feat: 修改了oauth服务相关的实体定义

2025-10-22 18:17:28 +08:00 · 2025-10-22 18:17:28 +08:00 · 195bbc0c24
parent e06198eb78
commit 195bbc0c24
44 changed files with 442 additions and 143 deletions
--- a/es/components/articleMenu/container/index.js
+++ b/es/components/articleMenu/container/index.js
@ -7,7 +7,7 @@ export default OakComponent({
        entity: '',
        entityId: '',
        title: '',
-        origin: 'qiniu',
+        origin: 'qiniu', // cos origin默认七牛云
        menuEmpty: undefined,
        articleEmpty: undefined,
        generateUrl: ((mode, type, id) => { }), //构造文章显示路由
@ -20,7 +20,7 @@ export default OakComponent({
        showAddArticle: false,
        showAddMenu: true,
        parentId: '',
-        articleMenuId: '',
+        articleMenuId: '', //非空时展示atricle表格
        unsub: undefined,
    },
    listeners: {
--- a/es/components/extraFile/crop/index.js
+++ b/es/components/extraFile/crop/index.js
@ -47,19 +47,19 @@ export default OakComponent({
        bucket: '',
        autoUpload: false,
        maxNumber: 20,
-        extension: [],
+        extension: [], //小程序独有 chooseMessageFile
-        selectCount: 1,
+        selectCount: 1, // 每次打开图片时，可选中的数量 小程序独有
-        sourceType: ['album', 'camera'],
+        sourceType: ['album', 'camera'], // 小程序独有 chooseMedia
-        mediaType: ['image'],
+        mediaType: ['image'], // 小程序独有 chooseMedia
-        mode: 'aspectFit',
+        mode: 'aspectFit', // 图片显示模式
-        size: 3,
+        size: 3, // 每行可显示的个数 小程序独有
-        showUploadList: true,
+        showUploadList: true, //web独有
-        showUploadProgress: false,
+        showUploadProgress: false, // web独有
-        accept: 'image/*',
+        accept: 'image/*', // web独有
-        disablePreview: false,
+        disablePreview: false, // 图片是否可预览
-        disableDelete: false,
+        disableDelete: false, // 图片是否可删除
-        disableAdd: false,
+        disableAdd: false, // 上传按钮隐藏
-        disableDownload: false,
+        disableDownload: false, // 下载按钮隐藏
        type: 'image',
        origin: 'qiniu',
        tag1: '',
@ -67,40 +67,40 @@ export default OakComponent({
        entity: '',
        entityId: '',
        theme: 'image',
-        enableCrop: false,
+        enableCrop: false, //启用裁剪
-        enableCompross: false,
+        enableCompross: false, //启用压缩
        //图片裁剪
-        cropQuality: 1,
+        cropQuality: 1, //图片裁剪质量，范围：0 ~ 1        
-        showRest: false,
+        showRest: false, //显示重置按钮，重置缩放及旋转
-        showGrid: false,
+        showGrid: false, //显示裁切区域网格（九宫格）
-        fillColor: 'white',
+        fillColor: 'white', //裁切图像填充色
-        rotationSlider: false,
+        rotationSlider: false, //图片旋转控制
-        aspectSlider: false,
+        aspectSlider: false, //裁切比率控制
-        zoomSlider: true,
+        zoomSlider: true, //图片缩放控制
-        resetText: '重置',
+        resetText: '重置', //重置按钮文字
-        aspect: 1 / 1,
+        aspect: 1 / 1, //裁切区域宽高比，width / height
-        minZoom: 1,
+        minZoom: 1, //最小缩放倍数
-        maxZoom: 3,
+        maxZoom: 3, //最大缩放倍数
-        cropShape: 'rect',
+        cropShape: 'rect', //裁切区域形状，'rect' 或 'round'
-        cropperProps: {},
+        cropperProps: {}, //recat-easy-crop的props
-        modalTitle: '编辑图片',
+        modalTitle: '编辑图片', //弹窗标题
-        modalWidth: '40vw',
+        modalWidth: '40vw', //弹窗宽度
-        modalOk: '确定',
+        modalOk: '确定', //确定按钮文字
-        modalCancel: '取消',
+        modalCancel: '取消', //取消按钮的文字
        //图片压缩
-        strict: true,
+        strict: true, //当压缩后的图片尺寸大于原图尺寸时输出原图
-        checkOrientation: true,
+        checkOrientation: true, //读取图像的Exif方向值并自动旋转或翻转图像（仅限 JPEG 图像）
-        retainExif: false,
+        retainExif: false, //压缩后保留图片的Exif信息
-        maxWidth: Infinity,
+        maxWidth: Infinity, //输出图片的最大宽度，值需大于0
-        maxHeight: Infinity,
+        maxHeight: Infinity, //输出图片的最大高度，值需大于0
-        minWidth: 0,
+        minWidth: 0, //输出图片的最小宽度，值需大于0且不应大于maxWidth
-        minHeight: 0,
+        minHeight: 0, //输出图片的最小高度。值需大于0且不应大于maxHeight
-        compressWidth: undefined,
+        compressWidth: undefined, //输出图像的宽度。如果未指定，则将使用原始图像的宽度，若设置了height，则宽度将根据自然纵横比自动计算。
-        compressHeight: undefined,
+        compressHeight: undefined, //输出图像的高度。如果未指定，则将使用原始图像的高度，若设置了width，则高度将根据自然纵横比自动计算。
-        resize: 'none',
+        resize: 'none', //仅在同时指定了width和height时生效
-        compressQuality: 0.8,
+        compressQuality: 0.8, //输出图像的质量。范围：0 ~ 1
-        mimeType: 'auto',
+        mimeType: 'auto', //输出图片的 MIME 类型。默认情况下，将使用源图片文件的原始 MIME 类型。
-        convertTypes: ['image/png'],
+        convertTypes: ['image/png'], //文件类型包含在其中且文件大小超过该convertSize值的文件将被转换为 JPEG。
        convertSize: Infinity, //文件类型包含在convertTypes中且文件大小超过此值的文件将转换为 JPEG，Infinity表示禁用该功能
    },
    features: ['extraFile'],
--- a/es/components/extraFile/gallery/index.js
+++ b/es/components/extraFile/gallery/index.js
@ -67,10 +67,10 @@ export default OakComponent({
        },
    ],
    properties: {
-        mode: 'aspectFit',
+        mode: 'aspectFit', // 图片显示模式
-        size: 3,
+        size: 3, // 每行可显示的个数 小程序独有
-        disablePreview: false,
+        disablePreview: false, // 图片是否可预览
-        disableDownload: false,
+        disableDownload: false, // 下载按钮隐藏
        tag1: '',
        tag2: '',
        entity: '',
--- a/es/components/user/login/index.js
+++ b/es/components/user/login/index.js
@ -17,16 +17,16 @@ export default OakComponent({
        allowPassword: false,
        allowWechatMp: false,
        setLoginModeMp(value) { this.setLoginMode(value); },
-        smsDigit: 4,
+        smsDigit: 4, //短信验证码位数
-        emailDigit: 4,
+        emailDigit: 4, //邮箱验证码位数
        pwdMode: 'all', //密码明文密文存储模式
    },
    properties: {
        onlyCaptcha: false,
        onlyPassword: false,
        disabled: '',
-        redirectUri: '',
+        redirectUri: '', // 微信登录后的redirectUri，要指向wechatUser/login去处理
-        url: '',
+        url: '', // 登录系统之后要返回的页面
        callback: undefined, // 登录成功回调，排除微信登录方式
    },
    formData({ features, props }) {
--- a/es/entities/OauthApplication.d.ts
+++ b/es/entities/OauthApplication.d.ts
@ -15,7 +15,8 @@ export interface Schema extends EntityShape {
    isConfidential: Boolean;
    scopes?: StringListJson;
 }
-export type Action = AbleAction;
+export type SecretAction = 'resetSecret';
 export type Action = AbleAction | SecretAction;
 export declare const AbleActionDef: ActionDef<AbleAction, AbleState>;
 export declare const entityDesc: EntityDesc<Schema, Action, '', {
    ableState: AbleState;
--- a/es/entities/OauthApplication.js
+++ b/es/entities/OauthApplication.js
@ -20,6 +20,7 @@ export const entityDesc = {
            action: {
                enable: '启用',
                disable: '禁用',
                resetSecret: '重置密钥',
            },
            v: {
                ableState: {
--- a/es/entities/OauthUserAuthorization.d.ts
+++ b/es/entities/OauthUserAuthorization.d.ts
@ -1,13 +1,22 @@
 import { Datetime } from 'oak-domain/lib/types/DataType';
