nocobase/packages/plugins/acl/src/server.ts

775 lines
22 KiB
TypeScript
Raw Normal View History

feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
import { NoPermissionError } from '@nocobase/acl';
import { Context, utils as actionUtils } from '@nocobase/actions';
import { Collection, RelationField } from '@nocobase/database';
2022-02-11 10:13:14 +00:00
import { Plugin } from '@nocobase/server';
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
import lodash from 'lodash';
2022-02-11 15:59:03 +00:00
import { resolve } from 'path';
import { availableActionResource } from './actions/available-actions';
2022-03-13 11:36:37 +00:00
import { checkAction } from './actions/role-check';
2022-04-08 08:17:39 +00:00
import { roleCollectionsResource } from './actions/role-collections';
import { setDefaultRole } from './actions/user-setDefaultRole';
import { setCurrentRole } from './middlewares/setCurrentRole';
2022-02-28 06:25:50 +00:00
import { RoleModel } from './model/RoleModel';
import { RoleResourceActionModel } from './model/RoleResourceActionModel';
import { RoleResourceModel } from './model/RoleResourceModel';
export interface AssociationFieldAction {
associationActions: string[];
targetActions?: string[];
}
interface AssociationFieldActions {
[availableActionName: string]: AssociationFieldAction;
}
export interface AssociationFieldsActions {
[associationType: string]: AssociationFieldActions;
}
export class GrantHelper {
resourceTargetActionMap = new Map<string, string[]>();
targetActionResourceMap = new Map<string, string[]>();
constructor() {}
}
2022-02-11 10:13:14 +00:00
export class PluginACL extends Plugin {
// association field actions config
associationFieldsActions: AssociationFieldsActions = {};
grantHelper = new GrantHelper();
2022-02-11 15:59:03 +00:00
get acl() {
return this.app.acl;
}
2022-02-11 15:59:03 +00:00
registerAssociationFieldAction(associationType: string, value: AssociationFieldActions) {
this.associationFieldsActions[associationType] = value;
}
registerAssociationFieldsActions() {
// if grant create action to role, it should
// also grant add action and association target's view action
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
this.registerAssociationFieldAction('hasOne', {
view: {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
associationActions: ['list', 'get', 'view'],
},
create: {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
associationActions: ['create', 'set'],
},
update: {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
associationActions: ['update', 'remove', 'set'],
},
});
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
this.registerAssociationFieldAction('hasMany', {
view: {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
associationActions: ['list', 'get', 'view'],
},
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
create: {
associationActions: ['create', 'set', 'add'],
},
update: {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
associationActions: ['update', 'remove', 'set'],
},
});
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
this.registerAssociationFieldAction('belongsTo', {
view: {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
associationActions: ['list', 'get', 'view'],
},
create: {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
associationActions: ['create', 'set'],
},
update: {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
associationActions: ['update', 'remove', 'set'],
},
});
this.registerAssociationFieldAction('belongsToMany', {
view: {
associationActions: ['list', 'get', 'view'],
},
create: {
associationActions: ['create', 'set', 'add'],
},
update: {
associationActions: ['update', 'remove', 'set', 'toggle'],
},
});
}
async writeResourceToACL(resourceModel: RoleResourceModel, transaction) {
await resourceModel.writeToACL({
acl: this.acl,
associationFieldsActions: this.associationFieldsActions,
transaction: transaction,
grantHelper: this.grantHelper,
});
}
async writeActionToACL(actionModel: RoleResourceActionModel, transaction) {
const resource = actionModel.get('resource') as RoleResourceModel;
const role = this.acl.getRole(resource.get('roleName') as string);
await actionModel.writeToACL({
acl: this.acl,
role,
resourceName: resource.get('name') as string,
