@taruvi/refine-providers 1.2.8 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.cjs +37 -30
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +8 -1
  4. package/dist/index.d.ts +8 -1
  5. package/dist/index.js +38 -31
  6. package/dist/index.js.map +1 -1
  7. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -5,7 +5,7 @@ import DataLoader from 'dataloader';
5
5
 
6
6
  // package.json
7
7
  var package_default = {
8
- version: "1.2.7"};
8
+ version: "1.3.0"};
9
9
 
10
10
  // src/utils.ts
11
11
  var REFINE_OPERATOR_MAP = {
@@ -225,6 +225,10 @@ function applyPopulate(query, meta) {
225
225
  const populateArray = Array.isArray(meta.populate) ? meta.populate : meta.populate.split(",").map((s) => s.trim());
226
226
  return query.populate(populateArray);
227
227
  }
228
+ function applyAllowedActions(query, meta) {
229
+ if (!meta?.allowedActions?.length) return query;
230
+ return query.allowedActions(meta.allowedActions);
231
+ }
228
232
  function isGraphQuery(meta) {
229
233
  return !!(meta?.format || meta?.graph_types || meta?.include || meta?.depth);
230
234
  }
@@ -249,7 +253,9 @@ function dataProvider(client) {
249
253
  const taruviMeta = meta;
250
254
  const tableName = getTableName(resource, taruviMeta);
251
255
  if (isGraphQuery(taruviMeta)) {
252
- const response2 = await buildGraphQuery(client, tableName, taruviMeta).execute();
256
+ let graphQuery = buildGraphQuery(client, tableName, taruviMeta);
257
+ graphQuery = applyAllowedActions(graphQuery, taruviMeta);
258
+ const response2 = await graphQuery.execute();
253
259
  const data = Array.isArray(response2) ? response2 : response2?.data ?? [];
254
260
  const total = response2?.total ?? data.length;
255
261
  return { data, total };
@@ -260,6 +266,7 @@ function dataProvider(client) {
260
266
  query = applyPagination(query, pagination);
261
267
  query = applyPopulate(query, taruviMeta);
262
268
  query = applyAggregations(query, taruviMeta);
269
+ query = applyAllowedActions(query, taruviMeta);
263
270
  const response = await query.execute();
264
271
  return { data: response.data, total: response.total };
265
272
  },
@@ -911,6 +918,7 @@ function analyticsDataProvider(client) {
911
918
  }
912
919
  };
913
920
  }
921
+ var _cachedUser = null;
914
922
  function authProvider(client) {
915
923
  const auth = new Auth(client);
916
924
  return {
@@ -938,6 +946,7 @@ function authProvider(client) {
938
946
  },
939
947
  logout: async (params = {}) => {
940
948
  const { callbackUrl } = params;
949
+ _cachedUser = null;
941
950
  await auth.logout(callbackUrl);
942
951
  return {
943
952
  success: true,
@@ -948,24 +957,20 @@ function authProvider(client) {
948
957
  if (!auth.isUserAuthenticated()) {
949
958
  return { authenticated: false, redirectTo: "/login" };
950
959
  }
951
- try {
952
- const user = await auth.getCurrentUser();
953
- if (user) {
954
- return { authenticated: true };
955
- }
956
- } catch {
957
- }
958
- return { authenticated: false, redirectTo: "/login" };
960
+ return { authenticated: true };
959
961
  },
960
962
  onError: async (error) => {
961
963
  const status = error?.statusCode || error?.status || error?.response?.status;
962
- if (status === 401 || status === 403) {
964
+ if (status === 401) {
963
965
  return {
964
966
  logout: true,
965
967
  redirectTo: "/login",
966
968
  error
967
969
  };
968
970
  }
971
+ if (status === 403) {
972
+ return { error };
973
+ }
969
974
  return { error };
970
975
  },
971
976
  register: async (params = {}) => {
@@ -978,16 +983,15 @@ function authProvider(client) {
978
983
  getIdentity: async () => {
979
984
  const response = await auth.getCurrentUser();
980
985
  if (!response) {
986
+ _cachedUser = null;
981
987
  return null;
982
988
  }
983
- return response.data ?? response;
989
+ const user = response.data ?? response;
990
+ _cachedUser = user;
991
+ return user;
984
992
  },
985
993
