From 5b72315f169d6db157f03ac7f7f7f64cc67c8c17 Mon Sep 17 00:00:00 2001 From: wkj <278599135@qq.com> Date: Tue, 10 May 2022 15:23:22 +0800 Subject: [PATCH] =?UTF-8?q?lib=E6=8F=90=E4=BA=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/RuntimeContext.d.ts | 1 + lib/RuntimeContext.js | 3 ++ lib/checkers/address.js | 6 ++-- lib/checkers/token.js | 18 ++++++++++- lib/checkers/user.js | 15 +++++++++ lib/triggers/user.js | 25 +++++++++++++++ lib/utils/check.d.ts | 5 +-- lib/utils/check.js | 39 +++++++++++------------- wechatMp/pages/address/list/index.less | 4 ++- wechatMp/pages/address/upsert/index.less | 3 ++ wechatMp/styles/mixins.less | 7 +++++ 11 files changed, 98 insertions(+), 28 deletions(-) create mode 100644 wechatMp/styles/mixins.less diff --git a/lib/RuntimeContext.d.ts b/lib/RuntimeContext.d.ts index 8f7547fb6..558fad7a6 100644 --- a/lib/RuntimeContext.d.ts +++ b/lib/RuntimeContext.d.ts @@ -18,5 +18,6 @@ export declare abstract class GeneralRuntimeContext exten userId: 1; playerId: 1; }> | undefined>; + getTokenValue(): Promise; getScene(): string; } diff --git a/lib/RuntimeContext.js b/lib/RuntimeContext.js index 32adb28f9..78a62b225 100644 --- a/lib/RuntimeContext.js +++ b/lib/RuntimeContext.js @@ -44,6 +44,9 @@ class GeneralRuntimeContext extends UniversalContext_1.UniversalContext { return token; } } + async getTokenValue() { + return await this.getTokenFn(); + } getScene() { return this.scene; } diff --git a/lib/checkers/address.js b/lib/checkers/address.js index 989bcd5f6..e512bd744 100644 --- a/lib/checkers/address.js +++ b/lib/checkers/address.js @@ -2,7 +2,7 @@ Object.defineProperty(exports, "__esModule", { value: true }); const validator_1 = require("oak-domain/lib/utils/validator"); const types_1 = require("oak-domain/lib/types"); -const check_1 = require("../utils/check"); +const validator_2 = require("oak-domain/lib/utils/validator"); const checkers = [ { type: 'data', @@ -13,14 +13,14 @@ const checkers = [ if (data instanceof Array) { data.forEach(ele => { const a = 'name'; - (0, check_1.checkAttributesNotNull)(ele, ['name', 'detail', 'phone', 'areaId']); + (0, validator_2.checkAttributesNotNull)(ele, ['name', 'detail', 'phone', 'areaId']); if (!(0, validator_1.isMobile)(ele.phone)) { throw new types_1.OakInputIllegalException(['phone'], '手机号非法'); } }); } else { - (0, check_1.checkAttributesNotNull)(data, ['name', 'detail', 'phone', 'areaId']); + (0, validator_2.checkAttributesNotNull)(data, ['name', 'detail', 'phone', 'areaId']); if (!(0, validator_1.isMobile)(data.phone)) { throw new types_1.OakInputIllegalException(['phone'], '手机号非法'); } diff --git a/lib/checkers/token.js b/lib/checkers/token.js index 4a69f07e5..0eda97b5a 100644 --- a/lib/checkers/token.js +++ b/lib/checkers/token.js @@ -4,6 +4,7 @@ const types_1 = require("oak-domain/lib/types"); const Exceptions_1 = require("../types/Exceptions"); const lodash_1 = require("lodash"); const filter_1 = require("oak-domain/lib/store/filter"); +const check_1 = require("../utils/check"); const checkers = [ { type: 'user', @@ -30,7 +31,22 @@ const checkers = [ return 0; } // 对获取token的权限进行精细化控制,除了root - throw new types_1.OakUserUnpermittedException(); + if (filter && filter.id === await context.getTokenValue()) { + return 0; + } + const isRoot = await (0, check_1.checkIsRoot)(context); + if (!isRoot) { + // 不是root只能访问自己的token + if (!filter) { + throw new types_1.OakUserUnpermittedException(); + } + (0, lodash_1.assign)(operation, { + filter: (0, filter_1.addFilterSegment)(filter, { + id: await context.getTokenValue(), + }) + }); + } + return 0; }, } ]; diff --git a/lib/checkers/user.js b/lib/checkers/user.js index 816789adf..39d665da2 100644 --- a/lib/checkers/user.js +++ b/lib/checkers/user.js @@ -1,6 +1,8 @@ "use strict"; Object.defineProperty(exports, "__esModule", { value: true }); const actionDef_1 = require("oak-domain/lib/store/actionDef"); +const types_1 = require("oak-domain/lib/types"); +const check_1 = require("../utils/check"); const checkers = [ { type: 'data', @@ -17,6 +19,19 @@ const checkers = [ { type: 'user', action: 'play', + entity: 'user', + checker: async ({ operation }, context) => { + const isRoot = await (0, check_1.checkIsRoot)(context); + if (!isRoot) { + throw new types_1.OakUserUnpermittedException(); + } + const token = await context.getToken(); + const { userId } = token; + if (userId === operation.filter.id) { + throw new types_1.OakRowInconsistencyException(); + } + return 0; + }, } ]; exports.default = checkers; diff --git a/lib/triggers/user.js b/lib/triggers/user.js index 91cbc70d1..e8f4acd44 100644 --- a/lib/triggers/user.js +++ b/lib/triggers/user.js @@ -1,5 +1,9 @@ "use strict"; +var __importDefault = (this && this.