@nocobase/plugin-acl 2.0.0-alpha.41 → 2.0.0-alpha.43
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/externalVersion.js +8 -8
- package/dist/locale/ru-RU.json +18 -0
- package/dist/server/middlewares/check-association-operate.js +21 -1
- package/dist/server/migrations/20251119225252-update-member-default-permission.d.ts +14 -0
- package/dist/server/migrations/20251119225252-update-member-default-permission.js +59 -0
- package/dist/server/server.js +1 -1
- package/package.json +5 -2
package/dist/externalVersion.js
CHANGED
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
*/
|
|
9
9
|
|
|
10
10
|
module.exports = {
|
|
11
|
-
"@nocobase/client": "2.0.0-alpha.
|
|
11
|
+
"@nocobase/client": "2.0.0-alpha.43",
|
|
12
12
|
"antd": "5.24.2",
|
|
13
13
|
"react": "18.2.0",
|
|
14
14
|
"react-i18next": "11.18.6",
|
|
@@ -17,14 +17,14 @@ module.exports = {
|
|
|
17
17
|
"@formily/react": "2.3.7",
|
|
18
18
|
"@ant-design/icons": "5.6.1",
|
|
19
19
|
"lodash": "4.17.21",
|
|
20
|
-
"@nocobase/utils": "2.0.0-alpha.
|
|
21
|
-
"@nocobase/actions": "2.0.0-alpha.
|
|
22
|
-
"@nocobase/cache": "2.0.0-alpha.
|
|
23
|
-
"@nocobase/database": "2.0.0-alpha.
|
|
24
|
-
"@nocobase/server": "2.0.0-alpha.
|
|
25
|
-
"@nocobase/test": "2.0.0-alpha.
|
|
20
|
+
"@nocobase/utils": "2.0.0-alpha.43",
|
|
21
|
+
"@nocobase/actions": "2.0.0-alpha.43",
|
|
22
|
+
"@nocobase/cache": "2.0.0-alpha.43",
|
|
23
|
+
"@nocobase/database": "2.0.0-alpha.43",
|
|
24
|
+
"@nocobase/server": "2.0.0-alpha.43",
|
|
25
|
+
"@nocobase/test": "2.0.0-alpha.43",
|
|
26
26
|
"@formily/core": "2.3.7",
|
|
27
27
|
"@formily/antd-v5": "1.2.3",
|
|
28
28
|
"antd-style": "3.7.1",
|
|
29
|
-
"@nocobase/acl": "2.0.0-alpha.
|
|
29
|
+
"@nocobase/acl": "2.0.0-alpha.43"
|
|
30
30
|
};
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
{
|
|
2
|
+
"The current user has no roles. Please try another account.": "У текущего пользователя нет ролей. Попробуйте другой аккаунт.",
|
|
3
|
+
"The user role does not exist. Please try signing in again": "Роль пользователя не существует. Попробуйте войти снова.",
|
|
4
|
+
"New role": "Новая роль",
|
|
5
|
+
"Permissions": "Права доступа",
|
|
6
|
+
"Desktop menu": "Меню рабочего стола",
|
|
7
|
+
"Independent roles": "Независимые роли",
|
|
8
|
+
"Allow roles union": "Разрешить объединение ролей",
|
|
9
|
+
"Roles union only": "Только объединение ролей",
|
|
10
|
+
"Role mode": "Режим ролей",
|
|
11
|
+
"Saved successfully": "Успешно сохранено",
|
|
12
|
+
"Please select role mode": "Пожалуйста, выберите режим ролей",
|
|
13
|
+
"Full permissions": "Полные права",
|
|
14
|
+
"Role mode doc": "https://docs.nocobase.com/handbook/acl/manual",
|
|
15
|
+
"Do not use role union. Users need to switch between their roles individually.": "Не использовать объединение ролей. Пользователям нужно переключаться между ролями по отдельности.",
|
|
16
|
+
"Allow users to use role union, which means they can use permissions from all their roles simultaneously, or switch between individual roles.": "Разрешить пользователям использовать объединение ролей, то есть они могут одновременно использовать права всех своих ролей или переключаться между отдельными ролями.",
|
|
17
|
+
"Force users to use only role union. They cannot switch between individual roles.": "Принудительно использовать только объединение ролей. Переключение между отдельными ролями недоступно."
