chyz 1.0.13-rc.9 → 1.1.0-rc.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/BaseChyz.ts +74 -20
- package/Doc/Moel kullanma.md +13 -0
- package/Examples/Controllers/ApiController.ts +22 -22
- package/Examples/Controllers/BasicApiController.ts +121 -0
- package/Examples/Controllers/SiteController.ts +18 -8
- package/Examples/Models/AuthAssignment.ts +50 -0
- package/Examples/Models/AuthItem.ts +59 -0
- package/Examples/Models/AuthItemChild.ts +49 -0
- package/Examples/Models/Categories.ts +4 -0
- package/Examples/Models/KeycloakUser.ts +4 -0
- package/Examples/Models/User.ts +8 -1
- package/Examples/index.ts +22 -2
- package/Examples/log/app.log +14466 -0
- package/Examples/log/errors.log +594 -0
- package/Examples/package.json +5 -2
- package/README.md +265 -12
- package/base/ActionFilter.ts +1 -1
- package/base/BaseError.ts +4 -2
- package/base/DbConnection.ts +9 -5
- package/base/Model.ts +231 -30
- package/base/ModelManager.ts +6 -1
- package/base/RestClient.ts +4 -4
- package/base/ValidationHttpException.ts +1 -1
- package/dist/BaseChyz.js +42 -8
- package/dist/BaseChyz.js.map +1 -1
- package/dist/base/ActionFilter.js +1 -1
- package/dist/base/ActionFilter.js.map +1 -1
- package/dist/base/BaseError.js +6 -2
- package/dist/base/BaseError.js.map +1 -1
- package/dist/base/DbConnection.js.map +1 -1
- package/dist/base/Model.js +186 -4
- package/dist/base/Model.js.map +1 -1
- package/dist/base/ModelManager.js +0 -8
- package/dist/base/ModelManager.js.map +1 -1
- package/dist/base/RestClient.js +4 -4
- package/dist/base/RestClient.js.map +1 -1
- package/dist/base/ValidationHttpException.js +1 -1
- package/dist/filters/AccessControl.js +15 -3
- package/dist/filters/AccessControl.js.map +1 -1
- package/dist/filters/AccessRule.js +99 -38
- package/dist/filters/AccessRule.js.map +1 -1
- package/dist/filters/auth/HttpBasicAuth.js +65 -0
- package/dist/filters/auth/HttpBasicAuth.js.map +1 -1
- package/dist/filters/auth/index.js +1 -0
- package/dist/filters/auth/index.js.map +1 -1
- package/dist/package.json +1 -3
- package/dist/rbac/AuthAssignment.js +45 -0
- package/dist/rbac/AuthAssignment.js.map +1 -0
- package/dist/rbac/AuthItem.js +52 -0
- package/dist/rbac/AuthItem.js.map +1 -0
- package/dist/rbac/AuthItemChild.js +44 -0
- package/dist/rbac/AuthItemChild.js.map +1 -0
- package/dist/rbac/AuthManager.js +13 -5
- package/dist/rbac/AuthManager.js.map +1 -1
- package/dist/requiments/Utils.js +5 -1
- package/dist/requiments/Utils.js.map +1 -1
- package/dist/web/WebUser.js +78 -0
- package/dist/web/WebUser.js.map +1 -1
- package/filters/AccessControl.ts +19 -6
- package/filters/AccessRule.ts +61 -16
- package/filters/auth/HttpBasicAuth.ts +68 -0
- package/filters/auth/index.ts +1 -0
- package/package.json +2 -3
- package/rbac/AuthAssignment.ts +50 -0
- package/rbac/AuthItem.ts +57 -0
- package/rbac/AuthItemChild.ts +50 -0
- package/rbac/AuthManager.ts +19 -9
- package/requiments/Utils.ts +6 -0
- package/web/IdentityInterface.ts +6 -0
- package/web/WebUser.ts +88 -1
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/*
|
|
3
|
+
* Copyright (c) 2021. Chy Bilgisayar Bilisim
|
|
4
|
+
* Author: Cihan Ozturk
|
|
5
|
+
* E-mail: cihan@chy.com.tr
|
|
6
|
+
* Github:https://github.com/cihan53/
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.AuthAssignmentClass = void 0;
|
|
10
|
+
const base_1 = require("../base");
|
|
11
|
+
class AuthAssignmentClass extends base_1.Model {
|
|
12
|
+
tableName() {
|
|
13
|
+
return 'auth_assignment';
|
|
14
|
+
}
|
|
15
|
+
attributes() {
|
|
16
|
+
return {
|
|
17
|
+
// Model attributes are defined here
|
|
18
|
+
item_name: {
|
|
19
|
+
type: base_1.DataTypes.STRING,
|
|
20
|
+
primaryKey: true,
|
|
21
|
+
allowNull: false
|
|
22
|
+
},
|
|
23
|
+
user_id: {
|
|
24
|
+
type: base_1.DataTypes.STRING,
|
|
25
|
+
allowNull: false
|
|
26
|
+
}
|
|
27
|
+
};
|
|
28
|
+
}
|
|
29
|
+
init() {
|
|
30
|
+
super.init();
|
|
31
|
+
this.model().removeAttribute('id');
|
|
32
|
+
}
|
|
33
|
+
relations() {
|
|
34
|
+
return [
|
|
35
|
+
{
|
|
36
|
+
type: "hasMany",
|
|
37
|
+
foreignKey: "name",
|
|
38
|
+
sourceKey: 'item_name',
|
|
39
|
+
model: base_1.ModelManager.AuthItem.model()
|
|
40
|
+
}
|
|
41
|
+
];
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
exports.AuthAssignmentClass = AuthAssignmentClass;
|
|
45
|
+
//# sourceMappingURL=AuthAssignment.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AuthAssignment.js","sourceRoot":"","sources":["../../rbac/AuthAssignment.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAEH,kCAAiE;AAEjE,MAAa,mBAAoB,SAAQ,YAAK;IAG1C,SAAS;QACL,OAAO,iBAAiB,CAAC;IAC7B,CAAC;IACD,UAAU;QACN,OAAO;YAEH,oCAAoC;YACpC,SAAS,EAAE;gBACP,IAAI,EAAE,gBAAS,CAAC,MAAM;gBACtB,UAAU,EAAC,IAAI;gBACf,SAAS,EAAE,KAAK;aACnB;YACD,OAAO,EAAG;gBACN,IAAI,EAAE,gBAAS,CAAC,MAAM;gBACtB,SAAS,EAAE,KAAK;aACnB;SAEJ,CAAA;IACL,CAAC;IAED,IAAI;QACA,KAAK,CAAC,IAAI,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAA;IACtC,CAAC;IAED,SAAS;QACL,OAAO;YACH;gBACI,IAAI,EAAE,SAAS;gBACf,UAAU,EAAE,MAAM;gBAClB,SAAS,EAAC,WAAW;gBACrB,KAAK,EAAE,mBAAY,CAAC,QAAQ,CAAC,KAAK,EAAE;aACvC;SACJ,CAAA;IACL,CAAC;CAEJ;AAvCD,kDAuCC"}
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/*
