Oak-Team
/
oak-domain
13
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 33 Wiki Activity

checker对relationAuth的修正

This commit is contained in:
Xu Chang 2023-02-20 02:02:08 +08:00
parent 149198c526
commit 152c54abcb
4 changed files with 62 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
lib/store/checker.js
View File

@ -254,9 +254,12 @@ function translateCheckerInSyncContext(checker) {
}
}
exports.translateCheckerInSyncContext = translateCheckerInSyncContext;
function translateCascadeRelationFilterMaker(schema, lch, entity2) {
function translateCascadeRelationFilterMaker(schema, lch, entity2, pathPrefix) {
var cascadePath = lch.cascadePath, relations = lch.relations;
var paths = cascadePath.split('.');
var paths = cascadePath ? cascadePath.split('.') : [];
if (pathPrefix) {
paths.unshift(pathPrefix);
}
var translateRelationFilter = function (entity) {
// 有两种情况此entity和user有Relation定义或是此entity已经指向user
if (entity === 'user') {
@ -334,8 +337,8 @@ function translateCascadeRelationFilterMaker(schema, lch, entity2) {
};
}
};
var filterMaker = cascadePath ? translateFilterMakerIter(entity2, 0) : translateRelationFilter(entity2);
if (!cascadePath) {
var filterMaker = paths.length ? translateFilterMakerIter(entity2, 0) : translateRelationFilter(entity2);
if (!paths.length) {
return function (oper, userId) { return filterMaker(userId); };
}
/**
@ -434,17 +437,17 @@ function translateCascadeRelationFilterMaker(schema, lch, entity2) {
return filterMaker(userId);
};
}
function translateActionAuthFilterMaker(schema, relationItem, entity) {
function translateActionAuthFilterMaker(schema, relationItem, entity, pathPrefix) {
if (relationItem instanceof Array) {
var maker = relationItem.map(function (ele) {
if (ele instanceof Array) {
return ele.map(function (ele2) { return translateCascadeRelationFilterMaker(schema, ele2, entity); });
return ele.map(function (ele2) { return translateCascadeRelationFilterMaker(schema, ele2, entity, pathPrefix); });
}
return translateCascadeRelationFilterMaker(schema, ele, entity);
return translateCascadeRelationFilterMaker(schema, ele, entity, pathPrefix);
});
return maker;
}
var filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity);
var filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity, pathPrefix);
return filterMaker;
}
function makePotentialFilter(operation, context, filterMaker) {
@ -609,7 +612,7 @@ function createAuthCheckers(schema, authDict) {
var userEntityName_1 = "user".concat((0, string_1.firstLetterUpperCase)(entity));
for (var r in relationAuth) {
Object.assign(raFilterMakerDict_1, (_a = {},
_a[r] = translateActionAuthFilterMaker(schema, relationAuth[r], entity),
_a[r] = translateActionAuthFilterMaker(schema, relationAuth[r], userEntityName_1, entity),
_a));
}
var entityIdAttr_1 = "".concat(entity, "Id");
@ -618,25 +621,14 @@ function createAuthCheckers(schema, authDict) {
action: 'create',
type: 'relation',
relationFilter: function (operation, context) {
var _a;
var data = operation.data;
(0, assert_1.default)(!(data instanceof Array));
var _b = data, relation = _b.relation, _c = entityIdAttr_1, entityId = _b[_c];
var _a = data, relation = _a.relation, _b = entityIdAttr_1, entityId = _a[_b];
if (!raFilterMakerDict_1[relation]) {
return;
}
var filter = makePotentialFilter(operation, context, raFilterMakerDict_1[relation]);
if (filter instanceof Promise) {
return filter.then(function (f) {
var _a;
return (_a = {},
_a[entity] = f,
_a);
});
}
return filter ? (_a = {},
_a[entity] = filter,
_a) : undefined;
return filter;
},
errMsg: '越权操作',
});
@ -661,13 +653,19 @@ function createAuthCheckers(schema, authDict) {
_a);
});
if (filtersAnd.find(function (ele) { return ele instanceof Promise; })) {
return Promise.all(filtersAnd).then(function (fa) { return ({
$and: fa,
}); });
return Promise.all(filtersAnd).then(function (fa) {
if (fa.length > 0) {
return {
$and: fa,
};
}
});
}
if (filtersAnd.length > 0) {
return {
$and: filtersAnd
};
}
return {
$and: filtersAnd
};
};
var toBeRemoved = context.select(userEntityName_1, {
data: (_a = {

