npm - @tachybase/acl - Versions diffs - 0.23.58 → 1.0.6 - Mend

@tachybase/acl 0.23.58 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/lib/acl.d.ts CHANGED Viewed

@@ -33,6 +33,7 @@ interface CanArgs {
     role: string;
     resource: string;
     action: string;
+    rawResourceName?: string;
     ctx?: any;
 }
 export declare class ACL extends EventEmitter {
@@ -64,7 +65,12 @@ export declare class ACL extends EventEmitter {
     protected fixedParamsManager: FixedParamsManager;
     protected middlewares: Toposort<any>;
     middlewareSourceMap: WeakMap<Function, string>;
+    protected strategyResources: Set<string> | null;
     constructor();
+    setStrategyResources(resources: Array<string> | null): void;
+    getStrategyResources(): string[];
+    appendStrategyResource(resource: string): void;
+    removeStrategyResource(resource: string): void;
     define(options: DefineOptions): ACLRole;
     getRole(name: string): ACLRole;
     removeRole(name: string): boolean;

package/lib/acl.js CHANGED Viewed

@@ -71,6 +71,7 @@ const _ACL = class _ACL extends import_node_events.default {
     this.availableActions = /* @__PURE__ */ new Map();
     this.fixedParamsManager = new import_fixed_params_manager.default();
     this.middlewareSourceMap = /* @__PURE__ */ new WeakMap();
+    this.strategyResources = null;
     this.middlewares = new import_utils.Toposort();
     this.beforeGrantAction((ctx) => {
       if (import_lodash.default.isPlainObject(ctx.params) && ctx.params.own) {
@@ -94,6 +95,21 @@ const _ACL = class _ACL extends import_node_events.default {
     });
     this.addCoreMiddleware();
   }
+  setStrategyResources(resources) {
+    this.strategyResources = new Set(resources);
+  }
+  getStrategyResources() {
+    return this.strategyResources ? [...this.strategyResources] : null;
+  }
+  appendStrategyResource(resource) {
+    if (!this.strategyResources) {
+      this.strategyResources = /* @__PURE__ */ new Set();
+    }
+    this.strategyResources.add(resource);
+  }
+  removeStrategyResource(resource) {
+    this.strategyResources.delete(resource);
+  }
   define(options) {
     const roleName = options.role;
     const role = new import_acl_role.ACLRole(this, roleName);
@@ -154,13 +170,14 @@ const _ACL = class _ACL extends import_node_events.default {
     this.addListener("beforeGrantAction", listener);
   }
   can(options) {
-    const { role, resource, action } = options;
+    const { role, resource, action, rawResourceName, ctx } = options;
     const aclRole = this.roles.get(role);
     if (!aclRole) {
       return null;
     }
-    const snippetAllowed = aclRole.snippetAllowed(`${resource}:${action}`);
-    const fixedParams = this.fixedParamsManager.getParams(resource, action);
+    const actionPath = `${rawResourceName ? rawResourceName : resource}:${action}`;
+    const snippetAllowed = aclRole.snippetAllowed(actionPath);
+    const fixedParams = this.fixedParamsManager.getParams(rawResourceName ? rawResourceName : resource, action);
     const mergeParams = /* @__PURE__ */ __name((result) => {
       const params = result["params"] || {};
       const mergedParams = (0, import_utils.assign)(params, fixedParams);
@@ -189,7 +206,10 @@ const _ACL = class _ACL extends import_node_events.default {
     if (!roleStrategy && !snippetAllowed) {
       return null;
     }
-    let roleStrategyParams = roleStrategy == null ? void 0 : roleStrategy.allow(resource, this.resolveActionAlias(action));
+    let roleStrategyParams;
+    if (this.strategyResources === null || this.strategyResources.has(resource)) {
+      roleStrategyParams = roleStrategy == null ? void 0 : roleStrategy.allow(resource, this.resolveActionAlias(action));
+    }
     if (!roleStrategyParams && snippetAllowed) {
       roleStrategyParams = {};
     }
@@ -258,13 +278,25 @@ const _ACL = class _ACL extends import_node_events.default {
     const acl = this;
     return /* @__PURE__ */ __name(async function ACLMiddleware(ctx, next) {
       const roleName = ctx.state.currentRole || "anonymous";
-      const { resourceName, actionName } = ctx.action;
+      const { resourceName: rawResourceName, actionName } = ctx.action;
+      let resourceName = rawResourceName;
+      if (rawResourceName.includes(".")) {
+        resourceName = rawResourceName.split(".").pop();
+      }
+      if (ctx.getCurrentRepository) {
+        const currentRepository = ctx.getCurrentRepository();
+        if (currentRepository && currentRepository.targetCollection) {
+          resourceName = ctx.getCurrentRepository().targetCollection.name;
+        }
+      }
       ctx.can = (options) => {
-        const canResult = acl.can({ role: roleName, ...options });
+        const canResult = acl.can({ role: roleName, ...options, ctx });
         return canResult;
       };
       ctx.permission = {
-        can: ctx.can({ resource: resourceName, action: actionName })
+        can: ctx.can({ resource: resourceName, action: actionName, rawResourceName }),
+        resourceName,
+        actionName
       };
       return (0, import_koa_compose.default)(acl.middlewares.nodes)(ctx, next);
     }, "ACLMiddleware");
@@ -274,7 +306,17 @@ const _ACL = class _ACL extends import_node_events.default {
    */
   async getActionParams(ctx) {
     const roleName = ctx.state.currentRole || "anonymous";
-    const { resourceName, actionName } = ctx.action;
+    const { resourceName: rawResourceName, actionName } = ctx.action;
+    let resourceName = rawResourceName;
+    if (rawResourceName.includes(".")) {
+      resourceName = rawResourceName.split(".").pop();
+    }
+    if (ctx.getCurrentRepository) {
+      const currentRepository = ctx.getCurrentRepository();
+      if (currentRepository && currentRepository.targetCollection) {
+        resourceName = ctx.getCurrentRepository().targetCollection.name;
+      }
+    }
     ctx.can = (options) => {
       const can = this.can({ role: roleName, ...options });
       if (!can) {
@@ -313,7 +355,7 @@ const _ACL = class _ACL extends import_node_events.default {
       async (ctx, next) => {
         var _a, _b, _c, _d;
         const resourcerAction = ctx.action;
-        const { resourceName, actionName } = ctx.action;
+        const { resourceName, actionName } = ctx.permission;
         const permission = ctx.permission;
         ((_a = ctx.log) == null ? void 0 : _a.info) && ctx.log.info("ctx permission", permission);
         if ((!permission.can || typeof permission.can !== "object") && !permission.skip) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@tachybase/acl",
-  "version": "0.23.58",
+  "version": "1.0.6",
   "description": "",
   "license": "Apache-2.0",
   "main": "./lib/index.js",
@@ -9,8 +9,8 @@
     "koa-compose": "^4.1.0",
     "lodash": "4.17.21",
     "minimatch": "^5.1.6",
-    "@tachybase/resourcer": "0.23.58",
-    "@tachybase/utils": "0.23.58"
+    "@tachybase/resourcer": "1.0.6",
+    "@tachybase/utils": "1.0.6"
   },
   "devDependencies": {
     "@types/lodash": "4.17.13",