owl-cli 6.36.0 → 6.38.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/defaultTemplate/api/src/handlers/include/checklogin.jsx +161 -76
  2. package/package.json +1 -1
package/defaultTemplate/api/src/handlers/include/checklogin.jsx CHANGED
@@ -76,13 +76,19 @@ function checklogin() {
76
76
  function getPermissions(roleId, tableId) {
77
77
  var searchArgs = {
78
78
  roleId: roleId,
79
- tableId: tableId
80
- }
81
- var sr = owl_permissionService.search("0", searchArgs, null, 0, 10000, null);
82
- if (sr.state === 'ok') {
79
+ tables:{
80
+ type:"or",
81
+ args:[
82
+ { tableId: tableId},
83
+ { tableId: "*"}
84
+ ]
85
+ }
86
+ }
87
+ var sr = owl_permissionService.search("0", searchArgs, null, 0, 10000, null);
88
+ if (sr.state === 'ok') {
83
89
  return sr.list;
84
- }
85
- return [];
90
+ }
91
+ return [];
86
92
  }
87
93
 
88
94
  function expandTablePermission(permissions) {
@@ -518,107 +524,186 @@ function merge(oldObj,newObj,permissions,orgId){
518
524
 
519
525
  }
520
526
 
521
- function getListPermissionFilter(tableId, roleId,orgId,userId, permissions){
522
- //获得有权限的对象的filter
523
- var tp = expandTablePermission(permissions);
524
- $.log("tp=" + JSON.stringify(tp));
527
+ function getObjectPermissionFilter(tableId, roleId,orgId,userId){
525
528
  var filters = [];
526
529
  var excludeFilters = [];
527
530
 
528
-
529
- if(tp.same_org.list==='allowed' && tp.sub_org.list==='denied' && orgId!='0') {
530
- //只能读取本组织的数据
531
- filters.push({"term": {"_orgId.keyword": orgId}});
532
- }
533
- else if(tp.same_org.list==='allowed' && tp.sub_org.list==='allowed' && orgId!='0'){
534
- filters.push({"term": {"_orgIds.keyword": orgId}});
535
- }
536
-
537
- filters.concat([
538
- {
539
- "permissions.orgId.keyword":orgId,
540
- "permissions.roleId.keyword":roleId,
541
- "permissions.list.keyword":"allowed",
542
- },
543
- {
544
- "permissions.orgId.keyword":orgId,
545
- "permissions.roleId.keyword":"*",
546
- "permissions.list.keyword":"allowed",
547
- },
531
+ filters = [
548
532
  {
549
- "permissions.orgId.keyword":"*",
550
- "permissions.roleId.keyword":roleId,
551
- "permissions.list.keyword":"allowed",
552
- },
553
- {
554
- "permissions.orgId.keyword":"*",
555
- "permissions.roleId.keyword":"*",
556
- "permissions.list.keyword":"allowed",
533
+ bool: {
534
+ filter:[
535
+ {term:{"permissions.orgId.keyword":orgId}},
536
+ {term:{"permissions.roleId.keyword":roleId}},
537
+ {term:{"permissions.list.keyword":"allowed"}}
538
+ ]
539
+ }
557
540
  },
558
541
  {
559
- "permissions.orgId.keyword":orgId,
560
- "permissions.roleId.keyword":roleId,
561
- "permissions.list.keyword":"allowed",
542
+ bool: {
543
+ filter:[
544
+ {term:{"permissions.orgId.keyword":orgId}},
545
+ {term:{"permissions.roleId.keyword":"*"}},
546
+ {term:{"permissions.list.keyword":"allowed"}}
547
+ ]
548
+ }
562
549
  },
563
550
  {
564
- "permissions.orgId.keyword":orgId,
565
- "permissions.roleId.keyword":"*",
566
- "permissions.list.keyword":"allowed",
551
+ bool: {
552
+ filter:[
553
+ {term:{"permissions.orgId.keyword":"*"}},
554
+ {term:{"permissions.roleId.keyword":roleId}},
555
+ {term:{"permissions.list.keyword":"allowed"}}
556
+ ]
557
+ }
567
558
  },
568
559
  {
569
- "permissions.orgId.keyword":"*",
570
- "permissions.roleId.keyword":roleId,
571
- "permissions.list.keyword":"allowed",
560
+ bool: {
561
+ filter:[
562
+ {term:{"permissions.orgId.keyword":"*"}},
563
+ {term:{"permissions.roleId.keyword":"*"}},
564
+ {term:{"permissions.list.keyword":"allowed"}}
565
+ ]
566
+ }
572
567
  },
573
568
  {
574
- "permissions.userId.keyword":userId,
575
- "permissions.list.keyword":"allowed",
569
+ bool: {
570
+ filter:[
571
+ {term:{"permissions.userId.keyword":userId}},
572
+ {term:{"permissions.list.keyword":"allowed"}}
573
+ ]
574
+ }
576
575
  },
577
576
  {
578
- "permissions.userId":"*",
579
- "permissions.list.keyword":"allowed",
577
+ bool: {
578
+ filter:[
579
+ {term:{"permissions.userId.keyword":"*"}},
580
+ {term:{"permissions.list.keyword":"allowed"}}
581
+ ]
582
+ }
580
583
  }
581
- ]);
584
+ ];
582
585
  //获取对象本身的权限
583
586
 
