oak-domain 2.6.2 → 2.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/base-app-domain/Modi/Storage.js +2 -4
- package/lib/base-app-domain/User/Storage.js +2 -4
- package/lib/compiler/schemalBuilder.js +74 -77
- package/lib/store/CascadeStore.js +39 -33
- package/lib/store/checker.d.ts +2 -2
- package/lib/store/checker.js +387 -151
- package/lib/store/filter.js +7 -15
- package/lib/types/Auth.d.ts +10 -10
- package/lib/types/Exception.d.ts +6 -0
- package/lib/types/Exception.js +25 -1
- package/lib/types/Polyfill.d.ts +1 -0
- package/lib/types/Storage.d.ts +1 -0
- package/lib/utils/validator.d.ts +3 -2
- package/package.json +1 -1
package/lib/store/checker.js
CHANGED
|
@@ -13,8 +13,8 @@ var relation_1 = require("./relation");
|
|
|
13
13
|
var uuid_1 = require("../utils/uuid");
|
|
14
14
|
function translateCheckerInAsyncContext(checker) {
|
|
15
15
|
var _this = this;
|
|
16
|
-
var entity = checker.entity, type = checker.type
|
|
17
|
-
var when =
|
|
16
|
+
var entity = checker.entity, type = checker.type;
|
|
17
|
+
var when = 'before'; // 现在create的relation改成提前的expression检查了,原先是先插入再后检查,性能不行,而且select也需要实现前检查
|
|
18
18
|
switch (type) {
|
|
19
19
|
case 'data': {
|
|
20
20
|
var checkerFn_1 = checker.checker;
|
|
@@ -102,44 +102,36 @@ function translateCheckerInAsyncContext(checker) {
|
|
|
102
102
|
};
|
|
103
103
|
}
|
|
104
104
|
case 'relation': {
|
|
105
|
-
var relationFilter_1 = checker.relationFilter,
|
|
105
|
+
var relationFilter_1 = checker.relationFilter, errMsg = checker.errMsg;
|
|
106
106
|
var fn = (function (_a, context, option) {
|
|
107
107
|
var operation = _a.operation;
|
|
108
108
|
return tslib_1.__awaiter(_this, void 0, void 0, function () {
|
|
109
|
-
var
|
|
110
|
-
return tslib_1.__generator(this, function (
|
|
111
|
-
switch (
|
|
109
|
+
var result, _b;
|
|
110
|
+
return tslib_1.__generator(this, function (_c) {
|
|
111
|
+
switch (_c.label) {
|
|
112
112
|
case 0:
|
|
113
113
|
if (context.isRoot()) {
|
|
114
114
|
return [2 /*return*/, 0];
|
|
115
115
|
}
|
|
116
|
-
if (!(
|
|
116
|
+
if (!(typeof relationFilter_1 === 'function')) return [3 /*break*/, 2];
|
|
117
117
|
return [4 /*yield*/, relationFilter_1(operation, context, option)];
|
|
118
118
|
case 1:
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
filter = data instanceof Array ? {
|
|
122
|
-
id: {
|
|
123
|
-
$in: data.map(function (ele) { return ele.id; }),
|
|
124
|
-
},
|
|
125
|
-
} : {
|
|
126
|
-
id: data.id,
|
|
127
|
-
};
|
|
128
|
-
return [4 /*yield*/, (0, filter_1.checkFilterContains)(entity, context, filter2, filter, true)];
|
|
119
|
+
_b = _c.sent();
|
|
120
|
+
return [3 /*break*/, 3];
|
|
129
121
|
case 2:
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
}
|
|
133
|
-
throw new Exception_1.OakUserUnpermittedException(errMsg_2);
|
|
122
|
+
_b = relationFilter_1;
|
|
123
|
+
_c.label = 3;
|
|
134
124
|
case 3:
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
125
|
+
result = _b;
|
|
126
|
+
if (result) {
|
|
127
|
+
if (operation.action === 'create') {
|
|
128
|
+
console.warn("".concat(entity, "\u5BF9\u8C61\u7684create\u7C7B\u578B\u7684checker\u4E2D\uFF0C\u5B58\u5728\u65E0\u6CD5\u8F6C\u6362\u4E3A\u8868\u8FBE\u5F0F\u5F62\u5F0F\u7684\u60C5\u51B5\uFF0C\u8BF7\u5C3D\u91CF\u4F7F\u7528authDef\u683C\u5F0F\u5B9A\u4E49\u8FD9\u7C7Bchecker"));
|
|
129
|
+
}
|
|
130
|
+
else {
|
|
131
|
+
operation.filter = (0, filter_1.combineFilters)([operation.filter, result]);
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
return [2 /*return*/, 0];
|
|
143
135
|
}
|
|
144
136
|
});
|
|
145
137
|
});
|
|
@@ -181,8 +173,8 @@ function translateCheckerInAsyncContext(checker) {
|
|
|
181
173
|
}
|
|
182
174
|
exports.translateCheckerInAsyncContext = translateCheckerInAsyncContext;
|
|
183
175
|
function translateCheckerInSyncContext(checker) {
|
|
184
|
-
var entity = checker.entity, type = checker.type
|
|
185
|
-
var when =
|
|
176
|
+
var entity = checker.entity, type = checker.type;
|
|
177
|
+
var when = 'before'; // 现在create的relation改成提前的expression检查了,原先是先插入再后检查,性能不行,而且select也需要实现前检查
|
|
186
178
|
switch (type) {
|
|
187
179
|
case 'data': {
|
|
188
180
|