 import { Schema as User } from './User';
 import { EntityShape } from 'oak-domain/lib/types/Entity';
 import { ActionDef } from 'oak-domain/lib/types';
 import { EntityDesc } from 'oak-domain/lib/types/EntityDesc';
 import { Schema as OauthApplication } from './OauthApplication';
 import { Schema as OauthToken } from './OauthToken';
 import { Schema as OauthAuthorizationCode } from './OauthAuthorizationCode';
 export interface Schema extends EntityShape {
    user: User;
    application: OauthApplication;
    authorizedAt: Datetime;
-    token: OauthToken;
+    code?: OauthAuthorizationCode;
    token?: OauthToken;
 }
-export declare const entityDesc: EntityDesc<Schema, '', '', {}>;
+export type UsageState = 'granted' | 'denied' | 'revoked';
 export type UsageAction = 'revoke';
 export type Action = UsageAction;
 export declare const UsageActionDef: ActionDef<UsageAction, UsageState>;
 export declare const entityDesc: EntityDesc<Schema, Action, '', {
    usageState: UsageState;
 }>;
--- a/es/entities/OauthUserAuthorization.js
+++ b/es/entities/OauthUserAuthorization.js
@ -1,4 +1,9 @@
 ;
 export const UsageActionDef = {
    stm: {
        revoke: ['granted', "revoked"]
    }
 };
 export const entityDesc = {
    locales: {
        zh_CN: {
@ -9,7 +14,31 @@ export const entityDesc = {
                application: 'Oauth应用',
                authorizedAt: '首次授权时间',
                token: '关联的令牌',
                code: '授权码',
                usageState: '授权状态',
            },
            action: {
                revoke: '撤销授权',
            },
            v: {
                usageState: {
                    granted: '已授权',
                    denied: '未授权',
                    revoked: '已撤销',
                }
            }
        },
    },
    style: {
        icon: {
            revoke: 'fa-user-slash',
        },
        color: {
            usageState: {
                granted: '#28a745',
                denied: '#dc3545',
                revoked: '#6c757d',
            }
        }
    }
 };
--- a/es/oak-app-domain/ActionDefDict.d.ts
+++ b/es/oak-app-domain/ActionDefDict.d.ts
@ -31,6 +31,9 @@ export declare const actionDefDict: {
    oauthProvider: {
        ableState: import("oak-domain/lib/types").ActionDef<import("oak-domain/lib/actions/action").AbleAction, import("oak-domain/lib/actions/action").AbleState>;
    };
    oauthUserAuthorization: {
        usageState: import("oak-domain/lib/types").ActionDef<string, string>;
    };
    parasite: {};
    toDo: {
        iState: import("oak-domain/lib/types").ActionDef<string, string>;
--- a/es/oak-app-domain/ActionDefDict.js
+++ b/es/oak-app-domain/ActionDefDict.js
@ -9,6 +9,7 @@ import { actionDefDict as mobile } from "./Mobile/Action";
 import { actionDefDict as notification } from "./Notification/Action";
 import { actionDefDict as oauthApplication } from "./OauthApplication/Action";
 import { actionDefDict as oauthProvider } from "./OauthProvider/Action";
 import { actionDefDict as oauthUserAuthorization } from "./OauthUserAuthorization/Action";
 import { actionDefDict as parasite } from "./Parasite/Action";
 import { actionDefDict as toDo } from "./ToDo/Action";
 import { actionDefDict as token } from "./Token/Action";
@ -30,6 +31,7 @@ export const actionDefDict = {
    notification,
    oauthApplication,
    oauthProvider,
    oauthUserAuthorization,
    parasite,
    toDo,
    token,
--- a/es/oak-app-domain/EntityDict.d.ts
+++ b/es/oak-app-domain/EntityDict.d.ts
@ -2223,7 +2223,9 @@ export type OauthAuthorizationCode = {
        application: OauthApplication["Schema"];
        user: User["Schema"];
        oauthToken$code?: Array<Omit<OauthToken["Schema"], "code">>;
        oauthUserAuthorization$code?: Array<Omit<OauthUserAuthorization["Schema"], "code">>;
        oauthToken$code$$aggr?: AggregationResult<Omit<OauthToken["Schema"], "code">>;
        oauthUserAuthorization$code$$aggr?: AggregationResult<Omit<OauthUserAuthorization["Schema"], "code">>;
    };
    Projection: BaseOauthAuthorizationCode.OpProjection & {
        application?: OauthApplication["Projection"];
@ -2234,11 +2236,18 @@ export type OauthAuthorizationCode = {
        oauthToken$code$$aggr?: DeduceAggregation<Omit<OauthToken["Projection"], "oauthAuthorizationCode">, Omit<OauthToken["Filter"], "oauthAuthorizationCode">, OauthToken["Sorter"]> & {
            $entity: "oauthToken";
        };
        oauthUserAuthorization$code?: OakSelection<"select", Omit<OauthUserAuthorization["Projection"], "oauthAuthorizationCode">, Omit<OauthUserAuthorization["Filter"], "oauthAuthorizationCode">, OauthUserAuthorization["Sorter"]> & {
            $entity: "oauthUserAuthorization";
        };
        oauthUserAuthorization$code$$aggr?: DeduceAggregation<Omit<OauthUserAuthorization["Projection"], "oauthAuthorizationCode">, Omit<OauthUserAuthorization["Filter"], "oauthAuthorizationCode">, OauthUserAuthorization["Sorter"]> & {
            $entity: "oauthUserAuthorization";
        };
    };
    FilterUnit: BaseOauthAuthorizationCode.OpFilter & {
        application: MakeFilter<OauthApplication["FilterUnit"]>;
        user: MakeFilter<User["FilterUnit"]>;
        oauthToken$code: MakeFilter<Omit<OauthToken["FilterUnit"], "code">> & SubQueryPredicateMetadata;
        oauthUserAuthorization$code: MakeFilter<Omit<OauthUserAuthorization["FilterUnit"], "code">> & SubQueryPredicateMetadata;
    };
    Filter: MakeFilter<OauthAuthorizationCode["FilterUnit"]>;
    SortAttr: Partial<BaseOauthAuthorizationCode.OpSortAttr | {
@ -2256,6 +2265,7 @@ export type OauthAuthorizationCode = {
        application?: OakOperation<"create", OauthApplication["CreateOperationData"]> | OakOperation<BaseOauthApplication.OpUpdateAction, OauthApplication["UpdateOperationData"], OauthApplication["Filter"]>;
        user?: OakOperation<"create", User["CreateOperationData"]> | OakOperation<BaseUser.OpUpdateAction, User["UpdateOperationData"], User["Filter"]>;
        oauthToken$code?: (OakOperation<"create", Omit<OauthToken["CreateOperationData"], "code"> | Omit<OauthToken["CreateOperationData"], "code">[]> | OakOperation<BaseOauthToken.OpUpdateAction, Omit<OauthToken["UpdateOperationData"], "code">, OauthToken["Filter"]>)[];
        oauthUserAuthorization$code?: (OakOperation<"create", Omit<OauthUserAuthorization["CreateOperationData"], "code"> | Omit<OauthUserAuthorization["CreateOperationData"], "code">[]> | OakOperation<BaseOauthUserAuthorization.OpUpdateAction, Omit<OauthUserAuthorization["UpdateOperationData"], "code">, OauthUserAuthorization["Filter"]>)[];
    }>;
    CreateSingle: OakOperation<"create", OauthAuthorizationCode["CreateOperationData"]>;
    CreateMulti: OakOperation<"create", Array<OauthAuthorizationCode["CreateOperationData"]>>;
@ -2264,6 +2274,7 @@ export type OauthAuthorizationCode = {
        application?: OakOperation<"create", OauthApplication["CreateOperationData"]> | OakOperation<BaseOauthApplication.OpUpdateAction, OauthApplication["UpdateOperationData"], OauthApplication["Filter"]> | OakOperation<"remove", OauthApplication["RemoveOperationData"], OauthApplication["Filter"]>;
