@strapi/permissions 5.30.0 → 5.31.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/domain/permission/index.js.map +1 -1
- package/dist/domain/permission/index.mjs.map +1 -1
- package/dist/engine/abilities/casl-ability.js.map +1 -1
- package/dist/engine/abilities/casl-ability.mjs.map +1 -1
- package/dist/engine/index.js.map +1 -1
- package/dist/engine/index.mjs.map +1 -1
- package/package.json +5 -5
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../src/domain/permission/index.ts"],"sourcesContent":["import _ from 'lodash/fp';\n\nconst PERMISSION_FIELDS = ['action', 'subject', 'properties', 'conditions'] as const;\n\nconst sanitizePermissionFields = _.pick(PERMISSION_FIELDS);\n\nexport interface Permission {\n action: string;\n actionParameters?: Record<string, unknown>;\n subject?: string | object | null;\n properties?: Record<string, any>;\n conditions?: string[];\n}\n\n/**\n * Creates a permission with default values for optional properties\n */\nconst getDefaultPermission = (): Pick<Permission, 'conditions' | 'properties' | 'subject'> => ({\n conditions: [],\n properties: {},\n subject: null,\n});\n\n/**\n * Create a new permission based on given attributes\n *\n * @param {object} attributes\n */\nconst create = _.pipe(_.pick(PERMISSION_FIELDS), _.merge(getDefaultPermission()));\n\n/**\n * Add a condition to a permission\n */\nconst addCondition = _.curry((condition: string, permission: Permission): Permission => {\n const { conditions } = permission;\n\n const newConditions = Array.isArray(conditions)\n ? _.uniq(conditions.concat(condition))\n : [condition];\n\n return _.set('conditions', newConditions, permission);\n});\n\n/**\n * Gets a property or a part of a property from a permission.\n */\nconst getProperty = _.curry(\n <T extends keyof Permission['properties']>(\n property: T,\n permission: Permission\n ): Permission['properties'][T] => _.get(`properties.${property}`, permission)\n);\n\nexport { create, sanitizePermissionFields, addCondition, getProperty };\n"],"names":["PERMISSION_FIELDS","sanitizePermissionFields","_","pick","getDefaultPermission","conditions","properties","subject","create","pipe","merge","addCondition","curry","condition","permission","newConditions","Array","isArray","uniq","concat","set","getProperty","property","get"],"mappings":";;;;AAEA,MAAMA,iBAAoB,GAAA;AAAC,IAAA,QAAA;AAAU,IAAA,SAAA;AAAW,IAAA,YAAA;AAAc,IAAA;AAAa,CAAA;AAErEC,MAAAA,wBAAAA,GAA2BC,CAAEC,CAAAA,IAAI,CAACH,iBAAAA;AAUxC;;IAGA,MAAMI,oBAAuB,GAAA,KAAkE;AAC7FC,QAAAA,UAAAA,EAAY,EAAE;AACdC,QAAAA,UAAAA,EAAY,EAAC;QACbC,OAAS,EAAA;KACX,CAAA;AAEA;;;;IAKA,MAAMC,MAASN,GAAAA,CAAAA,CAAEO,IAAI,CAACP,CAAEC,CAAAA,IAAI,CAACH,iBAAAA,CAAAA,EAAoBE,CAAEQ,CAAAA,KAAK,CAACN,oBAAAA,EAAAA,CAAAA;AAEzD;;AAEC,UACKO,YAAeT,GAAAA,CAAAA,CAAEU,KAAK,CAAC,CAACC,SAAmBC,EAAAA,UAAAA,GAAAA;IAC/C,MAAM,EAAET,UAAU,EAAE,GAAGS,UAAAA;IAEvB,MAAMC,aAAAA,GAAgBC,KAAMC,CAAAA,OAAO,CAACZ,UAAAA,CAAAA,GAChCH,CAAEgB,CAAAA,IAAI,CAACb,UAAAA,CAAWc,MAAM,CAACN,SACzB,CAAA,CAAA,GAAA;AAACA,QAAAA;AAAU,KAAA;AAEf,IAAA,OAAOX,CAAEkB,CAAAA,GAAG,CAAC,YAAA,EAAcL,aAAeD,EAAAA,UAAAA,CAAAA;AAC5C,CAAA;AAEA;;AAEC,
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../src/domain/permission/index.ts"],"sourcesContent":["import _ from 'lodash/fp';\n\nconst PERMISSION_FIELDS = ['action', 'subject', 'properties', 'conditions'] as const;\n\nconst sanitizePermissionFields = _.pick(PERMISSION_FIELDS);\n\nexport interface Permission {\n action: string;\n actionParameters?: Record<string, unknown>;\n subject?: string | object | null;\n properties?: Record<string, any>;\n conditions?: string[];\n}\n\n/**\n * Creates a permission with default values for optional properties\n */\nconst getDefaultPermission = (): Pick<Permission, 'conditions' | 'properties' | 'subject'> => ({\n conditions: [],\n properties: {},\n subject: null,\n});\n\n/**\n * Create a new permission based on given attributes\n *\n * @param {object} attributes\n */\nconst create = _.pipe(_.pick(PERMISSION_FIELDS), _.merge(getDefaultPermission()));\n\n/**\n * Add a condition to a permission\n */\nconst addCondition = _.curry((condition: string, permission: Permission): Permission => {\n const { conditions } = permission;\n\n const newConditions = Array.isArray(conditions)\n ? _.uniq(conditions.concat(condition))\n : [condition];\n\n return _.set('conditions', newConditions, permission);\n});\n\n/**\n * Gets a property or a part of a property from a permission.\n */\nconst getProperty = _.curry(\n <T extends keyof Permission['properties']>(\n property: T,\n permission: Permission\n ): Permission['properties'][T] => _.get(`properties.${property}`, permission)\n);\n\nexport { create, sanitizePermissionFields, addCondition, getProperty };\n"],"names":["PERMISSION_FIELDS","sanitizePermissionFields","_","pick","getDefaultPermission","conditions","properties","subject","create","pipe","merge","addCondition","curry","condition","permission","newConditions","Array","isArray","uniq","concat","set","getProperty","property","get"],"mappings":";;;;AAEA,MAAMA,iBAAoB,GAAA;AAAC,IAAA,QAAA;AAAU,IAAA,SAAA;AAAW,IAAA,YAAA;AAAc,IAAA;AAAa,CAAA;AAErEC,MAAAA,wBAAAA,GAA2BC,CAAEC,CAAAA,IAAI,CAACH,iBAAAA;AAUxC;;IAGA,MAAMI,oBAAuB,GAAA,KAAkE;AAC7FC,QAAAA,UAAAA,EAAY,EAAE;AACdC,QAAAA,UAAAA,EAAY,EAAC;QACbC,OAAS,EAAA;KACX,CAAA;AAEA;;;;IAKA,MAAMC,MAASN,GAAAA,CAAAA,CAAEO,IAAI,CAACP,CAAEC,CAAAA,IAAI,CAACH,iBAAAA,CAAAA,EAAoBE,CAAEQ,CAAAA,KAAK,CAACN,oBAAAA,EAAAA,CAAAA;AAEzD;;AAEC,UACKO,YAAeT,GAAAA,CAAAA,CAAEU,KAAK,CAAC,CAACC,SAAmBC,EAAAA,UAAAA,GAAAA;IAC/C,MAAM,EAAET,UAAU,EAAE,GAAGS,UAAAA;IAEvB,MAAMC,aAAAA,GAAgBC,KAAMC,CAAAA,OAAO,CAACZ,UAAAA,CAAAA,GAChCH,CAAEgB,CAAAA,IAAI,CAACb,UAAAA,CAAWc,MAAM,CAACN,SACzB,CAAA,CAAA,GAAA;AAACA,QAAAA;AAAU,KAAA;AAEf,IAAA,OAAOX,CAAEkB,CAAAA,GAAG,CAAC,YAAA,EAAcL,aAAeD,EAAAA,UAAAA,CAAAA;AAC5C,CAAA;AAEA;;AAEC,IACKO,MAAAA,WAAAA,GAAcnB,CAAEU,CAAAA,KAAK,CACzB,CACEU,QAAAA,EACAR,UACgCZ,GAAAA,CAAAA,CAAEqB,GAAG,CAAC,CAAC,WAAW,EAAED,UAAU,EAAER,UAAAA,CAAAA;;;;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","sources":["../../../src/domain/permission/index.ts"],"sourcesContent":["import _ from 'lodash/fp';\n\nconst PERMISSION_FIELDS = ['action', 'subject', 'properties', 'conditions'] as const;\n\nconst sanitizePermissionFields = _.pick(PERMISSION_FIELDS);\n\nexport interface Permission {\n action: string;\n actionParameters?: Record<string, unknown>;\n subject?: string | object | null;\n properties?: Record<string, any>;\n conditions?: string[];\n}\n\n/**\n * Creates a permission with default values for optional properties\n */\nconst getDefaultPermission = (): Pick<Permission, 'conditions' | 'properties' | 'subject'> => ({\n conditions: [],\n properties: {},\n subject: null,\n});\n\n/**\n * Create a new permission based on given attributes\n *\n * @param {object} attributes\n */\nconst create = _.pipe(_.pick(PERMISSION_FIELDS), _.merge(getDefaultPermission()));\n\n/**\n * Add a condition to a permission\n */\nconst addCondition = _.curry((condition: string, permission: Permission): Permission => {\n const { conditions } = permission;\n\n const newConditions = Array.isArray(conditions)\n ? _.uniq(conditions.concat(condition))\n : [condition];\n\n return _.set('conditions', newConditions, permission);\n});\n\n/**\n * Gets a property or a part of a property from a permission.\n */\nconst getProperty = _.curry(\n <T extends keyof Permission['properties']>(\n property: T,\n permission: Permission\n ): Permission['properties'][T] => _.get(`properties.${property}`, permission)\n);\n\nexport { create, sanitizePermissionFields, addCondition, getProperty };\n"],"names":["PERMISSION_FIELDS","sanitizePermissionFields","_","pick","getDefaultPermission","conditions","properties","subject","create","pipe","merge","addCondition","curry","condition","permission","newConditions","Array","isArray","uniq","concat","set","getProperty","property","get"],"mappings":";;AAEA,MAAMA,iBAAoB,GAAA;AAAC,IAAA,QAAA;AAAU,IAAA,SAAA;AAAW,IAAA,YAAA;AAAc,IAAA;AAAa,CAAA;AAErEC,MAAAA,wBAAAA,GAA2BC,CAAEC,CAAAA,IAAI,CAACH,iBAAAA;AAUxC;;IAGA,MAAMI,oBAAuB,GAAA,KAAkE;AAC7FC,QAAAA,UAAAA,EAAY,EAAE;AACdC,QAAAA,UAAAA,EAAY,EAAC;QACbC,OAAS,EAAA;KACX,CAAA;AAEA;;;;IAKA,MAAMC,MAASN,GAAAA,CAAAA,CAAEO,IAAI,CAACP,CAAEC,CAAAA,IAAI,CAACH,iBAAAA,CAAAA,EAAoBE,CAAEQ,CAAAA,KAAK,CAACN,oBAAAA,EAAAA,CAAAA;AAEzD;;AAEC,UACKO,YAAeT,GAAAA,CAAAA,CAAEU,KAAK,CAAC,CAACC,SAAmBC,EAAAA,UAAAA,GAAAA;IAC/C,MAAM,EAAET,UAAU,EAAE,GAAGS,UAAAA;IAEvB,MAAMC,aAAAA,GAAgBC,KAAMC,CAAAA,OAAO,CAACZ,UAAAA,CAAAA,GAChCH,CAAEgB,CAAAA,IAAI,CAACb,UAAAA,CAAWc,MAAM,CAACN,SACzB,CAAA,CAAA,GAAA;AAACA,QAAAA;AAAU,KAAA;AAEf,IAAA,OAAOX,CAAEkB,CAAAA,GAAG,CAAC,YAAA,EAAcL,aAAeD,EAAAA,UAAAA,CAAAA;AAC5C,CAAA;AAEA;;AAEC,
|
|
1
|
+