584
- excludeFilters.concat([
587
+ excludeFilters= [
585
588
  {
586
- "permissions.orgId.keyword":orgId,
587
- "permissions.roleId.keyword":roleId,
588
- "permissions.list.keyword":"denied",
589
+ bool: {
590
+ filter:[
591
+ {term:{"permissions.orgId.keyword":orgId}},
592
+ {term:{"permissions.roleId.keyword":roleId}},
593
+ {term:{"permissions.list.keyword":"denied"}}
594
+ ]
595
+ }
589
596
  },
590
597
  {
591
- "permissions.orgId.keyword":orgId,
592
- "permissions.roleId.keyword":"*",
593
- "permissions.list.keyword":"denied",
598
+ bool: {
599
+ filter:[
600
+ {term:{"permissions.orgId.keyword":orgId}},
601
+ {term:{"permissions.roleId.keyword":"*"}},
602
+ {term:{"permissions.list.keyword":"denied"}}
603
+ ]
604
+ }
594
605
  },
595
606
  {
596
- "permissions.orgId.keyword":"*",
597
- "permissions.roleId.keyword":roleId,
598
- "permissions.list.keyword":"denied",
607
+ bool: {
608
+ filter:[
609
+ {term:{"permissions.orgId.keyword":"*"}},
610
+ {term:{"permissions.roleId.keyword":roleId}},
611
+ {term:{"permissions.list.keyword":"denied"}}
612
+ ]
613
+ }
599
614
  },
600
615
  {
601
- "permissions.orgId.keyword":orgId,
602
- "permissions.roleId.keyword":roleId,
603
- "permissions.list.keyword":"denied",
616
+ bool: {
617
+ filter:[
618
+ {term:{"permissions.orgId.keyword":"*"}},
619
+ {term:{"permissions.roleId.keyword":"*"}},
620
+ {term:{"permissions.list.keyword":"denied"}}
621
+ ]
622
+ }
604
623
  },
605
624
  {
606
- "permissions.orgId.keyword":"*",
607
- "permissions.roleId.keyword":roleId,
608
- "permissions.list.keyword":"denied",
625
+ bool: {
626
+ filter:[
627
+ {term:{"permissions.userId.keyword":userId}},
628
+ {term:{"permissions.list.keyword":"denied"}}
629
+ ]
630
+ }
609
631
  },
610
632
  {
611
- "permissions.userId.keyword":userId,
612
- "permissions.list.keyword":"denied",
633
+ bool: {
634
+ filter:[
635
+ {term:{"permissions.userId.keyword":"*"}},
636
+ {term:{"permissions.list.keyword":"denied"}}
637
+ ]
638
+ }
613
639
  }
614
- ]);
640
+ ];
641
+ return [filters,excludeFilters]
642
+ }
643
+ function getListPermissionFilter(tableId, roleId,orgId,userId, permissions){
644
+ if(userId==='0'){
645
+ return null;
646
+ }
647
+ //获得有权限的对象的filter
648
+ var tp = expandTablePermission(permissions);
649
+ // $.log("tp=" + JSON.stringify(tp));
650
+ var filters = [];
651
+ var excludeFilters = [];
615
652
 
616
- return {
617
- bool:{
618
- should:filters,
619
- must_not:excludeFilters
653
+ //如果有listAll
654
+
655
+ if(tp.same_org.listall==='allowed' || tp.sub_org.listall==='allowed') {
656
+ //只能读取本组织的数据
657
+ var objFilters = getObjectPermissionFilter(tableId, roleId,orgId,userId, permissions);
658
+ var orgFilter = {
659
+ "term": {"_orgId.keyword": orgId}
660
+ };
661
+ if(tp.sub_org.listall==='allowed'){
662
+ if(orgId!='0'){
663
+ orgFilter = {
664
+ "term": {"_orgIds.keyword": orgId}
665
+ }
666
+ }
667
+ else{
668
+ orgFilter = { "match_all": {}};
669
+ }
620
670
  }
621
- };
671
+ if(tp.same_org.listall!=='allowed'){
672
+ orgFilter = {
673
+ bool:{
674
+ filter:[{
675
+ "term": {"_orgIds.keyword": orgId}
676
+ }],
677
+ must_not:[{
678
+ "term": {"_orgId.keyword": orgId}
679
+ }],
680
+ }
681
+ }
682
+ }
683
+ var shouldFilters = objFilters[0];
684
+ if(orgFilter){
685
+ shouldFilters.push(orgFilter);
686
+ }
687
+ //组合对象允许的
688
+ return {
689
+ bool:{
690
+ should:shouldFilters,
691
+ must_not:objFilters[1]
692
+ }
693
+ }
694
+ }
695
+ else {
696
+ var objFilters = getObjectPermissionFilter(tableId, roleId,orgId,userId, permissions);
697
+
698
+ return {
699
+ bool:{
700
+ should:objFilters[0],
701
+ must_not:objFilters[1]
702
+ }
703
+ }
704
+ }
705
+
706
+
622
707
  }
623
708
 
624
709
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "owl-cli",
3
- "version": "6.36.0",
3
+ "version": "6.38.0",
4
4
  "main": "index.js",
5
5
  "preferGlobal": true,
6
6
  "bin": {