@webiny/api-aco 5.38.0-beta.0 → 5.38.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/createAcoContext.js +10 -2
  2. package/createAcoContext.js.map +1 -1
  3. package/folder/folder.model.js +3 -0
  4. package/folder/folder.model.js.map +1 -1
  5. package/package.json +25 -25
  6. package/utils/FolderLevelPermissions.d.ts +7 -4
  7. package/utils/FolderLevelPermissions.js +73 -58
  8. package/utils/FolderLevelPermissions.js.map +1 -1
  9. package/utils/decorators/CmsEntriesCrudDecorators.js +99 -30
  10. package/utils/decorators/CmsEntriesCrudDecorators.js.map +1 -1
  11. package/utils/decorators/constants.d.ts +1 -0
  12. package/utils/decorators/constants.js +10 -0
  13. package/utils/decorators/constants.js.map +1 -0
  14. package/utils/decorators/where.d.ts +14 -0
  15. package/utils/decorators/where.js +45 -0
  16. package/utils/decorators/where.js.map +1 -0
package/createAcoContext.js CHANGED
@@ -123,8 +123,16 @@ const setupAcoContext = async context => {
123
123
  model: defaultRecordModel
124
124
  }, plugin.app));
125
125
  }
126
- const listAdminUsers = () => context.adminUsers.listUsers();
127
- const listTeams = () => context.security.listTeams();
126
+ const listAdminUsers = () => {
127
+ return security.withoutAuthorization(async () => {
128
+ return context.adminUsers.listUsers();
129
+ });
130
+ };
131
+ const listTeams = () => {
132
+ return security.withoutAuthorization(async () => {
133
+ return context.security.listTeams();
134
+ });
135
+ };
128
136
  context.aco = {
129
137
  folder: (0, _folder.createFolderCrudMethods)((0, _objectSpread2.default)((0, _objectSpread2.default)({}, params), {}, {
130
138
  listAdminUsers,
package/createAcoContext.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_error","_interopRequireDefault","require","_api","_createAcoHooks","_createAcoStorageOperations","_isInstallationPending","_folder","_record","_apps","_record2","_plugins","_FolderLevelPermissions","_CmsEntriesCrudDecorators","_folder2","_createOperationsWrapper","_getFieldValues","_filter","setupAcoContext","context","tenancy","security","i18n","getLocale","locale","getContentLocale","WebinyError","getTenant","getCurrentTenant","storageOperations","createAcoStorageOperations","cms","getCmsContext","folderLevelPermissions","FolderLevelPermissions","getIdentity","getIdentityTeam","withoutAuthorization","identity","adminUser","adminUsers","getUser","where","id","team","getTeam","listPermissions","listAllFolders","type","withModel","createOperationsWrapper","modelName","FOLDER_MODEL_ID","model","results","entries","list","limit","latest","sort","items","map","entry","getFolderFieldValues","baseFields","canUseTeams","wcp","canUseFolderLevelPermissions","params","defaultRecordModel","getModel","SEARCH_RECORD_MODEL_ID","apps","AcoApps","plugins","byType","AcoAppRegisterPlugin","plugin","register","_objectSpread2","default","app","listAdminUsers","listUsers","listTeams","aco","folder","createFolderCrudMethods","search","createSearchRecordCrudMethods","filter","createFilterCrudMethods","getApp","name","get","listApps","registerApp","CmsEntriesCrudDecorators","decorate","createAcoContext","ContextPlugin","isInstallationPending","benchmark","measure","createAcoHooks","exports"],"sources":["createAcoContext.ts"],"sourcesContent":["import WebinyError from \"@webiny/error\";\nimport { ContextPlugin } from \"@webiny/api\";\nimport { I18NLocale } from \"@webiny/api-i18n/types\";\nimport { Tenant } from \"@webiny/api-tenancy/types\";\nimport { createAcoHooks } from \"~/createAcoHooks\";\nimport { baseFields, createAcoStorageOperations } from \"~/createAcoStorageOperations\";\nimport { isInstallationPending } from \"~/utils/isInstallationPending\";\nimport { AcoContext, CreateAcoParams, IAcoAppRegisterParams } from \"~/types\";\nimport { createFolderCrudMethods } from \"~/folder/folder.crud\";\nimport { createSearchRecordCrudMethods } from \"~/record/record.crud\";\nimport { AcoApps } from \"./apps\";\nimport { SEARCH_RECORD_MODEL_ID } from \"~/record/record.model\";\nimport { AcoAppRegisterPlugin } from \"~/plugins\";\nimport { FolderLevelPermissions } from \"~/utils/FolderLevelPermissions\";\nimport { CmsEntriesCrudDecorators } from \"~/utils/decorators/CmsEntriesCrudDecorators\";\nimport { FOLDER_MODEL_ID } from \"~/folder/folder.model\";\nimport { createOperationsWrapper } from \"~/utils/createOperationsWrapper\";\nimport { getFolderFieldValues } from \"~/utils/getFieldValues\";\nimport { createFilterCrudMethods } from \"~/filter/filter.crud\";\n\nconst setupAcoContext = async (context: AcoContext): Promise<void> => {\n const { tenancy, security, i18n } = context;\n\n const getLocale = (): I18NLocale => {\n const locale = i18n.getContentLocale();\n if (!locale) {\n throw new WebinyError(\n \"Missing content locale in api-aco/plugins/context.ts\",\n \"LOCALE_ERROR\"\n );\n }\n\n return locale;\n };\n\n const getTenant = (): Tenant => {\n return tenancy.getCurrentTenant();\n };\n\n const storageOperations = createAcoStorageOperations({\n /**\n * TODO: We need to figure out a way to pass \"cms\" from outside (e.g. apps/api/graphql)\n */\n cms: context.cms,\n /**\n * TODO: This is required for \"entryFieldFromStorageTransform\" which access plugins from context.\n */\n getCmsContext: () => context,\n security\n });\n\n const folderLevelPermissions = new FolderLevelPermissions({\n getIdentity: () => security.getIdentity(),\n getIdentityTeam: async () => {\n return security.withoutAuthorization(async () => {\n const identity = security.getIdentity();\n const adminUser = await context.adminUsers.getUser({ where: { id: identity.id } });\n if (!adminUser) {\n return null;\n }\n\n if (!adminUser.team) {\n return null;\n }\n\n return context.security.getTeam({ where: { id: adminUser.team } });\n });\n },\n listPermissions: () => security.listPermissions(),\n listAllFolders: type => {\n // When retrieving a list of all folders, we want to do it in the\n // fastest way and that is by directly using CMS's storage operations.\n const { withModel } = createOperationsWrapper({\n modelName: FOLDER_MODEL_ID,\n cms: context.cms,\n getCmsContext: () => context,\n security\n });\n\n return withModel(async model => {\n const results = await context.cms.storageOperations.entries.list(model, {\n limit: 100_000,\n where: {\n type,\n\n // Folders always work with latest entries. We never publish them.\n latest: true\n },\n sort: [\"title_ASC\"]\n });\n\n return results.items.map(entry => getFolderFieldValues(entry, baseFields));\n });\n },\n canUseTeams: () => context.wcp.canUseTeams(),\n canUseFolderLevelPermissions: () => context.wcp.canUseFolderLevelPermissions()\n });\n\n const params: CreateAcoParams = {\n getLocale,\n getTenant,\n storageOperations,\n folderLevelPermissions\n };\n\n const defaultRecordModel = await context.security.withoutAuthorization(async () => {\n return context.cms.getModel(SEARCH_RECORD_MODEL_ID);\n });\n\n if (!defaultRecordModel) {\n throw new WebinyError(`There is no default record model in ${SEARCH_RECORD_MODEL_ID}`);\n }\n\n /**\n * First we need to create all the apps.\n */\n const apps = new AcoApps(context, params);\n const plugins = context.plugins.byType<AcoAppRegisterPlugin>(AcoAppRegisterPlugin.type);\n for (const plugin of plugins) {\n await apps.register({\n model: defaultRecordModel,\n ...plugin.app\n });\n }\n\n const listAdminUsers = () => context.adminUsers.listUsers();\n const listTeams = () => context.security.listTeams();\n\n context.aco = {\n folder: createFolderCrudMethods({\n ...params,\n listAdminUsers,\n listTeams\n }),\n search: createSearchRecordCrudMethods(params),\n folderLevelPermissions,\n filter: createFilterCrudMethods(params),\n apps,\n getApp: (name: string) => apps.get(name),\n listApps: () => apps.list(),\n registerApp: async (params: IAcoAppRegisterParams) => {\n return apps.register({\n model: defaultRecordModel,\n ...params\n });\n }\n };\n\n if (context.wcp.canUseFolderLevelPermissions()) {\n new CmsEntriesCrudDecorators({ context }).decorate();\n\n // PB decorators registered here: packages/api-page-builder-aco/src/index.ts\n // new PageBuilderCrudDecorators({ context }).decorate();\n }\n};\n\nexport const createAcoContext = () => {\n const plugin = new ContextPlugin<AcoContext>(async context => {\n /**\n * We can skip the ACO initialization if the installation is pending.\n */\n if (isInstallationPending(context)) {\n return;\n }\n await context.benchmark.measure(\"aco.context.setup\", async () => {\n await setupAcoContext(context);\n });\n\n await context.benchmark.measure(\"aco.context.hooks\", async () => {\n await createAcoHooks(context);\n });\n });\n\n plugin.name = \"aco.createContext\";\n\n return plugin;\n};\n"],"mappings":";;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAGA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,2BAAA,GAAAH,OAAA;AACA,IAAAI,sBAAA,GAAAJ,OAAA;AAEA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,KAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AACA,IAAAU,uBAAA,GAAAV,OAAA;AACA,IAAAW,yBAAA,GAAAX,OAAA;AACA,IAAAY,QAAA,GAAAZ,OAAA;AACA,IAAAa,wBAAA,GAAAb,OAAA;AACA,IAAAc,eAAA,GAAAd,OAAA;AACA,IAAAe,OAAA,GAAAf,OAAA;AAEA,MAAMgB,eAAe,GAAG,MAAOC,OAAmB,IAAoB;EAClE,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC;EAAK,CAAC,GAAGH,OAAO;EAE3C,MAAMI,SAAS,GAAGA,CAAA,KAAkB;IAChC,MAAMC,MAAM,GAAGF,IAAI,CAACG,gBAAgB,CAAC,CAAC;IACtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIE,cAAW,CACjB,sDAAsD,EACtD,cACJ,CAAC;IACL;IAEA,OAAOF,MAAM;EACjB,CAAC;EAED,MAAMG,SAAS,GAAGA,CAAA,KAAc;IAC5B,OAAOP,OAAO,CAACQ,gBAAgB,CAAC,CAAC;EACrC,CAAC;EAED,MAAMC,iBAAiB,GAAG,IAAAC,sDAA0B,EAAC;IACjD;AACR;AACA;IACQC,GAAG,EAAEZ,OAAO,CAACY,GAAG;IAChB;AACR;AACA;IACQC,aAAa,EAAEA,CAAA,KAAMb,OAAO;IAC5BE;EACJ,CAAC,CAAC;EAEF,MAAMY,sBAAsB,GAAG,IAAIC,8CAAsB,CAAC;IACtDC,WAAW,EAAEA,CAAA,KAAMd,QAAQ,CAACc,WAAW,CAAC,CAAC;IACzCC,eAAe,EAAE,MAAAA,CAAA,KAAY;MACzB,OAAOf,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;QAC7C,MAAMC,QAAQ,GAAGjB,QAAQ,CAACc,WAAW,CAAC,CAAC;QACvC,MAAMI,SAAS,GAAG,MAAMpB,OAAO,CAACqB,UAAU,CAACC,OAAO,CAAC;UAAEC,KAAK,EAAE;YAAEC,EAAE,EAAEL,QAAQ,CAACK;UAAG;QAAE,CAAC,CAAC;QAClF,IAAI,CAACJ,SAAS,EAAE;UACZ,OAAO,IAAI;QACf;QAEA,IAAI,CAACA,SAAS,CAACK,IAAI,EAAE;UACjB,OAAO,IAAI;QACf;QAEA,OAAOzB,OAAO,CAACE,QAAQ,CAACwB,OAAO,CAAC;UAAEH,KAAK,EAAE;YAAEC,EAAE,EAAEJ,SAAS,CAACK;UAAK;QAAE,CAAC,CAAC;MACtE,CAAC,CAAC;IACN,CAAC;IACDE,eAAe,EAAEA,CAAA,KAAMzB,QAAQ,CAACyB,eAAe,CAAC,CAAC;IACjDC,cAAc,EAAEC,IAAI,IAAI;MACpB;MACA;MACA,MAAM;QAAEC;MAAU,CAAC,GAAG,IAAAC,gDAAuB,EAAC;QAC1CC,SAAS,EAAEC,wBAAe;QAC1BrB,GAAG,EAAEZ,OAAO,CAACY,GAAG;QAChBC,aAAa,EAAEA,CAAA,KAAMb,OAAO;QAC5BE;MACJ,CAAC,CAAC;MAEF,OAAO4B,SAAS,CAAC,MAAMI,KAAK,IAAI;QAC5B,MAAMC,OAAO,GAAG,MAAMnC,OAAO,CAACY,GAAG,CAACF,iBAAiB,CAAC0B,OAAO,CAACC,IAAI,CAACH,KAAK,EAAE;UACpEI,KAAK,EAAE,OAAO;UACdf,KAAK,EAAE;YACHM,IAAI;YAEJ;YACAU,MAAM,EAAE;UACZ,CAAC;UACDC,IAAI,EAAE,CAAC,WAAW;QACtB,CAAC,CAAC;QAEF,OAAOL,OAAO,CAACM,KAAK,CAACC,GAAG,CAACC,KAAK,IAAI,IAAAC,oCAAoB,EAACD,KAAK,EAAEE,sCAAU,CAAC,CAAC;MAC9E,CAAC,CAAC;IACN,CAAC;IACDC,WAAW,EAAEA,CAAA,KAAM9C,OAAO,CAAC+C,GAAG,CAACD,WAAW,CAAC,CAAC;IAC5CE,4BAA4B,EAAEA,CAAA,KAAMhD,OAAO,CAAC+C,GAAG,CAACC,4BAA4B,CAAC;EACjF,CAAC,CAAC;EAEF,MAAMC,MAAuB,GAAG;IAC5B7C,SAAS;IACTI,SAAS;IACTE,iBAAiB;IACjBI;EACJ,CAAC;EAED,MAAMoC,kBAAkB,GAAG,MAAMlD,OAAO,CAACE,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;IAC/E,OAAOlB,OAAO,CAACY,GAAG,CAACuC,QAAQ,CAACC,+BAAsB,CAAC;EACvD,CAAC,CAAC;EAEF,IAAI,CAACF,kBAAkB,EAAE;IACrB,MAAM,IAAI3C,cAAW,CAAE,uCAAsC6C,+BAAuB,EAAC,CAAC;EAC1F;;EAEA;AACJ;AACA;EACI,MAAMC,IAAI,GAAG,IAAIC,aAAO,CAACtD,OAAO,EAAEiD,MAAM,CAAC;EACzC,MAAMM,OAAO,GAAGvD,OAAO,CAACuD,OAAO,CAACC,MAAM,CAAuBC,6BAAoB,CAAC5B,IAAI,CAAC;EACvF,KAAK,MAAM6B,MAAM,IAAIH,OAAO,EAAE;IAC1B,MAAMF,IAAI,CAACM,QAAQ,KAAAC,cAAA,CAAAC,OAAA;MACf3B,KAAK,EAAEgB;IAAkB,GACtBQ,MAAM,CAACI,GAAG,CAChB,CAAC;EACN;EAEA,MAAMC,cAAc,GAAGA,CAAA,KAAM/D,OAAO,CAACqB,UAAU,CAAC2C,SAAS,CAAC,CAAC;EAC3D,MAAMC,SAAS,GAAGA,CAAA,KAAMjE,OAAO,CAACE,QAAQ,CAAC+D,SAAS,CAAC,CAAC;EAEpDjE,OAAO,CAACkE,GAAG,GAAG;IACVC,MAAM,EAAE,IAAAC,+BAAuB,MAAAR,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACxBZ,MAAM;MACTc,cAAc;MACdE;IAAS,EACZ,CAAC;IACFI,MAAM,EAAE,IAAAC,qCAA6B,EAACrB,MAAM,CAAC;IAC7CnC,sBAAsB;IACtByD,MAAM,EAAE,IAAAC,+BAAuB,EAACvB,MAAM,CAAC;IACvCI,IAAI;IACJoB,MAAM,EAAGC,IAAY,IAAKrB,IAAI,CAACsB,GAAG,CAACD,IAAI,CAAC;IACxCE,QAAQ,EAAEA,CAAA,KAAMvB,IAAI,CAAChB,IAAI,CAAC,CAAC;IAC3BwC,WAAW,EAAE,MAAO5B,MAA6B,IAAK;MAClD,OAAOI,IAAI,CAACM,QAAQ,KAAAC,cAAA,CAAAC,OAAA;QAChB3B,KAAK,EAAEgB;MAAkB,GACtBD,MAAM,CACZ,CAAC;IACN;EACJ,CAAC;EAED,IAAIjD,OAAO,CAAC+C,GAAG,CAACC,4BAA4B,CAAC,CAAC,EAAE;IAC5C,IAAI8B,kDAAwB,CAAC;MAAE9E;IAAQ,CAAC,CAAC,CAAC+E,QAAQ,CAAC,CAAC;;IAEpD;IACA;EACJ;AACJ,CAAC;;AAEM,MAAMC,gBAAgB,GAAGA,CAAA,KAAM;EAClC,MAAMtB,MAAM,GAAG,IAAIuB,kBAAa,CAAa,MAAMjF,OAAO,IAAI;IAC1D;AACR;AACA;IACQ,IAAI,IAAAkF,4CAAqB,EAAClF,OAAO,CAAC,EAAE;MAChC;IACJ;IACA,MAAMA,OAAO,CAACmF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAMrF,eAAe,CAACC,OAAO,CAAC;IAClC,CAAC,CAAC;IAEF,MAAMA,OAAO,CAACmF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAM,IAAAC,8BAAc,EAACrF,OAAO,CAAC;IACjC,CAAC,CAAC;EACN,CAAC,CAAC;EAEF0D,MAAM,CAACgB,IAAI,GAAG,mBAAmB;EAEjC,OAAOhB,MAAM;AACjB,CAAC;AAAC4B,OAAA,CAAAN,gBAAA,GAAAA,gBAAA"}
1
+ {"version":3,"names":["_error","_interopRequireDefault","require","_api","_createAcoHooks","_createAcoStorageOperations","_isInstallationPending","_folder","_record","_apps","_record2","_plugins","_FolderLevelPermissions","_CmsEntriesCrudDecorators","_folder2","_createOperationsWrapper","_getFieldValues","_filter","setupAcoContext","context","tenancy","security","i18n","getLocale","locale","getContentLocale","WebinyError","getTenant","getCurrentTenant","storageOperations","createAcoStorageOperations","cms","getCmsContext","folderLevelPermissions","FolderLevelPermissions","getIdentity","getIdentityTeam","withoutAuthorization","identity","adminUser","adminUsers","getUser","where","id","team","getTeam","listPermissions","listAllFolders","type","withModel","createOperationsWrapper","modelName","FOLDER_MODEL_ID","model","results","entries","list","limit","latest","sort","items","map","entry","getFolderFieldValues","baseFields","canUseTeams","wcp","canUseFolderLevelPermissions","params","defaultRecordModel","getModel","SEARCH_RECORD_MODEL_ID","apps","AcoApps","plugins","byType","AcoAppRegisterPlugin","plugin","register","_objectSpread2","default","app","listAdminUsers","listUsers","listTeams","aco","folder","createFolderCrudMethods","search","createSearchRecordCrudMethods","filter","createFilterCrudMethods","getApp","name","get","listApps","registerApp","CmsEntriesCrudDecorators","decorate","createAcoContext","ContextPlugin","isInstallationPending","benchmark","measure","createAcoHooks","exports"],"sources":["createAcoContext.ts"],"sourcesContent":["import WebinyError from \"@webiny/error\";\nimport { ContextPlugin } from \"@webiny/api\";\nimport { I18NLocale } from \"@webiny/api-i18n/types\";\nimport { Tenant } from \"@webiny/api-tenancy/types\";\nimport { createAcoHooks } from \"~/createAcoHooks\";\nimport { baseFields, createAcoStorageOperations } from \"~/createAcoStorageOperations\";\nimport { isInstallationPending } from \"~/utils/isInstallationPending\";\nimport { AcoContext, CreateAcoParams, IAcoAppRegisterParams } from \"~/types\";\nimport { createFolderCrudMethods } from \"~/folder/folder.crud\";\nimport { createSearchRecordCrudMethods } from \"~/record/record.crud\";\nimport { AcoApps } from \"./apps\";\nimport { SEARCH_RECORD_MODEL_ID } from \"~/record/record.model\";\nimport { AcoAppRegisterPlugin } from \"~/plugins\";\nimport { FolderLevelPermissions } from \"~/utils/FolderLevelPermissions\";\nimport { CmsEntriesCrudDecorators } from \"~/utils/decorators/CmsEntriesCrudDecorators\";\nimport { FOLDER_MODEL_ID } from \"~/folder/folder.model\";\nimport { createOperationsWrapper } from \"~/utils/createOperationsWrapper\";\nimport { getFolderFieldValues } from \"~/utils/getFieldValues\";\nimport { createFilterCrudMethods } from \"~/filter/filter.crud\";\n\nconst setupAcoContext = async (context: AcoContext): Promise<void> => {\n const { tenancy, security, i18n } = context;\n\n const getLocale = (): I18NLocale => {\n const locale = i18n.getContentLocale();\n if (!locale) {\n throw new WebinyError(\n \"Missing content locale in api-aco/plugins/context.ts\",\n \"LOCALE_ERROR\"\n );\n }\n\n return locale;\n };\n\n const getTenant = (): Tenant => {\n return tenancy.getCurrentTenant();\n };\n\n const storageOperations = createAcoStorageOperations({\n /**\n * TODO: We need to figure out a way to pass \"cms\" from outside (e.g. apps/api/graphql)\n */\n cms: context.cms,\n /**\n * TODO: This is required for \"entryFieldFromStorageTransform\" which access plugins from context.\n */\n getCmsContext: () => context,\n security\n });\n\n const folderLevelPermissions = new FolderLevelPermissions({\n getIdentity: () => security.getIdentity(),\n getIdentityTeam: async () => {\n return security.withoutAuthorization(async () => {\n const identity = security.getIdentity();\n const adminUser = await context.adminUsers.getUser({ where: { id: identity.id } });\n if (!adminUser) {\n return null;\n }\n\n if (!adminUser.team) {\n return null;\n }\n\n return context.security.getTeam({ where: { id: adminUser.team } });\n });\n },\n listPermissions: () => security.listPermissions(),\n listAllFolders: type => {\n // When retrieving a list of all folders, we want to do it in the\n // fastest way and that is by directly using CMS's storage operations.\n const { withModel } = createOperationsWrapper({\n modelName: FOLDER_MODEL_ID,\n cms: context.cms,\n getCmsContext: () => context,\n security\n });\n\n return withModel(async model => {\n const results = await context.cms.storageOperations.entries.list(model, {\n limit: 100_000,\n where: {\n type,\n\n // Folders always work with latest entries. We never publish them.\n latest: true\n },\n sort: [\"title_ASC\"]\n });\n\n return results.items.map(entry => getFolderFieldValues(entry, baseFields));\n });\n },\n canUseTeams: () => context.wcp.canUseTeams(),\n canUseFolderLevelPermissions: () => context.wcp.canUseFolderLevelPermissions()\n });\n\n const params: CreateAcoParams = {\n getLocale,\n getTenant,\n storageOperations,\n folderLevelPermissions\n };\n\n const defaultRecordModel = await context.security.withoutAuthorization(async () => {\n return context.cms.getModel(SEARCH_RECORD_MODEL_ID);\n });\n\n if (!defaultRecordModel) {\n throw new WebinyError(`There is no default record model in ${SEARCH_RECORD_MODEL_ID}`);\n }\n\n /**\n * First we need to create all the apps.