        user?: OakOperation<"create", User["CreateOperationData"]> | OakOperation<BaseUser.OpUpdateAction, User["UpdateOperationData"], User["Filter"]> | OakOperation<"remove", User["RemoveOperationData"], User["Filter"]>;
        oauthToken$code?: (OakOperation<"create", Omit<OauthToken["CreateOperationData"], "code"> | Omit<OauthToken["CreateOperationData"], "code">[]> | OakOperation<BaseOauthToken.OpUpdateAction, Omit<OauthToken["UpdateOperationData"], "code">, OauthToken["Filter"]> | OakOperation<"remove", OauthToken["RemoveOperationData"], OauthToken["Filter"]>)[];
        oauthUserAuthorization$code?: (OakOperation<"create", Omit<OauthUserAuthorization["CreateOperationData"], "code"> | Omit<OauthUserAuthorization["CreateOperationData"], "code">[]> | OakOperation<BaseOauthUserAuthorization.OpUpdateAction, Omit<OauthUserAuthorization["UpdateOperationData"], "code">, OauthUserAuthorization["Filter"]> | OakOperation<"remove", OauthUserAuthorization["RemoveOperationData"], OauthUserAuthorization["Filter"]>)[];
    }>;
    Update: OakOperation<BaseOauthAuthorizationCode.OpUpdateAction, OauthAuthorizationCode["UpdateOperationData"], OauthAuthorizationCode["Filter"], OauthAuthorizationCode["Sorter"]>;
    RemoveOperationData: {};
@ -2509,22 +2520,26 @@ export type OauthUserAuthorization = {
    Schema: BaseOauthUserAuthorization.OpSchema & {
        user: User["Schema"];
        application: OauthApplication["Schema"];
-        token: OauthToken["Schema"];
+        code?: OauthAuthorizationCode["Schema"];
        token?: OauthToken["Schema"];
    };
    Projection: BaseOauthUserAuthorization.OpProjection & {
        user?: User["Projection"];
        application?: OauthApplication["Projection"];
        code?: OauthAuthorizationCode["Projection"];
        token?: OauthToken["Projection"];
    };
    FilterUnit: BaseOauthUserAuthorization.OpFilter & {
        user: MakeFilter<User["FilterUnit"]>;
        application: MakeFilter<OauthApplication["FilterUnit"]>;
        code: MakeFilter<OauthAuthorizationCode["FilterUnit"]>;
        token: MakeFilter<OauthToken["FilterUnit"]>;
    };
    Filter: MakeFilter<OauthUserAuthorization["FilterUnit"]>;
    SortAttr: Partial<BaseOauthUserAuthorization.OpSortAttr | {
        user: User["SortAttr"];
        application: OauthApplication["SortAttr"];
        code: OauthAuthorizationCode["SortAttr"];
        token: OauthToken["SortAttr"];
    }>;
    SortNode: {
@ -2537,6 +2552,7 @@ export type OauthUserAuthorization = {
    CreateOperationData: FormCreateData<BaseOauthUserAuthorization.OpSchema & {
        user?: OakOperation<"create", User["CreateOperationData"]> | OakOperation<BaseUser.OpUpdateAction, User["UpdateOperationData"], User["Filter"]>;
        application?: OakOperation<"create", OauthApplication["CreateOperationData"]> | OakOperation<BaseOauthApplication.OpUpdateAction, OauthApplication["UpdateOperationData"], OauthApplication["Filter"]>;
        code?: OakOperation<"create", OauthAuthorizationCode["CreateOperationData"]> | OakOperation<BaseOauthAuthorizationCode.OpUpdateAction, OauthAuthorizationCode["UpdateOperationData"], OauthAuthorizationCode["Filter"]>;
        token?: OakOperation<"create", OauthToken["CreateOperationData"]> | OakOperation<BaseOauthToken.OpUpdateAction, OauthToken["UpdateOperationData"], OauthToken["Filter"]>;
    }>;
    CreateSingle: OakOperation<"create", OauthUserAuthorization["CreateOperationData"]>;
@ -2545,6 +2561,7 @@ export type OauthUserAuthorization = {
    UpdateOperationData: FormUpdateData<BaseOauthUserAuthorization.OpSchema & {
        user?: OakOperation<"create", User["CreateOperationData"]> | OakOperation<BaseUser.OpUpdateAction, User["UpdateOperationData"], User["Filter"]> | OakOperation<"remove", User["RemoveOperationData"], User["Filter"]>;
        application?: OakOperation<"create", OauthApplication["CreateOperationData"]> | OakOperation<BaseOauthApplication.OpUpdateAction, OauthApplication["UpdateOperationData"], OauthApplication["Filter"]> | OakOperation<"remove", OauthApplication["RemoveOperationData"], OauthApplication["Filter"]>;
        code?: OakOperation<"create", OauthAuthorizationCode["CreateOperationData"]> | OakOperation<BaseOauthAuthorizationCode.OpUpdateAction, OauthAuthorizationCode["UpdateOperationData"], OauthAuthorizationCode["Filter"]> | OakOperation<"remove", OauthAuthorizationCode["RemoveOperationData"], OauthAuthorizationCode["Filter"]>;
        token?: OakOperation<"create", OauthToken["CreateOperationData"]> | OakOperation<BaseOauthToken.OpUpdateAction, OauthToken["UpdateOperationData"], OauthToken["Filter"]> | OakOperation<"remove", OauthToken["RemoveOperationData"], OauthToken["Filter"]>;
    }>;
    Update: OakOperation<BaseOauthUserAuthorization.OpUpdateAction, OauthUserAuthorization["UpdateOperationData"], OauthUserAuthorization["Filter"], OauthUserAuthorization["Sorter"]>;
--- a/es/oak-app-domain/OauthApplication/Action.d.ts
+++ b/es/oak-app-domain/OauthApplication/Action.d.ts
@ -1,7 +1,8 @@
 import { AbleState, AbleAction } from "oak-domain/lib/actions/action";
 import { ActionDef } from "oak-domain/lib/types/Action";
 import { GenericAction } from "oak-domain/lib/actions/action";
-export type ParticularAction = AbleAction;
+export type SecretAction = 'resetSecret' | string;
 export type ParticularAction = AbleAction | SecretAction;
 export declare const actions: string[];
 export declare const AbleActionDef: ActionDef<AbleAction, AbleState>;
 export type Action = GenericAction | ParticularAction | string;
--- a/es/oak-app-domain/OauthApplication/Action.js
+++ b/es/oak-app-domain/OauthApplication/Action.js
@ -1,5 +1,5 @@
 import { makeAbleActionDef } from "oak-domain/lib/actions/action";
-export const actions = ["count", "stat", "download", "select", "aggregate", "create", "remove", "update", "enable", "disable"];
+export const actions = ["count", "stat", "download", "select", "aggregate", "create", "remove", "update", "enable", "disable", "resetSecret"];
 export const AbleActionDef = makeAbleActionDef('enabled');
 export const actionDefDict = {
    ableState: AbleActionDef
--- a/es/oak-app-domain/OauthApplication/locales/zh_CN.json
+++ b/es/oak-app-domain/OauthApplication/locales/zh_CN.json
@ -13,7 +13,8 @@
    },
    "action": {
        "enable": "启用",
-        "disable": "禁用"
+        "disable": "禁用",
        "resetSecret": "重置密钥"
    },
    "v": {
        "ableState": {
--- a/es/oak-app-domain/OauthUserAuthorization/Action.d.ts
+++ b/es/oak-app-domain/OauthUserAuthorization/Action.d.ts
@ -0,0 +1,11 @@
 import { ActionDef } from "oak-domain/lib/types/Action";
 import { GenericAction } from "oak-domain/lib/actions/action";
 export type UsageState = 'granted' | 'denied' | 'revoked' | string;
 export type UsageAction = 'revoke' | string;
 export type ParticularAction = UsageAction;
 export declare const actions: string[];
