@tachybase/module-acl 0.23.58 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/externalVersion.js +10 -10
  2. package/dist/server/collections/roles-users.js +9 -6
  3. package/dist/server/middlewares/with-acl-meta.js +5 -1
  4. package/dist/server/server.d.ts +0 -1
  5. package/dist/server/server.js +22 -74
  6. package/package.json +11 -11
package/dist/externalVersion.js CHANGED
@@ -1,19 +1,19 @@
1
1
  module.exports = {
2
2
  "react": "18.3.1",
3
- "@tachybase/client": "0.23.58",
4
- "@tachybase/schema": "0.23.58",
3
+ "@tachybase/client": "1.0.6",
4
+ "@tachybase/schema": "1.0.6",
5
5
  "antd": "5.22.5",
6
6
  "@ant-design/icons": "5.5.2",
7
7
  "react-i18next": "15.2.0",
8
- "@tachybase/utils": "0.23.58",
9
- "@tachybase/actions": "0.23.58",
10
- "@tachybase/cache": "0.23.58",
11
- "@tachybase/database": "0.23.58",
12
- "@tachybase/server": "0.23.58",
8
+ "@tachybase/utils": "1.0.6",
9
+ "@tachybase/actions": "1.0.6",
10
+ "@tachybase/cache": "1.0.6",
11
+ "@tachybase/database": "1.0.6",
12
+ "@tachybase/server": "1.0.6",
13
13
  "async-mutex": "0.3.2",
14
14
  "lodash": "4.17.21",
15
- "@tachybase/test": "0.23.58",
15
+ "@tachybase/test": "1.0.6",
16
16
  "ahooks": "3.8.4",
17
- "@tachybase/components": "0.23.58",
18
- "@tachybase/acl": "0.23.58"
17
+ "@tachybase/components": "1.0.6",
18
+ "@tachybase/acl": "1.0.6"
19
19
  };
package/dist/server/collections/roles-users.js CHANGED
@@ -28,15 +28,18 @@ var roles_users_default = (0, import_database.defineCollection)({
28
28
  },
29
29
  fields: [
30
30
  {
31
- name: "id",
31
+ type: "boolean",
32
+ name: "default"
33
+ },
34
+ {
32
35
  type: "bigInt",
33
- autoIncrement: true,
34
- primaryKey: true,
35
- allowNull: false
36
+ name: "userId",
37
+ primaryKey: true
36
38
  },
37
39
  {
38
- type: "boolean",
39
- name: "default"
40
+ type: "string",
41
+ name: "roleName",
42
+ primaryKey: true
40
43
  }
41
44
  ]
42
45
  });
package/dist/server/middlewares/with-acl-meta.js CHANGED
@@ -47,7 +47,7 @@ function createWithACLMetaMiddleware() {
47
47
  if (!ctx.action || !ctx.get("X-With-ACL-Meta") || ctx.status !== 200) {
48
48
  return;
49
49
  }
50
- const { resourceName, actionName } = ctx.action;
50
+ const { resourceName, actionName } = ctx.permission;
51
51
  if (!["list", "get"].includes(actionName)) {
52
52
  return;
53
53
  }
@@ -75,6 +75,7 @@ function createWithACLMetaMiddleware() {
75
75
  return db;
76
76
  }
77
77
  },
78
+ getCurrentRepository: ctx.getCurrentRepository,
78
79
  action: {
79
80
  actionName: action,
80
81
  name: action,
@@ -124,6 +125,9 @@ function createWithACLMetaMiddleware() {
124
125
  }
125
126
  return listData.filter(Boolean).map((item) => item[primaryKeyField]);
126
127
  })();
128
+ if (ids.filter(Boolean).length === 0) {
129
+ return;
130
+ }
127
131
  const conditions = [];
128
132
  const allAllowed = [];
129
133
  for (const [action, params, actionCtx] of actionsParams) {
package/dist/server/server.d.ts CHANGED
@@ -22,7 +22,6 @@ export declare class PluginACL extends Plugin {
22
22
  grantHelper: GrantHelper;
23
23
  get acl(): import("packages/acl/lib").ACL;
24
24
  registerAssociationFieldAction(associationType: string, value: AssociationFieldActions): void;
25
- registerAssociationFieldsActions(): void;
26
25
