@medusajs/framework 2.13.1 → 2.13.2-preview-20260129180641
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/http/middleware-file-loader.d.ts.map +1 -1
- package/dist/http/middleware-file-loader.js +9 -3
- package/dist/http/middleware-file-loader.js.map +1 -1
- package/dist/http/middlewares/check-permissions.js +3 -3
- package/dist/http/middlewares/check-permissions.js.map +1 -1
- package/dist/http/middlewares/error-handler.d.ts.map +1 -1
- package/dist/http/middlewares/error-handler.js +3 -0
- package/dist/http/middlewares/error-handler.js.map +1 -1
- package/dist/http/utils/field-filtering/field-parser.d.ts +32 -0
- package/dist/http/utils/field-filtering/field-parser.d.ts.map +1 -0
- package/dist/http/utils/field-filtering/field-parser.js +87 -0
- package/dist/http/utils/field-filtering/field-parser.js.map +1 -0
- package/dist/http/utils/field-filtering/field-validator.d.ts +24 -0
- package/dist/http/utils/field-filtering/field-validator.d.ts.map +1 -0
- package/dist/http/utils/field-filtering/field-validator.js +67 -0
- package/dist/http/utils/field-filtering/field-validator.js.map +1 -0
- package/dist/http/utils/field-filtering/index.d.ts +33 -0
- package/dist/http/utils/field-filtering/index.d.ts.map +1 -0
- package/dist/http/utils/field-filtering/index.js +9 -0
- package/dist/http/utils/field-filtering/index.js.map +1 -0
- package/dist/http/utils/get-query-config.d.ts +13 -4
- package/dist/http/utils/get-query-config.d.ts.map +1 -1
- package/dist/http/utils/get-query-config.js +29 -104
- package/dist/http/utils/get-query-config.js.map +1 -1
- package/dist/http/utils/policies/rbac-field-filter.d.ts +19 -0
- package/dist/http/utils/policies/rbac-field-filter.d.ts.map +1 -0
- package/dist/http/utils/policies/rbac-field-filter.js +348 -0
- package/dist/http/utils/policies/rbac-field-filter.js.map +1 -0
- package/dist/http/utils/validate-query.d.ts +1 -1
- package/dist/http/utils/validate-query.d.ts.map +1 -1
- package/dist/http/utils/validate-query.js +4 -4
- package/dist/http/utils/validate-query.js.map +1 -1
- package/dist/{utils → policies}/has-permission.d.ts +1 -1
- package/dist/policies/has-permission.d.ts.map +1 -0
- package/dist/{utils → policies}/has-permission.js +5 -2
- package/dist/policies/has-permission.js.map +1 -0
- package/dist/policies/index.d.ts +1 -0
- package/dist/policies/index.d.ts.map +1 -1
- package/dist/policies/index.js +1 -0
- package/dist/policies/index.js.map +1 -1
- package/dist/utils/index.d.ts +0 -1
- package/dist/utils/index.d.ts.map +1 -1
- package/dist/utils/index.js +0 -1
- package/dist/utils/index.js.map +1 -1
- package/package.json +10 -10
- package/dist/utils/has-permission.d.ts.map +0 -1
- package/dist/utils/has-permission.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-query-config.js","sourceRoot":"","sources":["../../../src/http/utils/get-query-config.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"get-query-config.js","sourceRoot":"","sources":["../../../src/http/utils/get-query-config.ts"],"names":[],"mappings":";;AAqBA,oCAcC;AAED,4CAoHC;AAED,oDA4BC;AAtLD,2CAUwB;AAExB,uDAK0B;AAC1B,oEAA8D;AAE9D,SAAgB,YAAY,CAC1B,GAAsB,EACtB,MAA0B;IAE1B,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAA;IAEtE,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,gBAAQ,EAAC,CAAW,EAAE,MAAkB,CAAC,CAAC,CAAA;QAClE,CAAC;aAAM,CAAC;YACN,OAAO,IAAA,gBAAQ,EAAC,GAAa,EAAE,MAAkB,CAAC,CAAA;QACpD,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAEM,KAAK,UAAU,gBAAgB,CACpC,SAAY,EACZ,cAAgE,EAAE,EAClE,GAGC;IAED,IAAI,EACF,OAAO,GAAG,EAAE,EACZ,UAAU,GAAG,EAAE,EACf,QAAQ,GAAG,EAAE,EACb,YAAY,GAAG,EAAE,EACjB,MAAM,EACN,MAAM,GACP,GAAG,WAAW,CAAA;IACf,MAAM,EACJ,KAAK,EACL,MAAM,EACN,KAAK,GAAG,YAAY,EACpB,MAAM,GAAG,CAAC,EACV,YAAY,GACb,GAAG,SAAS,CAAA;IAEb,MAAM,YAAY,GAAG,6BAAW,CAAC,KAAK,CAAC,MAAM,EAAE,QAAoB,CAAC,CAAA;IACpE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,YAAY,CAAA;IAEtD,MAAM,2BAA2B,GAC/B,mBAAW,CAAC,gBAAgB,CAAC,oBAAoB,CAAC,CAAA;IAEpD,MAAM,OAAO,GAAmB,EAAE,CAAA;IAElC,IAAI,GAAG,EAAE,QAAQ,IAAI,MAAM,IAAI,2BAA2B,EAAE,CAAC;QAC3D,OAAO,CAAC,IAAI,CACV,IAAI,mCAAe,CAAC;YAClB,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,SAAS,EAAG,GAAG,CAAC,YAAY,EAAE,YAAY,EAAE,KAAkB,IAAI,EAAE;YACpE,SAAS,EAAE,GAAG,CAAC,KAAK;SACrB,CAAC,CACH,CAAA;IACH,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,IAAI,oCAAkB,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAA;IACnD,CAAC;SAAM,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC;QAC7B,OAAO,CAAC,IAAI,CAAC,IAAI,uCAAqB,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAA;IACzD,CAAC;IAED,MAAM,gBAAgB,GAAG,MAAM,IAAA,kBAAU,EACvC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAChB,CAAC,CAAC,mBAAmB,CAAC,EAAE,MAAM,EAAE,MAAgB,EAAE,YAAY,EAAE,CAAC,CAClE,CACF,CAAA;IACD,MAAM,gBAAgB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;IAE9D,IAAI,gBAAgB,CAAC,MAAM,IAAI,2BAA2B,EAAE,CAAC;QAC3D,gBAAgB,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YACjC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;YACvB,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAC1B,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,8DAA8D;IAC9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAA,oCAA4B,EACxD,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CACtB,CAAA;IAED,IAAI,YAAY,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,SAAS,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;IAErE,8BAA8B;IAE9B,IAAI,OAAO,GAAgD,EAAE,CAAA;IAC7D,IAAI,IAAA,iBAAS,EAAC,KAAK,CAAC,EAAE,CAAC;QACrB,IAAI,UAAU,GAAG,KAAK,CAAA;QACtB,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;YAC3B,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;QACpC,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAA;QAC9B,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,mBAAW,CACnB,mBAAW,CAAC,KAAK,CAAC,YAAY,EAC9B,eAAe,UAAU,eAAe,CACzC,CAAA;QACH,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,IAAA,iBAAS,EAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAA,kBAAU,EAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACvE,OAAO;QACL,UAAU,EAAE;YACV,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YAC1C,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC;YACnC,IAAI,EAAE,MAAM;YACZ,IAAI,EAAE,KAAK;YACX,KAAK,EAAE,UAAU;YACjB,WAAW,EAAE,YAAY;SAC1B;QACD,iBAAiB,EAAE;YACjB,MAAM;YACN,qHAAqH;YACrH,MAAM,EAAE;gBACN,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;gBACxB,GAAG,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC;aAC/C;YACD,UAAU,EAAE,MAAM;gBAChB,CAAC,CAAC;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,KAAK;oBACX,KAAK,EAAE,UAAU;iBAClB;gBACH,CAAC,CAAC,EAAE;YACN,WAAW,EAAE,YAAY;SAC1B;KACF,CAAA;AACH,CAAC;AAEM,KAAK,UAAU,oBAAoB,CAIxC,SAAY,EACZ,WAA8D,EAC9D,GAGC;IAED,MAAM,EAAE,UAAU,EAAE,iBAAiB,EAAE,GAAG,MAAM,gBAAgB,CAC9D,SAAS,EACT,WAAW,EACX,GAAG,CACJ,CAAA;IAED,OAAO;QACL,cAAc,EAAE;YACd,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,SAAS,EAAE,UAAU,CAAC,SAAS;SAChC;QACD,iBAAiB,EAAE;YACjB,MAAM,EAAE,iBAAiB,CAAC,MAAM;YAChC,UAAU,EAAE,EAAE;YACd,WAAW,EAAE,iBAAiB,CAAC,WAAW;SAC3C;KACF,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { PolicyDefinition } from "@medusajs/framework/utils";
