oak-domain 2.3.2 → 2.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (160) hide show
  1. package/lib/actions/action.d.ts +16 -16
  2. package/lib/actions/action.js +17 -17
  3. package/lib/actions/relation.d.ts +5 -1
  4. package/lib/actions/relation.js +38 -2
  5. package/lib/base-app-domain/ActionDefDict.d.ts +5 -5
  6. package/lib/base-app-domain/ActionDefDict.js +7 -7
  7. package/lib/base-app-domain/EntityDict.d.ts +12 -12
  8. package/lib/base-app-domain/EntityDict.js +2 -2
  9. package/lib/base-app-domain/Modi/Action.d.ts +10 -10
  10. package/lib/base-app-domain/Modi/Action.js +14 -14
  11. package/lib/base-app-domain/Modi/Schema.d.ts +146 -148
  12. package/lib/base-app-domain/Modi/Schema.js +2 -2
  13. package/lib/base-app-domain/Modi/Storage.d.ts +3 -3
  14. package/lib/base-app-domain/Modi/Storage.js +60 -60
  15. package/lib/base-app-domain/ModiEntity/Schema.d.ts +162 -164
  16. package/lib/base-app-domain/ModiEntity/Schema.js +2 -2
  17. package/lib/base-app-domain/ModiEntity/Storage.d.ts +3 -3
  18. package/lib/base-app-domain/ModiEntity/Storage.js +26 -26
  19. package/lib/base-app-domain/Oper/Schema.d.ts +144 -146
  20. package/lib/base-app-domain/Oper/Schema.js +2 -2
  21. package/lib/base-app-domain/Oper/Storage.d.ts +3 -3
  22. package/lib/base-app-domain/Oper/Storage.js +29 -29
  23. package/lib/base-app-domain/OperEntity/Schema.d.ts +178 -180
  24. package/lib/base-app-domain/OperEntity/Schema.js +2 -2
  25. package/lib/base-app-domain/OperEntity/Storage.d.ts +3 -3
  26. package/lib/base-app-domain/OperEntity/Storage.js +26 -26
  27. package/lib/base-app-domain/Storage.d.ts +3 -3
  28. package/lib/base-app-domain/Storage.js +15 -15
  29. package/lib/base-app-domain/User/Schema.d.ts +128 -130
  30. package/lib/base-app-domain/User/Schema.js +2 -2
  31. package/lib/base-app-domain/User/Storage.d.ts +3 -3
  32. package/lib/base-app-domain/User/Storage.js +25 -25
  33. package/lib/base-app-domain/_SubQuery.d.ts +36 -36
  34. package/lib/base-app-domain/_SubQuery.js +2 -2
  35. package/lib/base-app-domain/index.d.ts +3 -3
  36. package/lib/base-app-domain/index.js +6 -6
  37. package/lib/checkers/index.d.ts +5 -5
  38. package/lib/checkers/index.js +15 -13
  39. package/lib/compiler/env.d.ts +11 -11
  40. package/lib/compiler/env.js +39 -39
  41. package/lib/compiler/schemalBuilder.d.ts +2 -2
  42. package/lib/compiler/schemalBuilder.js +3301 -3245
  43. package/lib/compiler/uiBuilder.d.ts +1 -1
  44. package/lib/compiler/uiBuilder.js +3 -3
  45. package/lib/entities/Modi.d.ts +11 -11
  46. package/lib/entities/Modi.js +46 -46
  47. package/lib/entities/ModiEntity.d.ts +8 -8
  48. package/lib/entities/ModiEntity.js +15 -15
  49. package/lib/entities/Oper.d.ts +10 -10
  50. package/lib/entities/Oper.js +17 -17
  51. package/lib/entities/OperEntity.d.ts +8 -8
  52. package/lib/entities/OperEntity.js +15 -15
  53. package/lib/entities/User.d.ts +7 -7
  54. package/lib/entities/User.js +12 -12
  55. package/lib/store/AsyncRowStore.d.ts +48 -48
  56. package/lib/store/AsyncRowStore.js +183 -183
  57. package/lib/store/CascadeStore.d.ts +91 -91
  58. package/lib/store/CascadeStore.js +1594 -1594
  59. package/lib/store/SyncRowStore.d.ts +29 -29
  60. package/lib/store/SyncRowStore.js +48 -48
  61. package/lib/store/TriggerExecutor.d.ts +32 -32
  62. package/lib/store/TriggerExecutor.js +527 -508
  63. package/lib/store/actionDef.d.ts +9 -9
  64. package/lib/store/actionDef.js +135 -135
  65. package/lib/store/checker.d.ts +13 -7
  66. package/lib/store/checker.js +498 -391
  67. package/lib/store/filter.d.ts +109 -100
  68. package/lib/store/filter.js +893 -878
  69. package/lib/store/modi.d.ts +13 -13
  70. package/lib/store/modi.js +198 -206
  71. package/lib/store/relation.d.ts +13 -13
  72. package/lib/store/relation.js +66 -66
  73. package/lib/store/selection.d.ts +7 -7
  74. package/lib/store/selection.js +235 -235
  75. package/lib/triggers/index.d.ts +6 -6
  76. package/lib/triggers/index.js +11 -11
  77. package/lib/triggers/modi.d.ts +5 -5
  78. package/lib/triggers/modi.js +72 -72
  79. package/lib/types/Action.d.ts +18 -14
  80. package/lib/types/Action.js +2 -2
  81. package/lib/types/AppLoader.d.ts +11 -11
  82. package/lib/types/AppLoader.js +10 -10
  83. package/lib/types/Aspect.d.ts +12 -12
  84. package/lib/types/Aspect.js +4 -4
  85. package/lib/types/Auth.d.ts +66 -66
  86. package/lib/types/Auth.js +2 -2
  87. package/lib/types/Connector.d.ts +26 -26
  88. package/lib/types/Connector.js +9 -9
  89. package/lib/types/Context.d.ts +7 -7
  90. package/lib/types/Context.js +3 -3
