@lark-apaas/auth-sdk 0.1.0-alpha.77 → 0.1.0-alpha.78

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/lib/AuthProvider.d.ts +31 -46
  2. package/lib/AuthProvider.d.ts.map +1 -1
  3. package/lib/AuthProvider.js +27 -30
  4. package/lib/ability-factory.d.ts +6 -4
  5. package/lib/ability-factory.d.ts.map +1 -1
  6. package/lib/ability-factory.js +9 -5
  7. package/lib/index.d.ts +2 -3
  8. package/lib/index.d.ts.map +1 -1
  9. package/lib/index.js +2 -2
  10. package/lib/permission-client.d.ts +0 -4
  11. package/lib/permission-client.d.ts.map +1 -1
  12. package/lib/permission-client.js +0 -26
  13. package/lib/types.d.ts +10 -3
  14. package/lib/types.d.ts.map +1 -1
  15. package/package.json +1 -1
package/lib/AuthProvider.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import React from 'react';
2
2
  import { MongoAbility } from '@casl/ability';
3
- import type { AuthSdkConfig } from './types';
3
+ import type { AuthSdkConfig, PermissionPointData } from './types';
4
4
  /**
5
5
  * Ability Context - 用于在组件树中共享 Ability 实例
6
6
  */
@@ -11,7 +11,7 @@ export declare const AbilityContext: React.Context<MongoAbility<import("@casl/ab
11
11
  */
12
12
  interface AuthStateContextValue {
13
13
  ability: MongoAbility;
14
- permissions: string[];
14
+ permissions: PermissionPointData[];
15
15
  isLoading: boolean;
16
16
  error: Error | null;
17
17
  fetchPermissions: (userId?: string) => Promise<void>;
@@ -74,32 +74,6 @@ export declare function getAbility(permissionApiConfig: AuthSdkConfig['permissio
74
74
  * ```
75
75
  */
76
76
  export declare function useAuth(): AuthStateContextValue;
77
- /**
78
- * CASL 原始 Can 组件(内部使用)
79
- */
80
- declare const CaslCan: React.FunctionComponent<import("@casl/react").BoundCanProps<MongoAbility<import("@casl/ability").AbilityTuple, import("@casl/ability").MongoQuery>>>;
81
- /**
82
- * Can Component - 基于 Ability 实例的条件渲染组件
83
- *
84
- * 内置 isLoading 保护:权限加载期间渲染 fallback(默认为 null),
85
- * 避免因 ability 未就绪而误判为无权限导致内容闪烁。
86
- *
87
- * @example
88
- * ```tsx
89
- * import { Can } from '@lark-apaas/auth-sdk';
90
- *
91
- * function MyComponent() {
92
- * return (
93
- * <Can I="Admin" a="@role" fallback={<Loading />}>
94
- * <TaskList />
95
- * </Can>
96
- * );
97
- * }
98
- * ```
99
- */
100
- export declare function Can({ fallback, ...props }: React.ComponentProps<typeof CaslCan> & {
101
- fallback?: React.ReactNode;
102
- }): import("react/jsx-runtime").JSX.Element;
103
77
  /**
104
78
  * CanRole Component - 基于角色的条件渲染组件
105
79
  *
@@ -127,35 +101,46 @@ export declare function CanRole({ children, roles, fallback, }: {
127
101
  /**
128
102
  * useUserPermissions Hook - 获取当前用户的权限点位列表
129
103
  */
130
- export declare function useUserPermissions(): string[];
104
+ export declare function useUserPermissions(): PermissionPointData[];
131
105
  /**
132
- * useCanPermission Hook - 判断用户是否拥有指定权限点位
106
+ * useCan Hook - 通过 CASL Ability 判断用户是否拥有指定权限
133
107
  *
134
- * @param permissions - 需要检查的权限点位列表
135
- * @param match - 匹配模式:'any' 任一匹配即可,'all' 需要全部匹配
108
+ * @param action - 操作类型,如 'read', 'create'
109
+ * @param subject - 资源类型,如 'Task', 'Article';角色检查时传 '@role'
110
+ *
111
+ * @example
112
+ * ```ts
113
+ * const { allowed: canRead, isLoading } = useCan('read', 'Task');
114
+ * if (isLoading) return <Loading />;
115
+ * if (!canRead) return <NoAccess />;
116
+ * ```
136
117
  */
137
- export declare function useCanPermission(permissions: string[], match?: 'any' | 'all'): boolean;
118
+ export declare function useCan(action: string, subject: string): {
