@nu-art/permissions-backend 0.401.8 → 0.500.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/PermissionKey_BE.d.ts +9 -6
- package/PermissionKey_BE.js +20 -9
- package/RequirePermission.d.ts +21 -0
- package/RequirePermission.js +47 -0
- package/_entity/permission-access-level/ModuleBE_PermissionAccessLevelDB.d.ts +5 -9
- package/_entity/permission-access-level/ModuleBE_PermissionAccessLevelDB.js +1 -7
- package/_entity/permission-access-level/module-pack.d.ts +1 -1
- package/_entity/permission-access-level/module-pack.js +2 -2
- package/_entity/permission-api/ModuleBE_PermissionAPIDB.d.ts +6 -8
- package/_entity/permission-api/ModuleBE_PermissionAPIDB.js +4 -4
- package/_entity/permission-api/module-pack.d.ts +1 -1
- package/_entity/permission-api/module-pack.js +2 -2
- package/_entity/permission-domain/ModuleBE_PermissionDomainDB.d.ts +4 -10
- package/_entity/permission-domain/ModuleBE_PermissionDomainDB.js +1 -4
- package/_entity/permission-domain/module-pack.d.ts +1 -1
- package/_entity/permission-domain/module-pack.js +2 -2
- package/_entity/permission-group/ModuleBE_PermissionGroupDB.d.ts +5 -7
- package/_entity/permission-group/ModuleBE_PermissionGroupDB.js +10 -7
- package/_entity/permission-group/module-pack.d.ts +1 -1
- package/_entity/permission-group/module-pack.js +2 -2
- package/_entity/permission-project/ModuleBE_PermissionProjectDB.d.ts +4 -6
- package/_entity/permission-project/ModuleBE_PermissionProjectDB.js +1 -1
- package/_entity/permission-project/module-pack.d.ts +1 -1
- package/_entity/permission-project/module-pack.js +2 -2
- package/_entity/permission-user/ModuleBE_PermissionUserAPI.d.ts +4 -3
- package/_entity/permission-user/ModuleBE_PermissionUserAPI.js +63 -10
- package/_entity/permission-user/ModuleBE_PermissionUserDB.d.ts +8 -10
- package/_entity/permission-user/ModuleBE_PermissionUserDB.js +33 -18
- package/core/external-api-paths.d.ts +13 -0
- package/core/external-api-paths.js +13 -0
- package/core/function-permission-registry.d.ts +25 -0
- package/core/function-permission-registry.js +50 -0
- package/core/utils.d.ts +4 -4
- package/core/utils.js +7 -7
- package/index.d.ts +5 -0
- package/index.js +5 -0
- package/modules/ModuleBE_Permissions.d.ts +10 -4
- package/modules/ModuleBE_Permissions.js +365 -264
- package/modules/ModuleBE_PermissionsAssert.d.ts +20 -3
- package/modules/ModuleBE_PermissionsAssert.js +271 -205
- package/modules/consts.d.ts +2 -2
- package/modules/consts.js +5 -5
- package/modules/index.d.ts +1 -0
- package/modules/index.js +1 -0
- package/package.json +13 -12
- package/permissions-wire.d.ts +46 -0
- package/permissions-wire.js +47 -0
- package/permissions.js +29 -31
- package/types.d.ts +3 -3
package/PermissionKey_BE.d.ts
CHANGED
|
@@ -1,13 +1,16 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import {
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
1
|
+
import { Logger } from '@nu-art/ts-common';
|
|
2
|
+
import { DatabaseDef_PermissionDomain, DB_PermissionKeyData } from '@nu-art/permissions-shared';
|
|
3
|
+
type Resolver = (logger?: Logger) => Promise<DB_PermissionKeyData>;
|
|
4
|
+
export declare class PermissionKey_BE<K extends string> {
|
|
5
|
+
readonly key: K;
|
|
6
|
+
readonly resolver: Resolver;
|
|
7
|
+
readonly dataManipulator: (data: DB_PermissionKeyData) => Promise<DB_PermissionKeyData>;
|
|
6
8
|
static _resolver: Resolver;
|
|
7
9
|
static buildData: (data: DB_PermissionKeyData) => Promise<DB_PermissionKeyData>;
|
|
8
10
|
constructor(key: K, initialDataResolver?: Resolver);
|
|
11
|
+
get(): Promise<DB_PermissionKeyData>;
|
|
9
12
|
set(value: DB_PermissionKeyData): Promise<void>;
|
|
10
13
|
}
|
|
11
|
-
export declare const defaultValueResolverV2: (domainId:
|
|
14
|
+
export declare const defaultValueResolverV2: (domainId: DatabaseDef_PermissionDomain["id"], accessLevelName: string) => Promise<DB_PermissionKeyData>;
|
|
12
15
|
export declare const defaultValueResolver: (domainNamespace: string, accessLevelValue: number) => Promise<DB_PermissionKeyData>;
|
|
13
16
|
export {};
|
package/PermissionKey_BE.js
CHANGED
|
@@ -1,15 +1,17 @@
|
|
|
1
1
|
import { filterInstances } from '@nu-art/ts-common';
|
|
2
2
|
import { ModuleBE_PermissionAccessLevelDB, ModuleBE_PermissionDomainDB } from './_entity.js';
|
|
3
|
-
import {
|
|
3
|
+
import { getAppConfigKeyHandler } from './permissions-wire.js';
|
|
4
4
|
import { Const_PermissionKeyType } from '@nu-art/permissions-shared';
|
|
5
|
-
export class PermissionKey_BE
|
|
5
|
+
export class PermissionKey_BE {
|
