@spinajs/rbac 2.0.322 → 2.0.324
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/Resource.d.ts.map +1 -0
- package/lib/cjs/Resource.js.map +1 -0
- package/lib/cjs/decorators.d.ts +17 -0
- package/lib/cjs/decorators.d.ts.map +1 -0
- package/lib/cjs/decorators.js +31 -0
- package/lib/cjs/decorators.js.map +1 -0
- package/lib/cjs/index.d.ts +2 -0
- package/lib/cjs/index.d.ts.map +1 -1
- package/lib/cjs/index.js +2 -0
- package/lib/cjs/index.js.map +1 -1
- package/lib/cjs/interfaces.d.ts +5 -0
- package/lib/cjs/interfaces.d.ts.map +1 -1
- package/lib/cjs/interfaces.js.map +1 -1
- package/lib/cjs/middleware.d.ts.map +1 -1
- package/lib/cjs/middleware.js +30 -3
- package/lib/cjs/middleware.js.map +1 -1
- package/lib/mjs/Resource.d.ts.map +1 -0
- package/lib/mjs/Resource.js.map +1 -0
- package/lib/mjs/decorators.d.ts +17 -0
- package/lib/mjs/decorators.d.ts.map +1 -0
- package/lib/mjs/decorators.js +26 -0
- package/lib/mjs/decorators.js.map +1 -0
- package/lib/mjs/index.d.ts +2 -0
- package/lib/mjs/index.d.ts.map +1 -1
- package/lib/mjs/index.js +2 -0
- package/lib/mjs/index.js.map +1 -1
- package/lib/mjs/interfaces.d.ts +5 -0
- package/lib/mjs/interfaces.d.ts.map +1 -1
- package/lib/mjs/interfaces.js.map +1 -1
- package/lib/mjs/middleware.d.ts.map +1 -1
- package/lib/mjs/middleware.js +32 -5
- package/lib/mjs/middleware.js.map +1 -1
- package/lib/tsconfig.cjs.tsbuildinfo +1 -1
- package/lib/tsconfig.mjs.tsbuildinfo +1 -1
- package/package.json +11 -11
- package/lib/cjs/decorators/Resource.d.ts.map +0 -1
- package/lib/cjs/decorators/Resource.js.map +0 -1
- package/lib/mjs/decorators/Resource.d.ts.map +0 -1
- package/lib/mjs/decorators/Resource.js.map +0 -1
- /package/lib/cjs/{decorators/Resource.d.ts → Resource.d.ts} +0 -0
- /package/lib/cjs/{decorators/Resource.js → Resource.js} +0 -0
- /package/lib/mjs/{decorators/Resource.d.ts → Resource.d.ts} +0 -0
- /package/lib/mjs/{decorators/Resource.js → Resource.js} +0 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Resource.d.ts","sourceRoot":"","sources":["../../src/Resource.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,YAAY,EAAE,MAAM,OAI/C"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Resource.js","sourceRoot":"","sources":["../../src/Resource.ts"],"names":[],"mappings":";;;AAAA,sCAA0D;AAG1D;;;;;;GAMG;AACH,SAAgB,WAAW,CAAC,YAAoB;IAC9C,OAAO,IAAA,gCAA0B,EAAC,CAAC,KAA2B,EAAE,EAAE;QAChE,KAAK,CAAC,YAAY,GAAG,YAAY,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC;AAJD,kCAIC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Assign resource name for given model ( RBAC ).
|
|
3
|
+
* NOTE: this decorator is optional, if model does not have resource assigned
|
|
4
|
+
* model name will be used as default
|
|
5
|
+
*
|
|
6
|
+
* @param name - table name in database that is referred by this model
|
|
7
|
+
*/
|
|
8
|
+
export declare function OrmResource(resourceName?: string): any;
|
|
9
|
+
/**
|
|
10
|
+
*
|
|
11
|
+
* Mark field as resource owner eg. field that holds user relation to resource like Invoice.Owner->User for RBAC module
|
|
12
|
+
*
|
|
13
|
+
* If set, it will automatically try to fetch/update/delete only data that user have permission for
|
|
14
|
+
*
|
|
15
|
+
*/
|
|
16
|
+
export declare function ResourceOwner(): any;
|
|
17
|
+
//# sourceMappingURL=decorators.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,YAAY,CAAC,EAAE,MAAM,OAIhD;AAGD;;;;;;GAMG;AACH,wBAAgB,aAAa,QAI5B"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ResourceOwner = exports.OrmResource = void 0;
|
|
4
|
+
const orm_1 = require("@spinajs/orm");
|
|
5
|
+
/**
|
|
6
|
+
* Assign resource name for given model ( RBAC ).
