@next-core/easyops-runtime 0.10.15 → 0.10.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/cjs/checkPermissions.js +2 -0
  2. package/dist/cjs/checkPermissions.js.map +1 -1
  3. package/dist/esm/checkPermissions.js +2 -0
  4. package/dist/esm/checkPermissions.js.map +1 -1
  5. package/package.json +5 -5
package/dist/cjs/checkPermissions.js CHANGED
@@ -43,6 +43,8 @@ async function validatePermissions(usedActions) {
43
43
  try {
44
44
  const result = await (0, _microAppSdk.PermissionApi_validatePermissions)({
45
45
  actions
46
+ }, {
47
+ noAbortOnRouteChange: true
46
48
  });
47
49
  for (const item of result.actions) {
48
50
  permissionMap.set(item.action, item.authorizationStatus);
package/dist/cjs/checkPermissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"checkPermissions.js","names":["_lodash","require","_storyboard","_microAppSdk","_auth","checkedPermissions","permissionMap","Map","preCheckPermissions","storyboard","isLoggedIn","getAuth","isAdmin","usedActions","scanPermissionActionsInStoryboard","validatePermissions","preCheckPermissionsForBrickOrRoute","container","asyncComputeRealValue","Array","isArray","permissionsPreCheck","actions","preCheckPermissionsForAny","data","scanPermissionActionsInAny","difference","length","push","result","PermissionApi_validatePermissions","item","set","action","authorizationStatus","console","error","checkPermissions","get","undefined","resetPermissionPreChecks","clear"],"sources":["../../src/checkPermissions.ts"],"sourcesContent":["import { difference } from \"lodash\";\nimport {\n scanPermissionActionsInAny,\n scanPermissionActionsInStoryboard,\n} from \"@next-core/utils/storyboard\";\nimport type { BrickConf, RouteConf, Storyboard } from \"@next-core/types\";\nimport { PermissionApi_validatePermissions } from \"@next-api-sdk/micro-app-sdk\";\nimport { getAuth, isLoggedIn } from \"./auth.js\";\n\ntype PermissionStatus = \"authorized\" | \"unauthorized\" | \"undefined\";\n\nconst checkedPermissions: string[] = [];\nconst permissionMap = new Map<string, PermissionStatus>();\n\nexport function preCheckPermissions(\n storyboard: Storyboard\n): Promise<void> | undefined {\n if (isLoggedIn() && !getAuth().isAdmin) {\n const usedActions = scanPermissionActionsInStoryboard(storyboard);\n return validatePermissions(usedActions);\n }\n}\n\nexport async function preCheckPermissionsForBrickOrRoute(\n container: BrickConf | RouteConf,\n asyncComputeRealValue: (value: unknown) => Promise<unknown>\n) {\n if (\n isLoggedIn() &&\n !getAuth().isAdmin &&\n Array.isArray(container.permissionsPreCheck)\n ) {\n const actions = (await asyncComputeRealValue(\n container.permissionsPreCheck\n )) as string[];\n return validatePermissions(actions);\n }\n}\n\nexport function preCheckPermissionsForAny(\n data: unknown\n): Promise<void> | undefined {\n if (isLoggedIn() && !getAuth().isAdmin) {\n const usedActions = scanPermissionActionsInAny(data);\n return validatePermissions(usedActions);\n }\n}\n\nexport async function validatePermissions(\n usedActions: string[]\n): Promise<void> {\n // Do not request known actions.\n const actions = difference(usedActions, [...checkedPermissions]);\n if (actions.length === 0) {\n return;\n }\n checkedPermissions.push(...actions);\n try {\n const result = await PermissionApi_validatePermissions({ actions });\n for (const item of result.actions!) {\n permissionMap.set(item.action!, item.authorizationStatus!);\n if (item.authorizationStatus === \"undefined\") {\n // eslint-disable-next-line no-console\n console.error(`Undefined permission action: \"${item.action}\"`);\n }\n }\n } catch (error) {\n // Allow pre-check to fail, and\n // make it not crash when the backend service is not updated.