@steedos/standard-permission 2.6.1-beta.5 → 2.6.1-beta.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/main/default/objects/permission_fields.object.yml +1 -0
- package/main/default/objects/permission_objects.object.yml +2 -0
- package/main/default/objects/permission_set/buttons/copy.button.yml +5 -5
- package/main/default/objects/permission_set/buttons/set_permission_tabs.button.yml +7 -7
- package/main/default/objects/permission_set/permission_set.object.yml +1 -0
- package/main/default/objects/permission_shares.object.yml +1 -0
- package/main/default/objects/permission_tabs/permission_tabs.object.yml +1 -0
- package/main/default/objects/restriction_rules.object.yml +1 -0
- package/main/default/objects/share_rules.object.yml +1 -0
- package/main/default/routes/batchSavePermissionTabs.router.js +31 -23
- package/main/default/routes/copyProfile.router.js +10 -9
- package/main/default/translations/en.translation.yml +16 -0
- package/main/default/translations/zh-CN.translation.yml +16 -0
- package/main/default/triggers/permission_tabs_metadata.trigger.js +15 -19
- package/package.json +2 -2
|
@@ -3,6 +3,7 @@ label: Permission
|
|
|
3
3
|
icon: omni_supervisor
|
|
4
4
|
hidden: true
|
|
5
5
|
version: 2
|
|
6
|
+
enable_dataloader: false
|
|
6
7
|
fields:
|
|
7
8
|
name:
|
|
8
9
|
label: Name
|
|
@@ -99,6 +100,7 @@ fields:
|
|
|
99
100
|
group: Files permissions
|
|
100
101
|
disabled_list_views:
|
|
101
102
|
type: lookup
|
|
103
|
+
reference_to: object_listviews
|
|
102
104
|
label: Disabled ListViews
|
|
103
105
|
multiple: true
|
|
104
106
|
depend_on:
|
|
@@ -5,7 +5,7 @@ amis_schema: |-
|
|
|
5
5
|
"body": [
|
|
6
6
|
{
|
|
7
7
|
"type": "button",
|
|
8
|
-
"label": "
|
|
8
|
+
"label": "${'permission_set.copy.copy' | t}",
|
|
9
9
|
"id": "u:copy",
|
|
10
10
|
"onEvent": {
|
|
11
11
|
"click": {
|
|
@@ -14,16 +14,16 @@ amis_schema: |-
|
|
|
14
14
|
{
|
|
15
15
|
"dialog": {
|
|
16
16
|
"type": "dialog",
|
|
17
|
-
"title": "
|
|
17
|
+
"title": "${'permission_set.copy.copy_record' | t}",
|
|
18
18
|
"body": [
|
|
19
19
|
{
|
|
20
20
|
"type": "form",
|
|
21
21
|
"title": "表单",
|
|
22
22
|
"body": [
|
|
23
23
|
{
|
|
24
|
-
"label": "
|
|
24
|
+
"label": "${'permission_set.copy.display_name' | t}",
|
|
25
25
|
"type": "input-text",
|
|
26
|
-
"value": "${record.label}
|
|
26
|
+
"value": "${'permission_set.copy.copy_of_record' | t:${record.label}}",
|
|
27
27
|
"name": "label_input",
|
|
28
28
|
"id": "u:24e89a11d437",
|
|
29
29
|
"required": true
|
|
@@ -32,7 +32,7 @@ amis_schema: |-
|
|
|
32
32
|
"type": "input-text",
|
|
33
33
|
"name": "name_input",
|
|
34
34
|
"value": "${record.name}_copy",
|
|
35
|
-
"label": "
|
|
35
|
+
"label": "${'permission_set.copy.api_name' | t}",
|
|
36
36
|
"id": "u:27bd7cfe3e12",
|
|
37
37
|
"required": true
|
|
38
38
|
}
|
|
@@ -5,7 +5,7 @@ amis_schema: |-
|
|
|
5
5
|
"body": [
|
|
6
6
|
{
|
|
7
7
|
"type": "button",
|
|
8
|
-
"label": "
|
|
8
|
+
"label": "${'permission_set.set_permission_tabs.set_permission' | t}",
|
|
9
9
|
"id": "u:set_permission_tabs",
|
|
10
10
|
"onEvent": {
|
|
11
11
|
"click": {
|
|
@@ -14,7 +14,7 @@ amis_schema: |-
|
|
|
14
14
|
"actionType": "dialog",
|
|
15
15
|
"dialog": {
|
|
16
16
|
"type": "dialog",
|
|
17
|
-
"title": "
|
|
17
|
+
"title": "${'permission_set.set_permission_tabs.set_permission' | t}",
|
|
18
18
|
"body": [
|
|
19
19
|
{
|
|
20
20
|
"type": "form",
