@zenstackhq/language 3.0.0-beta.5 → 3.0.0-beta.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +5 -5
- package/res/stdlib.zmodel +53 -6
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@zenstackhq/language",
|
|
3
3
|
"description": "ZenStack ZModel language specification",
|
|
4
|
-
"version": "3.0.0-beta.
|
|
4
|
+
"version": "3.0.0-beta.6",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "ZenStack Team",
|
|
7
7
|
"files": [
|
|
@@ -56,10 +56,10 @@
|
|
|
56
56
|
"glob": "^11.0.2",
|
|
57
57
|
"langium-cli": "3.5.0",
|
|
58
58
|
"tmp": "^0.2.3",
|
|
59
|
-
"@zenstackhq/common-helpers": "3.0.0-beta.
|
|
60
|
-
"@zenstackhq/eslint-config": "3.0.0-beta.
|
|
61
|
-
"@zenstackhq/vitest-config": "3.0.0-beta.
|
|
62
|
-
"@zenstackhq/typescript-config": "3.0.0-beta.
|
|
59
|
+
"@zenstackhq/common-helpers": "3.0.0-beta.6",
|
|
60
|
+
"@zenstackhq/eslint-config": "3.0.0-beta.6",
|
|
61
|
+
"@zenstackhq/vitest-config": "3.0.0-beta.6",
|
|
62
|
+
"@zenstackhq/typescript-config": "3.0.0-beta.6"
|
|
63
63
|
},
|
|
64
64
|
"volta": {
|
|
65
65
|
"node": "18.19.1",
|
package/res/stdlib.zmodel
CHANGED
|
@@ -116,12 +116,6 @@ function autoincrement(): Int {
|
|
|
116
116
|
function dbgenerated(expr: String?): Any {
|
|
117
117
|
} @@@expressionContext([DefaultValue])
|
|
118
118
|
|
|
119
|
-
/**
|
|
120
|
-
* Gets entities value before an update. Only valid when used in a "update" policy rule.
|
|
121
|
-
*/
|
|
122
|
-
function future(): Any {
|
|
123
|
-
} @@@expressionContext([AccessPolicy])
|
|
124
|
-
|
|
125
119
|
/**
|
|
126
120
|
* Checks if the field value contains the search string. By default, the search is case-sensitive, and
|
|
127
121
|
* "LIKE" operator is used to match. If `caseInSensitive` is true, "ILIKE" operator is used if
|
|
@@ -663,3 +657,56 @@ attribute @meta(_ name: String, _ value: Any)
|
|
|
663
657
|
* Marks an attribute as deprecated.
|
|
664
658
|
*/
|
|
665
659
|
attribute @@@deprecated(_ message: String)
|
|
660
|
+
|
|
661
|
+
/* --- Policy Plugin --- */
|
|
662
|
+
|
|
663
|
+
/**
|
|
664
|
+
* Defines an access policy that allows a set of operations when the given condition is true.
|
|
665
|
+
*
|
|
666
|
+
* @param operation: comma-separated list of "create", "read", "update", "delete". Use "all" to denote all operations.
|
|
667
|
+
* @param condition: a boolean expression that controls if the operation should be allowed.
|
|
668
|
+
*/
|
|
669
|
+
attribute @@allow(_ operation: String @@@completionHint(["'create'", "'read'", "'update'", "'delete'", "'all'"]), _ condition: Boolean)
|
|
670
|
+
|
|
671
|
+
/**
|
|
672
|
+
* Defines an access policy that allows the annotated field to be read or updated.
|
|
673
|
+
* You can pass a third argument as `true` to make it override the model-level policies.
|
|
674
|
+
*
|
|
675
|
+
* @param operation: comma-separated list of "create", "read", "update", "delete". Use "all" to denote all operations.
|
|
676
|
+
* @param condition: a boolean expression that controls if the operation should be allowed.
|
|
677
|
+
* @param override: a boolean value that controls if the field-level policy should override the model-level policy.
|
|
678
|
+
*/
|
|
679
|
+
attribute @allow(_ operation: String @@@completionHint(["'create'", "'read'", "'update'", "'delete'", "'all'"]), _ condition: Boolean, _ override: Boolean?)
|
|
680
|
+
|
|
681
|
+
/**
|
|
682
|
+
* Defines an access policy that denies a set of operations when the given condition is true.
|
|
683
|
+
*
|
|
684
|
+
* @param operation: comma-separated list of "create", "read", "update", "delete". Use "all" to denote all operations.
|
|
685
|
+
* @param condition: a boolean expression that controls if the operation should be denied.
|
|
686
|
+
*/
|
|
687
|
+
attribute @@deny(_ operation: String @@@completionHint(["'create'", "'read'", "'update'", "'delete'", "'all'"]), _ condition: Boolean)
|
|
688
|
+
|
|
689
|
+
/**
|
|
690
|
+
* Defines an access policy that denies the annotated field to be read or updated.
|
|
691
|
+
*
|
|
692
|
+
* @param operation: comma-separated list of "create", "read", "update", "delete". Use "all" to denote all operations.
|
|
693
|
+
* @param condition: a boolean expression that controls if the operation should be denied.
|
|
694
|
+
*/
|
|
695
|
+
attribute @deny(_ operation: String @@@completionHint(["'create'", "'read'", "'update'", "'delete'", "'all'"]), _ condition: Boolean)
|
|
696
|
+
|
|
697
|
+
/**
|
|
698
|
+
* Checks if the current user can perform the given operation on the given field.
|
|
699
|
+
*
|
|
700
|
+
* @param field: The field to check access for
|
|
701
|
+
* @param operation: The operation to check access for. Can be "read", "create", "update", or "delete". If the operation is not provided,
|
|
702
|
+
* it defaults the operation of the containing policy rule.
|
|
703
|
+
*/
|
|
704
|
+
function check(field: Any, operation: String?): Boolean {
|
|
705
|
+
} @@@expressionContext([AccessPolicy])
|
|
706
|
+
|
|
707
|
+
/**
|
|
708
|
+
* Gets entities value before an update. Only valid when used in a "update" policy rule.
|
|
709
|
+
*/
|
|
710
|
+
function future(): Any {
|
|
711
|
+
} @@@expressionContext([AccessPolicy])
|
|
712
|
+
|