|
|
7
|
+
* NOTE: this decorator is optional, if model does not have resource assigned
|
|
8
|
+
* model name will be used as default
|
|
9
|
+
*
|
|
10
|
+
* @param name - table name in database that is referred by this model
|
|
11
|
+
*/
|
|
12
|
+
function OrmResource(resourceName) {
|
|
13
|
+
return (0, orm_1.extractDecoratorDescriptor)((model) => {
|
|
14
|
+
model.RbacResource = resourceName ?? model.Name;
|
|
15
|
+
});
|
|
16
|
+
}
|
|
17
|
+
exports.OrmResource = OrmResource;
|
|
18
|
+
/**
|
|
19
|
+
*
|
|
20
|
+
* Mark field as resource owner eg. field that holds user relation to resource like Invoice.Owner->User for RBAC module
|
|
21
|
+
*
|
|
22
|
+
* If set, it will automatically try to fetch/update/delete only data that user have permission for
|
|
23
|
+
*
|
|
24
|
+
*/
|
|
25
|
+
function ResourceOwner() {
|
|
26
|
+
return (0, orm_1.extractDecoratorPropertyDescriptor)((model, _target, propertyKey) => {
|
|
27
|
+
model.OwnerField = propertyKey;
|
|
28
|
+
});
|
|
29
|
+
}
|
|
30
|
+
exports.ResourceOwner = ResourceOwner;
|
|
31
|
+
//# sourceMappingURL=decorators.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":";;;AAAA,sCAA8F;AAG9F;;;;;;GAMG;AACH,SAAgB,WAAW,CAAC,YAAqB;IAC/C,OAAO,IAAA,gCAA0B,EAAC,CAAC,KAA2B,EAAE,EAAE;QAChE,KAAK,CAAC,YAAY,GAAG,YAAY,IAAI,KAAK,CAAC,IAAI,CAAC;IAClD,CAAC,CAAC,CAAC;AACL,CAAC;AAJD,kCAIC;AAGD;;;;;;GAMG;AACH,SAAgB,aAAa;IAC3B,OAAO,IAAA,wCAAkC,EAAC,CAAC,KAA2B,EAAE,OAAY,EAAE,WAAmB,EAAE,EAAE;QAC3G,KAAK,CAAC,UAAU,GAAG,WAAW,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC;AAJD,sCAIC"}
|
package/lib/cjs/index.d.ts
CHANGED
|
@@ -13,6 +13,8 @@ export * from './models/UserMetadata.js';
|
|
|
13
13
|
export * from './migrations/RBACInitial_2022_06_28_01_13_00.js';
|
|
14
14
|
export * from './events/index.js';
|
|
15
15
|
export * from "./actions.js";
|
|
16
|
+
export * from "./middleware.js";
|
|
17
|
+
export * from "./decorators.js";
|
|
16
18
|
declare const Permission: typeof ac.Permission;
|
|
17
19
|
export { AccessControl, Permission };
|
|
18
20
|
export declare class RbacBootstrapper extends Bootstrapper {
|
package/lib/cjs/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,eAAe,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,EAAc,YAAY,EAAkB,MAAM,aAAa,CAAC;AAKvE,OAAO,WAAW,CAAC;AACnB,OAAO,eAAe,CAAC;AACvB,OAAO,cAAc,CAAC;AAGtB,cAAc,iBAAiB,CAAC;AAChC,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,iDAAiD,CAAC;AAChE,cAAc,mBAAmB,CAAC;AAClC,cAAc,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,eAAe,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,EAAc,YAAY,EAAkB,MAAM,aAAa,CAAC;AAKvE,OAAO,WAAW,CAAC;AACnB,OAAO,eAAe,CAAC;AACvB,OAAO,cAAc,CAAC;AAGtB,cAAc,iBAAiB,CAAC;AAChC,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,iDAAiD,CAAC;AAChE,cAAc,mBAAmB,CAAC;AAClC,cAAc,cAAc,CAAC;AAC7B,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC;AAGhC,QAAA,MAAQ,UAAU,sBAAO,CAAC;AAC1B,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC;AAErC,qBACa,gBAAiB,SAAQ,YAAY;IACzC,SAAS,IAAI,IAAI;CAkCzB"}
|
package/lib/cjs/index.js
CHANGED
|
@@ -43,6 +43,8 @@ __exportStar(require("./models/UserMetadata.js"), exports);
|
|
|
43
43
|
__exportStar(require("./migrations/RBACInitial_2022_06_28_01_13_00.js"), exports);
|
|
44
44
|
__exportStar(require("./events/index.js"), exports);
|
|
45
45
|
__exportStar(require("./actions.js"), exports);
|
|
46
|
+
__exportStar(require("./middleware.js"), exports);
|
|
47
|
+
__exportStar(require("./decorators.js"), exports);
|
|
46
48
|
// fix error `The requested module 'accesscontrol' is a CommonJS module`
|
|
47
49
|
const { Permission } = accesscontrol_1.default;
|
|
48
50
|
exports.Permission = Permission;
|
package/lib/cjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,kEAA+B;AAC/B,iDAA8C;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,kEAA+B;AAC/B,iDAA8C;AA0BrC,8FA1BA,6BAAa,OA0BA;AAxBtB,oCAAuE;AACvE,0DAAuD;AAEvD,sCAAmC;AAEnC,qBAAmB;AACnB,yBAAuB;AACvB,wBAAsB;AACtB,8CAAwC;AAExC,kDAAgC;AAChC,4CAA0B;AAC1B,gDAA8B;AAC9B,+CAA6B;AAC7B,mDAAiC;AACjC,2DAAyC;AACzC,kFAAgE;AAChE,oDAAkC;AAClC,+CAA6B;AAC7B,kDAAgC;AAChC,kDAAgC;AAEhC,wEAAwE;AACxE,MAAM,EAAE,UAAU,EAAE,GAAG,uBAAE,CAAC;AACF,gCAAU;AAG3B,IAAM,gBAAgB,GAAtB,MAAM,gBAAiB,SAAQ,iBAAY;IACzC,SAAS;QACd,MAAM,EAAE,GAAG,IAAI,6BAAa,EAAE,CAAC;QAC/B,OAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QACzC,OAAE,CAAC,IAAI,CAAC,2BAA2B,EAAE,CAAC,SAAqB,EAAE,aAA4B,EAAE,EAAE;YAC3F,MAAM,EAAE,GAAG,SAAS,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;YACzD,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAEhD,IAAI,CAAC,MAAM,EAAE;gBACX,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,SAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;gBAC7C,GAAG,CAAC,IAAI,CAAC,wGAAwG,CAAC,CAAC;aACpH;iBAAM;gBACL,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;aACtB;QACH,CAAC,CAAC,CAAC;QAEH;;WAEG;QACH,OAAE,CAAC,QAAQ,CAAC,CAAC,CAAa,EAAE,QAAyB,EAAE,EAAE;YACvD,OAAO,IAAI,cAAI,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC;QAEzB,OAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,EAAE;YAChB,MAAM,IAAI,GAAG,OAAE,CAAC,GAAG,CAAC,6BAAa,CAAC,CAAC;YACnC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;YAEhE,OAAO,IAAI,cAAI,CAAC;gBACd,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,mBAAmB;gBAC1B,IAAI,EAAE,CAAC,OAAO,CAAC;gBACf,QAAQ,EAAE,YAAY;aACvB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC,EAAE,CAAC,sBAAsB,CAAC,CAAC;IAChC,CAAC;CACF,CAAA;AAnCY,4CAAgB;2BAAhB,gBAAgB;IAD5B,IAAA,eAAU,EAAC,iBAAY,CAAC;GACZ,gBAAgB,CAmC5B"}
