owl-cli 6.128.0 → 6.130.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/defaultTemplate/api/src/handlers/delete.jsx +5 -10
  2. package/defaultTemplate/api/src/handlers/include/checklogin.jsx +55 -20
  3. package/defaultTemplate/api/src/handlers/save.jsx +4 -4
  4. package/package.json +1 -1
package/defaultTemplate/api/src/handlers/delete.jsx CHANGED
@@ -27,6 +27,9 @@
27
27
  ids = [id];
28
28
  }
29
29
 
30
+ var tableId = 'owl_' + spec._t;
31
+ var permissions = getPermissions(roleId,tableId);
32
+
30
33
  for(var i=0;i<ids.length; i++){
31
34
  var id = ids[i];
32
35
  var oldObj = @projectCodeService.get(id,true);
@@ -39,17 +42,9 @@
39
42
  out.print(JSON.stringify(ret));
40
43
  return;
41
44
  }
42
- if(roleId!=='internal' && orgId && oldObj._orgIds && oldObj._orgIds){
45
+ if(roleId!=='internal' && roleId!='0'){
43
46
  //检查是否有权限修改
44
- if(orgId!='0' && oldObj._orgIds.indexOf(orgId)===-1){
45
- var ret = {
46
- state:'err',
47
- code: 'no permission',
48
- msg: '没有权限,id=' + id
49
- }
50
- out.print(JSON.stringify(ret));
51
- return;
52
- }
47
+ checkPermission(oldObj,permissions,orgId,"del");
53
48
  }
54
49
  }
55
50
 
package/defaultTemplate/api/src/handlers/include/checklogin.jsx CHANGED
@@ -116,41 +116,41 @@ function expandTablePermission(permissions) {
116
116
 
117
117
  for (var i = 0; i < permissions.length; i++) {
118
118
  var p = permissions[i];
119
- if(same_org.read!='denied' && p.permission_same_org && p.permission_same_org.read){
119
+ if(same_org.read!='denied' && p.permission_same_org && p.permission_same_org.read && p.permission_same_org.read!='noset'){
120
120
  same_org.read = p.permission_same_org.read;
121
121
  }
122
- if(same_org.update!='denied' && p.permission_same_org && p.permission_same_org.update){
122
+ if(same_org.update!='denied' && p.permission_same_org && p.permission_same_org.update && p.permission_same_org.update!='noset'){
123
123
  same_org.update = p.permission_same_org.update;
124
124
  }
125
- if(same_org.del!='denied' && p.permission_same_org && p.permission_same_org.del){
125
+ if(same_org.del!='denied' && p.permission_same_org && p.permission_same_org.del && p.permission_same_org.del!='noset'){
126
126
  same_org.del = p.permission_same_org.del;
127
127
  }
128
- if(same_org.add!='denied' && p.permission_same_org && p.permission_same_org.add){
128
+ if(same_org.add!='denied' && p.permission_same_org && p.permission_same_org.add && p.permission_same_org.add!='noset'){
129
129
  same_org.add = p.permission_same_org.add;
130
130
  }
131
- if(same_org.list!='denied' && p.permission_same_org && p.permission_same_org.list){
131
+ if(same_org.list!='denied' && p.permission_same_org && p.permission_same_org.list && p.permission_same_org.list!='noset'){
132
132
  same_org.list = p.permission_same_org.add;
133
133
  }
134
- if(same_org.listall!='denied' && p.permission_same_org && p.permission_same_org.listall){
134
+ if(same_org.listall!='denied' && p.permission_same_org && p.permission_same_org.listall && p.permission_same_org.listall!='noset'){
135
135
  same_org.listall = p.permission_same_org.listall;
136
136
  }
137
137
 
138
- if(sub_org.read!='denied' && p.permission_sub_org && p.permission_sub_org.read){
138
+ if(sub_org.read!='denied' && p.permission_sub_org && p.permission_sub_org.read && p.permission_sub_org.read!='noset'){
139
139
  sub_org.read = p.permission_sub_org.read;
140
140
  }
141
- if(sub_org.update!='denied' && p.permission_sub_org && p.permission_sub_org.update){
141
+ if(sub_org.update!='denied' && p.permission_sub_org && p.permission_sub_org.update && p.permission_sub_org.update!='noset'){
142
142
  sub_org.update = p.permission_sub_org.update;
143
143
  }
144
- if(sub_org.del!='denied' && p.permission_sub_org && p.permission_sub_org.del){
144
+ if(sub_org.del!='denied' && p.permission_sub_org && p.permission_sub_org.del && p.permission_sub_org.del!='noset'){
145
145
  same_org.del = p.permission_sub_org.del;
146
146
  }
147
- if(sub_org.add!='denied' && p.permission_sub_org && p.permission_sub_org.add){
147
+ if(sub_org.add!='denied' && p.permission_sub_org && p.permission_sub_org.add && p.permission_sub_org.add!='noset'){
148
148
  sub_org.add = p.permission_sub_org.add;
149
149
  }
150
- if(sub_org.list!='denied' && p.permission_sub_org && p.permission_sub_org.list){
150
+ if(sub_org.list!='denied' && p.permission_sub_org && p.permission_sub_org.list && p.permission_sub_org.list!='noset'){
151
151
  sub_org.list = p.permission_sub_org.list;
152
152
  }
153
- if(sub_org.listall!='denied' && p.permission_sub_org && p.permission_sub_org.listall){
153
+ if(sub_org.listall!='denied' && p.permission_sub_org && p.permission_sub_org.listall && p.permission_sub_org.listall!='noset'){
154
154
  sub_org.listall = p.permission_sub_org.listall;
155
155
  }
156
156
  }
@@ -244,6 +244,20 @@ function checkObject(obj, ef_field_permissions, parentKey,action){
244
244
  }
245
245
  }
246
246
 