|
6
|
+
key;
|
|
7
|
+
resolver;
|
|
8
|
+
dataManipulator;
|
|
6
9
|
static _resolver = async () => {
|
|
7
10
|
return { type: Const_PermissionKeyType, accessLevelIds: [], _accessLevels: {} };
|
|
8
11
|
};
|
|
9
12
|
static buildData = async (data) => {
|
|
10
|
-
ModuleBE_AppConfigDB.logVerbose('**************** Building Data ****************');
|
|
11
13
|
const accessLevels = filterInstances(await ModuleBE_PermissionAccessLevelDB.query.all(data.accessLevelIds));
|
|
12
|
-
|
|
14
|
+
return {
|
|
13
15
|
type: 'permission-key',
|
|
14
16
|
accessLevelIds: data.accessLevelIds,
|
|
15
17
|
_accessLevels: accessLevels.reduce((acc, level) => {
|
|
@@ -17,16 +19,25 @@ export class PermissionKey_BE extends AppConfigKey_BE {
|
|
|
17
19
|
return acc;
|
|
18
20
|
}, {})
|
|
19
21
|
};
|
|
20
|
-
ModuleBE_AppConfigDB.logVerbose('**************** Data ****************');
|
|
21
|
-
ModuleBE_AppConfigDB.logVerbose(_data);
|
|
22
|
-
return _data;
|
|
23
22
|
};
|
|
24
23
|
constructor(key, initialDataResolver) {
|
|
25
|
-
|
|
24
|
+
this.key = key;
|
|
25
|
+
this.resolver = initialDataResolver ?? PermissionKey_BE._resolver;
|
|
26
|
+
this.dataManipulator = PermissionKey_BE.buildData;
|
|
27
|
+
getAppConfigKeyHandler()?.registerKey(this);
|
|
28
|
+
}
|
|
29
|
+
async get() {
|
|
30
|
+
const handler = getAppConfigKeyHandler();
|
|
31
|
+
if (!handler)
|
|
32
|
+
throw new Error('AppConfigKeyHandler not set; wire setAppConfigKeyHandler(ModuleBE_AppConfigDB) when using app-config-backend');
|
|
33
|
+
return handler.getAppKey(this);
|
|
26
34
|
}
|
|
27
35
|
async set(value) {
|
|
28
36
|
const dbValue = await PermissionKey_BE.buildData(value);
|
|
29
|
-
|
|
37
|
+
const handler = getAppConfigKeyHandler();
|
|
38
|
+
if (!handler)
|
|
39
|
+
throw new Error('AppConfigKeyHandler not set; wire setAppConfigKeyHandler(ModuleBE_AppConfigDB) when using app-config-backend');
|
|
40
|
+
await handler.setAppKey(this, dbValue);
|
|
30
41
|
}
|
|
31
42
|
}
|
|
32
43
|
export const defaultValueResolverV2 = async (domainId, accessLevelName) => {
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import type { PermissionScope } from '@nu-art/permissions-shared';
|
|
2
|
+
import type { FunctionPermissionDef } from './core/function-permission-registry.js';
|
|
3
|
+
export { type FunctionPermissionDef } from './core/function-permission-registry.js';
|
|
4
|
+
/**
|
|
5
|
+
* Symbol key used to attach the function-permission def to a method.
|
|
6
|
+
* PermissionsAssert (or middleware) can read this to assert before invoking the handler.
|
|
7
|
+
*/
|
|
8
|
+
export declare const RequirePermissionDefKey: unique symbol;
|
|
9
|
+
/**
|
|
10
|
+
* Method decorator that registers a function permission (scope + value) and attaches
|
|
11
|
+
* the def to the method. No assert in the decorator; assert runs at request time
|
|
12
|
+
* when the handler is invoked (via PermissionsAssert or module wrapper).
|
|
13
|
+
*
|
|
14
|
+
* @param scope - Branded permission scope (e.g. definePermissionScope('pathway', ['read','write','delete','admin']))
|
|
15
|
+
* @param value - One of scope.values (e.g. 'write')
|
|
16
|
+
*/
|
|
17
|
+
export declare function RequirePermission<P extends PermissionScope>(scope: P, value: P['values'][number]): <T extends (this: unknown, ...args: unknown[]) => Promise<unknown>>(originalMethod: T, _context: ClassMethodDecoratorContext<unknown, T>) => T;
|
|
18
|
+
/**
|
|
19
|
+
* Returns the function-permission def attached to a handler, or undefined.
|
|
20
|
+
*/
|
|
21
|
+
export declare function getRequirePermissionDef(handler: ((...args: unknown[]) => unknown) | null | undefined): FunctionPermissionDef | undefined;
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Permissions management system, define access level for each of
|
|
3
|
+
* your server apis, and restrict users by giving them access levels
|
|
4
|
+
*
|
|
5
|
+
* Copyright (C) 2020 Adam van der Kruk aka TacB0sS
|
|
6
|
+
*
|
|
7
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
8
|
+
* you may not use this file except in compliance with the License.
|
|
9
|
+
* You may obtain a copy of the License at
|
|
10
|
+
*
|
|
11
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
12
|
+
*
|
|
13
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
14
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
15
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
16
|
+
* See the License for the specific language governing permissions and
|
|
17
|
+
* limitations under the License.