var checkerFn_3 = checker.checker;
|
|
@@ -193,7 +185,7 @@ function translateCheckerInSyncContext(checker) {
|
|
|
193
185
|
};
|
|
194
186
|
}
|
|
195
187
|
case 'row': {
|
|
196
|
-
var filter_3 = checker.filter,
|
|
188
|
+
var filter_3 = checker.filter, errMsg_2 = checker.errMsg;
|
|
197
189
|
var fn = function (operation, context, option) {
|
|
198
190
|
var operationFilter = operation.filter, action = operation.action;
|
|
199
191
|
var filter2 = typeof filter_3 === 'function' ? filter_3(operation, context, option) : filter_3;
|
|
@@ -207,7 +199,7 @@ function translateCheckerInSyncContext(checker) {
|
|
|
207
199
|
if ((0, filter_1.checkFilterContains)(entity, context, filter2, operationFilter, true)) {
|
|
208
200
|
return;
|
|
209
201
|
}
|
|
210
|
-
var e = new Exception_1.OakRowInconsistencyException(undefined,
|
|
202
|
+
var e = new Exception_1.OakRowInconsistencyException(undefined, errMsg_2);
|
|
211
203
|
throw e;
|
|
212
204
|
}
|
|
213
205
|
};
|
|
@@ -217,28 +209,25 @@ function translateCheckerInSyncContext(checker) {
|
|
|
217
209
|
};
|
|
218
210
|
}
|
|
219
211
|
case 'relation': {
|
|
220
|
-
var relationFilter_2 = checker.relationFilter,
|
|
212
|
+
var relationFilter_2 = checker.relationFilter, errMsg_3 = checker.errMsg;
|
|
221
213
|
var fn = function (operation, context, option) {
|
|
222
214
|
if (context.isRoot()) {
|
|
223
215
|
return;
|
|
224
216
|
}
|
|
225
|
-
var
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
if ((0, filter_1.checkFilterContains)(entity, context, filter2, filter3, true)) {
|
|
239
|
-
return;
|
|
217
|
+
var result = typeof relationFilter_2 === 'function' ? relationFilter_2(operation, context, option) : relationFilter_2;
|
|
218
|
+
(0, assert_1.default)(!(result instanceof Promise));
|
|
219
|
+
if (result) {
|
|
220
|
+
var filter = operation.filter, action = operation.action;
|
|
221
|
+
if (action === 'create') {
|
|
222
|
+
console.warn("".concat(entity, "\u5BF9\u8C61\u7684create\u7C7B\u578B\u7684checker\u4E2D\uFF0C\u5B58\u5728\u65E0\u6CD5\u8F6C\u6362\u4E3A\u8868\u8FBE\u5F0F\u5F62\u5F0F\u7684\u60C5\u51B5\uFF0C\u8BF7\u5C3D\u91CF\u4F7F\u7528authDef\u683C\u5F0F\u5B9A\u4E49\u8FD9\u7C7Bchecker"));
|
|
223
|
+
return;
|
|
224
|
+
}
|
|
225
|
+
(0, assert_1.default)(filter);
|
|
226
|
+
if ((0, filter_1.checkFilterContains)(entity, context, result, filter, true)) {
|
|
227
|
+
return;
|
|
228
|
+
}
|
|
229
|
+
throw new Exception_1.OakUserUnpermittedException(errMsg_3);
|
|
240
230
|
}
|
|
241
|
-
throw new Exception_1.OakUserUnpermittedException(errMsg_4);
|
|
242
231
|
};
|
|
243
232
|
return {
|
|
244
233
|
fn: fn,
|
|
@@ -265,9 +254,12 @@ function translateCheckerInSyncContext(checker) {
|
|
|
265
254
|
}
|
|
266
255
|
}
|
|
267
256
|
exports.translateCheckerInSyncContext = translateCheckerInSyncContext;
|
|
268
|
-
function translateCascadeRelationFilterMaker(schema, lch, entity2) {
|
|
257
|
+
function translateCascadeRelationFilterMaker(schema, lch, entity2, pathPrefix) {
|
|
269
258
|
var cascadePath = lch.cascadePath, relations = lch.relations;
|
|
270
|
-
var paths = cascadePath.split('.');
|
|
259
|
+
var paths = cascadePath ? cascadePath.split('.') : [];
|
|
260
|
+
if (pathPrefix) {
|
|
261
|
+
paths.unshift(pathPrefix);
|
|
262
|
+
}
|
|
271
263
|
var translateRelationFilter = function (entity) {
|
|
272
264
|
// 有两种情况,此entity和user有Relation定义,或是此entity已经指向user
|
|
273
265
|
if (entity === 'user') {
|
|
@@ -312,11 +304,12 @@ function translateCascadeRelationFilterMaker(schema, lch, entity2) {
|
|
|
312
304
|
};
|
|
313
305
|
var translateFilterMakerIter = function (entity, iter) {
|
|
314
306
|
var relation = (0, relation_1.judgeRelation)(schema, entity, paths[iter]);
|
|
307
|
+
(0, assert_1.default)(relation === 2 || typeof relation === 'string');
|
|
315
308
|
if (iter === paths.length - 1) {
|
|
316
309
|
if (relation === 2) {
|
|
317
|
-
var
|
|
310
|
+
var filterMaker2_1 = translateRelationFilter(paths[iter]);
|
|
318
311
|
return function (userId) {
|
|
319
|
-
var filter =
|
|
312
|
+
var filter = filterMaker2_1(userId);
|
|
320
313
|
(0, assert_1.default)(filter.id);
|
|
321
314
|
return {
|
|
322
315
|