|
|
3
|
+
* Copyright (c) 2021. Chy Bilgisayar Bilisim
|
|
4
|
+
* Author: Cihan Ozturk
|
|
5
|
+
* E-mail: cihan@chy.com.tr
|
|
6
|
+
* Github:https://github.com/cihan53/
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.AuthItemClass = void 0;
|
|
10
|
+
const base_1 = require("../base");
|
|
11
|
+
class AuthItemClass extends base_1.Model {
|
|
12
|
+
tableName() {
|
|
13
|
+
return 'auth_item';
|
|
14
|
+
}
|
|
15
|
+
attributes() {
|
|
16
|
+
return {
|
|
17
|
+
// Model attributes are defined here
|
|
18
|
+
name: {
|
|
19
|
+
type: base_1.DataTypes.STRING,
|
|
20
|
+
primaryKey: true,
|
|
21
|
+
allowNull: false
|
|
22
|
+
},
|
|
23
|
+
type: {
|
|
24
|
+
type: base_1.DataTypes.INTEGER,
|
|
25
|
+
allowNull: false
|
|
26
|
+
},
|
|
27
|
+
description: {
|
|
28
|
+
type: base_1.DataTypes.STRING,
|
|
29
|
+
allowNull: false
|
|
30
|
+
},
|
|
31
|
+
rule_name: {
|
|
32
|
+
type: base_1.DataTypes.STRING,
|
|
33
|
+
allowNull: false
|
|
34
|
+
}
|
|
35
|
+
};
|
|
36
|
+
}
|
|
37
|
+
init() {
|
|
38
|
+
super.init();
|
|
39
|
+
this.model().removeAttribute('id');
|
|
40
|
+
}
|
|
41
|
+
relations() {
|
|
42
|
+
return [
|
|
43
|
+
{
|
|
44
|
+
type: "hasOne",
|
|
45
|
+
foreignKey: "item_name",
|
|
46
|
+
model: base_1.ModelManager.AuthAssignment.model()
|
|
47
|
+
}
|
|
48
|
+
];
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
exports.AuthItemClass = AuthItemClass;
|
|
52
|
+
//# sourceMappingURL=AuthItem.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AuthItem.js","sourceRoot":"","sources":["../../rbac/AuthItem.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAEH,kCAAiE;AAEjE,MAAa,aAAc,SAAQ,YAAK;IAGpC,SAAS;QACL,OAAO,WAAW,CAAC;IACvB,CAAC;IAED,UAAU;QACN,OAAO;YACH,oCAAoC;YACpC,IAAI,EAAE;gBACF,IAAI,EAAE,gBAAS,CAAC,MAAM;gBACtB,UAAU,EAAC,IAAI;gBACf,SAAS,EAAE,KAAK;aACnB;YACD,IAAI,EAAE;gBACF,IAAI,EAAE,gBAAS,CAAC,OAAO;gBACvB,SAAS,EAAE,KAAK;aACnB;YACD,WAAW,EAAE;gBACT,IAAI,EAAE,gBAAS,CAAC,MAAM;gBACtB,SAAS,EAAE,KAAK;aACnB;YACD,SAAS,EAAE;gBACP,IAAI,EAAE,gBAAS,CAAC,MAAM;gBACtB,SAAS,EAAE,KAAK;aACnB;SAEJ,CAAA;IACL,CAAC;IAED,IAAI;QACA,KAAK,CAAC,IAAI,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAA;IACtC,CAAC;IAED,SAAS;QACL,OAAO;YACH;gBACI,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE,WAAW;gBACvB,KAAK,EAAE,mBAAY,CAAC,cAAc,CAAC,KAAK,EAAE;aAC7C;SACJ,CAAA;IACL,CAAC;CAEJ;AA9CD,sCA8CC"}
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/*
|
|
3
|
+
* Copyright (c) 2021. Chy Bilgisayar Bilisim
|
|
4
|
+
* Author: Cihan Ozturk
|
|
5
|
+
* E-mail: cihan@chy.com.tr
|
|
6
|
+
* Github:https://github.com/cihan53/
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.AuthItemChildClass = void 0;
|
|
10
|
+
const base_1 = require("../base");
|
|
11
|
+
class AuthItemChildClass extends base_1.Model {
|
|
12
|
+
tableName() {
|
|
13
|
+
return 'auth_item_child';
|
|
14
|
+
}
|
|
15
|
+
attributes() {
|
|
16
|
+
return {
|
|
17
|
+
// Model attributes are defined here
|
|
18
|
+
parent: {
|
|
19
|
+
type: base_1.DataTypes.STRING,
|
|
20
|
+
primaryKey: true,
|
|
21
|
+
allowNull: false
|
|
22
|
+
},
|
|
23
|
+
child: {
|
|
24
|
+
type: base_1.DataTypes.STRING,
|
|
25
|
+
allowNull: false
|
|
26
|
+
}
|
|
27
|
+
};
|
|
28
|
+
}
|
|
29
|
+
init() {
|
|
30
|
+
super.init();
|
|
31
|
+
this.model().removeAttribute('id');
|
|
32
|
+
}
|
|
33
|
+
relations() {
|
|
34
|
+
return [
|
|
35
|
+
{
|
|
36
|
+
type: "hasOne",
|
|
37
|
+
foreignKey: "item_name",
|
|
38
|
+
model: base_1.ModelManager.AuthAssignment.model()
|
|
39
|
+
}
|
|
40
|
+
];
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
exports.AuthItemChildClass = AuthItemChildClass;
|
|
44
|
+
//# sourceMappingURL=AuthItemChild.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AuthItemChild.js","sourceRoot":"","sources":["../../rbac/AuthItemChild.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAIH,kCAAiE;AAEjE,MAAa,kBAAmB,SAAQ,YAAK;IAGzC,SAAS;QACL,OAAO,iBAAiB,CAAC;IAC7B,CAAC;IAED,UAAU;QACN,OAAO;YACH,oCAAoC;YACpC,MAAM,EAAE;gBACJ,IAAI,EAAE,gBAAS,CAAC,MAAM;gBACtB,UAAU,EAAC,IAAI;gBACf,SAAS,EAAE,KAAK;aACnB;YACD,KAAK,EAAE;gBACH,IAAI,EAAE,gBAAS,CAAC,MAAM;gBACtB,SAAS,EAAE,KAAK;aACnB;SACJ,CAAA;IACL,CAAC;IAED,IAAI;QACA,KAAK,CAAC,IAAI,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAA;IACtC,CAAC;IAED,SAAS;QACL,OAAO;YACH;gBACI,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE,WAAW;gBACvB,KAAK,EAAE,mBAAY,CAAC,cAAc,CAAC,KAAK,EAAE;aAC7C;SACJ,CAAA;IACL,CAAC;CAEJ;AArCD,gDAqCC"}
|
package/dist/rbac/AuthManager.js
CHANGED
|
@@ -58,12 +58,15 @@ class AuthManager extends base_1.Component {
|
|
|
58
58
|
* @todo
|
|
59
59
|
* Rule test edilmeli
|
|
60
60
|
*/
|
|
61
|
+
if (assignments[itemname] || Utils_1.default.find(this.defaultRoles, itemname)) {
|
|
62
|
+
return true;
|
|
63
|
+
}
|
|
61
64
|
/**
|
|
62
65
|
* item child
|
|
63
66
|
*/
|
|
64
|
-
let parents = yield base_1.ModelManager.AuthItemChild.findAll({ where: { child: itemname } });
|
|
67
|
+
let parents = yield base_1.ModelManager.AuthItemChild.findAll({ attributes: ["parent"], where: { child: itemname } });
|
|
65
68
|
for (const parent of parents) {
|
|
66
|
-
let r = yield this.checkAccessRecursive(user, parent, params, assignments);
