@opengis/fastify-table 1.1.115 → 1.1.116
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,4 @@
|
|
|
1
|
-
import config from '../../../../config.js';
|
|
2
1
|
import pgClients from '../../pg/pgClients.js';
|
|
3
|
-
|
|
4
2
|
import getTemplate from '../../table/funcs/getTemplate.js';
|
|
5
3
|
import applyHook from '../../hook/funcs/applyHook.js';
|
|
6
4
|
|
|
@@ -26,33 +24,29 @@ export default async function getAccess({ table, user = {} }) {
|
|
|
26
24
|
const hookData = await applyHook('getAccess', { table, user });
|
|
27
25
|
if (hookData) return hookData;
|
|
28
26
|
|
|
29
|
-
const { uid, user_type: userType } = user;
|
|
27
|
+
const { uid, user_type: userType = 'regular' } = user;
|
|
30
28
|
|
|
31
|
-
if (
|
|
29
|
+
if (userType.includes('admin')) {
|
|
32
30
|
return { actions: ['view', 'edit', 'add', 'del'], query: '1=1' };
|
|
33
31
|
}
|
|
34
32
|
|
|
35
|
-
const body = await getTemplate('table', table)
|
|
33
|
+
const body = await getTemplate('table', table);
|
|
34
|
+
const tableActions = ['view'].concat(body?.actions || body?.action_default || []);
|
|
36
35
|
|
|
37
|
-
if (body
|
|
38
|
-
|
|
39
|
-
const customActions = userActions.filter((el => ['view'].concat(body.actions || body.action_default || []).includes(el)));
|
|
40
|
-
return { actions: customActions, query: '1=1' };
|
|
36
|
+
if (body?.public || body?.access === 'public') {
|
|
37
|
+
return { actions: tableActions, query: '1=1' };
|
|
41
38
|
}
|
|
42
39
|
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
if (body?.public || body.access === 'public') {
|
|
46
|
-
return { actions, query: '1=1' };
|
|
40
|
+
if (body?.access === 'user' && uid) {
|
|
41
|
+
return { actions: tableActions, query: '1=1' };
|
|
47
42
|
}
|
|
48
43
|
|
|
49
|
-
const
|
|
50
|
-
|
|
44
|
+
const { userScope, userActions = [] } = uid
|
|
45
|
+
? await pgClients.client.query(q, [table, uid]).then(el => el.rows?.[0] || {})
|
|
46
|
+
: {};
|
|
51
47
|
|
|
52
|
-
const
|
|
53
|
-
const
|
|
54
|
-
const customActions = userActions.filter((el => actions.includes(el)));
|
|
55
|
-
const scope = body.access === 'user' ? 'my' : userScope;
|
|
48
|
+
const query = uid && userScope === 'my' ? `uid='${uid}'` : '1=1';
|
|
49
|
+
const actions = userActions.filter((el => tableActions.includes(el)));
|
|
56
50
|
|
|
57
|
-
return { scope, actions
|
|
51
|
+
return { scope: userScope, actions, query };
|
|
58
52
|
}
|
|
@@ -5,7 +5,9 @@ import config from '../../../../config.js';
|
|
|
5
5
|
import insert from './insert.js';
|
|
6
6
|
|
|
7
7
|
export default async function update(req) {
|
|
8
|
-
const {
|
|
8
|
+
const {
|
|
9
|
+
pg = pgClients.client, user, params = {}, body = {},
|
|
10
|
+
} = req;
|
|
9
11
|
if (!user) return { message: 'access restricted', status: 403 };
|
|
10
12
|
const hookData = await applyHook('preUpdate', {
|
|
11
13
|
table: params?.table, id: params?.id, user,
|
|
@@ -69,7 +71,7 @@ export default async function update(req) {
|
|
|
69
71
|
if (extraKeys?.length) {
|
|
70
72
|
res.extra = {};
|
|
71
73
|
await Promise.all(extraKeys?.map(async (key) => {
|
|
72
|
-
const objId = body[schema[key].parent_id] || body?.id || res?.[schema[key]?.parent_id];
|
|
74
|
+
const objId = body[schema[key].parent_id] || body?.id || res?.[schema[key]?.parent_id] || res?.[pg.pk?.[loadTemplate?.table || table] || ''];
|
|
73
75
|
// delete old extra data
|
|
74
76
|
await pgClients.client.query(`delete from ${schema[key].table} where ${schema[key].parent_id}=$1`, [objId]); // rewrite?
|
|
75
77
|
// insert new extra data
|