|
205
|
+
return await this.permissionService.hasAllDirect(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId);
|
|
206
|
+
}
|
|
207
|
+
can(permission, target) {
|
|
208
|
+
return this.hasPermission(permission, target);
|
|
209
|
+
}
|
|
210
|
+
canAll(permissions, target) {
|
|
211
|
+
return this.hasAllPermissions(permissions, target);
|
|
212
|
+
}
|
|
213
|
+
canAny(permissions, target) {
|
|
214
|
+
return this.hasAnyPermission(permissions, target);
|
|
215
|
+
}
|
|
216
|
+
/**
|
|
217
|
+
* calls assignDirectAllPermissions()
|
|
218
|
+
* @param permission
|
|
219
|
+
* @param target
|
|
220
|
+
*/
|
|
221
|
+
async assignDirectPermission(permission, target) {
|
|
222
|
+
return this.assignDirectAllPermissions([permission], target);
|
|
223
|
+
}
|
|
224
|
+
/**
|
|
225
|
+
*
|
|
226
|
+
* @param permissions
|
|
227
|
+
* @param target
|
|
228
|
+
*/
|
|
229
|
+
async assignDirectAllPermissions(permissions, target) {
|
|
230
|
+
const entity = await destructTarget(this.map, target);
|
|
231
|
+
const assigned = await this.permissionService.giveAll(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId, true);
|
|
232
|
+
this.fire(PermissionsAttachedToModelEvent, assigned.map((item) => item.permissionId), this.model);
|
|
233
|
+
return assigned;
|
|
234
|
+
}
|
|
235
|
+
/**
|
|
236
|
+
* Assign permission to the model
|
|
237
|
+
* calls assignDirectAllPermissions
|
|
238
|
+
* @param permission
|
|
239
|
+
* @param target
|
|
240
|
+
*/
|
|
241
|
+
allow(permission, target) {
|
|
242
|
+
return this.allowAll([permission], target);
|
|
243
|
+
}
|
|
244
|
+
/**
|
|
245
|
+
* Assign list of permissions to the model
|
|
246
|
+
* calls assignDirectAllPermissions
|
|
247
|
+
* @param permission
|
|
248
|
+
* @param target
|
|
249
|
+
*/
|
|
250
|
+
allowAll(permission, target) {
|
|
251
|
+
return this.assignDirectAllPermissions(permission, target);
|
|
252
|
+
}
|
|
253
|
+
/**
|
|
254
|
+
* Revoke permission from the model
|
|
255
|
+
* calls revokeAllPermissions
|
|
256
|
+
* @param permission
|
|
257
|
+
* @param target
|
|
258
|
+
*/
|
|
259
|
+
async revokePermission(permission, target) {
|
|
260
|
+
return this.revokeAllPermissions([permission], target);
|
|
261
|
+
}
|
|
262
|
+
/**
|
|
263
|
+
* Revoke permission from the model
|
|
264
|
+
* calls revokeAllPermissions
|
|
265
|
+
* @param permission
|
|
266
|
+
* @param target
|
|
267
|
+
*/
|
|
268
|
+
async revoke(permission, target) {
|
|
269
|
+
return this.revokeAllPermissions([permission], target);
|
|
270
|
+
}
|
|
271
|
+
/**
|
|
272
|
+
* Revoke list of permissions from the model
|
|
273
|
+
* calls revokeAllPermissions
|
|
274
|
+
* @param permissions
|
|
275
|
+
* @param target
|
|
276
|
+
*/
|
|
277
|
+
async revokeAll(permissions, target) {
|
|
278
|
+
return this.revokeAllPermissions(permissions, target);
|
|
279
|
+
}
|
|
280
|
+
/**
|
|
281
|
+
* @param permissions
|
|
282
|
+
* @param target
|
|
283
|
+
*/
|
|
284
|
+
async revokeAllPermissions(permissions, target) {
|
|
285
|
+
const entity = await destructTarget(this.map, target);
|
|
286
|
+
const revoked = this.permissionService.revokeAll(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId);
|
|
287
|
+
this.fire(PermissionsDetachedFromModelEvent, permissions, this.model);
|
|
288
|
+
return revoked;
|
|
289
|
+
}
|
|
290
|
+
async flushPermissions() {
|
|
291
|
+
const flushed = await this.permissionService.flush(this.map.getAlias(this.model), this.model.getModelId());
|
|
292
|
+
if (flushed.length) {
|
|
293
|
+
this.fire(PermissionsFlushedEvent, this.model);
|
|
294
|
+
}
|
|
295
|
+
return flushed;
|
|
296
|
+
}
|
|
297
|
+
/**
|
|
298
|
+
* @param permissions
|
|
299
|
+
* @param target
|
|
300
|
+
*/
|
|
301
|
+
async syncPermissions(permissions, target) {
|
|
302
|
+
await this.flushPermissions();
|
|
303
|
+
return this.allowAll(permissions, target);
|
|
304
|
+
}
|
|
305
|
+
async flush() {
|
|
306
|
+
await this.flushPermissions();
|
|
307
|
+
await this.roleService.flush(this.map.getAlias(this.model), this.model.getModelId());
|
|
308
|
+
return true;
|
|
309
|
+
}
|
|
310
|
+
/**
|
|
311
|
+