5
lib/utils/validator.d.ts vendored
View File

@ -1,3 +1,4 @@
import { EntityDict } from "../types";
declare type ValidatorFunction = (text: string, size?: number) => string | boolean;
declare type ValidatorMoneyFunction = (text: string, zero?: boolean) => string | boolean;
export declare const isMobile: ValidatorFunction;
@ -18,6 +19,6 @@ export declare const isPhone: ValidatorFunction;
export declare const isNumber: ValidatorFunction;
export declare const isMoney: ValidatorMoneyFunction;
export declare const isVehicleNumber: ValidatorFunction;
export declare function checkAttributesNotNull<T extends Record<string, any>>(entity: string, data: T, attributes: Array<keyof T>, allowEmpty?: true): void;
export declare function checkAttributesScope<T extends Record<string, any>>(entity: string, data: T, attributes: Array<keyof T>): void;
export declare function checkAttributesNotNull<ED extends EntityDict, T extends keyof EntityDict>(entity: T, data: Partial<ED[T]['CreateSingle']['data']>, attributes: Array<keyof ED[T]['CreateSingle']['data']>, allowEmpty?: true): void;
export declare function checkAttributesScope<ED extends EntityDict, T extends keyof EntityDict>(entity: T, data: Partial<ED[T]['CreateSingle']['data']>, attributes: Array<keyof ED[T]['CreateSingle']['data']>): void;
export {};

53
src/store/checker.ts
View File

@ -229,9 +229,13 @@ type FilterMakeFn<ED extends EntityDict & BaseEntityDict> = (operation: ED[keyof
function translateCascadeRelationFilterMaker<ED extends EntityDict & BaseEntityDict>(
schema: StorageSchema<ED>,
lch: CascadeRelationItem,
entity2: keyof ED): FilterMakeFn<ED> {
entity2: keyof ED,
pathPrefix?: string): FilterMakeFn<ED> {
const { cascadePath, relations } = lch;
const paths = cascadePath.split('.');
const paths = cascadePath ? cascadePath.split('.') : [];
if (pathPrefix) {
paths.unshift(pathPrefix);
}
const translateRelationFilter = <T extends keyof ED>(entity: T): (userId: string) => ED[T]['Selection']['filter'] => {
// 有两种情况此entity和user有Relation定义或是此entity已经指向user
@ -309,8 +313,8 @@ function translateCascadeRelationFilterMaker<ED extends EntityDict & BaseEntityD
}
};
const filterMaker = cascadePath ? translateFilterMakerIter(entity2, 0) : translateRelationFilter(entity2);
if (!cascadePath) {
const filterMaker = paths.length ? translateFilterMakerIter(entity2, 0) : translateRelationFilter(entity2);
if (!paths.length) {
return (oper, userId) => filterMaker(userId);
}
/**
@ -413,22 +417,23 @@ function translateCascadeRelationFilterMaker<ED extends EntityDict & BaseEntityD
function translateActionAuthFilterMaker<ED extends EntityDict & BaseEntityDict>(
schema: StorageSchema<ED>,
relationItem: CascadeRelationItem | (CascadeRelationItem | CascadeRelationItem[])[],
entity: keyof ED
entity: keyof ED,
pathPrefix?: string,
): FilterMakeFn<ED> | (FilterMakeFn<ED> | FilterMakeFn<ED>[])[] {
if (relationItem instanceof Array) {
const maker = relationItem.map(
ele => {
if (ele instanceof Array) {
return ele.map(
ele2 => translateCascadeRelationFilterMaker(schema, ele2, entity)
ele2 => translateCascadeRelationFilterMaker(schema, ele2, entity, pathPrefix)
);
}
return translateCascadeRelationFilterMaker(schema, ele, entity);
return translateCascadeRelationFilterMaker(schema, ele, entity, pathPrefix);
}
);
return maker;
}
const filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity);
const filterMaker = translateCascadeRelationFilterMaker(schema, relationItem, entity, pathPrefix);
return filterMaker;
}
@ -581,7 +586,7 @@ export function createAuthCheckers<ED extends EntityDict & BaseEntityDict, Cxt e
const userEntityName = `user${firstLetterUpperCase(entity)}`;
for (const r in relationAuth) {
Object.assign(raFilterMakerDict, {
[r]: translateActionAuthFilterMaker(schema, relationAuth[r as NonNullable<ED[keyof ED]['Relation']>]!, entity),
[r]: translateActionAuthFilterMaker(schema, relationAuth[r as NonNullable<ED[keyof ED]['Relation']>]!, userEntityName, entity),
});
}
const entityIdAttr = `${entity}Id`;
@ -597,16 +602,8 @@ export function createAuthCheckers<ED extends EntityDict & BaseEntityDict, Cxt e
return;
}
const filter = makePotentialFilter(operation, context, raFilterMakerDict[relation]);
if (filter instanceof Promise) {
return filter.then(
(f) => ({
[entity]: f,
})
);
}
return filter ? {
[entity]: filter,
} : undefined;
return filter;
},
errMsg: '越权操作',
});
@ -636,14 +633,20 @@ export function createAuthCheckers<ED extends EntityDict & BaseEntityDict, Cxt e
);
if (filtersAnd.find(ele => ele instanceof Promise)) {
return Promise.all(filtersAnd).then(
(fa) => ({
$and: fa,
} as ED[keyof ED]['Selection']['filter'])
(fa) => {
if (fa.length > 0) {
return {
$and: fa,
} as ED[keyof ED]['Selection']['filter'];
}
}
);
}
return {
$and: filtersAnd
} as ED[keyof ED]['Selection']['filter'];
if (filtersAnd.length > 0) {
return {
$and: filtersAnd
} as ED[keyof ED]['Selection']['filter'];
}
};
const toBeRemoved = context.select(userEntityName, {