entity: paths[iter],
|
|
@@ -324,11 +317,10 @@ function translateCascadeRelationFilterMaker(schema, lch, entity2) {
|
|
|
324
317
|
};
|
|
325
318
|
};
|
|
326
319
|
}
|
|
327
|
-
|
|
328
|
-
var filterMaker_2 = translateRelationFilter(relation);
|
|
320
|
+
var filterMaker2_2 = translateRelationFilter(relation);
|
|
329
321
|
return function (userId) {
|
|
330
322
|
var _a;
|
|
331
|
-
var filter =
|
|
323
|
+
var filter = filterMaker2_2(userId);
|
|
332
324
|
(0, assert_1.default)(filter.id);
|
|
333
325
|
return _a = {},
|
|
334
326
|
_a["".concat(paths[iter], "Id")] = filter.id,
|
|
@@ -336,43 +328,272 @@ function translateCascadeRelationFilterMaker(schema, lch, entity2) {
|
|
|
336
328
|
};
|
|
337
329
|
}
|
|
338
330
|
else {
|
|
339
|
-
var
|
|
340
|
-
if (iter === 0) {
|
|
341
|
-
return function (userId) {
|
|
342
|
-
var _a;
|
|
343
|
-
var subFilter = subFilterMaker_1(userId);
|
|
344
|
-
return _a = {},
|
|
345
|
-
_a[paths[iter]] = subFilter,
|
|
346
|
-
_a;
|
|
347
|
-
};
|
|
348
|
-
}
|
|
331
|
+
var filterMaker_1 = relation === 2 ? translateFilterMakerIter(paths[iter], iter + 1) : translateFilterMakerIter(relation, iter + 1);
|
|
349
332
|
return function (userId) {
|
|
350
333
|
var _a;
|
|
351
334
|
return (_a = {},
|
|
352
|
-
_a[paths[iter]] =
|
|
335
|
+
_a[paths[iter]] = filterMaker_1(userId),
|
|
353
336
|
_a);
|
|
354
337
|
};
|
|
355
338
|
}
|
|
356
339
|
};
|
|
357
|
-
var
|
|
358
|
-
|
|
340
|
+
var filterMaker = paths.length ? translateFilterMakerIter(entity2, 0) : translateRelationFilter(entity2);
|
|
341
|
+
if (!paths.length) {
|
|
342
|
+
return function (oper, userId) { return filterMaker(userId); };
|
|
343
|
+
}
|
|
344
|
+
/**
|
|
345
|
+
* 针对第一层做一下特别优化,比如对象A指向对象B(多对一),如果A的cascadePath是 'B',
|
|
346
|
+
* 当create A时,会带有Bid。此时生成该B对象上的相关表达式查询返回,可以避免必须将此判定在对象创建之后再做
|
|
347
|
+
* 另一使用场景是,在查询A时,如果带有Bid(在对象跳一对多子对象场景下很常见),可以提前判定这个查询对某些用户一定返回空集
|
|
348
|
+
*/
|
|
349
|
+
var _a = tslib_1.__read(paths, 1), attr = _a[0];
|
|
350
|
+
var relation = (0, relation_1.judgeRelation)(schema, entity2, attr);
|
|
351
|
+
(0, assert_1.default)(relation === 2 || typeof relation === 'string');
|
|
352
|
+
var filterMaker2 = paths.length > 1
|
|
353
|
+
? (relation === 2 ? translateFilterMakerIter(attr, 1) : translateFilterMakerIter(relation, 1))
|
|
354
|
+
: (relation === 2 ? translateRelationFilter(attr) : translateRelationFilter(relation));
|
|
355
|
+
return function (operation, userId) {
|
|
356
|
+
var action = operation.action;
|
|
357
|
+
if (action === 'create') {
|
|
358
|
+
var data = operation.data;
|
|
359
|
+
var getForeignKeyId_1 = function (d) {
|
|
360
|
+
if (relation === 2) {
|
|
361
|
+
if (d.entity === attr && typeof d.entityId === 'string') {
|
|
362
|
+
return d.entitId;
|
|
363
|
+
}
|
|
364
|
+
throw new Exception_1.OakUserUnpermittedException();
|
|
365
|
+
}
|
|
366
|
+
else {
|
|
367
|
+
(0, assert_1.default)(typeof relation === 'string');
|
|
368
|
+
if (typeof d["".concat(attr, "Id")] === 'string') {
|
|
369
|
+
return d["".concat(attr, "Id")];
|
|
370
|
+
}
|
|
371
|
+
throw new Exception_1.OakUserUnpermittedException();
|
|
372
|
+
}
|
|
373
|
+
};
|
|
374
|
+
if (relation === 2) {
|
|
375
|
+
if (data instanceof Array) {
|
|
376
|
+
var fkIds = (0, lodash_1.uniq)(data.map(function (d) { return getForeignKeyId_1(d); }));
|
|
377
|
+
return {
|
|
378
|
+
$entity: attr,
|
|
379
|
+
$filter: (0, filter_1.addFilterSegment)(filterMaker2(userId), { id: { $in: fkIds } }),
|
|
380
|
+
$count: fkIds.length,
|
|
381
|
+
};
|
|
382
|
+
}
|
|
383
|
+
var fkId_1 = getForeignKeyId_1(data);
|
|
384
|
+
return {
|
|
385
|
+
$entity: attr,
|
|
386
|
+
$filter: (0, filter_1.addFilterSegment)(filterMaker2(userId), { id: fkId_1 }),
|
|
387
|
+
};
|
|
388
|
+
}
|
|
389
|
+
(0, assert_1.default)(typeof relation === 'string');
|
|
390
|
+
if (data instanceof Array) {
|
|
391
|
+
var fkIds = (0, lodash_1.uniq)(data.map(function (d) { return getForeignKeyId_1(d); }));
|
|
392
|
+
return {
|
|
393
|
+
$entity: relation,
|
|
394
|
+
$filter: (0, filter_1.addFilterSegment)(filterMaker2(userId), { id: { $in: fkIds } }),
|
|
395
|
+
$count: fkIds.length,
|
|
396
|
+
};
|
