zet-lib 1.2.71 → 1.2.73
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/zRoleRouter.js +8 -1
- package/lib/zRoute.js +11 -6
- package/package.json +1 -1
package/lib/zRoleRouter.js
CHANGED
|
@@ -30,21 +30,28 @@ router.get('/', csrfProtection, async function (req, res, next) {
|
|
|
30
30
|
})
|
|
31
31
|
//find all table has tabs
|
|
32
32
|
let zfields = await connection.results({ table: 'zfields' })
|
|
33
|
+
let dummies = []
|
|
33
34
|
let tabs = []
|
|
34
35
|
zfields.map((item) => {
|
|
35
36
|
let itemTabs = item.tabs || []
|
|
36
37
|
if (itemTabs.length) {
|
|
37
38
|
tabs.push(item.table)
|
|
38
39
|
}
|
|
40
|
+
if (item.json) {
|
|
41
|
+
if (item.json.dummy == 1) {
|
|
42
|
+
dummies.push(item.table)
|
|
43
|
+
}
|
|
44
|
+
}
|
|
39
45
|
})
|
|
40
46
|
const json = model[0].params
|
|
41
|
-
const routes = zRole.routes
|
|
47
|
+
const routes = zRole.routes.filter((item) => !dummies.includes(item))
|
|
42
48
|
const results = await connection.results({ table: 'zrole' })
|
|
43
49
|
const myLevel = zRole.myLevel(req, res, 'zrole')
|
|
44
50
|
//inject to end body
|
|
45
51
|
let datas = {
|
|
46
52
|
model: model,
|
|
47
53
|
tabs: tabs,
|
|
54
|
+
dummies: dummies,
|
|
48
55
|
table: 'zrole',
|
|
49
56
|
id: id,
|
|
50
57
|
actions: zRole.actions,
|
package/lib/zRoute.js
CHANGED
|
@@ -1228,8 +1228,9 @@ zRoute.selectAllowedField = (req, res, MYMODEL, arr = []) => {
|
|
|
1228
1228
|
}
|
|
1229
1229
|
|
|
1230
1230
|
zRoute.excelQuery = async (req, res, MYMODEL, paramsObject = {}) => {
|
|
1231
|
-
const
|
|
1232
|
-
|
|
1231
|
+
const cacheRole = myCache.get("ROLES")[res.locals.roleId].params;
|
|
1232
|
+
const levels = cacheRole[MYMODEL.table] || []
|
|
1233
|
+
if(!levels.includes("export")) {
|
|
1233
1234
|
res.json("no access")
|
|
1234
1235
|
return false;
|
|
1235
1236
|
}
|
|
@@ -1354,11 +1355,13 @@ zRoute.excelQuery = async (req, res, MYMODEL, paramsObject = {}) => {
|
|
|
1354
1355
|
|
|
1355
1356
|
// for excels
|
|
1356
1357
|
zRoute.excel = async (req, res, MYMODEL, fields, rows, callback, fileName) => {
|
|
1357
|
-
const
|
|
1358
|
-
|
|
1358
|
+
const cacheRole = myCache.get("ROLES")[res.locals.roleId].params;
|
|
1359
|
+
const levels = cacheRole[MYMODEL.table] || []
|
|
1360
|
+
if(!levels.includes("export")) {
|
|
1359
1361
|
res.json("no access")
|
|
1360
1362
|
return false;
|
|
1361
1363
|
}
|
|
1364
|
+
|
|
1362
1365
|
//if any other custom value then callback needed
|
|
1363
1366
|
callback = callback || function () {}
|
|
1364
1367
|
const workbook = new Excel.Workbook()
|
|
@@ -3557,11 +3560,13 @@ zRoute.deleteSQL = async (table, id, company_id) => {
|
|
|
3557
3560
|
|
|
3558
3561
|
//for import
|
|
3559
3562
|
zRoute.import = async (req, res, MYMODEL) => {
|
|
3560
|
-
const
|
|
3561
|
-
|
|
3563
|
+
const cacheRole = myCache.get("ROLES")[res.locals.roleId].params;
|
|
3564
|
+
const levels = cacheRole[MYMODEL.table] || []
|
|
3565
|
+
if(!levels.includes("export")) {
|
|
3562
3566
|
res.json("no access")
|
|
3563
3567
|
return false;
|
|
3564
3568
|
}
|
|
3569
|
+
|
|
3565
3570
|
const userId = res.locals.userId
|
|
3566
3571
|
const room = res.locals.token
|
|
3567
3572
|
let progress = 0
|