npm - @ozdao/martyrs - Versions diffs - 0.2.473 → 0.2.474 - Mend

@ozdao/martyrs 0.2.473 → 0.2.474

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (134) hide show

package/dist/martyrs.es.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { a as o, t, b as d, c as r, u as l, v as i, w as p, d as u, x as n, e as m, y as M, F as S, z as c, f as F, A as g, L as h, g as b, M as k, E as x, n as B, o as C, h as T, i as U, S as f, j as w, B as D, C as E, k as I, D as L, l as P, q, p as y, U as A, r as j, s as v, m as z } from "./main-CgmHzhq5.mjs";
+import { a as o, t, b as d, c as r, u as l, v as i, w as p, d as u, x as n, e as m, y as M, F as S, z as c, f as F, A as g, L as h, g as b, M as k, E as x, n as B, o as C, h as T, i as U, S as f, j as w, B as D, C as E, k as I, D as L, l as P, q, p as y, U as A, r as j, s as v, m as z } from "./main-CqMtW7Hq.mjs";
 import "vue";
 export {
   o as Address,

package/dist/notifications.server.js CHANGED Viewed

@@ -9,7 +9,7 @@ const mailing = require("./mailing-D4kWlk3_.js");
 require("dotenv");
 require("nodemailer");
 require("axios");
-const globals_abac = require("./globals.abac-DT0VjfaZ.js");
+const globals_abac = require("./globals.abac-Bn-4tbX8.js");
 var apns_service;
 var hasRequiredApns_service;
 function requireApns_service() {

package/dist/notifications.server.mjs CHANGED Viewed

@@ -8,7 +8,7 @@ import { r as requireMailing } from "./mailing-DvCT5ijo.mjs";
 import "dotenv";
 import "nodemailer";
 import "axios";
-import { r as requireGlobals_abac } from "./globals.abac-CvmZM8XG.mjs";
+import { r as requireGlobals_abac } from "./globals.abac-DZpTRxKR.mjs";
 var apns_service;
 var hasRequiredApns_service;
 function requireApns_service() {

package/dist/orders.server.js CHANGED Viewed

@@ -1,11 +1,11 @@
 "use strict";
 const _commonjsHelpers = require("./_commonjsHelpers-DHfMLFPC.js");
-const ownership_schema = require("./ownership.schema-Ck2H9clB.js");
-const profile_schema = require("./profile.schema-h61hhB2w.js");
+const ownership_schema = require("./ownership.schema-MxfJlPtq.js");
+const profile_schema = require("./profile.schema-BLSuV_VC.js");
 const credentials_schema = require("./credentials.schema-BmOPv6FD.js");
-const queryProcessor = require("./queryProcessor-D6GuKfTV.js");
+const queryProcessor = require("./queryProcessor-DSUqSk3I.js");
 const mailing = require("./mailing-D4kWlk3_.js");
-const index = require("./index-CVXl1rB5.js");
+const index = require("./index-BOmxJQ5W.js");
 const require$$0 = require("axios");
 const globals_cache = require("./globals.cache-CwWvNGFQ.js");
 const globals_logger = require("./globals.logger-BdjooLaD.js");
@@ -514,6 +514,7 @@ ${formatPositions(order.positions)}
               // Assuming creator.target holds the user ID
             };
             console.log("notifiocatio data", JSON.stringify(notificationData));
+            console.log("notification api is", `${process.env.API_URL || ""}/api/notifications`);
             const notificationResponse = await fetch(`${process.env.API_URL || ""}/api/notifications`, {
               method: "POST",
               headers: {

