befly 3.16.9 → 3.16.10

package/dist/befly.js

@@ -7903,9 +7903,19 @@ async function checkApi(apis) {
         hasError = true;
       }
       const auth = record["auth"];
-      if (auth !== undefined && typeof auth !== "boolean") {
-        Logger.warn(Object.assign({}, omit(record, ["handler"]), { msg: "\u63A5\u53E3\u7684 auth \u5C5E\u6027\u5FC5\u987B\u662F\u5E03\u5C14\u503C (true=\u9700\u767B\u5F55, false=\u516C\u5F00)" }));
-        hasError = true;
+      if (auth !== undefined) {
+        if (typeof auth === "boolean") {} else if (Array.isArray(auth)) {
+          if (auth.length === 0) {
+            Logger.warn(Object.assign({}, omit(record, ["handler"]), { msg: "\u63A5\u53E3\u7684 auth \u6570\u7EC4\u4E0D\u80FD\u4E3A\u7A7A" }));
+            hasError = true;
+          } else if (auth.some((item) => typeof item !== "string" || item.trim() === "")) {
+            Logger.warn(Object.assign({}, omit(record, ["handler"]), { msg: "\u63A5\u53E3\u7684 auth \u6570\u7EC4\u5FC5\u987B\u4E3A\u975E\u7A7A\u5B57\u7B26\u4E32\u6570\u7EC4\uFF08roleType \u5217\u8868\uFF09" }));
+            hasError = true;
+          }
+        } else {
+          Logger.warn(Object.assign({}, omit(record, ["handler"]), { msg: "\u63A5\u53E3\u7684 auth \u5C5E\u6027\u5FC5\u987B\u662F boolean \u6216 string[]" }));
+          hasError = true;
+        }
       }
       const fields = record["fields"];
       if (fields !== undefined && fields !== null && !isPlainObject(fields)) {
@@ -9729,6 +9739,25 @@ var getApiParentPath = (apiPath) => {
     return "";
   return `/${parentSegments.join("/")}`;
 };
+var normalizeAuthForDb = (value) => {
+  if (value === false || value === 0 || value === "0" || value === "\u5426") {
+    return "\u5426";
+  }
+  if (Array.isArray(value)) {
+    const list = value.filter((item) => typeof item === "string").map((item) => item.trim()).filter((item) => item !== "");
+    if (list.length > 0) {
+      return list.join(",");
+    }
+    return "\u662F";
+  }
+  if (typeof value === "string") {
+    const trimmed = value.trim();
+    if (trimmed !== "") {
+      return trimmed;
+    }
+  }
+  return "\u662F";
+};
 async function syncApi(ctx, apis) {
   const tableName = "addon_admin_api";
   if (!ctx.db) {
@@ -9768,12 +9797,13 @@ async function syncApi(ctx, apis) {
     }
     const addonName = typeof addonNameRaw === "string" ? addonNameRaw : "";
     const authRaw = record["auth"];
-    const auth = authRaw === false || authRaw === 0 ? 0 : 1;
+    const auth = normalizeAuthForDb(authRaw);
     const parentPath = getApiParentPath(path);
     apiRouteKeys.add(path);
     const item = allDbApiMap[path];
     if (item) {
-      const shouldUpdate = name !== item.name || path !== item.path || addonName !== item.addonName || parentPath !== item.parentPath || auth !== item.auth;
+      const existingAuth = normalizeAuthForDb(item.auth);
+      const shouldUpdate = name !== item.name || path !== item.path || addonName !== item.addonName || parentPath !== item.parentPath || auth !== existingAuth;
       if (shouldUpdate) {
         updData.push({
           id: item.id,
@@ -13128,6 +13158,7 @@ var permissionHook = {
     if (ctx.api.auth === false) {
       return;
     }
+    const authRule = ctx.api.auth;
     if (typeof ctx.user.id !== "number") {
       ctx.response = ErrorResponse(ctx, "\u672A\u767B\u5F55", 1, null, null, "auth");
       return;
@@ -13135,6 +13166,17 @@ var permissionHook = {
     if (ctx.user.roleCode === "dev") {
       return;
     }
+    if (Array.isArray(authRule)) {
+      const roleType = ctx.user.roleType;
+      if (typeof roleType !== "string" || !authRule.includes(roleType)) {
+        const apiNameLabel = typeof ctx.api.name === "string" && ctx.api.name.length > 0 ? ctx.api.name : null;
+        const apiPathLabel = typeof ctx.route === "string" && ctx.route.length > 0 ? ctx.route : null;
+        const apiLabel = apiNameLabel ? apiNameLabel : apiPathLabel ? apiPathLabel : "\u672A\u77E5\u63A5\u53E3";
+        ctx.response = ErrorResponse(ctx, `\u65E0\u6743\u8BBF\u95EE ${apiLabel} \u63A5\u53E3`, 1, null, { apiLabel }, "permission");
+        return;
+      }
+      return;
+    }
     const apiPath = ctx.route;
     const roleCode = ctx.user.roleCode;
     let hasPermission = false;
@@ -15442,6 +15484,21 @@ class DbSqlError extends Error {
   }
 }
 
+class TransAbortError extends Error {
+  payload;
+  constructor(payload) {
+    super("TRANSACTION_ABORT");
+    this.payload = payload;
+  }
+}
+function isBeflyResponse(value) {
+  if (!isPlainObject(value)) {
+    return false;
+  }
+  const record = value;
+  return typeof record["code"] === "number" && typeof record["msg"] === "string";
+}
+
 class DbHelper {
   redis;
   dbName;
@@ -16069,7 +16126,11 @@ class DbHelper {
   }
   async trans(callback) {
     if (this.isTransaction) {
-      return await callback(this);
+      const innerResult = await callback(this);
+      if (isBeflyResponse(innerResult) && innerResult.code !== 0) {
+        throw new TransAbortError(innerResult);
+      }
+      return innerResult;
     }
     const sql = this.sql;
     if (!sql) {
@@ -16078,10 +16139,21 @@ class DbHelper {
     if (!hasBegin(sql)) {
       throw new Error("\u5F53\u524D SQL \u5BA2\u6237\u7AEF\u4E0D\u652F\u6301\u4E8B\u52A1 begin() \u65B9\u6CD5");
     }
-    return await sql.begin(async (tx) => {
-      const trans = new DbHelper({ redis: this.redis, dbName: this.dbName, sql: tx, idMode: this.idMode });
-      return await callback(trans);
-    });
+    try {
+      return await sql.begin(async (tx) => {
+        const trans = new DbHelper({ redis: this.redis, dbName: this.dbName, sql: tx, idMode: this.idMode });
+        const result = await callback(trans);
+        if (isBeflyResponse(result) && result.code !== 0) {
+          throw new TransAbortError(result);
+        }
+        return result;
+      });
+    } catch (error) {
+      if (error instanceof TransAbortError) {
+        return error.payload;
+      }
+      throw error;
+    }
   }
   async query(sql, params) {
     return await this.executeWithConn(sql, params);