\n // eslint-disable-next-line no-console\n console.error(\"Pre-check permissions failed\", error);\n }\n}\n\n/**\n * Check the current logged-in user whether to have all\n * permissions of actions passed to it.\n *\n * @param actions - Required permission actions.\n */\nexport function checkPermissions(...actions: string[]): boolean {\n if (!isLoggedIn()) {\n return false;\n }\n\n if (getAuth().isAdmin) {\n return true;\n }\n\n for (const action of actions) {\n // Only **exclusively authorized** permissions are ok.\n // Those scenarios below will fail:\n // - unauthorized actions (pre-check results)\n // - undefined actions (pre-check results)\n // - Un-pre-checked or pre-check failed\n switch (permissionMap.get(action)) {\n case \"unauthorized\":\n case \"undefined\":\n return false;\n case undefined:\n // eslint-disable-next-line no-console\n console.error(\n `Un-checked permission action: \"${action}\", please make sure the permission to check is defined in permissionsPreCheck.`\n );\n return false;\n }\n }\n return true;\n}\n\n/**\n * Reset permission pre-checks after logged-out.\n */\nexport function resetPermissionPreChecks(): void {\n checkedPermissions.length = 0;\n permissionMap.clear();\n}\n"],"mappings":";;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAKA,IAAAE,YAAA,GAAAF,OAAA;AACA,IAAAG,KAAA,GAAAH,OAAA;AAIA,MAAMI,kBAA4B,GAAG,EAAE;AACvC,MAAMC,aAAa,GAAG,IAAIC,GAAG,CAA2B,CAAC;AAElD,SAASC,mBAAmBA,CACjCC,UAAsB,EACK;EAC3B,IAAI,IAAAC,gBAAU,EAAC,CAAC,IAAI,CAAC,IAAAC,aAAO,EAAC,CAAC,CAACC,OAAO,EAAE;IACtC,MAAMC,WAAW,GAAG,IAAAC,6CAAiC,EAACL,UAAU,CAAC;IACjE,OAAOM,mBAAmB,CAACF,WAAW,CAAC;EACzC;AACF;AAEO,eAAeG,kCAAkCA,CACtDC,SAAgC,EAChCC,qBAA2D,EAC3D;EACA,IACE,IAAAR,gBAAU,EAAC,CAAC,IACZ,CAAC,IAAAC,aAAO,EAAC,CAAC,CAACC,OAAO,IAClBO,KAAK,CAACC,OAAO,CAACH,SAAS,CAACI,mBAAmB,CAAC,EAC5C;IACA,MAAMC,OAAO,GAAI,MAAMJ,qBAAqB,CAC1CD,SAAS,CAACI,mBACZ,CAAc;IACd,OAAON,mBAAmB,CAACO,OAAO,CAAC;EACrC;AACF;AAEO,SAASC,yBAAyBA,CACvCC,IAAa,EACc;EAC3B,IAAI,IAAAd,gBAAU,EAAC,CAAC,IAAI,CAAC,IAAAC,aAAO,EAAC,CAAC,CAACC,OAAO,EAAE;IACtC,MAAMC,WAAW,GAAG,IAAAY,sCAA0B,EAACD,IAAI,CAAC;IACpD,OAAOT,mBAAmB,CAACF,WAAW,CAAC;EACzC;AACF;AAEO,eAAeE,mBAAmBA,CACvCF,WAAqB,EACN;EACf;EACA,MAAMS,OAAO,GAAG,IAAAI,kBAAU,EAACb,WAAW,EAAE,CAAC,GAAGR,kBAAkB,CAAC,CAAC;EAChE,IAAIiB,OAAO,CAACK,MAAM,KAAK,CAAC,EAAE;IACxB;EACF;EACAtB,kBAAkB,CAACuB,IAAI,CAAC,GAAGN,OAAO,CAAC;EACnC,IAAI;IACF,MAAMO,MAAM,GAAG,MAAM,IAAAC,8CAAiC,EAAC;MAAER;IAAQ,CAAC,CAAC;IACnE,KAAK,MAAMS,IAAI,IAAIF,MAAM,CAACP,OAAO,EAAG;MAClChB,aAAa,CAAC0B,GAAG,CAACD,IAAI,CAACE,MAAM,EAAGF,IAAI,CAACG,mBAAoB,CAAC;MAC1D,IAAIH,IAAI,CAACG,mBAAmB,KAAK,WAAW,EAAE;QAC5C;QACAC,OAAO,CAACC,KAAK,CAAC,iCAAiCL,IAAI,CAACE,MAAM,GAAG,CAAC;MAChE;IACF;EACF,CAAC,CAAC,OAAOG,KAAK,EAAE;IACd;IACA;IACA;IACAD,OAAO,CAACC,KAAK,CAAC,8BAA8B,EAAEA,KAAK,CAAC;EACtD;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,gBAAgBA,CAAC,GAAGf,OAAiB,EAAW;EAC9D,IAAI,CAAC,IAAAZ,gBAAU,EAAC,CAAC,EAAE;IACjB,OAAO,KAAK;EACd;EAEA,IAAI,IAAAC,aAAO,EAAC,CAAC,CAACC,OAAO,EAAE;IACrB,OAAO,IAAI;EACb;EAEA,KAAK,MAAMqB,MAAM,IAAIX,OAAO,EAAE;IAC5B;IACA;IACA;IACA;IACA;IACA,QAAQhB,aAAa,CAACgC,GAAG,CAACL,MAAM,CAAC;MAC/B,KAAK,cAAc;MACnB,KAAK,WAAW;QACd,OAAO,KAAK;MACd,KAAKM,SAAS;QACZ;QACAJ,OAAO,CAACC,KAAK,CACX,kCAAkCH,MAAM,gFAC1C,CAAC;QACD,OAAO,KAAK;IAChB;EACF;EACA,OAAO,IAAI;AACb;;AAEA;AACA;AACA;AACO,SAASO,wBAAwBA,CAAA,EAAS;EAC/CnC,kBAAkB,CAACsB,MAAM,GAAG,CAAC;EAC7BrB,aAAa,CAACmC,KAAK,CAAC,CAAC;AACvB","ignoreList":[]}