package/dist/orders.server.mjs CHANGED Viewed

@@ -1,10 +1,10 @@
 import { g as getDefaultExportFromCjs } from "./_commonjsHelpers-CUmg6egw.mjs";
-import { r as requireOwnership_schema } from "./ownership.schema-C0w02Vw1.mjs";
-import { r as requireProfile_schema } from "./profile.schema-kP_zKXNt.mjs";
+import { r as requireOwnership_schema } from "./ownership.schema-CNCotD3D.mjs";
+import { r as requireProfile_schema } from "./profile.schema-BRuvQ7QV.mjs";
 import { r as requireCredentials_schema } from "./credentials.schema-oOC8B5KL.mjs";
-import { r as requireQueryProcessor } from "./queryProcessor-CWnMIe2U.mjs";
+import { r as requireQueryProcessor } from "./queryProcessor-CVKI651_.mjs";
 import { r as requireMailing } from "./mailing-DvCT5ijo.mjs";
-import { r as requireMiddlewares } from "./index-Df8vtZx7.mjs";
+import { r as requireMiddlewares } from "./index-C_Fw0Umg.mjs";
 import require$$0 from "axios";
 import { r as requireGlobals_cache } from "./globals.cache-BT6q3vOf.mjs";
 import { r as requireGlobals_logger } from "./globals.logger-DusiFsxN.mjs";
@@ -513,6 +513,7 @@ ${formatPositions(order.positions)}
               // Assuming creator.target holds the user ID
             };
             console.log("notifiocatio data", JSON.stringify(notificationData));
+            console.log("notification api is", `${process.env.API_URL || ""}/api/notifications`);
             const notificationResponse = await fetch(`${process.env.API_URL || ""}/api/notifications`, {
               method: "POST",
               headers: {

