@nocobase/acl 0.7.6-alpha.2 → 0.8.0-alpha.10

package/lib/acl-available-action.d.ts

@@ -9,7 +9,7 @@ export interface AvailableActionOptions {
     onNewRecord?: boolean;
     allowConfigureFields?: boolean;
 }
-export declare class AclAvailableAction {
+export declare class ACLAvailableAction {
     name: string;
     options: AvailableActionOptions;
     constructor(name: string, options: AvailableActionOptions);

package/lib/acl-available-action.js

@@ -3,9 +3,9 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.AclAvailableAction = void 0;
+exports.ACLAvailableAction = void 0;
 
-class AclAvailableAction {
+class ACLAvailableAction {
   constructor(name, options) {
     this.name = void 0;
     this.options = void 0;
@@ -15,4 +15,4 @@ class AclAvailableAction {
 
 }
 
-exports.AclAvailableAction = AclAvailableAction;
+exports.ACLAvailableAction = ACLAvailableAction;

package/lib/acl-available-strategy.d.ts

@@ -1,12 +1,10 @@
 import { ACL } from './acl';
-declare type StrategyValue = false | '*' | string | string[];
 export interface AvailableStrategyOptions {
     displayName?: string;
     actions?: false | string | string[];
     allowConfigure?: boolean;
     resource?: '*';
 }
-export declare function strategyValueMatched(strategy: StrategyValue, value: string): boolean;
 export declare const predicate: {
     own: {
         filter: {
@@ -26,4 +24,3 @@ export declare class ACLAvailableStrategy {
     matchAction(actionName: string): any;
     allow(resourceName: string, actionName: string): any;
 }
-export {};

package/lib/acl-available-strategy.js

@@ -4,7 +4,6 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.predicate = exports.ACLAvailableStrategy = void 0;
-exports.strategyValueMatched = strategyValueMatched;
 
 function _lodash() {
   const data = _interopRequireDefault(require("lodash"));
@@ -30,22 +29,6 @@ function _iterableToArrayLimit(arr, i) { var _i = arr == null ? null : typeof Sy
 
 function _arrayWithHoles(arr) { if (Array.isArray(arr)) return arr; }
 
-function strategyValueMatched(strategy, value) {
-  if (strategy === '*') {
-    return true;
-  }
-
-  if (_lodash().default.isString(strategy) && strategy === value) {
-    return true;
-  }
-
-  if (_lodash().default.isArray(strategy) && strategy.includes(value)) {
-    return true;
-  }
-
-  return false;
-}
-
 const predicate = {
   own: {
     filter: {

package/lib/acl-resource.d.ts

@@ -17,9 +17,7 @@ export declare class ACLResource {
     getActions(): {};
     getAction(name: string): RoleActionParams;
     setAction(name: string, params: RoleActionParams): void;
-    setActions(actions: {
-        [key: string]: RoleActionParams;
-    }): void;
+    setActions(actions: ResourceActions): void;
     removeAction(name: string): void;
 }
 export {};

package/lib/acl-role.d.ts

@@ -9,7 +9,7 @@ export interface RoleActionParams {
     blacklist?: string[];
     [key: string]: any;
 }
-interface ResourceActionsOptions {
+export interface ResourceActionsOptions {
     [actionName: string]: RoleActionParams;
 }
 export declare class ACLRole {
@@ -19,11 +19,9 @@ export declare class ACLRole {
     resources: Map<string, ACLResource>;
     constructor(acl: ACL, name: string);
     getResource(name: string): ACLResource | undefined;
-    setResource(name: string, resource: ACLResource): void;
     setStrategy(value: string | AvailableStrategyOptions): void;
-    grantResource(resourceName: string, options: ResourceActionsOptions): void;
     getResourceActionsParams(resourceName: string): {};
-    revokeResource(resourceName: any): void;
+    revokeResource(resourceName: string): void;
     grantAction(path: string, options?: RoleActionParams): void;
     getActionParams(path: string): RoleActionParams;
     revokeAction(path: string): void;
@@ -35,4 +33,3 @@ export declare class ACLRole {
         action: any;
     };
 }
-export {};

package/lib/acl-role.js

@@ -7,20 +7,20 @@ exports.ACLRole = void 0;
 
 var _aclResource = require("./acl-resource");
 
-function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof Symbol !== "undefined" && o[Symbol.iterator] || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e2) { throw _e2; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e3) { didErr = true; err = _e3; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
-
 function _slicedToArray(arr, i) { return _arrayWithHoles(arr) || _iterableToArrayLimit(arr, i) || _unsupportedIterableToArray(arr, i) || _nonIterableRest(); }
 
 function _nonIterableRest() { throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); }
 
-function _unsupportedIterableToArray(o, minLen) { if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = Object.prototype.toString.call(o).slice(8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return Array.from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
-
-function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) arr2[i] = arr[i]; return arr2; }
-
 function _iterableToArrayLimit(arr, i) { var _i = arr == null ? null : typeof Symbol !== "undefined" && arr[Symbol.iterator] || arr["@@iterator"]; if (_i == null) return; var _arr = []; var _n = true; var _d = false; var _s, _e; try { for (_i = _i.call(arr); !(_n = (_s = _i.next()).done); _n = true) { _arr.push(_s.value); if (i && _arr.length === i) break; } } catch (err) { _d = true; _e = err; } finally { try { if (!_n && _i["return"] != null) _i["return"](); } finally { if (_d) throw _e; } } return _arr; }
 
 function _arrayWithHoles(arr) { if (Array.isArray(arr)) return arr; }
 
+function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof Symbol !== "undefined" && o[Symbol.iterator] || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e2) { throw _e2; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e3) { didErr = true; err = _e3; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
+
+function _unsupportedIterableToArray(o, minLen) { if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = Object.prototype.toString.call(o).slice(8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return Array.from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
+
+function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) arr2[i] = arr[i]; return arr2; }
+
 class ACLRole {
   constructor(acl, name) {
     this.acl = void 0;
@@ -35,39 +35,18 @@ class ACLRole {
     return this.resources.get(name);
   }
 
-  setResource(name, resource) {
-    this.resources.set(name, resource);
-  }
-
   setStrategy(value) {
     this.strategy = value;
   }
 
-  grantResource(resourceName, options) {
-    const resource = new _aclResource.ACLResource({
-      role: this,
-      name: resourceName
-    });
-
-    for (var _i = 0, _Object$entries = Object.entries(options); _i < _Object$entries.length; _i++) {
-      const _Object$entries$_i = _slicedToArray(_Object$entries[_i], 2),
-            actionName = _Object$entries$_i[0],
-            actionParams = _Object$entries$_i[1];
-
-      resource.setAction(actionName, actionParams);
-    }
-
-    this.resources.set(resourceName, resource);
-  }
-
   getResourceActionsParams(resourceName) {
     const resource = this.getResource(resourceName);
     return resource.getActions();
   }
 
   revokeResource(resourceName) {
-    for (var _i2 = 0, _arr2 = [...this.resources.keys()]; _i2 < _arr2.length; _i2++) {
-      const key = _arr2[_i2];
+    for (var _i = 0, _arr = [...this.resources.keys()]; _i < _arr.length; _i++) {
+      const key = _arr[_i];
 
       if (key === resourceName || key.includes(`${resourceName}.`)) {
         this.resources.delete(key);
@@ -118,8 +97,8 @@ class ACLRole {
         const resourceName = _step.value;
         const resourceActions = this.getResourceActionsParams(resourceName);
 
