npm - @wecode-team/cms-supabase-api - Versions diffs - 0.1.33 → 0.1.34 - Mend

@wecode-team/cms-supabase-api 0.1.33 → 0.1.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.js CHANGED Viewed

@@ -2706,6 +2706,130 @@ function getAuthService() {
   return defaultService;
 }
+var ADMIN_REGISTRY_TABLE = "_cms_admin_registry";
+var ensured = false;
+function normalizeSessionId(sessionId) {
+  // 统一将连字符转换为下划线，确保 UUID 格式一致性
+  // 例如：1047aab4-eecb-4538-ad8d-b5847e762f30 和 1047aab4_eecb_4538_ad8d_b5847e762f30 被视为相同
+  return (sessionId || "").trim().replace(/-/g, "_");
+}
+/**
+ * 从前端传来的 auth tableName 中提取 session_id
+ * 约定：auth tableName 形如 `${sessionId}_cms_users`；无前缀则为 `cms_users`
+ */
+function extractSessionIdFromAuthTableName(tableName) {
+  var name = (tableName || "").trim();
+  if (!name) return "";
+  if (name === "cms_users") return "";
+  if (name.endsWith("_cms_users")) return name.slice(0, -"_cms_users".length);
+  // 兼容：如果传入的不是 cms_users，也允许把最后一个 "_cms_users" 前缀当作 session
+  var idx = name.lastIndexOf("_cms_users");
+  if (idx > 0) return name.slice(0, idx);
+  return "";
+}
+function ensureAdminRegistryTable(_x) {
+  return _ensureAdminRegistryTable.apply(this, arguments);
+}
+function _ensureAdminRegistryTable() {
+  _ensureAdminRegistryTable = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee(supabase) {
+    var _yield$supabase$from$, error;
+    return _regeneratorRuntime.wrap(function (_context) {
+      while (1) switch (_context.prev = _context.next) {
+        case 0:
+          if (!ensured) {
+            _context.next = 1;
+            break;
+          }
+          return _context.abrupt("return", true);
+        case 1:
+          _context.prev = 1;
+          _context.next = 2;
+          return supabase.from(ADMIN_REGISTRY_TABLE).select("session_id").limit(1);
+        case 2:
+          _yield$supabase$from$ = _context.sent;
+          error = _yield$supabase$from$.error;
+          if (error) {
+            _context.next = 3;
+            break;
+          }
+          ensured = true;
+          return _context.abrupt("return", true);
+        case 3:
+          _context.next = 5;
+          break;
+        case 4:
+          _context.prev = 4;
+          _context["catch"](1);
+        case 5:
+          return _context.abrupt("return", false);
+        case 6:
+        case "end":
+          return _context.stop();
+      }
+    }, _callee, null, [[1, 4]]);
+  }));
+  return _ensureAdminRegistryTable.apply(this, arguments);
+}
+function getSessionAdminRow(_x2, _x3) {
+  return _getSessionAdminRow.apply(this, arguments);
+}
+function _getSessionAdminRow() {
+  _getSessionAdminRow = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee2(supabase, sessionId) {
+    var sid, _yield$supabase$from$2, data, error;
+    return _regeneratorRuntime.wrap(function (_context2) {
+      while (1) switch (_context2.prev = _context2.next) {
+        case 0:
+          sid = normalizeSessionId(sessionId);
+          _context2.next = 1;
+          return supabase.from(ADMIN_REGISTRY_TABLE).select("session_id,user_id,email").eq("session_id", sid).maybeSingle();
+        case 1:
+          _yield$supabase$from$2 = _context2.sent;
+          data = _yield$supabase$from$2.data;
+          error = _yield$supabase$from$2.error;
+          if (!(error || !data)) {
+            _context2.next = 2;
+            break;
+          }
+          return _context2.abrupt("return", null);
+        case 2:
+          return _context2.abrupt("return", data);
+        case 3:
+        case "end":
+          return _context2.stop();
+      }
+    }, _callee2);
+  }));
