@taruvi/refine-providers 1.2.8 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +37 -30
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +8 -1
- package/dist/index.d.ts +8 -1
- package/dist/index.js +38 -31
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -11,7 +11,7 @@ var DataLoader__default = /*#__PURE__*/_interopDefault(DataLoader);
|
|
|
11
11
|
|
|
12
12
|
// package.json
|
|
13
13
|
var package_default = {
|
|
14
|
-
version: "1.
|
|
14
|
+
version: "1.3.0"};
|
|
15
15
|
|
|
16
16
|
// src/utils.ts
|
|
17
17
|
var REFINE_OPERATOR_MAP = {
|
|
@@ -231,6 +231,10 @@ function applyPopulate(query, meta) {
|
|
|
231
231
|
const populateArray = Array.isArray(meta.populate) ? meta.populate : meta.populate.split(",").map((s) => s.trim());
|
|
232
232
|
return query.populate(populateArray);
|
|
233
233
|
}
|
|
234
|
+
function applyAllowedActions(query, meta) {
|
|
235
|
+
if (!meta?.allowedActions?.length) return query;
|
|
236
|
+
return query.allowedActions(meta.allowedActions);
|
|
237
|
+
}
|
|
234
238
|
function isGraphQuery(meta) {
|
|
235
239
|
return !!(meta?.format || meta?.graph_types || meta?.include || meta?.depth);
|
|
236
240
|
}
|
|
@@ -255,7 +259,9 @@ function dataProvider(client) {
|
|
|
255
259
|
const taruviMeta = meta;
|
|
256
260
|
const tableName = getTableName(resource, taruviMeta);
|
|
257
261
|
if (isGraphQuery(taruviMeta)) {
|
|
258
|
-
|
|
262
|
+
let graphQuery = buildGraphQuery(client, tableName, taruviMeta);
|
|
263
|
+
graphQuery = applyAllowedActions(graphQuery, taruviMeta);
|
|
264
|
+
const response2 = await graphQuery.execute();
|
|
259
265
|
const data = Array.isArray(response2) ? response2 : response2?.data ?? [];
|
|
260
266
|
const total = response2?.total ?? data.length;
|
|
261
267
|
return { data, total };
|
|
@@ -266,6 +272,7 @@ function dataProvider(client) {
|
|
|
266
272
|
query = applyPagination(query, pagination);
|
|
267
273
|
query = applyPopulate(query, taruviMeta);
|
|
268
274
|
query = applyAggregations(query, taruviMeta);
|
|
275
|
+
query = applyAllowedActions(query, taruviMeta);
|
|
269
276
|
const response = await query.execute();
|
|
270
277
|
return { data: response.data, total: response.total };
|
|
271
278
|
},
|
|
@@ -917,6 +924,7 @@ function analyticsDataProvider(client) {
|
|
|
917
924
|
}
|
|
918
925
|
};
|
|
919
926
|
}
|
|
927
|
+
exports._cachedUser = null;
|
|
920
928
|
function authProvider(client) {
|
|
921
929
|
const auth = new sdk.Auth(client);
|
|
922
930
|
return {
|
|
@@ -944,6 +952,7 @@ function authProvider(client) {
|
|
|
944
952
|
},
|
|
945
953
|
logout: async (params = {}) => {
|
|
946
954
|
const { callbackUrl } = params;
|
|
955
|
+
exports._cachedUser = null;
|
|
947
956
|
await auth.logout(callbackUrl);
|
|
948
957
|
return {
|
|
949
958
|
success: true,
|
|
@@ -954,24 +963,20 @@ function authProvider(client) {
|
|
|
954
963
|
if (!auth.isUserAuthenticated()) {
|
|
955
964
|
return { authenticated: false, redirectTo: "/login" };
|
|
956
965
|
}
|
|
957
|
-
|
|
958
|
-
const user = await auth.getCurrentUser();
|
|
959
|
-
if (user) {
|
|
960
|
-
return { authenticated: true };
|
|
961
|
-
}
|
|
962
|
-
} catch {
|
|
963
|
-
}
|
|
964
|
-
return { authenticated: false, redirectTo: "/login" };
|
|
966
|
+
return { authenticated: true };
|
|
965
967
|
},
|
|
966
968
|
onError: async (error) => {
|
|
967
969
|
const status = error?.statusCode || error?.status || error?.response?.status;
|
|
968
|
-
if (status === 401
|
|
970
|
+
if (status === 401) {
|
|
969
971
|
return {
|
|
970
972
|
logout: true,
|
|
971
973
|
redirectTo: "/login",
|
|
972
974
|
error
|
|
973
975
|
};
|
|
974
976
|
}
|
|
977
|
+
if (status === 403) {
