@webiny/api-aco 5.39.2-beta.0 → 5.39.2-beta.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +25 -25
- package/utils/decorators/CmsEntriesCrudDecorators.js +51 -100
- package/utils/decorators/CmsEntriesCrudDecorators.js.map +1 -1
- package/utils/decorators/decorateIfModelAuthorizationEnabled.d.ts +23 -0
- package/utils/decorators/decorateIfModelAuthorizationEnabled.js +47 -0
- package/utils/decorators/decorateIfModelAuthorizationEnabled.js.map +1 -0
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@webiny/api-aco",
|
|
3
|
-
"version": "5.39.2-beta.
|
|
3
|
+
"version": "5.39.2-beta.2",
|
|
4
4
|
"main": "index.js",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"aco:base"
|
|
@@ -22,18 +22,18 @@
|
|
|
22
22
|
"directory": "dist"
|
|
23
23
|
},
|
|
24
24
|
"dependencies": {
|
|
25
|
-
"@webiny/api": "5.39.2-beta.
|
|
26
|
-
"@webiny/api-authentication": "5.39.2-beta.
|
|
27
|
-
"@webiny/api-headless-cms": "5.39.2-beta.
|
|
28
|
-
"@webiny/api-i18n": "5.39.2-beta.
|
|
29
|
-
"@webiny/api-security": "5.39.2-beta.
|
|
30
|
-
"@webiny/api-tenancy": "5.39.2-beta.
|
|
31
|
-
"@webiny/error": "5.39.2-beta.
|
|
32
|
-
"@webiny/handler": "5.39.2-beta.
|
|
33
|
-
"@webiny/handler-graphql": "5.39.2-beta.
|
|
34
|
-
"@webiny/pubsub": "5.39.2-beta.
|
|
35
|
-
"@webiny/utils": "5.39.2-beta.
|
|
36
|
-
"@webiny/validation": "5.39.2-beta.
|
|
25
|
+
"@webiny/api": "5.39.2-beta.2",
|
|
26
|
+
"@webiny/api-authentication": "5.39.2-beta.2",
|
|
27
|
+
"@webiny/api-headless-cms": "5.39.2-beta.2",
|
|
28
|
+
"@webiny/api-i18n": "5.39.2-beta.2",
|
|
29
|
+
"@webiny/api-security": "5.39.2-beta.2",
|
|
30
|
+
"@webiny/api-tenancy": "5.39.2-beta.2",
|
|
31
|
+
"@webiny/error": "5.39.2-beta.2",
|
|
32
|
+
"@webiny/handler": "5.39.2-beta.2",
|
|
33
|
+
"@webiny/handler-graphql": "5.39.2-beta.2",
|
|
34
|
+
"@webiny/pubsub": "5.39.2-beta.2",
|
|
35
|
+
"@webiny/utils": "5.39.2-beta.2",
|
|
36
|
+
"@webiny/validation": "5.39.2-beta.2",
|
|
37
37
|
"lodash": "4.17.21"
|
|
38
38
|
},
|
|
39
39
|
"devDependencies": {
|
|
@@ -43,22 +43,22 @@
|
|
|
43
43
|
"@babel/preset-typescript": "7.22.5",
|
|
44
44
|
"@babel/runtime": "7.22.6",
|
|
45
45
|
"@types/ungap__structured-clone": "0.3.0",
|
|
46
|
-
"@webiny/api-admin-users": "5.39.2-beta.
|
|
47
|
-
"@webiny/api-file-manager": "5.39.2-beta.
|
|
48
|
-
"@webiny/api-i18n-ddb": "5.39.2-beta.
|
|
49
|
-
"@webiny/api-security-so-ddb": "5.39.2-beta.
|
|
50
|
-
"@webiny/api-tenancy-so-ddb": "5.39.2-beta.
|
|
51
|
-
"@webiny/api-wcp": "5.39.2-beta.
|
|
52
|
-
"@webiny/cli": "5.39.2-beta.
|
|
53
|
-
"@webiny/handler-aws": "5.39.2-beta.
|
|
54
|
-
"@webiny/plugins": "5.39.2-beta.
|
|
55
|
-
"@webiny/project-utils": "5.39.2-beta.
|
|
56
|
-
"@webiny/wcp": "5.39.2-beta.
|
|
46
|
+
"@webiny/api-admin-users": "5.39.2-beta.2",
|
|
47
|
+
"@webiny/api-file-manager": "5.39.2-beta.2",
|
|
48
|
+
"@webiny/api-i18n-ddb": "5.39.2-beta.2",
|
|
49
|
+
"@webiny/api-security-so-ddb": "5.39.2-beta.2",
|
|
50
|
+
"@webiny/api-tenancy-so-ddb": "5.39.2-beta.2",
|
|
51
|
+
"@webiny/api-wcp": "5.39.2-beta.2",
|
|
52
|
+
"@webiny/cli": "5.39.2-beta.2",
|
|
53
|
+
"@webiny/handler-aws": "5.39.2-beta.2",
|
|
54
|
+
"@webiny/plugins": "5.39.2-beta.2",
|
|
55
|
+
"@webiny/project-utils": "5.39.2-beta.2",
|
|
56
|
+
"@webiny/wcp": "5.39.2-beta.2",
|
|
57
57
|
"graphql": "15.8.0",
|
|
58
58
|
"prettier": "2.8.8",
|
|
59
59
|
"rimraf": "3.0.2",
|
|
60
60
|
"ttypescript": "1.5.15",
|
|
61
61
|
"typescript": "4.7.4"
|
|
62
62
|
},
|
|
63
|
-
"gitHead": "
|
|
63
|
+
"gitHead": "edf1e563ff0739471ead8113b38ece5bbbe1ab0f"
|
|
64
64
|
}
|
|
@@ -8,6 +8,7 @@ var _where = require("./where");
|
|
|
8
8
|
var _constants = require("./constants");
|
|
9
9
|
var _filterEntriesByFolderFactory = require("./filterEntriesByFolderFactory");
|
|
10
10
|
var _createFolderType = require("./createFolderType");
|
|
11
|
+
var _decorateIfModelAuthorizationEnabled = require("./decorateIfModelAuthorizationEnabled");
|
|
11
12
|
class CmsEntriesCrudDecorators {
|
|
12
13
|
constructor({
|
|
13
14
|
context
|
|
@@ -18,18 +19,8 @@ class CmsEntriesCrudDecorators {
|
|
|
18
19
|
const context = this.context;
|
|
19
20
|
const folderLevelPermissions = context.aco.folderLevelPermissions;
|
|
20
21
|
const filterEntriesByFolder = (0, _filterEntriesByFolderFactory.filterEntriesByFolderFactory)(context, folderLevelPermissions);
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
return model?.authorization?.flp === false;
|
|
24
|
-
}
|
|
25
|
-
return model.authorization === false;
|
|
26
|
-
};
|
|
27
|
-
const originalCmsListEntries = context.cms.listEntries.bind(context.cms);
|
|
28
|
-
context.cms.listEntries = async (...allParams) => {
|
|
29
|
-
const [model, params] = allParams;
|
|
30
|
-
if (modelAuthorizationDisabled(model)) {
|
|
31
|
-
return originalCmsListEntries(...allParams);
|
|
32
|
-
}
|
|
22
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "listEntries", async (...allParams) => {
|
|
23
|
+
const [decoratee, model, params] = allParams;
|
|
33
24
|
const folderType = (0, _createFolderType.createFolderType)(model);
|
|
34
25
|
const folders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);
|
|
35
26
|
const where = (0, _where.createWhere)({
|
|
@@ -37,18 +28,14 @@ class CmsEntriesCrudDecorators {
|
|
|
37
28
|
where: params.where,
|
|
38
29
|
folders
|
|
39
30
|
});
|
|
40
|
-
return
|
|
31
|
+
return decoratee(model, {
|
|
41
32
|
...params,
|
|
42
33
|
where
|
|
43
34
|
});
|
|
44
|
-
};
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
const
|
|
48
|
-
if (modelAuthorizationDisabled(model)) {
|
|
49
|
-
return originalCmsGetEntry(...allParams);
|
|
50
|
-
}
|
|
51
|
-
const entry = await originalCmsGetEntry(model, params);
|
|
35
|
+
});
|
|
36
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "getEntry", async (...allParams) => {
|
|
37
|
+
const [decoratee, model, params] = allParams;
|
|
38
|
+
const entry = await decoratee(model, params);
|
|
52
39
|
const folderId = entry?.location?.folderId;
|
|
53
40
|
if (!folderId || folderId === _constants.ROOT_FOLDER) {
|
|
54
41
|
return entry;
|
|
@@ -59,14 +46,10 @@ class CmsEntriesCrudDecorators {
|
|
|
59
46
|
rwd: "r"
|
|
60
47
|
});
|
|
61
48
|
return entry;
|
|
62
|
-
};
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
const
|
|
66
|
-
if (modelAuthorizationDisabled(model)) {
|
|
67
|
-
return originalCmsGetEntryById(...allParams);
|
|
68
|
-
}
|
|
69
|
-
const entry = await originalCmsGetEntryById(model, params);
|
|
49
|
+
});
|
|
50
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "getEntryById", async (...allParams) => {
|
|
51
|
+
const [decoratee, model, params] = allParams;
|
|
52
|
+
const entry = await decoratee(model, params);
|
|
70
53
|
const folderId = entry?.location?.folderId;
|
|
71
54
|
if (!folderId || folderId === _constants.ROOT_FOLDER) {
|
|
72
55
|
return entry;
|
|
@@ -77,128 +60,96 @@ class CmsEntriesCrudDecorators {