|
|
69
|
+
let r = yield this.checkAccessRecursive(user, parent.parent, params, assignments);
|
|
67
70
|
if (r) {
|
|
68
71
|
return true;
|
|
69
72
|
}
|
|
@@ -303,9 +306,14 @@ class AuthManager extends base_1.Component {
|
|
|
303
306
|
return {};
|
|
304
307
|
}
|
|
305
308
|
let assignments = {};
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
+
try {
|
|
310
|
+
let as = yield base_1.ModelManager.AuthAssignment.findAll({ where: { user_id: userId.toString() } });
|
|
311
|
+
for (const a of as) {
|
|
312
|
+
assignments[a["item_name"]] = a;
|
|
313
|
+
}
|
|
314
|
+
}
|
|
315
|
+
catch (e) {
|
|
316
|
+
throw new base_1.InvalidConfigException('The user application component must be available to specify roles in AccessRule.');
|
|
309
317
|
}
|
|
310
318
|
return assignments;
|
|
311
319
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthManager.js","sourceRoot":"","sources":["../../rbac/AuthManager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"AuthManager.js","sourceRoot":"","sources":["../../rbac/AuthManager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,kCAAyH;AACzH,oCAA4D;AAC5D,gEAAwC;AAsBxC,MAAa,WAAY,SAAQ,gBAAS;IAA1C;;QAYI,2BAAsB,GAAQ,EAAE,CAAA;QAChC,iBAAY,GAAQ,EAAE,CAAA;IAwW1B,CAAC;IAjXG,IAAI;QACA,gBAAQ,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;IAC1C,CAAC;IAUD;;OAEG;IAEU,WAAW,CAAC,MAAc,EAAE,cAAsB,EAAE,SAAgB,EAAE;;YAC/E,IAAI,WAAgB,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE;gBACjD,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBAChD,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,GAAG,WAAW,CAAC;aAChE;iBAAM;gBACH,WAAW,GAAG,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAA;aAC/D;YAGD,2CAA2C;YAC3C,IAAI,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,EAAE;gBACpC,OAAO,KAAK,CAAC;aAChB;YAGD,OAAO,MAAM,IAAI,CAAC,oBAAoB,CAAC,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;QACxF,CAAC;KAAA;IAEK,oBAAoB;;QAG1B,CAAC;KAAA;IAEY,oBAAoB,CAAC,IAAqB,EAAE,QAAgB,EAAE,MAAa,EAAE,WAAgB;;YACtG,IAAI,IAAI,GAAQ,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC7C,IAAI,CAAC,IAAI;gBAAE,OAAO,KAAK,CAAC;YAExB;;;eAGG;YAEH,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,eAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,EAAE;gBAClE,OAAO,IAAI,CAAC;aACf;YAED;;eAEG;YACH,IAAI,OAAO,GAAG,MAAM,mBAAY,CAAC,aAAa,CAAC,OAAO,CAAC,EAAC,UAAU,EAAC,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,EAAC,KAAK,EAAE,QAAQ,EAAC,EAAC,CAAC,CAAC;YAC1G,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE;gBAC1B,IAAI,CAAC,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;gBAClF,IAAI,CAAC,EAAE;oBACH,OAAO,IAAI,CAAC;iBACf;aACJ;YAED,OAAO,KAAK,CAAC;QAEjB,CAAC;KAAA;IAED;;;OAGG;IACU,OAAO,CAAC,IAAY;;YAC7B,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC;YAEvB,OAAO,MAAM,mBAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC,EAAC,CAAC,CAAA;QAErE,CAAC;KAAA;IAEY,QAAQ,CAAC,IAAY;;YAC9B,IAAI,KAAK,GAAQ,EAAE,CAAC;YACpB,IAAI,MAAM,GAAG,MAAM,mBAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC,EAAC,CAAC,CAAA;YACvE,IAAI,MAAM;gBACN,MAAM,CAAC,OAAO,CAAC,CAAC,IAAS,EAAE,EAAE;oBACzB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,UAAkB,CAAC;gBAClD,CAAC,CAAC,CAAA;YAEN,OAAO,KAAK,CAAA;QAEhB,CAAC;KAAA;IAEY,cAAc,CAAC,MAAc;;YACtC,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE;gBACvC,OAAO,EAAE,CAAC;aACb;YAGD,IAAI,KAAK,GAAQ,EAAE,CAAA;YACnB,IAAI,KAAK,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC;gBAClD,KAAK,EAAE;oBACH,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE;oBAC1B,wBAAwB,EAAE,WAAW,CAAC,SAAS;iBAClD;gBACD,OAAO,EAAE,CAAC;wBACN,KAAK,EAAE,mBAAY,CAAC,QAAQ,CAAC,KAAK,EAAE;qBACvC,CAAC;aACL,CAAC,CAAA;YACF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACtB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,eAAe;oBAChC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,UAAkB,CAAC;aAC/C;YAED,OAAO,KAAK,CAAC;QAEjB,CAAC;KAAA;IAED;;;OAGG;IACU,aAAa,CAAC,QAAgB;;YACvC,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACxC,IAAI,IAAI,KAAK,IAAI,EAAE;gBACf,MAAM,IAAI,gCAAwB,CAAC,SAAS,QAAQ,cAAc,CAAC,CAAC;aACvE;YACD,MAAM,MAAM,GAAQ,EAAC,MAAM,EAAE,EAAE,EAAC,CAAC;YACjC,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,MAAM,IAAI,CAAC,eAAe,EAAE,EAAE,MAAM,CAAC,CAAC;YAChF,IAAI,KAAK,GAAQ,EAAE,CAAC;YACpB,KAAK,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;YACvB,IAAI,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnC,IAAI,EAAE,GAAQ,EAAE,CAAC;YACjB,eAAK,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,IAAU,EAAE,EAAE;gBACjC,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;oBACxB,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;YAC7B,CAAC,CAAC,CAAA;YAGF,OAAO,eAAK,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;KAAA;IAED;;;OAGG;IACU,oBAAoB,CAAC,QAAgB;;YAC9C,IAAI,YAAY,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1C,MAAM,MAAM,GAAG,EAAC,MAAM,EAAE,EAAE,EAAC,CAAA;YAC3B,IAAI,WAAW,GAAQ,EAAE,CAAA;YACzB,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC;YAChE,IAAI,eAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;gBAC9B,OAAO,EAAE,CAAC;aACb;YAED,IAAI,UAAU,GAAG,MAAM,mBAAY,CAAC,QAAQ,CAAC,OAAO,CAAC;gBACjD,KAAK,EAAE;oBACH,IAAI,EAAE,WAAW,CAAC,eAAe;oBACjC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