|
|
2
|
+
import type { MedusaContainer } from "@medusajs/types";
|
|
3
|
+
import { FieldFilterContext, IFieldFilter } from "../field-filtering/index";
|
|
4
|
+
/**
|
|
5
|
+
* RBAC Field Filter using the Strategy pattern
|
|
6
|
+
* Optimized for parallel permission checks
|
|
7
|
+
*/
|
|
8
|
+
export declare class RBACFieldFilter implements IFieldFilter {
|
|
9
|
+
private policies;
|
|
10
|
+
private userRoles;
|
|
11
|
+
private container;
|
|
12
|
+
constructor({ policies, userRoles, container, }: {
|
|
13
|
+
policies: PolicyDefinition[];
|
|
14
|
+
userRoles: string[];
|
|
15
|
+
container: MedusaContainer;
|
|
16
|
+
});
|
|
17
|
+
getNotAllowedFields(context: FieldFilterContext): Promise<string[]>;
|
|
18
|
+
}
|
|
19
|
+
//# sourceMappingURL=rbac-field-filter.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rbac-field-filter.d.ts","sourceRoot":"","sources":["../../../../src/http/utils/policies/rbac-field-filter.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,gBAAgB,EAIjB,MAAM,2BAA2B,CAAA;AAElC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAA;AAEtD,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AAqY3E;;;GAGG;AACH,qBAAa,eAAgB,YAAW,YAAY;IAClD,OAAO,CAAC,QAAQ,CAAoB;IACpC,OAAO,CAAC,SAAS,CAAU;IAC3B,OAAO,CAAC,SAAS,CAAiB;gBAEtB,EACV,QAAQ,EACR,SAAS,EACT,SAAS,GACV,EAAE;QACD,QAAQ,EAAE,gBAAgB,EAAE,CAAA;QAC5B,SAAS,EAAE,MAAM,EAAE,CAAA;QACnB,SAAS,EAAE,eAAe,CAAA;KAC3B;IAMK,mBAAmB,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;CA+D1E"}
|
|
@@ -0,0 +1,348 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.RBACFieldFilter = void 0;
|
|
4
|
+
const utils_1 = require("@medusajs/framework/utils");
|
|
5
|
+
const modules_sdk_1 = require("@medusajs/modules-sdk");
|
|
6
|
+
const has_permission_1 = require("../../../policies/has-permission");
|
|
7
|
+
/**
|
|
8
|
+
* Base GraphQL schema with common scalars
|
|
9
|
+
*/
|
|
10
|
+
const baseGraphqlSchema = `
|
|
11
|
+
scalar DateTime
|
|
12
|
+
scalar Date
|
|
13
|
+
scalar Time
|
|
14
|
+
scalar JSON
|
|
15
|
+
`;
|
|
16
|
+
const primitiveTypes = new Set([
|
|
17
|
+
"String",
|
|
18
|
+
"Int",
|
|
19
|
+
"Float",
|
|
20
|
+
"Boolean",
|
|
21
|
+
"ID",
|
|
22
|
+
"DateTime",
|
|
23
|
+
"JSON",
|
|
24
|
+
]);
|
|
25
|
+
// Cache for the schema and entity mappings to avoid re-parsing the GraphQL
|
|
26
|
+
let cachedSchema = null;
|
|
27
|
+
let cachedEntityMap = null;
|
|
28
|
+
let cachedEntityAliasMap = null;
|
|
29
|
+
function isString(value) {
|
|
30
|
+
return typeof value === "string";
|
|
31
|
+
}
|
|
32
|
+
/**
|
|
33
|
+
* Makes a GraphQL schema executable
|
|
34
|
+
*/
|
|
35
|
+
function makeSchemaExecutable(inputSchema) {
|
|
36
|
+
const { schema: cleanedSchema } = utils_1.GraphQLUtils.cleanGraphQLSchema(inputSchema);
|
|
37
|
+
if (!cleanedSchema) {
|
|
38
|
+
return;
|
|
39
|
+
}
|
|
40
|
+
return utils_1.GraphQLUtils.makeExecutableSchema({
|
|
41
|
+
typeDefs: cleanedSchema,
|
|
42
|
+
});
|
|
43
|
+
}
|
|
44
|
+
function getExecutableSchema() {
|
|
45
|
+
if (cachedSchema) {
|
|
46
|
+
return cachedSchema;
|
|
47
|
+
}
|
|
48
|
+
cachedSchema = buildExecutableSchema();
|
|
49
|
+
return cachedSchema;
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Builds entity alias map from joiner configs
|
|
53
|
+
* Maps all possible aliases (e.g., "variant", "variants") to canonical entity names (e.g., "ProductVariant")
|
|
54
|
+
*/
|
|
55
|
+
function buildEntityAliasMap() {
|
|
56
|
+
const moduleJoinerConfigs = modules_sdk_1.MedusaModule.getAllJoinerConfigs();
|
|
57
|
+
const aliasMap = new Map();
|
|
58
|
+
for (const config of moduleJoinerConfigs) {
|
|
59
|
+
if (!config.alias) {
|
|
60
|
+
continue;
|
|
61
|
+
}
|
|
62
|
+
const aliases = Array.isArray(config.alias) ? config.alias : [config.alias];
|
|
63
|
+
for (const alias of aliases) {
|
|
64
|
+
const aliasNames = Array.isArray(alias.name) ? alias.name : [alias.name];
|
|
65
|
+
if (!alias.entity) {
|
|
66
|
+
continue;
|
|
67
|
+
}
|
|
68
|
+
const targetEntity = alias.entity;
|
|
69
|
+
for (const aliasName of aliasNames) {
|
|
70
|
+
aliasMap.set(aliasName, targetEntity);
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
return aliasMap;
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Gets the entity alias map, building it if necessary
|
|
78
|
+
*/
|
|
79
|
+
function getEntityAliasMap() {
|
|
80
|
+
if (!cachedEntityAliasMap) {
|
|
81
|
+
cachedEntityAliasMap = buildEntityAliasMap();
|
|
82
|
+
}
|
|
83
|
+
return cachedEntityAliasMap;
|
|
84
|
+
}
|
|
85
|
+
function getSchemaFromJoinerConfigs(moduleJoinerConfigs) {
|
|
86
|
+
const schemaParts = [];
|
|
87
|
+
for (const config of moduleJoinerConfigs) {
|
|
88
|
+
if (!config?.schema) {
|
|
89
|
+
continue;
|
|
90
|
+
}
|
|
91
|
+
schemaParts.push(config.schema);
|
|
92
|
+
}
|
|
93
|
+
return schemaParts.join("\n");
|
|
94
|
+
}
|
|
95
|
+
function buildCompleteEntityMap() {
|
|
96
|
+
const moduleJoinerConfigs = modules_sdk_1.MedusaModule.getAllJoinerConfigs();
|
|
97
|
+
const entityMap = new Map();
|
|
98
|
+
// base GraphQL schema
|
|
99
|
+
const schema = buildExecutableSchema();
|
|
100
|
+
if (!schema) {
|
|
101
|
+
return entityMap;
|
|
102
|
+
}
|
|
103
|
+
const entitiesMap = schema.getTypeMap();
|
|
104
|
+
// Process each service configuration to build alias field mappings
|
|
105
|
+
for (const config of moduleJoinerConfigs) {
|
|
106
|
+
processServiceConfig(config, entitiesMap, entityMap);
|
