@steedos/objectql 2.1.63 → 2.1.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -639,6 +639,8 @@ export class SteedosObjectType extends SteedosObjectProperties {
639
639
  uneditable_fields: null,
640
640
  unrelated_objects: null,
641
641
  field_permissions: null,
642
+ viewAssignCompanysRecords: [],
643
+ modifyAssignCompanysRecords: [],
642
644
  // read_filters: [],
643
645
  // edit_filters: []
644
646
  }
@@ -675,6 +677,15 @@ export class SteedosObjectType extends SteedosObjectProperties {
675
677
  if (!_.isEmpty(_v)) {
676
678
  userObjectPermission[k].push(_v);
677
679
  }
680
+ } else if (['viewAssignCompanysRecords', 'modifyAssignCompanysRecords'].indexOf(k) > -1) {
681
+ if ('modifyAssignCompanysRecords' === k) {
682
+ if (!_.isEmpty(_v) && _.isArray(_v)) {
683
+ userObjectPermission['viewAssignCompanysRecords'].push(..._v);
684
+ }
685
+ }
686
+ if (!_.isEmpty(_v) && _.isArray(_v)) {
687
+ userObjectPermission[k].push(..._v);
688
+ }
678
689
  }
679
690
  else if ((_.isArray(v) || _.isNull(v))) {
680
691
  if (!_.isArray(_v)) {
@@ -1324,31 +1335,31 @@ export class SteedosObjectType extends SteedosObjectProperties {
1324
1335
  return await this.runTriggerActions(when, context)
1325
1336
  }
1326
1337
 
1327
- // private async appendRecordPermission(records, userSession) {
1328
- // const _ids = _.pluck(records, '_id');
1329
- // const objPm = await this.getUserObjectPermission(userSession);
1330
- // const permissionFilters = this.getObjectPermissionFilters(objPm, userSession, true);
1331
- // if (_.isEmpty(permissionFilters)) {
1332
- // return;
1333
- // }
1334
- // const filters = formatFiltersToODataQuery(['_id', 'in', _ids])
1335
-
1336
- // const results = await this.directFind({
1337
- // fields: ['_id'],
1338
- // filters: `(${filters}) and (${permissionFilters.join(' or ')})`
1339
- // });
1340
- // const allowEditIds = _.pluck(results, '_id');
1341
- // _.each(records, (record) => {
1342
- // if (_.include(allowEditIds, record._id)) {
1343
- // record.record_permissions = {
1344
- // allowRead: true,
1345
- // allowEdit: true,
1346
- // allowDelete: true,
1347
- // }
1348
- // }
1349
- // })
1350
-
1351
- // }
1338
+ private async appendRecordPermission(records, userSession) {
1339
+ const _ids = _.pluck(records, '_id');
1340
+ const objPm = await this.getUserObjectPermission(userSession);
1341
+ const permissionFilters = this.getObjectEditPermissionFilters(objPm, userSession);
1342
+ if (_.isEmpty(permissionFilters)) {
1343
+ return;
1344
+ }
1345
+ const filters = formatFiltersToODataQuery(['_id', 'in', _ids])
1346
+
1347
+ const results = await this.directFind({
1348
+ fields: ['_id'],
1349
+ filters: `(${filters}) and (${permissionFilters.join(' or ')})`
1350
+ });
1351
+ const allowEditIds = _.pluck(results, '_id');
1352
+ _.each(records, (record) => {
1353
+ if (_.include(allowEditIds, record._id)) {
1354
+ record.record_permissions = {
1355
+ allowRead: true,
1356
+ allowEdit: true,
1357
+ allowDelete: true,
1358
+ }
1359
+ }
1360
+ })
1361
+
1362
+ }
1352
1363
 
1353
1364
  private async getTriggerContext(when: string, method: string, args: any[], recordId?: string) {
1354
1365
 