|
|
@@ -27,14 +27,14 @@ amis_schema: |-
|
|
|
27
27
|
"label": "",
|
|
28
28
|
"columns": [
|
|
29
29
|
{
|
|
30
|
-
"label": "
|
|
30
|
+
"label": "${'permission_set.set_permission_tabs.tab' | t}",
|
|
31
31
|
"name": "tab.label",
|
|
32
32
|
"type": "text",
|
|
33
33
|
"id": "u:ebd95b18057a",
|
|
34
34
|
"placeholder": "-"
|
|
35
35
|
},
|
|
36
36
|
{
|
|
37
|
-
"label": "
|
|
37
|
+
"label": "${'permission_set.set_permission_tabs.permission' | t}",
|
|
38
38
|
"name": "permission",
|
|
39
39
|
"type": "select",
|
|
40
40
|
"id": "u:ad5dcb76754f",
|
|
@@ -64,7 +64,7 @@ amis_schema: |-
|
|
|
64
64
|
"&": "$$",
|
|
65
65
|
"record": "${record}"
|
|
66
66
|
},
|
|
67
|
-
"adaptor": "const data = payload.data\nconst { permission_tabs, tabs } = data\nconst tableOptions = []\nconst tabNames = [] // 用于存储已经遍历过的选项卡,防止重复\nfor (const pTab of permission_tabs) {\n
|
|
67
|
+
"adaptor": "const data = payload.data\nconst { permission_tabs, tabs } = data\nconst tableOptions = []\nconst tabNames = [] // 用于存储已经遍历过的选项卡,防止重复\nfor (const pTab of permission_tabs) {\n tableOptions.push({\n tab: {\n _id: pTab.tab__expand?._id,\n name: pTab.tab__expand?.name,\n label: pTab.tab__expand?.label\n },\n permission: pTab.permission\n })\n tabNames.push(pTab.tab__expand?.name)\n}\n\nfor (const tab of tabs) {\n if (tabNames.includes(tab.name)) {\n continue\n }\n tableOptions.push({\n tab: {\n _id: tab._id,\n name: tab.name,\n label: tab.label\n },\n permission: 'on'\n })\n}\n\ndata.permission_tabs_list = tableOptions\n\nreturn payload\n",
|
|
68
68
|
"headers": {
|
|
69
69
|
"Authorization": "Bearer ${context.tenantId},${context.authToken}"
|
|
70
70
|
},
|
|
@@ -104,7 +104,7 @@ amis_schema: |-
|
|
|
104
104
|
"actions": [
|
|
105
105
|
{
|
|
106
106
|
"type": "button",
|
|
107
|
-
"label": "
|
|
107
|
+
"label": "${'permission_set.set_permission_tabs.cancel' | t}",
|
|
108
108
|
"onEvent": {
|
|
109
109
|
"click": {
|
|
110
110
|
"actions": [
|
|
@@ -121,7 +121,7 @@ amis_schema: |-
|
|
|
121
121
|
},
|
|
122
122
|
{
|
|
123
123
|
"type": "submit",
|
|
124
|
-
"label": "
|
|
124
|
+
"label": "${'permission_set.set_permission_tabs.save' | t}",
|
|
125
125
|
"onEvent": {},
|
|
126
126
|
"id": "u:246398c1f14c",
|
|
127
127
|
"level": "primary",
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
/*
|
|
2
2
|
* @Author: sunhaolin@hotoa.com
|
|
3
3
|
* @Date: 2022-10-29 16:49:49
|
|
4
|
-
* @LastEditors: sunhaolin@
|
|
5
|
-
* @LastEditTime:
|
|
4
|
+
* @LastEditors: 孙浩林 sunhaolin@steedos.com
|
|
5
|
+
* @LastEditTime: 2023-07-13 12:03:01
|
|
6
6
|
* @Description: 权限集详情页中的设置选项卡权限按钮保存接口,批量保存选项卡权限
|
|
7
7
|
*/
|
|
8
8
|
'use strict';
|
|
@@ -39,29 +39,37 @@ router.post('/api/permission/permission_set/batchSavePermissionTabs', core.requi
|
|
|
39
39
|
throw new Error("permission_tabs_list is required");
|
|
40
40
|
}
|
|
41
41
|
const permissionTabsObj = objectql.getObject('permission_tabs')
|
|
42
|
+
const ptList = await permissionTabsObj.find({
|
|
43
|
+
filters: [
|
|
44
|
+
['permission_set', '=', permission_set_name],
|
|
45
|
+
]
|
|
46
|
+
}, userSession)
|
|
47
|
+
|
|
48
|
+
const ptMap = {}
|
|
49
|
+
for (const pt of ptList) {
|
|
50
|
+
ptMap[pt.tab] = pt
|
|
51
|
+
}
|
|
52
|
+
|
|
42
53
|
for (const { permission, tab } of permission_tabs_list) {
|
|
43
|
-
const pTabDoc =
|
|
44
|
-
filters: [
|
|
45
|
-
['permission_set', '=', permission_set_name],
|
|
