@steedos/objectql 2.1.56 → 2.1.57

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -155,6 +155,9 @@ export declare class SteedosObjectType extends SteedosObjectProperties {
155
155
  unreadable_fields: any;
156
156
  uneditable_fields: any;
157
157
  unrelated_objects: any;
158
+ field_permissions: any;
159
+ read_filters: any[];
160
+ edit_filters: any[];
158
161
  }>;
159
162
  private allowFind;
160
163
  private allowInsert;
@@ -203,12 +206,14 @@ export declare class SteedosObjectType extends SteedosObjectProperties {
203
206
  private allow;
204
207
  private runBeforeTriggers;
205
208
  private runAfterTriggers;
209
+ private appendRecordPermission;
206
210
  private getTriggerContext;
207
211
  private processUnreadableField;
208
212
  private processUneditableFields;
209
213
  private callAdapter;
210
214
  private runRecordFormula;
211
215
  private runRecordSummaries;
216
+ private getObjectPermissionFilters;
212
217
  /**
213
218
  * 把query.filters用formatFiltersToODataQuery转为odata query
214
219
  * 主要是为了把userSession中的utcOffset逻辑传入formatFiltersToODataQuery函数处理
@@ -713,7 +713,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
713
713
  };
714
714
  SteedosObjectType.prototype.getUserObjectPermission = function (userSession) {
715
715
  return tslib_1.__awaiter(this, void 0, void 0, function () {
716
- var roles, objectRolesPermission, userObjectPermission, spaceId;
716
+ var roles, objectRolesPermission, userObjectPermission, field_permissions, spaceId;
717
717
  return tslib_1.__generator(this, function (_a) {
718
718
  if (!userSession) {
719
719
  throw new Error('userSession is required');
@@ -739,7 +739,10 @@ var SteedosObjectType = /** @class */ (function (_super) {
739
739
  disabled_actions: null,
740
740
  unreadable_fields: null,
741
741
  uneditable_fields: null,
742
- unrelated_objects: null
742
+ unrelated_objects: null,
743
+ field_permissions: null,
744
+ read_filters: [],
745
+ edit_filters: []
743
746
  };
744
747
  if (_.isEmpty(roles)) {
745
748
  throw new Error('not find user permission');
@@ -759,6 +762,16 @@ var SteedosObjectType = /** @class */ (function (_super) {
759
762
  userObjectPermission[k] = _v;
760
763
  }
761
764
  }
765
+ else if (['read_filters', 'edit_filters'].indexOf(k) > -1) {
766
+ if ('edit_filters' === k) {
767
+ if (!_.isEmpty(_v)) {
768
+ userObjectPermission['read_filters'].push(_v);
769
+ }
770
+ }
771
+ if (!_.isEmpty(_v)) {
772
+ userObjectPermission[k].push(_v);
773
+ }
774
+ }
762
775
  else if ((_.isArray(v) || _.isNull(v))) {
763
776
  if (!_.isArray(_v)) {
764
777
  _v = [];
@@ -767,12 +780,40 @@ var SteedosObjectType = /** @class */ (function (_super) {
767
780
  userObjectPermission[k] = _v;
768
781
  }
769
782
  else {
770
- userObjectPermission[k] = _.intersection(v, _v);
783
+ if (k === 'field_permissions') {
784
+ userObjectPermission[k] = _.union(v, _v);
785
+ }
786
+ else {
787
+ userObjectPermission[k] = _.intersection(v, _v);
788
+ }
771
789
  }
772
790
  }
773
791
  });
774
792
  }
775
793
  });
794
+ field_permissions = {};
795
+ if (userObjectPermission.field_permissions) {
796
+ _.each(userObjectPermission.field_permissions, function (field_permission) {
797
+ var field = field_permission.field, read = field_permission.read, edit = field_permission.edit;
798
+ if (field_permissions[field]) {
799
+ field_permissions[field].edit = field_permissions[field].edit || edit;
800
+ if (field_permissions[field].edit) {
801
+ field_permissions[field].read = true;
802
+ }
803
+ else {
804
+ field_permissions[field].read = field_permissions[field].read || read;
805
+ }
806
+ }
807
+ else {
808
+ field_permissions[field] = {
809
+ field: field,
810
+ read: edit || read,
811
+ edit: edit