-        for (var _i3 = 0, _Object$keys = Object.keys(resourceActions); _i3 < _Object$keys.length; _i3++) {
-          const actionName = _Object$keys[_i3];
+        for (var _i2 = 0, _Object$keys = Object.keys(resourceActions); _i2 < _Object$keys.length; _i2++) {
+          const actionName = _Object$keys[_i2];
           actions[`${resourceName}:${actionName}`] = resourceActions[actionName];
         }
       }

package/lib/acl.d.ts

@@ -1,9 +1,10 @@
 /// <reference types="node" />
+import { Toposort, ToposortOptions } from '@nocobase/utils';
 import EventEmitter from 'events';
-import { AclAvailableAction, AvailableActionOptions } from './acl-available-action';
+import { ACLAvailableAction, AvailableActionOptions } from './acl-available-action';
 import { ACLAvailableStrategy, AvailableStrategyOptions } from './acl-available-strategy';
-import { ACLRole, RoleActionParams } from './acl-role';
-import { AllowManager } from './allow-manager';
+import { ACLRole, ResourceActionsOptions, RoleActionParams } from './acl-role';
+import { AllowManager, ConditionFunc } from './allow-manager';
 interface CanResult {
     role: string;
     resource: string;
@@ -13,10 +14,8 @@ interface CanResult {
 export interface DefineOptions {
     role: string;
     allowConfigure?: boolean;
-    strategy?: string | Omit<AvailableStrategyOptions, 'acl'>;
-    actions?: {
-        [key: string]: RoleActionParams;
-    };
+    strategy?: string | AvailableStrategyOptions;
+    actions?: ResourceActionsOptions;
     routes?: any;
 }
 export interface ListenerContext {
@@ -34,9 +33,9 @@ interface CanArgs {
     action: string;
 }
 export declare class ACL extends EventEmitter {
-    protected availableActions: Map<string, AclAvailableAction>;
+    protected availableActions: Map<string, ACLAvailableAction>;
     protected availableStrategy: Map<string, ACLAvailableStrategy>;
-    protected middlewares: any[];
+    protected middlewares: Toposort<any>;
     allowManager: AllowManager;
     roles: Map<string, ACLRole>;
     actionAlias: Map<string, string>;
@@ -49,15 +48,15 @@ export declare class ACL extends EventEmitter {
     registerConfigResource(name: string): void;
     isConfigResource(name: string): boolean;
     setAvailableAction(name: string, options?: AvailableActionOptions): void;
-    getAvailableAction(name: string): AclAvailableAction;
-    getAvailableActions(): Map<string, AclAvailableAction>;
-    setAvailableStrategy(name: string, options: Omit<AvailableStrategyOptions, 'acl'>): void;
+    getAvailableAction(name: string): ACLAvailableAction;
+    getAvailableActions(): Map<string, ACLAvailableAction>;
+    setAvailableStrategy(name: string, options: AvailableStrategyOptions): void;
     beforeGrantAction(listener?: Listener): void;
-    can({ role, resource, action }: CanArgs): CanResult | null;
+    can(options: CanArgs): CanResult | null;
     protected isAvailableAction(actionName: string): boolean;
     resolveActionAlias(action: string): string;
-    use(fn: any): void;
-    allow(resourceName: string, actionNames: string[] | string, condition?: any): void;
+    use(fn: any, options?: ToposortOptions): void;
+    allow(resourceName: string, actionNames: string[] | string, condition?: string | ConditionFunc): void;
     parseJsonTemplate(json: any, ctx: any): any;
     middleware(): (ctx: any, next: any) => Promise<void>;
 }

package/lib/acl.js

@@ -5,6 +5,16 @@ Object.defineProperty(exports, "__esModule", {
 });
 exports.ACL = void 0;
 
+function _utils() {
+  const data = require("@nocobase/utils");
+
+  _utils = function _utils() {
+    return data;
+  };
+
+  return data;
+}
+
 function _events() {
   const data = _interopRequireDefault(require("events"));
 
