支持对createRelation不带relation情况的判定
This commit is contained in:
parent
4ebef4a9c4
commit
635fc05cd5
|
|
@ -738,11 +738,23 @@ function createAuthCheckers(schema, authDict) {
|
|||
if (relationAuth) {
|
||||
var raFilterMakerDict_1 = {};
|
||||
var userEntityName = "user".concat((0, string_1.firstLetterUpperCase)(entity));
|
||||
var allAuthItem = [];
|
||||
for (var r in relationAuth) {
|
||||
var authItem = relationAuth[r];
|
||||
Object.assign(raFilterMakerDict_1, (_a = {},
|
||||
_a[r] = translateActionAuthFilterMaker(schema, relationAuth[r], userEntityName, entity),
|
||||
_a[r] = translateActionAuthFilterMaker(schema, authItem, userEntityName, entity),
|
||||
_a));
|
||||
if (authItem instanceof Array) {
|
||||
allAuthItem.push.apply(allAuthItem, tslib_1.__spreadArray([], tslib_1.__read(authItem), false));
|
||||
}
|
||||
else {
|
||||
allAuthItem.push(authItem);
|
||||
}
|
||||
}
|
||||
// 如果不指定relation,则使用所有的authItem的or组合
|
||||
Object.assign(raFilterMakerDict_1, {
|
||||
'@@all': translateActionAuthFilterMaker(schema, allAuthItem, userEntityName, entity),
|
||||
});
|
||||
var entityIdAttr_1 = "".concat(entity, "Id");
|
||||
checkers.push({
|
||||
entity: userEntityName,
|
||||
|
|
@ -752,6 +764,10 @@ function createAuthCheckers(schema, authDict) {
|
|||
var data = operation.data;
|
||||
(0, assert_1.default)(!(data instanceof Array));
|
||||
var _a = data, relation = _a.relation, _b = entityIdAttr_1, entityId = _a[_b];
|
||||
if (!relation) {
|
||||
// 不指定relation测试是否有创建权限
|
||||
return makePotentialFilter(operation, context, raFilterMakerDict_1['@@all']);
|
||||
}
|
||||
if (!raFilterMakerDict_1[relation]) {
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -755,11 +755,26 @@ export function createAuthCheckers<ED extends EntityDict & BaseEntityDict, Cxt e
|
|||
if (relationAuth) {
|
||||
const raFilterMakerDict = {} as Record<string, FilterMakeFn<ED> | (FilterMakeFn<ED> | FilterMakeFn<ED>[])[]>;
|
||||
const userEntityName = `user${firstLetterUpperCase(entity)}`;
|
||||
const allAuthItem: (CascadeRelationItem | CascadeRelationItem[])[] = [];
|
||||
for (const r in relationAuth) {
|
||||
const authItem = relationAuth[r as NonNullable<ED[keyof ED]['Relation']>]!;
|
||||
Object.assign(raFilterMakerDict, {
|
||||
[r]: translateActionAuthFilterMaker(schema, relationAuth[r as NonNullable<ED[keyof ED]['Relation']>]!, userEntityName, entity),
|
||||
[r]: translateActionAuthFilterMaker(schema, authItem, userEntityName, entity),
|
||||
});
|
||||
|
||||
if (authItem instanceof Array) {
|
||||
allAuthItem.push(...authItem);
|
||||
}
|
||||
else {
|
||||
allAuthItem.push(authItem);
|
||||
}
|
||||
}
|
||||
|
||||
// 如果不指定relation,则使用所有的authItem的or组合
|
||||
Object.assign(raFilterMakerDict, {
|
||||
'@@all': translateActionAuthFilterMaker(schema, allAuthItem, userEntityName, entity),
|
||||
});
|
||||
|
||||
const entityIdAttr = `${entity}Id`;
|
||||
checkers.push({
|
||||
entity: userEntityName as keyof ED,
|
||||
|
|
@ -769,6 +784,10 @@ export function createAuthCheckers<ED extends EntityDict & BaseEntityDict, Cxt e
|
|||
const { data } = operation as ED[keyof ED]['Create'];
|
||||
assert(!(data instanceof Array));
|
||||
const { relation, [entityIdAttr]: entityId } = data;
|
||||
if (!relation) {
|
||||
// 不指定relation测试是否有创建权限
|
||||
return makePotentialFilter(operation, context, raFilterMakerDict['@@all']);
|
||||
}
|
||||
if (!raFilterMakerDict[relation]) {
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue