chyz 1.0.13-rc.19 → 1.0.13-rc.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/{dist/BaseChyz.js → BaseChyz.js} +8 -46
- package/BaseChyz.js.map +1 -0
- package/{dist/Chyz.js → Chyz.js} +0 -0
- package/{dist/Chyz.js.map → Chyz.js.map} +0 -0
- package/README.md +16 -267
- package/{dist/base → base}/ActionFilter.js +1 -1
- package/{dist/base → base}/ActionFilter.js.map +1 -1
- package/{dist/base → base}/BaseError.js +1 -5
- package/base/BaseError.js.map +1 -0
- package/{dist/base → base}/BaseObject.js +0 -0
- package/{dist/base → base}/BaseObject.js.map +0 -0
- package/{dist/base → base}/Behavior.js +0 -0
- package/{dist/base → base}/Behavior.js.map +0 -0
- package/{dist/base → base}/Component.js +0 -0
- package/{dist/base → base}/Component.js.map +0 -0
- package/{dist/base → base}/Configurable.js +0 -0
- package/{dist/base → base}/Configurable.js.map +0 -0
- package/{dist/base → base}/Controller.js +0 -0
- package/{dist/base → base}/Controller.js.map +0 -0
- package/{dist/base → base}/DataErrorDbException.js +0 -0
- package/{dist/base → base}/DataErrorDbException.js.map +0 -0
- package/{dist/base → base}/DbConnection.js +0 -0
- package/{dist/base → base}/DbConnection.js.map +0 -0
- package/{dist/base → base}/ForbiddenHttpException.js +0 -0
- package/{dist/base → base}/ForbiddenHttpException.js.map +0 -0
- package/{dist/base → base}/InvalidConfigException.js +0 -0
- package/{dist/base → base}/InvalidConfigException.js.map +0 -0
- package/{dist/base → base}/Model.js +30 -37
- package/base/Model.js.map +1 -0
- package/{dist/base → base}/NotFoundHttpException.js +0 -0
- package/{dist/base → base}/NotFoundHttpException.js.map +0 -0
- package/{dist/base → base}/RestClient.js +4 -4
- package/base/RestClient.js.map +1 -0
- package/{dist/base → base}/UnauthorizedHttpException.js +0 -0
- package/{dist/base → base}/UnauthorizedHttpException.js.map +0 -0
- package/{dist/base → base}/ValidationHttpException.js +1 -1
- package/{dist/base → base}/ValidationHttpException.js.map +0 -0
- package/{dist/base → base}/db/Exception.js +0 -0
- package/{dist/base → base}/db/Exception.js.map +0 -0
- package/{dist/base → base}/index.js +0 -2
- package/{dist/base → base}/index.js.map +1 -1
- package/{dist/decorator → decorator}/Middleware.js +0 -0
- package/{dist/decorator → decorator}/Middleware.js.map +0 -0
- package/{dist/decorator → decorator}/controller.js +0 -0
- package/{dist/decorator → decorator}/controller.js.map +0 -0
- package/{dist/decorator → decorator}/enums/ControllerDecoratorParams.js +0 -0
- package/{dist/decorator → decorator}/enums/ControllerDecoratorParams.js.map +0 -0
- package/{dist/decorator → decorator}/get.js +0 -0
- package/{dist/decorator → decorator}/get.js.map +0 -0
- package/{dist/decorator → decorator}/index.js +0 -0
- package/{dist/decorator → decorator}/index.js.map +0 -0
- package/{dist/decorator → decorator}/post.js +0 -0
- package/{dist/decorator → decorator}/post.js.map +0 -0
- package/{dist/filters → filters}/AccessControl.js +3 -15
- package/filters/AccessControl.js.map +1 -0
- package/filters/AccessRule.js +79 -0
- package/filters/AccessRule.js.map +1 -0
- package/{dist/filters → filters}/auth/AuthInterface.js +0 -0
- package/{dist/filters → filters}/auth/AuthInterface.js.map +0 -0
- package/{dist/filters → filters}/auth/AuthMethod.js +0 -0
- package/{dist/filters → filters}/auth/AuthMethod.js.map +0 -0
- package/{requiments/Glob.ts → filters/auth/HttpBasicAuth.js} +2 -3
- package/filters/auth/HttpBasicAuth.js.map +1 -0
- package/{dist/filters → filters}/auth/HttpBearerAuth.js +0 -0
- package/{dist/filters → filters}/auth/HttpBearerAuth.js.map +0 -0
- package/{dist/filters → filters}/auth/HttpHeaderAuth.js +0 -0
- package/{dist/filters → filters}/auth/HttpHeaderAuth.js.map +0 -0
- package/{dist/filters → filters}/auth/JwtHttpBearerAuth.js +1 -1
- package/filters/auth/JwtHttpBearerAuth.js.map +1 -0
- package/{dist/filters → filters}/auth/KeyCloakHttpBearerAuth.js +0 -0
- package/{dist/filters → filters}/auth/KeyCloakHttpBearerAuth.js.map +0 -0
- package/{dist/filters → filters}/auth/index.js +0 -1
- package/{dist/filters → filters}/auth/index.js.map +1 -1
- package/{dist/filters → filters}/index.js +0 -0
- package/{dist/filters → filters}/index.js.map +0 -0
- package/{dist/index.js → index.js} +0 -0
- package/{dist/index.js.map → index.js.map} +0 -0
- package/{dist/model → model}/RouteDefinition.js +0 -0
- package/{dist/model → model}/RouteDefinition.js.map +0 -0
- package/package.json +7 -6
- package/{dist/requiments → requiments}/Glob.js +0 -0
- package/{dist/requiments → requiments}/Glob.js.map +0 -0
- package/{dist/requiments → requiments}/ReflectUtil.js +0 -0
- package/{dist/requiments → requiments}/ReflectUtil.js.map +0 -0
- package/{dist/requiments → requiments}/Utils.js +0 -0
- package/{dist/requiments → requiments}/Utils.js.map +0 -0
- package/{dist/validators → validators}/BooleanValidator.js +0 -0
- package/{dist/validators → validators}/BooleanValidator.js.map +0 -0
- package/{dist/validators → validators}/CompareValidator.js +0 -0
- package/{dist/validators → validators}/CompareValidator.js.map +0 -0
- package/{dist/validators → validators}/DateValidator.js +0 -0
- package/{dist/validators → validators}/DateValidator.js.map +0 -0
- package/{dist/validators → validators}/EmailValidator.js +0 -0
- package/{dist/validators → validators}/EmailValidator.js.map +0 -0
- package/{dist/validators → validators}/Validator.js +0 -0
- package/{dist/validators → validators}/Validator.js.map +0 -0
- package/{dist/web → web}/IdentityInterface.js +0 -0
- package/{dist/web → web}/IdentityInterface.js.map +0 -0
