@pyreon/permissions 0.11.4 → 0.11.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +22 -18
- package/lib/analysis/index.js.html +1 -1
- package/lib/index.js +11 -7
- package/lib/index.js.map +1 -1
- package/package.json +16 -16
- package/src/context.ts +4 -4
- package/src/index.ts +3 -8
- package/src/permissions.ts +18 -14
- package/src/tests/api.test.ts +156 -156
- package/src/tests/context.test.ts +25 -25
- package/src/tests/permissions.test.ts +284 -284
- package/src/tests/predicates.test.ts +74 -74
- package/src/tests/wildcards.test.ts +80 -80
- package/src/types.ts +1 -1
package/README.md
CHANGED
|
@@ -20,19 +20,23 @@ const can = createPermissions({
|
|
|
20
20
|
'users.manage': false,
|
|
21
21
|
})
|
|
22
22
|
|
|
23
|
-
can('posts.read')
|
|
24
|
-
can('posts.update', myPost)
|
|
25
|
-
can.not('billing.export')
|
|
26
|
-
can.all('posts.read', 'posts.create')
|
|
27
|
-
can.any('posts.read', 'users.manage')
|
|
23
|
+
can('posts.read') // true — reactive in effects/JSX
|
|
24
|
+
can('posts.update', myPost) // evaluates predicate
|
|
25
|
+
can.not('billing.export') // true if denied
|
|
26
|
+
can.all('posts.read', 'posts.create') // true if both granted
|
|
27
|
+
can.any('posts.read', 'users.manage') // true if any granted
|
|
28
28
|
|
|
29
29
|
// Update after login / role change
|
|
30
30
|
can.set(fromRole(user.role))
|
|
31
31
|
can.patch({ 'billing.export': true })
|
|
32
32
|
|
|
33
33
|
// Reactive in JSX
|
|
34
|
-
{
|
|
35
|
-
|
|
34
|
+
{
|
|
35
|
+
;() => can('posts.delete') && <DeleteButton />
|
|
36
|
+
}
|
|
37
|
+
{
|
|
38
|
+
;() => can('users.manage') && <AdminPanel />
|
|
39
|
+
}
|
|
36
40
|
```
|
|
37
41
|
|
|
38
42
|
## Wildcards
|
|
@@ -44,7 +48,7 @@ can.patch({ 'billing.export': true })
|
|
|
44
48
|
```tsx
|
|
45
49
|
import { PermissionsProvider, usePermissions } from '@pyreon/permissions'
|
|
46
50
|
|
|
47
|
-
|
|
51
|
+
;<PermissionsProvider instance={can}>
|
|
48
52
|
<App />
|
|
49
53
|
</PermissionsProvider>
|
|
50
54
|
|
|
@@ -58,16 +62,16 @@ const can = usePermissions()
|
|
|
58
62
|
|
|
59
63
|
Create a reactive permissions instance. Permission values are `boolean` (static) or `(context?) => boolean` (predicate).
