@steedos/objectql 2.1.54 → 2.1.58
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/dynamic-load/preload_data.d.ts +3 -0
- package/lib/dynamic-load/preload_data.js +158 -1
- package/lib/dynamic-load/preload_data.js.map +1 -1
- package/lib/dynamic-load/restrictionRules.d.ts +1 -0
- package/lib/dynamic-load/restrictionRules.js +42 -0
- package/lib/dynamic-load/restrictionRules.js.map +1 -0
- package/lib/dynamic-load/shareRules.d.ts +1 -0
- package/lib/dynamic-load/shareRules.js +42 -0
- package/lib/dynamic-load/shareRules.js.map +1 -0
- package/lib/dynamic-load/trigger.d.ts +1 -3
- package/lib/dynamic-load/trigger.js +24 -14
- package/lib/dynamic-load/trigger.js.map +1 -1
- package/lib/formula/core.js +22 -5
- package/lib/formula/core.js.map +1 -1
- package/lib/formula/index.d.ts +2 -0
- package/lib/formula/index.js +28 -1
- package/lib/formula/index.js.map +1 -1
- package/lib/formula/simple_params.d.ts +2 -0
- package/lib/formula/simple_params.js +91 -0
- package/lib/formula/simple_params.js.map +1 -0
- package/lib/formula/type.d.ts +3 -2
- package/lib/formula/type.js.map +1 -1
- package/lib/index.d.ts +3 -0
- package/lib/index.js +3 -0
- package/lib/index.js.map +1 -1
- package/lib/metadata-register/_base.d.ts +3 -1
- package/lib/metadata-register/_base.js +16 -5
- package/lib/metadata-register/_base.js.map +1 -1
- package/lib/metadata-register/permissionFields.d.ts +7 -0
- package/lib/metadata-register/permissionFields.js +18 -0
- package/lib/metadata-register/permissionFields.js.map +1 -0
- package/lib/metadata-register/restrictionRules.d.ts +7 -0
- package/lib/metadata-register/restrictionRules.js +18 -0
- package/lib/metadata-register/restrictionRules.js.map +1 -0
- package/lib/metadata-register/shareRules.d.ts +7 -0
- package/lib/metadata-register/shareRules.js +18 -0
- package/lib/metadata-register/shareRules.js.map +1 -0
- package/lib/ts-types/triggerActionParams.d.ts +1 -0
- package/lib/types/field_permission.d.ts +4 -0
- package/lib/types/field_permission.js +50 -0
- package/lib/types/field_permission.js.map +1 -0
- package/lib/types/object.d.ts +1 -0
- package/lib/types/object.js +333 -163
- package/lib/types/object.js.map +1 -1
- package/lib/types/object_dynamic_load.js +13 -4
- package/lib/types/object_dynamic_load.js.map +1 -1
- package/lib/types/object_permission.d.ts +1 -0
- package/lib/types/object_permission.js +31 -0
- package/lib/types/object_permission.js.map +1 -1
- package/lib/types/restrictionRule.d.ts +13 -0
- package/lib/types/restrictionRule.js +75 -0
- package/lib/types/restrictionRule.js.map +1 -0
- package/lib/types/shareRule.d.ts +13 -0
- package/lib/types/shareRule.js +75 -0
- package/lib/types/shareRule.js.map +1 -0
- package/lib/types/trigger.d.ts +1 -0
- package/lib/types/trigger.js.map +1 -1
- package/lib/util/field.js +4 -4
- package/lib/util/field.js.map +1 -1
- package/lib/util/function_expression.d.ts +2 -0
- package/lib/util/function_expression.js +66 -0
- package/lib/util/function_expression.js.map +1 -0
- package/lib/util/index.d.ts +1 -0
- package/lib/util/index.js +1 -0
- package/lib/util/index.js.map +1 -1
- package/lib/util/transform.js +1 -1
- package/lib/util/transform.js.map +1 -1
- package/package.json +8 -8
- package/src/dynamic-load/preload_data.ts +44 -0
- package/src/dynamic-load/restrictionRules.ts +19 -0
- package/src/dynamic-load/shareRules.ts +19 -0
- package/src/dynamic-load/trigger.ts +22 -15
- package/src/formula/core.ts +19 -2
- package/src/formula/index.ts +21 -1
- package/src/formula/simple_params.ts +92 -0
- package/src/formula/type.ts +4 -3
- package/src/index.ts +4 -1
- package/src/metadata-register/_base.ts +14 -3
- package/src/metadata-register/permissionFields.ts +13 -0
- package/src/metadata-register/restrictionRules.ts +12 -0
- package/src/metadata-register/shareRules.ts +13 -0
- package/src/ts-types/triggerActionParams.ts +1 -0
- package/src/types/field_permission.ts +26 -0
- package/src/types/object.ts +207 -28
- package/src/types/object_dynamic_load.ts +4 -1
- package/src/types/object_permission.ts +32 -0
- package/src/types/restrictionRule.ts +57 -0
- package/src/types/shareRule.ts +57 -0
- package/src/types/trigger.ts +1 -0
- package/src/util/field.ts +4 -4
- package/src/util/function_expression.ts +63 -0
- package/src/util/index.ts +1 -0
- package/src/util/transform.ts +1 -1
package/lib/types/object.js
CHANGED
|
@@ -16,6 +16,9 @@ var object_events_1 = require("./object_events");
|
|
|
16
16
|
var i18n_1 = require("@steedos/i18n");
|
|
17
17
|