- package/web/WebUser.js +88 -0
- package/web/WebUser.js.map +1 -0
- package/BaseChyz.ts +0 -399
- package/Chyz.ts +0 -11
- package/Doc/Moel kullanma.md +0 -13
- package/Examples/Controllers/ApiController.ts +0 -140
- package/Examples/Controllers/BasicApiController.ts +0 -121
- package/Examples/Controllers/KeyCloakController.ts +0 -100
- package/Examples/Controllers/PublicController.ts +0 -42
- package/Examples/Controllers/SiteController.ts +0 -149
- package/Examples/Models/AuthAssignment.ts +0 -50
- package/Examples/Models/AuthItem.ts +0 -59
- package/Examples/Models/AuthItemChild.ts +0 -49
- package/Examples/Models/Categories.ts +0 -47
- package/Examples/Models/Customer.ts +0 -115
- package/Examples/Models/KeycloakUser.ts +0 -70
- package/Examples/Models/Order.ts +0 -64
- package/Examples/Models/OrderItem.ts +0 -27
- package/Examples/Models/ProductModels.ts +0 -49
- package/Examples/Models/ProductToCategories.ts +0 -46
- package/Examples/Models/Products.ts +0 -50
- package/Examples/Models/Stocks.ts +0 -60
- package/Examples/Models/User.ts +0 -107
- package/Examples/Models/UserPermission.ts +0 -37
- package/Examples/Models/index.ts +0 -19
- package/Examples/index-keycloack.ts +0 -78
- package/Examples/index.ts +0 -45
- package/Examples/keycloak.json +0 -7
- package/Examples/log/access.log +0 -0
- package/Examples/log/app.log +0 -10379
- package/Examples/log/errors.log +0 -1984
- package/Examples/package.json +0 -46
- package/Examples/tsconfig.json +0 -21
- package/base/ActionFilter.ts +0 -71
- package/base/BaseError.ts +0 -28
- package/base/BaseObject.ts +0 -19
- package/base/Behavior.ts +0 -6
- package/base/Component.ts +0 -66
- package/base/Configurable.ts +0 -10
- package/base/Controller.ts +0 -84
- package/base/DataErrorDbException.ts +0 -16
- package/base/DbConnection.ts +0 -51
- package/base/ForbiddenHttpException.ts +0 -15
- package/base/InvalidArgumentException.ts +0 -16
- package/base/InvalidConfigException.ts +0 -16
- package/base/Model.ts +0 -363
- package/base/ModelManager.ts +0 -19
- package/base/NotFoundHttpException.ts +0 -14
- package/base/RestClient.ts +0 -28
- package/base/UnauthorizedHttpException.ts +0 -17
- package/base/ValidationHttpException.ts +0 -14
- package/base/db/Exception.ts +0 -14
- package/base/index.ts +0 -18
- package/decorator/Middleware.ts +0 -9
- package/decorator/controller.ts +0 -22
- package/decorator/enums/ControllerDecoratorParams.ts +0 -5
- package/decorator/get.ts +0 -37
- package/decorator/index.ts +0 -3
- package/decorator/post.ts +0 -36
- package/dist/BaseChyz.js.map +0 -1
- package/dist/base/BaseError.js.map +0 -1
- package/dist/base/InvalidArgumentException.js +0 -18
- package/dist/base/InvalidArgumentException.js.map +0 -1
- package/dist/base/Model.js.map +0 -1
- package/dist/base/ModelManager.js +0 -9
- package/dist/base/ModelManager.js.map +0 -1
- package/dist/base/RestClient.js.map +0 -1
- package/dist/filters/AccessControl.js.map +0 -1
- package/dist/filters/AccessRule.js +0 -140
- package/dist/filters/AccessRule.js.map +0 -1
- package/dist/filters/auth/HttpBasicAuth.js +0 -73
- package/dist/filters/auth/HttpBasicAuth.js.map +0 -1
- package/dist/filters/auth/JwtHttpBearerAuth.js.map +0 -1
- package/dist/log/config/log4js.json +0 -55
- package/dist/package.json +0 -55
- package/dist/rbac/AuthAssignment.js +0 -45
- package/dist/rbac/AuthAssignment.js.map +0 -1
- package/dist/rbac/AuthItem.js +0 -52
- package/dist/rbac/AuthItem.js.map +0 -1
- package/dist/rbac/AuthItemChild.js +0 -44
- package/dist/rbac/AuthItemChild.js.map +0 -1
- package/dist/rbac/AuthManager.js +0 -359
- package/dist/rbac/AuthManager.js.map +0 -1
- package/dist/web/WebUser.js +0 -166
- package/dist/web/WebUser.js.map +0 -1
- package/filters/AccessControl.ts +0 -77
- package/filters/AccessRule.ts +0 -182
- package/filters/auth/AuthInterface.ts +0 -34
- package/filters/auth/AuthMethod.ts +0 -88
- package/filters/auth/HttpBasicAuth.ts +0 -75
- package/filters/auth/HttpBearerAuth.ts +0 -31
- package/filters/auth/HttpHeaderAuth.ts +0 -53
- package/filters/auth/JwtHttpBearerAuth.ts +0 -80
- package/filters/auth/KeyCloakHttpBearerAuth.ts +0 -115
- package/filters/auth/index.ts +0 -4
- package/filters/index.ts +0 -2
- package/index.ts +0 -14
- package/model/RouteDefinition.ts +0 -18
- package/package-lock.json +0 -5259
- package/rbac/AuthAssignment.ts +0 -50
- package/rbac/AuthItem.ts +0 -57
- package/rbac/AuthItemChild.ts +0 -50
- package/rbac/AuthManager.ts +0 -398
- package/requiments/ReflectUtil.ts +0 -26
- package/requiments/Utils.ts +0 -57
- package/tsconfig.json +0 -18
- package/validators/BooleanValidator.ts +0 -0
- package/validators/CompareValidator.ts +0 -0
- package/validators/DateValidator.ts +0 -0
- package/validators/EmailValidator.ts +0 -0
- package/validators/Validator.ts +0 -27
- package/web/IdentityInterface.ts +0 -68
- package/web/WebUser.ts +0 -187
package/dist/rbac/AuthManager.js
DELETED
|
@@ -1,359 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
|
-
};
|
|
14
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
-
exports.AuthManager = void 0;
|
|
16
|
-
const base_1 = require("../base");
|
|
17
|
-
const index_1 = require("../index");
|
|
18
|
-
const Utils_1 = __importDefault(require("../requiments/Utils"));
|
|
19
|
-
class AuthManager extends base_1.Component {
|
|
20
|
-
constructor() {
|
|
21
|
-
super(...arguments);
|
|
22
|
-
this.checkAccessAssignments = {};
|
|
23
|
-
this.defaultRoles = {};
|
|
24
|
-
}
|
|
25
|
-
init() {
|
|
26
|
-
index_1.BaseChyz.info("Auth Manager init....");
|
|
27
|
-
}
|
|
28
|
-
/**
|
|
29
|
-
*
|
|
30
|
-
*/
|
|
31
|
-
checkAccess(userId, permissionName, params = []) {