|
|
|
77
60
|
rwd: "r"
|
|
78
61
|
});
|
|
79
62
|
return entry;
|
|
80
|
-
};
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
const
|
|
84
|
-
if (modelAuthorizationDisabled(model)) {
|
|
85
|
-
return originalGetLatestEntriesByIds(...allParams);
|
|
86
|
-
}
|
|
87
|
-
const entries = await originalGetLatestEntriesByIds(model, ids);
|
|
63
|
+
});
|
|
64
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "getLatestEntriesByIds", async (...allParams) => {
|
|
65
|
+
const [decoratee, model, ids] = allParams;
|
|
66
|
+
const entries = await decoratee(model, ids);
|
|
88
67
|
return filterEntriesByFolder(model, entries);
|
|
89
|
-
};
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
const
|
|
93
|
-
if (modelAuthorizationDisabled(model)) {
|
|
94
|
-
return originalGetPublishedEntriesByIds(...allParams);
|
|
95
|
-
}
|
|
96
|
-
const entries = await originalGetPublishedEntriesByIds(model, ids);
|
|
68
|
+
});
|
|
69
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "getPublishedEntriesByIds", async (...allParams) => {
|
|
70
|
+
const [decoratee, model, ids] = allParams;
|
|
71
|
+
const entries = await decoratee(model, ids);
|
|
97
72
|
return filterEntriesByFolder(model, entries);
|
|
98
|
-
};
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
const [model, params, options] = allParams;
|
|
102
|
-
if (modelAuthorizationDisabled(model)) {
|
|
103
|
-
return originalCmsCreateEntry(...allParams);
|
|
104
|
-
}
|
|
73
|
+
});
|
|
74
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "createEntry", async (...allParams) => {
|
|
75
|
+
const [decoratee, model, params, options] = allParams;
|
|
105
76
|
const folderId = params.wbyAco_location?.folderId || params.location?.folderId;
|
|
106
77
|
if (!folderId || folderId === _constants.ROOT_FOLDER) {
|
|
107
|
-
return
|
|
78
|
+
return decoratee(model, params, options);
|
|
108
79
|
}
|
|
109
80
|
const folder = await context.aco.folder.get(folderId);
|
|
110
81
|
await folderLevelPermissions.ensureCanAccessFolderContent({
|
|
111
82
|
folder,
|
|
112
83
|
rwd: "w"
|
|
113
84
|
});
|
|
114
|
-
return
|
|
115
|
-
};
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
const [model, id, input, options] = allParams;
|
|
119
|
-
if (modelAuthorizationDisabled(model)) {
|
|
120
|
-
return originalCmsCreateFromEntry(...allParams);
|
|
121
|
-
}
|
|
85
|
+
return decoratee(model, params, options);
|
|
86
|
+
});
|
|
87
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "createEntryRevisionFrom", async (...allParams) => {
|
|
88
|
+
const [decoratee, model, id, input, options] = allParams;
|
|
122
89
|
const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
|
|
123
90
|
id
|
|
124
91
|
});
|
|
125
92
|
const folderId = entry?.location?.folderId;
|
|
126
93
|
if (!folderId || folderId === _constants.ROOT_FOLDER) {
|
|
127
|
-
return
|
|
94
|
+
return decoratee(model, id, input, options);
|
|
128
95
|
}
|
|
129
96
|
const folder = await context.aco.folder.get(folderId);
|
|
130
97
|
await folderLevelPermissions.ensureCanAccessFolderContent({
|
|
131
98
|
folder,
|
|
132
99
|
rwd: "w"
|
|
133
100
|
});
|
|
134
|
-
return
|
|
135
|
-
};
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
const [model, id, input, meta, options] = allParams;
|
|
139
|
-
if (modelAuthorizationDisabled(model)) {
|
|
140
|
-
return originalCmsUpdateEntry(...allParams);
|
|
141
|
-
}
|
|
101
|
+
return decoratee(model, id, input, options);
|
|
102
|
+
});
|
|
103
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "updateEntry", async (...allParams) => {
|
|
104
|
+
const [decoratee, model, id, input, meta, options] = allParams;
|
|
142
105
|
const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
|
|
143
106
|
id
|
|
144
107
|
});
|
|
145
108
|
const folderId = entry?.location?.folderId;
|
|
146
109
|
if (!folderId || folderId === _constants.ROOT_FOLDER) {
|
|
147
|
-
return
|
|
110
|
+
return decoratee(model, id, input, meta, options);
|
|
148
111
|
}
|
|
149
112
|
const folder = await context.aco.folder.get(folderId);
|
|
150
113
|
await folderLevelPermissions.ensureCanAccessFolderContent({
|
|
151
114
|
folder,
|
|
152
115
|
rwd: "w"
|
|
153
116
|
});
|
|
154
|
-
return
|
|
155
|
-
};
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
const [model, id, options] = allParams;
|
|
159
|
-
if (modelAuthorizationDisabled(model)) {
|
|
160
|
-
return originalCmsDeleteEntry(...allParams);
|
|
161
|
-
}
|
|
117
|
+
return decoratee(model, id, input, meta, options);
|
|
118
|
+
});
|
|
119
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "deleteEntry", async (...allParams) => {
|
|
120
|
+
const [decoratee, model, id, options] = allParams;
|
|
162
121
|
const entry = await context.cms.storageOperations.entries.getLatestRevisionByEntryId(model, {
|
|
163
122
|
id
|
|
164
123
|
});
|
|
165
124
|
const folderId = entry?.location?.folderId;
|
|
166
125
|
if (!folderId || folderId === _constants.ROOT_FOLDER) {
|
|
167
|
-
return
|
|
126
|
+
return decoratee(model, id, options);
|
|
168
127
|
}
|
|
169
128
|
const folder = await context.aco.folder.get(folderId);
|
|
170
129
|
await folderLevelPermissions.ensureCanAccessFolderContent({
|
|
171
130
|
folder,
|
|
172
131
|
rwd: "d"
|
|
173
132
|
});
|
|
174
|
-
return
|
|
175
|
-
};
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
const [model, id] = allParams;
|
|
179
|
-
if (modelAuthorizationDisabled(model)) {
|
|
180
|
-
return originalCmsDeleteEntryRevision(...allParams);
|
|
181
|
-
}
|
|
133
|
+
return decoratee(model, id, options);
|
|
134
|
+
});
|
|
135
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "deleteEntryRevision", async (...allParams) => {
|
|
136
|
+
const [decoratee, model, id] = allParams;
|
|
182
137
|
const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
|
|
183
138
|
id
|
|
184
139
|
});
|
|
185
140
|
const folderId = entry?.location?.folderId;
|
|
186
141
|
if (!folderId || folderId === _constants.ROOT_FOLDER) {
|
|
187
|
-
return
|
|
142
|
+
return decoratee(model, id);
|
|
188
143
|
}
|
|
189
144
|
const folder = await context.aco.folder.get(folderId);
|
|
190
145
|
await folderLevelPermissions.ensureCanAccessFolderContent({
|
|
191
146
|
folder,
|
|
192
147
|
rwd: "d"
|
|
193
148
|
});
|
|
194
|
-
return
|
|
195
|
-
};
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
const [model, id, targetFolderId] = allParams;
|
|
199
|
-
if (modelAuthorizationDisabled(model)) {
|
|
200
|
-
return originalCmsMoveEntry(...allParams);
|
|
201
|
-
}
|
|
149
|
+
return decoratee(model, id);
|
|
150
|
+
});
|
|
151
|
+
(0, _decorateIfModelAuthorizationEnabled.decorateIfModelAuthorizationEnabled)(context.cms, "moveEntry", async (...allParams) => {
|
|
152
|
+
const [decoratee, model, id, targetFolderId] = allParams;
|
|
202
153
|
|
|
203
154
|
/**
|
|
204
155
|
* First we need to check if user has access to the entries existing folder.