var object_layouts_1 = require("./object_layouts");
|
|
18
18
|
var lodash_1 = require("lodash");
|
|
19
|
+
var shareRule_1 = require("./shareRule");
|
|
20
|
+
var restrictionRule_1 = require("./restrictionRule");
|
|
21
|
+
var field_permission_1 = require("./field_permission");
|
|
19
22
|
var clone = require('clone');
|
|
20
23
|
// 主子表有层级限制,超过3层就报错,该函数判断当前对象作为主表对象往下的层级最多不越过3层,
|
|
21
24
|
// 其3层指的是A-B-C-D,它们都有父子关系,A作为最顶层,该对象上不可以再创建主表子表关系字段,但是B、C、D上可以;
|
|
@@ -356,7 +359,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
356
359
|
};
|
|
357
360
|
SteedosObjectType.prototype.runTriggerActions = function (when, context) {
|
|
358
361
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
359
|
-
var triggers, triggers_1, triggers_1_1, trigger, params,
|
|
362
|
+
var triggers, triggers_1, triggers_1_1, trigger, params, e_2_1;
|
|
360
363
|
var e_2, _a;
|
|
361
364
|
return tslib_1.__generator(this, function (_b) {
|
|
362
365
|
switch (_b.label) {
|
|
@@ -368,39 +371,40 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
368
371
|
}
|
|
369
372
|
_b.label = 2;
|
|
370
373
|
case 2:
|
|
371
|
-
_b.trys.push([2,
|
|
374
|
+
_b.trys.push([2, 7, 8, 9]);
|
|
372
375
|
triggers_1 = tslib_1.__values(triggers), triggers_1_1 = triggers_1.next();
|
|
373
376
|
_b.label = 3;
|
|
374
377
|
case 3:
|
|
375
|
-
if (!!triggers_1_1.done) return [3 /*break*/,
|
|
378
|
+
if (!!triggers_1_1.done) return [3 /*break*/, 6];
|
|
376
379
|
trigger = triggers_1_1.value;
|
|
377
380
|
params = util_1.generateActionParams(when, context);
|
|
378
|
-
|
|
381
|
+
return [4 /*yield*/, this._schema.metadataBroker.call(trigger.service.name + "." + trigger.metadata.action, params).catch(function (error) {
|
|
382
|
+
//如果action trigger 下线,则只打印error
|
|
383
|
+
if (error && _.isObject(error) && error.type === 'SERVICE_NOT_AVAILABLE') {
|
|
384
|
+
console.error("runTriggerActions error", error);
|
|
385
|
+
}
|
|
386
|
+
else {
|
|
387
|
+
throw error;
|
|
388
|
+
}
|
|
389
|
+
})];
|
|
379
390
|
case 4:
|
|
380
|
-
_b.trys.push([4, 6, , 7]);
|
|
381
|
-
return [4 /*yield*/, this._schema.metadataBroker.call(trigger.service.name + "." + trigger.metadata.action, params)];
|
|
382
|
-
case 5:
|
|
383
391
|
_b.sent();
|
|
384
|
-
|
|
385
|
-
case
|
|
386
|
-
error_1 = _b.sent();
|
|
387
|
-
console.error(error_1);
|
|
388
|
-
return [3 /*break*/, 7];
|
|
389
|
-
case 7:
|
|
392
|
+
_b.label = 5;
|
|
393
|
+
case 5:
|
|
390
394
|
triggers_1_1 = triggers_1.next();
|
|
391
395
|
return [3 /*break*/, 3];
|
|
392
|
-
case
|
|
393
|
-
case
|
|
396
|
+
case 6: return [3 /*break*/, 9];
|
|
397
|
+
case 7:
|
|
394
398
|
e_2_1 = _b.sent();
|
|
395
399
|
e_2 = { error: e_2_1 };
|
|
396
|
-
return [3 /*break*/,
|
|
397
|
-
case
|
|
400
|
+
return [3 /*break*/, 9];
|
|
401
|
+
case 8:
|
|
398
402
|
try {
|
|
399
403
|
if (triggers_1_1 && !triggers_1_1.done && (_a = triggers_1.return)) _a.call(triggers_1);
|
|
400
404
|
}
|
|
401
405
|
finally { if (e_2) throw e_2.error; }
|
|
402
406
|
return [7 /*endfinally*/];
|
|
403
|
-
case
|
|
407
|
+
case 9: return [2 /*return*/];
|
|
404
408
|
}
|
|
405
409
|
});
|
|
406
410
|
});
|
|
@@ -555,7 +559,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
555
559
|
SteedosObjectType.prototype.refreshIndexes = function () {
|
|
556
560
|
var e_3, _a, e_4, _b;
|
|
557
561
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
558
|
-
var adapter, collection, indexesInfo, dropIndexNames, key, field, info, indexesInfo_1, indexesInfo_1_1, indexInfo, key,
|
|
562
|
+
var adapter, collection, indexesInfo, dropIndexNames, key, field, info, indexesInfo_1, indexesInfo_1_1, indexInfo, key, error_1, e_3_1, error_2, dropIndexNames_1, dropIndexNames_1_1, indexName, error_3, e_4_1, error_4;
|
|
559
563
|
return tslib_1.__generator(this, function (_c) {
|
|
560
564
|
switch (_c.label) {
|
|
561
565
|
case 0:
|
|
@@ -600,8 +604,8 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
600
604
|
_c.sent();
|
|
601
605
|
return [3 /*break*/, 9];
|
|
602
606
|
case 8:
|
|
603
|
-
|
|
604
|
-
console.error(
|
|
607
|
+
error_1 = _c.sent();
|
|
608
|
+
console.error(error_1);
|
|
605
609
|
return [3 /*break*/, 9];
|
|
606
610
|
case 9: return [3 /*break*/, 4];
|
|
607
611
|
case 10: return [3 /*break*/, 17];
|
|
@@ -623,8 +627,8 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
623
627
|
case 16: return [7 /*endfinally*/];
|
|
624
628
|
case 17: return [3 /*break*/, 19];
|
|
625
629
|
case 18:
|
|
626
|
-
|
|
627
|
-
console.error(
|
|
630
|
+
