@zenstackhq/runtime 1.0.0-beta.17 → 1.0.0-beta.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -9,8 +9,10 @@ exports.withPolicy = void 0;
|
|
|
9
9
|
const path_1 = __importDefault(require("path"));
|
|
10
10
|
const semver_1 = __importDefault(require("semver"));
|
|
11
11
|
const constants_1 = require("../../constants");
|
|
12
|
+
const validation_1 = require("../../validation");
|
|
12
13
|
const model_meta_1 = require("../model-meta");
|
|
13
14
|
const proxy_1 = require("../proxy");
|
|
15
|
+
const utils_1 = require("../utils");
|
|
14
16
|
const handler_1 = require("./handler");
|
|
15
17
|
/**
|
|
16
18
|
* Gets an enhanced Prisma client with access policy check.
|
|
@@ -32,6 +34,13 @@ function withPolicy(prisma, context, options) {
|
|
|
32
34
|
const _policy = (_a = options === null || options === void 0 ? void 0 : options.policy) !== null && _a !== void 0 ? _a : getDefaultPolicy();
|
|
33
35
|
const _modelMeta = (_b = options === null || options === void 0 ? void 0 : options.modelMeta) !== null && _b !== void 0 ? _b : (0, model_meta_1.getDefaultModelMeta)();
|
|
34
36
|
const _zodSchemas = (_c = options === null || options === void 0 ? void 0 : options.zodSchemas) !== null && _c !== void 0 ? _c : getDefaultZodSchemas();
|
|
37
|
+
// validate user context
|
|
38
|
+
if (context === null || context === void 0 ? void 0 : context.user) {
|
|
39
|
+
const idFields = (0, utils_1.getIdFields)(_modelMeta, 'User');
|
|
40
|
+
if (!(0, validation_1.hasAllFields)(context.user, idFields.map((f) => f.name))) {
|
|
41
|
+
throw new Error(`Invalid user context: must have valid ID field ${idFields.map((f) => `"${f.name}"`).join(', ')}`);
|
|
42
|
+
}
|
|
43
|
+
}
|
|
35
44
|
return (0, proxy_1.makeProxy)(prisma, _modelMeta, (_prisma, model) => new handler_1.PolicyProxyHandler(_prisma, _policy, _modelMeta, _zodSchemas, model, context === null || context === void 0 ? void 0 : context.user, options === null || options === void 0 ? void 0 : options.logPrismaQuery), 'policy');
|
|
36
45
|
}
|
|
37
46
|
exports.withPolicy = withPolicy;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/enhancements/policy/index.ts"],"names":[],"mappings":";AAAA,uDAAuD;AACvD,uDAAuD;;;;;;AAEvD,gDAAwB;AACxB,oDAA4B;AAC5B,+CAAyD;AAEzD,8CAAoD;AACpD,oCAAqC;AAErC,uCAA+C;AAkC/C;;;;;;;GAOG;AACH,SAAgB,UAAU,CACtB,MAAgB,EAChB,OAA2B,EAC3B,OAA2B;;IAE3B,IAAI,CAAC,MAAM,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;KAC9C;IAED,MAAM,SAAS,GAAI,MAAc,CAAC,cAAc,CAAC;IACjD,IAAI,SAAS,IAAI,gBAAM,CAAC,EAAE,CAAC,SAAS,EAAE,kCAAsB,CAAC,EAAE;QAC3D,OAAO,CAAC,IAAI,CACR,qCAAqC,kCAAsB,qCAAqC,SAAS,IAAI,CAChH,CAAC;KACL;IAED,MAAM,OAAO,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,mCAAI,gBAAgB,EAAE,CAAC;IACtD,MAAM,UAAU,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,mCAAI,IAAA,gCAAmB,GAAE,CAAC;IAC/D,MAAM,WAAW,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,UAAU,mCAAI,oBAAoB,EAAE,CAAC;IAElE,OAAO,IAAA,iBAAS,EACZ,MAAM,EACN,UAAU,EACV,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CACf,IAAI,4BAAkB,CAClB,OAA2B,EAC3B,OAAO,EACP,UAAU,EACV,WAAW,EACX,KAAK,EACL,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EACb,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,CAC1B,EACL,QAAQ,CACX,CAAC;AACN,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/enhancements/policy/