  getPermissions: async () => {
986
- const response = await auth.getCurrentUser();
987
- if (!response) {
988
- return null;
989
- }
990
- const user = response.data ?? response;
994
+ const user = _cachedUser;
991
995
  if (!user) {
992
996
  return null;
993
997
  }
@@ -1007,9 +1011,16 @@ function accessControlProvider(client, options) {
1007
1011
  const { batchDelayMs = 50 } = options ?? {};
1008
1012
  const permissionLoader = new DataLoader(
1009
1013
  async (checks) => {
1010
- const response = await auth.getCurrentUser();
1011
- const user = response ? response.data ?? response : null;
1012
- if (!user) {
1014
+ let currentUser = _cachedUser;
1015
+ if (!currentUser) {
1016
+ try {
1017
+ const response = await auth.getCurrentUser();
1018
+ currentUser = response ? response.data ?? response : null;
1019
+ } catch {
1020
+ currentUser = null;
1021
+ }
1022
+ }
1023
+ if (!currentUser) {
1013
1024
  return checks.map(() => ({
1014
1025
  can: false,
1015
1026
  reason: "User not authenticated"
@@ -1021,8 +1032,7 @@ function accessControlProvider(client, options) {
1021
1032
  const key = `${check.resource}:${recordId}`;
1022
1033
  if (!uniqueResources.has(key)) {
1023
1034
  uniqueResources.set(key, {
1024
- entityType: check.entityType,
1025
- tableName: check.resource,
1035
+ resource: check.resource,
1026
1036
  recordId,
1027
1037
  attributes: check.params || {},
1028
1038
  actions: /* @__PURE__ */ new Set()
@@ -1030,10 +1040,9 @@ function accessControlProvider(client, options) {
1030
1040
  }
1031
1041
  uniqueResources.get(key).actions.add(check.action);
1032
1042
  }
1033
- const batchPayload = Array.from(uniqueResources.values()).map((entry) => ({
1034
- entityType: entry.entityType ?? entry.tableName,
1035
- // Default to tableName if entityType not specified
1036
- tableName: entry.tableName,
1043
+ const uniqueEntries = Array.from(uniqueResources.values());
1044
+ const batchPayload = uniqueEntries.map((entry) => ({
1045
+ resource: entry.resource,
1037
1046
  recordId: entry.recordId,
1038
1047
  attributes: entry.attributes,
1039
1048
  actions: Array.from(entry.actions)
@@ -1043,7 +1052,7 @@ function accessControlProvider(client, options) {
1043
1052
  const resultsByResource = /* @__PURE__ */ new Map();
1044
1053
  result?.results?.forEach((r, index) => {
1045
1054
  const payload = batchPayload[index];
1046
- const key = `${payload.tableName}:${payload.recordId}`;
1055
+ const key = `${payload.resource}:${payload.recordId}`;
1047
1056
  resultsByResource.set(key, r.actions || {});
1048
1057
  });
1049
1058
  return checks.map((check) => {
@@ -1075,12 +1084,10 @@ function accessControlProvider(client, options) {
1075
1084
  if (!resource) {
1076
1085
  return { can: false, reason: "Resource not specified" };
1077
1086
  }
1078
- const entityType = params?.entityType ?? params?.resource?.meta?.entityType;
1079
1087
  return permissionLoader.load({
1080
1088
  resource,
1081
1089
  action,
1082
- params,
1083
- entityType
1090
+ params
1084
1091
  });
1085
1092
  },
1086
1093
  options: {
@@ -1098,6 +1105,6 @@ function accessControlProvider(client, options) {
1098
1105
  };
1099
1106
  }
1100
1107
 
1101
- export { REFINE_OPERATOR_MAP, accessControlProvider, analyticsDataProvider, appDataProvider, authProvider, buildQueryString, buildRefineQueryParams, convertRefineFilters, convertRefinePagination, convertRefineSorters, dataProvider, functionsDataProvider, handleError, storageDataProvider, userDataProvider };
1108
+ export { REFINE_OPERATOR_MAP, _cachedUser, accessControlProvider, analyticsDataProvider, appDataProvider, authProvider, buildQueryString, buildRefineQueryParams, convertRefineFilters, convertRefinePagination, convertRefineSorters, dataProvider, functionsDataProvider, handleError, storageDataProvider, userDataProvider };
1102
1109
  //# sourceMappingURL=index.js.map
1103
1110
  //# sourceMappingURL=index.js.map