1
+ {"version":3,"file":"checkPermissions.js","names":["_lodash","require","_storyboard","_microAppSdk","_auth","checkedPermissions","permissionMap","Map","preCheckPermissions","storyboard","isLoggedIn","getAuth","isAdmin","usedActions","scanPermissionActionsInStoryboard","validatePermissions","preCheckPermissionsForBrickOrRoute","container","asyncComputeRealValue","Array","isArray","permissionsPreCheck","actions","preCheckPermissionsForAny","data","scanPermissionActionsInAny","difference","length","push","result","PermissionApi_validatePermissions","noAbortOnRouteChange","item","set","action","authorizationStatus","console","error","checkPermissions","get","undefined","resetPermissionPreChecks","clear"],"sources":["../../src/checkPermissions.ts"],"sourcesContent":["import { difference } from \"lodash\";\nimport {\n scanPermissionActionsInAny,\n scanPermissionActionsInStoryboard,\n} from \"@next-core/utils/storyboard\";\nimport type { BrickConf, RouteConf, Storyboard } from \"@next-core/types\";\nimport { PermissionApi_validatePermissions } from \"@next-api-sdk/micro-app-sdk\";\nimport { getAuth, isLoggedIn } from \"./auth.js\";\n\ntype PermissionStatus = \"authorized\" | \"unauthorized\" | \"undefined\";\n\nconst checkedPermissions: string[] = [];\nconst permissionMap = new Map<string, PermissionStatus>();\n\nexport function preCheckPermissions(\n storyboard: Storyboard\n): Promise<void> | undefined {\n if (isLoggedIn() && !getAuth().isAdmin) {\n const usedActions = scanPermissionActionsInStoryboard(storyboard);\n return validatePermissions(usedActions);\n }\n}\n\nexport async function preCheckPermissionsForBrickOrRoute(\n container: BrickConf | RouteConf,\n asyncComputeRealValue: (value: unknown) => Promise<unknown>\n) {\n if (\n isLoggedIn() &&\n !getAuth().isAdmin &&\n Array.isArray(container.permissionsPreCheck)\n ) {\n const actions = (await asyncComputeRealValue(\n container.permissionsPreCheck\n )) as string[];\n return validatePermissions(actions);\n }\n}\n\nexport function preCheckPermissionsForAny(\n data: unknown\n): Promise<void> | undefined {\n if (isLoggedIn() && !getAuth().isAdmin) {\n const usedActions = scanPermissionActionsInAny(data);\n return validatePermissions(usedActions);\n }\n}\n\nexport async function validatePermissions(\n usedActions: string[]\n): Promise<void> {\n // Do not request known actions.\n const actions = difference(usedActions, [...checkedPermissions]);\n if (actions.length === 0) {\n return;\n }\n checkedPermissions.push(...actions);\n try {\n const result = await PermissionApi_validatePermissions(\n { actions },\n { noAbortOnRouteChange: true }\n );\n for (const item of result.actions!) {\n permissionMap.set(item.action!, item.authorizationStatus!);\n if (item.authorizationStatus === \"undefined\") {\n // eslint-disable-next-line no-console\n console.error(`Undefined permission action: \"${item.action}\"`);\n }\n }\n } catch (error) {\n // Allow pre-check to fail, and\n // make it not crash when the backend service is not updated.\n // eslint-disable-next-line no-console\n console.error(\"Pre-check permissions failed\", error);\n }\n}\n\n/**\n * Check the current logged-in user whether to have all\n * permissions of actions passed to it.\n *\n * @param actions - Required permission actions.\n */\nexport function checkPermissions(...actions: string[]): boolean {\n if (!isLoggedIn()) {\n return false;\n }\n\n if (getAuth().isAdmin) {\n return true;\n }\n\n for (const action of actions) {\n // Only **exclusively authorized** permissions are ok.