* calls forbidAll
|
|
312
|
+
* @param permission
|
|
313
|
+
* @param target
|
|
314
|
+
*/
|
|
315
|
+
async forbid(permission, target) {
|
|
316
|
+
return this.forbidAll([permission], target);
|
|
317
|
+
}
|
|
318
|
+
/**
|
|
319
|
+
* @param permissions
|
|
320
|
+
* @param target
|
|
321
|
+
*/
|
|
322
|
+
async forbidAll(permissions, target) {
|
|
323
|
+
const entity = await destructTarget(this.map, target);
|
|
324
|
+
const forbade = await this.permissionService.forbidAll(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId);
|
|
325
|
+
this.fire(PermissionsForbadeEvent, forbade.map((item) => item.permissionId), this.model);
|
|
326
|
+
}
|
|
327
|
+
/**
|
|
328
|
+
* @param permissions
|
|
329
|
+
* @param target
|
|
330
|
+
*/
|
|
331
|
+
async unforbidAll(permissions, target) {
|
|
332
|
+
const entity = await destructTarget(this.map, target);
|
|
333
|
+
const unforbade = await this.permissionService.unforbidAll(this.map.getAlias(this.model), this.model.getModelId(), permissions, entity.targetClass, entity.targetId);
|
|
334
|
+
if (unforbade.length) {
|
|
335
|
+
this.fire(PermissionsUnForbadeEvent, unforbade.map((item) => item.permissionId), this.model);
|
|
336
|
+
}
|
|
337
|
+
return unforbade;
|
|
338
|
+
}
|
|
339
|
+
/**
|
|
340
|
+
* @param permission
|
|
341
|
+
* @param target
|
|
342
|
+
*/
|
|
343
|
+
async unforbid(permission, target) {
|
|
344
|
+
return this.unforbidAll([permission], target);
|
|
345
|
+
}
|
|
346
|
+
}
|
|
@@ -1,8 +1,10 @@
|
|
|
1
|
-
import BaseService from '
|
|
1
|
+
import BaseService from '../base_service.js';
|
|
2
2
|
import { BaseModel } from '@adonisjs/lucid/orm';
|
|
3
|
-
import { ModelIdType, MorphInterface, OptionsInterface } from '
|
|
3
|
+
import { ModelIdType, MorphInterface, OptionsInterface } from '../../types.js';
|
|
4
|
+
import { Scope } from '../../scope.js';
|
|
4
5
|
export default class ModelService extends BaseService {
|
|
5
6
|
protected options: OptionsInterface;
|
|
7
|
+
protected scope: Scope;
|
|
6
8
|
private modelPermissionClassName;
|
|
7
9
|
private modelRoleClassName;
|
|
8
10
|
private map;
|
|
@@ -10,9 +12,9 @@ export default class ModelService extends BaseService {
|
|
|
10
12
|
private readonly modelPermissionTable;
|
|
11
13
|
private modelRoleQuery;
|
|
12
14
|
private readonly modelRoleTable;
|
|
13
|
-
constructor(options: OptionsInterface, modelPermissionClassName: typeof BaseModel, modelRoleClassName: typeof BaseModel, map: MorphInterface);
|
|
14
|
-
all(roleId: number): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("
|
|
15
|
+
constructor(options: OptionsInterface, scope: Scope, modelPermissionClassName: typeof BaseModel, modelRoleClassName: typeof BaseModel, map: MorphInterface);
|
|
16
|
+
all(roleId: number): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("../../types.js").ModelRoleModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
15
17
|
allFor(modelType: string, roleId: number): Promise<any>;
|
|
16
|
-
allByPermission(permissionId: ModelIdType): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("
|
|
18
|
+
allByPermission(permissionId: ModelIdType): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, import("../../types.js").ModelPermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
17
19
|
allByPermissionFor(modelType: string, permissionId: ModelIdType): Promise<any>;
|
|
18
20
|
}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
|
-
import BaseService from '
|
|
2
|
-
import { getModelPermissionModelQuery, getModelRoleModelQuery } from '
|
|
1
|
+
import BaseService from '../base_service.js';
|
|
2
|
+
import { getModelPermissionModelQuery, getModelRoleModelQuery } from '../query_helper.js';
|
|
3
3
|
export default class ModelService extends BaseService {
|
|
4
4
|
options;
|
|
5
|
+
scope;
|
|
5
6
|
modelPermissionClassName;
|
|
6
7
|
modelRoleClassName;
|
|
7
8
|
map;
|
|
@@ -9,9 +10,10 @@ export default class ModelService extends BaseService {
|
|
|
9
10
|
modelPermissionTable;
|
|
10
11
|
modelRoleQuery;
|
|
11
12
|
modelRoleTable;
|
|
12
|
-
constructor(options, modelPermissionClassName, modelRoleClassName, map) {
|
|
