oak-domain 2.4.0 → 2.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/actions/action.d.ts +16 -16
- package/lib/actions/action.js +17 -17
- package/lib/actions/relation.d.ts +5 -5
- package/lib/actions/relation.js +38 -38
- package/lib/base-app-domain/ActionDefDict.d.ts +5 -5
- package/lib/base-app-domain/ActionDefDict.js +7 -7
- package/lib/base-app-domain/EntityDict.d.ts +12 -12
- package/lib/base-app-domain/EntityDict.js +2 -2
- package/lib/base-app-domain/Modi/Action.d.ts +10 -10
- package/lib/base-app-domain/Modi/Action.js +14 -14
- package/lib/base-app-domain/Modi/Schema.d.ts +146 -146
- package/lib/base-app-domain/Modi/Schema.js +2 -2
- package/lib/base-app-domain/Modi/Storage.d.ts +3 -3
- package/lib/base-app-domain/Modi/Storage.js +60 -60
- package/lib/base-app-domain/ModiEntity/Schema.d.ts +162 -162
- package/lib/base-app-domain/ModiEntity/Schema.js +2 -2
- package/lib/base-app-domain/ModiEntity/Storage.d.ts +3 -3
- package/lib/base-app-domain/ModiEntity/Storage.js +26 -26
- package/lib/base-app-domain/Oper/Schema.d.ts +144 -144
- package/lib/base-app-domain/Oper/Schema.js +2 -2
- package/lib/base-app-domain/Oper/Storage.d.ts +3 -3
- package/lib/base-app-domain/Oper/Storage.js +29 -29
- package/lib/base-app-domain/OperEntity/Schema.d.ts +178 -178
- package/lib/base-app-domain/OperEntity/Schema.js +2 -2
- package/lib/base-app-domain/OperEntity/Storage.d.ts +3 -3
- package/lib/base-app-domain/OperEntity/Storage.js +26 -26
- package/lib/base-app-domain/Storage.d.ts +3 -3
- package/lib/base-app-domain/Storage.js +15 -15
- package/lib/base-app-domain/User/Schema.d.ts +128 -128
- package/lib/base-app-domain/User/Schema.js +2 -2
- package/lib/base-app-domain/User/Storage.d.ts +3 -3
- package/lib/base-app-domain/User/Storage.js +25 -25
- package/lib/base-app-domain/_SubQuery.d.ts +36 -36
- package/lib/base-app-domain/_SubQuery.js +2 -2
- package/lib/base-app-domain/index.d.ts +3 -3
- package/lib/base-app-domain/index.js +6 -6
- package/lib/checkers/index.d.ts +5 -5
- package/lib/checkers/index.js +15 -15
- package/lib/compiler/env.d.ts +11 -11
- package/lib/compiler/env.js +39 -39
- package/lib/compiler/schemalBuilder.d.ts +2 -2
- package/lib/compiler/schemalBuilder.js +3303 -3301
- package/lib/compiler/uiBuilder.d.ts +1 -1
- package/lib/compiler/uiBuilder.js +3 -3
- package/lib/entities/Modi.d.ts +11 -11
- package/lib/entities/Modi.js +46 -46
- package/lib/entities/ModiEntity.d.ts +8 -8
- package/lib/entities/ModiEntity.js +15 -15
- package/lib/entities/Oper.d.ts +10 -10
- package/lib/entities/Oper.js +17 -17
- package/lib/entities/OperEntity.d.ts +8 -8
- package/lib/entities/OperEntity.js +15 -15
- package/lib/entities/User.d.ts +7 -7
- package/lib/entities/User.js +12 -12
- package/lib/store/AsyncRowStore.d.ts +48 -48
- package/lib/store/AsyncRowStore.js +183 -183
- package/lib/store/CascadeStore.d.ts +91 -91
- package/lib/store/CascadeStore.js +1590 -1594
- package/lib/store/SyncRowStore.d.ts +29 -29
- package/lib/store/SyncRowStore.js +48 -48
- package/lib/store/TriggerExecutor.d.ts +32 -32
- package/lib/store/TriggerExecutor.js +527 -527
- package/lib/store/actionDef.d.ts +9 -9
- package/lib/store/actionDef.js +333 -135
- package/lib/store/checker.d.ts +13 -13
- package/lib/store/checker.js +498 -498
- package/lib/store/filter.d.ts +109 -109
- package/lib/store/filter.js +893 -893
- package/lib/store/modi.d.ts +13 -13
- package/lib/store/modi.js +198 -198
- package/lib/store/relation.d.ts +13 -13
- package/lib/store/relation.js +66 -66
- package/lib/store/selection.d.ts +7 -7
- package/lib/store/selection.js +235 -235
- package/lib/triggers/index.d.ts +6 -6
- package/lib/triggers/index.js +11 -11
- package/lib/triggers/modi.d.ts +5 -5
- package/lib/triggers/modi.js +72 -72
- package/lib/types/Action.d.ts +18 -18
- package/lib/types/Action.js +2 -2
- package/lib/types/AppLoader.d.ts +11 -11
- package/lib/types/AppLoader.js +10 -10
- package/lib/types/Aspect.d.ts +12 -12
- package/lib/types/Aspect.js +4 -4
- package/lib/types/Auth.d.ts +66 -66
- package/lib/types/Auth.js +2 -2
- package/lib/types/Connector.d.ts +26 -26
- package/lib/types/Connector.js +9 -9
- package/lib/types/Context.d.ts +7 -7
- package/lib/types/Context.js +3 -3
- package/lib/types/DataType.d.ts +18 -18
- package/lib/types/DataType.js +5 -5
- package/lib/types/Demand.d.ts +77 -77
- package/lib/types/Demand.js +9 -9
- package/lib/types/Endpoint.d.ts +11 -10
- package/lib/types/Endpoint.js +3 -3
- package/lib/types/Entity.d.ts +183 -176
- package/lib/types/Entity.js +14 -14
- package/lib/types/Exception.d.ts +98 -88
- package/lib/types/Exception.js +283 -267
- package/lib/types/Expression.d.ts +163 -163
- package/lib/types/Expression.js +427 -427
- package/lib/types/Geo.d.ts +18 -18
- package/lib/types/Geo.js +2 -2
- package/lib/types/Locale.d.ts +24 -24
- package/lib/types/Locale.js +2 -2
- package/lib/types/Logger.d.ts +5 -5
- package/lib/types/Logger.js +3 -3
- package/lib/types/Polyfill.d.ts +23 -23
- package/lib/types/Polyfill.js +2 -2
- package/lib/types/Port.d.ts +17 -17
- package/lib/types/Port.js +2 -2
- package/lib/types/RowStore.d.ts +12 -12
- package/lib/types/RowStore.js +34 -34
- package/lib/types/Storage.d.ts +56 -56
- package/lib/types/Storage.js +2 -2
- package/lib/types/Timer.d.ts +13 -13
- package/lib/types/Timer.js +2 -2
- package/lib/types/Trigger.d.ts +100 -100
- package/lib/types/Trigger.js +39 -39
- package/lib/types/Txn.d.ts +2 -2
- package/lib/types/Txn.js +3 -3
- package/lib/types/Watcher.d.ts +19 -19
- package/lib/types/Watcher.js +4 -4
- package/lib/types/index.d.ts +21 -21
- package/lib/types/index.js +24 -24
- package/lib/types/schema/DataTypes.d.ts +32 -32
- package/lib/types/schema/DataTypes.js +3 -3