\n // Those scenarios below will fail:\n // - unauthorized actions (pre-check results)\n // - undefined actions (pre-check results)\n // - Un-pre-checked or pre-check failed\n switch (permissionMap.get(action)) {\n case \"unauthorized\":\n case \"undefined\":\n return false;\n case undefined:\n // eslint-disable-next-line no-console\n console.error(\n `Un-checked permission action: \"${action}\", please make sure the permission to check is defined in permissionsPreCheck.`\n );\n return false;\n }\n }\n return true;\n}\n\n/**\n * Reset permission pre-checks after logged-out.\n */\nexport function resetPermissionPreChecks(): void {\n checkedPermissions.length = 0;\n permissionMap.clear();\n}\n"],"mappings":";;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAKA,IAAAE,YAAA,GAAAF,OAAA;AACA,IAAAG,KAAA,GAAAH,OAAA;AAIA,MAAMI,kBAA4B,GAAG,EAAE;AACvC,MAAMC,aAAa,GAAG,IAAIC,GAAG,CAA2B,CAAC;AAElD,SAASC,mBAAmBA,CACjCC,UAAsB,EACK;EAC3B,IAAI,IAAAC,gBAAU,EAAC,CAAC,IAAI,CAAC,IAAAC,aAAO,EAAC,CAAC,CAACC,OAAO,EAAE;IACtC,MAAMC,WAAW,GAAG,IAAAC,6CAAiC,EAACL,UAAU,CAAC;IACjE,OAAOM,mBAAmB,CAACF,WAAW,CAAC;EACzC;AACF;AAEO,eAAeG,kCAAkCA,CACtDC,SAAgC,EAChCC,qBAA2D,EAC3D;EACA,IACE,IAAAR,gBAAU,EAAC,CAAC,IACZ,CAAC,IAAAC,aAAO,EAAC,CAAC,CAACC,OAAO,IAClBO,KAAK,CAACC,OAAO,CAACH,SAAS,CAACI,mBAAmB,CAAC,EAC5C;IACA,MAAMC,OAAO,GAAI,MAAMJ,qBAAqB,CAC1CD,SAAS,CAACI,mBACZ,CAAc;IACd,OAAON,mBAAmB,CAACO,OAAO,CAAC;EACrC;AACF;AAEO,SAASC,yBAAyBA,CACvCC,IAAa,EACc;EAC3B,IAAI,IAAAd,gBAAU,EAAC,CAAC,IAAI,CAAC,IAAAC,aAAO,EAAC,CAAC,CAACC,OAAO,EAAE;IACtC,MAAMC,WAAW,GAAG,IAAAY,sCAA0B,EAACD,IAAI,CAAC;IACpD,OAAOT,mBAAmB,CAACF,WAAW,CAAC;EACzC;AACF;AAEO,eAAeE,mBAAmBA,CACvCF,WAAqB,EACN;EACf;EACA,MAAMS,OAAO,GAAG,IAAAI,kBAAU,EAACb,WAAW,EAAE,CAAC,GAAGR,kBAAkB,CAAC,CAAC;EAChE,IAAIiB,OAAO,CAACK,MAAM,KAAK,CAAC,EAAE;IACxB;EACF;EACAtB,kBAAkB,CAACuB,IAAI,CAAC,GAAGN,OAAO,CAAC;EACnC,IAAI;IACF,MAAMO,MAAM,GAAG,MAAM,IAAAC,8CAAiC,EACpD;MAAER;IAAQ,CAAC,EACX;MAAES,oBAAoB,EAAE;IAAK,CAC/B,CAAC;IACD,KAAK,MAAMC,IAAI,IAAIH,MAAM,CAACP,OAAO,EAAG;MAClChB,aAAa,CAAC2B,GAAG,CAACD,IAAI,CAACE,MAAM,EAAGF,IAAI,CAACG,mBAAoB,CAAC;MAC1D,IAAIH,IAAI,CAACG,mBAAmB,KAAK,WAAW,EAAE;QAC5C;QACAC,OAAO,CAACC,KAAK,CAAC,iCAAiCL,IAAI,CAACE,MAAM,GAAG,CAAC;MAChE;IACF;EACF,CAAC,CAAC,OAAOG,KAAK,EAAE;IACd;IACA;IACA;IACAD,OAAO,CAACC,KAAK,CAAC,8BAA8B,EAAEA,KAAK,CAAC;EACtD;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,gBAAgBA,CAAC,GAAGhB,OAAiB,EAAW;EAC9D,IAAI,CAAC,IAAAZ,gBAAU,EAAC,CAAC,EAAE;IACjB,OAAO,KAAK;EACd;EAEA,IAAI,IAAAC,aAAO,EAAC,CAAC,CAACC,OAAO,EAAE;IACrB,OAAO,IAAI;EACb;EAEA,KAAK,MAAMsB,MAAM,IAAIZ,OAAO,EAAE;IAC5B;IACA;IACA;IACA;IACA;IACA,QAAQhB,aAAa,CAACiC,GAAG,CAACL,MAAM,CAAC;MAC/B,KAAK,cAAc;MACnB,KAAK,WAAW;QACd,OAAO,KAAK;MACd,KAAKM,SAAS;QACZ;QACAJ,OAAO,CAACC,KAAK,CACX,kCAAkCH,MAAM,gFAC1C,CAAC;QACD,OAAO,KAAK;IAChB;EACF;EACA,OAAO,IAAI;AACb;;AAEA;AACA;AACA;AACO,SAASO,wBAAwBA,CAAA,EAAS;EAC/CpC,kBAAkB,CAACsB,MAAM,GAAG,CAAC;EAC7BrB,aAAa,CAACoC,KAAK,CAAC,CAAC;AACvB","ignoreList":[]}
package/dist/esm/checkPermissions.js CHANGED
@@ -32,6 +32,8 @@ export async function validatePermissions(usedActions) {
32
32
  try {
33
33
  const result = await PermissionApi_validatePermissions({
34
34
  actions
35
+ }, {
36
+ noAbortOnRouteChange: true
35
37
  });
36
38
  for (const item of result.actions) {
37
39
  permissionMap.set(item.action, item.authorizationStatus);