{"version":3,"file":"index.mjs","sources":["../../../src/domain/permission/index.ts"],"sourcesContent":["import _ from 'lodash/fp';\n\nconst PERMISSION_FIELDS = ['action', 'subject', 'properties', 'conditions'] as const;\n\nconst sanitizePermissionFields = _.pick(PERMISSION_FIELDS);\n\nexport interface Permission {\n action: string;\n actionParameters?: Record<string, unknown>;\n subject?: string | object | null;\n properties?: Record<string, any>;\n conditions?: string[];\n}\n\n/**\n * Creates a permission with default values for optional properties\n */\nconst getDefaultPermission = (): Pick<Permission, 'conditions' | 'properties' | 'subject'> => ({\n conditions: [],\n properties: {},\n subject: null,\n});\n\n/**\n * Create a new permission based on given attributes\n *\n * @param {object} attributes\n */\nconst create = _.pipe(_.pick(PERMISSION_FIELDS), _.merge(getDefaultPermission()));\n\n/**\n * Add a condition to a permission\n */\nconst addCondition = _.curry((condition: string, permission: Permission): Permission => {\n const { conditions } = permission;\n\n const newConditions = Array.isArray(conditions)\n ? _.uniq(conditions.concat(condition))\n : [condition];\n\n return _.set('conditions', newConditions, permission);\n});\n\n/**\n * Gets a property or a part of a property from a permission.\n */\nconst getProperty = _.curry(\n <T extends keyof Permission['properties']>(\n property: T,\n permission: Permission\n ): Permission['properties'][T] => _.get(`properties.${property}`, permission)\n);\n\nexport { create, sanitizePermissionFields, addCondition, getProperty };\n"],"names":["PERMISSION_FIELDS","sanitizePermissionFields","_","pick","getDefaultPermission","conditions","properties","subject","create","pipe","merge","addCondition","curry","condition","permission","newConditions","Array","isArray","uniq","concat","set","getProperty","property","get"],"mappings":";;AAEA,MAAMA,iBAAoB,GAAA;AAAC,IAAA,QAAA;AAAU,IAAA,SAAA;AAAW,IAAA,YAAA;AAAc,IAAA;AAAa,CAAA;AAErEC,MAAAA,wBAAAA,GAA2BC,CAAEC,CAAAA,IAAI,CAACH,iBAAAA;AAUxC;;IAGA,MAAMI,oBAAuB,GAAA,KAAkE;AAC7FC,QAAAA,UAAAA,EAAY,EAAE;AACdC,QAAAA,UAAAA,EAAY,EAAC;QACbC,OAAS,EAAA;KACX,CAAA;AAEA;;;;IAKA,MAAMC,MAASN,GAAAA,CAAAA,CAAEO,IAAI,CAACP,CAAEC,CAAAA,IAAI,CAACH,iBAAAA,CAAAA,EAAoBE,CAAEQ,CAAAA,KAAK,CAACN,oBAAAA,EAAAA,CAAAA;AAEzD;;AAEC,UACKO,YAAeT,GAAAA,CAAAA,CAAEU,KAAK,CAAC,CAACC,SAAmBC,EAAAA,UAAAA,GAAAA;IAC/C,MAAM,EAAET,UAAU,EAAE,GAAGS,UAAAA;IAEvB,MAAMC,aAAAA,GAAgBC,KAAMC,CAAAA,OAAO,CAACZ,UAAAA,CAAAA,GAChCH,CAAEgB,CAAAA,IAAI,CAACb,UAAAA,CAAWc,MAAM,CAACN,SACzB,CAAA,CAAA,GAAA;AAACA,QAAAA;AAAU,KAAA;AAEf,IAAA,OAAOX,CAAEkB,CAAAA,GAAG,CAAC,YAAA,EAAcL,aAAeD,EAAAA,UAAAA,CAAAA;AAC5C,CAAA;AAEA;;AAEC,IACKO,MAAAA,WAAAA,GAAcnB,CAAEU,CAAAA,KAAK,CACzB,CACEU,QAAAA,EACAR,UACgCZ,GAAAA,CAAAA,CAAEqB,GAAG,CAAC,CAAC,WAAW,EAAED,UAAU,EAAER,UAAAA,CAAAA;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"casl-ability.js","sources":["../../../src/engine/abilities/casl-ability.ts"],"sourcesContent":["import * as sift from 'sift';\nimport qs from 'qs';\nimport { AbilityBuilder, Ability } from '@casl/ability';\nimport { pick, isNil, isObject } from 'lodash/fp';\nimport type { ParametrizedAction, PermissionRule } from '../../types';\n\nexport interface CustomAbilityBuilder {\n can(permission: PermissionRule): ReturnType<AbilityBuilder<Ability>['can']>;\n buildParametrizedAction: (parametrizedAction: ParametrizedAction) => string;\n build(): Ability;\n}\n\nconst allowedOperations = [\n '$or',\n '$and',\n '$eq',\n '$ne',\n '$in',\n '$nin',\n '$lt',\n '$lte',\n '$gt',\n '$gte',\n '$exists',\n '$elemMatch',\n] as const;\n\nconst operations = pick(allowedOperations, sift);\n\nconst conditionsMatcher = (conditions: unknown) => {\n return sift.createQueryTester(conditions, { operations });\n};\n\nconst buildParametrizedAction = ({ name, params }: ParametrizedAction) => {\n return `${name}?${qs.stringify(params)}`;\n};\n\n/**\n * Casl Ability Builder.\n */\nexport const caslAbilityBuilder = (): CustomAbilityBuilder => {\n const { can, build, ...rest } = new AbilityBuilder(Ability);\n\n return {\n can(permission: PermissionRule) {\n const { action, subject, properties = {}, condition } = permission;\n const { fields } = properties;\n\n const caslAction = typeof action === 'string' ? action : buildParametrizedAction(action);\n\n return can(\n caslAction,\n isNil(subject) ? 'all' : subject,\n fields,\n isObject(condition) ? condition : undefined\n );\n },\n\n buildParametrizedAction({ name, params }: ParametrizedAction) {\n return `${name}?${qs.stringify(params)}`;\n },\n\n build() {\n const ability = build({ conditionsMatcher });\n\n function decorateCan(originalCan: Ability['can']) {\n return function (...args: Parameters<Ability['can']>) {\n const [action, ...rest] = args;\n const caslAction = typeof action === 'string' ? action : buildParametrizedAction(action);\n\n // Call the original `can` method\n return originalCan.apply(ability, [caslAction, ...rest]);\n };\n }\n\n ability.can = decorateCan(ability.can);\n return ability;\n },\n\n ...rest,\n };\n};\n"],"names":["allowedOperations","operations","pick","sift","conditionsMatcher","conditions","createQueryTester","buildParametrizedAction","name","params","qs","stringify","caslAbilityBuilder","can","build","rest","AbilityBuilder","Ability","permission","action","subject","properties","condition","fields","caslAction","isNil","isObject","undefined","ability","decorateCan","originalCan","args","apply"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAYA,MAAMA,iBAAoB,GAAA;AACxB,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,SAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,UAAAA,GAAaC,OAAKF,iBAAmBG,EAAAA,eAAAA,CAAAA;AAE3C,MAAMC,oBAAoB,CAACC,UAAAA,GAAAA;IACzB,OAAOF,eAAAA,CAAKG,iBAAiB,CAACD,UAAY,EAAA;AAAEJ,QAAAA;AAAW,KAAA,CAAA;AACzD,CAAA;AAEA,MAAMM,0BAA0B,CAAC,EAAEC,IAAI,EAAEC,MAAM,EAAsB,GAAA;
|
|
1
|
+
{"version":3,"file":"casl-ability.js","sources":["../../../src/engine/abilities/casl-ability.ts"],"sourcesContent":["import * as sift from 'sift';\nimport qs from 'qs';\nimport { AbilityBuilder, Ability } from '@casl/ability';\nimport { pick, isNil, isObject } from 'lodash/fp';\nimport type { ParametrizedAction, PermissionRule } from '../../types';\n\nexport interface CustomAbilityBuilder {\n can(permission: PermissionRule): ReturnType<AbilityBuilder<Ability>['can']>;\n buildParametrizedAction: (parametrizedAction: ParametrizedAction) => string;\n build(): Ability;\n}\n\nconst allowedOperations = [\n '$or',\n '$and',\n '$eq',\n '$ne',\n '$in',\n '$nin',\n '$lt',\n '$lte',\n '$gt',\n '$gte',\n '$exists',\n '$elemMatch',\n] as const;\n\nconst operations = pick(allowedOperations, sift);\n\nconst conditionsMatcher = (conditions: unknown) => {\n return sift.createQueryTester(conditions, { operations });\n};\n\nconst buildParametrizedAction = ({ name, params }: ParametrizedAction) => {\n return `${name}?${qs.stringify(params)}`;\n};\n\n/**\n * Casl Ability Builder.\n */\nexport const caslAbilityBuilder = (): CustomAbilityBuilder => {\n const { can, build, ...rest } = new AbilityBuilder(Ability);\n\n return {\n can(permission: PermissionRule) {\n const { action, subject, properties = {}, condition } = permission;\n const { fields } = properties;\n\n const caslAction = typeof action === 'string' ? action : buildParametrizedAction(action);\n\n return can(\n caslAction,\n isNil(subject) ? 'all' : subject,\n fields,\n isObject(condition) ? condition : undefined\n );\n },\n\n buildParametrizedAction({ name, params }: ParametrizedAction) {\n return `${name}?${qs.stringify(params)}`;\n },\n\n build() {\n const ability = build({ conditionsMatcher });\n\n function decorateCan(originalCan: Ability['can']) {\n return function (...args: Parameters<Ability['can']>) {\n const [action, ...rest] = args;\n const caslAction = typeof action === 'string' ? action : buildParametrizedAction(action);\n\n // Call the original `can` method\n return originalCan.apply(ability, [caslAction, ...rest]);\n };\n }\n\n ability.can = decorateCan(ability.can);\n return ability;\n },\n\n ...rest,\n };\n};\n"],"names":["allowedOperations","operations","pick","sift","conditionsMatcher","conditions","createQueryTester","buildParametrizedAction","name","params","qs","stringify","caslAbilityBuilder","can","build","rest","AbilityBuilder","Ability","permission","action","subject","properties","condition","fields","caslAction","isNil","isObject","undefined","ability","decorateCan","originalCan","args","apply"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAYA,MAAMA,iBAAoB,GAAA;AACxB,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,SAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,UAAAA,GAAaC,OAAKF,iBAAmBG,EAAAA,eAAAA,CAAAA;AAE3C,MAAMC,oBAAoB,CAACC,UAAAA,GAAAA;IACzB,OAAOF,eAAAA,CAAKG,iBAAiB,CAACD,UAAY,EAAA;AAAEJ,QAAAA;AAAW,KAAA,CAAA;AACzD,CAAA;AAEA,MAAMM,0BAA0B,CAAC,EAAEC,IAAI,EAAEC,MAAM,EAAsB,GAAA;AACnE,IAAA,OAAO,GAAGD,IAAK,CAAA,CAAC,EAAEE,EAAGC,CAAAA,SAAS,CAACF,MAAS,CAAA,CAAA,CAAA;AAC1C,CAAA;AAEA;;UAGaG,kBAAqB,GAAA,IAAA;IAChC,MAAM,EAAEC,GAAG,EAAEC,KAAK,EAAE,GAAGC,IAAAA,EAAM,GAAG,IAAIC,sBAAeC,CAAAA,eAAAA,CAAAA;IAEnD,OAAO;AACLJ,QAAAA,GAAAA,CAAAA,CAAIK,UAA0B,EAAA;YAC5B,MAAM,EAAEC,MAAM,EAAEC,OAAO,EAAEC,UAAa,GAAA,EAAE,EAAEC,SAAS,EAAE,GAAGJ,UAAAA;YACxD,MAAM,EAAEK,MAAM,EAAE,GAAGF,UAAAA;AAEnB,YAAA,MAAMG,UAAa,GAAA,OAAOL,MAAW,KAAA,QAAA,GAAWA,SAASZ,uBAAwBY,CAAAA,MAAAA,CAAAA;YAEjF,OAAON,GAAAA,CACLW,YACAC,OAAML,CAAAA,OAAAA,CAAAA,GAAW,QAAQA,OACzBG,EAAAA,MAAAA,EACAG,UAASJ,CAAAA,SAAAA,CAAAA,GAAaA,SAAYK,GAAAA,SAAAA,CAAAA;AAEtC,SAAA;AAEApB,QAAAA,uBAAAA,CAAAA,CAAwB,EAAEC,IAAI,EAAEC,MAAM,EAAsB,EAAA;AAC1D,YAAA,OAAO,GAAGD,IAAK,CAAA,CAAC,EAAEE,EAAGC,CAAAA,SAAS,CAACF,MAAS,CAAA,CAAA,CAAA;AAC1C,SAAA;AAEAK,QAAAA,KAAAA,CAAAA,GAAAA;AACE,YAAA,MAAMc,UAAUd,KAAM,CAAA;AAAEV,gBAAAA;AAAkB,aAAA,CAAA;AAE1C,YAAA,SAASyB,YAAYC,WAA2B,EAAA;gBAC9C,OAAO,SAAU,GAAGC,IAAgC,EAAA;AAClD,oBAAA,MAAM,CAACZ,MAAAA,EAAQ,GAAGJ,IAAAA,CAAK,GAAGgB,IAAAA;AAC1B,oBAAA,MAAMP,UAAa,GAAA,OAAOL,MAAW,KAAA,QAAA,GAAWA,SAASZ,uBAAwBY,CAAAA,MAAAA,CAAAA;;oBAGjF,OAAOW,WAAAA,CAAYE,KAAK,CAACJ,OAAS,EAAA;AAACJ,wBAAAA,UAAAA;AAAeT,wBAAAA,GAAAA;AAAK,qBAAA,CAAA;AACzD,iBAAA;AACF;AAEAa,YAAAA,OAAAA,CAAQf,GAAG,GAAGgB,WAAYD,CAAAA,OAAAA,CAAQf,GAAG,CAAA;YACrC,OAAOe,OAAAA;AACT,SAAA;AAEA,QAAA,GAAGb;AACL,KAAA;AACF;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"casl-ability.mjs","sources":["../../../src/engine/abilities/casl-ability.ts"],"sourcesContent":["import * as sift from 'sift';\nimport qs from 'qs';\nimport { AbilityBuilder, Ability } from '@casl/ability';\nimport { pick, isNil, isObject } from 'lodash/fp';\nimport type { ParametrizedAction, PermissionRule } from '../../types';\n\nexport interface CustomAbilityBuilder {\n can(permission: PermissionRule): ReturnType<AbilityBuilder<Ability>['can']>;\n buildParametrizedAction: (parametrizedAction: ParametrizedAction) => string;\n build(): Ability;\n}\n\nconst allowedOperations = [\n '$or',\n '$and',\n '$eq',\n '$ne',\n '$in',\n '$nin',\n '$lt',\n '$lte',\n '$gt',\n '$gte',\n '$exists',\n '$elemMatch',\n] as const;\n\nconst operations = pick(allowedOperations, sift);\n\nconst conditionsMatcher = (conditions: unknown) => {\n return sift.createQueryTester(conditions, { operations });\n};\n\nconst buildParametrizedAction = ({ name, params }: ParametrizedAction) => {\n return `${name}?${qs.stringify(params)}`;\n};\n\n/**\n * Casl Ability Builder.\n */\nexport const caslAbilityBuilder = (): CustomAbilityBuilder => {\n const { can, build, ...rest } = new AbilityBuilder(Ability);\n\n return {\n can(permission: PermissionRule) {\n const { action, subject, properties = {}, condition } = permission;\n const { fields } = properties;\n\n const caslAction = typeof action === 'string' ? action : buildParametrizedAction(action);\n\n return can(\n caslAction,\n isNil(subject) ? 'all' : subject,\n fields,\n isObject(condition) ? condition : undefined\n );\n },\n\n buildParametrizedAction({ name, params }: ParametrizedAction) {\n return `${name}?${qs.stringify(params)}`;\n },\n\n build() {\n const ability = build({ conditionsMatcher });\n\n function decorateCan(originalCan: Ability['can']) {\n return function (...args: Parameters<Ability['can']>) {\n const [action, ...rest] = args;\n const caslAction = typeof action === 'string' ? action : buildParametrizedAction(action);\n\n // Call the original `can` method\n return originalCan.apply(ability, [caslAction, ...rest]);\n };\n }\n\n ability.can = decorateCan(ability.can);\n return ability;\n },\n\n ...rest,\n };\n};\n"],"names":["allowedOperations","operations","pick","sift","conditionsMatcher","conditions","createQueryTester","buildParametrizedAction","name","params","qs","stringify","caslAbilityBuilder","can","build","rest","AbilityBuilder","Ability","permission","action","subject","properties","condition","fields","caslAction","isNil","isObject","undefined","ability","decorateCan","originalCan","args","apply"],"mappings":";;;;;AAYA,MAAMA,iBAAoB,GAAA;AACxB,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,SAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,UAAAA,GAAaC,KAAKF,iBAAmBG,EAAAA,IAAAA,CAAAA;AAE3C,MAAMC,oBAAoB,CAACC,UAAAA,GAAAA;IACzB,OAAOF,IAAAA,CAAKG,iBAAiB,CAACD,UAAY,EAAA;AAAEJ,QAAAA;AAAW,KAAA,CAAA;AACzD,CAAA;AAEA,MAAMM,0BAA0B,CAAC,EAAEC,IAAI,EAAEC,MAAM,EAAsB,GAAA;
|
|
1
|
+
{"version":3,"file":"casl-ability.mjs","sources":["../../../src/engine/abilities/casl-ability.ts"],"sourcesContent":["import * as sift from 'sift';\nimport qs from 'qs';\nimport { AbilityBuilder, Ability } from '@casl/ability';\nimport { pick, isNil, isObject } from 'lodash/fp';\nimport type { ParametrizedAction, PermissionRule } from '../../types';\n\nexport interface CustomAbilityBuilder {\n can(permission: PermissionRule): ReturnType<AbilityBuilder<Ability>['can']>;\n buildParametrizedAction: (parametrizedAction: ParametrizedAction) => string;\n build(): Ability;\n}\n\nconst allowedOperations = [\n '$or',\n '$and',\n '$eq',\n '$ne',\n '$in',\n '$nin',\n '$lt',\n '$lte',\n '$gt',\n '$gte',\n '$exists',\n '$elemMatch',\n] as const;\n\nconst operations = pick(allowedOperations, sift);\n\nconst conditionsMatcher = (conditions: unknown) => {\n return sift.createQueryTester(conditions, { operations });\n};\n\nconst buildParametrizedAction = ({ name, params }: ParametrizedAction) => {\n return `${name}?${qs.stringify(params)}`;\n};\n\n/**\n * Casl Ability Builder.\n */\nexport const caslAbilityBuilder = (): CustomAbilityBuilder => {\n const { can, build, ...rest } = new AbilityBuilder(Ability);\n\n return {\n can(permission: PermissionRule) {\n const { action, subject, properties = {}, condition } = permission;\n const { fields } = properties;\n\n const caslAction = typeof action === 'string' ? action : buildParametrizedAction(action);\n\n return can(\n caslAction,\n isNil(subject) ? 'all' : subject,\n fields,\n isObject(condition) ? condition : undefined\n );\n },\n\n buildParametrizedAction({ name, params }: ParametrizedAction) {\n return `${name}?${qs.stringify(params)}`;\n },\n\n build() {\n const ability = build({ conditionsMatcher });\n\n function decorateCan(originalCan: Ability['can']) {\n return function (...args: Parameters<Ability['can']>) {\n const [action, ...rest] = args;\n const caslAction = typeof action === 'string' ? action : buildParametrizedAction(action);\n\n // Call the original `can` method\n return originalCan.apply(ability, [caslAction, ...rest]);\n };\n }\n\n ability.can = decorateCan(ability.can);\n return ability;\n },\n\n ...rest,\n };\n};\n"],"names":["allowedOperations","operations","pick","sift","conditionsMatcher","conditions","createQueryTester","buildParametrizedAction","name","params","qs","stringify","caslAbilityBuilder","can","build","rest","AbilityBuilder","Ability","permission","action","subject","properties","condition","fields","caslAction","isNil","isObject","undefined","ability","decorateCan","originalCan","args","apply"],"mappings":";;;;;AAYA,MAAMA,iBAAoB,GAAA;AACxB,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,MAAA;AACA,IAAA,SAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,UAAAA,GAAaC,KAAKF,iBAAmBG,EAAAA,IAAAA,CAAAA;AAE3C,MAAMC,oBAAoB,CAACC,UAAAA,GAAAA;IACzB,OAAOF,IAAAA,CAAKG,iBAAiB,CAACD,UAAY,EAAA;AAAEJ,QAAAA;AAAW,KAAA,CAAA;AACzD,CAAA;AAEA,MAAMM,0BAA0B,CAAC,EAAEC,IAAI,EAAEC,MAAM,EAAsB,GAAA;AACnE,IAAA,OAAO,GAAGD,IAAK,CAAA,CAAC,EAAEE,EAAGC,CAAAA,SAAS,CAACF,MAAS,CAAA,CAAA,CAAA;AAC1C,CAAA;AAEA;;UAGaG,kBAAqB,GAAA,IAAA;IAChC,MAAM,EAAEC,GAAG,EAAEC,KAAK,EAAE,GAAGC,IAAAA,EAAM,GAAG,IAAIC,cAAeC,CAAAA,OAAAA,CAAAA;IAEnD,OAAO;AACLJ,QAAAA,GAAAA,CAAAA,CAAIK,UAA0B,EAAA;YAC5B,MAAM,EAAEC,MAAM,EAAEC,OAAO,EAAEC,UAAa,GAAA,EAAE,EAAEC,SAAS,EAAE,GAAGJ,UAAAA;YACxD,MAAM,EAAEK,MAAM,EAAE,GAAGF,UAAAA;AAEnB,YAAA,MAAMG,UAAa,GAAA,OAAOL,MAAW,KAAA,QAAA,GAAWA,SAASZ,uBAAwBY,CAAAA,MAAAA,CAAAA;YAEjF,OAAON,GAAAA,CACLW,YACAC,KAAML,CAAAA,OAAAA,CAAAA,GAAW,QAAQA,OACzBG,EAAAA,MAAAA,EACAG,QAASJ,CAAAA,SAAAA,CAAAA,GAAaA,SAAYK,GAAAA,SAAAA,CAAAA;AAEtC,SAAA;AAEApB,QAAAA,uBAAAA,CAAAA,CAAwB,EAAEC,IAAI,EAAEC,MAAM,EAAsB,EAAA;AAC1D,YAAA,OAAO,GAAGD,IAAK,CAAA,CAAC,EAAEE,EAAGC,CAAAA,SAAS,CAACF,MAAS,CAAA,CAAA,CAAA;AAC1C,SAAA;AAEAK,QAAAA,KAAAA,CAAAA,GAAAA;AACE,YAAA,MAAMc,UAAUd,KAAM,CAAA;AAAEV,gBAAAA;AAAkB,aAAA,CAAA;AAE1C,YAAA,SAASyB,YAAYC,WAA2B,EAAA;gBAC9C,OAAO,SAAU,GAAGC,IAAgC,EAAA;AAClD,oBAAA,MAAM,CAACZ,MAAAA,EAAQ,GAAGJ,IAAAA,CAAK,GAAGgB,IAAAA;AAC1B,oBAAA,MAAMP,UAAa,GAAA,OAAOL,MAAW,KAAA,QAAA,GAAWA,SAASZ,uBAAwBY,CAAAA,MAAAA,CAAAA;;oBAGjF,OAAOW,WAAAA,CAAYE,KAAK,CAACJ,OAAS,EAAA;AAACJ,wBAAAA,UAAAA;AAAeT,wBAAAA,GAAAA;AAAK,qBAAA,CAAA;AACzD,iBAAA;AACF;AAEAa,YAAAA,OAAAA,CAAQf,GAAG,GAAGgB,WAAYD,CAAAA,OAAAA,CAAQf,GAAG,CAAA;YACrC,OAAOe,OAAAA;AACT,SAAA;AAEA,QAAA,GAAGb;AACL,KAAA;AACF;;;;"}
|
