@nocobase/plugin-acl 2.1.0-alpha.21 → 2.1.0-alpha.23

package/dist/client-v2/{627.ce101823deb86dd6.js → components/DesignableSwitch.d.ts}

@@ -6,5 +6,9 @@
  * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
  * For more information, please refer to: https://www.nocobase.com/agreement.
  */
-
-"use strict";(self.webpackChunk_nocobase_plugin_acl=self.webpackChunk_nocobase_plugin_acl||[]).push([["627"],{726:function(n,e,u){u.r(e),u.d(e,{default:function(){return l}});var c=u(155),t=u.n(c);function l(){return t().createElement("div",null,"App Info Demo Route")}}}]);
+import React from 'react';
+/**
+ * v2 右上角 UI Editor 开关。
+ */
+export declare const DesignableSwitch: React.MemoExoticComponent<import("@formily/reactive-react").ReactFC<unknown>>;
+export default DesignableSwitch;

package/dist/client-v2/index.js

@@ -7,4 +7,4 @@
  * For more information, please refer to: https://www.nocobase.com/agreement.
  */
 
-!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t(require("@nocobase/client-v2"),require("@formily/core"),require("react"),require("antd"),require("@formily/react"),require("@nocobase/flow-engine")):"function"==typeof define&&define.amd?define("@nocobase/plugin-acl",["@nocobase/client-v2","@formily/core","react","antd","@formily/react","@nocobase/flow-engine"],t):"object"==typeof exports?exports["@nocobase/plugin-acl"]=t(require("@nocobase/client-v2"),require("@formily/core"),require("react"),require("antd"),require("@formily/react"),require("@nocobase/flow-engine")):e["@nocobase/plugin-acl"]=t(e["@nocobase/client-v2"],e["@formily/core"],e.react,e.antd,e["@formily/react"],e["@nocobase/flow-engine"])}(self,function(e,t,n,r,o,i){return function(){"use strict";var c,a,u,l={452:function(e){e.exports=t},230:function(e){e.exports=o},485:function(t){t.exports=e},694:function(e){e.exports=i},59:function(e){e.exports=r},155:function(e){e.exports=n}},f={};function p(e){var t=f[e];if(void 0!==t)return t.exports;var n=f[e]={exports:{}};return l[e](n,n.exports,p),n.exports}p.m=l,p.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return p.d(t,{a:t}),t},p.d=function(e,t){for(var n in t)p.o(t,n)&&!p.o(e,n)&&Object.defineProperty(e,n,{enumerable:!0,get:t[n]})},p.f={},p.e=function(e){return Promise.all(Object.keys(p.f).reduce(function(t,n){return p.f[n](e,t),t},[]))},p.u=function(e){return""+e+"."+({139:"929bc11d582ef7d4",193:"3245b23f17b4c9f8",366:"069b6cf12cfb9a67",627:"ce101823deb86dd6"})[e]+".js"},p.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||Function("return this")()}catch(e){if("object"==typeof window)return window}}(),p.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},s={},p.l=function(e,t,n,r){if(s[e])return void s[e].push(t);if(void 0!==n)for(var o,i,c=document.getElementsByTagName("script"),a=0;a<c.length;a++){var u=c[a];if(u.getAttribute("src")==e||u.getAttribute("data-rspack")=="@nocobase/plugin-acl:"+n){o=u;break}}o||(i=!0,(o=document.createElement("script")).timeout=120,p.nc&&o.setAttribute("nonce",p.nc),o.setAttribute("data-rspack","@nocobase/plugin-acl:"+n),o.src=e),s[e]=[t];var l=function(t,n){o.onerror=o.onload=null,clearTimeout(f);var r=s[e];if(delete s[e],o.parentNode&&o.parentNode.removeChild(o),r&&r.forEach(function(e){return e(n)}),t)return t(n)},f=setTimeout(l.bind(null,void 0,{type:"timeout",target:o}),12e4);o.onerror=l.bind(null,o.onerror),o.onload=l.bind(null,o.onload),i&&document.head.appendChild(o)},p.r=function(e){"u">typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},p.g.importScripts&&(d=p.g.location+"");var s,d,b=p.g.document;if(!d&&b&&(b.currentScript&&"SCRIPT"===b.currentScript.tagName.toUpperCase()&&(d=b.currentScript.src),!d)){var h=b.getElementsByTagName("script");if(h.length)for(var v=h.length-1;v>-1&&(!d||!/^http(s?):/.test(d));)d=h[v--].src}if(!d)throw Error("Automatic publicPath is not supported in this browser");p.p=d.replace(/^blob:/,"").replace(/#.*$/,"").replace(/\?.*$/,"").replace(/\/[^\/]+$/,"/"),c={889:0},p.f.j=function(e,t){var n=p.o(c,e)?c[e]:void 0;if(0!==n)if(n)t.push(n[2]);else{var r=new Promise(function(t,r){n=c[e]=[t,r]});t.push(n[2]=r);var o=p.p+p.u(e),i=Error();p.l(o,function(t){if(p.o(c,e)&&(0!==(n=c[e])&&(c[e]=void 0),n)){var r=t&&("load"===t.type?"missing":t.type),o=t&&t.target&&t.target.src;i.message="Loading chunk "+e+" failed.\n("+r+": "+o+")",i.name="ChunkLoadError",i.type=r,i.request=o,n[1](i)}},"chunk-"+e,e)}},a=function(e,t){var n,r,o=t[0],i=t[1],a=t[2],u=0;if(o.some(function(e){return 0!==c[e]})){for(n in i)p.o(i,n)&&(p.m[n]=i[n]);a&&a(p)}for(e&&e(t);u<o.length;u++)r=o[u],p.o(c,r)&&c[r]&&c[r][0](),c[r]=0},(u=self.webpackChunk_nocobase_plugin_acl=self.webpackChunk_nocobase_plugin_acl||[]).forEach(a.bind(null,0)),u.push=a.bind(null,u.push.bind(u));var y={};return!function(){var e="",t="u">typeof document?document.currentScript:null;if(t&&t.src&&(e=t.src.replace(/^blob:/,"").replace(/#.*$/,"").replace(/\?.*$/,"").replace(/\/[^\/]+$/,"/")),!e){var n=window.__webpack_public_path__||"";n&&("/"!==n.charAt(n.length-1)&&(n+="/"),e=n+"static/plugins/@nocobase/plugin-acl/dist/client-v2/")}if(!e){if(!(e=window.__nocobase_public_path__||"")&&window.location&&window.location.pathname){var r=window.location.pathname||"/",o=r.indexOf("/v2/");e=o>=0?r.slice(0,o+1):"/"}e&&(e=e.replace(/\/v2\/?$/,"/")),e||(e="/"),"/"!==e.charAt(e.length-1)&&(e+="/"),e+="static/plugins/@nocobase/plugin-acl/dist/client-v2/"}p.p=e}(),!function(){p.r(y),p.d(y,{default:function(){return a}});var e=p(485);function t(e,t,n,r,o,i,c){try{var a=e[i](c),u=a.value}catch(e){n(e);return}a.done?t(u):Promise.resolve(u).then(r,o)}function n(e,t,r){return(n=c()?Reflect.construct:function(e,t,n){var r=[null];r.push.apply(r,t);var i=new(Function.bind.apply(e,r));return n&&o(i,n.prototype),i}).apply(null,arguments)}function r(e){return(r=Object.setPrototypeOf?Object.getPrototypeOf:function(e){return e.__proto__||Object.getPrototypeOf(e)})(e)}function o(e,t){return(o=Object.setPrototypeOf||function(e,t){return e.__proto__=t,e})(e,t)}function i(e){var t="function"==typeof Map?new Map:void 0;return(i=function(e){if(null===e||-1===Function.toString.call(e).indexOf("[native code]"))return e;if("function"!=typeof e)throw TypeError("Super expression must either be null or a function");if(void 0!==t){if(t.has(e))return t.get(e);t.set(e,i)}function i(){return n(e,arguments,r(this).constructor)}return i.prototype=Object.create(e.prototype,{constructor:{value:i,enumerable:!1,writable:!0,configurable:!0}}),o(i,e)})(e)}function c(){try{var e=!Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],function(){}))}catch(e){}return(c=function(){return!!e})()}var a=function(e){var n;if("function"!=typeof e&&null!==e)throw TypeError("Super expression must either be null or a function");function i(){var e,t;if(!