- package/lib/utils/SimpleConnector.d.ts +30 -30
- package/lib/utils/SimpleConnector.js +117 -117
- package/lib/utils/assert.d.ts +5 -5
- package/lib/utils/assert.js +9 -9
- package/lib/utils/concurrent.d.ts +15 -15
- package/lib/utils/concurrent.js +89 -89
- package/lib/utils/cron.d.ts +1 -1
- package/lib/utils/cron.js +18 -18
- package/lib/utils/date.d.ts +1 -1
- package/lib/utils/date.js +18 -18
- package/lib/utils/geo.d.ts +4 -4
- package/lib/utils/geo.js +24 -24
- package/lib/utils/lodash.d.ts +20 -20
- package/lib/utils/lodash.js +55 -55
- package/lib/utils/random/random.d.ts +1 -1
- package/lib/utils/random/random.js +24 -24
- package/lib/utils/random/random.mp.d.ts +1 -1
- package/lib/utils/random/random.mp.js +25 -25
- package/lib/utils/random/random.web.d.ts +1 -1
- package/lib/utils/random/random.web.js +17 -17
- package/lib/utils/string.d.ts +22 -22
- package/lib/utils/string.js +70 -70
- package/lib/utils/uuid.d.ts +12 -12
- package/lib/utils/uuid.js +194 -194
- package/lib/utils/validator.d.ts +23 -23
- package/lib/utils/validator.js +123 -123
- package/package.json +48 -48
- package/src/entities/Modi.ts +68 -68
- package/src/entities/ModiEntity.ts +24 -24
- package/src/entities/Oper.ts +28 -28
- package/src/entities/OperEntity.ts +24 -24
- package/src/entities/User.ts +19 -19
package/lib/store/checker.js
CHANGED
|
@@ -1,498 +1,498 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.createAuthCheckers = exports.translateCheckerInSyncContext = exports.translateCheckerInAsyncContext = void 0;
|
|
4
|
-
var tslib_1 = require("tslib");
|
|
5
|
-
var assert_1 = tslib_1.__importDefault(require("assert"));
|
|
6
|
-
var filter_1 = require("../store/filter");
|
|
7
|
-
var Exception_1 = require("../types/Exception");
|
|
8
|
-
var actionDef_1 = require("./actionDef");
|
|
9
|
-
var string_1 = require("../utils/string");
|
|
10
|
-
var lodash_1 = require("../utils/lodash");
|
|
11
|
-
var relation_1 = require("./relation");
|
|
12
|
-
function translateCheckerInAsyncContext(checker) {
|
|
13
|
-
var _this = this;
|
|
14
|
-
var entity = checker.entity, type = checker.type, action = checker.action;
|
|
15
|
-
var when = ((action === 'create' || action instanceof Array && action.includes('create')) && ['relation'].includes(type)) ? 'after' : 'before';
|
|
16
|
-
switch (type) {
|
|
17
|
-
case 'data': {
|
|
18
|
-
var checkerFn_1 = checker.checker;
|
|
19
|
-
var fn = (function (_a, context) {
|
|
20
|
-
var operation = _a.operation;
|
|
21
|
-
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
22
|
-
var data;
|
|
23
|
-
return tslib_1.__generator(this, function (_b) {
|
|
24
|
-
switch (_b.label) {
|
|
25
|
-
case 0:
|
|
26
|
-
data = operation.data;
|
|
27
|
-
return [4 /*yield*/, checkerFn_1(data, context)];
|
|
28
|
-
case 1:
|
|
29
|
-
_b.sent();
|
|
30
|
-
return [2 /*return*/, 0];
|
|
31
|
-
}
|
|
32
|
-
});
|
|
33
|
-
});
|
|
34
|
-
});
|
|
35
|
-
return {
|
|
36
|
-
fn: fn,
|
|
37
|
-
when: when,
|
|
38
|
-
};
|
|
39
|
-
}
|
|
40
|
-
case 'row': {
|
|
41
|
-
var filter_2 = checker.filter, errMsg_1 = checker.errMsg, inconsistentRows_1 = checker.inconsistentRows;
|
|
42
|
-
var fn = (function (_a, context, option) {
|
|
43
|
-
var operation = _a.operation;
|
|
44
|
-
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
45
|
-
var operationFilter, action, filter2, _b, entity2, selection2, rows2, data_1, rows2, data_2;
|
|
46
|
-
var _c, _d;
|
|
47
|
-
return tslib_1.__generator(this, function (_e) {
|
|
48
|
-
switch (_e.label) {
|
|
49
|
-
case 0:
|
|
50
|
-
operationFilter = operation.filter, action = operation.action;
|
|
51
|
-
if (!(typeof filter_2 === 'function')) return [3 /*break*/, 2];
|
|
52
|
-
return [4 /*yield*/, filter_2(operation, context, option)];
|
|
53
|
-
case 1:
|
|
54
|
-
_b = _e.sent();
|
|
55
|
-
return [3 /*break*/, 3];
|
|
56
|
-
case 2:
|
|
57
|
-
_b = filter_2;
|
|
58
|
-
_e.label = 3;
|
|
59
|
-
case 3:
|
|
60
|
-
filter2 = _b;
|
|
61
|
-
if (!['select', 'count', 'stat'].includes(action)) return [3 /*break*/, 4];
|
|
62
|
-
operation.filter = (0, filter_1.addFilterSegment)(operationFilter || {}, filter2);
|
|
63
|
-
return [2 /*return*/, 0];
|
|
64
|
-
case 4: return [4 /*yield*/, (0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter || {}, true)];
|
|
65
|
-
case 5:
|
|
66
|
-
if (_e.sent()) {
|
|
67
|
-
return [2 /*return*/, 0];
|
|
68
|
-
}
|
|
69
|
-
if (!inconsistentRows_1) return [3 /*break*/, 7];
|
|
70
|
-
entity2 = inconsistentRows_1.entity, selection2 = inconsistentRows_1.selection;
|
|
71
|
-
return [4 /*yield*/, context.select(entity2, selection2(operationFilter), {
|
|
72
|
-
dontCollect: true,
|
|
73
|
-
blockTrigger: true,
|
|
74
|
-
})];
|
|
75
|
-
case 6:
|
|
76
|
-
rows2 = _e.sent();
|
|
77
|
-
data_1 = {};
|
|
78
|
-
rows2.forEach(function (ele) {
|
|
79
|
-
var _a;
|
|
80
|
-
return Object.assign(data_1, (_a = {},
|
|
81
|
-
_a[ele.id] = ele,
|
|
82
|
-
_a));
|
|
83
|
-
});
|
|
84
|
-
throw new Exception_1.OakRowInconsistencyException({
|
|
85
|
-
a: 's',
|
|
86
|
-
d: (_c = {},
|
|
87
|
-
_c[entity2] = data_1,
|
|
88
|
-
_c)
|
|
89
|
-
}, errMsg_1);
|
|
90
|
-
case 7: return [4 /*yield*/, context.select(entity, {
|
|
91
|
-
data: (0, actionDef_1.getFullProjection)(entity, context.getSchema()),
|
|
92
|
-
filter: Object.assign({}, operationFilter, {
|
|
93
|
-
$not: filter2,
|
|
94
|
-
})
|
|
95
|
-
}, {
|
|
96
|
-
dontCollect: true,
|
|
97
|
-
blockTrigger: true,
|
|
98
|
-
})];
|
|
99
|
-
case 8:
|
|
100
|
-
rows2 = _e.sent();
|
|
101
|
-
data_2 = {};
|
|
102
|
-
rows2.forEach(function (ele) {
|
|
103
|
-
var _a;
|
|
104
|
-
return Object.assign(data_2, (_a = {},
|
|
105
|
-
_a[ele.id] = ele,
|
|
106
|
-
_a));
|
