@nocobase/plugin-acl 2.1.0-beta.2 → 2.1.0-beta.6

package/README.md

@@ -1,17 +1,24 @@
 # NocoBase
 
 <video width="100%" controls>
-      <source src="https://static-docs.nocobase.com/NocoBase0510.mp4" type="video/mp4">
+  <source src="https://github.com/user-attachments/assets/4d11a87b-00e2-48f3-9bf7-389d21072d13" type="video/mp4">
 </video>
 
+<p align="center">
+<a href="https://trendshift.io/repositories/4112" target="_blank"><img src="https://trendshift.io/api/badge/repositories/4112" alt="nocobase%2Fnocobase | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
+<a href="https://www.producthunt.com/posts/nocobase?embed=true&utm_source=badge-top-post-topic-badge&utm_medium=badge&utm_souce=badge-nocobase" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/top-post-topic-badge.svg?post_id=456520&theme=light&period=weekly&topic_id=267" alt="NocoBase - Scalability&#0045;first&#0044;&#0032;open&#0045;source&#0032;no&#0045;code&#0032;platform | Product Hunt" style="width: 250px; height: 54px;" width="250" height="54" /></a>
+</p>
 
 ## What is NocoBase
 
-NocoBase is a scalability-first, open-source no-code development platform.  
-Instead of investing years of time and millions of dollars in research and development, deploy NocoBase in a few minutes and you'll have a private, controllable, and extremely scalable no-code development platform!
+NocoBase is the most extensible AI-powered no-code platform.   
+Total control. Infinite extensibility. AI collaboration.  
+Enable your team to adapt quickly and cut costs dramatically.  
+No years of development. No millions wasted.  
+Deploy NocoBase in minutes — and take control of everything.
 
 Homepage:  
-https://www.nocobase.com/
+https://www.nocobase.com/  
 
 Online Demo:  
 https://demo.nocobase.com/new
@@ -19,12 +26,74 @@ https://demo.nocobase.com/new
 Documents:  
 https://docs.nocobase.com/
 
-Commericial license & plugins:  
-https://www.nocobase.com/en/commercial
+Forum:  
+https://forum.nocobase.com/
 
-License agreement:   
-https://www.nocobase.com/en/agreement
+Use Cases:  
+https://www.nocobase.com/en/blog/tags/customer-stories
 
+## Release Notes
 
-## Contact Us:  
-hello@nocobase.com
+Our [blog](https://www.nocobase.com/en/blog/timeline) is regularly updated with release notes and provides a weekly summary.
+
+## Distinctive features
+
+### 1. Data model-driven, not form/table–driven
+
+Instead of being constrained by forms or tables, NocoBase adopts a data model–driven approach, separating data structure from user interface to unlock unlimited possibilities.
+
+- UI and data structure are fully decoupled
+- Multiple blocks and actions can be created for the same table or record in any quantity or form
+- Supports the main database, external databases, and third-party APIs as data sources
+
+![model](https://static-docs.nocobase.com/model.png)
+
+### 2. AI employees, integrated into your business systems
+Unlike standalone AI demos, NocoBase allows you to embed AI capabilities seamlessly into your interfaces, workflows, and data context, making AI truly useful in real business scenarios.
+
+- Define AI employees for roles such as translator, analyst, researcher, or assistant
+- Seamless AI–human collaboration in interfaces and workflows
+- Ensure AI usage is secure, transparent, and customizable for your business needs
+
+![AI-employee](https://static-docs.nocobase.com/ai-employee-home.png)
+
+### 3. What you see is what you get, incredibly easy to use
+
+While enabling the development of complex business systems, NocoBase keeps the experience simple and intuitive.
+
+- One-click switch between usage mode and configuration mode
+- Pages serve as a canvas to arrange blocks and actions, similar to Notion
+- Configuration mode is designed for ordinary users, not just programmers
+
+![wysiwyg](https://static-docs.nocobase.com/wysiwyg.gif)
+
+### 4. Everything is a plugin, designed for extension
+Adding more no-code features will never cover every business case. NocoBase is built for extension through its plugin-based microkernel architecture.
+
+- All functionalities are plugins, similar to WordPress
+- Plugins are ready to use upon installation
+- Pages, blocks, actions, APIs, and data sources can all be extended through custom plugins
+
+![plugins](https://static-docs.nocobase.com/plugins.png)
+
+## Installation
+
+NocoBase supports three installation methods:
+
+- <a target="_blank" href="https://docs.nocobase.com/welcome/getting-started/installation/docker-compose">Installing With Docker (👍Recommended)</a>
+
+  Suitable for no-code scenarios, no code to write. When upgrading, just download the latest image and reboot.
+
+- <a target="_blank" href="https://docs.nocobase.com/welcome/getting-started/installation/create-nocobase-app">Installing from create-nocobase-app CLI</a>
+
+  The business code of the project is completely independent and supports low-code development.
+
+- <a target="_blank" href="https://docs.nocobase.com/welcome/getting-started/installation/git-clone">Installing from Git source code</a>
+
+  If you want to experience the latest unreleased version, or want to participate in the contribution, you need to make changes and debug on the source code, it is recommended to choose this installation method, which requires a high level of development skills, and if the code has been updated, you can git pull the latest code.
+
+## How NocoBase works
+
+<video width="100%" controls>
+  <source src="https://github.com/user-attachments/assets/8d183b44-9bb5-4792-b08f-bc08fe8dfaaf" type="video/mp4">
+</video>