 export declare const UsageActionDef: ActionDef<UsageAction, UsageState>;
 export type Action = GenericAction | ParticularAction | string;
 export declare const actionDefDict: {
    usageState: ActionDef<string, string>;
 };
--- a/es/oak-app-domain/OauthUserAuthorization/Action.js
+++ b/es/oak-app-domain/OauthUserAuthorization/Action.js
@ -0,0 +1,9 @@
 export const actions = ["count", "stat", "download", "select", "aggregate", "create", "remove", "update", "revoke"];
 export const UsageActionDef = {
    stm: {
        revoke: ['granted', "revoked"]
    }
 };
 export const actionDefDict = {
    usageState: UsageActionDef
 };
--- a/es/oak-app-domain/OauthUserAuthorization/Storage.js
+++ b/es/oak-app-domain/OauthUserAuthorization/Storage.js
@ -1,4 +1,4 @@
-import { genericActions as actions } from "oak-domain/lib/actions/action";
+import { actions } from "./Action";
 export const desc = {
    attributes: {
        userId: {
@ -15,10 +15,17 @@ export const desc = {
            notNull: true,
            type: "datetime"
        },
        codeId: {
            type: "ref",
            ref: "oauthAuthorizationCode"
        },
        tokenId: {
            notNull: true,
            type: "ref",
            ref: "oauthToken"
        },
        usageState: {
            type: "enum",
            enumeration: ["granted", "denied", "revoked"]
        }
    },
    actionType: "crud",
--- a/es/oak-app-domain/OauthUserAuthorization/Style.d.ts
+++ b/es/oak-app-domain/OauthUserAuthorization/Style.d.ts
@ -0,0 +1,3 @@
 import { Action, OpSchema } from "./Schema";
 import { StyleDef } from "oak-domain/lib/types/Style";
 export declare const style: StyleDef<OpSchema, Action>;
--- a/es/oak-app-domain/OauthUserAuthorization/Style.js
+++ b/es/oak-app-domain/OauthUserAuthorization/Style.js
@ -0,0 +1,12 @@
 export const style = {
    icon: {
        revoke: 'fa-user-slash',
    },
    color: {
        usageState: {
            granted: '#28a745',
            denied: '#dc3545',
            revoked: '#6c757d',
        }
    }
 };
--- a/es/oak-app-domain/OauthUserAuthorization/_baseSchema.d.ts
+++ b/es/oak-app-domain/OauthUserAuthorization/_baseSchema.d.ts
@ -1,13 +1,15 @@
 import { ForeignKey } from "oak-domain/lib/types/DataType";
-import { Q_DateValue, Q_NumberValue, Q_StringValue, NodeId, ExprOp, ExpressionKey } from "oak-domain/lib/types/Demand";
+import { Q_DateValue, Q_NumberValue, Q_StringValue, Q_EnumValue, NodeId, ExprOp, ExpressionKey } from "oak-domain/lib/types/Demand";
 import { MakeAction as OakMakeAction, EntityShape } from "oak-domain/lib/types/Entity";
-import { GenericAction } from "oak-domain/lib/actions/action";
+import { Action, ParticularAction, UsageState } from "./Action";
 import { Datetime } from "oak-domain/lib/types/DataType";
 export type OpSchema = EntityShape & {
    userId: ForeignKey<"user">;
    applicationId: ForeignKey<"oauthApplication">;
    authorizedAt: Datetime;
-    tokenId: ForeignKey<"oauthToken">;
+    codeId?: ForeignKey<"oauthAuthorizationCode"> | null;
    tokenId?: ForeignKey<"oauthToken"> | null;
    usageState?: UsageState | null;
 } & {
    [A in ExpressionKey]?: any;
 };
@ -20,7 +22,9 @@ export type OpFilter = {
    userId: Q_StringValue;
    applicationId: Q_StringValue;
    authorizedAt: Q_DateValue;
    codeId: Q_StringValue;
    tokenId: Q_StringValue;
    usageState: Q_EnumValue<UsageState>;
 } & ExprOp<OpAttr | string>;
 export type OpProjection = {
    "#id"?: NodeId;
@ -32,7 +36,9 @@ export type OpProjection = {
    userId?: number;
    applicationId?: number;
    authorizedAt?: number;
    codeId?: number;
    tokenId?: number;
    usageState?: number;
 } & Partial<ExprOp<OpAttr | string>>;
 export type OpSortAttr = Partial<{
    id: number;
@ -42,8 +48,10 @@ export type OpSortAttr = Partial<{
    userId: number;
    applicationId: number;
    authorizedAt: number;
    codeId: number;
    tokenId: number;
    usageState: number;
    [k: string]: any;
 } | ExprOp<OpAttr | string>>;
-export type OpAction = OakMakeAction<GenericAction | string>;
+export type OpAction = OakMakeAction<Action | string>;
-export type OpUpdateAction = "update" | string;
+export type OpUpdateAction = "update" | ParticularAction | string;
--- a/es/oak-app-domain/OauthUserAuthorization/locales/zh_CN.json
+++ b/es/oak-app-domain/OauthUserAuthorization/locales/zh_CN.json
@ -4,6 +4,18 @@
        "user": "用户",
        "application": "Oauth应用",
        "authorizedAt": "首次授权时间",
-        "token": "关联的令牌"
+        "token": "关联的令牌",
        "code": "授权码",
        "usageState": "授权状态"
    },
    "action": {
        "revoke": "撤销授权"
    },
    "v": {
        "usageState": {
            "granted": "已授权",
            "denied": "未授权",
            "revoked": "已撤销"
        }
    }
 }
--- a/es/oak-app-domain/StyleDict.js
+++ b/es/oak-app-domain/StyleDict.js
@ -15,6 +15,7 @@ import { style as mobile } from "./Mobile/Style";
 import { style as notification } from "./Notification/Style";
 import { style as oauthApplication } from "./OauthApplication/Style";
 import { style as oauthProvider } from "./OauthProvider/Style";
 import { style as oauthUserAuthorization } from "./OauthUserAuthorization/Style";
 import { style as parasite } from "./Parasite/Style";
 import { style as passport } from "./Passport/Style";
 import { style as smsTemplate } from "./SmsTemplate/Style";
@ -46,6 +47,7 @@ export const styleDict = {
    notification,
    oauthApplication,
    oauthProvider,
    oauthUserAuthorization,
    parasite,
    passport,
    smsTemplate,
--- a/lib/aspects/config.js
+++ b/lib/aspects/config.js
@ -1,6 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.updateStyle = exports.updateApplicationConfig = exports.updateConfig = void 0;
+exports.updateConfig = updateConfig;
 exports.updateApplicationConfig = updateApplicationConfig;
 exports.updateStyle = updateStyle;
 const uuid_1 = require("oak-domain/lib/utils/uuid");
 async function updateConfig(params, context) {
    const { entity, entityId, config } = params;
@ -15,7 +17,6 @@ async function updateConfig(params, context) {
        }
    }, {});
 }
 exports.updateConfig = updateConfig;
 async function updateApplicationConfig(params, context) {
    const { entity, entityId, config } = params;
    await context.operate(entity, {
@ -29,7 +30,6 @@ async function updateApplicationConfig(params, context) {
        },
    }, {});
 }
 exports.updateApplicationConfig = updateApplicationConfig;
 async function updateStyle(params, context) {
    const { entity, entityId, style } = params;
    await context.operate(entity, {
@ -43,4 +43,3 @@ async function updateStyle(params, context) {
        },
    }, {});
 }
 exports.updateStyle = updateStyle;
--- a/lib/entities/OauthApplication.d.ts
+++ b/lib/entities/OauthApplication.d.ts
@ -15,7 +15,8 @@ export interface Schema extends EntityShape {
    isConfidential: Boolean;
    scopes?: StringListJson;
 }
-export type Action = AbleAction;
+export type SecretAction = 'resetSecret';
 export type Action = AbleAction | SecretAction;
