npm - @webiny/api-headless-cms - Versions diffs - 5.27.0 → 5.28.0-beta.0 - Mend

@webiny/api-headless-cms 5.27.0 → 5.28.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (138) hide show

package/utils.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["utils.ts"],"names":["hasRwd","permission","rwd","includes","hasPw","pw","isCustom","Object","keys","length","PW","r","c","p","u","RWD","w","d","checkPermissions","context","name","check","contentPermission","security","getPermission","NotAuthorizedError","data","reason","code","cms","getLocale","Array","isArray","locales","checkOwnership","record","own","identity","getIdentity","owner","id","creator","validateOwnership","checkModelAccess","model","validateModelAccess","modelId","modelGroupPermission","groups","modelPermission","models","locale","group","validateGroupAccess","toSlug","text","replacement","lower","remove","filterAsync","items","predicate","filteredItems","i","item","valid","push"],"mappings":";;;;;;;;;AAAA;;AACA;;AAaO,MAAMA,MAAM,GAAG,CAACC,UAAD,EAAwCC,GAAxC,KAAiE;AACnF,MAAI,OAAOD,UAAU,CAACC,GAAlB,KAA0B,QAA9B,EAAwC;AACpC,WAAO,IAAP;AACH;;AAED,SAAOD,UAAU,CAACC,GAAX,CAAeC,QAAf,CAAwBD,GAAxB,CAAP;AACH,CANM;;;;AAQA,MAAME,KAAK,GAAG,CAACH,UAAD,EAAiCI,EAAjC,KAAyD;AAC1E,QAAMC,QAAQ,GAAGC,MAAM,CAACC,IAAP,CAAYP,UAAZ,EAAwBQ,MAAxB,GAAiC,CAAlD,CAD0E,CACrB;;AAErD,MAAI,CAACH,QAAL,EAAe;AACX;AACA,WAAO,IAAP;AACH;;AAED,MAAI,OAAOL,UAAU,CAACI,EAAlB,KAAyB,QAA7B,EAAuC;AACnC,WAAO,KAAP;AACH;;AAED,SAAOJ,UAAU,CAACI,EAAX,CAAcF,QAAd,CAAuBE,EAAvB,CAAP;AACH,CAbM;;;AAeP,MAAMK,EAA0B,GAAG;AAC/BC,EAAAA,CAAC,EAAE,gBAD4B;AAE/BC,EAAAA,CAAC,EAAE,gBAF4B;AAG/BC,EAAAA,CAAC,EAAE,SAH4B;AAI/BC,EAAAA,CAAC,EAAE;AAJ4B,CAAnC;AAOA,MAAMC,GAA2B,GAAG;AAChCJ,EAAAA,CAAC,EAAE,MAD6B;AAEhCK,EAAAA,CAAC,EAAE,OAF6B;AAGhCC,EAAAA,CAAC,EAAE;AAH6B,CAApC;;AAMO,MAAMC,gBAAgB,GAAG,OAG5BC,OAH4B,EAI5BC,IAJ4B,EAK5BC,KAL4B,KAML;AACvB;AACA,QAAMC,iBAAsB,GAAG,MAAMH,OAAO,CAACI,QAAR,CAAiBC,aAAjB,CAA+B,cAA/B,CAArC;;AAEA,MAAI,CAACF,iBAAL,EAAwB;AACpB,UAAM,IAAIG,+BAAJ,CAAuB;AACzBC,MAAAA,IAAI,EAAE;AACFC,QAAAA,MAAM,EAAE;AADN;AADmB,KAAvB,CAAN;AAKH,GAVsB,CAYvB;;;AACA,QAAMC,IAAI,GAAGT,OAAO,CAACU,GAAR,CAAYC,SAAZ,GAAwBF,IAArC,CAbuB,CAevB;AACA;;AACA,MAAIG,KAAK,CAACC,OAAN,CAAcV,iBAAiB,CAACW,OAAhC,KAA4C,CAACX,iBAAiB,CAACW,OAAlB,CAA0B9B,QAA1B,CAAmCyB,IAAnC,CAAjD,EAA2F;AACvF,UAAM,IAAIH,+BAAJ,CAAuB;AACzBC,MAAAA,IAAI,EAAE;AACFC,QAAAA,MAAM,EAAG,qCAAoCC,IAAK;AADhD;AADmB,KAAvB,CAAN;AAKH;;AAED,QAAM3B,UAAU,GAAG,MAAMkB,OAAO,CAACI,QAAR,CAAiBC,aAAjB,CAA4CJ,IAA5C,CAAzB;;AAEA,MAAI,CAACnB,UAAL,EAAiB;AACb,UAAM,IAAIwB,+BAAJ,CAAuB;AACzBC,MAAAA,IAAI,EAAE;AACFC,QAAAA,MAAM,EAAG,uBAAsBP,IAAK;AADlC;AADmB,KAAvB,CAAN;AAKH;;AAED,MAAI,CAACC,KAAL,EAAY;AACR,WAAOpB,UAAP;AACH;;AAED,MAAIoB,KAAK,CAACnB,GAAN,IAAa,CAACF,MAAM,CAACC,UAAD,EAAaoB,KAAK,CAACnB,GAAnB,CAAxB,EAAiD;AAC7C,UAAM,IAAIuB,+BAAJ,CAAuB;AACzBC,MAAAA,IAAI,EAAE;AACFC,QAAAA,MAAM,EAAG,2BAA0BZ,GAAG,CAACM,KAAK,CAACnB,GAAP,CAAY,SAAQkB,IAAK;AAD7D;AADmB,KAAvB,CAAN;AAKH,GA7CsB,CA+CvB;AACA;AACA;AACA;;;AACA,MAAIC,KAAK,CAAChB,EAAN,IAAY,CAACD,KAAK,CAACH,UAAD,EAAaoB,KAAK,CAAChB,EAAnB,CAAtB,EAA8C;AAC1C,UAAM,IAAIoB,+BAAJ,CAAuB;AACzBC,MAAAA,IAAI,EAAE;AACFC,QAAAA,MAAM,EAAG,2BAA0BjB,EAAE,CAACW,KAAK,CAAChB,EAAP,CAAW,SAAQe,IAAK;AAD