119
+ allowed: boolean;
120
+ isLoading: boolean;
121
+ };
138
122
  /**
139
- * CanPermission Component - 基于权限点位的条件渲染组件
123
+ * Can Component - 基于 CASL Ability 的条件渲染组件
124
+ * 前后端统一:后端 @Can('read', 'Task'),前端 <Can action="read" subject="Task">
140
125
  *
141
126
  * @example
142
127
  * ```tsx
143
- * import { CanPermission } from '@lark-apaas/auth-sdk';
128
+ * import { Can } from '@lark-apaas/auth-sdk';
144
129
  *
145
- * function MyComponent() {
146
- * return (
147
- * <CanPermission permissions={['task:create', 'task:edit']} match="any">
148
- * <TaskEditor />
149
- * </CanPermission>
150
- * );
151
- * }
130
+ * <Can action="read" subject="Task">
131
+ * <TaskList />
132
+ * </Can>
133
+ *
134
+ * <Can action="delete" subject="Task" fallback={<Skeleton />}>
135
+ * <DeleteButton />
136
+ * </Can>
152
137
  * ```
153
138
  */
154
- export declare function CanPermission({ children, permissions, match, fallback, }: {
139
+ export declare function Can({ children, action, subject, fallback, }: {
155
140
  children: React.ReactNode;
156
- permissions: string[];
157
- match?: 'any' | 'all';
141
+ action: string;
142
+ subject: string;
158
143
  fallback?: React.ReactNode;
159
- }): import("react/jsx-runtime").JSX.Element;
144
+ }): import("react/jsx-runtime").JSX.Element | null;
160
145
  export {};
161
146
  //# sourceMappingURL=AuthProvider.d.ts.map
package/lib/AuthProvider.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthProvider.d.ts","sourceRoot":"","sources":["../src/AuthProvider.tsx"],"names":[],"mappings":"AAAA,OAAO,KAMN,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAK7C;;GAEG;AACH,eAAO,MAAM,cAAc,uGAE1B,CAAC;AAOF;;;GAGG;AACH,UAAU,qBAAqB;IAC7B,OAAO,EAAE,YAAY,CAAC;IACtB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,gBAAgB,EAAE,CAAC,MAAM,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACtD;AAOD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,MAAM,CAAC,EAAE,aAAa,CAAC;CACxB;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,YAAY,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,iBAAiB,2CA+EnE;AAED;;;;;GAKG;AACH,wBAAsB,UAAU,CAC9B,mBAAmB,EAAE,aAAa,CAAC,eAAe,CAAC,2GAmBpD;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,OAAO,IAAI,qBAAqB,CAQ/C;AAED;;GAEG;AACH,QAAA,MAAM,OAAO,sJAA+C,CAAC;AAE7D;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,GAAG,CAAC,EAClB,QAAe,EACf,GAAG,KAAK,EACT,EAAE,KAAK,CAAC,cAAc,CAAC,OAAO,OAAO,CAAC,GAAG;IAAE,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;CAAE,2CAKvE;AAoBD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,OAAO,CAAC,EACtB,QAAQ,EACR,KAAK,EACL,QAAe,GAChB,EAAE;IACD,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;CAC5B,kDAKA;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,MAAM,EAAE,CAE7C;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAC9B,WAAW,EAAE,MAAM,EAAE,EACrB,KAAK,GAAE,KAAK,GAAG,KAAa,GAC3B,OAAO,CAOT;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,aAAa,CAAC,EAC5B,QAAQ,EACR,WAAW,EACX,KAAa,EACb,QAAe,GAChB,EAAE;IACD,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC;IACtB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;CAC5B,2CAGA"}
1