index.ts"],"names":[],"mappings":";AAAA,uDAAuD;AACvD,uDAAuD;;;;;;AAEvD,gDAAwB;AACxB,oDAA4B;AAC5B,+CAAyD;AAEzD,iDAAgD;AAChD,8CAAoD;AACpD,oCAAqC;AAErC,oCAAuC;AACvC,uCAA+C;AAkC/C;;;;;;;GAOG;AACH,SAAgB,UAAU,CACtB,MAAgB,EAChB,OAA2B,EAC3B,OAA2B;;IAE3B,IAAI,CAAC,MAAM,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;KAC9C;IAED,MAAM,SAAS,GAAI,MAAc,CAAC,cAAc,CAAC;IACjD,IAAI,SAAS,IAAI,gBAAM,CAAC,EAAE,CAAC,SAAS,EAAE,kCAAsB,CAAC,EAAE;QAC3D,OAAO,CAAC,IAAI,CACR,qCAAqC,kCAAsB,qCAAqC,SAAS,IAAI,CAChH,CAAC;KACL;IAED,MAAM,OAAO,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,mCAAI,gBAAgB,EAAE,CAAC;IACtD,MAAM,UAAU,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,mCAAI,IAAA,gCAAmB,GAAE,CAAC;IAC/D,MAAM,WAAW,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,UAAU,mCAAI,oBAAoB,EAAE,CAAC;IAElE,wBAAwB;IACxB,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EAAE;QACf,MAAM,QAAQ,GAAG,IAAA,mBAAW,EAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QACjD,IACI,CAAC,IAAA,yBAAY,EACT,OAAO,CAAC,IAAI,EACZ,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAC9B,EACH;YACE,MAAM,IAAI,KAAK,CACX,kDAAkD,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACpG,CAAC;SACL;KACJ;IAED,OAAO,IAAA,iBAAS,EACZ,MAAM,EACN,UAAU,EACV,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CACf,IAAI,4BAAkB,CAClB,OAA2B,EAC3B,OAAO,EACP,UAAU,EACV,WAAW,EACX,KAAK,EACL,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EACb,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,CAC1B,EACL,QAAQ,CACX,CAAC;AACN,CAAC;AAlDD,gCAkDC;AAED,SAAS,gBAAgB;IACrB,IAAI;QACA,OAAO,OAAO,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC;KAC9C;IAAC,WAAM;QACJ,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE;YACnC,IAAI;gBACA,uEAAuE;gBACvE,OAAO,OAAO,CAAC,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC;aAC3F;YAAC,WAAM;gBACJ,MAAM,IAAI,KAAK,CACX,8GAA8G,CACjH,CAAC;aACL;SACJ;QACD,MAAM,IAAI,KAAK,CACX,8GAA8G,CACjH,CAAC;KACL;AACL,CAAC;AAED,SAAS,oBAAoB;IACzB,IAAI;QACA,8DAA8D;QAC9D,OAAO,OAAO,CAAC,eAAe,CAAC,CAAC;KACnC;IAAC,WAAM;QACJ,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE;YACnC,IAAI;gBACA,uEAAuE;gBACvE,OAAO,OAAO,CAAC,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;aAChF;YAAC,WAAM;gBACJ,OAAO,SAAS,CAAC;aACpB;SACJ;QACD,OAAO,SAAS,CAAC;KACpB;AACL,CAAC"}
|
package/enhancements/utils.js
CHANGED
|
@@ -43,9 +43,14 @@ exports.getModelFields = getModelFields;
|
|
|
43
43
|
* Gets id fields for the given model.
|
|
44
44
|
*/
|
|
45
45
|
function getIdFields(modelMeta, model, throwIfNotFound = false) {
|
|
46
|
-
|
|
46
|
+
let fields = modelMeta.fields[(0, lower_case_first_1.lowerCaseFirst)(model)];
|
|
47
47
|
if (!fields) {
|
|
48
|
-
|
|
48
|
+
if (throwIfNotFound) {
|
|
49
|
+
throw new Error(`Unable to load fields for ${model}`);
|
|
50
|
+
}
|
|
51
|
+
else {
|
|
52
|
+
fields = {};
|
|
53
|
+
}
|
|
49
54
|
}
|
|
50
55
|
const result = Object.values(fields).filter((f) => f.isId);
|
|
51
56
|
if (result.length === 0 && throwIfNotFound) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/enhancements/utils.ts"],"names":[],"mappings":";AAAA,uDAAuD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEvD,uDAAkD;AAClD,gDAAwB;AACxB,2CAA6B;AAC7B,4CAAgD;AAIhD;;GAEG;AACH,SAAgB,cAAc,CAAC,IAAY;IACvC,OAAO,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,4BAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACtF,CAAC;AAFD,wCAEC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,SAAoB,EAAE,KAAa,EAAE,eAAe,GAAG,KAAK;IACpF,