3D;AADmB,KAAvB,CAAN;AAKH;;AAED,SAAOnB,UAAP;AACH,CAlEM;;;;AAyEA,MAAMiC,cAAc,GAAG,CAC1Bf,OAD0B,EAE1BlB,UAF0B,EAG1BkC,MAH0B,KAInB;AACP,MAAI,CAAClC,UAAU,CAACmC,GAAhB,EAAqB;AACjB;AACH;;AAED,QAAMC,QAAQ,GAAGlB,OAAO,CAACI,QAAR,CAAiBe,WAAjB,EAAjB;AACA,QAAMC,KAAK,GAAGF,QAAQ,IAAIF,MAAM,CAAC,SAAD,CAAlB,IAAiCA,MAAM,CAAC,SAAD,CAAN,CAAkBK,EAAlB,KAAyBH,QAAQ,CAACG,EAAjF;AACA,QAAMC,OAAO,GAAGJ,QAAQ,IAAIF,MAAM,CAAC,WAAD,CAAlB,IAAmCA,MAAM,CAAC,WAAD,CAAN,CAAoBK,EAApB,KAA2BH,QAAQ,CAACG,EAAvF;;AAEA,MAAI,CAACD,KAAD,IAAU,CAACE,OAAf,EAAwB;AACpB,UAAM,IAAIhB,+BAAJ,CAAuB;AACzBC,MAAAA,IAAI,EAAE;AACFC,QAAAA,MAAM,EAAG;AADP;AADmB,KAAvB,CAAN;AAKH;AACJ,CApBM;;;;AAsBA,MAAMe,iBAAiB,GAAG,CAC7BvB,OAD6B,EAE7BlB,UAF6B,EAG7BkC,MAH6B,KAInB;AACV,MAAI;AACAD,IAAAA,cAAc,CAACf,OAAD,EAAUlB,UAAV,EAAsBkC,MAAtB,CAAd;AACA,WAAO,IAAP;AACH,GAHD,CAGE,MAAM;AACJ,WAAO,KAAP;AACH;AACJ,CAXM;AAYP;AACA;AACA;AACA;;;;;AACO,MAAMQ,gBAAgB,GAAG,OAAOxB,OAAP,EAA4ByB,KAA5B,KAA+D;AAC3F,MAAI,MAAMC,mBAAmB,CAAC1B,OAAD,EAAUyB,KAAV,CAA7B,EAA+C;AAC3C;AACH;;AACD,QAAM,IAAInB,+BAAJ,CAAuB;AACzBC,IAAAA,IAAI,EAAE;AACFC,MAAAA,MAAM,EAAG,gCAA+BiB,KAAK,CAACE,OAAQ;AADpD;AADmB,GAAvB,CAAN;AAKH,CATM;;;;AAUA,MAAMD,mBAAmB,GAAG,OAC/B1B,OAD+B,EAE/ByB,KAF+B,KAGZ;AACnB,QAAMG,oBAAwC,GAAG,MAAM7B,gBAAgB,CACnEC,OADmE,EAEnE,uBAFmE,EAGnE;AAAEjB,IAAAA,GAAG,EAAE;AAAP,GAHmE,CAAvE;AAKA,QAAM;AAAE8C,IAAAA;AAAF,MAAaD,oBAAnB;AAEA,QAAME,eAAmC,GAAG,MAAM/B,gBAAgB,CAC9DC,OAD8D,EAE9D,kBAF8D,EAG9D;AACIjB,IAAAA,GAAG,EAAE;AADT,GAH8D,CAAlE;AAOA,QAAM;AAAEgD,IAAAA;AAAF,MAAaD,eAAnB,CAfmB,CAgBnB;AACA;;AACA,MAAI,CAACC,MAAD,IAAW,CAACF,MAAhB,EAAwB;AACpB,WAAO,IAAP;AACH;;AACD,QAAMG,MAAM,GAAGhC,OAAO,CAACU,GAAR,CAAYC,SAAZ,GAAwBF,IAAvC,CArBmB,CAsBnB;;AACA,MAAIoB,MAAJ,EAAY;AACR,QACIjB,KAAK,CAACC,OAAN,CAAcgB,MAAM,CAACG,MAAD,CAApB,MAAkC,KAAlC,IACAH,MAAM,CAACG,MAAD,CAAN,CAAehD,QAAf,CAAwByC,KAAK,CAACQ,KAAN,CAAYZ,EAApC,MAA4C,KAFhD,EAGE;AACE,aAAO,KAAP;AACH;AACJ,GA9BkB,CA+BnB;;;AACA,MAAIU,MAAJ,EAAY;AACR,QACInB,KAAK,CAACC,OAAN,CAAckB,MAAM,CAACC,MAAD,CAApB,MAAkC,KAAlC,IACAD,MAAM,CAACC,MAAD,CAAN,CAAehD,QAAf,CAAwByC,KAAK,CAACE,OAA9B,MAA2C,KAF/C,EAGE;AACE,aAAO,KAAP;AACH;AACJ;;AAED,SAAO,IAAP;AACH,CA7CM;;;;AA8CA,MAAMO,mBAAmB,GAAG,CAC/BlC,OAD+B,EAE/BlB,UAF+B,EAG/BmD,KAH+B,KAIrB;AACV,QAAM;AAAEJ,IAAAA;AAAF,MAAa/C,UAAnB,CADU,CAEV;AACA;;AACA,MAAI,CAAC+C,MAAL,EAAa;AACT,WAAO,IAAP;AACH;;AACD,QAAMG,MAAM,GAAGhC,OAAO,CAACU,GAAR,CAAYC,SAAZ,GAAwBF,IAAvC,CAPU,CAQV;AACA;;AACA,MAAIG,KAAK,CAACC,OAAN,CAAcgB,MAAM,CAACG,MAAD,CAApB,MAAkC,KAAlC,IAA2CH,MAAM,CAACG,MAAD,CAAN,CAAehD,QAAf,CAAwBiD,KAAK,CAACZ,EAA9B,MAAsC,KAArF,EAA4F;AACxF,WAAO,KAAP;AACH;;AACD,SAAO,IAAP;AACH,CAlBM;;;;AAoBA,MAAMc,MAAM,GAAIC,IAAD,IAA0B;AAC5C,SAAO,sBAAQA,IAAR,EAAc;AACjBC,IAAAA,WAAW,EAAE,GADI;AAEjBC,IAAAA,KAAK,EAAE,IAFU;AAGjBC,IAAAA,MAAM,EAAE;AAHS,GAAd,CAAP;AAKH,CANM;;;;AAQA,MAAMC,WAAW,GAAG,OACvBC,KADuB,EAEvBC,SAFuB,KAGR;AACf,QAAMC,aAAa,GAAG,EAAtB;;AAEA,OAAK,IAAIC,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGH,KAAK,CAACnD,MAA1B,EAAkCsD,CAAC,EAAnC,EAAuC;AACnC,UAAMC,IAAI,GAAGJ,KAAK,CAACG,CAAD,CAAlB;AACA,UAAME,KAAK,GAAG,MAAMJ,SAAS,CAACG,IAAD,CAA7B;;AACA,QAAIC,KAAJ,EAAW;AACPH,MAAAA,aAAa,CAACI,IAAd,CAAmBF,IAAnB;AACH;AACJ;;AAED,SAAOF,aAAP;AACH,CAfM","sourcesContent":["import slugify from \"slugify\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\n\nimport {\n CmsModelPermission,\n CmsModel,\n CmsContext,\n CreatedBy,\n CmsGroupPermission,\n CmsGroup,\n CmsEntryPermission,\n BaseCmsSecurityPermission\n} from \"~/types\";\n\nexport const hasRwd = (permission: BaseCmsSecurityPermission, rwd: string): boolean => {\n if (typeof permission.rwd !