(this instanceof i))throw TypeError("Cannot call a class as a function");return e=i,t=arguments,e=r(e),function(e,t){var n;if(t&&("object"==((n=t)&&"u">typeof Symbol&&n.constructor===Symbol?"symbol":typeof n)||"function"==typeof t))return t;if(void 0===e)throw ReferenceError("this hasn't been initialised - super() hasn't been called");return e}(this,c()?Reflect.construct(e,t||[],r(this).constructor):e.apply(this,t))}return i.prototype=Object.create(e&&e.prototype,{constructor:{value:i,writable:!0,configurable:!0}}),e&&o(i,e),n=[{key:"load",value:function(){var e;return(e=function(){var e;return function(e,t){var n,r,o,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]},c=Object.create(("function"==typeof Iterator?Iterator:Object).prototype),a=Object.defineProperty;return a(c,"next",{value:u(0)}),a(c,"throw",{value:u(1)}),a(c,"return",{value:u(2)}),"function"==typeof Symbol&&a(c,Symbol.iterator,{value:function(){return this}}),c;function u(a){return function(u){var l=[a,u];if(n)throw TypeError("Generator is already executing.");for(;c&&(c=0,l[0]&&(i=0)),i;)try{if(n=1,r&&(o=2&l[0]?r.return:l[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,l[1])).done)return o;switch(r=0,o&&(l=[2&l[0],o.value]),l[0]){case 0:case 1:o=l;break;case 4:return i.label++,{value:l[1],done:!1};case 5:i.label++,r=l[1],l=[0];continue;case 7:l=i.ops.pop(),i.trys.pop();continue;default:if(!(o=(o=i.trys).length>0&&o[o.length-1])&&(6===l[0]||2===l[0])){i=0;continue}if(3===l[0]&&(!o||l[1]>o[0]&&l[1]<o[3])){i.label=l[1];break}if(6===l[0]&&i.label<o[1]){i.label=o[1],o=l;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(l);break}o[2]&&i.ops.pop(),i.trys.pop();continue}l=t.call(e,i)}catch(e){l=[6,e],r=0}finally{n=o=0}if(5&l[0])throw l[1];return{value:l[0]?l[1]:void 0,done:!0}}}}(this,function(t){switch(t.label){case 0:this.flowEngine.flowSettings.registerComponentLoaders({DemoFlowSettingsLazyField:function(){return p.e("193").then(p.bind(p,296))}}),this.router.add("acl-v2.homepage",{path:"/v2-demo/",componentLoader:function(){return p.e("366").then(p.bind(p,173))}}),this.router.add("acl-v2.app-info",{path:"/v2-demo/app-info",componentLoader:function(){return p.e("627").then(p.bind(p,726))}}),this.router.add("acl-v2.flow-settings-component-loader",{path:"/v2-demo/flow-settings-component-loader",componentLoader:function(){return p.e("139").then(p.bind(p,870))}}),t.label=1;case 1:return t.trys.push([1,3,,4]),[4,this.app.apiClient.request({url:"app:getInfo"})];case 2:return console.log("[client-v2 demo plugin] /api/app:getInfo",null==(e=t.sent())?void 0:e.data),[3,4];case 3:return console.error("[client-v2 demo plugin] failed to request /api/app:getInfo",t.sent()),[3,4];case 4:return[2]}})},function(){var n=this,r=arguments;return new Promise(function(o,i){var c=e.apply(n,r);function a(e){t(c,o,i,a,u,"next",e)}function u(e){t(c,o,i,a,u,"throw",e)}a(void 0)})}).call(this)}}],function(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable||!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,r.key,r)}}(i.prototype,n),i}(i(e.Plugin))}(),y}()});
+!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t(require("@nocobase/client-v2")):"function"==typeof define&&define.amd?define("@nocobase/plugin-acl",["@nocobase/client-v2"],t):"object"==typeof exports?exports["@nocobase/plugin-acl"]=t(require("@nocobase/client-v2")):e["@nocobase/plugin-acl"]=t(e["@nocobase/client-v2"])}(self,function(e){return function(){"use strict";var t={485:function(t){t.exports=e}},n={};function o(e){var r=n[e];if(void 0!==r)return r.exports;var i=n[e]={exports:{}};return t[e](i,i.exports,o),i.exports}o.d=function(e,t){for(var n in t)o.o(t,n)&&!o.o(e,n)&&Object.defineProperty(e,n,{enumerable:!0,get:t[n]})},o.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||Function("return this")()}catch(e){if("object"==typeof window)return window}}(),o.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},o.r=function(e){"u">typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},o.g.importScripts&&(r=o.g.location+"");var r,i=o.g.document;if(!r&&i&&(i.currentScript&&"SCRIPT"===i.currentScript.tagName.toUpperCase()&&(r=i.currentScript.src),!r)){var l=i.getElementsByTagName("script");if(l.length)for(var s=l.length-1;s>-1&&(!r||!/^http(s?):/.test(r));)r=l[s--].src}if(!r)throw Error("Automatic publicPath is not supported in this browser");o.p=r.replace(/^blob:/,"").replace(/#.*$/,"").replace(/\?.*$/,"").replace(/\/[^\/]+$/,"/");var u={};return!function(){var e="",t="u">typeof document?document.currentScript:null;if(t&&t.src&&(e=t.src.replace(/^blob:/,"").replace(/#.*$/,"").replace(/\?.*$/,"").replace(/\/[^\/]+$/,"/")),!e){var n=window.__webpack_public_path__||"";n&&("/"!==n.charAt(n.length-1)&&(n+="/"),e=n+"static/plugins/@nocobase/plugin-acl/dist/client-v2/")}if(!e){if(!(e=window.__nocobase_public_path__||"")&&window.location&&window.location.pathname){var r=window.location.pathname||"/",i=r.indexOf("/v2/");e=i>=0?r.slice(0,i+1):"/"}e&&(e=e.replace(/\/v2\/?$/,"/")),e||(e="/"),"/"!==e.charAt(e.length-1)&&(e+="/"),e+="static/plugins/@nocobase/plugin-acl/dist/client-v2/"}o.p=e}(),!function(){o.r(u),o.d(u,{default:function(){return P}});var e=o(485),t={"en-US":JSON.parse('{"Allow roles union":"Allow roles union","Allow users to use role union, which means they can use permissions from all their roles simultaneously, or switch between individual roles.":"Allow users to use role union, which means they can use permissions from all their roles simultaneously, or switch between individual roles.","Data sources":"Data sources","Desktop menu":"Desktop menu","Do not use role union. Users need to switch between their roles individually.":"Do not use role union. Users need to switch between their roles individually.","Force users to use only role union. They cannot switch between individual roles.":"Force users to use only role union. They cannot switch between individual roles.","Full permissions":"Full permissions","General":"General","Independent roles":"Independent roles","New role":"New role","Permissions":"Permissions","Please select role mode":"Please select role mode","Plugin settings":"Plugin settings","Role mode":"Role mode","Role mode doc":"https://docs.nocobase.com/handbook/acl/manual","Roles & Permissions":"Roles & Permissions","Roles union only":"Roles union only","Saved successfully":"Saved successfully","The current user has no roles. Please try another account.":"The current user has no roles. Please try another account.","The user role does not exist. Please try signing in again":"The user role does not exist. Please try signing in again"}'),"zh-CN":JSON.parse('{"Allow roles union":"允许角色并集","Allow users to use role union, which means they can use permissions from all their roles simultaneously, or switch between individual roles.":"允许用户使用角色并集，即可以同时使用自己拥有的所有角色的权限，也允许用户逐个切换自己的角色。","Data sources":"数据源","Desktop menu":"桌面端菜单","Do not use role union. Users need to switch between their roles individually.":"不使用角色并集，用户需要逐个切换自己拥有的角色。","Force users to use only role union. They cannot switch between individual roles.":"强制用户仅能使用角色并集，不能逐个切换角色。","Full permissions":"全部权限","General":"通用","Independent roles":"独立角色","New role":"新建角色","Permissions":"权限","Please select role mode":"请选择角色模式","Plugin settings":"插件设置","Role mode":"角色模式","Role mode doc":"https://docs-cn.nocobase.com/handbook/acl/manual","Roles & Permissions":"角色和权限","Roles union only":"仅角色并集","Saved successfully":"保存成功","The current user has no roles. Please try another account.":"当前用户没有角色，请使用其他账号。","The user role does not exist. Please try signing in again":"用户角色不存在，请尝试重新登录。"