 export declare const AbleActionDef: ActionDef<AbleAction, AbleState>;
 export declare const entityDesc: EntityDesc<Schema, Action, '', {
    ableState: AbleState;
--- a/lib/entities/OauthApplication.js
+++ b/lib/entities/OauthApplication.js
@ -23,6 +23,7 @@ exports.entityDesc = {
            action: {
                enable: '启用',
                disable: '禁用',
                resetSecret: '重置密钥',
            },
            v: {
                ableState: {
--- a/lib/entities/OauthUserAuthorization.d.ts
+++ b/lib/entities/OauthUserAuthorization.d.ts
@ -1,13 +1,22 @@
 import { Datetime } from 'oak-domain/lib/types/DataType';
 import { Schema as User } from './User';
 import { EntityShape } from 'oak-domain/lib/types/Entity';
 import { ActionDef } from 'oak-domain/lib/types';
 import { EntityDesc } from 'oak-domain/lib/types/EntityDesc';
 import { Schema as OauthApplication } from './OauthApplication';
 import { Schema as OauthToken } from './OauthToken';
 import { Schema as OauthAuthorizationCode } from './OauthAuthorizationCode';
 export interface Schema extends EntityShape {
    user: User;
    application: OauthApplication;
    authorizedAt: Datetime;
-    token: OauthToken;
+    code?: OauthAuthorizationCode;
    token?: OauthToken;
 }
-export declare const entityDesc: EntityDesc<Schema, '', '', {}>;
+export type UsageState = 'granted' | 'denied' | 'revoked';
 export type UsageAction = 'revoke';
 export type Action = UsageAction;
 export declare const UsageActionDef: ActionDef<UsageAction, UsageState>;
 export declare const entityDesc: EntityDesc<Schema, Action, '', {
    usageState: UsageState;
 }>;
--- a/lib/entities/OauthUserAuthorization.js
+++ b/lib/entities/OauthUserAuthorization.js
@ -1,7 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.entityDesc = void 0;
+exports.entityDesc = exports.UsageActionDef = void 0;
 ;
 exports.UsageActionDef = {
    stm: {
        revoke: ['granted', "revoked"]
    }
 };
 exports.entityDesc = {
    locales: {
        zh_CN: {
@ -12,7 +17,31 @@ exports.entityDesc = {
                application: 'Oauth应用',
                authorizedAt: '首次授权时间',
                token: '关联的令牌',
                code: '授权码',
                usageState: '授权状态',
            },
            action: {
                revoke: '撤销授权',
            },
            v: {
                usageState: {
                    granted: '已授权',
                    denied: '未授权',
                    revoked: '已撤销',
                }
            }
        },
    },
    style: {
        icon: {
            revoke: 'fa-user-slash',
        },
        color: {
            usageState: {
                granted: '#28a745',
                denied: '#dc3545',
                revoked: '#6c757d',
            }
        }
    }
 };
--- a/lib/oak-app-domain/ActionDefDict.d.ts
+++ b/lib/oak-app-domain/ActionDefDict.d.ts
@ -31,6 +31,9 @@ export declare const actionDefDict: {
    oauthProvider: {
        ableState: import("oak-domain/lib/types").ActionDef<import("oak-domain/lib/actions/action").AbleAction, import("oak-domain/lib/actions/action").AbleState>;
    };
    oauthUserAuthorization: {
        usageState: import("oak-domain/lib/types").ActionDef<string, string>;
    };
    parasite: {};
    toDo: {
        iState: import("oak-domain/lib/types").ActionDef<string, string>;
--- a/lib/oak-app-domain/ActionDefDict.js
+++ b/lib/oak-app-domain/ActionDefDict.js
@ -12,15 +12,16 @@ const Action_8 = require("./Mobile/Action");
 const Action_9 = require("./Notification/Action");
 const Action_10 = require("./OauthApplication/Action");
 const Action_11 = require("./OauthProvider/Action");
-const Action_12 = require("./Parasite/Action");
+const Action_12 = require("./OauthUserAuthorization/Action");
-const Action_13 = require("./ToDo/Action");
+const Action_13 = require("./Parasite/Action");
-const Action_14 = require("./Token/Action");
+const Action_14 = require("./ToDo/Action");
-const Action_15 = require("./User/Action");
+const Action_15 = require("./Token/Action");
-const Action_16 = require("./UserEntityGrant/Action");
+const Action_16 = require("./User/Action");
-const Action_17 = require("./UserWechatPublicTag/Action");
+const Action_17 = require("./UserEntityGrant/Action");
-const Action_18 = require("./WechatLogin/Action");
+const Action_18 = require("./UserWechatPublicTag/Action");
-const Action_19 = require("./WechatMenu/Action");
+const Action_19 = require("./WechatLogin/Action");
-const Action_20 = require("./WechatPublicTag/Action");
+const Action_20 = require("./WechatMenu/Action");
 const Action_21 = require("./WechatPublicTag/Action");
 exports.actionDefDict = {
    log: Action_1.actionDefDict,
    modi: Action_2.actionDefDict,
@ -33,13 +34,14 @@ exports.actionDefDict = {
    notification: Action_9.actionDefDict,
    oauthApplication: Action_10.actionDefDict,
    oauthProvider: Action_11.actionDefDict,
-    parasite: Action_12.actionDefDict,
+    oauthUserAuthorization: Action_12.actionDefDict,
-    toDo: Action_13.actionDefDict,
+    parasite: Action_13.actionDefDict,
-    token: Action_14.actionDefDict,
+    toDo: Action_14.actionDefDict,
-    user: Action_15.actionDefDict,
+    token: Action_15.actionDefDict,
-    userEntityGrant: Action_16.actionDefDict,
+    user: Action_16.actionDefDict,
-    userWechatPublicTag: Action_17.actionDefDict,
+    userEntityGrant: Action_17.actionDefDict,
-    wechatLogin: Action_18.actionDefDict,
+    userWechatPublicTag: Action_18.actionDefDict,
-    wechatMenu: Action_19.actionDefDict,
+    wechatLogin: Action_19.actionDefDict,
-    wechatPublicTag: Action_20.actionDefDict
+    wechatMenu: Action_20.actionDefDict,
    wechatPublicTag: Action_21.actionDefDict
 };
--- a/lib/oak-app-domain/EntityDict.d.ts
+++ b/lib/oak-app-domain/EntityDict.d.ts
@ -2223,7 +2223,9 @@ export type OauthAuthorizationCode = {
        application: OauthApplication["Schema"];
        user: User["Schema"];
        oauthToken$code?: Array<Omit<OauthToken["Schema"], "code">>;
        oauthUserAuthorization$code?: Array<Omit<OauthUserAuthorization["Schema"], "code">>;
        oauthToken$code$$aggr?: AggregationResult<Omit<OauthToken["Schema"], "code">>;
        oauthUserAuthorization$code$$aggr?: AggregationResult<Omit<OauthUserAuthorization["Schema"], "code">>;
    };
    Projection: BaseOauthAuthorizationCode.OpProjection & {
        application?: OauthApplication["Projection"];
@ -2234,11 +2236,18 @@ export type OauthAuthorizationCode = {
        oauthToken$code$$aggr?: DeduceAggregation<Omit<OauthToken["Projection"], "oauthAuthorizationCode">, Omit<OauthToken["Filter"], "oauthAuthorizationCode">, OauthToken["Sorter"]> & {
            $entity: "oauthToken";
        };
        oauthUserAuthorization$code?: OakSelection<"select", Omit<OauthUserAuthorization["Projection"], "oauthAuthorizationCode">, Omit<OauthUserAuthorization["Filter"], "oauthAuthorizationCode">, OauthUserAuthorization["Sorter"]> & {
            $entity: "oauthUserAuthorization";
        };