|
|
60
64
|
|
|
61
|
-
| Method
|
|
62
|
-
|
|
|
63
|
-
| `can(key, context?)` | Check a permission (reactive)
|
|
64
|
-
| `can.not(key)`
|
|
65
|
-
| `can.all(...keys)`
|
|
66
|
-
| `can.any(...keys)`
|
|
67
|
-
| `can.set(map)`
|
|
68
|
-
| `can.patch(map)`
|
|
69
|
-
| `can.granted()`
|
|
70
|
-
| `can.entries()`
|
|
65
|
+
| Method | Description |
|
|
66
|
+
| -------------------- | -------------------------------------------- |
|
|
67
|
+
| `can(key, context?)` | Check a permission (reactive) |
|
|
68
|
+
| `can.not(key)` | Inverse check |
|
|
69
|
+
| `can.all(...keys)` | True if all granted |
|
|
70
|
+
| `can.any(...keys)` | True if any granted |
|
|
71
|
+
| `can.set(map)` | Replace all permissions |
|
|
72
|
+
| `can.patch(map)` | Merge permissions |
|
|
73
|
+
| `can.granted()` | `Computed<string[]>` of all granted keys |
|
|
74
|
+
| `can.entries()` | `Computed<[key, value][]>` for introspection |
|
|
71
75
|
|
|
72
76
|
### `PermissionsProvider` / `usePermissions()`
|
|
73
77
|
|
|
@@ -5386,7 +5386,7 @@ var drawChart = (function (exports) {
|
|
|
5386
5386
|
</script>
|
|
5387
5387
|
<script>
|
|
5388
5388
|
/*<!--*/
|
|
5389
|
-
const data = {"version":2,"tree":{"name":"root","children":[{"name":"index.js","children":[{"name":"src","children":[{"uid":"
|
|
5389
|
+
const data = {"version":2,"tree":{"name":"root","children":[{"name":"index.js","children":[{"name":"src","children":[{"uid":"5071c99d-1","name":"context.ts"},{"uid":"5071c99d-3","name":"permissions.ts"},{"uid":"5071c99d-5","name":"index.ts"}]}]}],"isRoot":true},"nodeParts":{"5071c99d-1":{"renderedLength":933,"gzipLength":457,"brotliLength":0,"metaUid":"5071c99d-0"},"5071c99d-3":{"renderedLength":2817,"gzipLength":1123,"brotliLength":0,"metaUid":"5071c99d-2"},"5071c99d-5":{"renderedLength":0,"gzipLength":0,"brotliLength":0,"metaUid":"5071c99d-4"}},"nodeMetas":{"5071c99d-0":{"id":"/src/context.ts","moduleParts":{"index.js":"5071c99d-1"},"imported":[{"uid":"5071c99d-6"}],"importedBy":[{"uid":"5071c99d-4"}]},"5071c99d-2":{"id":"/src/permissions.ts","moduleParts":{"index.js":"5071c99d-3"},"imported":[{"uid":"5071c99d-7"}],"importedBy":[{"uid":"5071c99d-4"}]},"5071c99d-4":{"id":"/src/index.ts","moduleParts":{"index.js":"5071c99d-5"},"imported":[{"uid":"5071c99d-0"},{"uid":"5071c99d-2"}],"importedBy":[],"isEntry":true},"5071c99d-6":{"id":"@pyreon/core","moduleParts":{},"imported":[],"importedBy":[{"uid":"5071c99d-0"}]},"5071c99d-7":{"id":"@pyreon/reactivity","moduleParts":{},"imported":[],"importedBy":[{"uid":"5071c99d-2"}]}},"env":{"rollup":"4.23.0"},"options":{"gzip":true,"brotli":false,"sourcemap":false}};
|
|
5390
5390
|
|
|
5391
5391
|
const run = () => {
|
|
5392
5392
|
const width = window.innerWidth;
|
package/lib/index.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { createContext, provide, useContext } from "@pyreon/core";
|
|
2
|
-
import { computed, signal } from "@pyreon/reactivity";
|
|
2
|
+
import { batch, computed, signal } from "@pyreon/reactivity";
|
|
3
3
|
|
|
4
4
|
//#region src/context.ts
|
|
5
5
|