@@ -1501,15 +1512,15 @@ export class SteedosObjectType extends SteedosObjectProperties {
1501
1512
  if (method === 'count') {
1502
1513
  values = returnValue || 0
1503
1514
  }
1504
- // else{
1505
- // if (userSession) {
1506
- // let _records = returnValue
1507
- // if (method == 'findOne' && returnValue) {
1508
- // _records = [_records]
1509
- // }
1510
- // await this.appendRecordPermission(_records, userSession);
1511
- // }
1512
- // }
1515
+ else {
1516
+ if (userSession) {
1517
+ let _records = returnValue
1518
+ if (method == 'findOne' && returnValue) {
1519
+ _records = [_records]
1520
+ }
1521
+ await this.appendRecordPermission(_records, userSession);
1522
+ }
1523
+ }
1513
1524
  Object.assign(afterTriggerContext, { data: { values: values } })
1514
1525
  }
1515
1526
  // console.log("==returnValue==", returnValue);
@@ -1587,32 +1598,13 @@ export class SteedosObjectType extends SteedosObjectProperties {
1587
1598
  }
1588
1599
  }
1589
1600
 
1590
- // private getObjectPermissionFilters(objectPermission, userSession, isEdit) {
1591
- // const objectPermissionFilters = [];
1592
-
1593
- // let permissionFiltersKey = 'read_filters';
1594
- // if (isEdit) {
1595
- // permissionFiltersKey = 'edit_filters';
1596
- // }
1597
-
1598
- // const globalData = Object.assign({}, userSession, { now: new Date() });
1599
-
1600
- // let permissionFilters = objectPermission[permissionFiltersKey];
1601
-
1602
- // _.each(permissionFilters, (permissionFilter) => {
1603
- // if (_.isString(permissionFilter) && isExpression(permissionFilter.trim())) {
1604
- // try {
1605
- // const filters = parseSingleExpression(permissionFilter, {}, "#", globalData);
1606
- // if (filters && !_.isString(filters)) {
1607
- // objectPermissionFilters.push(`(${formatFiltersToODataQuery(filters, userSession)})`)
1608
- // }
1609
- // } catch (error) {
1610
- // console.error(`getObjectPermissionFilters error`, permissionFilter, error.message);
1611
- // }
1612
- // }
1613
- // })
1614
- // return objectPermissionFilters;
1615
- // }
1601
+ private getObjectEditPermissionFilters(objectPermission, userSession) {
1602
+ const objectPermissionFilters = [];
1603
+ if (!_.isEmpty(objectPermission.modifyAssignCompanysRecords)) {
1604
+ objectPermissionFilters.push(`(${formatFiltersToODataQuery([['company_id', 'in', objectPermission.modifyAssignCompanysRecords], 'or', ['company_ids', 'in', objectPermission.modifyAssignCompanysRecords]], userSession)})`)
1605
+ }
1606
+ return objectPermissionFilters;
1607
+ }
1616
1608
 
1617
1609
  /**
1618
1610
  * 把query.filters用formatFiltersToODataQuery转为odata query
@@ -1658,11 +1650,13 @@ export class SteedosObjectType extends SteedosObjectProperties {
1658
1650
 
1659
1651
  let spaceFilter, companyFilter, ownerFilter, sharesFilter, shareRuleFilters, restrictionRuleFilters, clientFilter = query.filters, filters, permissionFilters = [], userFilters = [];
1660
1652
 
1653
+ //space 权限
1661
1654
  if (spaceId) {
1662
1655
  spaceFilter = `(space eq '${spaceId}')`;
1663
1656
  }
1664
1657
 
1665
- if (spaceId && !objPm.viewAllRecords && objPm.viewCompanyRecords) { // 公司级
1658
+ // 本公司权限
1659
+ if (spaceId && !objPm.viewAllRecords && objPm.viewCompanyRecords) {
1666
1660
  if (_.isEmpty(userSession.companies)) {
1667
1661
  console.log('objPm', objPm);
1668
1662
  throw new Error("user not belong any company!");
@@ -1676,12 +1670,25 @@ export class SteedosObjectType extends SteedosObjectProperties {
1676
1670
  ownerFilter = `(owner eq '${userId}')`;
1677
1671
  }
1678
1672
 
