@nocobase/plugin-acl 0.21.0-alpha.9 → 1.0.0-alpha.10

package/dist/server/collections/users.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;

package/dist/server/index.d.ts

@@ -1,3 +1,11 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 export * from './middlewares/setCurrentRole';
 export * from './middlewares/with-acl-meta';
 export { RoleResourceActionModel } from './model/RoleResourceActionModel';

package/dist/server/index.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;

package/dist/server/middlewares/setCurrentRole.d.ts

@@ -1,2 +1,10 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 import { Context } from '@nocobase/actions';
 export declare function setCurrentRole(ctx: Context, next: any): Promise<any>;

package/dist/server/middlewares/setCurrentRole.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;

package/dist/server/middlewares/with-acl-meta.d.ts

@@ -1,2 +1,10 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 declare function createWithACLMetaMiddleware(): (ctx: any, next: any) => Promise<void>;
 export { createWithACLMetaMiddleware };

package/dist/server/middlewares/with-acl-meta.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
@@ -31,8 +40,9 @@ __export(with_acl_meta_exports, {
 });
 module.exports = __toCommonJS(with_acl_meta_exports);
 var import_lodash = __toESM(require("lodash"));
-var import_acl = require("@nocobase/acl");
 var import_database = require("@nocobase/database");
+class NoPermissionError extends Error {
+}
 function createWithACLMetaMiddleware() {
   return async (ctx, next) => {
     var _a, _b, _c, _d;
@@ -109,13 +119,13 @@ function createWithACLMetaMiddleware() {
         },
         permission: {},
         throw(...args) {
-          throw new import_acl.NoPermissionError(...args);
+          throw new NoPermissionError(...args);
         }
       };
       try {
         await acl.getActionParams(actionCtx);
       } catch (e) {
-        if (e instanceof import_acl.NoPermissionError) {
+        if (e instanceof NoPermissionError) {
           continue;
         }
         throw e;

package/dist/server/migrations/20221214072638-set-role-snippets.d.ts

@@ -1,3 +1,11 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 import { Migration } from '@nocobase/server';
 export default class extends Migration {
     appVersion: string;

package/dist/server/migrations/20221214072638-set-role-snippets.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -21,6 +30,7 @@ __export(set_role_snippets_exports, {
 });
 module.exports = __toCommonJS(set_role_snippets_exports);
 var import_server = require("@nocobase/server");
+/* istanbul ignore file -- @preserve */
 class set_role_snippets_default extends import_server.Migration {
   appVersion = "<0.9.0-alpha.1";
   async up() {

package/dist/server/model/RoleModel.d.ts

@@ -1,3 +1,11 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 import { Model } from '@nocobase/database';
 import { ACL } from '@nocobase/acl';
 export declare class RoleModel extends Model {

package/dist/server/model/RoleModel.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;

package/dist/server/model/RoleResourceActionModel.d.ts

@@ -1,12 +1,17 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 import { ACL, ACLRole } from '@nocobase/acl';
 import { Model } from '@nocobase/database';
-import { AssociationFieldsActions, GrantHelper } from '../server';
 export declare class RoleResourceActionModel extends Model {
     writeToACL(options: {
         acl: ACL;
         role: ACLRole;
         resourceName: string;
-        associationFieldsActions: AssociationFieldsActions;
-        grantHelper: GrantHelper;
     }): Promise<void>;
 }

package/dist/server/model/RoleResourceActionModel.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -23,9 +32,7 @@ module.exports = __toCommonJS(RoleResourceActionModel_exports);
 var import_database = require("@nocobase/database");
 class RoleResourceActionModel extends import_database.Model {
   async writeToACL(options) {
-    var _a;
-    const db = this.constructor.database;
-    const { resourceName, role, acl, associationFieldsActions, grantHelper } = options;
+    const { resourceName, role } = options;
     const actionName = this.get("name");
     const fields = this.get("fields");
     const actionPath = `${resourceName}:${actionName}`;
@@ -38,45 +45,6 @@ class RoleResourceActionModel extends import_database.Model {
       actionParams["filter"] = scope.get("scope");
     }
     role.grantAction(actionPath, actionParams);
-    const collection = db.getCollection(resourceName);
-    if (!collection) {
-      return;
-    }
-    const availableAction = acl.resolveActionAlias(actionName);
-    for (const field of fields) {
-      const collectionField = collection.getField(field);
-      if (!collectionField) {
-        console.log(`field ${field} does not exist at ${collection.name}`);
-        continue;
-      }
-      const fieldType = collectionField.get("type");
-      const fieldActions = (_a = associationFieldsActions == null ? void 0 : associationFieldsActions[fieldType]) == null ? void 0 : _a[availableAction];
-      const fieldTarget = collectionField.get("target");
-      if (fieldActions) {
-        const associationActions = fieldActions.associationActions || [];
-        associationActions.forEach((associationAction) => {
-          const actionName2 = `${resourceName}.${collectionField.get("name")}:${associationAction}`;
-          role.grantAction(actionName2);
-        });
-        const targetActions = fieldActions.targetActions || [];
-        targetActions.forEach((targetAction) => {
-          const targetActionPath = `${fieldTarget}:${targetAction}`;
-          const existsAction = role.getActionParams(targetActionPath);
-          if (existsAction) {
-            return;
-          }
-          grantHelper.resourceTargetActionMap.set(`${role.name}.${resourceName}`, [
-            ...grantHelper.resourceTargetActionMap.get(resourceName) || [],
-            targetActionPath
-          ]);
-          grantHelper.targetActionResourceMap.set(targetActionPath, [
-            ...grantHelper.targetActionResourceMap.get(targetActionPath) || [],
-            `${role.name}.${resourceName}`
-          ]);
-          role.grantAction(targetActionPath);
-        });
-      }
-    }
   }
 }
 // Annotate the CommonJS export names for ESM import in node:

package/dist/server/model/RoleResourceModel.d.ts

@@ -1,16 +1,20 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 import { ACL, ACLRole } from '@nocobase/acl';
 import { Model } from '@nocobase/database';
-import { AssociationFieldsActions, GrantHelper } from '../server';
 export declare class RoleResourceModel extends Model {
     revoke(options: {
         role: ACLRole;
         resourceName: string;
-        grantHelper: GrantHelper;
     }): Promise<void>;
     writeToACL(options: {
         acl: ACL;
-        associationFieldsActions: AssociationFieldsActions;
-        grantHelper: GrantHelper;
         transaction: any;
     }): Promise<void>;
 }

package/dist/server/model/RoleResourceModel.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -24,22 +33,11 @@ var import_acl = require("@nocobase/acl");
 var import_database = require("@nocobase/database");
 class RoleResourceModel extends import_database.Model {
   async revoke(options) {
-    const { role, resourceName, grantHelper } = options;
+    const { role, resourceName } = options;
     role.revokeResource(resourceName);
-    const targetActions = grantHelper.resourceTargetActionMap.get(`${role.name}.${resourceName}`) || [];
-    for (const targetAction of targetActions) {
-      const targetActionResource = (grantHelper.targetActionResourceMap.get(targetAction) || []).filter(
-        (item) => `${role.name}.${resourceName}` !== item
-      );
-      grantHelper.targetActionResourceMap.set(targetAction, targetActionResource);
-      if (targetActionResource.length == 0) {
-        role.revokeAction(targetAction);
-      }
-    }
-    grantHelper.resourceTargetActionMap.set(`${role.name}.${resourceName}`, []);
   }
   async writeToACL(options) {
-    const { acl, associationFieldsActions, grantHelper } = options;
+    const { acl } = options;
     const resourceName = this.get("name");
     const roleName = this.get("roleName");
     const role = acl.getRole(roleName);
@@ -47,7 +45,7 @@ class RoleResourceModel extends import_database.Model {
       console.log(`${roleName} role does not exist`);
       return;
     }
-    await this.revoke({ role, resourceName, grantHelper });
+    await this.revoke({ role, resourceName });
     if (this.usingActionsConfig === false) {
       return;
     }
@@ -63,9 +61,7 @@ class RoleResourceModel extends import_database.Model {
       await action.writeToACL({
         acl,
         role,
-        resourceName,
-        associationFieldsActions,
-        grantHelper: options.grantHelper
+        resourceName
       });
     }
   }

package/dist/server/server.d.ts

@@ -1,30 +1,20 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+import { Transaction } from '@nocobase/database';
 import { Plugin } from '@nocobase/server';
 import { RoleModel } from './model/RoleModel';
 import { RoleResourceActionModel } from './model/RoleResourceActionModel';
 import { RoleResourceModel } from './model/RoleResourceModel';
-export interface AssociationFieldAction {
-    associationActions: string[];
-    targetActions?: string[];
-}
-interface AssociationFieldActions {
-    [availableActionName: string]: AssociationFieldAction;
-}
-export interface AssociationFieldsActions {
-    [associationType: string]: AssociationFieldActions;
-}
-export declare class GrantHelper {
-    resourceTargetActionMap: Map<string, string[]>;
-    targetActionResourceMap: Map<string, string[]>;
-    constructor();
-}
 export declare class PluginACLServer extends Plugin {
-    associationFieldsActions: AssociationFieldsActions;
-    grantHelper: GrantHelper;
     get acl(): import("@nocobase/acl").ACL;
-    registerAssociationFieldAction(associationType: string, value: AssociationFieldActions): void;
-    registerAssociationFieldsActions(): void;
-    writeResourceToACL(resourceModel: RoleResourceModel, transaction: any): Promise<void>;
-    writeActionToACL(actionModel: RoleResourceActionModel, transaction: any): Promise<void>;
+    writeResourceToACL(resourceModel: RoleResourceModel, transaction: Transaction): Promise<void>;
+    writeActionToACL(actionModel: RoleResourceActionModel, transaction: Transaction): Promise<void>;
     writeRolesToACL(options: any): Promise<void>;
     writeRoleToACL(role: RoleModel, options?: any): Promise<void>;
     beforeLoad(): Promise<void>;