+ {"version":3,"file":"AuthProvider.d.ts","sourceRoot":"","sources":["../src/AuthProvider.tsx"],"names":[],"mappings":"AAAA,OAAO,KAMN,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,KAAK,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAIlE;;GAEG;AACH,eAAO,MAAM,cAAc,uGAE1B,CAAC;AAOF;;;GAGG;AACH,UAAU,qBAAqB;IAC7B,OAAO,EAAE,YAAY,CAAC;IACtB,WAAW,EAAE,mBAAmB,EAAE,CAAC;IACnC,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,gBAAgB,EAAE,CAAC,MAAM,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACtD;AAOD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,MAAM,CAAC,EAAE,aAAa,CAAC;CACxB;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,YAAY,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,iBAAiB,2CAkFnE;AAED;;;;;GAKG;AACH,wBAAsB,UAAU,CAC9B,mBAAmB,EAAE,aAAa,CAAC,eAAe,CAAC,2GAmBpD;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,OAAO,IAAI,qBAAqB,CAQ/C;AAqBD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,OAAO,CAAC,EACtB,QAAQ,EACR,KAAK,EACL,QAAe,GAChB,EAAE;IACD,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;CAC5B,kDAKA;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,mBAAmB,EAAE,CAE1D;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,MAAM,CACpB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,GACd;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,CAM1C;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,GAAG,CAAC,EAClB,QAAQ,EACR,MAAM,EACN,OAAO,EACP,QAAe,GAChB,EAAE;IACD,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;CAC5B,kDAIA"}
package/lib/AuthProvider.js CHANGED
@@ -2,7 +2,6 @@ import { Fragment, jsx } from "react/jsx-runtime";
2
2
  import { createContext, useCallback, useContext, useEffect, useState } from "react";
3
3
  import { ROLE_SUBJECT, createAbility } from "./ability-factory.js";
4
4
  import { PermissionClient } from "./permission-client.js";
5
- import { createContextualCan } from "@casl/react";
6
5
  const AbilityContext = /*#__PURE__*/ createContext(createAbility({
7
6
  permissions: [],
8
7
  roles: []
@@ -21,15 +20,18 @@ function AuthProvider({ children, config }) {
21
20
  setError(null);
22
21
  try {
23
22
  const data = await client.fetchPermissions();
24
- const newAbility = createAbility({
25
- roles: data.roles
26
- });
27
- setAbility(newAbility);
28
- if (config?.permissionPointsApi) try {
29
- const userPermissions = await client.fetchUserPermissions(config.permissionPointsApi);
30
- setPermissions(userPermissions);
23
+ let permissionPoints;
24
+ if (config?.permissionPointsFetcher) try {
25
+ permissionPoints = await config.permissionPointsFetcher();
26
+ setPermissions(permissionPoints);
31
27
  } catch {}
32
- config?.onSuccess?.(data);
28
+ const rawConfig = {
29
+ roles: data.roles,
30
+ permissionPoints
31
+ };
32
+ const newAbility = createAbility(rawConfig);
33
+ setAbility(newAbility);
34
+ config?.onSuccess?.(rawConfig);
33
35
  } catch (err) {
34
36
  const error = err instanceof Error ? err : new Error(String(err));
35
37
  setError(error);
@@ -84,16 +86,6 @@ function useAuth() {
84
86
  if (!context) throw new Error('useAuth must be used within an AuthProvider');
85
87
  return context;
86
88
  }
87
- const CaslCan = createContextualCan(AbilityContext.Consumer);
88
- function Can({ fallback = null, ...props }) {
89
- const authState = useContext(AuthStateContext);
90
- if (authState?.isLoading) return /*#__PURE__*/ jsx(Fragment, {
91
- children: fallback
92
- });
93
- return /*#__PURE__*/ jsx(CaslCan, {
94
- ...props
95
- });
96
- }
97
89
  function useCanRole({ roles }) {
98
90
  const ability = useContext(AbilityContext);
99
91
  const authState = useContext(AuthStateContext);
@@ -117,18 +109,23 @@ function CanRole({ children, roles, fallback = null }) {
117
109
  function useUserPermissions() {
118
110
  return useContext(PermissionsContext);
119
111
  }
120
- function useCanPermission(permissions, match = 'any') {
121