|
107
|
+
}
|
|
108
|
+
return entityMap;
|
|
109
|
+
}
|
|
110
|
+
/**
|
|
111
|
+
* Processes a service configuration to extract field mappings
|
|
112
|
+
*/
|
|
113
|
+
function processServiceConfig(config, entitiesMap, entityMap) {
|
|
114
|
+
if (!config.extends) {
|
|
115
|
+
return;
|
|
116
|
+
}
|
|
117
|
+
for (const extend of config.extends) {
|
|
118
|
+
if (!entitiesMap[extend?.entity]) {
|
|
119
|
+
continue;
|
|
120
|
+
}
|
|
121
|
+
const extendedFieldAlias = extend.fieldAlias || {};
|
|
122
|
+
if (Object.keys(extendedFieldAlias).length > 0) {
|
|
123
|
+
processFieldAliases(extendedFieldAlias, extend.entity, entitiesMap, entityMap);
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
/**
|
|
128
|
+
* Processes field aliases to build entity mappings
|
|
129
|
+
*/
|
|
130
|
+
function processFieldAliases(fieldAlias, baseEntity, entitiesMap, entityMap) {
|
|
131
|
+
for (const [aliasName, aliasConfig] of Object.entries(fieldAlias)) {
|
|
132
|
+
const aliasPath = isString(aliasConfig) ? aliasConfig : aliasConfig.path;
|
|
133
|
+
if (!aliasPath) {
|
|
134
|
+
continue;
|
|
135
|
+
}
|
|
136
|
+
// Build the complete path from base entity through alias path
|
|
137
|
+
const pathSegments = aliasPath.split(".");
|
|
138
|
+
let currentEntity = baseEntity;
|
|
139
|
+
let finalEntity = baseEntity;
|
|
140
|
+
let isValidPath = true;
|
|
141
|
+
// Traverse the path to find the final entity
|
|
142
|
+
for (const segment of pathSegments) {
|
|
143
|
+
const entityMapping = findFieldInEntity(currentEntity, segment, entitiesMap);
|
|
144
|
+
if (!entityMapping) {
|
|
145
|
+
isValidPath = false;
|
|
146
|
+
break;
|
|
147
|
+
}
|
|
148
|
+
currentEntity = entityMapping.targetEntity;
|
|
149
|
+
finalEntity = entityMapping.targetEntity;
|
|
150
|
+
}
|
|
151
|
+
if (isValidPath) {
|
|
152
|
+
const fullPath = `${baseEntity}.${aliasName}`;
|
|
153
|
+
entityMap.set(fullPath, {
|
|
154
|
+
entityName: aliasName,
|
|
155
|
+
targetEntity: finalEntity,
|
|
156
|
+
path: pathSegments,
|
|
157
|
+
});
|
|
158
|
+
}
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
/**
|
|
162
|
+
* Finds a field in an entity and returns its target entity
|
|
163
|
+
*/
|
|
164
|
+
function findFieldInEntity(entityName, fieldName, entitiesMap) {
|
|
165
|
+
const entity = entitiesMap[entityName];
|
|
166
|
+
if (!entity?.astNode?.fields) {
|
|
167
|
+
return null;
|
|
168
|
+
}
|
|
169
|
+
for (const field of entity.astNode.fields) {
|
|
170
|
+
if (field.name?.value === fieldName) {
|
|
171
|
+
let type = field.type;
|
|
172
|
+
while (type.type) {
|
|
173
|
+
type = type.type;
|
|
174
|
+
}
|
|
175
|
+
const targetEntity = type.name?.value;
|
|
176
|
+
if (targetEntity && !primitiveTypes.has(targetEntity)) {
|
|
177
|
+
return { targetEntity };
|
|
178
|
+
}
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
return null;
|
|
182
|
+
}
|
|
183
|
+
/**
|
|
184
|
+
* Gets the complete entity map with all aliases resolved
|
|
185
|
+
*/
|
|
186
|
+
function getEntityMap() {
|
|
187
|
+
if (!cachedEntityMap) {
|
|
188
|
+
cachedEntityMap = buildCompleteEntityMap();
|
|
189
|
+
}
|
|
190
|
+
return cachedEntityMap;
|
|
191
|
+
}
|
|
192
|
+
/**
|
|
193
|
+
* Builds executable schema from all joiner configs
|
|
194
|
+
*/
|
|
195
|
+
function buildExecutableSchema() {
|
|
196
|
+
const moduleJoinerConfigs = modules_sdk_1.MedusaModule.getAllJoinerConfigs();
|
|
197
|
+
const schemaFromJoinerConfigs = getSchemaFromJoinerConfigs(moduleJoinerConfigs);
|
|
198
|
+
const augmentedSchema = baseGraphqlSchema + "\n" + schemaFromJoinerConfigs;
|
|
199
|
+
const executableSchema = makeSchemaExecutable(augmentedSchema);
|
|
200
|
+
return executableSchema || null;
|
|
201
|
+
}
|
|
202
|
+
/**
|
|
203
|
+
* Gets the actual GraphQL entity name from a field path using the complete entity map
|
|
204
|
+
* This now uses the pre-built entity map with all aliases resolved
|
|
205
|
+
* e.g., "product.variants.prices" -> "Price" (from resolved alias path)
|
|
206
|
+
*/
|
|
207
|
+
function getActualEntityName(fieldPath) {
|
|
208
|
+
const schema = getExecutableSchema();
|
|
209
|
+
if (!schema) {
|
|
210
|
+
return null;
|
|
211
|
+
}
|
|
212
|
+
const entitiesMap = schema.getTypeMap();
|
|
213
|
+
const entityMap = getEntityMap();
|
|
214
|
+
const entityAliasMap = getEntityAliasMap();
|
|
215
|
+
const parts = fieldPath.split(".");
|
|
216
|
+
const entryPoint = parts[0];
|
|
217
|
+
const resolvedEntityName = entityAliasMap.get(entryPoint);
|
|
218
|
+
if (!resolvedEntityName) {
|
|
219
|
+
return null;
|
|
220
|
+
}
|
|
221
|
+
let currentEntity = entitiesMap[resolvedEntityName];
|
|
222
|
+
let currentEntityName = resolvedEntityName;
|
|
223
|
+
if (!currentEntity) {
|
|
224
|
+
return null;
|
|
225
|
+
}
|
|
226
|
+
for (let i = 1; i < parts.length; i++) {
|
|
227
|
+
const fieldName = parts[i];
|
|
228
|
+
const mappingKey = `${currentEntityName}.${fieldName}`;
|
|
229
|
+
const entityMapping = entityMap.get(mappingKey);
|
|
230
|
+
if (entityMapping) {
|
|
231
|
+
// field alias paths
|
|
232
|
+
const targetEntityName = entityMapping.targetEntity;
|
|
233
|
+
currentEntityName = targetEntityName;
|
|
234
|
+
currentEntity = entitiesMap[currentEntityName];
|
|
235
|
+
if (!currentEntity) {
|
|
236
|
+
return null;
|
|
237
|
+
}
|
|
238
|
+
}
|
|
239
|
+
else {
|
|
240
|
+
const fieldResult = findFieldInEntity(currentEntityName, fieldName, entitiesMap);
|
|
241
|
+
if (!fieldResult) {
|
|
242
|
+
return null;
|
|
243
|
+
}
|
|
244
|
+
currentEntityName = fieldResult.targetEntity;
|
|
245
|
+
currentEntity = entitiesMap[currentEntityName];
|
|
246
|
+
if (!currentEntity) {
|
|
247
|
+
return null;
|
|
248
|
+
}
|
|
249
|
+
}
|
|
250
|
+
}
|
|
251
|
+
return currentEntityName;
|
|
252
|
+
}
|
|
253
|
+
/**
|
|
254
|
+
* Gets the normalized snake_case entity name for policy comparison
|
|
255
|
+
* e.g., "product.variants" -> "product_variant", "Price" -> "price"
|
|
256
|
+
*/
|
|
257
|
+
function getNormalizedEntityName(fieldPath) {
|
|
258
|
+
const actualEntityName = getActualEntityName(fieldPath);
|
|
259
|
+
if (!actualEntityName) {
|
|
260
|
+
return null;
|
|
261
|
+
}
|
|
262
|
+
return (0, utils_1.toSnakeCase)(actualEntityName);
|
|
263
|
+
}