        oauthUserAuthorization$code$$aggr?: DeduceAggregation<Omit<OauthUserAuthorization["Projection"], "oauthAuthorizationCode">, Omit<OauthUserAuthorization["Filter"], "oauthAuthorizationCode">, OauthUserAuthorization["Sorter"]> & {
            $entity: "oauthUserAuthorization";
        };
    };
    FilterUnit: BaseOauthAuthorizationCode.OpFilter & {
        application: MakeFilter<OauthApplication["FilterUnit"]>;
        user: MakeFilter<User["FilterUnit"]>;
        oauthToken$code: MakeFilter<Omit<OauthToken["FilterUnit"], "code">> & SubQueryPredicateMetadata;
        oauthUserAuthorization$code: MakeFilter<Omit<OauthUserAuthorization["FilterUnit"], "code">> & SubQueryPredicateMetadata;
    };
    Filter: MakeFilter<OauthAuthorizationCode["FilterUnit"]>;
    SortAttr: Partial<BaseOauthAuthorizationCode.OpSortAttr | {
@ -2256,6 +2265,7 @@ export type OauthAuthorizationCode = {
        application?: OakOperation<"create", OauthApplication["CreateOperationData"]> | OakOperation<BaseOauthApplication.OpUpdateAction, OauthApplication["UpdateOperationData"], OauthApplication["Filter"]>;
        user?: OakOperation<"create", User["CreateOperationData"]> | OakOperation<BaseUser.OpUpdateAction, User["UpdateOperationData"], User["Filter"]>;
        oauthToken$code?: (OakOperation<"create", Omit<OauthToken["CreateOperationData"], "code"> | Omit<OauthToken["CreateOperationData"], "code">[]> | OakOperation<BaseOauthToken.OpUpdateAction, Omit<OauthToken["UpdateOperationData"], "code">, OauthToken["Filter"]>)[];
        oauthUserAuthorization$code?: (OakOperation<"create", Omit<OauthUserAuthorization["CreateOperationData"], "code"> | Omit<OauthUserAuthorization["CreateOperationData"], "code">[]> | OakOperation<BaseOauthUserAuthorization.OpUpdateAction, Omit<OauthUserAuthorization["UpdateOperationData"], "code">, OauthUserAuthorization["Filter"]>)[];
    }>;
    CreateSingle: OakOperation<"create", OauthAuthorizationCode["CreateOperationData"]>;
    CreateMulti: OakOperation<"create", Array<OauthAuthorizationCode["CreateOperationData"]>>;
@ -2264,6 +2274,7 @@ export type OauthAuthorizationCode = {
        application?: OakOperation<"create", OauthApplication["CreateOperationData"]> | OakOperation<BaseOauthApplication.OpUpdateAction, OauthApplication["UpdateOperationData"], OauthApplication["Filter"]> | OakOperation<"remove", OauthApplication["RemoveOperationData"], OauthApplication["Filter"]>;
        user?: OakOperation<"create", User["CreateOperationData"]> | OakOperation<BaseUser.OpUpdateAction, User["UpdateOperationData"], User["Filter"]> | OakOperation<"remove", User["RemoveOperationData"], User["Filter"]>;
        oauthToken$code?: (OakOperation<"create", Omit<OauthToken["CreateOperationData"], "code"> | Omit<OauthToken["CreateOperationData"], "code">[]> | OakOperation<BaseOauthToken.OpUpdateAction, Omit<OauthToken["UpdateOperationData"], "code">, OauthToken["Filter"]> | OakOperation<"remove", OauthToken["RemoveOperationData"], OauthToken["Filter"]>)[];
        oauthUserAuthorization$code?: (OakOperation<"create", Omit<OauthUserAuthorization["CreateOperationData"], "code"> | Omit<OauthUserAuthorization["CreateOperationData"], "code">[]> | OakOperation<BaseOauthUserAuthorization.OpUpdateAction, Omit<OauthUserAuthorization["UpdateOperationData"], "code">, OauthUserAuthorization["Filter"]> | OakOperation<"remove", OauthUserAuthorization["RemoveOperationData"], OauthUserAuthorization["Filter"]>)[];
    }>;
    Update: OakOperation<BaseOauthAuthorizationCode.OpUpdateAction, OauthAuthorizationCode["UpdateOperationData"], OauthAuthorizationCode["Filter"], OauthAuthorizationCode["Sorter"]>;
    RemoveOperationData: {};
@ -2509,22 +2520,26 @@ export type OauthUserAuthorization = {
    Schema: BaseOauthUserAuthorization.OpSchema & {
        user: User["Schema"];
        application: OauthApplication["Schema"];
-        token: OauthToken["Schema"];
+        code?: OauthAuthorizationCode["Schema"];
        token?: OauthToken["Schema"];
    };
    Projection: BaseOauthUserAuthorization.OpProjection & {
        user?: User["Projection"];
        application?: OauthApplication["Projection"];
        code?: OauthAuthorizationCode["Projection"];
        token?: OauthToken["Projection"];
    };
    FilterUnit: BaseOauthUserAuthorization.OpFilter & {
        user: MakeFilter<User["FilterUnit"]>;
        application: MakeFilter<OauthApplication["FilterUnit"]>;
        code: MakeFilter<OauthAuthorizationCode["FilterUnit"]>;
        token: MakeFilter<OauthToken["FilterUnit"]>;
    };
    Filter: MakeFilter<OauthUserAuthorization["FilterUnit"]>;
    SortAttr: Partial<BaseOauthUserAuthorization.OpSortAttr | {
        user: User["SortAttr"];
        application: OauthApplication["SortAttr"];
        code: OauthAuthorizationCode["SortAttr"];
        token: OauthToken["SortAttr"];
    }>;
    SortNode: {
@ -2537,6 +2552,7 @@ export type OauthUserAuthorization = {
    CreateOperationData: FormCreateData<BaseOauthUserAuthorization.OpSchema & {
        user?: OakOperation<"create", User["CreateOperationData"]> | OakOperation<BaseUser.OpUpdateAction, User["UpdateOperationData"], User["Filter"]>;
        application?: OakOperation<"create", OauthApplication["CreateOperationData"]> | OakOperation<BaseOauthApplication.OpUpdateAction, OauthApplication["UpdateOperationData"], OauthApplication["Filter"]>;
        code?: OakOperation<"create", OauthAuthorizationCode["CreateOperationData"]> | OakOperation<BaseOauthAuthorizationCode.OpUpdateAction, OauthAuthorizationCode["UpdateOperationData"], OauthAuthorizationCode["Filter"]>;
        token?: OakOperation<"create", OauthToken["CreateOperationData"]> | OakOperation<BaseOauthToken.OpUpdateAction, OauthToken["UpdateOperationData"], OauthToken["Filter"]>;
    }>;
    CreateSingle: OakOperation<"create", OauthUserAuthorization["CreateOperationData"]>;
@ -2545,6 +2561,7 @@ export type OauthUserAuthorization = {
    UpdateOperationData: FormUpdateData<BaseOauthUserAuthorization.OpSchema & {
        user?: OakOperation<"create", User["CreateOperationData"]> | OakOperation<BaseUser.OpUpdateAction, User["UpdateOperationData"], User["Filter"]> | OakOperation<"remove", User["RemoveOperationData"], User["Filter"]>;
        application?: OakOperation<"create", OauthApplication["CreateOperationData"]> | OakOperation<BaseOauthApplication.OpUpdateAction, OauthApplication["UpdateOperationData"], OauthApplication["Filter"]> | OakOperation<"remove", OauthApplication["RemoveOperationData"], OauthApplication["Filter"]>;
        code?: OakOperation<"create", OauthAuthorizationCode["CreateOperationData"]> | OakOperation<BaseOauthAuthorizationCode.OpUpdateAction, OauthAuthorizationCode["UpdateOperationData"], OauthAuthorizationCode["Filter"]> | OakOperation<"remove", OauthAuthorizationCode["RemoveOperationData"], OauthAuthorizationCode["Filter"]>;
        token?: OakOperation<"create", OauthToken["CreateOperationData"]> | OakOperation<BaseOauthToken.OpUpdateAction, OauthToken["UpdateOperationData"], OauthToken["Filter"]> | OakOperation<"remove", OauthToken["RemoveOperationData"], OauthToken["Filter"]>;