|
|
32
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
33
|
-
let assignments;
|
|
34
|
-
if (!this.checkAccessAssignments[userId.toString()]) {
|
|
35
|
-
assignments = yield this.getAssignments(userId);
|
|
36
|
-
this.checkAccessAssignments[userId.toString()] = assignments;
|
|
37
|
-
}
|
|
38
|
-
else {
|
|
39
|
-
assignments = this.checkAccessAssignments[userId.toString()];
|
|
40
|
-
}
|
|
41
|
-
// BaseChyz.info("assignments",assignments)
|
|
42
|
-
if (this.hasNoAssignments(assignments)) {
|
|
43
|
-
return false;
|
|
44
|
-
}
|
|
45
|
-
return yield this.checkAccessRecursive(userId, permissionName, params, assignments);
|
|
46
|
-
});
|
|
47
|
-
}
|
|
48
|
-
checkAccessFromCache() {
|
|
49
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
50
|
-
});
|
|
51
|
-
}
|
|
52
|
-
checkAccessRecursive(user, itemname, params, assignments) {
|
|
53
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
54
|
-
let item = yield this.getItem(itemname);
|
|
55
|
-
if (!item)
|
|
56
|
-
return false;
|
|
57
|
-
/**
|
|
58
|
-
* @todo
|
|
59
|
-
* Rule test edilmeli
|
|
60
|
-
*/
|
|
61
|
-
if (assignments[itemname] || Utils_1.default.find(this.defaultRoles, itemname)) {
|
|
62
|
-
return true;
|
|
63
|
-
}
|
|
64
|
-
/**
|
|
65
|
-
* item child
|
|
66
|
-
*/
|
|
67
|
-
let parents = yield base_1.ModelManager.AuthItemChild.findAll({ attributes: ["parent"], where: { child: itemname } });
|
|
68
|
-
for (const parent of parents) {
|
|
69
|
-
let r = yield this.checkAccessRecursive(user, parent.parent, params, assignments);
|
|
70
|
-
if (r) {
|
|
71
|
-
return true;
|
|
72
|
-
}
|
|
73
|
-
}
|
|
74
|
-
return false;
|
|
75
|
-
});
|
|
76
|
-
}
|
|
77
|
-
/**
|
|
78
|
-
*
|
|
79
|
-
* @param name
|
|
80
|
-
*/
|
|
81
|
-
getItem(name) {
|
|
82
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
83
|
-
if (!name)
|
|
84
|
-
return null;
|
|
85
|
-
return yield base_1.ModelManager.AuthItem.findOne({ where: { name: name } });
|
|
86
|
-
});
|
|
87
|
-
}
|
|
88
|
-
getItems(type) {
|
|
89
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
90
|
-
let items = {};
|
|
91
|
-
let _items = yield base_1.ModelManager.AuthItem.findAll({ where: { type: type } });
|
|
92
|
-
if (_items)
|
|
93
|
-
_items.forEach((item) => {
|
|
94
|
-
items[item["name"]] = item.dataValues;
|
|
95
|
-
});
|
|
96
|
-
return items;
|
|
97
|
-
});
|
|
98
|
-
}
|
|
99
|
-
getRolesByUser(userId) {
|
|
100
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
101
|
-
if (this.isEmptyUserId(userId.toString())) {
|
|
102
|
-
return [];
|
|
103
|
-
}
|
|
104
|
-
let roles = {};
|
|
105
|
-
let items = yield base_1.ModelManager.AuthAssignment.findAll({
|
|
106
|
-
where: {
|
|
107
|
-
user_id: userId.toString(),
|
|
108
|
-
'$AuthItemClasses.type$': AuthManager.TYPE_ROLE
|
|
109
|
-
},
|
|
110
|
-
include: [{
|
|
111
|
-
model: base_1.ModelManager.AuthItem.model()
|
|
112
|
-
}]
|
|
113
|
-
});
|
|
114
|
-
for (const item of items) {
|
|
115
|
-
for (const i of item.AuthItemClasses)
|
|
116
|
-
roles[i["name"]] = i.dataValues;
|
|
117
|
-
}
|
|
118
|
-
return roles;
|
|
119
|
-
});
|
|
120
|
-
}
|
|
121
|
-
/**
|
|
122
|
-
*
|
|
123
|
-
* @param roleName
|
|
124
|
-
*/
|
|
125
|
-
getChildRoles(roleName) {
|
|
126
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
127
|
-
let role = yield this.getRole(roleName);
|
|
128
|
-
if (role === null) {
|
|
129
|
-
throw new index_1.InvalidArgumentException(`Role "${roleName}" not found.`);
|
|
130
|
-
}
|
|
131
|
-
const result = { result: {} };
|
|
132
|
-
yield this.getChildrenRecursive(roleName, yield this.getChildrenList(), result);
|
|
133
|
-
let roles = {};
|
|
134
|
-
roles[roleName] = role;
|
|
135
|
-
let _roles = yield this.getRoles();
|
|
136
|
-
let _r = {};
|
|
137
|
-
Utils_1.default.forEach(_roles, (item) => {
|
|
138
|
-
if (result.result[item.name])
|
|
139
|
-
_r[item.name] = item;
|
|
140
|
-
});
|
|
141
|
-
return Utils_1.default.merge(roles, _r);
|
|
142
|
-
});
|
|
143
|
-
}
|
|
144
|
-
/**
|
|
145
|
-
*
|
|
146
|
-
* @param roleName
|
|
147
|
-
*/
|
|
148
|
-
getPermissionsByRole(roleName) {
|
|
149
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
150
|
-
let childrenList = this.getChildrenList();
|
|
151
|
-
const result = { result: {} };
|
|
152
|
-
let permissions = {};
|
|
153
|
-
yield this.getChildrenRecursive(roleName, childrenList, result);
|
|
154
|
-
if (Utils_1.default.isEmpty(result.result)) {
|
|
155
|
-
return {};
|
|
156
|
-
}
|
|
157
|
-
let itemResult = yield base_1.ModelManager.AuthItem.findAll({
|
|
158
|
-
where: {
|
|
159
|
-
type: AuthManager.TYPE_PERMISSION,
|
|
160
|
-
name: Object.keys(result.result)
|
|
161
|
-
}
|
|
162
|
-
});
|
|
163
|
-
for (const itemElement of itemResult) {
|
|
164
|
-
permissions[itemElement["name"]] = itemElement.dataValues;
|
|
165
|
-
}
|
|
166
|
-
return permissions;
|
|
167
|
-
});
|
|
168
|
-
}
|
|
169
|
-
/**
|
|
170
|
-
*
|
|
171
|
-
* @param userId
|
|
172
|
-
*/
|
|
173
|
-
getPermissionsByUser(userId) {
|
|
174
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
175
|
-
if (this.isEmptyUserId(userId.toString())) {
|
|
176
|
-
return {};
|
|
177
|
-
}
|
|
178
|
-
let directPermission = yield this.getDirectPermissionsByUser(userId);
|
|
179
|
-
let inheritedPermission = yield this.getInheritedPermissionsByUser(userId);
|
|
180
|
-
return Utils_1.default.merge(directPermission, inheritedPermission);
|
|
181
|
-
});
|
|
182
|
-
}
|
|
183
|
-
/**
|
|
184
|
-
* Returns all permissions that are directly assigned to user.
|
|
185
|
-
* @return Permission[] all direct permissions that the user has. The array is indexed by the permission names.