;iBACnC;aACJ,CAAC,CAAC;YACH,KAAK,MAAM,WAAW,IAAI,UAAU,EAAE;gBAClC,WAAW,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,GAAG,WAAW,CAAC,UAAwB,CAAA;aAC1E;YAED,OAAO,WAAW,CAAC;QAEvB,CAAC;KAAA;IAED;;;OAGG;IACU,oBAAoB,CAAC,MAAc;;YAE5C,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE;gBACvC,OAAO,EAAE,CAAC;aACb;YAED,IAAI,gBAAgB,GAAG,MAAM,IAAI,CAAC,0BAA0B,CAAC,MAAM,CAAC,CAAC;YACrE,IAAI,mBAAmB,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,MAAM,CAAC,CAAC;YAE3E,OAAO,eAAK,CAAC,KAAK,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,CAAC;QAC9D,CAAC;KAAA;IAED;;;OAGG;IACa,0BAA0B,CAAC,MAAc;;YACrD,IAAI,WAAW,GAAQ,EAAE,CAAA;YACzB,IAAI,MAAM,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC;gBACnD,KAAK,EAAE;oBACH,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE;oBAC1B,wBAAwB,EAAE,WAAW,CAAC,eAAe;iBACxD;gBACD,OAAO,EAAE;oBACL;wBACI,KAAK,EAAE,mBAAY,CAAC,QAAQ,CAAC,KAAK,EAAE;qBACvC;iBACJ;aACJ,CAAC,CAAA;YAEF,KAAK,MAAM,aAAa,IAAI,MAAM,EAAE;gBAChC,KAAK,MAAM,CAAC,IAAI,aAAa,CAAC,eAAe;oBACzC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,UAAwB,CAAC;aAC3D;YAGD,OAAO,WAAW,CAAC;QACvB,CAAC;KAAA;IAEe,6BAA6B,CAAC,MAAc;;YACxD,IAAI,cAAc,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAC,EAAE,UAAU,EAAE,CAAC,WAAW,CAAC,EAAC,CAAC,CAAC;YACjI,IAAI,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;YAChD,MAAM,MAAM,GAAQ,EAAC,MAAM,EAAE,EAAE,EAAC,CAAA;YAChC,IAAI,WAAW,GAAQ,EAAE,CAAA;YAEzB,KAAK,MAAM,qBAAqB,IAAI,cAAc,EAAE;gBAChD,IAAI,CAAC,oBAAoB,CAAC,qBAAqB,CAAC,SAAS,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC;aACpF;YAED,IAAI,eAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;gBAC9B,OAAO,EAAE,CAAC;aACb;YAED,IAAI,UAAU,GAAG,MAAM,mBAAY,CAAC,QAAQ,CAAC,OAAO,CAAC;gBACjD,KAAK,EAAE;oBACH,IAAI,EAAE,WAAW,CAAC,eAAe;oBACjC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;iBACnC;aACJ,CAAC,CAAC;YACH,KAAK,MAAM,WAAW,IAAI,UAAU,EAAE;gBAClC,WAAW,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,GAAG,WAAW,CAAC,UAAwB,CAAA;aAC1E;YAED,OAAO,WAAW,CAAC;QACvB,CAAC;KAAA;IAGD;;;OAGG;IACU,cAAc,CAAC,MAAc;;YACtC,IAAI,KAAK,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC;gBAClD,KAAK,EAAE;oBACH,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE;iBAC7B;gBACD,OAAO,EAAE,CAAC;wBACN,KAAK,EAAE,mBAAY,CAAC,QAAQ,CAAC,KAAK,EAAE;qBACvC,CAAC;aACL,CAAC,CAAA;YAEF,OAAO,KAAK,CAAC;QACjB,CAAC;KAAA;IAGD;;;OAGG;IACU,gBAAgB,CAAC,QAAgB;;YAC1C,IAAI,CAAC,QAAQ;gBAAE,OAAO,EAAE,CAAC;YAEzB,OAAO,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,WAAW,EAAE,QAAQ,EAAC,EAAE,UAAU,EAAE,CAAC,SAAS,CAAC,EAAC,CAAC,CAAC;QAChH,CAAC;KAAA;IAGD;;OAEG;IACU,OAAO,CAAC,IAAY;;YAC7B,IAAI,IAAI,GAAS,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAC1C,OAAO,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QACpE,CAAC;KAAA;IAGD;;OAEG;IACI,QAAQ;QACX,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IAChD,CAAC;IAED;;;;;OAKG;IACO,oBAAoB,CAAC,IAAY,EAAE,YAAiB,EAAE,KAAU;QACtE,IAAI,YAAY,CAAC,IAAI,CAAC,EAAE;YACpB,KAAK,MAAM,KAAK,IAAI,YAAY,CAAC,IAAI,CAAC,EAAE;gBACpC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;gBAC3B,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC;aACzD;SACJ;IAEL,CAAC;IAGD;;;;OAIG;IACI,aAAa,CAAC,QAAgB,EAAE,MAAc;QACjD,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE;YAC5B,OAAO,EAAE,CAAC;SACb;QACD,OAAO,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAC,EAAC,CAAC,CAAC;IAEjG,CAAC;IAED;;OAEG;IACU,cAAc,CAAC,MAAc;;YACtC,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE;gBACvC,OAAO,EAAE,CAAC;aACb;YAED,IAAI,WAAW,GAAQ,EAAE,CAAC;YAC1B,IAAI;gBAEA,IAAI,EAAE,GAAG,MAAM,mBAAY,CAAC,cAAc,CAAC,OAAO,CAAC,EAAC,KAAK,EAAE,EAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAC,EAAC,CAAC,CAAC;gBAC1F,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE;oBAChB,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC;iBACnC;aACJ;YAAC,OAAO,CAAC,EAAE;gBACR,MAAM,IAAI,6BAAsB,CAAC,kFAAkF,CAAC,CAAC;aACxH;YACD,OAAO,WAAW,CAAC;QACvB,CAAC;KAAA;IAED;;;;OAIG;IACa,eAAe;;YAC3B,IAAI,KAAK,GAAG,MAAM,mBAAY,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;YACvD,IAAI,OAAO,GAAQ,EAAE,CAAC;YACtB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACtB,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,GAAG,eAAK,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;aAC1F;YAED,OAAO,OAAO,CAAA;QAClB,CAAC;KAAA;IAED;;;;;OAKG;IACO,aAAa,CAAC,MAAc;QAClC,OAAO,CAAC,MAAM,IAAI,MAAM,KAAK,EAAE,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACO,gBAAgB,CAAC,WAAgB;QACvC,OAAO,eAAK,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,eAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IACzE,CAAC;;AApXL,kCAqXC;AApXmB,qBAAS,GAAG,CAAC,CAAC;AACd,2BAAe,GAAG,CAAC,CAAC"}
|
package/dist/requiments/Utils.js
CHANGED
|
@@ -33,7 +33,11 @@ function wildTest(wildcard, str) {
|
|
|
33
33
|
const matchWildcard = (pattern, string, options = {}) => {
|
|
34
34
|
return wildTest(pattern, string);
|
|
35
35
|
};
|
|
36
|
-
|
|
36
|
+
const t = function (text) {
|
|
37
|
+
return text;
|
|
38
|
+
};
|
|
39
|
+
exports.default = Object.assign({ t,
|
|
40
|
+
createObject,
|
|
37
41
|
findKeyValue,
|
|
38
42
|
sleep,
|
|
39
43
|
