chyz 2.0.1-rc.3 → 2.0.1-rc.36

package/rbac/AuthManager.ts

@@ -0,0 +1,399 @@
+import {Component, InvalidConfigException, ModelManager} from "../base";
+import {BaseChyz, InvalidArgumentException} from "../index";
+import {Utils} from "../requiments/Utils";
+
+
+interface Role {
+    type: number;
+    name: string;
+    description: string;
+    ruleName: string;
+    data: string;
+    params: string;
+}
+
+interface Permission {
+    type: number;
+    name: string;
+    description: string;
+    ruleName: string;
+    data: string;
+    params: string;
+}
+
+
+export class AuthManager extends Component {
+    static readonly TYPE_ROLE = 1;
+    static readonly TYPE_PERMISSION = 2;
+
+    init() {
+        BaseChyz.info("Auth Manager init....")
+    }
+
+    /**
+     * @var Item[] all auth items (name => Item)
+     */
+    protected items: any;
+    checkAccessAssignments: any = {}
+    defaultRoles: any = {}
+
+
+    /**
+     *
+     */
+
+    public async checkAccess(userId: number, permissionName: string, params: any[] = []): Promise<boolean> {
+        let assignments: any;
+
+        if (!userId) return false;
+
+        if (!this.checkAccessAssignments[userId.toString()]) {
+            assignments = await this.getAssignments(userId);
+            this.checkAccessAssignments[userId.toString()] = assignments;
+        } else {
+            assignments = this.checkAccessAssignments[userId.toString()]
+        }
+
+
+        // BaseChyz.info("assignments",assignments)
+        if (this.hasNoAssignments(assignments)) {
+            return false;
+        }
+
+
+        return await this.checkAccessRecursive(userId, permissionName, params, assignments);
+    }
+
+    async checkAccessFromCache() {
+
+
+    }
+
+    public async checkAccessRecursive(user: string | number, itemname: string, params: any[], assignments: any): Promise<boolean> {
+        let item: any = await this.getItem(itemname);
+        if (!item) return false;
+
+        /**
+         * @todo
+         * Rule test edilmeli
+         */
+
+        if (assignments[itemname] || Utils.find(this.defaultRoles, itemname)) {
+            return true;
+        }
+
+        /**
+         * item child
+         */
+        let parents = await ModelManager.AuthItemChild.findAll({attributes: ["parent"], where: {child: itemname}});
+        for (const parent of parents) {
+            let r = await this.checkAccessRecursive(user, parent.parent, params, assignments);
+            if (r) {
+                return true;
+            }
+        }
+
+        return false;
+
+    }
+
+    /**
+     *
+     * @param name
+     */
+    public async getItem(name: string) {
+        if (!name) return null;
+
+        return await ModelManager.AuthItem.findOne({where: {name: name}})
+
+    }
+
+    public async getItems(type: number) {
+        let items: any = {};
+        let _items = await ModelManager.AuthItem.findAll({where: {type: type}})
+        if (_items)
+            _items.forEach((item: any) => {
+                items[item["name"]] = item.dataValues as Role;
+            })
+
+        return items
+
+    }
+
+    public async getRolesByUser(userId: number) {
+        if (this.isEmptyUserId(userId.toString())) {
+            return [];
+        }
+
+
+        let roles: any = {}
+        let items = await ModelManager.AuthAssignment.findAll({
+            where: {
+                user_id: userId.toString(),
+                '$AuthItemClasses.type$': AuthManager.TYPE_ROLE
+            },
+            include: [{
+                model: ModelManager.AuthItem.model()
+            }]
+        })
+        for (const item of items) {
+            for (const i of item.AuthItemClasses)
+                roles[i["name"]] = i.dataValues as Role;
+        }
+
+        return roles;
+
+    }
+
+    /**
+     *
+     * @param roleName
+     */