|
397
|
+
}
|
|
398
|
+
var fkId = getForeignKeyId_1(data);
|
|
399
|
+
return {
|
|
400
|
+
$entity: relation,
|
|
401
|
+
$filter: (0, filter_1.addFilterSegment)(filterMaker2(userId), { id: fkId }),
|
|
402
|
+
};
|
|
403
|
+
}
|
|
404
|
+
var filter = operation.filter;
|
|
405
|
+
if (relation === 2 && (filter === null || filter === void 0 ? void 0 : filter.entity) === attr && (filter === null || filter === void 0 ? void 0 : filter.entityId)) {
|
|
406
|
+
if (typeof filter.entityId === 'string') {
|
|
407
|
+
return {
|
|
408
|
+
$entity: attr,
|
|
409
|
+
$filter: (0, filter_1.addFilterSegment)(filterMaker2(userId), { id: filter.entityId }),
|
|
410
|
+
};
|
|
411
|
+
}
|
|
412
|
+
else if (filter.entityId.$in && filter.entityId.$in instanceof Array) {
|
|
413
|
+
var entityIds = (0, lodash_1.uniq)(filter.entityId.$in);
|
|
414
|
+
return {
|
|
415
|
+
$entity: relation,
|
|
416
|
+
$filter: (0, filter_1.addFilterSegment)(filterMaker2(userId), { id: { $in: entityIds } }),
|
|
417
|
+
$count: entityIds.length,
|
|
418
|
+
};
|
|
419
|
+
}
|
|
420
|
+
}
|
|
421
|
+
else if (filter && filter["".concat(attr, "Id")]) {
|
|
422
|
+
if (typeof filter["".concat(attr, "Id")] === 'string') {
|
|
423
|
+
return {
|
|
424
|
+
$entity: attr,
|
|
425
|
+
$filter: (0, filter_1.addFilterSegment)(filterMaker2(userId), { id: filter["".concat(attr, "Id")] }),
|
|
426
|
+
};
|
|
427
|
+
}
|
|
428
|
+
else if (filter["".concat(attr, "Id")].$in && filter["".concat(attr, "Id")].$in instanceof Array) {
|
|
429
|
+
var entityIds = (0, lodash_1.uniq)(filter["".concat(attr, "Id")].$in);
|
|
430
|
+
return {
|
|
431
|
+
$entity: relation,
|
|
432
|
+
$filter: (0, filter_1.addFilterSegment)(filterMaker2(userId), { id: { $in: entityIds } }),
|
|
433
|
+
$count: entityIds.length,
|
|
434
|
+
};
|
|
435
|
+
}
|
|
436
|
+
}
|
|
437
|
+
return filterMaker(userId);
|
|
438
|
+
};
|
|
359
439
|
}
|
|
360
|
-
function translateActionAuthFilterMaker(schema, relationItem, entity) {
|
|
440
|
+
function translateActionAuthFilterMaker(schema, relationItem, entity, pathPrefix) {
|
|
361
441
|
if (relationItem instanceof Array) {
|
|
362
|
-
var
|
|
442
|
+
var maker = relationItem.map(function (ele) {
|
|
363
443
|
if (ele instanceof Array) {
|
|
364
|
-
return ele.map(function (ele2) { return translateCascadeRelationFilterMaker(schema, ele2, entity); });
|
|
444
|
+
return ele.map(function (ele2) { return translateCascadeRelationFilterMaker(schema, ele2, entity, pathPrefix); });
|
|
365
445
|
}
|
|
366
|
-
return
|
|
446
|
+
return translateCascadeRelationFilterMaker(schema, ele, entity, pathPrefix);
|
|
367
447
|
});
|
|
368
|
-
return
|
|
369
|
-
$or: maker_1.map(function (ele) { return ({
|
|
370
|
-
$and: ele.map(function (ele2) { return ele2(userId); })
|
|
371
|
-
}); })
|
|
372
|
-
}); };
|
|
448
|
+
return maker;
|
|
373
449
|
}
|
|
374
|
-
var filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity);
|
|
375
|
-
return
|
|
450
|
+
var filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity, pathPrefix);
|
|
451
|
+
return filterMaker;
|
|
452
|
+
}
|
|
453
|
+
function makePotentialFilter(operation, context, filterMaker) {
|
|
454
|
+
var e_1, _a;
|
|
455
|
+
var userId = context.getCurrentUserId();
|
|
456
|
+
(0, assert_1.default)(userId);
|
|
457
|
+
var filters = filterMaker instanceof Array ? filterMaker.map(function (ele) {
|
|
458
|
+
if (ele instanceof Array) {
|
|
459
|
+
return ele.map(function (ele2) { return ele2(operation, userId); });
|
|
460
|
+
}
|
|
461
|
+
return ele(operation, userId);
|
|
462
|
+
}) : [filterMaker(operation, userId)];
|
|
463
|
+
/**
|
|
464
|
+
* 在下面的逻辑中,如果某个maker返回的是$entity类型,则检查是否有满足条件的项,没有就要抛出异常,有就返回undefined
|
|
465
|
+
* undefined项即意味着该条件通过
|
|
466
|
+
* 再加上and和or的布尔逻辑判断,得到最终结果
|
|
467
|
+
* 还要考虑同步和异步……
|
|
468
|
+
* 代码比较复杂,因为原先没有$entity这种返回结果的设计
|
|
469
|
+
* by Xc 20130219
|
|
470
|
+
*/
|
|
471
|
+
var filtersOr = [];
|
|
472
|
+
var isAsyncOr = false;
|
|
473
|
+
var _loop_1 = function (f) {
|
|
474
|
+
var e_2, _b;
|
|
475
|
+
if (f instanceof Array) {
|
|
476
|
+
var isAsyncAnd = true;
|
|
477
|
+
var filtersAnd = [];
|
|
478
|
+
var _loop_2 = function (ff) {
