@steedos/objectql 2.1.63 → 2.1.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -746,6 +746,8 @@ var SteedosObjectType = /** @class */ (function (_super) {
746
746
  uneditable_fields: null,
747
747
  unrelated_objects: null,
748
748
  field_permissions: null,
749
+ viewAssignCompanysRecords: [],
750
+ modifyAssignCompanysRecords: [],
749
751
  };
750
752
  if (_.isEmpty(roles)) {
751
753
  throw new Error('not find user permission');
@@ -758,6 +760,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
758
760
  if (rolePermission) {
759
761
  var roleFieldsPermission_1 = rolesFieldsPermission[role];
760
762
  _.each(userObjectPermission, function (v, k) {
763
+ var _a, _b;
761
764
  var _v = rolePermission[k];
762
765
  if (k === 'field_permissions') {
763
766
  _v = roleFieldsPermission_1;
@@ -782,6 +785,16 @@ var SteedosObjectType = /** @class */ (function (_super) {
782
785
  userObjectPermission[k].push(_v);
783
786
  }
784
787
  }
788
+ else if (['viewAssignCompanysRecords', 'modifyAssignCompanysRecords'].indexOf(k) > -1) {
789
+ if ('modifyAssignCompanysRecords' === k) {
790
+ if (!_.isEmpty(_v) && _.isArray(_v)) {
791
+ (_a = userObjectPermission['viewAssignCompanysRecords']).push.apply(_a, tslib_1.__spread(_v));
792
+ }
793
+ }
794
+ if (!_.isEmpty(_v) && _.isArray(_v)) {
795
+ (_b = userObjectPermission[k]).push.apply(_b, tslib_1.__spread(_v));
796
+ }
797
+ }
785
798
  else if ((_.isArray(v) || _.isNull(v))) {
786
799
  if (!_.isArray(_v)) {
787
800
  _v = [];
@@ -1806,29 +1819,42 @@ var SteedosObjectType = /** @class */ (function (_super) {
1806
1819
  });
1807
1820
  });
1808
1821
  };
1809
- // private async appendRecordPermission(records, userSession) {
1810
- // const _ids = _.pluck(records, '_id');
1811
- // const objPm = await this.getUserObjectPermission(userSession);
1812
- // const permissionFilters = this.getObjectPermissionFilters(objPm, userSession, true);
1813
- // if (_.isEmpty(permissionFilters)) {
1814
- // return;
1815
- // }
1816
- // const filters = formatFiltersToODataQuery(['_id', 'in', _ids])
1817
- // const results = await this.directFind({
1818
- // fields: ['_id'],
1819
- // filters: `(${filters}) and (${permissionFilters.join(' or ')})`
1820
- // });
1821
- // const allowEditIds = _.pluck(results, '_id');
1822
- // _.each(records, (record) => {
1823
- // if (_.include(allowEditIds, record._id)) {
1824
- // record.record_permissions = {
1825
- // allowRead: true,
1826
- // allowEdit: true,
1827
- // allowDelete: true,
1828
- // }
1829
- // }
1830
- // })
1831
- // }
1822
+ SteedosObjectType.prototype.appendRecordPermission = function (records, userSession) {
1823
+ return tslib_1.__awaiter(this, void 0, void 0, function () {
1824
+ var _ids, objPm, permissionFilters, filters, results, allowEditIds;
1825
+ return tslib_1.__generator(this, function (_a) {
1826
+ switch (_a.label) {
1827
+ case 0:
1828
+ _ids = _.pluck(records, '_id');
1829
+ return [4 /*yield*/, this.getUserObjectPermission(userSession)];
1830
+ case 1:
1831
+ objPm = _a.sent();
1832
+ permissionFilters = this.getObjectEditPermissionFilters(objPm, userSession);
1833
+ if (_.isEmpty(permissionFilters)) {
1834
+ return [2 /*return*/];
1835
+ }
1836
+ filters = filters_1.formatFiltersToODataQuery(['_id', 'in', _ids]);