\n */\n const apps = new AcoApps(context, params);\n const plugins = context.plugins.byType<AcoAppRegisterPlugin>(AcoAppRegisterPlugin.type);\n for (const plugin of plugins) {\n await apps.register({\n model: defaultRecordModel,\n ...plugin.app\n });\n }\n\n const listAdminUsers = () => {\n return security.withoutAuthorization(async () => {\n return context.adminUsers.listUsers();\n });\n };\n const listTeams = () => {\n return security.withoutAuthorization(async () => {\n return context.security.listTeams();\n });\n };\n\n context.aco = {\n folder: createFolderCrudMethods({\n ...params,\n listAdminUsers,\n listTeams\n }),\n search: createSearchRecordCrudMethods(params),\n folderLevelPermissions,\n filter: createFilterCrudMethods(params),\n apps,\n getApp: (name: string) => apps.get(name),\n listApps: () => apps.list(),\n registerApp: async (params: IAcoAppRegisterParams) => {\n return apps.register({\n model: defaultRecordModel,\n ...params\n });\n }\n };\n\n if (context.wcp.canUseFolderLevelPermissions()) {\n new CmsEntriesCrudDecorators({ context }).decorate();\n\n // PB decorators registered here: packages/api-page-builder-aco/src/index.ts\n // new PageBuilderCrudDecorators({ context }).decorate();\n }\n};\n\nexport const createAcoContext = () => {\n const plugin = new ContextPlugin<AcoContext>(async context => {\n /**\n * We can skip the ACO initialization if the installation is pending.\n */\n if (isInstallationPending(context)) {\n return;\n }\n await context.benchmark.measure(\"aco.context.setup\", async () => {\n await setupAcoContext(context);\n });\n\n await context.benchmark.measure(\"aco.context.hooks\", async () => {\n await createAcoHooks(context);\n });\n });\n\n plugin.name = \"aco.createContext\";\n\n return plugin;\n};\n"],"mappings":";;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAGA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,2BAAA,GAAAH,OAAA;AACA,IAAAI,sBAAA,GAAAJ,OAAA;AAEA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,KAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AACA,IAAAU,uBAAA,GAAAV,OAAA;AACA,IAAAW,yBAAA,GAAAX,OAAA;AACA,IAAAY,QAAA,GAAAZ,OAAA;AACA,IAAAa,wBAAA,GAAAb,OAAA;AACA,IAAAc,eAAA,GAAAd,OAAA;AACA,IAAAe,OAAA,GAAAf,OAAA;AAEA,MAAMgB,eAAe,GAAG,MAAOC,OAAmB,IAAoB;EAClE,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC;EAAK,CAAC,GAAGH,OAAO;EAE3C,MAAMI,SAAS,GAAGA,CAAA,KAAkB;IAChC,MAAMC,MAAM,GAAGF,IAAI,CAACG,gBAAgB,CAAC,CAAC;IACtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIE,cAAW,CACjB,sDAAsD,EACtD,cACJ,CAAC;IACL;IAEA,OAAOF,MAAM;EACjB,CAAC;EAED,MAAMG,SAAS,GAAGA,CAAA,KAAc;IAC5B,OAAOP,OAAO,CAACQ,gBAAgB,CAAC,CAAC;EACrC,CAAC;EAED,MAAMC,iBAAiB,GAAG,IAAAC,sDAA0B,EAAC;IACjD;AACR;AACA;IACQC,GAAG,EAAEZ,OAAO,CAACY,GAAG;IAChB;AACR;AACA;IACQC,aAAa,EAAEA,CAAA,KAAMb,OAAO;IAC5BE;EACJ,CAAC,CAAC;EAEF,MAAMY,sBAAsB,GAAG,IAAIC,8CAAsB,CAAC;IACtDC,WAAW,EAAEA,CAAA,KAAMd,QAAQ,CAACc,WAAW,CAAC,CAAC;IACzCC,eAAe,EAAE,MAAAA,CAAA,KAAY;MACzB,OAAOf,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;QAC7C,MAAMC,QAAQ,GAAGjB,QAAQ,CAACc,WAAW,CAAC,CAAC;QACvC,MAAMI,SAAS,GAAG,MAAMpB,OAAO,CAACqB,UAAU,CAACC,OAAO,CAAC;UAAEC,KAAK,EAAE;YAAEC,EAAE,EAAEL,QAAQ,CAACK;UAAG;QAAE,CAAC,CAAC;QAClF,IAAI,CAACJ,SAAS,EAAE;UACZ,OAAO,IAAI;QACf;QAEA,IAAI,CAACA,SAAS,CAACK,IAAI,EAAE;UACjB,OAAO,IAAI;QACf;QAEA,OAAOzB,OAAO,CAACE,QAAQ,CAACwB,OAAO,CAAC;UAAEH,KAAK,EAAE;YAAEC,EAAE,EAAEJ,SAAS,CAACK;UAAK;QAAE,CAAC,CAAC;MACtE,CAAC,CAAC;IACN,CAAC;IACDE,eAAe,EAAEA,CAAA,KAAMzB,QAAQ,CAACyB,eAAe,CAAC,CAAC;IACjDC,cAAc,EAAEC,IAAI,IAAI;MACpB;MACA;MACA,MAAM;QAAEC;MAAU,CAAC,GAAG,IAAAC,gDAAuB,EAAC;QAC1CC,SAAS,EAAEC,wBAAe;QAC1BrB,GAAG,EAAEZ,OAAO,CAACY,GAAG;QAChBC,aAAa,EAAEA,CAAA,KAAMb,OAAO;QAC5BE;MACJ,CAAC,CAAC;MAEF,OAAO4B,SAAS,CAAC,MAAMI,KAAK,IAAI;QAC5B,MAAMC,OAAO,GAAG,MAAMnC,OAAO,CAACY,GAAG,CAACF,iBAAiB,CAAC0B,OAAO,CAACC,IAAI,CAACH,KAAK,EAAE;UACpEI,KAAK,EAAE,OAAO;UACdf,KAAK,EAAE;YACHM,IAAI;YAEJ;YACAU,MAAM,EAAE;UACZ,CAAC;UACDC,IAAI,EAAE,CAAC,WAAW;QACtB,CAAC,CAAC;QAEF,OAAOL,OAAO,CAACM,KAAK,CAACC,GAAG,CAACC,KAAK,IAAI,IAAAC,oCAAoB,EAACD,KAAK,EAAEE,sCAAU,CAAC,CAAC;MAC9E,CAAC,CAAC;IACN,CAAC;IACDC,WAAW,EAAEA,CAAA,KAAM9C,OAAO,CAAC+C,GAAG,CAACD,WAAW,CAAC,CAAC;IAC5CE,4BAA4B,EAAEA,CAAA,KAAMhD,OAAO,CAAC+C,GAAG,CAACC,4BAA4B,CAAC;EACjF,CAAC,CAAC;EAEF,MAAMC,MAAuB,GAAG;IAC5B7C,SAAS;IACTI,SAAS;IACTE,iBAAiB;IACjBI;EACJ,CAAC;EAED,MAAMoC,kBAAkB,GAAG,MAAMlD,OAAO,CAACE,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;IAC/E,OAAOlB,OAAO,CAACY,GAAG,CAACuC,QAAQ,CAACC,+BAAsB,CAAC;EACvD,CAAC,CAAC;EAEF,IAAI,CAACF,kBAAkB,EAAE;IACrB,MAAM,IAAI3C,cAAW,CAAE,uCAAsC6C,+BAAuB,EAAC,CAAC;EAC1F;;EAEA;AACJ;AACA;EACI,MAAMC,IAAI,GAAG,IAAIC,aAAO,CAACtD,OAAO,EAAEiD,MAAM,CAAC;EACzC,MAAMM,OAAO,GAAGvD,OAAO,CAACuD,OAAO,CAACC,MAAM,CAAuBC,6BAAoB,CAAC5B,IAAI,CAAC;EACvF,KAAK,MAAM6B,MAAM,IAAIH,OAAO,EAAE;IAC1B,MAAMF,IAAI,CAACM,QAAQ,KAAAC,cAAA,CAAAC,OAAA;MACf3B,KAAK,EAAEgB;IAAkB,GACtBQ,MAAM,CAACI,GAAG,CAChB,CAAC;EACN;EAEA,MAAMC,cAAc,GAAGA,CAAA,KAAM;IACzB,OAAO7D,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOlB,OAAO,CAACqB,UAAU,CAAC2C,SAAS,CAAC,CAAC;IACzC,CAAC,CAAC;EACN,CAAC;EACD,MAAMC,SAAS,GAAGA,CAAA,KAAM;IACpB,OAAO/D,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOlB,OAAO,CAACE,QAAQ,CAAC+D,SAAS,CAAC,CAAC;IACvC,CAAC,CAAC;EACN,CAAC;EAEDjE,OAAO,CAACkE,GAAG,GAAG;IACVC,MAAM,EAAE,IAAAC,+BAAuB,MAAAR,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACxBZ,MAAM;MACTc,cAAc;MACdE;IAAS,EACZ,CAAC;IACFI,MAAM,EAAE,IAAAC,qCAA6B,EAACrB,MAAM,CAAC;IAC7CnC,sBAAsB;IACtByD,MAAM,EAAE,IAAAC,+BAAuB,EAACvB,MAAM,CAAC;IACvCI,IAAI;IACJoB,MAAM,EAAGC,IAAY,IAAKrB,IAAI,CAACsB,GAAG,CAACD,IAAI,CAAC;IACxCE,QAAQ,EAAEA,CAAA,KAAMvB,IAAI,CAAChB,IAAI,CAAC,CAAC;IAC3BwC,WAAW,EAAE,MAAO5B,MAA6B,IAAK;MAClD,OAAOI,IAAI,CAACM,QAAQ,KAAAC,cAAA,CAAAC,OAAA;QAChB3B,KAAK,EAAEgB;MAAkB,GACtBD,MAAM,CACZ,CAAC;IACN;EACJ,CAAC;EAED,IAAIjD,OAAO,CAAC+C,GAAG,CAACC,4BAA4B,CAAC,CAAC,EAAE;IAC5C,IAAI8B,kDAAwB,CAAC;MAAE9E;IAAQ,CAAC,CAAC,CAAC+E,QAAQ,CAAC,CAAC;;IAEpD;IACA;EACJ;AACJ,CAAC;;AAEM,MAAMC,gBAAgB,GAAGA,CAAA,KAAM;EAClC,MAAMtB,MAAM,GAAG,IAAIuB,kBAAa,CAAa,MAAMjF,OAAO,IAAI;IAC1D;AACR;AACA;IACQ,IAAI,IAAAkF,4CAAqB,EAAClF,OAAO,CAAC,EAAE;MAChC;IACJ;IACA,MAAMA,OAAO,CAACmF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAMrF,eAAe,CAACC,OAAO,CAAC;IAClC,CAAC,CAAC;IAEF,MAAMA,OAAO,CAACmF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAM,IAAAC,8BAAc,EAACrF,OAAO,CAAC;IACjC,CAAC,CAAC;EACN,CAAC,CAAC;EAEF0D,MAAM,CAACgB,IAAI,GAAG,mBAAmB;EAEjC,OAAOhB,MAAM;AACjB,CAAC;AAAC4B,OAAA,CAAAN,gBAAA,GAAAA,gBAAA"}
package/folder/folder.model.js CHANGED
@@ -79,6 +79,9 @@ const permissionsField = () => (0, _createModelField.createModelField)({
79
79
  }, {
80
80
  label: "Owner",
81
81
  value: "owner"
82
+ }, {
83
+ label: "Public",
84
+ value: "public"
82
85
  }]
83
86
  }
84
87
  }],
package/folder/folder.model.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_createModelField","require","titleField","createModelField","label","type","validation","name","message","slugField","settings","preset","regex","flags","typeField","parentIdField","permissionsField","fieldId","multipleValues","listValidation","fields","id","storageId","predefinedValues","enabled","values","value","layout","FOLDER_MODEL_ID","exports","createFolderModelDefinition","modelId","titleFieldId","description","isPrivate"],"sources":["folder.model.ts"],"sourcesContent":["import { createModelField } from \"~/utils/createModelField\";\nimport { CmsPrivateModelFull } from \"@webiny/api-headless-cms\";\n\nexport type FolderModelDefinition = Omit<CmsPrivateModelFull, \"noValidate\" | \"group\">;\n\nconst titleField = () =>\n createModelField({\n label: \"Title\",\n type: \"text\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n }\n ]\n });\n\nconst slugField = () =>\n createModelField({\n label: \"Slug\",\n type: \"text\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n },\n {\n name: \"pattern\",\n settings: {\n preset: \"custom\",\n regex: \"^[a-z0-9]+(-[a-z0-9]+)*$\",\n flags: \"g\"\n },\n message: \"Value must consist of only 'a-z', '0-9' and '-'.\"\n }\n ]\n });\n\nconst typeField = () =>\n createModelField({\n label: \"Type\",\n type: \"text\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n }\n ]\n });\n\nconst parentIdField = () =>\n createModelField({\n label: \"Parent Id\",\n type: \"text\"\n });\n\nconst permissionsField = () =>\n createModelField({\n label: \"Permissions\",\n fieldId: \"permissions\",\n type: \"object\",\n multipleValues: true,\n listValidation: [],\n settings: {\n fields: [\n {\n id: \"target\",\n type: \"text\",\n storageId: \"text@target\",\n fieldId: \"target\",\n label: \"Target\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n }\n ]\n },\n {\n id: \"level\",\n type: \"text\",\n storageId: \"text@level\",\n fieldId: \"level\",\n label: \"Level\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n }\n ],\n predefinedValues: {\n enabled: true,\n values: [\n {\n label: \"Viewer\",\n value: \"viewer\"\n },\n {\n label: \"Editor\",\n value: \"editor\"\n },\n {\n label: \"Owner\",\n value: \"owner\"\n }\n ]\n }\n }\n ],\n layout: [[\"target\"], [\"level\"]]\n }\n });\n\nexport const FOLDER_MODEL_ID = \"acoFolder\";\n\nexport const createFolderModelDefinition = (): FolderModelDefinition => {\n return {\n name: \"ACO - Folder\",\n modelId: FOLDER_MODEL_ID,\n titleFieldId: \"title\",\n layout: [[\"title\"], [\"slug\"], [\"type\"], [\"parentId\"], [\"permissions\"]],\n\n fields: [titleField(), slugField(), typeField(), parentIdField(), permissionsField()],\n description: \"ACO - Folder content model\",\n isPrivate: true\n };\n};\n"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAKA,MAAMC,UAAU,GAAGA,CAAA,KACf,IAAAC,kCAAgB,EAAC;EACbC,KAAK,EAAE,OAAO;EACdC,IAAI,EAAE,MAAM;EACZC,UAAU,EAAE,CACR;IACIC,IAAI,EAAE,UAAU;IAChBC,OAAO,EAAE;EACb,CAAC;AAET,CAAC,CAAC;AAEN,MAAMC,SAAS,GAAGA,CAAA,KACd,IAAAN,kCAAgB,EAAC;EACbC,KAAK,EAAE,MAAM;EACbC,IAAI,EAAE,MAAM;EACZC,UAAU,EAAE,CACR;IACIC,IAAI,EAAE,UAAU;IAChBC,OAAO,EAAE;EACb,CAAC,EACD;IACID,IAAI,EAAE,SAAS;IACfG,QAAQ,EAAE;MACNC,MAAM,EAAE,QAAQ;MAChBC,KAAK,EAAE,0BAA0B;MACjCC,KAAK,EAAE;IACX,CAAC;IACDL,OAAO,EAAE;EACb,CAAC;AAET,CAAC,CAAC;AAEN,MAAMM,SAAS,GAAGA,CAAA,KACd,IAAAX,kCAAgB,EAAC;EACbC,KAAK,EAAE,MAAM;EACbC,IAAI,EAAE,MAAM;EACZC,UAAU,EAAE,CACR;IACIC,IAAI,EAAE,UAAU;IAChBC,OAAO,EAAE;EACb,CAAC;AAET,CAAC,CAAC;AAEN,MAAMO,aAAa,GAAGA,CAAA,KAClB,IAAAZ,kCAAgB,EAAC;EACbC,KAAK,EAAE,WAAW;EAClBC,IAAI,EAAE;AACV,CAAC,CAAC;AAEN,MAAMW,gBAAgB,GAAGA,CAAA,KACrB,IAAAb,kCAAgB,EAAC;EACbC,KAAK,EAAE,aAAa;EACpBa,OAAO,EAAE,aAAa;EACtBZ,IAAI,EAAE,QAAQ;EACda,cAAc,EAAE,IAAI;EACpBC,cAAc,EAAE,EAAE;EAClBT,QAAQ,EAAE;IACNU,MAAM,EAAE,CACJ;MACIC,EAAE,EAAE,QAAQ;MACZhB,IAAI,EAAE,MAAM;MACZiB,SAAS,EAAE,aAAa;MACxBL,OAAO,EAAE,QAAQ;MACjBb,KAAK,EAAE,QAAQ;MACfE,UAAU,EAAE,CACR;QACIC,IAAI,EAAE,UAAU;QAChBC,OAAO,EAAE;MACb,CAAC;IAET,CAAC,EACD;MACIa,EAAE,EAAE,OAAO;MACXhB,IAAI,EAAE,MAAM;MACZiB,SAAS,EAAE,YAAY;MACvBL,OAAO,EAAE,OAAO;MAChBb,KAAK,EAAE,OAAO;MACdE,UAAU,EAAE,CACR;QACIC,IAAI,EAAE,UAAU;QAChBC,OAAO,EAAE;MACb,CAAC,CACJ;MACDe,gBAAgB,EAAE;QACdC,OAAO,EAAE,IAAI;QACbC,MAAM,EAAE,CACJ;UACIrB,KAAK,EAAE,QAAQ;UACfsB,KAAK,EAAE;QACX,CAAC,EACD;UACItB,KAAK,EAAE,QAAQ;UACfsB,KAAK,EAAE;QACX,CAAC,EACD;UACItB,KAAK,EAAE,OAAO;UACdsB,KAAK,EAAE;QACX,CAAC;MAET;IACJ,CAAC,CACJ;IACDC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,OAAO,CAAC;EAClC;AACJ,CAAC,CAAC;AAEC,MAAMC,eAAe,GAAG,WAAW;AAACC,OAAA,CAAAD,eAAA,GAAAA,eAAA;AAEpC,MAAME,2BAA2B,GAAGA,CAAA,KAA6B;EACpE,OAAO;IACHvB,IAAI,EAAE,cAAc;IACpBwB,OAAO,EAAEH,eAAe;IACxBI,YAAY,EAAE,OAAO;IACrBL,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC;IAEtEP,MAAM,EAAE,CAAClB,UAAU,CAAC,CAAC,EAAEO,SAAS,CAAC,CAAC,EAAEK,SAAS,CAAC,CAAC,EAAEC,aAAa,CAAC,CAAC,EAAEC,gBAAgB,CAAC,CAAC,CAAC;IACrFiB,WAAW,EAAE,4BAA4B;IACzCC,SAAS,EAAE;EACf,CAAC;AACL,CAAC;AAACL,OAAA,CAAAC,2BAAA,GAAAA,2BAAA"}
1
+ {"version":3,"names":["_createModelField","require","titleField","createModelField","label","type","validation","name","message","slugField","settings","preset","regex","flags","typeField","parentIdField","permissionsField","fieldId","multipleValues","listValidation","fields","id","storageId","predefinedValues","enabled","values","value","layout","FOLDER_MODEL_ID","exports","createFolderModelDefinition","modelId","titleFieldId","description","isPrivate"],"sources":["folder.model.ts"],"sourcesContent":["import { createModelField } from \"~/utils/createModelField\";\nimport { CmsPrivateModelFull } from \"@webiny/api-headless-cms\";\n\nexport type FolderModelDefinition = Omit<CmsPrivateModelFull, \"noValidate\" | \"group\">;\n\nconst titleField = () =>\n createModelField({\n label: \"Title\",\n type: \"text\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n }\n ]\n });\n\nconst slugField = () =>\n createModelField({\n label: \"Slug\",\n type: \"text\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n },\n {\n name: \"pattern\",\n settings: {\n preset: \"custom\",\n regex: \"^[a-z0-9]+(-[a-z0-9]+)*$\",\n flags: \"g\"\n },\n message: \"Value must consist of only 'a-z', '0-9' and '-'.\"\n }\n ]\n });\n\nconst typeField = () =>\n createModelField({\n label: \"Type\",\n type: \"text\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n }\n ]\n });\n\nconst parentIdField = () =>\n createModelField({\n label: \"Parent Id\",\n type: \"text\"\n });\n\nconst permissionsField = () =>\n createModelField({\n label: \"Permissions\",\n fieldId: \"permissions\",\n type: \"object\",\n multipleValues: true,\n listValidation: [],\n settings: {\n fields: [\n {\n id: \"target\",\n type: \"text\",\n storageId: \"text@target\",\n fieldId: \"target\",\n label: \"Target\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n }\n ]\n },\n {\n id: \"level\",\n type: \"text\",\n storageId: \"text@level\",\n fieldId: \"level\",\n label: \"Level\",\n validation: [\n {\n name: \"required\",\n message: \"Value is required.\"\n }\n ],\n predefinedValues: {\n enabled: true,\n values: [\n {\n label: \"Viewer\",\n value: \"viewer\"\n },\n {\n label: \"Editor\",\n value: \"editor\"\n },\n {\n label: \"Owner\",\n value: \"owner\"\n },\n {\n label: \"Public\",\n value: \"public\"\n }\n ]\n }\n }\n ],\n layout: [[\"target\"], [\"level\"]]\n }\n });\n\nexport const FOLDER_MODEL_ID = \"acoFolder\";\n\nexport const createFolderModelDefinition = (): FolderModelDefinition => {\n return {\n name: \"ACO - Folder\",\n modelId: FOLDER_MODEL_ID,\n titleFieldId: \"title\",\n layout: [[\"title\"], [\"slug\"], [\"type\"], [\"parentId\"], [\"permissions\"]],\n\n fields: [titleField(), slugField(), typeField(), parentIdField(), permissionsField()],\n description: \"ACO - Folder content model\",\n isPrivate: true\n };\n};\n"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAKA,MAAMC,UAAU,GAAGA,CAAA,KACf,IAAAC,kCAAgB,EAAC;EACbC,KAAK,EAAE,OAAO;EACdC,IAAI,EAAE,MAAM;EACZC,UAAU,EAAE,CACR;IACIC,IAAI,EAAE,UAAU;IAChBC,OAAO,EAAE;EACb,CAAC;AAET,CAAC,CAAC;AAEN,MAAMC,SAAS,GAAGA,CAAA,KACd,IAAAN,kCAAgB,EAAC;EACbC,KAAK,EAAE,MAAM;EACbC,IAAI,EAAE,MAAM;EACZC,UAAU,EAAE,CACR;IACIC,IAAI,EAAE,UAAU;IAChBC,OAAO,EAAE;EACb,CAAC,EACD;IACID,IAAI,EAAE,SAAS;IACfG,QAAQ,EAAE;MACNC,MAAM,EAAE,QAAQ;MAChBC,KAAK,EAAE,0BAA0B;MACjCC,KAAK,EAAE;IACX,CAAC;IACDL,OAAO,EAAE;EACb,CAAC;AAET,CAAC,CAAC;AAEN,MAAMM,SAAS,GAAGA,CAAA,KACd,IAAAX,kCAAgB,EAAC;EACbC,KAAK,EAAE,MAAM;EACbC,IAAI,EAAE,MAAM;EACZC,UAAU,EAAE,CACR;IACIC,IAAI,EAAE,UAAU;IAChBC,OAAO,EAAE;EACb,CAAC;AAET,CAAC,CAAC;AAEN,MAAMO,aAAa,GAAGA,CAAA,KAClB,IAAAZ,kCAAgB,EAAC;EACbC,KAAK,EAAE,WAAW;EAClBC,IAAI,EAAE;AACV,CAAC,CAAC;AAEN,MAAMW,gBAAgB,GAAGA,CAAA,KACrB,IAAAb,kCAAgB,EAAC;EACbC,KAAK,EAAE,aAAa;EACpBa,OAAO,EAAE,aAAa;EACtBZ,IAAI,EAAE,QAAQ;EACda,cAAc,EAAE,IAAI;EACpBC,cAAc,EAAE,EAAE;EAClBT,QAAQ,EAAE;IACNU,MAAM,EAAE,CACJ;MACIC,EAAE,EAAE,QAAQ;MACZhB,IAAI,EAAE,MAAM;MACZiB,SAAS,EAAE,aAAa;MACxBL,OAAO,EAAE,QAAQ;MACjBb,KAAK,EAAE,QAAQ;MACfE,UAAU,EAAE,CACR;QACIC,IAAI,EAAE,UAAU;QAChBC,OAAO,EAAE;MACb,CAAC;IAET,CAAC,EACD;MACIa,EAAE,EAAE,OAAO;MACXhB,IAAI,EAAE,MAAM;MACZiB,SAAS,EAAE,YAAY;MACvBL,OAAO,EAAE,OAAO;MAChBb,KAAK,EAAE,OAAO;MACdE,UAAU,EAAE,CACR;QACIC,IAAI,EAAE,UAAU;QAChBC,OAAO,EAAE;MACb,CAAC,CACJ;MACDe,gBAAgB,EAAE;QACdC,OAAO,EAAE,IAAI;QACbC,MAAM,EAAE,CACJ;UACIrB,KAAK,EAAE,QAAQ;UACfsB,KAAK,EAAE;QACX,CAAC,EACD;UACItB,KAAK,EAAE,QAAQ;UACfsB,KAAK,EAAE;QACX,CAAC,EACD;UACItB,KAAK,EAAE,OAAO;UACdsB,KAAK,EAAE;QACX,CAAC,EACD;UACItB,KAAK,EAAE,QAAQ;UACfsB,KAAK,EAAE;QACX,CAAC;MAET;IACJ,CAAC,CACJ;IACDC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,OAAO,CAAC;EAClC;AACJ,CAAC,CAAC;AAEC,MAAMC,eAAe,GAAG,WAAW;AAACC,OAAA,CAAAD,eAAA,GAAAA,eAAA;AAEpC,MAAME,2BAA2B,GAAGA,CAAA,KAA6B;EACpE,OAAO;IACHvB,IAAI,EAAE,cAAc;IACpBwB,OAAO,EAAEH,eAAe;IACxBI,YAAY,EAAE,OAAO;IACrBL,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC;IAEtEP,MAAM,EAAE,CAAClB,UAAU,CAAC,CAAC,EAAEO,SAAS,CAAC,CAAC,EAAEK,SAAS,CAAC,CAAC,EAAEC,aAAa,CAAC,CAAC,EAAEC,gBAAgB,CAAC,CAAC,CAAC;IACrFiB,WAAW,EAAE,4BAA4B;IACzCC,SAAS,EAAE;EACf,CAAC;AACL,CAAC;AAACL,OAAA,CAAAC,2BAAA,GAAAA,2BAAA"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@webiny/api-aco",
3
- "version": "5.38.0-beta.0",
3
+ "version": "5.38.0-beta.1",
4
4
  "main": "index.js",
5
5
  "keywords": [
6
6
  "aco:base"
@@ -23,18 +23,18 @@
23
23
  },
24
24
  "dependencies": {
25
25
  "@ungap/structured-clone": "1.2.0",
26
- "@webiny/api": "5.38.0-beta.0",
27
- "@webiny/api-authentication": "5.38.0-beta.0",
28
- "@webiny/api-headless-cms": "5.38.0-beta.0",
29
- "@webiny/api-i18n": "5.38.0-beta.0",
30
- "@webiny/api-security": "5.38.0-beta.0",
31
- "@webiny/api-tenancy": "5.38.0-beta.0",
32
- "@webiny/error": "5.38.0-beta.0",
33
- "@webiny/handler": "5.38.0-beta.0",
34
- "@webiny/handler-graphql": "5.38.0-beta.0",
35
- "@webiny/pubsub": "5.38.0-beta.0",
36
- "@webiny/utils": "5.38.0-beta.0",
37
- "@webiny/validation": "5.38.0-beta.0",
26
+ "@webiny/api": "5.38.0-beta.1",
27
+ "@webiny/api-authentication": "5.38.0-beta.1",
28
+ "@webiny/api-headless-cms": "5.38.0-beta.1",
29
+ "@webiny/api-i18n": "5.38.0-beta.1",
30
+ "@webiny/api-security": "5.38.0-beta.1",
31
+ "@webiny/api-tenancy": "5.38.0-beta.1",
32
+ "@webiny/error": "5.38.0-beta.1",
33
+ "@webiny/handler": "5.38.0-beta.1",
34
+ "@webiny/handler-graphql": "5.38.0-beta.1",
35
+ "@webiny/pubsub": "5.38.0-beta.1",
36
+ "@webiny/utils": "5.38.0-beta.1",
37
+ "@webiny/validation": "5.38.0-beta.1",
38
38
  "lodash": "4.17.21"
39
39
  },
40
40
  "devDependencies": {
@@ -44,22 +44,22 @@
44
44
  "@babel/preset-typescript": "7.22.5",
45
45
  "@babel/runtime": "7.22.6",
46
46
  "@types/ungap__structured-clone": "0.3.0",
47
- "@webiny/api-admin-users": "5.38.0-beta.0",
48
- "@webiny/api-file-manager": "5.38.0-beta.0",
49
- "@webiny/api-i18n-ddb": "5.38.0-beta.0",
50
- "@webiny/api-security-so-ddb": "5.38.0-beta.0",
51
- "@webiny/api-tenancy-so-ddb": "5.38.0-beta.0",
52
- "@webiny/api-wcp": "5.38.0-beta.0",
53
- "@webiny/cli": "5.38.0-beta.0",
54
- "@webiny/handler-aws": "5.38.0-beta.0",
55
- "@webiny/plugins": "5.38.0-beta.0",
56
- "@webiny/project-utils": "5.38.0-beta.0",
57
- "@webiny/wcp": "5.38.0-beta.0",
47
+ "@webiny/api-admin-users": "5.38.0-beta.1",
48
+ "@webiny/api-file-manager": "5.38.0-beta.1",
49
+ "@webiny/api-i18n-ddb": "5.38.0-beta.1",
50
+ "@webiny/api-security-so-ddb": "5.38.0-beta.1",
51