error_2 = _c.sent();
|
|
631
|
+
console.error(error_2);
|
|
628
632
|
return [3 /*break*/, 19];
|
|
629
633
|
case 19:
|
|
630
634
|
if (!(dropIndexNames && dropIndexNames.length > 0)) return [3 /*break*/, 37];
|
|
@@ -648,7 +652,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
648
652
|
_c.sent();
|
|
649
653
|
return [3 /*break*/, 27];
|
|
650
654
|
case 26:
|
|
651
|
-
|
|
655
|
+
error_3 = _c.sent();
|
|
652
656
|
return [3 /*break*/, 27];
|
|
653
657
|
case 27: return [3 /*break*/, 22];
|
|
654
658
|
case 28: return [3 /*break*/, 35];
|
|
@@ -670,8 +674,8 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
670
674
|
case 34: return [7 /*endfinally*/];
|
|
671
675
|
case 35: return [3 /*break*/, 37];
|
|
672
676
|
case 36:
|
|
673
|
-
|
|
674
|
-
console.error(
|
|
677
|
+
error_4 = _c.sent();
|
|
678
|
+
console.error(error_4);
|
|
675
679
|
return [3 /*break*/, 37];
|
|
676
680
|
case 37: return [2 /*return*/];
|
|
677
681
|
}
|
|
@@ -712,77 +716,125 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
712
716
|
};
|
|
713
717
|
SteedosObjectType.prototype.getUserObjectPermission = function (userSession) {
|
|
714
718
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
715
|
-
var roles, objectRolesPermission, userObjectPermission, spaceId;
|
|
719
|
+
var roles, objectRolesPermission, userObjectPermission, rolesFieldsPermission, field_permissions, spaceId;
|
|
716
720
|
return tslib_1.__generator(this, function (_a) {
|
|
717
|
-
|
|
718
|
-
|
|
719
|
-
|
|
720
|
-
|
|
721
|
-
|
|
722
|
-
|
|
723
|
-
|
|
724
|
-
|
|
725
|
-
|
|
726
|
-
|
|
727
|
-
|
|
728
|
-
|
|
729
|
-
|
|
730
|
-
|
|
731
|
-
|
|
732
|
-
|
|
733
|
-
|
|
734
|
-
|
|
735
|
-
|
|
736
|
-
|
|
737
|
-
|
|
738
|
-
|
|
739
|
-
|
|
740
|
-
|
|
741
|
-
|
|
742
|
-
|
|
743
|
-
|
|
744
|
-
|
|
745
|
-
|
|
746
|
-
|
|
747
|
-
|
|
748
|
-
|
|
749
|
-
|
|
750
|
-
|
|
751
|
-
|
|
752
|
-
|
|
753
|
-
|
|
754
|
-
|
|
755
|
-
|
|
756
|
-
|
|
757
|
-
|
|
758
|
-
|
|
759
|
-
|
|
721
|
+
switch (_a.label) {
|
|
722
|
+
case 0:
|
|
723
|
+
if (!userSession) {
|
|
724
|
+
throw new Error('userSession is required');
|
|
725
|
+
}
|
|
726
|
+
roles = userSession.roles;
|
|
727
|
+
objectRolesPermission = this.getObjectRolesPermission(userSession.spaceId);
|
|
728
|
+
userObjectPermission = {
|
|
729
|
+
allowRead: false,
|
|
730
|
+
allowCreate: false,
|
|
731
|
+
allowEdit: false,
|
|
732
|
+
allowDelete: false,
|
|
733
|
+
viewAllRecords: false,
|
|
734
|
+
modifyAllRecords: false,
|
|
735
|
+
viewCompanyRecords: false,
|
|
736
|
+
modifyCompanyRecords: false,
|
|
737
|
+
allowReadFiles: null,
|
|
738
|
+
viewAllFiles: null,
|
|
739
|
+
allowCreateFiles: null,
|
|
740
|
+
allowEditFiles: null,
|
|
741
|
+
allowDeleteFiles: null,
|
|
742
|
+
modifyAllFiles: null,
|
|
743
|
+
disabled_list_views: null,
|
|
744
|
+
disabled_actions: null,
|
|
745
|
+
unreadable_fields: null,
|
|
746
|
+
uneditable_fields: null,
|
|
747
|
+
unrelated_objects: null,
|
|
748
|
+
field_permissions: null,
|
|
749
|
+
};
|
|
750
|
+
if (_.isEmpty(roles)) {
|
|
751
|
+
throw new Error('not find user permission');
|
|
752
|
+
}
|
|
753
|
+
return [4 /*yield*/, field_permission_1.FieldPermission.getObjectFieldsPermissionGroupRole(this.name)];
|
|
754
|
+
case 1:
|
|
755
|
+
rolesFieldsPermission = _a.sent();
|
|
756
|
+
roles.forEach(function (role) {
|
|
757
|
+
var rolePermission = objectRolesPermission[role];
|
|
758
|
+
if (rolePermission) {
|
|
759
|
+
var roleFieldsPermission_1 = rolesFieldsPermission[role];
|
|
760
|
+
_.each(userObjectPermission, function (v, k) {
|
|
761
|
+
var _v = rolePermission[k];
|
|
762
|
+
if (k === 'field_permissions') {
|
|
763
|
+
_v = roleFieldsPermission_1;
|
|
764
|
+
}
|
|
765
|
+
if (_.isBoolean(v)) {
|
|
766
|
+
if (v === false && _v === true) {
|
|
767
|
+
userObjectPermission[k] = _v;
|
|
768
|
+
}
|
|
769
|
+
}
|
|
770
|
+
else if (['allowReadFiles', 'viewAllFiles', 'allowCreateFiles', 'allowEditFiles', 'allowDeleteFiles', 'modifyAllFiles'].indexOf(k) > -1) {
|
|
771
|
+
if (_.isBoolean(_v)) {
|
|
772
|
+
userObjectPermission[k] = _v;
|
|
773
|
+
}
|
|
774
|
+
}
|
|
775
|
+
else if (['read_filters', 'edit_filters'].indexOf(k) > -1) {
|
|
776
|
+
if ('edit_filters' === k) {
|
|
777
|
+
if (!_.isEmpty(_v)) {
|
|
778
|
+
userObjectPermission['read_filters'].push(_v);
|
|
779
|
+
}
|
|
780
|
+
}
|
|
781
|
+
if (!_.isEmpty(_v)) {
|
|
782
|
+
userObjectPermission[k].push(_v);
|
|
783
|
+
}
|
|
784
|
+
}
|
|
785
|
+
else if ((_.isArray(v) || _.isNull(v))) {
