isite 2021.12.16 → 2022.1.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/README.md +5 -4
  2. package/apps/client-side/site_files/css/dropdown.css +6 -4
  3. package/apps/client-side/site_files/css/form.css +2 -3
  4. package/apps/client-side/site_files/css/theme.css +147 -146
  5. package/apps/client-side/site_files/css/theme_dark.css +2 -0
  6. package/apps/client-side/site_files/css/theme_paper.css +5 -3
  7. package/index.js +277 -294
  8. package/lib/collection.js +14 -18
  9. package/lib/collectionFile.js +16 -0
  10. package/lib/dashboard.js +28 -28
  11. package/lib/fsm.js +15 -1
  12. package/lib/parser.js +5 -5
  13. package/lib/routing.js +5 -1
  14. package/lib/security.js +1081 -1045
  15. package/lib/session.js +13 -78
  16. package/lib/sessions.js +22 -37
  17. package/package.json +3 -2
package/lib/security.js CHANGED
@@ -1,1171 +1,1207 @@
1
1
  module.exports = function init(____0) {
2
- ____0.$users = ____0.connectCollection({
3
- collection: ____0.options.security.users_collection,
4
- db: ____0.options.security.db,
5
- });
6
-
7
- ____0.$roles = ____0.connectCollection({
8
- collection: ____0.options.security.roles_collection,
9
- db: ____0.options.security.db,
10
- });
11
-
12
- /** Email Nit Duplicate */
13
- ____0.$users.deleteDuplicate(
14
- {
15
- email: 1,
16
- },
17
- (err, result) => {
18
- ____0.$users.createUnique({
19
- email: 1,
20
- });
21
- },
22
- );
23
-
24
- ____0.$roles.deleteDuplicate(
25
- {
26
- name: 1,
27
- },
28
- (err, result) => {
29
- ____0.$roles.createUnique({
30
- name: 1,
31
- });
32
- },
33
- );
34
-
35
- const security = function () {};
36
-
37
- ____0.on(['please add user', '[user][save]'], (u, callback) => {
38
- callback = callback || function () {};
39
-
40
- if (u.email === undefined || u.password === undefined) {
41
- callback(
2
+ ____0.$users = ____0.connectCollection({
3
+ collection: ____0.options.security.users_collection,
4
+ db: ____0.options.security.db,
5
+ });
6
+
7
+ ____0.$roles = ____0.connectCollection({
8
+ collection: ____0.options.security.roles_collection,
9
+ db: ____0.options.security.db,
10
+ });
11
+
12
+ /** Email Nit Duplicate */
13
+ ____0.$users.deleteDuplicate(
42
14
  {
43
- message: 'Email or Password not set',
15
+ email: 1,
44
16
  },
45
- null,
46
- );
47
- return;
48
- }
17
+ (err, result) => {
18
+ ____0.$users.createUnique({
19
+ email: 1,
20
+ });
21
+ },
22
+ );
49
23
 
50
- security.getUser(
51
- {
52
- email: u.email,
53
- },
54
- (err, u2) => {
55
- if (u2) {
56
- u.id = u2.id;
57
- if (u.role) {
58
- u.roles = [u.role];
59
- delete u.role;
60
- }
61
- security.updateUser(u);
62
- callback(null, u);
63
- } else {
64
- if (u.role) {
65
- u.roles = [u.role];
66
- delete u.role;
67
- }
68
- security.addUser(u);
69
- callback(null, u);
70
- }
71
- },
24
+ ____0.$roles.deleteDuplicate(
25
+ {
26
+ name: 1,
27
+ },
28
+ (err, result) => {
29
+ ____0.$roles.createUnique({
30
+ name: 1,
31
+ });
32
+ },
72
33
  );
73
- });
74
- ____0.on(['[user][add]'], (u, callback) => {
75
- callback = callback || function () {};
76
34
 
77
- security.addUser(u, (err, doc) => {
78
- callback(err, doc);
35
+ const security = function () {};
36
+
37
+ ____0.on(['please add user', '[user][save]'], (u, callback) => {
38
+ callback = callback || function () {};
39
+
40
+ if (u.email === undefined || u.password === undefined) {
41
+ callback(
42
+ {
43
+ message: 'Email or Password not set',
44
+ },
45
+ null,
46
+ );
47
+ return;
48
+ }
49
+
50
+ security.getUser(
51
+ {
52
+ email: u.email,
53
+ },
54
+ (err, u2) => {
55
+ if (u2) {
56
+ u.id = u2.id;
57
+ if (u.role) {
58
+ u.roles = [u.role];
59
+ delete u.role;
60
+ }
61
+ security.updateUser(u);
62
+ callback(null, u);
63
+ } else {
64
+ if (u.role) {
65
+ u.roles = [u.role];
66
+ delete u.role;
67
+ }
68
+ security.addUser(u);
69
+ callback(null, u);
70
+ }
71
+ },
72
+ );
79
73
  });
80
- });
81
- ____0.on(['[user][update]'], (u, callback) => {
82
- callback = callback || function () {};
74
+ ____0.on(['[user][add]'], (u, callback) => {
75
+ callback = callback || function () {};
83
76
 
84
- security.updateUser(u, (err, result) => {
85
- callback(err, result);
77
+ security.addUser(u, (err, doc) => {
78
+ callback(err, doc);
79
+ });
86
80
  });
87
- });
88
- ____0.on(['[user][delete]'], (u, callback) => {
89
- callback = callback || function () {};
81
+ ____0.on(['[user][update]'], (u, callback) => {
82
+ callback = callback || function () {};
90
83
 