|
|
18
|
+
}
|
|
@@ -29,9 +29,10 @@ __export(check_association_operate_exports, {
|
|
|
29
29
|
checkAssociationOperate: () => checkAssociationOperate
|
|
30
30
|
});
|
|
31
31
|
module.exports = __toCommonJS(check_association_operate_exports);
|
|
32
|
+
var import_acl = require("@nocobase/acl");
|
|
32
33
|
async function checkAssociationOperate(ctx, next) {
|
|
33
34
|
var _a;
|
|
34
|
-
const { actionName, resourceName } = ctx.action;
|
|
35
|
+
const { actionName, resourceName, sourceId } = ctx.action;
|
|
35
36
|
if (!(resourceName.includes(".") && ["add", "set", "remove", "toggle"].includes(actionName))) {
|
|
36
37
|
return next();
|
|
37
38
|
}
|
|
@@ -56,6 +57,25 @@ async function checkAssociationOperate(ctx, next) {
|
|
|
56
57
|
if (params.whitelist && !((_a = params.whitelist) == null ? void 0 : _a.includes(association))) {
|
|
57
58
|
ctx.throw(403, "No permissions");
|
|
58
59
|
}
|
|
60
|
+
if (params.filter) {
|
|
61
|
+
try {
|
|
62
|
+
const filteredParams = ctx.acl.filterParams(ctx, resource, params);
|
|
63
|
+
const parsedParams = await ctx.acl.parseJsonTemplate(filteredParams, ctx);
|
|
64
|
+
const repo = ctx.db.getRepository(resource);
|
|
65
|
+
const record = await repo.findOne({
|
|
66
|
+
filterByTk: sourceId,
|
|
67
|
+
filter: parsedParams.filter
|
|
68
|
+
});
|
|
69
|
+
if (!record) {
|
|
70
|
+
ctx.throw(403, "No permissions");
|
|
71
|
+
}
|
|
72
|
+
} catch (e) {
|
|
73
|
+
if (e instanceof import_acl.NoPermissionError) {
|
|
74
|
+
ctx.throw(403, "No permissions");
|
|
75
|
+
}
|
|
76
|
+
throw e;
|
|
77
|
+
}
|
|
78
|
+
}
|
|
59
79
|
ctx.permission = {
|
|
60
80
|
...ctx.permission,
|
|
61
81
|
skip: true
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* This file is part of the NocoBase (R) project.
|
|
3
|
+
* Copyright (c) 2020-2024 NocoBase Co., Ltd.
|
|
4
|
+
* Authors: NocoBase Team.
|
|
5
|
+
*
|
|
6
|
+
* This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
|
|
7
|
+
* For more information, please refer to: https://www.nocobase.com/agreement.
|
|
8
|
+
*/
|
|
9
|
+
import { Migration } from '@nocobase/server';
|
|
10
|
+
export default class extends Migration {
|
|
11
|
+
on: string;
|
|
12
|
+
appVersion: string;
|
|
13
|
+
up(): Promise<void>;
|
|
14
|
+
}
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* This file is part of the NocoBase (R) project.
|
|
3
|
+
* Copyright (c) 2020-2024 NocoBase Co., Ltd.
|
|
4
|
+
* Authors: NocoBase Team.
|
|
5
|
+
*
|
|
6
|
+
* This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
|
|
7
|
+
* For more information, please refer to: https://www.nocobase.com/agreement.