+ "@webiny/api-tenancy-so-ddb": "5.38.0-beta.1",
52
+ "@webiny/api-wcp": "5.38.0-beta.1",
53
+ "@webiny/cli": "5.38.0-beta.1",
54
+ "@webiny/handler-aws": "5.38.0-beta.1",
55
+ "@webiny/plugins": "5.38.0-beta.1",
56
+ "@webiny/project-utils": "5.38.0-beta.1",
57
+ "@webiny/wcp": "5.38.0-beta.1",
58
58
  "graphql": "15.8.0",
59
59
  "prettier": "2.8.8",
60
60
  "rimraf": "3.0.2",
61
61
  "ttypescript": "1.5.15",
62
62
  "typescript": "4.7.4"
63
63
  },
64
- "gitHead": "5746389d4988626b50e2523ccfa0a9a5e398e0ed"
64
+ "gitHead": "6daf38d3ed0c029a8fea005c2b6246e5b325a09c"
65
65
  }
package/utils/FolderLevelPermissions.d.ts CHANGED
@@ -1,7 +1,7 @@
1
1
  import { Authentication } from "@webiny/api-authentication/types";
2
2
  import { SecurityPermission, Team } from "@webiny/api-security/types";
3
3
  import { Folder } from "../folder/folder.types";
4
- export declare type FolderAccessLevel = "owner" | "viewer" | "editor";
4
+ export declare type FolderAccessLevel = "owner" | "viewer" | "editor" | "public";
5
5
  export interface FolderPermission {
6
6
  target: string;
7
7
  level: FolderAccessLevel;
@@ -12,11 +12,14 @@ export interface FolderPermissionsListItem {
12
12
  permissions: FolderPermission[];
13
13
  }
14
14
  export declare type FolderPermissionsList = FolderPermissionsListItem[];
15
- export interface CanAccessFolderParams {
15
+ export interface CanAccessFolderContentParams {
16
16
  folder: Pick<Folder, "id" | "type" | "parentId">;
17
17
  rwd?: "r" | "w" | "d";
18
18
  foldersList?: Folder[];
19
19
  }
20
+ export interface CanAccessFolderParams extends CanAccessFolderContentParams {
21
+ managePermissions?: boolean;
22
+ }
20
23
  interface FilterFoldersParams {
21
24
  folders: Array<Folder>;
22
25
  rwd?: "r" | "w" | "d";
@@ -55,8 +58,8 @@ export declare class FolderLevelPermissions {
55
58
  ensureCanAccessFolder(params: CanAccessFolderParams): Promise<void>;
56
59
  canManageFolderPermissions(folder: Folder): false | Promise<boolean>;
57
60
  canManageFolderStructure(folder: Folder): true | Promise<boolean>;
58
- canAccessFolderContent(params: CanAccessFolderParams): Promise<boolean>;
59
- ensureCanAccessFolderContent(params: CanAccessFolderParams): Promise<void>;
61
+ canAccessFolderContent(params: CanAccessFolderContentParams): Promise<boolean>;
62
+ ensureCanAccessFolderContent(params: CanAccessFolderContentParams): Promise<void>;
60
63
  canCreateFolderInRoot(): Promise<boolean>;
61
64
  filterFolders(params: FilterFoldersParams): Promise<Folder[]>;
62
65
  assignFolderPermissions(folder: Folder | Folder[]): Promise<void>;
package/utils/FolderLevelPermissions.js CHANGED
@@ -63,11 +63,11 @@ class FolderLevelPermissions {
63
63
  const allFolders = foldersList || (await this.listAllFolders(folderType));
64
64
  const identity = this.getIdentity();
65
65
  const permissions = await this.listPermissions();
66
- const processedFolderPermissions = [];
67
66
  let identityTeam;
68
67
  if (this.canUseTeams()) {
69
68
  identityTeam = await this.getIdentityTeam();
70
69
  }
70
+ const processedFolderPermissions = [];
71
71
  const processFolderPermissions = folder => {
72
72
  var _folder$permissions;
73
73
  if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {
@@ -96,59 +96,74 @@ class FolderLevelPermissions {
96
96
 
97
97
  // If the parent folder has permissions, let's add them to the current folder.
98
98
  if (processedParentFolderPermissions) {
99
- const inheritedPermissions = processedParentFolderPermissions.permissions.map(p => {
100
- return (0, _objectSpread2.default)((0, _objectSpread2.default)({}, p), {}, {
101
- inheritedFrom: "parent:" + processedParentFolderPermissions.folderId
99
+ const isPublicParentFolder = processedParentFolderPermissions.permissions.some(p => p.level === "public");
100
+
101
+ // We inherit parent permissions if:
102
+ // 1. the parent folder is not public or...
103
+ // 2. ...the parent folder is public, but the current folder doesn't have any permissions set
104
+ const mustInherit = !isPublicParentFolder || currentFolderPermissions.permissions.length === 0;
105
+ if (mustInherit) {
106
+ const inheritedPermissions = processedParentFolderPermissions.permissions.map(p => {
107
+ return (0, _objectSpread2.default)((0, _objectSpread2.default)({}, p), {}, {
108
+ inheritedFrom: "parent:" + processedParentFolderPermissions.folderId
109
+ });
102
110
  });
103
- });
104
- currentFolderPermissions.permissions.push(...inheritedPermissions);
111
+ currentFolderPermissions.permissions.push(...inheritedPermissions);
112
+ }
105
113
  }
106
114
  }
107
115
  }
108
116
 
109
- // Finally, let's also ensure that the current user is included in the permissions,
110
- // if not already. Let's also ensure the user is the first item in the array.
111
- const [firstPermission] = currentFolderPermissions.permissions;
112
- let identityFirstPermission;
113
-
114
- // If current identity is already listed as the first permission, we don't need to do anything.
115
- if ((firstPermission === null || firstPermission === void 0 ? void 0 : firstPermission.target) === `admin:${identity.id}`) {
116
- identityFirstPermission = firstPermission;
117
- }
118
- if (!identityFirstPermission) {
117
+ // Let's ensure current identity's permission is included in the permissions array.
118
+ // We first check if the current identity is already included in the permissions array.
119
+ // If not, we check if the user has full access or if the team user belongs to has access.
120
+ const currentIdentityIncludedInPermissions = currentFolderPermissions.permissions.some(p => p.target === `admin:${identity.id}`);
121
+ if (currentIdentityIncludedInPermissions) {
122
+ // Ensure existing identity permission is always the first one in the array.
119
123
  const currentIdentityPermissionIndex = currentFolderPermissions.permissions.findIndex(p => p.target === `admin:${identity.id}`);
120
- if (currentIdentityPermissionIndex >= 0) {
121
- const [identityPermission] = currentFolderPermissions.permissions.splice(currentIdentityPermissionIndex, 1);
122
- currentFolderPermissions.permissions.unshift(identityPermission);
123
- identityFirstPermission = identityPermission;
124
- } else {
125
- // If the current identity is not in the permissions, let's add it.
126
- // If the user has full access, we'll add it as "owner".
127
- const hasFullAccess = permissions.some(p => p.name === "*");
128
- if (hasFullAccess) {
129
- identityFirstPermission = {
130
- target: `admin:${identity.id}`,
131
- level: "owner",
132
- inheritedFrom: "role:full-access"
133
- };
134
- currentFolderPermissions.permissions.unshift(identityFirstPermission);
135
- }
124
+ if (currentIdentityPermissionIndex > 0) {
125
+ const [currentIdentityPermission] = currentFolderPermissions.permissions.splice(currentIdentityPermissionIndex, 1);
126
+ currentFolderPermissions.permissions.unshift(currentIdentityPermission);
136
127
  }
137
- }
128
+ } else {
129
+ // Current identity not included in permissions? Let's add it.
130
+ let currentIdentityPermission = null;
138
131
 
139
- // Let's check if there is a team associated with the current identity.
140
- if (!identityFirstPermission) {
141
- if (identityTeam) {
132
+ // 1. Check if the user has full access.
133
+ const hasFullAccess = permissions.some(p => p.name === "*");
134
+ if (hasFullAccess) {
135
+ currentIdentityPermission = {
136
+ target: `admin:${identity.id}`,
137
+ level: "owner",
138
+ inheritedFrom: "role:full-access"
139
+ };
140
+ } else if (identityTeam) {
141
+ // 2. Check the team user belongs to grants access to the folder.
142
142
  const teamPermission = currentFolderPermissions.permissions.find(p => p.target === `team:${identityTeam.id}`);
143
143
  if (teamPermission) {
144
- identityFirstPermission = {
144
+ currentIdentityPermission = {
145
145
  target: `admin:${identity.id}`,
146
146
  level: teamPermission.level,
147
147
  inheritedFrom: "team:" + identityTeam.id
148
148
  };
149
- currentFolderPermissions.permissions.unshift(identityFirstPermission);
150
149
  }
151
150
  }
151
+ if (currentIdentityPermission) {
152
+ // If permission is found, let's add it to the beginning of the array.
153
+ // We're doing this just because it looks nicer in the UI.
154
+ currentFolderPermissions.permissions.unshift(currentIdentityPermission);
155
+ }
156
+ }
157
+
158
+ // Note that this can only happen with root folders. All other (child) folders will
159
+ // always have at least one permission (inherited from parent).
160
+ const mustAddPublicPermission = currentFolderPermissions.permissions.length === 0;
161
+ if (mustAddPublicPermission) {
162
+ currentFolderPermissions.permissions = [{
163
+ target: `admin:${identity.id}`,
164
+ level: "public",
165
+ inheritedFrom: "public"
166
+ }];
152
167
  }
153
168
  processedFolderPermissions.push(currentFolderPermissions);
154
169
  };
@@ -174,6 +189,9 @@ class FolderLevelPermissions {
174
189
  if (!this.canUseFolderLevelPermissions()) {
175
190
  return true;
176
191
  }
192
+ if (params.managePermissions && params.rwd !== "w") {
193
+ throw new Error(`Cannot check for "managePermissions" access without "w" access.`);
194
+ }
177
195
  const {
178
196
  folder
179
197
  } = params;
@@ -199,6 +217,13 @@ class FolderLevelPermissions {
199
217
  folder,
200
218
  foldersList: params.foldersList
201
219
  });
220
+
221
+ // If dealing with a public folder, we only care if we're checking for "managePermissions" access.
222
+ // If we are, we can return false, because public folders cannot have permissions managed.
223
+ const isPublicFolder = folderPermissions === null || folderPermissions === void 0 ? void 0 : folderPermissions.permissions.some(p => p.level === "public");
224
+ if (isPublicFolder) {
225
+ return !params.managePermissions;
226
+ }
202
227
  const identity = this.getIdentity();
203
228
  const userAccessLevel = folderPermissions === null || folderPermissions === void 0 || (_folderPermissions$pe = folderPermissions.permissions.find(p => p.target === "admin:" + identity.id)) === null || _folderPermissions$pe === void 0 ? void 0 : _folderPermissions$pe.level;
204
229
  let teamAccessLevel;
@@ -220,13 +245,6 @@ class FolderLevelPermissions {
220
245
  return true;
221
246
  }
222
247
 
223
- // If the user doesn't have any access level, let's check if the folder has any permissions set.
224
- // Folders that don't have any permissions set are considered "public".
225
- const hasPermissions = folderPermissions && folderPermissions.permissions.length > 0;
226
- if (!hasPermissions) {
227
- return true;
228
- }
229
-
230
248
  // No conditions were met, so we can return false.
231
249
  return false;
232
250
  }
@@ -242,7 +260,8 @@ class FolderLevelPermissions {
242
260
  }
243
261
  return this.canAccessFolder({
244
262
  folder,
245
- rwd: "w"
263
+ rwd: "w",
264
+ managePermissions: true
246
265
  });
247
266
  }
248
267
  canManageFolderStructure(folder) {
@@ -267,6 +286,13 @@ class FolderLevelPermissions {
267
286
  folder,
268
287
  foldersList
269
288
  });
289
+
290
+ // If dealing with a public folder, we only care if we're checking for "managePermissions" access.
291
+ // If we are, we can return false, because public folders cannot have permissions managed.
292
+ const isPublicFolder = folderPermissions === null || folderPermissions === void 0 ? void 0 : folderPermissions.permissions.some(p => p.level === "public");
293
+ if (isPublicFolder) {
294
+ return true;
295
+ }
270
296
  const identity = this.getIdentity();
271
297
  const userAccessLevel = folderPermissions === null || folderPermissions === void 0 || (_folderPermissions$pe3 = folderPermissions.permissions.find(p => p.target === "admin:" + identity.id)) === null || _folderPermissions$pe3 === void 0 ? void 0 : _folderPermissions$pe3.level;
272
298
  let teamAccessLevel;
@@ -291,13 +317,6 @@ class FolderLevelPermissions {
291
317
  return true;
292
318
  }
293
319
 
294
- // If the user doesn't have any access level, let's check if the folder has any permissions set.
295
- // Folders that don't have any permissions set are considered "public".
296
- const hasPermissions = folderPermissions && folderPermissions.permissions.length > 0;
297
- if (!hasPermissions) {
298
- return true;
299
- }
300
-
301
320
  // No conditions were met, so we can return false.
302
321
  return false;
303
322
  }
@@ -308,11 +327,7 @@ class FolderLevelPermissions {
308
327
  }
309
328
  }
310
329
  async canCreateFolderInRoot() {
311
- if (!this.canUseFolderLevelPermissions()) {
312
- return true;
313
- }
314
- const permissions = await this.listPermissions();
315
- return permissions.some(p => p.name === "*");
330
+ return true;
316
331
  }
317
332
  async filterFolders(params) {
318
333
  const filteredFolders = [];
package/utils/FolderLevelPermissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_apiSecurity","require","_structuredClone","_interopRequireDefault","FolderLevelPermissions","constructor","params","_defineProperty2","default","getIdentity","getIdentityTeam","listPermissions","listAllFoldersCallback","listAllFolders","canUseTeams","canUseFolderLevelPermissions","folderType","allFolders","structuredClone","listAllFoldersWithPermissions","folders","filteredFoldersWithPermissions","filterFolders","rwd","assignFolderPermissions","invalidateCache","listFoldersPermissions","foldersList","identity","permissions","processedFolderPermissions","identityTeam","processFolderPermissions","folder","_folder$permissions","some","fp","folderId","id","currentFolderPermissions","map","permission","_objectSpread2","parentId","parentFolder","find","f","processedParentFolderPermissions","inheritedPermissions","p","inheritedFrom","push","firstPermission","identityFirstPermission","target","currentIdentityPermissionIndex","findIndex","identityPermission","splice","unshift","hasFullAccess","name","level","teamPermission","i","length","getFolderPermissions","folderPermissionsList","type","canAccessFolder","_folderPermissions$pe","canAccessParentFolder","folderPermissions","userAccessLevel","teamAccessLevel","_folderPermissions$pe2","accessLevels","filter","Boolean","includes","hasPermissions","ensureCanAccessFolder","NotAuthorizedError","canManageFolderPermissions","canManageFolderStructure","canAccessFolderContent","_folderPermissions$pe3","_folderPermissions$pe4","ensureCanAccessFolderContent","canCreateFolderInRoot","filteredFolders","Array","isArray","permissionsIncludeNonInheritedPermissions","exports"],"sources":["FolderLevelPermissions.ts"],"sourcesContent":["import { Authentication } from \"@webiny/api-authentication/types\";\nimport { SecurityPermission, Team } from \"@webiny/api-security/types\";\nimport { Folder } from \"~/folder/folder.types\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\nimport structuredClone from \"@ungap/structured-clone\";\n\nexport type FolderAccessLevel = \"owner\" | \"viewer\" | \"editor\";\n\nexport interface FolderPermission {\n target: string;\n level: FolderAccessLevel;\n inheritedFrom?: string;\n}\n\nexport interface FolderPermissionsListItem {\n folderId: string;\n permissions: FolderPermission[];\n}\n\nexport type FolderPermissionsList = FolderPermissionsListItem[];\n\nexport interface CanAccessFolderParams {\n folder: Pick<Folder, \"id\" | \"type\" | \"parentId\">;\n rwd?: \"r\" | \"w\" | \"d\";\n foldersList?: Folder[];\n}\n\ninterface FilterFoldersParams {\n folders: Array<Folder>;\n rwd?: \"r\" | \"w\" | \"d\";\n}\n\ninterface GetFolderPermissionsParams {\n folder: Pick<Folder, \"id\" | \"type\">;\n foldersList?: Folder[];\n}\n\ninterface ListFolderPermissionsParams {\n folderType: string;\n foldersList?: Folder[];\n}\n\nexport interface FolderLevelPermissionsParams {\n getIdentity: Authentication[\"getIdentity\"];\n getIdentityTeam: () => Promise<Team | null>;\n listPermissions: () => Promise<SecurityPermission[]>;\n listAllFolders: (folderType: string) => Promise<Folder[]>;\n canUseTeams: () => boolean;\n canUseFolderLevelPermissions: () => boolean;\n}\n\nexport class FolderLevelPermissions {\n private readonly getIdentity: Authentication[\"getIdentity\"];\n private readonly getIdentityTeam: () => Promise<Team | null>;\n private readonly listPermissions: () => Promise<SecurityPermission[]>;\n private readonly listAllFoldersCallback: (folderType: string) => Promise<Folder[]>;\n private readonly canUseTeams: () => boolean;\n private readonly canUseFolderLevelPermissions: () => boolean;\n private allFolders: Record<string, Folder[]> = {};\n\n constructor(params: FolderLevelPermissionsParams) {\n this.getIdentity = params.getIdentity;\n this.getIdentityTeam = params.getIdentityTeam;\n this.listPermissions = params.listPermissions;\n this.listAllFoldersCallback = params.listAllFolders;\n this.canUseTeams = params.canUseTeams;\n this.canUseFolderLevelPermissions = params.canUseFolderLevelPermissions;\n }\n\n async listAllFolders(folderType: string): Promise<Folder[]> {\n if (folderType in this.allFolders) {\n return structuredClone(this.allFolders[folderType]);\n }\n\n this.allFolders[folderType] = await this.listAllFoldersCallback(folderType);\n return structuredClone(this.allFolders[folderType]);\n }\n\n async listAllFoldersWithPermissions(folderType: string) {\n const folders = await this.listAllFolders(folderType);\n\n // Filter folders based on permissions and assign permissions to each folder.\n const filteredFoldersWithPermissions = await this.filterFolders({\n folders,\n rwd: \"r\"\n });\n\n await this.assignFolderPermissions(filteredFoldersWithPermissions);\n\n return filteredFoldersWithPermissions;\n }\n\n invalidateCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.allFolders) {\n delete this.allFolders[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n async listFoldersPermissions(\n params: ListFolderPermissionsParams\n ): Promise<FolderPermissionsList> {\n if (!this.canUseFolderLevelPermissions()) {\n return [];\n }\n\n const { folderType, foldersList } = params;\n\n const allFolders = foldersList || (await this.listAllFolders(folderType));\n const identity = this.getIdentity();\n const permissions = await this.listPermissions();\n\n const processedFolderPermissions: FolderPermissionsListItem[] = [];\n\n let identityTeam: Team | null;\n if (this.canUseTeams()) {\n identityTeam = await this.getIdentityTeam();\n }\n\n const processFolderPermissions = (folder: Folder) => {\n if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {\n return;\n }\n\n // Copy permissions, so we don't modify the original object.\n const currentFolderPermissions: FolderPermissionsListItem = {\n folderId: folder.id,\n // On new folders, permissions can be `null`. Guard against that.\n permissions: folder.permissions?.map(permission => ({ ...permission })) || []\n };\n\n // Check for permissions inherited from parent folder.