在判定node权限时处理了根结点deduce的情况

2023-07-24 16:32:37 +08:00 · 2023-07-24 16:32:37 +08:00 · dcab549ef3
parent 08eaf9a2c1
commit dcab549ef3
2 changed files with 30 additions and 2 deletions
--- a/lib/store/RelationAuth.js
+++ b/lib/store/RelationAuth.js
@ -1792,7 +1792,21 @@ var RelationAuth = /** @class */ (function () {
        var checkChildNode = function (actionAuths, node) {
            var checkChildNodeInner = function (legalAuths) {
                // 因为如果children是数组的话，会把数组中所有的action并起来查询，所以在这里还要再确认一次
-                var realLegalPaths = legalAuths.filter(function (ele) { return ele.destEntity === node.entity && ele.deActions.includes(node.action); });
+                var realLegalPaths = legalAuths.filter(function (ele) {
+                    if (ele.destEntity === node.entity && ele.deActions.includes(node.action)) {
+                        return true;
+                    }
+                    // 还有一种情况，是在tree的根结点findActionAuthsOnNode时，deduce出了另外一个对象的权限，此时也需要加以判断
+                    if (_this.authDeduceRelationMap[node.entity]) {
+                        (0, assert_1.default)(_this.authDeduceRelationMap[node.entity] === 'entity');
+                        var deducedEntity = node.filter.entity;
+                        (0, assert_1.default)(deducedEntity);
+                        if (ele.destEntity === deducedEntity && ele.deActions.length > 0) {
+                            return true;
+                        }
+                    }
+                    return false;
+                });
                var checkChildren = function () {
                    var children = node.children;
                    var childPath = Object.keys(children);
--- a/src/store/RelationAuth.ts
+++ b/src/store/RelationAuth.ts
@ -2144,7 +2144,21 @@ export class RelationAuth<ED extends EntityDict & BaseEntityDict>{
            const checkChildNodeInner = (legalAuths: ED['actionAuth']['Schema'][]) => {
                // 因为如果children是数组的话，会把数组中所有的action并起来查询，所以在这里还要再确认一次
                const realLegalPaths = legalAuths.filter(
-                    (ele) => ele.destEntity === node.entity && ele.deActions.includes(node.action)
+                    (ele) => {
+                        if (ele.destEntity === node.entity && ele.deActions.includes(node.action)) {
+                            return true;
+                        }
+                        // 还有一种情况，是在tree的根结点findActionAuthsOnNode时，deduce出了另外一个对象的权限，此时也需要加以判断
+                        if (this.authDeduceRelationMap[node.entity]) {
+                            assert(this.authDeduceRelationMap[node.entity] === 'entity');
+                            const deducedEntity = node.filter!.entity;
+                            assert(deducedEntity);
+                            if (ele.destEntity === deducedEntity && ele.deActions.length > 0) {
+                                return true;
+                            }
+                        }
+                        return false;
+                    }
                );
                const checkChildren = () => {
                    const { children } = node;