}')};function n(e,t){(null==t||t>e.length)&&(t=e.length);for(var n=0,o=Array(t);n<t;n++)o[n]=e[n];return o}function r(e,t,n,o,r,i,l){try{var s=e[i](l),u=s.value}catch(e){n(e);return}s.done?t(u):Promise.resolve(u).then(o,r)}function i(e){return function(){var t=this,n=arguments;return new Promise(function(o,i){var l=e.apply(t,n);function s(e){r(l,o,i,s,u,"next",e)}function u(e){r(l,o,i,s,u,"throw",e)}s(void 0)})}}function l(e,t,n){return t=h(t),function(e,t){var n;if(t&&("object"==((n=t)&&"u">typeof Symbol&&n.constructor===Symbol?"symbol":typeof n)||"function"==typeof t))return t;if(void 0===e)throw ReferenceError("this hasn't been initialised - super() hasn't been called");return e}(e,m()?Reflect.construct(t,n||[],h(e).constructor):t.apply(e,n))}function s(e,t){if(!(e instanceof t))throw TypeError("Cannot call a class as a function")}function a(e,t,n){return(a=m()?Reflect.construct:function(e,t,n){var o=[null];o.push.apply(o,t);var r=new(Function.bind.apply(e,o));return n&&y(r,n.prototype),r}).apply(null,arguments)}function c(e,t){for(var n=0;n<t.length;n++){var o=t[n];o.enumerable=o.enumerable||!1,o.configurable=!0,"value"in o&&(o.writable=!0),Object.defineProperty(e,o.key,o)}}function p(e,t,n){return t&&c(e.prototype,t),n&&c(e,n),e}function f(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function h(e){return(h=Object.setPrototypeOf?Object.getPrototypeOf:function(e){return e.__proto__||Object.getPrototypeOf(e)})(e)}function d(e,t){if("function"!=typeof t&&null!==t)throw TypeError("Super expression must either be null or a function");e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,writable:!0,configurable:!0}}),t&&y(e,t)}function y(e,t){return(y=Object.setPrototypeOf||function(e,t){return e.__proto__=t,e})(e,t)}function b(e,t){if(e){if("string"==typeof e)return n(e,t);var o=Object.prototype.toString.call(e).slice(8,-1);if("Object"===o&&e.constructor&&(o=e.constructor.name),"Map"===o||"Set"===o)return Array.from(o);if("Arguments"===o||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(o))return n(e,t)}}function v(e){var t="function"==typeof Map?new Map:void 0;return(v=function(e){if(null===e||-1===Function.toString.call(e).indexOf("[native code]"))return e;if("function"!=typeof e)throw TypeError("Super expression must either be null or a function");if(void 0!==t){if(t.has(e))return t.get(e);t.set(e,n)}function n(){return a(e,arguments,h(this).constructor)}return n.prototype=Object.create(e.prototype,{constructor:{value:n,enumerable:!1,writable:!0,configurable:!0}}),y(n,e)})(e)}function m(){try{var e=!Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],function(){}))}catch(e){}return(m=function(){return!!e})()}function w(e,t){var n,o,r,i={label:0,sent:function(){if(1&r[0])throw r[1];return r[1]},trys:[],ops:[]},l=Object.create(("function"==typeof Iterator?Iterator:Object).prototype),s=Object.defineProperty;return s(l,"next",{value:u(0)}),s(l,"throw",{value:u(1)}),s(l,"return",{value:u(2)}),"function"==typeof Symbol&&s(l,Symbol.iterator,{value:function(){return this}}),l;function u(s){return function(u){var a=[s,u];if(n)throw TypeError("Generator is already executing.");for(;l&&(l=0,a[0]&&(i=0)),i;)try{if(n=1,o&&(r=2&a[0]?o.return:a[0]?o.throw||((r=o.return)&&r.call(o),0):o.next)&&!(r=r.call(o,a[1])).done)return r;switch(o=0,r&&(a=[2&a[0],r.value]),a[0]){case 0:case 1:r=a;break;case 4:return i.label++,{value:a[1],done:!1};case 5:i.label++,o=a[1],a=[0];continue;case 7:a=i.ops.pop(),i.trys.pop();continue;default:if(!(r=(r=i.trys).length>0&&r[r.length-1])&&(6===a[0]||2===a[0])){i=0;continue}if(3===a[0]&&(!r||a[1]>r[0]&&a[1]<r[3])){i.label=a[1];break}if(6===a[0]&&i.label<r[1]){i.label=r[1],r=a;break}if(r&&i.label<r[2]){i.label=r[2],i.ops.push(a);break}r[2]&&i.ops.pop(),i.trys.pop();continue}a=t.call(e,i)}catch(e){a=[6,e],o=0}finally{n=r=0}if(5&a[0])throw a[1];return{value:a[0]?a[1]:void 0,done:!0}}}}var g=function(e){function t(){var e;return s(this,t),e=l(this,t,arguments),f(e,"section","preferences"),f(e,"sort",300),f(e,"label","Switch role"),e}return d(t,e),p(t,[{key:"prepare",value:function(){return i(function(){var e,t,o,r,i,l,s,u;return w(this,function(a){return i=Array.isArray(null==(e=this.context.user)?void 0:e.roles)?this.context.user.roles:[],l=null==(o=this.context.acl)||null==(t=o.data)?void 0:t.roleMode,s=this.context.api.auth.role,u=function(e){if(Array.isArray(e))return n(e)}(i)||function(e){if("u">typeof Symbol&&null!=e[Symbol.iterator]||null!=e["@@iterator"])return Array.from(e)}(i)||b(i)||function(){throw TypeError("Invalid attempt to spread non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}(),"allow-use-union"===l&&u.unshift({name:"__union__",title:this.context.t("Full permissions",{ns:"@nocobase/plugin-acl"})}),this.options=u.map(function(e){return{value:e.name,label:e.title||e.name}}),this.value=s||(null==(r=this.options[0])?void 0:r.value),this.ready=this.options.length>1&&"only-use-union"!==l,[2]})}).call(this)}},{key:"onChange",value:function(e){return i(function(){return w(this,function(t){switch(t.label){case 0:return this.context.api.auth.setRole(e),[4,this.context.api.resource("users").setDefaultRole({values:{roleName:e}})];case 1:return t.sent(),window.location.reload(),[2]}})}).call(this)}}]),t}(e.UserCenterSelectItemModel);f(g,"itemId","switch-role");var P=function(n){function o(){return s(this,o),l(this,o,arguments)}return d(o,n),p(o,[{key:"load",value:function(){return i(function(){var n;return w(this,function(o){return n=this,Object.entries(t).forEach(function(e){var t,o=function(e){if(Array.isArray(e))return e}(e)||function(e){var t,n,o=null==e?null:"u">typeof Symbol&&e[Symbol.iterator]||e["@@iterator"];if(null!=o){var r=[],i=!0,l=!1;try{for(o=o.call(e);!(i=(t=o.next()).done)&&(r.push(t.value),2!==r.length);i=!0);}catch(e){l=!0,n=e}finally{try{i||null==o.return||o.return()}finally{if(l)throw n}}return r}}(e)||b(e,2)||function(){throw TypeError("Invalid attempt to destructure non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}(),r=o[0],i=o[1];n.app.i18n.addResources(r,(null==(t=n.options)?void 0:t.packageName)||"@nocobase/plugin-acl",i)}),this.app.use(e.ACLRolesCheckProvider),this.app.flowEngine.registerModels({UIEditorTopbarActionModel:e.UIEditorTopbarActionModel,SwitchRoleItemModel:g}),[2]})}).call(this)}}]),o}(v(e.Plugin))}(),u}()});