|
|
186
|
-
*/
|
|
187
|
-
getDirectPermissionsByUser(userId) {
|
|
188
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
189
|
-
let permissions = {};
|
|
190
|
-
let result = yield base_1.ModelManager.AuthAssignment.findAll({
|
|
191
|
-
where: {
|
|
192
|
-
user_id: userId.toString(),
|
|
193
|
-
'$AuthItemClasses.type$': AuthManager.TYPE_PERMISSION
|
|
194
|
-
},
|
|
195
|
-
include: [
|
|
196
|
-
{
|
|
197
|
-
model: base_1.ModelManager.AuthItem.model()
|
|
198
|
-
}
|
|
199
|
-
]
|
|
200
|
-
});
|
|
201
|
-
for (const resultElement of result) {
|
|
202
|
-
for (const i of resultElement.AuthItemClasses)
|
|
203
|
-
permissions[i["name"]] = i.dataValues;
|
|
204
|
-
}
|
|
205
|
-
return permissions;
|
|
206
|
-
});
|
|
207
|
-
}
|
|
208
|
-
getInheritedPermissionsByUser(userId) {
|
|
209
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
210
|
-
let userAssignment = yield base_1.ModelManager.AuthAssignment.findAll({ where: { user_id: userId.toString() }, attributes: ["item_name"] });
|
|
211
|
-
let childrenList = yield this.getChildrenList();
|
|
212
|
-
const result = { result: {} };
|
|
213
|
-
let permissions = {};
|
|
214
|
-
for (const userAssignmentElement of userAssignment) {
|
|
215
|
-
this.getChildrenRecursive(userAssignmentElement.item_name, childrenList, result);
|
|
216
|
-
}
|
|
217
|
-
if (Utils_1.default.isEmpty(result.result)) {
|
|
218
|
-
return {};
|
|
219
|
-
}
|
|
220
|
-
let itemResult = yield base_1.ModelManager.AuthItem.findAll({
|
|
221
|
-
where: {
|
|
222
|
-
type: AuthManager.TYPE_PERMISSION,
|
|
223
|
-
name: Object.keys(result.result)
|
|
224
|
-
}
|
|
225
|
-
});
|
|
226
|
-
for (const itemElement of itemResult) {
|
|
227
|
-
permissions[itemElement["name"]] = itemElement.dataValues;
|
|
228
|
-
}
|
|
229
|
-
return permissions;
|
|
230
|
-
});
|
|
231
|
-
}
|
|
232
|
-
/**
|
|
233
|
-
*
|
|
234
|
-
* @param userId
|
|
235
|
-
*/
|
|
236
|
-
getItemsByUser(userId) {
|
|
237
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
238
|
-
let items = yield base_1.ModelManager.AuthAssignment.findAll({
|
|
239
|
-
where: {
|
|
240
|
-
user_id: userId.toString()
|
|
241
|
-
},
|
|
242
|
-
include: [{
|
|
243
|
-
model: base_1.ModelManager.AuthItem.model()
|
|
244
|
-
}]
|
|
245
|
-
});
|
|
246
|
-
return items;
|
|
247
|
-
});
|
|
248
|
-
}
|
|
249
|
-
/**
|
|
250
|
-
* Returns all role assignment information for the specified role.
|
|
251
|
-
* @param $roleName
|
|
252
|
-
*/
|
|
253
|
-
getUserIdsByRole(roleName) {
|
|
254
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
255
|
-
if (!roleName)
|
|
256
|
-
return [];
|
|
257
|
-
return yield base_1.ModelManager.AuthAssignment.findAll({ where: { "item_name": roleName }, attributes: ["user_id"] });
|
|
258
|
-
});
|
|
259
|
-
}
|
|
260
|
-
/**
|
|
261
|
-
* {@inheritdoc}
|
|
262
|
-
*/
|
|
263
|
-
getRole(name) {
|
|
264
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
265
|
-
let item = yield this.getItem(name);
|
|
266
|
-
return item && item.type == AuthManager.TYPE_ROLE ? item : null;
|
|
267
|
-
});
|
|
268
|
-
}
|
|
269
|
-
/**
|
|
270
|
-
* {@inheritdoc}
|
|
271
|
-
*/
|
|
272
|
-
getRoles() {
|
|
273
|
-
return this.getItems(AuthManager.TYPE_ROLE);
|
|
274
|
-
}
|
|
275
|
-
/**
|
|
276
|
-
* Recursively finds all children and grand children of the specified item.
|
|
277
|
-
* @param string $name the name of the item whose children are to be looked for.
|
|
278
|
-
* @param array $childrenList the child list built via [[getChildrenList()]]
|
|
279
|
-
* @param array $result the children and grand children (in array keys)
|
|
280
|
-
*/
|
|
281
|
-
getChildrenRecursive(name, childrenList, model) {
|
|
282
|
-
if (childrenList[name]) {
|
|
283
|
-
for (const child of childrenList[name]) {
|
|
284
|
-
model.result[child] = true;
|
|
285
|
-
this.getChildrenRecursive(child, childrenList, model);
|
|
286
|
-
}
|
|
287
|
-
}
|
|
288
|
-
}
|
|
289
|
-
/**
|
|
290
|
-
*
|
|
291
|
-
* @param roleName
|
|
292
|
-
* @param userId
|
|
293
|
-
*/
|
|
294
|
-
getAssignment(roleName, userId) {
|
|
295
|
-
if (this.isEmptyUserId(userId)) {
|
|
296
|
-
return [];
|
|
297
|
-
}
|
|
298
|
-
return base_1.ModelManager.AuthAssignment.findAll({ where: { user_id: userId, items_name: roleName } });
|
|
299
|
-
}
|
|
300
|
-
/**
|
|
301
|
-
*
|
|
302
|
-
*/
|
|
303
|
-
getAssignments(userId) {
|
|
304
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
305
|
-
if (this.isEmptyUserId(userId.toString())) {
|
|
306
|
-
return {};
|
|
307
|
-
}
|
|
308
|
-
let assignments = {};
|
|
309
|
-
try {
|
|
310
|
-
let as = yield base_1.ModelManager.AuthAssignment.findAll({ where: { user_id: userId.toString() } });
|
|
311
|
-
for (const a of as) {
|
|
312
|
-
assignments[a["item_name"]] = a;
|
|
313
|
-
}
|
|
314
|
-
}
|
|
315
|
-
catch (e) {
|
|
316
|
-
throw new base_1.InvalidConfigException('The user application component must be available to specify roles in AccessRule.');
|
|
317
|
-
}
|
|
318
|
-
return assignments;
|
|
319
|
-
});
|
|
320
|
-
}
|
|
321
|
-
/**
|
|
322
|
-
* Returns the children for every parent.
|
|
323
|
-
* @return array the children list. Each array key is a parent item name,
|
|
324
|
-
* and the corresponding array value is a list of child item names.
|
|
325
|
-
*/
|
|
326
|
-
getChildrenList() {
|
|
327
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
328
|
-
let items = yield base_1.ModelManager.AuthItemChild.findAll();
|
|
329
|
-
let parents = {};
|
|
330
|
-
for (const item of items) {
|
|
331
|
-
parents[item["parent"]] = Utils_1.default.concat(parents[item["parent"]] || [], [item["child"]]);
|
|
332
|
-
}
|
|
333
|
-
return parents;
|
|
334
|
-
});
|
|
335
|
-
}
|
|
336
|
-
/**
|
|
337
|
-
* Check whether $userId is empty.
|
|
338
|
-
* @param mixed $userId
|
|
339
|
-
* @return bool
|
|
340
|
-
* @since 2.0.26
|
|
341
|
-
*/
|
|
342
|
-
isEmptyUserId(userId) {
|
|
343
|
-
return !userId || userId === '';
|
|
344
|
-
}
|
|
345
|
-
/**
|
|
346
|
-
* Checks whether array of $assignments is empty and [[defaultRoles]] property is empty as well.