|
|
@@ -211,7 +162,7 @@ class CmsEntriesCrudDecorators {
|
|
|
211
162
|
* If the entry is in the same folder we are trying to move it to, just continue.
|
|
212
163
|
*/
|
|
213
164
|
if (folderId === targetFolderId) {
|
|
214
|
-
return
|
|
165
|
+
return decoratee(model, id, targetFolderId);
|
|
215
166
|
} else if (folderId !== _constants.ROOT_FOLDER) {
|
|
216
167
|
/**
|
|
217
168
|
* If entry current folder is not a root, check for access
|
|
@@ -232,8 +183,8 @@ class CmsEntriesCrudDecorators {
|
|
|
232
183
|
rwd: "w"
|
|
233
184
|
});
|
|
234
185
|
}
|
|
235
|
-
return
|
|
236
|
-
};
|
|
186
|
+
return decoratee(model, id, targetFolderId);
|
|
187
|
+
});
|
|
237
188
|
}
|
|
238
189
|
}
|
|
239
190
|
exports.CmsEntriesCrudDecorators = CmsEntriesCrudDecorators;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_where","require","_constants","_filterEntriesByFolderFactory","_createFolderType","CmsEntriesCrudDecorators","constructor","context","decorate","folderLevelPermissions","aco","filterEntriesByFolder","filterEntriesByFolderFactory","modelAuthorizationDisabled","model","authorization","flp","originalCmsListEntries","cms","listEntries","bind","allParams","params","folderType","createFolderType","folders","listAllFoldersWithPermissions","where","createWhere","originalCmsGetEntry","getEntry","entry","folderId","location","ROOT_FOLDER","folder","get","ensureCanAccessFolderContent","rwd","originalCmsGetEntryById","getEntryById","originalGetLatestEntriesByIds","getLatestEntriesByIds","ids","entries","originalGetPublishedEntriesByIds","getPublishedEntriesByIds","originalCmsCreateEntry","createEntry","options","wbyAco_location","originalCmsCreateFromEntry","createEntryRevisionFrom","id","input","storageOperations","getRevisionById","originalCmsUpdateEntry","updateEntry","meta","originalCmsDeleteEntry","deleteEntry","getLatestRevisionByEntryId","originalCmsDeleteEntryRevision","deleteEntryRevision","originalCmsMoveEntry","moveEntry","targetFolderId","exports"],"sources":["CmsEntriesCrudDecorators.ts"],"sourcesContent":["import { AcoContext } from \"~/types\";\nimport { createWhere } from \"./where\";\nimport { ROOT_FOLDER } from \"./constants\";\nimport { filterEntriesByFolderFactory } from \"./filterEntriesByFolderFactory\";\nimport { createFolderType } from \"./createFolderType\";\nimport { CmsModel } from \"@webiny/api-headless-cms/types\";\n\ntype Context = Pick<AcoContext, \"aco\" | \"cms\">;\n\ninterface EntryManagerCrudDecoratorsParams {\n context: Context;\n}\n\nexport class CmsEntriesCrudDecorators {\n private readonly context: Context;\n\n public constructor({ context }: EntryManagerCrudDecoratorsParams) {\n this.context = context;\n }\n\n public decorate() {\n const context = this.context;\n const folderLevelPermissions = context.aco.folderLevelPermissions;\n\n const filterEntriesByFolder = filterEntriesByFolderFactory(context, folderLevelPermissions);\n\n const modelAuthorizationDisabled = (model: CmsModel) => {\n if (typeof model.authorization === \"object\") {\n return model?.authorization?.flp === false;\n }\n\n return model.authorization === false;\n };\n\n const originalCmsListEntries = context.cms.listEntries.bind(context.cms);\n context.cms.listEntries = async (...allParams) => {\n const [model, params] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsListEntries(...allParams);\n }\n\n const folderType = createFolderType(model);\n const folders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);\n\n const where = createWhere({\n model,\n where: params.where,\n folders\n });\n return originalCmsListEntries(model, {\n ...params,\n where\n });\n };\n\n const originalCmsGetEntry = context.cms.getEntry.bind(context.cms);\n context.cms.getEntry = async (...allParams) => {\n const [model, params] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsGetEntry(...allParams);\n }\n\n const entry = await originalCmsGetEntry(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n\n return entry;\n };\n\n const originalCmsGetEntryById = context.cms.getEntryById.bind(context.cms);\n context.cms.getEntryById = async (...allParams) => {\n const [model, params] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsGetEntryById(...allParams);\n }\n\n const entry = await originalCmsGetEntryById(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n return entry;\n };\n\n const originalGetLatestEntriesByIds = context.cms.getLatestEntriesByIds.bind(context.cms);\n context.cms.getLatestEntriesByIds = async (...allParams) => {\n const [model, ids] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalGetLatestEntriesByIds(...allParams);\n }\n\n const entries = await originalGetLatestEntriesByIds(model, ids);\n\n return filterEntriesByFolder(model, entries);\n };\n\n const originalGetPublishedEntriesByIds = context.cms.getPublishedEntriesByIds.bind(\n context.cms\n );\n context.cms.getPublishedEntriesByIds = async (...allParams) => {\n const [model, ids] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalGetPublishedEntriesByIds(...allParams);\n }\n\n const entries = await originalGetPublishedEntriesByIds(model, ids);\n return filterEntriesByFolder(model, entries);\n };\n\n const originalCmsCreateEntry = context.cms.createEntry.bind(context.cms);\n context.cms.createEntry = async (...allParams) => {\n const [model, params, options] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsCreateEntry(...allParams);\n }\n\n const folderId = params.wbyAco_location?.folderId || params.location?.folderId;\n\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateEntry(model, params, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateEntry(model, params, options);\n };\n\n const originalCmsCreateFromEntry = context.cms.createEntryRevisionFrom.bind(context.cms);\n context.cms.createEntryRevisionFrom = async (...allParams) => {\n const [model, id, input, options] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsCreateFromEntry(...allParams);\n }\n\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateFromEntry(model, id, input, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateFromEntry(model, id, input, options);\n };\n\n const originalCmsUpdateEntry = context.cms.updateEntry.bind(context.cms);\n context.cms.updateEntry = async (...allParams) => {\n const [model, id, input, meta, options] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsUpdateEntry(...allParams);\n }\n\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsUpdateEntry(model, id, input, meta, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsUpdateEntry(model, id, input, meta, options);\n };\n\n const originalCmsDeleteEntry = context.cms.deleteEntry.bind(context.cms);\n context.cms.deleteEntry = async (...allParams) => {\n const [model, id, options] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsDeleteEntry(...allParams);\n }\n\n const entry = await context.cms.storageOperations.entries.getLatestRevisionByEntryId(\n model,\n {\n id\n }\n );\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntry(model, id, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntry(model, id, options);\n };\n\n const originalCmsDeleteEntryRevision = context.cms.deleteEntryRevision.bind(context.cms);\n context.cms.deleteEntryRevision = async (...allParams) => {\n const [model, id] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsDeleteEntryRevision(...allParams);\n }\n\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntryRevision(model, id);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntryRevision(model, id);\n };\n\n const originalCmsMoveEntry = context.cms.moveEntry.bind(context.cms);\n context.cms.moveEntry = async (...allParams) => {\n const [model, id, targetFolderId] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsMoveEntry(...allParams);\n }\n\n /**\n * First we need to check if user has access to the entries existing folder.\n */\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId || ROOT_FOLDER;\n /**\n * If the entry is in the same folder we are trying to move it to, just continue.\n */\n if (folderId === targetFolderId) {\n return originalCmsMoveEntry(model, id, targetFolderId);\n } else if (folderId !== ROOT_FOLDER) {\n /**\n * If entry current folder is not a root, check for access\n */\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n /**\n * If target folder is not a ROOT_FOLDER, check for access.\n */\n if (targetFolderId !== ROOT_FOLDER) {\n const folder = await context.aco.folder.get(targetFolderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n\n return originalCmsMoveEntry(model, id, targetFolderId);\n };\n }\n}\n"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,6BAAA,GAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AASO,MAAMI,wBAAwB,CAAC;EAG3BC,WAAWA,CAAC;IAAEC;EAA0C,CAAC,EAAE;IAC9D,IAAI,CAACA,OAAO,GAAGA,OAAO;EAC1B;EAEOC,QAAQA,CAAA,EAAG;IACd,MAAMD,OAAO,GAAG,IAAI,CAACA,OAAO;IAC5B,MAAME,sBAAsB,GAAGF,OAAO,CAACG,GAAG,CAACD,sBAAsB;IAEjE,MAAME,qBAAqB,GAAG,IAAAC,0DAA4B,EAACL,OAAO,EAAEE,sBAAsB,CAAC;IAE3F,MAAMI,0BAA0B,GAAIC,KAAe,IAAK;MACpD,IAAI,OAAOA,KAAK,CAACC,aAAa,KAAK,QAAQ,EAAE;QACzC,OAAOD,KAAK,EAAEC,aAAa,EAAEC,GAAG,KAAK,KAAK;MAC9C;MAEA,OAAOF,KAAK,CAACC,aAAa,KAAK,KAAK;IACxC,CAAC;IAED,MAAME,sBAAsB,GAAGV,OAAO,CAACW,GAAG,CAACC,WAAW,CAACC,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxEX,OAAO,CAACW,GAAG,CAACC,WAAW,GAAG,OAAO,GAAGE,SAAS,KAAK;MAC9C,MAAM,CAACP,KAAK,EAAEQ,MAAM,CAAC,GAAGD,SAAS;MACjC,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOG,sBAAsB,CAAC,GAAGI,SAAS,CAAC;MAC/C;MAEA,MAAME,UAAU,GAAG,IAAAC,kCAAgB,EAACV,KAAK,CAAC;MAC1C,MAAMW,OAAO,GAAG,MAAMhB,sBAAsB,CAACiB,6BAA6B,CAACH,UAAU,CAAC;MAEtF,MAAMI,KAAK,GAAG,IAAAC,kBAAW,EAAC;QACtBd,KAAK;QACLa,KAAK,EAAEL,MAAM,CAACK,KAAK;QACnBF;MACJ,CAAC,CAAC;MACF,OAAOR,sBAAsB,CAACH,KAAK,EAAE;QACjC,GAAGQ,MAAM;QACTK;MACJ,CAAC,CAAC;IACN,CAAC;IAED,MAAME,mBAAmB,GAAGtB,OAAO,CAACW,GAAG,CAACY,QAAQ,CAACV,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IAClEX,OAAO,CAACW,GAAG,CAACY,QAAQ,GAAG,OAAO,GAAGT,SAAS,KAAK;MAC3C,MAAM,CAACP,KAAK,EAAEQ,MAAM,CAAC,GAAGD,SAAS;MACjC,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOe,mBAAmB,CAAC,GAAGR,SAAS,CAAC;MAC5C;MAEA,MAAMU,KAAK,GAAG,MAAMF,mBAAmB,CAACf,KAAK,EAAEQ,MAAM,CAAC;MAEtD,MAAMU,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOH,KAAK;MAChB;MAEA,MAAMI,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOP,KAAK;IAChB,CAAC;IAED,MAAMQ,uBAAuB,GAAGhC,OAAO,CAACW,GAAG,CAACsB,YAAY,CAACpB,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IAC1EX,OAAO,CAACW,GAAG,CAACsB,YAAY,GAAG,OAAO,GAAGnB,SAAS,KAAK;MAC/C,MAAM,CAACP,KAAK,EAAEQ,MAAM,CAAC,GAAGD,SAAS;MACjC,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOyB,uBAAuB,CAAC,GAAGlB,SAAS,CAAC;MAChD;MAEA,MAAMU,KAAK,GAAG,MAAMQ,uBAAuB,CAACzB,KAAK,EAAEQ,MAAM,CAAC;MAE1D,MAAMU,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOH,KAAK;MAChB;MACA,MAAMI,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MACF,OAAOP,KAAK;IAChB,CAAC;IAED,MAAMU,6BAA6B,GAAGlC,OAAO,CAACW,GAAG,CAACwB,qBAAqB,CAACtB,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACzFX,OAAO,CAACW,GAAG,CAACwB,qBAAqB,GAAG,OAAO,GAAGrB,SAAS,KAAK;MACxD,MAAM,CAACP,KAAK,EAAE6B,GAAG,CAAC,GAAGtB,SAAS;MAC9B,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAO2B,6BAA6B,CAAC,GAAGpB,SAAS,CAAC;MACtD;MAEA,MAAMuB,OAAO,GAAG,MAAMH,6BAA6B,CAAC3B,KAAK,EAAE6B,GAAG,CAAC;MAE/D,OAAOhC,qBAAqB,CAACG,KAAK,EAAE8B,OAAO,CAAC;IAChD,CAAC;IAED,MAAMC,gCAAgC,GAAGtC,OAAO,CAACW,GAAG,CAAC4B,wBAAwB,CAAC1B,IAAI,CAC9Eb,OAAO,CAACW,GACZ,CAAC;IACDX,OAAO,CAACW,GAAG,CAAC4B,wBAAwB,GAAG,OAAO,GAAGzB,SAAS,KAAK;MAC3D,MAAM,CAACP,KAAK,EAAE6B,GAAG,CAAC,GAAGtB,SAAS;MAC9B,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAO+B,gCAAgC,CAAC,GAAGxB,SAAS,CAAC;MACzD;MAEA,MAAMuB,OAAO,GAAG,MAAMC,gCAAgC,CAAC/B,KAAK,EAAE6B,GAAG,CAAC;MAClE,OAAOhC,qBAAqB,CAACG,KAAK,EAAE8B,OAAO,CAAC;IAChD,CAAC;IAED,MAAMG,sBAAsB,GAAGxC,OAAO,CAACW,GAAG,CAAC8B,WAAW,CAAC5B,