812
+ };
813
+ }
814
+ });
815
+ }
816
+ userObjectPermission.field_permissions = field_permissions;
776
817
  userObjectPermission.disabled_list_views = userObjectPermission.disabled_list_views || [];
777
818
  userObjectPermission.disabled_actions = userObjectPermission.disabled_actions || [];
778
819
  userObjectPermission.unreadable_fields = userObjectPermission.unreadable_fields || [];
@@ -782,7 +823,6 @@ var SteedosObjectType = /** @class */ (function (_super) {
782
823
  if (util_1.isTemplateSpace(spaceId)) {
783
824
  return [2 /*return*/, Object.assign({}, userObjectPermission, { allowRead: true, viewAllRecords: true, viewCompanyRecords: true })];
784
825
  }
785
- Creator.processPermissions(userObjectPermission);
786
826
  return [2 /*return*/, userObjectPermission];
787
827
  });
788
828
  });
@@ -1284,7 +1324,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
1284
1324
  };
1285
1325
  SteedosObjectType.prototype.getRecordView = function (userSession) {
1286
1326
  return tslib_1.__awaiter(this, void 0, void 0, function () {
1287
- var lng, objectMetadataConfig, objectConfig, _a, _b, _c, _d, layouts, layout, _fields_1, sort_no_1, layoutFieldKeys, objectFieldKeys, difference, layoutButtonsName_1, spaceProcessDefinition, dbListViews;
1327
+ var lng, objectMetadataConfig, objectConfig, _a, _b, _c, _d, layouts, layout, _fields_1, sort_no_1, layoutFieldKeys, objectFieldKeys, difference, layoutButtonsName_1, userObjectFields, spaceProcessDefinition, dbListViews;
1288
1328
  return tslib_1.__generator(this, function (_e) {
1289
1329
  switch (_e.label) {
1290
1330
  case 0:
@@ -1384,6 +1424,23 @@ var SteedosObjectType = /** @class */ (function (_super) {
1384
1424
  }
1385
1425
  });
1386
1426
  }
1427
+ userObjectFields = objectConfig.fields;
1428
+ _.each(objectConfig.permissions.field_permissions, function (field_permission, field) {
1429
+ var read = field_permission.read, edit = field_permission.edit;
1430
+ if (read) {
1431
+ userObjectFields[field].omit = true;
1432
+ }
1433
+ if (edit) {
1434
+ userObjectFields[field].omit = false;
1435
+ userObjectFields[field].hidden = false;
1436
+ userObjectFields[field].readonly = false;
1437
+ userObjectFields[field].disabled = false;
1438
+ }
1439
+ if (!read && !edit) {
1440
+ delete userObjectFields[field];
1441
+ }
1442
+ });
1443
+ objectConfig.fields = userObjectFields;
1387
1444
  return [4 /*yield*/, getObject("process_definition").directFind({ filters: [['space', '=', userSession.spaceId], ['object_name', '=', this.name], ['active', '=', true]] })];
1388
1445
  case 7:
1389
1446
  spaceProcessDefinition = _e.sent();
@@ -1738,6 +1795,42 @@ var SteedosObjectType = /** @class */ (function (_super) {
1738
1795
  });
1739
1796
  });
1740
1797
  };
1798
+ SteedosObjectType.prototype.appendRecordPermission = function (records, userSession) {
1799
+ return tslib_1.__awaiter(this, void 0, void 0, function () {
1800
+ var _ids, objPm, permissionFilters, filters, results, allowEditIds;
1801
+ return tslib_1.__generator(this, function (_a) {
1802
+ switch (_a.label) {
1803
+ case 0:
1804
+ _ids = _.pluck(records, '_id');
1805
+ return [4 /*yield*/, this.getUserObjectPermission(userSession)];
1806
+ case 1:
1807
+ objPm = _a.sent();
1808
+ permissionFilters = this.getObjectPermissionFilters(objPm, userSession, true);
1809
+ if (_.isEmpty(permissionFilters)) {
1810
+ return [2 /*return*/];
1811
+ }
1812
+ filters = filters_1.formatFiltersToODataQuery(['_id', 'in', _ids]);
1813
+ return [4 /*yield*/, this.directFind({
1814
+ fields: ['_id'],
1815
+ filters: "(" + filters + ") and (" + permissionFilters.join(' or ') + ")"
1816
+ })];
1817
+ case 2:
1818
+ results = _a.sent();
1819
