@solidstarters/solid-core 1.2.33 → 1.2.36

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@solidstarters/solid-core",
-  "version": "1.2.33",
+  "version": "1.2.36",
   "description": "This module is a NestJS module containing all the required core providers required by a Solid application",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/services/crud-helper.service.ts

@@ -173,7 +173,7 @@ export class CrudHelperService {
         if (normalizedFields && normalizedFields.length) {
             qb.select(normalizedFields.map(field => {
                 // If the field contains a (, do not prefix the entity alias
-                return this.isAggregateField(field) ? field : `${entityAlias}.${field}`;
+                return this.wrapFieldWithAlias(field, entityAlias);
             }));
         }
 
@@ -220,6 +220,15 @@ export class CrudHelperService {
         return qb;
     }
 
+    private wrapFieldWithAlias(field: string, entityAlias: string): string {
+        if (!this.isAggregateField(field)) return `${entityAlias}.${field}`;
+        // For aggregate fields, extract the field name from the aggregate function & wrap it with the entity alias, if it is not already wrapped
+        const fieldParts = field.split('(');
+        const aggregateFunction = fieldParts[0];
+        const fieldName = fieldParts[1].replace(')', '');
+        return `${aggregateFunction}(${entityAlias}.${fieldName})`;
+    }
+
     isAggregateField(field: string): boolean {
         return field.includes('(');
     }
@@ -303,6 +312,11 @@ export class CrudHelperService {
         const matchingPermssions = activeUser.permissions.filter((p) => permissionNames.includes(p));
         return matchingPermssions.length > 0
     }
+    hasRecoverPermissionOnModel = (activeUser: ActiveUserData, modelName: string) => {
+        const permissionNames = [`${classify(modelName)}Controller.recover`, `${classify(modelName)}Controller.recoverMany`];
+        const matchingPermssions = activeUser.permissions.filter((p) => permissionNames.includes(p));
+        return matchingPermssions.length > 0
+    }
 
 
 

package/src/services/crud.service.ts

@@ -701,8 +701,17 @@ export class CRUDService<T> { //Add two generic value i.e Person,CreatePersonDto
         // return removedEntities
     }
 
-    async recover(id: number) {
+    async recover(id: number,solidRequestContext: any = {}) {
         try {
+            const loadedmodel = await this.loadModel();
+            // Check wheather user has update permission for model
+            if (solidRequestContext.activeUser) {
+                const hasPermission = this.crudHelperService.hasRecoverPermissionOnModel(solidRequestContext.activeUser, loadedmodel.singularName);
+                if (!hasPermission) {
+                    throw new BadRequestException('Forbidden');
+                }
+            }
+
             const softDeletedRows = await this.repo.findOne({
                 where: {
                     //@ts-ignore
@@ -732,8 +741,17 @@ export class CRUDService<T> { //Add two generic value i.e Person,CreatePersonDto
         }
     }
 
-    async recoverMany(ids: number[]) {
+    async recoverMany(ids: number[],solidRequestContext: any = {}) {
         try {
+            const loadedmodel = await this.loadModel();
+            // Check wheather user has update permission for model
+            if (solidRequestContext.activeUser) {
+                const hasPermission = this.crudHelperService.hasRecoverPermissionOnModel(solidRequestContext.activeUser, loadedmodel.singularName);
+                if (!hasPermission) {
+                    throw new BadRequestException('Forbidden');
+                }
+            }
+
             if (!ids || ids.length === 0) {
                 throw new Error("No IDs provided for recovery.");
             }