|
|
264
|
+
/**
|
|
265
|
+
* Collects all unique entity paths that need permission checks
|
|
266
|
+
* This avoids duplicate permission checks for shared path prefixes
|
|
267
|
+
*/
|
|
268
|
+
function collectUniqueEntityPaths(entity, fields) {
|
|
269
|
+
const uniquePaths = new Map();
|
|
270
|
+
for (const field of fields) {
|
|
271
|
+
const fullFieldPath = entity + "." + field;
|
|
272
|
+
const pathSegments = fullFieldPath.split(".");
|
|
273
|
+
// Build paths incrementally using string concatenation (more efficient than slice + join)
|
|
274
|
+
let currentPath = "";
|
|
275
|
+
for (let i = 0; i < pathSegments.length; i++) {
|
|
276
|
+
currentPath =
|
|
277
|
+
i === 0 ? pathSegments[i] : currentPath + "." + pathSegments[i];
|
|
278
|
+
if (!uniquePaths.has(currentPath)) {
|
|
279
|
+
const entityName = getNormalizedEntityName(currentPath);
|
|
280
|
+
uniquePaths.set(currentPath, { path: currentPath, entityName });
|
|
281
|
+
}
|
|
282
|
+
}
|
|
283
|
+
}
|
|
284
|
+
return uniquePaths;
|
|
285
|
+
}
|
|
286
|
+
/**
|
|
287
|
+
* RBAC Field Filter using the Strategy pattern
|
|
288
|
+
* Optimized for parallel permission checks
|
|
289
|
+
*/
|
|
290
|
+
class RBACFieldFilter {
|
|
291
|
+
constructor({ policies, userRoles, container, }) {
|
|
292
|
+
this.policies = policies;
|
|
293
|
+
this.userRoles = userRoles;
|
|
294
|
+
this.container = container;
|
|
295
|
+
}
|
|
296
|
+
async getNotAllowedFields(context) {
|
|
297
|
+
const { entity, parsedFields } = context;
|
|
298
|
+
const { fields, starFields } = parsedFields;
|
|
299
|
+
const fieldsToCheck = [...fields, ...Array.from(starFields)];
|
|
300
|
+
if (!fieldsToCheck.length || !this.policies.length || !entity) {
|
|
301
|
+
return [];
|
|
302
|
+
}
|
|
303
|
+
const uniquePaths = collectUniqueEntityPaths(entity, fieldsToCheck);
|
|
304
|
+
const pathsNeedingCheck = [];
|
|
305
|
+
for (const [path, info] of uniquePaths) {
|
|
306
|
+
if (info.entityName && utils_1.PolicyResource[info.entityName]) {
|
|
307
|
+
pathsNeedingCheck.push({ path, entityName: info.entityName });
|
|
308
|
+
}
|
|
309
|
+
}
|
|
310
|
+
const permissionResults = await (0, utils_1.promiseAll)(pathsNeedingCheck.map(async ({ path, entityName }) => {
|
|
311
|
+
const hasAccess = await (0, has_permission_1.hasPermission)({
|
|
312
|
+
roles: this.userRoles,
|
|
313
|
+
actions: { resource: entityName, operation: "read" },
|
|
314
|
+
container: this.container,
|
|
315
|
+
});
|
|
316
|
+
return { path, hasAccess };
|
|
317
|
+
}));
|
|
318
|
+
const accessMap = new Map();
|
|
319
|
+
for (const result of permissionResults) {
|
|
320
|
+
accessMap.set(result.path, result.hasAccess);
|
|
321
|
+
}
|
|
322
|
+
const notAllowedFields = [];
|
|
323
|
+
for (const field of fieldsToCheck) {
|
|
324
|
+
const fullFieldPath = entity + "." + field;
|
|
325
|
+
const pathSegments = fullFieldPath.split(".");
|
|
326
|
+
let currentPath = "";
|
|
327
|
+
let fieldAllowed = true;
|
|
328
|
+
for (let i = 0; i < pathSegments.length; i++) {
|
|
329
|
+
currentPath =
|
|
330
|
+
i === 0 ? pathSegments[i] : currentPath + "." + pathSegments[i];
|
|
331
|
+
// Check if this path was in our permission check results
|
|
332
|
+
if (accessMap.has(currentPath)) {
|
|
333
|
+
const hasAccess = accessMap.get(currentPath);
|
|
334
|
+
if (!hasAccess) {
|
|
335
|
+
fieldAllowed = false;
|
|
336
|
+
break;
|
|
337
|
+
}
|
|
338
|
+
}
|
|
339
|
+
}
|
|
340
|
+
if (!fieldAllowed) {
|
|
341
|
+
notAllowedFields.push(field);
|
|
342
|
+
}
|
|
343
|
+
}
|
|
344
|
+
return notAllowedFields;
|
|
345
|
+
}
|
|
346
|
+
}
|
|
347
|
+
exports.RBACFieldFilter = RBACFieldFilter;
|
|
348
|
+
//# sourceMappingURL=rbac-field-filter.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rbac-field-filter.js","sourceRoot":"","sources":["../../../../src/http/utils/policies/rbac-field-filter.ts"],"names":[],"mappings":";;;AAAA,qDAMkC;AAClC,uDAAoD;AAEpD,qEAAgE;AAGhE;;GAEG;AACH,MAAM,iBAAiB,GAAG;;;;;CAKzB,CAAA;AAED,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC;IAC7B,QAAQ;IACR,KAAK;IACL,OAAO;IACP,SAAS;IACT,IAAI;IACJ,UAAU;IACV,MAAM;CACP,CAAC,CAAA;AAEF,2EAA2E;AAC3E,IAAI,YAAY,GAAsC,IAAI,CAAA;AAC1D,IAAI,eAAe,GAAsC,IAAI,CAAA;AAC7D,IAAI,oBAAoB,GAA+B,IAAI,CAAA;AAa3D,SAAS,QAAQ,CAAC,KAAU;IAC1B,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAA;AAClC,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,WAAmB;IAC/C,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,oBAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;IAE9E,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,OAAM;IACR,CAAC;IAED,OAAO,oBAAY,CAAC,oBAAoB,CAAC;QACvC,QAAQ,EAAE,aAAa;KACxB,CAAC,CAAA;AACJ,CAAC;AAED,SAAS,mBAAmB;IAC1B,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,YAAY,CAAA;IACrB,CAAC;IAED,YAAY,GAAG,qBAAqB,EAAE,CAAA;IACtC,OAAO,YAAY,CAAA;AACrB,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB;IAC1B,MAAM,mBAAmB,GAAG,0BAAY,CAAC,mBAAmB,EAAE,CAAA;IAC9D,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAA;IAE1C,KAAK,MAAM,MAAM,IAAI,mBAAmB,EAAE,CAAC;QACzC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,SAAQ;QACV,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAC3E,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;YACxE,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;gBAClB,SAAQ;YACV,CAAC;YAED,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,CAAA;YACjC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;gBACnC,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE,YAAY,CAAC,CAAA;YACvC,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB;IACxB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,oBAAoB,GAAG,mBAAmB,EAAE,CAAA;IAC9C,CAAC;IACD,OAAO,oBAAoB,CAAA;AAC7B,CAAC;AAED,SAAS,0BAA0B,CAAC,mBAA0B;IAC5D,MAAM,WAAW,GAAa,EAAE,CAAA;IAEhC,KAAK,MAAM,MAAM,IAAI,mBAAmB,EAAE,CAAC;QACzC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;YACpB,SAAQ;QACV,CAAC;QAED,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IACjC,CAAC;IAED,OAAO,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AAC/B,CAAC;AAED,SAAS,sBAAsB;IAC7B,MAAM,mBAAmB,GAAG,0BAAY,CAAC,mBAAmB,EAAE,CAAA;IAC9D,MAAM,SAAS,GAAG,IAAI,GAAG,EAAyB,CAAA;IAElD,sBAAsB;IACtB,MAAM,MAAM,GAAG,qBAAqB,EAAE,CAAA;IACtC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;IAEvC,mEAAmE;IACnE,KAAK,MAAM,MAAM,IAAI,mBAAmB,EAAE,CAAC;QACzC,oBAAoB,CAAC,MAAM,EAAE,WAAW,EAAE,SAAS,CAAC,CAAA;IACtD,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAC3B,MAAW,EACX,WAAgC,EAChC,SAAqC;IAErC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,OAAM;IACR,CAAC;IAED,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACpC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC;YACjC,SAAQ;QACV,CAAC;QAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,UAAU,IAAI,EAAE,CAAA;QAClD,IAAI,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/C,mBAAmB,CACjB,kBAAkB,EAClB,MAAM,CAAC,MAAM,EACb,WAAW,EACX,SAAS,CACV,CAAA;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAC1B,UAA+B,EAC/B,UAAkB,EAClB,WAAgC,EAChC,SAAqC;IAErC,KAAK,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAClE,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAA;QAExE,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,SAAQ;QACV,CAAC;QAED,8DAA8D;QAC9D,MAAM,YAAY,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzC,IAAI,aAAa,GAAG,UAAU,CAAA;QAC9B,IAAI,WAAW,GAAG,UAAU,CAAA;QAC5B,IAAI,WAAW,GAAG,IAAI,CAAA;QAEtB,6CAA6C;QAC7C,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;YACnC,MAAM,aAAa,GAAG,iBAAiB,CACrC,aAAa,EACb,OAAO,EACP,WAAW,CACZ,CAAA;YAED,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,WAAW,GAAG,KAAK,CAAA;gBACnB,MAAK;YACP,CAAC;YAED,aAAa,GAAG,aAAa,CAAC,YAAY,CAAA;YAC1C,WAAW,GAAG,aAAa,CAAC,YAAY,CAAA;QAC1C,CAAC;QAED,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,QAAQ,GAAG,GAAG,UAAU,IAAI,SAAS,EAAE,CAAA;YAE7C,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE;gBACtB,UAAU,EAAE,SAAS;gBACrB,YAAY,EAAE,WAAW;gBACzB,IAAI,EAAE,YAAY;aACnB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,UAAkB,EAClB,SAAiB,EACjB,WAAgC;IAEhC,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAQ,CAAA;IAE7C,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAA;IACb,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QAC1C,IAAI,KAAK,CAAC,IAAI,EAAE,KAAK,KAAK,SAAS,EAAE,CAAC;YACpC,IAAI,IAAI,GAAG,KAAK,CAAC,IAAI,CAAA;YAErB,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC;gBACjB,IAAI,GAAG,IAAI,CAAC,IAAI,CAAA;YAClB,CAAC;YAED,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,EAAE,KAAK,CAAA;YACrC,IAAI,YAAY,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;gBACtD,OAAO,EAAE,YAAY,EAAE,CAAA;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;GAEG;AACH,SAAS,YAAY;IACnB,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,eAAe,GAAG,sBAAsB,EAAE,CAAA;IAC5C,CAAC;IACD,OAAO,eAAe,CAAA;AACxB,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB;IAC5B,MAAM,mBAAmB,GAAG,0BAAY,CAAC,mBAAmB,EAAE,CAAA;IAE9D,MAAM,uBAAuB,GAC3B,0BAA0B,CAAC,mBAAmB,CAAC,CAAA;IAEjD,MAAM,eAAe,GAAG,iBAAiB,GAAG,IAAI,GAAG,uBAAuB,CAAA;IAC1E,MAAM,gBAAgB,GAAG,oBAAoB,CAAC,eAAe,CAAC,CAAA;IAE9D,OAAO,gBAAgB,IAAI,IAAI,CAAA;AACjC,CAAC;AAED;;;;GAIG;AACH,SAAS,mBAAmB,CAAC,SAAiB;IAC5C,MAAM,MAAM,GAAG,mBAAmB,EAAE,CAAA;IAEpC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;IACvC,MAAM,SAAS,GAAG,YAAY,EAAE,CAAA;IAChC,MAAM,cAAc,GAAG,iBAAiB,EAAE,CAAA;IAC1C,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAElC,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAE,CAAA;IAC5B,MAAM,kBAAkB,GAAG,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;IAEzD,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,aAAa,GAAG,WAAW,CAAC,kBAAkB,CAAQ,CAAA;IAC1D,IAAI,iBAAiB,GAAG,kBAAkB,CAAA;IAE1C,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,OAAO,IAAI,CAAA;IACb,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAE1B,MAAM,UAAU,GAAG,GAAG,iBAAiB,IAAI,SAAS,EAAE,CAAA;QACtD,MAAM,aAAa,GAAG,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAE/C,IAAI,aAAa,EAAE,CAAC;YAClB,oBAAoB;YACpB,MAAM,gBAAgB,GAAG,aAAa,CAAC,YAAY,CAAA;YACnD,iBAAiB,GAAG,gBAAgB,CAAA;YACpC,aAAa,GAAG,WAAW,CAAC,iBAAiB,CAAQ,CAAA;YAErD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,IAAI,CAAA;YACb,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,GAAG,iBAAiB,CACnC,iBAAiB,EACjB,SAAS,EACT,WAAW,CACZ,CAAA;YAED,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,IAAI,CAAA;YACb,CAAC;YAED,iBAAiB,GAAG,WAAW,CAAC,YAAY,CAAA;YAC5C,aAAa,GAAG,WAAW,CAAC,iBAAiB,CAAQ,CAAA;YAErD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,IAAI,CAAA;YACb,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,SAAiB;IAChD,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAAA;IACvD,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,IAAI,CAAA;IACb,CAAC;IAED,OAAO,IAAA,mBAAW,EAAC,gBAAgB,CAAC,CAAA;AACtC,CAAC;AAED;;;GAGG;AACH,SAAS,wBAAwB,CAC/B,MAAc,EACd,MAAgB;IAEhB,MAAM,WAAW,GAAG,IAAI,GAAG,EAAoB,CAAA;IAE/C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,aAAa,GAAG,MAAM,GAAG,GAAG,GAAG,KAAK,CAAA;QAC1C,MAAM,YAAY,GAAG,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAE7C,0FAA0F;QAC1F,IAAI,WAAW,GAAG,EAAE,CAAA;QACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7C,WAAW;gBACT,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,GAAG,GAAG,YAAY,CAAC,CAAC,CAAC,CAAA;YAEjE,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBAClC,MAAM,UAAU,GAAG,uBAAuB,CAAC,WAAW,CAAC,CAAA;gBACvD,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC,CAAA;YACjE,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,WAAW,CAAA;AACpB,CAAC;AAED;;;GAGG;AACH,MAAa,eAAe;IAK1B,YAAY,EACV,QAAQ,EACR,SAAS,EACT,SAAS,GAKV;QACC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;QACxB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,OAA2B;QACnD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,OAAO,CAAA;QACxC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,YAAY,CAAA;QAC3C,MAAM,aAAa,GAAG,CAAC,GAAG,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAA;QAE5D,IAAI,CAAC,aAAa,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;YAC9D,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,WAAW,GAAG,wBAAwB,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;QAEnE,MAAM,iBAAiB,GAA2C,EAAE,CAAA;QACpE,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,WAAW,EAAE,CAAC;YACvC,IAAI,IAAI,CAAC,UAAU,IAAI,sBAAc,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;gBACvD,iBAAiB,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAA;YAC/D,CAAC;QACH,CAAC;QAED,MAAM,iBAAiB,GAAG,MAAM,IAAA,kBAAU,EACxC,iBAAiB,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE;YACnD,MAAM,SAAS,GAAG,MAAM,IAAA,8BAAa,EAAC;gBACpC,KAAK,EAAE,IAAI,CAAC,SAAS