|
package/lib/cjs/interfaces.d.ts
CHANGED
|
@@ -228,6 +228,7 @@ export declare enum AthenticationErrorCodes {
|
|
|
228
228
|
}
|
|
229
229
|
export interface IRbacModelDescriptor extends IModelDescriptor {
|
|
230
230
|
RbacResource: string;
|
|
231
|
+
OwnerField: string;
|
|
231
232
|
}
|
|
232
233
|
/**
|
|
233
234
|
* Interface to provide implementation of password rule validation
|
|
@@ -235,4 +236,8 @@ export interface IRbacModelDescriptor extends IModelDescriptor {
|
|
|
235
236
|
export declare abstract class PasswordValidationProvider {
|
|
236
237
|
abstract check(password: string): boolean;
|
|
237
238
|
}
|
|
239
|
+
export interface IRbacAsyncStorage<U = User> {
|
|
240
|
+
User?: U;
|
|
241
|
+
Session?: ISession;
|
|
242
|
+
}
|
|
238
243
|
//# sourceMappingURL=interfaces.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,aAAa,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzI,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEjC,OAAO,QAAQ,cAAc,CAAC;IAC5B,UAAiB,YAAY;QAC3B;;;;;;;WAOG;QACH,eAAe,CAAC,KAAK,EAAE,mBAAmB,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,aAAa,CAAC;QAElI;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAErE;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAE7E;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,iBAAiB,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,MAAM,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;KACpG;CACF;AAED,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,UAAU,CAAC,EAAE,QAAQ,CAAC;IAEtB;;OAEG;IACH,QAAQ,EAAE,QAAQ,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAE3B;;;;;OAKG;IACH,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAChC;AAED;;GAEG;AACH,8BAAsB,gBAAgB;IACpC;;;;;;OAMG;aACa,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAExE;;;;;OAKG;aACa,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAEpD;;OAEG;aACa,QAAQ,IAAI,MAAM;CACnC;AAED;;;;;GAKG;AACH,8BAAsB,YAAY,CAAC,CAAC,GAAG,IAAI;IACzC;;;;;OAKG;aACa,MAAM,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEjE;;;;;;OAMG;aACa,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAEzE;;;;;OAKG;aACa,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEnE;;;;OAIG;aACa,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEnE;;;;;OAKG;aACa,SAAS,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEpE;;;;;OAKG;aACa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAErD;;;;;OAKG;aACa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAErD;;;;;OAKG;aACa,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;CACpD;AAED;;;;;;GAMG;AACH,8BAAsB,qBAAqB,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI;IACrD;;OAEG;IACH,QAAQ,KAAK,IAAI,IAAI,MAAM,CAAC;IAE5B;;;;;;;;OAQG;aACa,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAEpD;;;;;OAKG;aACa,YAAY,CAAC,WAAW,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CACzD;AAED,8BAAsB,eAAe,CAAC,CAAC,GAAG,QAAQ,CAAE,SAAQ,YAAY;IACtE;;;;;OAKG;aACa,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAEtD;;;;;OAKG;aACa,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAExD;;;;;OAKG;aACa,IAAI,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAEtD;;;;;;OAMG;aACa,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAE7D;;;;;OAKG;aACa,KAAK,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAEvD;;;;OAIG;aACa,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAC1C;AAED,oBAAY,uBAAuB;IACjC,aAAa,IAAI;IACjB,iBAAiB,IAAI;IACrB,qBAAqB,IAAI;IACzB,yBAAyB,IAAI;CAC9B;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;IAC5D,YAAY,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,aAAa,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzI,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEjC,OAAO,QAAQ,cAAc,CAAC;IAC5B,UAAiB,YAAY;QAC3B;;;;;;;WAOG;QACH,eAAe,CAAC,KAAK,EAAE,mBAAmB,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,aAAa,CAAC;QAElI;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAErE;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAE7E;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,iBAAiB,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,MAAM,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;KACpG;CACF;AAED,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,UAAU,CAAC,EAAE,QAAQ,CAAC;IAEtB;;OAEG;IACH,QAAQ,EAAE,QAAQ,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAE3B;;;;;OAKG;IACH,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAChC;AAED;;GAEG;AACH,8BAAsB,gBAAgB;IACpC;;;;;;OAMG;aACa,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAExE;;;;;OAKG;aACa,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAEpD;;OAEG;aACa,QAAQ,IAAI,MAAM;CACnC;AAED;;;;;GAKG;AACH,