|
|
786
|
+
if (!_.isArray(_v)) {
|
|
787
|
+
_v = [];
|
|
788
|
+
}
|
|
789
|
+
if (_.isNull(v)) {
|
|
790
|
+
userObjectPermission[k] = _v;
|
|
791
|
+
}
|
|
792
|
+
else {
|
|
793
|
+
if (k === 'field_permissions') {
|
|
794
|
+
userObjectPermission[k] = _.union(v, _v);
|
|
795
|
+
}
|
|
796
|
+
else {
|
|
797
|
+
userObjectPermission[k] = _.intersection(v, _v);
|
|
798
|
+
}
|
|
799
|
+
}
|
|
800
|
+
}
|
|
801
|
+
});
|
|
760
802
|
}
|
|
761
|
-
|
|
762
|
-
|
|
763
|
-
|
|
764
|
-
|
|
765
|
-
|
|
766
|
-
|
|
803
|
+
});
|
|
804
|
+
field_permissions = {};
|
|
805
|
+
if (userObjectPermission.field_permissions) {
|
|
806
|
+
_.each(userObjectPermission.field_permissions, function (field_permission) {
|
|
807
|
+
var field = field_permission.field, read = field_permission.read, edit = field_permission.edit;
|
|
808
|
+
if (field_permissions[field]) {
|
|
809
|
+
field_permissions[field].edit = field_permissions[field].edit || edit;
|
|
810
|
+
if (field_permissions[field].edit) {
|
|
811
|
+
field_permissions[field].read = true;
|
|
812
|
+
}
|
|
813
|
+
else {
|
|
814
|
+
field_permissions[field].read = field_permissions[field].read || read;
|
|
815
|
+
}
|
|
767
816
|
}
|
|
768
817
|
else {
|
|
769
|
-
|
|
818
|
+
field_permissions[field] = {
|
|
819
|
+
field: field,
|
|
820
|
+
read: edit || read,
|
|
821
|
+
edit: edit
|
|
822
|
+
};
|
|
770
823
|
}
|
|
771
|
-
}
|
|
772
|
-
}
|
|
773
|
-
|
|
774
|
-
|
|
775
|
-
|
|
776
|
-
|
|
777
|
-
|
|
778
|
-
|
|
779
|
-
|
|
780
|
-
|
|
781
|
-
|
|
782
|
-
|
|
824
|
+
});
|
|
825
|
+
}
|
|
826
|
+
userObjectPermission.field_permissions = field_permissions;
|
|
827
|
+
userObjectPermission.disabled_list_views = userObjectPermission.disabled_list_views || [];
|
|
828
|
+
userObjectPermission.disabled_actions = userObjectPermission.disabled_actions || [];
|
|
829
|
+
userObjectPermission.unreadable_fields = userObjectPermission.unreadable_fields || [];
|
|
830
|
+
userObjectPermission.uneditable_fields = userObjectPermission.uneditable_fields || [];
|
|
831
|
+
userObjectPermission.unrelated_objects = userObjectPermission.unrelated_objects || [];
|
|
832
|
+
spaceId = userSession.spaceId;
|
|
833
|
+
if (util_1.isTemplateSpace(spaceId)) {
|
|
834
|
+
return [2 /*return*/, Object.assign({}, userObjectPermission, { allowRead: true, viewAllRecords: true, viewCompanyRecords: true })];
|
|
835
|
+
}
|
|
836
|
+
return [2 /*return*/, userObjectPermission];
|
|
783
837
|
}
|
|
784
|
-
Creator.processPermissions(userObjectPermission);
|
|
785
|
-
return [2 /*return*/, userObjectPermission];
|
|
786
838
|
});
|
|
787
839
|
});
|
|
788
840
|
};
|
|
@@ -1283,7 +1335,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
1283
1335
|
};
|
|
1284
1336
|
SteedosObjectType.prototype.getRecordView = function (userSession) {
|
|
1285
1337
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
1286
|
-
var lng, objectMetadataConfig, objectConfig, _a, _b, _c, _d, layouts, layout, _fields_1, sort_no_1, layoutFieldKeys, objectFieldKeys, difference, layoutButtonsName_1, spaceProcessDefinition, dbListViews;
|
|
1338
|
+
var lng, objectMetadataConfig, objectConfig, _a, _b, _c, _d, layouts, layout, _fields_1, sort_no_1, layoutFieldKeys, objectFieldKeys, difference, layoutButtonsName_1, userObjectFields, spaceProcessDefinition, dbListViews;
|
|
1287
1339
|
return tslib_1.__generator(this, function (_e) {
|
|
1288
1340
|
switch (_e.label) {
|
|
1289
1341
|
case 0:
|
|
@@ -1383,6 +1435,23 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
1383
1435
|
}
|
|
1384
1436
|
});
|
|
1385
1437
|
}
|
|
1438
|
+
userObjectFields = objectConfig.fields;
|
|
1439
|
+
_.each(objectConfig.permissions.field_permissions, function (field_permission, field) {
|
|
1440
|
+
var read = field_permission.read, edit = field_permission.edit;
|
|
1441
|
+
if (read) {
|
|
1442
|
+
userObjectFields[field].omit = true;
|
|
1443
|
+
}
|
|
1444
|
+
if (edit) {
|
|
1445
|
+
userObjectFields[field].omit = false;
|
|
1446
|
+
userObjectFields[field].hidden = false;
|
|
1447
|
+
userObjectFields[field].readonly = false;
|
|
1448
|
+
userObjectFields[field].disabled = false;
|
|
1449
|
+
}
|
|
1450
|
+
if (!read && !edit) {
|
|
1451
|
+
delete userObjectFields[field];
|
|
1452
|
+
}
|
|
1453
|
+
});
|
|
1454
|
+
objectConfig.fields = userObjectFields;
|
|
1386
1455
|
return [4 /*yield*/, getObject("process_definition").directFind({ filters: [['space', '=', userSession.spaceId], ['object_name', '=', this.name], ['active', '=', true]] })];
|
|
1387