|
107
|
-
});
|
|
108
|
-
throw new Exception_1.OakRowInconsistencyException({
|
|
109
|
-
a: 's',
|
|
110
|
-
d: (_d = {},
|
|
111
|
-
_d[entity] = data_2,
|
|
112
|
-
_d)
|
|
113
|
-
}, errMsg_1);
|
|
114
|
-
}
|
|
115
|
-
});
|
|
116
|
-
});
|
|
117
|
-
});
|
|
118
|
-
return {
|
|
119
|
-
fn: fn,
|
|
120
|
-
when: when,
|
|
121
|
-
};
|
|
122
|
-
}
|
|
123
|
-
case 'relation': {
|
|
124
|
-
var relationFilter_1 = checker.relationFilter, errMsg_2 = checker.errMsg;
|
|
125
|
-
var fn = (function (_a, context, option) {
|
|
126
|
-
var operation = _a.operation;
|
|
127
|
-
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
128
|
-
var filter2, data, filter, _b, _c, _d;
|
|
129
|
-
return tslib_1.__generator(this, function (_e) {
|
|
130
|
-
switch (_e.label) {
|
|
131
|
-
case 0:
|
|
132
|
-
if (context.isRoot()) {
|
|
133
|
-
return [2 /*return*/, 0];
|
|
134
|
-
}
|
|
135
|
-
if (!(operation.action === 'create')) return [3 /*break*/, 3];
|
|
136
|
-
return [4 /*yield*/, relationFilter_1(operation, context, option)];
|
|
137
|
-
case 1:
|
|
138
|
-
filter2 = _e.sent();
|
|
139
|
-
data = operation.data;
|
|
140
|
-
filter = data instanceof Array ? {
|
|
141
|
-
id: {
|
|
142
|
-
$in: data.map(function (ele) { return ele.id; }),
|
|
143
|
-
},
|
|
144
|
-
} : {
|
|
145
|
-
id: data.id,
|
|
146
|
-
};
|
|
147
|
-
return [4 /*yield*/, (0, filter_1.checkFilterContains)(entity, context, filter2, filter, true)];
|
|
148
|
-
case 2:
|
|
149
|
-
if (_e.sent()) {
|
|
150
|
-
return [2 /*return*/, 0];
|
|
151
|
-
}
|
|
152
|
-
throw new Exception_1.OakUserUnpermittedException(errMsg_2);
|
|
153
|
-
case 3:
|
|
154
|
-
_b = operation;
|
|
155
|
-
_c = filter_1.combineFilters;
|
|
156
|
-
_d = [operation.filter];
|
|
157
|
-
return [4 /*yield*/, relationFilter_1(operation, context, option)];
|
|
158
|
-
case 4:
|
|
159
|
-
_b.filter = _c.apply(void 0, [_d.concat([_e.sent()])]);
|
|
160
|
-
_e.label = 5;
|
|
161
|
-
case 5: return [2 /*return*/, 0];
|
|
162
|
-
}
|
|
163
|
-
});
|
|
164
|
-
});
|
|
165
|
-
});
|
|
166
|
-
return {
|
|
167
|
-
fn: fn,
|
|
168
|
-
when: when,
|
|
169
|
-
};
|
|
170
|
-
}
|
|
171
|
-
case 'logical':
|
|
172
|
-
case 'logicalRelation': {
|
|
173
|
-
var checkerFn_2 = checker.checker;
|
|
174
|
-
var fn = (function (_a, context, option) {
|
|
175
|
-
var operation = _a.operation;
|
|
176
|
-
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
177
|
-
return tslib_1.__generator(this, function (_b) {
|
|
178
|
-
switch (_b.label) {
|
|
179
|
-
case 0:
|
|
180
|
-
if (context.isRoot() && type === 'logicalRelation') {
|
|
181
|
-
return [2 /*return*/, 0];
|
|
182
|
-
}
|
|
183
|
-
return [4 /*yield*/, checkerFn_2(operation, context, option)];
|
|
184
|
-
case 1:
|
|
185
|
-
_b.sent();
|
|
186
|
-
return [2 /*return*/, 0];
|
|
187
|
-
}
|
|
188
|
-
});
|
|
189
|
-
});
|
|
190
|
-
});
|
|
191
|
-
return {
|
|
192
|
-
fn: fn,
|
|
193
|
-
when: when,
|
|
194
|
-
};
|
|
195
|
-
}
|
|
196
|
-
default: {
|
|
197
|
-
(0, assert_1.default)(false);
|
|
198
|
-
}
|
|
199
|
-
}
|
|
200
|
-
}
|
|
201
|
-
exports.translateCheckerInAsyncContext = translateCheckerInAsyncContext;
|
|
202
|
-
function translateCheckerInSyncContext(checker) {
|
|
203
|
-
var entity = checker.entity, type = checker.type, action = checker.action;
|
|
204
|
-
var when = ((action === 'create' || action instanceof Array && action.includes('create')) && ['relation'].includes(type)) ? 'after' : 'before';
|
|
205
|
-
switch (type) {
|
|
206
|
-
case 'data': {
|
|
207
|
-
var checkerFn_3 = checker.checker;
|
|
208
|
-
var fn = function (operation, context) { return checkerFn_3(operation.data, context); };
|
|
209
|
-
return {
|
|
210
|
-
fn: fn,
|
|
211
|
-
when: when,
|
|
212
|
-
};
|
|
213
|
-
}
|
|
214
|
-
case 'row': {
|
|
215
|
-
var filter_3 = checker.filter, errMsg_3 = checker.errMsg;
|
|
216
|
-
var fn = function (operation, context, option) {
|
|
217
|
-
var operationFilter = operation.filter, action = operation.action;
|
|
218
|
-
var filter2 = typeof filter_3 === 'function' ? filter_3(operation, context, option) : filter_3;
|
|
219
|
-
(0, assert_1.default)(operationFilter);
|
|
220
|
-
if (['select', 'count', 'stat'].includes(action)) {
|
|
221
|
-
operation.filter = (0, filter_1.addFilterSegment)(operationFilter, filter2);
|
|
222
|
-
return 0;
|
|
223
|
-
}
|
|
224
|
-
else {
|
|
225
|
-
(0, assert_1.default)(!(filter2 instanceof Promise));
|
|
226
|
-
if ((0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter, true)) {
|
|
227
|
-
return;
|
|
228
|
-
}
|
|
229
|
-
throw new Exception_1.OakRowInconsistencyException(undefined, errMsg_3);
|
|
230
|
-
}
|
|
231
|
-
};
|
|
232
|
-
return {
|
|
233
|
-
fn: fn,
|
|
234
|
-
when: when,
|
|
235
|
-
};
|
|
236
|
-
}
|
|
237
|
-
case 'relation': {
|
|
238
|
-
var relationFilter_2 = checker.relationFilter, errMsg_4 = checker.errMsg;
|
|
239
|
-
var fn = function (operation, context, option) {
|
|
240
|
-
if (context.isRoot()) {
|
|
241
|
-
return;
|
|
242
|
-
}
|
|
243
|
-
var filter2 = typeof relationFilter_2 === 'function' ? relationFilter_2(operation, context, option) : relationFilter_2;
|
|
244
|
-
var filter = operation.filter, action = operation.action;
|
|
245
|
-
var filter3 = filter;
|
|
246
|
-
if (action === 'create') {
|
|
247
|
-
var data = operation.data;
|
|
248
|
-
filter3 = data instanceof Array ? {
|
|
249
|
-
id: {
|
|
250
|
-
$in: data.map(function (ele) { return ele.id; }),
|
|
251
|
-
},
|
|
252
|
-
} : { id: data.id };
|
|
253
|
-
}
|
|
254
|
-
(0, assert_1.default)(filter3);
|
|
255
|
-
(0, assert_1.default)(!(filter2 instanceof Promise));
|
|
256
|
-
if ((0, filter_1.checkFilterContains)(entity, context, filter2, filter3, true)) {
|
|
257
|