8BAAsB,YAAY,CAAC,CAAC,GAAG,IAAI;IACzC;;;;;OAKG;aACa,MAAM,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEjE;;;;;;OAMG;aACa,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAEzE;;;;;OAKG;aACa,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEnE;;;;OAIG;aACa,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEnE;;;;;OAKG;aACa,SAAS,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEpE;;;;;OAKG;aACa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAErD;;;;;OAKG;aACa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAErD;;;;;OAKG;aACa,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;CACpD;AAED;;;;;;GAMG;AACH,8BAAsB,qBAAqB,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI;IACrD;;OAEG;IACH,QAAQ,KAAK,IAAI,IAAI,MAAM,CAAC;IAE5B;;;;;;;;OAQG;aACa,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAEpD;;;;;OAKG;aACa,YAAY,CAAC,WAAW,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CACzD;AAED,8BAAsB,eAAe,CAAC,CAAC,GAAG,QAAQ,CAAE,SAAQ,YAAY;IACtE;;;;;OAKG;aACa,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAEtD;;;;;OAKG;aACa,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAExD;;;;;OAKG;aACa,IAAI,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAEtD;;;;;;OAMG;aACa,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAE7D;;;;;OAKG;aACa,KAAK,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAEvD;;;;OAIG;aACa,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAC1C;AAED,oBAAY,uBAAuB;IACjC,aAAa,IAAI;IACjB,iBAAiB,IAAI;IACrB,qBAAqB,IAAI;IACzB,yBAAyB,IAAI;CAC9B;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;IAC5D,YAAY,EAAE,MAAM,CAAC;IAErB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,8BAAsB,0BAA0B;aAC9B,KAAK,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;CACjD;AAED,MAAM,WAAW,iBAAiB,CAAC,CAAC,GAAG,IAAI;IACzC,IAAI,CAAC,EAAE,CAAC,CAAC;IAET,OAAO,CAAC,EAAE,QAAQ,CAAC;CACpB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":";;;AACA,oCAA2C;AAqE3C;;GAEG;AACH,MAAsB,gBAAgB;CAsBrC;AAtBD,4CAsBC;AAED;;;;;GAKG;AACH,MAAsB,YAAY;CAgEjC;AAhED,oCAgEC;AAED;;;;;;GAMG;AACH,MAAsB,qBAAqB;CAwB1C;AAxBD,sDAwBC;AAED,MAAsB,eAA8B,SAAQ,iBAAY;CAgDvE;AAhDD,0CAgDC;AAED,IAAY,uBAKX;AALD,WAAY,uBAAuB;IACjC,uFAAiB,CAAA;IACjB,+FAAqB,CAAA;IACrB,uGAAyB,CAAA;IACzB,+GAA6B,CAAA;AAC/B,CAAC,EALW,uBAAuB,uCAAvB,uBAAuB,QAKlC;
|
|
1
|
+
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":";;;AACA,oCAA2C;AAqE3C;;GAEG;AACH,MAAsB,gBAAgB;CAsBrC;AAtBD,4CAsBC;AAED;;;;;GAKG;AACH,MAAsB,YAAY;CAgEjC;AAhED,oCAgEC;AAED;;;;;;GAMG;AACH,MAAsB,qBAAqB;CAwB1C;AAxBD,sDAwBC;AAED,MAAsB,eAA8B,SAAQ,iBAAY;CAgDvE;AAhDD,0CAgDC;AAED,IAAY,uBAKX;AALD,WAAY,uBAAuB;IACjC,uFAAiB,CAAA;IACjB,+FAAqB,CAAA;IACrB,uGAAyB,CAAA;IACzB,+GAA6B,CAAA;AAC/B,CAAC,EALW,uBAAuB,uCAAvB,uBAAuB,QAKlC;AAQD;;GAEG;AACH,MAAsB,0BAA0B;CAE/C;AAFD,gEAEC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,
|
|
1
|
+
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAA0B,YAAY,EAAE,eAAe,EAAsB,MAAM,cAAc,CAAC;AAMzG,qBACa,6BAA8B,SAAQ,eAAe;IAChE,oBAAoB,CAAC,MAAM,EAAE,YAAY,CAAC,GAAG,CAAC,GAAG,IAAI;IACrD,kBAAkB,CAAC,OAAO,EAAE,YAAY;CAqCzC"}
|
package/lib/cjs/middleware.js
CHANGED
|
@@ -9,12 +9,39 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
9
9
|
exports.RbacModelPermissionMiddleware = void 0;
|
|
10
10
|
const di_1 = require("@spinajs/di");
|
|
11
11
|
const orm_1 = require("@spinajs/orm");
|
|
12
|
+
const async_hooks_1 = require("async_hooks");
|
|
13
|
+
const orm_2 = require("@spinajs/orm");
|
|
12
14
|
let RbacModelPermissionMiddleware = class RbacModelPermissionMiddleware extends orm_1.QueryMiddleware {
|
|
13
|
-
beforeQueryExecution(_query) {
|
|
14
|
-
}
|
|
15
|
+
beforeQueryExecution(_query) { }
|
|
15
16
|
afterQueryCreation(builder) {
|
|
16
17
|
if (builder instanceof orm_1.SelectQueryBuilder) {
|
|
17
|
-
|
|
18
|
+
if (typeof async_hooks_1.AsyncLocalStorage === 'function') {
|
|
19
|
+
const store = di_1.DI.get(async_hooks_1.AsyncLocalStorage);
|
|
20
|
+
if (store) {
|
|
21
|
+
const storage = store.getStore();
|
|
22
|
+
if (storage && storage.User) {
|
|
23
|
+
// add where statement
|
|
24
|
+
const descriptor = (0, orm_1.extractModelDescriptor)(builder.Model);
|
|
25
|
+
const ac = di_1.DI.get('AccessControl');
|
|
26
|
+
// if model does not have @Resource() decorator set, model name is used
|
|
27
|
+
const resource = descriptor.RbacResource;
|
|
28
|
+
// no rbac is set do nothing
|
|
29
|
+
if (!resource) {
|
|
30
|
+
return;
|
|
31
|
+
}
|
|
32
|
+
const canAny = ac.can(storage.User.Role)['readAny'](resource).granted;
|
|
33
|
+
const canOwn = ac.can(storage.User.Role)['readOwn'](resource).granted;
|
|
34
|
+
// can get all resources
|
|
35
|
+
if (canAny) {
|
|
36
|
+
return;
|
|
37
|
+
}
|
|
38
|
+
if (canOwn) {
|
|
39
|
+
builder.andWhere(descriptor.OwnerField, storage.User.PrimaryKeyValue);
|
|
40
|
+
}
|
|
41
|
+
throw new orm_2.OrmException(`User does not have permission to access ${resource}:read permission`);
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
}
|
|
18
45
|
}
|
|
19
46
|
}
|
|
20
47