1673
+ // 指定公司权限
1674
+ let viewAssignCompanysRecordsFilter = [];
1675
+ if (objPm.viewAssignCompanysRecords) {
1676
+ _.each(objPm.viewAssignCompanysRecords, (assignCompanyId) => {
1677
+ viewAssignCompanysRecordsFilter.push(`((company_id eq '${assignCompanyId}') or (company_ids eq '${assignCompanyId}'))`)
1678
+ })
1679
+ }
1680
+ if (!_.isEmpty(viewAssignCompanysRecordsFilter)) {
1681
+ permissionFilters.push(`(${viewAssignCompanysRecordsFilter.join(' or ')})`);
1682
+ }
1683
+
1684
+ //共享规则
1679
1685
  shareRuleFilters = await ShareRules.getUserObjectFilters(this.name, userSession);
1680
1686
 
1681
1687
  if (!_.isEmpty(shareRuleFilters)) {
1682
1688
  permissionFilters.push(`(${shareRuleFilters.join(' or ')})`);
1683
1689
  }
1684
1690
 
1691
+ // 限制规则
1685
1692
  restrictionRuleFilters = await RestrictionRule.getUserObjectFilters(this.name, userSession);
1686
1693
 
1687
1694
  if (!_.isEmpty(restrictionRuleFilters)) {
@@ -1693,6 +1700,7 @@ export class SteedosObjectType extends SteedosObjectProperties {
1693
1700
  // permissionFilters.push(`(${objectPermissionFilters.join(' or ')})`);
1694
1701
  // }
1695
1702
 
1703
+ //共享规则(旧)
1696
1704
  sharesFilter = getUserObjectSharesFilters(this.name, userSession);
1697
1705
 
1698
1706
  if (!_.isEmpty(companyFilter)) {
@@ -1731,7 +1739,7 @@ export class SteedosObjectType extends SteedosObjectProperties {
1731
1739
  }
1732
1740
  }
1733
1741
  else if (method === 'update' || method === 'updateOne') {
1734
- const permissionFilters = null; //this.getObjectPermissionFilters(objPm, userSession, true);
1742
+ const permissionFilters = this.getObjectEditPermissionFilters(objPm, userSession);
1735
1743
  if (!objPm.allowEdit && _.isEmpty(permissionFilters)) {
1736
1744
  throw new Error(`no ${method} permission!`);
1737
1745
  }
@@ -1798,7 +1806,7 @@ export class SteedosObjectType extends SteedosObjectProperties {
1798
1806
  }
1799
1807
  }
1800
1808
  else if (method === 'delete') {
1801
- const permissionFilters = null; //this.getObjectPermissionFilters(objPm, userSession, true);
1809
+ const permissionFilters = this.getObjectEditPermissionFilters(objPm, userSession);
1802
1810
  if (!objPm.allowDelete && _.isEmpty(permissionFilters)) {
1803
1811
  throw new Error(`no ${method} permission!`);
1804
1812
  }
@@ -23,6 +23,8 @@ abstract class SteedosObjectPermissionTypeProperties {
23
23
  uneditable_fields?: string[]
24
24
  unrelated_objects?: string[]
25
25
  field_permissions?: any
26
+ viewAssignCompanysRecords?: string[]
27
+ modifyAssignCompanysRecords?: string[]
26
28
  }
27
29
 
28
30
  export interface SteedosObjectPermissionTypeConfig extends SteedosObjectPermissionTypeProperties { }
@@ -72,6 +74,15 @@ export class SteedosObjectPermissionType extends SteedosObjectPermissionTypeProp
72
74
  this.allowRead = true;
73
75
  }
74
76
 
77
+ if (!_.isEmpty(this.viewAssignCompanysRecords)) {
78
+ this.allowRead = true;
79
+ }
80
+
81
+ if (!_.isEmpty(this.modifyAssignCompanysRecords)) {
82
+ this.allowRead = true;
83
+ this.allowEdit = true;
84
+ }
85
+
75
86
  if (this.allowRead) {
76
87
  typeof this.allowReadFiles !== "boolean" && (this.allowReadFiles = true);
77
88
  typeof this.viewAllFiles !== "boolean" && (this.viewAllFiles = true);