package/dist/client-v2/locale.d.ts

@@ -0,0 +1,54 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+export declare const aclLocaleResources: {
+    'en-US': {
+        "Allow roles union": string;
+        "Allow users to use role union, which means they can use permissions from all their roles simultaneously, or switch between individual roles.": string;
+        "Data sources": string;
+        "Desktop menu": string;
+        "Do not use role union. Users need to switch between their roles individually.": string;
+        "Force users to use only role union. They cannot switch between individual roles.": string;
+        "Full permissions": string;
+        General: string;
+        "Independent roles": string;
+        "New role": string;
+        Permissions: string;
+        "Please select role mode": string;
+        "Plugin settings": string;
+        "Role mode": string;
+        "Role mode doc": string;
+        "Roles & Permissions": string;
+        "Roles union only": string;
+        "Saved successfully": string;
+        "The current user has no roles. Please try another account.": string;
+        "The user role does not exist. Please try signing in again": string;
+    };
+    'zh-CN': {
+        "Allow roles union": string;
+        "Allow users to use role union, which means they can use permissions from all their roles simultaneously, or switch between individual roles.": string;
+        "Data sources": string;
+        "Desktop menu": string;
+        "Do not use role union. Users need to switch between their roles individually.": string;
+        "Force users to use only role union. They cannot switch between individual roles.": string;
+        "Full permissions": string;
+        General: string;
+        "Independent roles": string;
+        "New role": string;
+        Permissions: string;
+        "Please select role mode": string;
+        "Plugin settings": string;
+        "Role mode": string;
+        "Role mode doc": string;
+        "Roles & Permissions": string;
+        "Roles union only": string;
+        "Saved successfully": string;
+        "The current user has no roles. Please try another account.": string;
+        "The user role does not exist. Please try signing in again": string;
+    };
+};

package/dist/client-v2/plugin.d.ts

@@ -1,3 +1,11 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
 import { Plugin } from '@nocobase/client-v2';
 export declare class PluginAclClientV2 extends Plugin {
     load(): Promise<void>;

package/dist/externalVersion.js

@@ -8,7 +8,7 @@
  */
 
 module.exports = {
-  "@nocobase/client": "2.1.0-alpha.21",
+  "@nocobase/client": "2.1.0-alpha.23",
   "antd": "5.24.2",
   "react": "18.2.0",
   "react-i18next": "11.18.6",
@@ -17,16 +17,16 @@ module.exports = {
   "@formily/react": "2.3.7",
   "@ant-design/icons": "5.6.1",
   "lodash": "4.18.1",
-  "@nocobase/utils": "2.1.0-alpha.21",
-  "@nocobase/client-v2": "2.1.0-alpha.21",
-  "@nocobase/actions": "2.1.0-alpha.21",
-  "@nocobase/cache": "2.1.0-alpha.21",
-  "@nocobase/database": "2.1.0-alpha.21",
-  "@nocobase/server": "2.1.0-alpha.21",
-  "@nocobase/acl": "2.1.0-alpha.21",
-  "@nocobase/test": "2.1.0-alpha.21",
+  "@nocobase/utils": "2.1.0-alpha.23",
+  "@nocobase/client-v2": "2.1.0-alpha.23",
+  "@nocobase/actions": "2.1.0-alpha.23",
+  "@nocobase/cache": "2.1.0-alpha.23",
+  "@nocobase/database": "2.1.0-alpha.23",
+  "@nocobase/server": "2.1.0-alpha.23",
+  "@nocobase/acl": "2.1.0-alpha.23",
+  "@nocobase/test": "2.1.0-alpha.23",
   "@formily/core": "2.3.7",
   "@formily/antd-v5": "1.2.3",
   "antd-style": "3.7.1",
-  "@nocobase/flow-engine": "2.1.0-alpha.21"
+  "@nocobase/flow-engine": "2.1.0-alpha.23"
 };

package/dist/{client-v2/193.3245b23f17b4c9f8.js → server/actions/apply-data-permissions.d.ts}