;gBACrB,OAAO,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE;gBACpD,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B,CAAC,CAAA;YACF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAA;QAC5B,CAAC,CAAC,CACH,CAAA;QAED,MAAM,SAAS,GAAG,IAAI,GAAG,EAAmB,CAAA;QAC5C,KAAK,MAAM,MAAM,IAAI,iBAAiB,EAAE,CAAC;YACvC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;QAC9C,CAAC;QAED,MAAM,gBAAgB,GAAa,EAAE,CAAA;QACrC,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE,CAAC;YAClC,MAAM,aAAa,GAAG,MAAM,GAAG,GAAG,GAAG,KAAK,CAAA;YAC1C,MAAM,YAAY,GAAG,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAE7C,IAAI,WAAW,GAAG,EAAE,CAAA;YACpB,IAAI,YAAY,GAAG,IAAI,CAAA;YAEvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC7C,WAAW;oBACT,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,GAAG,GAAG,YAAY,CAAC,CAAC,CAAC,CAAA;gBAEjE,yDAAyD;gBACzD,IAAI,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;oBAC/B,MAAM,SAAS,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAE,CAAA;oBAC7C,IAAI,CAAC,SAAS,EAAE,CAAC;wBACf,YAAY,GAAG,KAAK,CAAA;wBACpB,MAAK;oBACP,CAAC;gBACH,CAAC;YACH,CAAC;YAED,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAC9B,CAAC;QACH,CAAC;QAED,OAAO,gBAAgB,CAAA;IACzB,CAAC;CACF;AAlFD,0CAkFC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
+
import { z } from "@medusajs/deps/zod";
|
|
1
2
|
import { BaseEntity, QueryConfig } from "@medusajs/types";
|
|
2
3
|
import { NextFunction } from "express";
|
|
3
|
-
import { z } from "@medusajs/deps/zod";
|
|
4
4
|
import { MedusaRequest, MedusaResponse } from "../types";
|
|
5
5
|
export declare function validateAndTransformQuery<TEntity extends BaseEntity>(zodSchema: z.ZodObject<any, any> | z.ZodEffects<any, any>, queryConfig: QueryConfig<TEntity>): (req: MedusaRequest, res: MedusaResponse, next: NextFunction) => Promise<void>;
|
|
6
6
|
//# sourceMappingURL=validate-query.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate-query.d.ts","sourceRoot":"","sources":["../../../src/http/utils/validate-query.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"validate-query.d.ts","sourceRoot":"","sources":["../../../src/http/utils/validate-query.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,oBAAoB,CAAA;AACtC,OAAO,EAAE,UAAU,EAAE,WAAW,EAAsB,MAAM,iBAAiB,CAAA;AAE7E,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAGtC,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,UAAU,CAAA;AAiDxD,wBAAgB,yBAAyB,CAAC,OAAO,SAAS,UAAU,EAClE,SAAS,EAAE,CAAC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,EACzD,WAAW,EAAE,WAAW,CAAC,OAAO,CAAC,GAChC,CACD,GAAG,EAAE,aAAa,EAClB,GAAG,EAAE,cAAc,EACnB,IAAI,EAAE,YAAY,KACf,OAAO,CAAC,IAAI,CAAC,CAsDjB"}
|
|
@@ -56,17 +56,17 @@ function validateAndTransformQuery(zodSchema, queryConfig) {
|
|
|
56
56
|
const query = normalizeQuery(req);
|
|
57
57
|
const validated = await (0, zod_helpers_1.zodValidator)(zodSchema, query);
|
|
58
58
|
const cnf = queryConfig.isList
|
|
59
|
-
? (0, get_query_config_1.prepareListQuery)(validated, {
|
|
59
|
+
? await (0, get_query_config_1.prepareListQuery)(validated, {
|
|
60
60
|
...queryConfig,
|
|
61
61
|
allowed,
|
|
62
62
|
restricted,
|
|
63
63
|
isList: true,
|
|
64
|
-
})
|
|
65
|
-
: (0, get_query_config_1.prepareRetrieveQuery)(validated, {
|
|
64
|
+
}, req)
|
|
65
|
+
: await (0, get_query_config_1.prepareRetrieveQuery)(validated, {
|
|
66
66
|
...queryConfig,
|
|
67
67
|
allowed,
|
|
68
68
|
restricted,
|
|
69
|
-
});
|
|
69
|
+
}, req);
|
|
70
70
|
const { with_deleted, ...validatedQueryFilters } = validated;
|
|
71
71
|
req.validatedQuery = validatedQueryFilters;
|
|
72
72
|
req.filterableFields = getFilterableFields(req.validatedQuery);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate-query.js","sourceRoot":"","sources":["../../../src/http/utils/validate-query.ts"],"names":[],"mappings":";;AAuDA,
|
|
1
|
+
{"version":3,"file":"validate-query.js","sourceRoot":"","sources":["../../../src/http/utils/validate-query.ts"],"names":[],"mappings":";;AAuDA,8DA6DC;AAlHD,2CAAwE;AAGxE,uDAAoD;AAEpD,yDAA2E;AAE3E;;;;;GAKG;AACH,MAAM,cAAc,GAAG,CAAC,GAAkB,EAAE,EAAE;IAC5C,OAAO,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,EAAE;QAC1D,IAAI,eAAe,GAAG,GAAG,CAAA;QACzB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,GAAG,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YACzE,eAAe,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACrC,CAAC;QAED,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,MAAM,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YACjD,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtB,MAAM,IAAI,mBAAW,CACnB,mBAAW,CAAC,KAAK,CAAC,gBAAgB,EAClC,yCAAyC,GAAG,EAAE,CAC/C,CAAA;YACH,CAAC;YAED,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjB,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAA;YAClB,CAAC;YACD,GAAG,CAAC,MAAM,CAAC,GAAG;gBACZ,GAAG,GAAG,CAAC,MAAM,CAAC;gBACd,CAAC,KAAK,CAAC,EAAE,eAAe;aACzB,CAAA;QACH,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,GAAG,CAAC,GAAG,eAAe,CAAA;QAC5B,CAAC;QAED,OAAO,GAAG,CAAA;IACZ,CAAC,EAAE,EAAE,CAAC,CAAA;AACR,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,mBAAmB,GAAG,CAA+B,GAAM,EAAK,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,EAAE,GAAG,GAAG,CAAA;IACvD,OAAO,IAAA,iCAAyB,EAAC,MAAM,CAAM,CAAA;AAC/C,CAAC,CAAA;AAED,SAAgB,yBAAyB,CACvC,SAAyD,EACzD,WAAiC;IAMjC,OAAO,KAAK,UAAU,aAAa,CACjC,GAAkB,EAClB,CAAiB,EACjB,IAAkB;QAElB,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,GAAG,CAAC,gBAAgB,EAAE,IAAI,EAAE,CAAA;YAC/C,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,EAAE,CAAA;YAEzC,iIAAiI;YACjI,IAAI,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;gBACxB,OAAO,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAA;YAC9B,CAAC;YAED,OAAO,GAAG,CAAC,OAAO,CAAA;YAClB,MAAM,KAAK,GAAG,cAAc,CAAC,GAAG,CAAwB,CAAA;YAExD,MAAM,SAAS,GAAG,MAAM,IAAA,0BAAY,EAAC,SAAS,EAAE,KAAK,CAAC,CAAA;YAEtD,MAAM,GAAG,GAAG,WAAW,CAAC,MAAM;gBAC5B,CAAC,CAAC,MAAM,IAAA,mCAAgB,EACpB,SAAS,EACT;oBACE,GAAG,WAAW;oBACd,OAAO;oBACP,UAAU;oBACV,MAAM,EAAE,IAAI;iBACb,EACD,GAAG,CACJ;gBACH,CAAC,CAAC,MAAM,IAAA,uCAAoB,EACxB,SAAS,EACT;oBACE,GAAG,WAAW;oBACd,OAAO;oBACP,UAAU;iBACX,EACD,GAAG,CACJ,CAAA;YAEL,MAAM,EAAE,YAAY,EAAE,GAAG,qBAAqB,EAAE,GAAG,SAAS,CAAA;YAC5D,GAAG,CAAC,cAAc,GAAG,qBAAqB,CAAA;YAC1C,GAAG,CAAC,gBAAgB,GAAG,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;YAC9D,GAAG,CAAC,WAAW,GAAG,GAAG,CAAC,iBAAwB,CAAA;YAC9C,GAAG,CAAC,iBAAiB,GAAG,GAAG,CAAC,WAAW,CAAA;YACvC,GAAG,CAAC,UAAU,GAAI,GAAW,CAAC,UAAU,CAAA;YACxC,GAAG,CAAC,cAAc,GAAI,GAAW,CAAC,cAAc,CAAA;YAEhD,IAAI,EAAE,CAAA;QACR,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,CAAC,CAAC,CAAA;QACT,CAAC;IACH,CAAC,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"has-permission.d.ts","sourceRoot":"","sources":["../../src/policies/has-permission.