  91. package/lib/types/DataType.d.ts +18 -18
  92. package/lib/types/DataType.js +5 -5
  93. package/lib/types/Demand.d.ts +77 -77
  94. package/lib/types/Demand.js +9 -9
  95. package/lib/types/Endpoint.d.ts +11 -0
  96. package/lib/types/Endpoint.js +3 -0
  97. package/lib/types/Entity.d.ts +176 -190
  98. package/lib/types/Entity.js +14 -15
  99. package/lib/types/Exception.d.ts +88 -83
  100. package/lib/types/Exception.js +267 -252
  101. package/lib/types/Expression.d.ts +163 -141
  102. package/lib/types/Expression.js +427 -402
  103. package/lib/types/Geo.d.ts +18 -18
  104. package/lib/types/Geo.js +2 -2
  105. package/lib/types/Locale.d.ts +24 -24
  106. package/lib/types/Locale.js +2 -2
  107. package/lib/types/Logger.d.ts +5 -5
  108. package/lib/types/Logger.js +3 -3
  109. package/lib/types/Polyfill.d.ts +23 -23
  110. package/lib/types/Polyfill.js +2 -2
  111. package/lib/types/Port.d.ts +17 -0
  112. package/lib/types/Port.js +2 -0
  113. package/lib/types/RowStore.d.ts +12 -12
  114. package/lib/types/RowStore.js +34 -34
  115. package/lib/types/Storage.d.ts +56 -56
  116. package/lib/types/Storage.js +2 -2
  117. package/lib/types/Timer.d.ts +13 -13
  118. package/lib/types/Timer.js +2 -2
  119. package/lib/types/Trigger.d.ts +100 -100
  120. package/lib/types/Trigger.js +39 -39
  121. package/lib/types/Txn.d.ts +2 -2
  122. package/lib/types/Txn.js +3 -3
  123. package/lib/types/Watcher.d.ts +19 -19
  124. package/lib/types/Watcher.js +4 -4
  125. package/lib/types/index.d.ts +21 -19
  126. package/lib/types/index.js +24 -22
  127. package/lib/types/schema/DataTypes.d.ts +32 -32
  128. package/lib/types/schema/DataTypes.js +3 -3
  129. package/lib/utils/SimpleConnector.d.ts +30 -30
  130. package/lib/utils/SimpleConnector.js +117 -117
  131. package/lib/utils/assert.d.ts +5 -5
  132. package/lib/utils/assert.js +9 -9
  133. package/lib/utils/concurrent.d.ts +15 -15
  134. package/lib/utils/concurrent.js +89 -89
  135. package/lib/utils/cron.d.ts +1 -1
  136. package/lib/utils/cron.js +18 -18
  137. package/lib/utils/date.d.ts +1 -0
  138. package/lib/utils/date.js +18 -0
  139. package/lib/utils/geo.d.ts +4 -4
  140. package/lib/utils/geo.js +24 -24
  141. package/lib/utils/lodash.d.ts +20 -20
  142. package/lib/utils/lodash.js +55 -55
  143. package/lib/utils/random/random.d.ts +1 -1
  144. package/lib/utils/random/random.js +24 -24
  145. package/lib/utils/random/random.mp.d.ts +1 -1
  146. package/lib/utils/random/random.mp.js +25 -25
  147. package/lib/utils/random/random.web.d.ts +1 -1
  148. package/lib/utils/random/random.web.js +17 -17
  149. package/lib/utils/string.d.ts +22 -22
  150. package/lib/utils/string.js +70 -70
  151. package/lib/utils/uuid.d.ts +12 -12
  152. package/lib/utils/uuid.js +194 -194
  153. package/lib/utils/validator.d.ts +23 -23
  154. package/lib/utils/validator.js +123 -123
  155. package/package.json +48 -48
  156. package/src/entities/Modi.ts +68 -68
  157. package/src/entities/ModiEntity.ts +24 -24
  158. package/src/entities/Oper.ts +28 -28
  159. package/src/entities/OperEntity.ts +24 -24
  160. package/src/entities/User.ts +19 -19
package/lib/store/checker.js CHANGED
@@ -1,391 +1,498 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.createRelationHierarchyCheckers = exports.translateCheckerInSyncContext = exports.translateCheckerInAsyncContext = void 0;
4
- var tslib_1 = require("tslib");
5
- var assert_1 = tslib_1.__importDefault(require("assert"));
6
- var filter_1 = require("../store/filter");
7
- var Exception_1 = require("../types/Exception");
8
- var actionDef_1 = require("./actionDef");
9
- var string_1 = require("../utils/string");
10
- function translateCheckerInAsyncContext(checker) {
11
- var _this = this;
12
- var entity = checker.entity, type = checker.type;
13
- switch (type) {
14
- case 'data': {
15
- var checkerFn_1 = checker.checker;
16
- return (function (_a, context) {
17
- var operation = _a.operation;
18
- return tslib_1.__awaiter(_this, void 0, void 0, function () {
19
- var data;
20
- return tslib_1.__generator(this, function (_b) {
21
- data = operation.data;
22
- checkerFn_1(data, context);
23
- return [2 /*return*/, 0];
24
- });
25
- });
26
- });
27
- }
28
- case 'row': {
29
- var filter_2 = checker.filter, errMsg_1 = checker.errMsg, inconsistentRows_1 = checker.inconsistentRows;
30
- return (function (_a, context, option) {
31
- var operation = _a.operation;
32
- return tslib_1.__awaiter(_this, void 0, void 0, function () {
33
- var operationFilter, action, filter2, entity2, selection2, rows2, data_1, rows2, data_2;