package/dist/organizations.server.js CHANGED Viewed

@@ -2,18 +2,18 @@
 const _commonjsHelpers = require("./_commonjsHelpers-DHfMLFPC.js");
 const require$$0$1 = require("jsonwebtoken");
 const globals_cache = require("./globals.cache-CwWvNGFQ.js");
-const queryProcessor = require("./queryProcessor-D6GuKfTV.js");
+const queryProcessor = require("./queryProcessor-DSUqSk3I.js");
 const require$$0 = require("mongoose");
 const require$$1 = require("@googlemaps/google-maps-services-js");
 const addMembersQuantity = require("./addMembersQuantity-DxWjHK1K.js");
 const require$$0$2 = require("uuidv4");
 const mailing = require("./mailing-D4kWlk3_.js");
-const index = require("./index-CVXl1rB5.js");
-const globals_abac = require("./globals.abac-DT0VjfaZ.js");
+const index = require("./index-BOmxJQ5W.js");
+const globals_abac = require("./globals.abac-Bn-4tbX8.js");
 const engagement_schema = require("./engagement.schema-DAiXsvh1.js");
-const ownership_schema = require("./ownership.schema-Ck2H9clB.js");
+const ownership_schema = require("./ownership.schema-MxfJlPtq.js");
 const credentials_schema = require("./credentials.schema-BmOPv6FD.js");
-const globals_verifier = require("./globals.verifier-ChDpCdy_.js");
+const globals_verifier = require("./globals.verifier-CKYpYfQl.js");
 var departments_controller;
 var hasRequiredDepartments_controller;
 function requireDepartments_controller() {
@@ -942,6 +942,24 @@ function requireAccesses_schema() {
   if (hasRequiredAccesses_schema) return accesses_schema;
   hasRequiredAccesses_schema = 1;
   const accessesSchema = {
+    categories: {
+      create: {
+        type: Boolean,
+        default: false
+      },
+      read: {
+        type: Boolean,
+        default: false
+      },
+      edit: {
+        type: Boolean,
+        default: false
+      },
+      delete: {
+        type: Boolean,
+        default: false
+      }
+    },
     rents: {
       create: {
         type: Boolean,
@@ -1378,7 +1396,11 @@ function requireOrganizations_policies() {
     abacAccessControl.registerGlobalPolicy("OrganizationAccessPolicy", async (context) => {
       const { user, resource, data, action, currentResource, req } = context;
       if (!resource || !action) {
-        return false;
+        return {
+          allow: false,
+          force: false,
+          reason: "MISSING_REQUIRED_PARAMETERS"
+        };
       }
       const findOrgId = () => {
         try {
@@ -1394,52 +1416,103 @@ function requireOrganizations_policies() {
         return null;
       };
       const orgId = findOrgId();
-      if (orgId) {
-        if (user) {
-          try {
-            const objectId = new db.mongoose.Types.ObjectId(orgId);
-            const isOrgOwner = await Organization.exists({
-              _id: objectId,
-              owner: user
-            });
-            if (isOrgOwner) {
-              return true;
-            }
-            const departments = await Department.find({
-              organization: objectId,
-              "members.user": user
-            });
-            const hasAccess = departments.some((department) => {
-              const accessRights = department.accesses?.[resource];
-              return accessRights && accessRights[action];
-            });
-            if (hasAccess) {
-              return true;
-            }
-          } catch (error) {
-            console.error("Error checking user access:", error);
-            return false;
+      if (!orgId) {
+        return {
+          allow: true,
+          force: false,
+          reason: "NOT_ORGANIZATION_RESOURCE"
+        };
+      }
+      if (user) {
+        try {
+          const objectId = new db.mongoose.Types.ObjectId(orgId);
+          const isOrgOwner = await Organization.exists({
+            _id: objectId,
+            owner: user
+          });
+          if (isOrgOwner) {
+            return {
+              allow: true,
+              force: true,
+              // Владелец организации получает принудительный доступ
+              reason: "ORGANIZATION_OWNER_ACCESS"
+            };
           }
+          const departments = await Department.find({
+            organization: objectId,
+            "members.user": user
+          });
+          const hasAccess = departments.some((department) => {
+            const accessRights = department.accesses?.[resource];
+            return accessRights && accessRights[action];
+          });
+          if (hasAccess) {
+            return {
+              allow: true,
+              force: false,
+              // Доступ через департамент не является принудительным
+              reason: "DEPARTMENT_MEMBER_ACCESS"
+            };
+          }
+        } catch (error) {
+          console.error("Error checking user access:", error);
+          return {
+            allow: false,
+            force: false,
+            reason: "ORGANIZATION_ACCESS_CHECK_ERROR"
+          };
         }
-        if (action === "read" && req && req.query) {
-          try {
-            const validationResult = publicAccessVerifier.verify(req.query, {
-              only: ["status"]
-            });
-            req.query = validationResult.verifiedData;
-            req.queryValidation = validationResult;
-            if (currentResource && !publicAccessVerifier.verifyParam("status", currentResource.status)) {
-              return false;
-            }
-            return validationResult.isValid;
-          } catch (error) {
-            console.error("Error validating query:", error);
-            return false;
+      }
+      if (action === "read" && req && req.query) {
+        try {
+          const validationResult = publicAccessVerifier.verify(req.query, {
+            only: ["status"]
+          });
+          req.query = validationResult.verifiedData;
+          req.queryValidation = validationResult;
+          if (currentResource && !publicAccessVerifier.verifyParam("status", currentResource.status)) {
+            return {
+              allow: false,
+              force: false,
+              // Принудительно запрещаем доступ к непубличным ресурсам
+              reason: "INVALID_RESOURCE_STATUS_FOR_PUBLIC_ACCESS"
+            };
+          }
+          if (validationResult.isValid) {
+            return {
+              allow: true,
+              force: false,
+              reason: "PUBLIC_ACCESS_ALLOWED"
+            };
+          } else {
+            return {
+              allow: false,
+              force: false,
+              // Принудительно запрещаем, если невалидные параметры
+              reason: "INVALID_PUBLIC_ACCESS_PARAMETERS"
+            };
           }
+        } catch (error) {
+          console.error("Error validating query:", error);
+          return {
+            allow: false,
+            force: false,
+            reason: "QUERY_VALIDATION_ERROR"
+          };
         }
-        return false;
       }
-      return true;
+      if (action !== "read") {
+        return {
+          allow: false,
+          force: false,
+          reason: "ORGANIZATION_RESOURCE_OPERATION_FORBIDDEN"
+        };
+      }
+      return {
+        allow: false,
+        force: false,
+        reason: "ORGANIZATION_RESOURCE_ACCESS_DENIED"
+      };
     });
     abacAccessControl.updatePublicAccessConfig = (newConfig) => {
       if (typeof newConfig !== "object" || newConfig === null) {