1837
+ return [4 /*yield*/, this.directFind({
1838
+ fields: ['_id'],
1839
+ filters: "(" + filters + ") and (" + permissionFilters.join(' or ') + ")"
1840
+ })];
1841
+ case 2:
1842
+ results = _a.sent();
1843
+ allowEditIds = _.pluck(results, '_id');
1844
+ _.each(records, function (record) {
1845
+ if (_.include(allowEditIds, record._id)) {
1846
+ record.record_permissions = {
1847
+ allowRead: true,
1848
+ allowEdit: true,
1849
+ allowDelete: true,
1850
+ };
1851
+ }
1852
+ });
1853
+ return [2 /*return*/];
1854
+ }
1855
+ });
1856
+ });
1857
+ };
1832
1858
  SteedosObjectType.prototype.getTriggerContext = function (when, method, args, recordId) {
1833
1859
  return tslib_1.__awaiter(this, void 0, void 0, function () {
1834
1860
  var userSession, context, _a;
@@ -1918,7 +1944,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
1918
1944
  args[_i - 1] = arguments[_i];
1919
1945
  }
1920
1946
  return tslib_1.__awaiter(this, void 0, void 0, function () {
1921
- var adapterMethod, allow, objectName, recordId, doc, paramRecordId, returnValue, userSession, beforeTriggerContext, afterTriggerContext, previousDoc, values;
1947
+ var adapterMethod, allow, objectName, recordId, doc, paramRecordId, returnValue, userSession, beforeTriggerContext, afterTriggerContext, previousDoc, values, _records;
1922
1948
  return tslib_1.__generator(this, function (_a) {
1923
1949
  switch (_a.label) {
1924
1950
  case 0:
@@ -1961,7 +1987,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
1961
1987
  return [4 /*yield*/, adapterMethod.apply(this._datasource, args)];
1962
1988
  case 4:
1963
1989
  returnValue = _a.sent();
1964
- return [3 /*break*/, 21];
1990
+ return [3 /*break*/, 25];
1965
1991
  case 5:
1966
1992
  userSession = args[args.length - 1];
1967
1993
  return [4 /*yield*/, this.getTriggerContext('before', method, args)];
@@ -1987,40 +2013,43 @@ var SteedosObjectType = /** @class */ (function (_super) {
1987
2013
  return [4 /*yield*/, adapterMethod.apply(this._datasource, args)];
1988
2014
  case 10:
1989
2015
  returnValue = _a.sent();
1990
- if (method === 'find' || method == 'findOne' || method == 'count' || method == 'aggregate' || method == 'aggregatePrefixalPipeline') {
1991
- values = returnValue || {};
1992
- if (method === 'count') {
1993
- values = returnValue || 0;
1994
- }
1995
- // else{
1996
- // if (userSession) {
1997
- // let _records = returnValue
1998
- // if (method == 'findOne' && returnValue) {
1999
- // _records = [_records]
2000
- // }
2001
- // await this.appendRecordPermission(_records, userSession);
2002
- // }
2003
- // }
2004
- Object.assign(afterTriggerContext, { data: { values: values } });
2016
+ if (!(method === 'find' || method == 'findOne' || method == 'count' || method == 'aggregate' || method == 'aggregatePrefixalPipeline')) return [3 /*break*/, 14];
2017
+ values = returnValue || {};
2018
+ if (!(method === 'count')) return [3 /*break*/, 11];
2019
+ values = returnValue || 0;
2020
+ return [3 /*break*/, 13];
2021
+ case 11:
2022
+ if (!userSession) return [3 /*break*/, 13];
2023
+ _records = returnValue;
2024
+ if (method == 'findOne' && returnValue) {
2025
+ _records = [_records];
2005
2026
  }
2027
