hola-server 0.6.6 → 0.6.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/http/session.js +10 -1
- package/package.json +1 -1
- package/router/read.js +13 -3
- package/setting.js +7 -1
package/http/session.js
CHANGED
|
@@ -33,6 +33,11 @@ const get_session_user_role = (req) => {
|
|
|
33
33
|
const mode_all = "bcdeiorsu";
|
|
34
34
|
|
|
35
35
|
const get_user_role_mode = (req, roles) => {
|
|
36
|
+
const server = get_settings().server;
|
|
37
|
+
if (server.check_user == false) {
|
|
38
|
+
return mode_all;
|
|
39
|
+
}
|
|
40
|
+
|
|
36
41
|
const user_role = get_session_user_role(req);
|
|
37
42
|
if (!user_role) {
|
|
38
43
|
return "";
|
|
@@ -47,7 +52,11 @@ const get_user_role_mode = (req, roles) => {
|
|
|
47
52
|
const role_name = role_settings[0];
|
|
48
53
|
const role_mode = role_settings[1];
|
|
49
54
|
if (user_role == role_name) {
|
|
50
|
-
|
|
55
|
+
if (role_mode == "*") {
|
|
56
|
+
return mode_all;
|
|
57
|
+
} else {
|
|
58
|
+
return role_mode;
|
|
59
|
+
}
|
|
51
60
|
}
|
|
52
61
|
}
|
|
53
62
|
}
|
package/package.json
CHANGED
package/router/read.js
CHANGED
|
@@ -22,7 +22,6 @@ const init_read_router = function (router, meta) {
|
|
|
22
22
|
}
|
|
23
23
|
}
|
|
24
24
|
|
|
25
|
-
const mode = meta.roles ? get_user_role_mode(req, meta.roles) : "";
|
|
26
25
|
const entity_meta = {
|
|
27
26
|
creatable: meta.creatable,
|
|
28
27
|
readable: meta.readable,
|
|
@@ -33,12 +32,23 @@ const init_read_router = function (router, meta) {
|
|
|
33
32
|
exportable: meta.exportable,
|
|
34
33
|
editable: meta.editable,
|
|
35
34
|
user_field: meta.user_field,
|
|
36
|
-
fields: meta.fields
|
|
37
|
-
mode: mode.length > 0 ? mode : null
|
|
35
|
+
fields: meta.fields
|
|
38
36
|
}
|
|
39
37
|
res.json({ code: SUCCESS, data: entity_meta });
|
|
40
38
|
}));
|
|
41
39
|
|
|
40
|
+
router.get('/mode', wrap_http(async function (req, res) {
|
|
41
|
+
if (meta.roles) {
|
|
42
|
+
const has_right = check_user_role(req, meta.roles, "r");
|
|
43
|
+
if (!has_right) {
|
|
44
|
+
res.json({ code: NO_RIGHTS, err: "no rights error" });
|
|
45
|
+
return;
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
|
|
49
|
+
res.json({ code: SUCCESS, data: get_user_role_mode(req, meta.roles) });
|
|
50
|
+
}));
|
|
51
|
+
|
|
42
52
|
router.get('/ref', wrap_http(async function (req, res) {
|
|
43
53
|
if (meta.roles) {
|
|
44
54
|
const has_right = check_user_role(req, meta.roles, "r");
|
package/setting.js
CHANGED
|
@@ -44,14 +44,20 @@ const get_settings = () => {
|
|
|
44
44
|
}
|
|
45
45
|
|
|
46
46
|
const is_valid_role = (role_name) => {
|
|
47
|
+
//no role defined, then no role check
|
|
47
48
|
if (!settings.roles) {
|
|
48
|
-
return
|
|
49
|
+
return true;
|
|
49
50
|
}
|
|
50
51
|
const roles = settings.roles.filter(role => role.name == role_name);
|
|
51
52
|
return roles.length == 1;
|
|
52
53
|
}
|
|
53
54
|
|
|
54
55
|
const is_root_role = (role_name) => {
|
|
56
|
+
//no role defined, then every one is root
|
|
57
|
+
if (!settings.roles) {
|
|
58
|
+
return true;
|
|
59
|
+
}
|
|
60
|
+
|
|
55
61
|
if (!is_valid_role(role_name)) {
|
|
56
62
|
return false;
|
|
57
63
|
}
|