|
|
479
|
+
if (ff === null || ff === void 0 ? void 0 : ff.$entity) {
|
|
480
|
+
var _e = ff, $entity = _e.$entity, $filter = _e.$filter, _f = _e.$count, $count_1 = _f === void 0 ? 1 : _f;
|
|
481
|
+
var count = context.count($entity, {
|
|
482
|
+
filter: $filter,
|
|
483
|
+
}, {});
|
|
484
|
+
if (count instanceof Promise) {
|
|
485
|
+
isAsyncAnd = true;
|
|
486
|
+
filtersAnd.push(count.then(function (c2) {
|
|
487
|
+
if (c2 >= $count_1) {
|
|
488
|
+
return undefined;
|
|
489
|
+
}
|
|
490
|
+
return new Exception_1.OakUserUnpermittedException();
|
|
491
|
+
}));
|
|
492
|
+
}
|
|
493
|
+
else {
|
|
494
|
+
filtersAnd.push(count >= $count_1 ? undefined : new Exception_1.OakUserUnpermittedException());
|
|
495
|
+
}
|
|
496
|
+
}
|
|
497
|
+
else if (ff) {
|
|
498
|
+
filtersAnd.push(ff);
|
|
499
|
+
}
|
|
500
|
+
};
|
|
501
|
+
try {
|
|
502
|
+
for (var f_1 = (e_2 = void 0, tslib_1.__values(f)), f_1_1 = f_1.next(); !f_1_1.done; f_1_1 = f_1.next()) {
|
|
503
|
+
var ff = f_1_1.value;
|
|
504
|
+
_loop_2(ff);
|
|
505
|
+
}
|
|
506
|
+
}
|
|
507
|
+
catch (e_2_1) { e_2 = { error: e_2_1 }; }
|
|
508
|
+
finally {
|
|
509
|
+
try {
|
|
510
|
+
if (f_1_1 && !f_1_1.done && (_b = f_1.return)) _b.call(f_1);
|
|
511
|
+
}
|
|
512
|
+
finally { if (e_2) throw e_2.error; }
|
|
513
|
+
}
|
|
514
|
+
if (isAsyncAnd = true) {
|
|
515
|
+
isAsyncOr = true;
|
|
516
|
+
filtersOr.push(isAsyncAnd ? Promise.all(filtersAnd).then(function (fa) {
|
|
517
|
+
var e_3, _a;
|
|
518
|
+
var faR = [];
|
|
519
|
+
try {
|
|
520
|
+
for (var fa_1 = (e_3 = void 0, tslib_1.__values(fa)), fa_1_1 = fa_1.next(); !fa_1_1.done; fa_1_1 = fa_1.next()) {
|
|
521
|
+
var faItem = fa_1_1.value;
|
|
522
|
+
if (faItem instanceof Exception_1.OakUserUnpermittedException) {
|
|
523
|
+
return faItem;
|
|
524
|
+
}
|
|
525
|
+
else if (faItem) {
|
|
526
|
+
faR.push(faItem);
|
|
527
|
+
}
|
|
528
|
+
}
|
|
529
|
+
}
|
|
530
|
+
catch (e_3_1) { e_3 = { error: e_3_1 }; }
|
|
531
|
+
finally {
|
|
532
|
+
try {
|
|
533
|
+
if (fa_1_1 && !fa_1_1.done && (_a = fa_1.return)) _a.call(fa_1);
|
|
534
|
+
}
|
|
535
|
+
finally { if (e_3) throw e_3.error; }
|
|
536
|
+
}
|
|
537
|
+
if (faR.length > 0) {
|
|
538
|
+
return {
|
|
539
|
+
$and: faR,
|
|
540
|
+
};
|
|
541
|
+
}
|
|
542
|
+
}) : {
|
|
543
|
+
$and: filtersAnd,
|
|
544
|
+
});
|
|
545
|
+
}
|
|
546
|
+
}
|
|
547
|
+
else {
|
|
548
|
+
if (f === null || f === void 0 ? void 0 : f.$entity) {
|
|
549
|
+
var _c = f, $entity = _c.$entity, $filter = _c.$filter, _d = _c.$count, $count_2 = _d === void 0 ? 1 : _d;
|
|
550
|
+
var count = context.count($entity, {
|
|
551
|
+
filter: $filter,
|
|
552
|
+
}, {});
|
|
553
|
+
if (count instanceof Promise) {
|
|
554
|
+
isAsyncOr = true;
|
|
555
|
+
filtersOr.push(count.then(function (c2) { return c2 >= $count_2 ? undefined : new Exception_1.OakUserUnpermittedException(); }));
|
|
556
|
+
}
|
|
557
|
+
else {
|
|
558
|
+
filtersOr.push(count >= $count_2 ? undefined : new Exception_1.OakUserUnpermittedException());
|
|
559
|
+
}
|
|
560
|
+
}
|
|
561
|
+
else if (f) {
|
|
562
|
+
filtersOr.push(f);
|
|
563
|
+
}
|
|
564
|
+
}
|
|
565
|
+
};
|
|
566
|
+
try {
|
|
567
|
+
for (var filters_1 = tslib_1.__values(filters), filters_1_1 = filters_1.next(); !filters_1_1.done; filters_1_1 = filters_1.next()) {
|
|
568
|
+
var f = filters_1_1.value;
|
|
569
|
+
_loop_1(f);
|
|
570
|
+
}
|
|
571
|
+
}
|
|
572
|
+
catch (e_1_1) { e_1 = { error: e_1_1 }; }
|
|
573
|
+
finally {
|
|
574
|
+
try {
|
|
575
|
+
if (filters_1_1 && !filters_1_1.done && (_a = filters_1.return)) _a.call(filters_1);
|
|
576
|
+
}
|
|
577
|
+
finally { if (e_1) throw e_1.error; }
|
|
578
|
+
}
|
|
579
|
+
// or的逻辑是,有一个成功就直接通过
|
|
580
|
+
var returnOrFilters = function (filters) {
|
|
581
|
+
if (filters.length === 0 || filters.includes(undefined)) {
|
|
582
|
+
return undefined;
|
|
583
|
+
}
|
|
584
|
+
var foFilters = filters.filter(function (ele) { return ele !== undefined && !(ele instanceof Exception_1.OakUserUnpermittedException); });
|
|
585
|
+
if (foFilters.length > 0) {
|
|
586
|
+
return {
|
|
587
|
+
$or: foFilters,
|
|
588
|
+
};
|
|
589
|
+