  writeResourceToACL(resourceModel: RoleResourceModel, transaction: any): Promise<void>;
27
26
  writeActionToACL(actionModel: RoleResourceActionModel, transaction: any): Promise<void>;
28
27
  writeRolesToACL(options: any): Promise<void>;
package/dist/server/server.js CHANGED
@@ -34,7 +34,6 @@ __export(server_exports, {
34
34
  module.exports = __toCommonJS(server_exports);
35
35
  var import_path = require("path");
36
36
  var import_worker_threads = require("worker_threads");
37
- var import_actions = require("@tachybase/actions");
38
37
  var import_database = require("@tachybase/database");
39
38
  var import_server = require("@tachybase/server");
40
39
  var import_async_mutex = require("async-mutex");
@@ -67,52 +66,6 @@ class PluginACL extends import_server.Plugin {
67
66
  registerAssociationFieldAction(associationType, value) {
68
67
  this.associationFieldsActions[associationType] = value;
69
68
  }
70
- registerAssociationFieldsActions() {
71
- this.registerAssociationFieldAction("hasOne", {
72
- view: {
73
- associationActions: ["list", "get", "view"]
74
- },
75
- create: {
76
- associationActions: ["create", "set"]
77
- },
78
- update: {
79
- associationActions: ["update", "remove", "set"]
80
- }
81
- });
82
- this.registerAssociationFieldAction("hasMany", {
83
- view: {
84
- associationActions: ["list", "get", "view"]
85
- },
86
- create: {
87
- associationActions: ["create", "set", "add"]
88
- },
89
- update: {
90
- associationActions: ["update", "remove", "set"]
91
- }
92
- });
93
- this.registerAssociationFieldAction("belongsTo", {
94
- view: {
95
- associationActions: ["list", "get", "view"]
96
- },
97
- create: {
98
- associationActions: ["create", "set"]
99
- },
100
- update: {
101
- associationActions: ["update", "remove", "set"]
102
- }
103
- });
104
- this.registerAssociationFieldAction("belongsToMany", {
105
- view: {
106
- associationActions: ["list", "get", "view"]
107
- },
108
- create: {
109
- associationActions: ["create", "set", "add"]
110
- },
111
- update: {
112
- associationActions: ["update", "remove", "set", "toggle"]
113
- }
114
- });
115
- }
116
69
  async writeResourceToACL(resourceModel, transaction) {
117
70
  await resourceModel.writeToACL({
118
71
  acl: this.acl,
@@ -177,7 +130,14 @@ class PluginACL extends import_server.Plugin {
177
130
  "roles.resources:*",
178
131
  "uiSchemas:getProperties",
179
132
  "roles.menuUiSchemas:*",
180
- "roles.users:*"
133
+ "roles.users:*",
134
+ "dataSources.roles:*",
135
+ "dataSources:list",
136
+ "dataSources.rolesResourcesScopes:*",
137
+ "roles.dataSourcesCollections:*",
138
+ "roles.dataSourceResources:*",
139
+ "dataSourcesRolesResourcesScopes:*",
140
+ "rolesResourcesScopes:*"
181
141
  ]
182
142
  });
183
143
  this.app.acl.beforeGrantAction((ctx) => {
@@ -202,7 +162,6 @@ class PluginACL extends import_server.Plugin {
202
162
  };
203
163
  }
204
164
  });
205
- this.registerAssociationFieldsActions();
206
165
  this.app.resourcer.define(import_available_actions.availableActionResource);
207
166
  this.app.resourcer.define(import_role_collections.roleCollectionsResource);
208
167
  this.app.resourcer.registerActionHandler("roles:check", import_role_check.checkAction);
@@ -592,30 +551,6 @@ class PluginACL extends import_server.Plugin {
592
551
  before: "core"
593
552
  }