associationFieldsActions: this.associationFieldsActions,
grantHelper: this.grantHelper,
});
}
async writeRolesToACL() {
const roles = (await this.app.db.getRepository('roles').find({
appends: ['resources', 'resources.actions'],
})) as RoleModel[];
for (const role of roles) {
role.writeToAcl({ acl: this.acl });
for (const resource of role.get('resources') as RoleResourceModel[]) {
await this.writeResourceToACL(resource, null);
}
}
}
2022-02-11 11:31:53 +00:00
async beforeLoad() {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
this.db.addMigrations({
namespace: this.name,
directory: resolve(__dirname, './migrations'),
context: {
plugin: this,
},
});
this.app.db.registerModels({
RoleResourceActionModel,
RoleResourceModel,
RoleModel,
});
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
this.app.acl.registerSnippet({
name: `pm.${this.name}.roles`,
actions: [
'roles:*',
'roles.snippets:*',
'availableActions:list',
'roles.collections:list',
'roles.resources:*',
'uiSchemas:getProperties',
'roles.menuUiSchemas:*',
],
});
// change resource fields to association fields
this.app.acl.beforeGrantAction((ctx) => {
const actionName = this.app.acl.resolveActionAlias(ctx.actionName);
const collection = this.app.db.getCollection(ctx.resourceName);
if (!collection) {
return;
}
const fieldsParams = ctx.params.fields;
if (!fieldsParams) {
return;
}
if (actionName == 'view' || actionName == 'export') {
const associationsFields = fieldsParams.filter((fieldName) => {
const field = collection.getField(fieldName);
return field instanceof RelationField;
});
ctx.params = {
...ctx.params,
fields: lodash.difference(fieldsParams, associationsFields),
appends: associationsFields,
};
}
});
this.registerAssociationFieldsActions();
this.app.resourcer.define(availableActionResource);
this.app.resourcer.define(roleCollectionsResource);
2022-03-13 11:36:37 +00:00
this.app.resourcer.registerActionHandler('roles:check', checkAction);
this.app.resourcer.registerActionHandler(`users:setDefaultRole`, setDefaultRole);
this.db.on('users.afterCreateWithAssociations', async (model, options) => {
const { transaction } = options;
const repository = this.app.db.getRepository('roles');
const defaultRole = await repository.findOne({
filter: {
default: true,
},
transaction,
});
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
if (defaultRole && (await model.countRoles({ transaction })) == 0) {
await model.addRoles(defaultRole, { transaction });
}
});
2022-04-11 02:09:55 +00:00
this.app.db.on('roles.afterSaveWithAssociations', async (model, options) => {
const { transaction } = options;
model.writeToAcl({
acl: this.acl,
});
2022-04-11 02:09:55 +00:00
for (const resource of (await model.getResources({ transaction })) as RoleResourceModel[]) {
await this.writeResourceToACL(resource, transaction);
}
// model is default
if (model.get('default')) {
await this.app.db.getRepository('roles').update({
values: {
default: false,
},
filter: {
'name.$ne': model.get('name'),
},
hooks: false,
transaction,
});
}
});
this.app.db.on('roles.afterDestroy', (model) => {
const roleName = model.get('name');
2022-02-11 15:59:03 +00:00
this.acl.removeRole(roleName);
});
this.app.db.on('rolesResources.afterSaveWithAssociations', async (model: RoleResourceModel, options) => {
await this.writeResourceToACL(model, options.transaction);
});
this.app.db.on('rolesResourcesActions.afterUpdateWithAssociations', async (model, options) => {
const { transaction } = options;
const resource = await model.getResource({
transaction,
});
await this.writeResourceToACL(resource, transaction);
});
this.app.db.on('rolesResources.afterDestroy', async (model, options) => {
const role = this.acl.getRole(model.get('roleName'));
if (role) {
role.revokeResource(model.get('name'));
}
});
this.app.db.on('collections.afterDestroy', async (model, options) => {
const { transaction } = options;
await this.app.db.getRepository('rolesResources').destroy({
filter: {
name: model.get('name'),
},
transaction,
});
});
this.app.db.on('fields.afterCreate', async (model, options) => {
const { transaction } = options;
const collectionName = model.get('collectionName');
const fieldName = model.get('name');
const resourceActions = (await this.app.db.getRepository('rolesResourcesActions').find({
filter: {