const PermissionsContext = createContext(null);
|
|
@@ -116,14 +116,18 @@ function createPermissions(initial) {
|
|
|
116
116
|
return keys.some((key) => can(key));
|
|
117
117
|
};
|
|
118
118
|
can.set = (permissions) => {
|
|
119
|
-
|
|
120
|
-
|
|
119
|
+
batch(() => {
|
|
120
|
+
store.set(toMap(permissions));
|
|
121
|
+
version.update((v) => v + 1);
|
|
122
|
+
});
|
|
121
123
|
};
|
|
122
124
|
can.patch = (permissions) => {
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
125
|
+
batch(() => {
|
|
126
|
+
const current = store.peek();
|
|
127
|
+
for (const [key, value] of Object.entries(permissions)) current.set(key, value);
|
|
128
|
+
store.set(current);
|
|
129
|
+
version.update((v) => v + 1);
|
|
130
|
+
});
|
|
127
131
|
};
|
|
128
132
|
can.granted = computed(() => {
|
|
129
133
|
version();
|
package/lib/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":[],"sources":["../src/context.ts","../src/permissions.ts"],"sourcesContent":["import type { VNodeChild } from
|
|
1
|
+
{"version":3,"file":"index.js","names":[],"sources":["../src/context.ts","../src/permissions.ts"],"sourcesContent":["import type { VNodeChild } from '@pyreon/core'\nimport { createContext, provide, useContext } from '@pyreon/core'\nimport type { Permissions } from './types'\n\nconst PermissionsContext = createContext<Permissions | null>(null)\n\n/**\n * Provide a permissions instance to descendant components.\n * Use this for SSR isolation or testing — each request/test gets its own instance.\n *\n * @example\n * ```tsx\n * const can = createPermissions({ ... })\n *\n * <PermissionsProvider instance={can}>\n * <App />\n * </PermissionsProvider>\n * ```\n */\nexport function PermissionsProvider(props: {\n instance: Permissions\n children?: VNodeChild\n}): VNodeChild {\n provide(PermissionsContext, props.instance)\n\n return props.children ?? null\n}\n\n/**\n * Access the nearest permissions instance from context.\n * Must be used within a `<PermissionsProvider>`.\n *\n * @example\n * ```tsx\n * const can = usePermissions()\n * {() => can('posts.read') && <PostList />}\n * ```\n */\nexport function usePermissions(): Permissions {\n const instance = useContext(PermissionsContext)\n if (!instance) {\n throw new Error(\n '[@pyreon/permissions] usePermissions() must be used within <PermissionsProvider>.',\n )\n }\n return instance\n}\n","import { batch, computed, signal } from '@pyreon/reactivity'\nimport type { PermissionMap, Permissions, PermissionValue } from './types'\n\n/**\n * Resolve a permission key against the map.\n * Resolution order: exact match → wildcard (e.g., 'posts.*') → global wildcard ('*') → false.\n */\n/**\n * Safely evaluate a permission value. Predicates that throw are treated as denied.\n */\nfunction evaluate(value: PermissionValue, context?: unknown): boolean {\n if (typeof value === 'function') {\n try {\n return value(context)\n } catch {\n return false\n }\n }\n return value\n}\n\nfunction resolve(map: Map<string, PermissionValue>, key: string, context?: unknown): boolean {\n // 1. Exact match\n const exact = map.get(key)\n if (exact !