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxEX,OAAO,CAACW,GAAG,CAAC8B,WAAW,GAAG,OAAO,GAAG3B,SAAS,KAAK;MAC9C,MAAM,CAACP,KAAK,EAAEQ,MAAM,EAAE2B,OAAO,CAAC,GAAG5B,SAAS;MAC1C,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOiC,sBAAsB,CAAC,GAAG1B,SAAS,CAAC;MAC/C;MAEA,MAAMW,QAAQ,GAAGV,MAAM,CAAC4B,eAAe,EAAElB,QAAQ,IAAIV,MAAM,CAACW,QAAQ,EAAED,QAAQ;MAE9E,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOa,sBAAsB,CAACjC,KAAK,EAAEQ,MAAM,EAAE2B,OAAO,CAAC;MACzD;MAEA,MAAMd,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOS,sBAAsB,CAACjC,KAAK,EAAEQ,MAAM,EAAE2B,OAAO,CAAC;IACzD,CAAC;IAED,MAAME,0BAA0B,GAAG5C,OAAO,CAACW,GAAG,CAACkC,uBAAuB,CAAChC,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxFX,OAAO,CAACW,GAAG,CAACkC,uBAAuB,GAAG,OAAO,GAAG/B,SAAS,KAAK;MAC1D,MAAM,CAACP,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEL,OAAO,CAAC,GAAG5B,SAAS;MAC7C,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOqC,0BAA0B,CAAC,GAAG9B,SAAS,CAAC;MACnD;MAEA,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAAC1C,KAAK,EAAE;QAC7EuC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOiB,0BAA0B,CAACrC,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEL,OAAO,CAAC;MAChE;MAEA,MAAMd,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOa,0BAA0B,CAACrC,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEL,OAAO,CAAC;IAChE,CAAC;IAED,MAAMQ,sBAAsB,GAAGlD,OAAO,CAACW,GAAG,CAACwC,WAAW,CAACtC,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxEX,OAAO,CAACW,GAAG,CAACwC,WAAW,GAAG,OAAO,GAAGrC,SAAS,KAAK;MAC9C,MAAM,CAACP,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,CAAC,GAAG5B,SAAS;MACnD,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAO2C,sBAAsB,CAAC,GAAGpC,SAAS,CAAC;MAC/C;MAEA,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAAC1C,KAAK,EAAE;QAC7EuC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOuB,sBAAsB,CAAC3C,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,CAAC;MAClE;MAEA,MAAMd,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOmB,sBAAsB,CAAC3C,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,CAAC;IAClE,CAAC;IAED,MAAMW,sBAAsB,GAAGrD,OAAO,CAACW,GAAG,CAAC2C,WAAW,CAACzC,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxEX,OAAO,CAACW,GAAG,CAAC2C,WAAW,GAAG,OAAO,GAAGxC,SAAS,KAAK;MAC9C,MAAM,CAACP,KAAK,EAAEuC,EAAE,EAAEJ,OAAO,CAAC,GAAG5B,SAAS;MACtC,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAO8C,sBAAsB,CAAC,GAAGvC,SAAS,CAAC;MAC/C;MAEA,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACkB,0BAA0B,CAChFhD,KAAK,EACL;QACIuC;MACJ,CACJ,CAAC;MAED,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAO0B,sBAAsB,CAAC9C,KAAK,EAAEuC,EAAE,EAAEJ,OAAO,CAAC;MACrD;MAEA,MAAMd,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOsB,sBAAsB,CAAC9C,KAAK,EAAEuC,EAAE,EAAEJ,OAAO,CAAC;IACrD,CAAC;IAED,MAAMc,8BAA8B,GAAGxD,OAAO,CAACW,GAAG,CAAC8C,mBAAmB,CAAC5C,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxFX,OAAO,CAACW,GAAG,CAAC8C,mBAAmB,GAAG,OAAO,GAAG3C,SAAS,KAAK;MACtD,MAAM,CAACP,KAAK,EAAEuC,EAAE,CAAC,GAAGhC,SAAS;MAC7B,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOiD,8BAA8B,CAAC,GAAG1C,SAAS,CAAC;MACvD;MAEA,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAAC1C,KAAK,EAAE;QAC7EuC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAO6B,8BAA8B,CAACjD,KAAK,EAAEuC,EAAE,CAAC;MACpD;MAEA,MAAMlB,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOyB,8BAA8B,CAACjD,KAAK,EAAEuC,EAAE,CAAC;IACpD,CAAC;IAED,MAAMY,oBAAoB,GAAG1D,OAAO,CAACW,GAAG,CAACgD,SAAS,CAAC9C,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACpEX,OAAO,CAACW,GAAG,CAACgD,SAAS,GAAG,OAAO,GAAG7C,SAAS,KAAK;MAC5C,MAAM,CAACP,KAAK,EAAEuC,EAAE,EAAEc,cAAc,CAAC,GAAG9C,SAAS;MAC7C,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOmD,oBAAoB,CAAC,GAAG5C,SAAS,CAAC;MAC7C;;MAEA;AACZ;AACA;MACY,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAAC1C,KAAK,EAAE;QAC7EuC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ,IAAIE,sBAAW;MACzD;AACZ;AACA;MACY,IAAIF,QAAQ,KAAKmC,cAAc,EAAE;QAC7B,OAAOF,oBAAoB,CAACnD,KAAK,EAAEuC,EAAE,EAAEc,cAAc,CAAC;MAC1D,CAAC,MAAM,IAAInC,QAAQ,KAAKE,sBAAW,EAAE;QACjC;AAChB;AACA;QACgB,MAAMC,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;QACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;UACtDF,MAAM;UACNG,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MACA;AACZ;AACA;MACY,IAAI6B,cAAc,KAAKjC,sBAAW,EAAE;QAChC,MAAMC,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAAC+B,cAAc,CAAC;QAC3D,MAAM1D,sBAAsB,CAAC4B,4BAA4B,CAAC;UACtDF,MAAM;UACNG,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MAEA,OAAO2B,oBAAoB,CAACnD,KAAK,EAAEuC,EAAE,EAAEc,cAAc,CAAC;IAC1D,CAAC;EACL;AACJ;AAACC,OAAA,CAAA/D,wBAAA,GAAAA,wBAAA"}
|
|
1
|
+
{"version":3,"names":["_where","require","_constants","_filterEntriesByFolderFactory","_createFolderType","_decorateIfModelAuthorizationEnabled","CmsEntriesCrudDecorators","constructor","context","decorate","folderLevelPermissions","aco","filterEntriesByFolder","filterEntriesByFolderFactory","decorateIfModelAuthorizationEnabled","cms","allParams","decoratee","model","params","folderType","createFolderType","folders","listAllFoldersWithPermissions","where","createWhere","entry","folderId","location","ROOT_FOLDER","folder","get","ensureCanAccessFolderContent","rwd","ids","entries","options","wbyAco_location","id","input","storageOperations","getRevisionById","meta","getLatestRevisionByEntryId","targetFolderId","exports"],"sources":["CmsEntriesCrudDecorators.ts"],"sourcesContent":["import { AcoContext } from \"~/types\";\nimport { createWhere } from \"./where\";\nimport { ROOT_FOLDER } from \"./constants\";\nimport { filterEntriesByFolderFactory } from \"./filterEntriesByFolderFactory\";\nimport { createFolderType } from \"./createFolderType\";\nimport { decorateIfModelAuthorizationEnabled } from \"./decorateIfModelAuthorizationEnabled\";\n\ntype Context = Pick<AcoContext, \"aco\" | \"cms\">;\n\ninterface EntryManagerCrudDecoratorsParams {\n context: Context;\n}\n\nexport class CmsEntriesCrudDecorators {\n private