|
|
347
|
-
*
|
|
348
|
-
* @param Assignment[] $assignments array of user's assignments
|
|
349
|
-
* @return bool whether array of $assignments is empty and [[defaultRoles]] property is empty as well
|
|
350
|
-
* @since 2.0.11
|
|
351
|
-
*/
|
|
352
|
-
hasNoAssignments(assignments) {
|
|
353
|
-
return Utils_1.default.isEmpty(assignments) && Utils_1.default.isEmpty(this.defaultRoles);
|
|
354
|
-
}
|
|
355
|
-
}
|
|
356
|
-
exports.AuthManager = AuthManager;
|
|
357
|
-
AuthManager.TYPE_ROLE = 1;
|
|
358
|
-
AuthManager.TYPE_PERMISSION = 2;
|
|
359
|
-
//# sourceMappingURL=AuthManager.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"AuthManager.js","sourceRoot":"","sources":["../../rbac/AuthManager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,kCAAyH;AACzH,oCAA4D;AAC5D,gEAAwC;AAsBxC,MAAa,WAAY,SAAQ,gBAAS;IAA1C;;QAYI,2BAAsB,GAAQ,EAAE,CAAA;QAChC,iBAAY,GAAQ,EAAE,CAAA;IAwW1B,CAAC;IAjXG,IAAI;QACA,gBAAQ,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;IAC1C,CAAC;IAUD;;OAEG;IAEU,WAAW,CAAC,MAAc,EAAE,cAAsB,EAAE,SAAgB,EAAE;;YAC/E,IAAI,WAAgB,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE;gBACjD,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBAChD,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,GAAG,WAAW,CAAC;aAChE;iBAAM;gBACH,WAAW,GAAG,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAA;aAC/D;YAGD,2CAA2C;YAC3C,IAAI,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,EAAE;gBACpC,OAAO,KAAK,CAAC;aAChB;YAGD,OAAO,MAAM,IAAI,CAAC,oBAAoB,CAAC,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;QACxF,CAAC;KAAA;IAEK,oBAAoB;;QAG1B,CAAC;KAAA;IAEY,oBAAoB,CAAC,IAAqB,EAAE,QAAgB,EAAE,MAAa,EAAE,WAAgB;;YACtG,IAAI,IAAI,GAAQ,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC7C,IAAI,CAAC,IAAI;gBAAE,OAAO,KAAK,CAAC;YAExB;;;eAGG;YAEH,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,eAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,EAAE;gBAClE,OAAO,IAAI,CAAC;aACf;YAED;;eAEG;YACH,IAAI,OAAO,GAAG,MAAM,mBAAY,CAAC,aAAa,CAAC,OAAO,CAAC,EAAC,UAAU,EAAC,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,EAAC,KAAK,EAAE,QAAQ,EAAC,EAAC,CAAC,CAAC;YAC1G,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE;gBAC1B,IAAI,CAAC,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;gBAClF,IAAI,CAAC,EAAE;oBACH,OAAO,IAAI,CAAC;iBACf;aACJ;YAED,OAAO,KAAK,CAAC;QAEjB,CAAC;KAAA;IAED;;;OAGG;IACU,OAAO,CAAC,IAAY;;YAC7B,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC;YAEvB,OAAO,MAAM,mBAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC,EAAC,CAAC,CAAA;QAErE,CAAC;KAAA;IAEY,QAAQ,CAAC,IAAY;;YAC9B,IAAI,KAAK,GAAQ,EAAE,CAAC;YACpB,IAAI,MAAM,GAAG,MAAM,mBAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC,EAAC,CAAC,CAAA;YACvE,IAAI,MAAM;gBACN,MAAM,CAAC,OAAO,CAAC,CAAC,IAAS,EAAE,EAAE;oBACzB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,UAAkB,CAAC;gBAClD,CAAC,CAAC,CAAA;YAEN,OAAO,KAAK,CAAA;QAEhB,CAAC;KAAA;IAEY,cAAc,CAAC,MAAc;;YACtC,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE;gBACvC,OAAO,EAAE,CAAC;aACb;YAGD,IAAI,KAAK,GAAQ,EAAE,CAAA;YACnB,IAAI,KAAK,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC;gBAClD,KAAK,EAAE;oBACH,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE;oBAC1B,wBAAwB,EAAE,WAAW,CAAC,SAAS;iBAClD;gBACD,OAAO,EAAE,CAAC;wBACN,KAAK,EAAE,mBAAY,CAAC,QAAQ,CAAC,KAAK,EAAE;qBACvC,CAAC;aACL,CAAC,CAAA;YACF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACtB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,eAAe;oBAChC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,UAAkB,CAAC;aAC/C;YAED,OAAO,KAAK,CAAC;QAEjB,CAAC;KAAA;IAED;;;OAGG;IACU,aAAa,CAAC,QAAgB;;YACvC,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACxC,IAAI,IAAI,KAAK,IAAI,EAAE;gBACf,MAAM,IAAI,gCAAwB,CAAC,SAAS,QAAQ,cAAc,CAAC,CAAC;aACvE;YACD,MAAM,MAAM,GAAQ,EAAC,MAAM,EAAE,EAAE,EAAC,CAAC;YACjC,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,MAAM,IAAI,CAAC,eAAe,EAAE,EAAE,MAAM,CAAC,CAAC;YAChF,IAAI,KAAK,GAAQ,EAAE,CAAC;YACpB,KAAK,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;YACvB,IAAI,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnC,IAAI,EAAE,GAAQ,EAAE,CAAC;YACjB,eAAK,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,IAAU,EAAE,EAAE;gBACjC,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;oBACxB,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;YAC7B,CAAC,CAAC,CAAA;YAGF,OAAO,eAAK,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;KAAA;IAED;;;OAGG;IACU,oBAAoB,CAAC,QAAgB;;YAC9C,IAAI,YAAY,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1C,MAAM,MAAM,GAAG,EAAC,MAAM,EAAE,EAAE,EAAC,CAAA;YAC3B,IAAI,WAAW,GAAQ,EAAE,CAAA;YACzB,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC;YAChE,IAAI,eAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;gBAC9B,OAAO,EAAE,CAAC;aACb;YAED,IAAI,UAAU,GAAG,MAAM,mBAAY,CAAC,QAAQ,CAAC,OAAO,CAAC;gBACjD,KAAK,EAAE;oBACH,IAAI,EAAE,WAAW,CAAC,eAAe;oBACjC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;iBACnC;aACJ,CAAC,CAAC;YACH,KAAK,MAAM,WAAW,IAAI,UAAU,EAAE;gBAClC,WAAW,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,GAAG,WAAW,CAAC,UAAwB,CAAA;aAC1E;YAED,OAAO,WAAW,CAAC;QAEvB,CAAC;KAAA;IAED;;;OAGG;IACU,oBAAoB,CAAC,MAAc;;YAE5C,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE;gBACvC,OAAO,EAAE,CAAC;aACb;YAED,IAAI,gBAAgB,GAAG,MAAM,IAAI,CAAC,0BAA0B,CAAC,MAAM,CAAC,CAAC;YACrE,IAAI,mBAAmB,