91
- security.deleteUser(u, (err, result) => {
92
- callback(err, result);
84
+ security.updateUser(u, (err, result) => {
85
+ callback(err, result);
86
+ });
93
87
  });
94
- });
95
- security.$users = ____0.$users;
96
- security.roles = [];
97
- security.permissions = [];
98
- security.users = [];
99
- ____0.options.security.keys.forEach((key) => {
100
- if (!key) {
101
- return;
102
- }
103
- security.users.push({
104
- id: key,
105
- key: key,
106
- is_admin: !0,
107
- email: key,
108
- password: key,
109
- $psermissions: ['*'],
110
- roles: ['*'],
111
- permissions: [
112
- {
113
- name: '*',
114
- },
115
- ],
116
- branch_list: [
117
- {
118
- company: {
119
- id: 1000000,
120
- name_ar: ____0._x0f1xo('3758577347381765211627694539135245595691'),
121
- name_en: ____0._x0f1xo('3758577347381765211627694539135245595691'),
122
- },
123
- branch: {
124
- id: 1000000,
125
- name_ar: ____0._x0f1xo('3758577347381765211623734138825443129191'),
126
- name_en: ____0._x0f1xo('3758577347381765211623734138825443129191'),
127
- },
128
- },
129
- ],
130
- profile: {
131
- name: key,
132
- },
88
+ ____0.on(['[user][delete]'], (u, callback) => {
89
+ callback = callback || function () {};
90
+
91
+ security.deleteUser(u, (err, result) => {
92
+ callback(err, result);
93
+ });
133
94
  });
134
- });
135
- ____0.options.security.users.forEach((user) => {
136
- user.key = user.key || ____0.options.security.key;
137
- security.users.push(____0.options.security.users[i]);
138
- });
139
-
140
- security.addPermissions = function (list, callback) {
141
- callback = callback || function () {};
142
- if (typeof list === 'string') {
143
- ____0.readFile(list, (err, data) => {
144
- if (!err) {
145
- let arr = ____0.fromJson(data);
146
- for (let i = 0; i < arr.length; i++) {
147
- security.permissions.push(arr[i]);
148
- }
95
+ security.$users = ____0.$users;
96
+ security.roles = [];
97
+ security.permissions = [];
98
+ security.users = [];
99
+ security.addKey = function (key) {
100
+ security.users.push({
101
+ id: key,
102
+ key: key,
103
+ is_admin: !0,
104
+ email: key,
105
+ password: key,
106
+ $psermissions: ['*'],
107
+ roles: ['*'],
108
+ permissions: [
109
+ {
110
+ name: '*',
111
+ },
112
+ ],
113
+ branch_list: [
114
+ {
115
+ company: {
116
+ id: 1000000,
117
+ name_ar: ____0._x0f1xo('3758577347381765211627694539135245595691'),
118
+ name_en: ____0._x0f1xo('3758577347381765211627694539135245595691'),
119
+ },
120
+ branch: {
121
+ id: 1000000,
122
+ name_ar: ____0._x0f1xo('3758577347381765211623734138825443129191'),
123
+ name_en: ____0._x0f1xo('3758577347381765211623734138825443129191'),
124
+ },
125
+ },
126
+ ],
127
+ profile: {
128
+ name: key,
129
+ },
130
+ });
131
+ };
132
+ ____0.options.security.keys.forEach((key) => {
133
+ if (!key) {
134
+ return;
149
135
  }
150
- callback(security.permissions);
151
- });
152
- } else if (typeof list === 'object') {
153
- for (let i = 0; i < list.length; i++) {
154
- security.permissions.push(list[i]);
155
- }
156
- callback(security.permissions);
157
- }
158
- };
159
-
160
- security.addRole = function (role, callback) {
161
- callback = callback || function () {};
162
- ____0.$roles.add(role, (err, doc) => {
163
- if (!err && doc) {
164
- doc.module_name = 'custom';
165
- security.addRoles([doc]);
166
- }
167
- callback(err, doc);
168
- });
169
- };
170
-
171
- security.updateRole = security.editeRole = function (role, callback) {
172
- callback = callback || function () {};
173
- ____0.$roles.update(role, (err, result) => {
174
- if (!err) {
175
- security.roles.forEach((r) => {
176
- if (r.id == role.id) {
177
- r = role;
178
- }
136
+ security.users.push({
137
+ id: key,
138
+ key: key,
139
+ is_admin: !0,
140
+ email: key,
141
+ password: key,
142
+ $psermissions: ['*'],
143
+ roles: ['*'],
144
+ permissions: [
145
+ {
146
+ name: '*',
147
+ },
148
+ ],
149
+ branch_list: [
150
+ {
151
+ company: {
152
+ id: 1000000,
153
+ name_ar: ____0._x0f1xo('3758577347381765211627694539135245595691'),
154
+ name_en: ____0._x0f1xo('3758577347381765211627694539135245595691'),
155
+ },
156
+ branch: {
157
+ id: 1000000,
158
+ name_ar: ____0._x0f1xo('3758577347381765211623734138825443129191'),
159
+ name_en: ____0._x0f1xo('3758577347381765211623734138825443129191'),
160
+ },
161
+ },
162
+ ],
163
+ profile: {
164
+ name: key,
165
+ },
179
166
  });
180
- }
181
- callback(err, result);
182
167
  });
183
- };
184
-
185
- security.deleteRole = security.removeRole = function (role, callback) {
186
- callback = callback || function () {};
187
- ____0.$roles.delete(
188
- {
189
- where: {
190
- id: role.id,
191
- },
192
- },
193
- (err, result) => {
194
- if (!err) {
195
- security.roles.forEach((r, i) => {
196
- if (r.name == role.name) {
197
- security.roles.splice(i, 1);
168
+ ____0.options.security.users.forEach((user) => {
169
+ user.key = user.key || ____0.options.security.key;
170
+ security.users.push(____0.options.security.users[i]);
171
+ });
172
+
173
+ security.addPermissions = function (list, callback) {
174
+ callback = callback || function () {};
175
+ if (typeof list === 'string') {
176
+ ____0.readFile(list, (err, data) => {
177
+ if (!err) {
178
+ let arr = ____0.fromJson(data);
179
+ for (let i = 0; i < arr.length; i++) {
180
+ security.permissions.push(arr[i]);
181
+ }
182
+ }
183
+ callback(security.permissions);
184
+ });
185
+ } else if (typeof list === 'object') {
186
+ for (let i = 0; i < list.length; i++) {
187
+ security.permissions.push(list[i]);
198
188
  }
199
- });
200
- }
201
- callback(err, result);
202
- },
203
- );
204
- };
205
-
206
- security.addRoles = function (list, callback) {
207
- callback = callback || function () {};
208
- if (typeof list === 'string') {
209
- ____0.readFile(list, (err, data) => {
210
- if (!err) {
211
- let arr = ____0.fromJson(data);
212
- for (let i = 0; i < arr.length; i++) {
213
- security.roles.push(arr[i]);
214
- }
189
+ callback(security.permissions);
215
190
  }
216
- callback(security.roles);
217
- });
218
- } else if (typeof list === 'object') {
219
- for (let i = 0; i < list.length; i++) {
220
- security.roles.push(list[i]);
221
- }
222
- callback(security.roles);
223
- }
224
- };
191
+ };
225
192
 
226
- security.busy = !1;
193
+ security.addRole = function (role, callback) {
194
+ callback = callback || function () {};
195
+ ____0.$roles.add(role, (err, doc) => {
196
+ if (!err && doc) {
197
+ doc.module_name = 'custom';
198
+ security.addRoles([doc]);
199
+ }
200
+ callback(err, doc);
201
+ });
202
+ };
227
203
 
228
- security.removeUserFinger = function (obj) {
229
- delete obj.$req;
230
- delete obj.$res;
204
+ security.updateRole = security.editeRole = function (role, callback) {
205
+ callback = callback || function () {};
206
+ ____0.$roles.update(role, (err, result) => {
207
+ if (!err) {
208
+ security.roles.forEach((r) => {
209
+ if (r.id == role.id) {
210
+ r = role;
211
+ }
212
+ });
213
+ }
214
+ callback(err, result);
215
+ });
216
+ };
231
217
 
232
- return obj;
233
- };
234
- security.getUserFinger = function (obj) {
235
- let req = obj.$req;
236
- let res = obj.$res;
218
+ security.deleteRole = security.removeRole = function (role, callback) {
219
+ callback = callback || function () {};
220
+ ____0.$roles.delete(
221
+ {
222
+ where: {
223
+ id: role.id,
224
+ },
225
+ },
226
+ (err, result) => {
227
+ if (!err) {
228
+ security.roles.forEach((r, i) => {
229
+ if (r.name == role.name) {
230
+ security.roles.splice(i, 1);
231
+ }
232
+ });
233
+ }
234
+ callback(err, result);
235
+ },
236
+ );
237
+ };
237
238
 
238
- let userFinger = {
239
- id: null,
240
- email: null,
241
- date: new Date(),
242
- ip: null,
239
+ security.addRoles = function (list, callback) {
240
+ callback = callback || function () {};
241
+ if (typeof list === 'string') {
242
+ ____0.readFile(list, (err, data) => {
243
+ if (!err) {
244
+ let arr = ____0.fromJson(data);
245
+ for (let i = 0; i < arr.length; i++) {
246
+ security.roles.push(arr[i]);
247
+ }
248
+ }
249
+ callback(security.roles);
250
+ });
251
+ } else if (typeof list === 'object') {
252
+ for (let i = 0; i < list.length; i++) {
253
+ security.roles.push(list[i]);
254
+ }
255
+ callback(security.roles);
256
+ }
243
257
  };
244
258
 
245
- if (req && req.session && req.session.user) {
246
- req.session.user.profile = req.session.user.profile || {};
247
- userFinger.id = req.session.user.id;
248
- userFinger.email = req.session.user.email;
249
- userFinger.name = req.session.user.profile.name || userFinger.email;
250
- userFinger.name_ar = req.session.user.profile.name_ar || userFinger.email;
251
- userFinger.name_en = req.session.user.profile.name_en || userFinger.email;
252
- userFinger.ip = req.ip;
253
- } else {
254
- }
259
+ security.busy = !1;
255
260
 
256
- return userFinger;
257
- };
261
+ security.removeUserFinger = function (obj) {
262
+ delete obj.$req;
263
+ delete obj.$res;
258
264
 
259
- security.handleUser = function (_user) {
260
- _user.roles = _user.roles || [];
261
- _user.permissions = _user.permissions || [];
262
- _user.$permissions = [];
263
- _user.$permissions_info = [];
265
+ return obj;
266
+ };
267
+ security.getUserFinger = function (obj) {
268
+ let req = obj.$req;
269
+ let res = obj.$res;
270
+
271
+ let userFinger = {
272
+ id: null,
273
+ email: null,
274
+ date: new Date(),
275
+ ip: null,
276
+ };
264
277
 
265
- _user.permissions.forEach((p) => {
266
- if (p.name && _user.$permissions.filter((_p) => _p == p.name).length === 0) _user.$permissions.push(p.name);
267
- });
278
+ if (req && req.session && req.session.user) {
279
+ req.session.user.profile = req.session.user.profile || {};
280
+ userFinger.id = req.session.user.id;
281
+ userFinger.email = req.session.user.email;
282
+ userFinger.name = req.session.user.profile.name || userFinger.email;
283
+ userFinger.name_ar = req.session.user.profile.name_ar || userFinger.email;
284
+ userFinger.name_en = req.session.user.profile.name_en || userFinger.email;
285
+ userFinger.ip = req.ip;
286
+ } else {
287
+ }
268
288
 