readonly context: Context;\n\n public constructor({ context }: EntryManagerCrudDecoratorsParams) {\n this.context = context;\n }\n\n public decorate() {\n const context = this.context;\n const folderLevelPermissions = context.aco.folderLevelPermissions;\n\n const filterEntriesByFolder = filterEntriesByFolderFactory(context, folderLevelPermissions);\n\n decorateIfModelAuthorizationEnabled(context.cms, \"listEntries\", async (...allParams) => {\n const [decoratee, model, params] = allParams;\n const folderType = createFolderType(model);\n const folders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);\n\n const where = createWhere({\n model,\n where: params.where,\n folders\n });\n return decoratee(model, {\n ...params,\n where\n });\n });\n\n decorateIfModelAuthorizationEnabled(context.cms, \"getEntry\", async (...allParams) => {\n const [decoratee, model, params] = allParams;\n const entry = await decoratee(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n\n return entry;\n });\n\n decorateIfModelAuthorizationEnabled(context.cms, \"getEntryById\", async (...allParams) => {\n const [decoratee, model, params] = allParams;\n const entry = await decoratee(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n return entry;\n });\n\n decorateIfModelAuthorizationEnabled(\n context.cms,\n \"getLatestEntriesByIds\",\n async (...allParams) => {\n const [decoratee, model, ids] = allParams;\n\n const entries = await decoratee(model, ids);\n\n return filterEntriesByFolder(model, entries);\n }\n );\n\n decorateIfModelAuthorizationEnabled(\n context.cms,\n \"getPublishedEntriesByIds\",\n async (...allParams) => {\n const [decoratee, model, ids] = allParams;\n\n const entries = await decoratee(model, ids);\n return filterEntriesByFolder(model, entries);\n }\n );\n\n decorateIfModelAuthorizationEnabled(context.cms, \"createEntry\", async (...allParams) => {\n const [decoratee, model, params, options] = allParams;\n\n const folderId = params.wbyAco_location?.folderId || params.location?.folderId;\n\n if (!folderId || folderId === ROOT_FOLDER) {\n return decoratee(model, params, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return decoratee(model, params, options);\n });\n\n decorateIfModelAuthorizationEnabled(\n context.cms,\n \"createEntryRevisionFrom\",\n async (...allParams) => {\n const [decoratee, model, id, input, options] = allParams;\n\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return decoratee(model, id, input, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return decoratee(model, id, input, options);\n }\n );\n\n decorateIfModelAuthorizationEnabled(context.cms, \"updateEntry\", async (...allParams) => {\n const [decoratee, model, id, input, meta, options] = allParams;\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return decoratee(model, id, input, meta, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return decoratee(model, id, input, meta, options);\n });\n\n decorateIfModelAuthorizationEnabled(context.cms, \"deleteEntry\", async (...allParams) => {\n const [decoratee, model, id, options] = allParams;\n\n const entry = await context.cms.storageOperations.entries.getLatestRevisionByEntryId(\n model,\n {\n id\n }\n );\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return decoratee(model, id, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return decoratee(model, id, options);\n });\n\n decorateIfModelAuthorizationEnabled(\n context.cms,\n \"deleteEntryRevision\",\n async (...allParams) => {\n const [decoratee, model, id] = allParams;\n\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return decoratee(model, id);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return decoratee(model, id);\n }\n );\n\n decorateIfModelAuthorizationEnabled(context.cms, \"moveEntry\", async (...allParams) => {\n const [decoratee, model, id, targetFolderId] = allParams;\n\n /**\n * First we need to check if user has access to the entries existing folder.\n */\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId || ROOT_FOLDER;\n /**\n * If the entry is in the same folder we are trying to move it to, just continue.\n */\n if (folderId === targetFolderId) {\n return decoratee(model, id, targetFolderId);\n } else if (folderId !== ROOT_FOLDER) {\n /**\n * If entry current folder is not a root, check for access\n */\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n /**\n * If target folder is not a ROOT_FOLDER, check for access.\n */\n if (targetFolderId !== ROOT_FOLDER) {\n const folder = await context.aco.folder.get(targetFolderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n\n return decoratee(model, id, targetFolderId);\n });\n }\n}\n"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,6BAAA,GAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AACA,IAAAI,oCAAA,GAAAJ,OAAA;AAQO,MAAMK,wBAAwB,CAAC;EAG3BC,WAAWA,CAAC;IAAEC;EAA0C,CAAC,EAAE;IAC9D,IAAI,CAACA,OAAO,GAAGA,OAAO;EAC1B;EAEOC,QAAQA,CAAA,EAAG;IACd,MAAMD,OAAO,GAAG,IAAI,CAACA,OAAO;IAC5B,MAAME,sBAAsB,GAAGF,OAAO,CAACG,GAAG,CAACD,sBAAsB;IAEjE,MAAME,qBAAqB,GAAG,IAAAC,0DAA4B,EAACL,OAAO,EAAEE,sBAAsB,CAAC;IAE3F,IAAAI,wEAAmC,EAACN,OAAO,CAACO,GAAG,EAAE,aAAa,EAAE,OAAO,GAAGC,SAAS,KAAK;MACpF,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEC,MAAM,CAAC,GAAGH,SAAS;MAC5C,MAAMI,UAAU,GAAG,IAAAC,kCAAgB,EAACH,KAAK,CAAC;MAC1C,MAAMI,OAAO,GAAG,MAAMZ,sBAAsB,CAACa,6BAA6B,CAACH,UAAU,CAAC;MAEtF,MAAMI,KAAK,GAAG,IAAAC,kBAAW,EAAC;QACtBP,KAAK;QACLM,KAAK,EAAEL,MAAM,CAACK,KAAK;QACnBF;MACJ,CAAC,CAAC;MACF,OAAOL,SAAS,CAACC,KAAK,EAAE;QACpB,GAAGC,MAAM;QACTK;MACJ,CAAC,CAAC;IACN,CAAC,CAAC;IAEF,IAAAV,wEAAmC,EAACN,OAAO,CAACO,GAAG,EAAE,UAAU,EAAE,OAAO,GAAGC,SAAS,KAAK;MACjF,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEC,MAAM,CAAC,GAAGH,SAAS;MAC5C,MAAMU,KAAK,GAAG,MAAMT,SAAS,CAACC,KAAK,EAAEC,MAAM,CAAC;MAE5C,MAAMQ,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOH,KAAK;MAChB;MAEA,MAAMI,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMjB,sBAAsB,CAACsB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOP,KAAK;IAChB,CAAC,CAAC;IAEF,IAAAZ,wEAAmC,EAACN,OAAO,CAACO,GAAG,EAAE,cAAc,EAAE,OAAO,GAAGC,SAAS,KAAK;MACrF,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEC,MAAM,CAAC,GAAGH,SAAS;MAC5C,MAAMU,KAAK,GAAG,MAAMT,SAAS,CAACC,KAAK,EAAEC,MAAM,CAAC;MAE5C,MAAMQ,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOH,KAAK;MAChB;MACA,MAAMI,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMjB,sBAAsB,CAACsB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MACF,OAAOP,KAAK;IAChB,CAAC,CAAC;IAEF,IAAAZ,wEAAmC,EAC/BN,OAAO,CAACO,GAAG,EACX,uBAAuB,EACvB,OAAO,GAAGC,SAAS,KAAK;MACpB,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEgB,GAAG,CAAC,GAAGlB,SAAS;MAEzC,MAAMmB,OAAO,GAAG,MAAMlB,SAAS,CAACC,KAAK,EAAEgB,GAAG,CAAC;MAE3C,OAAOtB,qBAAqB,CAACM,KAAK,EAAEiB,OAAO,CAAC;IAChD,CACJ,CAAC;IAED,IAAArB,wEAAmC,EAC/BN,OAAO,CAACO,GAAG,EACX,0BAA0B,EAC1B,OAAO,GAAGC,SAAS,KAAK;MACpB,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEgB,GAAG,CAAC,GAAGlB,SAAS;MAEzC,MAAMmB,OAAO,GAAG,MAAMlB,SAAS,CAACC,KAAK,EAAEgB,GAAG,CAAC;MAC3C,OAAOtB,qBAAqB,CAACM,KAAK,EAAEiB,OAAO,CAAC;IAChD,CACJ,CAAC;IAED,IAAArB,wEAAmC,EAACN,OAAO,CAACO,GAAG,EAAE,aAAa,EAAE,OAAO,GAAGC,SAAS,KAAK;MACpF,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEC,MAAM,EAAEiB,OAAO,CAAC,GAAGpB,SAAS;MAErD,MAAMW,QAAQ,GAAGR,MAAM,CAACkB,eAAe,EAAEV,QAAQ,IAAIR,MAAM,CAACS,QAAQ,EAAED,QAAQ;MAE9E,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOZ,SAAS,CAACC,KAAK,EAAEC,MAAM,EAAEiB,OAAO,CAAC;MAC5C;MAEA,MAAMN,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMjB,sBAAsB,CAACsB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOhB,SAAS,CAACC,KAAK,EAAEC,MAAM,EAAEiB,OAAO,CAAC;IAC5C,CAAC,CAAC;IAEF,IAAAtB,wEAAmC,EAC/BN,OAAO,CAACO,GAAG,EACX,yBAAyB,EACzB,OAAO,GAAGC,SAAS,KAAK;MACpB,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEoB,EAAE,EAAEC,KAAK,EAAEH,OAAO,CAAC,GAAGpB,SAAS;MAExD,MAAMU,KAAK,GAAG,MAAMlB,OAAO,CAACO,GAAG,CAACyB,iBAAiB,CAACL,OAAO,CAACM,eAAe,CAACvB,KAAK,EAAE;QAC7EoB;MACJ,CAAC,CAAC;MAEF,MAAMX,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOZ,SAAS,CAACC,KAAK,EAAEoB,EAAE,EAAEC,KAAK,EAAEH,OAAO,CAAC;MAC/C;MAEA,MAAMN,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMjB,sBAAsB,CAACsB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOhB,SAAS,CAACC,KAAK,EAAEoB,EAAE,EAAEC,KAAK,EAAEH,OAAO,CAAC;IAC/C,CACJ,CAAC;IAED,IAAAtB,wEAAmC,EAACN,OAAO,CAACO,GAAG,EAAE,aAAa,EAAE,OAAO,GAAGC,SAAS,KAAK;MACpF,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEoB,EAAE,EAAEC,KAAK,EAAEG,IAAI,EAAEN,OAAO,CAAC,GAAGpB,SAAS;MAC9D,MAAMU,KAAK,GAAG,MAAMlB,OAAO,CAACO,GAAG,CAACyB,iBAAiB,CAACL,OAAO,CAACM,eAAe,CAACvB,KAAK,EAAE;QAC7EoB;MACJ,CAAC,CAAC;MAEF,MAAMX,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOZ,SAAS,CAACC,KAAK,EAAEoB,EAAE,EAAEC,KAAK,EAAEG,IAAI,EAAEN,OAAO,CAAC;MACrD;MAEA,MAAMN,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMjB,sBAAsB,CAACsB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOhB,SAAS,CAACC,KAAK,EAAEoB,EAAE,EAAEC,KAAK,EAAEG,IAAI,EAAEN,OAAO,CAAC;IACrD,CAAC,CAAC;IAEF,IAAAtB,wEAAmC,EAACN,OAAO,CAACO,GAAG,EAAE,aAAa,EAAE,OAAO,GAAGC,SAAS,KAAK;MACpF,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEoB,EAAE,EAAEF,OAAO,CAAC,GAAGpB,SAAS;MAEjD,MAAMU,KAAK,GAAG,MAAMlB,OAAO,CAACO,GAAG,CAACyB,iBAAiB,CAACL,OAAO,CAACQ,0BAA0B,CAChFzB,KAAK,EACL;QACIoB;MACJ,CACJ,CAAC;MAED,MAAMX,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOZ,SAAS,CAACC,KAAK,EAAEoB,EAAE,EAAEF,OAAO,CAAC;MACxC;MAEA,MAAMN,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMjB,sBAAsB,CAACsB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOhB,SAAS,CAACC,KAAK,EAAEoB,EAAE,EAAEF,OAAO,CAAC;IACxC,CAAC,CAAC;IAEF,IAAAtB,wEAAmC,EAC/BN,OAAO,CAACO,GAAG,EACX,qBAAqB,EACrB,OAAO,GAAGC,SAAS,KAAK;MACpB,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEoB,EAAE,CAAC,GAAGtB,SAAS;MAExC,MAAMU,KAAK,GAAG,MAAMlB,OAAO,CAACO,GAAG,CAACyB,iBAAiB,CAACL,OAAO,CAACM,eAAe,CAACvB,KAAK,EAAE;QAC7EoB;MACJ,CAAC,CAAC;MAEF,MAAMX,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOZ,SAAS,CAACC,KAAK,EAAEoB,EAAE,CAAC;MAC/B;MAEA,MAAMR,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMjB,sBAAsB,CAACsB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOhB,SAAS,CAACC,KAAK,EAAEoB,EAAE,CAAC;IAC/B,CACJ,CAAC;IAED,IAAAxB,wEAAmC,EAACN,OAAO,CAACO,GAAG,EAAE,WAAW,EAAE,OAAO,GAAGC,SAAS,KAAK;MAClF,MAAM,CAACC,SAAS,EAAEC,KAAK,EAAEoB,EAAE,EAAEM,cAAc,CAAC,GAAG5B,SAAS;;MAExD;AACZ;AACA;MACY,MAAMU,KAAK,GAAG,MAAMlB,OAAO,CAACO,GAAG,CAACyB,iBAAiB,CAACL,OAAO,CAACM,eAAe,CAACvB,KAAK,EAAE;QAC7EoB;MACJ,CAAC,CAAC;MAEF,MAAMX,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ,IAAIE,sBAAW;MACzD;AACZ;AACA;MACY,IAAIF,QAAQ,KAAKiB,cAAc,EAAE;QAC7B,OAAO3B,SAAS,CAACC,KAAK,EAAEoB,EAAE,EAAEM,cAAc,CAAC;MAC/C,CAAC,MAAM,IAAIjB,QAAQ,KAAKE,sBAAW,EAAE;QACjC;AAChB;AACA;QACgB,MAAMC,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;QACrD,MAAMjB,sBAAsB,CAACsB,4BAA4B,CAAC;UACtDF,MAAM;UACNG,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MACA;AACZ;AACA;MACY,IAAIW,cAAc,KAAKf,sBAAW,EAAE;QAChC,MAAMC,MAAM,GAAG,MAAMtB,OAAO,CAACG,GAAG,CAACmB,MAAM,CAACC,GAAG,CAACa,cAAc,CAAC;QAC3D,MAAMlC,sBAAsB,CAACsB,4BAA4B,CAAC;UACtDF,MAAM;UACNG,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MAEA,OAAOhB,SAAS,CAACC,KAAK,EAAEoB,EAAE,EAAEM,cAAc,CAAC;IAC/C,CAAC,CAAC;EACN;AACJ;AAACC,OAAA,CAAAvC,wBAAA,GAAAA,wBAAA"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import { CmsModel, HeadlessCms } from "@webiny/api-headless-cms/types";
|
|
2
|
+
/**
|
|
3
|
+
* This type matches any function that has a CmsModel as the first parameter.
|
|
4
|
+
*/
|
|
5
|
+
declare type ModelCallable = (model: CmsModel, ...params: any[]) => any;
|
|
6
|
+
/**
|
|
7
|
+
* This type filters only `ModelCallable` methods.
|
|
8
|
+
*/
|
|
9
|
+
declare type FilterModelMethods<T> = {
|
|
10
|
+
[K in keyof T as ModelCallable extends T[K] ? K : never]: T[K];
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* This type omits methods that have a more complex `model` type.