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,MAAM,CAAC,CAAC;YAE3E,OAAO,eAAK,CAAC,KAAK,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,CAAC;QAC9D,CAAC;KAAA;IAED;;;OAGG;IACa,0BAA0B,CAAC,MAAc;;YACrD,IAAI,WAAW,GAAQ,EAAE,CAAA;YACzB,IAAI,MAAM,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC;gBACnD,KAAK,EAAE;oBACH,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE;oBAC1B,wBAAwB,EAAE,WAAW,CAAC,eAAe;iBACxD;gBACD,OAAO,EAAE;oBACL;wBACI,KAAK,EAAE,mBAAY,CAAC,QAAQ,CAAC,KAAK,EAAE;qBACvC;iBACJ;aACJ,CAAC,CAAA;YAEF,KAAK,MAAM,aAAa,IAAI,MAAM,EAAE;gBAChC,KAAK,MAAM,CAAC,IAAI,aAAa,CAAC,eAAe;oBACzC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,UAAwB,CAAC;aAC3D;YAGD,OAAO,WAAW,CAAC;QACvB,CAAC;KAAA;IAEe,6BAA6B,CAAC,MAAc;;YACxD,IAAI,cAAc,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAC,EAAE,UAAU,EAAE,CAAC,WAAW,CAAC,EAAC,CAAC,CAAC;YACjI,IAAI,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;YAChD,MAAM,MAAM,GAAQ,EAAC,MAAM,EAAE,EAAE,EAAC,CAAA;YAChC,IAAI,WAAW,GAAQ,EAAE,CAAA;YAEzB,KAAK,MAAM,qBAAqB,IAAI,cAAc,EAAE;gBAChD,IAAI,CAAC,oBAAoB,CAAC,qBAAqB,CAAC,SAAS,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC;aACpF;YAED,IAAI,eAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;gBAC9B,OAAO,EAAE,CAAC;aACb;YAED,IAAI,UAAU,GAAG,MAAM,mBAAY,CAAC,QAAQ,CAAC,OAAO,CAAC;gBACjD,KAAK,EAAE;oBACH,IAAI,EAAE,WAAW,CAAC,eAAe;oBACjC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;iBACnC;aACJ,CAAC,CAAC;YACH,KAAK,MAAM,WAAW,IAAI,UAAU,EAAE;gBAClC,WAAW,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,GAAG,WAAW,CAAC,UAAwB,CAAA;aAC1E;YAED,OAAO,WAAW,CAAC;QACvB,CAAC;KAAA;IAGD;;;OAGG;IACU,cAAc,CAAC,MAAc;;YACtC,IAAI,KAAK,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC;gBAClD,KAAK,EAAE;oBACH,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE;iBAC7B;gBACD,OAAO,EAAE,CAAC;wBACN,KAAK,EAAE,mBAAY,CAAC,QAAQ,CAAC,KAAK,EAAE;qBACvC,CAAC;aACL,CAAC,CAAA;YAEF,OAAO,KAAK,CAAC;QACjB,CAAC;KAAA;IAGD;;;OAGG;IACU,gBAAgB,CAAC,QAAgB;;YAC1C,IAAI,CAAC,QAAQ;gBAAE,OAAO,EAAE,CAAC;YAEzB,OAAO,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,WAAW,EAAE,QAAQ,EAAC,EAAE,UAAU,EAAE,CAAC,SAAS,CAAC,EAAC,CAAC,CAAC;QAChH,CAAC;KAAA;IAGD;;OAEG;IACU,OAAO,CAAC,IAAY;;YAC7B,IAAI,IAAI,GAAS,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAC1C,OAAO,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QACpE,CAAC;KAAA;IAGD;;OAEG;IACI,QAAQ;QACX,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IAChD,CAAC;IAED;;;;;OAKG;IACO,oBAAoB,CAAC,IAAY,EAAE,YAAiB,EAAE,KAAU;QACtE,IAAI,YAAY,CAAC,IAAI,CAAC,EAAE;YACpB,KAAK,MAAM,KAAK,IAAI,YAAY,CAAC,IAAI,CAAC,EAAE;gBACpC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;gBAC3B,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC;aACzD;SACJ;IAEL,CAAC;IAGD;;;;OAIG;IACI,aAAa,CAAC,QAAgB,EAAE,MAAc;QACjD,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE;YAC5B,OAAO,EAAE,CAAC;SACb;QACD,OAAO,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAC,EAAC,CAAC,CAAC;IAEjG,CAAC;IAED;;OAEG;IACU,cAAc,CAAC,MAAc;;YACtC,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE;gBACvC,OAAO,EAAE,CAAC;aACb;YAED,IAAI,WAAW,GAAQ,EAAE,CAAC;YAC1B,IAAI;gBAEA,IAAI,EAAE,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAC,EAAC,CAAC,CAAC;gBAC1F,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE;oBAChB,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC;iBACnC;aACJ;YAAC,OAAO,CAAC,EAAE;gBACR,MAAM,IAAI,6BAAsB,CAAC,kFAAkF,CAAC,CAAC;aACxH;YACD,OAAO,WAAW,CAAC;QACvB,CAAC;KAAA;IAED;;;;OAIG;IACa,eAAe;;YAC3B,IAAI,KAAK,GAAG,MAAM,mBAAY,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;YACvD,IAAI,OAAO,GAAQ,EAAE,CAAC;YACtB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACtB,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,GAAG,eAAK,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;aAC1F;YAED,OAAO,OAAO,CAAA;QAClB,CAAC;KAAA;IAED;;;;;OAKG;IACO,aAAa,CAAC,MAAc;QAClC,OAAO,CAAC,MAAM,IAAI,MAAM,KAAK,EAAE,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACO,gBAAgB,CAAC,WAAgB;QACvC,OAAO,eAAK,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,eAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IACzE,CAAC;;AApXL,kCAqXC;AApXmB,qBAAS,GAAG,CAAC,CAAC;AACd,2BAAe,GAAG,CAAC,CAAC"}
|
package/dist/web/WebUser.js
DELETED
|
@@ -1,166 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
|
-
};
|
|
14
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
-
exports.WebUser = void 0;
|
|
16
|
-
/*
|
|
17
|
-
* Copyright (c) 2021. Chy Bilgisayar Bilisim
|
|
18
|
-
* Author: Cihan Ozturk
|
|
19
|
-
* E-mail: cihan@chy.com.tr
|
|
20
|
-
* Github:https://github.com/cihan53/
|
|
21
|
-
*/
|
|
22
|
-
const BaseChyz_1 = __importDefault(require("../BaseChyz"));
|
|
23
|
-
const Component_1 = require("../base/Component");
|
|
24
|
-
const ForbiddenHttpException_1 = require("../base/ForbiddenHttpException");
|
|
25
|
-
const InvalidConfigException_1 = require("../base/InvalidConfigException");
|
|
26
|
-
const Utils_1 = __importDefault(require("../requiments/Utils"));
|
|
27
|
-
class WebUser extends Component_1.Component {
|
|
28
|
-
constructor() {
|
|
29
|
-
super(...arguments);
|
|
30
|
-
/**
|
|
31
|
-
* @var CheckAccessInterface|string|array The access checker object to use for checking access or the application
|
|
32
|
-
* component ID of the access checker.
|
|
33
|
-
* If not set the application auth manager will be used.
