@steedos/service-metadata-server 3.0.0-beta.114 → 3.0.0-beta.116
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -2,11 +2,21 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
const tslib_1 = require("tslib");
|
|
4
4
|
const _ = require("lodash");
|
|
5
|
-
const metadataService = require(
|
|
6
|
-
const SERVICE_NAME =
|
|
7
|
-
const METADATA_TYPE =
|
|
5
|
+
const metadataService = require("./metadataService");
|
|
6
|
+
const SERVICE_NAME = "permission_fields";
|
|
7
|
+
const METADATA_TYPE = "permission_fields";
|
|
8
8
|
const objectql = require("@steedos/objectql");
|
|
9
|
-
const systemFields = [
|
|
9
|
+
const systemFields = [
|
|
10
|
+
"owner",
|
|
11
|
+
"created",
|
|
12
|
+
"created_by",
|
|
13
|
+
"modified",
|
|
14
|
+
"modified_by",
|
|
15
|
+
"locked",
|
|
16
|
+
"company_id",
|
|
17
|
+
"company_ids",
|
|
18
|
+
"instance_state",
|
|
19
|
+
];
|
|
10
20
|
function getFieldPermission(apiName) {
|
|
11
21
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
12
22
|
const schema = objectql.getSteedosSchema();
|
|
@@ -15,7 +25,8 @@ function getFieldPermission(apiName) {
|
|
|
15
25
|
});
|
|
16
26
|
}
|
|
17
27
|
const getFieldDefaultEditable = (field) => {
|
|
18
|
-
if (_.includes(systemFields, field.name) &&
|
|
28
|
+
if (_.includes(systemFields, field.name) &&
|
|
29
|
+
(field.omit || field.hidden || field.readonly || field.disabled)) {
|
|
19
30
|
return false;
|
|
20
31
|
}
|
|
21
32
|
if (field.omit || field.hidden || field.readonly || field.disabled) {
|
|
@@ -36,33 +47,53 @@ module.exports = {
|
|
|
36
47
|
name: SERVICE_NAME,
|
|
37
48
|
mixins: [metadataService],
|
|
38
49
|
settings: {
|
|
39
|
-
metadataType: METADATA_TYPE
|
|
50
|
+
metadataType: METADATA_TYPE,
|
|
40
51
|
},
|
|
41
52
|
methods: {
|
|
42
53
|
resetFieldPermissions: {
|
|
43
54
|
handler(permissionObjectId, userSession) {
|
|
44
55
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
45
|
-
const record = yield objectql
|
|
56
|
+
const record = yield objectql
|
|
57
|
+
.getObject("permission_objects")
|
|
58
|
+
.findOne(permissionObjectId);
|
|
46
59
|
if (!record) {
|
|
47
60
|
return;
|
|
48
61
|
}
|
|
49
|
-
const permissionSet = yield objectql
|
|
50
|
-
|
|
62
|
+
const permissionSet = yield objectql
|
|
63
|
+
.getObject("permission_set")
|
|
64
|
+
.findOne(record.permission_set_id);
|
|
65
|
+
const fields = yield objectql
|
|
66
|
+
.getObject("object_fields")
|
|
67
|
+
.find({ filters: [["object", "=", record.object_name]] });
|
|
51
68
|
const now = new Date();
|
|
52
69
|
for (const field of fields) {
|
|
53
|
-
const result = yield objectql
|
|
70
|
+
const result = yield objectql
|
|
71
|
+
.getObject("permission_fields")
|
|
72
|
+
.directFind({
|
|
73
|
+
filters: [
|
|
74
|
+
["permission_set_id", "=", permissionSet.name],
|
|
75
|
+
["permission_object", "=", record.name],
|
|
76
|
+
["object_name", "=", record.object_name],
|
|
77
|
+
["field", "=", field.name],
|
|
78
|
+
["is_system", "!=", true],
|
|
79
|
+
],
|
|
80
|
+
});
|
|
54
81
|
const count = result.length;
|
|
55
82
|
if (count == 0) {
|
|
56
|
-
const apiName = `${permissionSet.name}
|
|