+ allowEditIds = _.pluck(results, '_id');
1820
+ _.each(records, function (record) {
1821
+ if (_.include(allowEditIds, record._id)) {
1822
+ record.record_permissions = {
1823
+ allowRead: true,
1824
+ allowEdit: true,
1825
+ allowDelete: true,
1826
+ };
1827
+ }
1828
+ });
1829
+ return [2 /*return*/];
1830
+ }
1831
+ });
1832
+ });
1833
+ };
1741
1834
  SteedosObjectType.prototype.getTriggerContext = function (when, method, args, recordId) {
1742
1835
  return tslib_1.__awaiter(this, void 0, void 0, function () {
1743
1836
  var userSession, context, _a;
@@ -1827,7 +1920,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
1827
1920
  args[_i - 1] = arguments[_i];
1828
1921
  }
1829
1922
  return tslib_1.__awaiter(this, void 0, void 0, function () {
1830
- var adapterMethod, allow, objectName, recordId, doc, paramRecordId, returnValue, userSession, beforeTriggerContext, afterTriggerContext, previousDoc, values;
1923
+ var adapterMethod, allow, objectName, recordId, doc, paramRecordId, returnValue, userSession, beforeTriggerContext, afterTriggerContext, previousDoc, values, _records;
1831
1924
  return tslib_1.__generator(this, function (_a) {
1832
1925
  switch (_a.label) {
1833
1926
  case 0:
@@ -1870,7 +1963,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
1870
1963
  return [4 /*yield*/, adapterMethod.apply(this._datasource, args)];
1871
1964
  case 4:
1872
1965
  returnValue = _a.sent();
1873
- return [3 /*break*/, 21];
1966
+ return [3 /*break*/, 25];
1874
1967
  case 5:
1875
1968
  userSession = args[args.length - 1];
1876
1969
  return [4 /*yield*/, this.getTriggerContext('before', method, args)];
@@ -1896,31 +1989,43 @@ var SteedosObjectType = /** @class */ (function (_super) {
1896
1989
  return [4 /*yield*/, adapterMethod.apply(this._datasource, args)];
1897
1990
  case 10:
1898
1991
  returnValue = _a.sent();
1899
- if (method === 'find' || method == 'findOne' || method == 'count' || method == 'aggregate' || method == 'aggregatePrefixalPipeline') {
1900
- values = returnValue || {};
1901
- if (method === 'count') {
1902
- values = returnValue || 0;
1903
- }
1904
- Object.assign(afterTriggerContext, { data: { values: values } });
1992
+ if (!(method === 'find' || method == 'findOne' || method == 'count' || method == 'aggregate' || method == 'aggregatePrefixalPipeline')) return [3 /*break*/, 14];
1993
+ values = returnValue || {};
1994
+ if (!(method === 'count')) return [3 /*break*/, 11];
1995
+ values = returnValue || 0;
1996
+ return [3 /*break*/, 13];
1997
+ case 11:
1998
+ if (!userSession) return [3 /*break*/, 13];
1999
+ _records = returnValue;
2000
+ if (method == 'findOne' && returnValue) {
2001
+ _records = [_records];
1905
2002
  }
2003
+ return [4 /*yield*/, this.appendRecordPermission(_records, userSession)];
2004
+ case 12:
2005
+ _a.sent();
2006
+ _a.label = 13;
2007
+ case 13:
2008
+ Object.assign(afterTriggerContext, { data: { values: values } });
2009
+ _a.label = 14;
2010
+ case 14:
1906
2011
  // console.log("==returnValue==", returnValue);
1907
2012
  if (method == 'insert' && _.has(returnValue, '_id')) {
1908
2013
  afterTriggerContext.doc = returnValue;
1909
2014
  afterTriggerContext = Object.assign({}, afterTriggerContext, { id: returnValue._id });
1910
2015
  }
1911
- if (!(method == "update")) return [3 /*break*/, 13];
1912
- if (!returnValue) return [3 /*break*/, 12];
2016
+ if (!(method == "update")) return [3 /*break*/, 17];
2017
+ if (!returnValue) return [3 /*break*/, 16];
1913
2018
  afterTriggerContext.doc = returnValue;
1914
2019
  return [4 /*yield*/, this.runAfterTriggers(method, afterTriggerContext)];
1915
- case 11:
2020
+ case 15:
1916
2021
  _a.sent();
1917
- _a.label = 12;
1918
- case 12: return [3 /*break*/, 15];