- const userPermissions = useContext(PermissionsContext);
122
- if (!permissions || 0 === permissions.length) return true;
123
- const permSet = new Set(userPermissions);
124
- return 'all' === match ? permissions.every((p)=>permSet.has(p)) : permissions.some((p)=>permSet.has(p));
112
+ function useCan(action, subject) {
113
+ const ability = useContext(AbilityContext);
114
+ const authState = useContext(AuthStateContext);
115
+ const isLoading = authState?.isLoading ?? false;
116
+ const allowed = !isLoading && ability.can(action, subject);
117
+ return {
118
+ allowed,
119
+ isLoading
120
+ };
125
121
  }
126
- function CanPermission({ children, permissions, match = 'any', fallback = null }) {
127
- const allowed = useCanPermission(permissions, match);
128
- return allowed ? /*#__PURE__*/ jsx(Fragment, {
129
- children: children
130
- }) : /*#__PURE__*/ jsx(Fragment, {
122
+ function Can({ children, action, subject, fallback = null }) {
123
+ const { allowed, isLoading } = useCan(action, subject);
124
+ if (isLoading) return /*#__PURE__*/ jsx(Fragment, {
131
125
  children: fallback
132
126
  });
127
+ return allowed ? /*#__PURE__*/ jsx(Fragment, {
128
+ children: children
129
+ }) : null;
133
130
  }
134
- export { AbilityContext, AuthProvider, Can, CanPermission, CanRole, getAbility, useAuth, useCanPermission, useUserPermissions };
131
+ export { AbilityContext, AuthProvider, Can, CanRole, getAbility, useAuth, useCan, useUserPermissions };
package/lib/ability-factory.d.ts CHANGED
@@ -1,22 +1,24 @@
1
1
  import { MongoAbility as Ability } from '@casl/ability';
2
- import type { Permission, CaslRule } from './types';
2
+ import type { Permission, CaslRule, PermissionPointData } from './types';
3
3
  export declare const ROLE_SUBJECT = "@role";
4
4
  /**
5
5
  * 将权限数据转换为 CASL 规则
6
6
  */
7
- export declare function convertPermissionsToRules(permissions: Permission[], roles: string[]): CaslRule[];
7
+ export declare function convertPermissionsToRules(permissions: Permission[], roles: string[], permissionPoints?: PermissionPointData[]): CaslRule[];
8
8
  /**
9
9
  * 创建 MongoAbility 实例
10
10
  */
11
- export declare function createAbility({ permissions, roles, }: {
11
+ export declare function createAbility({ permissions, roles, permissionPoints, }: {
12
12
  permissions?: Permission[];
13
13
  roles?: string[];
14
+ permissionPoints?: PermissionPointData[];
14
15
  }): Ability;
15
16
  /**
16
17
  * 更新已存在的 Ability 实例
17
18
  */
18
- export declare function updateAbility(ability: Ability, { permissions, roles }: {
19
+ export declare function updateAbility(ability: Ability, { permissions, roles, permissionPoints }: {
19
20
  permissions?: Permission[];
20
21
  roles?: string[];
22
+ permissionPoints?: PermissionPointData[];
21
23
  }): void;
22
24
  //# sourceMappingURL=ability-factory.d.ts.map
package/lib/ability-factory.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ability-factory.d.ts","sourceRoot":"","sources":["../src/ability-factory.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,IAAI,OAAO,EAGxB,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEpD,eAAO,MAAM,YAAY,UAAU,CAAC;AACpC;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,WAAW,EAAE,UAAU,EAAE,EACzB,KAAK,EAAE,MAAM,EAAE,GACd,QAAQ,EAAE,CAmBZ;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,EAC5B,WAAW,EACX,KAAK,GACN,EAAE;IACD,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;CAClB,GAAG,OAAO,CAkBV;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,OAAO,EAChB,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE;IAAE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE,GACvE,IAAI,CAGN"}