|
|
18
|
+
*/
|
|
19
|
+
import { registerFunctionPermission } from './core/function-permission-registry.js';
|
|
20
|
+
/**
|
|
21
|
+
* Symbol key used to attach the function-permission def to a method.
|
|
22
|
+
* PermissionsAssert (or middleware) can read this to assert before invoking the handler.
|
|
23
|
+
*/
|
|
24
|
+
export const RequirePermissionDefKey = Symbol.for('RequirePermissionDef');
|
|
25
|
+
/**
|
|
26
|
+
* Method decorator that registers a function permission (scope + value) and attaches
|
|
27
|
+
* the def to the method. No assert in the decorator; assert runs at request time
|
|
28
|
+
* when the handler is invoked (via PermissionsAssert or module wrapper).
|
|
29
|
+
*
|
|
30
|
+
* @param scope - Branded permission scope (e.g. definePermissionScope('pathway', ['read','write','delete','admin']))
|
|
31
|
+
* @param value - One of scope.values (e.g. 'write')
|
|
32
|
+
*/
|
|
33
|
+
export function RequirePermission(scope, value) {
|
|
34
|
+
return function (originalMethod, _context) {
|
|
35
|
+
const def = registerFunctionPermission(scope, value);
|
|
36
|
+
originalMethod[RequirePermissionDefKey] = def;
|
|
37
|
+
return originalMethod;
|
|
38
|
+
};
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* Returns the function-permission def attached to a handler, or undefined.
|
|
42
|
+
*/
|
|
43
|
+
export function getRequirePermissionDef(handler) {
|
|
44
|
+
if (!handler || typeof handler !== 'function')
|
|
45
|
+
return undefined;
|
|
46
|
+
return handler[RequirePermissionDefKey];
|
|
47
|
+
}
|
|
@@ -1,17 +1,13 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { Clause_Where } from '@nu-art/firebase-shared';
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
3
2
|
import { Transaction } from 'firebase-admin/firestore';
|
|
4
3
|
import { CollectionActionType, PostWriteProcessingData } from '@nu-art/firebase-backend/firestore-v3/FirestoreCollectionV3';
|
|
5
|
-
import {
|
|
6
|
-
|
|
7
|
-
export declare class ModuleBE_PermissionAccessLevelDB_Class extends ModuleBE_BaseDB<DBProto_PermissionAccessLevel, Config> {
|
|
4
|
+
import { DatabaseDef_PermissionAccessLevel, DB_PermissionAccessLevel } from '@nu-art/permissions-shared';
|
|
5
|
+
export declare class ModuleBE_PermissionAccessLevelDB_Class extends ModuleBE_BaseDB<DatabaseDef_PermissionAccessLevel> {
|
|
8
6
|
constructor();
|
|
9
|
-
protected
|
|
10
|
-
protected
|
|
11
|
-
protected postWriteProcessing(data: PostWriteProcessingData<DBProto_PermissionAccessLevel>, actionType: CollectionActionType, transaction?: Transaction): Promise<void>;
|
|
7
|
+
protected preWriteProcessing(dbInstance: DB_PermissionAccessLevel, originalDbInstance: DatabaseDef_PermissionAccessLevel['dbType'], transaction?: Transaction): Promise<void>;
|
|
8
|
+
protected postWriteProcessing(data: PostWriteProcessingData<DatabaseDef_PermissionAccessLevel['dbType']>, actionType: CollectionActionType, transaction?: Transaction): Promise<void>;
|
|
12
9
|
protected assertDeletion(transaction: Transaction, dbInstance: DB_PermissionAccessLevel): Promise<void>;
|
|
13
10
|
private upgrade_100_101;
|
|
14
11
|
}
|
|
15
12
|
export declare const ModuleBE_PermissionAccessLevelDB: ModuleBE_PermissionAccessLevelDB_Class;
|
|
16
13
|
export declare function checkDuplicateLevelsDomain(levels: DB_PermissionAccessLevel[]): void;
|
|
17
|
-
export {};
|
|
@@ -1,6 +1,5 @@
|
|
|
1
|
-
import { ModuleBE_BaseDB
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
2
|
import { ApiException, batchActionParallel, dbObjectToId, filterDuplicates } from '@nu-art/ts-common';
|
|
3
|
-
import { MemKey_AccountId } from '@nu-art/user-account-backend';
|
|
4
3
|
import { ModuleBE_PermissionAPIDB } from '../permission-api/index.js';
|
|
5
4
|
import { ModuleBE_PermissionDomainDB } from '../permission-domain/index.js';
|
|
6
5
|
import { ModuleBE_PermissionGroupDB } from '../permission-group/index.js';
|
|
@@ -10,13 +9,8 @@ export class ModuleBE_PermissionAccessLevelDB_Class extends ModuleBE_BaseDB {
|
|
|
10
9
|
super(DBDef_PermissionAccessLevel);
|
|
11
10
|
this.registerVersionUpgradeProcessor('1.0.0', this.upgrade_100_101);
|
|
12
11
|
}
|
|
13
|
-
internalFilter(item) {
|
|
14
|
-
const { domainId, name, value } = item;
|
|
15
|
-
return [{ domainId, name }, { domainId, value }];
|
|
16
|
-
}
|
|
17
12
|
async preWriteProcessing(dbInstance, originalDbInstance, transaction) {
|
|
18
13
|
await ModuleBE_PermissionDomainDB.query.uniqueAssert(dbInstance.domainId);