34
- var _b, _c;
35
- return tslib_1.__generator(this, function (_d) {
36
- switch (_d.label) {
37
- case 0:
38
- operationFilter = operation.filter, action = operation.action;
39
- filter2 = typeof filter_2 === 'function' ? filter_2(operation, context, option) : filter_2;
40
- if (!['select', 'count', 'stat'].includes(action)) return [3 /*break*/, 1];
41
- operation.filter = (0, filter_1.addFilterSegment)(operationFilter || {}, filter2);
42
- return [2 /*return*/, 0];
43
- case 1: return [4 /*yield*/, (0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter || {})];
44
- case 2:
45
- if (_d.sent()) {
46
- return [2 /*return*/, 0];
47
- }
48
- if (!inconsistentRows_1) return [3 /*break*/, 4];
49
- entity2 = inconsistentRows_1.entity, selection2 = inconsistentRows_1.selection;
50
- return [4 /*yield*/, context.select(entity2, selection2(operationFilter), {
51
- dontCollect: true,
52
- blockTrigger: true,
53
- })];
54
- case 3:
55
- rows2 = _d.sent();
56
- data_1 = {};
57
- rows2.forEach(function (ele) {
58
- var _a;
59
- return Object.assign(data_1, (_a = {},
60
- _a[ele.id] = ele,
61
- _a));
62
- });
63
- throw new Exception_1.OakRowInconsistencyException({
64
- a: 's',
65
- d: (_b = {},
66
- _b[entity2] = data_1,
67
- _b)
68
- }, errMsg_1);
69
- case 4: return [4 /*yield*/, context.select(entity, {
70
- data: (0, actionDef_1.getFullProjection)(entity, context.getSchema()),
71
- filter: Object.assign({}, operationFilter, {
72
- $not: filter2,
73
- })
74
- }, {
75
- dontCollect: true,
76
- blockTrigger: true,
77
- })];
78
- case 5:
79
- rows2 = _d.sent();
80
- data_2 = {};
81
- rows2.forEach(function (ele) {
82
- var _a;
83
- return Object.assign(data_2, (_a = {},
84
- _a[ele.id] = ele,
85
- _a));
86
- });
87
- throw new Exception_1.OakRowInconsistencyException({
88
- a: 's',
89
- d: (_c = {},
90
- _c[entity] = data_2,
91
- _c)
92
- }, errMsg_1);
93
- }
94
- });
95
- });
96
- });
97
- }
98
- case 'relation': {
99
- var relationFilter_1 = checker.relationFilter;
100
- return (function (_a, context, option) {
101
- var operation = _a.operation;
102
- return tslib_1.__awaiter(_this, void 0, void 0, function () {
103
- return tslib_1.__generator(this, function (_b) {
104
- if (context.isRoot()) {
105
- return [2 /*return*/, 0];
106
- }
107
- // 对后台而言,将生成的relationFilter加到filter之上(select可以在此加以权限的过滤)
108
- operation.filter = (0, filter_1.combineFilters)([operation.filter, relationFilter_1(operation, context, option)]);
109
- return [2 /*return*/, 0];
110
- });
111
- });
112
- });
113
- }
114
- case 'expression':
115
- case 'expressionRelation': {
116
- var expression_1 = checker.expression, errMsg_2 = checker.errMsg;
117
- return (function (_a, context, option) {
118
- var operation = _a.operation;
119
- return tslib_1.__awaiter(_this, void 0, void 0, function () {
120
- var exprResult, expressionEntity, expr, expressionFilter, _b, result;
121
- return tslib_1.__generator(this, function (_c) {
122
- switch (_c.label) {
123
- case 0:
124
- if (context.isRoot() && type === 'expressionRelation') {
125
- return [2 /*return*/, 0];
126
- }
127
- exprResult = expression_1(operation, context, option);
128
- if (!(typeof exprResult === 'string')) return [3 /*break*/, 1];
129
- throw new Exception_1.OakUserUnpermittedException(exprResult || errMsg_2);
130
- case 1:
131
- if (!(exprResult === undefined)) return [3 /*break*/, 2];
132
- return [2 /*return*/, 0];
133
- case 2:
134
- expressionEntity = exprResult.entity, expr = exprResult.expr, expressionFilter = exprResult.filter;
135
- return [4 /*yield*/, context.select(expressionEntity, {
136
- data: {
137
- $expr: expr,
138
- },
139
- filter: expressionFilter,
140
- }, Object.assign({}, option, { dontCollect: true }))];
141
- case 3:
142
- _b = tslib_1.__read.apply(void 0, [_c.sent(), 1]), result = _b[0];
143
- if (!result) {
144
- // 条件判定为假,抛异常
145
- throw new Exception_1.OakUserUnpermittedException(errMsg_2);
146
- }
147
- _c.label = 4;
148
- case 4: return [2 /*return*/, 0];
149
- }
150
- });
151
- });
152
- });
153
- }
154
- default: {
155
- (0, assert_1.default)(false);
156
- }
157
- }
158
- }
159
- exports.translateCheckerInAsyncContext = translateCheckerInAsyncContext;
160
- function translateCheckerInSyncContext(checker) {
161
- var entity = checker.entity, type = checker.type;
162
- switch (type) {
163
- case 'data': {
164
- var checkerFn_2 = checker.checker;
165
- return function (operation, context) { return checkerFn_2(operation.data, context); };
166
- }
167
- case 'row': {
168
- var filter_3 = checker.filter, errMsg_3 = checker.errMsg;