|
|
8
|
+
*/
|
|
9
|
+
|
|
10
|
+
var __defProp = Object.defineProperty;
|
|
11
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
12
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
13
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
14
|
+
var __export = (target, all) => {
|
|
15
|
+
for (var name in all)
|
|
16
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
17
|
+
};
|
|
18
|
+
var __copyProps = (to, from, except, desc) => {
|
|
19
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
20
|
+
for (let key of __getOwnPropNames(from))
|
|
21
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
22
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
23
|
+
}
|
|
24
|
+
return to;
|
|
25
|
+
};
|
|
26
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
27
|
+
var update_member_default_permission_exports = {};
|
|
28
|
+
__export(update_member_default_permission_exports, {
|
|
29
|
+
default: () => update_member_default_permission_default
|
|
30
|
+
});
|
|
31
|
+
module.exports = __toCommonJS(update_member_default_permission_exports);
|
|
32
|
+
var import_server = require("@nocobase/server");
|
|
33
|
+
class update_member_default_permission_default extends import_server.Migration {
|
|
34
|
+
on = "afterLoad";
|
|
35
|
+
// 'beforeLoad' or 'afterLoad'
|
|
36
|
+
appVersion = "<2.0.0";
|
|
37
|
+
async up() {
|
|
38
|
+
const repo = this.db.getRepository("roles");
|
|
39
|
+
const role = await repo.findOne({
|
|
40
|
+
filter: {
|
|
41
|
+
name: "member"
|
|
42
|
+
}
|
|
43
|
+
});
|
|
44
|
+
if (!role) {
|
|
45
|
+
return;
|
|
46
|
+
}
|
|
47
|
+
await repo.update({
|
|
48
|
+
filter: {
|
|
49
|
+
name: role.name
|
|
50
|
+
},
|
|
51
|
+
values: {
|
|
52
|
+
strategy: {
|
|
53
|
+
...role.strategy,
|
|
54
|
+
actions: ["view:own"]
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
});
|
|
58
|
+
}
|
|
59
|
+
}
|
package/dist/server/server.js
CHANGED
|
@@ -388,7 +388,7 @@ class PluginACLServer extends import_server.Plugin {
|
|
|
388
388
|
name: "member",
|
|
389
389
|
title: '{{t("Member")}}',
|
|
390
390
|
allowNewMenu: true,
|
|
391
|
-
strategy: { actions: ["view
|
|
391
|
+
strategy: { actions: ["view:own"] },
|
|
392
392
|
default: true,
|
|
393
393
|
snippets: ["!ui.*", "!pm", "!pm.*"]
|
|
394
394
|
}
|
package/package.json
CHANGED
|
@@ -1,13 +1,16 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nocobase/plugin-acl",
|
|
3
3
|
"displayName": "Access control",
|
|
4
|
+
"displayName.ru-RU": "Контроль доступа",
|
|
4
5
|
"displayName.zh-CN": "权限控制",
|
|
5
6
|
"description": "Based on roles, resources, and actions, access control can precisely manage interface configuration permissions, data operation permissions, menu access permissions, and plugin permissions.",
|
|
7
|
+
"description.ru-RU": "На основе ролей, ресурсов и действий система контроля доступа может точно управлять разрешениями на изменение интерфейса, работу с данными, доступ к меню и разрешениями для подключаемых модулей.",
|
|
6
8
|
"description.zh-CN": "基于角色、资源和操作的权限控制,可以精确控制界面配置权限、数据操作权限、菜单访问权限、插件权限。",
|
|
7
|
-
"version": "2.0.0-alpha.
|
|
9
|
+
"version": "2.0.0-alpha.43",
|
|
8
10
|
"license": "AGPL-3.0",
|
|
9
11
|
"main": "./dist/server/index.js",
|
|
10
12
|
"homepage": "https://docs.nocobase.com/handbook/acl",
|
|
13
|
+
"homepage.ru-RU": "https://docs-ru.nocobase.com/handbook/acl",
|
|
11
14
|
"homepage.zh-CN": "https://docs-cn.nocobase.com/handbook/acl",
|
|
12
15
|
"keywords": [
|
|
13
16
|
"Users & permissions"
|
|
@@ -36,5 +39,5 @@
|
|
|
36
39
|
"url": "git+https://github.com/nocobase/nocobase.git",
|
|
37
40
|
"directory": "packages/plugins/acl"
|
|
38
41
|
},
|
|
39
|
-
"gitHead": "
|
|
42
|
+
"gitHead": "5e1b7446db50446b80427240a38a9417f3742c05"
|
|
40
43
|
}
|