}
|
|
590
|
+
throw new Exception_1.OakUserUnpermittedException();
|
|
591
|
+
};
|
|
592
|
+
if (isAsyncOr) {
|
|
593
|
+
return Promise.all(filtersOr)
|
|
594
|
+
.then(function (filters) { return returnOrFilters(filters); });
|
|
595
|
+
}
|
|
596
|
+
return returnOrFilters(filtersOr);
|
|
376
597
|
}
|
|
377
598
|
/**
|
|
378
599
|
* 根据权限定义,创建出相应的checker
|
|
@@ -382,75 +603,90 @@ function translateActionAuthFilterMaker(schema, relationItem, entity) {
|
|
|
382
603
|
*/
|
|
383
604
|
function createAuthCheckers(schema, authDict) {
|
|
384
605
|
var checkers = [];
|
|
385
|
-
var
|
|
606
|
+
var _loop_3 = function (entity) {
|
|
386
607
|
var _a;
|
|
387
608
|
if (authDict[entity]) {
|
|
388
609
|
var _b = authDict[entity], relationAuth = _b.relationAuth, actionAuth = _b.actionAuth;
|
|
389
610
|
if (relationAuth) {
|
|
390
611
|
var raFilterMakerDict_1 = {};
|
|
391
|
-
var
|
|
612
|
+
var userEntityName = "user".concat((0, string_1.firstLetterUpperCase)(entity));
|
|
392
613
|
for (var r in relationAuth) {
|
|
393
614
|
Object.assign(raFilterMakerDict_1, (_a = {},
|
|
394
|
-
_a[r] = translateActionAuthFilterMaker(schema, relationAuth[r], entity),
|
|
615
|
+
_a[r] = translateActionAuthFilterMaker(schema, relationAuth[r], userEntityName, entity),
|
|
395
616
|
_a));
|
|
396
617
|
}
|
|
397
618
|
var entityIdAttr_1 = "".concat(entity, "Id");
|
|
398
619
|
checkers.push({
|
|
399
|
-
entity:
|
|
620
|
+
entity: userEntityName,
|
|
400
621
|
action: 'create',
|
|
401
622
|
type: 'relation',
|
|
402
623
|
relationFilter: function (operation, context) {
|
|
403
|
-
var _a;
|
|
404
624
|
var data = operation.data;
|
|
405
625
|
(0, assert_1.default)(!(data instanceof Array));
|
|
406
|
-
var
|
|
407
|
-
var userId = context.getCurrentUserId();
|
|
626
|
+
var _a = data, relation = _a.relation, _b = entityIdAttr_1, entityId = _a[_b];
|
|
408
627
|
if (!raFilterMakerDict_1[relation]) {
|
|
409
628
|
return;
|
|
410
629
|
}
|
|
411
|
-
var filter = raFilterMakerDict_1[relation]
|
|
412
|
-
return
|
|
413
|
-
_a[entity] = filter,
|
|
414
|
-
_a;
|
|
630
|
+
var filter = makePotentialFilter(operation, context, raFilterMakerDict_1[relation]);
|
|
631
|
+
return filter;
|
|
415
632
|
},
|
|
416
633
|
errMsg: '越权操作',
|
|
417
634
|
});
|
|
418
635
|
checkers.push({
|
|
419
|
-
entity:
|
|
636
|
+
entity: userEntityName,
|
|
420
637
|
action: 'remove',
|
|
421
638
|
type: 'relation',
|
|
422
639
|
relationFilter: function (operation, context) {
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
|
|
429
|
-
|
|
640
|
+
// 目前过不去
|
|
641
|
+
return undefined;
|
|
642
|
+
/* const userId = context.getCurrentUserId();
|
|
643
|
+
const { filter } = operation as ED[keyof ED]['Remove'];
|
|
644
|
+
const makeFilterFromRows = (rows: Partial<ED[keyof ED]['Schema']>[]): SyncOrAsync<ED[keyof ED]['Selection']['filter']> => {
|
|
645
|
+
const relations = uniq(rows.map(ele => ele.relation));
|
|
646
|
+
const entityIds = uniq(rows.map(ele => ele[entityIdAttr]));
|
|
647
|
+
assert(entityIds.length === 1, `在回收${userEntityName}上权限时,单次回收涉及到了不同的对象,此操作不被允许`);
|
|
430
648
|
// const entityId = entityIds[0]!;
|
|
649
|
+
|
|
431
650
|
// 所有的relation条件要同时满足and关系(注意这里的filter翻译出来是在entity对象上,不是在userEntity对象上)
|
|
432
|
-
|
|
433
|
-
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
438
|
-
|
|
439
|
-
|
|
651
|
+
const filtersAnd = relations.map(
|
|
652
|
+
(relation) => raFilterMakerDict[relation!]
|
|
653
|
+
).filter(
|
|
654
|
+
ele => !!ele
|
|
655
|
+
).map(
|
|
656
|
+
ele => makePotentialFilter(operation, context, ele)
|
|
657
|
+
);
|
|
658
|
+
if (filtersAnd.find(ele => ele instanceof Promise)) {
|
|
659
|
+
return Promise.all(filtersAnd).then(
|
|
660
|
+
(fa) => {
|
|
661
|
+
if (fa.length > 0) {
|
|
662
|
+
return {
|
|
663
|
+
$and: fa,
|
|
664
|
+
} as ED[keyof ED]['Selection']['filter'];
|
|
665
|
+
}
|
|
666
|
+
}
|
|
667
|
+
);
|
|
668
|
+
}
|
|
669
|
+
if (filtersAnd.length > 0) {
|
|
670
|
+
return {
|
|
671
|
+
$and: filtersAnd
|
|
672
|
+
} as ED[keyof ED]['Selection']['filter'];
|
|
673
|
+
}
|
|
440
674
|
};
|
|
441
|
-
|
|
442
|
-
|
|
443
|
-
|
|
444
|
-
|
|
445
|
-
|
|
446
|
-
|
|