46
|
-
['tab', '=', tab.name]
|
|
47
|
-
]
|
|
48
|
-
}))[0]
|
|
54
|
+
const pTabDoc = ptMap[tab.name]
|
|
49
55
|
|
|
50
|
-
if (pTabDoc &&
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
56
|
+
if (pTabDoc && pTabDoc.permission !== permission) {
|
|
57
|
+
if (!pTabDoc.is_system) {
|
|
58
|
+
// 如果存在
|
|
59
|
+
// 1、非系统 执行更新
|
|
60
|
+
await permissionTabsObj.update(pTabDoc._id, {
|
|
61
|
+
'permission': permission
|
|
62
|
+
}, userSession)
|
|
63
|
+
} else if (pTabDoc.is_system) {
|
|
64
|
+
// 2、系统的执行新增,相当于自定义
|
|
65
|
+
// 如果不存在,执行新增
|
|
66
|
+
await permissionTabsObj.insert({
|
|
67
|
+
'space': spaceId,
|
|
68
|
+
'permission_set': permission_set_name,
|
|
69
|
+
'tab': tab.name,
|
|
70
|
+
'permission': permission
|
|
71
|
+
}, userSession)
|
|
72
|
+
}
|
|
65
73
|
}
|
|
66
74
|
|
|
67
75
|
}
|
|
@@ -16,6 +16,7 @@ const core = require('@steedos/core');
|
|
|
16
16
|
const objectql = require('@steedos/objectql');
|
|
17
17
|
const InternalData = require('@steedos/standard-objects').internalData;
|
|
18
18
|
const _ = require('underscore');
|
|
19
|
+
const { MongoClient } = require('mongodb');
|
|
19
20
|
|
|
20
21
|
/**
|
|
21
22
|
* body {
|
|
@@ -67,11 +68,11 @@ router.post('/api/permission/permission_set/copy', core.requireAuthentication, a
|
|
|
67
68
|
}
|
|
68
69
|
|
|
69
70
|
// 事务 https://www.mongodb.com/docs/v4.4/core/transactions-in-applications/#core-api
|
|
70
|
-
const
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
71
|
+
const client = new MongoClient(process.env.MONGO_URL, {
|
|
72
|
+
useNewUrlParser: true,
|
|
73
|
+
useUnifiedTopology: true,
|
|
74
|
+
});
|
|
75
|
+
await client.connect();
|
|
75
76
|
const db = client.db();
|
|
76
77
|
|
|
77
78
|
// Start a session.
|
|
@@ -108,7 +109,7 @@ router.post('/api/permission/permission_set/copy', core.requireAuthentication, a
|
|
|
108
109
|
is_system: false,
|
|
109
110
|
name,
|
|
110
111
|
label,
|
|
111
|
-
_id:
|
|
112
|
+
_id: await psObj._makeNewID(),
|
|
112
113
|
copy_from: originalPermissionSetId,
|
|
113
114
|
};
|
|
114
115
|
|
|
@@ -129,7 +130,7 @@ router.post('/api/permission/permission_set/copy', core.requireAuthentication, a
|
|
|
129
130
|
// 遍历原有的对象权限
|
|
130
131
|
for (const poDoc of originalPermissionObjects) {
|
|
131
132
|
const fromId = poDoc._id;
|
|
132
|
-
const newId =
|
|
133
|
+
const newId = await psObj._makeNewID();
|
|
133
134
|
// 由于 15.permission_objects.observe.object.js 中的 _change 函数中,调用了 permission_fields.resetFieldPermissions 方法,会阻塞redis查询,需要调整15.permission_objects.observe.object.js, 避免调用 resetFieldPermissions 方法
|
|
134
135
|
const newPermissionObject = {
|
|
135
136
|
...poDoc,
|
|
@@ -154,7 +155,7 @@ router.post('/api/permission/permission_set/copy', core.requireAuthentication, a
|
|
|
154
155
|
field: field.name,
|
|
155
156
|
editable: fieldPermission ? fieldPermission.editable : getFieldDefaultEditable(field),
|
|
156
157
|
readable: fieldPermission ? fieldPermission.readable : getFieldDefaultReadable(field),
|
|
157
|
-
_id:
|
|
158
|
+
_id: await psObj._makeNewID(),
|
|
158
159
|
copy_from: fieldPermission ? fieldPermission._id : `${originalPermissionSetName}.${newPermissionObject.object_name}.${field.name}`
|
|
159
160
|
})
|
|
160
161
|
}
|
|
@@ -165,7 +166,7 @@ router.post('/api/permission/permission_set/copy', core.requireAuthentication, a
|
|
|
165
166
|
// 遍历原有的选项卡权限
|
|
166
167
|