13
|
-
super(options);
|
|
13
|
+
constructor(options, scope, modelPermissionClassName, modelRoleClassName, map) {
|
|
14
|
+
super(options, scope);
|
|
14
15
|
this.options = options;
|
|
16
|
+
this.scope = scope;
|
|
15
17
|
this.modelPermissionClassName = modelPermissionClassName;
|
|
16
18
|
this.modelRoleClassName = modelRoleClassName;
|
|
17
19
|
this.map = map;
|
|
@@ -1,15 +1,17 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { MorphInterface, OptionsInterface, PermissionInterface, PermissionModel } from '../../types.js';
|
|
1
|
+
import { ModelManagerBindings, MorphInterface, OptionsInterface, PermissionInterface, PermissionModel } from '../../types.js';
|
|
3
2
|
import BaseAdapter from '../base_adapter.js';
|
|
4
3
|
import ModelManager from '../../model_manager.js';
|
|
4
|
+
import { Emitter } from '@adonisjs/core/events';
|
|
5
|
+
import { Scope } from '../../scope.js';
|
|
5
6
|
export default class EmptyPermission extends BaseAdapter {
|
|
6
7
|
protected manager: ModelManager;
|
|
7
8
|
protected map: MorphInterface;
|
|
8
9
|
protected options: OptionsInterface;
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
10
|
+
protected scope: Scope;
|
|
11
|
+
protected emitter: Emitter<any>;
|
|
12
|
+
permissionClassName: ModelManagerBindings['permission'];
|
|
13
|
+
constructor(manager: ModelManager, map: MorphInterface, options: OptionsInterface, scope: Scope, emitter: Emitter<any>);
|
|
14
|
+
get permissionQuery(): import("@adonisjs/lucid/types/model").ModelQueryBuilderContract<import("@adonisjs/lucid/types/model").LucidModel, PermissionModel<import("@adonisjs/lucid/types/model").LucidModel>>;
|
|
15
|
+
create(values: Partial<PermissionInterface>): Promise<PermissionModel<typeof import("../../models/permission.js").default>>;
|
|
16
|
+
delete(permission: string): Promise<boolean>;
|
|
15
17
|
}
|
|
@@ -1,21 +1,24 @@
|
|
|
1
1
|
import { getPermissionModelQuery } from '../query_helper.js';
|
|
2
2
|
import BaseAdapter from '../base_adapter.js';
|
|
3
|
+
import { PermissionCreatedEvent, PermissionDeletedEvent } from '../../events/index.js';
|
|
3
4
|
export default class EmptyPermission extends BaseAdapter {
|
|
4
5
|
manager;
|
|
5
6
|
map;
|
|
6
7
|
options;
|
|
7
|
-
|
|
8
|
+
scope;
|
|
9
|
+
emitter;
|
|
8
10
|
permissionClassName;
|
|
9
|
-
constructor(manager, map, options) {
|
|
10
|
-
super(manager, map, options);
|
|
11
|
+
constructor(manager, map, options, scope, emitter) {
|
|
12
|
+
super(manager, map, options, scope, emitter);
|
|
11
13
|
this.manager = manager;
|
|
12
14
|
this.map = map;
|
|
13
15
|
this.options = options;
|
|
16
|
+
this.scope = scope;
|
|
17
|
+
this.emitter = emitter;
|
|
14
18
|
this.permissionClassName = manager.getModel('permission');
|
|
15
|
-
this.permissionQuery = getPermissionModelQuery(this.permissionClassName);
|
|
16
19
|
}
|
|
17
|
-
|
|
18
|
-
return this.
|
|
20
|
+
get permissionQuery() {
|
|
21
|
+
return getPermissionModelQuery(this.permissionClassName, this.queryOptions);
|
|
19
22
|
}
|
|
20
23
|
async create(values) {
|
|
21
24
|
if (!values.slug) {
|
|
@@ -23,11 +26,24 @@ export default class EmptyPermission extends BaseAdapter {
|
|
|
23
26
|
}
|
|
24
27
|
const search = {
|
|
25
28
|
slug: values.slug,
|
|
26
|
-
scope: values.scope || this.getScope(),
|
|
29
|
+
scope: values.scope || this.getScope().get(),
|
|
27
30
|
};
|
|
28
|
-
|
|
31
|
+
values.scope = values.scope || this.getScope().get();
|
|
32
|
+
let permission = await this.permissionClassName.findBy(search);
|
|
33
|
+
if (!permission) {
|
|
34
|
+
permission = await this.permissionClassName.create(values);
|
|
35
|
+
this.fire(PermissionCreatedEvent, permission);
|
|
36
|
+
}
|
|
37
|
+
return permission;
|
|
29
38
|
}
|
|
30
|
-
|
|
31
|
-
|
|
39
|
+
async delete(permission) {
|
|
40
|
+
const deleted = await this.permissionQuery
|
|
41
|
+
.where('slug', permission)
|
|
42
|
+
.where('scope', this.getScope().get())
|
|
43
|
+
.delete();
|
|
44
|
+
if (deleted.length > 0) {
|
|
45
|
+
this.fire(PermissionDeletedEvent, permission);
|
|
46
|
+
}
|
|
47
|
+
return deleted.length > 0;
|
|
32
48
|
}
|
|
33
49
|
}
|