247
+ function isSubOrg(data, orgId){
248
+ if(orgId == '0'){
249
+ return true;
250
+ }
251
+ var org = owl_orgsService.get(data._orgId);
252
+ if(!org || !org.parentPathIds){
253
+ return false;
254
+ }
255
+ if(org.parentPathIds.indexOf(orgId)>-1){
256
+ return true;
257
+ }
258
+ return false;
259
+ }
260
+
247
261
  function checkPermission(data, permissions, orgId, action) {
248
262
  var section_permissions = expandSectionPermission(permissions);
249
263
  var field_permissions = expandFieldPermission(permissions);
@@ -257,16 +271,32 @@ function checkPermission(data, permissions, orgId, action) {
257
271
  ef_field_permissions = field_permissions.same_org;
258
272
  ef_table_permissions = table_permissions.same_org;
259
273
  } else {
260
- ef_section_permissions = section_permissions.sub_org;
261
- ef_field_permissions = field_permissions.sub_org;
262
- ef_table_permissions = field_permissions.sub_org;
263
-
274
+ if(isSubOrg(data,orgId)) {
275
+ ef_section_permissions = section_permissions.sub_org;
276
+ ef_field_permissions = field_permissions.sub_org;
277
+ ef_table_permissions = field_permissions.sub_org;
278
+ }
264
279
  }
265
280
 
281
+ if(!ef_table_permissions){
282
+ throw "表没有权限。"
283
+ }
266
284
  var valid_fields = ['_orgId', '_orgIds', "_v", "del"];
267
- if(ef_table_permissions.add === 'denied'){
285
+ if(ef_table_permissions.add !== 'allowed' && action==='add'){
268
286
  throw "表没有添加记录权限。"
269
287
  }
288
+ if(ef_table_permissions.del !== 'allowed' && action==='del'){
289
+ throw "表没有删除记录权限。"
290
+ }
291
+ if(ef_table_permissions.update !== 'allowed' && action==='update'){
292
+ throw "表没有删除记录权限。"
293
+ }
294
+ if(ef_table_permissions.read !== 'read' && action==='read'){
295
+ throw "表没有读取权限。"
296
+ }
297
+ if(ef_table_permissions.list !== 'read' && action==='list'){
298
+ throw "表没有列出权限。"
299
+ }
270
300
  //检查section_permission
271
301
  for (var k in data) {
272
302
  if(valid_fields.indexOf(k)>-1){
@@ -311,12 +341,17 @@ function checkUpdatePermission(data,diffresult,permissions,orgId){
311
341
  ef_field_permissions = field_permissions.same_org;
312
342
  ef_table_permissions = table_permissions.same_org;
313
343
  } else {
314
- ef_section_permissions = section_permissions.sub_org;
315
- ef_field_permissions = field_permissions.sub_org;
316
- ef_table_permissions = table_permissions.sub_org;
344
+ if(isSubOrg(data,orgId)) {
345
+ ef_section_permissions = section_permissions.sub_org;
346
+ ef_field_permissions = field_permissions.sub_org;
347
+ ef_table_permissions = field_permissions.sub_org;
348
+ }
317
349
  }
318
350
 
319
351
  // $.log("ef_table_permissions=" + JSON.stringify(ef_table_permissions))
352
+ if(!ef_table_permissions){
353
+ throw "表没有权限。"
354
+ }
320
355
  if(ef_table_permissions.update === 'denied'){
321
356
  throw "没有修改的权限。"
322
357
  }
package/defaultTemplate/api/src/handlers/save.jsx CHANGED
@@ -32,7 +32,7 @@
32
32
  var roleId = env.roleId
33
33
  if(orgId && oldObj && oldObj._orgIds){
34
34
  //检查是否有权限修改
35
- if(roleId!=='internal' && orgId!='0' && oldObj._orgIds.indexOf(orgId)===-1){
35
+ if(roleId!=='internal' && roleId!='0' && orgId!='0' && oldObj._orgIds.indexOf(orgId)===-1){
36
36
  var ret = {
37
37
  state:'err',
38
38
  code: 'no permission',
@@ -54,8 +54,8 @@
54
54
  modelObject.m = env.m;
55
55
 
56
56
  //如果检查不通过,则会抛出异常
57
- if(roleId!=='internal'){
58
- checkPermission(modelObject,permissions,orgId,"add");
57
+ if(roleId!=='internal' && roleId!='0'){
58
+ checkPermission(modelObject,permissions,orgId,"add");
59
59
  }
60
60
  modelObject.owl_createUserId = env.loginUserId;
61
61
  var newdata = @projectCodeService.add( modelObject,env );
@@ -81,7 +81,7 @@
81
81
  }
82
82
  modelObject._orgIds = _orgIds;
83
83
  diffResult = diff(oldObj,modelObject,"");
84
- if(roleId!=='internal') {
84
+ if(roleId!=='internal' && roleId!='0') {
85
85
  checkUpdatePermission(modelObject, diffResult, permissions, orgId);
86
86
  }
87
87
  var merged = merge(oldObj,modelObject,permissions,orgId);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "owl-cli",
3
- "version": "6.128.0",
3
+ "version": "6.130.0",
4
4
  "main": "index.js",
5
5
  "preferGlobal": true,
6
6
  "bin": {