for (const ptDoc of originalPermissionTabs) {
|
|
167
168
|
const fromId = ptDoc._id;
|
|
168
|
-
const newId =
|
|
169
|
+
const newId = await psObj._makeNewID();
|
|
169
170
|
delete ptDoc.record_permissions;
|
|
170
171
|
newPermissionTabs.push({
|
|
171
172
|
...ptDoc,
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
CustomLabels:
|
|
2
|
+
permission_set:
|
|
3
|
+
set_permission_tabs:
|
|
4
|
+
set_permission: Set Tab Permissions
|
|
5
|
+
tab: Tab
|
|
6
|
+
permission: Permission
|
|
7
|
+
default_on: Default On
|
|
8
|
+
default_off: Default Off
|
|
9
|
+
cancel: Cancel
|
|
10
|
+
save: Save
|
|
11
|
+
copy:
|
|
12
|
+
copy: Copy
|
|
13
|
+
copy_record: Copy the Current Profile Record
|
|
14
|
+
display_name: Display Name
|
|
15
|
+
copy_of_record: "Copy of %s"
|
|
16
|
+
api_name: API Name
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
CustomLabels:
|
|
2
|
+
permission_set:
|
|
3
|
+
set_permission_tabs:
|
|
4
|
+
set_permission: 设置选项卡权限
|
|
5
|
+
tab: 选项卡
|
|
6
|
+
permission: 权限
|
|
7
|
+
default_on: 默认打开
|
|
8
|
+
default_off: 默认关闭
|
|
9
|
+
cancel: 取消
|
|
10
|
+
save: 保存
|
|
11
|
+
copy:
|
|
12
|
+
copy: 复制
|
|
13
|
+
copy_record: 复制 当前简档记录
|
|
14
|
+
display_name: 显示名称
|
|
15
|
+
copy_of_record: "%s 的副本"
|
|
16
|
+
api_name: API名称
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
/*
|
|
2
2
|
* @Author: sunhaolin@hotoa.com
|
|
3
3
|
* @Date: 2022-10-26 14:14:51
|
|
4
|
-
* @LastEditors:
|
|
5
|
-
* @LastEditTime: 2023-
|
|
4
|
+
* @LastEditors: 孙浩林 sunhaolin@steedos.com
|
|
5
|
+
* @LastEditTime: 2023-07-13 09:56:08
|
|
6
6
|
* @Description:
|
|
7
7
|
*/
|
|
8
8
|
const objectql = require('@steedos/objectql');
|
|
@@ -11,30 +11,26 @@ const auth = require('@steedos/auth');
|
|
|
11
11
|
const _ = require('underscore');
|
|
12
12
|
async function getAll() {
|
|
13
13
|
const schema = objectql.getSteedosSchema();
|
|
14
|
-
const configs = await register.
|
|
14
|
+
const configs = await register.registerPermissionTabs.getAll(schema.broker)
|
|
15
15
|
const dataList = _.pluck(configs, 'metadata');
|
|
16
16
|
let permissionTabs = [];
|
|
17
17
|
for (const item of dataList) {
|
|
18
18
|
if (!item._id) {
|
|
19
|
-
item._id = `${item.
|
|
19
|
+
item._id = `${item.permission_set}_${item.tab}`
|
|
20
20
|
}
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
permission_set: permissionTab.permission_set,
|
|
27
|
-
tab: item.name,
|
|
21
|
+
permissionTabs.push({
|
|
22
|
+
_id: item._id,
|
|
23
|
+
permission: item.permission,
|
|
24
|
+
permission_set: item.permission_set,
|
|
25
|
+
tab: item.tab,
|
|
28
26
|
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
}
|
|
35
|
-
});
|
|
27
|
+
is_system: true,
|
|
28
|
+
record_permissions: { // 此属性控制记录在前台页面的权限
|
|
29
|
+
allowEdit: false,
|
|
30
|
+
allowDelete: false,
|
|
31
|
+
allowRead: true,
|
|
36
32
|
}
|
|
37
|
-
}
|
|
33
|
+
});
|
|
38
34
|
}
|
|
39
35
|
return permissionTabs;
|
|
40
36
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@steedos/standard-permission",
|
|
3
|
-
"version": "2.6.1-beta.
|
|
3
|
+
"version": "2.6.1-beta.7",
|
|
4
4
|
"main": "package.service.js",
|
|
5
5
|
"private": false,
|
|
6
6
|
"publishConfig": {
|
|
@@ -12,5 +12,5 @@
|
|
|
12
12
|
"description": "steedos package",
|
|
13
13
|
"repository": {},
|
|
14
14
|
"license": "MIT",
|
|
15
|
-
"gitHead": "
|
|
15
|
+
"gitHead": "b12f271460ef3686face095e875aa38e8ddc4c7f"
|
|
16
16
|
}
|