== \"string\") {\n return true;\n }\n\n return permission.rwd.includes(rwd);\n};\n\nexport const hasPw = (permission: CmsEntryPermission, pw: string): boolean => {\n const isCustom = Object.keys(permission).length > 1; // \"name\" key is always present\n\n if (!isCustom) {\n // Means it's a \"full-access\" permission.\n return true;\n }\n\n if (typeof permission.pw !== \"string\") {\n return false;\n }\n\n return permission.pw.includes(pw);\n};\n\nconst PW: Record<string, string> = {\n r: \"request review\",\n c: \"request change\",\n p: \"publish\",\n u: \"unpublish\"\n};\n\nconst RWD: Record<string, string> = {\n r: \"read\",\n w: \"write\",\n d: \"delete\"\n};\n\nexport const checkPermissions = async <\n TPermission extends BaseCmsSecurityPermission = BaseCmsSecurityPermission\n>(\n context: CmsContext,\n name: string,\n check?: { rwd?: string; pw?: string }\n): Promise<TPermission> => {\n // Check if user is allowed to edit content in current language\n const contentPermission: any = await context.security.getPermission(\"content.i18n\");\n\n if (!contentPermission) {\n throw new NotAuthorizedError({\n data: {\n reason: \"Missing access to content in any locale.\"\n }\n });\n }\n\n // We need to check this manually as CMS locale comes from the URL and not the default i18n app.\n const code = context.cms.getLocale().code;\n\n // IMPORTANT: If we have a `contentPermission`, and `locales` key is NOT SET - it means the user has access to all locales.\n // However, if the the `locales` IS SET - check that it contains the required locale.\n if (Array.isArray(contentPermission.locales) && !contentPermission.locales.includes(code)) {\n throw new NotAuthorizedError({\n data: {\n reason: `Not allowed to access content in \"${code}.\"`\n }\n });\n }\n\n const permission = await context.security.getPermission<TPermission>(name);\n\n if (!permission) {\n throw new NotAuthorizedError({\n data: {\n reason: `Missing permission \"${name}\".`\n }\n });\n }\n\n if (!check) {\n return permission;\n }\n\n if (check.rwd && !hasRwd(permission, check.rwd)) {\n throw new NotAuthorizedError({\n data: {\n reason: `Not allowed to perform \"${RWD[check.rwd]}\" on \"${name}\".`\n }\n });\n }\n\n // r = request review\n // c = request change\n // p = publish\n // u = unpublish\n if (check.pw && !hasPw(permission, check.pw)) {\n throw new NotAuthorizedError({\n data: {\n reason: `Not allowed to perform \"${PW[check.pw]}\" on \"${name}\".`\n }\n });\n }\n\n return permission;\n};\n\ninterface OwnableRecord {\n createdBy?: CreatedBy;\n ownedBy?: CreatedBy;\n}\n\nexport const checkOwnership = (\n context: CmsContext,\n permission: BaseCmsSecurityPermission,\n record: OwnableRecord\n): void => {\n if (!permission.own) {\n return;\n }\n\n const identity = context.security.getIdentity();\n const owner = identity && record[\"ownedBy\"] && record[\"ownedBy\"].id === identity.id;\n const creator = identity && record[\"createdBy\"] && record[\"createdBy\"].id === identity.id;\n\n if (!owner && !creator) {\n throw new NotAuthorizedError({\n data: {\n reason: `You are not the owner of the record.