+    public async getChildRoles(roleName: string) {
+        let role = await this.getRole(roleName);
+        if (role === null) {
+            throw new InvalidArgumentException(`Role "${roleName}" not found.`);
+        }
+        const result: any = {result: {}};
+        await this.getChildrenRecursive(roleName, await this.getChildrenList(), result);
+        let roles: any = {};
+        roles[roleName] = role;
+        let _roles = await this.getRoles();
+        let _r: any = {};
+        Utils.forEach(_roles, (item: Role) => {
+            if (result.result[item.name])
+                _r[item.name] = item;
+        })
+
+
+        return Utils.merge(roles, _r);
+    }
+
+    /**
+     *
+     * @param roleName
+     */
+    public async getPermissionsByRole(roleName: string) {
+        let childrenList = this.getChildrenList();
+        const result = {result: {}}
+        let permissions: any = {}
+        await this.getChildrenRecursive(roleName, childrenList, result);
+        if (Utils.isEmpty(result.result)) {
+            return {};
+        }
+
+        let itemResult = await ModelManager.AuthItem.findAll({
+            where: {
+                type: AuthManager.TYPE_PERMISSION,
+                name: Object.keys(result.result)
+            }
+        });
+        for (const itemElement of itemResult) {
+            permissions[itemElement["name"]] = itemElement.dataValues as Permission
+        }
+
+        return permissions;
+
+    }
+
+    /**
+     *
+     * @param userId
+     */
+    public async getPermissionsByUser(userId: number) {
+
+        if (this.isEmptyUserId(userId.toString())) {
+            return {};
+        }
+
+        let directPermission = await this.getDirectPermissionsByUser(userId);
+        let inheritedPermission = await this.getInheritedPermissionsByUser(userId);
+
+        return Utils.merge(directPermission, inheritedPermission);
+    }
+
+    /**
+     * Returns all permissions that are directly assigned to user.
+     * @return Permission[] all direct permissions that the user has. The array is indexed by the permission names.
+     */
+    protected async getDirectPermissionsByUser(userId: number) {
+        let permissions: any = {}
+        let result = await ModelManager.AuthAssignment.findAll({
+            where: {
+                user_id: userId.toString(),
+                '$AuthItemClasses.type$': AuthManager.TYPE_PERMISSION
+            },
+            include: [
+                {
+                    model: ModelManager.AuthItem.model()
+                }
+            ]
+        })
+
+        for (const resultElement of result) {
+            for (const i of resultElement.AuthItemClasses)
+                permissions[i["name"]] = i.dataValues as Permission;
+        }
+
+
+        return permissions;
+    }
+
+    protected async getInheritedPermissionsByUser(userId: number) {
+        let userAssignment = await ModelManager.AuthAssignment.findAll({where: {user_id: userId.toString()}, attributes: ["item_name"]});
+        let childrenList = await this.getChildrenList();
+        const result: any = {result: {}}
+        let permissions: any = {}
+
+        for (const userAssignmentElement of userAssignment) {
+            this.getChildrenRecursive(userAssignmentElement.item_name, childrenList, result);
+        }
+
+        if (Utils.isEmpty(result.result)) {
+            return {};
+        }
+
+        let itemResult = await ModelManager.AuthItem.findAll({
+            where: {
+                type: AuthManager.TYPE_PERMISSION,
+                name: Object.keys(result.result)
+            }
+        });
+        for (const itemElement of itemResult) {
+            permissions[itemElement["name"]] = itemElement.dataValues as Permission
+        }
+
+        return permissions;
+    }
+
+
+    /**
+     *
+     * @param userId