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/enhancements/utils.ts"],"names":[],"mappings":";AAAA,uDAAuD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEvD,uDAAkD;AAClD,gDAAwB;AACxB,2CAA6B;AAC7B,4CAAgD;AAIhD;;GAEG;AACH,SAAgB,cAAc,CAAC,IAAY;IACvC,OAAO,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,4BAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACtF,CAAC;AAFD,wCAEC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,SAAoB,EAAE,KAAa,EAAE,eAAe,GAAG,KAAK;IACpF,IAAI,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,IAAA,iCAAc,EAAC,KAAK,CAAC,CAAC,CAAC;IACrD,IAAI,CAAC,MAAM,EAAE;QACT,IAAI,eAAe,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;SACzD;aAAM;YACH,MAAM,GAAG,EAAE,CAAC;SACf;KACJ;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAC3D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,eAAe,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,SAAS,KAAK,4BAA4B,CAAC,CAAC;KAC/D;IACD,OAAO,MAAM,CAAC;AAClB,CAAC;AAdD,kCAcC;AAOD;;GAEG;AACH,SAAgB,SAAS,CAAI,CAAgB;IACzC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,SAAS,EAAE;QAC/B,OAAO,EAAE,CAAC;KACb;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;QACzB,OAAO,CAAC,CAAC;KACZ;SAAM;QACH,OAAO,CAAC,CAAC,CAAC,CAAC;KACd;AACL,CAAC;AARD,8BAQC;AAED;;GAEG;AACH,SAAgB,YAAY,CAAC,KAAc;IACvC,OAAO,IAAI,CAAC,iBAAiB,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;AACxD,CAAC;AAFD,oCAEC;AAED,IAAI,4BAA+D,CAAC;AACpE,IAAI,8BAAiE,CAAC;AACtE,IAAI,gCAAmE,CAAC;AAExE,uDAAuD;AACvD,SAAS,gBAAgB,CAAC,MAAW;;IACjC,qDAAqD;IACrD,IAAI,MAAA,MAAM,CAAC,aAAa,0CAAE,aAAa,EAAE;QACrC,wBAAwB;QACxB,MAAM,QAAQ,GAAG,cAAI,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QAClE,IAAI;YACA,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;YACzC,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE;gBAChC,OAAO,OAAO,CAAC;aAClB;SACJ;QAAC,WAAM;YACJ,OAAO;SACV;KACJ;IAED,IAAI;QACA,YAAY;QACZ,OAAO,OAAO,CAAC,wBAAwB,CAAC,CAAC;KAC5C;IAAC,WAAM;QACJ,IAAI;YACA,YAAY;YACZ,OAAO,OAAO,CAAC,gBAAgB,CAAC,CAAC;SACpC;QAAC,OAAO,GAAG,EAAE;YACV,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE;gBACnC,2BAA2B;gBAC3B,IAAI;oBACA,OAAO,OAAO,CAAC,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,qCAAqC,CAAC,CAAC,CAAC;iBACnF;gBAAC,WAAM;oBACJ,OAAO,OAAO,CAAC,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,6BAA6B,CAAC,CAAC,CAAC;iBAC3E;aACJ;iBAAM;gBACH,MAAM,GAAG,CAAC;aACb;SACJ;KACJ;AACL,CAAC;AAED,SAAgB,2BAA2B,CAAC,MAAwB,EAAE,GAAG,IAAe;IACpF,IAAI,CAAC,4BAA4B,EAAE;QAC/B,MAAM,OAAO,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACzC,4BAA4B,GAAG,OAAO,CAAC,2BAA2B,CAAC;KACtE;IACD,MAAM,IAAI,4BAA4B,CAAC,GAAG,IAAI,CAAC,CAAC;AACpD,CAAC;AAND,kEAMC;AAED,SAAgB,6BAA6B,CAAC,MAAwB,EAAE,GAAG,IAAe;IACtF,IAAI,CAAC,8BAA8B,EAAE;QACjC,MAAM,OAAO,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACzC,8BAA8B,GAAG,OAAO,CAAC,6BAA6B,CAAC;KAC1E;IACD,OAAO,IAAI,8BAA8B,CAAC,GAAG,IAAI,CAAC,CAAC;AACvD,CAAC;AAND,sEAMC;AAED,SAAgB,+BAA+B,CAAC,MAAwB,EAAE,GAAG,IAAe;IACxF,IAAI,CAAC,gCAAgC,EAAE;QACnC,MAAM,OAAO,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACzC,gCAAgC,GAAG,OAAO,CAAC,+BAA+B,CAAC;KAC9E;IACD,MAAM,IAAI,gCAAgC,CAAC,GAAG,IAAI,CAAC,CAAC;AACxD,CAAC;AAND,0EAMC"}
|
package/package.json
CHANGED