\n if (folder.parentId) {\n const parentFolder = allFolders!.find(f => f.id === folder.parentId)!;\n if (parentFolder) {\n // First check if the parent folder has already been processed.\n let processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === parentFolder.id\n );\n\n // If not, process the parent folder.\n if (!processedParentFolderPermissions) {\n processFolderPermissions(parentFolder);\n processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === folder.parentId\n );\n }\n\n // If the parent folder has permissions, let's add them to the current folder.\n if (processedParentFolderPermissions) {\n const inheritedPermissions =\n processedParentFolderPermissions.permissions.map(p => {\n return {\n ...p,\n inheritedFrom:\n \"parent:\" + processedParentFolderPermissions!.folderId\n };\n });\n\n currentFolderPermissions.permissions.push(...inheritedPermissions);\n }\n }\n }\n\n // Finally, let's also ensure that the current user is included in the permissions,\n // if not already. Let's also ensure the user is the first item in the array.\n const [firstPermission] = currentFolderPermissions.permissions;\n\n let identityFirstPermission: FolderPermission | undefined;\n\n // If current identity is already listed as the first permission, we don't need to do anything.\n if (firstPermission?.target === `admin:${identity.id}`) {\n identityFirstPermission = firstPermission;\n }\n\n if (!identityFirstPermission) {\n const currentIdentityPermissionIndex =\n currentFolderPermissions.permissions.findIndex(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityPermissionIndex >= 0) {\n const [identityPermission] = currentFolderPermissions.permissions.splice(\n currentIdentityPermissionIndex,\n 1\n );\n currentFolderPermissions.permissions.unshift(identityPermission);\n identityFirstPermission = identityPermission;\n } else {\n // If the current identity is not in the permissions, let's add it.\n // If the user has full access, we'll add it as \"owner\".\n const hasFullAccess = permissions.some(p => p.name === \"*\");\n if (hasFullAccess) {\n identityFirstPermission = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n currentFolderPermissions.permissions.unshift(identityFirstPermission);\n }\n }\n }\n\n // Let's check if there is a team associated with the current identity.\n if (!identityFirstPermission) {\n if (identityTeam) {\n const teamPermission = currentFolderPermissions.permissions.find(\n p => p.target === `team:${identityTeam!.id}`\n );\n\n if (teamPermission) {\n identityFirstPermission = {\n target: `admin:${identity.id}`,\n level: teamPermission.level,\n inheritedFrom: \"team:\" + identityTeam!.id\n };\n\n currentFolderPermissions.permissions.unshift(identityFirstPermission);\n }\n }\n }\n\n processedFolderPermissions.push(currentFolderPermissions);\n };\n\n for (let i = 0; i < allFolders!.length; i++) {\n const folder = allFolders![i];\n processFolderPermissions(folder);\n }\n\n return processedFolderPermissions;\n }\n\n async getFolderPermissions(\n params: GetFolderPermissionsParams\n ): Promise<FolderPermissionsListItem | undefined> {\n const { folder, foldersList } = params;\n const folderPermissionsList = await this.listFoldersPermissions({\n folderType: folder.type,\n foldersList\n });\n\n return folderPermissionsList.find(fp => fp.folderId === folder.id);\n }\n\n async canAccessFolder(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n const { folder } = params;\n\n // We check for parent folder access first because the passed folder should be\n // inaccessible if the parent folder is inaccessible.\n if (folder.parentId) {\n let foldersList = params.foldersList;\n if (!foldersList) {\n foldersList = await this.listAllFolders(folder.type);\n }\n\n const parentFolder = foldersList.find(f => f.id === folder.parentId);\n if (parentFolder) {\n const canAccessParentFolder = await this.canAccessFolder({\n ...params,\n folder: parentFolder\n });\n\n if (!canAccessParentFolder) {\n return false;\n }\n }\n }\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList: params.foldersList\n });\n\n const identity = this.getIdentity();\n\n const userAccessLevel = folderPermissions?.permissions.find(\n p => p.target === \"admin:\" + identity.id\n )?.level;\n\n let teamAccessLevel: FolderAccessLevel | undefined;\n\n if (this.canUseTeams()) {\n const identityTeam = await this.getIdentityTeam();\n if (identityTeam) {\n teamAccessLevel = folderPermissions?.permissions.find(\n p => p.target === \"team:\" + identityTeam.id\n )?.level;\n }\n }\n\n const accessLevels = [userAccessLevel, teamAccessLevel].filter(Boolean);\n\n if (params.rwd !== \"r\") {\n return accessLevels.includes(\"owner\");\n }\n\n // If we are here, it means we are checking for \"read\" access.\n // For starters, let's check if the user has any access level.\n if (accessLevels.length > 0) {\n return true;\n }\n\n // If the user doesn't have any access level, let's check if the folder has any permissions set.\n // Folders that don't have any permissions set are considered \"public\".\n const hasPermissions = folderPermissions && folderPermissions.permissions.length > 0;\n if (!hasPermissions) {\n return true;\n }\n\n // No conditions were met, so we can return false.\n return false;\n }\n\n async ensureCanAccessFolder(params: CanAccessFolderParams) {\n const canAccessFolder = await this.canAccessFolder(params);\n if (!canAccessFolder) {\n throw new NotAuthorizedError();\n }\n }\n\n canManageFolderPermissions(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return false;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n canManageFolderStructure(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n async canAccessFolderContent(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n const { folder, foldersList } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList\n });\n\n const identity = this.getIdentity();\n\n const userAccessLevel = folderPermissions?.permissions.find(\n p => p.target === \"admin:\" + identity.id\n )?.level;\n\n let teamAccessLevel: FolderAccessLevel | undefined;\n if (this.canUseTeams()) {\n const identityTeam = await this.getIdentityTeam();\n if (identityTeam) {\n teamAccessLevel = folderPermissions?.permissions.find(\n p => p.target === \"team:\" + identityTeam.id\n )?.level;\n }\n }\n\n const accessLevels = [userAccessLevel, teamAccessLevel].filter(Boolean);\n\n // If the user is not an owner and we're checking for \"write\" or\n // \"delete\" access, then we can immediately return false.\n if (params.rwd !== \"r\") {\n return accessLevels.includes(\"owner\") || accessLevels.includes(\"editor\");\n }\n\n // If we are here, it means we are checking for \"read\" access.\n // For starters, let's check if the user has any access level.\n if (accessLevels.length > 0) {\n return true;\n }\n\n // If the user doesn't have any access level, let's check if the folder has any permissions set.\n // Folders that don't have any permissions set are considered \"public\".\n const hasPermissions = folderPermissions && folderPermissions.permissions.length > 0;\n if (!hasPermissions) {\n return true;\n }\n\n // No conditions were met, so we can return false.\n return false;\n }\n\n async ensureCanAccessFolderContent(params: CanAccessFolderParams) {\n const canAccessFolderContent = await this.canAccessFolderContent(params);\n if (!canAccessFolderContent) {\n throw new NotAuthorizedError();\n }\n }\n\n async canCreateFolderInRoot() {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n const permissions = await this.listPermissions();\n return permissions.some(p => p.name === \"*\");\n }\n\n async filterFolders(params: FilterFoldersParams) {\n const filteredFolders: Folder[] = [];\n\n const { folders, rwd } = params;\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const canAccessFolder = await this.canAccessFolder({ folder, rwd });\n if (canAccessFolder) {\n filteredFolders.push(folder);\n }\n }\n\n return filteredFolders;\n }\n\n async assignFolderPermissions(folder: Folder | Folder[]) {\n const folders = Array.isArray(folder) ? folder : [folder];\n\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const folderPermissions = await this.getFolderPermissions({ folder });\n if (folderPermissions) {\n folder.permissions = folderPermissions.permissions;\n } else {\n folder.permissions = [];\n }\n }\n }\n\n permissionsIncludeNonInheritedPermissions(folderPermissionsList?: FolderPermission[]) {\n return folderPermissionsList?.some(p => !p.inheritedFrom);\n }\n}\n"],"mappings":";;;;;;;;;AAGA,IAAAA,YAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AA+CO,MAAMG,sBAAsB,CAAC;EAShCC,WAAWA,CAACC,MAAoC,EAAE;IAAA,IAAAC,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA,sBAFH,CAAC,CAAC;IAG7C,IAAI,CAACC,WAAW,GAAGH,MAAM,CAACG,WAAW;IACrC,IAAI,CAACC,eAAe,GAAGJ,MAAM,CAACI,eAAe;IAC7C,IAAI,CAACC,eAAe,GAAGL,MAAM,CAACK,eAAe;IAC7C,IAAI,CAACC,sBAAsB,GAAGN,MAAM,CAACO,cAAc;IACnD,IAAI,CAACC,WAAW,GAAGR,MAAM,CAACQ,WAAW;IACrC,IAAI,CAACC,4BAA4B,GAAGT,MAAM,CAACS,4BAA4B;EAC3E;EAEA,MAAMF,cAAcA,CAACG,UAAkB,EAAqB;IACxD,IAAIA,UAAU,IAAI,IAAI,CAACC,UAAU,EAAE;MAC/B,OAAO,IAAAC,wBAAe,EAAC,IAAI,CAACD,UAAU,CAACD,UAAU,CAAC,CAAC;IACvD;IAEA,IAAI,CAACC,UAAU,CAACD,UAAU,CAAC,GAAG,MAAM,IAAI,CAACJ,sBAAsB,CAACI,UAAU,CAAC;IAC3E,OAAO,IAAAE,wBAAe,EAAC,IAAI,CAACD,UAAU,CAACD,UAAU,CAAC,CAAC;EACvD;EAEA,MAAMG,6BAA6BA,CAACH,UAAkB,EAAE;IACpD,MAAMI,OAAO,GAAG,MAAM,IAAI,CAACP,cAAc,CAACG,UAAU,CAAC;;IAErD;IACA,MAAMK,8BAA8B,GAAG,MAAM,IAAI,CAACC,aAAa,CAAC;MAC5DF,OAAO;MACPG,GAAG,EAAE;IACT,CAAC,CAAC;IAEF,MAAM,IAAI,CAACC,uBAAuB,CAACH,8BAA8B,CAAC;IAElE,OAAOA,8BAA8B;EACzC;EAEAI,eAAeA,CAACT,UAAmB,EAAE;IACjC,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACC,UAAU,EAAE;QAC/B,OAAO,IAAI,CAACA,UAAU,CAACD,UAAU,CAAC;MACtC;IACJ,CAAC,MAAM;MACH,IAAI,CAACC,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEA,MAAMS,sBAAsBA,CACxBpB,MAAmC,EACL;IAC9B,IAAI,CAAC,IAAI,CAACS,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,EAAE;IACb;IAEA,MAAM;MAAEC,UAAU;MAAEW;IAAY,CAAC,GAAGrB,MAAM;IAE1C,MAAMW,UAAU,GAAGU,WAAW,KAAK,MAAM,IAAI,CAACd,cAAc,CAACG,UAAU,CAAC,CAAC;IACzE,MAAMY,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IACnC,MAAMoB,WAAW,GAAG,MAAM,IAAI,CAAClB,eAAe,CAAC,CAAC;IAEhD,MAAMmB,0BAAuD,GAAG,EAAE;IAElE,IAAIC,YAAyB;IAC7B,IAAI,IAAI,CAACjB,WAAW,CAAC,CAAC,EAAE;MACpBiB,YAAY,GAAG,MAAM,IAAI,CAACrB,eAAe,CAAC,CAAC;IAC/C;IAEA,MAAMsB,wBAAwB,GAAIC,MAAc,IAAK;MAAA,IAAAC,mBAAA;MACjD,IAAIJ,0BAA0B,CAACK,IAAI,CAACC,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACK,EAAE,CAAC,EAAE;QAClE;MACJ;;MAEA;MACA,MAAMC,wBAAmD,GAAG;QACxDF,QAAQ,EAAEJ,MAAM,CAACK,EAAE;QACnB;QACAT,WAAW,EAAE,EAAAK,mBAAA,GAAAD,MAAM,CAACJ,WAAW,cAAAK,mBAAA,uBAAlBA,mBAAA,CAAoBM,GAAG,CAACC,UAAU,QAAAC,cAAA,CAAAlC,OAAA,MAAUiC,UAAU,CAAG,CAAC,KAAI;MAC/E,CAAC;;MAED;MACA,IAAIR,MAAM,CAACU,QAAQ,EAAE;QACjB,MAAMC,YAAY,GAAG3B,UAAU,CAAE4B,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACR,EAAE,KAAKL,MAAM,CAACU,QAAQ,CAAE;QACrE,IAAIC,YAAY,EAAE;UACd;UACA,IAAIG,gCAAgC,GAAGjB,0BAA0B,CAACe,IAAI,CAClET,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKO,YAAY,CAACN,EACvC,CAAC;;UAED;UACA,IAAI,CAACS,gCAAgC,EAAE;YACnCf,wBAAwB,CAACY,YAAY,CAAC;YACtCG,gCAAgC,GAAGjB,0BAA0B,CAACe,IAAI,CAC9DT,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACU,QACjC,CAAC;UACL;;UAEA;UACA,IAAII,gCAAgC,EAAE;YAClC,MAAMC,oBAAoB,GACtBD,gCAAgC,CAAClB,WAAW,CAACW,GAAG,CAACS,CAAC,IAAI;cAClD,WAAAP,cAAA,CAAAlC,OAAA,MAAAkC,cAAA,CAAAlC,OAAA,MACOyC,CAAC;gBACJC,aAAa,EACT,SAAS,GAAGH,gCAAgC,CAAEV;cAAQ;YAElE,CAAC,CAAC;YAENE,wBAAwB,CAACV,WAAW,CAACsB,IAAI,CAAC,GAAGH,oBAAoB,CAAC;UACtE;QACJ;MACJ;;MAEA;MACA;MACA,MAAM,CAACI,eAAe,CAAC,GAAGb,wBAAwB,CAACV,WAAW;MAE9D,IAAIwB,uBAAqD;;MAEzD;MACA,IAAI,CAAAD,eAAe,aAAfA,eAAe,uBAAfA,eAAe,CAAEE,MAAM,MAAM,SAAQ1B,QAAQ,CAACU,EAAG,EAAC,EAAE;QACpDe,uBAAuB,GAAGD,eAAe;MAC7C;MAEA,IAAI,CAACC,uBAAuB,EAAE;QAC1B,MAAME,8BAA8B,GAChChB,wBAAwB,CAACV,WAAW,CAAC2B,SAAS,CAC1CP,CAAC,IAAIA,CAAC,CAACK,MAAM,KAAM,SAAQ1B,QAAQ,CAACU,EAAG,EAC3C,CAAC;QAEL,IAAIiB,8BAA8B,IAAI,CAAC,EAAE;UACrC,MAAM,CAACE,kBAAkB,CAAC,GAAGlB,wBAAwB,CAACV,WAAW,CAAC6B,MAAM,CACpEH,8BAA8B,EAC9B,CACJ,CAAC;UACDhB,wBAAwB,CAACV,WAAW,CAAC8B,OAAO,CAACF,kBAAkB,CAAC;UAChEJ,uBAAuB,GAAGI,kBAAkB;QAChD,CAAC,MAAM;UACH;UACA;UACA,MAAMG,aAAa,GAAG/B,WAAW,CAACM,IAAI,CAACc,CAAC,IAAIA,CAAC,CAACY,IAAI,KAAK,GAAG,CAAC;UAC3D,IAAID,aAAa,EAAE;YACfP,uBAAuB,GAAG;cACtBC,MAAM,EAAG,SAAQ1B,QAAQ,CAACU,EAAG,EAAC;cAC9BwB,KAAK,EAAE,OAAO;cACdZ,aAAa,EAAE;YACnB,CAAC;YACDX,wBAAwB,CAACV,WAAW,CAAC8B,OAAO,CAACN,uBAAuB,CAAC;UACzE;QACJ;MACJ;;MAEA;MACA,IAAI,CAACA,uBAAuB,EAAE;QAC1B,IAAItB,YAAY,EAAE;UACd,MAAMgC,cAAc,GAAGxB,wBAAwB,CAACV,WAAW,CAACgB,IAAI,CAC5DI,CAAC,IAAIA,CAAC,CAACK,MAAM,KAAM,QAAOvB,YAAY,CAAEO,EAAG,EAC/C,CAAC;UAED,IAAIyB,cAAc,EAAE;YAChBV,uBAAuB,GAAG;cACtBC,MAAM,EAAG,SAAQ1B,QAAQ,CAACU,EAAG,EAAC;cAC9BwB,KAAK,EAAEC,cAAc,CAACD,KAAK;cAC3BZ,aAAa,EAAE,OAAO,GAAGnB,YAAY,CAAEO;YAC3C,CAAC;YAEDC,wBAAwB,CAACV,WAAW,CAAC8B,OAAO,CAACN,uBAAuB,CAAC;UACzE;QACJ;MACJ;MAEAvB,0BAA0B,CAACqB,IAAI,CAACZ,wBAAwB,CAAC;IAC7D,CAAC;IAED,KAAK,IAAIyB,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG/C,UAAU,CAAEgD,MAAM,EAAED,CAAC,EAAE,EAAE;MACzC,MAAM/B,MAAM,GAAGhB,UAAU,CAAE+C,CAAC,CAAC;MAC7BhC,wBAAwB,CAACC,MAAM,CAAC;IACpC;IAEA,OAAOH,0BAA0B;EACrC;EAEA,MAAMoC,oBAAoBA,CACtB5D,MAAkC,EACY;IAC9C,MAAM;MAAE2B,MAAM;MAAEN;IAAY,CAAC,GAAGrB,MAAM;IACtC,MAAM6D,qBAAqB,GAAG,MAAM,IAAI,CAACzC,sBAAsB,CAAC;MAC5DV,UAAU,EAAEiB,MAAM,CAACmC,IAAI;MACvBzC;IACJ,CAAC,CAAC;IAEF,OAAOwC,qBAAqB,CAACtB,IAAI,CAACT,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACK,EAAE,CAAC;EACtE;EAEA,MAAM+B,eAAeA,CAAC/D,MAA6B,EAAE;IAAA,IAAAgE,qBAAA;IACjD,IAAI,CAAC,IAAI,CAACvD,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,MAAM;MAAEkB;IAAO,CAAC,GAAG3B,MAAM;;IAEzB;IACA;IACA,IAAI2B,MAAM,CAACU,QAAQ,EAAE;MACjB,IAAIhB,WAAW,GAAGrB,MAAM,CAACqB,WAAW;MACpC,IAAI,CAACA,WAAW,EAAE;QACdA,WAAW,GAAG,MAAM,IAAI,CAACd,cAAc,CAACoB,MAAM,CAACmC,IAAI,CAAC;MACxD;MAEA,MAAMxB,YAAY,GAAGjB,WAAW,CAACkB,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACR,EAAE,KAAKL,MAAM,CAACU,QAAQ,CAAC;MACpE,IAAIC,YAAY,EAAE;QACd,MAAM2B,qBAAqB,GAAG,MAAM,IAAI,CAACF,eAAe,KAAA3B,cAAA,CAAAlC,OAAA,MAAAkC,cAAA,CAAAlC,OAAA,MACjDF,MAAM;UACT2B,MAAM,EAAEW;QAAY,EACvB,CAAC;QAEF,IAAI,CAAC2B,qBAAqB,EAAE;UACxB,OAAO,KAAK;QAChB;MACJ;IACJ;IAEA,MAAMC,iBAAiB,GAAG,MAAM,IAAI,CAACN,oBAAoB,CAAC;MACtDjC,MAAM;MACNN,WAAW,EAAErB,MAAM,CAACqB;IACxB,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IAEnC,MAAMgE,eAAe,GAAGD,iBAAiB,aAAjBA,iBAAiB,gBAAAF,qBAAA,GAAjBE,iBAAiB,CAAE3C,WAAW,CAACgB,IAAI,CACvDI,CAAC,IAAIA,CAAC,CAACK,MAAM,KAAK,QAAQ,GAAG1B,QAAQ,CAACU,EAC1C,CAAC,cAAAgC,qBAAA,uBAFuBA,qBAAA,CAErBR,KAAK;IAER,IAAIY,eAA8C;IAElD,IAAI,IAAI,CAAC5D,WAAW,CAAC,CAAC,EAAE;MACpB,MAAMiB,YAAY,GAAG,MAAM,IAAI,CAACrB,eAAe,CAAC,CAAC;MACjD,IAAIqB,YAAY,EAAE;QAAA,IAAA4C,sBAAA;QACdD,eAAe,GAAGF,iBAAiB,aAAjBA,iBAAiB,gBAAAG,sBAAA,GAAjBH,iBAAiB,CAAE3C,WAAW,CAACgB,IAAI,CACjDI,CAAC,IAAIA,CAAC,CAACK,MAAM,KAAK,OAAO,GAAGvB,YAAY,CAACO,EAC7C,CAAC,cAAAqC,sBAAA,uBAFiBA,sBAAA,CAEfb,KAAK;MACZ;IACJ;IAEA,MAAMc,YAAY,GAAG,CAACH,eAAe,EAAEC,eAAe,CAAC,CAACG,MAAM,CAACC,OAAO,CAAC;IAEvE,IAAIxE,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MACpB,OAAOqD,YAAY,CAACG,QAAQ,CAAC,OAAO,CAAC;IACzC;;IAEA;IACA;IACA,IAAIH,YAAY,CAACX,MAAM,GAAG,CAAC,EAAE;MACzB,OAAO,IAAI;IACf;;IAEA;IACA;IACA,MAAMe,cAAc,GAAGR,iBAAiB,IAAIA,iBAAiB,CAAC3C,WAAW,CAACoC,MAAM,GAAG,CAAC;IACpF,IAAI,CAACe,cAAc,EAAE;MACjB,OAAO,IAAI;IACf;;IAEA;IACA,OAAO,KAAK;EAChB;EAEA,MAAMC,qBAAqBA,CAAC3E,MAA6B,EAAE;IACvD,MAAM+D,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC/D,MAAM,CAAC;IAC1D,IAAI,CAAC+D,eAAe,EAAE;MAClB,MAAM,IAAIa,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEAC,0BAA0BA,CAAClD,MAAc,EAAE;IACvC,IAAI,CAAC,IAAI,CAAClB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,KAAK;IAChB;IAEA,OAAO,IAAI,CAACsD,eAAe,CAAC;MAAEpC,MAAM;MAAEV,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEA6D,wBAAwBA,CAACnD,MAAc,EAAE;IACrC,IAAI,CAAC,IAAI,CAAClB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACsD,eAAe,CAAC;MAAEpC,MAAM;MAAEV,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEA,MAAM8D,sBAAsBA,CAAC/E,MAA6B,EAAE;IAAA,IAAAgF,sBAAA;IACxD,IAAI,CAAC,IAAI,CAACvE,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,MAAM;MAAEkB,MAAM;MAAEN;IAAY,CAAC,GAAGrB,MAAM;IAEtC,MAAMkE,iBAAiB,GAAG,MAAM,IAAI,CAACN,oBAAoB,CAAC;MACtDjC,MAAM;MACNN;IACJ,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IAEnC,MAAMgE,eAAe,GAAGD,iBAAiB,aAAjBA,iBAAiB,gBAAAc,sBAAA,GAAjBd,iBAAiB,CAAE3C,WAAW,CAACgB,IAAI,CACvDI,CAAC,IAAIA,CAAC,CAACK,MAAM,KAAK,QAAQ,GAAG1B,QAAQ,CAACU,EAC1C,CAAC,cAAAgD,sBAAA,uBAFuBA,sBAAA,CAErBxB,KAAK;IAER,IAAIY,eAA8C;IAClD,IAAI,IAAI,CAAC5D,WAAW,CAAC,CAAC,EAAE;MACpB,MAAMiB,YAAY,GAAG,MAAM,IAAI,CAACrB,eAAe,CAAC,CAAC;MACjD,IAAIqB,YAAY,EAAE;QAAA,IAAAwD,sBAAA;QACdb,eAAe,GAAGF,iBAAiB,aAAjBA,iBAAiB,gBAAAe,sBAAA,GAAjBf,iBAAiB,CAAE3C,WAAW,CAACgB,IAAI,CACjDI,CAAC,IAAIA,CAAC,CAACK,MAAM,KAAK,OAAO,GAAGvB,YAAY,CAACO,EAC7C,CAAC,cAAAiD,sBAAA,uBAFiBA,sBAAA,CAEfzB,KAAK;MACZ;IACJ;IAEA,MAAMc,YAAY,GAAG,CAACH,eAAe,EAAEC,eAAe,CAAC,CAACG,MAAM,CAACC,OAAO,CAAC;;IAEvE;IACA;IACA,IAAIxE,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MACpB,OAAOqD,YAAY,CAACG,QAAQ,CAAC,OAAO,CAAC,IAAIH,YAAY,CAACG,QAAQ,CAAC,QAAQ,CAAC;IAC5E;;IAEA;IACA;IACA,IAAIH,YAAY,CAACX,MAAM,GAAG,CAAC,EAAE;MACzB,OAAO,IAAI;IACf;;IAEA;IACA;IACA,MAAMe,cAAc,GAAGR,iBAAiB,IAAIA,iBAAiB,CAAC3C,WAAW,CAACoC,MAAM,GAAG,CAAC;IACpF,IAAI,CAACe,cAAc,EAAE;MACjB,OAAO,IAAI;IACf;;IAEA;IACA,OAAO,KAAK;EAChB;EAEA,MAAMQ,4BAA4BA,CAAClF,MAA6B,EAAE;IAC9D,MAAM+E,sBAAsB,GAAG,MAAM,IAAI,CAACA,sBAAsB,CAAC/E,MAAM,CAAC;IACxE,IAAI,CAAC+E,sBAAsB,EAAE;MACzB,MAAM,IAAIH,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEA,MAAMO,qBAAqBA,CAAA,EAAG;IAC1B,IAAI,CAAC,IAAI,CAAC1E,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,MAAMc,WAAW,GAAG,MAAM,IAAI,CAAClB,eAAe,CAAC,CAAC;IAChD,OAAOkB,WAAW,CAACM,IAAI,CAACc,CAAC,IAAIA,CAAC,CAACY,IAAI,KAAK,GAAG,CAAC;EAChD;EAEA,MAAMvC,aAAaA,CAAChB,MAA2B,EAAE;IAC7C,MAAMoF,eAAyB,GAAG,EAAE;IAEpC,MAAM;MAAEtE,OAAO;MAAEG;IAAI,CAAC,GAAGjB,MAAM;IAC/B,KAAK,IAAI0D,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG5C,OAAO,CAAC6C,MAAM,EAAED,CAAC,EAAE,EAAE;MACrC,MAAM/B,MAAM,GAAGb,OAAO,CAAC4C,CAAC,CAAC;MACzB,MAAMK,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC;QAAEpC,MAAM;QAAEV;MAAI,CAAC,CAAC;MACnE,IAAI8C,eAAe,EAAE;QACjBqB,eAAe,CAACvC,IAAI,CAAClB,MAAM,CAAC;MAChC;IACJ;IAEA,OAAOyD,eAAe;EAC1B;EAEA,MAAMlE,uBAAuBA,CAACS,MAAyB,EAAE;IACrD,MAAMb,OAAO,GAAGuE,KAAK,CAACC,OAAO,CAAC3D,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IAEzD,KAAK,IAAI+B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG5C,OAAO,CAAC6C,MAAM,EAAED,CAAC,EAAE,EAAE;MACrC,MAAM/B,MAAM,GAAGb,OAAO,CAAC4C,CAAC,CAAC;MACzB,MAAMQ,iBAAiB,GAAG,MAAM,IAAI,CAACN,oBAAoB,CAAC;QAAEjC;MAAO,CAAC,CAAC;MACrE,IAAIuC,iBAAiB,EAAE;QACnBvC,MAAM,CAACJ,WAAW,GAAG2C,iBAAiB,CAAC3C,WAAW;MACtD,CAAC,MAAM;QACHI,MAAM,CAACJ,WAAW,GAAG,EAAE;MAC3B;IACJ;EACJ;EAEAgE,yCAAyCA,CAAC1B,qBAA0C,EAAE;IAClF,OAAOA,qBAAqB,aAArBA,qBAAqB,uBAArBA,qBAAqB,CAAEhC,IAAI,CAACc,CAAC,IAAI,CAACA,CAAC,CAACC,aAAa,CAAC;EAC7D;AACJ;AAAC4C,OAAA,CAAA1F,sBAAA,GAAAA,sBAAA"}