|
|
19
|
-
dbInstance._auditorId = MemKey_AccountId.get();
|
|
20
14
|
}
|
|
21
15
|
async postWriteProcessing(data, actionType, transaction) {
|
|
22
16
|
const deleted = data.deleted ? (Array.isArray(data.deleted) ? data.deleted : [data.deleted]) : [];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
export declare const ModulePackBE_PermissionAccessLevel: (import("./ModuleBE_PermissionAccessLevelDB.js").ModuleBE_PermissionAccessLevelDB_Class | import("@nu-art/
|
|
1
|
+
export declare const ModulePackBE_PermissionAccessLevel: (import("./ModuleBE_PermissionAccessLevelDB.js").ModuleBE_PermissionAccessLevelDB_Class | import("@nu-art/db-api-backend").ModuleBE_BaseApi_Class<import("@nu-art/permissions-shared").DatabaseDef_PermissionAccessLevel>)[];
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { createApisForDBModule } from '@nu-art/db-api-backend';
|
|
2
2
|
import { ModuleBE_PermissionAccessLevelDB } from './ModuleBE_PermissionAccessLevelDB.js';
|
|
3
|
-
export const ModulePackBE_PermissionAccessLevel = [ModuleBE_PermissionAccessLevelDB,
|
|
3
|
+
export const ModulePackBE_PermissionAccessLevel = [ModuleBE_PermissionAccessLevelDB, createApisForDBModule(ModuleBE_PermissionAccessLevelDB)];
|
|
@@ -1,12 +1,10 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { DB_PermissionAPI,
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
|
+
import { DB_PermissionAPI, DatabaseDef_PermissionAPI, DatabaseDef_PermissionProject } from '@nu-art/permissions-shared';
|
|
3
3
|
import { Transaction } from 'firebase-admin/firestore';
|
|
4
|
-
|
|
5
|
-
export declare class ModuleBE_PermissionAPIDB_Class extends ModuleBE_BaseDB<DBProto_PermissionAPI, Config> {
|
|
4
|
+
export declare class ModuleBE_PermissionAPIDB_Class extends ModuleBE_BaseDB<DatabaseDef_PermissionAPI> {
|
|
6
5
|
constructor();
|
|
7
|
-
protected preWriteProcessing(instance: DB_PermissionAPI, originalDbInstance:
|
|
8
|
-
registerApis(projectId:
|
|
9
|
-
apiUpsert():
|
|
6
|
+
protected preWriteProcessing(instance: DB_PermissionAPI, originalDbInstance: DatabaseDef_PermissionAPI['dbType'], t?: Transaction): Promise<void>;
|
|
7
|
+
registerApis(projectId: DatabaseDef_PermissionProject['id'], routes: string[]): Promise<DB_PermissionAPI[]>;
|
|
8
|
+
apiUpsert(): unknown;
|
|
10
9
|
}
|
|
11
10
|
export declare const ModuleBE_PermissionAPIDB: ModuleBE_PermissionAPIDB_Class;
|
|
12
|
-
export {};
|
|
@@ -1,11 +1,11 @@
|
|
|
1
|
-
import { ModuleBE_BaseDB
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
2
|
import { DBDef_PermissionAPI } from '@nu-art/permissions-shared';
|
|
3
3
|
import { dbObjectToId, filterInstances } from '@nu-art/ts-common';
|
|
4
4
|
import { ModuleBE_PermissionAccessLevelDB } from '../permission-access-level/index.js';
|
|
5
5
|
import { MemKey_AccountId } from '@nu-art/user-account-backend';
|
|
6
6
|
import { ModuleBE_PermissionProjectDB } from '../permission-project/index.js';
|
|
7
7
|
import { HttpCodes } from '@nu-art/ts-common/core/exceptions/http-codes';
|
|
8
|
-
import { trimStartingForwardSlash } from '@nu-art/
|
|
8
|
+
import { trimStartingForwardSlash } from '@nu-art/permissions-shared';
|
|
9
9
|
export class ModuleBE_PermissionAPIDB_Class extends ModuleBE_BaseDB {
|
|
10
10
|
constructor() {
|
|
11
11
|
super(DBDef_PermissionAPI);
|
|
@@ -48,10 +48,10 @@ export class ModuleBE_PermissionAPIDB_Class extends ModuleBE_BaseDB {
|
|
|
48
48
|
}
|
|
49
49
|
registerApis(projectId, routes) {
|
|
50
50
|
return this.runTransaction(async (transaction) => {
|
|
51
|
-
const existingProjectApis = await this.query.custom({ where: { projectId
|
|
51
|
+
const existingProjectApis = await this.query.custom({ where: { projectId } }, transaction);
|
|
52
52
|
const apisToAdd = routes
|
|
53
53
|
.filter(path => !existingProjectApis.find(api => api.path === path))
|
|
54
|
-
.map(path => ({ path, projectId
|
|
54
|
+
.map(path => ({ path, projectId, _auditorId: MemKey_AccountId.get() }));
|
|
55
55
|
return this.set.all(apisToAdd, transaction);
|
|
56
56
|
});
|
|
57
57
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
export declare const ModulePackBE_PermissionAPI: (import("./ModuleBE_PermissionAPIDB.js").ModuleBE_PermissionAPIDB_Class | import("@nu-art/
|
|
1
|
+
export declare const ModulePackBE_PermissionAPI: (import("./ModuleBE_PermissionAPIDB.js").ModuleBE_PermissionAPIDB_Class | import("@nu-art/db-api-backend").ModuleBE_BaseApi_Class<import("@nu-art/permissions-shared").DatabaseDef_PermissionAPI>)[];