-
return;
|
|
258
|
-
}
|
|
259
|
-
throw new Exception_1.OakUserUnpermittedException(errMsg_4);
|
|
260
|
-
};
|
|
261
|
-
return {
|
|
262
|
-
fn: fn,
|
|
263
|
-
when: when,
|
|
264
|
-
};
|
|
265
|
-
}
|
|
266
|
-
case 'logical':
|
|
267
|
-
case 'logicalRelation': {
|
|
268
|
-
var checkerFn_4 = checker.checker;
|
|
269
|
-
var fn = function (operation, context, option) {
|
|
270
|
-
if (context.isRoot() && type === 'logicalRelation') {
|
|
271
|
-
return;
|
|
272
|
-
}
|
|
273
|
-
checkerFn_4(operation, context, option);
|
|
274
|
-
};
|
|
275
|
-
return {
|
|
276
|
-
fn: fn,
|
|
277
|
-
when: when,
|
|
278
|
-
};
|
|
279
|
-
}
|
|
280
|
-
default: {
|
|
281
|
-
(0, assert_1.default)(false);
|
|
282
|
-
}
|
|
283
|
-
}
|
|
284
|
-
}
|
|
285
|
-
exports.translateCheckerInSyncContext = translateCheckerInSyncContext;
|
|
286
|
-
function translateCascadeRelationFilterMaker(schema, lch, entity2) {
|
|
287
|
-
var cascadePath = lch.cascadePath, relations = lch.relations;
|
|
288
|
-
var paths = cascadePath.split('.');
|
|
289
|
-
var translateRelationFilter = function (entity) {
|
|
290
|
-
// 有两种情况,此entity和user有Relation定义,或是此entity上有userId
|
|
291
|
-
if (schema[entity].relation) {
|
|
292
|
-
var relationEntityName_1 = "user".concat((0, string_1.firstLetterUpperCase)(entity));
|
|
293
|
-
return function (userId) {
|
|
294
|
-
var _a;
|
|
295
|
-
var filter = relations ? {
|
|
296
|
-
userId: userId,
|
|
297
|
-
relation: {
|
|
298
|
-
$in: relations,
|
|
299
|
-
},
|
|
300
|
-
} : {
|
|
301
|
-
userId: userId,
|
|
302
|
-
};
|
|
303
|
-
return {
|
|
304
|
-
id: {
|
|
305
|
-
$in: {
|
|
306
|
-
entity: relationEntityName_1,
|
|
307
|
-
data: (_a = {},
|
|
308
|
-
_a["".concat(entity, "Id")] = 1,
|
|
309
|
-
_a),
|
|
310
|
-
filter: filter,
|
|
311
|
-
},
|
|
312
|
-
},
|
|
313
|
-
};
|
|
314
|
-
};
|
|
315
|
-
}
|
|
316
|
-
var attributes = schema[entity].attributes;
|
|
317
|
-
(0, assert_1.default)(attributes.hasOwnProperty('userId') && attributes.userId.type === 'ref' && attributes.userId.ref === 'user', "\u5728".concat(entity, "\u4E0A\u65E2\u627E\u4E0D\u5230userId\uFF0C\u4E5F\u6CA1\u6709relation\u5B9A\u4E49"));
|
|
318
|
-
return function (userId) { return ({
|
|
319
|
-
userId: userId,
|
|
320
|
-
}); };
|
|
321
|
-
};
|
|
322
|
-
var translateFilterMakerIter = function (entity, iter) {
|
|
323
|
-
var relation = (0, relation_1.judgeRelation)(schema, entity, paths[iter]);
|
|
324
|
-
if (iter === paths.length - 1) {
|
|
325
|
-
if (relation === 2) {
|
|
326
|
-
var filterMaker_1 = translateRelationFilter(paths[iter]);
|
|
327
|
-
return function (userId) {
|
|
328
|
-
var _a;
|
|
329
|
-
var filter = filterMaker_1(userId);
|
|
330
|
-
if (filter.$in) {
|
|
331
|
-
return {
|
|
332
|
-
entity: paths[iter],
|
|
333
|
-
entityId: filter,
|
|
334
|
-
};
|
|
335
|
-
}
|
|
336
|
-
return _a = {},
|
|
337
|
-
_a[paths[iter]] = filter,
|
|
338
|
-
_a;
|
|
339
|
-
};
|
|
340
|
-
}
|
|
341
|
-
(0, assert_1.default)(typeof relation === 'string');
|
|
342
|
-
var filterMaker_2 = translateRelationFilter(relation);
|
|
343
|
-
return function (userId) {
|
|
344
|
-
var _a, _b;
|
|
345
|
-
var filter = filterMaker_2(userId);
|
|
346
|
-
if (filter.$in) {
|
|
347
|
-
return _a = {},
|
|
348
|
-
_a["".concat(paths[iter], "Id")] = filter,
|
|
349
|
-
_a;
|
|
350
|
-
}
|
|
351
|
-
return _b = {},
|
|
352
|
-
_b[paths[iter]] = filter,
|
|
353
|
-
_b;
|
|
354
|
-
};
|
|
355
|
-
}
|
|
356
|
-
else {
|
|
357
|
-
var subFilterMaker_1 = translateFilterMakerIter(paths[iter], iter + 1);
|
|
358
|
-
if (iter === 0) {
|
|
359
|
-
return function (userId) {
|
|
360
|
-
var _a;
|
|
361
|
-
var subFilter = subFilterMaker_1(userId);
|
|
362
|
-
return _a = {},
|
|
363
|
-
_a[paths[iter]] = subFilter,
|
|
364
|
-
_a;
|
|
365
|
-
};
|
|
366
|
-
}
|
|
367
|
-
return function (userId) {
|
|
368
|
-
var _a;
|
|
369
|
-
return (_a = {},
|
|
370
|
-
_a[paths[iter]] = subFilterMaker_1(userId),
|
|
371
|
-
_a);
|
|
372
|
-
};
|
|
373
|
-
}
|
|
374
|
-
};
|
|
375
|
-
var filter = cascadePath ? translateFilterMakerIter(entity2, 0) : translateRelationFilter(entity2);
|
|
376
|
-
return filter;
|
|
377
|
-
}
|
|
378
|
-
function translateActionAuthFilterMaker(schema, relationItem, entity) {
|
|
379
|
-
if (relationItem instanceof Array) {
|
|
380
|
-
var maker_1 = relationItem.map(function (ele) {
|
|
381
|
-
if (ele instanceof Array) {
|
|
382
|
-
return ele.map(function (ele2) { return translateCascadeRelationFilterMaker(schema, ele2, entity); });
|
|
383
|
-
}
|
|
384
|
-
return [translateCascadeRelationFilterMaker(schema, ele, entity)];
|
|
385
|
-
});
|
|
386
|
-
return function (userId) { return ({
|
|
387
|
-
$or: maker_1.map(function (ele) { return ({
|
|
388
|
-
$and: ele.map(function (ele2) { return ele2(userId); })
|
|
389
|
-
}); })
|
|
390
|
-
}); };
|
|
391
|
-
}
|
|
392
|
-
var filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity);
|
|
393
|
-
return function (userId) { return filterMaker(userId); };
|
|
394
|
-
}
|
|
395
|
-
function createAuthCheckers(schema, authDict) {
|
|
396
|
-
var checkers = [];
|
|
397
|
-
var _loop_1 = function (entity) {
|
|
398
|
-
var _a;
|
|
399
|
-
if (authDict[entity]) {
|
|
400
|
-
var _b = authDict[entity], relationAuth = _b.relationAuth, actionAuth = _b.actionAuth;
|
|
401
|
-
if (relationAuth) {
|
|
402
|
-
var raFilterMakerDict_1 = {};
|
|
403
|
-
for (var r in relationAuth) {
|
|
404
|
-
Object.assign(raFilterMakerDict_1, (_a = {},
|
|
405
|
-
_a[r] = translateActionAuthFilterMaker(schema, relationAuth[r], entity),
|
|
406
|
-
_a));
|
|
407
|
-
}
|
|
408
|
-
var userEntityName_1 = "user".concat((0, string_1.firstLetterUpperCase)(entity));
|
|
409
|
-
var entityIdAttr_1 = "".concat(entity, "Id");