83
|
+
const apiName = `${permissionSet.name}_${record.object_name}_${field.name}`;
|
|
57
84
|
const fieldPermission = yield getFieldPermission(apiName);
|
|
58
|
-
yield objectql.getObject(
|
|
85
|
+
yield objectql.getObject("permission_fields").directInsert({
|
|
59
86
|
name: apiName,
|
|
60
87
|
permission_set_id: permissionSet.name,
|
|
61
88
|
permission_object: record.name,
|
|
62
89
|
object_name: record.object_name,
|
|
63
90
|
field: field.name,
|
|
64
|
-
editable: fieldPermission
|
|
65
|
-
|
|
91
|
+
editable: fieldPermission
|
|
92
|
+
? fieldPermission.editable
|
|
93
|
+
: getFieldDefaultEditable(field),
|
|
94
|
+
readable: fieldPermission
|
|
95
|
+
? fieldPermission.readable
|
|
96
|
+
: getFieldDefaultReadable(field),
|
|
66
97
|
owner: userSession.userId,
|
|
67
98
|
space: userSession.spaceId,
|
|
68
99
|
created: now,
|
|
@@ -70,23 +101,32 @@ module.exports = {
|
|
|
70
101
|
created_by: userSession.userId,
|
|
71
102
|
modified_by: userSession.userId,
|
|
72
103
|
company_id: userSession.company_id,
|
|
73
|
-
company_ids: userSession.company_ids
|
|
104
|
+
company_ids: userSession.company_ids,
|
|
74
105
|
});
|
|
75
106
|
}
|
|
76
107
|
}
|
|
77
|
-
const fieldsPermission = yield objectql
|
|
78
|
-
|
|
79
|
-
|
|
108
|
+
const fieldsPermission = yield objectql
|
|
109
|
+
.getObject("permission_fields")
|
|
110
|
+
.find({
|
|
111
|
+
filters: [
|
|
112
|
+
["permission_set_id", "=", permissionSet.name],
|
|
113
|
+
["object_name", "=", record.object_name],
|
|
114
|
+
],
|
|
115
|
+
});
|
|
116
|
+
const allFields = _.map(fieldsPermission, "field");
|
|
117
|
+
const objectFields = _.map(fields, "name");
|
|
80
118
|
const diffFields = _.difference(allFields, objectFields);
|
|
81
119
|
for (const diffField of diffFields) {
|
|
82
120
|
const fieldPermission = _.find(fieldsPermission, (fp) => {
|
|
83
121
|
return fp.field == diffField;
|
|
84
122
|
});
|
|
85
|
-
yield objectql
|
|
123
|
+
yield objectql
|
|
124
|
+
.getObject("permission_fields")
|
|
125
|
+
.delete(fieldPermission._id);
|
|
86
126
|
}
|
|
87
127
|
});
|
|
88
|
-
}
|
|
89
|
-
}
|
|
128
|
+
},
|
|
129
|
+
},
|
|
90
130
|
},
|
|
91
131
|
actions: {
|
|
92
132
|
resetFieldPermissions: {
|
|
@@ -96,20 +136,22 @@ module.exports = {
|
|
|
96
136
|
const { permissionObjectId } = ctx.params;
|
|
97
137
|
return yield this.resetFieldPermissions(permissionObjectId, userSession);
|
|
98
138
|
});
|
|
99
|
-
}
|
|
139
|
+
},
|
|
100
140
|
},
|
|
101
141
|
resetAllPermissionSetFieldPermissions: {
|
|
102
142
|
handler(ctx) {
|
|
103
143
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
104
144
|
const userSession = ctx.meta.user;
|
|
105
145
|
const { objectName } = ctx.params;
|
|
106
|
-
const records = yield objectql
|
|
146
|
+
const records = yield objectql
|
|
147
|
+
.getObject("permission_objects")
|
|
148
|
+
.directFind({ filters: [["object_name", "=", objectName]] });
|
|
107
149
|
for (const record of records) {
|
|
108
150
|
yield this.resetFieldPermissions(record._id, userSession);
|
|
109
151
|
}
|
|
110
152
|
});
|
|
111
|
-
}
|
|
112
|
-
}
|
|
113
|
-
}
|
|
153
|
+
},
|
|
154
|
+
},
|
|
155
|
+
},
|
|
114
156
|
};
|
|
115
157
|
//# sourceMappingURL=permissionFieldsService.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissionFieldsService.js","sourceRoot":"","sources":["../src/permissionFieldsService.ts"],"names":[],"mappings":";;;AAAA,4BAA4B;AAC5B,MAAM,eAAe,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AACrD,MAAM,YAAY,GAAG,mBAAmB,CAAC;AACzC,MAAM,aAAa,GAAG,mBAAmB,CAAC;AAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAE9C,MAAM,YAAY,GAAG,
|
|
1
|
+
{"version":3,"file":"permissionFieldsService.js","sourceRoot":"","sources":["../src/permissionFieldsService.ts"],"names":[],"mappings":";;;AAAA,4BAA4B;AAC5B,MAAM,eAAe,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AACrD,MAAM,YAAY,GAAG,mBAAmB,CAAC;AACzC,MAAM,aAAa,GAAG,mBAAmB,CAAC;AAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAE9C,MAAM,YAAY,GAAG;IACnB,OAAO;IACP,SAAS;IACT,YAAY;IACZ,UAAU;IACV,aAAa;IACb,QAAQ;IACR,YAAY;IACZ,aAAa;IACb,gBAAgB;CACjB,CAAC;AAEF,SAAe,kBAAkB,CAAC,OAAO;;QACvC,MAAM,MAAM,GAAG,QAAQ,CAAC,gBAAgB,EAAE,CAAC;QAC3C,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,wBAAwB,CAAC,GAAG,CACxD,MAAM,CAAC,MAAM,EACb,OAAO,CACR,CAAC;QACF,OAAO,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IACzC,CAAC;CAAA;AAED,MAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE,EAAE;IACxC,IACE,CAAC,CAAC,QAAQ,CAAC,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC;QACpC,CAAC,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,EAChE,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QACnE,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE,EAAE;IACxC,IAAI,CAAC,CAAC,QAAQ,CAAC,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QAC1D,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,CAAC,OAAO,GAAG;IACf,IAAI,EAAE,YAAY;IAClB,MAAM,EAAE,CAAC,eAAe,CAAC;IACzB,QAAQ,EAAE;QACR,YAAY,EAAE,aAAa;KAC5B;IACD,OAAO,EAAE;QACP,qBAAqB,EAAE;YACf,OAAO,CAAC,kBAA0B,EAAE,WAAgB;;oBACxD,MAAM,MAAM,GAAG,MAAM,QAAQ;yBAC1B,SAAS,CAAC,oBAAoB,CAAC;yBAC/B,OAAO,CAAC,kBAAkB,CAAC,CAAC;oBAC/B,IAAI,CAAC,MAAM,EAAE,CAAC;wBACZ,OAAO;oBACT,CAAC;oBACD,MAAM,aAAa,GAAG,MAAM,QAAQ;yBACjC,SAAS,CAAC,gBAAgB,CAAC;yBAC3B,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;oBAErC,MAAM,MAAM,GAAG,MAAM,QAAQ;yBAC1B,SAAS,CAAC,eAAe,CAAC;yBAC1B,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,CAAC;oBAC5D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;wBAC3B,MAAM,MAAM,GAAG,MAAM,QAAQ;6BAC1B,SAAS,CAAC,mBAAmB,CAAC;6BAC9B,UAAU,CAAC;4BACV,OAAO,EAAE;gCACP,CAAC,mBAAmB,EAAE,GAAG,EAAE,aAAa,CAAC,IAAI,CAAC;gCAC9C,CAAC,mBAAmB,EAAE,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC;gCACvC,CAAC,aAAa,EAAE,GAAG,EAAE,MAAM,CAAC,WAAW,CAAC;gCACxC,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC;gCAC1B,CAAC,WAAW,EAAE,IAAI,EAAE,IAAI,CAAC;6BAC1B;yBACF,CAAC,CAAC;wBACL,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC;wBAC5B,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;4BACf,MAAM,OAAO,GAAG,GAAG,aAAa,CAAC,IAAI,IAAI,MAAM,CAAC,WAAW,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;4BAC5E,MAAM,eAAe,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;4BAC1D,MAAM,QAAQ,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC;gCACzD,IAAI,EAAE,OAAO;gCACb,iBAAiB,EAAE,aAAa,CAAC,IAAI;gCACrC,iBAAiB,EAAE,MAAM,CAAC,IAAI;gCAC9B,WAAW,EAAE,MAAM,CAAC,WAAW;gCAC/B,KAAK,EAAE,KAAK,CAAC,IAAI;gCACjB,QAAQ,EAAE,eAAe;oCACvB,CAAC,CAAC,eAAe,CAAC,QAAQ;oCAC1B,CAAC,CAAC,uBAAuB,CAAC,KAAK,CAAC;gCAClC,QAAQ,EAAE,eAAe;oCACvB,CAAC,CAAC,eAAe,CAAC,QAAQ;oCAC1B,CAAC,CAAC,uBAAuB,CAAC,KAAK,CAAC;gCAClC,KAAK,EAAE,WAAW,CAAC,MAAM;gCACzB,KAAK,EAAE,WAAW,CAAC,OAAO;gCAC1B,OAAO,EAAE,GAAG;gCACZ,QAAQ,EAAE,GAAG;gCACb,UAAU,EAAE,WAAW,CAAC,MAAM;gCAC9B,WAAW,EAAE,WAAW,CAAC,MAAM;gCAC/B,UAAU,EAAE,WAAW,CAAC,UAAU;gCAClC,WAAW,EAAE,WAAW,CAAC,WAAW;6BACrC,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;oBAED,MAAM,gBAAgB,GAAG,MAAM,QAAQ;yBACpC,SAAS,CAAC,mBAAmB,CAAC;yBAC9B,IAAI,CAAC;wBACJ,OAAO,EAAE;4BACP,CAAC,mBAAmB,EAAE,GAAG,EAAE,aAAa,CAAC,IAAI,CAAC;4BAC9C,CAAC,aAAa,EAAE,GAAG,EAAE,MAAM,CAAC,WAAW,CAAC;yBACzC;qBACF,CAAC,CAAC;oBACL,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,OAAO,CAAC,CAAC;oBACnD,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;oBAC3C,MAAM,UAAU,GAAG,CAAC,CAAC,UAAU,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;oBACzD,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;wBACnC,MAAM,eAAe,GAAG,CAAC,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC,EAAE,EAAE,EAAE;4BACtD,OAAO,EAAE,CAAC,KAAK,IAAI,SAAS,CAAC;wBAC/B,CAAC,CAAC,CAAC;wBACH,MAAM,QAAQ;6BACX,SAAS,CAAC,mBAAmB,CAAC;6BAC9B,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;oBACjC,CAAC;gBACH,CAAC;aAAA;SACF;KACF;IACD,OAAO,EAAE;QACP,qBAAqB,EAAE;YACf,OAAO,CAAC,GAAG;;oBACf,MAAM,WAAW,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;oBAClC,MAAM,EAAE,kBAAkB,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;oBAC1C,OAAO,MAAM,IAAI,CAAC,qBAAqB,CACrC,kBAAkB,EAClB,WAAW,CACZ,CAAC;gBACJ,CAAC;aAAA;SACF;QACD,qCAAqC,EAAE;YAC/B,OAAO,CAAC,GAAG;;oBACf,MAAM,WAAW,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;oBAClC,MAAM,EAAE,UAAU,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;oBAClC,MAAM,OAAO,GAAG,MAAM,QAAQ;yBAC3B,SAAS,CAAC,oBAAoB,CAAC;yBAC/B,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,aAAa,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;oBAC/D,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;wBAC7B,MAAM,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;oBAC5D,CAAC;gBACH,CAAC;aAAA;SACF;KACF;CACF,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,22 +1,22 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@steedos/service-metadata-server",
|
|
3
|
-
"version": "3.0.0-beta.
|
|
3
|
+
"version": "3.0.0-beta.116",
|
|
4
4
|
"main": "index.js",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"scripts": {
|
|
7
7
|
"build": "rm -rf ./lib && tsc"
|
|
8
8
|
},
|
|
9
9
|
"dependencies": {
|
|
10
|
-
"@steedos/objectql": "3.0.0-beta.
|
|
11
|
-
"@steedos/service-metadata": "3.0.0-beta.
|
|
12
|
-
"@steedos/service-metadata-apps": "3.0.0-beta.
|
|
13
|
-
"@steedos/service-metadata-layouts": "3.0.0-beta.
|
|
14
|
-
"@steedos/service-metadata-objects": "3.0.0-beta.
|
|
15
|
-
"@steedos/service-metadata-permissionsets": "3.0.0-beta.
|
|
16
|
-
"@steedos/service-metadata-tabs": "3.0.0-beta.
|
|
17
|
-
"@steedos/service-metadata-translations": "3.0.0-beta.
|
|
18
|
-
"@steedos/service-metadata-triggers": "3.0.0-beta.
|
|
19
|
-
"@steedos/service-packages": "3.0.0-beta.
|
|
10
|
+
"@steedos/objectql": "3.0.0-beta.116",
|
|
11
|
+
"@steedos/service-metadata": "3.0.0-beta.116",
|
|
12
|
+
"@steedos/service-metadata-apps": "3.0.0-beta.116",
|
|
13
|
+
"@steedos/service-metadata-layouts": "3.0.0-beta.116",
|
|
14
|
+
"@steedos/service-metadata-objects": "3.0.0-beta.116",
|
|
15
|
+
"@steedos/service-metadata-permissionsets": "3.0.0-beta.116",
|
|
16
|
+
"@steedos/service-metadata-tabs": "3.0.0-beta.116",
|
|
17
|
+
"@steedos/service-metadata-translations": "3.0.0-beta.116",
|
|
18
|
+
"@steedos/service-metadata-triggers": "3.0.0-beta.116",
|
|
19
|
+
"@steedos/service-packages": "3.0.0-beta.116",
|
|
20
20
|
"lodash": "^4.17.21",
|
|
21
21
|
"underscore": "1.13.4"
|
|
22
22
|
},
|
|
@@ -26,5 +26,5 @@
|
|
|
26
26
|
"publishConfig": {
|
|
27
27
|
"access": "public"
|
|
28
28
|
},
|
|
29
|
-
"gitHead": "
|
|
29
|
+
"gitHead": "5faa4fd9601e2316a5fa428fcb945e3ecc8d1160"
|
|
30
30
|
}
|
|
@@ -1,110 +1,160 @@
|
|
|
1
|
-
import * as _ from
|
|
2
|
-
const metadataService = require(
|
|
3
|
-
const SERVICE_NAME =
|
|
4
|
-
const METADATA_TYPE =
|
|
1
|
+
import * as _ from "lodash";
|
|
2
|
+
const metadataService = require("./metadataService");
|
|
3
|
+
const SERVICE_NAME = "permission_fields";
|
|
4
|
+
const METADATA_TYPE = "permission_fields";
|
|
5
5
|
const objectql = require("@steedos/objectql");
|
|
6
6
|
|
|
7
|
-
const systemFields = [
|
|
7
|
+
const systemFields = [
|
|
8
|
+
"owner",
|
|
9
|
+
"created",
|
|
10
|
+
"created_by",
|
|
11
|
+
"modified",
|
|
12
|
+
"modified_by",
|
|
13
|
+
"locked",
|
|
14
|
+
"company_id",
|
|
15
|
+
"company_ids",
|
|
16
|
+
"instance_state",
|
|
17
|
+
];
|
|
8
18
|
|
|
9
19
|
async function getFieldPermission(apiName) {
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
20
|
+
const schema = objectql.getSteedosSchema();
|
|
21
|
+
const config = await objectql.registerPermissionFields.get(
|
|
22
|
+
schema.broker,
|
|
23
|
+
apiName,
|
|
24
|
+
);
|
|
25
|
+
return config ? config.metadata : null;
|
|
13
26
|
}
|
|
14
27
|
|
|
15
28
|
const getFieldDefaultEditable = (field) => {
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
29
|
+
if (
|
|
30
|
+
_.includes(systemFields, field.name) &&
|
|
31
|
+
(field.omit || field.hidden || field.readonly || field.disabled)
|
|
32
|
+
) {
|
|
33
|
+
return false;
|
|
34
|
+
}
|
|
35
|
+
if (field.omit || field.hidden || field.readonly || field.disabled) {
|
|
36
|
+
return false;
|
|
37
|
+
}
|
|
38
|
+
return true;
|
|
39
|
+
};
|
|
24
40
|
|
|
25
41
|
const getFieldDefaultReadable = (field) => {
|
|
26
|
-
|
|
27
|
-
return true;
|
|
28
|
-
}
|
|
29
|
-
if (field.hidden) {
|
|
30
|
-
return false
|
|
31
|
-
}
|
|
42
|
+
if (_.includes(systemFields, field.name) && !field.hidden) {
|
|
32
43
|
return true;
|
|
33
|
-
}
|
|
44
|
+
}
|
|
45
|
+
if (field.hidden) {
|
|
46
|
+
return false;
|
|
47
|
+
}
|
|
48
|
+
return true;
|
|
49
|
+
};
|
|
34
50
|
|
|
35
51
|
module.exports = {
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
//获取对象所有字段
|
|
50
|
-
const fields = await objectql.getObject('object_fields').find({ filters: [['object', '=', record.object_name]] });
|
|
51
|
-
const now = new Date();
|
|
52
|
-
for (const field of fields) {
|
|
53
|
-
const result = await objectql.getObject('permission_fields').directFind({ filters: [['permission_set_id', '=', permissionSet.name], ['permission_object', '=', record.name], ['object_name', '=', record.object_name], ['field', '=', field.name], ['is_system', '!=', true]] });
|
|
54
|
-
const count = result.length;
|
|
55
|
-
if (count == 0) {
|
|
56
|
-
const apiName = `${permissionSet.name}.${record.object_name}.${field.name}`
|
|
57
|
-
const fieldPermission = await getFieldPermission(apiName)
|
|
58
|
-
await objectql.getObject('permission_fields').directInsert({
|
|
59
|
-
name: apiName,
|
|
60
|
-
permission_set_id: permissionSet.name,
|
|
61
|
-
permission_object: record.name,
|
|
62
|
-
object_name: record.object_name,
|
|
63
|
-
field: field.name,
|
|
64
|
-
editable: fieldPermission ? fieldPermission.editable : getFieldDefaultEditable(field),
|
|
65
|
-
readable: fieldPermission ? fieldPermission.readable : getFieldDefaultReadable(field),
|
|
66
|
-
owner: userSession.userId,
|
|
67
|
-
space: userSession.spaceId,
|
|
68
|
-
created: now,
|
|
69
|
-
modified: now,
|
|
70
|
-
created_by: userSession.userId,
|
|
71
|
-
modified_by: userSession.userId,
|
|
72
|
-
company_id: userSession.company_id,
|
|
73
|
-
company_ids: userSession.company_ids
|
|
74
|
-
})
|
|
75
|
-
}
|
|
76
|
-
}
|
|
77
|
-
//删除已删除、卸载的字段权限
|
|
78
|
-
const fieldsPermission = await objectql.getObject('permission_fields').find({ filters: [['permission_set_id', '=', permissionSet.name], ['object_name', '=', record.object_name]] });
|
|
79
|
-
const allFields = _.map(fieldsPermission, 'field');
|
|
80
|
-
const objectFields = _.map(fields, 'name');
|
|
81
|
-
const diffFields = _.difference(allFields, objectFields);
|
|
82
|
-
for (const diffField of diffFields) {
|
|
83
|
-
const fieldPermission = _.find(fieldsPermission, (fp) => {
|
|
84
|
-
return fp.field == diffField
|
|
85
|
-
})
|
|
86
|
-
await objectql.getObject('permission_fields').delete(fieldPermission._id)
|
|
87
|
-
}
|
|
88
|
-
}
|
|
52
|
+
name: SERVICE_NAME,
|
|
53
|
+
mixins: [metadataService],
|
|
54
|
+
settings: {
|
|
55
|
+
metadataType: METADATA_TYPE,
|
|
56
|
+
},
|
|
57
|
+
methods: {
|
|
58
|
+
resetFieldPermissions: {
|
|
59
|
+
async handler(permissionObjectId: string, userSession: any) {
|
|
60
|
+
const record = await objectql
|
|
61
|
+
.getObject("permission_objects")
|
|
62
|
+
.findOne(permissionObjectId);
|
|
63
|
+
if (!record) {
|
|
64
|
+
return;
|
|
89
65
|
}
|
|
66
|
+
const permissionSet = await objectql
|
|
67
|
+
.getObject("permission_set")
|
|
68
|
+
.findOne(record.permission_set_id);
|
|
69
|
+
//获取对象所有字段
|
|
70
|
+
const fields = await objectql
|
|
71
|
+
.getObject("object_fields")
|
|
72
|
+
.find({ filters: [["object", "=", record.object_name]] });
|
|
73
|
+
const now = new Date();
|
|
74
|
+
for (const field of fields) {
|
|
75
|
+
const result = await objectql
|
|
76
|
+
.getObject("permission_fields")
|
|
77
|
+
.directFind({
|
|
78
|
+
filters: [
|
|
79
|
+