1
+ {"version":3,"names":["_apiSecurity","require","_structuredClone","_interopRequireDefault","FolderLevelPermissions","constructor","params","_defineProperty2","default","getIdentity","getIdentityTeam","listPermissions","listAllFoldersCallback","listAllFolders","canUseTeams","canUseFolderLevelPermissions","folderType","allFolders","structuredClone","listAllFoldersWithPermissions","folders","filteredFoldersWithPermissions","filterFolders","rwd","assignFolderPermissions","invalidateCache","listFoldersPermissions","foldersList","identity","permissions","identityTeam","processedFolderPermissions","processFolderPermissions","folder","_folder$permissions","some","fp","folderId","id","currentFolderPermissions","map","permission","_objectSpread2","parentId","parentFolder","find","f","processedParentFolderPermissions","isPublicParentFolder","p","level","mustInherit","length","inheritedPermissions","inheritedFrom","push","currentIdentityIncludedInPermissions","target","currentIdentityPermissionIndex","findIndex","currentIdentityPermission","splice","unshift","hasFullAccess","name","teamPermission","mustAddPublicPermission","i","getFolderPermissions","folderPermissionsList","type","canAccessFolder","_folderPermissions$pe","managePermissions","Error","canAccessParentFolder","folderPermissions","isPublicFolder","userAccessLevel","teamAccessLevel","_folderPermissions$pe2","accessLevels","filter","Boolean","includes","ensureCanAccessFolder","NotAuthorizedError","canManageFolderPermissions","canManageFolderStructure","canAccessFolderContent","_folderPermissions$pe3","_folderPermissions$pe4","ensureCanAccessFolderContent","canCreateFolderInRoot","filteredFolders","Array","isArray","permissionsIncludeNonInheritedPermissions","exports"],"sources":["FolderLevelPermissions.ts"],"sourcesContent":["import { Authentication } from \"@webiny/api-authentication/types\";\nimport { SecurityPermission, Team } from \"@webiny/api-security/types\";\nimport { Folder } from \"~/folder/folder.types\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\nimport structuredClone from \"@ungap/structured-clone\";\n\nexport type FolderAccessLevel = \"owner\" | \"viewer\" | \"editor\" | \"public\";\n\nexport interface FolderPermission {\n target: string;\n level: FolderAccessLevel;\n inheritedFrom?: string;\n}\n\nexport interface FolderPermissionsListItem {\n folderId: string;\n permissions: FolderPermission[];\n}\n\nexport type FolderPermissionsList = FolderPermissionsListItem[];\n\nexport interface CanAccessFolderContentParams {\n folder: Pick<Folder, \"id\" | \"type\" | \"parentId\">;\n rwd?: \"r\" | \"w\" | \"d\";\n foldersList?: Folder[];\n}\n\nexport interface CanAccessFolderParams extends CanAccessFolderContentParams {\n managePermissions?: boolean;\n}\n\ninterface FilterFoldersParams {\n folders: Array<Folder>;\n rwd?: \"r\" | \"w\" | \"d\";\n}\n\ninterface GetFolderPermissionsParams {\n folder: Pick<Folder, \"id\" | \"type\">;\n foldersList?: Folder[];\n}\n\ninterface ListFolderPermissionsParams {\n folderType: string;\n foldersList?: Folder[];\n}\n\nexport interface FolderLevelPermissionsParams {\n getIdentity: Authentication[\"getIdentity\"];\n getIdentityTeam: () => Promise<Team | null>;\n listPermissions: () => Promise<SecurityPermission[]>;\n listAllFolders: (folderType: string) => Promise<Folder[]>;\n canUseTeams: () => boolean;\n canUseFolderLevelPermissions: () => boolean;\n}\n\nexport class FolderLevelPermissions {\n private readonly getIdentity: Authentication[\"getIdentity\"];\n private readonly getIdentityTeam: () => Promise<Team | null>;\n private readonly listPermissions: () => Promise<SecurityPermission[]>;\n private readonly listAllFoldersCallback: (folderType: string) => Promise<Folder[]>;\n private readonly canUseTeams: () => boolean;\n private readonly canUseFolderLevelPermissions: () => boolean;\n private allFolders: Record<string, Folder[]> = {};\n\n constructor(params: FolderLevelPermissionsParams) {\n this.getIdentity = params.getIdentity;\n this.getIdentityTeam = params.getIdentityTeam;\n this.listPermissions = params.listPermissions;\n this.listAllFoldersCallback = params.listAllFolders;\n this.canUseTeams = params.canUseTeams;\n this.canUseFolderLevelPermissions = params.canUseFolderLevelPermissions;\n }\n\n async listAllFolders(folderType: string): Promise<Folder[]> {\n if (folderType in this.allFolders) {\n return structuredClone(this.allFolders[folderType]);\n }\n\n this.allFolders[folderType] = await this.listAllFoldersCallback(folderType);\n return structuredClone(this.allFolders[folderType]);\n }\n\n async listAllFoldersWithPermissions(folderType: string) {\n const folders = await this.listAllFolders(folderType);\n\n // Filter folders based on permissions and assign permissions to each folder.\n const filteredFoldersWithPermissions = await this.filterFolders({\n folders,\n rwd: \"r\"\n });\n\n await this.assignFolderPermissions(filteredFoldersWithPermissions);\n\n return filteredFoldersWithPermissions;\n }\n\n invalidateCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.allFolders) {\n delete this.allFolders[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n async listFoldersPermissions(\n params: ListFolderPermissionsParams\n ): Promise<FolderPermissionsList> {\n if (!this.canUseFolderLevelPermissions()) {\n return [];\n }\n\n const { folderType, foldersList } = params;\n\n const allFolders = foldersList || (await this.listAllFolders(folderType));\n const identity = this.getIdentity();\n const permissions = await this.listPermissions();\n\n let identityTeam: Team | null;\n if (this.canUseTeams()) {\n identityTeam = await this.getIdentityTeam();\n }\n\n const processedFolderPermissions: FolderPermissionsListItem[] = [];\n\n const processFolderPermissions = (folder: Folder) => {\n if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {\n return;\n }\n\n // Copy permissions, so we don't modify the original object.\n const currentFolderPermissions: FolderPermissionsListItem = {\n folderId: folder.id,\n // On new folders, permissions can be `null`. Guard against that.\n permissions: folder.permissions?.map(permission => ({ ...permission })) || []\n };\n\n // Check for permissions inherited from parent folder.\n if (folder.parentId) {\n const parentFolder = allFolders!.find(f => f.id === folder.parentId)!;\n if (parentFolder) {\n // First check if the parent folder has already been processed.\n let processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === parentFolder.id\n );\n\n // If not, process the parent folder.\n if (!processedParentFolderPermissions) {\n processFolderPermissions(parentFolder);\n processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === folder.parentId\n );\n }\n\n // If the parent folder has permissions, let's add them to the current folder.\n if (processedParentFolderPermissions) {\n const isPublicParentFolder =\n processedParentFolderPermissions.permissions.some(\n p => p.level === \"public\"\n );\n\n // We inherit parent permissions if:\n // 1. the parent folder is not public or...\n // 2. ...the parent folder is public, but the current folder doesn't have any permissions set\n const mustInherit =\n !isPublicParentFolder ||\n currentFolderPermissions.permissions.length === 0;\n\n if (mustInherit) {\n const inheritedPermissions =\n processedParentFolderPermissions.permissions.map(p => {\n return {\n ...p,\n inheritedFrom:\n \"parent:\" + processedParentFolderPermissions!.folderId\n };\n });\n\n currentFolderPermissions.permissions.push(...inheritedPermissions);\n }\n }\n }\n }\n\n // Let's ensure current identity's permission is included in the permissions array.\n // We first check if the current identity is already included in the permissions array.\n // If not, we check if the user has full access or if the team user belongs to has access.\n const currentIdentityIncludedInPermissions = currentFolderPermissions.permissions.some(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityIncludedInPermissions) {\n // Ensure existing identity permission is always the first one in the array.\n const currentIdentityPermissionIndex =\n currentFolderPermissions.permissions.findIndex(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityPermissionIndex > 0) {\n const [currentIdentityPermission] = currentFolderPermissions.permissions.splice(\n currentIdentityPermissionIndex,\n 1\n );\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n } else {\n // Current identity not included in permissions? Let's add it.\n let currentIdentityPermission: FolderPermission | null = null;\n\n // 1. Check if the user has full access.\n const hasFullAccess = permissions.some(p => p.name === \"*\");\n if (hasFullAccess) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n } else if (identityTeam) {\n // 2. Check the team user belongs to grants access to the folder.\n const teamPermission = currentFolderPermissions.permissions.find(\n p => p.target === `team:${identityTeam!.id}`\n );\n\n if (teamPermission) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: teamPermission.level,\n inheritedFrom: \"team:\" + identityTeam!.id\n };\n }\n }\n\n if (currentIdentityPermission) {\n // If permission is found, let's add it to the beginning of the array.\n // We're doing this just because it looks nicer in the UI.\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n }\n\n // Note that this can only happen with root folders. All other (child) folders will\n // always have at least one permission (inherited from parent).\n const mustAddPublicPermission = currentFolderPermissions.permissions.length === 0;\n if (mustAddPublicPermission) {\n currentFolderPermissions.permissions = [\n {\n target: `admin:${identity.id}`,\n level: \"public\",\n inheritedFrom: \"public\"\n }\n ];\n }\n\n processedFolderPermissions.push(currentFolderPermissions);\n };\n\n for (let i = 0; i < allFolders!.length; i++) {\n const folder = allFolders![i];\n processFolderPermissions(folder);\n }\n\n return processedFolderPermissions;\n }\n\n async getFolderPermissions(\n params: GetFolderPermissionsParams\n ): Promise<FolderPermissionsListItem | undefined> {\n const { folder, foldersList } = params;\n const folderPermissionsList = await this.listFoldersPermissions({\n folderType: folder.type,\n foldersList\n });\n\n return folderPermissionsList.find(fp => fp.folderId === folder.id);\n }\n\n async canAccessFolder(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n if (params.managePermissions && params.rwd !== \"w\") {\n throw new Error(`Cannot check for \"managePermissions\" access without \"w\" access.`);\n }\n\n const { folder } = params;\n\n // We check for parent folder access first because the passed folder should be\n // inaccessible if the parent folder is inaccessible.\n if (folder.parentId) {\n let foldersList = params.foldersList;\n if (!foldersList) {\n foldersList = await this.listAllFolders(folder.type);\n }\n\n const parentFolder = foldersList.find(f => f.id === folder.parentId);\n if (parentFolder) {\n const canAccessParentFolder = await this.canAccessFolder({\n ...params,\n folder: parentFolder\n });\n\n if (!canAccessParentFolder) {\n return false;\n }\n }\n }\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList: params.foldersList\n });\n\n // If dealing with a public folder, we only care if we're checking for \"managePermissions\" access.\n // If we are, we can return false, because public folders cannot have permissions managed.\n const isPublicFolder = folderPermissions?.permissions.some(p => p.level === \"public\");\n if (isPublicFolder) {\n return !params.managePermissions;\n }\n\n const identity = this.getIdentity();\n\n const userAccessLevel = folderPermissions?.permissions.find(\n p => p.target === \"admin:\" + identity.id\n )?.level;\n\n let teamAccessLevel: FolderAccessLevel | undefined;\n\n if (this.canUseTeams()) {\n const identityTeam = await this.getIdentityTeam();\n if (identityTeam) {\n teamAccessLevel = folderPermissions?.permissions.find(\n p => p.target === \"team:\" + identityTeam.id\n )?.level;\n }\n }\n\n const accessLevels = [userAccessLevel, teamAccessLevel].filter(Boolean);\n\n if (params.rwd !== \"r\") {\n return accessLevels.includes(\"owner\");\n }\n\n // If we are here, it means we are checking for \"read\" access.\n // For starters, let's check if the user has any access level.\n if (accessLevels.length > 0) {\n return true;\n }\n\n // No conditions were met, so we can return false.\n return false;\n }\n\n async ensureCanAccessFolder(params: CanAccessFolderParams) {\n const canAccessFolder = await this.canAccessFolder(params);\n if (!canAccessFolder) {\n throw new NotAuthorizedError();\n }\n }\n\n canManageFolderPermissions(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return false;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\", managePermissions: true });\n }\n\n canManageFolderStructure(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n async canAccessFolderContent(params: CanAccessFolderContentParams) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n const { folder, foldersList } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList\n });\n\n // If dealing with a public folder, we only care if we're checking for \"managePermissions\" access.\n // If we are, we can return false, because public folders cannot have permissions managed.\n const isPublicFolder = folderPermissions?.permissions.some(p => p.level === \"public\");\n if (isPublicFolder) {\n return true;\n }\n\n const identity = this.getIdentity();\n\n const userAccessLevel = folderPermissions?.permissions.find(\n p => p.target === \"admin:\" + identity.id\n )?.level;\n\n let teamAccessLevel: FolderAccessLevel | undefined;\n if (this.canUseTeams()) {\n const identityTeam = await this.getIdentityTeam();\n if (identityTeam) {\n teamAccessLevel = folderPermissions?.permissions.find(\n p => p.target === \"team:\" + identityTeam.id\n )?.level;\n }\n }\n\n const accessLevels = [userAccessLevel, teamAccessLevel].filter(Boolean);\n\n // If the user is not an owner and we're checking for \"write\" or\n // \"delete\" access, then we can immediately return false.\n if (params.rwd !== \"r\") {\n return accessLevels.includes(\"owner\") || accessLevels.includes(\"editor\");\n }\n\n // If we are here, it means we are checking for \"read\" access.\n // For starters, let's check if the user has any access level.\n if (accessLevels.length > 0) {\n return true;\n }\n\n // No conditions were met, so we can return false.\n return false;\n }\n\n async ensureCanAccessFolderContent(params: CanAccessFolderContentParams) {\n const canAccessFolderContent = await this.canAccessFolderContent(params);\n if (!canAccessFolderContent) {\n throw new NotAuthorizedError();\n }\n }\n\n async canCreateFolderInRoot() {\n return true;\n }\n\n async filterFolders(params: FilterFoldersParams) {\n const filteredFolders: Folder[] = [];\n\n const { folders, rwd } = params;\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const canAccessFolder = await this.canAccessFolder({ folder, rwd });\n if (canAccessFolder) {\n filteredFolders.push(folder);\n }\n }\n\n return filteredFolders;\n }\n\n async assignFolderPermissions(folder: Folder | Folder[]) {\n const folders = Array.isArray(folder) ? folder : [folder];\n\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const folderPermissions = await this.getFolderPermissions({ folder });\n if (folderPermissions) {\n folder.permissions = folderPermissions.permissions;\n } else {\n folder.permissions = [];\n }\n }\n }\n\n permissionsIncludeNonInheritedPermissions(folderPermissionsList?: FolderPermission[]) {\n return folderPermissionsList?.some(p => !p.inheritedFrom);\n }\n}\n"],"mappings":";;;;;;;;;AAGA,IAAAA,YAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AAmDO,MAAMG,sBAAsB,CAAC;EAShCC,WAAWA,CAACC,MAAoC,EAAE;IAAA,IAAAC,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA,sBAFH,CAAC,CAAC;IAG7C,IAAI,CAACC,WAAW,GAAGH,MAAM,CAACG,WAAW;IACrC,IAAI,CAACC,eAAe,GAAGJ,MAAM,CAACI,eAAe;IAC7C,IAAI,CAACC,eAAe,GAAGL,MAAM,CAACK,eAAe;IAC7C,IAAI,CAACC,sBAAsB,GAAGN,MAAM,CAACO,cAAc;IACnD,IAAI,CAACC,WAAW,GAAGR,MAAM,CAACQ,WAAW;IACrC,IAAI,CAACC,4BAA4B,GAAGT,MAAM,CAACS,4BAA4B;EAC3E;EAEA,MAAMF,cAAcA,CAACG,UAAkB,EAAqB;IACxD,IAAIA,UAAU,IAAI,IAAI,CAACC,UAAU,EAAE;MAC/B,OAAO,IAAAC,wBAAe,EAAC,IAAI,CAACD,UAAU,CAACD,UAAU,CAAC,CAAC;IACvD;IAEA,IAAI,CAACC,UAAU,CAACD,UAAU,CAAC,GAAG,MAAM,IAAI,CAACJ,sBAAsB,CAACI,UAAU,CAAC;IAC3E,OAAO,IAAAE,wBAAe,EAAC,IAAI,CAACD,UAAU,CAACD,UAAU,CAAC,CAAC;EACvD;EAEA,MAAMG,6BAA6BA,CAACH,UAAkB,EAAE;IACpD,MAAMI,OAAO,GAAG,MAAM,IAAI,CAACP,cAAc,CAACG,UAAU,CAAC;;IAErD;IACA,MAAMK,8BAA8B,GAAG,MAAM,IAAI,CAACC,aAAa,CAAC;MAC5DF,OAAO;MACPG,GAAG,EAAE;IACT,CAAC,CAAC;IAEF,MAAM,IAAI,CAACC,uBAAuB,CAACH,8BAA8B,CAAC;IAElE,OAAOA,8BAA8B;EACzC;EAEAI,eAAeA,CAACT,UAAmB,EAAE;IACjC,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACC,UAAU,EAAE;QAC/B,OAAO,IAAI,CAACA,UAAU,CAACD,UAAU,CAAC;MACtC;IACJ,CAAC,MAAM;MACH,IAAI,CAACC,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEA,MAAMS,sBAAsBA,CACxBpB,MAAmC,EACL;IAC9B,IAAI,CAAC,IAAI,CAACS,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,EAAE;IACb;IAEA,MAAM;MAAEC,UAAU;MAAEW;IAAY,CAAC,GAAGrB,MAAM;IAE1C,MAAMW,UAAU,GAAGU,WAAW,KAAK,MAAM,IAAI,CAACd,cAAc,CAACG,UAAU,CAAC,CAAC;IACzE,MAAMY,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IACnC,MAAMoB,WAAW,GAAG,MAAM,IAAI,CAAClB,eAAe,CAAC,CAAC;IAEhD,IAAImB,YAAyB;IAC7B,IAAI,IAAI,CAAChB,WAAW,CAAC,CAAC,EAAE;MACpBgB,YAAY,GAAG,MAAM,IAAI,CAACpB,eAAe,CAAC,CAAC;IAC/C;IAEA,MAAMqB,0BAAuD,GAAG,EAAE;IAElE,MAAMC,wBAAwB,GAAIC,MAAc,IAAK;MAAA,IAAAC,mBAAA;MACjD,IAAIH,0BAA0B,CAACI,IAAI,CAACC,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACK,EAAE,CAAC,EAAE;QAClE;MACJ;;MAEA;MACA,MAAMC,wBAAmD,GAAG;QACxDF,QAAQ,EAAEJ,MAAM,CAACK,EAAE;QACnB;QACAT,WAAW,EAAE,EAAAK,mBAAA,GAAAD,MAAM,CAACJ,WAAW,cAAAK,mBAAA,uBAAlBA,mBAAA,CAAoBM,GAAG,CAACC,UAAU,QAAAC,cAAA,CAAAlC,OAAA,MAAUiC,UAAU,CAAG,CAAC,KAAI;MAC/E,CAAC;;MAED;MACA,IAAIR,MAAM,CAACU,QAAQ,EAAE;QACjB,MAAMC,YAAY,GAAG3B,UAAU,CAAE4B,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACR,EAAE,KAAKL,MAAM,CAACU,QAAQ,CAAE;QACrE,IAAIC,YAAY,EAAE;UACd;UACA,IAAIG,gCAAgC,GAAGhB,0BAA0B,CAACc,IAAI,CAClET,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKO,YAAY,CAACN,EACvC,CAAC;;UAED;UACA,IAAI,CAACS,gCAAgC,EAAE;YACnCf,wBAAwB,CAACY,YAAY,CAAC;YACtCG,gCAAgC,GAAGhB,0BAA0B,CAACc,IAAI,CAC9DT,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACU,QACjC,CAAC;UACL;;UAEA;UACA,IAAII,gCAAgC,EAAE;YAClC,MAAMC,oBAAoB,GACtBD,gCAAgC,CAAClB,WAAW,CAACM,IAAI,CAC7Cc,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QACrB,CAAC;;YAEL;YACA;YACA;YACA,MAAMC,WAAW,GACb,CAACH,oBAAoB,IACrBT,wBAAwB,CAACV,WAAW,CAACuB,MAAM,KAAK,CAAC;YAErD,IAAID,WAAW,EAAE;cACb,MAAME,oBAAoB,GACtBN,gCAAgC,CAAClB,WAAW,CAACW,GAAG,CAACS,CAAC,IAAI;gBAClD,WAAAP,cAAA,CAAAlC,OAAA,MAAAkC,cAAA,CAAAlC,OAAA,MACOyC,CAAC;kBACJK,aAAa,EACT,SAAS,GAAGP,gCAAgC,CAAEV;gBAAQ;cAElE,CAAC,CAAC;cAENE,wBAAwB,CAACV,WAAW,CAAC0B,IAAI,CAAC,GAAGF,oBAAoB,CAAC;YACtE;UACJ;QACJ;MACJ;;MAEA;MACA;MACA;MACA,MAAMG,oCAAoC,GAAGjB,wBAAwB,CAACV,WAAW,CAACM,IAAI,CAClFc,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAC3C,CAAC;MAED,IAAIkB,oCAAoC,EAAE;QACtC;QACA,MAAME,8BAA8B,GAChCnB,wBAAwB,CAACV,WAAW,CAAC8B,SAAS,CAC1CV,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAC3C,CAAC;QAEL,IAAIoB,8BAA8B,GAAG,CAAC,EAAE;UACpC,MAAM,CAACE,yBAAyB,CAAC,GAAGrB,wBAAwB,CAACV,WAAW,CAACgC,MAAM,CAC3EH,8BAA8B,EAC9B,CACJ,CAAC;UACDnB,wBAAwB,CAACV,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;QAC3E;MACJ,CAAC,MAAM;QACH;QACA,IAAIA,yBAAkD,GAAG,IAAI;;QAE7D;QACA,MAAMG,aAAa,GAAGlC,WAAW,CAACM,IAAI,CAACc,CAAC,IAAIA,CAAC,CAACe,IAAI,KAAK,GAAG,CAAC;QAC3D,IAAID,aAAa,EAAE;UACfH,yBAAyB,GAAG;YACxBH,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;YAC9BY,KAAK,EAAE,OAAO;YACdI,aAAa,EAAE;UACnB,CAAC;QACL,CAAC,MAAM,IAAIxB,YAAY,EAAE;UACrB;UACA,MAAMmC,cAAc,GAAG1B,wBAAwB,CAACV,WAAW,CAACgB,IAAI,CAC5DI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,QAAO3B,YAAY,CAAEQ,EAAG,EAC/C,CAAC;UAED,IAAI2B,cAAc,EAAE;YAChBL,yBAAyB,GAAG;cACxBH,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;cAC9BY,KAAK,EAAEe,cAAc,CAACf,KAAK;cAC3BI,aAAa,EAAE,OAAO,GAAGxB,YAAY,CAAEQ;YAC3C,CAAC;UACL;QACJ;QAEA,IAAIsB,yBAAyB,EAAE;UAC3B;UACA;UACArB,wBAAwB,CAACV,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;QAC3E;MACJ;;MAEA;MACA;MACA,MAAMM,uBAAuB,GAAG3B,wBAAwB,CAACV,WAAW,CAACuB,MAAM,KAAK,CAAC;MACjF,IAAIc,uBAAuB,EAAE;QACzB3B,wBAAwB,CAACV,WAAW,GAAG,CACnC;UACI4B,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;UAC9BY,KAAK,EAAE,QAAQ;UACfI,aAAa,EAAE;QACnB,CAAC,CACJ;MACL;MAEAvB,0BAA0B,CAACwB,IAAI,CAAChB,wBAAwB,CAAC;IAC7D,CAAC;IAED,KAAK,IAAI4B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGlD,UAAU,CAAEmC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACzC,MAAMlC,MAAM,GAAGhB,UAAU,CAAEkD,CAAC,CAAC;MAC7BnC,wBAAwB,CAACC,MAAM,CAAC;IACpC;IAEA,OAAOF,0BAA0B;EACrC;EAEA,MAAMqC,oBAAoBA,CACtB9D,MAAkC,EACY;IAC9C,MAAM;MAAE2B,MAAM;MAAEN;IAAY,CAAC,GAAGrB,MAAM;IACtC,MAAM+D,qBAAqB,GAAG,MAAM,IAAI,CAAC3C,sBAAsB,CAAC;MAC5DV,UAAU,EAAEiB,MAAM,CAACqC,IAAI;MACvB3C;IACJ,CAAC,CAAC;IAEF,OAAO0C,qBAAqB,CAACxB,IAAI,CAACT,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACK,EAAE,CAAC;EACtE;EAEA,MAAMiC,eAAeA,CAACjE,MAA6B,EAAE;IAAA,IAAAkE,qBAAA;IACjD,IAAI,CAAC,IAAI,CAACzD,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,IAAIT,MAAM,CAACmE,iBAAiB,IAAInE,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MAChD,MAAM,IAAImD,KAAK,CAAE,iEAAgE,CAAC;IACtF;IAEA,MAAM;MAAEzC;IAAO,CAAC,GAAG3B,MAAM;;IAEzB;IACA;IACA,IAAI2B,MAAM,CAACU,QAAQ,EAAE;MACjB,IAAIhB,WAAW,GAAGrB,MAAM,CAACqB,WAAW;MACpC,IAAI,CAACA,WAAW,EAAE;QACdA,WAAW,GAAG,MAAM,IAAI,CAACd,cAAc,CAACoB,MAAM,CAACqC,IAAI,CAAC;MACxD;MAEA,MAAM1B,YAAY,GAAGjB,WAAW,CAACkB,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACR,EAAE,KAAKL,MAAM,CAACU,QAAQ,CAAC;MACpE,IAAIC,YAAY,EAAE;QACd,MAAM+B,qBAAqB,GAAG,MAAM,IAAI,CAACJ,eAAe,KAAA7B,cAAA,CAAAlC,OAAA,MAAAkC,cAAA,CAAAlC,OAAA,MACjDF,MAAM;UACT2B,MAAM,EAAEW;QAAY,EACvB,CAAC;QAEF,IAAI,CAAC+B,qBAAqB,EAAE;UACxB,OAAO,KAAK;QAChB;MACJ;IACJ;IAEA,MAAMC,iBAAiB,GAAG,MAAM,IAAI,CAACR,oBAAoB,CAAC;MACtDnC,MAAM;MACNN,WAAW,EAAErB,MAAM,CAACqB;IACxB,CAAC,CAAC;;IAEF;IACA;IACA,MAAMkD,cAAc,GAAGD,iBAAiB,aAAjBA,iBAAiB,uBAAjBA,iBAAiB,CAAE/C,WAAW,CAACM,IAAI,CAACc,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QAAQ,CAAC;IACrF,IAAI2B,cAAc,EAAE;MAChB,OAAO,CAACvE,MAAM,CAACmE,iBAAiB;IACpC;IAEA,MAAM7C,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IAEnC,MAAMqE,eAAe,GAAGF,iBAAiB,aAAjBA,iBAAiB,gBAAAJ,qBAAA,GAAjBI,iBAAiB,CAAE/C,WAAW,CAACgB,IAAI,CACvDI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,QAAQ,GAAG7B,QAAQ,CAACU,EAC1C,CAAC,cAAAkC,qBAAA,uBAFuBA,qBAAA,CAErBtB,KAAK;IAER,IAAI6B,eAA8C;IAElD,IAAI,IAAI,CAACjE,WAAW,CAAC,CAAC,EAAE;MACpB,MAAMgB,YAAY,GAAG,MAAM,IAAI,CAACpB,eAAe,CAAC,CAAC;MACjD,IAAIoB,YAAY,EAAE;QAAA,IAAAkD,sBAAA;QACdD,eAAe,GAAGH,iBAAiB,aAAjBA,iBAAiB,gBAAAI,sBAAA,GAAjBJ,iBAAiB,CAAE/C,WAAW,CAACgB,IAAI,CACjDI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,OAAO,GAAG3B,YAAY,CAACQ,EAC7C,CAAC,cAAA0C,sBAAA,uBAFiBA,sBAAA,CAEf9B,KAAK;MACZ;IACJ;IAEA,MAAM+B,YAAY,GAAG,CAACH,eAAe,EAAEC,eAAe,CAAC,CAACG,MAAM,CAACC,OAAO,CAAC;IAEvE,IAAI7E,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MACpB,OAAO0D,YAAY,CAACG,QAAQ,CAAC,OAAO,CAAC;IACzC;;IAEA;IACA;IACA,IAAIH,YAAY,CAAC7B,MAAM,GAAG,CAAC,EAAE;MACzB,OAAO,IAAI;IACf;;IAEA;IACA,OAAO,KAAK;EAChB;EAEA,MAAMiC,qBAAqBA,CAAC/E,MAA6B,EAAE;IACvD,MAAMiE,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAACjE,MAAM,CAAC;IAC1D,IAAI,CAACiE,eAAe,EAAE;MAClB,MAAM,IAAIe,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEAC,0BAA0BA,CAACtD,MAAc,EAAE;IACvC,IAAI,CAAC,IAAI,CAAClB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,KAAK;IAChB;IAEA,OAAO,IAAI,CAACwD,eAAe,CAAC;MAAEtC,MAAM;MAAEV,GAAG,EAAE,GAAG;MAAEkD,iBAAiB,EAAE;IAAK,CAAC,CAAC;EAC9E;EAEAe,wBAAwBA,CAACvD,MAAc,EAAE;IACrC,IAAI,CAAC,IAAI,CAAClB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACwD,eAAe,CAAC;MAAEtC,MAAM;MAAEV,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEA,MAAMkE,sBAAsBA,CAACnF,MAAoC,EAAE;IAAA,IAAAoF,sBAAA;IAC/D,IAAI,CAAC,IAAI,CAAC3E,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,MAAM;MAAEkB,MAAM;MAAEN;IAAY,CAAC,GAAGrB,MAAM;IAEtC,MAAMsE,iBAAiB,GAAG,MAAM,IAAI,CAACR,oBAAoB,CAAC;MACtDnC,MAAM;MACNN;IACJ,CAAC,CAAC;;IAEF;IACA;IACA,MAAMkD,cAAc,GAAGD,iBAAiB,aAAjBA,iBAAiB,uBAAjBA,iBAAiB,CAAE/C,WAAW,CAACM,IAAI,CAACc,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QAAQ,CAAC;IACrF,IAAI2B,cAAc,EAAE;MAChB,OAAO,IAAI;IACf;IAEA,MAAMjD,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IAEnC,MAAMqE,eAAe,GAAGF,iBAAiB,aAAjBA,iBAAiB,gBAAAc,sBAAA,GAAjBd,iBAAiB,CAAE/C,WAAW,CAACgB,IAAI,CACvDI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,QAAQ,GAAG7B,QAAQ,CAACU,EAC1C,CAAC,cAAAoD,sBAAA,uBAFuBA,sBAAA,CAErBxC,KAAK;IAER,IAAI6B,eAA8C;IAClD,IAAI,IAAI,CAACjE,WAAW,CAAC,CAAC,EAAE;MACpB,MAAMgB,YAAY,GAAG,MAAM,IAAI,CAACpB,eAAe,CAAC,CAAC;MACjD,IAAIoB,YAAY,EAAE;QAAA,IAAA6D,sBAAA;QACdZ,eAAe,GAAGH,iBAAiB,aAAjBA,iBAAiB,gBAAAe,sBAAA,GAAjBf,iBAAiB,CAAE/C,WAAW,CAACgB,IAAI,CACjDI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,OAAO,GAAG3B,YAAY,CAACQ,EAC7C,CAAC,cAAAqD,sBAAA,uBAFiBA,sBAAA,CAEfzC,KAAK;MACZ;IACJ;IAEA,MAAM+B,YAAY,GAAG,CAACH,eAAe,EAAEC,eAAe,CAAC,CAACG,MAAM,CAACC,OAAO,CAAC;;IAEvE;IACA;IACA,IAAI7E,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MACpB,OAAO0D,YAAY,CAACG,QAAQ,CAAC,OAAO,CAAC,IAAIH,YAAY,CAACG,QAAQ,CAAC,QAAQ,CAAC;IAC5E;;IAEA;IACA;IACA,IAAIH,YAAY,CAAC7B,MAAM,GAAG,CAAC,EAAE;MACzB,OAAO,IAAI;IACf;;IAEA;IACA,OAAO,KAAK;EAChB;EAEA,MAAMwC,4BAA4BA,CAACtF,MAAoC,EAAE;IACrE,MAAMmF,sBAAsB,GAAG,MAAM,IAAI,CAACA,sBAAsB,CAACnF,MAAM,CAAC;IACxE,IAAI,CAACmF,sBAAsB,EAAE;MACzB,MAAM,IAAIH,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEA,MAAMO,qBAAqBA,CAAA,EAAG;IAC1B,OAAO,IAAI;EACf;EAEA,MAAMvE,aAAaA,CAAChB,MAA2B,EAAE;IAC7C,MAAMwF,eAAyB,GAAG,EAAE;IAEpC,MAAM;MAAE1E,OAAO;MAAEG;IAAI,CAAC,GAAGjB,MAAM;IAC/B,KAAK,IAAI6D,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG/C,OAAO,CAACgC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACrC,MAAMlC,MAAM,GAAGb,OAAO,CAAC+C,CAAC,CAAC;MACzB,MAAMI,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC;QAAEtC,MAAM;QAAEV;MAAI,CAAC,CAAC;MACnE,IAAIgD,eAAe,EAAE;QACjBuB,eAAe,CAACvC,IAAI,CAACtB,MAAM,CAAC;MAChC;IACJ;IAEA,OAAO6D,eAAe;EAC1B;EAEA,MAAMtE,uBAAuBA,CAACS,MAAyB,EAAE;IACrD,MAAMb,OAAO,GAAG2E,KAAK,CAACC,OAAO,CAAC/D,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IAEzD,KAAK,IAAIkC,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG/C,OAAO,CAACgC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACrC,MAAMlC,MAAM,GAAGb,OAAO,CAAC+C,CAAC,CAAC;MACzB,MAAMS,iBAAiB,GAAG,MAAM,IAAI,CAACR,oBAAoB,CAAC;QAAEnC;MAAO,CAAC,CAAC;MACrE,IAAI2C,iBAAiB,EAAE;QACnB3C,MAAM,CAACJ,WAAW,GAAG+C,iBAAiB,CAAC/C,WAAW;MACtD,CAAC,MAAM;QACHI,MAAM,CAACJ,WAAW,GAAG,EAAE;MAC3B;IACJ;EACJ;EAEAoE,yCAAyCA,CAAC5B,qBAA0C,EAAE;IAClF,OAAOA,qBAAqB,aAArBA,qBAAqB,uBAArBA,qBAAqB,CAAElC,IAAI,CAACc,CAAC,IAAI,CAACA,CAAC,CAACK,aAAa,CAAC;EAC7D;AACJ;AAAC4C,OAAA,CAAA9F,sBAAA,GAAAA,sBAAA"}
package/utils/decorators/CmsEntriesCrudDecorators.js CHANGED
@@ -8,8 +8,25 @@ exports.CmsEntriesCrudDecorators = void 0;
8
8
  var _objectSpread2 = _interopRequireDefault(require("@babel/runtime/helpers/objectSpread2"));
9
9
  var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
10
10
  var _handlerGraphql = require("@webiny/handler-graphql");
11
- const ROOT_FOLDER = "root";
11
+ var _where = require("./where");
12
+ var _constants = require("./constants");
13
+ /**
14
+ * Keep this until we figure out how to fetch the folders.
15
+ */
16
+ const isPageModel = model => {
17
+ if (model.modelId === "pbPage") {
18
+ return true;
19
+ } else if (model.modelId === "acoSearchRecord-pbpage") {
20
+ return true;
21
+ }
22
+ return false;
23
+ };
12
24
  const createFolderType = model => {
25
+ if (model.modelId === "fmFile") {
26
+ return "FmFile";
27
+ } else if (isPageModel(model)) {
28
+ return "PbPage";
29
+ }
13
30
  return `cms:${model.modelId}`;
14
31
  };
15
32
  const filterEntriesByFolderFactory = (context, permissions) => {
@@ -22,7 +39,7 @@ const filterEntriesByFolderFactory = (context, permissions) => {
22
39
  const results = await Promise.all(entries.map(async entry => {
23
40
  var _entry$location;
24
41
  const folderId = (_entry$location = entry.location) === null || _entry$location === void 0 ? void 0 : _entry$location.folderId;
25
- if (!folderId || folderId === ROOT_FOLDER) {
42
+ if (!folderId || folderId === _constants.ROOT_FOLDER) {
26
43
  return entry;
27
44
  }
28
45
  const folder = folders.find(folder => folder.id === folderId);
@@ -51,16 +68,14 @@ class CmsEntriesCrudDecorators {
51
68
  const filterEntriesByFolder = filterEntriesByFolderFactory(context, folderLevelPermissions);
52
69
  const originalCmsListEntries = context.cms.listEntries.bind(context.cms);
53
70
  context.cms.listEntries = async (model, params) => {
54
- const folderType = model.modelId === "fmFile" ? "FmFile" : `cms:${model.modelId}`;
55
- const allFolders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);
71
+ const folderType = createFolderType(model);
72
+ const folders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);
73
+ const where = (0, _where.createWhere)({
74
+ where: params.where,
75
+ folders
76
+ });
56
77
  return originalCmsListEntries(model, (0, _objectSpread2.default)((0, _objectSpread2.default)({}, params), {}, {
57
- where: (0, _objectSpread2.default)((0, _objectSpread2.default)({}, (params === null || params === void 0 ? void 0 : params.where) || {}), {}, {
58
- wbyAco_location: {
59
- // At the moment, all users can access entries in the root folder.
60
- // Root folder level permissions cannot be set yet.
61
- folderId_in: [ROOT_FOLDER, ...allFolders.map(folder => folder.id)]
62
- }
63
- })
78
+ where
64
79
  }));
65
80
  };
66
81
  const originalCmsGetEntry = context.cms.getEntry.bind(context.cms);
@@ -68,7 +83,7 @@ class CmsEntriesCrudDecorators {
68
83
  var _entry$location2;
69
84
  const entry = await originalCmsGetEntry(model, params);
70
85
  const folderId = entry === null || entry === void 0 || (_entry$location2 = entry.location) === null || _entry$location2 === void 0 ? void 0 : _entry$location2.folderId;
71
- if (!folderId || folderId === ROOT_FOLDER) {
86
+ if (!folderId || folderId === _constants.ROOT_FOLDER) {
72
87
  return entry;
73
88
  }
74
89
  const folder = await context.aco.folder.get(folderId);
@@ -83,7 +98,7 @@ class CmsEntriesCrudDecorators {
83
98
  var _entry$location3;
84
99
  const entry = await originalCmsGetEntryById(model, params);
85
100
  const folderId = entry === null || entry === void 0 || (_entry$location3 = entry.location) === null || _entry$location3 === void 0 ? void 0 : _entry$location3.folderId;
86
- if (!folderId || folderId === ROOT_FOLDER) {
101
+ if (!folderId || folderId === _constants.ROOT_FOLDER) {
87
102
  return entry;
88
103
  }
89
104
  const folder = await context.aco.folder.get(folderId);
@@ -104,61 +119,78 @@ class CmsEntriesCrudDecorators {
104
119
  return filterEntriesByFolder(model, entries);
105
120
  };
106
121
  const originalCmsCreateEntry = context.cms.createEntry.bind(context.cms);
107
- context.cms.createEntry = async (model, params) => {
122
+ context.cms.createEntry = async (model, params, options) => {
108
123
  var _params$wbyAco_locati, _params$location;
109
124
  const folderId = ((_params$wbyAco_locati = params.wbyAco_location) === null || _params$wbyAco_locati === void 0 ? void 0 : _params$wbyAco_locati.folderId) || ((_params$location = params.location) === null || _params$location === void 0 ? void 0 : _params$location.folderId);
110
- if (!folderId || folderId === ROOT_FOLDER) {
111
- return originalCmsCreateEntry(model, params);
125
+ if (!folderId || folderId === _constants.ROOT_FOLDER) {
126
+ return originalCmsCreateEntry(model, params, options);
112
127
  }
113
128
  const folder = await context.aco.folder.get(folderId);
114
129
  await folderLevelPermissions.ensureCanAccessFolderContent({
115
130
  folder,
116
131
  rwd: "w"
117
132
  });
118
- return originalCmsCreateEntry(model, params);
133
+ return originalCmsCreateEntry(model, params, options);
119
134
  };
120
- const originalCmsUpdateEntry = context.cms.updateEntry.bind(context.cms);
121
- context.cms.updateEntry = async (model, id, input, meta) => {
135
+ const originalCmsCreateFromEntry = context.cms.createEntryRevisionFrom.bind(context.cms);
136
+ context.cms.createEntryRevisionFrom = async (model, id, input, options) => {
122
137
  var _entry$location4;
123
138
  const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
124
139
  id
125
140
  });
126
141
  const folderId = entry === null || entry === void 0 || (_entry$location4 = entry.location) === null || _entry$location4 === void 0 ? void 0 : _entry$location4.folderId;
127
- if (!folderId || folderId === ROOT_FOLDER) {
128
- return originalCmsUpdateEntry(model, id, input, meta);
142
+ if (!folderId || folderId === _constants.ROOT_FOLDER) {
143
+ return originalCmsCreateFromEntry(model, id, input, options);
129
144
  }
130
145
  const folder = await context.aco.folder.get(folderId);
131
146
  await folderLevelPermissions.ensureCanAccessFolderContent({
132
147
  folder,
133
148
  rwd: "w"
134
149
  });
135
- return originalCmsUpdateEntry(model, id, input, meta);
150
+ return originalCmsCreateFromEntry(model, id, input, options);
136
151
  };
137
- const originalCmsDeleteEntry = context.cms.deleteEntry.bind(context.cms);
138
- context.cms.deleteEntry = async (model, id) => {
152
+ const originalCmsUpdateEntry = context.cms.updateEntry.bind(context.cms);
153
+ context.cms.updateEntry = async (model, id, input, meta, options) => {
139
154
  var _entry$location5;
140
155
  const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
141
156
  id
142
157
  });
143
158
  const folderId = entry === null || entry === void 0 || (_entry$location5 = entry.location) === null || _entry$location5 === void 0 ? void 0 : _entry$location5.folderId;
144
- if (!folderId || folderId === ROOT_FOLDER) {
145
- return originalCmsDeleteEntry(model, id);
159
+ if (!folderId || folderId === _constants.ROOT_FOLDER) {
160
+ return originalCmsUpdateEntry(model, id, input, meta, options);
161
+ }
162
+ const folder = await context.aco.folder.get(folderId);
163
+ await folderLevelPermissions.ensureCanAccessFolderContent({
164
+ folder,
165
+ rwd: "w"
166
+ });
167
+ return originalCmsUpdateEntry(model, id, input, meta, options);
168
+ };
169
+ const originalCmsDeleteEntry = context.cms.deleteEntry.bind(context.cms);
170
+ context.cms.deleteEntry = async (model, id, options) => {
171
+ var _entry$location6;
172
+ const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
173
+ id
174
+ });
175
+ const folderId = entry === null || entry === void 0 || (_entry$location6 = entry.location) === null || _entry$location6 === void 0 ? void 0 : _entry$location6.folderId;
176
+ if (!folderId || folderId === _constants.ROOT_FOLDER) {
177
+ return originalCmsDeleteEntry(model, id, options);
146
178
  }
147
179
  const folder = await context.aco.folder.get(folderId);
148
180
  await folderLevelPermissions.ensureCanAccessFolderContent({
149
181
  folder,
150
182
  rwd: "d"
151
183
  });
152
- return originalCmsDeleteEntry(model, id);
184
+ return originalCmsDeleteEntry(model, id, options);
153
185
  };
154
186
  const originalCmsDeleteEntryRevision = context.cms.deleteEntryRevision.bind(context.cms);
155
187
  context.cms.deleteEntryRevision = async (model, id) => {
156
- var _entry$location6;
188
+ var _entry$location7;
157
189
  const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
158
190
  id
159
191
  });
160
- const folderId = entry === null || entry === void 0 || (_entry$location6 = entry.location) === null || _entry$location6 === void 0 ? void 0 : _entry$location6.folderId;
161
- if (!folderId || folderId === ROOT_FOLDER) {
192
+ const folderId = entry === null || entry === void 0 || (_entry$location7 = entry.location) === null || _entry$location7 === void 0 ? void 0 : _entry$location7.folderId;
193
+ if (!folderId || folderId === _constants.ROOT_FOLDER) {
162
194
  return originalCmsDeleteEntryRevision(model, id);
163
195
  }
164
196
  const folder = await context.aco.folder.get(folderId);
@@ -168,6 +200,43 @@ class CmsEntriesCrudDecorators {
168
200
  });
169
201
  return originalCmsDeleteEntryRevision(model, id);
170
202
  };
203
+ const originalCmsMoveEntry = context.cms.moveEntry.bind(context.cms);
204
+ context.cms.moveEntry = async (model, id, targetFolderId) => {
205
+ var _entry$location8;
206
+ /**
207
+ * First we need to check if user has access to the entries existing folder.
208
+ */
209
+ const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
210
+ id
211
+ });
212
+ const folderId = (entry === null || entry === void 0 || (_entry$location8 = entry.location) === null || _entry$location8 === void 0 ? void 0 : _entry$location8.folderId) || _constants.ROOT_FOLDER;
213
+ /**
214
+ * If the entry is in the same folder we are trying to move it to, just continue.
215
+ */
216
+ if (folderId === targetFolderId) {
217
+ return originalCmsMoveEntry(model, id, targetFolderId);
218
+ } else if (folderId !== _constants.ROOT_FOLDER) {
219
+ /**
220
+ * If entry current folder is not a root, check for access
221
+ */
222
+ const folder = await context.aco.folder.get(folderId);
223
+ await folderLevelPermissions.ensureCanAccessFolderContent({
224
+ folder,
225
+ rwd: "w"
226
+ });
227
+ }
228
+ /**
229
+ * If target folder is not a ROOT_FOLDER, check for access.