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAA;AAIjD,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CAC7B,CAAA;AASD,MAAM,MAAM,kBAAkB,GAAG;IAC/B,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IACxB,OAAO,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAA;IAC9C,SAAS,EAAE,eAAe,CAAA;CAC3B,CAAA;AAID;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,aAAa,CACjC,KAAK,EAAE,kBAAkB,GACxB,OAAO,CAAC,OAAO,CAAC,CAgDlB"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.hasPermission = hasPermission;
|
|
4
|
-
const utils_1 = require("@medusajs/
|
|
4
|
+
const utils_1 = require("@medusajs/utils");
|
|
5
5
|
/**
|
|
6
6
|
* Checks if the given role(s) have permission to perform the specified action(s).
|
|
7
7
|
*
|
|
@@ -45,7 +45,10 @@ async function hasPermission(input) {
|
|
|
45
45
|
if (!resourceMap) {
|
|
46
46
|
continue;
|
|
47
47
|
}
|
|
48
|
-
const allowedOps =
|
|
48
|
+
const allowedOps = new Set([
|
|
49
|
+
...(resourceMap.get(action.resource) || []),
|
|
50
|
+
...(resourceMap.get("*") || []),
|
|
51
|
+
]);
|
|
49
52
|
if (allowedOps && (allowedOps.has(op) || allowedOps.has("*"))) {
|
|
50
53
|
operationHasAccess = true;
|
|
51
54
|
break;
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"has-permission.js","sourceRoot":"","sources":["../../src/policies/has-permission.ts"],"names":[],"mappings":";;AA6CA,sCAkDC;AA9FD,2CAAqE;AAuBrE;;;;;;;;;;;;;;;;;;;;GAoBG;AACI,KAAK,UAAU,aAAa,CACjC,KAAyB;IAEzB,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,KAAK,CAAA;IAE3C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;IACtD,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;IAC/D,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAChC,iCAAyB,CAAC,mBAAmB,CAChC,CAAA;IAEf,MAAM,UAAU,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAA;IACrD,IAAI,UAAU,IAAI,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAC1D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;IAEnE,KAAK,MAAM,MAAM,IAAI,UAAU,EAAE,CAAC;QAChC,yDAAyD;QACzD,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC;YAChD,CAAC,CAAC,MAAM,CAAC,SAAS;YAClB,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QAEtB,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;YAC5B,IAAI,kBAAkB,GAAG,KAAK,CAAA;YAE9B,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,MAAM,WAAW,GAAG,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;gBAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,SAAQ;gBACV,CAAC;gBAED,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC;oBACzB,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;oBAC3C,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;iBAChC,CAAC,CAAA;gBACF,IAAI,UAAU,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;oBAC9D,kBAAkB,GAAG,IAAI,CAAA;oBACzB,MAAK;gBACP,CAAC;YACH,CAAC;YAED,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAc,EACd,SAA0B;IAE1B,MAAM,KAAK,GAAG,SAAS,CAAC,OAAO,CAAC,iCAAyB,CAAC,KAAK,CAAC,CAAA;IAEhE,MAAM,IAAI,GAAa,EAAE,CAAA;IACzB,OAAO,MAAM,IAAA,gBAAQ,EACnB,KAAK,IAAI,EAAE;QACT,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC;YACxC,MAAM,EAAE,WAAW;YACnB,MAAM,EAAE,CAAC,IAAI,EAAE,YAAY,CAAC;YAC5B,OAAO,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;SACxB,CAAC,CAAA;QAEF,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,MAAM,WAAW,GAAG,IAAI,GAAG,EAAuB,CAAA;QAElD,IAAI,CAAC,IAAI,CAAC,aAAa,MAAM,EAAE,CAAC,CAAA;QAChC,IAAI,IAAI,EAAE,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,MAAM,SAAS,GAAa,EAAE,CAAA;YAE9B,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;gBAEzB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACtC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,GAAG,EAAE,CAAC,CAAA;gBAC7C,CAAC;gBACD,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAE,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;gBAEvD,IAAI,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,EAAE,EAAE,CAAC,CAAA;YACvC,CAAC;QACH,CAAC;QAED,OAAO,WAAW,CAAA;IACpB,CAAC,EACD;QACE,SAAS;QACT,GAAG,EAAE,MAAM;QACX,IAAI;QACJ,GAAG,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;QACrB,SAAS,EAAE,CAAC,cAAc,CAAC;KAC5B,CACF,CAAA;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,iBAAiB,CAC9B,OAAiB,EACjB,SAA0B;IAE1B,MAAM,eAAe,GAAsB,IAAI,GAAG,EAAE,CAAA;IAEpD,MAAM,OAAO,CAAC,GAAG,CACf,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC3B,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QACpE,eAAe,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;IAC1C,CAAC,CAAC,CACH,CAAA;IAED,OAAO,eAAe,CAAA;AACxB,CAAC"}
|
package/dist/policies/index.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/policies/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/policies/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAA;AAChC,cAAc,iBAAiB,CAAA"}
|
package/dist/policies/index.js
CHANGED
|
@@ -14,5 +14,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./has-permission"), exports);
|
|
17
18
|
__exportStar(require("./policy-loader"), exports);
|
|
18
19
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/policies/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,kDAA+B"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/policies/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,mDAAgC;AAChC,kDAA+B"}
|
package/dist/utils/index.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,iBAAiB,CAAA;AACxB,OAAO,iBAAiB,CAAA;AACxB,OAAO,oBAAoB,CAAA;AAE3B,cAAc,iBAAiB,CAAA
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,iBAAiB,CAAA;AACxB,OAAO,iBAAiB,CAAA;AACxB,OAAO,oBAAoB,CAAA;AAE3B,cAAc,iBAAiB,CAAA"}
|
package/dist/utils/index.js
CHANGED
package/dist/utils/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2BAAwB;AACxB,2BAAwB;AACxB,8BAA2B;AAE3B,kDAA+B
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2BAAwB;AACxB,2BAAwB;AACxB,8BAA2B;AAE3B,kDAA+B"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@medusajs/framework",
|
|
3
|
-
"version": "2.13.