1456
|
case 7:
|
|
1388
1457
|
spaceProcessDefinition = _e.sent();
|
|
@@ -1551,7 +1620,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
1551
1620
|
};
|
|
1552
1621
|
SteedosObjectType.prototype.createDefaulRecordView = function (userSession) {
|
|
1553
1622
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
1554
|
-
var name, label, profiles, defaultRecordView,
|
|
1623
|
+
var name, label, profiles, defaultRecordView, error_5;
|
|
1555
1624
|
return tslib_1.__generator(this, function (_a) {
|
|
1556
1625
|
switch (_a.label) {
|
|
1557
1626
|
case 0:
|
|
@@ -1567,8 +1636,8 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
1567
1636
|
return [4 /*yield*/, getObject('object_layouts').insert(Object.assign({}, defaultRecordView, { name: name, label: label, profiles: profiles }), userSession)];
|
|
1568
1637
|
case 3: return [2 /*return*/, _a.sent()];
|
|
1569
1638
|
case 4:
|
|
1570
|
-
|
|
1571
|
-
return [2 /*return*/, { error:
|
|
1639
|
+
error_5 = _a.sent();
|
|
1640
|
+
return [2 /*return*/, { error: error_5.message }];
|
|
1572
1641
|
case 5: return [2 /*return*/];
|
|
1573
1642
|
}
|
|
1574
1643
|
});
|
|
@@ -1737,6 +1806,29 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
1737
1806
|
});
|
|
1738
1807
|
});
|
|
1739
1808
|
};
|
|
1809
|
+
// private async appendRecordPermission(records, userSession) {
|
|
1810
|
+
// const _ids = _.pluck(records, '_id');
|
|
1811
|
+
// const objPm = await this.getUserObjectPermission(userSession);
|
|
1812
|
+
// const permissionFilters = this.getObjectPermissionFilters(objPm, userSession, true);
|
|
1813
|
+
// if (_.isEmpty(permissionFilters)) {
|
|
1814
|
+
// return;
|
|
1815
|
+
// }
|
|
1816
|
+
// const filters = formatFiltersToODataQuery(['_id', 'in', _ids])
|
|
1817
|
+
// const results = await this.directFind({
|
|
1818
|
+
// fields: ['_id'],
|
|
1819
|
+
// filters: `(${filters}) and (${permissionFilters.join(' or ')})`
|
|
1820
|
+
// });
|
|
1821
|
+
// const allowEditIds = _.pluck(results, '_id');
|
|
1822
|
+
// _.each(records, (record) => {
|
|
1823
|
+
// if (_.include(allowEditIds, record._id)) {
|
|
1824
|
+
// record.record_permissions = {
|
|
1825
|
+
// allowRead: true,
|
|
1826
|
+
// allowEdit: true,
|
|
1827
|
+
// allowDelete: true,
|
|
1828
|
+
// }
|
|
1829
|
+
// }
|
|
1830
|
+
// })
|
|
1831
|
+
// }
|
|
1740
1832
|
SteedosObjectType.prototype.getTriggerContext = function (when, method, args, recordId) {
|
|
1741
1833
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
1742
1834
|
var userSession, context, _a;
|
|
@@ -1744,7 +1836,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
1744
1836
|
switch (_b.label) {
|
|
1745
1837
|
case 0:
|
|
1746
1838
|
userSession = args[args.length - 1];
|
|
1747
|
-
context = { userId: userSession ? userSession.userId : undefined, spaceId: userSession ? userSession.spaceId : undefined };
|
|
1839
|
+
context = { objectName: this.name, userId: userSession ? userSession.userId : undefined, spaceId: userSession ? userSession.spaceId : undefined };
|
|
1748
1840
|
if (method === 'find' || method === 'findOne' || method === 'count') {
|
|
1749
1841
|
context.query = args[args.length - 2];
|
|
1750
1842
|
}
|
|
@@ -1900,6 +1992,15 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
1900
1992
|
if (method === 'count') {
|
|
1901
1993
|
values = returnValue || 0;
|
|
1902
1994
|
}
|
|
1995
|
+
// else{
|
|
1996
|
+
// if (userSession) {
|
|
1997
|
+
// let _records = returnValue
|
|
1998
|
+
// if (method == 'findOne' && returnValue) {
|
|
1999
|
+
// _records = [_records]
|
|
2000
|
+
// }
|
|
2001
|
+
// await this.appendRecordPermission(_records, userSession);
|
|
2002
|
+
// }
|
|
2003
|
+
// }
|
|
1903
2004
|
Object.assign(afterTriggerContext, { data: { values: values } });
|
|
1904
2005
|
}
|
|
1905
2006
|
// console.log("==returnValue==", returnValue);
|
|
@@ -2011,6 +2112,28 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
2011
2112
|
});
|
|
2012
2113
|
});
|
|
2013
2114
|
};
|
|
2115
|
+
// private getObjectPermissionFilters(objectPermission, userSession, isEdit) {
|
|
2116
|
+
// const objectPermissionFilters = [];
|
|
2117
|
+
// let permissionFiltersKey = 'read_filters';
|
|
2118
|
+
// if (isEdit) {
|
|
2119
|
+
// permissionFiltersKey = 'edit_filters';
|
|
2120
|
+
// }
|
|
2121
|
+
// const globalData = Object.assign({}, userSession, { now: new Date() });
|
|
2122
|
+
// let permissionFilters = objectPermission[permissionFiltersKey];
|
|
2123
|
+
// _.each(permissionFilters, (permissionFilter) => {
