npm - @nocobase/acl - Versions diffs - 0.9.2-alpha.4 → 0.9.4-alpha.1 - Mend

@nocobase/acl 0.9.2-alpha.4 → 0.9.4-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/lib/acl-resource.js CHANGED Viewed

@@ -4,6 +4,14 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.ACLResource = void 0;
+function _lodash() {
+  const data = _interopRequireDefault(require("lodash"));
+  _lodash = function _lodash() {
+    return data;
+  };
+  return data;
+}
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 class ACLResource {
   constructor(options) {
     this.actions = new Map();
@@ -26,7 +34,14 @@ class ACLResource {
     }, {});
   }
   getAction(name) {
-    return this.actions.get(name) || this.actions.get(this.acl.resolveActionAlias(name));
+    const result = this.actions.get(name) || this.actions.get(this.acl.resolveActionAlias(name));
+    if (!result) {
+      return null;
+    }
+    if (Array.isArray(result.fields) && result.fields.length > 0) {
+      result.fields = _lodash().default.uniq(result.fields);
+    }
+    return _lodash().default.cloneDeep(result);
   }
   setAction(name, params) {
     const context = {

package/lib/acl.d.ts CHANGED Viewed

@@ -37,17 +37,16 @@ interface CanArgs {
     ctx?: any;
 }
 export declare class ACL extends EventEmitter {
-    protected availableActions: Map<string, ACLAvailableAction>;
     availableStrategy: Map<string, ACLAvailableStrategy>;
-    protected fixedParamsManager: FixedParamsManager;
-    protected middlewares: Toposort<any>;
     allowManager: AllowManager;
     snippetManager: SnippetManager;
     roles: Map<string, ACLRole>;
     actionAlias: Map<string, string>;
     configResources: string[];
+    protected availableActions: Map<string, ACLAvailableAction>;
+    protected fixedParamsManager: FixedParamsManager;
+    protected middlewares: Toposort<any>;
     constructor();
-    protected addCoreMiddleware(): void;
     define(options: DefineOptions): ACLRole;
     getRole(name: string): ACLRole;
     removeRole(name: string): boolean;
@@ -60,7 +59,6 @@ export declare class ACL extends EventEmitter {
     setAvailableStrategy(name: string, options: AvailableStrategyOptions): void;
     beforeGrantAction(listener?: Listener): void;
     can(options: CanArgs): CanResult | null;
-    protected isAvailableAction(actionName: string): boolean;
     resolveActionAlias(action: string): string;
     use(fn: any, options?: ToposortOptions): void;
     allow(resourceName: string, actionNames: string[] | string, condition?: string | ConditionFunc): void;
@@ -70,5 +68,7 @@ export declare class ACL extends EventEmitter {
     getActionParams(ctx: any): Promise<void>;
     addFixedParams(resource: string, action: string, merger: Merger): void;
     registerSnippet(snippet: SnippetOptions): void;
+    protected addCoreMiddleware(): void;
+    protected isAvailableAction(actionName: string): boolean;
 }
 export {};