["permission_set_id", "=", permissionSet.name],
|
|
80
|
+
["permission_object", "=", record.name],
|
|
81
|
+
["object_name", "=", record.object_name],
|
|
82
|
+
["field", "=", field.name],
|
|
83
|
+
["is_system", "!=", true],
|
|
84
|
+
],
|
|
85
|
+
});
|
|
86
|
+
const count = result.length;
|
|
87
|
+
if (count == 0) {
|
|
88
|
+
const apiName = `${permissionSet.name}_${record.object_name}_${field.name}`;
|
|
89
|
+
const fieldPermission = await getFieldPermission(apiName);
|
|
90
|
+
await objectql.getObject("permission_fields").directInsert({
|
|
91
|
+
name: apiName,
|
|
92
|
+
permission_set_id: permissionSet.name,
|
|
93
|
+
permission_object: record.name,
|
|
94
|
+
object_name: record.object_name,
|
|
95
|
+
field: field.name,
|
|
96
|
+
editable: fieldPermission
|
|
97
|
+
? fieldPermission.editable
|
|
98
|
+
: getFieldDefaultEditable(field),
|
|
99
|
+
readable: fieldPermission
|
|
100
|
+
? fieldPermission.readable
|
|
101
|
+
: getFieldDefaultReadable(field),
|
|
102
|
+
owner: userSession.userId,
|
|
103
|
+
space: userSession.spaceId,
|
|
104
|
+
created: now,
|
|
105
|
+
modified: now,
|
|
106
|
+
created_by: userSession.userId,
|
|
107
|
+
modified_by: userSession.userId,
|
|
108
|
+
company_id: userSession.company_id,
|
|
109
|
+
company_ids: userSession.company_ids,
|
|
110
|
+
});
|
|
111
|
+
}
|
|
112
|
+
}
|
|
113
|
+
//删除已删除、卸载的字段权限
|
|
114
|
+
const fieldsPermission = await objectql
|
|
115
|
+
.getObject("permission_fields")
|
|
116
|
+
.find({
|
|
117
|
+
filters: [
|
|
118
|
+
["permission_set_id", "=", permissionSet.name],
|
|
119
|
+
["object_name", "=", record.object_name],
|
|
120
|
+
],
|
|
121
|
+
});
|
|
122
|
+
const allFields = _.map(fieldsPermission, "field");
|
|
123
|
+
const objectFields = _.map(fields, "name");
|
|
124
|
+
const diffFields = _.difference(allFields, objectFields);
|
|
125
|
+
for (const diffField of diffFields) {
|
|
126
|
+
const fieldPermission = _.find(fieldsPermission, (fp) => {
|
|
127
|
+
return fp.field == diffField;
|
|
128
|
+
});
|
|
129
|
+
await objectql
|
|
130
|
+
.getObject("permission_fields")
|
|
131
|
+
.delete(fieldPermission._id);
|
|
132
|
+
}
|
|
133
|
+
},
|
|
90
134
|
},
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
135
|
+
},
|
|
136
|
+
actions: {
|
|
137
|
+
resetFieldPermissions: {
|
|
138
|
+
async handler(ctx) {
|
|
139
|
+
const userSession = ctx.meta.user;
|
|
140
|
+
const { permissionObjectId } = ctx.params;
|
|
141
|
+
return await this.resetFieldPermissions(
|
|
142
|
+
permissionObjectId,
|
|
143
|
+
userSession,
|
|
144
|
+
);
|
|
145
|
+
},
|
|
146
|
+
},
|
|
147
|
+
resetAllPermissionSetFieldPermissions: {
|
|
148
|
+
async handler(ctx) {
|
|
149
|
+
const userSession = ctx.meta.user;
|
|
150
|
+
const { objectName } = ctx.params;
|
|
151
|
+
const records = await objectql
|
|
152
|
+
.getObject("permission_objects")
|
|
153
|
+
.directFind({ filters: [["object_name", "=", objectName]] });
|
|
154
|
+
for (const record of records) {
|
|
155
|
+
await this.resetFieldPermissions(record._id, userSession);
|
|
108
156
|
}
|
|
109
|
-
|
|
110
|
-
}
|
|
157
|
+
},
|
|
158
|
+
},
|
|
159
|
+
},
|
|
160
|
+
};
|