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":";;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oCAA6C;AAC7C,sCAAyG;AACzG,6CAAgD;AAGhD,sCAA4C;AAGrC,IAAM,6BAA6B,GAAnC,MAAM,6BAA8B,SAAQ,qBAAe;IAChE,oBAAoB,CAAC,MAAyB,IAAS,CAAC;IACxD,kBAAkB,CAAC,OAAqB;QACtC,IAAI,OAAO,YAAY,wBAAkB,EAAE;YACzC,IAAI,OAAO,+BAAiB,KAAK,UAAU,EAAE;gBAC3C,MAAM,KAAK,GAAG,OAAE,CAAC,GAAG,CAAC,+BAAiB,CAAC,CAAC;gBACxC,IAAI,KAAK,EAAE;oBACT,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,EAAuB,CAAC;oBACtD,IAAI,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE;wBAC3B,sBAAsB;wBACtB,MAAM,UAAU,GAAG,IAAA,4BAAsB,EAAC,OAAO,CAAC,KAAK,CAAyB,CAAC;wBACjF,MAAM,EAAE,GAAG,OAAE,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;wBAElD,uEAAuE;wBACvE,MAAM,QAAQ,GAAG,UAAU,CAAC,YAAY,CAAC;wBAEzC,4BAA4B;wBAC5B,IAAI,CAAC,QAAQ,EAAE;4BACb,OAAO;yBACR;wBAED,MAAM,MAAM,GAAI,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAS,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;wBAC/E,MAAM,MAAM,GAAI,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAS,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;wBAE/E,wBAAwB;wBACxB,IAAI,MAAM,EAAE;4BACV,OAAO;yBACR;wBAED,IAAI,MAAM,EAAE;4BACV,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;yBACvE;wBAED,MAAM,IAAI,kBAAY,CAAC,2CAA2C,QAAQ,kBAAkB,CAAC,CAAC;qBAC/F;iBACF;aACF;SACF;IACH,CAAC;CACF,CAAA;AAvCY,sEAA6B;wCAA7B,6BAA6B;IADzC,IAAA,eAAU,EAAC,qBAAe,CAAC;GACf,6BAA6B,CAuCzC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Resource.d.ts","sourceRoot":"","sources":["../../src/Resource.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,YAAY,EAAE,MAAM,OAI/C"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Resource.js","sourceRoot":"","sources":["../../src/Resource.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAC;AAG1D;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CAAC,YAAoB;IAC9C,OAAO,0BAA0B,CAAC,CAAC,KAA2B,EAAE,EAAE;QAChE,KAAK,CAAC,YAAY,GAAG,YAAY,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Assign resource name for given model ( RBAC ).
|
|
3
|
+
* NOTE: this decorator is optional, if model does not have resource assigned
|
|
4
|
+
* model name will be used as default
|
|
5
|
+
*
|
|
6
|
+
* @param name - table name in database that is referred by this model
|
|
7
|
+
*/
|
|
8
|
+
export declare function OrmResource(resourceName?: string): any;
|
|
9
|
+
/**
|
|
10
|
+
*
|
|
11
|
+
* Mark field as resource owner eg. field that holds user relation to resource like Invoice.Owner->User for RBAC module
|
|
12
|
+
*
|
|
13
|
+
* If set, it will automatically try to fetch/update/delete only data that user have permission for
|
|
14
|
+
*
|
|
15
|
+
*/
|
|
16
|
+
export declare function ResourceOwner(): any;
|
|
17
|
+
//# sourceMappingURL=decorators.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,YAAY,CAAC,EAAE,MAAM,OAIhD;AAGD;;;;;;GAMG;AACH,wBAAgB,aAAa,QAI5B"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import { extractDecoratorDescriptor, extractDecoratorPropertyDescriptor } from '@spinajs/orm';
|
|
2
|
+
/**
|
|
3
|
+
* Assign resource name for given model ( RBAC ).
|
|
4
|
+
* NOTE: this decorator is optional, if model does not have resource assigned
|
|
5
|
+
* model name will be used as default
|
|
6
|
+
*
|
|
7
|
+
* @param name - table name in database that is referred by this model
|
|
8
|
+
*/
|
|
9
|
+
export function OrmResource(resourceName) {
|
|
10
|
+
return extractDecoratorDescriptor((model) => {
|
|
11
|
+
model.RbacResource = resourceName ?? model.Name;
|
|
12
|
+
});
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
*
|
|
16
|
+
* Mark field as resource owner eg. field that holds user relation to resource like Invoice.Owner->User for RBAC module
|
|
17
|
+
*
|
|
18
|
+
* If set, it will automatically try to fetch/update/delete only data that user have permission for
|
|
19
|
+
*
|
|
20
|
+
*/
|
|
21
|
+
export function ResourceOwner() {
|
|
22
|
+
return extractDecoratorPropertyDescriptor((model, _target, propertyKey) => {
|
|
23
|
+
model.OwnerField = propertyKey;
|
|
24
|
+
});
|
|
25
|
+
}
|
|
26
|
+
//# sourceMappingURL=decorators.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0BAA0B,EAAE,kCAAkC,EAAE,MAAM,cAAc,CAAC;AAG9F;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CAAC,YAAqB;IAC/C,OAAO,0BAA0B,CAAC,CAAC,KAA2B,EAAE,EAAE;QAChE,KAAK,CAAC,YAAY,GAAG,YAAY,IAAI,KAAK,CAAC,IAAI,CAAC;IAClD,CAAC,CAAC,CAAC;AACL,CAAC;AAGD;;;;;;GAMG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,kCAAkC,CAAC,CAAC,KAA2B,EAAE,OAAY,EAAE,WAAmB,EAAE,EAAE;QAC3G,KAAK,CAAC,UAAU,GAAG,WAAW,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC"}
|
package/lib/mjs/index.d.ts
CHANGED
|
@@ -13,6 +13,8 @@ export * from './models/UserMetadata.js';
|
|
|
13
13
|
export * from './migrations/RBACInitial_2022_06_28_01_13_00.js';
|
|
14
14
|
export * from './events/index.js';
|
|
15
15
|
export * from "./actions.js";
|
|
16
|
+
export * from "./middleware.js";
|
|
17
|
+
export * from "./decorators.js";
|
|
16
18
|
declare const Permission: typeof ac.Permission;
|
|
17
19
|
export { AccessControl, Permission };
|
|
18
20
|