|
|
2124
|
+
// if (_.isString(permissionFilter) && isExpression(permissionFilter.trim())) {
|
|
2125
|
+
// try {
|
|
2126
|
+
// const filters = parseSingleExpression(permissionFilter, {}, "#", globalData);
|
|
2127
|
+
// if (filters && !_.isString(filters)) {
|
|
2128
|
+
// objectPermissionFilters.push(`(${formatFiltersToODataQuery(filters, userSession)})`)
|
|
2129
|
+
// }
|
|
2130
|
+
// } catch (error) {
|
|
2131
|
+
// console.error(`getObjectPermissionFilters error`, permissionFilter, error.message);
|
|
2132
|
+
// }
|
|
2133
|
+
// }
|
|
2134
|
+
// })
|
|
2135
|
+
// return objectPermissionFilters;
|
|
2136
|
+
// }
|
|
2014
2137
|
/**
|
|
2015
2138
|
* 把query.filters用formatFiltersToODataQuery转为odata query
|
|
2016
2139
|
* 主要是为了把userSession中的utcOffset逻辑传入formatFiltersToODataQuery函数处理
|
|
@@ -2031,82 +2154,102 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
2031
2154
|
};
|
|
2032
2155
|
SteedosObjectType.prototype.dealWithMethodPermission = function (method, args) {
|
|
2033
2156
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
2034
|
-
var userSession, spaceId, userId, objPm, query, spaceFilter, companyFilter, ownerFilter, sharesFilter, clientFilter, filters, permissionFilters, userFilters, id, companyFilters, queryFilters, companyFilters, id, companyFilters;
|
|
2157
|
+
var userSession, spaceId, userId, objPm, query, spaceFilter, companyFilter, ownerFilter, sharesFilter, shareRuleFilters, restrictionRuleFilters, clientFilter, filters, permissionFilters, userFilters, permissionFilters, objectPermissionEditFilters, id, companyFilters, queryFilters, companyFilters, permissionFilters, objectPermissionEditFilters, id, companyFilters;
|
|
2035
2158
|
return tslib_1.__generator(this, function (_a) {
|
|
2036
2159
|
switch (_a.label) {
|
|
2037
2160
|
case 0:
|
|
2038
2161
|
userSession = args[args.length - 1];
|
|
2039
|
-
if (!userSession) return [3 /*break*/,
|
|
2162
|
+
if (!userSession) return [3 /*break*/, 5];
|
|
2040
2163
|
spaceId = userSession.spaceId;
|
|
2041
2164
|
userId = userSession.userId;
|
|
2042
2165
|
return [4 /*yield*/, this.getUserObjectPermission(userSession)];
|
|
2043
2166
|
case 1:
|
|
2044
2167
|
objPm = _a.sent();
|
|
2045
|
-
if (method === 'find' || method === 'count' || method === 'findOne' || method === 'aggregate' || method === 'aggregatePrefixalPipeline')
|
|
2046
|
-
|
|
2047
|
-
|
|
2048
|
-
|
|
2049
|
-
|
|
2050
|
-
|
|
2051
|
-
|
|
2052
|
-
|
|
2053
|
-
|
|
2054
|
-
|
|
2055
|
-
|
|
2056
|
-
|
|
2057
|
-
|
|
2058
|
-
|
|
2059
|
-
|
|
2060
|
-
|
|
2061
|
-
|
|
2062
|
-
|
|
2063
|
-
|
|
2064
|
-
|
|
2065
|
-
|
|
2066
|
-
|
|
2067
|
-
}
|
|
2068
|
-
companyFilter = _.map(userSession.companies, function (comp) {
|
|
2069
|
-
return "(company_id eq '" + comp._id + "') or (company_ids eq '" + comp._id + "')";
|
|
2070
|
-
});
|
|
2071
|
-
}
|
|
2072
|
-
if (!objPm.viewAllRecords && !objPm.viewCompanyRecords && objPm.allowRead) { // owner
|
|
2073
|
-
ownerFilter = "(owner eq '" + userId + "')";
|
|
2074
|
-
}
|
|
2075
|
-
if (!objPm.viewAllRecords) {
|
|
2076
|
-
sharesFilter = util_1.getUserObjectSharesFilters(this.name, userSession);
|
|
2077
|
-
}
|
|
2078
|
-
if (!_.isEmpty(companyFilter)) {
|
|
2079
|
-
permissionFilters.push("(" + companyFilter.join(' or ') + ")");
|
|
2080
|
-
}
|
|
2081
|
-
if (ownerFilter) {
|
|
2082
|
-
permissionFilters.push(ownerFilter);
|
|
2083
|
-
}
|
|
2084
|
-
if (!_.isEmpty(sharesFilter)) {
|
|
2085
|
-
permissionFilters.push("(" + sharesFilter.join(' or ') + ")");
|
|
2086
|
-
}
|
|
2087
|
-
if (clientFilter) {
|
|
2088
|
-
userFilters.push(clientFilter);
|
|
2089
|
-
}
|
|
2090
|
-
if (spaceFilter) {
|
|
2091
|
-
userFilters.push(spaceFilter);
|
|
2092
|
-
}
|
|
2093
|
-
if (!userSession.is_space_admin && !_.isEmpty(permissionFilters)) {
|
|
2094
|
-
filters = permissionFilters.join(' or ');
|
|
2095
|
-
}
|
|
2096
|
-
if (!_.isEmpty(userFilters)) {
|
|
2097
|
-
filters = filters ? "(" + filters + ") and (" + userFilters.join(' and ') + ")" : userFilters.join(' and ');
|
|
2168
|
+
if (!(method === 'find' || method === 'count' || method === 'findOne' || method === 'aggregate' || method === 'aggregatePrefixalPipeline')) return [3 /*break*/, 4];
|
|
2169
|
+
query = args[args.length - 2];
|
|
2170
|
+
if (method === 'aggregate' || method === 'aggregatePrefixalPipeline') {
|
|
2171
|
+
query = args[args.length - 3];
|
|
2172
|
+
}
|
|
2173
|
+
if (query.filters && !_.isString(query.filters)) {
|
|
2174
|
+