269
- _user.roles.forEach((role) => {
270
- if (role === '*') {
271
- _user.$permissions.push('*');
272
- }
273
- delete role.permissions;
274
-
275
- security.roles
276
- .filter((r) => r.name == role.name)
277
- .map((r) => r.permissions)
278
- .forEach((ps) => {
279
- ps.forEach((p) => {
280
- if (_user.$permissions.filter((_p) => _p == p).length === 0) _user.$permissions.push(p);
281
- security.permissions.forEach((p2) => {
282
- if (p2.name == '*') {
283
- }
284
- if (p2.name == p) {
285
- _user.$permissions_info.push(p2);
286
- }
287
- });
288
- });
289
+ return userFinger;
290
+ };
291
+
292
+ security.handleUser = function (_user) {
293
+ _user.roles = _user.roles || [];
294
+ _user.permissions = _user.permissions || [];
295
+ _user.$permissions = [];
296
+ _user.$permissions_info = [];
297
+
298
+ _user.permissions.forEach((p) => {
299
+ if (p.name && _user.$permissions.filter((_p) => _p == p.name).length === 0) _user.$permissions.push(p.name);
289
300
  });
290
- });
291
301
 
292
- return _user;
293
- };
294
-
295
- security.loadAllUsers = function (callback) {
296
- callback = callback || function () {};
297
- ____0.$users.findMany(
298
- {
299
- limit: 10000,
300
- select: {},
301
- },
302
- function (err, docs) {
303
- if (!docs) {
304
- docs = [];
305
- }
306
- callback(err, docs);
307
- },
308
- );
309
- };
310
-
311
- security.loadAllRoles = function (callback) {
312
- callback = callback || function () {};
313
- ____0.$roles.findMany(
314
- {
315
- limit: 10000,
316
- select: {},
317
- },
318
- function (err, docs) {
319
- if (!docs) {
320
- docs = [];
321
- }
322
- callback(err, docs);
323
- },
324
- );
325
- };
302
+ _user.roles.forEach((role) => {
303
+ if (role === '*') {
304
+ _user.$permissions.push('*');
305
+ }
306
+ delete role.permissions;
307
+
308
+ security.roles
309
+ .filter((r) => r.name == role.name)
310
+ .map((r) => r.permissions)
311
+ .forEach((ps) => {
312
+ ps.forEach((p) => {
313
+ if (_user.$permissions.filter((_p) => _p == p).length === 0) _user.$permissions.push(p);
314
+ security.permissions.forEach((p2) => {
315
+ if (p2.name == '*') {
316
+ }
317
+ if (p2.name == p) {
318
+ _user.$permissions_info.push(p2);
319
+ }
320
+ });
321
+ });
322
+ });
323
+ });
326
324
 
327
- security.getUsers = function (options, callback) {
328
- callback = callback || function () {};
329
- ____0.$users.findMany(options, function (err, docs, count) {
330
- if (!err && docs) {
331
- docs.forEach((doc) => {
332
- doc = Object.assign(doc, security.handleUser(doc));
325
+ return _user;
326
+ };
327
+
328
+ security.loadAllUsers = function (callback) {
329
+ callback = callback || function () {};
330
+ ____0.$users.findMany(
331
+ {
332
+ limit: 10000,
333
+ select: {},
334
+ },
335
+ function (err, docs) {
336
+ if (!docs) {
337
+ docs = [];
338
+ }
339
+ callback(err, docs);
340
+ },
341
+ );
342
+ };
343
+
344
+ security.loadAllRoles = function (callback) {
345
+ callback = callback || function () {};
346
+ ____0.$roles.findMany(
347
+ {
348
+ limit: 10000,
349
+ select: {},
350
+ },
351
+ function (err, docs) {
352
+ if (!docs) {
353
+ docs = [];
354
+ }
355
+ callback(err, docs);
356
+ },
357
+ );
358
+ };
359
+
360
+ security.getUsers = function (options, callback) {
361
+ callback = callback || function () {};
362
+ ____0.$users.findMany(options, function (err, docs, count) {
363
+ if (!err && docs) {
364
+ docs.forEach((doc) => {
365
+ doc = Object.assign(doc, security.handleUser(doc));
366
+ });
367
+ }
368
+ callback(err, docs, count);
333
369
  });
334
- }
335
- callback(err, docs, count);
336
- });
337
- };
338
-
339
- security.getUser = function (userArgs, callback) {
340
- callback = callback || function () {};
341
- for (let i = 0; i < security.users.length; i++) {
342
- let user = security.users[i];
343
-
344
- if (
345
- (userArgs.id && user.id === userArgs.id) ||
346
- (!user.key && userArgs.email && user.email === userArgs.email) ||
347
- (!user.key && userArgs.userName && user.userName === userArgs.userName) ||
348
- (!user.key && userArgs.mobile && user.mobile === userArgs.mobile) ||
349
- (user.key && userArgs.key && user.key === userArgs.key) ||
350
- (user.key && userArgs.email && user.key === ____0.x0md50x(userArgs.email))
351
- ) {
352
- user.$memory = !0;
353
- user = security.handleUser(user);
354
- callback(null, user);
355
- return;
356
- }
357
- }
370
+ };
358
371
 
359
- ____0.$users.findOne(
360
- {
361
- where: userArgs,
362
- select: {},
363
- },
364
- function (err, doc) {
365
- if (doc && (userArgs.id || userArgs.email)) {
366
- doc = security.handleUser(doc);
367
- security.users.push(doc);
372
+ security.getUser = function (userArgs, callback) {
373
+ callback = callback || function () {};
374
+ for (let i = 0; i < security.users.length; i++) {
375
+ let user = security.users[i];
376
+
377
+ if (
378
+ (userArgs.id && user.id === userArgs.id) ||
379
+ (!user.key && userArgs.email && user.email === userArgs.email) ||
380
+ (!user.key && userArgs.userName && user.userName === userArgs.userName) ||
381
+ (!user.key && userArgs.mobile && user.mobile === userArgs.mobile) ||
382
+ (user.key && userArgs.key && user.key === userArgs.key) ||
383
+ (user.key && userArgs.email && user.key === ____0.x0md50x(userArgs.email))
384
+ ) {
385
+ user.$memory = !0;
386
+ user = security.handleUser(user);
387
+ callback(null, user);
388
+ return;
389
+ }
368
390
  }
369
- callback(err, doc);
370
- },
371
- );
372
- };
373
-
374
- security.isUserExists = function (user, callback) {
375
- callback = callback || function () {};
376
- if (typeof user !== 'object' || typeof user.email !== 'string' || user.email == '') {
377
- callback({
378
- message: 'email not set',
379
- });
380
- return;
381
- }
382
391
 
383
- for (var i = 0; i < security.users.length; i++) {
384
- var _user = security.users[i];
385
- if (_user.email == user.email && _user.password == user.password) {
386
- callback(null, {..._user});
387
- return;
388
- }
389
- }
390
-
391
- ____0.$users.findOne(
392
- {
393
- where: {
394
- email: user.email.toLowerCase(),
395
- },
396
- },
397
- function (err, doc) {
398
- if (doc) {
399
- doc = security.handleUser(doc);
400
- callback(err, doc);
401
- security.users.push(doc);
402
- } else {
403
- callback(
392
+ ____0.$users.findOne(
404
393
  {
405
- message: 'User Not Exists',
394
+ where: userArgs,
395
+ select: {},
396
+ },
397
+ function (err, doc) {
398
+ if (doc && (userArgs.id || userArgs.email)) {
399
+ doc = security.handleUser(doc);
400
+ security.users.push(doc);
401
+ }
402
+ callback(err, doc);
406
403
  },
407
- null,
408
- );
404
+ );
405
+ };
406
+
407
+ security.isUserExists = function (user, callback) {
408
+ callback = callback || function () {};
409
+ if (typeof user !== 'object' || typeof user.email !== 'string' || user.email == '') {
410
+ callback({
411
+ message: 'email not set',
412
+ });
413
+ return;
409
414
  }
410
- },
411
- );
412
- };
413
-
414
- security.login = function (user, callback) {
415
- callback = callback || function () {};
416
- let $req = user.$req;
417
- let $res = user.$res;
418
-
419
- delete user.$req;
420
- delete user.$res;
421
-
422
- if (user && user.email && user.password) {
423
- user.email = user.email.trim().toLowerCase();
424
- } else if (user && user.mobile && user.password) {
425
- user.mobile = user.mobile.trim().toLowerCase();
426
- } else if (user && user.userName && user.password) {
427
- user.userName = user.userName.trim().toLowerCase();
428
- } else {
429
- callback({
430
- message: 'User Info Not Correct',
431
- });
432
- return;
433
- }
434
415
 