1919
- case 13: return [4 /*yield*/, this.runAfterTriggers(method, afterTriggerContext)];
1920
- case 14:
2022
+ _a.label = 16;
2023
+ case 16: return [3 /*break*/, 19];
2024
+ case 17: return [4 /*yield*/, this.runAfterTriggers(method, afterTriggerContext)];
2025
+ case 18:
1921
2026
  _a.sent();
1922
- _a.label = 15;
1923
- case 15:
2027
+ _a.label = 19;
2028
+ case 19:
1924
2029
  if (method === 'find' || method == 'findOne' || method == 'count' || method == 'aggregate' || method == 'aggregatePrefixalPipeline') {
1925
2030
  if (_.isEmpty(afterTriggerContext.data) || (_.isEmpty(afterTriggerContext.data.values) && !_.isNumber(afterTriggerContext.data.values))) {
1926
2031
  return [2 /*return*/, returnValue];
@@ -1936,9 +2041,9 @@ var SteedosObjectType = /** @class */ (function (_super) {
1936
2041
  user_session: userSession,
1937
2042
  previous_record: afterTriggerContext.previousDoc
1938
2043
  }).run()];
1939
- case 16:
2044
+ case 20:
1940
2045
  _a.sent();
1941
- if (!returnValue) return [3 /*break*/, 19];
2046
+ if (!returnValue) return [3 /*break*/, 23];
1942
2047
  if (method === "insert") {
1943
2048
  // 当为insert时,上面代码执行后的doc不带_id,只能从returnValue中取
1944
2049
  doc = returnValue;
@@ -1946,18 +2051,18 @@ var SteedosObjectType = /** @class */ (function (_super) {
1946
2051
  }
1947
2052
  // 一定要先运行公式再运行汇总,以下两个函数顺序不能反
1948
2053
  return [4 /*yield*/, this.runRecordFormula(method, objectName, recordId, doc, userSession)];
1949
- case 17:
2054
+ case 21:
1950
2055
  // 一定要先运行公式再运行汇总,以下两个函数顺序不能反
1951
2056
  _a.sent();
1952
2057
  return [4 /*yield*/, this.runRecordSummaries(method, objectName, recordId, doc, previousDoc, userSession)];
1953
- case 18:
2058
+ case 22:
1954
2059
  _a.sent();
1955
- _a.label = 19;
1956
- case 19: return [4 /*yield*/, object_events_1.brokeEmitEvents(objectName, method, afterTriggerContext)];
1957
- case 20:
2060
+ _a.label = 23;
2061
+ case 23: return [4 /*yield*/, object_events_1.brokeEmitEvents(objectName, method, afterTriggerContext)];
2062
+ case 24:
1958
2063
  _a.sent();
1959
- _a.label = 21;
1960
- case 21: return [2 /*return*/, returnValue];
2064
+ _a.label = 25;
2065
+ case 25: return [2 /*return*/, returnValue];
1961
2066
  }
1962
2067
  });
1963
2068
  });
@@ -2012,6 +2117,29 @@ var SteedosObjectType = /** @class */ (function (_super) {
2012
2117
  });
2013
2118
  });
2014
2119
  };
2120
+ SteedosObjectType.prototype.getObjectPermissionFilters = function (objectPermission, userSession, isEdit) {
2121
+ var objectPermissionFilters = [];
2122
+ var permissionFiltersKey = 'read_filters';
2123
+ if (isEdit) {
2124
+ permissionFiltersKey = 'edit_filters';
2125
+ }
2126
+ var globalData = Object.assign({}, userSession, { now: new Date() });
2127
+ var permissionFilters = objectPermission[permissionFiltersKey];
2128
+ _.each(permissionFilters, function (permissionFilter) {
2129
+ if (_.isString(permissionFilter) && util_1.isExpression(permissionFilter.trim())) {
2130
+ try {
2131
+ var filters = util_1.parseSingleExpression(permissionFilter, {}, "#", globalData);
2132
+ if (filters && !_.isString(filters)) {
2133
+ objectPermissionFilters.push("(" + filters_1.formatFiltersToODataQuery(filters, userSession) + ")");
2134
+ }
2135
+ }
2136
+ catch (error) {
2137
+ console.error("getObjectPermissionFilters error", permissionFilter, error.message);
2138
+ }
2139
+ }
2140
+ });
2141
+ return objectPermissionFilters;
2142
+ };
2015
2143
  /**
2016
2144
  * 把query.filters用formatFiltersToODataQuery转为odata query
2017
2145
  * 主要是为了把userSession中的utcOffset逻辑传入formatFiltersToODataQuery函数处理
@@ -2032,7 +2160,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
2032
2160
  };
2033
2161