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { createApisForDBModule } from '@nu-art/db-api-backend';
|
|
2
2
|
import { ModuleBE_PermissionAPIDB } from './ModuleBE_PermissionAPIDB.js';
|
|
3
|
-
export const ModulePackBE_PermissionAPI = [ModuleBE_PermissionAPIDB,
|
|
3
|
+
export const ModulePackBE_PermissionAPI = [ModuleBE_PermissionAPIDB, createApisForDBModule(ModuleBE_PermissionAPIDB)];
|
|
@@ -1,15 +1,9 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import {
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
|
+
import { DatabaseDef_PermissionDomain, DB_PermissionDomain } from '@nu-art/permissions-shared';
|
|
3
3
|
import { Transaction } from 'firebase-admin/firestore';
|
|
4
|
-
|
|
5
|
-
export declare class ModuleBE_PermissionDomainDB_Class extends ModuleBE_BaseDB<DBProto_PermissionDomain, Config> {
|
|
4
|
+
export declare class ModuleBE_PermissionDomainDB_Class extends ModuleBE_BaseDB<DatabaseDef_PermissionDomain> {
|
|
6
5
|
constructor();
|
|
7
6
|
protected assertDeletion(transaction: Transaction, dbInstance: DB_PermissionDomain): Promise<void>;
|
|
8
|
-
|
|
9
|
-
namespace: string;
|
|
10
|
-
projectId: string;
|
|
11
|
-
}[];
|
|
12
|
-
protected preWriteProcessing(dbInstance: DB_PermissionDomain, originalDbInstance: DBProto_PermissionDomain['dbType'], t?: Transaction): Promise<void>;
|
|
7
|
+
protected preWriteProcessing(dbInstance: DB_PermissionDomain, originalDbInstance: DatabaseDef_PermissionDomain['dbType'], t?: Transaction): Promise<void>;
|
|
13
8
|
}
|
|
14
9
|
export declare const ModuleBE_PermissionDomainDB: ModuleBE_PermissionDomainDB_Class;
|
|
15
|
-
export {};
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ModuleBE_BaseDB
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
2
|
import { DBDef_PermissionDomain } from '@nu-art/permissions-shared';
|
|
3
3
|
import { ApiException } from '@nu-art/ts-common';
|
|
4
4
|
import { MemKey_AccountId } from '@nu-art/user-account-backend';
|
|
@@ -14,9 +14,6 @@ export class ModuleBE_PermissionDomainDB_Class extends ModuleBE_BaseDB {
|
|
|
14
14
|
throw new ApiException(403, 'You trying delete domain that associated with accessLevels, you need delete the accessLevels first');
|
|
15
15
|
}
|
|
16
16
|
}
|
|
17
|
-
internalFilter(item) {
|
|
18
|
-
return [{ namespace: item.namespace, projectId: item.projectId }];
|
|
19
|
-
}
|
|
20
17
|
async preWriteProcessing(dbInstance, originalDbInstance, t) {
|
|
21
18
|
await ModuleBE_PermissionProjectDB.query.uniqueAssert(dbInstance.projectId, t);
|
|
22
19
|
dbInstance._auditorId = MemKey_AccountId.get();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
export declare const ModulePackBE_PermissionDomain: (import("./ModuleBE_PermissionDomainDB.js").ModuleBE_PermissionDomainDB_Class | import("@nu-art/
|
|
1
|
+
export declare const ModulePackBE_PermissionDomain: (import("./ModuleBE_PermissionDomainDB.js").ModuleBE_PermissionDomainDB_Class | import("@nu-art/db-api-backend").ModuleBE_BaseApi_Class<import("@nu-art/permissions-shared").DatabaseDef_PermissionDomain>)[];
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { createApisForDBModule } from '@nu-art/db-api-backend';
|
|
2
2
|
import { ModuleBE_PermissionDomainDB } from './ModuleBE_PermissionDomainDB.js';
|
|
3
|
-
export const ModulePackBE_PermissionDomain = [ModuleBE_PermissionDomainDB,
|
|
3
|
+
export const ModulePackBE_PermissionDomain = [ModuleBE_PermissionDomainDB, createApisForDBModule(ModuleBE_PermissionDomainDB)];
|
|
@@ -1,14 +1,12 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { DB_PermissionGroup,
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
|
+
import { DB_PermissionGroup, DatabaseDef_PermissionGroup } from '@nu-art/permissions-shared';
|
|
3
3
|
import { Transaction } from 'firebase-admin/firestore';
|
|
4
4
|
import { CollectionActionType, PostWriteProcessingData } from '@nu-art/firebase-backend/firestore-v3/FirestoreCollectionV3';
|
|
5
|
-
|
|
6
|
-
export declare class ModuleBE_PermissionGroupDB_Class extends ModuleBE_BaseDB<DBProto_PermissionGroup, Config> {
|
|
5
|
+
export declare class ModuleBE_PermissionGroupDB_Class extends ModuleBE_BaseDB<DatabaseDef_PermissionGroup> {
|
|
7
6
|
constructor();
|
|
8
|
-
protected preWriteProcessing(instance: DB_PermissionGroup, originalDbInstance:
|
|
9
|
-
protected postWriteProcessing(data: PostWriteProcessingData<
|
|
7
|
+
