sumba 2.33.1 → 2.33.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/extend/bajo/hook.js +33 -14
- package/package.json +1 -1
- package/wiki/CHANGES.md +5 -0
package/extend/bajo/hook.js
CHANGED
|
@@ -20,6 +20,22 @@ async function clearCacheUser (id, result) {
|
|
|
20
20
|
await clear({ key: `dobo|SumbaUser|getUserByToken|${token}` })
|
|
21
21
|
}
|
|
22
22
|
|
|
23
|
+
function filterModelFromSetting ({ model, field, options }) {
|
|
24
|
+
const { isEmpty, isArray, set } = this.app.lib._
|
|
25
|
+
const { req } = options
|
|
26
|
+
const opValue = req.getSetting(`sumba:modelGuard.${field}`, {})
|
|
27
|
+
const results = []
|
|
28
|
+
for (const op of ['in', 'nin', 'inOrNull']) {
|
|
29
|
+
if (isEmpty(opValue[op]) || !isArray(opValue[op])) continue
|
|
30
|
+
if (op === 'inOrNull') {
|
|
31
|
+
const val = set({}, field, set({}, '$in', opValue[op]))
|
|
32
|
+
const nl = set({}, field, { $eq: null })
|
|
33
|
+
results.push({ $or: [val, nl] })
|
|
34
|
+
} else results.push(set({}, field, set({}, '$' + op, opValue[op])))
|
|
35
|
+
}
|
|
36
|
+
return { results, opValue }
|
|
37
|
+
}
|
|
38
|
+
|
|
23
39
|
async function applyModelGuard ({ model, q, teamIds, options }) {
|
|
24
40
|
const { set, orderBy, isEmpty, isArray } = this.app.lib._
|
|
25
41
|
const { includes } = this.app.lib.aneka
|
|
@@ -39,15 +55,8 @@ async function applyModelGuard ({ model, q, teamIds, options }) {
|
|
|
39
55
|
const rules = orderBy(guards.filter(filterFn), ['field'])
|
|
40
56
|
for (const field of fields) {
|
|
41
57
|
if (!model.getNonVirtualProperties(true).includes(field)) continue // or, should it throws exception instead?
|
|
42
|
-
const
|
|
43
|
-
|
|
44
|
-
if (isEmpty(opValue[op]) || !isArray(opValue[op])) continue
|
|
45
|
-
if (op === 'inOrNull') {
|
|
46
|
-
const val = set({}, field, set({}, '$in', opValue[op]))
|
|
47
|
-
const nl = set({}, field, { $eq: null })
|
|
48
|
-
results.push({ $or: [val, nl] })
|
|
49
|
-
} else results.push(set({}, field, set({}, '$' + op, opValue[op])))
|
|
50
|
-
}
|
|
58
|
+
const inSetting = filterModelFromSetting.call(this, { model, field, options })
|
|
59
|
+
if (inSetting.results.length > 0) inSetting.results.push(...inSetting.results)
|
|
51
60
|
const prop = model.getProperty(field)
|
|
52
61
|
const items = rules.filter(item => item.field === field)
|
|
53
62
|
for (const item of items) {
|
|
@@ -55,7 +64,7 @@ async function applyModelGuard ({ model, q, teamIds, options }) {
|
|
|
55
64
|
return sanitizeByType(val, prop.type, { strict: true, inputFormat: 'string', model: model.name })
|
|
56
65
|
})
|
|
57
66
|
const op = item.condition.toLowerCase()
|
|
58
|
-
if (['in', 'nin'].includes(op) && !isEmpty(opValue[op]) && isArray(opValue[op])) values = values.filter(val => opValue[op].includes(val))
|
|
67
|
+
if (['in', 'nin'].includes(op) && !isEmpty(inSetting.opValue[op]) && isArray(inSetting.opValue[op])) values = values.filter(val => inSetting.opValue[op].includes(val))
|
|
59
68
|
if (isEmpty(values)) continue
|
|
60
69
|
let value
|
|
61
70
|
if (['in', 'nin'].includes(op)) value = set({}, '$' + op, values)
|
|
@@ -89,7 +98,7 @@ export async function applyAttribGuard ({ model, teamIds, options }) {
|
|
|
89
98
|
}
|
|
90
99
|
|
|
91
100
|
async function rebuildFilter (model, filter = {}, options = {}) {
|
|
92
|
-
const { isEmpty, get } = this.app.lib._
|
|
101
|
+
const { isEmpty, get, keys } = this.app.lib._
|
|
93
102
|
const { req } = options
|
|
94
103
|
const allowEmpty = !get(this, `app.${model.ns}.config.sumba.noEmptyQuery`, []).includes(model.name)
|
|
95
104
|
const hasSiteId = model.hasProperty('siteId')
|
|
@@ -97,7 +106,7 @@ async function rebuildFilter (model, filter = {}, options = {}) {
|
|
|
97
106
|
const hasTeamId = model.hasProperty('teamId')
|
|
98
107
|
const teams = get(req, 'user.teams', [])
|
|
99
108
|
const teamIds = teams.map(team => team.id + '')
|
|
100
|
-
|
|
109
|
+
const aliases = teams.map(team => team.alias)
|
|
101
110
|
const q = { $and: [] }
|
|
102
111
|
|
|
103
112
|
filter.query = filter.query ?? {}
|
|
@@ -110,12 +119,22 @@ async function rebuildFilter (model, filter = {}, options = {}) {
|
|
|
110
119
|
return
|
|
111
120
|
}
|
|
112
121
|
if (hasSiteId) q.$and.push({ siteId: req.site.id + '' })
|
|
113
|
-
/*
|
|
114
122
|
if (aliases.includes('administrator')) {
|
|
123
|
+
if (get(req, 'site.alias') === 'default') {
|
|
124
|
+
filter.query = q
|
|
125
|
+
return
|
|
126
|
+
}
|
|
127
|
+
const fields = keys(req.getSetting('sumba:modelGuard', {}))
|
|
128
|
+
const results = []
|
|
129
|
+
for (const field of fields) {
|
|
130
|
+
if (!model.hasProperty(field)) continue
|
|
131
|
+
const inSetting = filterModelFromSetting.call(this, { model, field, options })
|
|
132
|
+
if (inSetting.results.length > 0) results.push(...inSetting.results)
|
|
133
|
+
}
|
|
134
|
+
if (results.length > 0) q.$and.push(...results)
|
|
115
135
|
filter.query = q
|
|
116
136
|
return
|
|
117
137
|
}
|
|
118
|
-
*/
|
|
119
138
|
if (isEmpty(req.user)) {
|
|
120
139
|
if (q.$and.length === 0 && !allowEmpty) throw this.error('_emptyColumnQuery')
|
|
121
140
|
filter.query = q
|
package/package.json
CHANGED