'resource.name': collectionName,
},
transaction,
appends: ['resource'],
})) as RoleResourceActionModel[];
for (const resourceAction of resourceActions) {
const fields = resourceAction.get('fields') as string[];
const newFields = [...fields, fieldName];
await this.app.db.getRepository('rolesResourcesActions').update({
filterByTk: resourceAction.get('id') as number,
values: {
fields: newFields,
},
transaction,
});
}
});
this.app.db.on('fields.afterDestroy', async (model, options) => {
const collectionName = model.get('collectionName');
const fieldName = model.get('name');
const resourceActions = await this.app.db.getRepository('rolesResourcesActions').find({
filter: {
'resource.name': collectionName,
'fields.$anyOf': [fieldName],
},
transaction: options.transaction,
});
for (const resourceAction of resourceActions) {
const fields = resourceAction.get('fields') as string[];
const newFields = fields.filter((field) => field != fieldName);
await this.app.db.getRepository('rolesResourcesActions').update({
filterByTk: resourceAction.get('id') as number,
values: {
fields: newFields,
},
transaction: options.transaction,
});
}
});
// sync database role data to acl
this.app.on('afterLoad', async (app, options) => {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
if (options?.method === 'install' || options?.method === 'upgrade') {
2022-10-27 07:32:58 +00:00
return;
}
const exists = await this.app.db.collectionExistsInDb('roles');
if (exists) {
await this.writeRolesToACL();
}
});
2022-02-28 06:25:50 +00:00
feat: improve code (#978) * feat: 图形化管理数据表 * feat: 图形化管理数据表 * feat: 图形化管理数据表 * feat: 图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 完善图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat: 样式优化图形化管理数据表 * feat(collection-manager): add foreignKey Field and support relate field record foreignKey info through collection record into collections and foreignKey field record info fields * fix(collection-manager): if has through collection then don't create through collections record * fix(client/route-switch): skip sub routes * feat: 添加graphpostion * feat: 图形化collection新增表时刷新数据 * fix(collection-manager): refactor afterCreateForRelateField * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化collection存储位置 * feat: 图形化样式优化 * feat: styling * feat: 图形化样式优化 * feat: 图形化样式优化 * feat: 图形化数据表多语言完善 * feat: 图形化数据表多语言完善 * feat: improve code * feat: 图形化数据表连线样式修改 * feat: 图形化数据表样式修改 * feat: 图形化数据表样式修改 * feat: 图形化数据表样式修改 * feat: 图形化数据表样式修改 * fix(collection-manager): fix afterCreateForRelateField * feat: 样式优化 * feat: 样式优化 * feat: afterCreateForForeignKeyField * fix: timestamps: false * feat: 连线锚点优化 * fix(collection-manager): when del foreign key field, relate fields will be del too * fix: update package.json * fix: update package.json * feat: 文件名大小写 * feat: 连线锚点优化 * feat: 连线锚点通过计算得到样式优化 * feat: 连线锚点通过计算得到样式优化 * fix: fk * fix: remove index * feat: 连线hover时高亮 * fix: test error * feat: 初始化计算位置 * feat: 初始化时计算坐标位置 * feat: 初始化时计算坐标位置 * feat: improve code (#933) * fix: built in * feat: 没有关系字段时也要连线 * feat: 自关联也要连线 * fix: styling * feat: 滚动条问题 * feat: 拖拽优化 * feat: 画布paddig优化 * feat: 编辑时支持反向关联字段配置 * feat: 画布拖拽滚动优化 * feat: 画布拖拽滚动优化 * fix: reload * feat: 修复数据表新建重叠 * fix: refreshCM & refreshGM * feat: 修复表达式输入框显示异常 * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化(增量渲染) * fix: 消除代码警告 * fix: 消除代码警告 * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化(增量渲染) * feat: 渲染性能优化 * feat: 渲染性能优化 * feat: 外键生成在位置在前面 * feat: 限制表最多显示10个字段其余滚动 * feat: 移动表位置的连线重新计算最优位置 * fix: error * feat: 布局自动换行 * fix: test error * fix: xpipe.eq * fix: upgrade error * fix: upgrade error * feat: 选中表时只显示和目标表关联的表和连线 * fix: maxListenersExceededWarning * feat: remove graph-collection-manager * fix: remove graph-collection-manager * fix: update yarn.lock Co-authored-by: 唐小爱 <tangxiaoai@192.168.0.103> Co-authored-by: lyf-coder <lyf-coder@foxmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2022-10-28 07:09:14 +00:00
this.app.on('afterInstall', async (app, options) => {
const exists = await this.app.db.collectionExistsInDb('roles');
if (exists) {
await this.writeRolesToACL();
}
});
2022-10-29 06:07:51 +00:00
this.app.on('afterInstallPlugin', async (plugin) => {
if (plugin.getName() !== 'users') {
return;
}
const User = this.db.getCollection('users');
await User.repository.update({