package/dist/engine/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../src/engine/index.ts"],"sourcesContent":["import _ from 'lodash/fp';\nimport qs from 'qs';\nimport { Ability } from '@casl/ability';\nimport { providerFactory } from '@strapi/utils';\n\nimport {\n createEngineHooks,\n createWillRegisterContext,\n createBeforeEvaluateContext,\n createValidateContext,\n} from './hooks';\nimport type { PermissionEngineHooks, HookName } from './hooks';\n\nimport * as abilities from './abilities';\nimport { Permission } from '../domain/permission';\nimport type { PermissionRule } from '../types';\n\nexport { abilities };\n\ntype Provider = Omit<ReturnType<typeof providerFactory>, 'register'> & {\n register(...args: unknown[]): Promise<Provider> | Provider;\n};\n\ntype ActionProvider = Provider;\ntype ConditionProvider = Provider;\n\nexport interface Engine {\n hooks: PermissionEngineHooks;\n on(hook: HookName, handler: (...args: any[]) => any): Engine;\n generateAbility(permissions: Permission[], options?: object): Promise<Ability>;\n createRegisterFunction(\n can: (permission: PermissionRule) => unknown,\n options: Record<string, unknown>\n ): (permission: PermissionRule) => Promise<unknown>;\n}\n\nexport interface EngineParams {\n providers: { action: ActionProvider; condition: ConditionProvider };\n abilityBuilderFactory?(): abilities.CustomAbilityBuilder;\n}\n\ninterface EvaluateParams {\n options: Record<string, unknown>;\n register: (permission: PermissionRule) => Promise<unknown>;\n permission: Permission;\n}\n\ninterface Condition {\n name: string;\n handler(...params: unknown[]): boolean | object;\n}\n\n/**\n * Create a default state object for the engine\n */\nconst createEngineState = () => {\n const hooks = createEngineHooks();\n\n return { hooks };\n};\n\nconst newEngine = (params: EngineParams): Engine => {\n const { providers, abilityBuilderFactory = abilities.caslAbilityBuilder } = params;\n\n const state = createEngineState();\n\n const runValidationHook = async (hook: HookName, context: unknown) =>\n state.hooks[hook].call(context);\n\n /**\n * Evaluate a permission using local and registered behaviors (using hooks).\n * Validate, format (add condition, etc...), evaluate (evaluate conditions) and register a permission\n */\n const evaluate = async (params: EvaluateParams) => {\n const { options, register } = params;\n\n const preFormatValidation = await runValidationHook(\n 'before-format::validate.permission',\n createBeforeEvaluateContext(params.permission)\n );\n\n if (preFormatValidation === false) {\n return;\n }\n\n const permission = (await state.hooks['format.permission'].call(\n params.permission\n )) as Permission;\n\n const afterFormatValidation = await runValidationHook(\n 'after-format::validate.permission',\n createValidateContext(permission)\n );\n\n if (afterFormatValidation === false) {\n return;\n }\n\n await state.hooks['before-evaluate.permission'].call(createBeforeEvaluateContext(permission));\n\n const {\n action: actionName,\n subject,\n properties,\n conditions = [],\n actionParameters = {},\n } = permission;\n\n let action = actionName;\n\n if (actionParameters && Object.keys(actionParameters).length > 0) {\n action = `${actionName}?${qs.stringify(actionParameters)}`;\n }\n\n if (conditions.length === 0) {\n return register({ action, subject, properties });\n }\n\n const resolveConditions = _.map(providers.condition.get);\n\n const removeInvalidConditions = _.filter((condition: Condition) =>\n _.isFunction(condition.handler)\n );\n\n const evaluateConditions = (conditions: Condition[]) => {\n return Promise.all(\n conditions.map(async (condition) => ({\n condition,\n result: await condition.handler(\n _.merge(options, { permission: _.cloneDeep(permission) })\n ),\n }))\n );\n };\n\n const removeInvalidResults = _.filter(\n ({ result }) => _.isBoolean(result) || _.isObject(result)\n );\n\n const evaluatedConditions = await Promise.resolve(conditions)\n .then(resolveConditions)\n .then(removeInvalidConditions)\n .then(evaluateConditions)\n .then(removeInvalidResults);\n\n const resultPropEq = _.propEq('result');\n const pickResults = _.map(_.prop('result'));\n\n if (evaluatedConditions.every(resultPropEq(false))) {\n return;\n }\n\n if (_.isEmpty(evaluatedConditions) || evaluatedConditions.some(resultPropEq(true))) {\n return register({ action, subject, properties });\n }\n\n const results = pickResults(evaluatedConditions).filter(_.isObject);\n\n if (_.isEmpty(results)) {\n return register({ action, subject, properties });\n }\n\n return register({\n action,\n subject,\n properties,\n condition: { $and: [{ $or: results }] },\n });\n };\n\n return {\n get hooks() {\n return state.hooks;\n },\n\n /**\n * Create a register function that wraps a `can` function\n * used to register a permission in the ability builder\n */\n createRegisterFunction(can, options: Record<string, unknown>) {\n return async (permission: PermissionRule) => {\n const hookContext = createWillRegisterContext({ options, permission });\n\n await state.hooks['before-register.permission'].call(hookContext);\n\n return can(permission);\n };\n },\n\n /**\n * Register a new handler for a given hook\n */\n on(hook, handler) {\n const validHooks = Object.keys(state.hooks);\n const isValidHook = validHooks.includes(hook);\n\n if (!isValidHook) {\n throw new Error(\n `Invalid hook supplied when trying to register an handler to the permission engine. Got \"${hook}\" but expected one of ${validHooks.join(\n ', '\n )}`\n );\n }\n\n state.hooks[hook].register(handler);\n\n return this;\n },\n\n /**\n * Generate an ability based on the instance's\n * ability builder and the given permissions\n */\n async generateAbility(permissions, options: Record<string, unknown> = {}) {\n const { can, build } = abilityBuilderFactory();\n\n for (const permission of permissions) {\n const register = this.createRegisterFunction(can, options);\n\n await evaluate({ permission, options, register });\n }\n\n return build();\n },\n };\n};\n\nexport { newEngine as new };\n"],"names":["createEngineState","hooks","createEngineHooks","newEngine","params","providers","abilityBuilderFactory","abilities","state","runValidationHook","hook","context","call","evaluate","options","register","preFormatValidation","createBeforeEvaluateContext","permission","afterFormatValidation","createValidateContext","action","actionName","subject","properties","conditions","actionParameters","Object","keys","length","qs","stringify","resolveConditions","_","map","condition","get","removeInvalidConditions","filter","isFunction","handler","evaluateConditions","Promise","all","result","merge","cloneDeep","removeInvalidResults","isBoolean","isObject","evaluatedConditions","resolve","then","resultPropEq","propEq","pickResults","prop","every","isEmpty","some","results","$and","$or","createRegisterFunction","can","hookContext","createWillRegisterContext","on","validHooks","isValidHook","includes","Error","join","generateAbility","permissions","build"],"mappings":";;;;;;;;AAoDA;;AAEC,IACD,MAAMA,iBAAoB,GAAA,IAAA;AACxB,IAAA,MAAMC,OAAQC,GAAAA,uBAAAA,EAAAA;IAEd,OAAO;AAAED,eAAAA;AAAM,KAAA;AACjB,CAAA;AAEA,MAAME,YAAY,CAACC,MAAAA,GAAAA;AACjB,IAAA,MAAM,EAAEC,SAAS,EAAEC,wBAAwBC,8BAA4B,EAAE,GAAGH,MAAAA;AAE5E,IAAA,MAAMI,KAAQR,GAAAA,iBAAAA,EAAAA;IAEd,MAAMS,iBAAAA,GAAoB,OAAOC,IAAAA,EAAgBC,OAC/CH,GAAAA,KAAAA,CAAMP,KAAK,CAACS,IAAAA,CAAK,CAACE,IAAI,CAACD,OAAAA,CAAAA;AAEzB;;;MAIA,MAAME,WAAW,OAAOT,MAAAA,GAAAA;AACtB,QAAA,MAAM,EAAEU,OAAO,EAAEC,QAAQ,EAAE,GAAGX,MAAAA;AAE9B,QAAA,MAAMY,sBAAsB,MAAMP,iBAAAA,CAChC,oCACAQ,EAAAA,iCAAAA,CAA4Bb,OAAOc,UAAU,CAAA,CAAA;AAG/C,QAAA,IAAIF,wBAAwB,KAAO,EAAA;AACjC,YAAA;AACF;QAEA,MAAME,UAAAA,GAAc,MAAMV,KAAAA,CAAMP,KAAK,CAAC,oBAAoB,CAACW,IAAI,CAC7DR,MAAAA,CAAOc,UAAU,CAAA;AAGnB,QAAA,MAAMC,qBAAwB,GAAA,MAAMV,iBAClC,CAAA,mCAAA,EACAW,2BAAsBF,CAAAA,UAAAA,CAAAA,CAAAA;AAGxB,QAAA,IAAIC,0BAA0B,KAAO,EAAA;AACnC,YAAA;AACF;AAEA,QAAA,MAAMX,MAAMP,KAAK,CAAC,6BAA6B,CAACW,IAAI,CAACK,iCAA4BC,CAAAA,UAAAA,CAAAA,CAAAA;AAEjF,QAAA,MAAM,EACJG,MAAAA,EAAQC,UAAU,EAClBC,OAAO,EACPC,UAAU,EACVC,UAAAA,GAAa,EAAE,EACfC,gBAAAA,GAAmB,EAAE,EACtB,GAAGR,UAAAA;AAEJ,QAAA,IAAIG,MAASC,GAAAA,UAAAA;AAEb,QAAA,IAAII,oBAAoBC,MAAOC,CAAAA,IAAI,CAACF,gBAAkBG,CAAAA,CAAAA,MAAM,GAAG,CAAG,EAAA;YAChER,MAAS,GAAA,CAAC,EAAEC,UAAW,CAAA,CAAC,EAAEQ,EAAGC,CAAAA,SAAS,CAACL,gBAAAA,CAAAA,CAAkB,CAAC;AAC5D;QAEA,IAAID,UAAAA,CAAWI,MAAM,KAAK,CAAG,EAAA;AAC3B,YAAA,OAAOd,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,MAAMQ,oBAAoBC,CAAEC,CAAAA,GAAG,CAAC7B,SAAU8B,CAAAA,SAAS,CAACC,GAAG,CAAA;QAEvD,MAAMC,uBAAAA,GAA0BJ,CAAEK,CAAAA,MAAM,CAAC,CAACH,YACxCF,CAAEM,CAAAA,UAAU,CAACJ,SAAAA,CAAUK,OAAO,CAAA,CAAA;AAGhC,QAAA,MAAMC,qBAAqB,CAAChB,UAAAA,GAAAA;YAC1B,OAAOiB,OAAAA,CAAQC,GAAG,CAChBlB,UAAAA,CAAWS,GAAG,CAAC,OAAOC,aAAe;AACnCA,oBAAAA,SAAAA;AACAS,oBAAAA,MAAAA,EAAQ,MAAMT,SAAUK,CAAAA,OAAO,CAC7BP,CAAEY,CAAAA,KAAK,CAAC/B,OAAS,EAAA;wBAAEI,UAAYe,EAAAA,CAAAA,CAAEa,SAAS,CAAC5B,UAAAA;AAAY,qBAAA,CAAA;iBAE3D,CAAA,CAAA,CAAA;AAEJ,SAAA;AAEA,QAAA,MAAM6B,oBAAuBd,GAAAA,CAAAA,CAAEK,MAAM,CACnC,CAAC,EAAEM,MAAM,EAAE,GAAKX,EAAEe,SAAS,CAACJ,MAAWX,CAAAA,IAAAA,CAAAA,CAAEgB,QAAQ,CAACL,MAAAA,CAAAA,CAAAA;AAGpD,QAAA,MAAMM,sBAAsB,MAAMR,OAAAA,CAAQS,OAAO,CAAC1B,YAC/C2B,IAAI,CAACpB,iBACLoB,CAAAA,CAAAA,IAAI,CAACf,uBACLe,CAAAA,CAAAA,IAAI,CAACX,kBAAAA,CAAAA,CACLW,IAAI,CAACL,oBAAAA,CAAAA;QAER,MAAMM,YAAAA,GAAepB,CAAEqB,CAAAA,MAAM,CAAC,QAAA,CAAA;AAC9B,QAAA,MAAMC,cAActB,CAAEC,CAAAA,GAAG,CAACD,CAAAA,CAAEuB,IAAI,CAAC,QAAA,CAAA,CAAA;AAEjC,QAAA,IAAIN,mBAAoBO,CAAAA,KAAK,CAACJ,YAAAA,CAAa,KAAS,CAAA,CAAA,EAAA;AAClD,YAAA;AACF;QAEA,IAAIpB,CAAAA,CAAEyB,OAAO,CAACR,mBAAAA,CAAAA,IAAwBA,oBAAoBS,IAAI,CAACN,aAAa,IAAQ,CAAA,CAAA,EAAA;AAClF,YAAA,OAAOtC,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,MAAMoC,UAAUL,WAAYL,CAAAA,mBAAAA,CAAAA,CAAqBZ,MAAM,CAACL,EAAEgB,QAAQ,CAAA;QAElE,IAAIhB,CAAAA,CAAEyB,OAAO,CAACE,OAAU,CAAA,EAAA;AACtB,YAAA,OAAO7C,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,OAAOT,QAAS,CAAA;AACdM,YAAAA,MAAAA;AACAE,YAAAA,OAAAA;AACAC,YAAAA,UAAAA;YACAW,SAAW,EAAA;gBAAE0B,IAAM,EAAA;AAAC,oBAAA;wBAAEC,GAAKF,EAAAA;AAAQ;AAAE;AAAC;AACxC,SAAA,CAAA;AACF,KAAA;IAEA,OAAO;AACL,QAAA,IAAI3D,KAAQ,CAAA,GAAA;AACV,YAAA,OAAOO,MAAMP,KAAK;AACpB,SAAA;AAEA;;;QAIA8D,sBAAAA,CAAAA,CAAuBC,GAAG,EAAElD,OAAgC,EAAA;AAC1D,YAAA,OAAO,OAAOI,UAAAA,GAAAA;AACZ,gBAAA,MAAM+C,cAAcC,+BAA0B,CAAA;AAAEpD,oBAAAA,OAAAA;AAASI,oBAAAA;AAAW,iBAAA,CAAA;AAEpE,gBAAA,MAAMV,MAAMP,KAAK,CAAC,4BAA6B,CAAA,CAACW,IAAI,CAACqD,WAAAA,CAAAA;AAErD,gBAAA,OAAOD,GAAI9C,CAAAA,UAAAA,CAAAA;AACb,aAAA;AACF,SAAA;AAEA;;QAGAiD,EAAAA,CAAAA,CAAGzD,IAAI,EAAE8B,OAAO,EAAA;AACd,YAAA,MAAM4B,UAAazC,GAAAA,MAAAA,CAAOC,IAAI,CAACpB,MAAMP,KAAK,CAAA;YAC1C,MAAMoE,WAAAA,GAAcD,UAAWE,CAAAA,QAAQ,CAAC5D,IAAAA,CAAAA;AAExC,YAAA,IAAI,CAAC2D,WAAa,EAAA;AAChB,gBAAA,MAAM,IAAIE,KAAAA,CACR,CAAC,wFAAwF,EAAE7D,IAAAA,CAAK,sBAAsB,EAAE0D,UAAWI,CAAAA,IAAI,CACrI,IAAA,CAAA,CACA,CAAC,CAAA;AAEP;AAEAhE,YAAAA,KAAAA,CAAMP,KAAK,CAACS,IAAK,CAAA,CAACK,QAAQ,CAACyB,OAAAA,CAAAA;AAE3B,YAAA,OAAO,IAAI;AACb,SAAA;AAEA;;;AAGC,QACD,MAAMiC,eAAgBC,CAAAA,CAAAA,WAAW,EAAE5D,OAAAA,GAAmC,EAAE,EAAA;AACtE,YAAA,MAAM,EAAEkD,GAAG,EAAEW,KAAK,EAAE,GAAGrE,qBAAAA,EAAAA;YAEvB,KAAK,MAAMY,cAAcwD,WAAa,CAAA;AACpC,gBAAA,MAAM3D,QAAW,GAAA,IAAI,CAACgD,sBAAsB,CAACC,GAAKlD,EAAAA,OAAAA,CAAAA;AAElD,gBAAA,MAAMD,QAAS,CAAA;AAAEK,oBAAAA,UAAAA;AAAYJ,oBAAAA,OAAAA;AAASC,oBAAAA;AAAS,iBAAA,CAAA;AACjD;YAEA,OAAO4D,KAAAA,EAAAA;AACT;AACF,KAAA;AACF;;;;;"}
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../src/engine/index.ts"],"sourcesContent":["import _ from 'lodash/fp';\nimport qs from 'qs';\nimport { Ability } from '@casl/ability';\nimport { providerFactory } from '@strapi/utils';\n\nimport {\n createEngineHooks,\n createWillRegisterContext,\n createBeforeEvaluateContext,\n createValidateContext,\n} from './hooks';\nimport type { PermissionEngineHooks, HookName } from './hooks';\n\nimport * as abilities from './abilities';\nimport { Permission } from '../domain/permission';\nimport type { PermissionRule } from '../types';\n\nexport { abilities };\n\ntype Provider = Omit<ReturnType<typeof providerFactory>, 'register'> & {\n register(...args: unknown[]): Promise<Provider> | Provider;\n};\n\ntype ActionProvider = Provider;\ntype ConditionProvider = Provider;\n\nexport interface Engine {\n hooks: PermissionEngineHooks;\n on(hook: HookName, handler: (...args: any[]) => any): Engine;\n generateAbility(permissions: Permission[], options?: object): Promise<Ability>;\n createRegisterFunction(\n can: (permission: PermissionRule) => unknown,\n options: Record<string, unknown>\n ): (permission: PermissionRule) => Promise<unknown>;\n}\n\nexport interface EngineParams {\n providers: { action: ActionProvider; condition: ConditionProvider };\n abilityBuilderFactory?(): abilities.CustomAbilityBuilder;\n}\n\ninterface EvaluateParams {\n options: Record<string, unknown>;\n register: (permission: PermissionRule) => Promise<unknown>;\n permission: Permission;\n}\n\ninterface Condition {\n name: string;\n handler(...params: unknown[]): boolean | object;\n}\n\n/**\n * Create a default state object for the engine\n */\nconst createEngineState = () => {\n const hooks = createEngineHooks();\n\n return { hooks };\n};\n\nconst newEngine = (params: EngineParams): Engine => {\n const { providers, abilityBuilderFactory = abilities.caslAbilityBuilder } = params;\n\n const state = createEngineState();\n\n const runValidationHook = async (hook: HookName, context: unknown) =>\n state.hooks[hook].call(context);\n\n /**\n * Evaluate a permission using local and registered behaviors (using hooks).\n * Validate, format (add condition, etc...), evaluate (evaluate conditions) and register a permission\n */\n const evaluate = async (params: EvaluateParams) => {\n const { options, register } = params;\n\n const preFormatValidation = await runValidationHook(\n 'before-format::validate.permission',\n createBeforeEvaluateContext(params.permission)\n );\n\n if (preFormatValidation === false) {\n return;\n }\n\n const permission = (await state.hooks['format.permission'].call(\n params.permission\n )) as Permission;\n\n const afterFormatValidation = await runValidationHook(\n 'after-format::validate.permission',\n createValidateContext(permission)\n );\n\n if (afterFormatValidation === false) {\n return;\n }\n\n await state.hooks['before-evaluate.permission'].call(createBeforeEvaluateContext(permission));\n\n const {\n action: actionName,\n subject,\n properties,\n conditions = [],\n actionParameters = {},\n } = permission;\n\n let action = actionName;\n\n if (actionParameters && Object.keys(actionParameters).length > 0) {\n action = `${actionName}?${qs.stringify(actionParameters)}`;\n }\n\n if (conditions.length === 0) {\n return register({ action, subject, properties });\n }\n\n const resolveConditions = _.map(providers.condition.get);\n\n const removeInvalidConditions = _.filter((condition: Condition) =>\n _.isFunction(condition.handler)\n );\n\n const evaluateConditions = (conditions: Condition[]) => {\n return Promise.all(\n conditions.map(async (condition) => ({\n condition,\n result: await condition.handler(\n _.merge(options, { permission: _.cloneDeep(permission) })\n ),\n }))\n );\n };\n\n const removeInvalidResults = _.filter(\n ({ result }) => _.isBoolean(result) || _.isObject(result)\n );\n\n const evaluatedConditions = await Promise.resolve(conditions)\n .then(resolveConditions)\n .then(removeInvalidConditions)\n .then(evaluateConditions)\n .then(removeInvalidResults);\n\n const resultPropEq = _.propEq('result');\n const pickResults = _.map(_.prop('result'));\n\n if (evaluatedConditions.every(resultPropEq(false))) {\n return;\n }\n\n if (_.isEmpty(evaluatedConditions) || evaluatedConditions.some(resultPropEq(true))) {\n return register({ action, subject, properties });\n }\n\n const results = pickResults(evaluatedConditions).filter(_.isObject);\n\n if (_.isEmpty(results)) {\n return register({ action, subject, properties });\n }\n\n return register({\n action,\n subject,\n properties,\n condition: { $and: [{ $or: results }] },\n });\n };\n\n return {\n get hooks() {\n return state.hooks;\n },\n\n /**\n * Create a register function that wraps a `can` function\n * used to register a permission in the ability builder\n */\n createRegisterFunction(can, options: Record<string, unknown>) {\n return async (permission: PermissionRule) => {\n const hookContext = createWillRegisterContext({ options, permission });\n\n await state.hooks['before-register.permission'].call(hookContext);\n\n return can(permission);\n };\n },\n\n /**\n * Register a new handler for a given hook\n */\n on(hook, handler) {\n const validHooks = Object.keys(state.hooks);\n const isValidHook = validHooks.includes(hook);\n\n if (!isValidHook) {\n throw new Error(\n `Invalid hook supplied when trying to register an handler to the permission engine. Got \"${hook}\" but expected one of ${validHooks.join(\n ', '\n )}`\n );\n }\n\n state.hooks[hook].register(handler);\n\n return this;\n },\n\n /**\n * Generate an ability based on the instance's\n * ability builder and the given permissions\n */\n async generateAbility(permissions, options: Record<string, unknown> = {}) {\n const { can, build } = abilityBuilderFactory();\n\n for (const permission of permissions) {\n const register = this.createRegisterFunction(can, options);\n\n await evaluate({ permission, options, register });\n }\n\n return build();\n },\n };\n};\n\nexport { newEngine as new };\n"],"names":["createEngineState","hooks","createEngineHooks","newEngine","params","providers","abilityBuilderFactory","abilities","state","runValidationHook","hook","context","call","evaluate","options","register","preFormatValidation","createBeforeEvaluateContext","permission","afterFormatValidation","createValidateContext","action","actionName","subject","properties","conditions","actionParameters","Object","keys","length","qs","stringify","resolveConditions","_","map","condition","get","removeInvalidConditions","filter","isFunction","handler","evaluateConditions","Promise","all","result","merge","cloneDeep","removeInvalidResults","isBoolean","isObject","evaluatedConditions","resolve","then","resultPropEq","propEq","pickResults","prop","every","isEmpty","some","results","$and","$or","createRegisterFunction","can","hookContext","createWillRegisterContext","on","validHooks","isValidHook","includes","Error","join","generateAbility","permissions","build"],"mappings":";;;;;;;;AAoDA;;AAEC,IACD,MAAMA,iBAAoB,GAAA,IAAA;AACxB,IAAA,MAAMC,OAAQC,GAAAA,uBAAAA,EAAAA;IAEd,OAAO;AAAED,eAAAA;AAAM,KAAA;AACjB,CAAA;AAEA,MAAME,YAAY,CAACC,MAAAA,GAAAA;AACjB,IAAA,MAAM,EAAEC,SAAS,EAAEC,wBAAwBC,8BAA4B,EAAE,GAAGH,MAAAA;AAE5E,IAAA,MAAMI,KAAQR,GAAAA,iBAAAA,EAAAA;IAEd,MAAMS,iBAAAA,GAAoB,OAAOC,IAAAA,EAAgBC,OAC/CH,GAAAA,KAAAA,CAAMP,KAAK,CAACS,IAAAA,CAAK,CAACE,IAAI,CAACD,OAAAA,CAAAA;AAEzB;;;MAIA,MAAME,WAAW,OAAOT,MAAAA,GAAAA;AACtB,QAAA,MAAM,EAAEU,OAAO,EAAEC,QAAQ,EAAE,GAAGX,MAAAA;AAE9B,QAAA,MAAMY,sBAAsB,MAAMP,iBAAAA,CAChC,oCACAQ,EAAAA,iCAAAA,CAA4Bb,OAAOc,UAAU,CAAA,CAAA;AAG/C,QAAA,IAAIF,wBAAwB,KAAO,EAAA;AACjC,YAAA;AACF;QAEA,MAAME,UAAAA,GAAc,MAAMV,KAAAA,CAAMP,KAAK,CAAC,oBAAoB,CAACW,IAAI,CAC7DR,MAAAA,CAAOc,UAAU,CAAA;AAGnB,QAAA,MAAMC,qBAAwB,GAAA,MAAMV,iBAClC,CAAA,mCAAA,EACAW,2BAAsBF,CAAAA,UAAAA,CAAAA,CAAAA;AAGxB,QAAA,IAAIC,0BAA0B,KAAO,EAAA;AACnC,YAAA;AACF;AAEA,QAAA,MAAMX,MAAMP,KAAK,CAAC,6BAA6B,CAACW,IAAI,CAACK,iCAA4BC,CAAAA,UAAAA,CAAAA,CAAAA;AAEjF,QAAA,MAAM,EACJG,MAAAA,EAAQC,UAAU,EAClBC,OAAO,EACPC,UAAU,EACVC,UAAAA,GAAa,EAAE,EACfC,gBAAAA,GAAmB,EAAE,EACtB,GAAGR,UAAAA;AAEJ,QAAA,IAAIG,MAASC,GAAAA,UAAAA;AAEb,QAAA,IAAII,oBAAoBC,MAAOC,CAAAA,IAAI,CAACF,gBAAkBG,CAAAA,CAAAA,MAAM,GAAG,CAAG,EAAA;AAChER,YAAAA,MAAAA,GAAS,GAAGC,UAAW,CAAA,CAAC,EAAEQ,EAAGC,CAAAA,SAAS,CAACL,gBAAmB,CAAA,CAAA,CAAA;AAC5D;QAEA,IAAID,UAAAA,CAAWI,MAAM,KAAK,CAAG,EAAA;AAC3B,YAAA,OAAOd,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,MAAMQ,oBAAoBC,CAAEC,CAAAA,GAAG,CAAC7B,SAAU8B,CAAAA,SAAS,CAACC,GAAG,CAAA;QAEvD,MAAMC,uBAAAA,GAA0BJ,CAAEK,CAAAA,MAAM,CAAC,CAACH,YACxCF,CAAEM,CAAAA,UAAU,CAACJ,SAAAA,CAAUK,OAAO,CAAA,CAAA;AAGhC,QAAA,MAAMC,qBAAqB,CAAChB,UAAAA,GAAAA;YAC1B,OAAOiB,OAAAA,CAAQC,GAAG,CAChBlB,UAAAA,CAAWS,GAAG,CAAC,OAAOC,aAAe;AACnCA,oBAAAA,SAAAA;AACAS,oBAAAA,MAAAA,EAAQ,MAAMT,SAAUK,CAAAA,OAAO,CAC7BP,CAAEY,CAAAA,KAAK,CAAC/B,OAAS,EAAA;wBAAEI,UAAYe,EAAAA,CAAAA,CAAEa,SAAS,CAAC5B,UAAAA;AAAY,qBAAA,CAAA;iBAE3D,CAAA,CAAA,CAAA;AAEJ,SAAA;AAEA,QAAA,MAAM6B,oBAAuBd,GAAAA,CAAAA,CAAEK,MAAM,CACnC,CAAC,EAAEM,MAAM,EAAE,GAAKX,EAAEe,SAAS,CAACJ,MAAWX,CAAAA,IAAAA,CAAAA,CAAEgB,QAAQ,CAACL,MAAAA,CAAAA,CAAAA;AAGpD,QAAA,MAAMM,sBAAsB,MAAMR,OAAAA,CAAQS,OAAO,CAAC1B,YAC/C2B,IAAI,CAACpB,iBACLoB,CAAAA,CAAAA,IAAI,CAACf,uBACLe,CAAAA,CAAAA,IAAI,CAACX,kBAAAA,CAAAA,CACLW,IAAI,CAACL,oBAAAA,CAAAA;QAER,MAAMM,YAAAA,GAAepB,CAAEqB,CAAAA,MAAM,CAAC,QAAA,CAAA;AAC9B,QAAA,MAAMC,cAActB,CAAEC,CAAAA,GAAG,CAACD,CAAAA,CAAEuB,IAAI,CAAC,QAAA,CAAA,CAAA;AAEjC,QAAA,IAAIN,mBAAoBO,CAAAA,KAAK,CAACJ,YAAAA,CAAa,KAAS,CAAA,CAAA,EAAA;AAClD,YAAA;AACF;QAEA,IAAIpB,CAAAA,CAAEyB,OAAO,CAACR,mBAAAA,CAAAA,IAAwBA,oBAAoBS,IAAI,CAACN,aAAa,IAAQ,CAAA,CAAA,EAAA;AAClF,YAAA,OAAOtC,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,MAAMoC,UAAUL,WAAYL,CAAAA,mBAAAA,CAAAA,CAAqBZ,MAAM,CAACL,EAAEgB,QAAQ,CAAA;QAElE,IAAIhB,CAAAA,CAAEyB,OAAO,CAACE,OAAU,CAAA,EAAA;AACtB,YAAA,OAAO7C,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,OAAOT,QAAS,CAAA;AACdM,YAAAA,MAAAA;AACAE,YAAAA,OAAAA;AACAC,YAAAA,UAAAA;YACAW,SAAW,EAAA;gBAAE0B,IAAM,EAAA;AAAC,oBAAA;wBAAEC,GAAKF,EAAAA;AAAQ;AAAE;AAAC;AACxC,SAAA,CAAA;AACF,KAAA;IAEA,OAAO;AACL,QAAA,IAAI3D,KAAQ,CAAA,GAAA;AACV,YAAA,OAAOO,MAAMP,KAAK;AACpB,SAAA;AAEA;;;QAIA8D,sBAAAA,CAAAA,CAAuBC,GAAG,EAAElD,OAAgC,EAAA;AAC1D,YAAA,OAAO,OAAOI,UAAAA,GAAAA;AACZ,gBAAA,MAAM+C,cAAcC,+BAA0B,CAAA;AAAEpD,oBAAAA,OAAAA;AAASI,oBAAAA;AAAW,iBAAA,CAAA;AAEpE,gBAAA,MAAMV,MAAMP,KAAK,CAAC,4BAA6B,CAAA,CAACW,IAAI,CAACqD,WAAAA,CAAAA;AAErD,gBAAA,OAAOD,GAAI9C,CAAAA,UAAAA,CAAAA;AACb,aAAA;AACF,SAAA;AAEA;;QAGAiD,EAAAA,CAAAA,CAAGzD,IAAI,EAAE8B,OAAO,EAAA;AACd,YAAA,MAAM4B,UAAazC,GAAAA,MAAAA,CAAOC,IAAI,CAACpB,MAAMP,KAAK,CAAA;YAC1C,MAAMoE,WAAAA,GAAcD,UAAWE,CAAAA,QAAQ,CAAC5D,IAAAA,CAAAA;AAExC,YAAA,IAAI,CAAC2D,WAAa,EAAA;gBAChB,MAAM,IAAIE,KACR,CAAA,CAAC,wFAAwF,EAAE7D,IAAK,CAAA,sBAAsB,EAAE0D,UAAAA,CAAWI,IAAI,CACrI,IACC,CAAA,CAAA,CAAA,CAAA;AAEP;AAEAhE,YAAAA,KAAAA,CAAMP,KAAK,CAACS,IAAK,CAAA,CAACK,QAAQ,CAACyB,OAAAA,CAAAA;AAE3B,YAAA,OAAO,IAAI;AACb,SAAA;AAEA;;;AAGC,QACD,MAAMiC,eAAgBC,CAAAA,CAAAA,WAAW,EAAE5D,OAAAA,GAAmC,EAAE,EAAA;AACtE,YAAA,MAAM,EAAEkD,GAAG,EAAEW,KAAK,EAAE,GAAGrE,qBAAAA,EAAAA;YAEvB,KAAK,MAAMY,cAAcwD,WAAa,CAAA;AACpC,gBAAA,MAAM3D,QAAW,GAAA,IAAI,CAACgD,sBAAsB,CAACC,GAAKlD,EAAAA,OAAAA,CAAAA;AAElD,gBAAA,MAAMD,QAAS,CAAA;AAAEK,oBAAAA,UAAAA;AAAYJ,oBAAAA,OAAAA;AAASC,oBAAAA;AAAS,iBAAA,CAAA;AACjD;YAEA,OAAO4D,KAAAA,EAAAA;AACT;AACF,KAAA;AACF;;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","sources":["../../src/engine/index.ts"],"sourcesContent":["import _ from 'lodash/fp';\nimport qs from 'qs';\nimport { Ability } from '@casl/ability';\nimport { providerFactory } from '@strapi/utils';\n\nimport {\n createEngineHooks,\n createWillRegisterContext,\n createBeforeEvaluateContext,\n createValidateContext,\n} from './hooks';\nimport type { PermissionEngineHooks, HookName } from './hooks';\n\nimport * as abilities from './abilities';\nimport { Permission } from '../domain/permission';\nimport type { PermissionRule } from '../types';\n\nexport { abilities };\n\ntype Provider = Omit<ReturnType<typeof providerFactory>, 'register'> & {\n register(...args: unknown[]): Promise<Provider> | Provider;\n};\n\ntype ActionProvider = Provider;\ntype ConditionProvider = Provider;\n\nexport interface Engine {\n hooks: PermissionEngineHooks;\n on(hook: HookName, handler: (...args: any[]) => any): Engine;\n generateAbility(permissions: Permission[], options?: object): Promise<Ability>;\n createRegisterFunction(\n can: (permission: PermissionRule) => unknown,\n options: Record<string, unknown>\n ): (permission: PermissionRule) => Promise<unknown>;\n}\n\nexport interface EngineParams {\n providers: { action: ActionProvider; condition: ConditionProvider };\n abilityBuilderFactory?(): abilities.CustomAbilityBuilder;\n}\n\ninterface EvaluateParams {\n options: Record<string, unknown>;\n register: (permission: PermissionRule) => Promise<unknown>;\n permission: Permission;\n}\n\ninterface Condition {\n name: string;\n handler(...params: unknown[]): boolean | object;\n}\n\n/**\n * Create a default state object for the engine\n */\nconst createEngineState = () => {\n const hooks = createEngineHooks();\n\n return { hooks };\n};\n\nconst newEngine = (params: EngineParams): Engine => {\n const { providers, abilityBuilderFactory = abilities.caslAbilityBuilder } = params;\n\n const state = createEngineState();\n\n const runValidationHook = async (hook: HookName, context: unknown) =>\n state.hooks[hook].call(context);\n\n /**\n * Evaluate a permission using local and registered behaviors (using hooks).\n * Validate, format (add condition, etc...), evaluate (evaluate conditions) and register a permission\n */\n const evaluate = async (params: EvaluateParams) => {\n const { options, register } = params;\n\n const preFormatValidation = await runValidationHook(\n 'before-format::validate.permission',\n createBeforeEvaluateContext(params.permission)\n );\n\n if (preFormatValidation === false) {\n return;\n }\n\n const permission = (await state.hooks['format.permission'].call(\n params.permission\n )) as Permission;\n\n const afterFormatValidation = await runValidationHook(\n 'after-format::validate.permission',\n createValidateContext(permission)\n );\n\n if (afterFormatValidation === false) {\n return;\n }\n\n await state.hooks['before-evaluate.permission'].call(createBeforeEvaluateContext(permission));\n\n const {\n action: actionName,\n subject,\n properties,\n conditions = [],\n actionParameters = {},\n } = permission;\n\n let action = actionName;\n\n if (actionParameters && Object.keys(actionParameters).length > 0) {\n action = `${actionName}?${qs.stringify(actionParameters)}`;\n }\n\n if (conditions.length === 0) {\n return register({ action, subject, properties });\n }\n\n const resolveConditions = _.map(providers.condition.get);\n\n const removeInvalidConditions = _.filter((condition: Condition) =>\n _.isFunction(condition.handler)\n );\n\n const evaluateConditions = (conditions: Condition[]) => {\n return Promise.all(\n conditions.map(async (condition) => ({\n condition,\n result: await condition.handler(\n _.merge(options, { permission: _.cloneDeep(permission) })\n ),\n }))\n );\n };\n\n const removeInvalidResults = _.filter(\n ({ result }) => _.isBoolean(result) || _.isObject(result)\n );\n\n const evaluatedConditions = await Promise.resolve(conditions)\n .then(resolveConditions)\n .then(removeInvalidConditions)\n .then(evaluateConditions)\n .then(removeInvalidResults);\n\n const resultPropEq = _.propEq('result');\n const pickResults = _.map(_.prop('result'));\n\n if (evaluatedConditions.every(resultPropEq(false))) {\n return;\n }\n\n if (_.isEmpty(evaluatedConditions) || evaluatedConditions.some(resultPropEq(true))) {\n return register({ action, subject, properties });\n }\n\n const results = pickResults(evaluatedConditions).filter(_.isObject);\n\n if (_.isEmpty(results)) {\n return register({ action, subject, properties });\n }\n\n return register({\n action,\n subject,\n properties,\n condition: { $and: [{ $or: results }] },\n });\n };\n\n return {\n get hooks() {\n return state.hooks;\n },\n\n /**\n * Create a register function that wraps a `can` function\n * used to register a permission in the ability builder\n */\n createRegisterFunction(can, options: Record<string, unknown>) {\n return async (permission: PermissionRule) => {\n const hookContext = createWillRegisterContext({ options, permission });\n\n await state.hooks['before-register.permission'].call(hookContext);\n\n return can(permission);\n };\n },\n\n /**\n * Register a new handler for a given hook\n */\n on(hook, handler) {\n const validHooks = Object.keys(state.hooks);\n const isValidHook = validHooks.includes(hook);\n\n if (!isValidHook) {\n throw new Error(\n `Invalid hook supplied when trying to