chyz 1.0.13-rc.11 → 1.0.13-rc.16

package/package.json

@@ -1,13 +1,12 @@
 {
   "name": "chyz",
-  "version": " 1.0.13-rc.11",
+  "version": " 1.0.13-rc.16",
   "description": "Nodejs Micro service Framework",
   "main": "dist/index.js",
   "scripts": {
     "dev": "nodemon -t --trace-warnings index.ts",
     "debug": "ts-node index.ts",
     "build": "rmdir /S /Q .\\dist && npx tsc && xcopy .\\log .\\dist\\log /e /i /h /Y && copy .\\package.json .\\dist\\package.json",
-    "publish": "npm publish",
     "test": "echo \"Error: no test specified\" && exit 1",
     "postversion": "git push && git push --tags"
   },

package/rbac/AuthManager.ts

@@ -1,4 +1,4 @@
-import {Component, ModelManager} from "../base";
+import {Component, DataErrorDbException, InvalidConfigException, ModelManager, UnauthorizedHttpException} from "../base";
 import {BaseChyz, InvalidArgumentException} from "../index";
 import Utils from "../requiments/Utils";
 
@@ -9,7 +9,7 @@ interface Role {
     description: string;
     ruleName: string;
     data: string;
-    params:string;
+    params: string;
 }
 
 interface Permission {
@@ -18,7 +18,7 @@ interface Permission {
     description: string;
     ruleName: string;
     data: string;
-    params:string;
+    params: string;
 }
 
 
@@ -42,7 +42,7 @@ export class AuthManager extends Component {
      *
      */
 
-    public async checkAccess(userId: number, permissionName: string, params: any[] = []) {
+    public async checkAccess(userId: number, permissionName: string, params: any[] = []): Promise<boolean> {
         let assignments: any;
         if (!this.checkAccessAssignments[userId.toString()]) {
             assignments = await this.getAssignments(userId);
@@ -66,7 +66,7 @@ export class AuthManager extends Component {
 
     }
 
-    public async checkAccessRecursive(user: string | number, itemname: string, params: any[], assignments: any[]) {
+    public async checkAccessRecursive(user: string | number, itemname: string, params: any[], assignments: any): Promise<boolean> {
         let item: any = await this.getItem(itemname);
         if (!item) return false;
 
@@ -75,6 +75,10 @@ export class AuthManager extends Component {
          * Rule test edilmeli
          */
 
+        if (assignments[itemname] || Utils.find(this.defaultRoles, itemname)) {
+            return true;
+        }
+
         /**
          * item child
          */
@@ -344,11 +348,15 @@ export class AuthManager extends Component {
         }
 
         let assignments: any = {};
-        let as = await ModelManager.AuthAssignment.findAll({where: {user_id: userId.toString()}});
-        for (const a of as) {
-            assignments[a["item_name"]] = a;
-        }
+        try {
 
+            let as = await ModelManager.AuthAssignment.findAll({where: {user_id: userId.toString()}});
+            for (const a of as) {
+                assignments[a["item_name"]] = a;
+            }
+        } catch (e) {
+            throw new InvalidConfigException('The user application component must be available to specify roles in AccessRule.');
+        }
         return assignments;
     }
 

package/web/WebUser.ts

@@ -9,6 +9,8 @@ import {Component} from "../base/Component";
 import {ForbiddenHttpException} from "../base/ForbiddenHttpException";
 import {InvalidConfigException} from "../base/InvalidConfigException";
 import {IdentityInterface} from "./IdentityInterface";
+import Utils from "../requiments/Utils";
+import {AuthManager} from "../rbac/AuthManager";
 
 export class WebUser extends Component {
 
@@ -17,6 +19,13 @@ export class WebUser extends Component {
      */
     public identityClass: any;
     private _identity: any;
+    /**
+     * @var CheckAccessInterface|string|array The access checker object to use for checking access or the application
+     * component ID of the access checker.
+     * If not set the application auth manager will be used.
+     * @since 2.0.9
+     */
+    public accessChecker: any = null;
 
 
     get identity() {
@@ -75,7 +84,7 @@ export class WebUser extends Component {
             if (this.identity && this.login(this.identity)) {
                 return this.identity;
             }
-        }else{
+        } else {
             BaseChyz.error("WebUser::findIdentityByAccessToken undefined")
         }
         return null;
@@ -97,4 +106,82 @@ export class WebUser extends Component {
     public afterLogin() {
 
     }
+
+    public getId() {
+        let identity = this.getIdentity();
+        return identity !== null ? identity.getId() : null;
+    }
+
+    /**
+     * Checks if the user can perform the operation as specified by the given permission.
+     *
+     * Note that you must configure "authManager" application component in order to use this method.
+     * Otherwise it will always return false.
+     *
+     * @param string $permissionName the name of the permission (e.g. "edit post") that needs access check.
+     * @param array $params name-value pairs that would be passed to the rules associated
+     * with the roles and permissions assigned to the user.
+     * @param bool $allowCaching whether to allow caching the result of access check.
+     * When this parameter is true (default), if the access check of an operation was performed
+     * before, its result will be directly returned when calling this method to check the same
+     * operation. If this parameter is false, this method will always call
+     * [[\yii\rbac\CheckAccessInterface::checkAccess()]] to obtain the up-to-date access result. Note that this
+     * caching is effective only within the same request and only works when `$params = []`.
+     * @return bool whether the user can perform the operation as specified by the given permission.
+     */
+    // public function can($permissionName, $params = [], $allowCaching = true)
+    // {
+    //     if ($allowCaching && empty($params) && isset($this->_access[$permissionName])) {
+    //         return $this->_access[$permissionName];
+    //     }
+    //     if (($accessChecker = $this->getAccessChecker()) === null) {
+    //         return false;
+    //     }
+    //     $access = $accessChecker->checkAccess($this->getId(), $permissionName, $params);
+    //     if ($allowCaching && empty($params)) {
+    //         $this->_access[$permissionName] = $access;
+    //     }
+    //
+    //     return $access;
+    // }
+
+    public async can(permissionName: string, params = [], allowCaching = true) {
+
+        let access;
+        let accessChecker: AuthManager;
+        if ((accessChecker = this.getAccessChecker()) == null)
+            return false;
+
+
+        access = await accessChecker.checkAccess(this.getIdentity().id, permissionName, params);
+
+        if (allowCaching && Utils.isEmpty(params)) {
+            // this._access[$permissionName] = $access;
+        }
+
+        return access;
+
+    }
+
+    /**
+     * Returns auth manager associated with the user component.
+     *
+     * By default this is the `authManager` application component.
+     * You may override this method to return a different auth manager instance if needed.
+     * @return \yii\rbac\ManagerInterface
+     * @since 2.0.6
+     */
+    protected getAuthManager(): AuthManager {
+        return BaseChyz.getComponent('authManager');
+    }
+
+    /**
+     * Returns the access checker used for checking access.
+     * @return CheckAccessInterface
+     */
+    protected getAccessChecker():AuthManager {
+        return this.accessChecker !== null ? this.accessChecker : this.getAuthManager();
+    }
+
+
 }