export declare class RbacBootstrapper extends Bootstrapper {
|
package/lib/mjs/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,eAAe,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,EAAc,YAAY,EAAkB,MAAM,aAAa,CAAC;AAKvE,OAAO,WAAW,CAAC;AACnB,OAAO,eAAe,CAAC;AACvB,OAAO,cAAc,CAAC;AAGtB,cAAc,iBAAiB,CAAC;AAChC,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,iDAAiD,CAAC;AAChE,cAAc,mBAAmB,CAAC;AAClC,cAAc,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,eAAe,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,EAAc,YAAY,EAAkB,MAAM,aAAa,CAAC;AAKvE,OAAO,WAAW,CAAC;AACnB,OAAO,eAAe,CAAC;AACvB,OAAO,cAAc,CAAC;AAGtB,cAAc,iBAAiB,CAAC;AAChC,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,iDAAiD,CAAC;AAChE,cAAc,mBAAmB,CAAC;AAClC,cAAc,cAAc,CAAC;AAC7B,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC;AAGhC,QAAA,MAAQ,UAAU,sBAAO,CAAC;AAC1B,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC;AAErC,qBACa,gBAAiB,SAAQ,YAAY;IACzC,SAAS,IAAI,IAAI;CAkCzB"}
|
package/lib/mjs/index.js
CHANGED
|
@@ -22,6 +22,8 @@ export * from './models/UserMetadata.js';
|
|
|
22
22
|
export * from './migrations/RBACInitial_2022_06_28_01_13_00.js';
|
|
23
23
|
export * from './events/index.js';
|
|
24
24
|
export * from "./actions.js";
|
|
25
|
+
export * from "./middleware.js";
|
|
26
|
+
export * from "./decorators.js";
|
|
25
27
|
// fix error `The requested module 'accesscontrol' is a CommonJS module`
|
|
26
28
|
const { Permission } = ac;
|
|
27
29
|
export { AccessControl, Permission };
|
package/lib/mjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,MAAM,eAAe,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,EAAE,EAAc,MAAM,aAAa,CAAC;AACvE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAEvD,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAEnC,OAAO,WAAW,CAAC;AACnB,OAAO,eAAe,CAAC;AACvB,OAAO,cAAc,CAAC;AACtB,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAExC,cAAc,iBAAiB,CAAC;AAChC,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,iDAAiD,CAAC;AAChE,cAAc,mBAAmB,CAAC;AAClC,cAAc,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,MAAM,eAAe,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,EAAE,EAAc,MAAM,aAAa,CAAC;AACvE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAEvD,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAEnC,OAAO,WAAW,CAAC;AACnB,OAAO,eAAe,CAAC;AACvB,OAAO,cAAc,CAAC;AACtB,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAExC,cAAc,iBAAiB,CAAC;AAChC,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,iDAAiD,CAAC;AAChE,cAAc,mBAAmB,CAAC;AAClC,cAAc,cAAc,CAAC;AAC7B,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC;AAEhC,wEAAwE;AACxE,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;AAC1B,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC;AAG9B,IAAM,gBAAgB,GAAtB,MAAM,gBAAiB,SAAQ,YAAY;IACzC,SAAS;QACd,MAAM,EAAE,GAAG,IAAI,aAAa,EAAE,CAAC;QAC/B,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QACzC,EAAE,CAAC,IAAI,CAAC,2BAA2B,EAAE,CAAC,SAAqB,EAAE,aAA4B,EAAE,EAAE;YAC3F,MAAM,EAAE,GAAG,SAAS,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;YACzD,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAEhD,IAAI,CAAC,MAAM,EAAE;gBACX,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;gBAC7C,GAAG,CAAC,IAAI,CAAC,wGAAwG,CAAC,CAAC;aACpH;iBAAM;gBACL,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;aACtB;QACH,CAAC,CAAC,CAAC;QAEH;;WAEG;QACH,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAa,EAAE,QAAyB,EAAE,EAAE;YACvD,OAAO,IAAI,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC;QAEzB,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,EAAE;YAChB,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YACnC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;YAEhE,OAAO,IAAI,IAAI,CAAC;gBACd,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,mBAAmB;gBAC1B,IAAI,EAAE,CAAC,OAAO,CAAC;gBACf,QAAQ,EAAE,YAAY;aACvB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC,EAAE,CAAC,sBAAsB,CAAC,CAAC;IAChC,CAAC;CACF,CAAA;AAnCY,gBAAgB;IAD5B,UAAU,CAAC,YAAY,CAAC;GACZ,gBAAgB,CAmC5B"}
|
package/lib/mjs/interfaces.d.ts
CHANGED
|
@@ -228,6 +228,7 @@ export declare enum AthenticationErrorCodes {
|
|
|
228
228
|
}
|
|
229
229
|
export interface IRbacModelDescriptor extends IModelDescriptor {
|
|
230
230
|
RbacResource: string;
|
|
231
|
+
OwnerField: string;
|
|
231
232
|
}
|
|
232
233
|
/**
|
|
233
234
|
* Interface to provide implementation of password rule validation
|
|
@@ -235,4 +236,8 @@ export interface IRbacModelDescriptor extends IModelDescriptor {
|
|
|
235
236
|
export declare abstract class PasswordValidationProvider {
|
|
236
237
|
abstract check(password: string): boolean;
|
|
237
238
|
}
|
|
239
|
+
export interface IRbacAsyncStorage<U = User> {
|
|
240
|
+
User?: U;
|
|
241
|
+
Session?: ISession;
|
|
242
|
+
}
|
|
238
243
|