register an handler to the permission engine. Got \"${hook}\" but expected one of ${validHooks.join(\n ', '\n )}`\n );\n }\n\n state.hooks[hook].register(handler);\n\n return this;\n },\n\n /**\n * Generate an ability based on the instance's\n * ability builder and the given permissions\n */\n async generateAbility(permissions, options: Record<string, unknown> = {}) {\n const { can, build } = abilityBuilderFactory();\n\n for (const permission of permissions) {\n const register = this.createRegisterFunction(can, options);\n\n await evaluate({ permission, options, register });\n }\n\n return build();\n },\n };\n};\n\nexport { newEngine as new };\n"],"names":["createEngineState","hooks","createEngineHooks","newEngine","params","providers","abilityBuilderFactory","abilities","state","runValidationHook","hook","context","call","evaluate","options","register","preFormatValidation","createBeforeEvaluateContext","permission","afterFormatValidation","createValidateContext","action","actionName","subject","properties","conditions","actionParameters","Object","keys","length","qs","stringify","resolveConditions","_","map","condition","get","removeInvalidConditions","filter","isFunction","handler","evaluateConditions","Promise","all","result","merge","cloneDeep","removeInvalidResults","isBoolean","isObject","evaluatedConditions","resolve","then","resultPropEq","propEq","pickResults","prop","every","isEmpty","some","results","$and","$or","createRegisterFunction","can","hookContext","createWillRegisterContext","on","validHooks","isValidHook","includes","Error","join","generateAbility","permissions","build"],"mappings":";;;;;;;AAoDA;;AAEC,IACD,MAAMA,iBAAoB,GAAA,IAAA;AACxB,IAAA,MAAMC,KAAQC,GAAAA,iBAAAA,EAAAA;IAEd,OAAO;AAAED,QAAAA;AAAM,KAAA;AACjB,CAAA;AAEA,MAAME,YAAY,CAACC,MAAAA,GAAAA;AACjB,IAAA,MAAM,EAAEC,SAAS,EAAEC,wBAAwBC,kBAA4B,EAAE,GAAGH,MAAAA;AAE5E,IAAA,MAAMI,KAAQR,GAAAA,iBAAAA,EAAAA;IAEd,MAAMS,iBAAAA,GAAoB,OAAOC,IAAAA,EAAgBC,OAC/CH,GAAAA,KAAAA,CAAMP,KAAK,CAACS,IAAAA,CAAK,CAACE,IAAI,CAACD,OAAAA,CAAAA;AAEzB;;;MAIA,MAAME,WAAW,OAAOT,MAAAA,GAAAA;AACtB,QAAA,MAAM,EAAEU,OAAO,EAAEC,QAAQ,EAAE,GAAGX,MAAAA;AAE9B,QAAA,MAAMY,sBAAsB,MAAMP,iBAAAA,CAChC,oCACAQ,EAAAA,2BAAAA,CAA4Bb,OAAOc,UAAU,CAAA,CAAA;AAG/C,QAAA,IAAIF,wBAAwB,KAAO,EAAA;AACjC,YAAA;AACF;QAEA,MAAME,UAAAA,GAAc,MAAMV,KAAAA,CAAMP,KAAK,CAAC,oBAAoB,CAACW,IAAI,CAC7DR,MAAAA,CAAOc,UAAU,CAAA;AAGnB,QAAA,MAAMC,qBAAwB,GAAA,MAAMV,iBAClC,CAAA,mCAAA,EACAW,qBAAsBF,CAAAA,UAAAA,CAAAA,CAAAA;AAGxB,QAAA,IAAIC,0BAA0B,KAAO,EAAA;AACnC,YAAA;AACF;AAEA,QAAA,MAAMX,MAAMP,KAAK,CAAC,6BAA6B,CAACW,IAAI,CAACK,2BAA4BC,CAAAA,UAAAA,CAAAA,CAAAA;AAEjF,QAAA,MAAM,EACJG,MAAAA,EAAQC,UAAU,EAClBC,OAAO,EACPC,UAAU,EACVC,UAAAA,GAAa,EAAE,EACfC,gBAAAA,GAAmB,EAAE,EACtB,GAAGR,UAAAA;AAEJ,QAAA,IAAIG,MAASC,GAAAA,UAAAA;AAEb,QAAA,IAAII,oBAAoBC,MAAOC,CAAAA,IAAI,CAACF,gBAAkBG,CAAAA,CAAAA,MAAM,GAAG,CAAG,EAAA;YAChER,MAAS,GAAA,CAAC,EAAEC,UAAW,CAAA,CAAC,EAAEQ,EAAGC,CAAAA,SAAS,CAACL,gBAAAA,CAAAA,CAAkB,CAAC;AAC5D;QAEA,IAAID,UAAAA,CAAWI,MAAM,KAAK,CAAG,EAAA;AAC3B,YAAA,OAAOd,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,MAAMQ,oBAAoBC,CAAEC,CAAAA,GAAG,CAAC7B,SAAU8B,CAAAA,SAAS,CAACC,GAAG,CAAA;QAEvD,MAAMC,uBAAAA,GAA0BJ,CAAEK,CAAAA,MAAM,CAAC,CAACH,YACxCF,CAAEM,CAAAA,UAAU,CAACJ,SAAAA,CAAUK,OAAO,CAAA,CAAA;AAGhC,QAAA,MAAMC,qBAAqB,CAAChB,UAAAA,GAAAA;YAC1B,OAAOiB,OAAAA,CAAQC,GAAG,CAChBlB,UAAAA,CAAWS,GAAG,CAAC,OAAOC,aAAe;AACnCA,oBAAAA,SAAAA;AACAS,oBAAAA,MAAAA,EAAQ,MAAMT,SAAUK,CAAAA,OAAO,CAC7BP,CAAEY,CAAAA,KAAK,CAAC/B,OAAS,EAAA;wBAAEI,UAAYe,EAAAA,CAAAA,CAAEa,SAAS,CAAC5B,UAAAA;AAAY,qBAAA,CAAA;iBAE3D,CAAA,CAAA,CAAA;AAEJ,SAAA;AAEA,QAAA,MAAM6B,oBAAuBd,GAAAA,CAAAA,CAAEK,MAAM,CACnC,CAAC,EAAEM,MAAM,EAAE,GAAKX,EAAEe,SAAS,CAACJ,MAAWX,CAAAA,IAAAA,CAAAA,CAAEgB,QAAQ,CAACL,MAAAA,CAAAA,CAAAA;AAGpD,QAAA,MAAMM,sBAAsB,MAAMR,OAAAA,CAAQS,OAAO,CAAC1B,YAC/C2B,IAAI,CAACpB,iBACLoB,CAAAA,CAAAA,IAAI,CAACf,uBACLe,CAAAA,CAAAA,IAAI,CAACX,kBAAAA,CAAAA,CACLW,IAAI,CAACL,oBAAAA,CAAAA;QAER,MAAMM,YAAAA,GAAepB,CAAEqB,CAAAA,MAAM,CAAC,QAAA,CAAA;AAC9B,QAAA,MAAMC,cAActB,CAAEC,CAAAA,GAAG,CAACD,CAAAA,CAAEuB,IAAI,CAAC,QAAA,CAAA,CAAA;AAEjC,QAAA,IAAIN,mBAAoBO,CAAAA,KAAK,CAACJ,YAAAA,CAAa,KAAS,CAAA,CAAA,EAAA;AAClD,YAAA;AACF;QAEA,IAAIpB,CAAAA,CAAEyB,OAAO,CAACR,mBAAAA,CAAAA,IAAwBA,oBAAoBS,IAAI,CAACN,aAAa,IAAQ,CAAA,CAAA,EAAA;AAClF,YAAA,OAAOtC,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,MAAMoC,UAAUL,WAAYL,CAAAA,mBAAAA,CAAAA,CAAqBZ,MAAM,CAACL,EAAEgB,QAAQ,CAAA;QAElE,IAAIhB,CAAAA,CAAEyB,OAAO,CAACE,OAAU,CAAA,EAAA;AACtB,YAAA,OAAO7C,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,OAAOT,QAAS,CAAA;AACdM,YAAAA,MAAAA;AACAE,YAAAA,OAAAA;AACAC,YAAAA,UAAAA;YACAW,SAAW,EAAA;gBAAE0B,IAAM,EAAA;AAAC,oBAAA;wBAAEC,GAAKF,EAAAA;AAAQ;AAAE;AAAC;AACxC,SAAA,CAAA;AACF,KAAA;IAEA,OAAO;AACL,QAAA,IAAI3D,KAAQ,CAAA,GAAA;AACV,YAAA,OAAOO,MAAMP,KAAK;AACpB,SAAA;AAEA;;;QAIA8D,sBAAAA,CAAAA,CAAuBC,GAAG,EAAElD,OAAgC,EAAA;AAC1D,YAAA,OAAO,OAAOI,UAAAA,GAAAA;AACZ,gBAAA,MAAM+C,cAAcC,yBAA0B,CAAA;AAAEpD,oBAAAA,OAAAA;AAASI,oBAAAA;AAAW,iBAAA,CAAA;AAEpE,gBAAA,MAAMV,MAAMP,KAAK,CAAC,4BAA6B,CAAA,CAACW,IAAI,CAACqD,WAAAA,CAAAA;AAErD,gBAAA,OAAOD,GAAI9C,CAAAA,UAAAA,CAAAA;AACb,aAAA;AACF,SAAA;AAEA;;QAGAiD,EAAAA,CAAAA,CAAGzD,IAAI,EAAE8B,OAAO,EAAA;AACd,YAAA,MAAM4B,UAAazC,GAAAA,MAAAA,CAAOC,IAAI,CAACpB,MAAMP,KAAK,CAAA;YAC1C,MAAMoE,WAAAA,GAAcD,UAAWE,CAAAA,QAAQ,CAAC5D,IAAAA,CAAAA;AAExC,YAAA,IAAI,CAAC2D,WAAa,EAAA;AAChB,gBAAA,MAAM,IAAIE,KAAAA,CACR,CAAC,wFAAwF,EAAE7D,IAAAA,CAAK,sBAAsB,EAAE0D,UAAWI,CAAAA,IAAI,CACrI,IAAA,CAAA,CACA,CAAC,CAAA;AAEP;AAEAhE,YAAAA,KAAAA,CAAMP,KAAK,CAACS,IAAK,CAAA,CAACK,QAAQ,CAACyB,OAAAA,CAAAA;AAE3B,YAAA,OAAO,IAAI;AACb,SAAA;AAEA;;;AAGC,QACD,MAAMiC,eAAgBC,CAAAA,CAAAA,WAAW,EAAE5D,OAAAA,GAAmC,EAAE,EAAA;AACtE,YAAA,MAAM,EAAEkD,GAAG,EAAEW,KAAK,EAAE,GAAGrE,qBAAAA,EAAAA;YAEvB,KAAK,MAAMY,cAAcwD,WAAa,CAAA;AACpC,gBAAA,MAAM3D,QAAW,GAAA,IAAI,CAACgD,sBAAsB,CAACC,GAAKlD,EAAAA,OAAAA,CAAAA;AAElD,gBAAA,MAAMD,QAAS,CAAA;AAAEK,oBAAAA,UAAAA;AAAYJ,oBAAAA,OAAAA;AAASC,oBAAAA;AAAS,iBAAA,CAAA;AACjD;YAEA,OAAO4D,KAAAA,EAAAA;AACT;AACF,KAAA;AACF;;;;"}
|
|
1
|
+
{"version":3,"file":"index.mjs","sources":["../../src/engine/index.ts"],"sourcesContent":["import _ from 'lodash/fp';\nimport qs from 'qs';\nimport { Ability } from '@casl/ability';\nimport { providerFactory } from '@strapi/utils';\n\nimport {\n createEngineHooks,\n createWillRegisterContext,\n createBeforeEvaluateContext,\n createValidateContext,\n} from './hooks';\nimport type { PermissionEngineHooks, HookName } from './hooks';\n\nimport * as abilities from './abilities';\nimport { Permission } from '../domain/permission';\nimport type { PermissionRule } from '../types';\n\nexport { abilities };\n\ntype Provider = Omit<ReturnType<typeof providerFactory>, 'register'> & {\n register(...args: unknown[]): Promise<Provider> | Provider;\n};\n\ntype ActionProvider = Provider;\ntype ConditionProvider = Provider;\n\nexport interface Engine {\n hooks: PermissionEngineHooks;\n on(hook: HookName, handler: (...args: any[]) => any): Engine;\n generateAbility(permissions: Permission[], options?: object): Promise<Ability>;\n createRegisterFunction(\n can: (permission: PermissionRule) => unknown,\n options: Record<string, unknown>\n ): (permission: PermissionRule) => Promise<unknown>;\n}\n\nexport interface EngineParams {\n providers: { action: ActionProvider; condition: ConditionProvider };\n abilityBuilderFactory?(): abilities.CustomAbilityBuilder;\n}\n\ninterface EvaluateParams {\n options: Record<string, unknown>;\n register: (permission: PermissionRule) => Promise<unknown>;\n permission: Permission;\n}\n\ninterface Condition {\n name: string;\n handler(...params: unknown[]): boolean | object;\n}\n\n/**\n * Create a default state object for the engine\n */\nconst createEngineState = () => {\n const hooks = createEngineHooks();\n\n return { hooks };\n};\n\nconst newEngine = (params: EngineParams): Engine => {\n const { providers, abilityBuilderFactory = abilities.caslAbilityBuilder } = params;\n\n const state = createEngineState();\n\n const runValidationHook = async (hook: HookName, context: unknown) =>\n state.hooks[hook].call(context);\n\n /**\n * Evaluate a permission using local and registered behaviors (using hooks).\n * Validate, format (add condition, etc...), evaluate (evaluate conditions) and register a permission\n */\n const evaluate = async (params: EvaluateParams) => {\n const { options, register } = params;\n\n const preFormatValidation = await runValidationHook(\n 'before-format::validate.permission',\n createBeforeEvaluateContext(params.permission)\n );\n\n if (preFormatValidation === false) {\n return;\n }\n\n const permission = (await state.hooks['format.permission'].call(\n params.permission\n )) as Permission;\n\n const afterFormatValidation = await runValidationHook(\n 'after-format::validate.permission',\n createValidateContext(permission)\n );\n\n if (afterFormatValidation === false) {\n return;\n }\n\n await state.hooks['before-evaluate.permission'].call(createBeforeEvaluateContext(permission));\n\n const {\n action: actionName,\n subject,\n properties,\n conditions = [],\n actionParameters = {},\n } = permission;\n\n let action = actionName;\n\n if (actionParameters && Object.keys(actionParameters).length > 0) {\n action = `${actionName}?