|
|
34
|
-
* @since 2.0.9
|
|
35
|
-
*/
|
|
36
|
-
this.accessChecker = null;
|
|
37
|
-
}
|
|
38
|
-
get identity() {
|
|
39
|
-
return this._identity;
|
|
40
|
-
}
|
|
41
|
-
set identity(value) {
|
|
42
|
-
this._identity = value;
|
|
43
|
-
}
|
|
44
|
-
init() {
|
|
45
|
-
super.init();
|
|
46
|
-
if (this.identityClass === null) {
|
|
47
|
-
throw new InvalidConfigException_1.InvalidConfigException('User::identityClass must be set.');
|
|
48
|
-
}
|
|
49
|
-
this.identityClass = new this.identityClass();
|
|
50
|
-
}
|
|
51
|
-
getIsGuest() {
|
|
52
|
-
return this.getIdentity() === null;
|
|
53
|
-
}
|
|
54
|
-
getIdentity(autoRenew = true) {
|
|
55
|
-
return this._identity;
|
|
56
|
-
}
|
|
57
|
-
loginRequired() {
|
|
58
|
-
throw new ForbiddenHttpException_1.ForbiddenHttpException(BaseChyz_1.default.t('Login Required'));
|
|
59
|
-
}
|
|
60
|
-
/**
|
|
61
|
-
* Regenerates CSRF token
|
|
62
|
-
*
|
|
63
|
-
* @since 2.0.14.2
|
|
64
|
-
*/
|
|
65
|
-
regenerateCsrfToken() {
|
|
66
|
-
}
|
|
67
|
-
/**
|
|
68
|
-
* Logs in a user by the given access token.
|
|
69
|
-
* @param token
|
|
70
|
-
* @param type
|
|
71
|
-
*/
|
|
72
|
-
loginByAccessToken(token, type = null) {
|
|
73
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
74
|
-
let $class = this.identityClass;
|
|
75
|
-
if ($class.findIdentityByAccessToken) {
|
|
76
|
-
this.identity = yield $class.findIdentityByAccessToken(token, type);
|
|
77
|
-
if (this.identity && this.login(this.identity)) {
|
|
78
|
-
return this.identity;
|
|
79
|
-
}
|
|
80
|
-
}
|
|
81
|
-
else {
|
|
82
|
-
BaseChyz_1.default.error("WebUser::findIdentityByAccessToken undefined");
|
|
83
|
-
}
|
|
84
|
-
return null;
|
|
85
|
-
});
|
|
86
|
-
}
|
|
87
|
-
login(identity, duration = 0) {
|
|
88
|
-
if (this.beforeLogin(identity, false, duration)) {
|
|
89
|
-
}
|
|
90
|
-
return !this.getIsGuest();
|
|
91
|
-
}
|
|
92
|
-
beforeLogin(identity, cookieBased, duration) {
|
|
93
|
-
return true;
|
|
94
|
-
}
|
|
95
|
-
afterLogin() {
|
|
96
|
-
}
|
|
97
|
-
getId() {
|
|
98
|
-
let identity = this.getIdentity();
|
|
99
|
-
return identity !== null ? identity.getId() : null;
|
|
100
|
-
}
|
|
101
|
-
/**
|
|
102
|
-
* Checks if the user can perform the operation as specified by the given permission.
|
|
103
|
-
*
|
|
104
|
-
* Note that you must configure "authManager" application component in order to use this method.
|
|
105
|
-
* Otherwise it will always return false.
|
|
106
|
-
*
|
|
107
|
-
* @param string $permissionName the name of the permission (e.g. "edit post") that needs access check.
|
|
108
|
-
* @param array $params name-value pairs that would be passed to the rules associated
|
|
109
|
-
* with the roles and permissions assigned to the user.
|
|
110
|
-
* @param bool $allowCaching whether to allow caching the result of access check.
|
|
111
|
-
* When this parameter is true (default), if the access check of an operation was performed
|
|
112
|
-
* before, its result will be directly returned when calling this method to check the same
|
|
113
|
-
* operation. If this parameter is false, this method will always call
|
|
114
|
-
* [[\yii\rbac\CheckAccessInterface::checkAccess()]] to obtain the up-to-date access result. Note that this
|
|
115
|
-
* caching is effective only within the same request and only works when `$params = []`.
|
|
116
|
-
* @return bool whether the user can perform the operation as specified by the given permission.
|
|
117
|
-
*/
|
|
118
|
-
// public function can($permissionName, $params = [], $allowCaching = true)
|
|
119
|
-
// {
|
|
120
|
-
// if ($allowCaching && empty($params) && isset($this->_access[$permissionName])) {
|
|
121
|
-
// return $this->_access[$permissionName];
|
|
122
|
-
// }
|
|
123
|
-
// if (($accessChecker = $this->getAccessChecker()) === null) {
|
|
124
|
-
// return false;
|
|
125
|
-
// }
|
|
126
|
-
// $access = $accessChecker->checkAccess($this->getId(), $permissionName, $params);
|
|
127
|
-
// if ($allowCaching && empty($params)) {
|
|
128
|
-
// $this->_access[$permissionName] = $access;
|
|
129
|
-
// }
|
|
130
|
-
//
|
|
131
|
-
// return $access;
|
|
132
|
-
// }
|
|
133
|
-
can(permissionName, params = [], allowCaching = true) {
|
|
134
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
135
|
-
let access;
|
|
136
|
-
let accessChecker;
|
|
137
|
-
if ((accessChecker = this.getAccessChecker()) == null)
|
|
138
|
-
return false;
|
|
139
|
-
access = yield accessChecker.checkAccess(this.getId(), permissionName, params);
|
|
140
|
-
if (allowCaching && Utils_1.default.isEmpty(params)) {
|
|
141
|
-
// this._access[$permissionName] = $access;
|
|
142
|
-
}
|
|
143
|
-
return access;
|
|
144
|
-
});
|
|
145
|
-
}
|
|
146
|
-
/**
|
|
147
|
-
* Returns auth manager associated with the user component.
|
|
148
|
-
*
|
|
149
|
-
* By default this is the `authManager` application component.
|
|
150
|
-
* You may override this method to return a different auth manager instance if needed.
|
|
151
|
-
* @return \yii\rbac\ManagerInterface
|
|
152
|
-
* @since 2.0.6
|
|
153
|
-
*/
|
|
154
|
-
getAuthManager() {
|
|
155
|
-
return BaseChyz_1.default.getComponent('authManager');
|
|
156
|
-
}
|
|
157
|
-
/**
|
|
158
|
-
* Returns the access checker used for checking access.