== undefined) {\n return evaluate(exact, context)\n }\n\n // 2. Wildcard match — 'posts.read' matches 'posts.*'\n const dotIndex = key.lastIndexOf('.')\n if (dotIndex !== -1) {\n const prefix = key.slice(0, dotIndex)\n const wildcard = map.get(`${prefix}.*`)\n if (wildcard !== undefined) {\n return evaluate(wildcard, context)\n }\n }\n\n // 3. Global wildcard\n const global = map.get('*')\n if (global !== undefined) {\n return evaluate(global, context)\n }\n\n // 4. No match → denied\n return false\n}\n\n/**\n * Create a reactive permissions instance.\n *\n * The returned `can` function checks permissions reactively —\n * reads update automatically when permissions change via `set()` or `patch()`.\n *\n * @param initial - Optional initial permission map\n * @returns A callable `Permissions` instance\n *\n * @example\n * ```tsx\n * const can = createPermissions({\n * 'posts.read': true,\n * 'posts.update': (post: Post) => post.authorId === userId(),\n * 'users.manage': false,\n * })\n *\n * // Check (reactive in effects/computeds/JSX)\n * can('posts.read') // true\n * can('posts.update', myPost) // evaluates predicate\n *\n * // JSX\n * {() => can('posts.delete') && <DeleteButton />}\n *\n * // Update\n * can.set({ 'posts.read': true, 'admin': true })\n * can.patch({ 'users.manage': true })\n * ```\n */\nexport function createPermissions(initial?: PermissionMap): Permissions {\n // Internal reactive state — a signal holding the permission map\n const store = signal(toMap(initial))\n // Version counter — incremented on every set/patch to trigger reactive updates\n const version = signal(0)\n\n function toMap(obj?: PermissionMap): Map<string, PermissionValue> {\n if (!obj) return new Map()\n return new Map(Object.entries(obj))\n }\n\n // The main check function — reads `version` to subscribe in reactive contexts\n function can(key: string, context?: unknown): boolean {\n // Reading version subscribes this call to reactive updates\n version()\n return resolve(store.peek(), key, context)\n }\n\n can.not = (key: string, context?: unknown): boolean => {\n return !can(key, context)\n }\n\n can.all = (...keys: string[]): boolean => {\n return keys.every((key) => can(key))\n }\n\n can.any = (...keys: string[]): boolean => {\n return keys.some((key) => can(key))\n }\n\n can.set = (permissions: PermissionMap): void => {\n batch(() => {\n store.set(toMap(permissions))\n version.update((v) => v + 1)\n })\n }\n\n can.patch = (permissions: PermissionMap): void => {\n batch(() => {\n const current = store.peek()\n for (const [key, value] of Object.entries(permissions)) {\n current.set(key, value)\n }\n store.set(current)\n version.update((v) => v + 1)\n })\n }\n\n can.granted = computed(() => {\n version()\n const keys: string[] = []\n for (const [key, value] of store.peek()) {\n // Static true or predicate (capability exists)\n if (value === true || typeof value === 'function') {\n keys.push(key)\n }\n }\n return keys\n })\n\n can.entries = computed(() => {\n version()\n