`\n }\n });\n }\n};\n\nexport const validateOwnership = (\n context: CmsContext,\n permission: BaseCmsSecurityPermission,\n record: OwnableRecord\n): boolean => {\n try {\n checkOwnership(context, permission, record);\n return true;\n } catch {\n return false;\n }\n};\n/*\n model access is checking for both specific model or group access\n * if permission has specific models set as access pattern then groups will not matter (although both can be set)\n /\nexport const checkModelAccess = async (context: CmsContext, model: CmsModel): Promise<void> => {\n if (await validateModelAccess(context, model)) {\n return;\n }\n throw new NotAuthorizedError({\n data: {\n reason: `Not allowed to access model \"${model.modelId}\".`\n }\n });\n};\nexport const validateModelAccess = async (\n context: CmsContext,\n model: CmsModel\n): Promise<boolean> => {\n const modelGroupPermission: CmsGroupPermission = await checkPermissions(\n context,\n \"cms.contentModelGroup\",\n { rwd: \"r\" }\n );\n const { groups } = modelGroupPermission;\n\n const modelPermission: CmsModelPermission = await checkPermissions(\n context,\n \"cms.contentModel\",\n {\n rwd: \"r\"\n }\n );\n const { models } = modelPermission;\n // when no models or groups defined on permission\n // it means user has access to everything\n if (!models && !groups) {\n return true;\n }\n const locale = context.cms.getLocale().code;\n // Check whether the model is question belongs to \"content model groups\" for which user has permission.\n if (groups) {\n if (\n Array.isArray(groups[locale]) === false \|\|\n groups[locale].includes(model.group.id) === false\n ) {\n return false;\n }\n }\n // Check whether the model is question belongs to \"content models\" for which user has permission.\n if (models) {\n if (\n Array.isArray(models[locale]) === false \|\|\n models[locale].includes(model.modelId) === false\n ) {\n return false;\n }\n }\n\n return true;\n};\nexport const validateGroupAccess = (\n context: CmsContext,\n permission: CmsGroupPermission,\n group: CmsGroup\n): boolean => {\n const { groups } = permission;\n // when no groups defined on permission\n // it means user has access to everything\n if (!groups) {\n return true;\n }\n const locale = context.cms.getLocale().code;\n // when there is no locale in groups, it means that no access was given\n // this happens when access control was set but no models or groups were added\n if (Array.isArray(groups[locale]) === false \|\| groups[locale].includes(group.id) === false) {\n return false;\n }\n return true;\n};\n\nexport const toSlug = (text: string): string => {\n return slugify(text, {\n replacement: \"-\",\n lower: true,\n remove: /[#\\?<>_\\{\\}\\[\\]+~.()'\"!:;@]/g\n });\n};\n\nexport const filterAsync = async <T = Record<string, any>>(\n items: T[],\n predicate: (param: T) => Promise<boolean>\n): Promise<T[]> => {\n const filteredItems = [];\n\n for (let i = 0; i < items.length; i++) {\n const item = items[i];\n const valid = await predicate(item);\n if (valid) {\n filteredItems.push(item);\n }\n }\n\n return filteredItems;\n};\n"]}