matchWildcard }, _);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Utils.js","sourceRoot":"","sources":["../../requiments/Utils.ts"],"names":[],"mappings":";;AASA,MAAM,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;AAE5B,MAAM,YAAY,GAAG,CAAC,MAAW,EAAE,MAAW,EAAE,EAAE;IAC9C,IAAI,SAAS,GAAQ,EAAE,CAAA;IACvB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QAClC,SAAS,CAAC,KAAK,CAAC,GAAG,EAAE,CAAA;QACrB,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE;YAC5B,QAAQ,EAAE,IAAI;YACd,YAAY,EAAE,IAAI;YAClB,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC;SACvB,CAAC,CAAC;IACP,CAAC,CAAC,CAAA;IACF,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;AAC5C,CAAC,CAAA;AAED,MAAM,YAAY,GAAG,CAAC,MAAW,EAAE,OAAe,EAAE,EAAE;IAClD,IAAI,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC,CAAA;IACtF,IAAI,GAAG,EAAE;QACL,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;KACtB;IAED,OAAO,IAAI,CAAA;AACf,CAAC,CAAA;AAGD,MAAM,KAAK,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,EAAE;IAC1B,IAAI,QAAQ,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,OAAO,GAAG,IAAI,CAAC,CAAC;IAC/D,OAAO,QAAQ,GAAG,IAAI,IAAI,EAAE,EAAE;KAC7B;AACL,CAAC,CAAA;AAGD,SAAS,QAAQ,CAAC,QAAgB,EAAE,GAAW;IAC3C,IAAI,CAAC,GAAG,QAAQ,CAAC,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC,CAAC,gBAAgB;IACvE,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,EAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5E,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,+CAA+C;AACxE,CAAC;AAED,MAAM,aAAa,GAAG,CAAC,OAAe,EAAE,MAAc,EAAE,UAAe,EAAE,EAAE,EAAE;IACzE,OAAO,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;AACpC,CAAC,CAAA;
|
|
1
|
+
{"version":3,"file":"Utils.js","sourceRoot":"","sources":["../../requiments/Utils.ts"],"names":[],"mappings":";;AASA,MAAM,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;AAE5B,MAAM,YAAY,GAAG,CAAC,MAAW,EAAE,MAAW,EAAE,EAAE;IAC9C,IAAI,SAAS,GAAQ,EAAE,CAAA;IACvB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QAClC,SAAS,CAAC,KAAK,CAAC,GAAG,EAAE,CAAA;QACrB,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE;YAC5B,QAAQ,EAAE,IAAI;YACd,YAAY,EAAE,IAAI;YAClB,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC;SACvB,CAAC,CAAC;IACP,CAAC,CAAC,CAAA;IACF,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;AAC5C,CAAC,CAAA;AAED,MAAM,YAAY,GAAG,CAAC,MAAW,EAAE,OAAe,EAAE,EAAE;IAClD,IAAI,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC,CAAA;IACtF,IAAI,GAAG,EAAE;QACL,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;KACtB;IAED,OAAO,IAAI,CAAA;AACf,CAAC,CAAA;AAGD,MAAM,KAAK,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,EAAE;IAC1B,IAAI,QAAQ,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,OAAO,GAAG,IAAI,CAAC,CAAC;IAC/D,OAAO,QAAQ,GAAG,IAAI,IAAI,EAAE,EAAE;KAC7B;AACL,CAAC,CAAA;AAGD,SAAS,QAAQ,CAAC,QAAgB,EAAE,GAAW;IAC3C,IAAI,CAAC,GAAG,QAAQ,CAAC,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC,CAAC,gBAAgB;IACvE,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,EAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5E,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,+CAA+C;AACxE,CAAC;AAED,MAAM,aAAa,GAAG,CAAC,OAAe,EAAE,MAAc,EAAE,UAAe,EAAE,EAAE,EAAE;IACzE,OAAO,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;AACpC,CAAC,CAAA;AAED,MAAM,CAAC,GAAG,UAAU,IAAY;IAC5B,OAAO,IAAI,CAAC;AAChB,CAAC,CAAA;AAED,kCACI,CAAC;IACD,YAAY;IACZ,YAAY;IACZ,KAAK;IACL,aAAa,IACV,CAAC,EACP"}
|
package/dist/web/WebUser.js
CHANGED
|
@@ -23,7 +23,18 @@ const BaseChyz_1 = __importDefault(require("../BaseChyz"));
|
|
|
23
23
|
const Component_1 = require("../base/Component");
|
|
24
24
|
const ForbiddenHttpException_1 = require("../base/ForbiddenHttpException");
|
|
25
25
|
const InvalidConfigException_1 = require("../base/InvalidConfigException");
|
|
26
|
+
const Utils_1 = __importDefault(require("../requiments/Utils"));
|
|
26
27
|
class WebUser extends Component_1.Component {
|
|
28
|
+
constructor() {
|
|
29
|
+
super(...arguments);
|
|
30
|
+
/**
|
|
31
|
+
* @var CheckAccessInterface|string|array The access checker object to use for checking access or the application
|
|
32
|
+
* component ID of the access checker.
|
|
33
|
+
* If not set the application auth manager will be used.
|
|
34
|
+
* @since 2.0.9
|
|
35
|
+
*/
|
|
36
|
+
this.accessChecker = null;
|
|
37
|
+
}
|
|
27
38
|
get identity() {
|
|
28
39
|
return this._identity;
|
|
29
40
|
}
|
|
@@ -83,6 +94,73 @@ class WebUser extends Component_1.Component {
|
|
|
83
94
|
}
|
|
84
95
|
afterLogin() {
|
|
85
96
|
}
|
|
97
|
+
getId() {
|
|
98
|
+
let identity = this.getIdentity();
|
|
99
|
+
return identity !== null ? identity.getId() : null;
|
|
100
|
+
}
|
|
101
|
+
/**
|
|
102
|
+
* Checks if the user can perform the operation as specified by the given permission.
|
|
103
|
+
*
|
|
104
|
+
* Note that you must configure "authManager" application component in order to use this method.
|
|
105
|
+
* Otherwise it will always return false.
|
|
106
|
+
*
|
|
107
|
+
* @param string $permissionName the name of the permission (e.g. "edit post") that needs access check.
|
|
108
|
+
* @param array $params name-value pairs that would be passed to the rules associated
|
|
109
|
+
* with the roles and permissions assigned to the user.
|
|
110
|
+
* @param bool $allowCaching whether to allow caching the result of access check.