${qs.stringify(actionParameters)}`;\n }\n\n if (conditions.length === 0) {\n return register({ action, subject, properties });\n }\n\n const resolveConditions = _.map(providers.condition.get);\n\n const removeInvalidConditions = _.filter((condition: Condition) =>\n _.isFunction(condition.handler)\n );\n\n const evaluateConditions = (conditions: Condition[]) => {\n return Promise.all(\n conditions.map(async (condition) => ({\n condition,\n result: await condition.handler(\n _.merge(options, { permission: _.cloneDeep(permission) })\n ),\n }))\n );\n };\n\n const removeInvalidResults = _.filter(\n ({ result }) => _.isBoolean(result) || _.isObject(result)\n );\n\n const evaluatedConditions = await Promise.resolve(conditions)\n .then(resolveConditions)\n .then(removeInvalidConditions)\n .then(evaluateConditions)\n .then(removeInvalidResults);\n\n const resultPropEq = _.propEq('result');\n const pickResults = _.map(_.prop('result'));\n\n if (evaluatedConditions.every(resultPropEq(false))) {\n return;\n }\n\n if (_.isEmpty(evaluatedConditions) || evaluatedConditions.some(resultPropEq(true))) {\n return register({ action, subject, properties });\n }\n\n const results = pickResults(evaluatedConditions).filter(_.isObject);\n\n if (_.isEmpty(results)) {\n return register({ action, subject, properties });\n }\n\n return register({\n action,\n subject,\n properties,\n condition: { $and: [{ $or: results }] },\n });\n };\n\n return {\n get hooks() {\n return state.hooks;\n },\n\n /**\n * Create a register function that wraps a `can` function\n * used to register a permission in the ability builder\n */\n createRegisterFunction(can, options: Record<string, unknown>) {\n return async (permission: PermissionRule) => {\n const hookContext = createWillRegisterContext({ options, permission });\n\n await state.hooks['before-register.permission'].call(hookContext);\n\n return can(permission);\n };\n },\n\n /**\n * Register a new handler for a given hook\n */\n on(hook, handler) {\n const validHooks = Object.keys(state.hooks);\n const isValidHook = validHooks.includes(hook);\n\n if (!isValidHook) {\n throw new Error(\n `Invalid hook supplied when trying to register an handler to the permission engine. Got \"${hook}\" but expected one of ${validHooks.join(\n ', '\n )}`\n );\n }\n\n state.hooks[hook].register(handler);\n\n return this;\n },\n\n /**\n * Generate an ability based on the instance's\n * ability builder and the given permissions\n */\n async generateAbility(permissions, options: Record<string, unknown> = {}) {\n const { can, build } = abilityBuilderFactory();\n\n for (const permission of permissions) {\n const register = this.createRegisterFunction(can, options);\n\n await evaluate({ permission, options, register });\n }\n\n return build();\n },\n };\n};\n\nexport { newEngine as new };\n"],"names":["createEngineState","hooks","createEngineHooks","newEngine","params","providers","abilityBuilderFactory","abilities","state","runValidationHook","hook","context","call","evaluate","options","register","preFormatValidation","createBeforeEvaluateContext","permission","afterFormatValidation","createValidateContext","action","actionName","subject","properties","conditions","actionParameters","Object","keys","length","qs","stringify","resolveConditions","_","map","condition","get","removeInvalidConditions","filter","isFunction","handler","evaluateConditions","Promise","all","result","merge","cloneDeep","removeInvalidResults","isBoolean","isObject","evaluatedConditions","resolve","then","resultPropEq","propEq","pickResults","prop","every","isEmpty","some","results","$and","$or","createRegisterFunction","can","hookContext","createWillRegisterContext","on","validHooks","isValidHook","includes","Error","join","generateAbility","permissions","build"],"mappings":";;;;;;;AAoDA;;AAEC,IACD,MAAMA,iBAAoB,GAAA,IAAA;AACxB,IAAA,MAAMC,KAAQC,GAAAA,iBAAAA,EAAAA;IAEd,OAAO;AAAED,QAAAA;AAAM,KAAA;AACjB,CAAA;AAEA,MAAME,YAAY,CAACC,MAAAA,GAAAA;AACjB,IAAA,MAAM,EAAEC,SAAS,EAAEC,wBAAwBC,kBAA4B,EAAE,GAAGH,MAAAA;AAE5E,IAAA,MAAMI,KAAQR,GAAAA,iBAAAA,EAAAA;IAEd,MAAMS,iBAAAA,GAAoB,OAAOC,IAAAA,EAAgBC,OAC/CH,GAAAA,KAAAA,CAAMP,KAAK,CAACS,IAAAA,CAAK,CAACE,IAAI,CAACD,OAAAA,CAAAA;AAEzB;;;MAIA,MAAME,WAAW,OAAOT,MAAAA,GAAAA;AACtB,QAAA,MAAM,EAAEU,OAAO,EAAEC,QAAQ,EAAE,GAAGX,MAAAA;AAE9B,QAAA,MAAMY,sBAAsB,MAAMP,iBAAAA,CAChC,oCACAQ,EAAAA,2BAAAA,CAA4Bb,OAAOc,UAAU,CAAA,CAAA;AAG/C,QAAA,IAAIF,wBAAwB,KAAO,EAAA;AACjC,YAAA;AACF;QAEA,MAAME,UAAAA,GAAc,MAAMV,KAAAA,CAAMP,KAAK,CAAC,oBAAoB,CAACW,IAAI,CAC7DR,MAAAA,CAAOc,UAAU,CAAA;AAGnB,QAAA,MAAMC,qBAAwB,GAAA,MAAMV,iBAClC,CAAA,mCAAA,EACAW,qBAAsBF,CAAAA,UAAAA,CAAAA,CAAAA;AAGxB,QAAA,IAAIC,0BAA0B,KAAO,EAAA;AACnC,YAAA;AACF;AAEA,QAAA,MAAMX,MAAMP,KAAK,CAAC,6BAA6B,CAACW,IAAI,CAACK,2BAA4BC,CAAAA,UAAAA,CAAAA,CAAAA;AAEjF,QAAA,MAAM,EACJG,MAAAA,EAAQC,UAAU,EAClBC,OAAO,EACPC,UAAU,EACVC,UAAAA,GAAa,EAAE,EACfC,gBAAAA,GAAmB,EAAE,EACtB,GAAGR,UAAAA;AAEJ,QAAA,IAAIG,MAASC,GAAAA,UAAAA;AAEb,QAAA,IAAII,oBAAoBC,MAAOC,CAAAA,IAAI,CAACF,gBAAkBG,CAAAA,CAAAA,MAAM,GAAG,CAAG,EAAA;AAChER,YAAAA,MAAAA,GAAS,GAAGC,UAAW,CAAA,CAAC,EAAEQ,EAAGC,CAAAA,SAAS,CAACL,gBAAmB,CAAA,CAAA,CAAA;AAC5D;QAEA,IAAID,UAAAA,CAAWI,MAAM,KAAK,CAAG,EAAA;AAC3B,YAAA,OAAOd,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,MAAMQ,oBAAoBC,CAAEC,CAAAA,GAAG,CAAC7B,SAAU8B,CAAAA,SAAS,CAACC,GAAG,CAAA;QAEvD,MAAMC,uBAAAA,GAA0BJ,CAAEK,CAAAA,MAAM,CAAC,CAACH,YACxCF,CAAEM,CAAAA,UAAU,CAACJ,SAAAA,CAAUK,OAAO,CAAA,CAAA;AAGhC,QAAA,MAAMC,qBAAqB,CAAChB,UAAAA,GAAAA;YAC1B,OAAOiB,OAAAA,CAAQC,GAAG,CAChBlB,UAAAA,CAAWS,GAAG,CAAC,OAAOC,aAAe;AACnCA,oBAAAA,SAAAA;AACAS,oBAAAA,MAAAA,EAAQ,MAAMT,SAAUK,CAAAA,OAAO,CAC7BP,CAAEY,CAAAA,KAAK,CAAC/B,OAAS,EAAA;wBAAEI,UAAYe,EAAAA,CAAAA,CAAEa,SAAS,CAAC5B,UAAAA;AAAY,qBAAA,CAAA;iBAE3D,CAAA,CAAA,CAAA;AAEJ,SAAA;AAEA,QAAA,MAAM6B,oBAAuBd,GAAAA,CAAAA,CAAEK,MAAM,CACnC,CAAC,EAAEM,MAAM,EAAE,GAAKX,EAAEe,SAAS,CAACJ,MAAWX,CAAAA,IAAAA,CAAAA,CAAEgB,QAAQ,CAACL,MAAAA,CAAAA,CAAAA;AAGpD,QAAA,MAAMM,sBAAsB,MAAMR,OAAAA,CAAQS,OAAO,CAAC1B,YAC/C2B,IAAI,CAACpB,iBACLoB,CAAAA,CAAAA,IAAI,CAACf,uBACLe,CAAAA,CAAAA,IAAI,CAACX,kBAAAA,CAAAA,CACLW,IAAI,CAACL,oBAAAA,CAAAA;QAER,MAAMM,YAAAA,GAAepB,CAAEqB,CAAAA,MAAM,CAAC,QAAA,CAAA;AAC9B,QAAA,MAAMC,cAActB,CAAEC,CAAAA,GAAG,CAACD,CAAAA,CAAEuB,IAAI,CAAC,QAAA,CAAA,CAAA;AAEjC,QAAA,IAAIN,mBAAoBO,CAAAA,KAAK,CAACJ,YAAAA,CAAa,KAAS,CAAA,CAAA,EAAA;AAClD,YAAA;AACF;QAEA,IAAIpB,CAAAA,CAAEyB,OAAO,CAACR,mBAAAA,CAAAA,IAAwBA,oBAAoBS,IAAI,CAACN,aAAa,IAAQ,CAAA,CAAA,EAAA;AAClF,YAAA,OAAOtC,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,MAAMoC,UAAUL,WAAYL,CAAAA,mBAAAA,CAAAA,CAAqBZ,MAAM,CAACL,EAAEgB,QAAQ,CAAA;QAElE,IAAIhB,CAAAA,CAAEyB,OAAO,CAACE,OAAU,CAAA,EAAA;AACtB,YAAA,OAAO7C,QAAS,CAAA;AAAEM,gBAAAA,MAAAA;AAAQE,gBAAAA,OAAAA;AAASC,gBAAAA;AAAW,aAAA,CAAA;AAChD;AAEA,QAAA,OAAOT,QAAS,CAAA;AACdM,YAAAA,MAAAA;AACAE,YAAAA,OAAAA;AACAC,YAAAA,UAAAA;YACAW,SAAW,EAAA;gBAAE0B,IAAM,EAAA;AAAC,oBAAA;wBAAEC,GAAKF,EAAAA;AAAQ;AAAE;AAAC;AACxC,SAAA,CAAA;AACF,KAAA;IAEA,OAAO;AACL,QAAA,IAAI3D,KAAQ,CAAA,GAAA;AACV,YAAA,OAAOO,MAAMP,KAAK;AACpB,SAAA;AAEA;;;QAIA8D,sBAAAA,CAAAA,CAAuBC,GAAG,EAAElD,OAAgC,EAAA;AAC1D,YAAA,OAAO,OAAOI,UAAAA,GAAAA;AACZ,gBAAA,MAAM+C,cAAcC,yBAA0B,CAAA;AAAEpD,oBAAAA,OAAAA;AAASI,oBAAAA;AAAW,iBAAA,CAAA;AAEpE,gBAAA,MAAMV,MAAMP,KAAK,CAAC,4BAA6B,CAAA,CAACW,IAAI,CAACqD,WAAAA,CAAAA;AAErD,gBAAA,OAAOD,GAAI9C,CAAAA,UAAAA,CAAAA;AACb,aAAA;AACF,SAAA;AAEA;;QAGAiD,EAAAA,CAAAA,CAAGzD,IAAI,EAAE8B,OAAO,EAAA;AACd,YAAA,MAAM4B,UAAazC,GAAAA,MAAAA,CAAOC,IAAI,CAACpB,MAAMP,KAAK,CAAA;YAC1C,MAAMoE,WAAAA,GAAcD,UAAWE,CAAAA,QAAQ,CAAC5D,IAAAA,CAAAA;AAExC,YAAA,IAAI,CAAC2D,WAAa,EAAA;gBAChB,MAAM,IAAIE,KACR,CAAA,CAAC,wFAAwF,EAAE7D,IAAK,CAAA,sBAAsB,EAAE0D,UAAAA,CAAWI,IAAI,CACrI,IACC,CAAA,CAAA,CAAA,CAAA;AAEP;AAEAhE,YAAAA,KAAAA,CAAMP,KAAK,CAACS,IAAK,CAAA,CAACK,QAAQ,CAACyB,OAAAA,CAAAA;AAE3B,YAAA,OAAO,IAAI;AACb,SAAA;AAEA;;;AAGC,QACD,MAAMiC,eAAgBC,CAAAA,CAAAA,WAAW,EAAE5D,OAAAA,GAAmC,EAAE,EAAA;AACtE,YAAA,MAAM,EAAEkD,GAAG,EAAEW,KAAK,EAAE,GAAGrE,qBAAAA,EAAAA;YAEvB,KAAK,MAAMY,cAAcwD,WAAa,CAAA;AACpC,gBAAA,MAAM3D,QAAW,GAAA,IAAI,CAACgD,sBAAsB,CAACC,GAAKlD,EAAAA,OAAAA,CAAAA;AAElD,gBAAA,MAAMD,QAAS,CAAA;AAAEK,oBAAAA,UAAAA;AAAYJ,oBAAAA,OAAAA;AAASC,oBAAAA;AAAS,iBAAA,CAAA;AACjD;YAEA,OAAO4D,KAAAA,EAAAA;AACT;AACF,KAAA;AACF;;;;"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@strapi/permissions",
|
|
3
|
-
"version": "5.
|
|
3
|
+
"version": "5.31.0",
|
|
4
4
|
"description": "Strapi's permission layer.",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -39,17 +39,17 @@
|
|
|
39
39
|
},
|
|
40
40
|
"dependencies": {
|
|
41
41
|
"@casl/ability": "6.5.0",
|
|
42
|
-
"@strapi/utils": "5.
|
|
42
|
+
"@strapi/utils": "5.31.0",
|
|
43
43
|
"lodash": "4.17.21",
|
|
44
44
|
"qs": "6.11.1",
|
|
45
45
|
"sift": "16.0.1"
|
|
46
46
|
},
|
|
47
47
|
"devDependencies": {
|
|
48
|
-
"eslint-config-custom": "5.
|
|
49
|
-
"tsconfig": "5.
|
|
48
|
+
"eslint-config-custom": "5.31.0",
|
|
49
|
+
"tsconfig": "5.31.0"
|
|
50
50
|
},
|
|
51
51
|
"engines": {
|
|
52
|
-
"node": ">=
|
|
52
|
+
"node": ">=20.0.0 <=24.x.x",
|
|
53
53
|
"npm": ">=6.0.0"
|
|
54
54
|
}
|
|
55
55
|
}
|