1
+ {"version":3,"file":"ability-factory.d.ts","sourceRoot":"","sources":["../src/ability-factory.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,IAAI,OAAO,EAGxB,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAEzE,eAAO,MAAM,YAAY,UAAU,CAAC;AACpC;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,WAAW,EAAE,UAAU,EAAE,EACzB,KAAK,EAAE,MAAM,EAAE,EACf,gBAAgB,CAAC,EAAE,mBAAmB,EAAE,GACvC,QAAQ,EAAE,CA0BZ;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,EAC5B,WAAW,EACX,KAAK,EACL,gBAAgB,GACjB,EAAE;IACD,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,gBAAgB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC1C,GAAG,OAAO,CAkBV;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,OAAO,EAChB,EAAE,WAAW,EAAE,KAAK,EAAE,gBAAgB,EAAE,EAAE;IAAE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,gBAAgB,CAAC,EAAE,mBAAmB,EAAE,CAAA;CAAE,GACnI,IAAI,CAGN"}
package/lib/ability-factory.js CHANGED
@@ -1,6 +1,6 @@
1
1
  import { AbilityBuilder, createMongoAbility } from "@casl/ability";
2
2
  const ROLE_SUBJECT = '@role';
3
- function convertPermissionsToRules(permissions, roles) {
3
+ function convertPermissionsToRules(permissions, roles, permissionPoints) {
4
4
  const rules = [];
5
5
  for (const permission of permissions)for (const action of permission.actions)rules.push({
6
6
  action,
@@ -10,17 +10,21 @@ function convertPermissionsToRules(permissions, roles) {
10
10
  action: role,
11
11
  subject: ROLE_SUBJECT
12
12
  });
13
+ if (permissionPoints) for (const { action, subject } of permissionPoints)rules.push({
14
+ action,
15
+ subject
16
+ });
13
17
  return rules;
14
18
  }
15
- function createAbility({ permissions, roles }) {
19
+ function createAbility({ permissions, roles, permissionPoints }) {
16
20
  const { build, can } = new AbilityBuilder(createMongoAbility);
17
- const rules = convertPermissionsToRules(permissions || [], roles || []);
21
+ const rules = convertPermissionsToRules(permissions || [], roles || [], permissionPoints);
18
22
  for (const rule of rules)if (Array.isArray(rule.action)) for (const action of rule.action)can(action, rule.subject, rule.fields);
19
23
  else can(rule.action, rule.subject, rule.fields);
20
24
  return build();
21
25
  }
22
- function updateAbility(ability, { permissions, roles }) {
23
- const rules = convertPermissionsToRules(permissions || [], roles || []);
26
+ function updateAbility(ability, { permissions, roles, permissionPoints }) {
27
+ const rules = convertPermissionsToRules(permissions || [], roles || [], permissionPoints);
24
28
  ability.update(rules);
25
29
  }
26
30
  export { ROLE_SUBJECT, convertPermissionsToRules, createAbility, updateAbility };
package/lib/index.d.ts CHANGED
@@ -4,10 +4,9 @@
4
4
  * 基于 CASL 的前端鉴权 SDK
5
5
  * 封装了权限数据获取和 Ability 初始化逻辑
6
6
  */
7
- export type { PermissionApiResponse, PermissionApiConfig, AuthSdkConfig, } from './types';
7
+ export type { PermissionApiResponse, PermissionApiConfig, PermissionPointData, AuthSdkConfig, } from './types';
8
8
  export { ROLE_SUBJECT } from './ability-factory';
9
9
  export { PermissionClient } from './permission-client';
10
- export { AuthProvider, useAuth, CanRole, AbilityContext, useUserPermissions, useCanPermission, CanPermission, } from './AuthProvider';
11
- export { CanPermission as CanPerm } from './AuthProvider';
10
+ export { AuthProvider, useAuth, Can, CanRole, useCan, AbilityContext, useUserPermissions, } from './AuthProvider';