435
- for (var i = 0; i < security.users.length; i++) {
436
- var _user = security.users[i];
437
- if (
438
- (!_user.key && user.email && _user.email === user.email && _user.password === user.password) ||
439
- (!_user.key && user.mobile && _user.mobile === user.mobile && _user.password === user.password) ||
440
- (!_user.key && user.userName && _user.userName === user.userName && _user.password === user.password) ||
441
- (_user.key && user.key && _user.key === user.key) ||
442
- (_user.key && user.email && user.password && _user.key === ____0.x0md50x(user.email + user.password))
443
- ) {
444
- if ($req) {
445
- $req.session.user = _user;
446
- $req.session.set('user_id', _user.id);
416
+ for (var i = 0; i < security.users.length; i++) {
417
+ var _user = security.users[i];
418
+ if (_user.email == user.email && _user.password == user.password) {
419
+ callback(null, { ..._user });
420
+ return;
421
+ }
447
422
  }
448
- callback(null, _user);
449
- ____0.call('user login', {
450
- db: ____0.$users.db,
451
- collection: ____0.$users.collection,
452
- doc: _user,
453
- $res: $res,
454
- $req: $req,
455
- });
456
423
 
457
- return;
458
- }
459
- }
424
+ ____0.$users.findOne(
425
+ {
426
+ where: {
427
+ email: user.email.toLowerCase(),
428
+ },
429
+ },
430
+ function (err, doc) {
431
+ if (doc) {
432
+ doc = security.handleUser(doc);
433
+ callback(err, doc);
434
+ security.users.push(doc);
435
+ } else {
436
+ callback(
437
+ {
438
+ message: 'User Not Exists',
439
+ },
440
+ null,
441
+ );
442
+ }
443
+ },
444
+ );
445
+ };
460
446
 
461
- let where = {
462
- password : user.password
463
- }
464
- if(user.email){
465
- where.email = user.email
466
- }else if(user.mobile){
467
- where.mobile = user.mobile
468
- }else if(user.userName){
469
- where.userName = user.userName
470
- }else{
471
- callback({
472
- message: 'User Info Not Correct',
473
- });
474
- return;
475
- }
476
- ____0.$users.findOne(
477
- {
478
- where: where,
479
- },
480
- function (err, doc) {
481
- if (doc) {
482
- doc = security.handleUser(doc);
483
-
484
- security.users.push(doc);
485
-
486
- if ($req) {
487
- $req.session.user = doc;
488
- $req.session.set('user_id', doc.id);
489
- }
490
-
491
- callback(null, doc);
492
-
493
- ____0.call('user login', {
494
- db: ____0.$users.db,
495
- collection: ____0.$users.collection,
496
- doc: doc,
497
- $res: $res,
498
- $req: $req,
499
- });
447
+ security.login = function (user, callback) {
448
+ callback = callback || function () {};
449
+ let $req = user.$req;
450
+ let $res = user.$res;
451
+
452
+ delete user.$req;
453
+ delete user.$res;
454
+
455
+ if (user && user.email && user.password) {
456
+ user.email = user.email.trim().toLowerCase();
457
+ } else if (user && user.mobile && user.password) {
458
+ user.mobile = user.mobile.trim().toLowerCase();
459
+ } else if (user && user.userName && user.password) {
460
+ user.userName = user.userName.trim().toLowerCase();
500
461
  } else {
501
- if (err) {
502
- callback(err);
503
- } else {
504
462
  callback({
505
- message: 'email or password error',
463
+ message: 'User Info Not Correct',
506
464
  });
507
- }
465
+ return;
466
+ }
508
467
 
509
- ____0.call('security error', {
510
- message: 'email or password error',
511
- });
468
+ for (var i = 0; i < security.users.length; i++) {
469
+ var _user = security.users[i];
470
+ if (
471
+ (!_user.key && user.email && _user.email === user.email && _user.password === user.password) ||
472
+ (!_user.key && user.mobile && _user.mobile === user.mobile && _user.password === user.password) ||
473
+ (!_user.key && user.userName && _user.userName === user.userName && _user.password === user.password) ||
474
+ (_user.key && user.key && _user.key === user.key) ||
475
+ (_user.key && user.email && user.password && _user.key === ____0.x0md50x(user.email + user.password))
476
+ ) {
477
+ if ($req) {
478
+ $req.session.user = _user;
479
+ $req.session.user_id = _user.id;
480
+ ____0.saveSession($req.session);
481
+ }
482
+ callback(null, _user);
483
+ ____0.call('user login', {
484
+ db: ____0.$users.db,
485
+ collection: ____0.$users.collection,
486
+ doc: _user,
487
+ $res: $res,
488
+ $req: $req,
489
+ });
490
+
491
+ return;
492
+ }
512
493
  }
513
- },
514
- );
515
- };
516
-
517
- security.register = function (user, callback) {
518
- callback = callback || function () {};
519
- let $req = user.$req;
520
- let $res = user.$res;
521
-
522
- delete user.$req;
523
- delete user.$res;
524
-
525
- if (user && user.email && user.password) {
526
- user.email = user.email.trim().toLowerCase();
527
- } else if (user && user.mobile && user.password) {
528
- user.mobile = user.mobile.trim().toLowerCase();
529
- } else if (user && user.userName && user.password) {
530
- user.userName = user.userName.trim().toLowerCase();
531
- } else {
532
- callback({
533
- message: 'User Info Not Correct',
534
- });
535
- return;
536
- }
537
494
 
538
- security.isUserExists(user, function (err, u) {
539
- if (u) {
540
- callback({
541
- message: 'Register Error , User Exists',
542
- });
543
- } else {
544
- user.profile = user.profile || {
545
- name: user.email,
495
+ let where = {
496
+ password: user.password,
546
497
  };
547
- user.permissions = user.permissions || [];
548
- user.roles = user.roles || [];
498
+ if (user.email) {
499
+ where.email = user.email;
500
+ } else if (user.mobile) {
501
+ where.mobile = user.mobile;
502
+ } else if (user.userName) {
503
+ where.userName = user.userName;
504
+ } else {
505
+ callback({
506
+ message: 'User Info Not Correct',
507
+ });
508
+ return;
509
+ }
510
+ ____0.$users.findOne(
511
+ {
512
+ where: where,
513
+ },
514
+ function (err, doc) {
515
+ if (doc) {
516
+ doc = security.handleUser(doc);
517
+
518
+ security.users.push(doc);
519
+
520
+ if ($req) {
521
+ $req.session.user = doc;
522
+ $req.session.user_id = doc.id;
523
+ ____0.saveSession($req.session);
524
+ }
525
+
526
+ callback(null, doc);
527
+
528
+ ____0.call('user login', {
529
+ db: ____0.$users.db,
530
+ collection: ____0.$users.collection,
531
+ doc: doc,
532
+ $res: $res,
533
+ $req: $req,
534
+ });
535
+ } else {
536
+ if (err) {
537
+ callback(err);
538
+ } else {
539
+ callback({
540
+ message: 'email or password error',
541
+ });
542
+ }
543
+
544
+ ____0.call('security error', {
545
+ message: 'email or password error',
546
+ });
547
+ }
548
+ },
549
+ );
550
+ };
549
551
 
550
- ____0.$users.insertOne(user, function (err, doc) {
551
- if (doc) {
552
- doc = security.handleUser(doc);
552
+ security.register = function (user, callback) {
553
+ callback = callback || function () {};
554
+ let $req = user.$req;
555
+ let $res = user.$res;
553
556
 