230
+ */
231
+ if (targetFolderId !== _constants.ROOT_FOLDER) {
232
+ const folder = await context.aco.folder.get(targetFolderId);
233
+ await folderLevelPermissions.ensureCanAccessFolderContent({
234
+ folder,
235
+ rwd: "w"
236
+ });
237
+ }
238
+ return originalCmsMoveEntry(model, id, targetFolderId);
239
+ };
171
240
  }
172
241
  }
173
242
  exports.CmsEntriesCrudDecorators = CmsEntriesCrudDecorators;
package/utils/decorators/CmsEntriesCrudDecorators.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_handlerGraphql","require","ROOT_FOLDER","createFolderType","model","modelId","filterEntriesByFolderFactory","context","permissions","entries","folders","aco","folder","listAll","where","type","results","Promise","all","map","entry","_entry$location","folderId","location","find","id","NotFoundError","result","canAccessFolderContent","rwd","filter","CmsEntriesCrudDecorators","constructor","_defineProperty2","default","decorate","folderLevelPermissions","filterEntriesByFolder","originalCmsListEntries","cms","listEntries","bind","params","folderType","allFolders","listAllFoldersWithPermissions","_objectSpread2","wbyAco_location","folderId_in","originalCmsGetEntry","getEntry","_entry$location2","get","ensureCanAccessFolderContent","originalCmsGetEntryById","getEntryById","_entry$location3","originalGetLatestEntriesByIds","getLatestEntriesByIds","ids","originalGetPublishedEntriesByIds","getPublishedEntriesByIds","originalCmsCreateEntry","createEntry","_params$wbyAco_locati","_params$location","originalCmsUpdateEntry","updateEntry","input","meta","_entry$location4","storageOperations","getRevisionById","originalCmsDeleteEntry","deleteEntry","_entry$location5","originalCmsDeleteEntryRevision","deleteEntryRevision","_entry$location6","exports"],"sources":["CmsEntriesCrudDecorators.ts"],"sourcesContent":["import { AcoContext } from \"~/types\";\nimport { CmsEntry, CmsModel } from \"@webiny/api-headless-cms/types\";\nimport { NotFoundError } from \"@webiny/handler-graphql\";\nimport { FolderLevelPermissions } from \"~/utils/FolderLevelPermissions\";\n\ntype Context = Pick<AcoContext, \"aco\" | \"cms\">;\n\nconst ROOT_FOLDER = \"root\";\n\nconst createFolderType = (model: Pick<CmsModel, \"modelId\">): string => {\n return `cms:${model.modelId}`;\n};\n\nconst filterEntriesByFolderFactory = (context: Context, permissions: FolderLevelPermissions) => {\n return async (model: CmsModel, entries: CmsEntry[]) => {\n const [folders] = await context.aco.folder.listAll({\n where: {\n type: createFolderType(model)\n }\n });\n\n const results = await Promise.all(\n entries.map(async entry => {\n const folderId = entry.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n const folder = folders.find(folder => folder.id === folderId);\n if (!folder) {\n throw new NotFoundError(`Folder \"${folderId}\" not found.`);\n }\n const result = await permissions.canAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n return result ? entry : null;\n })\n );\n\n return results.filter((entry): entry is CmsEntry => !!entry);\n };\n};\n\ninterface EntryManagerCrudDecoratorsParams {\n context: Context;\n}\n\nexport class CmsEntriesCrudDecorators {\n private readonly context: Context;\n\n public constructor({ context }: EntryManagerCrudDecoratorsParams) {\n this.context = context;\n }\n\n public decorate() {\n const context = this.context;\n const folderLevelPermissions = context.aco.folderLevelPermissions;\n\n const filterEntriesByFolder = filterEntriesByFolderFactory(context, folderLevelPermissions);\n\n const originalCmsListEntries = context.cms.listEntries.bind(context.cms);\n context.cms.listEntries = async (model, params) => {\n const folderType = model.modelId === \"fmFile\" ? \"FmFile\" : `cms:${model.modelId}`;\n const allFolders = await folderLevelPermissions.listAllFoldersWithPermissions(\n folderType\n );\n\n return originalCmsListEntries(model, {\n ...params,\n where: {\n ...(params?.where || {}),\n wbyAco_location: {\n // At the moment, all users can access entries in the root folder.\n // Root folder level permissions cannot be set yet.\n folderId_in: [ROOT_FOLDER, ...allFolders.map(folder => folder.id)]\n }\n }\n });\n };\n\n const originalCmsGetEntry = context.cms.getEntry.bind(context.cms);\n context.cms.getEntry = async (model, params) => {\n const entry = await originalCmsGetEntry(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n\n return entry;\n };\n\n const originalCmsGetEntryById = context.cms.getEntryById.bind(context.cms);\n context.cms.getEntryById = async (model, params) => {\n const entry = await originalCmsGetEntryById(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n return entry;\n };\n\n const originalGetLatestEntriesByIds = context.cms.getLatestEntriesByIds.bind(context.cms);\n context.cms.getLatestEntriesByIds = async (model, ids) => {\n const entries = await originalGetLatestEntriesByIds(model, ids);\n\n return filterEntriesByFolder(model, entries);\n };\n\n const originalGetPublishedEntriesByIds = context.cms.getPublishedEntriesByIds.bind(\n context.cms\n );\n context.cms.getPublishedEntriesByIds = async (model, ids) => {\n const entries = await originalGetPublishedEntriesByIds(model, ids);\n return filterEntriesByFolder(model, entries);\n };\n\n const originalCmsCreateEntry = context.cms.createEntry.bind(context.cms);\n context.cms.createEntry = async (model, params) => {\n const folderId = params.wbyAco_location?.folderId || params.location?.folderId;\n\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateEntry(model, params);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateEntry(model, params);\n };\n\n const originalCmsUpdateEntry = context.cms.updateEntry.bind(context.cms);\n context.cms.updateEntry = async (model, id, input, meta) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsUpdateEntry(model, id, input, meta);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsUpdateEntry(model, id, input, meta);\n };\n\n const originalCmsDeleteEntry = context.cms.deleteEntry.bind(context.cms);\n context.cms.deleteEntry = async (model, id) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntry(model, id);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntry(model, id);\n };\n\n const originalCmsDeleteEntryRevision = context.cms.deleteEntryRevision.bind(context.cms);\n context.cms.deleteEntryRevision = async (model, id) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntryRevision(model, id);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntryRevision(model, id);\n };\n }\n}\n"],"mappings":";;;;;;;;;AAEA,IAAAA,eAAA,GAAAC,OAAA;AAKA,MAAMC,WAAW,GAAG,MAAM;AAE1B,MAAMC,gBAAgB,GAAIC,KAAgC,IAAa;EACnE,OAAQ,OAAMA,KAAK,CAACC,OAAQ,EAAC;AACjC,CAAC;AAED,MAAMC,4BAA4B,GAAGA,CAACC,OAAgB,EAAEC,WAAmC,KAAK;EAC5F,OAAO,OAAOJ,KAAe,EAAEK,OAAmB,KAAK;IACnD,MAAM,CAACC,OAAO,CAAC,GAAG,MAAMH,OAAO,CAACI,GAAG,CAACC,MAAM,CAACC,OAAO,CAAC;MAC/CC,KAAK,EAAE;QACHC,IAAI,EAAEZ,gBAAgB,CAACC,KAAK;MAChC;IACJ,CAAC,CAAC;IAEF,MAAMY,OAAO,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BT,OAAO,CAACU,GAAG,CAAC,MAAMC,KAAK,IAAI;MAAA,IAAAC,eAAA;MACvB,MAAMC,QAAQ,IAAAD,eAAA,GAAGD,KAAK,CAACG,QAAQ,cAAAF,eAAA,uBAAdA,eAAA,CAAgBC,QAAQ;MACzC,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKpB,WAAW,EAAE;QACvC,OAAOkB,KAAK;MAChB;MACA,MAAMR,MAAM,GAAGF,OAAO,CAACc,IAAI,CAACZ,MAAM,IAAIA,MAAM,CAACa,EAAE,KAAKH,QAAQ,CAAC;MAC7D,IAAI,CAACV,MAAM,EAAE;QACT,MAAM,IAAIc,6BAAa,CAAE,WAAUJ,QAAS,cAAa,CAAC;MAC9D;MACA,MAAMK,MAAM,GAAG,MAAMnB,WAAW,CAACoB,sBAAsB,CAAC;QACpDhB,MAAM;QACNiB,GAAG,EAAE;MACT,CAAC,CAAC;MACF,OAAOF,MAAM,GAAGP,KAAK,GAAG,IAAI;IAChC,CAAC,CACL,CAAC;IAED,OAAOJ,OAAO,CAACc,MAAM,CAAEV,KAAK,IAAwB,CAAC,CAACA,KAAK,CAAC;EAChE,CAAC;AACL,CAAC;AAMM,MAAMW,wBAAwB,CAAC;EAG3BC,WAAWA,CAAC;IAAEzB;EAA0C,CAAC,EAAE;IAAA,IAAA0B,gBAAA,CAAAC,OAAA;IAC9D,IAAI,CAAC3B,OAAO,GAAGA,OAAO;EAC1B;EAEO4B,QAAQA,CAAA,EAAG;IACd,MAAM5B,OAAO,GAAG,IAAI,CAACA,OAAO;IAC5B,MAAM6B,sBAAsB,GAAG7B,OAAO,CAACI,GAAG,CAACyB,sBAAsB;IAEjE,MAAMC,qBAAqB,GAAG/B,4BAA4B,CAACC,OAAO,EAAE6B,sBAAsB,CAAC;IAE3F,MAAME,sBAAsB,GAAG/B,OAAO,CAACgC,GAAG,CAACC,WAAW,CAACC,IAAI,CAAClC,OAAO,CAACgC,GAAG,CAAC;IACxEhC,OAAO,CAACgC,GAAG,CAACC,WAAW,GAAG,OAAOpC,KAAK,EAAEsC,MAAM,KAAK;MAC/C,MAAMC,UAAU,GAAGvC,KAAK,CAACC,OAAO,KAAK,QAAQ,GAAG,QAAQ,GAAI,OAAMD,KAAK,CAACC,OAAQ,EAAC;MACjF,MAAMuC,UAAU,GAAG,MAAMR,sBAAsB,CAACS,6BAA6B,CACzEF,UACJ,CAAC;MAED,OAAOL,sBAAsB,CAAClC,KAAK,MAAA0C,cAAA,CAAAZ,OAAA,MAAAY,cAAA,CAAAZ,OAAA,MAC5BQ,MAAM;QACT5B,KAAK,MAAAgC,cAAA,CAAAZ,OAAA,MAAAY,cAAA,CAAAZ,OAAA,MACG,CAAAQ,MAAM,aAANA,MAAM,uBAANA,MAAM,CAAE5B,KAAK,KAAI,CAAC,CAAC;UACvBiC,eAAe,EAAE;YACb;YACA;YACAC,WAAW,EAAE,CAAC9C,WAAW,EAAE,GAAG0C,UAAU,CAACzB,GAAG,CAACP,MAAM,IAAIA,MAAM,CAACa,EAAE,CAAC;UACrE;QAAC;MACJ,EACJ,CAAC;IACN,CAAC;IAED,MAAMwB,mBAAmB,GAAG1C,OAAO,CAACgC,GAAG,CAACW,QAAQ,CAACT,IAAI,CAAClC,OAAO,CAACgC,GAAG,CAAC;IAClEhC,OAAO,CAACgC,GAAG,CAACW,QAAQ,GAAG,OAAO9C,KAAK,EAAEsC,MAAM,KAAK;MAAA,IAAAS,gBAAA;MAC5C,MAAM/B,KAAK,GAAG,MAAM6B,mBAAmB,CAAC7C,KAAK,EAAEsC,MAAM,CAAC;MAEtD,MAAMpB,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAA+B,gBAAA,GAAL/B,KAAK,CAAEG,QAAQ,cAAA4B,gBAAA,uBAAfA,gBAAA,CAAiB7B,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKpB,WAAW,EAAE;QACvC,OAAOkB,KAAK;MAChB;MAEA,MAAMR,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACwC,GAAG,CAAC9B,QAAQ,CAAC;MACrD,MAAMc,sBAAsB,CAACiB,4BAA4B,CAAC;QACtDzC,MAAM;QACNiB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOT,KAAK;IAChB,CAAC;IAED,MAAMkC,uBAAuB,GAAG/C,OAAO,CAACgC,GAAG,CAACgB,YAAY,CAACd,IAAI,CAAClC,OAAO,CAACgC,GAAG,CAAC;IAC1EhC,OAAO,CAACgC,GAAG,CAACgB,YAAY,GAAG,OAAOnD,KAAK,EAAEsC,MAAM,KAAK;MAAA,IAAAc,gBAAA;MAChD,MAAMpC,KAAK,GAAG,MAAMkC,uBAAuB,CAAClD,KAAK,EAAEsC,MAAM,CAAC;MAE1D,MAAMpB,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAAoC,gBAAA,GAALpC,KAAK,CAAEG,QAAQ,cAAAiC,gBAAA,uBAAfA,gBAAA,CAAiBlC,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKpB,WAAW,EAAE;QACvC,OAAOkB,KAAK;MAChB;MACA,MAAMR,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACwC,GAAG,CAAC9B,QAAQ,CAAC;MACrD,MAAMc,sBAAsB,CAACiB,4BAA4B,CAAC;QACtDzC,MAAM;QACNiB,GAAG,EAAE;MACT,CAAC,CAAC;MACF,OAAOT,KAAK;IAChB,CAAC;IAED,MAAMqC,6BAA6B,GAAGlD,OAAO,CAACgC,GAAG,CAACmB,qBAAqB,CAACjB,IAAI,CAAClC,OAAO,CAACgC,GAAG,CAAC;IACzFhC,OAAO,CAACgC,GAAG,CAACmB,qBAAqB,GAAG,OAAOtD,KAAK,EAAEuD,GAAG,KAAK;MACtD,MAAMlD,OAAO,GAAG,MAAMgD,6BAA6B,CAACrD,KAAK,EAAEuD,GAAG,CAAC;MAE/D,OAAOtB,qBAAqB,CAACjC,KAAK,EAAEK,OAAO,CAAC;IAChD,CAAC;IAED,MAAMmD,gCAAgC,GAAGrD,OAAO,CAACgC,GAAG,CAACsB,wBAAwB,CAACpB,IAAI,CAC9ElC,OAAO,CAACgC,GACZ,CAAC;IACDhC,OAAO,CAACgC,GAAG,CAACsB,wBAAwB,GAAG,OAAOzD,KAAK,EAAEuD,GAAG,KAAK;MACzD,MAAMlD,OAAO,GAAG,MAAMmD,gCAAgC,CAACxD,KAAK,EAAEuD,GAAG,CAAC;MAClE,OAAOtB,qBAAqB,CAACjC,KAAK,EAAEK,OAAO,CAAC;IAChD,CAAC;IAED,MAAMqD,sBAAsB,GAAGvD,OAAO,CAACgC,GAAG,CAACwB,WAAW,CAACtB,IAAI,CAAClC,OAAO,CAACgC,GAAG,CAAC;IACxEhC,OAAO,CAACgC,GAAG,CAACwB,WAAW,GAAG,OAAO3D,KAAK,EAAEsC,MAAM,KAAK;MAAA,IAAAsB,qBAAA,EAAAC,gBAAA;MAC/C,MAAM3C,QAAQ,GAAG,EAAA0C,qBAAA,GAAAtB,MAAM,CAACK,eAAe,cAAAiB,qBAAA,uBAAtBA,qBAAA,CAAwB1C,QAAQ,OAAA2C,gBAAA,GAAIvB,MAAM,CAACnB,QAAQ,cAAA0C,gBAAA,uBAAfA,gBAAA,CAAiB3C,QAAQ;MAE9E,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKpB,WAAW,EAAE;QACvC,OAAO4D,sBAAsB,CAAC1D,KAAK,EAAEsC,MAAM,CAAC;MAChD;MAEA,MAAM9B,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACwC,GAAG,CAAC9B,QAAQ,CAAC;MACrD,MAAMc,sBAAsB,CAACiB,4BAA4B,CAAC;QACtDzC,MAAM;QACNiB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOiC,sBAAsB,CAAC1D,KAAK,EAAEsC,MAAM,CAAC;IAChD,CAAC;IAED,MAAMwB,sBAAsB,GAAG3D,OAAO,CAACgC,GAAG,CAAC4B,WAAW,CAAC1B,IAAI,CAAClC,OAAO,CAACgC,GAAG,CAAC;IACxEhC,OAAO,CAACgC,GAAG,CAAC4B,WAAW,GAAG,OAAO/D,KAAK,EAAEqB,EAAE,EAAE2C,KAAK,EAAEC,IAAI,KAAK;MAAA,IAAAC,gBAAA;MACxD,MAAMlD,KAAK,GAAG,MAAMb,OAAO,CAACgC,GAAG,CAACgC,iBAAiB,CAAC9D,OAAO,CAAC+D,eAAe,CAACpE,KAAK,EAAE;QAC7EqB;MACJ,CAAC,CAAC;MAEF,MAAMH,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAAkD,gBAAA,GAALlD,KAAK,CAAEG,QAAQ,cAAA+C,gBAAA,uBAAfA,gBAAA,CAAiBhD,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKpB,WAAW,EAAE;QACvC,OAAOgE,sBAAsB,CAAC9D,KAAK,EAAEqB,EAAE,EAAE2C,KAAK,EAAEC,IAAI,CAAC;MACzD;MAEA,MAAMzD,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACwC,GAAG,CAAC9B,QAAQ,CAAC;MACrD,MAAMc,sBAAsB,CAACiB,4BAA4B,CAAC;QACtDzC,MAAM;QACNiB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOqC,sBAAsB,CAAC9D,KAAK,EAAEqB,EAAE,EAAE2C,KAAK,EAAEC,IAAI,CAAC;IACzD,CAAC;IAED,MAAMI,sBAAsB,GAAGlE,OAAO,CAACgC,GAAG,CAACmC,WAAW,CAACjC,IAAI,CAAClC,OAAO,CAACgC,GAAG,CAAC;IACxEhC,OAAO,CAACgC,GAAG,CAACmC,WAAW,GAAG,OAAOtE,KAAK,EAAEqB,EAAE,KAAK;MAAA,IAAAkD,gBAAA;MAC3C,MAAMvD,KAAK,GAAG,MAAMb,OAAO,CAACgC,GAAG,CAACgC,iBAAiB,CAAC9D,OAAO,CAAC+D,eAAe,CAACpE,KAAK,EAAE;QAC7EqB;MACJ,CAAC,CAAC;MAEF,MAAMH,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAAuD,gBAAA,GAALvD,KAAK,CAAEG,QAAQ,cAAAoD,gBAAA,uBAAfA,gBAAA,CAAiBrD,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKpB,WAAW,EAAE;QACvC,OAAOuE,sBAAsB,CAACrE,KAAK,EAAEqB,EAAE,CAAC;MAC5C;MAEA,MAAMb,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACwC,GAAG,CAAC9B,QAAQ,CAAC;MACrD,MAAMc,sBAAsB,CAACiB,4BAA4B,CAAC;QACtDzC,MAAM;QACNiB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAO4C,sBAAsB,CAACrE,KAAK,EAAEqB,EAAE,CAAC;IAC5C,CAAC;IAED,MAAMmD,8BAA8B,GAAGrE,OAAO,CAACgC,GAAG,CAACsC,mBAAmB,CAACpC,IAAI,CAAClC,OAAO,CAACgC,GAAG,CAAC;IACxFhC,OAAO,CAACgC,GAAG,CAACsC,mBAAmB,GAAG,OAAOzE,KAAK,EAAEqB,EAAE,KAAK;MAAA,IAAAqD,gBAAA;MACnD,MAAM1D,KAAK,GAAG,MAAMb,OAAO,CAACgC,GAAG,CAACgC,iBAAiB,CAAC9D,OAAO,CAAC+D,eAAe,CAACpE,KAAK,EAAE;QAC7EqB;MACJ,CAAC,CAAC;MAEF,MAAMH,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAA0D,gBAAA,GAAL1D,KAAK,CAAEG,QAAQ,cAAAuD,gBAAA,uBAAfA,gBAAA,CAAiBxD,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKpB,WAAW,EAAE;QACvC,OAAO0E,8BAA8B,CAACxE,KAAK,EAAEqB,EAAE,CAAC;MACpD;MAEA,MAAMb,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACwC,GAAG,CAAC9B,QAAQ,CAAC;MACrD,MAAMc,sBAAsB,CAACiB,4BAA4B,CAAC;QACtDzC,MAAM;QACNiB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAO+C,8BAA8B,CAACxE,KAAK,EAAEqB,EAAE,CAAC;IACpD,CAAC;EACL;AACJ;AAACsD,OAAA,CAAAhD,wBAAA,GAAAA,wBAAA"}
1
+ {"version":3,"names":["_handlerGraphql","require","_where","_constants","isPageModel","model","modelId","createFolderType","filterEntriesByFolderFactory","context","permissions","entries","folders","aco","folder","listAll","where","type","results","Promise","all","map","entry","_entry$location","folderId","location","ROOT_FOLDER","find","id","NotFoundError","result","canAccessFolderContent","rwd","filter","CmsEntriesCrudDecorators","constructor","_defineProperty2","default","decorate","folderLevelPermissions","filterEntriesByFolder","originalCmsListEntries","cms","listEntries","bind","params","folderType","listAllFoldersWithPermissions","createWhere","_objectSpread2","originalCmsGetEntry","getEntry","_entry$location2","get","ensureCanAccessFolderContent","originalCmsGetEntryById","getEntryById","_entry$location3","originalGetLatestEntriesByIds","getLatestEntriesByIds","ids","originalGetPublishedEntriesByIds","getPublishedEntriesByIds","originalCmsCreateEntry","createEntry","options","_params$wbyAco_locati","_params$location","wbyAco_location","originalCmsCreateFromEntry","createEntryRevisionFrom","input","_entry$location4","storageOperations","getRevisionById","originalCmsUpdateEntry","updateEntry","meta","_entry$location5","originalCmsDeleteEntry","deleteEntry","_entry$location6","originalCmsDeleteEntryRevision","deleteEntryRevision","_entry$location7","originalCmsMoveEntry","moveEntry","targetFolderId","_entry$location8","exports"],"sources":["CmsEntriesCrudDecorators.ts"],"sourcesContent":["import { AcoContext } from \"~/types\";\nimport { CmsEntry, CmsModel } from \"@webiny/api-headless-cms/types\";\nimport { NotFoundError } from \"@webiny/handler-graphql\";\nimport { FolderLevelPermissions } from \"~/utils/FolderLevelPermissions\";\nimport { createWhere } from \"./where\";\nimport { ROOT_FOLDER } from \"./constants\";\n\ntype Context = Pick<AcoContext, \"aco\" | \"cms\">;\n/**\n * Keep this until we figure out how to fetch the folders.\n */\nconst isPageModel = (model: CmsModel): boolean => {\n if (model.modelId === \"pbPage\") {\n return true;\n } else if (model.modelId === \"acoSearchRecord-pbpage\") {\n return true;\n }\n return false;\n};\n\nconst createFolderType = (model: CmsModel): \"FmFile\" | \"PbPage\" | `cms:${string}` => {\n if (model.modelId === \"fmFile\") {\n return \"FmFile\";\n } else if (isPageModel(model)) {\n return \"PbPage\";\n }\n return `cms:${model.modelId}`;\n};\n\nconst filterEntriesByFolderFactory = (context: Context, permissions: FolderLevelPermissions) => {\n return async (model: CmsModel, entries: CmsEntry[]) => {\n const [folders] = await context.aco.folder.listAll({\n where: {\n type: createFolderType(model)\n }\n });\n\n const results = await Promise.all(\n entries.map(async entry => {\n const folderId = entry.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n const folder = folders.find(folder => folder.id === folderId);\n if (!folder) {\n throw new NotFoundError(`Folder \"${folderId}\" not found.