//# sourceMappingURL=interfaces.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,aAAa,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzI,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEjC,OAAO,QAAQ,cAAc,CAAC;IAC5B,UAAiB,YAAY;QAC3B;;;;;;;WAOG;QACH,eAAe,CAAC,KAAK,EAAE,mBAAmB,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,aAAa,CAAC;QAElI;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAErE;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAE7E;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,iBAAiB,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,MAAM,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;KACpG;CACF;AAED,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,UAAU,CAAC,EAAE,QAAQ,CAAC;IAEtB;;OAEG;IACH,QAAQ,EAAE,QAAQ,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAE3B;;;;;OAKG;IACH,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAChC;AAED;;GAEG;AACH,8BAAsB,gBAAgB;IACpC;;;;;;OAMG;aACa,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAExE;;;;;OAKG;aACa,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAEpD;;OAEG;aACa,QAAQ,IAAI,MAAM;CACnC;AAED;;;;;GAKG;AACH,8BAAsB,YAAY,CAAC,CAAC,GAAG,IAAI;IACzC;;;;;OAKG;aACa,MAAM,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEjE;;;;;;OAMG;aACa,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAEzE;;;;;OAKG;aACa,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEnE;;;;OAIG;aACa,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEnE;;;;;OAKG;aACa,SAAS,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEpE;;;;;OAKG;aACa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAErD;;;;;OAKG;aACa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAErD;;;;;OAKG;aACa,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;CACpD;AAED;;;;;;GAMG;AACH,8BAAsB,qBAAqB,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI;IACrD;;OAEG;IACH,QAAQ,KAAK,IAAI,IAAI,MAAM,CAAC;IAE5B;;;;;;;;OAQG;aACa,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAEpD;;;;;OAKG;aACa,YAAY,CAAC,WAAW,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CACzD;AAED,8BAAsB,eAAe,CAAC,CAAC,GAAG,QAAQ,CAAE,SAAQ,YAAY;IACtE;;;;;OAKG;aACa,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAEtD;;;;;OAKG;aACa,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAExD;;;;;OAKG;aACa,IAAI,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAEtD;;;;;;OAMG;aACa,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAE7D;;;;;OAKG;aACa,KAAK,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAEvD;;;;OAIG;aACa,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAC1C;AAED,oBAAY,uBAAuB;IACjC,aAAa,IAAI;IACjB,iBAAiB,IAAI;IACrB,qBAAqB,IAAI;IACzB,yBAAyB,IAAI;CAC9B;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;IAC5D,YAAY,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,aAAa,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzI,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEjC,OAAO,QAAQ,cAAc,CAAC;IAC5B,UAAiB,YAAY;QAC3B;;;;;;;WAOG;QACH,eAAe,CAAC,KAAK,EAAE,mBAAmB,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,aAAa,CAAC;QAElI;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAErE;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAE7E;;;;WAIG;QACH,cAAc,CAAC,CAAC,EAAE,iBAAiB,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,MAAM,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;KACpG;CACF;AAED,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,UAAU,CAAC,EAAE,QAAQ,CAAC;IAEtB;;OAEG;IACH,QAAQ,EAAE,QAAQ,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAE3B;;;;;OAKG;IACH,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAChC;AAED;;GAEG;AACH,8BAAsB,gBAAgB;IACpC;;;;;;OAMG;aACa,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAExE;;;;;OAKG;aACa,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAEpD;;OAEG;aACa,QAAQ,IAAI,MAAM;CACnC;AAED;;;;;GAKG;AACH,8BAAsB,YAAY,CAAC,CAAC,GAAG,IAAI;IACzC;;;;;OAKG;aACa,MAAM,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEjE;;;;;;OAMG;aACa,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAEzE;;;;;OAKG;aACa,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEnE;;;;OAIG;aACa,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEnE;;;;;OAKG;aACa,SAAS,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAEpE;;;;;OAKG;aACa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAErD;;;;;OAKG;aACa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAErD;;;;;OAKG;aACa,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;CACpD;AAED;;;;;;GAMG;AACH,8BAAsB,qBAAqB,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI;IACrD;;OAEG;IACH,QAAQ,KAAK,IAAI,IAAI,MAAM,CAAC;IAE5B;;;;;;;;OAQG;aACa,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAEpD;;;;;OAKG;aACa,YAAY,CAAC,WAAW,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CACzD;AAED,8BAAsB,eAAe,CAAC,CAAC,GAAG,QAAQ,CAAE,SAAQ,YAAY;IACtE;;;;;OAKG;aACa,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAEtD;;;;;OAKG;aACa,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAExD;;;;;OAKG;aACa,IAAI,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAEtD;;;;;;OAMG;aACa,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAE7D;;;;;OAKG;aACa,KAAK,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAEvD;;;;OAIG;aACa,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAC1C;AAED,oBAAY,uBAAuB;IACjC,aAAa,IAAI;IACjB,iBAAiB,IAAI;IACrB,qBAAqB,IAAI;IACzB,yBAAyB,IAAI;CAC9B;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;IAC5D,YAAY,EAAE,MAAM,CAAC;IAErB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,8BAAsB,0BAA0B;aAC9B,KAAK,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;CACjD;AAED,MAAM,WAAW,iBAAiB,CAAC,CAAC,GAAG,IAAI;IACzC,IAAI,CAAC,EAAE,CAAC,CAAC;IAET,OAAO,CAAC,EAAE,QAAQ,CAAC;CACpB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAqE3C;;GAEG;AACH,MAAM,OAAgB,gBAAgB;CAsBrC;AAED;;;;;GAKG;AACH,MAAM,OAAgB,YAAY;CAgEjC;AAED;;;;;;GAMG;AACH,MAAM,OAAgB,qBAAqB;CAwB1C;AAED,MAAM,OAAgB,eAA8B,SAAQ,YAAY;CAgDvE;AAED,MAAM,CAAN,IAAY,uBAKX;AALD,WAAY,uBAAuB;IACjC,uFAAiB,CAAA;IACjB,+FAAqB,CAAA;IACrB,uGAAyB,CAAA;IACzB,+GAA6B,CAAA;AAC/B,CAAC,EALW,uBAAuB,KAAvB,uBAAuB,QAKlC;