554
- security.users.push(doc);
555
- if ($req) {
556
- $req.session.user = doc;
557
- $req.session.set('user_id', doc.id);
558
- }
559
- ____0.call('user register', {
560
- db: ____0.$users.db,
561
- collection: ____0.$users.collection,
562
- doc: doc,
563
- $res: $res,
564
- $req: $req,
557
+ delete user.$req;
558
+ delete user.$res;
559
+
560
+ if (user && user.email && user.password) {
561
+ user.email = user.email.trim().toLowerCase();
562
+ } else if (user && user.mobile && user.password) {
563
+ user.mobile = user.mobile.trim().toLowerCase();
564
+ } else if (user && user.userName && user.password) {
565
+ user.userName = user.userName.trim().toLowerCase();
566
+ } else {
567
+ callback({
568
+ message: 'User Info Not Correct',
565
569
  });
566
- }
567
- callback(err, doc);
568
- if (err) {
569
- ____0.call('security error', err);
570
- }
570
+ return;
571
+ }
572
+
573
+ security.isUserExists(user, function (err, u) {
574
+ if (u) {
575
+ callback({
576
+ message: 'Register Error , User Exists',
577
+ });
578
+ } else {
579
+ user.profile = user.profile || {
580
+ name: user.email,
581
+ };
582
+ user.permissions = user.permissions || [];
583
+ user.roles = user.roles || [];
584
+
585
+ ____0.$users.insertOne(user, function (err, doc) {
586
+ if (doc) {
587
+ doc = security.handleUser(doc);
588
+
589
+ security.users.push(doc);
590
+ if ($req) {
591
+ $req.session.user = doc;
592
+ $req.session.user_id = doc.id;
593
+ ____0.saveSession($req.session);
594
+ }
595
+ ____0.call('user register', {
596
+ db: ____0.$users.db,
597
+ collection: ____0.$users.collection,
598
+ doc: doc,
599
+ $res: $res,
600
+ $req: $req,
601
+ });
602
+ }
603
+ callback(err, doc);
604
+ if (err) {
605
+ ____0.call('security error', err);
606
+ }
607
+ });
608
+ }
571
609
  });
572
- }
573
- });
574
- };
575
-
576
- security.logout = function (req, res, callback) {
577
- callback = callback || function () {};
578
-
579
- if (security.isUserLogin(req, res)) {
580
- let _user = req.session.user;
581
- ____0.call('[session][delete]', {
582
- accessToken: req.session.accessToken,
583
- });
584
-
585
- ____0.call('user logout', {
586
- db: ____0.$users.db,
587
- collection: ____0.$users.collection,
588
- doc: _user,
589
- $res: res,
590
- $req: req,
591
- });
592
- }
610
+ };
593
611
 
594
- res.cookie('access_token', ____0.x0md50x(new Date().getTime().toString() + '_' + Math.random() * (10000 - 1000) + 1000));
595
- callback(null, !0);
596
- };
597
-
598
- security.addUser = function (user, callback) {
599
- callback = callback || function () {};
600
-
601
- let $req = user.$req;
602
- let $res = user.$res;
603
-
604
- delete user.$req;
605
- delete user.$res;
606
-
607
- if (user && user.email && user.password) {
608
- user.email = user.email.trim().toLowerCase();
609
- } else if (user && user.mobile && user.password) {
610
- user.mobile = user.mobile.trim().toLowerCase();
611
- } else if (user && user.userName && user.password) {
612
- user.userName = user.userName.trim().toLowerCase();
613
- } else {
614
- callback({
615
- message: 'User Info Not Correct',
616
- });
617
- return;
618
- }
612
+ security.logout = function (req, res, callback) {
613
+ callback = callback || function () {};
619
614
 
620
- security.isUserExists(user, function (err, u) {
621
- if (u) {
622
- callback({
623
- message: 'Error , User Exists',
624
- });
615
+ if (security.isUserLogin(req, res)) {
616
+ let _user = req.session.user;
617
+ ____0.call('[session][delete]', {
618
+ accessToken: req.session.accessToken,
619
+ });
625
620
 
626
- return;
627
- } else {
628
- user.profile = user.profile || {};
629
- user.permissions = user.permissions || [];
630
- user.roles = user.roles || [];
631
- user.added_user_info = security.getUserFinger({
632
- $req: $req,
633
- $res: $res,
634
- });
621
+ ____0.call('user logout', {
622
+ db: ____0.$users.db,
623
+ collection: ____0.$users.collection,
624
+ doc: _user,
625
+ $res: res,
626
+ $req: req,
627
+ });
628
+ }
635
629
 
636
- ____0.$users.insertOne(user, function (err, doc) {
637
- if (doc) {
638
- doc = Object.assign(doc, security.handleUser(doc));
630
+ res.cookie('access_token', ____0.x0md50x(new Date().getTime().toString() + '_' + Math.random() * (10000 - 1000) + 1000));
631
+ callback(null, !0);
632
+ };
639
633
 
640
- security.users.push(doc);
634
+ security.addUser = function (user, callback) {
635
+ callback = callback || function () {};
641
636
 
642
- ____0.call('user add', {
643
- db: ____0.$users.db,
644
- collection: ____0.$users.collection,
645
- doc: doc,
646
- $req: $req,
647
- $res: $res,
648
- });
649
- }
637
+ let $req = user.$req;
638
+ let $res = user.$res;
650
639
 
651
- callback(err, doc);
640
+ delete user.$req;
641
+ delete user.$res;
652
642
 
653
- if (err) {
654
- ____0.call('security error', err);
655
- }
656
- });
657
- }
658
- });
659
- };
660
-
661
- security.updateUser = function (user, callback) {
662
- callback = callback || function () {};
663
- let $req = user.$req;
664
- let $res = user.$res;
665
-
666
- delete user.$req;
667
- delete user.$res;
668
-
669
- let where = {};
670
- if (user.id) {
671
- where.id = user.id;
672
- } else if (user.email) {
673
- where.email = user.email;
674
- } else if (user.mobile) {
675
- where.mobile = user.mobile;
676
- } else if (user.userName) {
677
- where.userName = user.userName;
678
- } else {
679
- callback({
680
- message: 'User Info Not Correct',
681
- });
682
- return;
683
- }
643
+ if (user && user.email && user.password) {
644
+ user.email = user.email.trim().toLowerCase();
645
+ } else if (user && user.mobile && user.password) {
646
+ user.mobile = user.mobile.trim().toLowerCase();
647
+ } else if (user && user.userName && user.password) {
648
+ user.userName = user.userName.trim().toLowerCase();
649
+ } else {
650
+ callback({
651
+ message: 'User Info Not Correct',
652
+ });
653
+ return;
654
+ }
684
655
 
685
- ____0.$users.update(
686
- {
687
- where: where,
688
- set: user,
689
- $req: $req,
690
- $res: $res,
691
- },
692
- function (err, result) {
693
- callback(err, result);
694
- if (result.doc) {
695
- for (let i = 0; i < security.users.length; i++) {
696
- let element = security.users[i];
697
- if (element.id == result.doc.id) {
698
- element = Object.assign(element, security.handleUser(result.doc));
699
- security.users[i] = element;
656
+ security.isUserExists(user, function (err, u) {
657
+ if (u) {
658
+ callback({
659
+ message: 'Error , User Exists',
660
+ });
661
+
662
+ return;
663
+ } else {
664
+ user.profile = user.profile || {};
665
+ user.permissions = user.permissions || [];
666
+ user.roles = user.roles || [];
667
+ user.added_user_info = security.getUserFinger({
668
+ $req: $req,
669
+ $res: $res,
670
+ });
671
+
672
+ ____0.$users.insertOne(user, function (err, doc) {
673
+ if (doc) {
674
+ doc = Object.assign(doc, security.handleUser(doc));
675
+
676
+ security.users.push(doc);
677
+
678
+ ____0.call('user add', {
679
+ db: ____0.$users.db,
680
+ collection: ____0.$users.collection,
681
+ doc: doc,
682
+ $req: $req,
683
+ $res: $res,
684
+ });
685
+ }
686
+
687
+ callback(err, doc);
688
+
689
+ if (err) {
690
+ ____0.call('security error', err);
691
+ }
692
+ });
700
693
  }
701
- }
702
- ____0.call('user update', result);
703
- ____0.call('[session][user][update]', result.doc);
704
- }
705
- },
706
- );
707
- };
708
- security.deleteUser = function (user, callback) {
709
- callback = callback || function () {};
710
- ____0.$users.deleteOne(
711
- {
712
- id: user.id,
713
- },
714
- function (err, result) {
715
- if (err) {
716
- callback(err, result);
694
+ });
695
+ };
696
+
697
+ security.updateUser = function (user, callback) {
698
+ callback = callback || function () {};
699
+ let $req = user.$req;
700
+ let $res = user.$res;
701
+
702
+ delete user.$req;
703
+ delete user.$res;
704
+
705
+ let where = {};
706
+ if (user.id) {
707
+ where.id = user.id;
708
+ } else if (user.email) {
709
+ where.email = user.email;
710
+ } else if (user.mobile) {
711
+ where.mobile = user.mobile;
712
+ } else if (user.userName) {
713
+ where.userName = user.userName;
717
714
  } else {
718
- for (let i = 0; i < security.users.length; i++) {
719
- let element = security.users[i];
720
- if (element.id == user.id) {
721
- security.users.splice(i, 1);
722
- break;
723
- }
724
- }
725
- callback(err, result);
726
- if (!err && result) {
727
- ____0.call('user delete', result);
728
- }
715
+ callback({
716
+ message: 'User Info Not Correct',
717
+ });
718
+ return;
729
719
  }
730
- },
731
- );
732
- };
733
720
 