|
|
410
|
-
checkers.push({
|
|
411
|
-
entity: userEntityName_1,
|
|
412
|
-
action: 'create',
|
|
413
|
-
type: 'relation',
|
|
414
|
-
relationFilter: function (operation, context) {
|
|
415
|
-
var _a;
|
|
416
|
-
var data = operation.data;
|
|
417
|
-
(0, assert_1.default)(!(data instanceof Array));
|
|
418
|
-
var _b = data, relation = _b.relation, _c = entityIdAttr_1, entityId = _b[_c];
|
|
419
|
-
var userId = context.getCurrentUserId();
|
|
420
|
-
if (!raFilterMakerDict_1[relation]) {
|
|
421
|
-
return;
|
|
422
|
-
}
|
|
423
|
-
var filter = raFilterMakerDict_1[relation](userId);
|
|
424
|
-
return _a = {},
|
|
425
|
-
_a[entity] = filter,
|
|
426
|
-
_a;
|
|
427
|
-
},
|
|
428
|
-
errMsg: '越权操作',
|
|
429
|
-
});
|
|
430
|
-
checkers.push({
|
|
431
|
-
entity: userEntityName_1,
|
|
432
|
-
action: 'remove',
|
|
433
|
-
type: 'relation',
|
|
434
|
-
relationFilter: function (operation, context) {
|
|
435
|
-
var _a;
|
|
436
|
-
var userId = context.getCurrentUserId();
|
|
437
|
-
var filter = operation.filter;
|
|
438
|
-
var makeFilterFromRows = function (rows) {
|
|
439
|
-
var relations = (0, lodash_1.uniq)(rows.map(function (ele) { return ele.relation; }));
|
|
440
|
-
var entityIds = (0, lodash_1.uniq)(rows.map(function (ele) { return ele[entityIdAttr_1]; }));
|
|
441
|
-
(0, assert_1.default)(entityIds.length === 1, "\u5728\u56DE\u6536".concat(userEntityName_1, "\u4E0A\u6743\u9650\u65F6\uFF0C\u5355\u6B21\u56DE\u6536\u6D89\u53CA\u5230\u4E86\u4E0D\u540C\u7684\u5BF9\u8C61\uFF0C\u6B64\u64CD\u4F5C\u4E0D\u88AB\u5141\u8BB8"));
|
|
442
|
-
// const entityId = entityIds[0]!;
|
|
443
|
-
// 所有的relation条件要同时满足and关系(注意这里的filter翻译出来是在entity对象上,不是在userEntity对象上)
|
|
444
|
-
return {
|
|
445
|
-
$and: relations.map(function (relation) { return raFilterMakerDict_1[relation]; }).filter(function (ele) { return !!ele; }).map(function (ele) {
|
|
446
|
-
var _a;
|
|
447
|
-
return (_a = {},
|
|
448
|
-
_a[entity] = ele(userId),
|
|
449
|
-
_a);
|
|
450
|
-
})
|
|
451
|
-
};
|
|
452
|
-
};
|
|
453
|
-
var toBeRemoved = context.select(userEntityName_1, {
|
|
454
|
-
data: (_a = {
|
|
455
|
-
id: 1,
|
|
456
|
-
relation: 1
|
|
457
|
-
},
|
|
458
|
-
_a[entityIdAttr_1] = 1,
|
|
459
|
-
_a),
|
|
460
|
-
filter: filter,
|
|
461
|
-
}, { dontCollect: true });
|
|
462
|
-
if (toBeRemoved instanceof Promise) {
|
|
463
|
-
return toBeRemoved.then(function (rows) { return makeFilterFromRows(rows); });
|
|
464
|
-
}
|
|
465
|
-
return makeFilterFromRows(toBeRemoved);
|
|
466
|
-
},
|
|
467
|
-
errMsg: '越权操作',
|
|
468
|
-
});
|
|
469
|
-
// 转让权限现在用update动作,只允许update userId给其它人
|
|
470
|
-
// todo 等实现的时候再写
|
|
471
|
-
}
|
|
472
|
-
if (actionAuth) {
|
|
473
|
-
var _loop_2 = function (a) {
|
|
474
|
-
var filterMaker = translateActionAuthFilterMaker(schema, actionAuth[a], entity);
|
|
475
|
-
checkers.push({
|
|
476
|
-
entity: entity,
|
|
477
|
-
action: a,
|
|
478
|
-
type: 'relation',
|
|
479
|
-
relationFilter: function (operation, context) {
|
|
480
|
-
// const { filter } = operation;
|
|
481
|
-
var filter = filterMaker(context.getCurrentUserId());
|
|
482
|
-
return filter;
|
|
483
|
-
},
|
|
484
|
-
errMsg: '定义的actionAuth中检查出来越权操作',
|
|
485
|
-
});
|
|
486
|
-
};
|
|
487
|
-
for (var a in actionAuth) {
|
|
488
|
-
_loop_2(a);
|
|
489
|
-
}
|
|
490
|
-
}
|
|
491
|
-
}
|
|
492
|
-
};
|
|
493
|
-
for (var entity in schema) {
|
|
494
|
-
_loop_1(entity);
|
|
495
|
-
}
|
|
496
|
-
return checkers;
|
|
497
|
-
}
|
|
498
|
-
exports.createAuthCheckers = createAuthCheckers;
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.createAuthCheckers = exports.translateCheckerInSyncContext = exports.translateCheckerInAsyncContext = void 0;
|
|
4
|
+
var tslib_1 = require("tslib");
|
|
5
|
+
var assert_1 = tslib_1.__importDefault(require("assert"));
|
|
6
|
+
var filter_1 = require("../store/filter");
|
|
7
|
+
var Exception_1 = require("../types/Exception");
|
|
8
|
+
var actionDef_1 = require("./actionDef");
|
|
9
|
+
var string_1 = require("../utils/string");
|
|
10
|
+
var lodash_1 = require("../utils/lodash");
|
|
11
|
+
var relation_1 = require("./relation");
|
|
12
|
+
function translateCheckerInAsyncContext(checker) {
|
|
13
|
+
var _this = this;
|
|
14
|
+
var entity = checker.entity, type = checker.type, action = checker.action;
|
|
15
|
+
var when = ((action === 'create' || action instanceof Array && action.includes('create')) && ['relation'].includes(type)) ? 'after' : 'before';
|
|
16
|
+
switch (type) {
|
|
17
|
+
case 'data': {
|
|
18
|
+
var checkerFn_1 = checker.checker;
|
|
19
|
+
var fn = (function (_a, context) {
|
|
20
|
+
var operation = _a.operation;
|
|
21
|
+
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
22
|
+
var data;
|
|
23
|
+
return tslib_1.__generator(this, function (_b) {
|
|
24
|
+
switch (_b.label) {
|
|
25
|
+
case 0:
|
|
26
|
+
data = operation.data;
|
|
27
|
+
return [4 /*yield*/, checkerFn_1(data, context)];
|
|
28
|
+
case 1:
|
|
29
|
+
_b.sent();
|
|
30
|
+
return [2 /*return*/, 0];
|
|
31
|
+
}
|
|
32
|
+
});
|
|
33
|
+
});
|
|
34
|
+
});
|
|
35
|
+
return {
|
|
36
|
+
fn: fn,
|
|
37
|
+
when: when,
|
|
38
|
+
};
|
|
39
|
+
}
|
|
40
|
+
case 'row': {
|
|
41
|
+
var filter_2 = checker.filter, errMsg_1 = checker.errMsg, inconsistentRows_1 = checker.inconsistentRows;
|
|
42
|
+
var fn = (function (_a, context, option) {
|
|
43
|
+
var operation = _a.operation;
|
|
44
|
+
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
45
|
+
var operationFilter, action, filter2, _b, entity2, selection2, rows2, data_1, rows2, data_2;
|
|
46
|
+
var _c, _d;
|
|
47
|
+
return tslib_1.__generator(this, function (_e) {
|
|
48
|
+
switch (_e.label) {
|
|
49
|
+
case 0:
|
|
50
|
+
operationFilter = operation.filter, action = operation.action;
|
|
51
|
+
if (!(typeof filter_2 === 'function')) return [3 /*break*/, 2];
|
|
52
|
+
return [4 /*yield*/, filter_2(operation, context, option)];
|
|
53
|
+
case 1:
|
|
54
|
+
_b = _e.sent();
|
|
55
|
+
return [3 /*break*/, 3];
|
|
56
|
+
case 2:
|
|
57
|
+
_b = filter_2;
|
|
58
|
+
_e.label = 3;
|
|
59
|
+
case 3:
|
|
60
|
+
filter2 = _b;
|
|
61
|
+
if (!['select', 'count', 'stat'].includes(action)) return [3 /*break*/, 4];
|
|
62
|
+
operation.filter = (0, filter_1.addFilterSegment)(operationFilter || {}, filter2);
|
|
63
|
+
return [2 /*return*/, 0];
|
|
64
|
+
case 4: return [4 /*yield*/, (0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter || {}, true)];
|
|
65
|
+
case 5:
|
|
66
|
+
if (_e.sent()) {
|
|
67
|
+
return [2 /*return*/, 0];
|
|
68
|
+
}
|
|
69
|
+
if (!inconsistentRows_1) return [3 /*break*/, 7];
|
|
70
|
+
entity2 = inconsistentRows_1.entity, selection2 = inconsistentRows_1.selection;
|
|
71
|
+
return [4 /*yield*/, context.select(entity2, selection2(operationFilter), {
|
|
72
|
+
dontCollect: true,
|
|
73
|
+
blockTrigger: true,
|
|
74
|
+
})];
|
|
75
|
+
case 6:
|
|
76
|
+
rows2 = _e.sent();
|
|
77
|
+
data_1 = {};
|
|
78
|
+
rows2.forEach(function (ele) {
|
|
79
|
+
var _a;
|
|
80
|
+
return Object.assign(data_1, (_a = {},
|
|
81
|
+
_a[ele.id] = ele,
|
|
82
|
+
_a));
|
|
83
|
+
});
|
|
84
|
+
throw new Exception_1.OakRowInconsistencyException({
|
|
85
|
+
a: 's',
|
|
86
|
+
d: (_c = {},
|
|
87
|
+
_c[entity2] = data_1,
|
|
88
|
+
_c)
|
|
89
|
+
}, errMsg_1);
|
|
90
|
+
case 7: return [4 /*yield*/, context.select(entity, {
|
|
91
|
+
data: (0, actionDef_1.getFullProjection)(entity, context.getSchema()),
|
|
92
|
+
filter: Object.assign({}, operationFilter, {
|
|
93
|
+
$not: filter2,
|
|
94
|
+
})
|
|
95
|
+
}, {
|
|
96
|
+
dontCollect: true,
|
|
97
|
+
blockTrigger: true,
|
|
98
|
+
})];
|
|
99
|
+
case 8:
|
|
100
|
+
rows2 = _e.sent();
|
|
101
|
+
data_2 = {};
|
|
102
|
+
rows2.forEach(function (ele) {
|
|
103
|
+
var _a;
|
|
104
|
+
return Object.assign(data_2, (_a = {},
|
|
105
|
+
_a[ele.id] = ele,
|
|
106
|
+
_a));
|
|
107
|
+
});
|
|
108
|
+
throw new Exception_1.OakRowInconsistencyException({
|
|
109
|
+
a: 's',
|
|
110
|
+
d: (_d = {},
|
|
111
|
+
_d[entity] = data_2,
|
|
112
|
+
_d)
|
|
113
|
+
}, errMsg_1);
|
|
114
|
+
}
|
|
115
|
+
});
|
|
116
|
+
});
|
|
117
|
+
});
|
|
118
|
+
return {
|
|
119
|
+
fn: fn,
|
|
120
|
+
when: when,
|
|
121
|
+
};
|
|
122
|
+
}
|
|
123
|
+
case 'relation': {
|
|
124
|
+
var relationFilter_1 = checker.relationFilter, errMsg_2 = checker.errMsg;
|
|
125
|
+
var fn = (function (_a, context, option) {
|
|
126
|
+
var operation = _a.operation;
|
|
127
|
+
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
128
|
+
var filter2, data, filter, _b, _c, _d;
|
|
129
|
+
return tslib_1.__generator(this, function (_e) {
|
|
130
|
+
switch (_e.label) {
|
|
131
|
+
case 0:
|
|
132
|
+
if (context.isRoot()) {
|
|
133
|
+
return [2 /*return*/, 0];
|
|
134
|
+
}
|
|
135
|
+
if (!(operation.action === 'create')) return [3 /*break*/, 3];
|
|
136
|
+
return [4 /*yield*/, relationFilter_1(operation, context, option)];
|
|
137
|
+
case 1:
|
|
138
|
+
filter2 = _e.sent();
|
|
139
|
+
data = operation.data;
|
|
140
|
+
filter = data instanceof Array ? {
|
|
141
|
+
id: {
|
|
142
|
+
$in: data.map(function (ele) { return ele.id; }),
|
|
143
|
+
},
|
|
144
|
+
} : {
|
|
145
|
+
id: data.id,
|
|
146
|
+
};
|
|
147
|
+
return [4 /*yield*/, (0, filter_1.checkFilterContains)(entity, context, filter2, filter, true)];
|
|
148
|
+
case 2:
|
|
149
|
+
if (_e.sent()) {
|
|
150
|
+
return [2 /*return*/, 0];
|
|
151
|
+
}
|
|
152
|
+
throw new Exception_1.OakUserUnpermittedException(errMsg_2);
|
|
153
|
+
case 3:
|
|
154
|
+
_b = operation;
|
|
155
|
+
_c = filter_1.combineFilters;
|
|
156
|
+
_d = [operation.filter];
|
|
157
|
+
return [4 /*yield*/, relationFilter_1(operation, context, option)];
|
|
158
|
+
case 4:
|
|
159
|
+
_b.filter = _c.apply(void 0, [_d.concat([_e.sent()])]);
|
|
160
|
+
_e.label = 5;
|
|
161
|
+
case 5: return [2 /*return*/, 0];
|
|
162
|
+
}
|
|
163
|
+
});
|
|
164
|
+
});
|
|
165
|
+
});
|
|
166
|
+
return {
|
|
167
|
+
fn: fn,
|
|
168
|
+
when: when,
|
|
169
|
+
};
|
|
170
|
+
}
|
|
171
|
+
case 'logical':
|
|
172
|
+
case 'logicalRelation': {
|
|
173
|
+
var checkerFn_2 = checker.checker;
|
|
174
|
+
var fn = (function (_a, context, option) {
|
|
175
|
+
var operation = _a.operation;
|
|
176
|
+
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
177
|
+
return tslib_1.__generator(this, function (_b) {
|
|
178
|
+
switch (_b.label) {
|
|
179
|
+
case 0:
|
|
180
|
+
if (context.isRoot() && type === 'logicalRelation') {
|
|
181
|
+
return [2 /*return*/, 0];
|
|
182
|
+
}
|
|
183
|
+
return [4 /*yield*/, checkerFn_2(operation, context, option)];
|
|
184
|
+
case 1:
|
|
185
|
+
_b.sent();
|
|
186
|
+
return [2 /*return*/, 0];
|
|
187
|
+
}
|
|
188
|
+
});
|
|
189
|
+
});
|
|
190
|
+
});
|
|
191
|
+
return {
|
|
192
|
+
fn: fn,
|
|
193
|
+
when: when,
|
|
194
|
+
};
|
|
195
|
+
}
|
|
196
|
+
default: {
|
|
197
|
+
(0, assert_1.default)(false);
|
|
198
|
+
}
|
|
199
|
+
}
|
|
200
|
+
}
|
|
201
|
+
exports.translateCheckerInAsyncContext = translateCheckerInAsyncContext;
|
|
202
|
+
function translateCheckerInSyncContext(checker) {
|
|
203
|
+
var entity = checker.entity, type = checker.type, action = checker.action;
|
|
204
|
+
var when = ((action === 'create' || action instanceof Array && action.includes('create')) && ['relation'].includes(type)) ? 'after' : 'before';
|
|
205
|
+
switch (type) {
|
|
206
|
+
case 'data': {
|
|
207
|
+
var checkerFn_3 = checker.checker;