1	+ {"version":3,"names":["hasRwd","permission","rwd","includes","hasPw","pw","isCustom","Object","keys","length","PW","r","c","p","u","RWD","w","d","checkPermissions","context","name","check","contentPermission","security","getPermission","NotAuthorizedError","data","reason","code","cms","getLocale","Array","isArray","locales","checkOwnership","record","own","identity","getIdentity","owner","id","creator","validateOwnership","checkModelAccess","model","validateModelAccess","modelId","modelGroupPermission","groups","modelPermission","models","locale","group","validateGroupAccess","toSlug","text","slugify","replacement","lower","remove","filterAsync","items","predicate","filteredItems","i","item","valid","push"],"sources":["utils.ts"],"sourcesContent":["import slugify from \"slugify\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\n\nimport {\n CmsModelPermission,\n CmsModel,\n CmsContext,\n CreatedBy,\n CmsGroupPermission,\n CmsGroup,\n CmsEntryPermission,\n BaseCmsSecurityPermission\n} from \"~/types\";\n\nexport const hasRwd = (permission: BaseCmsSecurityPermission, rwd: string): boolean => {\n if (typeof permission.rwd !== \"string\") {\n return true;\n }\n\n return permission.rwd.includes(rwd);\n};\n\nexport const hasPw = (permission: CmsEntryPermission, pw: string): boolean => {\n const isCustom = Object.keys(permission).length > 1; // \"name\" key is always present\n\n if (!isCustom) {\n // Means it's a \"full-access\" permission.\n return true;\n }\n\n if (typeof permission.pw !== \"string\") {\n return false;\n }\n\n return permission.pw.includes(pw);\n};\n\nconst PW: Record<string, string> = {\n r: \"request review\",\n c: \"request change\",\n p: \"publish\",\n u: \"unpublish\"\n};\n\nconst RWD: Record<string, string> = {\n r: \"read\",\n w: \"write\",\n d: \"delete\"\n};\n\nexport const checkPermissions = async <\n TPermission extends BaseCmsSecurityPermission = BaseCmsSecurityPermission\n>(\n context: CmsContext,\n name: string,\n check?: { rwd?: string; pw?: string }\n): Promise<TPermission> => {\n // Check if user is allowed to edit content in current language\n const contentPermission: any = await context.security.getPermission(\"content.i18n\");\n\n if (!contentPermission) {\n throw new NotAuthorizedError({\n data: {\n reason: \"Missing access to content in any locale.\"\n }\n });\n }\n\n // We need to check this manually as CMS locale comes from the URL and not the default i18n app.\n const code = context.cms.getLocale().code;\n\n // IMPORTANT: If we have a `contentPermission`, and `locales` key is NOT SET - it means the user has access to all locales.\n // However, if the the `locales` IS SET - check that it contains the required locale.\n if (Array.isArray(contentPermission.locales) && !contentPermission.locales.includes(code)) {\n throw new NotAuthorizedError({\n data: {\n reason: `Not allowed to access content in \"${code}.