package/dist/esm/checkPermissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"checkPermissions.js","names":["difference","scanPermissionActionsInAny","scanPermissionActionsInStoryboard","PermissionApi_validatePermissions","getAuth","isLoggedIn","checkedPermissions","permissionMap","Map","preCheckPermissions","storyboard","isAdmin","usedActions","validatePermissions","preCheckPermissionsForBrickOrRoute","container","asyncComputeRealValue","Array","isArray","permissionsPreCheck","actions","preCheckPermissionsForAny","data","length","push","result","item","set","action","authorizationStatus","console","error","checkPermissions","_len","arguments","_key","get","undefined","resetPermissionPreChecks","clear"],"sources":["../../src/checkPermissions.ts"],"sourcesContent":["import { difference } from \"lodash\";\nimport {\n scanPermissionActionsInAny,\n scanPermissionActionsInStoryboard,\n} from \"@next-core/utils/storyboard\";\nimport type { BrickConf, RouteConf, Storyboard } from \"@next-core/types\";\nimport { PermissionApi_validatePermissions } from \"@next-api-sdk/micro-app-sdk\";\nimport { getAuth, isLoggedIn } from \"./auth.js\";\n\ntype PermissionStatus = \"authorized\" | \"unauthorized\" | \"undefined\";\n\nconst checkedPermissions: string[] = [];\nconst permissionMap = new Map<string, PermissionStatus>();\n\nexport function preCheckPermissions(\n storyboard: Storyboard\n): Promise<void> | undefined {\n if (isLoggedIn() && !getAuth().isAdmin) {\n const usedActions = scanPermissionActionsInStoryboard(storyboard);\n return validatePermissions(usedActions);\n }\n}\n\nexport async function preCheckPermissionsForBrickOrRoute(\n container: BrickConf | RouteConf,\n asyncComputeRealValue: (value: unknown) => Promise<unknown>\n) {\n if (\n isLoggedIn() &&\n !getAuth().isAdmin &&\n Array.isArray(container.permissionsPreCheck)\n ) {\n const actions = (await asyncComputeRealValue(\n container.permissionsPreCheck\n )) as string[];\n return validatePermissions(actions);\n }\n}\n\nexport function preCheckPermissionsForAny(\n data: unknown\n): Promise<void> | undefined {\n if (isLoggedIn() && !getAuth().isAdmin) {\n const usedActions = scanPermissionActionsInAny(data);\n return validatePermissions(usedActions);\n }\n}\n\nexport async function validatePermissions(\n usedActions: string[]\n): Promise<void> {\n // Do not request known actions.\n const actions = difference(usedActions, [...checkedPermissions]);\n if (actions.length === 0) {\n return;\n }\n checkedPermissions.push(...actions);\n try {\n const result = await PermissionApi_validatePermissions({ actions });\n for (const item of result.actions!) {\n permissionMap.set(item.action!, item.authorizationStatus!);\n if (item.authorizationStatus === \"undefined\") {\n // eslint-disable-next-line no-console\n console.error(`Undefined permission action: \"${item.action}\"`);\n }\n }\n } catch (error) {\n // Allow pre-check to fail, and\n // make it not crash when the backend service is not updated.\n // eslint-disable-next-line no-console\n console.error(\"Pre-check permissions failed\", error);\n }\n}\n\n/**\n * Check the current logged-in user whether to have all\n * permissions of actions passed to it.\n *\n * @param actions - Required permission actions.\n */\nexport function checkPermissions(...actions: string[]): boolean {\n if (!isLoggedIn()) {\n return false;\n }\n\n if (getAuth().isAdmin) {\n return true;\n }\n\n for (const action of actions) {\n // Only **exclusively authorized** permissions are ok.