|
|
14
|
+
* E.g., `getEntryManager` has `model` typed as `CmsModel | string`.
|
|
15
|
+
* Ideally, we would filter those out in the previous utility type, but I'm not sure how to achieve that.
|
|
16
|
+
*/
|
|
17
|
+
declare type ModelMethods<T> = Omit<FilterModelMethods<T>, "getEntryManager">;
|
|
18
|
+
/**
|
|
19
|
+
* Decorator takes the decoratee as the _first_ parameter, and then forwards the rest of the parameters.
|
|
20
|
+
*/
|
|
21
|
+
declare type Decorator<T extends ModelCallable> = (decoratee: T, ...args: Parameters<T>) => ReturnType<T>;
|
|
22
|
+
export declare const decorateIfModelAuthorizationEnabled: <M extends "getEntry" | "getEntriesByIds" | "getEntryById" | "listEntries" | "listLatestEntries" | "listPublishedEntries" | "getPublishedEntriesByIds" | "getLatestEntriesByIds" | "createEntry" | "createEntryRevisionFrom" | "updateEntry" | "validateEntry" | "moveEntry" | "republishEntry" | "deleteEntryRevision" | "deleteEntry" | "deleteMultipleEntries" | "publishEntry" | "unpublishEntry" | "getEntryRevisions" | "getUniqueFieldValues", D extends Decorator<ModelMethods<HeadlessCms>[M]>>(root: ModelMethods<HeadlessCms>, method: M, decorator: D) => void;
|
|
23
|
+
export {};
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.decorateIfModelAuthorizationEnabled = void 0;
|
|
7
|
+
/**
|
|
8
|
+
* This type matches any function that has a CmsModel as the first parameter.
|
|
9
|
+
*/
|
|
10
|
+
|
|
11
|
+
/**
|
|
12
|
+
* This type filters only `ModelCallable` methods.
|
|
13
|
+
*/
|
|
14
|
+
|
|
15
|
+
/**
|
|
16
|
+
* This type omits methods that have a more complex `model` type.
|
|
17
|
+
* E.g., `getEntryManager` has `model` typed as `CmsModel | string`.
|
|
18
|
+
* Ideally, we would filter those out in the previous utility type, but I'm not sure how to achieve that.
|
|
19
|
+
*/
|
|
20
|
+
|
|
21
|
+
/**
|
|
22
|
+
* Decorator takes the decoratee as the _first_ parameter, and then forwards the rest of the parameters.
|
|
23
|
+
*/
|
|
24
|
+
|
|
25
|
+
const modelAuthorizationDisabled = model => {
|
|
26
|
+
if (typeof model.authorization === "object") {
|
|
27
|
+
return model?.authorization?.flp === false;
|
|
28
|
+
}
|
|
29
|
+
return model.authorization === false;
|
|
30
|
+
};
|
|
31
|
+
const decorateIfModelAuthorizationEnabled = (root, method, decorator) => {
|
|
32
|
+
/**
|
|
33
|
+
* We cast to `ModelCallable` because within the generic function, we only know that the first
|
|
34
|
+
* parameter is a `CmsModel`, and we forward the rest.
|
|
35
|
+
*/
|
|
36
|
+
const decoratee = root[method].bind(root);
|
|
37
|
+
root[method] = (...params) => {
|
|
38
|
+
const [model, ...rest] = params;
|
|
39
|
+
if (modelAuthorizationDisabled(model)) {
|
|
40
|
+
return decoratee(model, ...rest);
|
|
41
|
+
}
|
|
42
|
+
return decorator(decoratee, ...params);
|
|
43
|
+
};
|
|
44
|
+
};
|
|
45
|
+
exports.decorateIfModelAuthorizationEnabled = decorateIfModelAuthorizationEnabled;
|
|
46
|
+
|
|
47
|
+
//# sourceMappingURL=decorateIfModelAuthorizationEnabled.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["modelAuthorizationDisabled","model","authorization","flp","decorateIfModelAuthorizationEnabled","root","method","decorator","decoratee","bind","params","rest","exports"],"sources":["decorateIfModelAuthorizationEnabled.ts"],"sourcesContent":["import { CmsModel, HeadlessCms } from \"@webiny/api-headless-cms/types\";\n\n/**\n * This type matches any function that has a CmsModel as the first parameter.\n */\ntype ModelCallable = (model: CmsModel, ...params: any[]) => any;\n\n/**\n * This type filters only `ModelCallable` methods.\n */\ntype FilterModelMethods<T> = {\n [K in keyof T as ModelCallable extends T[K] ? K : never]: T[K];\n};\n\n/**\n * This type omits methods that have a more complex `model` type.\n * E.g., `getEntryManager` has `model` typed as `CmsModel | string`.\n * Ideally, we would filter those out in the previous utility type, but I'm not sure how to achieve that.\n */\ntype ModelMethods<T> = Omit<FilterModelMethods<T>, \"getEntryManager\">;\n\n/**\n * Decorator takes the decoratee as the _first_ parameter, and then forwards the rest of the parameters.\n */\ntype Decorator<T extends ModelCallable> = (decoratee: T, ...args: Parameters<T>) => ReturnType<T>;\n\nconst modelAuthorizationDisabled = (model: CmsModel) => {\n if (typeof model.authorization === \"object\") {\n return model?.authorization?.flp === false;\n }\n\n return model.authorization === false;\n};\n\nexport const decorateIfModelAuthorizationEnabled = <\n /**\n * This allows us to only have an auto-complete of `ModelCallable` methods.\n */\n M extends keyof ModelMethods<HeadlessCms>,\n D extends Decorator<ModelMethods<HeadlessCms>[M]>\n>(\n root: ModelMethods<HeadlessCms>,\n method: M,\n decorator: D\n) => {\n /**\n * We cast to `ModelCallable` because within the generic function, we only know that the first\n * parameter is a `CmsModel`, and we forward the rest.\n */\n const decoratee = root[method].bind(root) as ModelCallable;\n root[method] = ((...params: Parameters<ModelMethods<HeadlessCms>[M]>) => {\n const [model, ...rest] = params;\n if (modelAuthorizationDisabled(model)) {\n return decoratee(model, ...rest);\n }\n\n return decorator(decoratee, ...params);\n }) as ModelCallable;\n};\n"],"mappings":";;;;;;AAEA;AACA;AACA;;AAGA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA;;AAGA;AACA;AACA;;AAGA,MAAMA,0BAA0B,GAAIC,KAAe,IAAK;EACpD,IAAI,OAAOA,KAAK,CAACC,aAAa,KAAK,QAAQ,EAAE;IACzC,OAAOD,KAAK,EAAEC,aAAa,EAAEC,GAAG,KAAK,KAAK;EAC9C;EAEA,OAAOF,KAAK,CAACC,aAAa,KAAK,KAAK;AACxC,CAAC;AAEM,MAAME,mCAAmC,GAAGA,CAO/CC,IAA+B,EAC/BC,MAAS,EACTC,SAAY,KACX;EACD;AACJ;AACA;AACA;EACI,MAAMC,SAAS,GAAGH,IAAI,CAACC,MAAM,CAAC,CAACG,IAAI,CAACJ,IAAI,CAAkB;EAC1DA,IAAI,CAACC,MAAM,CAAC,GAAI,CAAC,GAAGI,MAAgD,KAAK;IACrE,MAAM,CAACT,KAAK,EAAE,GAAGU,IAAI,CAAC,GAAGD,MAAM;IAC/B,IAAIV,0BAA0B,CAACC,KAAK,CAAC,EAAE;MACnC,OAAOO,SAAS,CAACP,KAAK,EAAE,GAAGU,IAAI,CAAC;IACpC;IAEA,OAAOJ,SAAS,CAACC,SAAS,EAAE,GAAGE,MAAM,CAAC;EAC1C,CAAmB;AACvB,CAAC;AAACE,OAAA,CAAAR,mCAAA,GAAAA,mCAAA"}
|