10
src/utils/validator.ts
View File

@ -3,7 +3,7 @@
*/
'use strict';
import { OakInputIllegalException } from "../types";
import { EntityDict, OakInputIllegalException } from "../types";
type ValidatorFunction = (text: string, size?:number) => string|boolean;
type ValidatorMoneyFunction = (text: string, zero?:boolean) => string|boolean;
@ -106,7 +106,7 @@ export const isVehicleNumber: ValidatorFunction = (str) => {
}
export function checkAttributesNotNull<T extends Record<string, any>>(entity: string, data: T, attributes: Array<keyof T>, allowEmpty?: true) {
export function checkAttributesNotNull<ED extends EntityDict, T extends keyof EntityDict>(entity: T, data: Partial<ED[T]['CreateSingle']['data']>, attributes: Array<keyof ED[T]['CreateSingle']['data']>, allowEmpty?: true) {
const attrs = attributes.filter(
(attr) => {
if (data[attr] === null || data[attr] === ''|| data[attr] === undefined) {
@ -119,16 +119,16 @@ export function checkAttributesNotNull<T extends Record<string, any>>(entity: st
) as string[];
if (attrs.length > 0) {
throw new OakInputIllegalException(entity, attrs, '属性不能为空');
throw new OakInputIllegalException(entity as string, attrs, '属性不能为空');
}
};
export function checkAttributesScope<T extends Record<string, any>>(entity: string, data: T, attributes: Array<keyof T>) {
export function checkAttributesScope<ED extends EntityDict, T extends keyof EntityDict>(entity: T, data: Partial<ED[T]['CreateSingle']['data']>, attributes: Array<keyof ED[T]['CreateSingle']['data']>) {
const attrs = attributes.filter(
attr => !data.hasOwnProperty(attr)
) as string[];
if (attrs.length > 0) {
throw new OakInputIllegalException(entity, attrs, '多余的属性');
throw new OakInputIllegalException(entity as string, attrs, '多余的属性');
}
}