protected preWriteProcessing(instance: DB_PermissionGroup, originalDbInstance: DatabaseDef_PermissionGroup['dbType'], t?: Transaction): Promise<void>;
|
|
8
|
+
protected postWriteProcessing(data: PostWriteProcessingData<DatabaseDef_PermissionGroup['dbType']>, actionType: CollectionActionType): Promise<void>;
|
|
10
9
|
private clearUnused;
|
|
11
10
|
private upgrade_100_101;
|
|
12
11
|
}
|
|
13
12
|
export declare const ModuleBE_PermissionGroupDB: ModuleBE_PermissionGroupDB_Class;
|
|
14
|
-
export {};
|
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
2
|
import { DBDef_PermissionGroup } from '@nu-art/permissions-shared';
|
|
3
|
+
import { getActionProcessor } from '../../permissions-wire.js';
|
|
3
4
|
import { _keys, ApiException, batchActionParallel, dbObjectToId, filterDuplicates, filterInstances, reduceToMap } from '@nu-art/ts-common';
|
|
4
5
|
import { ModuleBE_PermissionAccessLevelDB } from '../permission-access-level/index.js';
|
|
5
6
|
import { MemKey_AccountId, SlackReporter } from '@nu-art/user-account-backend';
|
|
@@ -8,12 +9,14 @@ import { _EmptyQuery } from '@nu-art/firebase-shared';
|
|
|
8
9
|
export class ModuleBE_PermissionGroupDB_Class extends ModuleBE_BaseDB {
|
|
9
10
|
constructor() {
|
|
10
11
|
super(DBDef_PermissionGroup);
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
12
|
+
const processor = getActionProcessor();
|
|
13
|
+
if (processor)
|
|
14
|
+
processor.registerAction({
|
|
15
|
+
key: 'clear-unused-permission-groups',
|
|
16
|
+
group: 'Permissions',
|
|
17
|
+
description: 'Clears all permission groups that aren\'t in use',
|
|
18
|
+
processor: this.clearUnused
|
|
19
|
+
}, this);
|
|
17
20
|
this.registerVersionUpgradeProcessor('1.0.0', this.upgrade_100_101);
|
|
18
21
|
}
|
|
19
22
|
async preWriteProcessing(instance, originalDbInstance, t) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
export declare const ModulePackBE_PermissionGroup: (import("./ModuleBE_PermissionGroupDB.js").ModuleBE_PermissionGroupDB_Class | import("@nu-art/
|
|
1
|
+
export declare const ModulePackBE_PermissionGroup: (import("./ModuleBE_PermissionGroupDB.js").ModuleBE_PermissionGroupDB_Class | import("@nu-art/db-api-backend").ModuleBE_BaseApi_Class<import("@nu-art/permissions-shared").DatabaseDef_PermissionGroup>)[];
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { createApisForDBModule } from '@nu-art/db-api-backend';
|
|
2
2
|
import { ModuleBE_PermissionGroupDB } from './ModuleBE_PermissionGroupDB.js';
|
|
3
|
-
export const ModulePackBE_PermissionGroup = [ModuleBE_PermissionGroupDB,
|
|
3
|
+
export const ModulePackBE_PermissionGroup = [ModuleBE_PermissionGroupDB, createApisForDBModule(ModuleBE_PermissionGroupDB)];
|
|
@@ -1,10 +1,8 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { DB_PermissionProject,
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
|
+
import { DB_PermissionProject, DatabaseDef_PermissionProject } from '@nu-art/permissions-shared';
|
|
3
3
|
import { Transaction } from 'firebase-admin/firestore';
|
|
4
|
-
|
|
5
|
-
export declare class ModuleBE_PermissionProjectDB_Class extends ModuleBE_BaseDB<DBProto_PermissionProject, Config> {
|
|
4
|
+
export declare class ModuleBE_PermissionProjectDB_Class extends ModuleBE_BaseDB<DatabaseDef_PermissionProject> {
|
|
6
5
|
constructor();
|
|
7
|
-
protected preWriteProcessing(dbInstance: DB_PermissionProject, originalDbInstance:
|
|
6
|
+
protected preWriteProcessing(dbInstance: DB_PermissionProject, originalDbInstance: DatabaseDef_PermissionProject['dbType'], t?: Transaction): Promise<void>;
|
|
8
7
|
}
|
|
9
8
|
export declare const ModuleBE_PermissionProjectDB: ModuleBE_PermissionProjectDB_Class;
|
|
10
|
-
export {};
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ModuleBE_BaseDB
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
2
|
import { DBDef_PermissionProject } from '@nu-art/permissions-shared';
|
|
3
3
|
import { MemKey_AccountId } from '@nu-art/user-account-backend';
|
|
4
4
|
export class ModuleBE_PermissionProjectDB_Class extends ModuleBE_BaseDB {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
export declare const ModulePackBE_PermissionProject: (import("./ModuleBE_PermissionProjectDB.js").ModuleBE_PermissionProjectDB_Class | import("@nu-art/
|
|
1
|
+
export declare const ModulePackBE_PermissionProject: (import("./ModuleBE_PermissionProjectDB.js").ModuleBE_PermissionProjectDB_Class | import("@nu-art/db-api-backend").ModuleBE_BaseApi_Class<import("@nu-art/permissions-shared").DatabaseDef_PermissionProject>)[];
