not-node 6.4.8 → 6.4.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -16,6 +16,9 @@ const DIRTY_FIELDS = [
|
|
|
16
16
|
"actionSignature",
|
|
17
17
|
];
|
|
18
18
|
|
|
19
|
+
//allow access to safe (for a specific user auth status) fields only
|
|
20
|
+
const DEFAULT_FIELDS_SET = ["@safe"];
|
|
21
|
+
|
|
19
22
|
module.exports = class notManifestFilter {
|
|
20
23
|
static schemaLoader = (name) => getApp().getModelSchema(name);
|
|
21
24
|
|
|
@@ -310,13 +313,22 @@ module.exports = class notManifestFilter {
|
|
|
310
313
|
//this action
|
|
311
314
|
const fullModelName = this.composeFullModelName(moduleName, modelName);
|
|
312
315
|
const modelSchema = this.loadSchema(fullModelName);
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
316
|
+
const fields = notManifestFilter.ruleSetHasFieldsDirective(ruleSet)
|
|
317
|
+
? [...ruleSet.fields]
|
|
318
|
+
: DEFAULT_FIELDS_SET;
|
|
319
|
+
|
|
320
|
+
copy.fields = notFieldsFilter.filter(fields, modelSchema, {
|
|
321
|
+
action: actionSignature,
|
|
322
|
+
roles: role,
|
|
323
|
+
auth,
|
|
324
|
+
root,
|
|
325
|
+
modelName,
|
|
326
|
+
});
|
|
327
|
+
//remove fields property if list is empty
|
|
328
|
+
if (copy.fields.length == 0) {
|
|
329
|
+
delete copy.fields;
|
|
319
330
|
}
|
|
331
|
+
|
|
320
332
|
if (ruleSet && ruleSet.return) {
|
|
321
333
|
copy.return = notManifestFilter.filterReturnSet(
|
|
322
334
|
ruleSet.return,
|