npm - @nocobase/plugin-acl - Versions diffs - 0.8.1-alpha.3 → 0.9.0-alpha.1 - Mend

@nocobase/plugin-acl 0.8.1-alpha.3 → 0.9.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

package/LICENSE +661 -201
package/lib/actions/role-check.js +2 -0
package/lib/actions/role-collections.js +39 -12
package/lib/collections/roles.js +4 -0
package/lib/collections/rolesResourcesActions.js +2 -1
package/lib/collections/users.js +1 -0
package/lib/migrations/20221214072638-set-role-snippets.d.ts +5 -0
package/lib/migrations/20221214072638-set-role-snippets.js +49 -0
package/lib/model/RoleModel.js +1 -0
package/lib/model/RoleResourceActionModel.js +9 -3
package/lib/server.js +393 -28
package/package.json +7 -13
package/src/__tests__/acl.test.ts +0 -548
package/src/__tests__/association-field.test.ts +0 -308
package/src/__tests__/configuration.test.ts +0 -74
package/src/__tests__/middleware.test.ts +0 -228
package/src/__tests__/own.test.ts +0 -133
package/src/__tests__/prepare.ts +0 -20
package/src/__tests__/role-check.test.ts +0 -41
package/src/__tests__/role-resource.test.ts +0 -189
package/src/__tests__/role-user.test.ts +0 -123
package/src/__tests__/role.test.ts +0 -99
package/src/__tests__/scope.test.ts +0 -59
package/src/__tests__/setCurrentRole.test.ts +0 -83
package/src/__tests__/users.test.ts +0 -52
package/src/actions/available-actions.ts +0 -18
package/src/actions/role-check.ts +0 -41
package/src/actions/role-collections.ts +0 -65
package/src/actions/user-setDefaultRole.ts +0 -45
package/src/collections/roles-users.ts +0 -6
package/src/collections/roles.ts +0 -79
package/src/collections/rolesResources.ts +0 -31
package/src/collections/rolesResourcesActions.ts +0 -28
package/src/collections/rolesResourcesScopes.ts +0 -23
package/src/collections/users.ts +0 -30
package/src/index.ts +0 -2
package/src/middlewares/setCurrentRole.ts +0 -32
package/src/model/RoleModel.ts +0 -21
package/src/model/RoleResourceActionModel.ts +0 -88
package/src/model/RoleResourceModel.ts +0 -74
package/src/server.ts +0 -463

package/src/__tests__/own.test.ts DELETED Viewed

@@ -1,133 +0,0 @@
-import { ACL } from '@nocobase/acl';
-import { Database } from '@nocobase/database';
-import PluginUser from '@nocobase/plugin-users';
-import { MockServer } from '@nocobase/test';
-import { prepareApp } from './prepare';
-describe('own test', () => {
-  let app: MockServer;
-  let db: Database;
-  let acl: ACL;
-  let pluginUser: PluginUser;
-  let adminToken: string;
-  let userToken: string;
-  let admin;
-  let user;
-  let role;
-  let agent;
-  let adminAgent;
-  let userAgent;
-  afterEach(async () => {
-    await app.destroy();
-  });
-  beforeEach(async () => {
-    app = await prepareApp();
-    db = app.db;
-    const PostCollection = db.collection({
-      name: 'posts',
-      fields: [
-        { type: 'string', name: 'title' },
-        { type: 'belongsToMany', name: 'tags' },
-      ],
-      createdBy: true,
-    });
-    const TagCollection = db.collection({
-      name: 'tags',
-      fields: [
-        { type: 'string', name: 'name' },
-        { type: 'belongsToMany', name: 'posts' },
-      ],
-      createdBy: true,
-    });
-    const TestCollection = db.collection({
-      name: 'tests',
-      fields: [{ type: 'string', name: 'name' }],
-    });
-    await db.sync();
-    agent = app.agent();
-    acl = app.acl;
-    role = await db.getRepository('roles').findOne({
-      filter: {
-        name: 'admin',
-      },
-    });
-    admin = await db.getRepository('users').findOne();
-    pluginUser = app.getPlugin('users');
-    adminToken = pluginUser.jwtService.sign({ userId: admin.get('id') });
-    adminAgent = app.agent().auth(adminToken, { type: 'bearer' });
-    user = await db.getRepository('users').create({
-      values: {
-        nickname: 'test',
-        roles: ['admin'],
-      },
-    });
-    userToken = pluginUser.jwtService.sign({ userId: user.get('id') });
-    userAgent = app.agent().auth(userToken, { type: 'bearer' });
-  });
-  it('should list without createBy', async () => {
-    await adminAgent
-      .patch('/roles/admin')
-      .send({
-        strategy: {
-          actions: ['view:own'],
-        },
-      })
-      .set({ Authorization: 'Bearer ' + adminToken });
-    const response = await userAgent.get('/tests:list');
-    expect(response.statusCode).toEqual(200);
-  });
-  it('should delete with createdBy', async () => {
-    await adminAgent
-      .resource('roles')
-      .update({
-        filterByTk: 'admin',
-        values: {
-          strategy: {
-            actions: ['view:own', 'create', 'destroy:own'],
-          },
-        }
-      });
-    let response = await userAgent
-      .resource('posts')
-      .create({
-        values: {
-          title: 't1',
-        }
-      });
-    expect(response.statusCode).toEqual(200);
-    const data = response.body;
-    const id = data.data['id'];
-    response = await userAgent.resource('posts').destroy({
-      filterByTk: id
-    });
-    expect(response.statusCode).toEqual(200);
-    expect(await db.getRepository('posts').count()).toEqual(0);
-  });
-});