package/lib/acl.js CHANGED Viewed

@@ -39,6 +39,8 @@ var _allowManager = require("./allow-manager");
 var _fixedParamsManager = _interopRequireDefault(require("./fixed-params-manager"));
 var _snippetManager = _interopRequireDefault(require("./snippet-manager"));
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
+function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
 function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof Symbol !== "undefined" && o[Symbol.iterator] || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e2) { throw _e2; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e3) { didErr = true; err = _e3; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
 function _slicedToArray(arr, i) { return _arrayWithHoles(arr) || _iterableToArrayLimit(arr, i) || _unsupportedIterableToArray(arr, i) || _nonIterableRest(); }
 function _nonIterableRest() { throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); }
@@ -46,8 +48,6 @@ function _unsupportedIterableToArray(o, minLen) { if (!o) return; if (typeof o =
 function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) arr2[i] = arr[i]; return arr2; }
 function _iterableToArrayLimit(arr, i) { var _i = null == arr ? null : "undefined" != typeof Symbol && arr[Symbol.iterator] || arr["@@iterator"]; if (null != _i) { var _s, _e, _x, _r, _arr = [], _n = !0, _d = !1; try { if (_x = (_i = _i.call(arr)).next, 0 === i) { if (Object(_i) !== _i) return; _n = !1; } else for (; !(_n = (_s = _x.call(_i)).done) && (_arr.push(_s.value), _arr.length !== i); _n = !0); } catch (err) { _d = !0, _e = err; } finally { try { if (!_n && null != _i.return && (_r = _i.return(), Object(_r) !== _r)) return; } finally { if (_d) throw _e; } } return _arr; } }
 function _arrayWithHoles(arr) { if (Array.isArray(arr)) return arr; }
-function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
-function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
 function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
 function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { _defineProperty(target, key, source[key]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } return target; }
 function _defineProperty(obj, key, value) { key = _toPropertyKey(key); if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
@@ -56,15 +56,15 @@ function _toPrimitive(input, hint) { if (typeof input !== "object" || input ===
 class ACL extends _events().default {
   constructor() {
     super();
-    this.availableActions = new Map();
     this.availableStrategy = new Map();
-    this.fixedParamsManager = new _fixedParamsManager.default();
-    this.middlewares = void 0;
     this.allowManager = new _allowManager.AllowManager(this);
     this.snippetManager = new _snippetManager.default();
     this.roles = new Map();
     this.actionAlias = new Map();
     this.configResources = [];
+    this.availableActions = new Map();
+    this.fixedParamsManager = new _fixedParamsManager.default();
+    this.middlewares = void 0;
     this.middlewares = new (_utils().Toposort)();
     this.beforeGrantAction(ctx => {
       if (_lodash().default.isPlainObject(ctx.params) && ctx.params.own) {
@@ -93,63 +93,6 @@ class ACL extends _events().default {
     });
     this.addCoreMiddleware();
   }
-  addCoreMiddleware() {
-    const acl = this;
-    const filterParams = (ctx, resourceName, params) => {
-      var _params$filter;
-      if (params === null || params === void 0 ? void 0 : (_params$filter = params.filter) === null || _params$filter === void 0 ? void 0 : _params$filter.createdById) {
-        const collection = ctx.db.getCollection(resourceName);
-        if (!collection || !collection.getField('createdById')) {
-          return _lodash().default.omit(params, 'filter.createdById');
-        }
-      }
-      return params;
-    };
-    this.middlewares.add( /*#__PURE__*/function () {
-      var _ref = _asyncToGenerator(function* (ctx, next) {
-        var _ctx$log, _permission$can, _ctx$log2;
-        const resourcerAction = ctx.action;
-        const _ctx$action = ctx.action,
-          resourceName = _ctx$action.resourceName,
-          actionName = _ctx$action.actionName;
-        const permission = ctx.permission;
-        ((_ctx$log = ctx.log) === null || _ctx$log === void 0 ? void 0 : _ctx$log.info) && ctx.log.info('ctx permission', permission);
-        if ((!permission.can || typeof permission.can !== 'object') && !permission.skip) {
-          ctx.throw(403, 'No permissions');
-          return;
-        }
-        const params = ((_permission$can = permission.can) === null || _permission$can === void 0 ? void 0 : _permission$can.params) || acl.fixedParamsManager.getParams(resourceName, actionName);
-        ((_ctx$log2 = ctx.log) === null || _ctx$log2 === void 0 ? void 0 : _ctx$log2.info) && ctx.log.info('acl params', params);
-        if (params && resourcerAction.mergeParams) {
-          var _ctx$log3;
-          const filteredParams = filterParams(ctx, resourceName, params);
-          const parsedParams = yield acl.parseJsonTemplate(filteredParams, ctx);
-          ctx.permission.parsedParams = parsedParams;
-          ((_ctx$log3 = ctx.log) === null || _ctx$log3 === void 0 ? void 0 : _ctx$log3.info) && ctx.log.info('acl parsedParams', parsedParams);
-          ctx.permission.rawParams = _lodash().default.cloneDeep(resourcerAction.params);
-          resourcerAction.mergeParams(parsedParams, {
-            appends: (x, y) => {
-              if (!x) {
-                return [];
-              }
-              if (!y) {
-                return x;
-              }
-              return x.filter(i => y.includes(i.split('.').shift()));
-            }
-          });
-          ctx.permission.mergedParams = _lodash().default.cloneDeep(resourcerAction.params);
-        }
-        yield next();
-      });
-      return function (_x, _x2) {
-        return _ref.apply(this, arguments);
-      };
-    }(), {
-      tag: 'core',
-      group: 'core'
-    });
-  }
   define(options) {
     const roleName = options.role;