+  return _getSessionAdminRow.apply(this, arguments);
+}
+function isUserSessionAdmin(_x4, _x5, _x6) {
+  return _isUserSessionAdmin.apply(this, arguments);
+}
+function _isUserSessionAdmin() {
+  _isUserSessionAdmin = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee3(supabase, sessionId, userId) {
+    var row;
+    return _regeneratorRuntime.wrap(function (_context3) {
+      while (1) switch (_context3.prev = _context3.next) {
+        case 0:
+          _context3.next = 1;
+          return getSessionAdminRow(supabase, sessionId);
+        case 1:
+          row = _context3.sent;
+          if (row) {
+            _context3.next = 2;
+            break;
+          }
+          return _context3.abrupt("return", false);
+        case 2:
+          return _context3.abrupt("return", row.user_id === userId);
+        case 3:
+        case "end":
+          return _context3.stop();
+      }
+    }, _callee3);
+  }));
+  return _isUserSessionAdmin.apply(this, arguments);
+}
 // 初始化Supabase连接和CMS系统
 function initializeSystem() {
   return _initializeSystem.apply(this, arguments);
@@ -2746,7 +2870,7 @@ function getModels(_x) {
 // POST - 创建新模型
 function _getModels() {
   _getModels = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee2(c) {
-    var cmsModelService, page, limit, name, models, total, offset, paginatedModels, response, _response, _t2;
+    var cmsModelService, page, limit, name, sessionId, models, tablePrefix, total, offset, paginatedModels, response, _response, _t2;
     return _regeneratorRuntime.wrap(function (_context2) {
       while (1) switch (_context2.prev = _context2.next) {
         case 0:
@@ -2757,11 +2881,19 @@ function _getModels() {
           cmsModelService = getCmsModelService();
           page = parseInt(c.req.query("page") || "1");
           limit = parseInt(c.req.query("limit") || "10");
-          name = c.req.query("name"); // 获取所有模型
+          name = c.req.query("name"); // 获取当前请求的 session_id
+          sessionId = normalizeSessionId(c.req.header("X-Session-Id") || c.req.header("x-session-id")); // 获取所有模型
           _context2.next = 2;
           return cmsModelService.findAll();
         case 2:
           models = _context2.sent;
+          // 根据 session_id 过滤模型（只返回属于当前 session 的表）
+          if (sessionId) {
+            tablePrefix = sessionId + "_";
+            models = models.filter(function (model) {
+              return model.table_name.startsWith(tablePrefix);
+            });
+          }
           // 如果有名称过滤
           if (name) {
             models = models.filter(function (model) {
@@ -4221,130 +4353,6 @@ var AuthUtils = /*#__PURE__*/function () {
   }]);
 }();
-var ADMIN_REGISTRY_TABLE = "_cms_admin_registry";
-var ensured = false;
-function normalizeSessionId(sessionId) {
-  // 统一将连字符转换为下划线，确保 UUID 格式一致性
-  // 例如：1047aab4-eecb-4538-ad8d-b5847e762f30 和 1047aab4_eecb_4538_ad8d_b5847e762f30 被视为相同
-  return (sessionId || "").trim().replace(/-/g, "_");
-}
-/**
- * 从前端传来的 auth tableName 中提取 session_id
- * 约定：auth tableName 形如 `${sessionId}_cms_users`；无前缀则为 `cms_users`
- */
-function extractSessionIdFromAuthTableName(tableName) {
-  var name = (tableName || "").trim();
-  if (!name) return "";
-  if (name === "cms_users") return "";
-  if (name.endsWith("_cms_users")) return name.slice(0, -"_cms_users".length);
-  // 兼容：如果传入的不是 cms_users，也允许把最后一个 "_cms_users" 前缀当作 session
-  var idx = name.lastIndexOf("_cms_users");
-  if (idx > 0) return name.slice(0, idx);
-  return "";
-}
-function ensureAdminRegistryTable(_x) {
-  return _ensureAdminRegistryTable.apply(this, arguments);
-}
-function _ensureAdminRegistryTable() {