|
|
208
|
+
var fn = function (operation, context) { return checkerFn_3(operation.data, context); };
|
|
209
|
+
return {
|
|
210
|
+
fn: fn,
|
|
211
|
+
when: when,
|
|
212
|
+
};
|
|
213
|
+
}
|
|
214
|
+
case 'row': {
|
|
215
|
+
var filter_3 = checker.filter, errMsg_3 = checker.errMsg;
|
|
216
|
+
var fn = function (operation, context, option) {
|
|
217
|
+
var operationFilter = operation.filter, action = operation.action;
|
|
218
|
+
var filter2 = typeof filter_3 === 'function' ? filter_3(operation, context, option) : filter_3;
|
|
219
|
+
(0, assert_1.default)(operationFilter);
|
|
220
|
+
if (['select', 'count', 'stat'].includes(action)) {
|
|
221
|
+
operation.filter = (0, filter_1.addFilterSegment)(operationFilter, filter2);
|
|
222
|
+
return 0;
|
|
223
|
+
}
|
|
224
|
+
else {
|
|
225
|
+
(0, assert_1.default)(!(filter2 instanceof Promise));
|
|
226
|
+
if ((0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter, true)) {
|
|
227
|
+
return;
|
|
228
|
+
}
|
|
229
|
+
throw new Exception_1.OakRowInconsistencyException(undefined, errMsg_3);
|
|
230
|
+
}
|
|
231
|
+
};
|
|
232
|
+
return {
|
|
233
|
+
fn: fn,
|
|
234
|
+
when: when,
|
|
235
|
+
};
|
|
236
|
+
}
|
|
237
|
+
case 'relation': {
|
|
238
|
+
var relationFilter_2 = checker.relationFilter, errMsg_4 = checker.errMsg;
|
|
239
|
+
var fn = function (operation, context, option) {
|
|
240
|
+
if (context.isRoot()) {
|
|
241
|
+
return;
|
|
242
|
+
}
|
|
243
|
+
var filter2 = typeof relationFilter_2 === 'function' ? relationFilter_2(operation, context, option) : relationFilter_2;
|
|
244
|
+
var filter = operation.filter, action = operation.action;
|
|
245
|
+
var filter3 = filter;
|
|
246
|
+
if (action === 'create') {
|
|
247
|
+
var data = operation.data;
|
|
248
|
+
filter3 = data instanceof Array ? {
|
|
249
|
+
id: {
|
|
250
|
+
$in: data.map(function (ele) { return ele.id; }),
|
|
251
|
+
},
|
|
252
|
+
} : { id: data.id };
|
|
253
|
+
}
|
|
254
|
+
(0, assert_1.default)(filter3);
|
|
255
|
+
(0, assert_1.default)(!(filter2 instanceof Promise));
|
|
256
|
+
if ((0, filter_1.checkFilterContains)(entity, context, filter2, filter3, true)) {
|
|
257
|
+
return;
|
|
258
|
+
}
|
|
259
|
+
throw new Exception_1.OakUserUnpermittedException(errMsg_4);
|
|
260
|
+
};
|
|
261
|
+
return {
|
|
262
|
+
fn: fn,
|
|
263
|
+
when: when,
|
|
264
|
+
};
|
|
265
|
+
}
|
|
266
|
+
case 'logical':
|
|
267
|
+
case 'logicalRelation': {
|
|
268
|
+
var checkerFn_4 = checker.checker;
|
|
269
|
+
var fn = function (operation, context, option) {
|
|
270
|
+
if (context.isRoot() && type === 'logicalRelation') {
|
|
271
|
+
return;
|
|
272
|
+
}
|
|
273
|
+
checkerFn_4(operation, context, option);
|
|
274
|
+
};
|
|
275
|
+
return {
|
|
276
|
+
fn: fn,
|
|
277
|
+
when: when,
|
|
278
|
+
};
|
|
279
|
+
}
|
|
280
|
+
default: {
|
|
281
|
+
(0, assert_1.default)(false);
|
|
282
|
+
}
|
|
283
|
+
}
|
|
284
|
+
}
|
|
285
|
+
exports.translateCheckerInSyncContext = translateCheckerInSyncContext;
|
|
286
|
+
function translateCascadeRelationFilterMaker(schema, lch, entity2) {
|
|
287
|
+
var cascadePath = lch.cascadePath, relations = lch.relations;
|
|
288
|
+
var paths = cascadePath.split('.');
|
|
289
|
+
var translateRelationFilter = function (entity) {
|
|
290
|
+
// 有两种情况,此entity和user有Relation定义,或是此entity上有userId
|
|
291
|
+
if (schema[entity].relation) {
|
|
292
|
+
var relationEntityName_1 = "user".concat((0, string_1.firstLetterUpperCase)(entity));
|
|
293
|
+
return function (userId) {
|
|
294
|
+
var _a;
|
|
295
|
+
var filter = relations ? {
|
|
296
|
+
userId: userId,
|
|
297
|
+
relation: {
|
|
298
|
+
$in: relations,
|
|
299
|
+
},
|
|
300
|
+
} : {
|
|
301
|
+
userId: userId,
|
|
302
|
+
};
|
|
303
|
+
return {
|
|
304
|
+
id: {
|
|
305
|
+
$in: {
|
|
306
|
+
entity: relationEntityName_1,
|
|
307
|
+
data: (_a = {},
|
|
308
|
+
_a["".concat(entity, "Id")] = 1,
|
|
309
|
+
_a),
|
|
310
|
+
filter: filter,
|
|
311
|
+
},
|
|
312
|
+
},
|
|
313
|
+
};
|
|
314
|
+
};
|
|
315
|
+
}
|
|
316
|
+
var attributes = schema[entity].attributes;
|
|
317
|
+
(0, assert_1.default)(attributes.hasOwnProperty('userId') && attributes.userId.type === 'ref' && attributes.userId.ref === 'user', "\u5728".concat(entity, "\u4E0A\u65E2\u627E\u4E0D\u5230userId\uFF0C\u4E5F\u6CA1\u6709relation\u5B9A\u4E49"));
|
|
318
|
+
return function (userId) { return ({
|
|
319
|
+
userId: userId,
|
|
320
|
+
}); };
|
|
321
|
+
};
|
|
322
|
+
var translateFilterMakerIter = function (entity, iter) {
|
|
323
|
+
var relation = (0, relation_1.judgeRelation)(schema, entity, paths[iter]);
|
|
324
|
+
if (iter === paths.length - 1) {
|
|
325
|
+
if (relation === 2) {
|
|
326
|
+
var filterMaker_1 = translateRelationFilter(paths[iter]);
|
|
327
|
+
return function (userId) {
|
|
328
|
+
var _a;
|
|
329
|
+
var filter = filterMaker_1(userId);
|
|
330
|
+
if (filter.$in) {
|
|
331
|
+
return {
|
|
332
|
+
entity: paths[iter],
|
|
333
|
+
entityId: filter,
|
|
334
|
+
};
|
|
335
|
+
}
|
|
336
|
+
return _a = {},
|
|
337
|
+
_a[paths[iter]] = filter,
|
|
338
|
+
_a;
|
|
339
|
+
};
|
|
340
|
+
}
|
|
341
|
+
(0, assert_1.default)(typeof relation === 'string');
|
|
342
|
+
var filterMaker_2 = translateRelationFilter(relation);
|
|
343
|
+
return function (userId) {
|
|
344
|
+
var _a, _b;
|
|
345
|
+
var filter = filterMaker_2(userId);
|
|
346
|
+
if (filter.$in) {
|
|
347
|
+
return _a = {},
|
|
348
|
+
_a["".concat(paths[iter], "Id")] = filter,
|
|
349
|
+
_a;
|
|
350
|
+
}
|
|
351
|
+
return _b = {},
|
|
352
|
+
_b[paths[iter]] = filter,
|
|
353
|
+
_b;
|
|
354
|
+
};
|
|
355
|
+
}
|
|
356
|
+
else {
|
|
357
|
+
var subFilterMaker_1 = translateFilterMakerIter(paths[iter], iter + 1);
|
|
358
|
+