+ return [4 /*yield*/, this.appendRecordPermission(_records, userSession)];
2028
+ case 12:
2029
+ _a.sent();
2030
+ _a.label = 13;
2031
+ case 13:
2032
+ Object.assign(afterTriggerContext, { data: { values: values } });
2033
+ _a.label = 14;
2034
+ case 14:
2006
2035
  // console.log("==returnValue==", returnValue);
2007
2036
  if (method == 'insert' && _.has(returnValue, '_id')) {
2008
2037
  afterTriggerContext.doc = returnValue;
2009
2038
  afterTriggerContext = Object.assign({}, afterTriggerContext, { id: returnValue._id });
2010
2039
  }
2011
- if (!(method == "update")) return [3 /*break*/, 13];
2012
- if (!returnValue) return [3 /*break*/, 12];
2040
+ if (!(method == "update")) return [3 /*break*/, 17];
2041
+ if (!returnValue) return [3 /*break*/, 16];
2013
2042
  afterTriggerContext.doc = returnValue;
2014
2043
  return [4 /*yield*/, this.runAfterTriggers(method, afterTriggerContext)];
2015
- case 11:
2044
+ case 15:
2016
2045
  _a.sent();
2017
- _a.label = 12;
2018
- case 12: return [3 /*break*/, 15];
2019
- case 13: return [4 /*yield*/, this.runAfterTriggers(method, afterTriggerContext)];
2020
- case 14:
2046
+ _a.label = 16;
2047
+ case 16: return [3 /*break*/, 19];
2048
+ case 17: return [4 /*yield*/, this.runAfterTriggers(method, afterTriggerContext)];
2049
+ case 18:
2021
2050
  _a.sent();
2022
- _a.label = 15;
2023
- case 15:
2051
+ _a.label = 19;
2052
+ case 19:
2024
2053
  if (method === 'find' || method == 'findOne' || method == 'count' || method == 'aggregate' || method == 'aggregatePrefixalPipeline') {
2025
2054
  if (_.isEmpty(afterTriggerContext.data) || (_.isEmpty(afterTriggerContext.data.values) && !_.isNumber(afterTriggerContext.data.values))) {
2026
2055
  return [2 /*return*/, returnValue];
@@ -2036,9 +2065,9 @@ var SteedosObjectType = /** @class */ (function (_super) {
2036
2065
  user_session: userSession,
2037
2066
  previous_record: afterTriggerContext.previousDoc
2038
2067
  }).run()];
2039
- case 16:
2068
+ case 20:
2040
2069
  _a.sent();
2041
- if (!returnValue) return [3 /*break*/, 19];
2070
+ if (!returnValue) return [3 /*break*/, 23];
2042
2071
  if (method === "insert") {
2043
2072
  // 当为insert时,上面代码执行后的doc不带_id,只能从returnValue中取
2044
2073
  doc = returnValue;
@@ -2046,18 +2075,18 @@ var SteedosObjectType = /** @class */ (function (_super) {
2046
2075
  }
2047
2076
  // 一定要先运行公式再运行汇总,以下两个函数顺序不能反
2048
2077
  return [4 /*yield*/, this.runRecordFormula(method, objectName, recordId, doc, userSession)];
2049
- case 17:
2078
+ case 21:
2050
2079
  // 一定要先运行公式再运行汇总,以下两个函数顺序不能反
2051
2080
  _a.sent();
2052
2081
  return [4 /*yield*/, this.runRecordSummaries(method, objectName, recordId, doc, previousDoc, userSession)];
2053
- case 18:
2082
+ case 22:
2054
2083
  _a.sent();
2055
- _a.label = 19;
2056
- case 19: return [4 /*yield*/, object_events_1.brokeEmitEvents(objectName, method, afterTriggerContext)];
2057
- case 20:
2084
+ _a.label = 23;
2085
+ case 23: return [4 /*yield*/, object_events_1.brokeEmitEvents(objectName, method, afterTriggerContext)];
2086
+ case 24:
2058
2087
  _a.sent();
2059
- _a.label = 21;
2060
- case 21: return [2 /*return*/, returnValue];
2088
+ _a.label = 25;
2089
+ case 25: return [2 /*return*/, returnValue];
2061
2090
  }
2062
2091
  });
2063
2092
  });