return [...store.peek().entries()]\n })\n\n return can as Permissions\n}\n"],"mappings":";;;;AAIA,MAAM,qBAAqB,cAAkC,KAAK;;;;;;;;;;;;;;AAelE,SAAgB,oBAAoB,OAGrB;AACb,SAAQ,oBAAoB,MAAM,SAAS;AAE3C,QAAO,MAAM,YAAY;;;;;;;;;;;;AAa3B,SAAgB,iBAA8B;CAC5C,MAAM,WAAW,WAAW,mBAAmB;AAC/C,KAAI,CAAC,SACH,OAAM,IAAI,MACR,oFACD;AAEH,QAAO;;;;;;;;;;;;ACnCT,SAAS,SAAS,OAAwB,SAA4B;AACpE,KAAI,OAAO,UAAU,WACnB,KAAI;AACF,SAAO,MAAM,QAAQ;SACf;AACN,SAAO;;AAGX,QAAO;;AAGT,SAAS,QAAQ,KAAmC,KAAa,SAA4B;CAE3F,MAAM,QAAQ,IAAI,IAAI,IAAI;AAC1B,KAAI,UAAU,OACZ,QAAO,SAAS,OAAO,QAAQ;CAIjC,MAAM,WAAW,IAAI,YAAY,IAAI;AACrC,KAAI,aAAa,IAAI;EACnB,MAAM,SAAS,IAAI,MAAM,GAAG,SAAS;EACrC,MAAM,WAAW,IAAI,IAAI,GAAG,OAAO,IAAI;AACvC,MAAI,aAAa,OACf,QAAO,SAAS,UAAU,QAAQ;;CAKtC,MAAM,SAAS,IAAI,IAAI,IAAI;AAC3B,KAAI,WAAW,OACb,QAAO,SAAS,QAAQ,QAAQ;AAIlC,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgCT,SAAgB,kBAAkB,SAAsC;CAEtE,MAAM,QAAQ,OAAO,MAAM,QAAQ,CAAC;CAEpC,MAAM,UAAU,OAAO,EAAE;CAEzB,SAAS,MAAM,KAAmD;AAChE,MAAI,CAAC,IAAK,wBAAO,IAAI,KAAK;AAC1B,SAAO,IAAI,IAAI,OAAO,QAAQ,IAAI,CAAC;;CAIrC,SAAS,IAAI,KAAa,SAA4B;AAEpD,WAAS;AACT,SAAO,QAAQ,MAAM,MAAM,EAAE,KAAK,QAAQ;;AAG5C,KAAI,OAAO,KAAa,YAA+B;AACrD,SAAO,CAAC,IAAI,KAAK,QAAQ;;AAG3B,KAAI,OAAO,GAAG,SAA4B;AACxC,SAAO,KAAK,OAAO,QAAQ,IAAI,IAAI,CAAC;;AAGtC,KAAI,OAAO,GAAG,SAA4B;AACxC,SAAO,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC;;AAGrC,KAAI,OAAO,gBAAqC;AAC9C,cAAY;AACV,SAAM,IAAI,MAAM,YAAY,CAAC;AAC7B,WAAQ,QAAQ,MAAM,IAAI,EAAE;IAC5B;;AAGJ,KAAI,SAAS,gBAAqC;AAChD,cAAY;GACV,MAAM,UAAU,MAAM,MAAM;AAC5B,QAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,YAAY,CACpD,SAAQ,IAAI,KAAK,MAAM;AAEzB,SAAM,IAAI,QAAQ;AAClB,WAAQ,QAAQ,MAAM,IAAI,EAAE;IAC5B;;AAGJ,KAAI,UAAU,eAAe;AAC3B,WAAS;EACT,MAAM,OAAiB,EAAE;AACzB,OAAK,MAAM,CAAC,KAAK,UAAU,MAAM,MAAM,CAErC,KAAI,UAAU,QAAQ,OAAO,UAAU,WACrC,MAAK,KAAK,IAAI;AAGlB,SAAO;GACP;AAEF,KAAI,UAAU,eAAe;AAC3B,WAAS;AACT,SAAO,CAAC,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC;GAClC;AAEF,QAAO"}
|
package/package.json
CHANGED
|
@@ -1,20 +1,17 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pyreon/permissions",
|
|
3
|
-
"version": "0.11.
|
|
3
|
+
"version": "0.11.6",
|
|
4
4
|
"description": "Reactive permissions for Pyreon — type-safe, signal-driven, universal",
|
|
5
|
+
"homepage": "https://github.com/pyreon/pyreon/tree/main/packages/permissions#readme",
|
|
6
|
+
"bugs": {
|
|
7
|
+
"url": "https://github.com/pyreon/pyreon/issues"
|
|
8
|
+
},
|
|
5
9
|
"license": "MIT",
|
|
6
10
|
"repository": {
|
|
7
11
|
"type": "git",
|
|
8
12
|
"url": "https://github.com/pyreon/pyreon.git",
|
|
9
13
|
"directory": "packages/fundamentals/permissions"
|
|
10
14
|
},
|
|
11
|
-
"homepage": "https://github.com/pyreon/pyreon/tree/main/packages/permissions#readme",
|
|
12
|
-
"bugs": {
|
|
13
|
-
"url": "https://github.com/pyreon/pyreon/issues"
|
|
14
|
-
},
|
|
15
|
-
"publishConfig": {
|
|
16
|
-
"access": "public"
|
|
17
|
-
},
|
|
18
15
|
"files": [
|
|
19
16
|
"lib",
|
|
20
17
|
"src",
|
|
@@ -22,6 +19,7 @@
|
|
|
22
19
|
"LICENSE"
|
|
23
20
|
],
|
|
24
21
|
"type": "module",
|
|
22
|
+
"sideEffects": false,