169
- return function (operation, context, option) {
170
- var operationFilter = operation.filter, action = operation.action;
171
- var filter2 = typeof filter_3 === 'function' ? filter_3(operation, context, option) : filter_3;
172
- (0, assert_1.default)(operationFilter);
173
- if (['select', 'count', 'stat'].includes(action)) {
174
- operation.filter = (0, filter_1.addFilterSegment)(operationFilter, filter2);
175
- return 0;
176
- }
177
- else {
178
- if ((0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter)) {
179
- return;
180
- }
181
- throw new Exception_1.OakRowInconsistencyException(undefined, errMsg_3);
182
- }
183
- };
184
- }
185
- case 'relation': {
186
- var filter_4 = checker.relationFilter, errMsg_4 = checker.errMsg;
187
- return function (operation, context, option) {
188
- if (context.isRoot()) {
189
- return;
190
- }
191
- var filter2 = typeof filter_4 === 'function' ? filter_4(operation, context, option) : filter_4;
192
- var operationFilter = operation.filter;
193
- (0, assert_1.default)(operationFilter);
194
- if ((0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter)) {
195
- return;
196
- }
197
- throw new Exception_1.OakUserUnpermittedException(errMsg_4);
198
- };
199
- }
200
- case 'expression':
201
- case 'expressionRelation': {
202
- var expression_2 = checker.expression, errMsg_5 = checker.errMsg;
203
- return function (operation, context, option) {
204
- if (context.isRoot() && type === 'expressionRelation') {
205
- return;
206
- }
207
- var exprResult = expression_2(operation, context, option);
208
- if (typeof exprResult === 'string') {
209
- throw new Exception_1.OakUserUnpermittedException(exprResult || errMsg_5);
210
- }
211
- else if (exprResult === undefined) {
212
- return 0;
213
- }
214
- else {
215
- var expressionEntity = exprResult.entity, expr = exprResult.expr, expressionFilter = exprResult.filter;
216
- var _a = tslib_1.__read(context.select(expressionEntity, {
217
- data: {
218
- $expr: expr,
219
- },
220
- filter: expressionFilter,
221
- }, Object.assign({}, option, { dontCollect: true })), 1), result = _a[0];
222
- if (!result.$expr) {
223
- // 条件判定为假,抛异常
224
- throw new Exception_1.OakRowInconsistencyException(undefined, errMsg_5);
225
- }
226
- return;
227
- }
228
- };
229
- }
230
- default: {
231
- (0, assert_1.default)(false);
232
- }
233
- }
234
- }
235
- exports.translateCheckerInSyncContext = translateCheckerInSyncContext;
236
- function createRelationHierarchyCheckers(schema) {
237
- var checkers = [];
238
- var _loop_1 = function (entity) {
239
- var e_1, _a;
240
- var relationHierarchy = schema[entity].relationHierarchy;
241
- if (relationHierarchy) {
242
- // 先build反向hierarchy的map
243
- var reverseHierarchy_1 = {};
244
- for (var r in relationHierarchy) {
245
- try {
246
- for (var _b = (e_1 = void 0, tslib_1.__values(relationHierarchy[r])), _c = _b.next(); !_c.done; _c = _b.next()) {
247
- var r2 = _c.value;
248
- if (!reverseHierarchy_1[r2]) {
249
- reverseHierarchy_1[r2] = [r];
250
- }
251
- else {
252
- reverseHierarchy_1[r2].push(r);
253
- }
254
- }
255
- }
256
- catch (e_1_1) { e_1 = { error: e_1_1 }; }
257
- finally {
258
- try {
259
- if (_c && !_c.done && (_a = _b.return)) _a.call(_b);
260
- }
261
- finally { if (e_1) throw e_1.error; }
262
- }
263
- }
264
- // 对userEntity对象的授权和回收建立checker
265
- var userEntityName_1 = "user".concat((0, string_1.firstLetterUpperCase)(entity));
266
- var entityIdAttr_1 = "".concat(entity, "Id");
267
- checkers.push({
268
- entity: userEntityName_1,
269
- action: 'create',
270
- type: 'expressionRelation',
271
- expression: function (operation, context) {
272
- var _a;
273
- var data = operation.data;
274
- var _b = data, relation = _b.relation, _c = entityIdAttr_1, entityId = _b[_c];
275
- var legalRelations = reverseHierarchy_1[relation];
276
- if (!legalRelations) {
277
- return undefined;
278
- }
279
- if (legalRelations.length === 0) {
280
- return '这是不应该跑出来的情况,请杀程序员祭天';
281
- }
282
- var userId = context.getCurrentUserId();
283
- return {
284
- entity: userEntityName_1,
285
- expr: {
286
- $gt: [{
287
- '#attr': '$$createAt$$',
288
- }, 0]
289
- },
290
- filter: (_a = {
291
- userId: userId
292
- },
293
- _a[entityIdAttr_1] = entityId,
294
- _a.relation = {
295
- $in: legalRelations,
296
- },
297
- _a)
298
- };
299
- },
300
- errMsg: '越权操作',
301
- });
302
- var _loop_2 = function (r) {
303
- checkers.push({
304
- entity: userEntityName_1,
305
- action: 'remove',
306
- type: 'expressionRelation',
307
- conditionalFilter: {
308
- relation: r,
309
- },
310
- expression: function (operation, context) {