|
|
159
|
-
* @return CheckAccessInterface
|
|
160
|
-
*/
|
|
161
|
-
getAccessChecker() {
|
|
162
|
-
return this.accessChecker !== null ? this.accessChecker : this.getAuthManager();
|
|
163
|
-
}
|
|
164
|
-
}
|
|
165
|
-
exports.WebUser = WebUser;
|
|
166
|
-
//# sourceMappingURL=WebUser.js.map
|
package/dist/web/WebUser.js.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"WebUser.js","sourceRoot":"","sources":["../../web/WebUser.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;GAKG;AACH,2DAAmC;AACnC,iDAA4C;AAC5C,2EAAsE;AACtE,2EAAsE;AAEtE,gEAAwC;AAGxC,MAAa,OAAQ,SAAQ,qBAAS;IAAtC;;QAOI;;;;;WAKG;QACI,kBAAa,GAAQ,IAAI,CAAC;IA+JrC,CAAC;IA5JG,IAAI,QAAQ;QACR,OAAO,IAAI,CAAC,SAAS,CAAC;IAC1B,CAAC;IAED,IAAI,QAAQ,CAAC,KAAK;QACd,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IAC3B,CAAC;IAEM,IAAI;QACP,KAAK,CAAC,IAAI,EAAE,CAAC;QAEb,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE;YAC7B,MAAM,IAAI,+CAAsB,CAAC,kCAAkC,CAAC,CAAC;SACxE;QAGD,IAAI,CAAC,aAAa,GAAG,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;IAElD,CAAC;IAEM,UAAU;QACb,OAAO,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC;IACvC,CAAC;IAEM,WAAW,CAAC,SAAS,GAAG,IAAI;QAC/B,OAAO,IAAI,CAAC,SAAS,CAAC;IAC1B,CAAC;IAEM,aAAa;QAEhB,MAAM,IAAI,+CAAsB,CAAC,kBAAQ,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACnE,CAAC;IAGD;;;;OAIG;IACO,mBAAmB;IAE7B,CAAC;IAED;;;;OAIG;IACU,kBAAkB,CAAC,KAAU,EAAE,OAAY,IAAI;;YAExD,IAAI,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC;YAChC,IAAI,MAAM,CAAC,yBAAyB,EAAE;gBAClC,IAAI,CAAC,QAAQ,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;gBACnE,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAC5C,OAAO,IAAI,CAAC,QAAQ,CAAC;iBACxB;aACJ;iBAAM;gBACH,kBAAQ,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAA;aACjE;YACD,OAAO,IAAI,CAAC;QAChB,CAAC;KAAA;IAEM,KAAK,CAAC,QAA2B,EAAE,QAAQ,GAAG,CAAC;QAElD,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE;SAEhD;QACD,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,CAAA;IAC7B,CAAC;IAEM,WAAW,CAAC,QAAa,EAAE,WAAoB,EAAE,QAAgB;QAEpE,OAAO,IAAI,CAAC;IAChB,CAAC;IAEM,UAAU;IAEjB,CAAC;IAEM,KAAK;QACR,IAAI,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAClC,OAAO,QAAQ,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IACvD,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACH,2EAA2E;IAC3E,IAAI;IACJ,uFAAuF;IACvF,kDAAkD;IAClD,QAAQ;IACR,mEAAmE;IACnE,wBAAwB;IACxB,QAAQ;IACR,uFAAuF;IACvF,6CAA6C;IAC7C,qDAAqD;IACrD,QAAQ;IACR,EAAE;IACF,sBAAsB;IACtB,IAAI;IAES,GAAG,CAAC,cAAsB,EAAE,MAAM,GAAG,EAAE,EAAE,YAAY,GAAG,IAAI;;YAErE,IAAI,MAAM,CAAC;YACX,IAAI,aAA0B,CAAC;YAC/B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC,IAAI,IAAI;gBACjD,OAAO,KAAK,CAAC;YAGjB,MAAM,GAAG,MAAM,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,cAAc,EAAE,MAAM,CAAC,CAAC;YAE/E,IAAI,YAAY,IAAI,eAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;gBACvC,2CAA2C;aAC9C;YAED,OAAO,MAAM,CAAC;QAElB,CAAC;KAAA;IAED;;;;;;;OAOG;IACO,cAAc;QACpB,OAAO,kBAAQ,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACO,gBAAgB;QACtB,OAAO,IAAI,CAAC,aAAa,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;IACpF,CAAC;CAGJ;AA5KD,0BA4KC"}
|
package/filters/AccessControl.ts
DELETED
|
@@ -1,77 +0,0 @@
|
|
|
1
|
-
/*
|
|
2
|
-
* Copyright (c) 2021. Chy Bilgisayar Bilisim
|
|
3
|
-
* Author: Cihan Ozturk
|
|
4
|
-
* E-mail: cihan@chy.com.tr
|
|
5
|
-
* Github:https://github.com/cihan53/
|
|
6
|
-
*/
|
|
7
|
-
import BaseChyz from "../BaseChyz";
|
|
8
|
-
import {ForbiddenHttpException} from "../base/ForbiddenHttpException";
|
|
9
|
-
import {ActionFilter} from "../base/ActionFilter";
|
|
10
|
-
import {AccessRule} from "./AccessRule";
|
|
11
|
-
import {WebUser} from "../web/WebUser";
|
|
12
|
-
import Utils from "../requiments/Utils";
|
|
13
|
-
import {NextFunction, Request, Response} from "express";
|
|
14
|
-
|
|
15
|
-
var _ = require('lodash');
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
export class AccessControl extends ActionFilter {
|
|
19
|
-
|
|
20
|
-
public user: any = null;
|
|
21
|
-
public rules: any;
|
|
22
|
-
public denyCallback: any = null;
|
|
23
|
-
|
|
24
|
-
public init() {
|
|
25
|
-
super.init()
|
|
26
|
-
|
|
27
|
-
if (this.user == undefined) {
|
|
28
|
-
this.user = Utils.cloneDeep(BaseChyz.getComponent("user")) ?? new WebUser();
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
this.rules.forEach((rule: any, index: number) => {
|
|
32
|
-
if (rule === Object(rule)) {
|
|
33
|
-
this.rules[index] = Utils.createObject(new AccessRule(), rule);
|
|
34
|
-
}
|
|
35
|
-
})
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
public async beforeAction(action: any, request: Request) {
|
|
40
|
-
let allow;
|
|
41
|
-
// @ts-ignore
|
|
42
|
-
let user = request.user ?? this.user;
|
|
43
|
-
// @ts-ignore
|
|
44
|
-
user.identity = request.identity ?? null;
|
|
45
|
-
|
|
46
|
-
for (const rulesKey in this.rules) {
|
|
47
|
-
|
|
48
|
-
let rule = this.rules[rulesKey];
|
|
49
|
-
if ((allow = await rule.allows(action, user, request))) {
|
|
50
|
-
return true;
|
|
51
|
-
} else if (allow === false) {
|
|
52
|
-
if (this.denyCallback != null) {
|
|
53
|
-
rule.denyCallback.apply(rule, action);
|
|
54
|
-
} else {
|
|
55
|
-
this.denyAccess(user);
|
|
56
|
-
}
|
|
57
|
-
return false;
|
|
58
|
-
}
|
|
59
|
-
}
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
if (this.denyCallback != null) {
|
|
63
|
-
this.denyCallback.apply(null, action);
|
|
64
|
-
} else {
|
|
65
|
-
this.denyAccess(user);
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
return false;
|
|
69
|
-
}
|
|
70
|
-
|
|
71
|
-
public denyAccess(user: WebUser) {
|
|
72
|
-
if (user != undefined && user.getIsGuest()) {
|
|
73
|
-
user.loginRequired();
|
|
74
|
-
} else throw new ForbiddenHttpException(BaseChyz.t('You are not allowed to perform this action.'));
|
|
75
|
-
}
|
|
76
|
-
|
|
77
|
-
}
|