    }>;
    Update: OakOperation<BaseOauthUserAuthorization.OpUpdateAction, OauthUserAuthorization["UpdateOperationData"], OauthUserAuthorization["Filter"], OauthUserAuthorization["Sorter"]>;
--- a/lib/oak-app-domain/OauthApplication/Action.d.ts
+++ b/lib/oak-app-domain/OauthApplication/Action.d.ts
@ -1,7 +1,8 @@
 import { AbleState, AbleAction } from "oak-domain/lib/actions/action";
 import { ActionDef } from "oak-domain/lib/types/Action";
 import { GenericAction } from "oak-domain/lib/actions/action";
-export type ParticularAction = AbleAction;
+export type SecretAction = 'resetSecret' | string;
 export type ParticularAction = AbleAction | SecretAction;
 export declare const actions: string[];
 export declare const AbleActionDef: ActionDef<AbleAction, AbleState>;
 export type Action = GenericAction | ParticularAction | string;
--- a/lib/oak-app-domain/OauthApplication/Action.js
+++ b/lib/oak-app-domain/OauthApplication/Action.js
@ -2,7 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.actionDefDict = exports.AbleActionDef = exports.actions = void 0;
 const action_1 = require("oak-domain/lib/actions/action");
-exports.actions = ["count", "stat", "download", "select", "aggregate", "create", "remove", "update", "enable", "disable"];
+exports.actions = ["count", "stat", "download", "select", "aggregate", "create", "remove", "update", "enable", "disable", "resetSecret"];
 exports.AbleActionDef = (0, action_1.makeAbleActionDef)('enabled');
 exports.actionDefDict = {
    ableState: exports.AbleActionDef
--- a/lib/oak-app-domain/OauthApplication/locales/zh_CN.json
+++ b/lib/oak-app-domain/OauthApplication/locales/zh_CN.json
@ -13,7 +13,8 @@
    },
    "action": {
        "enable": "启用",
-        "disable": "禁用"
+        "disable": "禁用",
        "resetSecret": "重置密钥"
    },
    "v": {
        "ableState": {
--- a/lib/oak-app-domain/OauthUserAuthorization/Action.d.ts
+++ b/lib/oak-app-domain/OauthUserAuthorization/Action.d.ts
@ -0,0 +1,11 @@
 import { ActionDef } from "oak-domain/lib/types/Action";
 import { GenericAction } from "oak-domain/lib/actions/action";
 export type UsageState = 'granted' | 'denied' | 'revoked' | string;
 export type UsageAction = 'revoke' | string;
 export type ParticularAction = UsageAction;
 export declare const actions: string[];
 export declare const UsageActionDef: ActionDef<UsageAction, UsageState>;
 export type Action = GenericAction | ParticularAction | string;
 export declare const actionDefDict: {
    usageState: ActionDef<string, string>;
 };
--- a/lib/oak-app-domain/OauthUserAuthorization/Action.js
+++ b/lib/oak-app-domain/OauthUserAuthorization/Action.js
@ -0,0 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.actionDefDict = exports.UsageActionDef = exports.actions = void 0;
 exports.actions = ["count", "stat", "download", "select", "aggregate", "create", "remove", "update", "revoke"];
 exports.UsageActionDef = {
    stm: {
        revoke: ['granted', "revoked"]
    }
 };
 exports.actionDefDict = {
    usageState: exports.UsageActionDef
 };
--- a/lib/oak-app-domain/OauthUserAuthorization/Storage.js
+++ b/lib/oak-app-domain/OauthUserAuthorization/Storage.js
@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.desc = void 0;
-const action_1 = require("oak-domain/lib/actions/action");
+const Action_1 = require("./Action");
 exports.desc = {
    attributes: {
        userId: {
@ -18,12 +18,19 @@ exports.desc = {
            notNull: true,
            type: "datetime"
        },
        codeId: {
            type: "ref",
            ref: "oauthAuthorizationCode"
        },
        tokenId: {
            notNull: true,
            type: "ref",
            ref: "oauthToken"
        },
        usageState: {
            type: "enum",
            enumeration: ["granted", "denied", "revoked"]
        }
    },
    actionType: "crud",
-    actions: action_1.genericActions
+    actions: Action_1.actions
 };
--- a/lib/oak-app-domain/OauthUserAuthorization/Style.d.ts
+++ b/lib/oak-app-domain/OauthUserAuthorization/Style.d.ts
@ -0,0 +1,3 @@
 import { Action, OpSchema } from "./Schema";
 import { StyleDef } from "oak-domain/lib/types/Style";
 export declare const style: StyleDef<OpSchema, Action>;
--- a/lib/oak-app-domain/OauthUserAuthorization/Style.js
+++ b/lib/oak-app-domain/OauthUserAuthorization/Style.js
@ -0,0 +1,15 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.style = void 0;
 exports.style = {
    icon: {
        revoke: 'fa-user-slash',
    },
    color: {
        usageState: {
            granted: '#28a745',
            denied: '#dc3545',
            revoked: '#6c757d',
        }
    }
 };
--- a/lib/oak-app-domain/OauthUserAuthorization/_baseSchema.d.ts
+++ b/lib/oak-app-domain/OauthUserAuthorization/_baseSchema.d.ts
@ -1,13 +1,15 @@
 import { ForeignKey } from "oak-domain/lib/types/DataType";
-import { Q_DateValue, Q_NumberValue, Q_StringValue, NodeId, ExprOp, ExpressionKey } from "oak-domain/lib/types/Demand";
+import { Q_DateValue, Q_NumberValue, Q_StringValue, Q_EnumValue, NodeId, ExprOp, ExpressionKey } from "oak-domain/lib/types/Demand";
 import { MakeAction as OakMakeAction, EntityShape } from "oak-domain/lib/types/Entity";
-import { GenericAction } from "oak-domain/lib/actions/action";
+import { Action, ParticularAction, UsageState } from "./Action";
 import { Datetime } from "oak-domain/lib/types/DataType";
 export type OpSchema = EntityShape & {
    userId: ForeignKey<"user">;
    applicationId: ForeignKey<"oauthApplication">;
    authorizedAt: Datetime;
-    tokenId: ForeignKey<"oauthToken">;
+    codeId?: ForeignKey<"oauthAuthorizationCode"> | null;
    tokenId?: ForeignKey<"oauthToken"> | null;
    usageState?: UsageState | null;
 } & {
    [A in ExpressionKey]?: any;
 };
@ -20,7 +22,9 @@ export type OpFilter = {
    userId: Q_StringValue;
    applicationId: Q_StringValue;
    authorizedAt: Q_DateValue;
    codeId: Q_StringValue;
    tokenId: Q_StringValue;
    usageState: Q_EnumValue<UsageState>;
 } & ExprOp<OpAttr | string>;
 export type OpProjection = {
    "#id"?: NodeId;
@ -32,7 +36,9 @@ export type OpProjection = {
    userId?: number;
    applicationId?: number;
    authorizedAt?: number;
    codeId?: number;
    tokenId?: number;
    usageState?: number;
 } & Partial<ExprOp<OpAttr | string>>;
 export type OpSortAttr = Partial<{
    id: number;
@ -42,8 +48,10 @@ export type OpSortAttr = Partial<{
    userId: number;
    applicationId: number;
    authorizedAt: number;
    codeId: number;
    tokenId: number;
    usageState: number;
    [k: string]: any;
 } | ExprOp<OpAttr | string>>;
-export type OpAction = OakMakeAction<GenericAction | string>;
+export type OpAction = OakMakeAction<Action | string>;
-export type OpUpdateAction = "update" | string;
+export type OpUpdateAction = "update" | ParticularAction | string;
--- a/lib/oak-app-domain/OauthUserAuthorization/locales/zh_CN.json
