@objectstack/plugin-security 9.5.1 → 9.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.d.mts +4 -4
  2. package/dist/index.d.ts +4 -4
  3. package/dist/index.js +11 -3
  4. package/dist/index.js.map +1 -1
  5. package/dist/index.mjs +11 -3
  6. package/dist/index.mjs.map +1 -1
  7. package/package.json +6 -6
package/dist/index.d.mts CHANGED
@@ -996,7 +996,7 @@ declare const securityObjects: ((Omit<{
996
996
  trash: boolean;
997
997
  mru: boolean;
998
998
  clone: boolean;
999
- apiMethods?: ("aggregate" | "update" | "delete" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "restore" | "purge" | "export")[] | undefined;
999
+ apiMethods?: ("aggregate" | "update" | "delete" | "restore" | "purge" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "export")[] | undefined;
1000
1000
  } | undefined;
1001
1001
  recordTypes?: string[] | undefined;
1002
1002
  sharingModel?: "full" | "read" | "private" | "read_write" | undefined;
@@ -3866,7 +3866,7 @@ declare const securityObjects: ((Omit<{
3866
3866
  trash: boolean;
3867
3867
  mru: boolean;
3868
3868
  clone: boolean;
3869
- apiMethods?: ("aggregate" | "update" | "delete" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "restore" | "purge" | "export")[] | undefined;
3869
+ apiMethods?: ("aggregate" | "update" | "delete" | "restore" | "purge" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "export")[] | undefined;
3870
3870
  } | undefined;
3871
3871
  recordTypes?: string[] | undefined;
3872
3872
  sharingModel?: "full" | "read" | "private" | "read_write" | undefined;
@@ -7330,7 +7330,7 @@ declare const securityObjects: ((Omit<{
7330
7330
  trash: boolean;
7331
7331
  mru: boolean;
7332
7332
  clone: boolean;
7333
- apiMethods?: ("aggregate" | "update" | "delete" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "restore" | "purge" | "export")[] | undefined;
7333
+ apiMethods?: ("aggregate" | "update" | "delete" | "restore" | "purge" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "export")[] | undefined;
7334
7334
  } | undefined;
7335
7335
  recordTypes?: string[] | undefined;
7336
7336
  sharingModel?: "full" | "read" | "private" | "read_write" | undefined;
@@ -9611,7 +9611,7 @@ declare const securityObjects: ((Omit<{
9611
9611
  trash: boolean;
9612
9612
  mru: boolean;
9613
9613
  clone: boolean;
9614
- apiMethods?: ("aggregate" | "update" | "delete" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "restore" | "purge" | "export")[] | undefined;
9614
+ apiMethods?: ("aggregate" | "update" | "delete" | "restore" | "purge" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "export")[] | undefined;
9615
9615
  } | undefined;
9616
9616
  recordTypes?: string[] | undefined;
9617
9617
  sharingModel?: "full" | "read" | "private" | "read_write" | undefined;
package/dist/index.d.ts CHANGED
@@ -996,7 +996,7 @@ declare const securityObjects: ((Omit<{
996
996
  trash: boolean;
997
997
  mru: boolean;
998
998
  clone: boolean;
999
- apiMethods?: ("aggregate" | "update" | "delete" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "restore" | "purge" | "export")[] | undefined;
999
+ apiMethods?: ("aggregate" | "update" | "delete" | "restore" | "purge" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "export")[] | undefined;
1000
1000
  } | undefined;
1001
1001
  recordTypes?: string[] | undefined;
1002
1002
  sharingModel?: "full" | "read" | "private" | "read_write" | undefined;
@@ -3866,7 +3866,7 @@ declare const securityObjects: ((Omit<{
3866
3866
  trash: boolean;
3867
3867
  mru: boolean;
3868
3868
  clone: boolean;
3869
- apiMethods?: ("aggregate" | "update" | "delete" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "restore" | "purge" | "export")[] | undefined;
3869
+ apiMethods?: ("aggregate" | "update" | "delete" | "restore" | "purge" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "export")[] | undefined;
3870
3870
  } | undefined;
3871
3871
  recordTypes?: string[] | undefined;
3872
3872
  sharingModel?: "full" | "read" | "private" | "read_write" | undefined;
@@ -7330,7 +7330,7 @@ declare const securityObjects: ((Omit<{
7330
7330
  trash: boolean;
7331
7331
  mru: boolean;
7332
7332
  clone: boolean;
7333
- apiMethods?: ("aggregate" | "update" | "delete" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "restore" | "purge" | "export")[] | undefined;
7333
+ apiMethods?: ("aggregate" | "update" | "delete" | "restore" | "purge" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "export")[] | undefined;
7334
7334
  } | undefined;
7335
7335
  recordTypes?: string[] | undefined;
7336
7336
  sharingModel?: "full" | "read" | "private" | "read_write" | undefined;
@@ -9611,7 +9611,7 @@ declare const securityObjects: ((Omit<{
9611
9611
  trash: boolean;
9612
9612
  mru: boolean;
9613
9613
  clone: boolean;
9614
- apiMethods?: ("aggregate" | "update" | "delete" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "restore" | "purge" | "export")[] | undefined;
9614
+ apiMethods?: ("aggregate" | "update" | "delete" | "restore" | "purge" | "search" | "create" | "import" | "list" | "get" | "upsert" | "bulk" | "history" | "export")[] | undefined;
9615
9615
  } | undefined;
9616
9616
  recordTypes?: string[] | undefined;
9617
9617
  sharingModel?: "full" | "read" | "private" | "read_write" | undefined;
package/dist/index.js CHANGED
@@ -3,8 +3,13 @@ var __defProp = Object.defineProperty;
3
3
  var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
4
  var __getOwnPropNames = Object.getOwnPropertyNames;
5
5
  var __hasOwnProp = Object.prototype.hasOwnProperty;
6
- var __esm = (fn, res) => function __init() {
7
- return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
6
+ var __esm = (fn, res, err) => function __init() {
7
+ if (err) throw err[0];
8
+ try {
9
+ return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
10
+ } catch (e) {
11
+ throw err = [e], e;
12
+ }
8
13
  };
9
14
  var __export = (target, all) => {
10
15
  for (var name in all)
@@ -928,6 +933,7 @@ var OPERATION_TO_PERMISSION = {
928
933
  update: "allowEdit",
929
934
  delete: "allowDelete"
930
935
  };
936
+ var DESTRUCTIVE_OPERATIONS = /* @__PURE__ */ new Set(["transfer", "restore", "purge"]);
931
937
  var PermissionEvaluator = class {
932
938
  /**
933
939
  * Check if an operation is allowed on an object for the given permission sets.
@@ -935,7 +941,9 @@ var PermissionEvaluator = class {
935
941
  */
936
942
  checkObjectPermission(operation, objectName, permissionSets) {
937
943
  const permKey = OPERATION_TO_PERMISSION[operation];
938
- if (!permKey) return true;
944
+ if (!permKey) {
945
+ return !DESTRUCTIVE_OPERATIONS.has(operation);
946
+ }
939
947
  for (const ps of permissionSets) {
940
948
  const objPerm = ps.objects?.[objectName] ?? ps.objects?.["*"];
941
949
  if (objPerm) {