owl-cli 6.0.0 → 6.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/defaultTemplate/api/src/handlers/get.jsx +2 -0
  2. package/defaultTemplate/api/src/handlers/getSpec.jsx +4 -0
  3. package/defaultTemplate/api/src/handlers/include/checklogin.jsx +123 -1
  4. package/package.json +1 -1
package/defaultTemplate/api/src/handlers/get.jsx CHANGED
@@ -15,6 +15,7 @@
15
15
  var warehouseId = env.warehouseId;
16
16
  var m = shopId;
17
17
  var roleId = env.roleId
18
+ var orgId = env.orgId;
18
19
 
19
20
  var spec = @spec;
20
21
  var tableId = 'owl_' + spec._t;
@@ -26,6 +27,7 @@
26
27
  var id = params.id;
27
28
 
28
29
  var obj = @projectCodeService.get(id,true);
30
+ filterFields(obj,permissions,orgId);
29
31
  var ret = {
30
32
  state:'ok',
31
33
  obj:obj
package/defaultTemplate/api/src/handlers/getSpec.jsx CHANGED
@@ -13,6 +13,8 @@
13
13
  var warehouseId = env.warehouseId;
14
14
  var m = shopId;
15
15
  var roleId = env.roleId;
16
+ var orgId = env.orgId;
17
+ var orgIds = env.orgIds;
16
18
 
17
19
 
18
20
 
@@ -29,6 +31,8 @@
29
31
  flattenedSpecs:flattenedSpecs,
30
32
  spec:spec,
31
33
  permissions:permissions,
34
+ orgId:orgId,
35
+ orgIds:orgIds,
32
36
  formSpecs:formSpecs
33
37
  }
34
38
  out.print(JSON.stringify(ret));
package/defaultTemplate/api/src/handlers/include/checklogin.jsx CHANGED
@@ -2,6 +2,8 @@
2
2
  //#import $owl_backend_session:services/modelService.jsx
3
3
  //#import $owlPermission:services/permissionService.jsx
4
4
  //#import $owl_orgs:services/modelService.jsx
5
+ //#import $owl_permission:services/modelService.jsx
6
+
5
7
  function getParentOrgIds(orgId){
6
8
  if(orgId=='0'){
7
9
  return ['0'];
@@ -12,7 +14,6 @@ function getParentOrgIds(orgId){
12
14
  return org.parentPathIds;
13
15
  }
14
16
  return [orgId];
15
-
16
17
  }
17
18
 
18
19
  function checklogin(){
@@ -88,6 +89,127 @@ function getPermissions(roleId,tableId){
88
89
  return [];
89
90
  }
90
91
 
92
+ function expandSectionPermission(permissions){
93
+ var same_org = {
94
+ "*":"allowed"
95
+ };
96
+ var sub_org = {
97
+ "*":"allowed"
98
+ };
99
+
100
+ for(var i=0; i<permissions.length; i++){
101
+ var p = permissions[i];
102
+ var sections_same_org = p.sections_same_org;
103
+ var sections_sub_org = p.sections_sub_org;
104
+ if(sections_same_org){
105
+ for(var j=0; j<sections_same_org.length; j++){
106
+ var sec = sections_same_org[j];
107
+ if(sec.sectionKey && sec.read){
108
+ same_org[sec.sectionKey] = sec.read;
109
+ }
110
+ }
111
+ }
112
+ if(sections_sub_org){
113
+ for(var j=0; j<sections_sub_org.length; j++){
114
+ var sec = sections_sub_org[j];
115
+ if(sec.sectionKey && sec.read){
116
+ sub_org[sec.sectionKey] = sec.read;
117
+ }
118
+ }
119
+ }
120
+ }
121
+
122
+ return {
123
+ same_org:same_org,
124
+ sub_org: sub_org
125
+ }
126
+ }
127
+
128
+ function expandFieldPermission(permissions){
129
+ var same_org = {
130
+ "*":"allowed"
131
+ }
132
+ var sub_org = {
133
+ "*":"allowed"
134
+ }
135
+ for(var i=0; i<permissions.length; i++){
136
+ var p = permissions[i];
137
+ if(p.fields_same_org){
138
+ for(var j=0; j<p.fields_same_org.length; j++){
139
+ var f = p.fields_same_org[j];
140
+ var fieldKey = f.fieldKey;
141
+ if(f.sectionKey && f.sectionKey!='main'){
142
+ fieldKey = f.sectionKey + "." + f.fieldKey;
143
+ }
144
+ same_org[fieldKey] = f.read;
145
+ }
146
+ }
147
+ if(p.fields_sub_org){
148
+ for(var j=0; j<p.fields_sub_org.length; j++){
149
+ var f = p.fields_sub_org[j];
150
+ var fieldKey = f.fieldKey;
151
+ if(f.sectionKey && f.sectionKey!='main'){
152
+ fieldKey = f.sectionKey + "." + f.fieldKey;
153
+ }
154
+ sub_org[fieldKey] = f.read;
155
+ }
156
+ }
157
+ }
158
+ return {
159
+ same_org:same_org,
160
+ sub_org:sub_org
161
+ }
162
+
163
+
164
+ }
165
+ function filterFields(data,permissions,orgId){
166
+ //根据权限,将没有权限的字段删除掉
167
+ var section_permissions = expandSectionPermission(permissions);
168
+ var field_permissions = expandFieldPermission(permissions);
169
+ var valid_fields = ['_orgId','_orgIds',"_v", "del"];
170
+ var curSectionKey = '';
171
+ for(var k in data){
172
+ if(valid_fields.indexOf(k)>=0){
173
+ continue;
174
+ }
175
+ else{
176
+ var ef_section_permissions = null;
177
+ var ef_field_permissions = null;
178
+ if(data._orgId === orgId){
179
+ ef_section_permissions = section_permissions.same_org;
180
+ ef_field_permissions = field_permissions.same_org;
181
+ }
182
+ else{
183
+ ef_section_permissions = section_permissions.sub_org;
184
+ ef_field_permissions = field_permissions.sub_org;
185
+ }
186
+ if(typeof data[k] === 'object'){
187
+ if(ef_section_permissions[k].read === 'denied' || (!ef_section_permissions[k].read && ef_section_permissions["*"].read === 'denied')){
188
+ delete data[k];
189
+ }
190
+ var section = data[k];
191
+ if(Array.isArray(section)){
192
+ for(var i=0; i<section.length; i++){
193
+ var r = section[i];
194
+ for(var fk in r){
195
+ var rk = k+ "." + fk;
196
+ if(ef_field_permissions[rk].read === 'denied' || (!ef_field_permissions[rk].read && ef_field_permissions[k+".*"].read === 'denied')){
197
+ delete r[rk];
198
+ }
199
+ }
200
+
201
+ }
202
+ }
203
+ }
204
+ else {
205
+ if(ef_field_permissions[k].read === 'denied' || (!ef_field_permissions[k].read && ef_field_permissions["*"].read === 'denied')){
206
+ delete data[k];
207
+ }
208
+ }
209
+ }
210
+ }
211
+
212
+ }
91
213
 
92
214
 
93
215
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "owl-cli",
3
- "version": "6.0.0",
3
+ "version": "6.3.0",
4
4
  "main": "index.js",
5
5
  "preferGlobal": true,
6
6
  "bin": {