values: {
roles: ['root', 'admin', 'member'],
},
forceUpdate: true,
});
const RolesUsers = this.db.getCollection('rolesUsers');
await RolesUsers.repository.update({
filter: {
userId: 1,
roleName: 'root',
},
values: {
default: true,
},
});
});
2022-02-28 14:10:04 +00:00
this.app.on('beforeInstallPlugin', async (plugin) => {
2022-10-29 06:07:51 +00:00
if (plugin.getName() !== 'users') {
2022-02-28 14:10:04 +00:00
return;
}
const roles = this.app.db.getRepository('roles');
await roles.createMany({
2022-02-28 06:25:50 +00:00
records: [
{
name: 'root',
2022-04-22 15:58:19 +00:00
title: '{{t("Root")}}',
hidden: true,
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
snippets: ['ui.*', 'pm', 'pm.*'],
},
2022-02-28 06:25:50 +00:00
{
name: 'admin',
2022-04-22 15:58:19 +00:00
title: '{{t("Admin")}}',
allowConfigure: true,
allowNewMenu: true,
strategy: { actions: ['create', 'view', 'update', 'destroy'] },
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
snippets: ['ui.*', 'pm', 'pm.*'],
2022-02-28 06:25:50 +00:00
},
{
name: 'member',
2022-04-22 15:58:19 +00:00
title: '{{t("Member")}}',
allowNewMenu: true,
strategy: { actions: ['view', 'update:own', 'destroy:own', 'create'] },
2022-02-28 06:25:50 +00:00
default: true,
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
snippets: ['!ui.*', '!pm', '!pm.*'],
2022-02-28 06:25:50 +00:00
},
],
});
const rolesResourcesScopes = this.app.db.getRepository('rolesResourcesScopes');
await rolesResourcesScopes.createMany({
records: [
{
key: 'all',
name: '{{t("All records")}}',
scope: {},
},
{
key: 'own',
name: '{{t("Own records")}}',
scope: {
createdById: '{{ ctx.state.currentUser.id }}',
},
},
],
});
2022-02-28 06:25:50 +00:00
});
this.app.resourcer.use(setCurrentRole, { tag: 'setCurrentRole', before: 'acl', after: 'parseToken' });
this.app.acl.allow('users', 'setDefaultRole', 'loggedIn');
this.app.acl.allow('roles', 'check', 'loggedIn');
this.app.acl.allow('*', '*', (ctx) => {
return ctx.state.currentRole === 'root';
});
2022-04-13 04:18:44 +00:00
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
this.app.acl.addFixedParams('collections', 'destroy', () => {
return {
filter: {
$and: [{ 'name.$ne': 'roles' }, { 'name.$ne': 'rolesUsers' }],
},
};
});
this.app.acl.addFixedParams('rolesResourcesScopes', 'destroy', () => {
return {
filter: {
$and: [{ 'key.$ne': 'all' }, { 'key.$ne': 'own' }],
},
};
});
this.app.acl.addFixedParams('rolesResourcesScopes', 'update', () => {
return {
filter: {
$and: [{ 'key.$ne': 'all' }, { 'key.$ne': 'own' }],
},
};
});
this.app.acl.addFixedParams('roles', 'destroy', () => {
return {
filter: {
$and: [{ 'name.$ne': 'root' }, { 'name.$ne': 'admin' }, { 'name.$ne': 'member' }],
},
};
});
this.app.resourcer.use(async (ctx, next) => {
2022-04-13 04:18:44 +00:00
const { actionName, resourceName, params } = ctx.action;
const { showAnonymous } = params || {};
if (actionName === 'list' && resourceName === 'roles') {
2022-04-13 04:18:44 +00:00
if (!showAnonymous) {
ctx.action.mergeParams({
filter: {
'name.$ne': 'anonymous',
},
});
}
}
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
if (actionName === 'update' && resourceName === 'roles.resources') {
ctx.action.mergeParams({
updateAssociationValues: ['actions'],
});
}
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
await next();
});
this.app.acl.use(async (ctx: Context, next) => {
const { actionName, resourceName } = ctx.action;
if (actionName === 'get' || actionName === 'list') {
if (!Array.isArray(ctx?.permission?.can?.params?.fields)) {
return next();
}
let collection: Collection;
if (resourceName.includes('.')) {
const [collectionName, associationName] = resourceName.split('.');
const field = ctx.db.getCollection(collectionName)?.getField?.(associationName);
if (field.target) {
collection = ctx.db.getCollection(field.target);
}
} else {
collection = ctx.db.getCollection(resourceName);
}
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
if (collection && collection.hasField('createdById')) {
ctx.permission.can.params.fields.push('createdById');
}
}
return next();
});
const parseJsonTemplate = this.app.acl.parseJsonTemplate;
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
this.app.acl.use(
async (ctx: Context, next) => {
const { actionName, resourceName, resourceOf } = ctx.action;