311
- var _a, _b;
312
- var userId = context.getCurrentUserId();
313
- var filter = operation.filter;
314
- var legalRelations = reverseHierarchy_1[r];
315
- if (legalRelations.length === 0) {
316
- return '这是不应该跑出来的情况,请杀程序员祭天';
317
- }
318
- return {
319
- entity: userEntityName_1,
320
- expr: {
321
- $gt: [{
322
- '#attr': '$$createAt$$',
323
- }, 0]
324
- },
325
- filter: (_a = {
326
- userId: userId
327
- },
328
- _a[entityIdAttr_1] = {
329
- $in: {
330
- entity: userEntityName_1,
331
- data: (_b = {},
332
- _b[entityIdAttr_1] = 1,
333
- _b),
334
- filter: filter,
335
- }
336
- },
337
- _a.relation = {
338
- $in: legalRelations,
339
- },
340
- _a),
341
- };
342
- },
343
- errMsg: '越权操作',
344
- });
345
- };
346
- for (var r in reverseHierarchy_1) {
347
- _loop_2(r);
348
- }
349
- /* // 一个人不能授权给自己,也不能删除自己的授权
350
- checkers.push({
351
- entity: userEntityName as keyof ED,
352
- action: 'create' as ED[keyof ED]['Action'],
353
- type: 'data',
354
- checker: (data, context) => {
355
- assert(!(data instanceof Array));
356
- const { userId } = data as ED[keyof ED]['CreateSingle']['data'];
357
- const userId2 = context.getCurrentUserId(true);
358
- if (userId === userId2) {
359
- throw new OakDataException('不允许授权给自己');
360
- }
361
- }
362
- });
363
-
364
- checkers.push({
365
- entity: userEntityName as keyof ED,
366
- action: 'remove' as ED[keyof ED]['Action'],
367
- type: 'row',
368
- filter: (operation, context) => {
369
- const userId = context.getCurrentUserId(true);
370
- if (userId) {
371
- return {
372
- userId: {
373
- $ne: userId,
374
- },
375
- };
376
- }
377
- console.warn(`没有当前用户但在删除权限,请检查。对象是${entity}`);
378
- return {};
379
- },
380
- errMsg: '不允许回收自己的授权',
381
- }); */
382
- // 转让权限现在用update动作,只允许update userId给其它人
383
- // todo 等实现的时候再写
384
- }
385
- };
386
- for (var entity in schema) {
387
- _loop_1(entity);
388
- }
389
- return checkers;
390
- }
391
- exports.createRelationHierarchyCheckers = createRelationHierarchyCheckers;
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.createAuthCheckers = exports.translateCheckerInSyncContext = exports.translateCheckerInAsyncContext = void 0;
4
+ var tslib_1 = require("tslib");
5
+ var assert_1 = tslib_1.__importDefault(require("assert"));
6
+ var filter_1 = require("../store/filter");
7
+ var Exception_1 = require("../types/Exception");
8
+ var actionDef_1 = require("./actionDef");
9
+ var string_1 = require("../utils/string");
10
+ var lodash_1 = require("../utils/lodash");
11
+ var relation_1 = require("./relation");
12
+ function translateCheckerInAsyncContext(checker) {
13
+ var _this = this;
14
+ var entity = checker.entity, type = checker.type, action = checker.action;
15
+ var when = ((action === 'create' || action instanceof Array && action.includes('create')) && ['relation'].includes(type)) ? 'after' : 'before';
16
+ switch (type) {
17
+ case 'data': {
18
+ var checkerFn_1 = checker.checker;
19
+ var fn = (function (_a, context) {
20
+ var operation = _a.operation;
21
+ return tslib_1.__awaiter(_this, void 0, void 0, function () {
22
+ var data;
23
+ return tslib_1.__generator(this, function (_b) {
24
+ switch (_b.label) {
25
+ case 0:
26
+ data = operation.data;
27
+ return [4 /*yield*/, checkerFn_1(data, context)];
28
+ case 1:
29
+ _b.sent();
30
+ return [2 /*return*/, 0];
31
+ }
32
+ });
33
+ });
34
+ });
35
+ return {
36
+ fn: fn,
37
+ when: when,
38
+ };
39
+ }
40
+ case 'row': {
41
+ var filter_2 = checker.filter, errMsg_1 = checker.errMsg, inconsistentRows_1 = checker.inconsistentRows;
42
+ var fn = (function (_a, context, option) {
43
+ var operation = _a.operation;
44
+ return tslib_1.__awaiter(_this, void 0, void 0, function () {
45
+ var operationFilter, action, filter2, _b, entity2, selection2, rows2, data_1, rows2, data_2;
46
+ var _c, _d;
47
+ return tslib_1.__generator(this, function (_e) {
48
+ switch (_e.label) {
49
+ case 0:
50
+ operationFilter = operation.filter, action = operation.action;
51
+ if (!(typeof filter_2 === 'function')) return [3 /*break*/, 2];
52
+ return [4 /*yield*/, filter_2(operation, context, option)];
53
+ case 1:
54
+ _b = _e.sent();
55
+ return [3 /*break*/, 3];
56
+ case 2:
57
+ _b = filter_2;
58
+ _e.label = 3;
59
+ case 3:
60
+ filter2 = _b;
61
+ if (!['select', 'count', 'stat'].includes(action)) return [3 /*break*/, 4];
62
+ operation.filter = (0, filter_1.addFilterSegment)(operationFilter || {}, filter2);
63
+ return [2 /*return*/, 0];
64
+ case 4: return [4 /*yield*/, (0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter || {}, true)];
65
+ case 5:
66
+ if (_e.sent()) {