\n // Those scenarios below will fail:\n // - unauthorized actions (pre-check results)\n // - undefined actions (pre-check results)\n // - Un-pre-checked or pre-check failed\n switch (permissionMap.get(action)) {\n case \"unauthorized\":\n case \"undefined\":\n return false;\n case undefined:\n // eslint-disable-next-line no-console\n console.error(\n `Un-checked permission action: \"${action}\", please make sure the permission to check is defined in permissionsPreCheck.`\n );\n return false;\n }\n }\n return true;\n}\n\n/**\n * Reset permission pre-checks after logged-out.\n */\nexport function resetPermissionPreChecks(): void {\n checkedPermissions.length = 0;\n permissionMap.clear();\n}\n"],"mappings":"AAAA,SAASA,UAAU,QAAQ,QAAQ;AACnC,SACEC,0BAA0B,EAC1BC,iCAAiC,QAC5B,6BAA6B;AAEpC,SAASC,iCAAiC,QAAQ,6BAA6B;AAC/E,SAASC,OAAO,EAAEC,UAAU,QAAQ,WAAW;AAI/C,MAAMC,kBAA4B,GAAG,EAAE;AACvC,MAAMC,aAAa,GAAG,IAAIC,GAAG,CAA2B,CAAC;AAEzD,OAAO,SAASC,mBAAmBA,CACjCC,UAAsB,EACK;EAC3B,IAAIL,UAAU,CAAC,CAAC,IAAI,CAACD,OAAO,CAAC,CAAC,CAACO,OAAO,EAAE;IACtC,MAAMC,WAAW,GAAGV,iCAAiC,CAACQ,UAAU,CAAC;IACjE,OAAOG,mBAAmB,CAACD,WAAW,CAAC;EACzC;AACF;AAEA,OAAO,eAAeE,kCAAkCA,CACtDC,SAAgC,EAChCC,qBAA2D,EAC3D;EACA,IACEX,UAAU,CAAC,CAAC,IACZ,CAACD,OAAO,CAAC,CAAC,CAACO,OAAO,IAClBM,KAAK,CAACC,OAAO,CAACH,SAAS,CAACI,mBAAmB,CAAC,EAC5C;IACA,MAAMC,OAAO,GAAI,MAAMJ,qBAAqB,CAC1CD,SAAS,CAACI,mBACZ,CAAc;IACd,OAAON,mBAAmB,CAACO,OAAO,CAAC;EACrC;AACF;AAEA,OAAO,SAASC,yBAAyBA,CACvCC,IAAa,EACc;EAC3B,IAAIjB,UAAU,CAAC,CAAC,IAAI,CAACD,OAAO,CAAC,CAAC,CAACO,OAAO,EAAE;IACtC,MAAMC,WAAW,GAAGX,0BAA0B,CAACqB,IAAI,CAAC;IACpD,OAAOT,mBAAmB,CAACD,WAAW,CAAC;EACzC;AACF;AAEA,OAAO,eAAeC,mBAAmBA,CACvCD,WAAqB,EACN;EACf;EACA,MAAMQ,OAAO,GAAGpB,UAAU,CAACY,WAAW,EAAE,CAAC,GAAGN,kBAAkB,CAAC,CAAC;EAChE,IAAIc,OAAO,CAACG,MAAM,KAAK,CAAC,EAAE;IACxB;EACF;EACAjB,kBAAkB,CAACkB,IAAI,CAAC,GAAGJ,OAAO,CAAC;EACnC,IAAI;IACF,MAAMK,MAAM,GAAG,MAAMtB,iCAAiC,CAAC;MAAEiB;IAAQ,CAAC,CAAC;IACnE,KAAK,MAAMM,IAAI,IAAID,MAAM,CAACL,OAAO,EAAG;MAClCb,aAAa,CAACoB,GAAG,CAACD,IAAI,CAACE,MAAM,EAAGF,IAAI,CAACG,mBAAoB,CAAC;MAC1D,IAAIH,IAAI,CAACG,mBAAmB,KAAK,WAAW,EAAE;QAC5C;QACAC,OAAO,CAACC,KAAK,CAAC,iCAAiCL,IAAI,CAACE,MAAM,GAAG,CAAC;MAChE;IACF;EACF,CAAC,CAAC,OAAOG,KAAK,EAAE;IACd;IACA;IACA;IACAD,OAAO,CAACC,KAAK,CAAC,8BAA8B,EAAEA,KAAK,CAAC;EACtD;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,gBAAgBA,CAAA,EAAgC;EAC9D,IAAI,CAAC3B,UAAU,CAAC,CAAC,EAAE;IACjB,OAAO,KAAK;EACd;EAEA,IAAID,OAAO,CAAC,CAAC,CAACO,OAAO,EAAE;IACrB,OAAO,IAAI;EACb;EAAC,SAAAsB,IAAA,GAAAC,SAAA,CAAAX,MAAA,EAPiCH,OAAO,OAAAH,KAAA,CAAAgB,IAAA,GAAAE,IAAA,MAAAA,IAAA,GAAAF,IAAA,EAAAE,IAAA;IAAPf,OAAO,CAAAe,IAAA,IAAAD,SAAA,CAAAC,IAAA;EAAA;EASzC,KAAK,MAAMP,MAAM,IAAIR,OAAO,EAAE;IAC5B;IACA;IACA;IACA;IACA;IACA,QAAQb,aAAa,CAAC6B,GAAG,CAACR,MAAM,CAAC;MAC/B,KAAK,cAAc;MACnB,KAAK,WAAW;QACd,OAAO,KAAK;MACd,KAAKS,SAAS;QACZ;QACAP,OAAO,CAACC,KAAK,CACX,kCAAkCH,MAAM,gFAC1C,CAAC;QACD,OAAO,KAAK;IAChB;EACF;EACA,OAAO,IAAI;AACb;;AAEA;AACA;AACA;AACA,OAAO,SAASU,wBAAwBA,CAAA,EAAS;EAC/ChC,kBAAkB,CAACiB,MAAM,GAAG,CAAC;EAC7BhB,aAAa,CAACgC,KAAK,CAAC,CAAC;AACvB","ignoreList":[]}
1
+ {"version":3,"file":"checkPermissions.js","names":["difference","scanPermissionActionsInAny","scanPermissionActionsInStoryboard","PermissionApi_validatePermissions","getAuth","isLoggedIn","checkedPermissions","permissionMap","Map","preCheckPermissions","storyboard","isAdmin","usedActions","validatePermissions","preCheckPermissionsForBrickOrRoute","container","asyncComputeRealValue","Array","isArray","permissionsPreCheck","actions","preCheckPermissionsForAny","data","length","push","result","noAbortOnRouteChange","item","set","action","authorizationStatus","console","error","checkPermissions","_len","arguments","_key","get","undefined","resetPermissionPreChecks","clear"],"sources":["../../src/checkPermissions.ts"],"sourcesContent":["import { difference } from \"lodash\";\nimport {\n scanPermissionActionsInAny,\n scanPermissionActionsInStoryboard,\n} from \"@next-core/utils/storyboard\";\nimport type { BrickConf, RouteConf, Storyboard } from \"@next-core/types\";\nimport { PermissionApi_validatePermissions } from \"@next-api-sdk/micro-app-sdk\";\nimport { getAuth, isLoggedIn } from \"./auth.js\";\n\ntype PermissionStatus = \"authorized\" | \"unauthorized\" | \"undefined\";\n\nconst checkedPermissions: string[] = [];\nconst permissionMap = new Map<string, PermissionStatus>();\n\nexport function preCheckPermissions(\n storyboard: Storyboard\n): Promise<void> | undefined {\n if (isLoggedIn() && !getAuth().isAdmin) {\n const usedActions = scanPermissionActionsInStoryboard(storyboard);\n return validatePermissions(usedActions);\n }\n}\n\nexport async function preCheckPermissionsForBrickOrRoute(\n container: BrickConf | RouteConf,\n asyncComputeRealValue: (value: unknown) => Promise<unknown>\n) {\n if (\n isLoggedIn() &&\n !getAuth().isAdmin &&\n Array.isArray(container.permissionsPreCheck)\n ) {\n const actions = (await asyncComputeRealValue(\n container.permissionsPreCheck\n )) as string[];\n return validatePermissions(actions);\n }\n}\n\nexport function preCheckPermissionsForAny(\n data: unknown\n): Promise<void> | undefined {\n if (isLoggedIn() && !getAuth().isAdmin) {\n const usedActions = scanPermissionActionsInAny(data);\n return validatePermissions(usedActions);\n }\n}\n\nexport async function validatePermissions(\n usedActions: string[]\n): Promise<void> {\n // Do not request known actions.\n const actions = difference(usedActions, [...checkedPermissions]);\n if (actions.length === 0) {\n return;\n }\n checkedPermissions.push(...actions);\n try {\n const result = await PermissionApi_validatePermissions(\n { actions },\n { noAbortOnRouteChange: true }\n );\n for (const item of result.actions!) {\n permissionMap.set(item.action!, item.authorizationStatus!);\n if (item.authorizationStatus === \"undefined\") {\n // eslint-disable-next-line no-console\n console.error(`Undefined permission action: \"${item.action}\"`);\n }\n }\n } catch (error) {\n // Allow pre-check to fail, and\n // make it not crash when the backend service is not updated.\n // eslint-disable-next-line no-console\n console.error(\"Pre-check permissions failed\", error);\n }\n}\n\n/**\n * Check the current logged-in user whether to have all\n * permissions of actions passed to it.\n *\n * @param actions - Required permission actions.\n */\nexport function checkPermissions(...actions: string[]): boolean {\n if (!isLoggedIn()) {\n return false;\n }\n\n if (getAuth().isAdmin) {\n return true;\n }\n\n for (const action of actions) {\n // Only **exclusively authorized** permissions are ok.\n // Those scenarios below will fail:\n // - unauthorized actions (pre-check results)\n // - undefined actions (pre-check results)\n // - Un-pre-checked or pre-check failed\n switch (permissionMap.get(action)) {\n case \"unauthorized\":\n case \"undefined\":\n return false;\n case undefined:\n // eslint-disable-next-line no-console\n console.error(\n `Un-checked permission action: \"${action}\", please make sure the permission to check is defined in permissionsPreCheck.`\n );\n return false;\n }\n }\n return true;\n}\n\n/**\n * Reset permission pre-checks after logged-out.