734
- security.isUserLogin = function (req, res) {
735
- if (req.session.user) {
736
- return !0;
737
- }
738
- return !1;
739
- };
721
+ ____0.$users.update(
722
+ {
723
+ where: where,
724
+ set: user,
725
+ $req: $req,
726
+ $res: $res,
727
+ },
728
+ function (err, result) {
729
+ callback(err, result);
730
+ if (result.doc) {
731
+ for (let i = 0; i < security.users.length; i++) {
732
+ let element = security.users[i];
733
+ if (element.id == result.doc.id) {
734
+ element = Object.assign(element, security.handleUser(result.doc));
735
+ security.users[i] = element;
736
+ }
737
+ }
738
+ ____0.call('user update', result);
739
+ ____0.call('[session][user][update]', result.doc);
740
+ }
741
+ },
742
+ );
743
+ };
744
+ security.deleteUser = function (user, callback) {
745
+ callback = callback || function () {};
746
+ ____0.$users.deleteOne(
747
+ {
748
+ id: user.id,
749
+ },
750
+ function (err, result) {
751
+ if (err) {
752
+ callback(err, result);
753
+ } else {
754
+ for (let i = 0; i < security.users.length; i++) {
755
+ let element = security.users[i];
756
+ if (element.id == user.id) {
757
+ security.users.splice(i, 1);
758
+ break;
759
+ }
760
+ }
761
+ callback(err, result);
762
+ if (!err && result) {
763
+ ____0.call('user delete', result);
764
+ }
765
+ }
766
+ },
767
+ );
768
+ };
769
+
770
+ security.isUserLogin = function (req, res) {
771
+ if (req.session.user) {
772
+ return !0;
773
+ }
774
+ return !1;
775
+ };
740
776
 
741
- security.isUserHasPermission = function (req, res, permission) {
742
- let user = req.session.user;
777
+ security.isUserHasPermission = function (req, res, permission) {
778
+ let user = req.session.user;
743
779
 
744
- if (typeof permission == 'string') {
745
- let ok = !0;
780
+ if (typeof permission == 'string') {
781
+ let ok = !0;
746
782
 
747
- if (permission == '*') {
748
- return ok;
749
- }
783
+ if (permission == '*') {
784
+ return ok;
785
+ }
750
786
 
751
- if (permission.startsWith('!')) {
752
- permission = permission.substring(1);
753
- ok = !1;
754
- }
787
+ if (permission.startsWith('!')) {
788
+ permission = permission.substring(1);
789
+ ok = !1;
790
+ }
755
791
 
756
- if (permission == 'login') {
757
- if (security.isUserLogin(req, res)) {
758
- return ok;
759
- } else {
760
- return !ok;
761
- }
762
- }
763
-
764
- if (user && user.$permissions) {
765
- for (var i = 0; i < user.$permissions.length; i++) {
766
- var p = user.$permissions[i];
767
- if (permission == p) {
768
- return ok;
769
- }
770
- if (p == '*') {
771
- return ok;
772
- }
792
+ if (permission == 'login') {
793
+ if (security.isUserLogin(req, res)) {
794
+ return ok;
795
+ } else {
796
+ return !ok;
797
+ }
798
+ }
799
+
800
+ if (user && user.$permissions) {
801
+ for (var i = 0; i < user.$permissions.length; i++) {
802
+ var p = user.$permissions[i];
803
+ if (permission == p) {
804
+ return ok;
805
+ }
806
+ if (p == '*') {
807
+ return ok;
808
+ }
809
+ }
810
+ }
811
+
812
+ return !ok;
773
813
  }
774
- }
775
814
 
776
- return !ok;
777
- }
815
+ return !1;
816
+ };
778
817
 
779
- return !1;
780
- };
818
+ security.isUserHasPermissions = function (req, res, permissions) {
819
+ let user = req.session.user;
820
+ let arr = [];
821
+ let any = !0;
781
822
 
782
- security.isUserHasPermissions = function (req, res, permissions) {
783
- let user = req.session.user;
784
- let arr = [];
785
- let any = !0;
823
+ if (typeof permissions === 'string') {
824
+ if (permissions.like('*&&*')) {
825
+ any = !1;
826
+ }
827
+ permissions = permissions.split('&&').join(',').split('||').join(',').split(',');
828
+ }
786
829
 
787
- if (typeof permissions === 'string') {
788
- if (permissions.like('*&&*')) {
789
- any = !1;
790
- }
791
- permissions = permissions.split('&&').join(',').split('||').join(',').split(',');
792
- }
830
+ permissions.forEach((p) => {
831
+ if (p) {
832
+ arr.push(security.isUserHasPermission(req, res, p.trim()));
833
+ }
834
+ });
793
835
 
794
- permissions.forEach((p) => {
795
- if (p) {
796
- arr.push(security.isUserHasPermission(req, res, p.trim()));
797
- }
798
- });
836
+ let out = !1;
799
837
 
800
- let out = !1;
838
+ if (any) {
839
+ arr.forEach((p) => {
840
+ if (p) {
841
+ out = !0;
842
+ }
843
+ });
801
844
 
802
- if (any) {
803
- arr.forEach((p) => {
804
- if (p) {
805
- out = !0;
845
+ return out || !1;
846
+ } else {
847
+ arr.forEach((p) => {
848
+ if (!p) {
849
+ out = !1;
850
+ }
851
+ });
852
+ return out && !0;
806
853
  }
807
- });
808
854
 
809
- return out || !1;
810
- } else {
811
- arr.forEach((p) => {
812
- if (!p) {
813
- out = !1;
814
- }
815
- });
816
- return out && !0;
817
- }
855
+ return !1;
856
+ };
857
+
858
+ security.isUserHasRole = function (req, res, role) {
859
+ let user = req.session.user;
818
860
 
819
- return !1;
820
- };
821
-
822
- security.isUserHasRole = function (req, res, role) {
823
- let user = req.session.user;
824
-
825
- if (typeof role == 'string') {
826
- let ok = !0;
827
- if (role.startsWith('!')) {
828
- role = role.substring(1);
829
- ok = !1;
830
- }
831
-
832
- if (user && user.roles) {
833
- for (var i = 0; i < user.roles.length; i++) {
834
- var p = user.roles[i];
835
- if (role == p.name) {
836
- return ok;
837
- }
838
- if (p == '*') {
839
- return ok;
840
- }
861
+ if (typeof role == 'string') {
862
+ let ok = !0;
863
+ if (role.startsWith('!')) {
864
+ role = role.substring(1);
865
+ ok = !1;
866
+ }
867
+
868
+ if (user && user.roles) {
869
+ for (var i = 0; i < user.roles.length; i++) {
870
+ var p = user.roles[i];
871
+ if (role == p.name) {
872
+ return ok;
873
+ }
874
+ if (p == '*') {
875
+ return ok;
876
+ }
877
+ }
878
+ }
879
+ return !ok;
841
880
  }
842
- }
843
- return !ok;
844
- }
845
881
 
846
- return !1;
847
- };
882
+ return !1;
883
+ };
848
884
 
849
- security.isUserHasRoles = function (req, res, roles) {
850
- let user = req.session.user;
851
- let arr = [];
852
- let any = !0;
885
+ security.isUserHasRoles = function (req, res, roles) {
886
+ let user = req.session.user;
887
+ let arr = [];
888
+ let any = !0;
853
889
 
854
- if (typeof roles === 'string') {
855
- if (roles.like('*&&*')) {
856
- any = !1;
857
- }
858
- roles = roles.split('&&').join(',').split('||').join(',').split(',');
859
- }
890
+ if (typeof roles === 'string') {
891
+ if (roles.like('*&&*')) {
892
+ any = !1;
893
+ }
894
+ roles = roles.split('&&').join(',').split('||').join(',').split(',');
895
+ }
860
896
 
861
- roles.forEach((p) => {
862
- arr.push(security.isUserHasRole(req, res, p.trim()));
863
- });
897
+ roles.forEach((p) => {
898
+ arr.push(security.isUserHasRole(req, res, p.trim()));
899
+ });
864
900
 