package/src/__tests__/prepare.ts DELETED Viewed

@@ -1,20 +0,0 @@
-import { mockServer } from '@nocobase/test';
-import PluginACL from '../server';
-export async function prepareApp() {
-  const app = mockServer({
-    registerActions: true,
-    acl: true,
-    plugins: ['error-handler', 'users', 'ui-schema-storage', 'collection-manager'],
-  });
-  app.plugin(PluginACL, {
-    name: 'acl',
-  });
-  await app.loadAndInstall({ clean: true });
-  await app.db.sync();
-  return app;
-}

package/src/__tests__/role-check.test.ts DELETED Viewed

@@ -1,41 +0,0 @@
-import { Database } from '@nocobase/database';
-import UsersPlugin from '@nocobase/plugin-users';
-import { MockServer } from '@nocobase/test';
-import { prepareApp } from './prepare';
-describe('role check action', () => {
-  let app: MockServer;
-  let db: Database;
-  beforeEach(async () => {
-    app = await prepareApp();
-    db = app.db;
-  });
-  afterEach(async () => {
-    await app.destroy();
-  });
-  it('should return role info', async () => {
-    const role = await db.getRepository('roles').create({
-      values: {
-        name: 'test',
-      },
-    });
-    const user = await db.getRepository('users').create({
-      values: {
-        roles: ['test']
-      }
-    });
-    const userPlugin = app.getPlugin('users') as UsersPlugin;
-    const agent = app.agent().auth(userPlugin.jwtService.sign({
-      userId: user.get('id'),
-    }), { type: 'bearer' });
-    // @ts-ignore
-    const response = await agent.resource('roles').check();
-    expect(response.statusCode).toEqual(200);
-  });
-});