package/dist/server/server.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
@@ -27,7 +36,6 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var server_exports = {};
 __export(server_exports, {
-  GrantHelper: () => GrantHelper,
   PluginACLServer: () => PluginACLServer,
   default: () => server_default
 });
@@ -47,74 +55,14 @@ var import_with_acl_meta = require("./middlewares/with-acl-meta");
 var import_RoleModel = require("./model/RoleModel");
 var import_RoleResourceActionModel = require("./model/RoleResourceActionModel");
 var import_RoleResourceModel = require("./model/RoleResourceModel");
-class GrantHelper {
-  resourceTargetActionMap = /* @__PURE__ */ new Map();
-  targetActionResourceMap = /* @__PURE__ */ new Map();
-  constructor() {
-  }
-}
 class PluginACLServer extends import_server.Plugin {
-  // association field actions config
-  associationFieldsActions = {};
-  grantHelper = new GrantHelper();
   get acl() {
     return this.app.acl;
   }
-  registerAssociationFieldAction(associationType, value) {
-    this.associationFieldsActions[associationType] = value;
-  }
-  registerAssociationFieldsActions() {
-    this.registerAssociationFieldAction("hasOne", {
-      view: {
-        associationActions: ["list", "get", "view"]
-      },
-      create: {
-        associationActions: ["create", "set"]
-      },
-      update: {
-        associationActions: ["update", "remove", "set"]
-      }
-    });
-    this.registerAssociationFieldAction("hasMany", {
-      view: {
-        associationActions: ["list", "get", "view"]
-      },
-      create: {
-        associationActions: ["create", "set", "add"]
-      },
-      update: {
-        associationActions: ["update", "remove", "set"]
-      }
-    });
-    this.registerAssociationFieldAction("belongsTo", {
-      view: {
-        associationActions: ["list", "get", "view"]
-      },
-      create: {
-        associationActions: ["create", "set"]
-      },
-      update: {
-        associationActions: ["update", "remove", "set"]
-      }
-    });
-    this.registerAssociationFieldAction("belongsToMany", {
-      view: {
-        associationActions: ["list", "get", "view"]
-      },
-      create: {
-        associationActions: ["create", "set", "add"]
-      },
-      update: {
-        associationActions: ["update", "remove", "set", "toggle"]
-      }
-    });
-  }
   async writeResourceToACL(resourceModel, transaction) {
     await resourceModel.writeToACL({
       acl: this.acl,
-      associationFieldsActions: this.associationFieldsActions,
-      transaction,
-      grantHelper: this.grantHelper
+      transaction
     });
   }
   async writeActionToACL(actionModel, transaction) {
@@ -123,9 +71,7 @@ class PluginACLServer extends import_server.Plugin {
     await actionModel.writeToACL({
       acl: this.acl,
       role,
-      resourceName: resource.get("name"),
-      associationFieldsActions: this.associationFieldsActions,
-      grantHelper: this.grantHelper
+      resourceName: resource.get("name")
     });
   }
   async writeRolesToACL(options) {
@@ -587,6 +533,5 @@ class PluginACLServer extends import_server.Plugin {
 var server_default = PluginACLServer;
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
-  GrantHelper,
   PluginACLServer
 });

package/dist/swagger/index.d.ts

@@ -1,3 +1,11 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 declare const _default: {
     openapi: string;
     info: {

package/dist/swagger/index.js

@@ -1,3 +1,12 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;

package/package.json

@@ -4,7 +4,7 @@
   "displayName.zh-CN": "权限控制",
   "description": "Based on roles, resources, and actions, access control can precisely manage interface configuration permissions, data operation permissions, menu access permissions, and plugin permissions.",
   "description.zh-CN": "基于角色、资源和操作的权限控制，可以精确控制界面配置权限、数据操作权限、菜单访问权限、插件权限。",
-  "version": "0.21.0-alpha.9",
+  "version": "1.0.0-alpha.10",
   "license": "AGPL-3.0",
   "main": "./dist/server/index.js",
   "homepage": "https://docs.nocobase.com/handbook/acl",
@@ -20,19 +20,19 @@
     "react-dom": "^18.2.0"
   },
   "peerDependencies": {
-    "@nocobase/acl": "0.x",
-    "@nocobase/actions": "0.x",
-    "@nocobase/cache": "0.x",
-    "@nocobase/client": "0.x",
-    "@nocobase/database": "0.x",
-    "@nocobase/server": "0.x",
-    "@nocobase/test": "0.x",
-    "@nocobase/utils": "0.x"
+    "@nocobase/acl": "1.x",
+    "@nocobase/actions": "1.x",
+    "@nocobase/cache": "1.x",
+    "@nocobase/client": "1.x",
+    "@nocobase/database": "1.x",
+    "@nocobase/server": "1.x",
+    "@nocobase/test": "1.x",
+    "@nocobase/utils": "1.x"
   },
   "repository": {
     "type": "git",
     "url": "git+https://github.com/nocobase/nocobase.git",
     "directory": "packages/plugins/acl"
   },
-  "gitHead": "a6fe6c4ee532c04e5a50ec777bf76436ca624cbd"
+  "gitHead": "39c634c88f835f8eadedf72ca11a9fb3323a50f8"
 }