     const role = new _aclRole.ACLRole(this, roleName);
@@ -272,9 +215,6 @@ class ACL extends _events().default {
     }
     return null;
   }
-  isAvailableAction(actionName) {
-    return this.availableActions.has(this.resolveActionAlias(actionName));
-  }
   resolveActionAlias(action) {
     return this.actionAlias.get(action) ? this.actionAlias.get(action) : action;
   }
@@ -339,13 +279,14 @@ class ACL extends _events().default {
     return /*#__PURE__*/function () {
       var _ACLMiddleware = _asyncToGenerator(function* (ctx, next) {
         const roleName = ctx.state.currentRole || 'anonymous';
-        const _ctx$action2 = ctx.action,
-          resourceName = _ctx$action2.resourceName,
-          actionName = _ctx$action2.actionName;
+        const _ctx$action = ctx.action,
+          resourceName = _ctx$action.resourceName,
+          actionName = _ctx$action.actionName;
         ctx.can = options => {
-          return acl.can(_objectSpread({
+          const canResult = acl.can(_objectSpread({
             role: roleName
           }, options));
+          return canResult;
         };
         ctx.permission = {
           can: ctx.can({
@@ -355,7 +296,7 @@ class ACL extends _events().default {
         };
         return (0, _koaCompose().default)(acl.middlewares.nodes)(ctx, next);
       });
-      function ACLMiddleware(_x3, _x4) {
+      function ACLMiddleware(_x2, _x3) {
         return _ACLMiddleware.apply(this, arguments);
       }
       return ACLMiddleware;
@@ -365,13 +306,17 @@ class ACL extends _events().default {
     var _this = this;
     return _asyncToGenerator(function* () {
       const roleName = ctx.state.currentRole || 'anonymous';
-      const _ctx$action3 = ctx.action,
-        resourceName = _ctx$action3.resourceName,
-        actionName = _ctx$action3.actionName;
+      const _ctx$action2 = ctx.action,
+        resourceName = _ctx$action2.resourceName,
+        actionName = _ctx$action2.actionName;
       ctx.can = options => {
-        return _this.can(_objectSpread({
+        const can = _this.can(_objectSpread({
           role: roleName
         }, options));
+        if (!can) {
+          return null;
+        }
+        return _lodash().default.cloneDeep(can);
       };
       ctx.permission = {
         can: ctx.can({
@@ -388,5 +333,65 @@ class ACL extends _events().default {
   registerSnippet(snippet) {
     this.snippetManager.register(snippet);
   }
+  addCoreMiddleware() {
+    const acl = this;
+    const filterParams = (ctx, resourceName, params) => {
+      var _params$filter;
+      if (params === null || params === void 0 ? void 0 : (_params$filter = params.filter) === null || _params$filter === void 0 ? void 0 : _params$filter.createdById) {
+        const collection = ctx.db.getCollection(resourceName);
+        if (!collection || !collection.getField('createdById')) {
+          return _lodash().default.omit(params, 'filter.createdById');
+        }
+      }
+      return params;
+    };
+    this.middlewares.add( /*#__PURE__*/function () {
+      var _ref2 = _asyncToGenerator(function* (ctx, next) {
+        var _ctx$log, _permission$can, _ctx$log2;
+        const resourcerAction = ctx.action;
+        const _ctx$action3 = ctx.action,
+          resourceName = _ctx$action3.resourceName,
+          actionName = _ctx$action3.actionName;
+        const permission = ctx.permission;
+        ((_ctx$log = ctx.log) === null || _ctx$log === void 0 ? void 0 : _ctx$log.info) && ctx.log.info('ctx permission', permission);
+        if ((!permission.can || typeof permission.can !== 'object') && !permission.skip) {
+          ctx.throw(403, 'No permissions');
+          return;
+        }
+        const params = ((_permission$can = permission.can) === null || _permission$can === void 0 ? void 0 : _permission$can.params) || acl.fixedParamsManager.getParams(resourceName, actionName);
+        ((_ctx$log2 = ctx.log) === null || _ctx$log2 === void 0 ? void 0 : _ctx$log2.info) && ctx.log.info('acl params', params);
+        if (params && resourcerAction.mergeParams) {
+          var _ctx$log3;
+          const filteredParams = filterParams(ctx, resourceName, params);
+          const parsedParams = yield acl.parseJsonTemplate(filteredParams, ctx);
+          ctx.permission.parsedParams = parsedParams;
+          ((_ctx$log3 = ctx.log) === null || _ctx$log3 === void 0 ? void 0 : _ctx$log3.info) && ctx.log.info('acl parsedParams', parsedParams);
+          ctx.permission.rawParams = _lodash().default.cloneDeep(resourcerAction.params);
+          resourcerAction.mergeParams(parsedParams, {
+            appends: (x, y) => {
+              if (!x) {
+                return [];
+              }
+              if (!y) {
+                return x;
+              }
+              return x.filter(i => y.includes(i.split('.').shift()));
+            }
+          });
+          ctx.permission.mergedParams = _lodash().default.cloneDeep(resourcerAction.params);
+        }
+        yield next();
+      });
+      return function (_x4, _x5) {
+        return _ref2.apply(this, arguments);
+      };
+    }(), {
+      tag: 'core',
+      group: 'core'
+    });
+  }
+  isAvailableAction(actionName) {
+    return this.availableActions.has(this.resolveActionAlias(actionName));
+  }
 }
 exports.ACL = ACL;

package/package.json CHANGED Viewed

@@ -1,14 +1,13 @@
 {
   "name": "@nocobase/acl",
-  "version": "0.9.2-alpha.4",
+  "version": "0.9.4-alpha.1",
   "description": "",
   "license": "Apache-2.0",
   "main": "./lib/index.js",
   "types": "./lib/index.d.ts",
   "dependencies": {
-    "@nocobase/resourcer": "0.9.2-alpha.4",
-    "@nocobase/utils": "0.9.2-alpha.4",
-    "json-templates": "^4.2.0",
+    "@nocobase/resourcer": "0.9.4-alpha.1",
+    "@nocobase/utils": "0.9.4-alpha.1",
     "minimatch": "^5.1.1"
   },
   "repository": {
@@ -16,5 +15,5 @@
     "url": "git+https://github.com/nocobase/nocobase.git",
     "directory": "packages/acl"
   },
-  "gitHead": "96cb023f353a4fb099dea074c575be65ebab813f"
+  "gitHead": "0b4936be557be918dbdf8196dadcbc7eb395906d"
 }