67
+ return [2 /*return*/, 0];
68
+ }
69
+ if (!inconsistentRows_1) return [3 /*break*/, 7];
70
+ entity2 = inconsistentRows_1.entity, selection2 = inconsistentRows_1.selection;
71
+ return [4 /*yield*/, context.select(entity2, selection2(operationFilter), {
72
+ dontCollect: true,
73
+ blockTrigger: true,
74
+ })];
75
+ case 6:
76
+ rows2 = _e.sent();
77
+ data_1 = {};
78
+ rows2.forEach(function (ele) {
79
+ var _a;
80
+ return Object.assign(data_1, (_a = {},
81
+ _a[ele.id] = ele,
82
+ _a));
83
+ });
84
+ throw new Exception_1.OakRowInconsistencyException({
85
+ a: 's',
86
+ d: (_c = {},
87
+ _c[entity2] = data_1,
88
+ _c)
89
+ }, errMsg_1);
90
+ case 7: return [4 /*yield*/, context.select(entity, {
91
+ data: (0, actionDef_1.getFullProjection)(entity, context.getSchema()),
92
+ filter: Object.assign({}, operationFilter, {
93
+ $not: filter2,
94
+ })
95
+ }, {
96
+ dontCollect: true,
97
+ blockTrigger: true,
98
+ })];
99
+ case 8:
100
+ rows2 = _e.sent();
101
+ data_2 = {};
102
+ rows2.forEach(function (ele) {
103
+ var _a;
104
+ return Object.assign(data_2, (_a = {},
105
+ _a[ele.id] = ele,
106
+ _a));
107
+ });
108
+ throw new Exception_1.OakRowInconsistencyException({
109
+ a: 's',
110
+ d: (_d = {},
111
+ _d[entity] = data_2,
112
+ _d)
113
+ }, errMsg_1);
114
+ }
115
+ });
116
+ });
117
+ });
118
+ return {
119
+ fn: fn,
120
+ when: when,
121
+ };
122
+ }
123
+ case 'relation': {
124
+ var relationFilter_1 = checker.relationFilter, errMsg_2 = checker.errMsg;
125
+ var fn = (function (_a, context, option) {
126
+ var operation = _a.operation;
127
+ return tslib_1.__awaiter(_this, void 0, void 0, function () {
128
+ var filter2, data, filter, _b, _c, _d;
129
+ return tslib_1.__generator(this, function (_e) {
130
+ switch (_e.label) {
131
+ case 0:
132
+ if (context.isRoot()) {
133
+ return [2 /*return*/, 0];
134
+ }
135
+ if (!(operation.action === 'create')) return [3 /*break*/, 3];
136
+ return [4 /*yield*/, relationFilter_1(operation, context, option)];
137
+ case 1:
138
+ filter2 = _e.sent();
139
+ data = operation.data;
140
+ filter = data instanceof Array ? {
141
+ id: {
142
+ $in: data.map(function (ele) { return ele.id; }),
143
+ },
144
+ } : {
145
+ id: data.id,
146
+ };
147
+ return [4 /*yield*/, (0, filter_1.checkFilterContains)(entity, context, filter2, filter, true)];
148
+ case 2:
149
+ if (_e.sent()) {
150
+ return [2 /*return*/, 0];
151
+ }
152
+ throw new Exception_1.OakUserUnpermittedException(errMsg_2);
153
+ case 3:
154
+ _b = operation;
155
+ _c = filter_1.combineFilters;
156
+ _d = [operation.filter];
157
+ return [4 /*yield*/, relationFilter_1(operation, context, option)];
158
+ case 4:
159
+ _b.filter = _c.apply(void 0, [_d.concat([_e.sent()])]);
160
+ _e.label = 5;
161
+ case 5: return [2 /*return*/, 0];
162
+ }
163
+ });
164
+ });
165
+ });
166
+ return {
167
+ fn: fn,
168
+ when: when,
169
+ };
170
+ }
171
+ case 'logical':
172
+ case 'logicalRelation': {
173
+ var checkerFn_2 = checker.checker;
174
+ var fn = (function (_a, context, option) {
175
+ var operation = _a.operation;
176
+ return tslib_1.__awaiter(_this, void 0, void 0, function () {
177
+ return tslib_1.__generator(this, function (_b) {
178
+ switch (_b.label) {
179
+ case 0:
180
+ if (context.isRoot() && type === 'logicalRelation') {
181
+ return [2 /*return*/, 0];
182
+ }
183
+ return [4 /*yield*/, checkerFn_2(operation, context, option)];
184
+ case 1:
185
+ _b.sent();
186
+ return [2 /*return*/, 0];
187
+ }
188
+ });
189
+ });
190
+ });
191
+ return {
192
+ fn: fn,
193
+ when: when,
194
+ };
195
+ }
196
+ default: {
197
+ (0, assert_1.default)(false);
198
+ }
199
+ }
200
+ }
201
+ exports.translateCheckerInAsyncContext = translateCheckerInAsyncContext;
202
+ function translateCheckerInSyncContext(checker) {
203
+ var entity = checker.entity, type = checker.type, action = checker.action;
204
+ var when = ((action === 'create' || action instanceof Array && action.includes('create')) && ['relation'].includes(type)) ? 'after' : 'before';
205
+ switch (type) {
206
+ case 'data': {
207
+ var checkerFn_3 = checker.checker;
208
+ var fn = function (operation, context) { return checkerFn_3(operation.data, context); };
209
+ return {
210
+ fn: fn,
211
+ when: when,
212
+ };
213
+ }
214
+ case 'row': {
215
+ var filter_3 = checker.filter, errMsg_3 = checker.errMsg;
216
+ var fn = function (operation, context, option) {
217
+ var operationFilter = operation.filter, action = operation.action;
218
+ var filter2 = typeof filter_3 === 'function' ? filter_3(operation, context, option) : filter_3;
219