`);\n }\n const result = await permissions.canAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n return result ? entry : null;\n })\n );\n\n return results.filter((entry): entry is CmsEntry => !!entry);\n };\n};\n\ninterface EntryManagerCrudDecoratorsParams {\n context: Context;\n}\n\nexport class CmsEntriesCrudDecorators {\n private readonly context: Context;\n\n public constructor({ context }: EntryManagerCrudDecoratorsParams) {\n this.context = context;\n }\n\n public decorate() {\n const context = this.context;\n const folderLevelPermissions = context.aco.folderLevelPermissions;\n\n const filterEntriesByFolder = filterEntriesByFolderFactory(context, folderLevelPermissions);\n\n const originalCmsListEntries = context.cms.listEntries.bind(context.cms);\n context.cms.listEntries = async (model, params) => {\n const folderType = createFolderType(model);\n const folders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);\n\n const where = createWhere({\n where: params.where,\n folders\n });\n return originalCmsListEntries(model, {\n ...params,\n where\n });\n };\n\n const originalCmsGetEntry = context.cms.getEntry.bind(context.cms);\n context.cms.getEntry = async (model, params) => {\n const entry = await originalCmsGetEntry(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n\n return entry;\n };\n\n const originalCmsGetEntryById = context.cms.getEntryById.bind(context.cms);\n context.cms.getEntryById = async (model, params) => {\n const entry = await originalCmsGetEntryById(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n return entry;\n };\n\n const originalGetLatestEntriesByIds = context.cms.getLatestEntriesByIds.bind(context.cms);\n context.cms.getLatestEntriesByIds = async (model, ids) => {\n const entries = await originalGetLatestEntriesByIds(model, ids);\n\n return filterEntriesByFolder(model, entries);\n };\n\n const originalGetPublishedEntriesByIds = context.cms.getPublishedEntriesByIds.bind(\n context.cms\n );\n context.cms.getPublishedEntriesByIds = async (model, ids) => {\n const entries = await originalGetPublishedEntriesByIds(model, ids);\n return filterEntriesByFolder(model, entries);\n };\n\n const originalCmsCreateEntry = context.cms.createEntry.bind(context.cms);\n context.cms.createEntry = async (model, params, options) => {\n const folderId = params.wbyAco_location?.folderId || params.location?.folderId;\n\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateEntry(model, params, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateEntry(model, params, options);\n };\n\n const originalCmsCreateFromEntry = context.cms.createEntryRevisionFrom.bind(context.cms);\n context.cms.createEntryRevisionFrom = async (model, id, input, options) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateFromEntry(model, id, input, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateFromEntry(model, id, input, options);\n };\n\n const originalCmsUpdateEntry = context.cms.updateEntry.bind(context.cms);\n context.cms.updateEntry = async (model, id, input, meta, options) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsUpdateEntry(model, id, input, meta, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsUpdateEntry(model, id, input, meta, options);\n };\n\n const originalCmsDeleteEntry = context.cms.deleteEntry.bind(context.cms);\n context.cms.deleteEntry = async (model, id, options) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntry(model, id, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntry(model, id, options);\n };\n\n const originalCmsDeleteEntryRevision = context.cms.deleteEntryRevision.bind(context.cms);\n context.cms.deleteEntryRevision = async (model, id) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntryRevision(model, id);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntryRevision(model, id);\n };\n\n const originalCmsMoveEntry = context.cms.moveEntry.bind(context.cms);\n context.cms.moveEntry = async (model, id, targetFolderId) => {\n /**\n * First we need to check if user has access to the entries existing folder.\n */\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n const folderId = entry?.location?.folderId || ROOT_FOLDER;\n /**\n * If the entry is in the same folder we are trying to move it to, just continue.\n */\n if (folderId === targetFolderId) {\n return originalCmsMoveEntry(model, id, targetFolderId);\n } else if (folderId !== ROOT_FOLDER) {\n /**\n * If entry current folder is not a root, check for access\n */\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n /**\n * If target folder is not a ROOT_FOLDER, check for access.\n */\n if (targetFolderId !== ROOT_FOLDER) {\n const folder = await context.aco.folder.get(targetFolderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n\n return originalCmsMoveEntry(model, id, targetFolderId);\n };\n }\n}\n"],"mappings":";;;;;;;;;AAEA,IAAAA,eAAA,GAAAC,OAAA;AAEA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,UAAA,GAAAF,OAAA;AAGA;AACA;AACA;AACA,MAAMG,WAAW,GAAIC,KAAe,IAAc;EAC9C,IAAIA,KAAK,CAACC,OAAO,KAAK,QAAQ,EAAE;IAC5B,OAAO,IAAI;EACf,CAAC,MAAM,IAAID,KAAK,CAACC,OAAO,KAAK,wBAAwB,EAAE;IACnD,OAAO,IAAI;EACf;EACA,OAAO,KAAK;AAChB,CAAC;AAED,MAAMC,gBAAgB,GAAIF,KAAe,IAA4C;EACjF,IAAIA,KAAK,CAACC,OAAO,KAAK,QAAQ,EAAE;IAC5B,OAAO,QAAQ;EACnB,CAAC,MAAM,IAAIF,WAAW,CAACC,KAAK,CAAC,EAAE;IAC3B,OAAO,QAAQ;EACnB;EACA,OAAQ,OAAMA,KAAK,CAACC,OAAQ,EAAC;AACjC,CAAC;AAED,MAAME,4BAA4B,GAAGA,CAACC,OAAgB,EAAEC,WAAmC,KAAK;EAC5F,OAAO,OAAOL,KAAe,EAAEM,OAAmB,KAAK;IACnD,MAAM,CAACC,OAAO,CAAC,GAAG,MAAMH,OAAO,CAACI,GAAG,CAACC,MAAM,CAACC,OAAO,CAAC;MAC/CC,KAAK,EAAE;QACHC,IAAI,EAAEV,gBAAgB,CAACF,KAAK;MAChC;IACJ,CAAC,CAAC;IAEF,MAAMa,OAAO,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BT,OAAO,CAACU,GAAG,CAAC,MAAMC,KAAK,IAAI;MAAA,IAAAC,eAAA;MACvB,MAAMC,QAAQ,IAAAD,eAAA,GAAGD,KAAK,CAACG,QAAQ,cAAAF,eAAA,uBAAdA,eAAA,CAAgBC,QAAQ;MACzC,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOJ,KAAK;MAChB;MACA,MAAMR,MAAM,GAAGF,OAAO,CAACe,IAAI,CAACb,MAAM,IAAIA,MAAM,CAACc,EAAE,KAAKJ,QAAQ,CAAC;MAC7D,IAAI,CAACV,MAAM,EAAE;QACT,MAAM,IAAIe,6BAAa,CAAE,WAAUL,QAAS,cAAa,CAAC;MAC9D;MACA,MAAMM,MAAM,GAAG,MAAMpB,WAAW,CAACqB,sBAAsB,CAAC;QACpDjB,MAAM;QACNkB,GAAG,EAAE;MACT,CAAC,CAAC;MACF,OAAOF,MAAM,GAAGR,KAAK,GAAG,IAAI;IAChC,CAAC,CACL,CAAC;IAED,OAAOJ,OAAO,CAACe,MAAM,CAAEX,KAAK,IAAwB,CAAC,CAACA,KAAK,CAAC;EAChE,CAAC;AACL,CAAC;AAMM,MAAMY,wBAAwB,CAAC;EAG3BC,WAAWA,CAAC;IAAE1B;EAA0C,CAAC,EAAE;IAAA,IAAA2B,gBAAA,CAAAC,OAAA;IAC9D,IAAI,CAAC5B,OAAO,GAAGA,OAAO;EAC1B;EAEO6B,QAAQA,CAAA,EAAG;IACd,MAAM7B,OAAO,GAAG,IAAI,CAACA,OAAO;IAC5B,MAAM8B,sBAAsB,GAAG9B,OAAO,CAACI,GAAG,CAAC0B,sBAAsB;IAEjE,MAAMC,qBAAqB,GAAGhC,4BAA4B,CAACC,OAAO,EAAE8B,sBAAsB,CAAC;IAE3F,MAAME,sBAAsB,GAAGhC,OAAO,CAACiC,GAAG,CAACC,WAAW,CAACC,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IACxEjC,OAAO,CAACiC,GAAG,CAACC,WAAW,GAAG,OAAOtC,KAAK,EAAEwC,MAAM,KAAK;MAC/C,MAAMC,UAAU,GAAGvC,gBAAgB,CAACF,KAAK,CAAC;MAC1C,MAAMO,OAAO,GAAG,MAAM2B,sBAAsB,CAACQ,6BAA6B,CAACD,UAAU,CAAC;MAEtF,MAAM9B,KAAK,GAAG,IAAAgC,kBAAW,EAAC;QACtBhC,KAAK,EAAE6B,MAAM,CAAC7B,KAAK;QACnBJ;MACJ,CAAC,CAAC;MACF,OAAO6B,sBAAsB,CAACpC,KAAK,MAAA4C,cAAA,CAAAZ,OAAA,MAAAY,cAAA,CAAAZ,OAAA,MAC5BQ,MAAM;QACT7B;MAAK,EACR,CAAC;IACN,CAAC;IAED,MAAMkC,mBAAmB,GAAGzC,OAAO,CAACiC,GAAG,CAACS,QAAQ,CAACP,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IAClEjC,OAAO,CAACiC,GAAG,CAACS,QAAQ,GAAG,OAAO9C,KAAK,EAAEwC,MAAM,KAAK;MAAA,IAAAO,gBAAA;MAC5C,MAAM9B,KAAK,GAAG,MAAM4B,mBAAmB,CAAC7C,KAAK,EAAEwC,MAAM,CAAC;MAEtD,MAAMrB,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAA8B,gBAAA,GAAL9B,KAAK,CAAEG,QAAQ,cAAA2B,gBAAA,uBAAfA,gBAAA,CAAiB5B,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOJ,KAAK;MAChB;MAEA,MAAMR,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAAC7B,QAAQ,CAAC;MACrD,MAAMe,sBAAsB,CAACe,4BAA4B,CAAC;QACtDxC,MAAM;QACNkB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOV,KAAK;IAChB,CAAC;IAED,MAAMiC,uBAAuB,GAAG9C,OAAO,CAACiC,GAAG,CAACc,YAAY,CAACZ,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IAC1EjC,OAAO,CAACiC,GAAG,CAACc,YAAY,GAAG,OAAOnD,KAAK,EAAEwC,MAAM,KAAK;MAAA,IAAAY,gBAAA;MAChD,MAAMnC,KAAK,GAAG,MAAMiC,uBAAuB,CAAClD,KAAK,EAAEwC,MAAM,CAAC;MAE1D,MAAMrB,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAAmC,gBAAA,GAALnC,KAAK,CAAEG,QAAQ,cAAAgC,gBAAA,uBAAfA,gBAAA,CAAiBjC,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOJ,KAAK;MAChB;MACA,MAAMR,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAAC7B,QAAQ,CAAC;MACrD,MAAMe,sBAAsB,CAACe,4BAA4B,CAAC;QACtDxC,MAAM;QACNkB,GAAG,EAAE;MACT,CAAC,CAAC;MACF,OAAOV,KAAK;IAChB,CAAC;IAED,MAAMoC,6BAA6B,GAAGjD,OAAO,CAACiC,GAAG,CAACiB,qBAAqB,CAACf,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IACzFjC,OAAO,CAACiC,GAAG,CAACiB,qBAAqB,GAAG,OAAOtD,KAAK,EAAEuD,GAAG,KAAK;MACtD,MAAMjD,OAAO,GAAG,MAAM+C,6BAA6B,CAACrD,KAAK,EAAEuD,GAAG,CAAC;MAE/D,OAAOpB,qBAAqB,CAACnC,KAAK,EAAEM,OAAO,CAAC;IAChD,CAAC;IAED,MAAMkD,gCAAgC,GAAGpD,OAAO,CAACiC,GAAG,CAACoB,wBAAwB,CAAClB,IAAI,CAC9EnC,OAAO,CAACiC,GACZ,CAAC;IACDjC,OAAO,CAACiC,GAAG,CAACoB,wBAAwB,GAAG,OAAOzD,KAAK,EAAEuD,GAAG,KAAK;MACzD,MAAMjD,OAAO,GAAG,MAAMkD,gCAAgC,CAACxD,KAAK,EAAEuD,GAAG,CAAC;MAClE,OAAOpB,qBAAqB,CAACnC,KAAK,EAAEM,OAAO,CAAC;IAChD,CAAC;IAED,MAAMoD,sBAAsB,GAAGtD,OAAO,CAACiC,GAAG,CAACsB,WAAW,CAACpB,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IACxEjC,OAAO,CAACiC,GAAG,CAACsB,WAAW,GAAG,OAAO3D,KAAK,EAAEwC,MAAM,EAAEoB,OAAO,KAAK;MAAA,IAAAC,qBAAA,EAAAC,gBAAA;MACxD,MAAM3C,QAAQ,GAAG,EAAA0C,qBAAA,GAAArB,MAAM,CAACuB,eAAe,cAAAF,qBAAA,uBAAtBA,qBAAA,CAAwB1C,QAAQ,OAAA2C,gBAAA,GAAItB,MAAM,CAACpB,QAAQ,cAAA0C,gBAAA,uBAAfA,gBAAA,CAAiB3C,QAAQ;MAE9E,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOqC,sBAAsB,CAAC1D,KAAK,EAAEwC,MAAM,EAAEoB,OAAO,CAAC;MACzD;MAEA,MAAMnD,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAAC7B,QAAQ,CAAC;MACrD,MAAMe,sBAAsB,CAACe,4BAA4B,CAAC;QACtDxC,MAAM;QACNkB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAO+B,sBAAsB,CAAC1D,KAAK,EAAEwC,MAAM,EAAEoB,OAAO,CAAC;IACzD,CAAC;IAED,MAAMI,0BAA0B,GAAG5D,OAAO,CAACiC,GAAG,CAAC4B,uBAAuB,CAAC1B,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IACxFjC,OAAO,CAACiC,GAAG,CAAC4B,uBAAuB,GAAG,OAAOjE,KAAK,EAAEuB,EAAE,EAAE2C,KAAK,EAAEN,OAAO,KAAK;MAAA,IAAAO,gBAAA;MACvE,MAAMlD,KAAK,GAAG,MAAMb,OAAO,CAACiC,GAAG,CAAC+B,iBAAiB,CAAC9D,OAAO,CAAC+D,eAAe,CAACrE,KAAK,EAAE;QAC7EuB;MACJ,CAAC,CAAC;MAEF,MAAMJ,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAAkD,gBAAA,GAALlD,KAAK,CAAEG,QAAQ,cAAA+C,gBAAA,uBAAfA,gBAAA,CAAiBhD,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAO2C,0BAA0B,CAAChE,KAAK,EAAEuB,EAAE,EAAE2C,KAAK,EAAEN,OAAO,CAAC;MAChE;MAEA,MAAMnD,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAAC7B,QAAQ,CAAC;MACrD,MAAMe,sBAAsB,CAACe,4BAA4B,CAAC;QACtDxC,MAAM;QACNkB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOqC,0BAA0B,CAAChE,KAAK,EAAEuB,EAAE,EAAE2C,KAAK,EAAEN,OAAO,CAAC;IAChE,CAAC;IAED,MAAMU,sBAAsB,GAAGlE,OAAO,CAACiC,GAAG,CAACkC,WAAW,CAAChC,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IACxEjC,OAAO,CAACiC,GAAG,CAACkC,WAAW,GAAG,OAAOvE,KAAK,EAAEuB,EAAE,EAAE2C,KAAK,EAAEM,IAAI,EAAEZ,OAAO,KAAK;MAAA,IAAAa,gBAAA;MACjE,MAAMxD,KAAK,GAAG,MAAMb,OAAO,CAACiC,GAAG,CAAC+B,iBAAiB,CAAC9D,OAAO,CAAC+D,eAAe,CAACrE,KAAK,EAAE;QAC7EuB;MACJ,CAAC,CAAC;MAEF,MAAMJ,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAAwD,gBAAA,GAALxD,KAAK,CAAEG,QAAQ,cAAAqD,gBAAA,uBAAfA,gBAAA,CAAiBtD,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOiD,sBAAsB,CAACtE,KAAK,EAAEuB,EAAE,EAAE2C,KAAK,EAAEM,IAAI,EAAEZ,OAAO,CAAC;MAClE;MAEA,MAAMnD,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAAC7B,QAAQ,CAAC;MACrD,MAAMe,sBAAsB,CAACe,4BAA4B,CAAC;QACtDxC,MAAM;QACNkB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAO2C,sBAAsB,CAACtE,KAAK,EAAEuB,EAAE,EAAE2C,KAAK,EAAEM,IAAI,EAAEZ,OAAO,CAAC;IAClE,CAAC;IAED,MAAMc,sBAAsB,GAAGtE,OAAO,CAACiC,GAAG,CAACsC,WAAW,CAACpC,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IACxEjC,OAAO,CAACiC,GAAG,CAACsC,WAAW,GAAG,OAAO3E,KAAK,EAAEuB,EAAE,EAAEqC,OAAO,KAAK;MAAA,IAAAgB,gBAAA;MACpD,MAAM3D,KAAK,GAAG,MAAMb,OAAO,CAACiC,GAAG,CAAC+B,iBAAiB,CAAC9D,OAAO,CAAC+D,eAAe,CAACrE,KAAK,EAAE;QAC7EuB;MACJ,CAAC,CAAC;MAEF,MAAMJ,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAA2D,gBAAA,GAAL3D,KAAK,CAAEG,QAAQ,cAAAwD,gBAAA,uBAAfA,gBAAA,CAAiBzD,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOqD,sBAAsB,CAAC1E,KAAK,EAAEuB,EAAE,EAAEqC,OAAO,CAAC;MACrD;MAEA,MAAMnD,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAAC7B,QAAQ,CAAC;MACrD,MAAMe,sBAAsB,CAACe,4BAA4B,CAAC;QACtDxC,MAAM;QACNkB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAO+C,sBAAsB,CAAC1E,KAAK,EAAEuB,EAAE,EAAEqC,OAAO,CAAC;IACrD,CAAC;IAED,MAAMiB,8BAA8B,GAAGzE,OAAO,CAACiC,GAAG,CAACyC,mBAAmB,CAACvC,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IACxFjC,OAAO,CAACiC,GAAG,CAACyC,mBAAmB,GAAG,OAAO9E,KAAK,EAAEuB,EAAE,KAAK;MAAA,IAAAwD,gBAAA;MACnD,MAAM9D,KAAK,GAAG,MAAMb,OAAO,CAACiC,GAAG,CAAC+B,iBAAiB,CAAC9D,OAAO,CAAC+D,eAAe,CAACrE,KAAK,EAAE;QAC7EuB;MACJ,CAAC,CAAC;MAEF,MAAMJ,QAAQ,GAAGF,KAAK,aAALA,KAAK,gBAAA8D,gBAAA,GAAL9D,KAAK,CAAEG,QAAQ,cAAA2D,gBAAA,uBAAfA,gBAAA,CAAiB5D,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOwD,8BAA8B,CAAC7E,KAAK,EAAEuB,EAAE,CAAC;MACpD;MAEA,MAAMd,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAAC7B,QAAQ,CAAC;MACrD,MAAMe,sBAAsB,CAACe,4BAA4B,CAAC;QACtDxC,MAAM;QACNkB,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOkD,8BAA8B,CAAC7E,KAAK,EAAEuB,EAAE,CAAC;IACpD,CAAC;IAED,MAAMyD,oBAAoB,GAAG5E,OAAO,CAACiC,GAAG,CAAC4C,SAAS,CAAC1C,IAAI,CAACnC,OAAO,CAACiC,GAAG,CAAC;IACpEjC,OAAO,CAACiC,GAAG,CAAC4C,SAAS,GAAG,OAAOjF,KAAK,EAAEuB,EAAE,EAAE2D,cAAc,KAAK;MAAA,IAAAC,gBAAA;MACzD;AACZ;AACA;MACY,MAAMlE,KAAK,GAAG,MAAMb,OAAO,CAACiC,GAAG,CAAC+B,iBAAiB,CAAC9D,OAAO,CAAC+D,eAAe,CAACrE,KAAK,EAAE;QAC7EuB;MACJ,CAAC,CAAC;MACF,MAAMJ,QAAQ,GAAG,CAAAF,KAAK,aAALA,KAAK,gBAAAkE,gBAAA,GAALlE,KAAK,CAAEG,QAAQ,cAAA+D,gBAAA,uBAAfA,gBAAA,CAAiBhE,QAAQ,KAAIE,sBAAW;MACzD;AACZ;AACA;MACY,IAAIF,QAAQ,KAAK+D,cAAc,EAAE;QAC7B,OAAOF,oBAAoB,CAAChF,KAAK,EAAEuB,EAAE,EAAE2D,cAAc,CAAC;MAC1D,CAAC,MAAM,IAAI/D,QAAQ,KAAKE,sBAAW,EAAE;QACjC;AAChB;AACA;QACgB,MAAMZ,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAAC7B,QAAQ,CAAC;QACrD,MAAMe,sBAAsB,CAACe,4BAA4B,CAAC;UACtDxC,MAAM;UACNkB,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MACA;AACZ;AACA;MACY,IAAIuD,cAAc,KAAK7D,sBAAW,EAAE;QAChC,MAAMZ,MAAM,GAAG,MAAML,OAAO,CAACI,GAAG,CAACC,MAAM,CAACuC,GAAG,CAACkC,cAAc,CAAC;QAC3D,MAAMhD,sBAAsB,CAACe,4BAA4B,CAAC;UACtDxC,MAAM;UACNkB,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MAEA,OAAOqD,oBAAoB,CAAChF,KAAK,EAAEuB,EAAE,EAAE2D,cAAc,CAAC;IAC1D,CAAC;EACL;AACJ;AAACE,OAAA,CAAAvD,wBAAA,GAAAA,wBAAA"}
package/utils/decorators/constants.d.ts ADDED
@@ -0,0 +1 @@
1
+ export declare const ROOT_FOLDER = "root";
package/utils/decorators/constants.js ADDED
@@ -0,0 +1,10 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.ROOT_FOLDER = void 0;
7
+ const ROOT_FOLDER = "root";
8
+ exports.ROOT_FOLDER = ROOT_FOLDER;
9
+
10
+ //# sourceMappingURL=constants.js.map
package/utils/decorators/constants.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["ROOT_FOLDER","exports"],"sources":["constants.ts"],"sourcesContent":["export const ROOT_FOLDER = \"root\";\n"],"mappings":";;;;;;AAAO,MAAMA,WAAW,GAAG,MAAM;AAACC,OAAA,CAAAD,WAAA,GAAAA,WAAA"}
package/utils/decorators/where.d.ts ADDED
@@ -0,0 +1,14 @@
1
+ import { CmsEntryListWhere } from "@webiny/api-headless-cms/types";
2
+ import { Folder } from "../../folder/folder.types";
3
+ interface Params {
4
+ where: CmsEntryListWhere | undefined;
5
+ folders: Folder[];
6
+ }
7
+ /**
8
+ * There are multiple cases that we need to handle:
9
+ * * existing location with no AND conditional
10
+ * * existing location with AND conditional
11
+ * * no existing location with no AND conditional + with AND conditional
12
+ */
13
+ export declare const createWhere: (params: Params) => CmsEntryListWhere | undefined;
14
+ export {};
package/utils/decorators/where.js ADDED
@@ -0,0 +1,45 @@
1
+ "use strict";
2
+
3
+ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
4
+ Object.defineProperty(exports, "__esModule", {
5
+ value: true
6
+ });
7
+ exports.createWhere = void 0;
8
+ var _objectSpread2 = _interopRequireDefault(require("@babel/runtime/helpers/objectSpread2"));
9
+ var _constants = require("./constants");
10
+ /**
11
+ * There are multiple cases that we need to handle:
12
+ * * existing location with no AND conditional
13
+ * * existing location with AND conditional
14
+ * * no existing location with no AND conditional + with AND conditional
15
+ */
16
+ const createWhere = params => {
17
+ const {
18
+ where,
19
+ folders
20
+ } = params;
21
+ if (!where) {
22
+ return undefined;
23
+ }
24
+ const whereLocation = {
25
+ wbyAco_location: {
26
+ // At the moment, all users can access entries in the root folder.
27
+ // Root folder level permissions cannot be set yet.
28
+ folderId_in: [_constants.ROOT_FOLDER, ...folders.map(folder => folder.id)]
29
+ }
30
+ };
31
+ const whereAnd = where.AND;
32
+ if (where.wbyAco_location && !whereAnd) {
33
+ return (0, _objectSpread2.default)((0, _objectSpread2.default)({}, where), {}, {
34
+ AND: [(0, _objectSpread2.default)({}, whereLocation)]
35
+ });
36
+ } else if (where.wbyAco_location && whereAnd) {
37
+ return (0, _objectSpread2.default)((0, _objectSpread2.default)({}, where), {}, {
38
+ AND: [(0, _objectSpread2.default)({}, whereLocation), ...whereAnd]
39
+ });
40
+ }
41
+ return (0, _objectSpread2.default)((0, _objectSpread2.default)({}, where), whereLocation);
42
+ };
43
+ exports.createWhere = createWhere;
44
+
45
+ //# sourceMappingURL=where.js.map
package/utils/decorators/where.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_constants","require","createWhere","params","where","folders","undefined","whereLocation","wbyAco_location","folderId_in","ROOT_FOLDER","map","folder","id","whereAnd","AND","_objectSpread2","default","exports"],"sources":["where.ts"],"sourcesContent":["import { CmsEntryListWhere } from \"@webiny/api-headless-cms/types\";\nimport { Folder } from \"~/folder/folder.types\";\nimport { ROOT_FOLDER } from \"./constants\";\n\ninterface Params {\n where: CmsEntryListWhere | undefined;\n folders: Folder[];\n}\n\n/**\n * There are multiple cases that we need to handle:\n * * existing location with no AND conditional\n * * existing location with AND conditional\n * * no existing location with no AND conditional + with AND conditional\n */\nexport const createWhere = (params: Params): CmsEntryListWhere | undefined => {\n const { where, folders } = params;\n if (!where) {\n return undefined;\n }\n const whereLocation = {\n wbyAco_location: {\n // At the moment, all users can access entries in the root folder.\n // Root folder level permissions cannot be set yet.\n folderId_in: [ROOT_FOLDER, ...folders.map(folder => folder.id)]\n }\n };\n const whereAnd = where.AND;\n if (where.wbyAco_location && !whereAnd) {\n return {\n ...where,\n AND: [\n {\n ...whereLocation\n }\n ]\n };\n } else if (where.wbyAco_location && whereAnd) {\n return {\n ...where,\n AND: [\n {\n ...whereLocation\n },\n ...whereAnd\n ]\n };\n }\n return {\n ...where,\n ...whereLocation\n };\n};\n"],"mappings":";;;;;;;;AAEA,IAAAA,UAAA,GAAAC,OAAA;AAOA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,WAAW,GAAIC,MAAc,IAAoC;EAC1E,MAAM;IAAEC,KAAK;IAAEC;EAAQ,CAAC,GAAGF,MAAM;EACjC,IAAI,CAACC,KAAK,EAAE;IACR,OAAOE,SAAS;EACpB;EACA,MAAMC,aAAa,GAAG;IAClBC,eAAe,EAAE;MACb;MACA;MACAC,WAAW,EAAE,CAACC,sBAAW,EAAE,GAAGL,OAAO,CAACM,GAAG,CAACC,MAAM,IAAIA,MAAM,CAACC,EAAE,CAAC;IAClE;EACJ,CAAC;EACD,MAAMC,QAAQ,GAAGV,KAAK,CAACW,GAAG;EAC1B,IAAIX,KAAK,CAACI,eAAe,IAAI,CAACM,QAAQ,EAAE;IACpC,WAAAE,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACOb,KAAK;MACRW,GAAG,EAAE,KAAAC,cAAA,CAAAC,OAAA,MAEMV,aAAa;IAEvB;EAET,CAAC,MAAM,IAAIH,KAAK,CAACI,eAAe,IAAIM,QAAQ,EAAE;IAC1C,WAAAE,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACOb,KAAK;MACRW,GAAG,EAAE,KAAAC,cAAA,CAAAC,OAAA,MAEMV,aAAa,GAEpB,GAAGO,QAAQ;IACd;EAET;EACA,WAAAE,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACOb,KAAK,GACLG,aAAa;AAExB,CAAC;AAACW,OAAA,CAAAhB,WAAA,GAAAA,WAAA"}