From 8ab69500c75b15b618c827040623a29fb721e6cd Mon Sep 17 00:00:00 2001 From: Dunqing Date: Sat, 13 Jan 2024 18:13:18 +0800 Subject: [PATCH] fix(custom-request): permission issues (#3306) * fix(custom-request-plugin): cannot see custom request action in non-root role when acl doesn't set * fix: list all roles * feat: display all roles * feat: support * fix: remove unused code * fix: options is null * fix: translation * fix: migration error --------- Co-authored-by: chenos --- packages/core/client/src/locale/en_US.json | 1 + packages/core/client/src/locale/zh-CN.json | 1 + .../items/BlockInitializer.tsx | 1 + .../client/components/CustomRequestAction.tsx | 2 +- .../CustomRequestActionDesigner.tsx | 4 --- .../hooks/useCustomRequestVariableOptions.ts | 8 +++--- .../hooks/useCustomizeRequestActionProps.ts | 25 +++---------------- .../initializer/CustomRequestInitializer.tsx | 7 +++--- .../src/client/schemas/CustomRequestACL.ts | 9 ++++--- .../src/server/actions/send.ts | 7 ++++-- .../src/server/plugin.ts | 2 +- ...220818072639-add-users-phone-constraint.ts | 12 ++++++--- .../20230802170800-add-username-constraint.ts | 12 ++++++--- 13 files changed, 43 insertions(+), 48 deletions(-) diff --git a/packages/core/client/src/locale/en_US.json b/packages/core/client/src/locale/en_US.json index 17cf946753..646bf4df12 100644 --- a/packages/core/client/src/locale/en_US.json +++ b/packages/core/client/src/locale/en_US.json @@ -191,6 +191,7 @@ "Insert if not exists, or update": "Insert if not exists, or update", "Determine whether a record exists by the following fields": "Determine whether a record exists by the following fields", "Update": "Update", + "Update record": "Update record", "View": "View", "View record": "View record", "Refresh": "Refresh", diff --git a/packages/core/client/src/locale/zh-CN.json b/packages/core/client/src/locale/zh-CN.json index 85b7e857a8..b7fbc8d25e 100644 --- a/packages/core/client/src/locale/zh-CN.json +++ b/packages/core/client/src/locale/zh-CN.json @@ -200,6 +200,7 @@ "Action type": "操作类型", "Actions": "操作", "Update": "更新", + "Update record": "更新数据", "View": "查看", "View record": "查看数据", "Refresh": "刷新", diff --git a/packages/core/client/src/schema-initializer/items/BlockInitializer.tsx b/packages/core/client/src/schema-initializer/items/BlockInitializer.tsx index 8c2c8edc53..05de0d33ec 100644 --- a/packages/core/client/src/schema-initializer/items/BlockInitializer.tsx +++ b/packages/core/client/src/schema-initializer/items/BlockInitializer.tsx @@ -13,6 +13,7 @@ export const BlockInitializer = (props) => { const s = merge(schema || {}, item.schema || {}); item?.schemaInitialize?.(s); insert(s); + props.onClick?.(s); }} /> ); diff --git a/packages/plugins/@nocobase/plugin-custom-request/src/client/components/CustomRequestAction.tsx b/packages/plugins/@nocobase/plugin-custom-request/src/client/components/CustomRequestAction.tsx index 0f8ac90687..99eb35772d 100644 --- a/packages/plugins/@nocobase/plugin-custom-request/src/client/components/CustomRequestAction.tsx +++ b/packages/plugins/@nocobase/plugin-custom-request/src/client/components/CustomRequestAction.tsx @@ -1,9 +1,9 @@ import { Action, useAPIClient, useRequest } from '@nocobase/client'; import React from 'react'; -import { CustomRequestActionDesigner } from './CustomRequestActionDesigner'; import { useFieldSchema } from '@formily/react'; import { listByCurrentRoleUrl } from '../constants'; import { useCustomizeRequestActionProps } from '../hooks'; +import { CustomRequestActionDesigner } from './CustomRequestActionDesigner'; export const CustomRequestActionACLDecorator = (props) => { const apiClient = useAPIClient(); diff --git a/packages/plugins/@nocobase/plugin-custom-request/src/client/components/CustomRequestActionDesigner.tsx b/packages/plugins/@nocobase/plugin-custom-request/src/client/components/CustomRequestActionDesigner.tsx index 2018ebbd1b..03b42b974f 100644 --- a/packages/plugins/@nocobase/plugin-custom-request/src/client/components/CustomRequestActionDesigner.tsx +++ b/packages/plugins/@nocobase/plugin-custom-request/src/client/components/CustomRequestActionDesigner.tsx @@ -6,7 +6,6 @@ import { SchemaSettingsActionModalItem, actionSettingsItems, useCollection, - useCurrentRoles, useRequest, } from '@nocobase/client'; import React from 'react'; @@ -74,14 +73,11 @@ function CustomRequestACL() { }, ); - const currentRoles = useCurrentRoles(); - return ( <> { const collection = useCollection(); @@ -16,17 +16,17 @@ export const useCustomRequestVariableOptions = () => { return [ { name: 'currentRecord', - title: t('Current record'), + title: t('Current record', { ns: 'client' }), children: [...fields], }, { name: 'currentUser', - title: t('Current user'), + title: t('Current user', { ns: 'client' }), children: userFields, }, { name: 'currentTime', - title: t('Current time'), + title: t('Current time', { ns: 'client' }), children: null, }, ]; diff --git a/packages/plugins/@nocobase/plugin-custom-request/src/client/hooks/useCustomizeRequestActionProps.ts b/packages/plugins/@nocobase/plugin-custom-request/src/client/hooks/useCustomizeRequestActionProps.ts index e2cbe456d8..e729eb0aa4 100644 --- a/packages/plugins/@nocobase/plugin-custom-request/src/client/hooks/useCustomizeRequestActionProps.ts +++ b/packages/plugins/@nocobase/plugin-custom-request/src/client/hooks/useCustomizeRequestActionProps.ts @@ -24,12 +24,10 @@ export const useCustomizeRequestActionProps = () => { const actionSchema = useFieldSchema(); const compile = useCompile(); const form = useForm(); - const { fields, getField, getPrimaryKey } = useCollection(); - const { field, resource, __parent, service } = useBlockRequestContext(); - const { getActiveFieldsName } = useFormActiveFields() || {}; + const { getPrimaryKey } = useCollection(); + const { resource, __parent, service } = useBlockRequestContext(); const record = useRecord(); const fieldSchema = useFieldSchema(); - const { data, runAsync } = useGetCustomRequest(); const actionField = useField(); const { setVisible } = useActionContext(); const { modal, message } = App.useApp(); @@ -38,29 +36,14 @@ export const useCustomizeRequestActionProps = () => { return { async onClick() { const { skipValidator, onSuccess } = actionSchema?.['x-action-settings'] ?? {}; - const options = data ? data?.data?.options : (await runAsync())?.data?.options; - if (!options?.['url']) { - return message.error(t('Please configure the request settings first')); - } const xAction = actionSchema?.['x-action']; if (skipValidator !== true && xAction === 'customize:form:request') { await form.submit(); } let formValues = {}; - const methods = ['POST', 'PUT', 'PATCH']; - if (xAction === 'customize:form:request' && methods.includes(options['method'])) { - const fieldNames = fields.map((field) => field.name); - const values = getFormValues({ - filterByTk, - field, - form, - fieldNames, - getField, - resource, - actionFields: getActiveFieldsName?.('form') || [], - }); - formValues = values; + if (xAction === 'customize:form:request') { + formValues = form.values; } actionField.data ??= {}; diff --git a/packages/plugins/@nocobase/plugin-custom-request/src/client/initializer/CustomRequestInitializer.tsx b/packages/plugins/@nocobase/plugin-custom-request/src/client/initializer/CustomRequestInitializer.tsx index 8020222e86..db9ec6b5f4 100644 --- a/packages/plugins/@nocobase/plugin-custom-request/src/client/initializer/CustomRequestInitializer.tsx +++ b/packages/plugins/@nocobase/plugin-custom-request/src/client/initializer/CustomRequestInitializer.tsx @@ -27,14 +27,13 @@ export const CustomRequestInitializer: React.FC = (props) => { { - await customRequestsResource.updateOrCreate({ + onClick={async (s) => { + // create a custom request + await customRequestsResource.create({ values: { key: s['x-uid'], }, - filterKeys: ['key'], }); - await props?.insert(s); }} schema={schema} /> diff --git a/packages/plugins/@nocobase/plugin-custom-request/src/client/schemas/CustomRequestACL.ts b/packages/plugins/@nocobase/plugin-custom-request/src/client/schemas/CustomRequestACL.ts index 5d1b8cba99..a15dc7a06f 100644 --- a/packages/plugins/@nocobase/plugin-custom-request/src/client/schemas/CustomRequestACL.ts +++ b/packages/plugins/@nocobase/plugin-custom-request/src/client/schemas/CustomRequestACL.ts @@ -10,15 +10,18 @@ export const CustomRequestACLSchema = { 'x-decorator-props': { tooltip: generateNTemplate('If not set, all roles can see