// is association request
if (resourceName.includes('.') && resourceOf) {
if (!ctx?.permission?.can?.params) {
return next();
}
// 关联数据去掉 filter
delete ctx.permission.can.params.filter;
// 关联数据能不能处理取决于 source 是否有权限
const [collectionName] = resourceName.split('.');
const action = ctx.can({ resource: collectionName, action: actionName });
const availableAction = this.app.acl.getAvailableAction(actionName);
if (availableAction?.options?.onNewRecord) {
if (action) {
ctx.permission.skip = true;
} else {
ctx.permission.can = false;
}
} else {
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
const filter = parseJsonTemplate(action?.params?.filter || {}, ctx);
const sourceInstance = await ctx.db.getRepository(collectionName).findOne({
filterByTk: resourceOf,
filter,
});
if (!sourceInstance) {
ctx.permission.can = false;
}
}
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
}
await next();
},
{
before: 'core',
},
);
// throw error when user has no fixed params permissions
this.app.acl.use(
async (ctx: any, next) => {
const action = ctx.permission?.can?.action;
if (action == 'destroy' && !ctx.action.resourceName.includes('.')) {
const repository = actionUtils.getRepositoryFromParams(ctx);
// params after merge with fixed params
const filteredCount = await repository.count(ctx.permission.mergedParams);
// params user requested
const queryCount = await repository.count(ctx.permission.rawParams);
if (queryCount > filteredCount) {
ctx.throw(403, 'No permissions');
return;
}
}
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
await next();
},
{
after: 'core',
group: 'after',
},
);
const withACLMeta = async (ctx: any, next) => {
await next();
feat: acl optimization (#1136) * fix: sort field with table dose not have primary key * feat: fixed params merger * chore(plugins/acl): fixed params * chore(plugins/acl): allowConfigure of collections * chore(plugins/china-region): disable actions other than list * chore(plugins/collection-manager): allowConfigure permission * chore(plugins/file-manager): acl fixed params * chore: acl fixed params * chore: rolesResourcesScopes onDelete cascade * fix: install error * chore: test * fix: root user fixed params * fix: role resource scope onDelete * chore: test * chore: test * fix: acl * chore: disable index.html cache * chore: disable index.html cache * test: destory user role * test: destory throught table * fix: test * fix: test * chore: add rolesUsers to fixed params * feat: permission logging * feat: permission logging * fix: test * fix: test * chore: disable grant target action * fix: appends with fields * fix: get action params * fix: associationActions * chore: change AssociationField using relation type * chore: typo * refactor: allow to skip * fix: prettier * chore: attachments association action * fix: allowConfigure condition * fix: deprecated allow * fix: please use skip instead * feat: table column aclcheck * chore: test * feat: throw error when detory no permission record * chore: test * chore: acl test * feat: field acl * chore: after action middleware * fix: destory permission check * chore: middleware use * fix: test * feat: filter match * feat: subform/subtable field acl check * feat: action permision by scope * feat: action permision by scope * feat: list action with allowedActions * chore: all allowed action * fix: pk error * fix: merge error * fix: create query sql * fix: skip permission * fix: scope with association field * feat: action acl fix * feat: action acl fix * fix: update submodule * Feat: setting center permission (#1214) * feat: add setting center permissions * feat: setting center permissions backlist * feat: setting center permissions BLACKLIST * feat: setting center permissions blacklist * feat: setting center permissions blacklist * feat: setting center permission * feat: configure plugin tab expand Co-authored-by: chenos <chenlinxh@gmail.com> * Feat :field acl (#1211) Co-authored-by: chenos <chenlinxh@gmail.com> * fix: build error * test: acl snippet * feat: set field * fix: test * fix: build error * fix: utils Dependency cycles * feat: general permissions * feat: delete pluginTabBlacklist * fix: test * feat: snippetManager allow method * feat: acl role snippetAllowed method * feat: array field repository * feat: ArrayFieldRepository * fix: test * fix: ci * fix: ci error * fix: add set parse * test: array field repository * chore: addSnippetPatten * fix: start * feat: sync role snippets * feat: snippets check * feat: snippets check * chore: acl role snippet api * fix: test * fix: test * refactor: acl role snippets * chore: registerACLSettingSnippet * chore: default snippets * feat: snippets match * feat: snippets check * feat: snippets check * feat: pm permision check * feat: pm permision check * feat: snippet pattern match * feat: pluginManagerToolbar check * feat: pluginManagerToolbar check * chore: snippets default value * feat: set role snippets migration * chore: snippets * feat: acl local * feat: acl local * feat: bookmask fix * feat: plugin-manger & ui-editor snippet * feat: set allowConfigure to false when upgrade to snippets * feat: destory action acl fix * feat: destory action acl fix * fix: association resource params merge * fix: ui editor snippet * feat: action acl fix * chore: move list meta middleware into plugins/acl * fix: test * feat: action acl fix * feat: action acl check fix * feat: plugins toolbar fix * feat: gitmodules * fix: subproject * chore: add avaiableActions to snippet * chore: change plugin-manager snippet * feat: configure action acl fix * feat: plugin tab acl check fix * chore: roles snippets * fix: add actions to snippet * feat: allowconfigure fix * fix: count with filterBy * fix: build error * feat: get action with allowedActions * feat: acl route check fix * feat: aclActionProvider fix * feat: actionscpe fix * feat: actionname alias * feat: setting center fix * feat: acl provider fix * fix: role collection * feat: associate resource acl * feat: associate resource acl * feat: redirect to 403 * feat: route redirct * feat: acl scope check by record * fix: fields appends fix * fix: fields appends fix * fix: fields appends fix * fix: allowedActions fix * fix: menu items * fix: rename * fix: improve code * fix: improve code * fix: improve code * fix: ctx?.data?.data * fix: styling * fix: allowAll after ignore scope * chore: allowConfigure condition * fix: collections.fields:* * fix: acl test * fix: update submodule * fix: acl test * fix: acl snippet * fix: updates * fix: only load history for logged-in users * fix: this.app.acl.registerSnippet * fix: downloadXlsxTemplate * fix: 404 * feat: allowedAction in association list response * fix: listData get * fix: test * fix: x-collection-field * fix: update record error * fix: calendar template * test: allow manager * fix: fetch action step * fix: update submodule * fix: refresh * fix: refresh * fix: rolesResourcesScopes * test: snippets * fix: snippets * fix: test * fix: omit filter.createdById * fix: improve code * fix: collections path * fix: test error * fix: upgrade error * fix: errors * fix: read allowed actions error * fix: kanban error * fix: error Co-authored-by: chenos <chenlinxh@gmail.com> Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-08 23:35:48 +00:00
if (!ctx.action) {
return;
}
const { resourceName, actionName } = ctx.action;
if (!ctx.get('X-With-ACL-Meta')) {
return;
}
const collection = ctx.db.getCollection(resourceName);
if (!collection) {
return;
}
if (ctx.status !== 200) {
return;
}
if (!['list', 'get'].includes(actionName)) {
return;
}
const Model = collection.model;
const primaryKeyField = Model.primaryKeyField || Model.primaryKeyAttribute;
const dataPath = ctx.body?.rows ? 'body.rows' : 'body';
let listData = lodash.get(ctx, dataPath);
if (actionName == 'get') {
listData = lodash.castArray(listData);
}
const actions = ['view', 'update', 'destroy'];
const actionsParams = [];
for (const action of actions) {
const actionCtx: any = {
db: ctx.db,
action: {
actionName: action,
name: action,
params: {},
resourceName: ctx.action.resourceName,
resourceOf: ctx.action.resourceOf,
mergeParams() {},
},
state: {
currentRole: ctx.state.currentRole,
currentUser: (() => {
if (!ctx.state.currentUser) {
return null;
}
if (ctx.state.currentUser.toJSON) {
return ctx.state.currentUser?.toJSON();
}
return ctx.state.currentUser;
})(),
},
permission: {},
throw(...args) {
throw new NoPermissionError(...args);
},
};
try {
await this.app.acl.getActionParams(actionCtx);
} catch (e) {
if (e instanceof NoPermissionError) {
continue;
}
throw e;
}