447
|
-
|
|
448
|
-
filter
|
|
675
|
+
|
|
676
|
+
const toBeRemoved = context.select(userEntityName, {
|
|
677
|
+
data: {
|
|
678
|
+
id: 1,
|
|
679
|
+
relation: 1,
|
|
680
|
+
[entityIdAttr]: 1,
|
|
681
|
+
},
|
|
682
|
+
filter,
|
|
449
683
|
}, { dontCollect: true });
|
|
450
684
|
if (toBeRemoved instanceof Promise) {
|
|
451
|
-
return toBeRemoved.then(
|
|
685
|
+
return toBeRemoved.then(
|
|
686
|
+
(rows) => makeFilterFromRows(rows)
|
|
687
|
+
);
|
|
452
688
|
}
|
|
453
|
-
return makeFilterFromRows(toBeRemoved);
|
|
689
|
+
return makeFilterFromRows(toBeRemoved); */
|
|
454
690
|
},
|
|
455
691
|
errMsg: '越权操作',
|
|
456
692
|
});
|
|
@@ -458,7 +694,7 @@ function createAuthCheckers(schema, authDict) {
|
|
|
458
694
|
// todo 等实现的时候再写
|
|
459
695
|
}
|
|
460
696
|
if (actionAuth) {
|
|
461
|
-
var
|
|
697
|
+
var _loop_4 = function (a) {
|
|
462
698
|
var filterMaker = translateActionAuthFilterMaker(schema, actionAuth[a], entity);
|
|
463
699
|
checkers.push({
|
|
464
700
|
entity: entity,
|
|
@@ -466,20 +702,20 @@ function createAuthCheckers(schema, authDict) {
|
|
|
466
702
|
type: 'relation',
|
|
467
703
|
relationFilter: function (operation, context) {
|
|
468
704
|
// const { filter } = operation;
|
|
469
|
-
var filter =
|
|
705
|
+
var filter = makePotentialFilter(operation, context, filterMaker);
|
|
470
706
|
return filter;
|
|
471
707
|
},
|
|
472
708
|
errMsg: '定义的actionAuth中检查出来越权操作',
|
|
473
709
|
});
|
|
474
710
|
};
|
|
475
711
|
for (var a in actionAuth) {
|
|
476
|
-
|
|
712
|
+
_loop_4(a);
|
|
477
713
|
}
|
|
478
714
|
}
|
|
479
715
|
}
|
|
480
716
|
};
|
|
481
717
|
for (var entity in schema) {
|
|
482
|
-
|
|
718
|
+
_loop_3(entity);
|
|
483
719
|
}
|
|
484
720
|
return checkers;
|
|
485
721
|
}
|
|
@@ -491,7 +727,7 @@ exports.createAuthCheckers = createAuthCheckers;
|
|
|
491
727
|
* 如果有的对象允许删除,需要使用trigger来处理其相关联的外键对象,这些trigger写作before,则会在checker之前执行,仍然可以删除成功
|
|
492
728
|
*/
|
|
493
729
|
function createRemoveCheckers(schema, authDict) {
|
|
494
|
-
var
|
|
730
|
+
var e_4, _a;
|
|
495
731
|
var checkers = [];
|
|
496
732
|
// 先建立所有的一对多的关系
|
|
497
733
|
var OneToManyMatrix = {};
|
|
@@ -506,7 +742,7 @@ function createRemoveCheckers(schema, authDict) {
|
|
|
506
742
|
}
|
|
507
743
|
};
|
|
508
744
|
var addToMtoEntity = function (e, fs) {
|
|
509
|
-
var
|
|
745
|
+
var e_5, _a;
|
|
510
746
|
var _b;
|
|
511
747
|
try {
|
|
512
748
|
for (var fs_1 = tslib_1.__values(fs), fs_1_1 = fs_1.next(); !fs_1_1.done; fs_1_1 = fs_1.next()) {
|
|
@@ -519,12 +755,12 @@ function createRemoveCheckers(schema, authDict) {
|
|
|
519
755
|
}
|
|
520
756
|
}
|
|
521
757
|
}
|
|
522
|
-
catch (
|
|
758
|
+
catch (e_5_1) { e_5 = { error: e_5_1 }; }
|
|
523
759
|
finally {
|
|
524
760
|
try {
|
|
525
761
|
if (fs_1_1 && !fs_1_1.done && (_a = fs_1.return)) _a.call(fs_1);
|
|
526
762
|
}
|
|
527
|
-
finally { if (
|
|
763
|
+
finally { if (e_5) throw e_5.error; }
|
|
528
764
|
}
|
|
529
765
|
};
|
|
530
766
|
for (var entity in schema) {
|
|
@@ -548,16 +784,16 @@ function createRemoveCheckers(schema, authDict) {
|
|
|
548
784
|
}
|
|
549
785
|
// 当删除一时,要确认多上面没有指向一的数据
|
|
550
786
|
var entities = (0, lodash_1.union)(Object.keys(OneToManyMatrix), Object.keys(OneToManyOnEntityMatrix));
|
|
551
|
-
var
|
|
787
|
+
var _loop_5 = function (entity) {
|
|
552
788
|
checkers.push({
|
|
553
789
|
entity: entity,
|
|
554
790
|
action: 'remove',
|
|
555
791
|
type: 'logical',
|
|
556
792
|
checker: function (operation, context, option) {
|
|
557
|
-
var
|
|
793
|
+
var e_6, _a, e_7, _b;
|
|
558
794
|
var promises = [];
|
|
559
795
|
if (OneToManyMatrix[entity]) {
|
|
560
|
-
var
|
|
796
|
+
var _loop_7 = function (otm) {
|
|
561
797
|
var _g, _h;
|
|
562
798
|
var _j = tslib_1.__read(otm, 2), e = _j[0], attr = _j[1];
|
|
563
799
|
var proj = (_g = {
|
|
@@ -594,21 +830,21 @@ function createRemoveCheckers(schema, authDict) {
|
|
|
594
830
|
}
|
|
595
831
|
};
|
|
596
832
|
try {
|
|
597
|
-
for (var _c = (
|
|
833
|
+
for (var _c = (e_6 = void 0, tslib_1.__values(OneToManyMatrix[entity])), _d = _c.next(); !_d.done; _d = _c.next()) {
|
|
598
834
|
var otm = _d.value;
|
|
599
|
-
|
|