|
|
111
|
+
* When this parameter is true (default), if the access check of an operation was performed
|
|
112
|
+
* before, its result will be directly returned when calling this method to check the same
|
|
113
|
+
* operation. If this parameter is false, this method will always call
|
|
114
|
+
* [[\yii\rbac\CheckAccessInterface::checkAccess()]] to obtain the up-to-date access result. Note that this
|
|
115
|
+
* caching is effective only within the same request and only works when `$params = []`.
|
|
116
|
+
* @return bool whether the user can perform the operation as specified by the given permission.
|
|
117
|
+
*/
|
|
118
|
+
// public function can($permissionName, $params = [], $allowCaching = true)
|
|
119
|
+
// {
|
|
120
|
+
// if ($allowCaching && empty($params) && isset($this->_access[$permissionName])) {
|
|
121
|
+
// return $this->_access[$permissionName];
|
|
122
|
+
// }
|
|
123
|
+
// if (($accessChecker = $this->getAccessChecker()) === null) {
|
|
124
|
+
// return false;
|
|
125
|
+
// }
|
|
126
|
+
// $access = $accessChecker->checkAccess($this->getId(), $permissionName, $params);
|
|
127
|
+
// if ($allowCaching && empty($params)) {
|
|
128
|
+
// $this->_access[$permissionName] = $access;
|
|
129
|
+
// }
|
|
130
|
+
//
|
|
131
|
+
// return $access;
|
|
132
|
+
// }
|
|
133
|
+
can(permissionName, params = [], allowCaching = true) {
|
|
134
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
135
|
+
let access;
|
|
136
|
+
let accessChecker;
|
|
137
|
+
if ((accessChecker = this.getAccessChecker()) == null)
|
|
138
|
+
return false;
|
|
139
|
+
access = yield accessChecker.checkAccess(this.getId(), permissionName, params);
|
|
140
|
+
if (allowCaching && Utils_1.default.isEmpty(params)) {
|
|
141
|
+
// this._access[$permissionName] = $access;
|
|
142
|
+
}
|
|
143
|
+
return access;
|
|
144
|
+
});
|
|
145
|
+
}
|
|
146
|
+
/**
|
|
147
|
+
* Returns auth manager associated with the user component.
|
|
148
|
+
*
|
|
149
|
+
* By default this is the `authManager` application component.
|
|
150
|
+
* You may override this method to return a different auth manager instance if needed.
|
|
151
|
+
* @return \yii\rbac\ManagerInterface
|
|
152
|
+
* @since 2.0.6
|
|
153
|
+
*/
|
|
154
|
+
getAuthManager() {
|
|
155
|
+
return BaseChyz_1.default.getComponent('authManager');
|
|
156
|
+
}
|
|
157
|
+
/**
|
|
158
|
+
* Returns the access checker used for checking access.
|
|
159
|
+
* @return CheckAccessInterface
|
|
160
|
+
*/
|
|
161
|
+
getAccessChecker() {
|
|
162
|
+
return this.accessChecker !== null ? this.accessChecker : this.getAuthManager();
|
|
163
|
+
}
|
|
86
164
|
}
|
|
87
165
|
exports.WebUser = WebUser;
|
|
88
166
|
//# sourceMappingURL=WebUser.js.map
|
package/dist/web/WebUser.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WebUser.js","sourceRoot":"","sources":["../../web/WebUser.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;GAKG;AACH,2DAAmC;AACnC,iDAA4C;AAC5C,2EAAsE;AACtE,2EAAsE;
|
|
1
|
+
{"version":3,"file":"WebUser.js","sourceRoot":"","sources":["../../web/WebUser.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;GAKG;AACH,2DAAmC;AACnC,iDAA4C;AAC5C,2EAAsE;AACtE,2EAAsE;AAEtE,gEAAwC;AAGxC,MAAa,OAAQ,SAAQ,qBAAS;IAAtC;;QAOI;;;;;WAKG;QACI,kBAAa,GAAQ,IAAI,CAAC;IA+JrC,CAAC;IA5JG,IAAI,QAAQ;QACR,OAAO,IAAI,CAAC,SAAS,CAAC;IAC1B,CAAC;IAED,IAAI,QAAQ,CAAC,KAAK;QACd,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IAC3B,CAAC;IAEM,IAAI;QACP,KAAK,CAAC,IAAI,EAAE,CAAC;QAEb,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE;YAC7B,MAAM,IAAI,+CAAsB,CAAC,kCAAkC,CAAC,CAAC;SACxE;QAGD,IAAI,CAAC,aAAa,GAAG,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;IAElD,CAAC;IAEM,UAAU;QACb,OAAO,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC;IACvC,CAAC;IAEM,WAAW,CAAC,SAAS,GAAG,IAAI;QAC/B,OAAO,IAAI,CAAC,SAAS,CAAC;IAC1B,CAAC;IAEM,aAAa;QAEhB,MAAM,IAAI,+CAAsB,CAAC,kBAAQ,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACnE,CAAC;IAGD;;;;OAIG;IACO,mBAAmB;IAE7B,CAAC;IAED;;;;OAIG;IACU,kBAAkB,CAAC,KAAU,EAAE,OAAY,IAAI;;YAExD,IAAI,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC;YAChC,IAAI,MAAM,CAAC,yBAAyB,EAAE;gBAClC,IAAI,CAAC,QAAQ,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;gBACnE,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAC5C,OAAO,IAAI,CAAC,QAAQ,CAAC;iBACxB;aACJ;iBAAM;gBACH,kBAAQ,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAA;aACjE;YACD,OAAO,IAAI,CAAC;QAChB,CAAC;KAAA;IAEM,KAAK,CAAC,QAA2B,EAAE,QAAQ,GAAG,CAAC;QAElD,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE;SAEhD;QACD,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,CAAA;IAC7B,CAAC;IAEM,WAAW,CAAC,QAAa,EAAE,WAAoB,EAAE,QAAgB;QAEpE,OAAO,IAAI,CAAC;IAChB,CAAC;IAEM,UAAU;IAEjB,CAAC;IAEM,KAAK;QACR,IAAI,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAClC,OAAO,QAAQ,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IACvD,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACH,2EAA2E;IAC3E,IAAI;IACJ,uFAAuF;IACvF,kDAAkD;IAClD,QAAQ;IACR,mEAAmE;IACnE,wBAAwB;IACxB,QAAQ;IACR,uFAAuF;IACvF,6CAA6C;IAC7C,qDAAqD;IACrD,QAAQ;IACR,EAAE;IACF,sBAAsB;IACtB,IAAI;IAES,GAAG,CAAC,cAAsB,EAAE,MAAM,GAAG,EAAE,EAAE,YAAY,GAAG,IAAI;;YAErE,IAAI,MAAM,CAAC;YACX,IAAI,aAA0B,CAAC;YAC/B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC,IAAI,IAAI;gBACjD,OAAO,KAAK,CAAC;YAGjB,MAAM,GAAG,MAAM,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,cAAc,EAAE,MAAM,CAAC,CAAC;YAE/E,IAAI,YAAY,IAAI,eAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;gBACvC,2CAA2C;aAC9C;YAED,OAAO,MAAM,CAAC;QAElB,CAAC;KAAA;IAED;;;;;;;OAOG;IACO,cAAc;QACpB,OAAO,kBAAQ,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACO,gBAAgB;QACtB,OAAO,IAAI,CAAC,aAAa,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;IACpF,CAAC;CAGJ;AA5KD,0BA4KC"}