+ (0, assert_1.default)(operationFilter);
220
+ if (['select', 'count', 'stat'].includes(action)) {
221
+ operation.filter = (0, filter_1.addFilterSegment)(operationFilter, filter2);
222
+ return 0;
223
+ }
224
+ else {
225
+ (0, assert_1.default)(!(filter2 instanceof Promise));
226
+ if ((0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter, true)) {
227
+ return;
228
+ }
229
+ throw new Exception_1.OakRowInconsistencyException(undefined, errMsg_3);
230
+ }
231
+ };
232
+ return {
233
+ fn: fn,
234
+ when: when,
235
+ };
236
+ }
237
+ case 'relation': {
238
+ var relationFilter_2 = checker.relationFilter, errMsg_4 = checker.errMsg;
239
+ var fn = function (operation, context, option) {
240
+ if (context.isRoot()) {
241
+ return;
242
+ }
243
+ var filter2 = typeof relationFilter_2 === 'function' ? relationFilter_2(operation, context, option) : relationFilter_2;
244
+ var filter = operation.filter, action = operation.action;
245
+ var filter3 = filter;
246
+ if (action === 'create') {
247
+ var data = operation.data;
248
+ filter3 = data instanceof Array ? {
249
+ id: {
250
+ $in: data.map(function (ele) { return ele.id; }),
251
+ },
252
+ } : { id: data.id };
253
+ }
254
+ (0, assert_1.default)(filter3);
255
+ (0, assert_1.default)(!(filter2 instanceof Promise));
256
+ if ((0, filter_1.checkFilterContains)(entity, context, filter2, filter3, true)) {
257
+ return;
258
+ }
259
+ throw new Exception_1.OakUserUnpermittedException(errMsg_4);
260
+ };
261
+ return {
262
+ fn: fn,
263
+ when: when,
264
+ };
265
+ }
266
+ case 'logical':
267
+ case 'logicalRelation': {
268
+ var checkerFn_4 = checker.checker;
269
+ var fn = function (operation, context, option) {
270
+ if (context.isRoot() && type === 'logicalRelation') {
271
+ return;
272
+ }
273
+ checkerFn_4(operation, context, option);
274
+ };
275
+ return {
276
+ fn: fn,
277
+ when: when,
278
+ };
279
+ }
280
+ default: {
281
+ (0, assert_1.default)(false);
282
+ }
283
+ }
284
+ }
285
+ exports.translateCheckerInSyncContext = translateCheckerInSyncContext;
286
+ function translateCascadeRelationFilterMaker(schema, lch, entity2) {
287
+ var cascadePath = lch.cascadePath, relations = lch.relations;
288
+ var paths = cascadePath.split('.');
289
+ var translateRelationFilter = function (entity) {
290
+ // 有两种情况,此entity和user有Relation定义,或是此entity上有userId
291
+ if (schema[entity].relation) {
292
+ var relationEntityName_1 = "user".concat((0, string_1.firstLetterUpperCase)(entity));
293
+ return function (userId) {
294
+ var _a;
295
+ var filter = relations ? {
296
+ userId: userId,
297
+ relation: {
298
+ $in: relations,
299
+ },
300
+ } : {
301
+ userId: userId,
302
+ };
303
+ return {
304
+ id: {
305
+ $in: {
306
+ entity: relationEntityName_1,
307
+ data: (_a = {},
308
+ _a["".concat(entity, "Id")] = 1,
309
+ _a),
310
+ filter: filter,
311
+ },
312
+ },
313
+ };
314
+ };
315
+ }
316
+ var attributes = schema[entity].attributes;
317
+ (0, assert_1.default)(attributes.hasOwnProperty('userId') && attributes.userId.type === 'ref' && attributes.userId.ref === 'user', "\u5728".concat(entity, "\u4E0A\u65E2\u627E\u4E0D\u5230userId\uFF0C\u4E5F\u6CA1\u6709relation\u5B9A\u4E49"));
318
+ return function (userId) { return ({
319
+ userId: userId,
320
+ }); };
321
+ };
322
+ var translateFilterMakerIter = function (entity, iter) {
323
+ var relation = (0, relation_1.judgeRelation)(schema, entity, paths[iter]);
324
+ if (iter === paths.length - 1) {
325
+ if (relation === 2) {
326
+ var filterMaker_1 = translateRelationFilter(paths[iter]);
327
+ return function (userId) {
328
+ var _a;
329
+ var filter = filterMaker_1(userId);
330
+ if (filter.$in) {
331
+ return {
332
+ entity: paths[iter],
333
+ entityId: filter,
334
+ };
335
+ }
336
+ return _a = {},
337
+ _a[paths[iter]] = filter,
338
+ _a;
339
+ };
340
+ }
341
+ (0, assert_1.default)(typeof relation === 'string');
342
+ var filterMaker_2 = translateRelationFilter(relation);
343
+ return function (userId) {
344
+ var _a, _b;
345
+ var filter = filterMaker_2(userId);
346
+ if (filter.$in) {
347
+ return _a = {},
348
+ _a["".concat(paths[iter], "Id")] = filter,
349
+ _a;
350
+ }
351
+ return _b = {},
352
+ _b[paths[iter]] = filter,
353
+ _b;
354
+ };
355
+ }
356
+ else {
357
+ var subFilterMaker_1 = translateFilterMakerIter(paths[iter], iter + 1);
358
+ if (iter === 0) {
359
+ return function (userId) {
360
+ var _a;
361
+ var subFilter = subFilterMaker_1(userId);
362
+ return _a = {},
363
+ _a[paths[iter]] = subFilter,
364
+ _a;
365
+ };
366
+ }
367
+ return function (userId) {
368
+ var _a;
369
+ return (_a = {},
370