actionsParams.push([
action,
actionCtx.permission?.can === null && !actionCtx.permission.skip
? null
: actionCtx.permission?.parsedParams || {},
]);
}
const ids = listData.map((item) => item[primaryKeyField]);
const conditions = [];
const allAllowed = [];
for (const [action, params] of actionsParams) {
if (!params) {
continue;
}
if (lodash.isEmpty(params) || lodash.isEmpty(params.filter)) {
allAllowed.push(action);
continue;
}
const queryParams = collection.repository.buildQueryOptions(params);
const actionSql = ctx.db.sequelize.queryInterface.queryGenerator.selectQuery(
Model.getTableName(),
{
// ...queryParams,
where: queryParams.where,
attributes: [primaryKeyField],
includeIgnoreAttributes: false,
// include: queryParams.include,
},
Model,
);
const whereCase = actionSql.match(/WHERE (.*?);/)[1];
conditions.push({
whereCase,
action,
include: queryParams.include,
});
}
const results = await collection.model.findAll({
where: {
[primaryKeyField]: ids,
},
attributes: [
primaryKeyField,
...conditions.map((condition) => {
return [ctx.db.sequelize.literal(`CASE WHEN ${condition.whereCase} THEN 1 ELSE 0 END`), condition.action];
}),
],
include: conditions.map((condition) => condition.include).flat(),
});
const allowedActions = actions
.map((action) => {
if (allAllowed.includes(action)) {
return [action, ids];
}
return [action, results.filter((item) => Boolean(item.get(action))).map((item) => item.get(primaryKeyField))];
})
.reduce((acc, [action, ids]) => {
acc[action] = ids;
return acc;
}, {});
if (actionName == 'get') {
ctx.bodyMeta = {
...(ctx.bodyMeta || {}),
allowedActions: allowedActions,
};
}
if (actionName == 'list') {
ctx.body.allowedActions = allowedActions;
}
};
// append allowedActions to list & get response
this.app.use(
async (ctx, next) => {
try {
await withACLMeta(ctx, next);
} catch (error) {
ctx.logger.error(error);
}
},
{ after: 'restApi', group: 'after' },
);
}
2022-03-02 10:35:49 +00:00
async install() {
const repo = this.db.getRepository<any>('collections');
if (repo) {
await repo.db2cm('roles');
}
}
async load() {
feat: duplicator plugin (#1265) * chore: dump plugin * chore: rename plugin * chore: add duplicator into preset * chore: tmp commit * feat: restore & dump action * feat: collection dump & restore * feat: collection dump & restore * fix: dump with json type * fix: dump uischema * chore: tmp commit * chore: tmp commit * feat: restore custom collections * chore: code * fix: build * chore: tmp commit * fix: pm.generateClientFile * feat: dump with user plugins * feat: restore ignore collection * feat: ignore user with rolesUsers * chore: client plugins * refactor: restore insert sql * chore: code format * feat: restore with sequelize insert query * fix: restore json field * fix: json restore * refactor: dumper * refactor: restorer * chore: dump file name * chore: dump file name * chore: dump message * fix: restore with jsonb fields * feat: field data writer * chore: code * feat: collection group manager * feat: duplicator client * feat: duplicator panel * chore: disable duplicator ui * feat: dump with inquirer * chore: dumper * chore: collection group manager * feat: restore with inquirer * chore: comment * chore: inquirer page size * feat: warning before restore * feat: sync postgres sequence id after import collection * chore: restore checked * feat: dump with through table * feat: restore with through table * feat: restore with sequence field * chore: graph collection manager collection group * fix: dump with no column tables * fix: dump empty table * fix: force remove workdir * chore: disable throw error when sync empty table * feat: support map field restore * fix: restore from pg dumped file * fix: dump with logic field * chore: console.log * chore: collection group * chore: handle import collection error * fix: dump migrations table * feat: display custom collection title * fix: restore collection title display * fix: dump iframe html * fix: dump with postgres inhertitance * fix: dump sql * chore: export snapshot field * fix: import with sequences * fix: import sequences * fix: storage Co-authored-by: chenos <chenlinxh@gmail.com>
2023-01-08 04:45:02 +00:00
await this.importCollections(resolve(__dirname, 'collections'));
}
}
2022-02-11 10:13:14 +00:00
export default PluginACL;