+++ b/lib/oak-app-domain/OauthUserAuthorization/locales/zh_CN.json
@ -4,6 +4,18 @@
        "user": "用户",
        "application": "Oauth应用",
        "authorizedAt": "首次授权时间",
-        "token": "关联的令牌"
+        "token": "关联的令牌",
        "code": "授权码",
        "usageState": "授权状态"
    },
    "action": {
        "revoke": "撤销授权"
    },
    "v": {
        "usageState": {
            "granted": "已授权",
            "denied": "未授权",
            "revoked": "已撤销"
        }
    }
 }
--- a/lib/oak-app-domain/StyleDict.js
+++ b/lib/oak-app-domain/StyleDict.js
@ -18,19 +18,20 @@ const Style_14 = require("./Mobile/Style");
 const Style_15 = require("./Notification/Style");
 const Style_16 = require("./OauthApplication/Style");
 const Style_17 = require("./OauthProvider/Style");
-const Style_18 = require("./Parasite/Style");
+const Style_18 = require("./OauthUserAuthorization/Style");
-const Style_19 = require("./Passport/Style");
+const Style_19 = require("./Parasite/Style");
-const Style_20 = require("./SmsTemplate/Style");
+const Style_20 = require("./Passport/Style");
-const Style_21 = require("./ToDo/Style");
+const Style_21 = require("./SmsTemplate/Style");
-const Style_22 = require("./Token/Style");
+const Style_22 = require("./ToDo/Style");
-const Style_23 = require("./User/Style");
+const Style_23 = require("./Token/Style");
-const Style_24 = require("./UserEntityGrant/Style");
+const Style_24 = require("./User/Style");
-const Style_25 = require("./UserWechatPublicTag/Style");
+const Style_25 = require("./UserEntityGrant/Style");
-const Style_26 = require("./WechatLogin/Style");
+const Style_26 = require("./UserWechatPublicTag/Style");
-const Style_27 = require("./WechatMenu/Style");
+const Style_27 = require("./WechatLogin/Style");
-const Style_28 = require("./WechatPublicTag/Style");
+const Style_28 = require("./WechatMenu/Style");
-const Style_29 = require("./WechatQrCode/Style");
+const Style_29 = require("./WechatPublicTag/Style");
-const Style_30 = require("./WechatUser/Style");
+const Style_30 = require("./WechatQrCode/Style");
 const Style_31 = require("./WechatUser/Style");
 exports.styleDict = {
    log: Style_1.style,
    modi: Style_2.style,
@ -49,17 +50,18 @@ exports.styleDict = {
    notification: Style_15.style,
    oauthApplication: Style_16.style,
    oauthProvider: Style_17.style,
-    parasite: Style_18.style,
+    oauthUserAuthorization: Style_18.style,
-    passport: Style_19.style,
+    parasite: Style_19.style,
-    smsTemplate: Style_20.style,
+    passport: Style_20.style,
-    toDo: Style_21.style,
+    smsTemplate: Style_21.style,
-    token: Style_22.style,
+    toDo: Style_22.style,
-    user: Style_23.style,
+    token: Style_23.style,
-    userEntityGrant: Style_24.style,
+    user: Style_24.style,
-    userWechatPublicTag: Style_25.style,
+    userEntityGrant: Style_25.style,
-    wechatLogin: Style_26.style,
+    userWechatPublicTag: Style_26.style,
-    wechatMenu: Style_27.style,
+    wechatLogin: Style_27.style,
-    wechatPublicTag: Style_28.style,
+    wechatMenu: Style_28.style,
-    wechatQrCode: Style_29.style,
+    wechatPublicTag: Style_29.style,
-    wechatUser: Style_30.style
+    wechatQrCode: Style_30.style,
    wechatUser: Style_31.style
 };
--- a/lib/utils/user.js
+++ b/lib/utils/user.js
@ -1,6 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkPassword = exports.maskPassword = exports.getUserSafetyFilter = void 0;
+exports.getUserSafetyFilter = getUserSafetyFilter;
 exports.maskPassword = maskPassword;
 exports.checkPassword = checkPassword;
 const types_1 = require("oak-domain/lib/types");
 function getUserSafetyFilter(context) {
    const application = context.getApplication();
@ -23,12 +25,10 @@ function getUserSafetyFilter(context) {
        };
    }
 }
 exports.getUserSafetyFilter = getUserSafetyFilter;
 function maskPassword(password) {
    const encStr = "****************************************".slice(0, password.length - 2);
    return password[0] + encStr + password[password.length - 1];
 }
 exports.maskPassword = maskPassword;
 async function checkPassword(context, password) {
    const systemId = context.getSystemId();
    const [passport] = await context.select('passport', {
@ -65,4 +65,3 @@ async function checkPassword(context, password) {
        }
    }
 }
 exports.checkPassword = checkPassword;
--- a/src/entities/OauthApplication.ts
+++ b/src/entities/OauthApplication.ts
@ -22,7 +22,8 @@ export interface Schema extends EntityShape {
    scopes?: StringListJson;
 };
-export type Action = AbleAction;
+export type SecretAction = 'resetSecret';
 export type Action = AbleAction | SecretAction;
 export const AbleActionDef: ActionDef<AbleAction, AbleState> = makeAbleActionDef('enabled');
 export const entityDesc: EntityDesc<Schema, Action, '', {
@ -46,6 +47,7 @@ export const entityDesc: EntityDesc<Schema, Action, '', {
            action: {
                enable: '启用',
                disable: '禁用',
                resetSecret: '重置密钥',
            },
            v: {
                ableState: {
--- a/src/entities/OauthUserAuthorization.ts
+++ b/src/entities/OauthUserAuthorization.ts
@ -8,6 +8,7 @@ import { EntityDesc } from 'oak-domain/lib/types/EntityDesc';
 import { Schema as System } from './System';
 import { Schema as OauthApplication } from './OauthApplication';
 import { Schema as OauthToken } from './OauthToken';
 import { Schema as OauthAuthorizationCode } from './OauthAuthorizationCode';
 // oauth 提供方用户授权记录
 // 用户授权记录表 OAuth Authorization Records
@ -15,10 +16,22 @@ export interface Schema extends EntityShape {
    user: User;
    application: OauthApplication;
    authorizedAt: Datetime; // 用户首次授权时间
-    token: OauthToken; // 关联的令牌
+    code?: OauthAuthorizationCode; // 使用的授权码
    token?: OauthToken; // 关联的令牌(在调用接口之后生成)
 };
-export const entityDesc: EntityDesc<Schema, '', '', {
+export type UsageState = 'granted' | 'denied' | 'revoked';
 export type UsageAction = 'revoke';
 export type Action = UsageAction;
 export const UsageActionDef: ActionDef<UsageAction, UsageState> = {
    stm: {
        revoke: ['granted', "revoked"]
    }
 };
 export const entityDesc: EntityDesc<Schema, Action, '', {
    usageState: UsageState;
 }> = {
    locales: {
        zh_CN: {
@ -29,8 +42,32 @@ export const entityDesc: EntityDesc<Schema, '', '', {
                application: 'Oauth应用',
                authorizedAt: '首次授权时间',
                token: '关联的令牌',
                code: '授权码',
                usageState: '授权状态',
            },
            action: {
                revoke: '撤销授权',
            },
            v: {
                usageState: {
                    granted: '已授权',
                    denied: '未授权',
                    revoked: '已撤销',
                }
            }
        },
    },
    style: {
        icon: {
            revoke: 'fa-user-slash',
        },
        color: {
            usageState: {
                granted: '#28a745',
                denied: '#dc3545',
                revoked: '#6c757d',
            }
        }
    }
 };