594
553
  );
595
- this.app.acl.use(
596
- async (ctx, next) => {
597
- var _a, _b;
598
- const action = (_b = (_a = ctx.permission) == null ? void 0 : _a.can) == null ? void 0 : _b.action;
599
- if (action === "destroy" && !ctx.action.resourceName.includes(".")) {
600
- const repository = import_actions.utils.getRepositoryFromParams(ctx);
601
- if (!repository) {
602
- await next();
603
- return;
604
- }
605
- const filteredCount = await repository.count(ctx.permission.mergedParams);
606
- const queryCount = await repository.count(ctx.permission.rawParams);
607
- if (queryCount > filteredCount) {
608
- ctx.throw(403, "No permissions");
609
- return;
610
- }
611
- }
612
- await next();
613
- },
614
- {
615
- after: "core",
616
- group: "after"
617
- }
618
- );
619
554
  const withACLMeta = (0, import_with_acl_meta.createWithACLMetaMiddleware)();
620
555
  this.app.use(
621
556
  async (ctx, next) => {
@@ -625,8 +560,21 @@ class PluginACL extends import_server.Plugin {
625
560
  ctx.logger.error(error);
626
561
  }
627
562
  },
628
- { after: "restApi", group: "after" }
563
+ { after: "dataSource", group: "after" }
629
564
  );
565
+ this.db.on("afterUpdateCollection", async (collection) => {
566
+ if (collection.options.loadedFromCollectionManager || collection.options.asStrategyResource) {
567
+ this.app.acl.appendStrategyResource(collection.name);
568
+ }
569
+ });
570
+ this.db.on("afterDefineCollection", async (collection) => {
571
+ if (collection.options.loadedFromCollectionManager || collection.options.asStrategyResource) {
572
+ this.app.acl.appendStrategyResource(collection.name);
573
+ }
574
+ });
575
+ this.db.on("afterRemoveCollection", (collection) => {
576
+ this.app.acl.removeStrategyResource(collection.name);
577
+ });
630
578
  }
631
579
  async install() {
632
580
  const repo = this.db.getRepository("collections");
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@tachybase/module-acl",
3
3
  "displayName": "Access control",
4
- "version": "0.23.58",
4
+ "version": "1.0.6",
5
5
  "description": "Based on roles, resources, and actions, access control can precisely manage interface configuration permissions, data operation permissions, menu access permissions, and plugin permissions.",
6
6
  "keywords": [
7
7
  "Users & permissions"
@@ -20,18 +20,18 @@
20
20
  "react": "^18.3.1",
21
21
  "react-dom": "^18.3.1",
22
22
  "react-i18next": "^15.2.0",
23
- "@tachybase/schema": "0.23.58",
24
- "@tachybase/components": "0.23.58"
23
+ "@tachybase/components": "1.0.6",
24
+ "@tachybase/schema": "1.0.6"
25
25
  },
26
26
  "peerDependencies": {
27
- "@tachybase/acl": "0.23.58",
28
- "@tachybase/actions": "0.23.58",
29
- "@tachybase/cache": "0.23.58",
30
- "@tachybase/client": "0.23.58",
31
- "@tachybase/database": "0.23.58",
32
- "@tachybase/test": "0.23.58",
33
- "@tachybase/server": "0.23.58",
34
- "@tachybase/utils": "0.23.58"
27
+ "@tachybase/acl": "1.0.6",
28
+ "@tachybase/actions": "1.0.6",
29
+ "@tachybase/cache": "1.0.6",
30
+ "@tachybase/client": "1.0.6",
31
+ "@tachybase/database": "1.0.6",
32
+ "@tachybase/server": "1.0.6",
33
+ "@tachybase/utils": "1.0.6",
34
+ "@tachybase/test": "1.0.6"
35
35
  },
36
36
  "description.zh-CN": "基于角色、资源和操作的权限控制,可以精确控制界面配置权限、数据操作权限、菜单访问权限、插件权限。",
37
37
  "displayName.zh-CN": "权限控制",