835
|
+
_loop_7(otm);
|
|
600
836
|
}
|
|
601
837
|
}
|
|
602
|
-
catch (
|
|
838
|
+
catch (e_6_1) { e_6 = { error: e_6_1 }; }
|
|
603
839
|
finally {
|
|
604
840
|
try {
|
|
605
841
|
if (_d && !_d.done && (_a = _c.return)) _a.call(_c);
|
|
606
842
|
}
|
|
607
|
-
finally { if (
|
|
843
|
+
finally { if (e_6) throw e_6.error; }
|
|
608
844
|
}
|
|
609
845
|
}
|
|
610
846
|
if (OneToManyOnEntityMatrix[entity]) {
|
|
611
|
-
var
|
|
847
|
+
var _loop_8 = function (otm) {
|
|
612
848
|
var _l, _m, _o;
|
|
613
849
|
var proj = {
|
|
614
850
|
id: 1,
|
|
@@ -652,17 +888,17 @@ function createRemoveCheckers(schema, authDict) {
|
|
|
652
888
|
}
|
|
653
889
|
};
|
|
654
890
|
try {
|
|
655
|
-
for (var _e = (
|
|
891
|
+
for (var _e = (e_7 = void 0, tslib_1.__values(OneToManyOnEntityMatrix[entity])), _f = _e.next(); !_f.done; _f = _e.next()) {
|
|
656
892
|
var otm = _f.value;
|
|
657
|
-
|
|
893
|
+
_loop_8(otm);
|
|
658
894
|
}
|
|
659
895
|
}
|
|
660
|
-
catch (
|
|
896
|
+
catch (e_7_1) { e_7 = { error: e_7_1 }; }
|
|
661
897
|
finally {
|
|
662
898
|
try {
|
|
663
899
|
if (_f && !_f.done && (_b = _e.return)) _b.call(_e);
|
|
664
900
|
}
|
|
665
|
-
finally { if (
|
|
901
|
+
finally { if (e_7) throw e_7.error; }
|
|
666
902
|
}
|
|
667
903
|
}
|
|
668
904
|
if (promises.length > 0) {
|
|
@@ -674,23 +910,23 @@ function createRemoveCheckers(schema, authDict) {
|
|
|
674
910
|
try {
|
|
675
911
|
for (var entities_1 = tslib_1.__values(entities), entities_1_1 = entities_1.next(); !entities_1_1.done; entities_1_1 = entities_1.next()) {
|
|
676
912
|
var entity = entities_1_1.value;
|
|
677
|
-
|
|
913
|
+
_loop_5(entity);
|
|
678
914
|
}
|
|
679
915
|
}
|
|
680
|
-
catch (
|
|
916
|
+
catch (e_4_1) { e_4 = { error: e_4_1 }; }
|
|
681
917
|
finally {
|
|
682
918
|
try {
|
|
683
919
|
if (entities_1_1 && !entities_1_1.done && (_a = entities_1.return)) _a.call(entities_1);
|
|
684
920
|
}
|
|
685
|
-
finally { if (
|
|
921
|
+
finally { if (e_4) throw e_4.error; }
|
|
686
922
|
}
|
|
687
|
-
var
|
|
688
|
-
var
|
|
923
|
+
var _loop_6 = function (entity) {
|
|
924
|
+
var e_8, _b;
|
|
689
925
|
var cascadeRemove = authDict[entity].cascadeRemove;
|
|
690
926
|
if (cascadeRemove) {
|
|
691
927
|
var entitiesOnEntityAttr = [];
|
|
692
928
|
var hasAllEntity = false;
|
|
693
|
-
var
|
|
929
|
+
var _loop_9 = function (attr) {
|
|
694
930
|
if (attr === '@entity') {
|
|
695
931
|
hasAllEntity = true;
|
|
696
932
|
return "continue";
|
|
@@ -765,13 +1001,13 @@ function createRemoveCheckers(schema, authDict) {
|
|
|
765
1001
|
}
|
|
766
1002
|
};
|
|
767
1003
|
for (var attr in cascadeRemove) {
|
|
768
|
-
|
|
1004
|
+
_loop_9(attr);
|
|
769
1005
|
}
|
|
770
1006
|
if (hasAllEntity) {
|
|
771
1007
|
var attributes = schema[entity].attributes;
|
|
772
1008
|
var ref = attributes.entity.ref;
|
|
773
1009
|
var restEntities = (0, lodash_1.difference)(ref, entitiesOnEntityAttr);
|
|
774
|
-
var
|
|
1010
|
+
var _loop_10 = function (e) {
|
|
775
1011
|
checkers.push({
|
|
776
1012
|
entity: e,
|
|
777
1013
|
action: 'remove',
|
|
@@ -805,24 +1041,24 @@ function createRemoveCheckers(schema, authDict) {
|
|
|
805
1041
|
});
|
|
806
1042
|
};
|
|
807
1043
|
try {
|
|
808
|
-
for (var restEntities_1 = (
|
|
1044
|
+
for (var restEntities_1 = (e_8 = void 0, tslib_1.__values(restEntities)), restEntities_1_1 = restEntities_1.next(); !restEntities_1_1.done; restEntities_1_1 = restEntities_1.next()) {
|
|
809
1045
|
var e = restEntities_1_1.value;
|
|
810
|
-
|
|
1046
|
+
_loop_10(e);
|
|
811
1047
|
}
|
|
812
1048
|
}
|
|
813
|
-
catch (
|
|
1049
|
+
catch (e_8_1) { e_8 = { error: e_8_1 }; }
|
|
814
1050
|
finally {
|
|
815
1051
|
try {
|
|
816
1052
|
if (restEntities_1_1 && !restEntities_1_1.done && (_b = restEntities_1.return)) _b.call(restEntities_1);
|
|
817
1053
|
}
|
|
818
|
-
finally { if (
|
|
1054
|
+
finally { if (e_8) throw e_8.error; }
|
|
819
1055
|
}
|
|
820
1056
|
}
|
|
821
1057
|
}
|
|
822
1058
|
};
|
|
823
1059
|
// 注入声明的cascade删除时的外键处理动作
|
|
824
1060
|
for (var entity in authDict) {
|
|
825
|
-
|
|
1061
|
+
_loop_6(entity);
|
|
826
1062
|
}
|
|
827
1063
|
return checkers;
|
|
828
1064
|
}
|