package/dist/organizations.server.mjs CHANGED Viewed

@@ -1,18 +1,18 @@
 import { g as getDefaultExportFromCjs } from "./_commonjsHelpers-CUmg6egw.mjs";
 import require$$0$1 from "jsonwebtoken";
 import { r as requireGlobals_cache } from "./globals.cache-BT6q3vOf.mjs";
-import { r as requireQueryProcessor } from "./queryProcessor-CWnMIe2U.mjs";
+import { r as requireQueryProcessor } from "./queryProcessor-CVKI651_.mjs";
 import require$$0 from "mongoose";
 import require$$1 from "@googlemaps/google-maps-services-js";
 import { r as requireAddUserStatusFields, a as requireAddMembersQuantity } from "./addMembersQuantity-DBfuUEx_.mjs";
 import require$$0$2 from "uuidv4";
 import { r as requireMailing } from "./mailing-DvCT5ijo.mjs";
-import { r as requireMiddlewares } from "./index-Df8vtZx7.mjs";
-import { r as requireGlobals_abac } from "./globals.abac-CvmZM8XG.mjs";
+import { r as requireMiddlewares } from "./index-C_Fw0Umg.mjs";
+import { r as requireGlobals_abac } from "./globals.abac-DZpTRxKR.mjs";
 import { r as requireEngagement_schema } from "./engagement.schema-DnDD7Bn3.mjs";
-import { r as requireOwnership_schema } from "./ownership.schema-C0w02Vw1.mjs";
+import { r as requireOwnership_schema } from "./ownership.schema-CNCotD3D.mjs";
 import { r as requireCredentials_schema } from "./credentials.schema-oOC8B5KL.mjs";
-import { r as requireGlobals_verifier, a as requireGlobals_validator } from "./globals.verifier-C_VZYebB.mjs";
+import { r as requireGlobals_verifier, a as requireGlobals_validator } from "./globals.verifier-BdJxc8-8.mjs";
 var departments_controller;
 var hasRequiredDepartments_controller;
 function requireDepartments_controller() {
@@ -941,6 +941,24 @@ function requireAccesses_schema() {
   if (hasRequiredAccesses_schema) return accesses_schema;
   hasRequiredAccesses_schema = 1;
   const accessesSchema = {
+    categories: {
+      create: {
+        type: Boolean,
+        default: false
+      },
+      read: {
+        type: Boolean,
+        default: false
+      },
+      edit: {
+        type: Boolean,
+        default: false
+      },
+      delete: {
+        type: Boolean,
+        default: false
+      }
+    },
     rents: {
       create: {
         type: Boolean,
@@ -1377,7 +1395,11 @@ function requireOrganizations_policies() {
     abacAccessControl.registerGlobalPolicy("OrganizationAccessPolicy", async (context) => {
       const { user, resource, data, action, currentResource, req } = context;
       if (!resource || !action) {
-        return false;
+        return {
+          allow: false,
+          force: false,
+          reason: "MISSING_REQUIRED_PARAMETERS"
+        };
       }
       const findOrgId = () => {
         try {
@@ -1393,52 +1415,103 @@ function requireOrganizations_policies() {
         return null;
       };
       const orgId = findOrgId();
-      if (orgId) {
-        if (user) {
-          try {
-            const objectId = new db.mongoose.Types.ObjectId(orgId);
-            const isOrgOwner = await Organization.exists({
-              _id: objectId,
-              owner: user
-            });
-            if (isOrgOwner) {
-              return true;
-            }
-            const departments = await Department.find({
-              organization: objectId,
-              "members.user": user
-            });
-            const hasAccess = departments.some((department) => {
-              const accessRights = department.accesses?.[resource];
-              return accessRights && accessRights[action];
-            });
-            if (hasAccess) {
-              return true;
-            }
-          } catch (error) {
-            console.error("Error checking user access:", error);
-            return false;
+      if (!orgId) {
+        return {
+          allow: true,
+          force: false,
+          reason: "NOT_ORGANIZATION_RESOURCE"
+        };
+      }
+      if (user) {
+        try {
+          const objectId = new db.mongoose.Types.ObjectId(orgId);
+          const isOrgOwner = await Organization.exists({
+            _id: objectId,
+            owner: user
+          });
+          if (isOrgOwner) {
+            return {
+              allow: true,
+              force: true,
+              // Владелец организации получает принудительный доступ
+              reason: "ORGANIZATION_OWNER_ACCESS"
+            };
           }
+          const departments = await Department.find({
+            organization: objectId,
+            "members.user": user
+          });
+          const hasAccess = departments.some((department) => {
+            const accessRights = department.accesses?.[resource];
+            return accessRights && accessRights[action];
+          });
+          if (hasAccess) {
+            return {
+              allow: true,
+              force: false,
+              // Доступ через департамент не является принудительным
+              reason: "DEPARTMENT_MEMBER_ACCESS"
+            };
+          }
+        } catch (error) {
+          console.error("Error checking user access:", error);
+          return {
+            allow: false,
+            force: false,
+            reason: "ORGANIZATION_ACCESS_CHECK_ERROR"
+          };
         }
-        if (action === "read" && req && req.query) {
-          try {
-            const validationResult = publicAccessVerifier.verify(req.query, {
-              only: ["status"]
-            });
-            req.query = validationResult.verifiedData;
-            req.queryValidation = validationResult;
-            if (currentResource && !publicAccessVerifier.verifyParam("status", currentResource.status)) {
-              return false;
-            }
-            return validationResult.isValid;
-          } catch (error) {
-            console.error("Error validating query:", error);
-            return false;
+      }
+      if (action === "read" && req && req.query) {
+        try {
+          const validationResult = publicAccessVerifier.verify(req.query, {
+            only: ["status"]
+          });
+          req.query = validationResult.verifiedData;
+          req.queryValidation = validationResult;
+          if (currentResource && !publicAccessVerifier.verifyParam("status", currentResource.status)) {
+            return {
+              allow: false,
+              force: false,
+              // Принудительно запрещаем доступ к непубличным ресурсам
+              reason: "INVALID_RESOURCE_STATUS_FOR_PUBLIC_ACCESS"
+            };
+          }
+          if (validationResult.isValid) {
+            return {
+              allow: true,
+              force: false,
+              reason: "PUBLIC_ACCESS_ALLOWED"
+            };
+          } else {
+            return {
+              allow: false,
+              force: false,
+              // Принудительно запрещаем, если невалидные параметры
+              reason: "INVALID_PUBLIC_ACCESS_PARAMETERS"
+            };
           }
+        } catch (error) {
+          console.error("Error validating query:", error);
+          return {
+            allow: false,
+            force: false,
+            reason: "QUERY_VALIDATION_ERROR"
+          };
         }
-        return false;
       }
-      return true;
+      if (action !== "read") {
+        return {
+          allow: false,
+          force: false,
+          reason: "ORGANIZATION_RESOURCE_OPERATION_FORBIDDEN"
+        };
+      }
+      return {
+        allow: false,
+        force: false,
+        reason: "ORGANIZATION_RESOURCE_ACCESS_DENIED"
+      };
     });
     abacAccessControl.updatePublicAccessConfig = (newConfig) => {
       if (typeof newConfig !== "object" || newConfig === null) {