|
|
25
23
|
"main": "./lib/index.js",
|
|
26
24
|
"module": "./lib/index.js",
|
|
27
25
|
"types": "./lib/types/index.d.ts",
|
|
@@ -32,22 +30,24 @@
|
|
|
32
30
|
"types": "./lib/types/index.d.ts"
|
|
33
31
|
}
|
|
34
32
|
},
|
|
35
|
-
"
|
|
33
|
+
"publishConfig": {
|
|
34
|
+
"access": "public"
|
|
35
|
+
},
|
|
36
36
|
"scripts": {
|
|
37
37
|
"build": "vl_rolldown_build",
|
|
38
38
|
"dev": "vl_rolldown_build-watch",
|
|
39
39
|
"test": "vitest run",
|
|
40
40
|
"typecheck": "tsc --noEmit",
|
|
41
|
-
"lint": "
|
|
42
|
-
},
|
|
43
|
-
"peerDependencies": {
|
|
44
|
-
"@pyreon/core": "^0.11.4",
|
|
45
|
-
"@pyreon/reactivity": "^0.11.4"
|
|
41
|
+
"lint": "oxlint ."
|
|
46
42
|
},
|
|
47
43
|
"devDependencies": {
|
|
48
44
|
"@happy-dom/global-registrator": "^20.8.3",
|
|
49
|
-
"@pyreon/core": "^0.11.
|
|
50
|
-
"@pyreon/reactivity": "^0.11.
|
|
45
|
+
"@pyreon/core": "^0.11.6",
|
|
46
|
+
"@pyreon/reactivity": "^0.11.6",
|
|
51
47
|
"@vitus-labs/tools-lint": "^1.11.0"
|
|
48
|
+
},
|
|
49
|
+
"peerDependencies": {
|
|
50
|
+
"@pyreon/core": "^0.11.6",
|
|
51
|
+
"@pyreon/reactivity": "^0.11.6"
|
|
52
52
|
}
|
|
53
53
|
}
|
package/src/context.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import type { VNodeChild } from
|
|
2
|
-
import { createContext, provide, useContext } from
|
|
3
|
-
import type { Permissions } from
|
|
1
|
+
import type { VNodeChild } from '@pyreon/core'
|
|
2
|
+
import { createContext, provide, useContext } from '@pyreon/core'
|
|
3
|
+
import type { Permissions } from './types'
|
|
4
4
|
|
|
5
5
|
const PermissionsContext = createContext<Permissions | null>(null)
|
|
6
6
|
|
|
@@ -40,7 +40,7 @@ export function usePermissions(): Permissions {
|
|
|
40
40
|
const instance = useContext(PermissionsContext)
|
|
41
41
|
if (!instance) {
|
|
42
42
|
throw new Error(
|
|
43
|
-
|
|
43
|
+
'[@pyreon/permissions] usePermissions() must be used within <PermissionsProvider>.',
|
|
44
44
|
)
|
|
45
45
|
}
|
|
46
46
|
return instance
|
package/src/index.ts
CHANGED
|
@@ -23,13 +23,8 @@
|
|
|
23
23
|
* ```
|
|
24
24
|
*/
|
|
25
25
|
|
|
26
|
-
export { PermissionsProvider, usePermissions } from
|
|
27
|
-
export { createPermissions } from
|
|
26
|
+
export { PermissionsProvider, usePermissions } from './context'
|
|
27
|
+
export { createPermissions } from './permissions'
|
|
28
28
|
|
|
29
29
|
// Types
|
|
30
|
-
export type {
|
|
31
|
-
PermissionMap,
|
|
32
|
-
PermissionPredicate,
|
|
33
|
-
Permissions,
|
|
34
|
-
PermissionValue,
|
|
35
|
-
} from "./types"
|
|
30
|
+
export type { PermissionMap, PermissionPredicate, Permissions, PermissionValue } from './types'
|
package/src/permissions.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { computed, signal } from
|
|
2
|
-
import type { PermissionMap, Permissions, PermissionValue } from
|
|
1
|
+
import { batch, computed, signal } from '@pyreon/reactivity'
|
|
2
|
+
import type { PermissionMap, Permissions, PermissionValue } from './types'
|
|
3
3
|
|
|
4
4
|
/**
|
|
5
5
|
* Resolve a permission key against the map.