@@ -6,5 +6,5 @@
  * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
  * For more information, please refer to: https://www.nocobase.com/agreement.
  */
-
-"use strict";(self.webpackChunk_nocobase_plugin_acl=self.webpackChunk_nocobase_plugin_acl||[]).push([["193"],{296:function(e,n,u){u.r(n),u.d(n,{default:function(){return a}});var l=u(155),t=u.n(l);function a(){return t().createElement("div",null,"Demo Flow Settings Lazy Field Loaded")}}}]);
+import type { Context, Next } from '@nocobase/actions';
+export declare function applyDataPermissions(ctx: Context, next: Next): Promise<void>;

package/dist/server/actions/apply-data-permissions.js

@@ -0,0 +1,208 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var apply_data_permissions_exports = {};
+__export(apply_data_permissions_exports, {
+  applyDataPermissions: () => applyDataPermissions
+});
+module.exports = __toCommonJS(apply_data_permissions_exports);
+function ensureString(value, fieldName) {
+  if (typeof value !== "string" || !value.trim()) {
+    throw new Error(`Invalid ${fieldName}`);
+  }
+  return value.trim();
+}
+function normalizeFields(fields) {
+  if (!Array.isArray(fields)) {
+    return void 0;
+  }
+  const normalized = [
+    ...new Set(fields.filter((field) => typeof field === "string" && !!field.trim()))
+  ];
+  return normalized.length ? normalized : [];
+}
+function normalizeScopeId(scopeId) {
+  if (scopeId === null) {
+    return null;
+  }
+  if (scopeId === void 0) {
+    return void 0;
+  }
+  const parsed = Number(scopeId);
+  if (!Number.isInteger(parsed) || parsed <= 0) {
+    throw new Error(`Invalid scopeId: ${scopeId}`);
+  }
+  return parsed;
+}
+async function resolveScopeIdByKey(options) {
+  const scope = await options.ctx.db.getRepository("dataSourcesRolesResourcesScopes").findOne({
+    filter: {
+      dataSourceKey: options.dataSourceKey,
+      key: options.scopeKey
+    },
+    transaction: options.transaction
+  });
+  if (!scope) {
+    throw new Error(`Scope key "${options.scopeKey}" not found in data source "${options.dataSourceKey}"`);
+  }
+  return scope.get("id");
+}
+async function normalizeAction(options) {
+  const name = ensureString(options.action.name, "action.name");
+  let scopeId = normalizeScopeId(options.action.scopeId);
+  if (scopeId === void 0 && options.action.scope && typeof options.action.scope.id === "number") {
+    scopeId = normalizeScopeId(options.action.scope.id);
+  }
+  let scopeKey;
+  if (typeof options.action.scopeKey === "string" && options.action.scopeKey.trim()) {
+    scopeKey = options.action.scopeKey.trim();
+  } else if (options.action.scope && typeof options.action.scope.key === "string" && options.action.scope.key.trim()) {
+    scopeKey = options.action.scope.key.trim();
+  }
+  if (scopeId === void 0 && scopeKey) {
+    scopeId = await resolveScopeIdByKey({
+      ctx: options.ctx,
+      dataSourceKey: options.dataSourceKey,
+      scopeKey,
+      transaction: options.transaction
+    });
+  }
+  if (scopeId === void 0) {
+    scopeId = null;
+  }
+  const normalized = {
+    name,
+    fields: normalizeFields(options.action.fields),
+    scopeId
+  };
+  const output = {
+    name: normalized.name
+  };
+  if (normalized.fields !== void 0) {
+    output.fields = normalized.fields;
+  }
+  if (normalized.scopeId !== void 0) {
+    output.scopeId = normalized.scopeId;
+  }
+  return output;
+}
+async function applyDataPermissions(ctx, next) {
+  const roleName = ensureString(ctx.action.params.filterByTk, "filterByTk");
+  const values = ctx.action.params.values || {};
+  const dataSourceKey = ensureString(values.dataSourceKey || "main", "dataSourceKey");
+  const resources = values.resources;
+  if (!Array.isArray(resources) || resources.length === 0) {
+    throw new Error("`resources` must be a non-empty array");
+  }
+  const role = await ctx.db.getRepository("roles").findOne({
+    filterByTk: roleName
+  });
+  if (!role) {
+    throw new Error(`Role "${roleName}" not found`);
+  }
+  const roleResourceRepository = ctx.db.getRepository("roles.resources", roleName);
+  const appliedResources = [];
+  await ctx.db.sequelize.transaction(async (transaction) => {
+    for (const resourceInput of resources) {
+      const resourceName = ensureString(resourceInput == null ? void 0 : resourceInput.name, "resource.name");
+      const usingActionsConfig = (resourceInput == null ? void 0 : resourceInput.usingActionsConfig) ?? true;
+      const actionsInput = Array.isArray(resourceInput == null ? void 0 : resourceInput.actions) ? resourceInput.actions : [];
+      const normalizedActions = [];
+      for (const action of actionsInput) {
+        normalizedActions.push(
+          await normalizeAction({
+            ctx,
+            dataSourceKey,
+            action,
+            transaction
+          })
+        );
+      }
+      const existingResource = await roleResourceRepository.findOne({
+        filter: {
+          name: resourceName,
+          dataSourceKey
+        },
+        appends: ["actions"],
+        transaction
+      });
+      const writeValues = {
+        name: resourceName,
+        dataSourceKey,
+        usingActionsConfig,
+        actions: normalizedActions
+      };
+      let savedResource;
+      if (existingResource) {
+        await roleResourceRepository.update({
+          filterByTk: existingResource.get("id"),
+          values: writeValues,
+          updateAssociationValues: ["actions"],
+          transaction
+        });
+        savedResource = await roleResourceRepository.findOne({
+          filterByTk: existingResource.get("id"),
+          appends: ["actions"],
+          transaction
+        });
+      } else {
+        const created = await roleResourceRepository.create({
+          values: writeValues,
+          transaction
+        });
+        savedResource = await roleResourceRepository.findOne({
+          filterByTk: created.get("id"),
+          appends: ["actions"],
+          transaction
+        });
+      }
+      const actionModels = savedResource.get("actions") || [];
+      appliedResources.push({
+        id: savedResource.get("id"),
+        name: savedResource.get("name"),
+        dataSourceKey: savedResource.get("dataSourceKey"),
+        usingActionsConfig: !!savedResource.get("usingActionsConfig"),
+        actions: actionModels.map((actionModel) => ({
+          id: actionModel.get("id"),
+          name: actionModel.get("name"),
+          fields: actionModel.get("fields") || [],
+          scopeId: actionModel.get("scopeId") ?? null
+        }))
+      });
+    }
+  });
+  ctx.body = {
+    roleName,
+    dataSourceKey,
+    resources: appliedResources,
+    count: appliedResources.length
+  };
+  await next();
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  applyDataPermissions
+});

package/dist/server/actions/data-source-compat.d.ts

@@ -0,0 +1,13 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+import type { Context, Next } from '@nocobase/actions';
+export declare function guardRolesDataSourcesCollectionsList(ctx: Context, next: Next): Promise<void>;
+export declare function guardRolesDataSourceResourcesCreate(ctx: Context, next: Next): Promise<void>;
+export declare function guardRolesDataSourceResourcesGet(ctx: Context, next: Next): Promise<void>;
+export declare function guardRolesDataSourceResourcesUpdate(ctx: Context, next: Next): Promise<void>;