12
11
  export type { AuthProviderProps } from './AuthProvider';
13
12
  //# sourceMappingURL=index.d.ts.map
package/lib/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,YAAY,EACV,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,GACd,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAGvD,OAAO,EACL,YAAY,EACZ,OAAO,EACP,OAAO,EACP,cAAc,EACd,kBAAkB,EAClB,gBAAgB,EAChB,aAAa,GACd,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,aAAa,IAAI,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAE1D,YAAY,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,YAAY,EACV,qBAAqB,EACrB,mBAAmB,EACnB,mBAAmB,EACnB,aAAa,GACd,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAGvD,OAAO,EACL,YAAY,EACZ,OAAO,EACP,GAAG,EACH,OAAO,EACP,MAAM,EACN,cAAc,EACd,kBAAkB,GACnB,MAAM,gBAAgB,CAAC;AAExB,YAAY,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC"}
package/lib/index.js CHANGED
@@ -1,4 +1,4 @@
1
1
  import { ROLE_SUBJECT } from "./ability-factory.js";
2
2
  import { PermissionClient } from "./permission-client.js";
3
- import { AbilityContext, AuthProvider, CanPermission, CanRole, useAuth, useCanPermission, useUserPermissions } from "./AuthProvider.js";
4
- export { AbilityContext, AuthProvider, CanPermission as CanPerm, CanPermission, CanRole, PermissionClient, ROLE_SUBJECT, useAuth, useCanPermission, useUserPermissions };
3
+ import { AbilityContext, AuthProvider, Can, CanRole, useAuth, useCan, useUserPermissions } from "./AuthProvider.js";
4
+ export { AbilityContext, AuthProvider, Can, CanRole, PermissionClient, ROLE_SUBJECT, useAuth, useCan, useUserPermissions };
package/lib/permission-client.d.ts CHANGED
@@ -9,10 +9,6 @@ export declare class PermissionClient {
9
9
  * 获取用户权限数据
10
10
  */
11
11
  fetchPermissions(): Promise<PermissionApiResponse>;
12
- /**
13
- * 获取用户权限点位列表
14
- */
15
- fetchUserPermissions(config: PermissionApiConfig): Promise<string[]>;
16
12
  /**
17
13
  * 更新配置
18
14
  */
package/lib/permission-client.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"permission-client.d.ts","sourceRoot":"","sources":["../src/permission-client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAG1E;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAsB;gBAExB,MAAM,EAAE,mBAAmB;IAIvC;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,qBAAqB,CAAC;IAoDxD;;OAEG;IACG,oBAAoB,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IA4C1E;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,mBAAmB,CAAC,GAAG,IAAI;IAOxD;;OAEG;IACH,SAAS,IAAI,mBAAmB;CAGjC"}
1
+ {"version":3,"file":"permission-client.d.ts","sourceRoot":"","sources":["../src/permission-client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAG1E;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAsB;gBAExB,MAAM,EAAE,mBAAmB;IAIvC;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,qBAAqB,CAAC;IAqDxD;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,mBAAmB,CAAC,GAAG,IAAI;IAOxD;;OAEG;IACH,SAAS,IAAI,mBAAmB;CAGjC"}
package/lib/permission-client.js CHANGED
@@ -42,32 +42,6 @@ class PermissionClient {
42
42
  throw error;
43
43
  }
44
44
  }
45
- async fetchUserPermissions(config) {
46
- const { url, timeout = 5000, headers = {} } = config;
47
- const requestHeaders = {
48
- ...headers,
49
- 'Content-Type': 'application/json',
50
- 'X-Suda-Csrf-Token': window.csrfToken || ''
51
- };
52
- const controller = new AbortController();
53
- const timeoutId = setTimeout(()=>controller.abort(), timeout);
54
- try {
55
- const response = await fetch(url, {
56
- method: 'POST',