|
|
1
|
+
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAqE3C;;GAEG;AACH,MAAM,OAAgB,gBAAgB;CAsBrC;AAED;;;;;GAKG;AACH,MAAM,OAAgB,YAAY;CAgEjC;AAED;;;;;;GAMG;AACH,MAAM,OAAgB,qBAAqB;CAwB1C;AAED,MAAM,OAAgB,eAA8B,SAAQ,YAAY;CAgDvE;AAED,MAAM,CAAN,IAAY,uBAKX;AALD,WAAY,uBAAuB;IACjC,uFAAiB,CAAA;IACjB,+FAAqB,CAAA;IACrB,uGAAyB,CAAA;IACzB,+GAA6B,CAAA;AAC/B,CAAC,EALW,uBAAuB,KAAvB,uBAAuB,QAKlC;AAQD;;GAEG;AACH,MAAM,OAAgB,0BAA0B;CAE/C"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,
|
|
1
|
+
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAA0B,YAAY,EAAE,eAAe,EAAsB,MAAM,cAAc,CAAC;AAMzG,qBACa,6BAA8B,SAAQ,eAAe;IAChE,oBAAoB,CAAC,MAAM,EAAE,YAAY,CAAC,GAAG,CAAC,GAAG,IAAI;IACrD,kBAAkB,CAAC,OAAO,EAAE,YAAY;CAqCzC"}
|
package/lib/mjs/middleware.js
CHANGED
|
@@ -4,14 +4,41 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
4
4
|
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
5
|
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
6
|
};
|
|
7
|
-
import { Injectable } from '@spinajs/di';
|
|
8
|
-
import { QueryMiddleware, SelectQueryBuilder } from '@spinajs/orm';
|
|
7
|
+
import { DI, Injectable } from '@spinajs/di';
|
|
8
|
+
import { extractModelDescriptor, QueryMiddleware, SelectQueryBuilder } from '@spinajs/orm';
|
|
9
|
+
import { AsyncLocalStorage } from 'async_hooks';
|
|
10
|
+
import { OrmException } from '@spinajs/orm';
|
|
9
11
|
let RbacModelPermissionMiddleware = class RbacModelPermissionMiddleware extends QueryMiddleware {
|
|
10
|
-
beforeQueryExecution(_query) {
|
|
11
|
-
}
|
|
12
|
+
beforeQueryExecution(_query) { }
|
|
12
13
|
afterQueryCreation(builder) {
|
|
13
14
|
if (builder instanceof SelectQueryBuilder) {
|
|
14
|
-
|
|
15
|
+
if (typeof AsyncLocalStorage === 'function') {
|
|
16
|
+
const store = DI.get(AsyncLocalStorage);
|
|
17
|
+
if (store) {
|
|
18
|
+
const storage = store.getStore();
|
|
19
|
+
if (storage && storage.User) {
|
|
20
|
+
// add where statement
|
|
21
|
+
const descriptor = extractModelDescriptor(builder.Model);
|
|
22
|
+
const ac = DI.get('AccessControl');
|
|
23
|
+
// if model does not have @Resource() decorator set, model name is used
|
|
24
|
+
const resource = descriptor.RbacResource;
|
|
25
|
+
// no rbac is set do nothing
|
|
26
|
+
if (!resource) {
|
|
27
|
+
return;
|
|
28
|
+
}
|
|
29
|
+
const canAny = ac.can(storage.User.Role)['readAny'](resource).granted;
|
|
30
|
+
const canOwn = ac.can(storage.User.Role)['readOwn'](resource).granted;
|
|
31
|
+
// can get all resources
|
|
32
|
+
if (canAny) {
|
|
33
|
+
return;
|
|
34
|
+
}
|
|
35
|
+
if (canOwn) {
|
|
36
|
+
builder.andWhere(descriptor.OwnerField, storage.User.PrimaryKeyValue);
|
|
37
|
+
}
|
|
38
|
+
throw new OrmException(`User does not have permission to access ${resource}:read permission`);
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
}
|
|
15
42
|
}
|
|
16
43
|
}
|
|
17
44
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,sBAAsB,EAAgB,eAAe,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AACzG,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAGhD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAGrC,IAAM,6BAA6B,GAAnC,MAAM,6BAA8B,SAAQ,eAAe;IAChE,oBAAoB,CAAC,MAAyB,IAAS,CAAC;IACxD,kBAAkB,CAAC,OAAqB;QACtC,IAAI,OAAO,YAAY,kBAAkB,EAAE;YACzC,IAAI,OAAO,iBAAiB,KAAK,UAAU,EAAE;gBAC3C,MAAM,KAAK,GAAG,EAAE,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;gBACxC,IAAI,KAAK,EAAE;oBACT,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,EAAuB,CAAC;oBACtD,IAAI,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE;wBAC3B,sBAAsB;wBACtB,MAAM,UAAU,GAAG,sBAAsB,CAAC,OAAO,CAAC,KAAK,CAAyB,CAAC;wBACjF,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;wBAElD,uEAAuE;wBACvE,MAAM,QAAQ,GAAG,UAAU,CAAC,YAAY,CAAC;wBAEzC,4BAA4B;wBAC5B,IAAI,CAAC,QAAQ,EAAE;4BACb,OAAO;yBACR;wBAED,MAAM,MAAM,GAAI,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAS,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;wBAC/E,MAAM,MAAM,GAAI,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAS,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;wBAE/E,wBAAwB;wBACxB,IAAI,MAAM,EAAE;4BACV,OAAO;yBACR;wBAED,IAAI,MAAM,EAAE;4BACV,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;yBACvE;wBAED,MAAM,IAAI,YAAY,CAAC,2CAA2C,QAAQ,kBAAkB,CAAC,CAAC;qBAC/F;iBACF;aACF;SACF;IACH,CAAC;CACF,CAAA;AAvCY,6BAA6B;IADzC,UAAU,CAAC,eAAe,CAAC;GACf,6BAA6B,CAuCzC"}
|