+     */
+    public async getItemsByUser(userId: number) {
+        return await ModelManager.AuthAssignment.findAll({
+            where: {
+                user_id: userId.toString()
+            },
+            include: [{
+                model: ModelManager.AuthItem.model()
+            }]
+        });
+    }
+
+
+    /**
+     * Returns all role assignment information for the specified role.
+     * @param $roleName
+     */
+    public async getUserIdsByRole(roleName: number) {
+        if (!roleName) return [];
+
+        return await ModelManager.AuthAssignment.findAll({where: {"item_name": roleName}, attributes: ["user_id"]});
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    public async getRole(name: string) {
+        let item: Role = await this.getItem(name);
+        return item && item.type == AuthManager.TYPE_ROLE ? item : null;
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    public getRoles() {
+        return this.getItems(AuthManager.TYPE_ROLE);
+    }
+
+    /**
+     * Recursively finds all children and grand children of the specified item.
+     * @param string $name the name of the item whose children are to be looked for.
+     * @param array $childrenList the child list built via [[getChildrenList()]]
+     * @param array $result the children and grand children (in array keys)
+     */
+    protected getChildrenRecursive(name: string, childrenList: any, model: any) {
+        if (childrenList[name]) {
+            for (const child of childrenList[name]) {
+                model.result[child] = true;
+                this.getChildrenRecursive(child, childrenList, model);
+            }
+        }
+
+    }
+
+
+    /**
+     *
+     * @param roleName
+     * @param userId
+     */
+    public getAssignment(roleName: string, userId: string) {
+        if (this.isEmptyUserId(userId)) {
+            return [];
+        }
+        return ModelManager.AuthAssignment.findAll({where: {user_id: userId, items_name: roleName}});
+
+    }
+
+    /**
+     *
+     */
+    public async getAssignments(userId: number) {
+        if (this.isEmptyUserId(userId.toString())) {
+            return {};
+        }
+
+        let assignments: any = {};
+        try {
+
+            let as = await ModelManager.AuthAssignment.findAll({where: {user_id: userId.toString()}});
+            for (const a of as) {
+                assignments[a["item_name"]] = a;
+            }
+        } catch (e) {
+            throw new InvalidConfigException('The user application component must be available to specify roles in AccessRule.');
+        }
+        return assignments;
+    }
+
+    /**
+     * Returns the children for every parent.
+     * @return array the children list. Each array key is a parent item name,
+     * and the corresponding array value is a list of child item names.
+     */
+    protected async getChildrenList() {
+        let items = await ModelManager.AuthItemChild.findAll();
+        let parents: any = {};
+        for (const item of items) {
+            parents[item["parent"]] = Utils.concat(parents[item["parent"]] || [], [item["child"]]);
+        }
+
+        return parents
+    }
+
+    /**
+     * Check whether $userId is empty.
+     * @param mixed $userId
+     * @return bool
+     * @since 2.0.26
+     */
+    protected isEmptyUserId(userId: string) {
+        return !userId || userId === '';
+    }
+
+    /**
+     * Checks whether array of $assignments is empty and [[defaultRoles]] property is empty as well.
+     *
+     * @param Assignment[] $assignments array of user's assignments
+     * @return bool whether array of $assignments is empty and [[defaultRoles]] property is empty as well
+     * @since 2.0.11
+     */
+    protected hasNoAssignments(assignments: any) {
+        return Utils.isEmpty(assignments) && Utils.isEmpty(this.defaultRoles)
+    }
+}