if (iter === 0) {
|
|
359
|
+
return function (userId) {
|
|
360
|
+
var _a;
|
|
361
|
+
var subFilter = subFilterMaker_1(userId);
|
|
362
|
+
return _a = {},
|
|
363
|
+
_a[paths[iter]] = subFilter,
|
|
364
|
+
_a;
|
|
365
|
+
};
|
|
366
|
+
}
|
|
367
|
+
return function (userId) {
|
|
368
|
+
var _a;
|
|
369
|
+
return (_a = {},
|
|
370
|
+
_a[paths[iter]] = subFilterMaker_1(userId),
|
|
371
|
+
_a);
|
|
372
|
+
};
|
|
373
|
+
}
|
|
374
|
+
};
|
|
375
|
+
var filter = cascadePath ? translateFilterMakerIter(entity2, 0) : translateRelationFilter(entity2);
|
|
376
|
+
return filter;
|
|
377
|
+
}
|
|
378
|
+
function translateActionAuthFilterMaker(schema, relationItem, entity) {
|
|
379
|
+
if (relationItem instanceof Array) {
|
|
380
|
+
var maker_1 = relationItem.map(function (ele) {
|
|
381
|
+
if (ele instanceof Array) {
|
|
382
|
+
return ele.map(function (ele2) { return translateCascadeRelationFilterMaker(schema, ele2, entity); });
|
|
383
|
+
}
|
|
384
|
+
return [translateCascadeRelationFilterMaker(schema, ele, entity)];
|
|
385
|
+
});
|
|
386
|
+
return function (userId) { return ({
|
|
387
|
+
$or: maker_1.map(function (ele) { return ({
|
|
388
|
+
$and: ele.map(function (ele2) { return ele2(userId); })
|
|
389
|
+
}); })
|
|
390
|
+
}); };
|
|
391
|
+
}
|
|
392
|
+
var filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity);
|
|
393
|
+
return function (userId) { return filterMaker(userId); };
|
|
394
|
+
}
|
|
395
|
+
function createAuthCheckers(schema, authDict) {
|
|
396
|
+
var checkers = [];
|
|
397
|
+
var _loop_1 = function (entity) {
|
|
398
|
+
var _a;
|
|
399
|
+
if (authDict[entity]) {
|
|
400
|
+
var _b = authDict[entity], relationAuth = _b.relationAuth, actionAuth = _b.actionAuth;
|
|
401
|
+
if (relationAuth) {
|
|
402
|
+
var raFilterMakerDict_1 = {};
|
|
403
|
+
for (var r in relationAuth) {
|
|
404
|
+
Object.assign(raFilterMakerDict_1, (_a = {},
|
|
405
|
+
_a[r] = translateActionAuthFilterMaker(schema, relationAuth[r], entity),
|
|
406
|
+
_a));
|
|
407
|
+
}
|
|
408
|
+
var userEntityName_1 = "user".concat((0, string_1.firstLetterUpperCase)(entity));
|
|
409
|
+
var entityIdAttr_1 = "".concat(entity, "Id");
|
|
410
|
+
checkers.push({
|
|
411
|
+
entity: userEntityName_1,
|
|
412
|
+
action: 'create',
|
|
413
|
+
type: 'relation',
|
|
414
|
+
relationFilter: function (operation, context) {
|
|
415
|
+
var _a;
|
|
416
|
+
var data = operation.data;
|
|
417
|
+
(0, assert_1.default)(!(data instanceof Array));
|
|
418
|
+
var _b = data, relation = _b.relation, _c = entityIdAttr_1, entityId = _b[_c];
|
|
419
|
+
var userId = context.getCurrentUserId();
|
|
420
|
+
if (!raFilterMakerDict_1[relation]) {
|
|
421
|
+
return;
|
|
422
|
+
}
|
|
423
|
+
var filter = raFilterMakerDict_1[relation](userId);
|
|
424
|
+
return _a = {},
|
|
425
|
+
_a[entity] = filter,
|
|
426
|
+
_a;
|
|
427
|
+
},
|
|
428
|
+
errMsg: '越权操作',
|
|
429
|
+
});
|
|
430
|
+
checkers.push({
|
|
431
|
+
entity: userEntityName_1,
|
|
432
|
+
action: 'remove',
|
|
433
|
+
type: 'relation',
|
|
434
|
+
relationFilter: function (operation, context) {
|
|
435
|
+
var _a;
|
|
436
|
+
var userId = context.getCurrentUserId();
|
|
437
|
+
var filter = operation.filter;
|
|
438
|
+
var makeFilterFromRows = function (rows) {
|
|
439
|
+
var relations = (0, lodash_1.uniq)(rows.map(function (ele) { return ele.relation; }));
|
|
440
|
+
var entityIds = (0, lodash_1.uniq)(rows.map(function (ele) { return ele[entityIdAttr_1]; }));
|
|
441
|
+
(0, assert_1.default)(entityIds.length === 1, "\u5728\u56DE\u6536".concat(userEntityName_1, "\u4E0A\u6743\u9650\u65F6\uFF0C\u5355\u6B21\u56DE\u6536\u6D89\u53CA\u5230\u4E86\u4E0D\u540C\u7684\u5BF9\u8C61\uFF0C\u6B64\u64CD\u4F5C\u4E0D\u88AB\u5141\u8BB8"));
|
|
442
|
+
// const entityId = entityIds[0]!;
|
|
443
|
+
// 所有的relation条件要同时满足and关系(注意这里的filter翻译出来是在entity对象上,不是在userEntity对象上)
|
|
444
|
+
return {
|
|
445
|
+
$and: relations.map(function (relation) { return raFilterMakerDict_1[relation]; }).filter(function (ele) { return !!ele; }).map(function (ele) {
|
|
446
|
+
var _a;
|
|
447
|
+
return (_a = {},
|
|
448
|
+
_a[entity] = ele(userId),
|
|
449
|
+
_a);
|
|
450
|
+
})
|
|
451
|
+
};
|
|
452
|
+
};
|
|
453
|
+
var toBeRemoved = context.select(userEntityName_1, {
|
|
454
|
+
data: (_a = {
|
|
455
|
+
id: 1,
|
|
456
|
+
relation: 1
|
|
457
|
+
},
|
|
458
|
+
_a[entityIdAttr_1] = 1,
|
|
459
|
+
_a),
|
|
460
|
+
filter: filter,
|
|
461
|
+
}, { dontCollect: true });
|
|
462
|
+
if (toBeRemoved instanceof Promise) {
|
|
463
|
+
return toBeRemoved.then(function (rows) { return makeFilterFromRows(rows); });
|
|
464
|
+
}
|
|
465
|
+
return makeFilterFromRows(toBeRemoved);
|
|
466
|
+
},
|
|
467
|
+
errMsg: '越权操作',
|
|
468
|
+
});
|
|
469
|
+
// 转让权限现在用update动作,只允许update userId给其它人
|
|
470
|
+
// todo 等实现的时候再写
|
|
471
|
+
}
|
|
472
|
+
if (actionAuth) {
|
|
473
|
+
var _loop_2 = function (a) {
|
|
474
|
+
var filterMaker = translateActionAuthFilterMaker(schema, actionAuth[a], entity);
|
|
475
|
+
checkers.push({
|
|
476
|
+
entity: entity,
|
|
477
|
+
action: a,
|
|
478
|
+
type: 'relation',
|
|
479
|
+
relationFilter: function (operation, context) {
|
|
480
|
+
// const { filter } = operation;
|
|
481
|
+
var filter = filterMaker(context.getCurrentUserId());
|
|
482
|
+
return filter;
|
|
483
|
+
},
|
|
484
|
+
errMsg: '定义的actionAuth中检查出来越权操作',
|
|
485
|
+
});
|
|
486
|
+
};
|
|
487
|
+
for (var a in actionAuth) {
|
|
488
|
+
_loop_2(a);
|
|
489
|
+
}
|
|
490
|
+
}
|
|
491
|
+
}
|
|
492
|
+
};
|
|
493
|
+
for (var entity in schema) {
|
|
494
|
+
_loop_1(entity);
|
|
495
|
+
}
|
|
496
|
+
return checkers;
|
|
497
|
+
}
|
|
498
|
+
exports.createAuthCheckers = createAuthCheckers;
|