this action'), }, - 'x-component': 'Select', + 'x-component': 'RemoteSelect', 'x-component-props': { multiple: true, + objectValue: true, + service: { + resource: 'roles', + }, + manual: false, fieldNames: { label: 'title', value: 'name', }, - objectValue: true, - options: '{{ currentRoles }}', }, }, }, diff --git a/packages/plugins/@nocobase/plugin-custom-request/src/server/actions/send.ts b/packages/plugins/@nocobase/plugin-custom-request/src/server/actions/send.ts index ec27bab10f..9569dcbacd 100644 --- a/packages/plugins/@nocobase/plugin-custom-request/src/server/actions/send.ts +++ b/packages/plugins/@nocobase/plugin-custom-request/src/server/actions/send.ts @@ -1,9 +1,9 @@ import { Context, Next } from '@nocobase/actions'; import { parse } from '@nocobase/utils'; +import { appendArrayColumn } from '@nocobase/evaluators'; import axios from 'axios'; import CustomRequestPlugin from '../plugin'; -import { appendArrayColumn } from '@nocobase/evaluators'; const getHeaders = (headers: Record) => { return Object.keys(headers).reduce((hds, key) => { @@ -84,7 +84,10 @@ export async function send(this: CustomRequestPlugin, ctx: Context, next: Next) ctx.withoutDataWrapping = true; - const { collectionName, url, headers = [], params = [], data = {}, ...options } = requestConfig.options; + const { collectionName, url, headers = [], params = [], data = {}, ...options } = requestConfig.options || {}; + if (!url) { + return ctx.throw(400, ctx.t('Please configure the request settings first', { ns: 'custom-request' })); + } let currentRecordValues = {}; if (collectionName && typeof currentRecord.id !== 'undefined') { const recordRepo = ctx.db.getRepository(collectionName); diff --git a/packages/plugins/@nocobase/plugin-custom-request/src/server/plugin.ts b/packages/plugins/@nocobase/plugin-custom-request/src/server/plugin.ts index 21c69a631e..e73662c7b3 100644 --- a/packages/plugins/@nocobase/plugin-custom-request/src/server/plugin.ts +++ b/packages/plugins/@nocobase/plugin-custom-request/src/server/plugin.ts @@ -36,7 +36,7 @@ export class CustomRequestPlugin extends Plugin { this.app.acl.registerSnippet({ name: `ui.${this.name}`, - actions: ['customRequests:*'], + actions: ['customRequests:*', 'roles:list'], }); this.app.acl.allow('customRequests', ['send', 'listByCurrentRole'], 'loggedIn'); diff --git a/packages/plugins/@nocobase/plugin-users/src/server/migrations/20220818072639-add-users-phone-constraint.ts b/packages/plugins/@nocobase/plugin-users/src/server/migrations/20220818072639-add-users-phone-constraint.ts index 250bbe8c4f..770306b749 100644 --- a/packages/plugins/@nocobase/plugin-users/src/server/migrations/20220818072639-add-users-phone-constraint.ts +++ b/packages/plugins/@nocobase/plugin-users/src/server/migrations/20220818072639-add-users-phone-constraint.ts @@ -23,10 +23,14 @@ export default class AddUsersPhoneMigration extends Migration { type: DataTypes.STRING, }); } - await this.db.sequelize.getQueryInterface().addConstraint(tableNameWithSchema, { - type: 'unique', - fields: [field.columnName()], - }); + try { + await this.db.sequelize.getQueryInterface().addConstraint(tableNameWithSchema, { + type: 'unique', + fields: [field.columnName()], + }); + } catch (error) { + // + } this.db.removeCollection('users'); } diff --git a/packages/plugins/@nocobase/plugin-users/src/server/migrations/20230802170800-add-username-constraint.ts b/packages/plugins/@nocobase/plugin-users/src/server/migrations/20230802170800-add-username-constraint.ts index b6aa21fe09..f5977d2887 100644 --- a/packages/plugins/@nocobase/plugin-users/src/server/migrations/20230802170800-add-username-constraint.ts +++ b/packages/plugins/@nocobase/plugin-users/src/server/migrations/20230802170800-add-username-constraint.ts @@ -23,10 +23,14 @@ export default class AddUserNameMigration extends Migration { type: DataTypes.STRING, }); } - await this.db.sequelize.getQueryInterface().addConstraint(tableNameWithSchema, { - type: 'unique', - fields: [field.columnName()], - }); + try { + await this.db.sequelize.getQueryInterface().addConstraint(tableNameWithSchema, { + type: 'unique', + fields: [field.columnName()], + }); + } catch (error) { + // + } this.db.removeCollection('users'); } }