|
|
3
|
+
"version": "2.13.2-preview-20260129180641",
|
|
4
4
|
"description": "Framework",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -71,17 +71,17 @@
|
|
|
71
71
|
"test": "../../../node_modules/.bin/jest --bail --forceExit --testPathPattern=src"
|
|
72
72
|
},
|
|
73
73
|
"devDependencies": {
|
|
74
|
-
"@medusajs/cli": "2.13.
|
|
74
|
+
"@medusajs/cli": "2.13.2-preview-20260129180641"
|
|
75
75
|
},
|
|
76
76
|
"dependencies": {
|
|
77
77
|
"@jercle/yargonaut": "^1.1.5",
|
|
78
|
-
"@medusajs/deps": "2.13.
|
|
79
|
-
"@medusajs/modules-sdk": "2.13.
|
|
80
|
-
"@medusajs/orchestration": "2.13.
|
|
81
|
-
"@medusajs/telemetry": "2.13.
|
|
82
|
-
"@medusajs/types": "2.13.
|
|
83
|
-
"@medusajs/utils": "2.13.
|
|
84
|
-
"@medusajs/workflows-sdk": "2.13.
|
|
78
|
+
"@medusajs/deps": "2.13.2-preview-20260129180641",
|
|
79
|
+
"@medusajs/modules-sdk": "2.13.2-preview-20260129180641",
|
|
80
|
+
"@medusajs/orchestration": "2.13.2-preview-20260129180641",
|
|
81
|
+
"@medusajs/telemetry": "2.13.2-preview-20260129180641",
|
|
82
|
+
"@medusajs/types": "2.13.2-preview-20260129180641",
|
|
83
|
+
"@medusajs/utils": "2.13.2-preview-20260129180641",
|
|
84
|
+
"@medusajs/workflows-sdk": "2.13.2-preview-20260129180641",
|
|
85
85
|
"@types/express": "^4.17.21",
|
|
86
86
|
"chokidar": "^4.0.3",
|
|
87
87
|
"compression": "^1.8.1",
|
|
@@ -100,7 +100,7 @@
|
|
|
100
100
|
},
|
|
101
101
|
"peerDependencies": {
|
|
102
102
|
"@aws-sdk/client-dynamodb": "^3.218.0",
|
|
103
|
-
"@medusajs/cli": "2.13.
|
|
103
|
+
"@medusajs/cli": "2.13.2-preview-20260129180641",
|
|
104
104
|
"connect-dynamodb": "^3.0.5",
|
|
105
105
|
"ioredis": "^5.4.1"
|
|
106
106
|
},
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"has-permission.d.ts","sourceRoot":"","sources":["../../src/utils/has-permission.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAA;AAI3D,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CAC7B,CAAA;AASD,MAAM,MAAM,kBAAkB,GAAG;IAC/B,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IACxB,OAAO,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAA;IAC9C,SAAS,EAAE,eAAe,CAAA;CAC3B,CAAA;AAID;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,aAAa,CACjC,KAAK,EAAE,kBAAkB,GACxB,OAAO,CAAC,OAAO,CAAC,CA6ClB"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"has-permission.js","sourceRoot":"","sources":["../../src/utils/has-permission.ts"],"names":[],"mappings":";;AA6CA,sCA+CC;AA3FD,qDAA+E;AAuB/E;;;;;;;;;;;;;;;;;;;;GAoBG;AACI,KAAK,UAAU,aAAa,CACjC,KAAyB;IAEzB,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,KAAK,CAAA;IAE3C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;IACtD,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;IAC/D,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAChC,iCAAyB,CAAC,mBAAmB,CAChC,CAAA;IAEf,MAAM,UAAU,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAA;IACrD,IAAI,UAAU,IAAI,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAC1D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;IAEnE,KAAK,MAAM,MAAM,IAAI,UAAU,EAAE,CAAC;QAChC,yDAAyD;QACzD,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC;YAChD,CAAC,CAAC,MAAM,CAAC,SAAS;YAClB,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QAEtB,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;YAC5B,IAAI,kBAAkB,GAAG,KAAK,CAAA;YAE9B,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,MAAM,WAAW,GAAG,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;gBAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,SAAQ;gBACV,CAAC;gBAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;gBACnD,IAAI,UAAU,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;oBAC9D,kBAAkB,GAAG,IAAI,CAAA;oBACzB,MAAK;gBACP,CAAC;YACH,CAAC;YAED,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAc,EACd,SAA0B;IAE1B,MAAM,KAAK,GAAG,SAAS,CAAC,OAAO,CAAC,iCAAyB,CAAC,KAAK,CAAC,CAAA;IAEhE,MAAM,IAAI,GAAa,EAAE,CAAA;IACzB,OAAO,MAAM,IAAA,gBAAQ,EACnB,KAAK,IAAI,EAAE;QACT,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC;YACxC,MAAM,EAAE,WAAW;YACnB,MAAM,EAAE,CAAC,IAAI,EAAE,YAAY,CAAC;YAC5B,OAAO,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;SACxB,CAAC,CAAA;QAEF,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,MAAM,WAAW,GAAG,IAAI,GAAG,EAAuB,CAAA;QAElD,IAAI,CAAC,IAAI,CAAC,aAAa,MAAM,EAAE,CAAC,CAAA;QAChC,IAAI,IAAI,EAAE,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,MAAM,SAAS,GAAa,EAAE,CAAA;YAE9B,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;gBAEzB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACtC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,GAAG,EAAE,CAAC,CAAA;gBAC7C,CAAC;gBACD,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAE,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;gBAEvD,IAAI,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,EAAE,EAAE,CAAC,CAAA;YACvC,CAAC;QACH,CAAC;QAED,OAAO,WAAW,CAAA;IACpB,CAAC,EACD;QACE,SAAS;QACT,GAAG,EAAE,MAAM;QACX,IAAI;QACJ,GAAG,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;QACrB,SAAS,EAAE,CAAC,cAAc,CAAC;KAC5B,CACF,CAAA;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,iBAAiB,CAC9B,OAAiB,EACjB,SAA0B;IAE1B,MAAM,eAAe,GAAsB,IAAI,GAAG,EAAE,CAAA;IAEpD,MAAM,OAAO,CAAC,GAAG,CACf,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC3B,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QACpE,eAAe,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;IAC1C,CAAC,CAAC,CACH,CAAA;IAED,OAAO,eAAe,CAAA;AACxB,CAAC"}
|