\"`\n }\n });\n }\n\n const permission = await context.security.getPermission<TPermission>(name);\n\n if (!permission) {\n throw new NotAuthorizedError({\n data: {\n reason: `Missing permission \"${name}\".`\n }\n });\n }\n\n if (!check) {\n return permission;\n }\n\n if (check.rwd && !hasRwd(permission, check.rwd)) {\n throw new NotAuthorizedError({\n data: {\n reason: `Not allowed to perform \"${RWD[check.rwd]}\" on \"${name}\".`\n }\n });\n }\n\n // r = request review\n // c = request change\n // p = publish\n // u = unpublish\n if (check.pw && !hasPw(permission, check.pw)) {\n throw new NotAuthorizedError({\n data: {\n reason: `Not allowed to perform \"${PW[check.pw]}\" on \"${name}\".`\n }\n });\n }\n\n return permission;\n};\n\ninterface OwnableRecord {\n createdBy?: CreatedBy;\n ownedBy?: CreatedBy;\n}\n\nexport const checkOwnership = (\n context: CmsContext,\n permission: BaseCmsSecurityPermission,\n record: OwnableRecord\n): void => {\n if (!permission.own) {\n return;\n }\n\n const identity = context.security.getIdentity();\n const owner = identity && record[\"ownedBy\"] && record[\"ownedBy\"].id === identity.id;\n const creator = identity && record[\"createdBy\"] && record[\"createdBy\"].id === identity.id;\n\n if (!owner && !creator) {\n throw new NotAuthorizedError({\n data: {\n reason: `You are not the owner of the record.`\n }\n });\n }\n};\n\nexport const validateOwnership = (\n context: CmsContext,\n permission: BaseCmsSecurityPermission,\n record: OwnableRecord\n): boolean => {\n try {\n checkOwnership(context, permission, record);\n return true;\n } catch {\n return false;\n }\n};\n/*\n model access is checking for both specific model or group access\n * if permission has specific models set as access pattern then groups will not matter (although both can be set)\n /\nexport const checkModelAccess = async (context: CmsContext, model: CmsModel): Promise<void> => {\n if (await validateModelAccess(context, model)) {\n return;\n }\n throw new NotAuthorizedError({\n data: {\n reason: `Not allowed to access model \"${model.modelId}\".`\n }\n });\n};\nexport const validateModelAccess = async (\n context: CmsContext,\n model: CmsModel\n): Promise<boolean> => {\n const modelGroupPermission: CmsGroupPermission = await checkPermissions(\n context,\n \"cms.contentModelGroup\",\n { rwd: \"r\" }\n );\n const { groups } = modelGroupPermission;\n\n const modelPermission: CmsModelPermission = await checkPermissions(\n context,\n \"cms.contentModel\",\n {\n rwd: \"r\"\n }\n );\n const { models } = modelPermission;\n // when no models or groups defined on permission\n // it means user has access to everything\n if (!models && !groups) {\n return true;\n }\n const locale = context.cms.getLocale().code;\n // Check whether the model is question belongs to \"content model groups\" for which user has permission.\n if (groups) {\n if (\n Array.isArray(groups[locale]) === false \|\|\n groups[locale].includes(model.group.id) === false\n ) {\n return false;\n }\n }\n // Check whether the model is question belongs to \"content models\" for which user has permission.