@@ -2112,28 +2141,13 @@ var SteedosObjectType = /** @class */ (function (_super) {
2112
2141
  });
2113
2142
  });
2114
2143
  };
2115
- // private getObjectPermissionFilters(objectPermission, userSession, isEdit) {
2116
- // const objectPermissionFilters = [];
2117
- // let permissionFiltersKey = 'read_filters';
2118
- // if (isEdit) {
2119
- // permissionFiltersKey = 'edit_filters';
2120
- // }
2121
- // const globalData = Object.assign({}, userSession, { now: new Date() });
2122
- // let permissionFilters = objectPermission[permissionFiltersKey];
2123
- // _.each(permissionFilters, (permissionFilter) => {
2124
- // if (_.isString(permissionFilter) && isExpression(permissionFilter.trim())) {
2125
- // try {
2126
- // const filters = parseSingleExpression(permissionFilter, {}, "#", globalData);
2127
- // if (filters && !_.isString(filters)) {
2128
- // objectPermissionFilters.push(`(${formatFiltersToODataQuery(filters, userSession)})`)
2129
- // }
2130
- // } catch (error) {
2131
- // console.error(`getObjectPermissionFilters error`, permissionFilter, error.message);
2132
- // }
2133
- // }
2134
- // })
2135
- // return objectPermissionFilters;
2136
- // }
2144
+ SteedosObjectType.prototype.getObjectEditPermissionFilters = function (objectPermission, userSession) {
2145
+ var objectPermissionFilters = [];
2146
+ if (!_.isEmpty(objectPermission.modifyAssignCompanysRecords)) {
2147
+ objectPermissionFilters.push("(" + filters_1.formatFiltersToODataQuery([['company_id', 'in', objectPermission.modifyAssignCompanysRecords], 'or', ['company_ids', 'in', objectPermission.modifyAssignCompanysRecords]], userSession) + ")");
2148
+ }
2149
+ return objectPermissionFilters;
2150
+ };
2137
2151
  /**
2138
2152
  * 把query.filters用formatFiltersToODataQuery转为odata query
2139
2153
  * 主要是为了把userSession中的utcOffset逻辑传入formatFiltersToODataQuery函数处理
@@ -2154,7 +2168,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
2154
2168
  };
2155
2169
  SteedosObjectType.prototype.dealWithMethodPermission = function (method, args) {
2156
2170
  return tslib_1.__awaiter(this, void 0, void 0, function () {
2157
- var userSession, spaceId, userId, objPm, query, spaceFilter, companyFilter, ownerFilter, sharesFilter, shareRuleFilters, restrictionRuleFilters, clientFilter, filters, permissionFilters, userFilters, permissionFilters, objectPermissionEditFilters, id, companyFilters, queryFilters, companyFilters, permissionFilters, objectPermissionEditFilters, id, companyFilters;
2171
+ var userSession, spaceId, userId, objPm, query, spaceFilter, companyFilter, ownerFilter, sharesFilter, shareRuleFilters, restrictionRuleFilters, clientFilter, filters, permissionFilters, userFilters, viewAssignCompanysRecordsFilter_1, permissionFilters, objectPermissionEditFilters, id, companyFilters, queryFilters, companyFilters, permissionFilters, objectPermissionEditFilters, id, companyFilters;
2158
2172
  return tslib_1.__generator(this, function (_a) {
2159
2173
  switch (_a.label) {
2160
2174
  case 0:
@@ -2180,10 +2194,12 @@ var SteedosObjectType = /** @class */ (function (_super) {
2180
2194
  return [2 /*return*/];
2181
2195
  }
2182
2196
  spaceFilter = void 0, companyFilter = void 0, ownerFilter = void 0, sharesFilter = void 0, shareRuleFilters = void 0, restrictionRuleFilters = void 0, clientFilter = query.filters, filters = void 0, permissionFilters = [], userFilters = [];