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { createApisForDBModule } from '@nu-art/db-api-backend';
|
|
2
2
|
import { ModuleBE_PermissionProjectDB } from './ModuleBE_PermissionProjectDB.js';
|
|
3
|
-
export const ModulePackBE_PermissionProject = [ModuleBE_PermissionProjectDB,
|
|
3
|
+
export const ModulePackBE_PermissionProject = [ModuleBE_PermissionProjectDB, createApisForDBModule(ModuleBE_PermissionProjectDB)];
|
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
import { ModuleBE_BaseApi_Class } from '@nu-art/
|
|
2
|
-
import {
|
|
3
|
-
declare class ModuleBE_PermissionUserAPI_Class extends ModuleBE_BaseApi_Class<
|
|
1
|
+
import { ModuleBE_BaseApi_Class } from '@nu-art/db-api-backend';
|
|
2
|
+
import { API_PermissionUser, DatabaseDef_PermissionUser } from '@nu-art/permissions-shared';
|
|
3
|
+
declare class ModuleBE_PermissionUserAPI_Class extends ModuleBE_BaseApi_Class<DatabaseDef_PermissionUser> {
|
|
4
4
|
constructor();
|
|
5
5
|
init(): void;
|
|
6
|
+
assignPermissions(body: API_PermissionUser['assignPermissions']['Body']): Promise<void>;
|
|
6
7
|
}
|
|
7
8
|
export declare const ModuleBE_PermissionUserAPI: ModuleBE_PermissionUserAPI_Class;
|
|
8
9
|
export {};
|
|
@@ -1,13 +1,66 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
constructor() {
|
|
6
|
-
super(ModuleBE_PermissionUserDB);
|
|
1
|
+
var __runInitializers = (this && this.__runInitializers) || function (thisArg, initializers, value) {
|
|
2
|
+
var useValue = arguments.length > 2;
|
|
3
|
+
for (var i = 0; i < initializers.length; i++) {
|
|
4
|
+
value = useValue ? initializers[i].call(thisArg, value) : initializers[i].call(thisArg);
|
|
7
5
|
}
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
6
|
+
return useValue ? value : void 0;
|
|
7
|
+
};
|
|
8
|
+
var __esDecorate = (this && this.__esDecorate) || function (ctor, descriptorIn, decorators, contextIn, initializers, extraInitializers) {
|
|
9
|
+
function accept(f) { if (f !== void 0 && typeof f !== "function") throw new TypeError("Function expected"); return f; }
|
|
10
|
+
var kind = contextIn.kind, key = kind === "getter" ? "get" : kind === "setter" ? "set" : "value";
|
|
11
|
+
var target = !descriptorIn && ctor ? contextIn["static"] ? ctor : ctor.prototype : null;
|
|
12
|
+
var descriptor = descriptorIn || (target ? Object.getOwnPropertyDescriptor(target, contextIn.name) : {});
|
|
13
|
+
var _, done = false;
|
|
14
|
+
for (var i = decorators.length - 1; i >= 0; i--) {
|
|
15
|
+
var context = {};
|
|
16
|
+
for (var p in contextIn) context[p] = p === "access" ? {} : contextIn[p];
|
|
17
|
+
for (var p in contextIn.access) context.access[p] = contextIn.access[p];
|
|
18
|
+
context.addInitializer = function (f) { if (done) throw new TypeError("Cannot add initializers after decoration has completed"); extraInitializers.push(accept(f || null)); };
|
|
19
|
+
var result = (0, decorators[i])(kind === "accessor" ? { get: descriptor.get, set: descriptor.set } : descriptor[key], context);
|
|
20
|
+
if (kind === "accessor") {
|
|
21
|
+
if (result === void 0) continue;
|
|
22
|
+
if (result === null || typeof result !== "object") throw new TypeError("Object expected");
|
|
23
|
+
if (_ = accept(result.get)) descriptor.get = _;
|
|
24
|
+
if (_ = accept(result.set)) descriptor.set = _;
|
|
25
|
+
if (_ = accept(result.init)) initializers.unshift(_);
|
|
26
|
+
}
|
|
27
|
+
else if (_ = accept(result)) {
|
|
28
|
+
if (kind === "field") initializers.unshift(_);
|
|
29
|
+
else descriptor[key] = _;
|
|
30
|
+
}
|
|
11
31
|
}
|
|
12
|
-
|
|
32
|
+
if (target) Object.defineProperty(target, contextIn.name, descriptor);
|
|
33
|
+
done = true;
|
|
34
|
+
};
|
|
35
|
+
import { CrudApiDef } from '@nu-art/db-api-shared';
|
|
36
|
+
import { ModuleBE_BaseApi_Class } from '@nu-art/db-api-backend';
|
|
37
|
+
import { ApiHandler } from '@nu-art/http-server';
|
|
38
|
+
import { ApiDef_PermissionUser, DBDef_PermissionUser } from '@nu-art/permissions-shared';
|
|
39
|
+
import { ModuleBE_PermissionUserDB } from './ModuleBE_PermissionUserDB.js';
|
|
40
|
+
let ModuleBE_PermissionUserAPI_Class = (() => {
|
|
41
|
+
let _classSuper = ModuleBE_BaseApi_Class;
|
|
42
|
+
let _instanceExtraInitializers = [];
|
|
43
|
+
let _assignPermissions_decorators;
|
|
44
|
+
return class ModuleBE_PermissionUserAPI_Class extends _classSuper {
|
|
45
|
+