|
|
@@ -9,7 +9,7 @@ import type { PermissionMap, Permissions, PermissionValue } from "./types"
|
|
|
9
9
|
* Safely evaluate a permission value. Predicates that throw are treated as denied.
|
|
10
10
|
*/
|
|
11
11
|
function evaluate(value: PermissionValue, context?: unknown): boolean {
|
|
12
|
-
if (typeof value ===
|
|
12
|
+
if (typeof value === 'function') {
|
|
13
13
|
try {
|
|
14
14
|
return value(context)
|
|
15
15
|
} catch {
|
|
@@ -27,7 +27,7 @@ function resolve(map: Map<string, PermissionValue>, key: string, context?: unkno
|
|
|
27
27
|
}
|
|
28
28
|
|
|
29
29
|
// 2. Wildcard match — 'posts.read' matches 'posts.*'
|
|
30
|
-
const dotIndex = key.lastIndexOf(
|
|
30
|
+
const dotIndex = key.lastIndexOf('.')
|
|
31
31
|
if (dotIndex !== -1) {
|
|
32
32
|
const prefix = key.slice(0, dotIndex)
|
|
33
33
|
const wildcard = map.get(`${prefix}.*`)
|
|
@@ -37,7 +37,7 @@ function resolve(map: Map<string, PermissionValue>, key: string, context?: unkno
|
|
|
37
37
|
}
|
|
38
38
|
|
|
39
39
|
// 3. Global wildcard
|
|
40
|
-
const global = map.get(
|
|
40
|
+
const global = map.get('*')
|
|
41
41
|
if (global !== undefined) {
|
|
42
42
|
return evaluate(global, context)
|
|
43
43
|
}
|
|
@@ -106,17 +106,21 @@ export function createPermissions(initial?: PermissionMap): Permissions {
|
|
|
106
106
|
}
|
|
107
107
|
|
|
108
108
|
can.set = (permissions: PermissionMap): void => {
|
|
109
|
-
|
|
110
|
-
|
|
109
|
+
batch(() => {
|
|
110
|
+
store.set(toMap(permissions))
|
|
111
|
+
version.update((v) => v + 1)
|
|
112
|
+
})
|
|
111
113
|
}
|
|
112
114
|
|
|
113
115
|
can.patch = (permissions: PermissionMap): void => {
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
116
|
+
batch(() => {
|
|
117
|
+
const current = store.peek()
|
|
118
|
+
for (const [key, value] of Object.entries(permissions)) {
|
|
119
|
+
current.set(key, value)
|
|
120
|
+
}
|
|
121
|
+
store.set(current)
|
|
122
|
+
version.update((v) => v + 1)
|
|
123
|
+
})
|
|
120
124
|
}
|
|
121
125
|
|
|
122
126
|
can.granted = computed(() => {
|
|
@@ -124,7 +128,7 @@ export function createPermissions(initial?: PermissionMap): Permissions {
|
|
|
124
128
|
const keys: string[] = []
|
|
125
129
|
for (const [key, value] of store.peek()) {
|
|
126
130
|
// Static true or predicate (capability exists)
|
|
127
|
-
if (value === true || typeof value ===
|
|
131
|
+
if (value === true || typeof value === 'function') {
|
|
128
132
|
keys.push(key)
|
|
129
133
|
}
|
|
130
134
|
}
|