@@ -84,11 +94,12 @@ class ACL extends _events().default {
     super();
     this.availableActions = new Map();
     this.availableStrategy = new Map();
-    this.middlewares = [];
+    this.middlewares = void 0;
     this.allowManager = new _allowManager.AllowManager(this);
     this.roles = new Map();
     this.actionAlias = new Map();
     this.configResources = [];
+    this.middlewares = new (_utils().Toposort)();
     this.beforeGrantAction(ctx => {
       if (_lodash().default.isPlainObject(ctx.params) && ctx.params.own) {
         ctx.params = _lodash().default.merge(ctx.params, _aclAvailableStrategy.predicate.own);
@@ -112,7 +123,7 @@ class ACL extends _events().default {
         }
       }
     });
-    this.middlewares.push(this.allowManager.aclMiddleware());
+    this.middlewares.add(this.allowManager.aclMiddleware());
   }
 
   define(options) {
@@ -158,7 +169,7 @@ class ACL extends _events().default {
   }
 
   setAvailableAction(name, options = {}) {
-    this.availableActions.set(name, new _aclAvailableAction.AclAvailableAction(name, options));
+    this.availableActions.set(name, new _aclAvailableAction.ACLAvailableAction(name, options));
 
     if (options.aliases) {
       const aliases = _lodash().default.isArray(options.aliases) ? options.aliases : [options.aliases];
@@ -196,11 +207,10 @@ class ACL extends _events().default {
     this.addListener('beforeGrantAction', listener);
   }
 
-  can({
-    role,
-    resource,
-    action
-  }) {
+  can(options) {
+    const role = options.role,
+          resource = options.resource,
+          action = options.action;
     const aclRole = this.roles.get(role);
 
     if (!aclRole) {
@@ -262,8 +272,8 @@ class ACL extends _events().default {
     return this.actionAlias.get(action) ? this.actionAlias.get(action) : action;
   }
 
-  use(fn) {
-    this.middlewares.push(fn);
+  use(fn, options) {
+    this.middlewares.add(fn, options);
   }
 
   allow(resourceName, actionNames, condition) {
@@ -331,7 +341,7 @@ class ACL extends _events().default {
             action: actionName
           })
         };
-        return (0, _koaCompose().default)(acl.middlewares)(ctx, /*#__PURE__*/_asyncToGenerator(function* () {
+        return (0, _koaCompose().default)(acl.middlewares.nodes)(ctx, /*#__PURE__*/_asyncToGenerator(function* () {
           const permission = ctx.permission;
 
           if (permission.skip) {

package/lib/allow-manager.d.ts

@@ -1,5 +1,5 @@
 import { ACL } from './acl';
-declare type ConditionFunc = (ctx: any) => Promise<boolean>;
+export declare type ConditionFunc = (ctx: any) => Promise<boolean> | boolean;
 export declare class AllowManager {
     acl: ACL;
     protected skipActions: Map<string, Map<string, string | true | ConditionFunc>>;
@@ -10,4 +10,3 @@ export declare class AllowManager {
     registerAllowCondition(name: string, condition: ConditionFunc): void;
     aclMiddleware(): (ctx: any, next: any) => Promise<void>;
 }
-export {};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nocobase/acl",
-  "version": "0.7.6-alpha.2",
+  "version": "0.8.0-alpha.10",
   "description": "",
   "license": "Apache-2.0",
   "licenses": [
@@ -12,7 +12,7 @@
   "main": "./lib/index.js",
   "types": "./lib/index.d.ts",
   "dependencies": {
-    "@nocobase/resourcer": "0.7.6-alpha.2",
+    "@nocobase/resourcer": "0.8.0-alpha.10",
     "json-templates": "^4.2.0"
   },
   "repository": {
@@ -20,5 +20,5 @@
     "url": "git+https://github.com/nocobase/nocobase.git",
     "directory": "packages/acl"
   },
-  "gitHead": "2cfccff9d3ff14c521bf317fa7ee4efa18444c92"
+  "gitHead": "a9723cdeadc764eba634b5815685177679025c83"
 }