static {
|
|
46
|
+
const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(_classSuper[Symbol.metadata] ?? null) : void 0;
|
|
47
|
+
_assignPermissions_decorators = [ApiHandler(ApiDef_PermissionUser.assignPermissions)];
|
|
48
|
+
__esDecorate(this, null, _assignPermissions_decorators, { kind: "method", name: "assignPermissions", static: false, private: false, access: { has: obj => "assignPermissions" in obj, get: obj => obj.assignPermissions }, metadata: _metadata }, null, _instanceExtraInitializers);
|
|
49
|
+
if (_metadata) Object.defineProperty(this, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
|
|
50
|
+
}
|
|
51
|
+
constructor() {
|
|
52
|
+
super({
|
|
53
|
+
dbModule: ModuleBE_PermissionUserDB,
|
|
54
|
+
crudApiDef: CrudApiDef(DBDef_PermissionUser.dbKey),
|
|
55
|
+
});
|
|
56
|
+
__runInitializers(this, _instanceExtraInitializers);
|
|
57
|
+
}
|
|
58
|
+
init() {
|
|
59
|
+
super.init();
|
|
60
|
+
}
|
|
61
|
+
async assignPermissions(body) {
|
|
62
|
+
await ModuleBE_PermissionUserDB.assignPermissions(body);
|
|
63
|
+
}
|
|
64
|
+
};
|
|
65
|
+
})();
|
|
13
66
|
export const ModuleBE_PermissionUserAPI = new ModuleBE_PermissionUserAPI_Class();
|
|
@@ -1,13 +1,12 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { DB_PermissionUser,
|
|
3
|
-
import { PerformProjectSetup } from '@nu-art/thunderstorm-backend/modules/action-processor/Action_SetupProject';
|
|
1
|
+
import { ModuleBE_BaseDB } from '@nu-art/db-api-backend';
|
|
2
|
+
import { DB_PermissionUser, DatabaseDef_PermissionUser, Request_AssignPermissions, User_Group, type PerformProjectSetup } from '@nu-art/permissions-shared';
|
|
4
3
|
import { DB_BaseObject, UniqueId } from '@nu-art/ts-common';
|
|
5
4
|
import { OnNewUserRegistered, OnUserLogin } from '@nu-art/user-account-backend';
|
|
6
5
|
import { Transaction } from 'firebase-admin/firestore';
|
|
7
6
|
import { UI_Account } from '@nu-art/user-account-shared';
|
|
8
|
-
import { CollectionActionType
|
|
9
|
-
|
|
10
|
-
export declare class ModuleBE_PermissionUserDB_Class extends ModuleBE_BaseDB<
|
|
7
|
+
import { CollectionActionType } from '@nu-art/firebase-backend/firestore-v3/FirestoreCollectionV3';
|
|
8
|
+
import { PostWriteProcessingDataShape } from '@nu-art/db-api-backend';
|
|
9
|
+
export declare class ModuleBE_PermissionUserDB_Class extends ModuleBE_BaseDB<DatabaseDef_PermissionUser> implements OnNewUserRegistered, OnUserLogin, PerformProjectSetup {
|
|
11
10
|
private defaultPermissionGroups?;
|
|
12
11
|
constructor();
|
|
13
12
|
__performProjectSetup(): {
|
|
@@ -16,9 +15,9 @@ export declare class ModuleBE_PermissionUserDB_Class extends ModuleBE_BaseDB<DBP
|
|
|
16
15
|
};
|
|
17
16
|
__onUserLogin(account: UI_Account, transaction: Transaction): Promise<void>;
|
|
18
17
|
__onNewUserRegistered(account: UI_Account, transaction: Transaction): Promise<void>;
|
|
19
|
-
protected preWriteProcessing(instance: DB_PermissionUser, originalDbInstance:
|
|
20
|
-
protected postWriteProcessing(data:
|
|
21
|
-
insertIfNotExist: (uiAccount: UI_Account & DB_BaseObject, transaction: Transaction) => Promise<DB_PermissionUser | (Omit<DB_PermissionUser, "_id" | "
|
|
18
|
+
protected preWriteProcessing(instance: DB_PermissionUser, originalDbInstance: DatabaseDef_PermissionUser['dbType'], t?: Transaction): Promise<void>;
|
|
19
|
+
protected postWriteProcessing(data: PostWriteProcessingDataShape<DatabaseDef_PermissionUser['dbType']>, actionType: CollectionActionType): Promise<void>;
|
|
20
|
+
insertIfNotExist: (uiAccount: UI_Account & DB_BaseObject, transaction: Transaction) => Promise<DB_PermissionUser | (Omit<DB_PermissionUser, "_id" | "__created" | "__updated" | "_v" | ("_auditorId" | "__groupIds")> & Partial<import("@nu-art/ts-common").SubsetObjectByKeys<DB_PermissionUser, "_id" | "__created" | "__updated" | "_v" | ("_auditorId" | "__groupIds")>> & Partial<import("@nu-art/db-api-shared").DB_Object>)>;
|
|
22
21
|
assignPermissions(body: Request_AssignPermissions): Promise<void>;
|
|
23
22
|
setDefaultPermissionGroups: (groupsGetter: () => Promise<User_Group[]>) => void;
|
|
24
23
|
clearDefaultPermissionGroups: () => void;
|
|
@@ -33,4 +32,3 @@ export declare class ModuleBE_PermissionUserDB_Class extends ModuleBE_BaseDB<DBP
|
|
|
33
32
|
rotateSession(accountIds: UniqueId[]): Promise<void>;
|
|
34
33
|
}
|
|
35
34
|
export declare const ModuleBE_PermissionUserDB: ModuleBE_PermissionUserDB_Class;
|
|
36
|
-
export {};
|