865
- let out = !1;
901
+ let out = !1;
866
902
 
867
- if (any) {
868
- arr.forEach((p) => {
869
- if (p) {
870
- out = !0;
871
- }
872
- });
873
- return out || !1;
874
- } else {
875
- arr.forEach((p) => {
876
- if (!p) {
877
- out = !1;
903
+ if (any) {
904
+ arr.forEach((p) => {
905
+ if (p) {
906
+ out = !0;
907
+ }
908
+ });
909
+ return out || !1;
910
+ } else {
911
+ arr.forEach((p) => {
912
+ if (!p) {
913
+ out = !1;
914
+ }
915
+ });
916
+ return out && !0;
878
917
  }
879
- });
880
- return out && !0;
881
- }
882
918
 
883
- return !1;
884
- };
919
+ return !1;
920
+ };
885
921
 
886
- security.getUserPermissions = function (req, res) {
887
- let user = req.session.user;
888
- if (user && user.permissions) {
889
- return user.permissions;
890
- }
891
- return [];
892
- };
922
+ security.getUserPermissions = function (req, res) {
923
+ let user = req.session.user;
924
+ if (user && user.permissions) {
925
+ return user.permissions;
926
+ }
927
+ return [];
928
+ };
893
929
 
894
- security.getUserRoles = function (req, res) {
895
- let user = req.session.user;
896
- if (user && user.roles) {
897
- return user.roles;
898
- }
899
- return [];
900
- };
901
-
902
- security.addUserPermission = function (id, permission, callback) {
903
- callback = callback || function () {};
904
- let user = security.getUser(
905
- {
906
- id: id,
907
- },
908
- function (err, user) {
909
- if (user) {
910
- if (typeof permission == 'string') {
911
- permission = {
912
- name: permission,
913
- };
914
- }
915
- user.permissions.push(permission);
916
- ____0.$users.updateOne(
930
+ security.getUserRoles = function (req, res) {
931
+ let user = req.session.user;
932
+ if (user && user.roles) {
933
+ return user.roles;
934
+ }
935
+ return [];
936
+ };
937
+
938
+ security.addUserPermission = function (id, permission, callback) {
939
+ callback = callback || function () {};
940
+ let user = security.getUser(
917
941
  {
918
- where: {
919
942
  id: id,
920
- },
921
- set: {
922
- permissions: user.permissions,
923
- },
924
943
  },
925
- function (err, result) {
926
- if (err) {
927
- callback(err, result);
928
- } else {
929
- callback(err, result);
930
- }
944
+ function (err, user) {
945
+ if (user) {
946
+ if (typeof permission == 'string') {
947
+ permission = {
948
+ name: permission,
949
+ };
950
+ }
951
+ user.permissions.push(permission);
952
+ ____0.$users.updateOne(
953
+ {
954
+ where: {
955
+ id: id,
956
+ },
957
+ set: {
958
+ permissions: user.permissions,
959
+ },
960
+ },
961
+ function (err, result) {
962
+ if (err) {
963
+ callback(err, result);
964
+ } else {
965
+ callback(err, result);
966
+ }
967
+ },
968
+ );
969
+ } else {
970
+ callback(err, null);
971
+ }
931
972
  },
932
- );
933
- } else {
934
- callback(err, null);
935
- }
936
- },
937
- );
938
- };
939
-
940
- ____0.post('/x-security/api/user/login', function (req, res) {
941
- let response = {
942
- accessToken: req.session.accessToken,
973
+ );
943
974
  };
944
975
 
945
- if (req.body.$encript) {
946
- if (req.body.$encript === '64') {
947
- req.body.email = ____0.fromBase64(req.body.email);
948
- req.body.password = ____0.fromBase64(req.body.password);
949
- } else if (req.body.$encript === '123') {
950
- req.body.email = ____0.from123(req.body.email);
951
- req.body.password = ____0.from123(req.body.password);
952
- }
953
- }
954
-
955
- if (security.isUserLogin(req, res)) {
956
- response.error = 'Login Error , You Are Loged ';
957
- response.done = !0;
958
- res.json(response);
959
- return;
960
- }
976
+ ____0.post('/x-security/api/user/login', function (req, res) {
977
+ let response = {
978
+ accessToken: req.session.accessToken,
979
+ };
961
980
 
962
- security.login(
963
- {
964
- ...req.body,
965
- $req: req,
966
- $res: res,
967
- },
968
- function (err, user) {
969
- if (!err) {
970
- response.user = user;
971
- response.done = !0;
972
- } else {
973
- response.error = err.message;
981
+ if (req.body.$encript) {
982
+ if (req.body.$encript === '64') {
983
+ req.body.email = ____0.fromBase64(req.body.email);
984
+ req.body.password = ____0.fromBase64(req.body.password);
985
+ } else if (req.body.$encript === '123') {
986
+ req.body.email = ____0.from123(req.body.email);
987
+ req.body.password = ____0.from123(req.body.password);
988
+ }
974
989
  }
975
990
 
976
- res.json(response);
977
- },
978
- );
979
- });
980
-
981
- ____0.post('/x-security/api/user/logout', function (req, res) {
982
- let response = {
983
- accessToken: req.session.accessToken,
984
- };
991
+ if (security.isUserLogin(req, res)) {
992
+ response.error = 'Login Error , You Are Loged ';
993
+ response.done = !0;
994
+ res.json(response);
995
+ return;
996
+ }
985
997
 
986
- ____0.security.logout(req, res, () => {
987
- response.done = !0;
988
- res.json(response);
998
+ security.login(
999
+ {
1000
+ ...req.body,
1001
+ $req: req,
1002
+ $res: res,
1003
+ },
1004
+ function (err, user) {
1005
+ if (!err) {
1006
+ response.user = user;
1007
+ response.done = !0;
1008
+ } else {
1009
+ response.error = err.message;
1010
+ }
1011
+
1012
+ res.json(response);
1013
+ },
1014
+ );
989
1015
  });
990
- });
991
1016
 
992
- ____0.post('/x-security/api/user/register', function (req, res) {
993
- let response = {
994
- accessToken: req.session.accessToken,
995
- };
996
- if (req.body.$encript) {
997
- if (req.body.$encript === '64') {
998
- req.body.email = ____0.fromBase64(req.body.email);
999
- req.body.password = ____0.fromBase64(req.body.password);
1000
- } else if (req.body.$encript === '123') {
1001
- req.body.email = ____0.from123(req.body.email);
1002
- req.body.password = ____0.from123(req.body.password);
1003
- }
1004
- }
1017
+ ____0.post('/x-security/api/user/logout', function (req, res) {
1018
+ let response = {
1019
+ accessToken: req.session.accessToken,
1020
+ };
1005
1021
 
1006
- if (security.isUserLogin(req, res)) {
1007
- response.error = 'Register Error , You Are Loged ';
1008
- res.json(response);
1009
- } else {
1010
- security.register(
1011
- {
1012
- permissions: [],
1013
- ...req.body,
1014
- ip: req.ip,
1015
- $req: req,
1016
- $res: res,
1017
- },
1018
- function (err, user) {
1019
- if (!err) {
1020
- response.user = user;
1022
+ ____0.security.logout(req, res, () => {
1021
1023
  response.done = !0;
1022
- } else {
1023
- response.error = err.message;
1024
- }
1025
- res.json(response);
1026
- },
1027
- );
1028
- }
1029
- });
1024
+ res.json(response);
1025
+ });
1026
+ });
1030
1027
 
1031
- ____0.post('/x-security/api/user/add', function (req, res) {
1032
- let response = {
1033
- accessToken: req.session.accessToken,
1034
- };
1035
- if (!security.isUserLogin(req, res)) {
1036
- response.error = 'Error , You Are Not Loged ';
1037
- res.json(response);
1038
- } else {
1039
- security.addUser(
1040
- {
1041
- permissions: [],
1042
- ...req.body,
1043
- ip: req.ip,
1044
- $req: req,
1045
- $res: res,
1046
- },
1047
- function (err, user) {
1048
- if (!err) {
1049
- response.user = user;
1050
- response.done = !0;
1051
- } else {
1052
- response.error = err.message;
1053
- }
1054
- res.json(response);
1055
- },
1056
- );
1057
- }
1058
- });
1028
+ ____0.post('/x-security/api/user/register', function (req, res) {
1029
+ let response = {
1030
+ accessToken: req.session.accessToken,
1031
+ };
1032
+ if (req.body.$encript) {
1033
+ if (req.body.$encript === '64') {
1034
+ req.body.email = ____0.fromBase64(req.body.email);
1035
+ req.body.password = ____0.fromBase64(req.body.password);
1036
+ } else if (req.body.$encript === '123') {
1037
+ req.body.email = ____0.from123(req.body.email);
1038
+ req.body.password = ____0.from123(req.body.password);
1039
+ }
1040
+ }
1059
1041
 