package/dist/server/actions/data-source-compat.js

@@ -0,0 +1,189 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var data_source_compat_exports = {};
+__export(data_source_compat_exports, {
+  guardRolesDataSourceResourcesCreate: () => guardRolesDataSourceResourcesCreate,
+  guardRolesDataSourceResourcesGet: () => guardRolesDataSourceResourcesGet,
+  guardRolesDataSourceResourcesUpdate: () => guardRolesDataSourceResourcesUpdate,
+  guardRolesDataSourcesCollectionsList: () => guardRolesDataSourcesCollectionsList
+});
+module.exports = __toCommonJS(data_source_compat_exports);
+var import_lodash = __toESM(require("lodash"));
+function normalizeString(value) {
+  if (typeof value !== "string") {
+    return void 0;
+  }
+  const trimmed = value.trim();
+  return trimmed ? trimmed : void 0;
+}
+function normalizeFilter(input) {
+  if (!import_lodash.default.isPlainObject(input)) {
+    return {};
+  }
+  return { ...input };
+}
+function applyLocatorFromQuery(params, filter) {
+  const dataSourceKeyFromQuery = normalizeString(params.dataSourceKey);
+  if (dataSourceKeyFromQuery) {
+    filter.dataSourceKey = filter.dataSourceKey || dataSourceKeyFromQuery;
+  }
+  const nameFromQuery = normalizeString(params.name);
+  if (nameFromQuery) {
+    filter.name = filter.name || nameFromQuery;
+  }
+}
+function normalizeNumericTk(value) {
+  if (typeof value === "number" && Number.isInteger(value) && value >= 0) {
+    return value;
+  }
+  const normalized = normalizeString(value);
+  if (!normalized || !/^\d+$/.test(normalized)) {
+    return void 0;
+  }
+  return normalized;
+}
+function deriveNameFromPrefixedTk(value) {
+  const normalized = normalizeString(value);
+  if (!normalized) {
+    return void 0;
+  }
+  const matched = normalized.match(/^[a-zA-Z]+_(.+)$/);
+  if (!matched) {
+    return void 0;
+  }
+  return normalizeString(matched[1]);
+}
+async function resolveLocatorFromFilterByTk(ctx, roleName, filter) {
+  const rawFilterByTk = ctx.action.params.filterByTk;
+  if (rawFilterByTk === void 0 || rawFilterByTk === null || rawFilterByTk === "") {
+    return;
+  }
+  const numericFilterByTk = normalizeNumericTk(rawFilterByTk);
+  if (numericFilterByTk === void 0) {
+    if (!normalizeString(filter.name)) {
+      const derivedName = deriveNameFromPrefixedTk(rawFilterByTk);
+      if (derivedName) {
+        filter.name = derivedName;
+      }
+    }
+    return;
+  }
+  const resource = await ctx.db.getRepository("dataSourcesRolesResources").findOne({
+    filterByTk: numericFilterByTk
+  });
+  if (!resource) {
+    ctx.throw(404, `Resource permission not found by filterByTk "${rawFilterByTk}"`);
+    return;
+  }
+  const targetRoleName = resource.get("roleName");
+  if (targetRoleName !== roleName) {
+    ctx.throw(400, `Resource permission "${rawFilterByTk}" does not belong to role "${roleName}"`);
+    return;
+  }
+  if (!normalizeString(filter.dataSourceKey)) {
+    filter.dataSourceKey = resource.get("dataSourceKey");
+  }
+  if (!normalizeString(filter.name)) {
+    filter.name = resource.get("name");
+  }
+}
+async function normalizeRoleDataSourceResourceLocator(ctx) {
+  const roleName = normalizeString(ctx.action.params.associatedIndex);
+  if (!roleName) {
+    ctx.throw(400, "Role name is required");
+    return;
+  }
+  const filter = normalizeFilter(ctx.action.params.filter);
+  applyLocatorFromQuery(ctx.action.params, filter);
+  await resolveLocatorFromFilterByTk(ctx, roleName, filter);
+  const dataSourceKey = normalizeString(filter.dataSourceKey);
+  const name = normalizeString(filter.name);
+  if (!dataSourceKey || !name) {
+    ctx.throw(
+      400,
+      "Missing resource locator: provide --filter-by-tk, or both --data-source-key and --name (or filter.{dataSourceKey,name})"
+    );
+    return;
+  }
+  ctx.action.params.filter = {
+    ...filter,
+    dataSourceKey,
+    name
+  };
+}
+async function guardRolesDataSourcesCollectionsList(ctx, next) {
+  const filter = normalizeFilter(ctx.action.params.filter);
+  applyLocatorFromQuery(ctx.action.params, filter);
+  const dataSourceKey = normalizeString(filter.dataSourceKey);
+  if (!dataSourceKey) {
+    ctx.throw(400, "dataSourceKey is required: pass --data-source-key or filter.dataSourceKey");
+    return;
+  }
+  ctx.action.params.filter = {
+    ...filter,
+    dataSourceKey
+  };
+  await next();
+}
+async function guardRolesDataSourceResourcesCreate(ctx, next) {
+  const values = normalizeFilter(ctx.action.params.values);
+  const dataSourceKeyFromQuery = normalizeString(ctx.action.params.dataSourceKey);
+  if (!values.dataSourceKey && dataSourceKeyFromQuery) {
+    values.dataSourceKey = dataSourceKeyFromQuery;
+  }
+  if (!normalizeString(values.dataSourceKey)) {
+    ctx.throw(400, "dataSourceKey is required for roles.dataSourceResources:create");
+    return;
+  }
+  ctx.action.params.values = values;
+  await next();
+}
+async function guardRolesDataSourceResourcesGet(ctx, next) {
+  await normalizeRoleDataSourceResourceLocator(ctx);
+  await next();
+}
+async function guardRolesDataSourceResourcesUpdate(ctx, next) {
+  await normalizeRoleDataSourceResourceLocator(ctx);
+  await next();
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  guardRolesDataSourceResourcesCreate,
+  guardRolesDataSourceResourcesGet,
+  guardRolesDataSourceResourcesUpdate,
+  guardRolesDataSourcesCollectionsList
+});

package/dist/server/server.js

@@ -46,6 +46,8 @@ var import_server = require("@nocobase/server");
 var import_lodash = __toESM(require("lodash"));
 var import_path = require("path");
 var import_available_actions = require("./actions/available-actions");
+var import_apply_data_permissions = require("./actions/apply-data-permissions");
+var import_data_source_compat = require("./actions/data-source-compat");
 var import_role_check = require("./actions/role-check");
 var import_role_collections = require("./actions/role-collections");
 var import_user_setDefaultRole = require("./actions/user-setDefaultRole");
@@ -181,7 +183,21 @@ class PluginACLServer extends import_server.Plugin {
     this.app.resourcer.define(import_available_actions.availableActionResource);
     this.app.resourcer.define(import_role_collections.roleCollectionsResource);
     this.app.resourcer.registerActionHandler("roles:setSystemRoleMode", import_union_role.setSystemRoleMode);
+    this.app.resourcer.registerActionHandler("roles:applyDataPermissions", import_apply_data_permissions.applyDataPermissions);
     this.app.resourcer.registerActionHandler("roles:check", import_role_check.checkAction);
+    this.app.resourcer.registerPreActionHandler(
+      "roles.dataSourcesCollections:list",
+      import_data_source_compat.guardRolesDataSourcesCollectionsList
+    );
+    this.app.resourcer.registerPreActionHandler(
+      "roles.dataSourceResources:create",
+      import_data_source_compat.guardRolesDataSourceResourcesCreate
+    );
+    this.app.resourcer.registerPreActionHandler("roles.dataSourceResources:get", import_data_source_compat.guardRolesDataSourceResourcesGet);
+    this.app.resourcer.registerPreActionHandler(
+      "roles.dataSourceResources:update",
+      import_data_source_compat.guardRolesDataSourceResourcesUpdate
+    );
     this.app.resourcer.registerActionHandler(`users:setDefaultRole`, import_user_setDefaultRole.setDefaultRole);
     this.db.on("users.afterCreateWithAssociations", async (model, options) => {
       const { transaction } = options;