|
package/filters/AccessControl.ts
CHANGED
|
@@ -19,6 +19,7 @@ export class AccessControl extends ActionFilter {
|
|
|
19
19
|
|
|
20
20
|
public user: any = null;
|
|
21
21
|
public rules: any;
|
|
22
|
+
public denyCallback: any = null;
|
|
22
23
|
|
|
23
24
|
public init() {
|
|
24
25
|
super.init()
|
|
@@ -27,7 +28,7 @@ export class AccessControl extends ActionFilter {
|
|
|
27
28
|
this.user = Utils.cloneDeep(BaseChyz.getComponent("user")) ?? new WebUser();
|
|
28
29
|
}
|
|
29
30
|
|
|
30
|
-
this.rules.forEach((rule:any, index:number) => {
|
|
31
|
+
this.rules.forEach((rule: any, index: number) => {
|
|
31
32
|
if (rule === Object(rule)) {
|
|
32
33
|
this.rules[index] = Utils.createObject(new AccessRule(), rule);
|
|
33
34
|
}
|
|
@@ -35,7 +36,7 @@ export class AccessControl extends ActionFilter {
|
|
|
35
36
|
}
|
|
36
37
|
|
|
37
38
|
|
|
38
|
-
public async beforeAction(action:any, request:Request) {
|
|
39
|
+
public async beforeAction(action: any, request: Request) {
|
|
39
40
|
let allow;
|
|
40
41
|
// @ts-ignore
|
|
41
42
|
let user = request.user ?? this.user;
|
|
@@ -43,15 +44,27 @@ export class AccessControl extends ActionFilter {
|
|
|
43
44
|
user.identity = request.identity ?? null;
|
|
44
45
|
|
|
45
46
|
for (const rulesKey in this.rules) {
|
|
46
|
-
|
|
47
|
+
|
|
48
|
+
let rule = this.rules[rulesKey];
|
|
49
|
+
if ((allow = await rule.allows(action, user, request))) {
|
|
47
50
|
return true;
|
|
48
51
|
} else if (allow === false) {
|
|
49
|
-
this.
|
|
50
|
-
|
|
52
|
+
if (this.denyCallback != null) {
|
|
53
|
+
rule.denyCallback.apply(rule, action);
|
|
54
|
+
} else {
|
|
55
|
+
this.denyAccess(user);
|
|
56
|
+
}
|
|
51
57
|
return false;
|
|
52
58
|
}
|
|
53
59
|
}
|
|
54
|
-
|
|
60
|
+
|
|
61
|
+
|
|
62
|
+
if (this.denyCallback != null) {
|
|
63
|
+
this.denyCallback.apply(null, action);
|
|
64
|
+
} else {
|
|
65
|
+
this.denyAccess(user);
|
|
66
|
+
}
|
|
67
|
+
|
|
55
68
|
return false;
|
|
56
69
|
}
|
|
57
70
|
|
package/filters/AccessRule.ts
CHANGED
|
@@ -10,35 +10,72 @@ var _ = require('lodash');
|
|
|
10
10
|
import {Component} from "../base/Component";
|
|
11
11
|
import {InvalidConfigException} from "../base/InvalidConfigException";
|
|
12
12
|
import {Request, Response} from "express";
|
|
13
|
+
import Utils from "../requiments/Utils";
|
|
13
14
|
|
|
14
15
|
export class AccessRule extends Component {
|
|
15
16
|
|
|
16
17
|
/**
|
|
17
18
|
* @var bool whether this is an 'allow' rule or 'deny' rule.
|
|
18
19
|
*/
|
|
19
|
-
public allow:any;
|
|
20
|
+
public allow: any;
|
|
20
21
|
/**
|
|
21
22
|
* @var array list of action IDs that this rule applies to. The comparison is case-sensitive.
|
|
22
23
|
* If not set or empty, it means this rule applies to all actions.
|
|
23
24
|
*/
|
|
24
|
-
public actions:any;
|
|
25
|
+
public actions: any;
|
|
25
26
|
|
|
26
27
|
/**
|
|
27
28
|
* @var array list of the controller IDs that this rule applies to.
|
|
28
29
|
*/
|
|
29
|
-
public controllers:any;
|
|
30
|
+
public controllers: any;
|
|
30
31
|
|
|
31
32
|
/**
|
|
32
33
|
* - `?`: matches a guest user (not authenticated yet)
|
|
33
34
|
* - `@`: matches an authenticated user
|
|
34
35
|
*/
|
|
35
36
|
|
|
36
|
-
public roles:any;
|
|
37
|
+
public roles: any;
|
|
37
38
|
|
|
38
39
|
/**
|
|
39
40
|
* @var array list of RBAC (Role-Based Access Control) permissions that this rules applies to.
|
|
40
41
|
*/
|
|
41
|
-
public permissions:any;
|
|
42
|
+
public permissions: any;
|
|
43
|
+
|
|
44
|
+
/**
|
|
45
|
+
* @var array|Closure parameters to pass to the [[User::can()]] function for evaluating
|
|
46
|
+
* user permissions in [[$roles]].
|
|
47
|
+
*
|
|
48
|
+
* If this is an array, it will be passed directly to [[User::can()]]. For example for passing an
|
|
49
|
+
* ID from the current request, you may use the following:
|
|
50
|
+
*
|
|
51
|
+
* ```php
|
|
52
|
+
* ['postId' => Yii::$app->request->get('id')]
|
|
53
|
+
* ```
|
|
54
|
+
*
|
|
55
|
+
* You may also specify a closure that returns an array. This can be used to
|
|
56
|
+
* evaluate the array values only if they are needed, for example when a model needs to be
|
|
57
|
+
* loaded like in the following code:
|
|
58
|
+
*
|
|
59
|
+
* ```php
|
|
60
|
+
* 'rules' => [
|
|
61
|
+
* [
|
|
62
|
+
* 'allow' => true,
|
|
63
|
+
* 'actions' => ['update'],
|
|
64
|
+
* 'roles' => ['updatePost'],
|
|
65
|
+
* 'roleParams' => function($rule) {
|
|
66
|
+
* return ['post' => Post::findOne(Yii::$app->request->get('id'))];
|
|
67
|
+
* },
|
|
68
|
+
* ],
|
|
69
|
+
* ],
|
|
70
|
+
* ```
|
|
71
|
+
*
|
|
72
|
+
* A reference to the [[AccessRule]] instance will be passed to the closure as the first parameter.
|
|
73
|
+
*
|
|
74
|
+
* @see roles
|
|
75
|
+
* @since 2.0.12
|
|
76
|
+
*/
|
|
77
|
+
public roleParams: any = [];
|
|
78
|
+
|
|
42
79
|
|
|
43
80
|
/**
|
|
44
81
|
* @var array list of user IP addresses that this rule applies to. An IP address
|
|
@@ -48,13 +85,13 @@ export class AccessRule extends Component {
|
|
|
48
85
|
* 20-bit private network block in RFC1918.