\n if (models) {\n if (\n Array.isArray(models[locale]) === false \|\|\n models[locale].includes(model.modelId) === false\n ) {\n return false;\n }\n }\n\n return true;\n};\nexport const validateGroupAccess = (\n context: CmsContext,\n permission: CmsGroupPermission,\n group: CmsGroup\n): boolean => {\n const { groups } = permission;\n // when no groups defined on permission\n // it means user has access to everything\n if (!groups) {\n return true;\n }\n const locale = context.cms.getLocale().code;\n // when there is no locale in groups, it means that no access was given\n // this happens when access control was set but no models or groups were added\n if (Array.isArray(groups[locale]) === false \|\| groups[locale].includes(group.id) === false) {\n return false;\n }\n return true;\n};\n\nexport const toSlug = (text: string): string => {\n return slugify(text, {\n replacement: \"-\",\n lower: true,\n remove: /[#\\?<>_\\{\\}\\[\\]+~.()'\"!:;@]/g\n });\n};\n\nexport const filterAsync = async <T = Record<string, any>>(\n items: T[],\n predicate: (param: T) => Promise<boolean>\n): Promise<T[]> => {\n const filteredItems = [];\n\n for (let i = 0; i < items.length; i++) {\n const item = items[i];\n const valid = await predicate(item);\n if (valid) {\n filteredItems.push(item);\n }\n }\n\n return filteredItems;\n};\n"],"mappings":";;;;;;;;;AAAA;;AACA;;AAaO,MAAMA,MAAM,GAAG,CAACC,UAAD,EAAwCC,GAAxC,KAAiE;EACnF,IAAI,OAAOD,UAAU,CAACC,GAAlB,KAA0B,QAA9B,EAAwC;IACpC,OAAO,IAAP;EACH;;EAED,OAAOD,UAAU,CAACC,GAAX,CAAeC,QAAf,CAAwBD,GAAxB,CAAP;AACH,CANM;;;;AAQA,MAAME,KAAK,GAAG,CAACH,UAAD,EAAiCI,EAAjC,KAAyD;EAC1E,MAAMC,QAAQ,GAAGC,MAAM,CAACC,IAAP,CAAYP,UAAZ,EAAwBQ,MAAxB,GAAiC,CAAlD,CAD0E,CACrB;;EAErD,IAAI,CAACH,QAAL,EAAe;IACX;IACA,OAAO,IAAP;EACH;;EAED,IAAI,OAAOL,UAAU,CAACI,EAAlB,KAAyB,QAA7B,EAAuC;IACnC,OAAO,KAAP;EACH;;EAED,OAAOJ,UAAU,CAACI,EAAX,CAAcF,QAAd,CAAuBE,EAAvB,CAAP;AACH,CAbM;;;AAeP,MAAMK,EAA0B,GAAG;EAC/BC,CAAC,EAAE,gBAD4B;EAE/BC,CAAC,EAAE,gBAF4B;EAG/BC,CAAC,EAAE,SAH4B;EAI/BC,CAAC,EAAE;AAJ4B,CAAnC;AAOA,MAAMC,GAA2B,GAAG;EAChCJ,CAAC,EAAE,MAD6B;EAEhCK,CAAC,EAAE,OAF6B;EAGhCC,CAAC,EAAE;AAH6B,CAApC;;AAMO,MAAMC,gBAAgB,GAAG,OAG5BC,OAH4B,EAI5BC,IAJ4B,EAK5BC,KAL4B,KAML;EACvB;EACA,MAAMC,iBAAsB,GAAG,MAAMH,OAAO,CAACI,QAAR,CAAiBC,aAAjB,CAA+B,cAA/B,CAArC;;EAEA,IAAI,CAACF,iBAAL,EAAwB;IACpB,MAAM,IAAIG,+BAAJ,CAAuB;MACzBC,IAAI,EAAE;QACFC,MAAM,EAAE;MADN;IADmB,CAAvB,CAAN;EAKH,CAVsB,CAYvB;;;EACA,MAAMC,IAAI,GAAGT,OAAO,CAACU,GAAR,CAAYC,SAAZ,GAAwBF,IAArC,CAbuB,CAevB;EACA;;EACA,IAAIG,KAAK,CAACC,OAAN,CAAcV,iBAAiB,CAACW,OAAhC,KAA4C,CAACX,iBAAiB,CAACW,OAAlB,CAA0B9B,QAA1B,CAAmCyB,IAAnC,CAAjD,EAA2F;IACvF,MAAM,IAAIH,+BAAJ,CAAuB;MACzBC,IAAI,EAAE;QACFC,MAAM,EAAG,qCAAoCC,IAAK;MADhD;IADmB,CAAvB,CAAN;EAKH;;EAED,MAAM3B,UAAU,GAAG,MAAMkB,OAAO,CAACI,QAAR,CAAiBC,aAAjB,CAA4CJ,IAA5C,CAAzB;;EAEA,IAAI,CAACnB,UAAL,EAAiB;IACb,MAAM,IAAIwB,+BAAJ,CAAuB;MACzBC,IAAI,EAAE;QACFC,MAAM,EAAG,uBAAsBP,IAAK;MADlC;IADmB,CAAvB,CAAN;EAKH;;EAED,IAAI,CAACC,KAAL,EAAY;IACR,OAAOpB,UAAP;EACH;;EAED,IAAIoB,KAAK,CAACnB,GAAN,IAAa,CAACF,MAAM,CAACC,UAAD,EAAaoB,KAAK,CAACnB,GAAnB,CAAxB,EAAiD;IAC7C,MAAM,IAAIuB,+BAAJ,CAAuB;MACzBC,IAAI,EAAE;QACFC,MAAM,EAAG,2BAA0BZ,GAAG,CAACM,KAAK,CAACnB,GAAP,CAAY,SAAQkB,IAAK;MAD7D;IADmB,CAAvB,CAAN;EAKH,CA7CsB,CA+CvB;EACA;EACA;EACA;;;EACA,IAAIC,KAAK,CAAChB,EAAN,IAAY,CAACD,KAAK,CAACH,UAAD,EAAaoB,KAAK,CAAChB,EAAnB,CAAtB,EAA8C;IAC1C,MAAM,IAAIoB,+BAAJ,CAAuB;MACzBC,IAAI,EAAE;QACFC,MAAM,EAAG,2BAA0BjB,EAAE,CAACW,KAAK,CAAChB,EAAP,CAAW,SAAQe,IAAK;MAD3D;IADmB,CAAvB,CAAN;EAKH;;EAED,OAAOnB,UAAP;AACH,CAlEM;;;;AAyEA,MAAMiC,cAAc,GAAG,CAC1Bf,OAD0B,EAE1BlB,UAF0B,EAG1BkC,MAH0B,KAInB;EACP,IAAI,CAAClC,UAAU,CAACmC,GAAhB,EAAqB;IACjB;EACH;;EAED,MAAMC,QAAQ,GAAGlB,OAAO,CAACI,QAAR,CAAiBe,WAAjB,EAAjB;EACA,MAAMC,KAAK,GAAGF,QAAQ,IAAIF,MAAM,CAAC,SAAD,CAAlB,IAAiCA,MAAM,CAAC,SAAD,CAAN,CAAkBK,EAAlB,KAAyBH,QAAQ,CAACG,EAAjF;EACA,MAAMC,OAAO,GAAGJ,QAAQ,IAAIF,MAAM,CAAC,WAAD,CAAlB,IAAmCA,MAAM,CAAC,WAAD,CAAN,CAAoBK,EAApB,KAA2BH,QAAQ,CAACG,EAAvF;;EAEA,IAAI,CAACD,KAAD,IAAU,CAACE,OAAf,EAAwB;IACpB,MAAM,IAAIhB,+BAAJ,CAAuB;MACzBC,IAAI,EAAE;QACFC,MAAM,EAAG;MADP;IADmB,CAAvB,CAAN;EAKH;AACJ,CApBM;;;;AAsBA,MAAMe,iBAAiB,GAAG,CAC7BvB,OAD6B,EAE7BlB,UAF6B,EAG7BkC,MAH6B,KAInB;EACV,IAAI;IACAD,cAAc,CAACf,OAAD,EAAUlB,UAAV,EAAsBkC,MAAtB,CAAd;IACA,OAAO,IAAP;EACH,CAHD,CAGE,MAAM;IACJ,OAAO,KAAP;EACH;AACJ,CAXM;AAYP;AACA;AACA;AACA;;;;;AACO,MAAMQ,gBAAgB,GAAG,OAAOxB,OAAP,EAA4ByB,KAA5B,KAA+D;EAC3F,IAAI,MAAMC,mBAAmB,CAAC1B,OAAD,EAAUyB,KAAV,CAA7B,EAA+C;IAC3C;EACH;;EACD,MAAM,IAAInB,+BAAJ,CAAuB;IACzBC,IAAI,EAAE;MACFC,MAAM,EAAG,gCAA+BiB,KAAK,CAACE,OAAQ;IADpD;EADmB,CAAvB,CAAN;AAKH,CATM;;;;AAUA,MAAMD,mBAAmB,GAAG,OAC/B1B,OAD+B,EAE/ByB,KAF+B,KAGZ;EACnB,MAAMG,oBAAwC,GAAG,MAAM7B,gBAAgB,CACnEC,OADmE,EAEnE,uBAFmE,EAGnE;IAAEjB,GAAG,EAAE;EAAP,CAHmE,CAAvE;EAKA,MAAM;IAAE8C;EAAF,IAAaD,oBAAnB;EAEA,MAAME,eAAmC,GAAG,MAAM/B,gBAAgB,CAC9DC,OAD8D,EAE9D,kBAF8D,EAG9D;IACIjB,GAAG,EAAE;EADT,CAH8D,CAAlE;EAOA,MAAM;IAAEgD;EAAF,IAAaD,eAAnB,CAfmB,CAgBnB;EACA;;EACA,IAAI,CAACC,MAAD,IAAW,CAACF,MAAhB,EAAwB;IACpB,OAAO,IAAP;EACH;;EACD,MAAMG,MAAM,GAAGhC,OAAO,CAACU,GAAR,CAAYC,SAAZ,GAAwBF,IAAvC,CArBmB,CAsBnB;;EACA,IAAIoB,MAAJ,EAAY;IACR,IACIjB,KAAK,CAACC,OAAN,CAAcgB,MAAM,CAACG,MAAD,CAApB,MAAkC,KAAlC,IACAH,MAAM,CAACG,MAAD,CAAN,CAAehD,QAAf,CAAwByC,KAAK,CAACQ,KAAN,CAAYZ,EAApC,MAA4C,KAFhD,EAGE;MACE,OAAO,KAAP;IACH;EACJ,CA9BkB,CA+BnB;;;EACA,IAAIU,MAAJ,EAAY;IACR,IACInB,KAAK,CAACC,OAAN,CAAckB,MAAM,CAACC,MAAD,CAApB,MAAkC,KAAlC,IACAD,MAAM,CAACC,MAAD,CAAN,CAAehD,QAAf,CAAwByC,KAAK,CAACE,OAA9B,MAA2C,KAF/C,EAGE;MACE,OAAO,KAAP;IACH;EACJ;;EAED,OAAO,IAAP;AACH,CA7CM;;;;AA8CA,MAAMO,mBAAmB,GAAG,CAC/BlC,OAD+B,EAE/BlB,UAF+B,EAG/BmD,KAH+B,KAIrB;EACV,MAAM;IAAEJ;EAAF,IAAa/C,UAAnB,CADU,CAEV;EACA;;EACA,IAAI,CAAC+C,MAAL,EAAa;IACT,OAAO,IAAP;EACH;;EACD,MAAMG,MAAM,GAAGhC,OAAO,CAACU,GAAR,CAAYC,SAAZ,GAAwBF,IAAvC,CAPU,CAQV;EACA;;EACA,IAAIG,KAAK,CAACC,OAAN,CAAcgB,MAAM,CAACG,MAAD,CAApB,MAAkC,KAAlC,IAA2CH,MAAM,CAACG,MAAD,CAAN,CAAehD,QAAf,CAAwBiD,KAAK,CAACZ,EAA9B,MAAsC,KAArF,EAA4F;IACxF,OAAO,KAAP;EACH;;EACD,OAAO,IAAP;AACH,CAlBM;;;;AAoBA,MAAMc,MAAM,GAAIC,IAAD,IAA0B;EAC5C,OAAO,IAAAC,gBAAA,EAAQD,IAAR,EAAc;IACjBE,WAAW,EAAE,GADI;IAEjBC,KAAK,EAAE,IAFU;IAGjBC,MAAM,EAAE;EAHS,CAAd,CAAP;AAKH,CANM;;;;AAQA,MAAMC,WAAW,GAAG,OACvBC,KADuB,EAEvBC,SAFuB,KAGR;EACf,MAAMC,aAAa,GAAG,EAAtB;;EAEA,KAAK,IAAIC,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGH,KAAK,CAACpD,MAA1B,EAAkCuD,CAAC,EAAnC,EAAuC;IACnC,MAAMC,IAAI,GAAGJ,KAAK,CAACG,CAAD,CAAlB;IACA,MAAME,KAAK,GAAG,MAAMJ,SAAS,CAACG,IAAD,CAA7B;;IACA,IAAIC,KAAJ,EAAW;MACPH,aAAa,CAACI,IAAd,CAAmBF,IAAnB;IACH;EACJ;;EAED,OAAOF,aAAP;AACH,CAfM"}