1060
- ____0.post('/x-security/api/user/get', function (req, res) {
1061
- let response = {
1062
- accessToken: req.session.accessToken,
1063
- };
1064
- security.getUser(req.body.id, function (err, user) {
1065
- if (err) {
1066
- response.error = err.message;
1067
- } else {
1068
- response.user = user;
1069
- }
1070
- res.json(response);
1042
+ if (security.isUserLogin(req, res)) {
1043
+ response.error = 'Register Error , You Are Loged ';
1044
+ res.json(response);
1045
+ } else {
1046
+ security.register(
1047
+ {
1048
+ permissions: [],
1049
+ ...req.body,
1050
+ ip: req.ip,
1051
+ $req: req,
1052
+ $res: res,
1053
+ },
1054
+ function (err, user) {
1055
+ if (!err) {
1056
+ response.user = user;
1057
+ response.done = !0;
1058
+ } else {
1059
+ response.error = err.message;
1060
+ }
1061
+ res.json(response);
1062
+ },
1063
+ );
1064
+ }
1071
1065
  });
1072
- });
1073
1066
 
1074
- ____0.post('/x-security/api/user/delete', function (req, res) {
1075
- let response = {
1076
- accessToken: req.session.accessToken,
1077
- };
1078
- security.deleteUser(
1079
- {
1080
- id: req.body.id,
1081
- },
1082
- function (err, result) {
1083
- if (err) {
1084
- response.error = err.message;
1067
+ ____0.post('/x-security/api/user/add', function (req, res) {
1068
+ let response = {
1069
+ accessToken: req.session.accessToken,
1070
+ };
1071
+ if (!security.isUserLogin(req, res)) {
1072
+ response.error = 'Error , You Are Not Loged ';
1073
+ res.json(response);
1085
1074
  } else {
1086
- if (result.count == 1) {
1087
- response.done = !0;
1088
- }
1075
+ security.addUser(
1076
+ {
1077
+ permissions: [],
1078
+ ...req.body,
1079
+ ip: req.ip,
1080
+ $req: req,
1081
+ $res: res,
1082
+ },
1083
+ function (err, user) {
1084
+ if (!err) {
1085
+ response.user = user;
1086
+ response.done = !0;
1087
+ } else {
1088
+ response.error = err.message;
1089
+ }
1090
+ res.json(response);
1091
+ },
1092
+ );
1089
1093
  }
1090
- res.json(response);
1091
- },
1092
- );
1093
- });
1094
+ });
1094
1095
 
1095
- ____0.post('/x-security/api/user/update', function (req, res) {
1096
- let response = {
1097
- accessToken: req.session.accessToken,
1098
- };
1099
- let user = {};
1100
- user.id = req.body.id;
1101
- if (req.body.email) {
1102
- user.email = req.body.email;
1103
- }
1104
- user.$req = req;
1105
- user.$res = res;
1106
- security.updateUser(user, function (err, result) {
1107
- if (err) {
1108
- response.error = err.message;
1109
- } else {
1110
- if (result.count == 1) {
1111
- response.done = !0;
1096
+ ____0.post('/x-security/api/user/get', function (req, res) {
1097
+ let response = {
1098
+ accessToken: req.session.accessToken,
1099
+ };
1100
+ security.getUser(req.body.id, function (err, user) {
1101
+ if (err) {
1102
+ response.error = err.message;
1103
+ } else {
1104
+ response.user = user;
1105
+ }
1106
+ res.json(response);
1107
+ });
1108
+ });
1109
+
1110
+ ____0.post('/x-security/api/user/delete', function (req, res) {
1111
+ let response = {
1112
+ accessToken: req.session.accessToken,
1113
+ };
1114
+ security.deleteUser(
1115
+ {
1116
+ id: req.body.id,
1117
+ },
1118
+ function (err, result) {
1119
+ if (err) {
1120
+ response.error = err.message;
1121
+ } else {
1122
+ if (result.count == 1) {
1123
+ response.done = !0;
1124
+ }
1125
+ }
1126
+ res.json(response);
1127
+ },
1128
+ );
1129
+ });
1130
+
1131
+ ____0.post('/x-security/api/user/update', function (req, res) {
1132
+ let response = {
1133
+ accessToken: req.session.accessToken,
1134
+ };
1135
+ let user = {};
1136
+ user.id = req.body.id;
1137
+ if (req.body.email) {
1138
+ user.email = req.body.email;
1112
1139
  }
1113
- }
1114
- res.json(response);
1140
+ user.$req = req;
1141
+ user.$res = res;
1142
+ security.updateUser(user, function (err, result) {
1143
+ if (err) {
1144
+ response.error = err.message;
1145
+ } else {
1146
+ if (result.count == 1) {
1147
+ response.done = !0;
1148
+ }
1149
+ }
1150
+ res.json(response);
1151
+ });
1115
1152
  });
1116
- });
1117
1153
 
1118
- ____0.post('/x-security/api/user/add/permission', function (req, res) {
1119
- let response = {
1120
- accessToken: req.session.accessToken,
1121
- };
1154
+ ____0.post('/x-security/api/user/add/permission', function (req, res) {
1155
+ let response = {
1156
+ accessToken: req.session.accessToken,
1157
+ };
1122
1158
 
1123
- if (req.body.id && req.body.permission) {
1124
- let user = {};
1125
- user.id = req.body.id;
1126
- user.permission = req.body.permission;
1127
- security.addUserPermission(user.id, user.permission, function (err, result) {
1128
- if (err) {
1129
- response.error = err.message;
1159
+ if (req.body.id && req.body.permission) {
1160
+ let user = {};
1161
+ user.id = req.body.id;
1162
+ user.permission = req.body.permission;
1163
+ security.addUserPermission(user.id, user.permission, function (err, result) {
1164
+ if (err) {
1165
+ response.error = err.message;
1166
+ } else {
1167
+ if (result.count == 1) {
1168
+ response.done = !0;
1169
+ }
1170
+ }
1171
+
1172
+ res.json(response);
1173
+ });
1130
1174
  } else {
1131
- if (result.count == 1) {
1132
- response.done = !0;
1133
- }
1175
+ response.error = 'id or permission not set';
1176
+ res.json(response);
1134
1177
  }
1178
+ });
1135
1179
 
1180
+ ____0.all('/x-security/api/user/info', function (req, res) {
1181
+ let response = {
1182
+ accessToken: req.session.accessToken,
1183
+ };
1184
+ response.user = req.session.user;
1136
1185
  res.json(response);
1137
- });
1138
- } else {
1139
- response.error = 'id or permission not set';
1140
- res.json(response);
1186
+ });
1187
+
1188
+ ____0.all('/x-security/api/users/info', function (req, res) {
1189
+ res.json(security.users);
1190
+ });
1191
+
1192
+ if (____0.isFileExistsSync(____0.dir + '/json/permissions.json')) {
1193
+ security.addPermissions(____0.dir + '/json/permissions.json');
1194
+ }
1195
+ if (____0.isFileExistsSync(____0.dir + '/json/roles.json')) {
1196
+ security.addRoles(____0.dir + '/json/roles.json');
1141
1197
  }
1142
- });
1143
1198
 
1144
- ____0.all('/x-security/api/user/info', function (req, res) {
1145
- let response = {
1146
- accessToken: req.session.accessToken,
1147
- };
1148
- response.user = req.session.user;
1149
- res.json(response);
1150
- });
1151
-
1152
- ____0.all('/x-security/api/users/info', function (req, res) {
1153
- res.json(security.users);
1154
- });
1155
-
1156
- if (____0.isFileExistsSync(____0.dir + '/json/permissions.json')) {
1157
- security.addPermissions(____0.dir + '/json/permissions.json');
1158
- }
1159
- if (____0.isFileExistsSync(____0.dir + '/json/roles.json')) {
1160
- security.addRoles(____0.dir + '/json/roles.json');
1161
- }
1162
-
1163
- security.loadAllRoles((err, docs) => {
1164
- docs.forEach((doc) => {
1165
- doc.module_name = 'custom';
1199
+ security.loadAllRoles((err, docs) => {
1200
+ docs.forEach((doc) => {
1201
+ doc.module_name = 'custom';
1202
+ });
1203
+ security.addRoles(docs);
1166
1204
  });
1167
- security.addRoles(docs);
1168
- });
1169
1205
 
1170
- return security;
1206
+ return security;
1171
1207
  };