not-node 6.4.4 → 6.4.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
package/src/auth/rules.js
CHANGED
|
@@ -94,7 +94,7 @@ function compareAuthStatus(rule, auth) {
|
|
|
94
94
|
* Check rule against presented credentials
|
|
95
95
|
* @param {import('../types').notRouteRule} rule action rule
|
|
96
96
|
* @param {boolean} auth user state of auth
|
|
97
|
-
* @param {string|Array<string>}
|
|
97
|
+
* @param {string|Array<string>} role user state of role
|
|
98
98
|
* @param {boolean} root user state of root
|
|
99
99
|
* @return {boolean} pass or not
|
|
100
100
|
*/
|
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
const { ACTION_SIGNATURES } = require("../auth/const");
|
|
2
|
-
|
|
2
|
+
/**
|
|
3
|
+
* owner can manage own documents
|
|
4
|
+
* root, admin - any own and any of client, user, guest
|
|
5
|
+
*/
|
|
3
6
|
module.exports.ownerRootAdmin = Object.freeze({
|
|
4
7
|
[ACTION_SIGNATURES.CREATE]: ["@owner", "root", "admin"],
|
|
5
8
|
[ACTION_SIGNATURES.READ]: ["@owner", "root", "admin"],
|
|
@@ -7,6 +10,20 @@ module.exports.ownerRootAdmin = Object.freeze({
|
|
|
7
10
|
[ACTION_SIGNATURES.DELETE]: ["@owner", "root", "admin"],
|
|
8
11
|
});
|
|
9
12
|
|
|
13
|
+
/**
|
|
14
|
+
* same as above but client can create new documents
|
|
15
|
+
*/
|
|
16
|
+
module.exports.ownerRootAdminCRUD_clientC = Object.freeze({
|
|
17
|
+
[ACTION_SIGNATURES.CREATE]: ["@owner", "root", "admin", "client"],
|
|
18
|
+
[ACTION_SIGNATURES.READ]: ["@owner", "root", "admin"],
|
|
19
|
+
[ACTION_SIGNATURES.UPDATE]: ["@owner", "root", "admin"],
|
|
20
|
+
[ACTION_SIGNATURES.DELETE]: ["@owner", "root", "admin"],
|
|
21
|
+
});
|
|
22
|
+
|
|
23
|
+
/**
|
|
24
|
+
* system creates some docs maybe with ownage delegated to other user
|
|
25
|
+
* owner, root, admin could read
|
|
26
|
+
*/
|
|
10
27
|
module.exports.systemManageable = Object.freeze({
|
|
11
28
|
[ACTION_SIGNATURES.CREATE]: ["@system"],
|
|
12
29
|
[ACTION_SIGNATURES.READ]: ["@system", "@owner", "root", "admin"],
|
|
@@ -14,6 +31,9 @@ module.exports.systemManageable = Object.freeze({
|
|
|
14
31
|
[ACTION_SIGNATURES.DELETE]: ["@system"],
|
|
15
32
|
});
|
|
16
33
|
|
|
34
|
+
/**
|
|
35
|
+
* anyone could read, public readable data
|
|
36
|
+
*/
|
|
17
37
|
module.exports.publicReadable = Object.freeze({
|
|
18
38
|
[ACTION_SIGNATURES.CREATE]: [],
|
|
19
39
|
[ACTION_SIGNATURES.READ]: ["@*"],
|
package/src/generic/form.list.js
CHANGED
|
@@ -39,6 +39,9 @@ const FactoryFormList = ({ MODULE_NAME, MODEL_NAME, actionName = "list" }) => {
|
|
|
39
39
|
const envs = this.extractRequestEnvs(req);
|
|
40
40
|
const user = notAppIdentity.extractAuthData(req);
|
|
41
41
|
if (user.auth && !user.root && !user.admin) {
|
|
42
|
+
if (!envs.query.filter) {
|
|
43
|
+
envs.query.filter = notFilter.filter.createFilter();
|
|
44
|
+
}
|
|
42
45
|
envs.query.filter = notFilter.filter.modifyRules(
|
|
43
46
|
envs.query.filter,
|
|
44
47
|
{
|
|
@@ -43,6 +43,9 @@ const FactoryFormListAndCount = ({
|
|
|
43
43
|
const envs = this.extractRequestEnvs(req);
|
|
44
44
|
const user = notAppIdentity.extractAuthData(req);
|
|
45
45
|
if (user.auth && !user.root && !user.admin) {
|
|
46
|
+
if (!envs.query.filter) {
|
|
47
|
+
envs.query.filter = notFilter.filter.createFilter();
|
|
48
|
+
}
|
|
46
49
|
envs.query.filter = notFilter.filter.modifyRules(
|
|
47
50
|
envs.query.filter,
|
|
48
51
|
{
|