package/rbac/index.ts

@@ -0,0 +1,12 @@
+/*
+ *
+ * Copyright (c) 2023.. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ *  E-mail: cihan@chy.com.tr
+ *  Github:https://github.com/cihan53/
+ *
+ */
+export * from "./AuthManager";
+export * from "./AuthItem";
+export * from "./AuthAssignment";
+export * from "./AuthItemChild";

package/{web/IdentityInterface.js → requiments/Glob.ts}

@@ -1,8 +1,9 @@
-"use strict";
 /*
  * Copyright (c) 2021. Chy Bilgisayar Bilisim
  * Author: Cihan Ozturk
  * E-mail: cihan@chy.com.tr
  * Github:https://github.com/cihan53/
  */
-Object.defineProperty(exports, "__esModule", { value: true });
+
+const Glob = require("glob");
+export default Glob;

package/requiments/{ReflectUtil.js → ReflectUtil.ts}

@@ -1,10 +1,10 @@
-"use strict";
 /*
  * Copyright (c) 2021. Chy Bilgisayar Bilisim
  * Author: Cihan Ozturk
  * E-mail: cihan@chy.com.tr
  * Github:https://github.com/cihan53/
  */
+
 /**
  * @param strClass:
  *          class name
@@ -12,13 +12,15 @@
  *          constructor arguments
  */
 // @ts-ignore
-Reflect.newInstance = function (strClass) {
+Reflect.newInstance = function (strClass: string) {
     const args = Array.prototype.slice.call(arguments, 1);
     const clsClass = eval(strClass);
+
     const F = () => {
         return clsClass.apply(this, args);
-    };
+    }
+
     F.prototype = clsClass.prototype;
     // @ts-ignore
     return new F();
-};
+};

package/requiments/{Utils.js → Utils.ts}

@@ -1,4 +1,3 @@
-"use strict";
 /*
  * Copyright (c) 2021. Chy Bilgisayar Bilisim
  * Author: Cihan Ozturk
@@ -6,8 +5,7 @@
  * Github:https://github.com/cihan53/
  */
 // import _ from "lodash";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.Utils = void 0;
+
 const _ = require('lodash');
 /**
  *
@@ -15,20 +13,17 @@ const _ = require('lodash');
  * @param val
  * @param top
  */
-const buildParams = function (prefix, val, top) {
-    if (_.isUndefined(top))
-        top = true;
+const buildParams = function (prefix: string, val: any, top?: boolean) {
+    if (_.isUndefined(top)) top = true;
     if (_.isArray(val)) {
-        return _.map(val, function (value, key) {
+        return _.map(val, function (value: any, key: string) {
             return buildParams(top ? key : prefix + '[]', value, false);
         }).join('&');
-    }
-    else if (_.isObject(val)) {
-        return _.map(val, function (value, key) {
+    } else if (_.isObject(val)) {
+        return _.map(val, function (value: any, key: string) {
             return buildParams(top ? key : prefix + '[' + key + ']', value, false);
         }).join('&');
-    }
-    else {
+    } else {
         return encodeURIComponent(prefix) + '=' + encodeURIComponent(val);
     }
 };
@@ -36,38 +31,41 @@ const buildParams = function (prefix, val, top) {
  *Creates a query string from a hash
  * @param obj
  */
-const toQuery = function (obj) {
+const toQuery = function (obj: any) {
     return buildParams('', obj);
-};
+}
+
 /**
  *
  * @param object
  * @param params
  */
-const createObject = (object, params) => {
-    let newParams = {};
+const createObject = (object: any, params: any) => {
+    let newParams: any = {}
     Object.keys(params).forEach((param) => {
-        newParams[param] = {};
+        newParams[param] = {}
         Object.assign(newParams[param], {
             writable: true,
             configurable: true,
             value: params[param]
         });
-    });
+    })
     return Object.create(object, newParams);
-};
+}
 /**
  *
  * @param object
  * @param findKey
  */
-const findKeyValue = (object, findKey) => {
-    let key = Object.keys(object).find(key => key.toLowerCase() === findKey.toLowerCase());
+const findKeyValue = (object: any, findKey: string) => {
+    let key = Object.keys(object).find(key => key.toLowerCase() === findKey.toLowerCase())
     if (key) {
         return object[key];
     }
-    return null;
-};
+
+    return null
+}
+
 /**
  *
  * @param seconds
@@ -76,40 +74,48 @@ const sleep = (seconds = 1) => {
     const waitTill = new Date(new Date().getTime() + seconds * 1000);
     while (waitTill > new Date()) {
     }
-};
+}
+
 /**
  *
  * @param wildcard
  * @param str
  */
-function wildTest(wildcard, str) {
+function wildTest(wildcard: string, str: string) {
     let w = wildcard.replace(/[.+^${}()|[\]\\]/g, '\\$&'); // regexp escape
-    const re = new RegExp(`^${w.replace(/\*/g, '.*').replace(/\?/g, '.')}$`, 'i');
+    const re = new RegExp(`^${w.replace(/\*/g,'.*').replace(/\?/g,'.')}$`, 'i');
     return re.test(str); // remove last 'i' above to have case sensitive
 }
+
 /**
  *
  * @param pattern
  * @param string
  * @param options
  */
-const matchWildcard = (pattern, string, options = {}) => {
-    return wildTest(pattern, string);
-};
+const matchWildcard = (pattern: string, string: string, options: any = {}) => {
+    return wildTest(pattern, string)
+}
+
+
 /**
  * random string genrate
  * @param length
  * @param randomString
  */
-const generateRandomString = function (length, randomString = "") {
+const generateRandomString = function (length: number, randomString = ""): string {
     randomString += Math.random().toString(20).substring(2, length);
-    if (randomString.length > length)
-        return randomString.slice(0, length);
+    if (randomString.length > length) return randomString.slice(0, length);
     return generateRandomString(length, randomString);
 };
-exports.Utils = Object.assign({ findKeyValue,
+
+export const Utils = {
+    findKeyValue,
     createObject,
     sleep,
     matchWildcard,
     toQuery,
-    generateRandomString }, _);
+    generateRandomString,
+    ..._
+}
+