package/src/__tests__/role-resource.test.ts DELETED Viewed

@@ -1,189 +0,0 @@
-import { Database, Model } from '@nocobase/database';
-import { CollectionRepository } from '@nocobase/plugin-collection-manager';
-import UsersPlugin from '@nocobase/plugin-users';
-import { MockServer } from '@nocobase/test';
-import { prepareApp } from './prepare';
-describe('role resource api', () => {
-  let app: MockServer;
-  let db: Database;
-  let role: Model;
-  let admin;
-  let adminAgent;
-  afterEach(async () => {
-    await app.destroy();
-  });
-  beforeEach(async () => {
-    app = await prepareApp();
-    db = app.db;
-    role = await db.getRepository('roles').findOne({
-      filter: {
-        name: 'admin',
-      },
-    });
-    const UserRepo = db.getCollection('users').repository;
-    admin = await UserRepo.create({
-      values: {
-        roles: ['admin']
-      }
-    });
-    const userPlugin = app.getPlugin('users') as UsersPlugin;
-    adminAgent = app.agent().auth(userPlugin.jwtService.sign({
-      userId: admin.get('id'),
-    }), { type: 'bearer' });
-  });
-  it('should grant resource by createRepository', async () => {
-    const collectionManager = db.getRepository('collections') as CollectionRepository;
-    await collectionManager.create({
-      values: {
-        name: 'c1',
-        title: 'table1',
-      },
-      context: {},
-    });
-    await collectionManager.create({
-      values: {
-        name: 'c2',
-        title: 'table2',
-      },
-      context: {},
-    });
-    await db.getRepository('roles').create({
-      values: {
-        name: 'testRole',
-        resources: [
-          {
-            name: 'c1',
-            actions: [
-              {
-                name: 'create',
-              },
-            ],
-          },
-        ],
-      },
-    });
-    const acl = app.acl;
-    const testRole = acl.getRole('testRole');
-    const resource = testRole.getResource('c1');
-    expect(resource).toBeDefined();
-  });
-  it('should grant resource action', async () => {
-    const collectionManager = db.getRepository('collections') as CollectionRepository;
-    await collectionManager.create({
-      values: {
-        name: 'c1',
-        title: 'table1',
-      },
-      context: {},
-    });
-    await collectionManager.create({
-      values: {
-        name: 'c2',
-        title: 'table2',
-      },
-      context: {},
-    });
-    // get collections list
-    let response = await adminAgent
-      .resource('roles.collections', 'admin')
-      .list({
-        filter: {
-          $or: [{ name: 'c1' }, { name: 'c2' }],
-        },
-        sort: ['sort'],
-      });
-    expect(response.statusCode).toEqual(200);
-    expect(response.body.data).toMatchObject([
-      {
-        name: 'c1',
-        title: 'table1',
-        usingConfig: 'strategy',
-        exists: false,
-      },
-      {
-        name: 'c2',
-        title: 'table2',
-        usingConfig: 'strategy',
-        exists: false,
-      },
-    ]);
-    // set resource actions
-    response = await adminAgent
-      .resource('roles.resources', 'admin')
-      .create({
-        values: {
-          name: 'c1',
-          usingActionsConfig: true,
-          actions: [
-            {
-              name: 'create',
-            },
-          ],
-        },
-      });
-    expect(response.statusCode).toEqual(200);
-    // get collections list
-    response = await adminAgent
-      .resource('roles.collections')
-      .list({
-        associatedIndex: role.get('name') as string,
-        filter: {
-          name: 'c1',
-        },
-      });
-    expect(response.body.data[0]['usingConfig']).toEqual('resourceAction');
-    response = await adminAgent
-      .resource('roles.resources')
-      .list({
-        associatedIndex: role.get('name') as string,
-        appends: 'actions',
-      });
-    expect(response.statusCode).toEqual(200);
-    const resources = response.body.data;
-    const resourceAction = resources[0]['actions'][0];
-    expect(resourceAction['name']).toEqual('create');
-    // update resource actions
-    response = await adminAgent
-      .resource('roles.resources')
-      .update({
-        associatedIndex: role.get('name') as string,
-        values: {
-          name: 'c1',
-          usingActionsConfig: true,
-          actions: [
-            {
-              name: 'view',
-            },
-          ],
-        },
-      });
-    expect(response.statusCode).toEqual(200);
-    expect(response.body.data[0]['actions'].length).toEqual(1);
-    expect(response.body.data[0]['actions'][0]['name']).toEqual('view');
-  });
-});

package/src/__tests__/role-user.test.ts DELETED Viewed

@@ -1,123 +0,0 @@
-import Database, { BelongsToManyRepository } from '@nocobase/database';
-import PluginACL from '@nocobase/plugin-acl';
-import UsersPlugin from '@nocobase/plugin-users';
-import { MockServer, mockServer } from '@nocobase/test';
-describe('role', () => {
-  let api: MockServer;
-  let db: Database;
-  let usersPlugin: UsersPlugin;
-  beforeEach(async () => {
-    api = mockServer();
-    await api.cleanDb();
-    api.plugin(UsersPlugin, { name: 'users' });
-    api.plugin(PluginACL, { name: 'acl' });
-    await api.loadAndInstall();
-    db = api.db;
-    usersPlugin = api.getPlugin('users');
-  });
-  afterEach(async () => {
-    await api.destroy();
-  });
-  it('should set default role', async () => {
-    await db.getRepository('roles').create({
-      values: {
-        name: 'test1',
-        title: 'Admin User',
-        allowConfigure: true,
-        default: true,
-      },
-    });
-    const user = await db.getRepository('users').create({});
-    // @ts-ignore
-    const roles = await user.getRoles();
-    expect(roles.length).toEqual(1);
-    expect(roles[0].get('name')).toEqual('test1');
-  });
-  it('should not add role when user has role', async () => {
-    await db.getRepository('roles').create({
-      values: {
-        name: 'test1',
-        default: true,
-      },
-    });
-    await db.getRepository('roles').create({
-      values: {
-        name: 'test2',
-      },
-    });
-    const user = await db.getRepository('users').create({
-      values: {
-        roles: [
-          {
-            name: 'test2',
-          },
-        ],
-      },
-    });
-    // @ts-ignore
-    const roles = await user.getRoles();
-    expect(roles.length).toEqual(1);
-    expect(roles[0].get('name')).toEqual('test2');
-  });
-  it('should set users default role', async () => {
-    await db.getRepository('roles').create({
-      values: {
-        name: 'test1',
-        title: 'Admin User',
-        allowConfigure: true,
-        default: true,
-      },
-    });
-    await db.getRepository('roles').create({
-      values: {
-        name: 'test2',
-        title: 'test2 user',
-        allowConfigure: true,
-      },
-    });
-    const user = await db.getRepository('users').create({
-      values: {
-        token: '123',
-      },
-    });
-    const userRolesRepo = db.getRepository<BelongsToManyRepository>('users.roles', user.get('id') as string);
-    await userRolesRepo.add('test1');
-    await userRolesRepo.add('test2');
-    const userToken = usersPlugin.jwtService.sign({ userId: user.get('id') });
-    const response = await api
-      .agent()
-      .post('/users:setDefaultRole')
-      .send({
-        roleName: 'test2',
-      })
-      .set({
-        Authorization: `Bearer ${userToken}`,
-      });
-    expect(response.statusCode).toEqual(200);
-    const userRoles = await userRolesRepo.find();
-    const defaultRole = userRoles.find((userRole) => userRole.get('rolesUsers').default);
-    expect(defaultRole['name']).toEqual('test2');
-  });
-});

