mirrors/nocobase
1
0
Fork 0
mirror of https://github.com/nocobase/nocobase synced 2024-11-15 18:46:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3dfd5a1f7a
nocobase/packages/core/acl/src/acl-available-strategy.ts
ChengLei Shao a614bc7de8
feat: acl optimization (#1136) 
* fix: sort field with table dose not have primary key

* feat: fixed params merger

* chore(plugins/acl): fixed params

* chore(plugins/acl): allowConfigure of collections

* chore(plugins/china-region): disable actions other than list

* chore(plugins/collection-manager): allowConfigure permission

* chore(plugins/file-manager): acl fixed params

* chore: acl fixed params

* chore: rolesResourcesScopes onDelete cascade

* fix: install error

* chore: test

* fix: root user fixed params

* fix: role resource scope onDelete

* chore: test

* chore: test

* fix: acl

* chore: disable index.html cache

* chore: disable index.html cache

* test: destory user role

* test: destory throught table

* fix: test

* fix: test

* chore: add rolesUsers to fixed params

* feat: permission logging

* feat: permission logging

* fix: test

* fix: test

* chore: disable grant target action

* fix: appends with fields

* fix: get action params

* fix: associationActions

* chore: change AssociationField using relation type

* chore: typo

* refactor: allow to skip

* fix: prettier

* chore: attachments association action

* fix: allowConfigure condition

* fix: deprecated allow

* fix: please use skip instead

* feat: table column aclcheck

* chore: test

* feat: throw error when detory no permission record

* chore: test

* chore: acl test

* feat: field acl

* chore: after action middleware

* fix: destory permission check

* chore: middleware use

* fix: test

* feat: filter match

* feat: subform/subtable field acl check

* feat: action permision by scope

* feat: action permision by scope

* feat: list action with allowedActions

* chore: all allowed action

* fix: pk error

* fix: merge error

* fix: create query sql

* fix: skip permission

* fix: scope with association field

* feat: action acl fix

* feat: action acl fix

* fix: update submodule

* Feat: setting center permission (#1214)

* feat: add setting center permissions

* feat: setting center permissions backlist

* feat: setting center permissions BLACKLIST

* feat: setting center permissions blacklist

* feat: setting center permissions blacklist

* feat: setting center permission

* feat: configure plugin tab expand

Co-authored-by: chenos <chenlinxh@gmail.com>

* Feat :field acl (#1211)

Co-authored-by: chenos <chenlinxh@gmail.com>

* fix: build error

* test: acl snippet

* feat: set field

* fix: test

* fix: build error

* fix: utils Dependency cycles

* feat: general permissions

* feat: delete pluginTabBlacklist

* fix: test

* feat: snippetManager allow method

* feat: acl role snippetAllowed method

* feat: array field repository

* feat:  ArrayFieldRepository

* fix: test

* fix: ci

* fix: ci error

* fix: add set parse

* test: array field repository

* chore: addSnippetPatten

* fix: start

* feat: sync role snippets

* feat: snippets check

* feat: snippets check

* chore: acl role snippet api

* fix: test

* fix: test

* refactor: acl role snippets

* chore: registerACLSettingSnippet

* chore: default snippets

* feat: snippets match

* feat: snippets check

* feat: snippets check

* feat: pm permision check

* feat: pm permision check

* feat: snippet pattern match

* feat: pluginManagerToolbar check

* feat: pluginManagerToolbar check

* chore: snippets default value

* feat: set role snippets migration

* chore: snippets

* feat: acl local

* feat: acl local

* feat: bookmask fix

* feat: plugin-manger & ui-editor snippet

* feat: set allowConfigure to false when upgrade to snippets

* feat: destory action acl fix

* feat: destory action acl fix

* fix: association resource params merge

* fix: ui editor snippet

* feat:  action acl fix

* chore: move list meta middleware into plugins/acl

* fix: test

* feat:  action acl fix

* feat: action acl check fix

* feat: plugins toolbar fix

* feat: gitmodules

* fix: subproject

* chore: add avaiableActions to snippet

* chore: change plugin-manager snippet

* feat: configure action acl fix

* feat: plugin tab acl check fix

* chore: roles snippets

* fix: add actions to snippet

* feat: allowconfigure fix

* fix: count with filterBy

* fix: build error

* feat: get action with allowedActions

* feat: acl route check fix

* feat:  aclActionProvider fix

* feat: actionscpe fix

* feat: actionname alias

* feat: setting center fix

* feat: acl provider fix

* fix: role collection

* feat: associate resource  acl

* feat: associate resource  acl

* feat: redirect to 403

* feat: route redirct

* feat:  acl scope check by record

* fix: fields  appends fix

* fix: fields  appends fix

* fix: fields  appends fix

* fix: allowedActions  fix

* fix:  menu items

* fix: rename

* fix: improve code

* fix: improve code

* fix: improve code

* fix: ctx?.data?.data

* fix: styling

* fix: allowAll after ignore scope

* chore: allowConfigure condition

* fix: collections.fields:*

* fix: acl test

* fix: update submodule

* fix: acl test

* fix: acl snippet

* fix: updates

* fix: only load history for logged-in users

* fix: this.app.acl.registerSnippet

* fix: downloadXlsxTemplate

* fix: 404

* feat: allowedAction in association list response

* fix: listData get

* fix: test

* fix: x-collection-field

* fix: update record error

* fix: calendar template

* test: allow manager

* fix: fetch action step

* fix: update submodule

* fix: refresh

* fix: refresh

* fix: rolesResourcesScopes

* test: snippets

* fix: snippets

* fix: test

* fix: omit filter.createdById

* fix: improve code

* fix: collections path

* fix: test error

* fix: upgrade error

* fix: errors

* fix: read allowed actions error

* fix: kanban error

* fix: error

Co-authored-by: chenos <chenlinxh@gmail.com>
Co-authored-by: katherinehhh <katherine_15995@163.com>
2023-01-09 07:35:48 +08:00

68 lines
1.5 KiB
TypeScript
Raw Blame History

import lodash from 'lodash';
import { ACL } from './acl';
type StrategyValue = false | '*' | string | string[];
export interface AvailableStrategyOptions {
displayName?: string;
actions?: false | string | string[];
allowConfigure?: boolean;
resource?: '*';
}
export const predicate = {
own: {
filter: {
createdById: '{{ ctx.state.currentUser.id }}',
},
},
all: {},
};
export class ACLAvailableStrategy {
acl: ACL;
options: AvailableStrategyOptions;
actionsAsObject: { [key: string]: string };
allowConfigure: boolean;
constructor(acl: ACL, options: AvailableStrategyOptions) {
this.acl = acl;
this.options = options;
this.allowConfigure = options.allowConfigure;
let actions = this.options.actions;
if (lodash.isString(actions) && actions != '*') {
actions = [actions];
}
if (lodash.isArray(actions)) {
this.actionsAsObject = actions.reduce((carry, action) => {
const [actionName, predicate] = action.split(':');
carry[actionName] = predicate;
return carry;
}, {});
}
}
matchAction(actionName: string) {
if (this.options.actions == '*') {
return true;
}
if (this.actionsAsObject?.hasOwnProperty(actionName)) {
const predicateName = this.actionsAsObject[actionName];
if (predicateName) {
return lodash.cloneDeep(predicate[predicateName]);
}
return true;
}
return false;
}
allow(resourceName: string, actionName: string) {
return this.matchAction(this.acl.resolveActionAlias(actionName));
}
}
Reference in New Issue View Git Blame Copy Permalink