query.filters = filters_1.formatFiltersToODataQuery(query.filters);
|
|
2175
|
+
}
|
|
2176
|
+
if (this.table_name == 'cfs.files.filerecord' || this.table_name == 'cfs.instances.filerecord') {
|
|
2177
|
+
return [2 /*return*/];
|
|
2178
|
+
}
|
|
2179
|
+
if (util_1.isCloudAdminSpace(spaceId)) {
|
|
2180
|
+
return [2 /*return*/];
|
|
2181
|
+
}
|
|
2182
|
+
spaceFilter = void 0, companyFilter = void 0, ownerFilter = void 0, sharesFilter = void 0, shareRuleFilters = void 0, restrictionRuleFilters = void 0, clientFilter = query.filters, filters = void 0, permissionFilters = [], userFilters = [];
|
|
2183
|
+
if (spaceId) {
|
|
2184
|
+
spaceFilter = "(space eq '" + spaceId + "')";
|
|
2185
|
+
}
|
|
2186
|
+
if (spaceId && !objPm.viewAllRecords && objPm.viewCompanyRecords) { // 公司级
|
|
2187
|
+
if (_.isEmpty(userSession.companies)) {
|
|
2188
|
+
console.log('objPm', objPm);
|
|
2189
|
+
throw new Error("user not belong any company!");
|
|
2098
2190
|
}
|
|
2099
|
-
|
|
2191
|
+
companyFilter = _.map(userSession.companies, function (comp) {
|
|
2192
|
+
return "(company_id eq '" + comp._id + "') or (company_ids eq '" + comp._id + "')";
|
|
2193
|
+
});
|
|
2194
|
+
}
|
|
2195
|
+
if (!objPm.viewAllRecords && !objPm.viewCompanyRecords && objPm.allowRead) { // owner
|
|
2196
|
+
ownerFilter = "(owner eq '" + userId + "')";
|
|
2197
|
+
}
|
|
2198
|
+
return [4 /*yield*/, shareRule_1.ShareRules.getUserObjectFilters(this.name, userSession)];
|
|
2199
|
+
case 2:
|
|
2200
|
+
shareRuleFilters = _a.sent();
|
|
2201
|
+
if (!_.isEmpty(shareRuleFilters)) {
|
|
2202
|
+
permissionFilters.push("(" + shareRuleFilters.join(' or ') + ")");
|
|
2100
2203
|
}
|
|
2101
|
-
|
|
2204
|
+
return [4 /*yield*/, restrictionRule_1.RestrictionRule.getUserObjectFilters(this.name, userSession)];
|
|
2205
|
+
case 3:
|
|
2206
|
+
restrictionRuleFilters = _a.sent();
|
|
2207
|
+
if (!_.isEmpty(restrictionRuleFilters)) {
|
|
2208
|
+
userFilters.push("(" + restrictionRuleFilters.join(' or ') + ")");
|
|
2209
|
+
}
|
|
2210
|
+
// objectPermissionFilters = this.getObjectPermissionFilters(objPm, userSession, false);
|
|
2211
|
+
// if (!_.isEmpty(objectPermissionFilters)) {
|
|
2212
|
+
// permissionFilters.push(`(${objectPermissionFilters.join(' or ')})`);
|
|
2213
|
+
// }
|
|
2214
|
+
sharesFilter = util_1.getUserObjectSharesFilters(this.name, userSession);
|
|
2215
|
+
if (!_.isEmpty(companyFilter)) {
|
|
2216
|
+
permissionFilters.push("(" + companyFilter.join(' and ') + ")");
|
|
2217
|
+
}
|
|
2218
|
+
if (ownerFilter) {
|
|
2219
|
+
permissionFilters.push(ownerFilter);
|
|
2220
|
+
}
|
|
2221
|
+
if (!_.isEmpty(sharesFilter)) {
|
|
2222
|
+
permissionFilters.push("(" + sharesFilter.join(' or ') + ")");
|
|
2223
|
+
}
|
|
2224
|
+
if (clientFilter) {
|
|
2225
|
+
userFilters.push(clientFilter);
|
|
2226
|
+
}
|
|
2227
|
+
if (spaceFilter) {
|
|
2228
|
+
userFilters.push(spaceFilter);
|
|
2229
|
+
}
|
|
2230
|
+
if (!userSession.is_space_admin && !_.isEmpty(permissionFilters)) {
|
|
2231
|
+
filters = permissionFilters.join(' or ');
|
|
2232
|
+
}
|
|
2233
|
+
if (!_.isEmpty(userFilters)) {
|
|
2234
|
+
filters = filters ? "(" + filters + ") and (" + userFilters.join(' and ') + ")" : userFilters.join(' and ');
|
|
2235
|
+
}
|
|
2236
|
+
query.filters = filters;
|
|
2237
|
+
return [3 /*break*/, 5];
|
|
2238
|
+
case 4:
|
|
2239
|
+
if (method === 'insert') {
|
|
2102
2240
|
if (!objPm.allowCreate) {
|
|
2103
2241
|
throw new Error("no " + method + " permission!");
|
|
2104
2242
|
}
|
|
2105
2243
|
}
|
|
2106
2244
|
else if (method === 'update' || method === 'updateOne') {
|
|
2107
|
-
|
|
2245
|
+
permissionFilters = null;
|
|
2246
|
+
if (!objPm.allowEdit && _.isEmpty(permissionFilters)) {
|
|
2108
2247
|
throw new Error("no " + method + " permission!");
|
|
2109
2248
|
}
|
|
2249
|
+
objectPermissionEditFilters = '';
|
|
2250
|
+
if (!_.isEmpty(permissionFilters)) {
|
|
2251
|
+
objectPermissionEditFilters = " or (" + permissionFilters.join(' or ') + ")";
|
|
2252
|
+
}
|
|
2110
2253
|
id = args[args.length - 3];
|
|
2111
2254
|
if (!objPm.modifyAllRecords && objPm.modifyCompanyRecords) {
|
|
2112
2255
|
companyFilters = _.map(userSession.companies, function (comp) {
|
|
@@ -2114,25 +2257,36 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
2114
2257
|
}).join(' or ');
|
|
2115
2258
|
if (companyFilters) {
|
|
2116
2259
|
if (_.isString(id)) {
|
|
2117
|
-
id = { filters: "(_id eq '" + id + "') and (" + companyFilters + ")" };
|
|
2260
|
+