package/dist/swagger/index.d.ts

@@ -198,6 +198,38 @@ declare const _default: {
                 };
             };
         };
+        '/roles:applyDataPermissions': {
+            post: {
+                tags: string[];
+                summary: string;
+                description: string;
+                parameters: {
+                    $ref: string;
+                }[];
+                requestBody: {
+                    required: boolean;
+                    content: {
+                        'application/json': {
+                            schema: {
+                                $ref: string;
+                            };
+                        };
+                    };
+                };
+                responses: {
+                    200: {
+                        description: string;
+                        content: {
+                            'application/json': {
+                                schema: {
+                                    $ref: string;
+                                };
+                            };
+                        };
+                    };
+                };
+            };
+        };
         '/roles/{roleName}/users:list': {
             get: {
                 tags: string[];
@@ -744,6 +776,14 @@ declare const _default: {
                     type: string;
                 };
             };
+            DataSourceKeyQuery: {
+                name: string;
+                in: string;
+                description: string;
+                schema: {
+                    type: string;
+                };
+            };
             MembershipUserFilterByTkQuery: {
                 name: string;
                 in: string;
@@ -789,6 +829,14 @@ declare const _default: {
                     type: string;
                 };
             };
+            DataSourceResourceNameQuery: {
+                name: string;
+                in: string;
+                description: string;
+                schema: {
+                    type: string;
+                };
+            };
             ScopePkQuery: {
                 name: string;
                 in: string;
@@ -951,6 +999,107 @@ declare const _default: {
                 };
                 required: string[];
             };
+            RoleDataPermissionActionWrite: {
+                type: string;
+                properties: {
+                    name: {
+                        type: string;
+                        description: string;
+                    };
+                    fields: {
+                        type: string;
+                        items: {
+                            type: string;
+                        };
+                        description: string;
+                    };
+                    scopeId: {
+                        type: string;
+                        nullable: boolean;
+                        description: string;
+                    };
+                    scopeKey: {
+                        type: string;
+                        description: string;
+                    };
+                    scope: {
+                        type: string;
+                        properties: {
+                            id: {
+                                type: string;
+                            };
+                            key: {
+                                type: string;
+                            };
+                        };
+                        additionalProperties: boolean;
+                        description: string;
+                    };
+                };
+                required: string[];
+                additionalProperties: boolean;
+            };
+            RoleDataPermissionResourceWrite: {
+                type: string;
+                properties: {
+                    name: {
+                        type: string;
+                        description: string;
+                    };
+                    usingActionsConfig: {
+                        type: string;
+                        description: string;
+                    };
+                    actions: {
+                        type: string;
+                        items: {
+                            $ref: string;
+                        };
+                        description: string;
+                    };
+                };
+                required: string[];
+                additionalProperties: boolean;
+            };
+            RoleDataPermissionsApplyWrite: {
+                type: string;
+                properties: {
+                    dataSourceKey: {
+                        type: string;
+                        description: string;
+                    };
+                    resources: {
+                        type: string;
+                        items: {
+                            $ref: string;
+                        };
+                        description: string;
+                    };
+                };
+                required: string[];
+                additionalProperties: boolean;
+            };
+            RoleDataPermissionsApplyResult: {
+                type: string;
+                properties: {
+                    roleName: {
+                        type: string;
+                    };
+                    dataSourceKey: {
+                        type: string;
+                    };
+                    count: {
+                        type: string;
+                    };
+                    resources: {
+                        type: string;
+                        items: {
+                            $ref: string;
+                        };
+                    };
+                };
+                additionalProperties: boolean;
+            };
             DataSourceRole: {
                 type: string;
                 properties: {