2197
+ //space 权限
2183
2198
  if (spaceId) {
2184
2199
  spaceFilter = "(space eq '" + spaceId + "')";
2185
2200
  }
2186
- if (spaceId && !objPm.viewAllRecords && objPm.viewCompanyRecords) { // 公司级
2201
+ // 本公司权限
2202
+ if (spaceId && !objPm.viewAllRecords && objPm.viewCompanyRecords) {
2187
2203
  if (_.isEmpty(userSession.companies)) {
2188
2204
  console.log('objPm', objPm);
2189
2205
  throw new Error("user not belong any company!");
@@ -2195,14 +2211,25 @@ var SteedosObjectType = /** @class */ (function (_super) {
2195
2211
  if (!objPm.viewAllRecords && !objPm.viewCompanyRecords && objPm.allowRead) { // owner
2196
2212
  ownerFilter = "(owner eq '" + userId + "')";
2197
2213
  }
2214
+ viewAssignCompanysRecordsFilter_1 = [];
2215
+ if (objPm.viewAssignCompanysRecords) {
2216
+ _.each(objPm.viewAssignCompanysRecords, function (assignCompanyId) {
2217
+ viewAssignCompanysRecordsFilter_1.push("((company_id eq '" + assignCompanyId + "') or (company_ids eq '" + assignCompanyId + "'))");
2218
+ });
2219
+ }
2220
+ if (!_.isEmpty(viewAssignCompanysRecordsFilter_1)) {
2221
+ permissionFilters.push("(" + viewAssignCompanysRecordsFilter_1.join(' or ') + ")");
2222
+ }
2198
2223
  return [4 /*yield*/, shareRule_1.ShareRules.getUserObjectFilters(this.name, userSession)];
2199
2224
  case 2:
2225
+ //共享规则
2200
2226
  shareRuleFilters = _a.sent();
2201
2227
  if (!_.isEmpty(shareRuleFilters)) {
2202
2228
  permissionFilters.push("(" + shareRuleFilters.join(' or ') + ")");
2203
2229
  }
2204
2230
  return [4 /*yield*/, restrictionRule_1.RestrictionRule.getUserObjectFilters(this.name, userSession)];
2205
2231
  case 3:
2232
+ // 限制规则
2206
2233
  restrictionRuleFilters = _a.sent();
2207
2234
  if (!_.isEmpty(restrictionRuleFilters)) {
2208
2235
  userFilters.push("(" + restrictionRuleFilters.join(' or ') + ")");
@@ -2211,6 +2238,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
2211
2238
  // if (!_.isEmpty(objectPermissionFilters)) {
2212
2239
  // permissionFilters.push(`(${objectPermissionFilters.join(' or ')})`);
2213
2240
  // }
2241
+ //共享规则(旧)
2214
2242
  sharesFilter = util_1.getUserObjectSharesFilters(this.name, userSession);
2215
2243
  if (!_.isEmpty(companyFilter)) {
2216
2244
  permissionFilters.push("(" + companyFilter.join(' and ') + ")");
@@ -2242,7 +2270,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
2242
2270
  }
2243
2271
  }
2244
2272
  else if (method === 'update' || method === 'updateOne') {
2245
- permissionFilters = null;
2273
+ permissionFilters = this.getObjectEditPermissionFilters(objPm, userSession);
2246
2274
  if (!objPm.allowEdit && _.isEmpty(permissionFilters)) {
2247
2275
  throw new Error("no " + method + " permission!");
2248
2276
  }
@@ -2310,7 +2338,7 @@ var SteedosObjectType = /** @class */ (function (_super) {
2310
2338
  }
2311
2339
  }
2312
2340
  else if (method === 'delete') {
2313
- permissionFilters = null;
2341
+ permissionFilters = this.getObjectEditPermissionFilters(objPm, userSession);
2314
2342
  if (!objPm.allowDelete && _.isEmpty(permissionFilters)) {
2315
2343
  throw new Error("no " + method + " permission!");
2316
2344
  }