@opengis/fastify-table 1.1.47 → 1.1.48
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -11,16 +11,14 @@ export default async function insert(req) {
|
|
|
11
11
|
return { message: hookData?.message, status: hookData?.status };
|
|
12
12
|
}
|
|
13
13
|
const tokenData = await getToken({
|
|
14
|
-
uid: user.uid, token: params.table, mode: '
|
|
14
|
+
uid: user.uid, token: params.table, mode: 'a', json: 1,
|
|
15
15
|
});
|
|
16
|
-
|
|
16
|
+
|
|
17
17
|
const { form, table: add } = hookData || tokenData || (config.auth?.disable ? req.params : {});
|
|
18
18
|
|
|
19
19
|
const { actions = [] } = await getAccess({ table: add, user }) || {};
|
|
20
20
|
|
|
21
|
-
if (!actions.includes('add')) {
|
|
22
|
-
return { message: 'access restricted', status: 403 };
|
|
23
|
-
}
|
|
21
|
+
if (!actions.includes('add')) return { message: 'access restricted', status: 403 };
|
|
24
22
|
|
|
25
23
|
if (!add) {
|
|
26
24
|
return { message: 'table is required', status: 400 };
|
package/crud/funcs/getAccess.js
CHANGED
|
@@ -29,30 +29,15 @@ export default async function getAccess({ table, user = {} }) {
|
|
|
29
29
|
const { uid } = user;
|
|
30
30
|
const body = await getTemplate('table', table) || {};
|
|
31
31
|
|
|
32
|
-
if (config.auth?.disable || user?.user_type?.includes('admin') || body?.public) {
|
|
32
|
+
if (config.auth?.disable || user?.user_type?.includes('admin') || body?.public || body.access === 'public' || (body.access === 'user' && user.uid)) {
|
|
33
33
|
return { actions: ['get'].concat(body.actions || body.action_default || []), query: '1=1' };
|
|
34
34
|
}
|
|
35
35
|
|
|
36
36
|
if (!uid || !body?.table) return null;
|
|
37
37
|
|
|
38
|
-
const { scope
|
|
39
|
-
|
|
40
|
-
/* const { columns = [] } = await getMeta({ table: body?.table });
|
|
41
|
-
|
|
42
|
-
const query = userType?.includes('admin') ? '1=1' : {
|
|
43
|
-
my: `uid='${uid}'`,
|
|
44
|
-
responsible: columns.map((el) => el?.name || el).includes('responsible_id')
|
|
45
|
-
? `responsible_id='${uid}'`
|
|
46
|
-
: `uid='${uid}'`,
|
|
47
|
-
all: '1=1',
|
|
48
|
-
}[scope];
|
|
49
|
-
|
|
50
|
-
const { my } = pg.pk?.[body?.table] && id
|
|
51
|
-
? await pg.query(`select uid=$1 as my from ${body?.table} where ${pg.pk?.[body?.table]}=$2`, [uid, id])
|
|
52
|
-
.then((res) => res.rows?.[0] || {})
|
|
53
|
-
: {}; */
|
|
38
|
+
const { scope, actions = [] } = await pgClients.client.query(q, [table, uid]).then((res) => res.rows?.[0] || {});
|
|
54
39
|
|
|
55
40
|
return {
|
|
56
|
-
scope, actions,
|
|
41
|
+
scope, actions, query: scope === 'my' ? `uid='${uid}` : null,
|
|
57
42
|
};
|
|
58
43
|
}
|
package/crud/funcs/setToken.js
CHANGED
|
@@ -16,7 +16,7 @@ const generateCodes = (ids, userToken) => {
|
|
|
16
16
|
};
|
|
17
17
|
|
|
18
18
|
function setToken({
|
|
19
|
-
ids: idsOrigin, mode = 'r', uid,
|
|
19
|
+
ids: idsOrigin, mode = 'r', uid, array,
|
|
20
20
|
}) {
|
|
21
21
|
const rclient2 = getRedis({ db: 0 });
|
|
22
22
|
// const rclient5 = getRedis({ db: 0, funcs });
|
|
@@ -37,7 +37,7 @@ function setToken({
|
|
|
37
37
|
rclient2.hmset(`${config.pg.database}:token:${{
|
|
38
38
|
e: 'exec', r: 'view', w: 'edit', a: 'add',
|
|
39
39
|
}[mode]}:${uid}`, codes);
|
|
40
|
-
|
|
40
|
+
// console.log(codes);
|
|
41
41
|
// log token for debug. add extra data - uid, mode, date
|
|
42
42
|
/* const dt = new Date().toISOString();
|
|
43
43
|
const codesLog = Object.keys(codes).reduce((acc, key) => {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@opengis/fastify-table",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.48",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "core-plugins",
|
|
6
6
|
"main": "index.js",
|
|
@@ -15,6 +15,7 @@
|
|
|
15
15
|
"@fastify/sensible": "^5.0.0",
|
|
16
16
|
"@fastify/url-data": "^5.4.0",
|
|
17
17
|
"@opengis/fastify-hb": "^1.4.2",
|
|
18
|
+
"@opengis/fastify-table": "^1.1.47",
|
|
18
19
|
"fastify": "^4.26.1",
|
|
19
20
|
"fastify-plugin": "^4.0.0",
|
|
20
21
|
"ioredis": "^5.3.2",
|
|
@@ -25,16 +26,16 @@
|
|
|
25
26
|
},
|
|
26
27
|
"devDependencies": {
|
|
27
28
|
"@panzoom/panzoom": "^4.5.1",
|
|
29
|
+
"eslint": "^8.49.0",
|
|
30
|
+
"eslint-config-airbnb": "^19.0.4",
|
|
28
31
|
"markdown-it-abbr": "^2.0.0",
|
|
29
|
-
"mermaid": "10.9.