|
|
978
|
+
return { error };
|
|
979
|
+
}
|
|
975
980
|
return { error };
|
|
976
981
|
},
|
|
977
982
|
register: async (params = {}) => {
|
|
@@ -984,16 +989,15 @@ function authProvider(client) {
|
|
|
984
989
|
getIdentity: async () => {
|
|
985
990
|
const response = await auth.getCurrentUser();
|
|
986
991
|
if (!response) {
|
|
992
|
+
exports._cachedUser = null;
|
|
987
993
|
return null;
|
|
988
994
|
}
|
|
989
|
-
|
|
995
|
+
const user = response.data ?? response;
|
|
996
|
+
exports._cachedUser = user;
|
|
997
|
+
return user;
|
|
990
998
|
},
|
|
991
999
|
getPermissions: async () => {
|
|
992
|
-
const
|
|
993
|
-
if (!response) {
|
|
994
|
-
return null;
|
|
995
|
-
}
|
|
996
|
-
const user = response.data ?? response;
|
|
1000
|
+
const user = exports._cachedUser;
|
|
997
1001
|
if (!user) {
|
|
998
1002
|
return null;
|
|
999
1003
|
}
|
|
@@ -1013,9 +1017,16 @@ function accessControlProvider(client, options) {
|
|
|
1013
1017
|
const { batchDelayMs = 50 } = options ?? {};
|
|
1014
1018
|
const permissionLoader = new DataLoader__default.default(
|
|
1015
1019
|
async (checks) => {
|
|
1016
|
-
|
|
1017
|
-
|
|
1018
|
-
|
|
1020
|
+
let currentUser = exports._cachedUser;
|
|
1021
|
+
if (!currentUser) {
|
|
1022
|
+
try {
|
|
1023
|
+
const response = await auth.getCurrentUser();
|
|
1024
|
+
currentUser = response ? response.data ?? response : null;
|
|
1025
|
+
} catch {
|
|
1026
|
+
currentUser = null;
|
|
1027
|
+
}
|
|
1028
|
+
}
|
|
1029
|
+
if (!currentUser) {
|
|
1019
1030
|
return checks.map(() => ({
|
|
1020
1031
|
can: false,
|
|
1021
1032
|
reason: "User not authenticated"
|
|
@@ -1027,8 +1038,7 @@ function accessControlProvider(client, options) {
|
|
|
1027
1038
|
const key = `${check.resource}:${recordId}`;
|
|
1028
1039
|
if (!uniqueResources.has(key)) {
|
|
1029
1040
|
uniqueResources.set(key, {
|
|
1030
|
-
|
|
1031
|
-
tableName: check.resource,
|
|
1041
|
+
resource: check.resource,
|
|
1032
1042
|
recordId,
|
|
1033
1043
|
attributes: check.params || {},
|
|
1034
1044
|
actions: /* @__PURE__ */ new Set()
|
|
@@ -1036,10 +1046,9 @@ function accessControlProvider(client, options) {
|
|
|
1036
1046
|
}
|
|
1037
1047
|
uniqueResources.get(key).actions.add(check.action);
|
|
1038
1048
|
}
|
|
1039
|
-
const
|
|
1040
|
-
|
|
1041
|
-
|
|
1042
|
-
tableName: entry.tableName,
|
|
1049
|
+
const uniqueEntries = Array.from(uniqueResources.values());
|
|
1050
|
+
const batchPayload = uniqueEntries.map((entry) => ({
|
|
1051
|
+
resource: entry.resource,
|
|
1043
1052
|
recordId: entry.recordId,
|
|
1044
1053
|
attributes: entry.attributes,
|
|
1045
1054
|
actions: Array.from(entry.actions)
|
|
@@ -1049,7 +1058,7 @@ function accessControlProvider(client, options) {
|
|
|
1049
1058
|
const resultsByResource = /* @__PURE__ */ new Map();
|
|
1050
1059
|
result?.results?.forEach((r, index) => {
|
|
1051
1060
|
const payload = batchPayload[index];
|
|
1052
|
-
const key = `${payload.
|
|
1061
|
+
const key = `${payload.resource}:${payload.recordId}`;
|
|
1053
1062
|
resultsByResource.set(key, r.actions || {});
|
|
1054
1063
|
});
|
|
1055
1064
|
return checks.map((check) => {
|
|
@@ -1081,12 +1090,10 @@ function accessControlProvider(client, options) {
|
|
|
1081
1090
|
if (!resource) {
|
|
1082
1091
|
return { can: false, reason: "Resource not specified" };
|
|
1083
1092
|
}
|
|
1084
|
-
const entityType = params?.entityType ?? params?.resource?.meta?.entityType;
|
|
1085
1093
|
return permissionLoader.load({
|
|
1086
1094
|
resource,
|
|
1087
1095
|
action,
|
|
1088
|
-
params
|
|
1089
|
-
entityType
|
|
1096
|
+
params
|
|
1090
1097
|
});
|
|
1091
1098
|
},
|
|
1092
1099
|
options: {
|