id = { filters: "(_id eq '" + id + "') and (" + companyFilters + objectPermissionEditFilters + ")" };
|
|
2118
2261
|
}
|
|
2119
2262
|
else if (_.isObject(id)) {
|
|
2120
2263
|
if (id.filters && !_.isString(id.filters)) {
|
|
2121
2264
|
id.filters = filters_1.formatFiltersToODataQuery(id.filters);
|
|
2122
2265
|
}
|
|
2123
|
-
id.filters = id.filters ? "(" + id.filters + ") and (" + companyFilters + ")" : "(" + companyFilters + ")";
|
|
2266
|
+
id.filters = id.filters ? "(" + id.filters + ") and (" + companyFilters + objectPermissionEditFilters + ")" : "(" + companyFilters + objectPermissionEditFilters + ")";
|
|
2124
2267
|
}
|
|
2125
2268
|
}
|
|
2126
2269
|
}
|
|
2127
2270
|
else if (!objPm.modifyAllRecords && !objPm.modifyCompanyRecords && objPm.allowEdit) {
|
|
2128
2271
|
if (_.isString(id)) {
|
|
2129
|
-
id = { filters: "(_id eq '" + id + "') and (owner eq '" + userId + "')" };
|
|
2272
|
+
id = { filters: "(_id eq '" + id + "') and (owner eq '" + userId + "' " + objectPermissionEditFilters + ")" };
|
|
2130
2273
|
}
|
|
2131
2274
|
else if (_.isObject(id)) {
|
|
2132
2275
|
if (id.filters && !_.isString(id.filters)) {
|
|
2133
2276
|
id.filters = filters_1.formatFiltersToODataQuery(id.filters);
|
|
2134
2277
|
}
|
|
2135
|
-
id.filters = id.filters ? "(" + id.filters + ") and (owner eq '" + userId + "')" : "(owner eq '" + userId + "')";
|
|
2278
|
+
id.filters = id.filters ? "(" + id.filters + ") and (owner eq '" + userId + "' " + objectPermissionEditFilters + ")" : "(owner eq '" + userId + "' " + objectPermissionEditFilters + ")";
|
|
2279
|
+
}
|
|
2280
|
+
}
|
|
2281
|
+
else if (objectPermissionEditFilters) {
|
|
2282
|
+
if (_.isString(id)) {
|
|
2283
|
+
id = { filters: "(_id eq '" + id + "') and (" + objectPermissionEditFilters + ")" };
|
|
2284
|
+
}
|
|
2285
|
+
else if (_.isObject(id)) {
|
|
2286
|
+
if (id.filters && !_.isString(id.filters)) {
|
|
2287
|
+
id.filters = filters_1.formatFiltersToODataQuery(id.filters);
|
|
2288
|
+
}
|
|
2289
|
+
id.filters = id.filters ? "(" + id.filters + ") and (" + objectPermissionEditFilters + ")" : "(" + objectPermissionEditFilters + ")";
|
|
2136
2290
|
}
|
|
2137
2291
|
}
|
|
2138
2292
|
args[args.length - 3] = id;
|
|
@@ -2156,25 +2310,41 @@ var SteedosObjectType = /** @class */ (function (_super) {
|
|
|
2156
2310
|
}
|
|
2157
2311
|
}
|
|
2158
2312
|
else if (method === 'delete') {
|
|
2159
|
-
|
|
2313
|
+
permissionFilters = null;
|
|
2314
|
+
if (!objPm.allowDelete && _.isEmpty(permissionFilters)) {
|
|
2160
2315
|
throw new Error("no " + method + " permission!");
|
|
2161
2316
|
}
|
|
2317
|
+
objectPermissionEditFilters = '';
|
|
2318
|
+
if (!_.isEmpty(permissionFilters)) {
|
|
2319
|
+
objectPermissionEditFilters = " or (" + permissionFilters.join(' or ') + ")";
|
|
2320
|
+
}
|
|
2162
2321
|
id = args[args.length - 2];
|
|
2163
2322
|
if (!objPm.modifyAllRecords && objPm.modifyCompanyRecords) {
|
|
2164
2323
|
companyFilters = _.map(userSession.companies, function (comp) {
|
|
2165
2324
|
return "(company_id eq '" + comp._id + "') or (company_ids eq '" + comp._id + "')";
|
|
2166
2325
|
}).join(' or ');
|
|
2167
2326
|
if (companyFilters) {
|
|
2168
|
-
id = { filters: "(_id eq '" + id + "') and (" + companyFilters + ")" };
|
|
2327
|
+
id = { filters: "(_id eq '" + id + "') and (" + companyFilters + objectPermissionEditFilters + ")" };
|
|
2169
2328
|
}
|
|
2170
2329
|
}
|
|
2171
2330
|
else if (!objPm.modifyAllRecords && !objPm.modifyCompanyRecords) {
|
|
2172
|
-
id = { filters: "(_id eq '" + id + "') and (owner eq '" + userId + "')" };
|
|
2331
|
+
id = { filters: "(_id eq '" + id + "') and (owner eq '" + userId + "'" + objectPermissionEditFilters + ")" };
|
|
2332
|
+
}
|
|
2333
|
+
else if (objectPermissionEditFilters) {
|
|
2334
|
+
if (_.isString(id)) {
|
|
2335
|
+
id = { filters: "(_id eq '" + id + "') and (" + objectPermissionEditFilters + ")" };
|
|
2336
|
+
}
|
|
2337
|
+
else if (_.isObject(id)) {
|
|
2338
|
+
if (id.filters && !_.isString(id.filters)) {
|
|
2339
|
+
id.filters = filters_1.formatFiltersToODataQuery(id.filters);
|
|
2340
|
+
}
|
|
2341
|
+
id.filters = id.filters ? "(" + id.filters + ") and (" + objectPermissionEditFilters + ")" : "(" + objectPermissionEditFilters + ")";
|
|
2342
|
+
}
|
|
2173
2343
|
}
|
|
2174
2344
|
args[args.length - 2] = id;
|
|
2175
2345
|
}
|
|
2176
|
-
_a.label =
|
|
2177
|
-
case
|
|
2346
|
+
_a.label = 5;
|
|
2347
|
+
case 5: return [2 /*return*/];
|
|
2178
2348
|
}
|
|
2179
2349
|
});
|
|
2180
2350
|
});
|