|
|
32
|
+
"mermaid": "^10.9.3",
|
|
30
33
|
"sass": "1.72.0",
|
|
31
34
|
"vitepress": "^1.3.4",
|
|
32
35
|
"vitepress-plugin-mermaid": "^2.0.16",
|
|
33
36
|
"vitepress-plugin-tabs": "^0.5.0",
|
|
34
37
|
"vitepress-sidebar": "^1.25.0",
|
|
35
|
-
"vue": "^3.4.27"
|
|
36
|
-
"eslint": "^8.49.0",
|
|
37
|
-
"eslint-config-airbnb": "^19.0.4"
|
|
38
|
+
"vue": "^3.4.27"
|
|
38
39
|
},
|
|
39
40
|
"author": "Softpro",
|
|
40
41
|
"license": "ISC"
|
|
@@ -97,7 +97,8 @@ export default async function dataAPI(req) {
|
|
|
97
97
|
${cardColumns}
|
|
98
98
|
from ${table} t ${sqlTable} ${cardSqlTable}
|
|
99
99
|
where ${where.join(' and ') || 'true'}
|
|
100
|
-
${order} ${offset} limit ${limit}
|
|
100
|
+
${order} ${offset} limit ${limit}`
|
|
101
|
+
.replace(/{{uid}}/g, user.uid);
|
|
101
102
|
|
|
102
103
|
if (query.sql === '1') { return q; }
|
|
103
104
|
|
|
@@ -105,20 +106,27 @@ export default async function dataAPI(req) {
|
|
|
105
106
|
|
|
106
107
|
const filterWhere = [fData.q, search, bbox, queryPolyline].filter((el) => el);
|
|
107
108
|
|
|
109
|
+
const qCount = `select
|
|
110
|
+
count(*)::int as total,
|
|
111
|
+
count(*) FILTER(WHERE ${filterWhere.filter(el => el).join(' and ') || 'true'})::int as filtered
|
|
112
|
+
from ${table} t ${sqlTable}
|
|
113
|
+
where ${[loadTable.query, accessQuery].filter(el => el).join(' and ') || 'true'} `
|
|
114
|
+
.replace(/{{uid}}/g, user.uid);
|
|
115
|
+
|
|
108
116
|
const { total, filtered } = keyQuery || hookData?.id || params.id ? rows.length
|
|
109
|
-
: await pg.queryCache(
|
|
110
|
-
from ${table} t ${sqlTable} where ${[loadTable.query, accessQuery].filter(el => el).join(' and ') || 'true'}`).then((el) => el?.rows[0]);
|
|
117
|
+
: await pg.queryCache(qCount).then((el) => el?.rows[0]);
|
|
111
118
|
|
|
112
119
|
await metaFormat({ rows, table: params.table });
|
|
113
120
|
const res = {
|
|
114
121
|
time: Date.now() - time, public: ispublic, card: loadTable.card, actions: loadTable.actions, total, filtered, count: rows.length, pk, form, rows, meta, columns, filters,
|
|
115
122
|
};
|
|
116
123
|
|
|
117
|
-
|
|
124
|
+
// console.log({ add: loadTable.table, form: loadTable.form });
|
|
125
|
+
if (user.uid && actions.includes('add')) {
|
|
118
126
|
const addTokens = setToken({
|
|
119
|
-
ids: [JSON.stringify({
|
|
127
|
+
ids: [JSON.stringify({ table: hookData?.table || params.table, form: loadTable.form })],
|
|
120
128
|
mode: 'a',
|
|
121
|
-
uid
|
|
129
|
+
uid,
|
|
122
130
|
array: 1,
|
|
123
131
|
});
|
|
124
132
|
Object.assign(res, { addToken: addTokens[0] });
|