+ _a[paths[iter]] = subFilterMaker_1(userId),
371
+ _a);
372
+ };
373
+ }
374
+ };
375
+ var filter = cascadePath ? translateFilterMakerIter(entity2, 0) : translateRelationFilter(entity2);
376
+ return filter;
377
+ }
378
+ function translateActionAuthFilterMaker(schema, relationItem, entity) {
379
+ if (relationItem instanceof Array) {
380
+ var maker_1 = relationItem.map(function (ele) {
381
+ if (ele instanceof Array) {
382
+ return ele.map(function (ele2) { return translateCascadeRelationFilterMaker(schema, ele2, entity); });
383
+ }
384
+ return [translateCascadeRelationFilterMaker(schema, ele, entity)];
385
+ });
386
+ return function (userId) { return ({
387
+ $or: maker_1.map(function (ele) { return ({
388
+ $and: ele.map(function (ele2) { return ele2(userId); })
389
+ }); })
390
+ }); };
391
+ }
392
+ var filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity);
393
+ return function (userId) { return filterMaker(userId); };
394
+ }
395
+ function createAuthCheckers(schema, authDict) {
396
+ var checkers = [];
397
+ var _loop_1 = function (entity) {
398
+ var _a;
399
+ if (authDict[entity]) {
400
+ var _b = authDict[entity], relationAuth = _b.relationAuth, actionAuth = _b.actionAuth;
401
+ if (relationAuth) {
402
+ var raFilterMakerDict_1 = {};
403
+ for (var r in relationAuth) {
404
+ Object.assign(raFilterMakerDict_1, (_a = {},
405
+ _a[r] = translateActionAuthFilterMaker(schema, relationAuth[r], entity),
406
+ _a));
407
+ }
408
+ var userEntityName_1 = "user".concat((0, string_1.firstLetterUpperCase)(entity));
409
+ var entityIdAttr_1 = "".concat(entity, "Id");
410
+ checkers.push({
411
+ entity: userEntityName_1,
412
+ action: 'create',
413
+ type: 'relation',
414
+ relationFilter: function (operation, context) {
415
+ var _a;
416
+ var data = operation.data;
417
+ (0, assert_1.default)(!(data instanceof Array));
418
+ var _b = data, relation = _b.relation, _c = entityIdAttr_1, entityId = _b[_c];
419
+ var userId = context.getCurrentUserId();
420
+ if (!raFilterMakerDict_1[relation]) {
421
+ return;
422
+ }
423
+ var filter = raFilterMakerDict_1[relation](userId);
424
+ return _a = {},
425
+ _a[entity] = filter,
426
+ _a;
427
+ },
428
+ errMsg: '越权操作',
429
+ });
430
+ checkers.push({
431
+ entity: userEntityName_1,
432
+ action: 'remove',
433
+ type: 'relation',
434
+ relationFilter: function (operation, context) {
435
+ var _a;
436
+ var userId = context.getCurrentUserId();
437
+ var filter = operation.filter;
438
+ var makeFilterFromRows = function (rows) {
439
+ var relations = (0, lodash_1.uniq)(rows.map(function (ele) { return ele.relation; }));
440
+ var entityIds = (0, lodash_1.uniq)(rows.map(function (ele) { return ele[entityIdAttr_1]; }));
441
+ (0, assert_1.default)(entityIds.length === 1, "\u5728\u56DE\u6536".concat(userEntityName_1, "\u4E0A\u6743\u9650\u65F6\uFF0C\u5355\u6B21\u56DE\u6536\u6D89\u53CA\u5230\u4E86\u4E0D\u540C\u7684\u5BF9\u8C61\uFF0C\u6B64\u64CD\u4F5C\u4E0D\u88AB\u5141\u8BB8"));
442
+ // const entityId = entityIds[0]!;
443
+ // 所有的relation条件要同时满足and关系(注意这里的filter翻译出来是在entity对象上,不是在userEntity对象上)
444
+ return {
445
+ $and: relations.map(function (relation) { return raFilterMakerDict_1[relation]; }).filter(function (ele) { return !!ele; }).map(function (ele) {
446
+ var _a;
447
+ return (_a = {},
448
+ _a[entity] = ele(userId),
449
+ _a);
450
+ })
451
+ };
452
+ };
453
+ var toBeRemoved = context.select(userEntityName_1, {
454
+ data: (_a = {
455
+ id: 1,
456
+ relation: 1
457
+ },
458
+ _a[entityIdAttr_1] = 1,
459
+ _a),
460
+ filter: filter,
461
+ }, { dontCollect: true });
462
+ if (toBeRemoved instanceof Promise) {
463
+ return toBeRemoved.then(function (rows) { return makeFilterFromRows(rows); });
464
+ }
465
+ return makeFilterFromRows(toBeRemoved);
466
+ },
467
+ errMsg: '越权操作',
468
+ });
469
+ // 转让权限现在用update动作,只允许update userId给其它人
470
+ // todo 等实现的时候再写
471
+ }
472
+ if (actionAuth) {
473
+ var _loop_2 = function (a) {
474
+ var filterMaker = translateActionAuthFilterMaker(schema, actionAuth[a], entity);
475
+ checkers.push({
476
+ entity: entity,
477
+ action: a,
478
+ type: 'relation',
479
+ relationFilter: function (operation, context) {
480
+ // const { filter } = operation;
481
+ var filter = filterMaker(context.getCurrentUserId());
482
+ return filter;
483
+ },
484
+ errMsg: '定义的actionAuth中检查出来越权操作',
485
+ });
486
+ };
487
+ for (var a in actionAuth) {
488
+ _loop_2(a);
489
+ }
490
+ }
491
+ }
492
+ };
493
+ for (var entity in schema) {
494
+ _loop_1(entity);
495
+ }
496
+ return checkers;
497
+ }
498
+ exports.createAuthCheckers = createAuthCheckers;