  SteedosObjectType.prototype.dealWithMethodPermission = function (method, args) {
2034
2162
  return tslib_1.__awaiter(this, void 0, void 0, function () {
2035
- var userSession, spaceId, userId, objPm, query, spaceFilter, companyFilter, ownerFilter, sharesFilter, clientFilter, filters, permissionFilters, userFilters, id, companyFilters, queryFilters, companyFilters, id, companyFilters;
2163
+ var userSession, spaceId, userId, objPm, query, spaceFilter, companyFilter, ownerFilter, sharesFilter, objectPermissionFilters, clientFilter, filters, permissionFilters, userFilters, permissionFilters, objectPermissionEditFilters, id, companyFilters, queryFilters, companyFilters, permissionFilters, objectPermissionEditFilters, id, companyFilters;
2036
2164
  return tslib_1.__generator(this, function (_a) {
2037
2165
  switch (_a.label) {
2038
2166
  case 0:
@@ -2057,7 +2185,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
2057
2185
  if (util_1.isCloudAdminSpace(spaceId)) {
2058
2186
  return [2 /*return*/];
2059
2187
  }
2060
- spaceFilter = void 0, companyFilter = void 0, ownerFilter = void 0, sharesFilter = void 0, clientFilter = query.filters, filters = void 0, permissionFilters = [], userFilters = [];
2188
+ spaceFilter = void 0, companyFilter = void 0, ownerFilter = void 0, sharesFilter = void 0, objectPermissionFilters = void 0, clientFilter = query.filters, filters = void 0, permissionFilters = [], userFilters = [];
2061
2189
  if (spaceId) {
2062
2190
  spaceFilter = "(space eq '" + spaceId + "')";
2063
2191
  }
@@ -2073,9 +2201,11 @@ var SteedosObjectType = /** @class */ (function (_super) {
2073
2201
  if (!objPm.viewAllRecords && !objPm.viewCompanyRecords && objPm.allowRead) { // owner
2074
2202
  ownerFilter = "(owner eq '" + userId + "')";
2075
2203
  }
2076
- if (!objPm.viewAllRecords) {
2077
- sharesFilter = util_1.getUserObjectSharesFilters(this.name, userSession);
2204
+ objectPermissionFilters = this.getObjectPermissionFilters(objPm, userSession, false);
2205
+ if (!_.isEmpty(objectPermissionFilters)) {
2206
+ permissionFilters.push("(" + objectPermissionFilters.join(' or ') + ")");
2078
2207
  }
2208
+ sharesFilter = util_1.getUserObjectSharesFilters(this.name, userSession);
2079
2209
  if (!_.isEmpty(companyFilter)) {
2080
2210
  permissionFilters.push("(" + companyFilter.join(' or ') + ")");
2081
2211
  }
@@ -2105,9 +2235,14 @@ var SteedosObjectType = /** @class */ (function (_super) {
2105
2235
  }
2106
2236
  }
2107
2237
  else if (method === 'update' || method === 'updateOne') {
2108
- if (!objPm.allowEdit) {
2238
+ permissionFilters = this.getObjectPermissionFilters(objPm, userSession, true);
2239
+ if (!objPm.allowEdit && _.isEmpty(permissionFilters)) {
2109
2240
  throw new Error("no " + method + " permission!");
2110
2241
  }
2242
+ objectPermissionEditFilters = '';
2243
+ if (!_.isEmpty(permissionFilters)) {
2244
+ objectPermissionEditFilters = " or (" + permissionFilters.join(' or ') + ")";
2245
+ }
2111
2246
  id = args[args.length - 3];
2112
2247
  if (!objPm.modifyAllRecords && objPm.modifyCompanyRecords) {
2113
2248
  companyFilters = _.map(userSession.companies, function (comp) {
@@ -2115,25 +2250,36 @@ var SteedosObjectType = /** @class */ (function (_super) {
2115
2250
  }).join(' or ');
2116
2251
  if (companyFilters) {
2117
2252
  if (_.isString(id)) {
2118
- id = { filters: "(_id eq '" + id + "') and (" + companyFilters + ")" };
2253
+ id = { filters: "(_id eq '" + id + "') and (" + companyFilters + objectPermissionEditFilters + ")" };
2119
2254
  }
2120
2255
  else if (_.isObject(id)) {
2121
2256
  if (id.filters && !_.isString(id.filters)) {
2122
2257
  id.filters = filters_1.formatFiltersToODataQuery(id.filters);
2123
2258
  }
2124