package/validators/Validator.ts

@@ -0,0 +1,27 @@
+import {Component} from "../base";
+
+export class Validator extends Component {
+    public static builtInValidators = {
+        'boolean': '',
+        'email': '',
+    }
+
+
+    /**
+     * @var array|string attributes to be validated by this validator. For multiple attributes,
+     * please specify them as an array; for single attribute, you may use either a string or an array.
+     */
+    public attributes = [];
+    public message: string = "";
+
+    public except = [];
+    public isEmpty = [];
+
+    public init() {
+        super.init();
+    }
+
+    public static createValidator(type: any, model: any, attributes: any, params = []) {
+
+    }
+}

package/web/{IdentityInterface.d.ts → IdentityInterface.ts}

@@ -1,3 +1,10 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+
 export interface IdentityInterface {
     /**
      * Finds an identity by the given ID.
@@ -6,7 +13,8 @@ export interface IdentityInterface {
      * Null should be returned if such an identity cannot be found
      * or the identity is not in an active state (disabled, deleted, etc.)
      */
-    findIdentity(id: number): any;
+    findIdentity(id: number): any
+
     /**
      * Finds an identity by the given token.
      * For example, [[\yii\filters\auth\HttpBearerAuth]] will set this parameter to be `yii\filters\auth\HttpBearerAuth`.
@@ -18,11 +26,13 @@ export interface IdentityInterface {
      * @param any
      */
     findIdentityByAccessToken(token: any, type: string): any;
+
     /**
      * Returns an ID that can uniquely identify a user identity.
      * @return string|int an ID that uniquely identifies a user identity.
      */
     getId(): number;
+
     /**
      * Returns a key that can be used to check the validity of a given identity ID.
      *
@@ -40,6 +50,7 @@ export interface IdentityInterface {
      * @see validateAuthKey()
      */
     getAuthKey(): string;
+
     /**
      * Validates the given auth key.
      *
@@ -48,9 +59,11 @@ export interface IdentityInterface {
      * @see getAuthKey()
      */
     validateAuthKey(authKey: string): (boolean | null);
+
+
     /**
      *
      */
     can(permissionName: string, params: any[], allowCaching: boolean): Promise<(boolean | null)>;
+
 }
-//# sourceMappingURL=IdentityInterface.d.ts.map