sumba 2.33.1 → 2.33.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/extend/bajo/hook.js +32 -14
- package/package.json +1 -1
- package/wiki/CHANGES.md +4 -0
package/extend/bajo/hook.js
CHANGED
|
@@ -20,6 +20,22 @@ async function clearCacheUser (id, result) {
|
|
|
20
20
|
await clear({ key: `dobo|SumbaUser|getUserByToken|${token}` })
|
|
21
21
|
}
|
|
22
22
|
|
|
23
|
+
function filterModelFromSetting ({ model, field, options }) {
|
|
24
|
+
const { isEmpty, isArray, set } = this.app.lib._
|
|
25
|
+
const { req } = options
|
|
26
|
+
const opValue = req.getSetting(`sumba:modelGuard.${field}`, {})
|
|
27
|
+
const results = []
|
|
28
|
+
for (const op of ['in', 'nin', 'inOrNull']) {
|
|
29
|
+
if (isEmpty(opValue[op]) || !isArray(opValue[op])) continue
|
|
30
|
+
if (op === 'inOrNull') {
|
|
31
|
+
const val = set({}, field, set({}, '$in', opValue[op]))
|
|
32
|
+
const nl = set({}, field, { $eq: null })
|
|
33
|
+
results.push({ $or: [val, nl] })
|
|
34
|
+
} else results.push(set({}, field, set({}, '$' + op, opValue[op])))
|
|
35
|
+
}
|
|
36
|
+
return { results, opValue }
|
|
37
|
+
}
|
|
38
|
+
|
|
23
39
|
async function applyModelGuard ({ model, q, teamIds, options }) {
|
|
24
40
|
const { set, orderBy, isEmpty, isArray } = this.app.lib._
|
|
25
41
|
const { includes } = this.app.lib.aneka
|
|
@@ -39,15 +55,8 @@ async function applyModelGuard ({ model, q, teamIds, options }) {
|
|
|
39
55
|
const rules = orderBy(guards.filter(filterFn), ['field'])
|
|
40
56
|
for (const field of fields) {
|
|
41
57
|
if (!model.getNonVirtualProperties(true).includes(field)) continue // or, should it throws exception instead?
|
|
42
|
-
const
|
|
43
|
-
|
|
44
|
-
if (isEmpty(opValue[op]) || !isArray(opValue[op])) continue
|
|
45
|
-
if (op === 'inOrNull') {
|
|
46
|
-
const val = set({}, field, set({}, '$in', opValue[op]))
|
|
47
|
-
const nl = set({}, field, { $eq: null })
|
|
48
|
-
results.push({ $or: [val, nl] })
|
|
49
|
-
} else results.push(set({}, field, set({}, '$' + op, opValue[op])))
|
|
50
|
-
}
|
|
58
|
+
const inSetting = filterModelFromSetting.call(this, { model, field, options })
|
|
59
|
+
if (inSetting.results.length > 0) inSetting.results.push(...inSetting.results)
|
|
51
60
|
const prop = model.getProperty(field)
|
|
52
61
|
const items = rules.filter(item => item.field === field)
|
|
53
62
|
for (const item of items) {
|
|
@@ -55,7 +64,7 @@ async function applyModelGuard ({ model, q, teamIds, options }) {
|
|
|
55
64
|
return sanitizeByType(val, prop.type, { strict: true, inputFormat: 'string', model: model.name })
|
|
56
65
|
})
|
|
57
66
|
const op = item.condition.toLowerCase()
|
|
58
|
-
if (['in', 'nin'].includes(op) && !isEmpty(opValue[op]) && isArray(opValue[op])) values = values.filter(val => opValue[op].includes(val))
|
|
67
|
+
if (['in', 'nin'].includes(op) && !isEmpty(inSetting.opValue[op]) && isArray(inSetting.opValue[op])) values = values.filter(val => inSetting.opValue[op].includes(val))
|
|
59
68
|
if (isEmpty(values)) continue
|
|
60
69
|
let value
|
|
61
70
|
if (['in', 'nin'].includes(op)) value = set({}, '$' + op, values)
|
|
@@ -89,7 +98,7 @@ export async function applyAttribGuard ({ model, teamIds, options }) {
|
|
|
89
98
|
}
|
|
90
99
|
|
|
91
100
|
async function rebuildFilter (model, filter = {}, options = {}) {
|
|
92
|
-
const { isEmpty, get } = this.app.lib._
|
|
101
|
+
const { isEmpty, get, keys } = this.app.lib._
|
|
93
102
|
const { req } = options
|
|
94
103
|
const allowEmpty = !get(this, `app.${model.ns}.config.sumba.noEmptyQuery`, []).includes(model.name)
|
|
95
104
|
const hasSiteId = model.hasProperty('siteId')
|
|
@@ -97,7 +106,7 @@ async function rebuildFilter (model, filter = {}, options = {}) {
|
|
|
97
106
|
const hasTeamId = model.hasProperty('teamId')
|
|
98
107
|
const teams = get(req, 'user.teams', [])
|
|
99
108
|
const teamIds = teams.map(team => team.id + '')
|
|
100
|
-
|
|
109
|
+
const aliases = teams.map(team => team.alias)
|
|
101
110
|
const q = { $and: [] }
|
|
102
111
|
|
|
103
112
|
filter.query = filter.query ?? {}
|
|
@@ -110,12 +119,21 @@ async function rebuildFilter (model, filter = {}, options = {}) {
|
|
|
110
119
|
return
|
|
111
120
|
}
|
|
112
121
|
if (hasSiteId) q.$and.push({ siteId: req.site.id + '' })
|
|
113
|
-
/*
|
|
114
122
|
if (aliases.includes('administrator')) {
|
|
123
|
+
if (get(req, 'site.alias') === 'default') {
|
|
124
|
+
filter.query = q
|
|
125
|
+
return
|
|
126
|
+
}
|
|
127
|
+
const fields = keys(req.getSetting('sumba:modelGuard', {}))
|
|
128
|
+
const results = []
|
|
129
|
+
for (const field of fields) {
|
|
130
|
+
const inSetting = filterModelFromSetting.call(this, { model, field, options })
|
|
131
|
+
if (inSetting.results.length > 0) results.push(...inSetting.results)
|
|
132
|
+
}
|
|
133
|
+
if (results.length > 0) q.$and.push(...results)
|
|
115
134
|
filter.query = q
|
|
116
135
|
return
|
|
117
136
|
}
|
|
118
|
-
*/
|
|
119
137
|
if (isEmpty(req.user)) {
|
|
120
138
|
if (q.$and.length === 0 && !allowEmpty) throw this.error('_emptyColumnQuery')
|
|
121
139
|
filter.query = q
|
package/package.json
CHANGED