package/dist/externalVersion.js

@@ -8,7 +8,7 @@
  */
 
 module.exports = {
-  "@nocobase/client": "2.1.0-beta.2",
+  "@nocobase/client": "2.1.0-beta.6",
   "antd": "5.24.2",
   "react": "18.2.0",
   "react-i18next": "11.18.6",
@@ -17,14 +17,14 @@ module.exports = {
   "@formily/react": "2.3.7",
   "@ant-design/icons": "5.6.1",
   "lodash": "4.17.21",
-  "@nocobase/utils": "2.1.0-beta.2",
-  "@nocobase/actions": "2.1.0-beta.2",
-  "@nocobase/cache": "2.1.0-beta.2",
-  "@nocobase/database": "2.1.0-beta.2",
-  "@nocobase/server": "2.1.0-beta.2",
-  "@nocobase/test": "2.1.0-beta.2",
+  "@nocobase/utils": "2.1.0-beta.6",
+  "@nocobase/actions": "2.1.0-beta.6",
+  "@nocobase/cache": "2.1.0-beta.6",
+  "@nocobase/database": "2.1.0-beta.6",
+  "@nocobase/server": "2.1.0-beta.6",
+  "@nocobase/acl": "2.1.0-beta.6",
+  "@nocobase/test": "2.1.0-beta.6",
   "@formily/core": "2.3.7",
   "@formily/antd-v5": "1.2.3",
-  "antd-style": "3.7.1",
-  "@nocobase/acl": "2.1.0-beta.2"
+  "antd-style": "3.7.1"
 };

package/dist/server/middlewares/check-association-operate.js

@@ -31,7 +31,7 @@ __export(check_association_operate_exports, {
 module.exports = __toCommonJS(check_association_operate_exports);
 var import_acl = require("@nocobase/acl");
 async function checkAssociationOperate(ctx, next) {
-  var _a;
+  var _a, _b, _c, _d, _e, _f, _g, _h, _i, _j;
   const { actionName, resourceName, sourceId } = ctx.action;
   if (!(resourceName.includes(".") && ["add", "set", "remove", "toggle"].includes(actionName))) {
     return next();
@@ -59,12 +59,21 @@ async function checkAssociationOperate(ctx, next) {
   }
   if (params.filter) {
     try {
-      const filteredParams = ctx.acl.filterParams(ctx, resource, params);
-      const parsedParams = await ctx.acl.parseJsonTemplate(filteredParams, ctx);
-      const repo = ctx.db.getRepository(resource);
+      const timezone = ((_c = (_b = ctx.request) == null ? void 0 : _b.get) == null ? void 0 : _c.call(_b, "x-timezone")) ?? ((_e = (_d = ctx.request) == null ? void 0 : _d.header) == null ? void 0 : _e["x-timezone"]) ?? ((_g = (_f = ctx.req) == null ? void 0 : _f.headers) == null ? void 0 : _g["x-timezone"]);
+      const collection = (_i = (_h = ctx.database) == null ? void 0 : _h.getCollection) == null ? void 0 : _i.call(_h, resource);
+      (0, import_acl.checkFilterParams)(collection, params.filter);
+      const parsedFilter = await (0, import_acl.parseJsonTemplate)(params.filter, {
+        state: ctx.state,
+        timezone,
+        userProvider: (0, import_acl.createUserProvider)({
+          db: ctx.db,
+          currentUser: (_j = ctx.state) == null ? void 0 : _j.currentUser
+        })
+      });
+      const repo = ctx.database.getRepository(resource);
       const record = await repo.findOne({
         filterByTk: sourceId,
-        filter: parsedParams.filter
+        filter: parsedFilter ?? params.filter
       });
       if (!record) {
         ctx.throw(403, "No permissions");

package/dist/server/middlewares/check-change-with-association.d.ts

@@ -6,5 +6,25 @@
  * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
  * For more information, please refer to: https://www.nocobase.com/agreement.
  */
+import { ACL, UserProvider } from '@nocobase/acl';
 import { Context, Next } from '@nocobase/actions';
+import { Collection } from '@nocobase/database';
+export type SanitizeAssociationValuesOptions = {
+    acl?: ACL;
+    resourceName: string;
+    actionName: string;
+    values: any;
+    updateAssociationValues?: string[];
+    protectedKeys?: string[];
+    aclParams?: any;
+    roles?: string[];
+    currentRole?: string;
+    currentUser?: any;
+    collection?: Collection;
+    db?: any;
+    database?: any;
+    timezone?: string;
+    userProvider?: UserProvider;
+};
+export declare function sanitizeAssociationValues(options: SanitizeAssociationValuesOptions): Promise<any>;
 export declare const checkChangesWithAssociation: (ctx: Context, next: Next) => Promise<any>;