__importDefault) || function (mod) { + return (mod && mod.__esModule) ? mod : { "default": mod }; +}; Object.defineProperty(exports, "__esModule", { value: true }); +const assert_1 = __importDefault(require("assert")); const constants_1 = require("../constants"); let NO_ANY_USER = true; const triggers = [ @@ -60,5 +64,26 @@ const triggers = [ return 0; } }, + { + name: '当扮演某个用户时,切换当前用户的token中的userId', + entity: 'user', + action: 'play', + when: 'after', + fn: async ({ operation }, context, params) => { + const { filter } = operation; + (0, assert_1.default)(filter.id); + const { id } = (await context.getToken()); + await context.rowStore.operate('token', { + action: 'update', + data: { + userId: filter.id, + }, + filter: { + id, + } + }, context); + return 1; + } + } ]; exports.default = triggers; diff --git a/lib/utils/check.d.ts b/lib/utils/check.d.ts index 60a79e6df..a0e015bcc 100644 --- a/lib/utils/check.d.ts +++ b/lib/utils/check.d.ts @@ -1,2 +1,3 @@ -export declare function checkAttributesNotNull>(data: T, attributes: Array, allowEmpty?: true): void; -export declare function checkAttributesScope>(data: T, attributes: Array): void; +import { EntityDict } from "oak-app-domain"; +import { GeneralRuntimeContext } from "../RuntimeContext"; +export declare function checkIsRoot(context: GeneralRuntimeContext): Promise; diff --git a/lib/utils/check.js b/lib/utils/check.js index cfe369002..d0f4b8c2d 100644 --- a/lib/utils/check.js +++ b/lib/utils/check.js @@ -1,26 +1,23 @@ "use strict"; Object.defineProperty(exports, "__esModule", { value: true }); -exports.checkAttributesScope = exports.checkAttributesNotNull = void 0; -const types_1 = require("oak-domain/lib/types"); -function checkAttributesNotNull(data, attributes, allowEmpty) { - const attrs = attributes.filter((attr) => { - if (data[attr] === null || data[attr] === '') { - return true; - } - if (!allowEmpty && !data.hasOwnProperty(attr)) { - return true; - } - }); - if (attrs.length > 0) { - throw new types_1.OakInputIllegalException(attrs, '属性不能为空'); +exports.checkIsRoot = void 0; +const constants_1 = require("../constants"); +async function checkIsRoot(context) { + const token = await context.getToken(); + if (!token) { + return false; } -} -exports.checkAttributesNotNull = checkAttributesNotNull; -; -function checkAttributesScope(data, attributes) { - const attrs = attributes.filter(attr => !data.hasOwnProperty(attr)); - if (attrs.length > 0) { - throw new types_1.OakInputIllegalException(attrs, '多余的属性'); + const { playerId } = token; + const count = await context.rowStore.count('userRole', { + filter: { + userId: playerId, + roleId: constants_1.ROOT_ROLE_ID, + }, + }, context); + if (count === 0) { + // 只有root允许扮演其他用户身份 + return false; } + return true; } -exports.checkAttributesScope = checkAttributesScope; +exports.checkIsRoot = checkIsRoot; diff --git a/wechatMp/pages/address/list/index.less b/wechatMp/pages/address/list/index.less index 0ffcfc18d..c726036f4 100644 --- a/wechatMp/pages/address/list/index.less +++ b/wechatMp/pages/address/list/index.less @@ -1,12 +1,14 @@ /** index.wxss **/ @import "../../../styles/cell.less"; - +@import "../../../styles/mixins.less"; .page-body { height: 100vh; display: flex; flex: 1; flex-direction: column; background-color: @background-color-base; + box-sizing: border-box; + .safe-area-inset-bottom(); } .item-container { diff --git a/wechatMp/pages/address/upsert/index.less b/wechatMp/pages/address/upsert/index.less index 7b49a9ad3..5d48e2336 100644 --- a/wechatMp/pages/address/upsert/index.less +++ b/wechatMp/pages/address/upsert/index.less @@ -1,5 +1,6 @@ /** index.wxss **/ @import "../../../styles/cell.less"; +@import "../../../styles/mixins.less"; .page-body { height: 100vh; @@ -7,6 +8,8 @@ flex: 1; flex-direction: column; background-color: @background-color-base; + box-sizing: border-box; + .safe-area-inset-bottom(); } .g-cell-hover:extend(.g-cell) { diff --git a/wechatMp/styles/mixins.less b/wechatMp/styles/mixins.less new file mode 100644 index 000000000..2ee42b781 --- /dev/null +++ b/wechatMp/styles/mixins.less @@ -0,0 +1,7 @@ + + +// 解决全屏幕机型底部适配问题 +.safe-area-inset-bottom() { + padding-bottom: constant(safe-area-inset-bottom) !important; /* 兼容 iOS < 11.2 */ + padding-bottom: env(safe-area-inset-bottom) !important; /* 兼容 iOS >= 11.2 */ +}