- id.filters = id.filters ? "(" + id.filters + ") and (" + companyFilters + ")" : "(" + companyFilters + ")";
2259
+ id.filters = id.filters ? "(" + id.filters + ") and (" + companyFilters + objectPermissionEditFilters + ")" : "(" + companyFilters + objectPermissionEditFilters + ")";
2125
2260
  }
2126
2261
  }
2127
2262
  }
2128
2263
  else if (!objPm.modifyAllRecords && !objPm.modifyCompanyRecords && objPm.allowEdit) {
2129
2264
  if (_.isString(id)) {
2130
- id = { filters: "(_id eq '" + id + "') and (owner eq '" + userId + "')" };
2265
+ id = { filters: "(_id eq '" + id + "') and (owner eq '" + userId + "' " + objectPermissionEditFilters + ")" };
2266
+ }
2267
+ else if (_.isObject(id)) {
2268
+ if (id.filters && !_.isString(id.filters)) {
2269
+ id.filters = filters_1.formatFiltersToODataQuery(id.filters);
2270
+ }
2271
+ id.filters = id.filters ? "(" + id.filters + ") and (owner eq '" + userId + "' " + objectPermissionEditFilters + ")" : "(owner eq '" + userId + "' " + objectPermissionEditFilters + ")";
2272
+ }
2273
+ }
2274
+ else if (objectPermissionEditFilters) {
2275
+ if (_.isString(id)) {
2276
+ id = { filters: "(_id eq '" + id + "') and (" + objectPermissionEditFilters + ")" };
2131
2277
  }
2132
2278
  else if (_.isObject(id)) {
2133
2279
  if (id.filters && !_.isString(id.filters)) {
2134
2280
  id.filters = filters_1.formatFiltersToODataQuery(id.filters);
2135
2281
  }
2136
- id.filters = id.filters ? "(" + id.filters + ") and (owner eq '" + userId + "')" : "(owner eq '" + userId + "')";
2282
+ id.filters = id.filters ? "(" + id.filters + ") and (" + objectPermissionEditFilters + ")" : "(" + objectPermissionEditFilters + ")";
2137
2283
  }
2138
2284
  }
2139
2285
  args[args.length - 3] = id;
@@ -2157,20 +2303,36 @@ var SteedosObjectType = /** @class */ (function (_super) {
2157
2303
  }
2158
2304
  }
2159
2305
  else if (method === 'delete') {
2160
- if (!objPm.allowDelete) {
2306
+ permissionFilters = this.getObjectPermissionFilters(objPm, userSession, true);
2307
+ if (!objPm.allowDelete && _.isEmpty(permissionFilters)) {
2161
2308
  throw new Error("no " + method + " permission!");
2162
2309
  }
2310
+ objectPermissionEditFilters = '';
2311
+ if (!_.isEmpty(permissionFilters)) {
2312
+ objectPermissionEditFilters = " or (" + permissionFilters.join(' or ') + ")";
2313
+ }
2163
2314
  id = args[args.length - 2];
2164
2315
  if (!objPm.modifyAllRecords && objPm.modifyCompanyRecords) {
2165
2316
  companyFilters = _.map(userSession.companies, function (comp) {
2166
2317
  return "(company_id eq '" + comp._id + "') or (company_ids eq '" + comp._id + "')";
2167
2318
  }).join(' or ');
2168
2319
  if (companyFilters) {
2169
- id = { filters: "(_id eq '" + id + "') and (" + companyFilters + ")" };
2320
+ id = { filters: "(_id eq '" + id + "') and (" + companyFilters + objectPermissionEditFilters + ")" };
2170
2321
  }
2171
2322
  }
2172
2323
  else if (!objPm.modifyAllRecords && !objPm.modifyCompanyRecords) {
2173
- id = { filters: "(_id eq '" + id + "') and (owner eq '" + userId + "')" };
2324
+ id = { filters: "(_id eq '" + id + "') and (owner eq '" + userId + "'" + objectPermissionEditFilters + ")" };
2325
+ }
2326
+ else if (objectPermissionEditFilters) {
2327
+ if (_.isString(id)) {
2328
+ id = { filters: "(_id eq '" + id + "') and (" + objectPermissionEditFilters + ")" };
2329
+ }
2330
+ else if (_.isObject(id)) {
2331
+ if (id.filters && !_.isString(id.filters)) {
2332
+ id.filters = filters_1.formatFiltersToODataQuery(id.filters);
2333
+ }
2334
+ id.filters = id.filters ? "(" + id.filters + ") and (" + objectPermissionEditFilters + ")" : "(" + objectPermissionEditFilters + ")";
2335
+ }
2174
2336
  }
2175
2337
  args[args.length - 2] = id;
2176
2338
  }