@posiwise/common-services 0.1.92 → 0.1.93
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -36,6 +36,16 @@ class ScriptLoaderService {
|
|
|
36
36
|
this.document = document;
|
|
37
37
|
this._scripts = {};
|
|
38
38
|
}
|
|
39
|
+
getCspNonce() {
|
|
40
|
+
// Prefer explicit global set by server-side renderer
|
|
41
|
+
const w = globalThis;
|
|
42
|
+
if (w?.__cspNonce)
|
|
43
|
+
return w.__cspNonce;
|
|
44
|
+
// Fallback: try to read nonce from any existing script tag
|
|
45
|
+
const anyScript = this.document.querySelector('script[nonce]');
|
|
46
|
+
const n = anyScript?.nonce || anyScript?.getAttribute('nonce') || undefined;
|
|
47
|
+
return n || undefined;
|
|
48
|
+
}
|
|
39
49
|
load(tag, ...scripts) {
|
|
40
50
|
scripts.forEach((src) => {
|
|
41
51
|
if (!this._scripts[src]) {
|
|
@@ -73,6 +83,9 @@ class ScriptLoaderService {
|
|
|
73
83
|
const scriptTag = document.createElement('script');
|
|
74
84
|
scriptTag.type = 'text/javascript';
|
|
75
85
|
scriptTag.src = this._scripts[src].src;
|
|
86
|
+
const nonce = this.getCspNonce();
|
|
87
|
+
if (nonce)
|
|
88
|
+
scriptTag.nonce = nonce;
|
|
76
89
|
scriptTag.onload = () => {
|
|
77
90
|
this._scripts[src].loaded = true;
|
|
78
91
|
resolve({ src, loaded: true });
|
|
@@ -1353,7 +1366,7 @@ class PermissionService {
|
|
|
1353
1366
|
// or Pages.Beta or Pages.Alpha
|
|
1354
1367
|
if (permissionName?.includes('||')) {
|
|
1355
1368
|
const parts = permissionName.split('||').map(p => p.trim());
|
|
1356
|
-
if (this.hasAnyGrantedPermission(parts, user)) {
|
|
1369
|
+
if (this.hasAnyGrantedPermission(parts, user, productSlug)) {
|
|
1357
1370
|
return true;
|
|
1358
1371
|
}
|
|
1359
1372
|
}
|
|
@@ -1370,8 +1383,12 @@ class PermissionService {
|
|
|
1370
1383
|
// user not logged-in
|
|
1371
1384
|
return false;
|
|
1372
1385
|
}
|
|
1373
|
-
hasAnyGrantedPermission(parts, user) {
|
|
1374
|
-
return parts.some(part =>
|
|
1386
|
+
hasAnyGrantedPermission(parts, user, productSlug = null) {
|
|
1387
|
+
return parts.some(part => {
|
|
1388
|
+
// Format the permission part with the current subscription slug if needed
|
|
1389
|
+
const formattedPart = this.getFormattedPermissionName(part, productSlug);
|
|
1390
|
+
return user['auth']?.['granted'][formattedPart];
|
|
1391
|
+
});
|
|
1375
1392
|
}
|
|
1376
1393
|
handleProductKey(productKey, user, permission_key, permissionName) {
|
|
1377
1394
|
if (productKey) {
|
|
@@ -1403,11 +1420,15 @@ class PermissionService {
|
|
|
1403
1420
|
else {
|
|
1404
1421
|
slugToCheck = productSlug;
|
|
1405
1422
|
}
|
|
1406
|
-
if
|
|
1407
|
-
|
|
1408
|
-
|
|
1409
|
-
|
|
1410
|
-
|
|
1423
|
+
// Only format if we have a valid slug to check
|
|
1424
|
+
if (slugToCheck) {
|
|
1425
|
+
if (!permissionName.includes(slugToCheck) &&
|
|
1426
|
+
permissionName.includes('Pages.Product.')) {
|
|
1427
|
+
permissionName = permissionName.replace('Pages.Product.', slugToCheck);
|
|
1428
|
+
}
|
|
1429
|
+
if (permissionName.includes('Pages.Role.') && !permissionName.includes(slugToCheck)) {
|
|
1430
|
+
permissionName = permissionName.replace('Pages.Role.', slugToCheck);
|
|
1431
|
+
}
|
|
1411
1432
|
}
|
|
1412
1433
|
return permissionName;
|
|
1413
1434
|
}
|
|
@@ -1492,7 +1513,8 @@ class PermissionService {
|
|
|
1492
1513
|
evaluated = this.isGranted(raw, productKey, permission_key, productSlug);
|
|
1493
1514
|
}
|
|
1494
1515
|
else {
|
|
1495
|
-
|
|
1516
|
+
// Pass productSlug to isGranted to ensure slug-aware permission checking
|
|
1517
|
+
evaluated = this.isGranted(raw, null, null, productSlug);
|
|
1496
1518
|
}
|
|
1497
1519
|
expr += ` ${evaluated} `;
|
|
1498
1520
|
}
|