package/dist/{ownership.schema-C0w02Vw1.mjs → ownership.schema-CNCotD3D.mjs} RENAMED Viewed

@@ -8,12 +8,15 @@ function requireOwnership_schema() {
       owner: {
         type: {
           type: String,
-          required: true
+          required: true,
+          enum: ["user", "organization", "platform"]
         },
         target: {
           type: db.mongoose.Schema.Types.ObjectId,
           refPath: "owner.type",
-          required: true
+          required: function() {
+            return this.owner.type !== "platform";
+          }
         }
       },
       creator: {
@@ -23,12 +26,15 @@ function requireOwnership_schema() {
         },
         type: {
           type: String,
-          required: true
+          required: true,
+          enum: ["user", "organization", "platform"]
         },
         target: {
           type: db.mongoose.Schema.Types.ObjectId,
           refPath: "creator.type",
-          required: true
+          required: function() {
+            return this.creator.type !== "platform";
+          }
         }
       }
     });

package/dist/{ownership.schema-Ck2H9clB.js → ownership.schema-MxfJlPtq.js} RENAMED Viewed

@@ -9,12 +9,15 @@ function requireOwnership_schema() {
       owner: {
         type: {
           type: String,
-          required: true
+          required: true,
+          enum: ["user", "organization", "platform"]
         },
         target: {
           type: db.mongoose.Schema.Types.ObjectId,
           refPath: "owner.type",
-          required: true
+          required: function() {
+            return this.owner.type !== "platform";
+          }
         }
       },
       creator: {
@@ -24,12 +27,15 @@ function requireOwnership_schema() {
         },
         type: {
           type: String,
-          required: true
+          required: true,
+          enum: ["user", "organization", "platform"]
         },
         target: {
           type: db.mongoose.Schema.Types.ObjectId,
           refPath: "creator.type",
-          required: true
+          required: function() {
+            return this.creator.type !== "platform";
+          }
         }
       }
     });