@nocobase/plugin-acl 0.7.2-alpha.7 → 0.7.4-alpha.4

package/src/middlewares/setCurrentRole.ts

@@ -0,0 +1,32 @@
+export async function setCurrentRole(ctx, next) {
+  let currentRole = ctx.get('X-Role');
+
+  if (currentRole === 'anonymous') {
+    ctx.state.currentRole = currentRole;
+    return next();
+  }
+
+  if (!ctx.state.currentUser) {
+    return next();
+  }
+
+  const repository = ctx.db.getRepository('users.roles', ctx.state.currentUser.id);
+  const roles = await repository.find();
+  ctx.state.currentUser.setDataValue('roles', roles);
+
+  if (roles.length == 1) {
+    currentRole = roles[0].name;
+  } else if (roles.length > 1) {
+    const role = roles.find((item) => item.name === currentRole);
+    if (!role) {
+      const defaultRole = roles.find((item) => item?.rolesUsers?.default);
+      currentRole = (defaultRole || roles[0])?.name;
+    }
+  }
+
+  if (currentRole) {
+    ctx.state.currentRole = currentRole;
+  }
+
+  await next();
+}

package/src/server.ts

@@ -1,10 +1,13 @@
 import { Context } from '@nocobase/actions';
 import { Collection } from '@nocobase/database';
+import UsersPlugin from '@nocobase/plugin-users';
 import { Plugin } from '@nocobase/server';
 import { resolve } from 'path';
 import { availableActionResource } from './actions/available-actions';
 import { checkAction } from './actions/role-check';
 import { roleCollectionsResource } from './actions/role-collections';
+import { setDefaultRole } from './actions/user-setDefaultRole';
+import { setCurrentRole } from './middlewares/setCurrentRole';
 import { RoleModel } from './model/RoleModel';
 import { RoleResourceActionModel } from './model/RoleResourceActionModel';
 import { RoleResourceModel } from './model/RoleResourceModel';
@@ -134,6 +137,22 @@ export class PluginACL extends Plugin {
 
     this.app.resourcer.registerActionHandler('roles:check', checkAction);
 
+    this.app.resourcer.registerActionHandler(`users:setDefaultRole`, setDefaultRole);
+
+    this.db.on('users.afterCreateWithAssociations', async (model, options) => {
+      const { transaction } = options;
+      const repository = this.app.db.getRepository('roles');
+      const defaultRole = await repository.findOne({
+        filter: {
+          default: true,
+        },
+        transaction,
+      });
+      if (defaultRole && (await model.countRoles({ transaction })) == 0) {
+        await model.addRoles(defaultRole, { transaction });
+      }
+    });
+
     this.app.db.on('roles.afterSaveWithAssociations', async (model, options) => {
       const { transaction } = options;
 
@@ -271,7 +290,7 @@ export class PluginACL extends Plugin {
             title: '{{t("Admin")}}',
             allowConfigure: true,
             allowNewMenu: true,
-            strategy: { actions: ['create', 'export', 'view', 'update', 'destroy'] },
+            strategy: { actions: ['create', 'view', 'update', 'destroy'] },
           },
           {
             name: 'member',
@@ -301,6 +320,11 @@ export class PluginACL extends Plugin {
       });
     });
 
+    const usersPlugin = this.app.pm.get('@nocobase/plugin-users') as UsersPlugin;
+    usersPlugin.tokenMiddleware.use(setCurrentRole);
+
+    this.app.acl.allow('users', 'setDefaultRole', 'loggedIn');
+
     this.app.acl.allow('roles', 'check', 'loggedIn');
     this.app.acl.allow('roles', ['create', 'update', 'destroy'], 'allowConfigure');
 
@@ -392,6 +416,24 @@ export class PluginACL extends Plugin {
     if (repo) {
       await repo.db2cm('roles');
     }
+
+    const User = this.db.getCollection('users');
+    await User.repository.update({
+      values: {
+        roles: ['root', 'admin', 'member']
+      }
+    });
+
+    const RolesUsers = this.db.getCollection('rolesUsers');
+    await RolesUsers.repository.update({
+      filter: {
+        userId: 1,
+        roleName: 'root'
+      },
+      values: {
+        default: true
+      }
+    });
   }
 
   async load() {