New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@nocobase/acl

Package Overview
Dependencies
Maintainers
1
Versions
584
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@nocobase/acl - npm Package Compare versions

Comparing version

1.7.0-alpha.1
to
1.7.0-alpha.2

lib/utils/acl-role.d.ts
lib/utils/acl-role.js
lib/utils/index.d.ts
lib/utils/index.js

10

lib/acl-role.js

@@ -43,6 +43,6 @@ /**

module.exports = __toCommonJS(acl_role_exports);
var import_lodash = __toESM(require("lodash"));
var import_minimatch = __toESM(require("minimatch"));
var import_acl_available_strategy = require("./acl-available-strategy");
var import_acl_resource = require("./acl-resource");
var import_lodash = __toESM(require("lodash"));
var import_minimatch = __toESM(require("minimatch"));
const _ACLRole = class _ACLRole {

@@ -117,3 +117,3 @@ constructor(acl, name) {

snippetRule = negated ? snippetRule.slice(1) : snippetRule;
for (const [_, availableSnippet] of availableSnippets) {
for (const [_2, availableSnippet] of availableSnippets) {
if ((0, import_minimatch.default)(availableSnippet.name, snippetRule)) {

@@ -168,3 +168,3 @@ if (negated) {

}
return {
return import_lodash.default.cloneDeep({
role: this.name,

@@ -174,3 +174,3 @@ strategy: this.strategy,

snippets: Array.from(this.snippets)
};
});
}

@@ -177,0 +177,0 @@ getResourceActionFromPath(path) {

6

lib/acl.d.ts

@@ -48,3 +48,3 @@ /**

interface CanArgs {
role: string;
role?: string;
resource: string;

@@ -54,2 +54,3 @@ action: string;

ctx?: any;
roles?: string[];
}

@@ -88,2 +89,3 @@ export declare class ACL extends EventEmitter {

getRole(name: string): ACLRole;
getRoles(names: string[]): ACLRole[];
removeRole(name: string): boolean;

@@ -96,2 +98,4 @@ setAvailableAction(name: string, options?: AvailableActionOptions): void;

can(options: CanArgs): CanResult | null;
private getCanByRoles;
private getCanByRole;
/**

@@ -98,0 +102,0 @@ * @internal

67

lib/acl.js

@@ -54,2 +54,3 @@ /**

var import_no_permission_error = require("./errors/no-permission-error");
var import_utils2 = require("./utils");
const _ACL = class _ACL extends import_events.default {

@@ -136,2 +137,5 @@ /**

}
getRoles(names) {
return names.map((name) => this.getRole(name)).filter((x) => Boolean(x));
}
removeRole(name) {

@@ -163,2 +167,28 @@ return this.roles.delete(name);

can(options) {
var _a;
if (options.role) {
return import_lodash.default.cloneDeep(this.getCanByRole(options));
}
if ((_a = options.roles) == null ? void 0 : _a.length) {
return import_lodash.default.cloneDeep(this.getCanByRoles(options));
}
return null;
}
getCanByRoles(options) {
let canResult = null;
for (const role of options.roles) {
const result = this.getCanByRole({
role,
...options
});
if (!canResult) {
canResult = result;
canResult && (0, import_utils2.removeEmptyParams)(canResult.params);
} else if (canResult && result) {
canResult.params = (0, import_utils2.mergeAclActionParams)(canResult.params, result.params);
}
}
return canResult;
}
getCanByRole(options) {
const { role, resource, action, rawResourceName } = options;

@@ -283,4 +313,8 @@ const aclRole = this.roles.get(role);

ctx.can = (options) => {
const canResult = acl.can({ role: roleName, ...options });
return canResult;
const roles = ctx.state.currentRoles || [roleName];
const can = acl.can({ roles, ...options });
if (!can) {
return null;
}
return can;
};

@@ -299,3 +333,4 @@ ctx.permission = {

async getActionParams(ctx) {
const roleName = ctx.state.currentRole || "anonymous";
var _a;
const roleNames = ((_a = ctx.state.currentRoles) == null ? void 0 : _a.length) ? ctx.state.currentRoles : "anonymous";
const { resourceName: rawResourceName, actionName } = ctx.action;

@@ -313,7 +348,7 @@ let resourceName = rawResourceName;

ctx.can = (options) => {
const can = this.can({ role: roleName, ...options });
if (!can) {
return null;
const can = this.can({ roles: roleNames, ...options });
if (can) {
return import_lodash.default.cloneDeep(can);
}
return import_lodash.default.cloneDeep(can);
return null;
};

@@ -338,3 +373,3 @@ ctx.permission = {

filterParams(ctx, resourceName, params) {
var _a;
var _a, _b, _c;
if ((_a = params == null ? void 0 : params.filter) == null ? void 0 : _a.createdById) {

@@ -346,2 +381,18 @@ const collection = ctx.db.getCollection(resourceName);

}
if ((_c = (_b = params == null ? void 0 : params.filter) == null ? void 0 : _b.$or) == null ? void 0 : _c.length) {
const checkCreatedById = /* @__PURE__ */ __name((items) => {
return items.some(
(x) => {
var _a2, _b2;
return "createdById" in x || ((_a2 = x.$or) == null ? void 0 : _a2.some((y) => "createdById" in y)) || ((_b2 = x.$and) == null ? void 0 : _b2.some((y) => "createdById" in y));
}
);
}, "checkCreatedById");
if (checkCreatedById(params.filter.$or)) {
const collection = ctx.db.getCollection(resourceName);
if (!collection || !collection.getField("createdById")) {
throw new import_no_permission_error.NoPermissionError("createdById field not found");
}
}
}
return params;

@@ -348,0 +399,0 @@ }

1

lib/index.d.ts

@@ -16,1 +16,2 @@ /**

export * from './errors';
export * from './utils';

4

lib/index.js

@@ -33,2 +33,3 @@ /**

__reExport(src_exports, require("./errors"), module.exports);
__reExport(src_exports, require("./utils"), module.exports);
// Annotate the CommonJS export names for ESM import in node:

@@ -42,3 +43,4 @@ 0 && (module.exports = {

...require("./skip-middleware"),
...require("./errors")
...require("./errors"),
...require("./utils")
});

8

package.json
{
"name": "@nocobase/acl",
"version": "1.7.0-alpha.1",
"version": "1.7.0-alpha.2",
"description": "",

@@ -9,4 +9,4 @@ "license": "AGPL-3.0",

"dependencies": {
"@nocobase/resourcer": "1.7.0-alpha.1",
"@nocobase/utils": "1.7.0-alpha.1",
"@nocobase/resourcer": "1.7.0-alpha.2",
"@nocobase/utils": "1.7.0-alpha.2",
"minimatch": "^5.1.1"

@@ -19,3 +19,3 @@ },

},
"gitHead": "e411c9728b4d1f16b0beac16e40dd3499352b052"
"gitHead": "01751fa626d5692137e3decdac3c66a742b8ea80"
}