package/dist/swagger/index.js

@@ -213,6 +213,36 @@ var swagger_default = {
         }
       }
     },
+    "/roles:applyDataPermissions": {
+      post: {
+        tags: ["roles"],
+        summary: "Apply collection-level independent ACL permissions in batch for a role",
+        description: "Apply one or more collection-level independent ACL permission configs for a role in one request. Supports action scope binding by `scopeId` or `scopeKey`.",
+        parameters: [{ $ref: "#/components/parameters/RoleNameQuery" }],
+        requestBody: {
+          required: true,
+          content: {
+            "application/json": {
+              schema: {
+                $ref: "#/components/schemas/RoleDataPermissionsApplyWrite"
+              }
+            }
+          }
+        },
+        responses: {
+          200: {
+            description: "OK",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: "#/components/schemas/RoleDataPermissionsApplyResult"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
     "/roles/{roleName}/users:list": {
       get: {
         tags: ["roles.users"],
@@ -412,9 +442,10 @@ var swagger_default = {
       get: {
         tags: ["roles.dataSourcesCollections"],
         summary: "List data-source collections in role permission configuration",
-        description: "List collections in the target data source for the given role and indicate whether they use global permissions or collection-level independent permissions.",
+        description: "List collections in the target data source for the given role and indicate whether they use global permissions or collection-level independent permissions. You can pass `dataSourceKey` directly, or through `filter.dataSourceKey` for compatibility.",
         parameters: [
           { $ref: "#/components/parameters/RoleNamePath" },
+          { $ref: "#/components/parameters/DataSourceKeyQuery" },
           { $ref: "#/components/parameters/PageQuery" },
           { $ref: "#/components/parameters/PageSizeQuery" },
           { $ref: "#/components/parameters/SortQuery" },
@@ -483,9 +514,12 @@ var swagger_default = {
       get: {
         tags: ["roles.dataSourceResources"],
         summary: "Get one collection-level independent ACL permission for a role",
-        description: "Get one collection-level independent permission config. Target it with a `filter` such as `{ name, dataSourceKey }`. Do not rely on `filterByTk` for this endpoint.",
+        description: "Get one collection-level independent permission config. You can target it by `filterByTk`, or by `name` + `dataSourceKey`. `filter` with `{ name, dataSourceKey }` is still supported for compatibility.",
         parameters: [
           { $ref: "#/components/parameters/RoleNamePath" },
+          { $ref: "#/components/parameters/ResourcePermissionTkQuery" },
+          { $ref: "#/components/parameters/DataSourceKeyQuery" },
+          { $ref: "#/components/parameters/DataSourceResourceNameQuery" },
           { $ref: "#/components/parameters/FilterQuery" },
           { $ref: "#/components/parameters/AppendsQuery" }
         ],
@@ -507,8 +541,14 @@ var swagger_default = {
       post: {
         tags: ["roles.dataSourceResources"],
         summary: "Update collection-level independent ACL permissions for a role",
-        description: "Update one collection-level independent permission config. Target it with a `filter` such as `{ name, dataSourceKey }`. Do not rely on `filterByTk` for this endpoint.",
-        parameters: [{ $ref: "#/components/parameters/RoleNamePath" }, { $ref: "#/components/parameters/FilterQuery" }],
+        description: "Update one collection-level independent permission config. You can target it by `filterByTk`, or by `name` + `dataSourceKey`. `filter` with `{ name, dataSourceKey }` is still supported for compatibility.",
+        parameters: [
+          { $ref: "#/components/parameters/RoleNamePath" },
+          { $ref: "#/components/parameters/ResourcePermissionTkQuery" },
+          { $ref: "#/components/parameters/DataSourceKeyQuery" },
+          { $ref: "#/components/parameters/DataSourceResourceNameQuery" },
+          { $ref: "#/components/parameters/FilterQuery" }
+        ],
         requestBody: {
           required: true,
           content: {
@@ -765,6 +805,12 @@ var swagger_default = {
         required: true,
         schema: { type: "string" }
       },
+      DataSourceKeyQuery: {
+        name: "dataSourceKey",
+        in: "query",
+        description: "Data source key, for example `main`.",
+        schema: { type: "string" }
+      },
       MembershipUserFilterByTkQuery: {
         name: "filterByTk",
         in: "query",
@@ -807,6 +853,12 @@ var swagger_default = {
         required: true,
         schema: { type: "string" }
       },
+      DataSourceResourceNameQuery: {
+        name: "name",
+        in: "query",
+        description: "Resource name, typically the collection name.",
+        schema: { type: "string" }
+      },
       ScopePkQuery: {
         name: "filterByTk",
         in: "query",
@@ -919,6 +971,89 @@ var swagger_default = {
         },
         required: ["roleMode"]
       },
+      RoleDataPermissionActionWrite: {
+        type: "object",
+        properties: {
+          name: {
+            type: "string",
+            description: "ACL action name, such as `view`, `create`, `update`, or `destroy`."
+          },
+          fields: {
+            type: "array",
+            items: { type: "string" },
+            description: "Optional allowed field list for field-configurable actions."
+          },
+          scopeId: {
+            type: "integer",
+            nullable: true,
+            description: "Optional scope id. Use `null` to clear the scope binding."
+          },
+          scopeKey: {
+            type: "string",
+            description: "Optional built-in/custom scope key. When provided, server resolves it to `scopeId`."
+          },
+          scope: {
+            type: "object",
+            properties: {
+              id: { type: "integer" },
+              key: { type: "string" }
+            },
+            additionalProperties: true,
+            description: "Optional compatibility payload from existing role-resource readback."
+          }
+        },
+        required: ["name"],
+        additionalProperties: true
+      },
+      RoleDataPermissionResourceWrite: {
+        type: "object",
+        properties: {
+          name: {
+            type: "string",
+            description: "Collection name."
+          },
+          usingActionsConfig: {
+            type: "boolean",
+            description: "Whether the collection uses independent action config."
+          },
+          actions: {
+            type: "array",
+            items: { $ref: "#/components/schemas/RoleDataPermissionActionWrite" },
+            description: "Independent action config list for the collection."
+          }
+        },
+        required: ["name"],
+        additionalProperties: true
+      },
+      RoleDataPermissionsApplyWrite: {
+        type: "object",
+        properties: {
+          dataSourceKey: {
+            type: "string",
+            description: "Data source key, default is `main` when omitted."
+          },
+          resources: {
+            type: "array",
+            items: { $ref: "#/components/schemas/RoleDataPermissionResourceWrite" },
+            description: "Collection-level independent permission payloads to apply in batch."
+          }
+        },
+        required: ["resources"],
+        additionalProperties: true
+      },
+      RoleDataPermissionsApplyResult: {
+        type: "object",
+        properties: {
+          roleName: { type: "string" },
+          dataSourceKey: { type: "string" },
+          count: { type: "integer" },
+          resources: {
+            type: "array",
+            items: { $ref: "#/components/schemas/RoleDataSourceResource" }
+          }
+        },
+        additionalProperties: true
+      },
       DataSourceRole: {
         type: "object",
         properties: {

package/package.json

@@ -6,7 +6,7 @@
   "description": "Based on roles, resources, and actions, access control can precisely manage interface configuration permissions, data operation permissions, menu access permissions, and plugin permissions.",
   "description.ru-RU": "На основе ролей, ресурсов и действий система контроля доступа может точно управлять разрешениями на изменение интерфейса, работу с данными, доступ к меню и разрешениями для подключаемых модулей.",
   "description.zh-CN": "基于角色、资源和操作的权限控制，可以精确控制界面配置权限、数据操作权限、菜单访问权限、插件权限。",
-  "version": "2.1.0-alpha.21",
+  "version": "2.1.0-alpha.23",
   "license": "Apache-2.0",
   "main": "./dist/server/index.js",
   "homepage": "https://docs.nocobase.com/handbook/acl",
@@ -46,5 +46,5 @@
     "url": "git+https://github.com/nocobase/nocobase.git",
     "directory": "packages/plugins/acl"
   },
-  "gitHead": "b4c2b469f321ecaec7863a8ae371a02fe6a35aa2"
+  "gitHead": "baa19dafe25e85b680b2fea7451f202831930c1c"
 }

package/dist/client-v2/139.929bc11d582ef7d4.js

@@ -1,10 +0,0 @@
-/**
- * This file is part of the NocoBase (R) project.
- * Copyright (c) 2020-2024 NocoBase Co., Ltd.
- * Authors: NocoBase Team.
- *
- * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
- * For more information, please refer to: https://www.nocobase.com/agreement.
- */
-
-"use strict";(self.webpackChunk_nocobase_plugin_acl=self.webpackChunk_nocobase_plugin_acl||[]).push([["139"],{870:function(e,n,t){t.r(n),t.d(n,{default:function(){return u}});var o=t(452),r=t(230),c=t(694),l=t(155),a=t.n(l),i=(0,r.createSchemaField)();function u(){var e=(0,c.useFlowEngineContext)().app,n=a().useMemo(function(){return(0,o.createForm)()},[]);return a().createElement("div",null,a().createElement("div",null,"Flow Settings Component Loader Demo Route"),a().createElement(r.FormProvider,{form:n},a().createElement(i,{schema:{type:"object",properties:{demo:{type:"void","x-component":"DemoFlowSettingsLazyField"}}},components:e.flowEngine.flowSettings.components})))}}}]);

package/dist/client-v2/366.069b6cf12cfb9a67.js

@@ -1,10 +0,0 @@
-/**
- * This file is part of the NocoBase (R) project.
- * Copyright (c) 2020-2024 NocoBase Co., Ltd.
- * Authors: NocoBase Team.
- *
- * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
- * For more information, please refer to: https://www.nocobase.com/agreement.
- */
-
-"use strict";(self.webpackChunk_nocobase_plugin_acl=self.webpackChunk_nocobase_plugin_acl||[]).push([["366"],{173:function(e,t,n){n.r(t),n.d(t,{default:function(){return a}});var o=n(155),u=n.n(o),r=n(59),l=n(694);function a(){var e=(0,l.useFlowContext)();return u().createElement(u().Fragment,null,u().createElement("div",null,"Demo Homepage Route",u().createElement(r.Button,{onClick:function(){return e.router.navigate("app-info")}},"Go to demo route")),u().createElement("div",null,"Demo flow settings page",u().createElement(r.Button,{onClick:function(){return e.router.navigate("flow-settings-component-loader")}},"Go to demo route")))}}}]);