package/src/__tests__/role.test.ts DELETED Viewed

@@ -1,99 +0,0 @@
-import { Database, Model } from '@nocobase/database';
-import UsersPlugin from '@nocobase/plugin-users';
-import { MockServer } from '@nocobase/test';
-import { prepareApp } from './prepare';
-describe('role api', () => {
-  let app: MockServer;
-  let db: Database;
-  afterEach(async () => {
-    await app.destroy();
-  });
-  beforeEach(async () => {
-    app = await prepareApp();
-    db = app.db;
-  });
-  describe('grant', () => {
-    let role: Model;
-    let admin: Model;
-    let adminAgent;
-    beforeEach(async () => {
-      role = await db.getRepository('roles').findOne({
-        filter: {
-          name: 'admin',
-        },
-      });
-      const UserRepo = db.getCollection('users').repository;
-      admin = await UserRepo.create({
-        values: {
-          roles: ['admin'],
-        },
-      });
-      const userPlugin = app.getPlugin('users') as UsersPlugin;
-      adminAgent = app.agent().auth(
-        userPlugin.jwtService.sign({
-          userId: admin.get('id'),
-        }),
-        { type: 'bearer' },
-      );
-    });
-    it('should list actions', async () => {
-      const response = await adminAgent.resource('availableActions').list();
-      expect(response.statusCode).toEqual(200);
-    });
-    it('should grant universal role actions', async () => {
-      // grant role actions
-      const response = await adminAgent.resource('roles').update({
-        forceUpdate: true,
-        values: {
-          strategy: {
-            actions: ['create:all', 'view:own'],
-          },
-        },
-      });
-      expect(response.statusCode).toEqual(200);
-      await role.reload();
-      expect(role.get('strategy')).toMatchObject({
-        actions: ['create:all', 'view:own'],
-      });
-    });
-  });
-  it('should works with default option', async () => {
-    await db.getRepository('roles').create({
-      values: {
-        name: 'role1',
-        title: 'admin 1',
-        default: true,
-      },
-    });
-    await db.getRepository('roles').create({
-      values: {
-        name: 'role2',
-        default: true,
-      },
-    });
-    const defaultRole = await db.getRepository('roles').find({
-      filter: {
-        default: true,
-      },
-    });
-    expect(defaultRole.length).toEqual(1);
-    expect(defaultRole[0].get('name')).toEqual('role2');
-  });
-});

package/src/__tests__/scope.test.ts DELETED Viewed

@@ -1,59 +0,0 @@
-import { Database } from '@nocobase/database';
-import UsersPlugin from '@nocobase/plugin-users';
-import { MockServer } from '@nocobase/test';
-import { prepareApp } from './prepare';
-describe('scope api', () => {
-  let app: MockServer;
-  let db: Database;
-  let admin;
-  let adminAgent;
-  afterEach(async () => {
-    await app.destroy();
-  });
-  beforeEach(async () => {
-    app = await prepareApp();
-    db = app.db;
-    const UserRepo = db.getCollection('users').repository;
-    admin = await UserRepo.create({
-      values: {
-        roles: ['admin']
-      }
-    });
-    const userPlugin = app.getPlugin('users') as UsersPlugin;
-    adminAgent = app.agent().auth(userPlugin.jwtService.sign({
-      userId: admin.get('id'),
-    }), { type: 'bearer' });
-  });
-  it('should create scope of resource', async () => {
-    const response = await adminAgent
-      .resource('rolesResourcesScopes')
-      .create({
-        values: {
-          resourceName: 'posts',
-          name: 'published posts',
-          scope: {
-            published: true,
-          },
-        },
-      });
-    expect(response.statusCode).toEqual(200);
-    const scope = await db.getRepository('rolesResourcesScopes').findOne({
-      filter: {
-        name: 'published posts',
-      },
-    });
-    expect(scope.get('scope')).toMatchObject({
-      published: true,
-    });
-  });
-});