|
|
49
86
|
* If not set or empty, it means this rule applies to all IP addresses.
|
|
50
87
|
*/
|
|
51
|
-
public ips:any;
|
|
88
|
+
public ips: any;
|
|
52
89
|
|
|
53
90
|
|
|
54
|
-
public allows(action:any, user:WebUser, request:Request) {
|
|
91
|
+
public async allows(action: any, user: WebUser, request: Request) {
|
|
55
92
|
if (
|
|
56
93
|
this.matchAction(action)
|
|
57
|
-
&& this.matchRole(user)
|
|
94
|
+
&& await this.matchRole(user)
|
|
58
95
|
) {
|
|
59
96
|
return this.allow
|
|
60
97
|
}
|
|
@@ -75,7 +112,7 @@ export class AccessRule extends Component {
|
|
|
75
112
|
* @param Action $action the action
|
|
76
113
|
* @return bool whether the rule applies to the action
|
|
77
114
|
*/
|
|
78
|
-
protected matchAction(action:any) {
|
|
115
|
+
protected matchAction(action: any) {
|
|
79
116
|
return _.isEmpty(this.actions) || this.actions.includes(action.id);
|
|
80
117
|
}
|
|
81
118
|
|
|
@@ -83,7 +120,7 @@ export class AccessRule extends Component {
|
|
|
83
120
|
* @param Controller $controller the controller
|
|
84
121
|
* @return bool whether the rule applies to the controller
|
|
85
122
|
*/
|
|
86
|
-
protected matchController(controller:any) {
|
|
123
|
+
protected matchController(controller: any) {
|
|
87
124
|
// if (empty($this->controllers)) {
|
|
88
125
|
// return true;
|
|
89
126
|
// }
|
|
@@ -98,22 +135,23 @@ export class AccessRule extends Component {
|
|
|
98
135
|
return false;
|
|
99
136
|
}
|
|
100
137
|
|
|
101
|
-
protected matchRole(user:
|
|
102
|
-
let items =
|
|
138
|
+
protected async matchRole(user: WebUser) {
|
|
139
|
+
let items = Utils.isEmpty(this.roles) ? [] : this.roles;
|
|
103
140
|
|
|
104
|
-
if (!
|
|
105
|
-
items =
|
|
141
|
+
if (!Utils.isEmpty(this.permissions)) {
|
|
142
|
+
items = Utils.merge(items, this.permissions);
|
|
106
143
|
}
|
|
107
144
|
|
|
108
|
-
if (
|
|
145
|
+
if (Utils.isEmpty(items)) {
|
|
109
146
|
return true;
|
|
110
147
|
}
|
|
111
148
|
|
|
112
149
|
|
|
113
|
-
if (user
|
|
150
|
+
if (!user) {
|
|
114
151
|
throw new InvalidConfigException('The user application component must be available to specify roles in AccessRule.');
|
|
115
152
|
}
|
|
116
153
|
|
|
154
|
+
let roleParams: any = [];
|
|
117
155
|
for (const itemsKey in items) {
|
|
118
156
|
let item = items[itemsKey];
|
|
119
157
|
if (item === '?') {
|
|
@@ -126,6 +164,13 @@ export class AccessRule extends Component {
|
|
|
126
164
|
}
|
|
127
165
|
} else {
|
|
128
166
|
//roleparams
|
|
167
|
+
if (!Utils.isEmpty(this.roleParams)) {
|
|
168
|
+
roleParams = !Utils.isArray(this.roleParams) ? this.roleParams.apply(this) : this.roleParams;
|
|
169
|
+
}
|
|
170
|
+
|
|
171
|
+
if (await user.can(item, this.roleParams)) {
|
|
172
|
+
return true;
|
|
173
|
+
}
|
|
129
174
|
}
|
|
130
175
|
}
|
|
131
176
|
|
|
@@ -5,3 +5,71 @@
|
|
|
5
5
|
* Github:https://github.com/cihan53/
|
|
6
6
|
*/
|
|
7
7
|
|
|
8
|
+
import {HttpHeaderAuth} from "./HttpHeaderAuth";
|
|
9
|
+
import {Request, Response} from "express";
|
|
10
|
+
import {WebUser} from "../../web/WebUser";
|
|
11
|
+
import Utils from "../../requiments/Utils";
|
|
12
|
+
import {AuthMethod} from "./AuthMethod";
|
|
13
|
+
import {InvalidConfigException} from "../../base";
|
|
14
|
+
import BaseChyz from "../../BaseChyz";
|
|
15
|
+
|
|
16
|
+
export class HttpBasicAuth extends AuthMethod {
|
|
17
|
+
|
|
18
|
+
/**
|
|
19
|
+
* @var string the HTTP header name
|
|
20
|
+
*/
|
|
21
|
+
public header = 'Authorization';
|
|
22
|
+
|
|
23
|
+
|
|
24
|
+
/**
|
|
25
|
+
* @var string a pattern to use to extract the HTTP authentication value
|
|
26
|
+
*/
|
|
27
|
+
|
|
28
|
+
public pattern = /^Basic\s+(.*?)$/;
|
|
29
|
+
|
|
30
|
+
|
|
31
|
+
/**
|
|
32
|
+
* @throws InvalidConfigException
|
|
33
|
+
*/
|
|
34
|
+
public init(): void {
|
|
35
|
+
super.init();
|
|
36
|
+
|
|
37
|
+
if (!this.pattern) {
|
|
38
|
+
throw new InvalidConfigException('You must provide pattern to use to extract the HTTP authentication value!');
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
this.user = BaseChyz.getComponent("user") ?? null;
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
|
|
45
|
+
async authenticate(user: WebUser, request:Request, response:Response) {
|
|
46
|
+
|
|
47
|
+
|
|
48
|
+
let autHeader = this.getHeaderByKey(request.headers, this.header)
|
|
49
|
+
if (autHeader == null || (autHeader = this.patternCheck(autHeader, this.pattern)) == null) {
|
|
50
|
+
return null;
|
|
51
|
+
}
|
|
52
|
+
|
|
53
|
+
let basicauth = autHeader[1].split(":")
|
|
54
|
+
|
|
55
|
+
let identity = await user.loginByAccessToken(basicauth, "HttpBasicAuth");
|
|
56
|
+
if (identity === null) {
|
|
57
|
+
this.challenge(response);
|
|
58
|
+
this.handleFailure(response);
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
return identity;
|
|
62
|
+
|
|
63
|
+
|
|
64
|
+
return null;
|
|
65
|
+
}
|
|
66
|
+
|
|
67
|
+
|
|
68
|
+
/**
|
|
69
|
+
* @throws UnauthorizedHttpException
|
|
70
|
+
*/
|
|
71
|
+
public fail(response:Response): void {
|
|
72
|
+
this.challenge(response)
|
|
73
|
+
this.handleFailure(response);
|
|
74
|
+
}
|
|
75
|
+
}
|
package/filters/auth/index.ts
CHANGED