npm - @onehat/ui - Versions diffs - 0.3.367 → 0.3.370 - Mend

@onehat/ui 0.3.367 → 0.3.370

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json +1 -1
package/src/Components/Hoc/withPermissions.js +72 -63
package/src/Components/Tree/Tree.js +5 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@onehat/ui",
-	"version": "0.3.367",
+	"version": "0.3.370",
 	"description": "Base UI for OneHat apps",
 	"main": "src/index.js",
 	"type": "module",

package/src/Components/Hoc/withPermissions.js CHANGED Viewed

@@ -13,6 +13,72 @@ import {
 import UiGlobals from '../../UiGlobals.js';
 import _ from 'lodash';
+/**
+ * checkPermission
+ * @param {string} permission like 'view_pm_events'
+ * @returns {boolean} - Whether permission is permitted
+ */
+export function checkPermission(permission) {
+	const
+		reduxState = UiGlobals.redux?.getState(),
+		permissions = reduxState?.app?.permissions;
+	if (!permissions) {
+		return false;
+	}
+	return inArray(permission, permissions);
+}
+/**
+ * Check if user has permission to perform an action
+ *
+ * Example usages:
+ * canUser('view') // check if user can perform 'view' action on the default model
+ * canUser('add', 'PmEvents') // check if user can perform 'add' action on a specific model
+ * canUser('do_something_else) // check if user has a custom permission
+ *
+ * @param {string} permission - The permission to check for.
+ * @param {string} modelToCheck - The model to check for the permission on.
+ * @returns {boolean} - Whether user has permission
+ */
+export function canUser(permission, modelToCheck = null) {
+	if (modelToCheck) {
+		// deal with special cases that refer to other permissions
+		switch(permission) {
+			case PRINT:
+				permission = VIEW; // correct; doesn't recursively call canUser(), just continues on with this permission
+				break;
+			case COPY:
+			case DUPLICATE: {
+				// user must have ADD _and_ EDIT permissions, so check both
+				const
+					hasAddPermission = canUser(ADD, modelToCheck),
+					hasEditPermission = canUser(EDIT, modelToCheck);
+				return hasAddPermission && hasEditPermission;
+			}
+			case UPLOAD_DOWNLOAD: {
+				// user must have VIEW, ADD, EDIT, and DELETE permissions, so check all of them
+				const
+					hasViewPermission = canUser(VIEW, modelToCheck),
+					hasAddPermission = canUser(ADD, modelToCheck),
+					hasEditPermission = canUser(EDIT, modelToCheck),
+					hasDeletePermission = canUser(DELETE, modelToCheck);
+				return hasViewPermission && hasAddPermission && hasEditPermission && hasDeletePermission;
+			}
+			default:
+				// do nothing
+				break;
+		}
+		// standard CRUD permissions
+		if (inArray(permission, [VIEW, ADD, EDIT, DELETE])) {
+			modelToCheck = Inflector.underscore(modelToCheck); // 'PmEvents' -> 'pm_events'
+			permission += '_' + modelToCheck; // e.g. 'view_pm_events'
+		}
+	}
+	return checkPermission(permission);
+}
 export default function withPermissions(WrappedComponent, forceUsePermissions = false) {
 	return (props) => {
@@ -29,81 +95,24 @@ export default function withPermissions(WrappedComponent, forceUsePermissions =
 				Repository,
 			} = props,
 			model = Repository?.schema?.permissionsModel || Repository?.schema?.name, // so we can use an alternate model for permissions if needed
-			checkPermission = (permission) => {
-				const
-					reduxState = UiGlobals.redux?.getState(),
-					permissions = reduxState?.app?.permissions;
-				if (!permissions) {
-					return false;
-				}
-				return inArray(permission, permissions);
-			},
 			showPermissionsError = (permission, modelForAlert = null) => {
 				if (!modelForAlert) {
-					modelForAlert = model; // use default model if none supplied
+					modelForAlert = model;
 				}
 				modelForAlert = Inflector.humanize(Inflector.underscore(modelForAlert)); // 'PmEvents' -> 'pm events'
 				alert(`You are not authorized to ${permission} ${modelForAlert}.`);
 			},
-			/**
-			 * Check if user has permission to perform an action
-			 *
-			 * Example usages:
-			 * canUser('view') // check if user can perform 'view' action on the default model
-			 * canUser('add', 'PmEvents') // check if user can perform 'add' action on a specific model
-			 * canUser('do_something_else) // check if user has a custom permission
-			 *
-			 * @param {string} permission - The permission to check for.
-			 * @param {string} modelToCheck - The model to check for the permission on.
-			 * @returns {boolean} - Whether user has permission
-			 */
-			canUser = (permission, modelToCheck = null) => {
-				// deal with special cases that refer to other permissions
-				switch(permission) {
-					case PRINT:
-						permission = VIEW;
-						break;
-					case COPY:
-					case DUPLICATE: {
-						// user must have ADD _and_ EDIT permissions, so check both
-						const
-							hasAddPermission = canUser(ADD, modelToCheck),
-							hasEditPermission = canUser(EDIT, modelToCheck);
-						return hasAddPermission && hasEditPermission;
-					}
-					case UPLOAD_DOWNLOAD: {
-						// user must have VIEW, ADD, EDIT, and DELETE permissions, so check all of them
-						const
-							hasViewPermission = canUser(VIEW, modelToCheck),
-							hasAddPermission = canUser(ADD, modelToCheck),
-							hasEditPermission = canUser(EDIT, modelToCheck),
-							hasDeletePermission = canUser(DELETE, modelToCheck);
-						return hasViewPermission && hasAddPermission && hasEditPermission && hasDeletePermission;
-					}
-					default:
-						// do nothing
-						break;
-				}
-				// standard CRUD permissions
-				if (inArray(permission, [VIEW, ADD, EDIT, DELETE])) {
-					if (!modelToCheck) {
-						modelToCheck = model; // use default model if none supplied
-					}
-					modelToCheck = Inflector.underscore(modelToCheck); // 'PmEvents' -> 'pm_events'
-					permission += '_' + modelToCheck; // e.g. 'view_pm_events'
+			canUserDecorator = (permission, modelToCheck = null) => {
+				if (!modelToCheck) {
+					modelToCheck = model; // fallback to the model of the Repository
 				}
-				return checkPermission(permission);
+				return canUser(permission, modelToCheck);
 			};
 		return <WrappedComponent
 					{...props}
-					canUser={canUser}
+					canUser={canUserDecorator}
 					showPermissionsError={showPermissionsError}
 				/>;
 	};

package/src/Components/Tree/Tree.js CHANGED Viewed

@@ -879,6 +879,11 @@ function TreeComponent(props) {
 											return;
 										}
 										onEdit();
+									} else if (onView) {
+										if (canUser && !canUser(VIEW)) { // permissions
+											return;
+										}
+										onView();
 									}
 									break;
 								case 3: // triple click