\n */\nexport function resetPermissionPreChecks(): void {\n checkedPermissions.length = 0;\n permissionMap.clear();\n}\n"],"mappings":"AAAA,SAASA,UAAU,QAAQ,QAAQ;AACnC,SACEC,0BAA0B,EAC1BC,iCAAiC,QAC5B,6BAA6B;AAEpC,SAASC,iCAAiC,QAAQ,6BAA6B;AAC/E,SAASC,OAAO,EAAEC,UAAU,QAAQ,WAAW;AAI/C,MAAMC,kBAA4B,GAAG,EAAE;AACvC,MAAMC,aAAa,GAAG,IAAIC,GAAG,CAA2B,CAAC;AAEzD,OAAO,SAASC,mBAAmBA,CACjCC,UAAsB,EACK;EAC3B,IAAIL,UAAU,CAAC,CAAC,IAAI,CAACD,OAAO,CAAC,CAAC,CAACO,OAAO,EAAE;IACtC,MAAMC,WAAW,GAAGV,iCAAiC,CAACQ,UAAU,CAAC;IACjE,OAAOG,mBAAmB,CAACD,WAAW,CAAC;EACzC;AACF;AAEA,OAAO,eAAeE,kCAAkCA,CACtDC,SAAgC,EAChCC,qBAA2D,EAC3D;EACA,IACEX,UAAU,CAAC,CAAC,IACZ,CAACD,OAAO,CAAC,CAAC,CAACO,OAAO,IAClBM,KAAK,CAACC,OAAO,CAACH,SAAS,CAACI,mBAAmB,CAAC,EAC5C;IACA,MAAMC,OAAO,GAAI,MAAMJ,qBAAqB,CAC1CD,SAAS,CAACI,mBACZ,CAAc;IACd,OAAON,mBAAmB,CAACO,OAAO,CAAC;EACrC;AACF;AAEA,OAAO,SAASC,yBAAyBA,CACvCC,IAAa,EACc;EAC3B,IAAIjB,UAAU,CAAC,CAAC,IAAI,CAACD,OAAO,CAAC,CAAC,CAACO,OAAO,EAAE;IACtC,MAAMC,WAAW,GAAGX,0BAA0B,CAACqB,IAAI,CAAC;IACpD,OAAOT,mBAAmB,CAACD,WAAW,CAAC;EACzC;AACF;AAEA,OAAO,eAAeC,mBAAmBA,CACvCD,WAAqB,EACN;EACf;EACA,MAAMQ,OAAO,GAAGpB,UAAU,CAACY,WAAW,EAAE,CAAC,GAAGN,kBAAkB,CAAC,CAAC;EAChE,IAAIc,OAAO,CAACG,MAAM,KAAK,CAAC,EAAE;IACxB;EACF;EACAjB,kBAAkB,CAACkB,IAAI,CAAC,GAAGJ,OAAO,CAAC;EACnC,IAAI;IACF,MAAMK,MAAM,GAAG,MAAMtB,iCAAiC,CACpD;MAAEiB;IAAQ,CAAC,EACX;MAAEM,oBAAoB,EAAE;IAAK,CAC/B,CAAC;IACD,KAAK,MAAMC,IAAI,IAAIF,MAAM,CAACL,OAAO,EAAG;MAClCb,aAAa,CAACqB,GAAG,CAACD,IAAI,CAACE,MAAM,EAAGF,IAAI,CAACG,mBAAoB,CAAC;MAC1D,IAAIH,IAAI,CAACG,mBAAmB,KAAK,WAAW,EAAE;QAC5C;QACAC,OAAO,CAACC,KAAK,CAAC,iCAAiCL,IAAI,CAACE,MAAM,GAAG,CAAC;MAChE;IACF;EACF,CAAC,CAAC,OAAOG,KAAK,EAAE;IACd;IACA;IACA;IACAD,OAAO,CAACC,KAAK,CAAC,8BAA8B,EAAEA,KAAK,CAAC;EACtD;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,gBAAgBA,CAAA,EAAgC;EAC9D,IAAI,CAAC5B,UAAU,CAAC,CAAC,EAAE;IACjB,OAAO,KAAK;EACd;EAEA,IAAID,OAAO,CAAC,CAAC,CAACO,OAAO,EAAE;IACrB,OAAO,IAAI;EACb;EAAC,SAAAuB,IAAA,GAAAC,SAAA,CAAAZ,MAAA,EAPiCH,OAAO,OAAAH,KAAA,CAAAiB,IAAA,GAAAE,IAAA,MAAAA,IAAA,GAAAF,IAAA,EAAAE,IAAA;IAAPhB,OAAO,CAAAgB,IAAA,IAAAD,SAAA,CAAAC,IAAA;EAAA;EASzC,KAAK,MAAMP,MAAM,IAAIT,OAAO,EAAE;IAC5B;IACA;IACA;IACA;IACA;IACA,QAAQb,aAAa,CAAC8B,GAAG,CAACR,MAAM,CAAC;MAC/B,KAAK,cAAc;MACnB,KAAK,WAAW;QACd,OAAO,KAAK;MACd,KAAKS,SAAS;QACZ;QACAP,OAAO,CAACC,KAAK,CACX,kCAAkCH,MAAM,gFAC1C,CAAC;QACD,OAAO,KAAK;IAChB;EACF;EACA,OAAO,IAAI;AACb;;AAEA;AACA;AACA;AACA,OAAO,SAASU,wBAAwBA,CAAA,EAAS;EAC/CjC,kBAAkB,CAACiB,MAAM,GAAG,CAAC;EAC7BhB,aAAa,CAACiC,KAAK,CAAC,CAAC;AACvB","ignoreList":[]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@next-core/easyops-runtime",
3
- "version": "0.10.15",
3
+ "version": "0.10.17",
4
4
  "homepage": "https://github.com/easyops-cn/next-core/tree/v3/packages/easyops-runtime",
5
5
  "license": "GPL-3.0",
6
6
  "repository": {
@@ -45,12 +45,12 @@
45
45
  "@next-api-sdk/cmdb-sdk": "^1.1.0",
46
46
  "@next-api-sdk/micro-app-sdk": "^1.2.1",
47
47
  "@next-api-sdk/micro-app-standalone-sdk": "^1.1.0",
48
- "@next-core/cook": "^2.4.2",
48
+ "@next-core/cook": "^2.4.3",
49
49
  "@next-core/http": "^1.2.4",
50
50
  "@next-core/pipes": "^2.0.22",
51
- "@next-core/runtime": "^1.49.2",
51
+ "@next-core/runtime": "^1.49.3",
52
52
  "@next-core/types": "^1.11.1",
53
- "@next-core/utils": "^1.7.11",
53
+ "@next-core/utils": "^1.7.12",
54
54
  "js-yaml": "^3.14.1",
55
55
  "lodash": "^4.17.21"
56
56
  },
@@ -60,5 +60,5 @@
60
60
  "jest-websocket-mock": "^2.5.0",
61
61
  "whatwg-fetch": "^3.6.20"
62
62
  },
63
- "gitHead": "3d407af7934a83404baf0a46d0b05c1a999543f6"
63
+ "gitHead": "7a739397bb1f893afdffd8dd74540c6b8dd43d54"
64
64
  }