-  _ensureAdminRegistryTable = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee(supabase) {
-    var _yield$supabase$from$, error;
-    return _regeneratorRuntime.wrap(function (_context) {
-      while (1) switch (_context.prev = _context.next) {
-        case 0:
-          if (!ensured) {
-            _context.next = 1;
-            break;
-          }
-          return _context.abrupt("return", true);
-        case 1:
-          _context.prev = 1;
-          _context.next = 2;
-          return supabase.from(ADMIN_REGISTRY_TABLE).select("session_id").limit(1);
-        case 2:
-          _yield$supabase$from$ = _context.sent;
-          error = _yield$supabase$from$.error;
-          if (error) {
-            _context.next = 3;
-            break;
-          }
-          ensured = true;
-          return _context.abrupt("return", true);
-        case 3:
-          _context.next = 5;
-          break;
-        case 4:
-          _context.prev = 4;
-          _context["catch"](1);
-        case 5:
-          return _context.abrupt("return", false);
-        case 6:
-        case "end":
-          return _context.stop();
-      }
-    }, _callee, null, [[1, 4]]);
-  }));
-  return _ensureAdminRegistryTable.apply(this, arguments);
-}
-function getSessionAdminRow(_x2, _x3) {
-  return _getSessionAdminRow.apply(this, arguments);
-}
-function _getSessionAdminRow() {
-  _getSessionAdminRow = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee2(supabase, sessionId) {
-    var sid, _yield$supabase$from$2, data, error;
-    return _regeneratorRuntime.wrap(function (_context2) {
-      while (1) switch (_context2.prev = _context2.next) {
-        case 0:
-          sid = normalizeSessionId(sessionId);
-          _context2.next = 1;
-          return supabase.from(ADMIN_REGISTRY_TABLE).select("session_id,user_id,email").eq("session_id", sid).maybeSingle();
-        case 1:
-          _yield$supabase$from$2 = _context2.sent;
-          data = _yield$supabase$from$2.data;
-          error = _yield$supabase$from$2.error;
-          if (!(error || !data)) {
-            _context2.next = 2;
-            break;
-          }
-          return _context2.abrupt("return", null);
-        case 2:
-          return _context2.abrupt("return", data);
-        case 3:
-        case "end":
-          return _context2.stop();
-      }
-    }, _callee2);
-  }));
-  return _getSessionAdminRow.apply(this, arguments);
-}
-function isUserSessionAdmin(_x4, _x5, _x6) {
-  return _isUserSessionAdmin.apply(this, arguments);
-}
-function _isUserSessionAdmin() {
-  _isUserSessionAdmin = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee3(supabase, sessionId, userId) {
-    var row;
-    return _regeneratorRuntime.wrap(function (_context3) {
-      while (1) switch (_context3.prev = _context3.next) {
-        case 0:
-          _context3.next = 1;
-          return getSessionAdminRow(supabase, sessionId);
-        case 1:
-          row = _context3.sent;
-          if (row) {
-            _context3.next = 2;
-            break;
-          }
-          return _context3.abrupt("return", false);
-        case 2:
-          return _context3.abrupt("return", row.user_id === userId);
-        case 3:
-        case "end":
-          return _context3.stop();
-      }
-    }, _callee3);
-  }));
-  return _isUserSessionAdmin.apply(this, arguments);
-}
 function getRoleFromSupabaseUser$2(user) {
   var _user$app_metadata, _user$user_metadata;
   var appRole = user === null || user === void 0 || (_user$app_metadata = user.app_metadata) === null || _user$app_metadata === void 0 ? void 0 : _user$app_metadata.role;