57
- headers: requestHeaders,
58
- signal: controller.signal,
59
- credentials: 'include'
60
- });
61
- clearTimeout(timeoutId);
62
- if (!response.ok) throw new Error(`Permissions API returned ${response.status}: ${response.statusText}`);
63
- const data = await response.json();
64
- return data.data?.permissions || [];
65
- } catch (error) {
66
- clearTimeout(timeoutId);
67
- if (error instanceof Error && 'AbortError' === error.name) throw new Error(`Permissions API request timeout after ${timeout}ms`);
68
- throw error;
69
- }
70
- }
71
45
  updateConfig(config) {
72
46
  this.config = {
73
47
  ...this.config,
package/lib/types.d.ts CHANGED
@@ -22,6 +22,14 @@ export interface Permission {
22
22
  sub: Subject;
23
23
  actions: Action[];
24
24
  }
25
+ /**
26
+ * 权限点位数据(action + subject 分离模式)
27
+ * 由 permissionPointsFetcher 返回,注册到 CASL Ability
28
+ */
29
+ export interface PermissionPointData {
30
+ action: string;
31
+ subject: string;
32
+ }
25
33
  /**
26
34
  * 用户角色定义
27
35
  */
@@ -66,10 +74,9 @@ export interface AuthSdkConfig {
66
74
  */
67
75
  permissionApi?: PermissionApiConfig;
68
76
  /**
69
- * 权限点位 API 配置(可选)
70
- * 配置后 AuthProvider 会额外请求用户的有效权限点位
77
+ * 权限点位数据结构(action + subject 分离模式)
71
78
  */
72
- permissionPointsApi?: PermissionApiConfig;
79
+ permissionPointsFetcher?: () => Promise<PermissionPointData[]>;
73
80
  /**
74
81
  * 是否在初始化时使用获取权限
75
82
  * @default false
package/lib/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,MAAM;QACd,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB;CACF;AAED;;GAEG;AACH,MAAM,MAAM,MAAM,GACd,QAAQ,GACR,MAAM,GACN,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,MAAM,CAAC;AAEX;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC;AAE7B;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,OAAO,CAAC;IACb,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,kBAAkB;IAClB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IAEZ;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,aAAa,CAAC,EAAE,mBAAmB,CAAC;IAEpC;;;OAGG;IACH,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;IAE1C;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IAEjC;;OAEG;IACH,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,qBAAqB,KAAK,IAAI,CAAC;CACnD;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,OAAO,EAAE,OAAO,GAAG,OAAO,EAAE,CAAC;IAC7B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,MAAM;QACd,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB;CACF;AAED;;GAEG;AACH,MAAM,MAAM,MAAM,GACd,QAAQ,GACR,MAAM,GACN,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,MAAM,CAAC;AAEX;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC;AAE7B;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,OAAO,CAAC;IACb,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,kBAAkB;IAClB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IAEZ;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,aAAa,CAAC,EAAE,mBAAmB,CAAC;IAEpC;;OAEG;IACH,uBAAuB,CAAC,EAAE,MAAM,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAAC;IAE/D;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IAEjC;;OAEG;IACH,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,qBAAqB,KAAK,IAAI,CAAC;CACnD;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,OAAO,EAAE,OAAO,GAAG,OAAO,EAAE,CAAC;IAC7B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lark-apaas/auth-sdk",
3
- "version": "0.1.0-alpha.77",
3
+ "version": "0.1.0-alpha.78",
4
4
  "description": "基于 CASL 的前端鉴权 SDK",
5
5
  "types": "./lib/index.d.ts",
6
6
  "main": "./lib/index.js",